From acc6af7456a6b9c9f622b46eb0fe66caa7c0c9c6 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Fri, 9 Dec 2011 00:33:55 +0100 Subject: [PATCH] weiter Konfigurationen dazu --- ImageMagick/coder.xml | 22 + ImageMagick/colors.xml | 28 + ImageMagick/delegates.xml | 112 + ImageMagick/log.xml | 40 + ImageMagick/magic.xml | 23 + ImageMagick/mime.xml | 1141 ++++ ImageMagick/policy.xml | 57 + ImageMagick/sRGB.icm | Bin 0 -> 3144 bytes ImageMagick/thresholds.xml | 334 + ImageMagick/type-dejavu.xml | 62 + ImageMagick/type-ghostscript.xml | 54 + ImageMagick/type-windows.xml | 102 + ImageMagick/type.xml | 21 + X11/xinit/xinitrc.d/80-dbus | 13 + apache2/.original/httpd.conf | 196 + apache2/.original/magic | 382 ++ .../.original/modules.d/00_apache_manual.conf | 26 + .../modules.d/00_default_settings.conf | 114 + .../modules.d/00_error_documents.conf | 58 + apache2/.original/modules.d/00_languages.conf | 133 + .../.original/modules.d/00_mod_autoindex.conf | 83 + apache2/.original/modules.d/00_mod_info.conf | 12 + .../modules.d/00_mod_log_config.conf | 35 + apache2/.original/modules.d/00_mod_mime.conf | 55 + .../.original/modules.d/00_mod_status.conf | 17 + .../.original/modules.d/00_mod_userdir.conf | 34 + apache2/.original/modules.d/00_mpm.conf | 99 + .../.original/modules.d/10_mod_mem_cache.conf | 10 + .../.original/modules.d/11_mod_auth_kerb.conf | 14 + .../modules.d/12_mod_auth_mysql.conf | 132 + .../.original/modules.d/20_mod_fastcgi.conf | 6 + apache2/.original/modules.d/40_mod_ssl.conf | 63 + apache2/.original/modules.d/45_mod_dav.conf | 19 + apache2/.original/modules.d/46_mod_ldap.conf | 20 + .../.original/modules.d/47_mod_dav_svn.conf | 16 + apache2/.original/modules.d/70_mod_php5.conf | 14 + apache2/.original/modules.d/75_mod_perl.conf | 50 + apache2/.original/modules.d/76_mod_apreq.conf | 13 + apache2/.original/modules.d/99_nagios3.conf | 15 + .../modules.d/apache2-mod_perl-startup.pl | 24 + .../vhosts.d/00_default_ssl_vhost.conf | 179 + .../.original/vhosts.d/00_default_vhost.conf | 48 + .../.original/vhosts.d/default_vhost.include | 73 + apache2/.rcs/fotos_group,v | 47 + apache2/.rcs/fotos_passwd,v | 43 + apache2/.rcs/httpd.conf,v | 256 + apache2/.rcs/info_users_passwd,v | 25 + apache2/.rcs/svnusers,v | 25 + apache2/fotos_group | 9 + apache2/fotos_passwd | 19 + apache2/httpd.conf | 201 + apache2/info_users_passwd | 1 + apache2/magic | 382 ++ .../modules.d/.rcs/00_apache_manual.conf,v | 69 + .../modules.d/.rcs/00_default_settings.conf,v | 163 + .../modules.d/.rcs/00_error_documents.conf,v | 98 + apache2/modules.d/.rcs/00_languages.conf,v | 173 + .../modules.d/.rcs/00_mod_autoindex.conf,v | 138 + apache2/modules.d/.rcs/00_mod_info.conf,v | 56 + .../modules.d/.rcs/00_mod_log_config.conf,v | 79 + apache2/modules.d/.rcs/00_mod_mime.conf,v | 106 + apache2/modules.d/.rcs/00_mod_status.conf,v | 61 + apache2/modules.d/.rcs/00_mod_userdir.conf,v | 58 + apache2/modules.d/.rcs/00_mpm.conf,v | 140 + .../modules.d/.rcs/10_mod_mem_cache.conf,v | 34 + .../modules.d/.rcs/11_mod_auth_kerb.conf,v | 38 + .../modules.d/.rcs/12_mod_auth_mysql.conf,v | 156 + apache2/modules.d/.rcs/20_mod_fastcgi.conf,v | 82 + apache2/modules.d/.rcs/40_mod_ssl.conf,v | 87 + apache2/modules.d/.rcs/45_mod_dav.conf,v | 43 + apache2/modules.d/.rcs/46_mod_ldap.conf,v | 44 + apache2/modules.d/.rcs/47_mod_dav_svn.conf,v | 115 + apache2/modules.d/.rcs/70_mod_php5.conf,v | 77 + apache2/modules.d/.rcs/75_mod_perl.conf,v | 94 + apache2/modules.d/.rcs/76_mod_apreq.conf,v | 37 + apache2/modules.d/.rcs/99_nagios3.conf,v | 39 + .../.rcs/apache2-mod_perl-startup.pl,v | 48 + apache2/modules.d/00_apache_manual.conf | 26 + apache2/modules.d/00_default_settings.conf | 136 + apache2/modules.d/00_error_documents.conf | 58 + apache2/modules.d/00_languages.conf | 133 + apache2/modules.d/00_mod_autoindex.conf | 91 + apache2/modules.d/00_mod_info.conf | 18 + apache2/modules.d/00_mod_log_config.conf | 37 + apache2/modules.d/00_mod_mime.conf | 55 + apache2/modules.d/00_mod_status.conf | 23 + apache2/modules.d/00_mod_userdir.conf | 34 + apache2/modules.d/00_mpm.conf | 99 + apache2/modules.d/10_mod_mem_cache.conf | 10 + apache2/modules.d/11_mod_auth_kerb.conf | 14 + apache2/modules.d/12_mod_auth_mysql.conf | 132 + apache2/modules.d/20_mod_fastcgi.conf | 8 + apache2/modules.d/40_mod_ssl.conf | 63 + apache2/modules.d/45_mod_dav.conf | 19 + apache2/modules.d/46_mod_ldap.conf | 20 + apache2/modules.d/47_mod_dav_svn.conf | 43 + apache2/modules.d/70_mod_php5.conf | 15 + apache2/modules.d/75_mod_perl.conf | 56 + apache2/modules.d/76_mod_apreq.conf | 13 + apache2/modules.d/99_nagios3.conf | 15 + apache2/modules.d/apache2-mod_perl-startup.pl | 24 + apache2/sarah/.old/apache2-builtin-mods | 95 + apache2/sarah/fotos_group | 8 + apache2/sarah/fotos_passwd | 19 + apache2/sarah/httpd-1.conf | 185 + apache2/sarah/httpd.conf | 195 + apache2/sarah/httpd.conf,v | 219 + apache2/sarah/info_users_passwd | 1 + apache2/sarah/magic | 382 ++ apache2/sarah/modules.d/.old/99_nagios.conf,v | 39 + apache2/sarah/modules.d/00_apache_manual.conf | 26 + .../sarah/modules.d/00_apache_manual.conf,v | 102 + apache2/sarah/modules.d/00_autoindex.conf,v | 115 + .../sarah/modules.d/00_default_settings.conf | 115 + .../modules.d/00_default_settings.conf,v | 169 + .../sarah/modules.d/00_error_documents.conf | 58 + .../sarah/modules.d/00_error_documents.conf,v | 110 + apache2/sarah/modules.d/00_languages.conf | 133 + apache2/sarah/modules.d/00_languages.conf,v | 176 + apache2/sarah/modules.d/00_mod_autoindex.conf | 91 + .../sarah/modules.d/00_mod_autoindex.conf,v | 157 + apache2/sarah/modules.d/00_mod_info.conf | 18 + apache2/sarah/modules.d/00_mod_info.conf,v | 55 + .../sarah/modules.d/00_mod_log_config.conf | 37 + .../sarah/modules.d/00_mod_log_config.conf,v | 77 + apache2/sarah/modules.d/00_mod_mime.conf | 61 + apache2/sarah/modules.d/00_mod_mime.conf,v | 85 + apache2/sarah/modules.d/00_mod_status.conf | 23 + apache2/sarah/modules.d/00_mod_status.conf,v | 63 + apache2/sarah/modules.d/00_mod_userdir.conf | 34 + apache2/sarah/modules.d/00_mod_userdir.conf,v | 82 + apache2/sarah/modules.d/00_mpm.conf | 99 + apache2/sarah/modules.d/00_mpm.conf,v | 156 + apache2/sarah/modules.d/10_mod_mem_cache.conf | 10 + .../sarah/modules.d/10_mod_mem_cache.conf,v | 34 + apache2/sarah/modules.d/11_mod_auth_kerb.conf | 14 + .../sarah/modules.d/11_mod_auth_kerb.conf,v | 38 + .../sarah/modules.d/12_mod_auth_mysql.conf | 132 + .../sarah/modules.d/12_mod_auth_mysql.conf,v | 156 + apache2/sarah/modules.d/20_mod_fastcgi.conf | 7 + apache2/sarah/modules.d/20_mod_fastcgi.conf,v | 53 + apache2/sarah/modules.d/40_mod_ssl.conf | 63 + apache2/sarah/modules.d/40_mod_ssl.conf,v | 104 + .../modules.d/41_mod_ssl.default-vhost,v | 214 + apache2/sarah/modules.d/45_mod_dav.conf | 19 + apache2/sarah/modules.d/45_mod_dav.conf,v | 103 + apache2/sarah/modules.d/46_mod_ldap.conf | 20 + apache2/sarah/modules.d/46_mod_ldap.conf,v | 68 + apache2/sarah/modules.d/47_mod_dav_svn.conf | 28 + apache2/sarah/modules.d/47_mod_dav_svn.conf,v | 66 + apache2/sarah/modules.d/70_mod_php5.conf | 17 + apache2/sarah/modules.d/70_mod_php5.conf,v | 64 + apache2/sarah/modules.d/75_mod_perl.conf | 51 + apache2/sarah/modules.d/75_mod_perl.conf,v | 145 + apache2/sarah/modules.d/76_mod_apreq.conf | 13 + apache2/sarah/modules.d/76_mod_apreq.conf,v | 63 + apache2/sarah/modules.d/99_nagios3.conf | 15 + apache2/sarah/modules.d/99_nagios3.conf,v | 39 + .../modules.d/apache2-mod_perl-startup.pl | 24 + .../modules.d/apache2-mod_perl-startup.pl,v | 48 + apache2/sarah/myadmin.passwd | 3 + apache2/sarah/ssl/myadmin-cert.pem | 37 + apache2/sarah/ssl/server.crt | 14 + apache2/sarah/ssl/server.key | 15 + apache2/sarah/ssl/webmail-cert.pem | 37 + apache2/sarah/svnusers | 1 + .../.old/07_groupoffice.conf.not_used | 50 + .../sarah/vhosts.d/.old/08_sy.conf.not_used | 87 + .../vhosts.d/.old/08_typo3.conf.not_used | 32 + .../sarah/vhosts.d/00_default_ssl_vhost.conf | 187 + .../vhosts.d/00_default_ssl_vhost.conf,v | 225 + apache2/sarah/vhosts.d/00_default_vhost.conf | 50 + .../sarah/vhosts.d/00_default_vhost.conf,v | 266 + apache2/sarah/vhosts.d/01_myadmin.conf | 55 + apache2/sarah/vhosts.d/01_myadmin.conf,v | 93 + apache2/sarah/vhosts.d/01_vhost.conf | 0 apache2/sarah/vhosts.d/01_vhost.conf,v | 245 + apache2/sarah/vhosts.d/02_morph.conf | 132 + apache2/sarah/vhosts.d/02_morph.conf,v | 214 + apache2/sarah/vhosts.d/03_webdav.conf | 69 + apache2/sarah/vhosts.d/03_webdav.conf,v | 93 + apache2/sarah/vhosts.d/04_fotoalbum.conf | 39 + apache2/sarah/vhosts.d/04_fotoalbum.conf,v | 63 + apache2/sarah/vhosts.d/05_bautagebuch.conf | 31 + apache2/sarah/vhosts.d/05_bautagebuch.conf,v | 55 + apache2/sarah/vhosts.d/06_webmail.conf | 127 + apache2/sarah/vhosts.d/06_webmail.conf,v | 180 + .../vhosts.d/07_groupoffice.conf.not_used | 50 + apache2/sarah/vhosts.d/08_sy.conf.not_used | 87 + apache2/sarah/vhosts.d/08_typo3.conf.not_used | 32 + apache2/sarah/vhosts.d/09_ldap.conf | 72 + apache2/sarah/vhosts.d/09_ldap.conf,v | 96 + apache2/sarah/vhosts.d/10_kfz-dlb.conf | 36 + apache2/sarah/vhosts.d/10_kfz-dlb.conf,v | 60 + apache2/sarah/vhosts.d/11_wow.conf.not_used | 24 + apache2/sarah/vhosts.d/12_dyndns.conf | 59 + apache2/sarah/vhosts.d/12_dyndns.conf,v | 83 + apache2/sarah/vhosts.d/default_vhost.include | 77 + .../sarah/vhosts.d/default_vhost.include,v | 229 + apache2/sarah/vhosts.d/nagios.include | 27 + apache2/sarah/vhosts.d/nagios.include,v | 51 + apache2/sarah/webdav.passwd | 2 + apache2/ssl/myadmin-cert.pem | 37 + apache2/ssl/webmail-cert.pem | 37 + apache2/svnusers | 1 + .../vhosts.d/.rcs/00_default_ssl_vhost.conf,v | 249 + apache2/vhosts.d/.rcs/00_default_vhost.conf,v | 96 + apache2/vhosts.d/.rcs/01_myadmin.conf,v | 123 + apache2/vhosts.d/.rcs/02_morph.conf,v | 263 + apache2/vhosts.d/.rcs/04_fotoalbum.conf,v | 64 + apache2/vhosts.d/.rcs/05_bautagebuch.conf,v | 56 + apache2/vhosts.d/.rcs/06_webmail.conf,v | 154 + apache2/vhosts.d/.rcs/09_ldap.conf,v | 113 + apache2/vhosts.d/.rcs/10_kfz-dlb.conf,v | 88 + apache2/vhosts.d/.rcs/11-books-nossl.conf,v | 31 + apache2/vhosts.d/.rcs/11-books-ssl.conf,v | 62 + apache2/vhosts.d/.rcs/12_dyndns.conf,v | 84 + apache2/vhosts.d/.rcs/books_vhost.include,v | 51 + apache2/vhosts.d/.rcs/default_vhost.include,v | 277 + apache2/vhosts.d/00_default_ssl_vhost.conf | 192 + apache2/vhosts.d/00_default_vhost.conf | 54 + apache2/vhosts.d/01_myadmin.conf | 85 + apache2/vhosts.d/02_morph.conf | 41 + apache2/vhosts.d/04_fotoalbum.conf | 40 + apache2/vhosts.d/05_bautagebuch.conf | 32 + apache2/vhosts.d/06_webmail.conf | 130 + apache2/vhosts.d/09_ldap.conf | 74 + apache2/vhosts.d/10_kfz-dlb.conf | 40 + apache2/vhosts.d/11-books-nossl.conf | 7 + apache2/vhosts.d/11-books-ssl.conf | 38 + apache2/vhosts.d/12_dyndns.conf | 60 + apache2/vhosts.d/books_vhost.include | 27 + apache2/vhosts.d/default_vhost.include | 135 + at/at.deny | 28 + audisp/audisp-remote.conf | 12 + audisp/audispd.conf | 11 + audisp/plugins.d/af_unix.conf | 14 + audisp/plugins.d/au-remote.conf | 12 + audisp/plugins.d/audispd-zos-remote.conf | 14 + audisp/plugins.d/syslog.conf | 10 + audisp/zos-remote.conf | 10 + audit/audit.rules | 25 + audit/audit.rules.stop.post | 13 + audit/audit.rules.stop.pre | 13 + audit/auditd.conf | 25 + autofs/auto.master | 24 + autofs/auto.misc | 15 + autofs/auto.net | 43 + autofs/auto.smb | 34 + autofs/autofs_ldap_auth.conf | 11 + bash/.rcs/bashrc,v | 187 + bash/.rcs/bashrc.orig,v | 104 + bash/bash_logout | 9 + bash/bashrc | 155 + bash/bashrc.orig | 80 + bash_completion.d/base | 1 + bash_completion.d/bash-builtins | 1 + bash_completion.d/bind-utils | 1 + bash_completion.d/bzip2 | 1 + bash_completion.d/dd | 1 + bash_completion.d/figlet | 1 + bash_completion.d/findutils | 1 + bash_completion.d/getent | 1 + bash_completion.d/git | 1 + bash_completion.d/gzip | 1 + bash_completion.d/iconv | 1 + bash_completion.d/imagemagick | 1 + bash_completion.d/iptables | 1 + bash_completion.d/lftp | 1 + bash_completion.d/lzma | 1 + bash_completion.d/man | 1 + bash_completion.d/openssl | 1 + bash_completion.d/perl | 1 + bash_completion.d/rcs | 1 + bash_completion.d/rrdtool | 1 + bash_completion.d/rsync | 1 + bash_completion.d/screen | 1 + bash_completion.d/ssh | 1 + bash_completion.d/strace | 1 + bash_completion.d/subversion | 1 + bash_completion.d/tar | 1 + bash_completion.d/tcpdump | 1 + bash_completion.d/tree | 1 + bash_completion.d/unrar | 1 + bash_completion.d/vim | 1 + .../.rcs/named-acl.conf.2010-06-21_23-35-50,v | 65 + bind/.old/named-acl.conf.2010-06-21_23-35-50 | 41 + bind/.orig/.rcs/bind.keys,v | 30 + bind/.orig/.rcs/named.conf,v | 240 + bind/.orig/.rcs/rndc.key,v | 28 + bind/.orig/bind.keys | 6 + bind/.orig/named.conf | 216 + bind/.orig/rndc.key | 4 + bind/.rcs/Kdyn_dns_updater.+157+29290.key,v | 25 + .../Kdyn_dns_updater.+157+29290.private,v | 28 + bind/.rcs/bind.keys,v | 115 + bind/.rcs/named-acl.conf,v | 185 + bind/.rcs/named-dyn.conf,v | 107 + bind/.rcs/named-log.conf,v | 127 + bind/.rcs/named-pri.conf,v | 299 + bind/.rcs/named-sec.conf,v | 1008 +++ bind/.rcs/named.conf,v | 332 + bind/.rcs/named.conf.orig,v | 357 ++ bind/.rcs/rndc.key,v | 44 + bind/Kdyn_dns_updater.+157+29290.key | 1 + bind/Kdyn_dns_updater.+157+29290.private | 4 + bind/bind.keys | 50 + bind/dyn | 1 + bind/named-acl.conf | 40 + bind/named-dyn.conf | 41 + bind/named-log.conf | 70 + bind/named-pri.conf | 117 + bind/named-sec.conf | 562 ++ bind/named.conf | 140 + bind/named.conf.orig | 165 + bind/pri | 1 + bind/rndc.key | 4 + bind/sec | 1 + conf.d/.rcs/apache2,v | 117 + conf.d/.rcs/auditd,v | 40 + conf.d/.rcs/autofs,v | 151 + conf.d/.rcs/books-prod-fcgi,v | 45 + conf.d/.rcs/bootmisc,v | 36 + conf.d/.rcs/clamd,v | 33 + conf.d/.rcs/clock,v | 60 + conf.d/.rcs/consolefont,v | 40 + conf.d/.rcs/crypto-loop,v | 33 + conf.d/.rcs/device-mapper,v | 25 + conf.d/.rcs/env_whitelist,v | 30 + conf.d/.rcs/git-daemon,v | 43 + conf.d/.rcs/gpm,v | 47 + conf.d/.rcs/hostname,v | 28 + conf.d/.rcs/ip6tables,v | 35 + conf.d/.rcs/iptables,v | 35 + conf.d/.rcs/keymaps,v | 51 + conf.d/.rcs/lm_sensors,v | 49 + conf.d/.rcs/local.start,v | 35 + conf.d/.rcs/local.stop,v | 40 + conf.d/.rcs/lvm,v | 29 + conf.d/.rcs/mdadm,v | 31 + conf.d/.rcs/mdraid,v | 29 + conf.d/.rcs/mysql,v | 104 + conf.d/.rcs/mysqlmanager,v | 52 + conf.d/.rcs/nagios,v | 34 + conf.d/.rcs/named,v | 50 + conf.d/.rcs/net,v | 58 + conf.d/.rcs/net.example,v | 889 +++ conf.d/.rcs/ntp-client,v | 40 + conf.d/.rcs/ntpd,v | 30 + conf.d/.rcs/pciparm,v | 52 + conf.d/.rcs/portmap,v | 29 + conf.d/.rcs/postgrey,v | 95 + conf.d/.rcs/pydoc-2.6,v | 32 + conf.d/.rcs/pydoc-3.1,v | 32 + conf.d/.rcs/quota,v | 44 + conf.d/.rcs/rc,v | 265 + conf.d/.rcs/rsyncd,v | 29 + conf.d/.rcs/samba,v | 52 + conf.d/.rcs/saslauthd,v | 49 + conf.d/.rcs/slapd,v | 34 + conf.d/.rcs/smartd,v | 28 + conf.d/.rcs/snmpd,v | 41 + conf.d/.rcs/snmptrapd,v | 40 + conf.d/.rcs/spamd,v | 70 + conf.d/.rcs/sshd,v | 45 + conf.d/.rcs/svnserve,v | 34 + conf.d/.rcs/syslog-ng,v | 30 + conf.d/.rcs/teamspeak3-server,v | 25 + conf.d/.rcs/twistd,v | 31 + conf.d/.rcs/udev,v | 87 + conf.d/.rcs/urandom,v | 32 + conf.d/.rcs/wireless.example,v | 322 + conf.d/apache2 | 75 + conf.d/apache2.sarah | 74 + conf.d/auditd | 16 + conf.d/autofs | 136 + conf.d/books-prod-fcgi | 21 + conf.d/bootmisc | 10 + conf.d/clamd | 9 + conf.d/consolefont | 17 + conf.d/crypto-loop | 9 + conf.d/device-mapper | 1 + conf.d/dmesg | 3 + conf.d/env_whitelist | 6 + conf.d/fsck | 27 + conf.d/git-daemon | 20 + conf.d/gpm | 23 + conf.d/hostname | 2 + conf.d/hwclock | 22 + conf.d/ip6tables | 11 + conf.d/iperf | 6 + conf.d/iptables | 11 + conf.d/keymaps | 25 + conf.d/killprocs | 3 + conf.d/lm_sensors | 25 + conf.d/localmount | 3 + conf.d/lvm | 5 + conf.d/mdadm | 7 + conf.d/mdraid | 5 + conf.d/modules | 23 + conf.d/mysql | 80 + conf.d/mysqlmanager | 28 + conf.d/nagios | 10 + conf.d/named | 48 + conf.d/net | 40 + conf.d/net.example | 871 +++ conf.d/network | 71 + conf.d/ntp-client | 16 + conf.d/ntpd | 6 + conf.d/pciparm | 28 + conf.d/portmap | 5 + conf.d/postgrey | 55 + conf.d/pydoc-2.6 | 8 + conf.d/pydoc-2.7 | 7 + conf.d/pydoc-3.1 | 7 + conf.d/quota | 20 + conf.d/rc | 241 + conf.d/rsyncd | 5 + conf.d/samba | 28 + conf.d/saslauthd | 25 + conf.d/slapd | 10 + conf.d/smartd | 4 + conf.d/snmpd | 17 + conf.d/snmptrapd | 16 + conf.d/spamd | 46 + conf.d/sshd | 21 + conf.d/staticroute | 8 + conf.d/svnserve | 10 + conf.d/syslog-ng | 6 + conf.d/teamspeak3-server | 1 + conf.d/twistd | 7 + conf.d/udev | 64 + conf.d/urandom | 5 + conf.d/wireless.example | 304 + config-archive/etc/DIR_COLORS,v | 297 + config-archive/etc/amavisd.conf,v | 2584 ++++++++ config-archive/etc/amavisd.conf.dist.new | 806 +++ config-archive/etc/apache2/httpd.conf,v | 346 + .../apache2/modules.d/00_apache_manual.conf,v | 223 + .../modules.d/00_default_settings.conf,v | 189 + .../modules.d/00_error_documents.conf,v | 82 + .../00_error_documents.conf.dist.new | 58 + .../etc/apache2/modules.d/00_languages.conf,v | 157 + .../modules.d/00_languages.conf.dist.new | 133 + .../apache2/modules.d/00_mod_autoindex.conf,v | 115 + .../modules.d/00_mod_autoindex.conf.dist.new | 83 + .../etc/apache2/modules.d/00_mod_info.conf,v | 42 + .../modules.d/00_mod_info.conf.dist.new | 12 + .../modules.d/00_mod_log_config.conf,v | 61 + .../modules.d/00_mod_log_config.conf.dist.new | 35 + .../etc/apache2/modules.d/00_mod_mime.conf,v | 107 + .../apache2/modules.d/00_mod_status.conf,v | 47 + .../modules.d/00_mod_status.conf.dist.new | 17 + .../etc/apache2/modules.d/00_mpm.conf,v | 123 + .../apache2/modules.d/00_mpm.conf.dist.new | 99 + .../apache2/modules.d/47_mod_dav_svn.conf,v | 68 + .../modules.d/47_mod_dav_svn.conf.dist.new | 16 + .../etc/apache2/modules.d/70_mod_php5.conf,v | 61 + .../etc/apache2/modules.d/75_mod_perl.conf,v | 80 + .../modules.d/75_mod_perl.conf.dist.new | 50 + .../vhosts.d/00_default_ssl_vhost.conf,v | 216 + .../00_default_ssl_vhost.conf.dist.new | 179 + .../apache2/vhosts.d/00_default_vhost.conf,v | 78 + .../vhosts.d/00_default_vhost.conf.dist.new | 48 + .../apache2/vhosts.d/default_vhost.include,v | 159 + .../vhosts.d/default_vhost.include.dist.new | 73 + config-archive/etc/auto.master,v | 64 + config-archive/etc/auto.misc,v | 40 + config-archive/etc/auto.misc.dist.new | 15 + config-archive/etc/auto.smb,v | 73 + config-archive/etc/autofs_ldap_auth.conf,v | 111 + config-archive/etc/bash/bashrc,v | 163 + config-archive/etc/bash/bashrc.dist.new | 80 + config-archive/etc/bind/bind.keys,v | 214 + config-archive/etc/bind/named.conf,v | 199 + config-archive/etc/bind/named.conf.dist.new | 172 + config-archive/etc/clamd.conf,v | 737 +++ config-archive/etc/conf.d/apache2,v | 150 + config-archive/etc/conf.d/autofs,v | 281 + config-archive/etc/conf.d/bootmisc,v | 102 + config-archive/etc/conf.d/clock | 36 + config-archive/etc/conf.d/clock.dist.new | 35 + config-archive/etc/conf.d/consolefont,v | 116 + config-archive/etc/conf.d/hostname,v | 46 + config-archive/etc/conf.d/hwclock,v | 99 + config-archive/etc/conf.d/keymaps,v | 142 + config-archive/etc/conf.d/modules,v | 69 + config-archive/etc/conf.d/nagios,v | 51 + config-archive/etc/conf.d/named,v | 255 + config-archive/etc/conf.d/net.example,v | 911 +++ config-archive/etc/conf.d/ntpd,v | 30 + config-archive/etc/conf.d/ntpd.dist.new | 6 + config-archive/etc/conf.d/postgrey,v | 79 + config-archive/etc/conf.d/postgrey.dist.new | 55 + config-archive/etc/conf.d/pydoc-2.7,v | 56 + config-archive/etc/conf.d/pydoc-3.1,v | 56 + config-archive/etc/conf.d/samba,v | 69 + config-archive/etc/conf.d/slapd,v | 34 + config-archive/etc/conf.d/slapd.dist.new | 9 + config-archive/etc/conf.d/snmpd,v | 58 + config-archive/etc/conf.d/snmptrapd,v | 57 + config-archive/etc/conf.d/svnserve,v | 87 + config-archive/etc/conf.d/udev,v | 142 + config-archive/etc/conf.d/urandom,v | 50 + config-archive/etc/conf.d/wireless.example,v | 354 + config-archive/etc/courier-imap/imapd,v | 479 ++ config-archive/etc/courier-imap/imapd-ssl,v | 381 ++ config-archive/etc/courier-imap/pop3d,v | 199 + config-archive/etc/courier-imap/pop3d-ssl,v | 363 ++ .../etc/courier/authlib/authdaemonrc,v | 130 + .../etc/courier/authlib/authdaemonrc.dist.new | 103 + .../etc/courier/authlib/authldaprc,v | 314 + .../etc/courier/authlib/authmysqlrc,v | 321 + .../etc/courier/authlib/authmysqlrc.dist.new | 288 + config-archive/etc/cron.daily/mlocate,v | 206 + config-archive/etc/cron.hourly/sysstat,v | 44 + config-archive/etc/cups/cupsd.conf,v | 219 + config-archive/etc/cups/cupsd.conf.default,v | 219 + config-archive/etc/cups/snmp.conf,v | 54 + config-archive/etc/dbus-1/session.conf,v | 104 + config-archive/etc/dhcpcd.conf,v | 75 + config-archive/etc/dispatch-conf.conf,v | 110 + config-archive/etc/elinks/elinks.conf,v | 627 ++ config-archive/etc/etc-update.conf,v | 152 + .../fonts/conf.avail/30-urw-aliases.conf,v | 83 + config-archive/etc/freshclam.conf,v | 366 ++ config-archive/etc/gai.conf,v | 206 + config-archive/etc/hosts,v | 69 + config-archive/etc/hosts.dist.new | 31 + config-archive/etc/init.d/sshd | 81 + config-archive/etc/init.d/sshd.dist | 82 + config-archive/etc/inittab,v | 85 + config-archive/etc/inittab.dist.new | 59 + config-archive/etc/inputrc,v | 136 + config-archive/etc/krb5.conf.example,v | 75 + config-archive/etc/layman/layman.cfg,v | 130 + config-archive/etc/locale.gen | 66 + config-archive/etc/locale.gen.dist.new | 31 + config-archive/etc/login.defs,v | 501 ++ config-archive/etc/logrotate.d/apache2,v | 51 + .../etc/logrotate.d/apache2.dist.new | 11 + config-archive/etc/logrotate.d/clamav,v | 46 + .../etc/logrotate.d/clamav.dist.new | 15 + .../etc/logrotate.d/elog-save-summary,v | 56 + config-archive/etc/logrotate.d/ulogd,v | 46 + config-archive/etc/logrotate.d/ulogd.dist.new | 7 + config-archive/etc/lvm/lvm.conf,v | 655 ++ .../etc/mail/spamassassin/local.cf,v | 122 + .../etc/mail/spamassassin/local.cf.dist.new | 85 + .../etc/mail/spamassassin/v310.pre,v | 102 + .../etc/mail/spamassassin/v310.pre.dist.new | 78 + .../etc/mail/spamassassin/v312.pre,v | 53 + .../etc/mail/spamassassin/v312.pre.dist.new | 29 + config-archive/etc/man.conf,v | 286 + config-archive/etc/mc/mc.ext,v | 730 +++ config-archive/etc/mc/mc.keymap,v | 555 ++ config-archive/etc/mc/mc.keymap.default,v | 555 ++ config-archive/etc/mc/mc.keymap.emacs,v | 569 ++ config-archive/etc/mdadm.conf,v | 106 + config-archive/etc/mke2fs.conf,v | 88 + config-archive/etc/mlocate-cron.conf,v | 50 + .../etc/modules.autoload.d/kernel-2.6 | 12 + .../modules.autoload.d/kernel-2.6.dist.new | 10 + config-archive/etc/mutt/Muttrc.dist,v | 5670 +++++++++++++++++ config-archive/etc/mysql/my.cnf,v | 184 + config-archive/etc/mysql/my.cnf.dist.new | 146 + config-archive/etc/nagios/cgi.cfg,v | 463 ++ config-archive/etc/nagios/nagios.cfg,v | 1434 +++++ .../etc/nagios/objects/commands.cfg,v | 352 + .../etc/nagios/objects/timeperiods.cfg,v | 160 + config-archive/etc/nagios/resource.cfg,v | 140 + config-archive/etc/nail.rc,v | 167 + config-archive/etc/networks,v | 51 + config-archive/etc/ntp.conf,v | 84 + config-archive/etc/ntp.conf.dist.new | 52 + config-archive/etc/openldap/ldap.conf,v | 38 + .../etc/openldap/ldap.conf.dist.new | 13 + config-archive/etc/openldap/schema/README,v | 163 + .../etc/openldap/schema/amavisd-new.schema,v | 975 +++ .../etc/openldap/schema/authldap.schema,v | 125 + .../openldap/schema/authldap.schema.dist.new | 103 + .../etc/openldap/schema/collective.schema,v | 273 + .../etc/openldap/schema/corba.schema,v | 325 + .../etc/openldap/schema/core.ldif,v | 674 ++ .../etc/openldap/schema/core.schema,v | 693 ++ .../etc/openldap/schema/cosine.ldif,v | 283 + .../etc/openldap/schema/cosine.schema,v | 2654 ++++++++ .../etc/openldap/schema/duaconf.schema,v | 344 + .../etc/openldap/schema/dyngroup.schema,v | 174 + .../etc/openldap/schema/inetorgperson.ldif,v | 152 + .../openldap/schema/inetorgperson.schema,v | 238 + .../etc/openldap/schema/java.schema,v | 486 ++ .../etc/openldap/schema/kerberos.schema,v | 720 +++ .../etc/openldap/schema/misc.schema,v | 158 + config-archive/etc/openldap/schema/nis.ldif,v | 203 + .../etc/openldap/schema/nis.schema,v | 320 + .../etc/openldap/schema/openldap.ldif,v | 171 + .../etc/openldap/schema/openldap.schema,v | 137 + .../etc/openldap/schema/pmi.schema,v | 547 ++ .../etc/openldap/schema/ppolicy.schema,v | 614 ++ config-archive/etc/openldap/slapd.conf,v | 164 + .../etc/openldap/slapd.conf.default,v | 115 + config-archive/etc/openldap/slapd.conf.dist | 75 + .../etc/openldap/slapd.conf.dist.new | 75 + config-archive/etc/pam.d/chgpasswd,v | 52 + config-archive/etc/pam.d/chpasswd,v | 60 + config-archive/etc/pam.d/login,v | 67 + config-archive/etc/pam.d/passwd,v | 50 + config-archive/etc/pam.d/start-stop-daemon,v | 48 + config-archive/etc/pam.d/su,v | 57 + config-archive/etc/pam.d/su.dist.new | 32 + config-archive/etc/pam.d/sudo,v | 46 + config-archive/etc/pam.d/system-auth,v | 99 + config-archive/etc/pam.d/system-login,v | 64 + config-archive/etc/pam.d/system-services,v | 48 + .../etc/php/apache2-php5.3/php.ini,v | 1969 ++++++ .../etc/php/apache2-php5/ext/suhosin.ini,v | 486 ++ config-archive/etc/php/apache2-php5/php.ini,v | 1342 ++++ config-archive/etc/php/cgi-php5.3/php.ini,v | 1943 ++++++ .../etc/php/cgi-php5/ext/suhosin.ini,v | 486 ++ config-archive/etc/php/cgi-php5/php.ini,v | 2693 ++++++++ config-archive/etc/php/cli-php5.3/php.ini,v | 1980 ++++++ .../etc/php/cli-php5/ext/suhosin.ini,v | 486 ++ config-archive/etc/php/cli-php5/php.ini,v | 1339 ++++ config-archive/etc/php/embed-php5.3/php.ini,v | 1943 ++++++ config-archive/etc/php/embed-php5/php.ini,v | 2641 ++++++++ .../etc/php/fpm-php5.3/php-fpm.conf,v | 354 + config-archive/etc/php/fpm-php5.3/php.ini,v | 1943 ++++++ config-archive/etc/portage/bin/post_sync,v | 60 + config-archive/etc/portage/package.use,v | 183 + .../etc/portage/postsync.d/q-reinitialize,v | 44 + config-archive/etc/postfix/main.cf,v | 1092 ++++ config-archive/etc/postfix/master.cf,v | 235 + .../etc/postfix/postgrey_whitelist_clients,v | 264 + config-archive/etc/postfix/saslpass,v | 44 + config-archive/etc/procmailrc,v | 26 + config-archive/etc/procmailrc.dist.new | 2 + config-archive/etc/profile,v | 116 + .../etc/profile.d/bash-completion.sh,v | 100 + .../etc/proftpd/proftpd.conf.sample,v | 161 + config-archive/etc/protocols,v | 253 + config-archive/etc/rc.conf,v | 471 ++ config-archive/etc/samba/lmhosts,v | 43 + config-archive/etc/samba/smb.conf.default,v | 315 + config-archive/etc/samba/smbusers,v | 48 + config-archive/etc/sasl2/smtpd.conf,v | 99 + config-archive/etc/screenrc,v | 406 ++ config-archive/etc/security/capability.conf,v | 96 + config-archive/etc/security/group.conf,v | 148 + config-archive/etc/security/namespace.init,v | 66 + config-archive/etc/sensors3.conf,v | 478 ++ config-archive/etc/services,v | 1223 ++++ config-archive/etc/skel/.bash_logout | 6 + config-archive/etc/skel/.bash_logout.dist.new | 6 + config-archive/etc/smartd.conf,v | 194 + config-archive/etc/ssh/ssh_config,v | 164 + config-archive/etc/ssh/sshd_config,v | 485 ++ config-archive/etc/ssl/openssl.cnf,v | 338 + config-archive/etc/ssl/openssl.cnf.dist.new | 350 + config-archive/etc/sudoers,v | 267 + config-archive/etc/sudoers.dist | 90 + config-archive/etc/sudoers.dist.new | 90 + config-archive/etc/sysctl.conf,v | 95 + config-archive/etc/syslog-ng/syslog-ng.conf,v | 107 + .../etc/syslog-ng/syslog-ng.conf.dist.new | 37 + config-archive/etc/sysstat,v | 126 + .../etc/texmf/texdoc.d/texdoc.cnf,v | 866 +++ .../etc/texmf/texmf.d/00header.cnf,v | 93 + .../etc/texmf/texmf.d/05searchpaths.cnf,v | 235 + .../etc/texmf/texmf.d/10standardpaths.cnf,v | 494 ++ .../etc/texmf/texmf.d/15options.cnf,v | 226 + .../etc/texmf/texmf.d/20sizes.cnf,v | 180 + config-archive/etc/ulogd.conf,v | 348 + config-archive/etc/ulogd.conf.dist | 219 + config-archive/etc/ulogd.conf.dist.new | 219 + config-archive/etc/updatedb.conf,v | 67 + .../www/bautagebuch/htdocs/wp-config.php,v | 100 + .../bautagebuch/htdocs/wp-config.php.dist.new | 76 + .../var/www/ldap/htdocs/config/config.php,v | 586 ++ .../htdocs/libraries/config.default.php,v | 3086 +++++++++ courier-imap/.orig/imapd | 429 ++ courier-imap/.orig/imapd-ssl | 336 + courier-imap/.orig/imapd.cnf | 22 + courier-imap/.orig/pop3d | 155 + courier-imap/.orig/pop3d-ssl | 322 + courier-imap/.orig/pop3d.cnf | 22 + courier-imap/.rcs/imapd,v | 469 ++ courier-imap/.rcs/imapd-ssl,v | 397 ++ courier-imap/.rcs/imapd.cnf,v | 46 + courier-imap/.rcs/pop3d,v | 195 + courier-imap/.rcs/pop3d-ssl,v | 346 + courier-imap/.rcs/pop3d.cnf,v | 46 + courier-imap/.rcs/quotawarnmsg,v | 39 + courier-imap/imapd | 429 ++ courier-imap/imapd-ssl | 338 + courier-imap/imapd.cnf | 22 + courier-imap/imapd.pem | 38 + courier-imap/pop3d | 155 + courier-imap/pop3d-ssl | 322 + courier-imap/pop3d.cnf | 22 + courier-imap/pop3d.pem | 38 + courier-imap/quotawarnmsg | 15 + courier-imap/quotawarnmsg.example | 13 + courier/authlib/.rcs/authdaemonrc,v | 127 + courier/authlib/.rcs/authldaprc,v | 297 + courier/authlib/.rcs/authmysqlrc,v | 312 + courier/authlib/authdaemonrc | 105 + courier/authlib/authdaemonrc.dist | 103 + courier/authlib/authldaprc | 273 + courier/authlib/authldaprc.dist | 273 + courier/authlib/authmysqlrc | 297 + courier/authlib/authmysqlrc.dist | 288 + cron.daily/.rcs/logrotate,v | 33 + cron.daily/get-checks-from-postfixbuch | 6 + cron.daily/logrotate | 9 + cron.daily/makewhatis | 5 + cron.daily/mlocate | 48 + cron.daily/rkhunter | 134 + cron.daily/run_reoback.sh | 42 + cron.daily/sysstat | 5 + cron.hourly/sysstat | 3 + cron.monthly/update-pciids | 2 + cups/client.conf | 1 + cups/cupsd.conf | 125 + cups/cupsd.conf.default | 125 + cups/snmp.conf | 13 + dbus-1/session.conf | 63 + dbus-1/system.conf | 83 + dbus-1/system.d/cups.conf | 13 + default/useradd | 7 + eclean/distfiles.exclude | 5 + eclean/packages.exclude | 4 + elinks/elinks.conf | 565 ++ elinks/keybind-full.sample | 181 + elinks/keybind.conf.sample | 34 + env.d/00basic | 9 + env.d/00glibc | 1 + env.d/04multilib | 1 + env.d/05binutils | 2 + env.d/05gcc-x86_64-pc-linux-gnu | 6 + env.d/09sandbox | 1 + env.d/10bind | 1 + env.d/20java-config | 2 + env.d/20php5.3 | 2 + env.d/30gnupg | 1 + env.d/30xdg-data-local | 2 + env.d/37fontconfig | 1 + env.d/50gtk2 | 1 + env.d/50guile | 1 + env.d/50ncurses | 1 + env.d/60python-docs-2.7 | 1 + env.d/60python-docs-3.1 | 1 + env.d/65python-docs | 1 + env.d/70less | 2 + env.d/80mercurial | 1 + env.d/80subversion-extras | 2 + env.d/90xdg-data-base | 2 + env.d/98ca-certificates | 1 + env.d/98texlive | 1 + env.d/99editor | 2 + env.d/99gentoolkit-env | 1 + env.d/binutils/config-x86_64-pc-linux-gnu | 1 + env.d/binutils/x86_64-pc-linux-gnu-2.21.1 | 4 + env.d/gcc/.NATIVE | 1 + env.d/gcc/config-x86_64-pc-linux-gnu | 1 + env.d/gcc/x86_64-pc-linux-gnu-4.5.3 | 5 + env.d/python/config | 1 + eselect/boost/active | 1 + fonts/conf.avail/10-autohint.conf | 8 + fonts/conf.avail/10-no-sub-pixel.conf | 8 + fonts/conf.avail/10-sub-pixel-bgr.conf | 8 + fonts/conf.avail/10-sub-pixel-rgb.conf | 8 + fonts/conf.avail/10-sub-pixel-vbgr.conf | 8 + fonts/conf.avail/10-sub-pixel-vrgb.conf | 8 + fonts/conf.avail/10-unhinted.conf | 8 + fonts/conf.avail/20-fix-globaladvance.conf | 28 + fonts/conf.avail/20-unhint-small-vera.conf | 48 + fonts/conf.avail/25-unhint-nonlatin.conf | 128 + fonts/conf.avail/30-metric-aliases.conf | 211 + fonts/conf.avail/30-urw-aliases.conf | 44 + fonts/conf.avail/40-nonlatin.conf | 90 + fonts/conf.avail/45-latin.conf | 77 + fonts/conf.avail/49-sansserif.conf | 21 + fonts/conf.avail/50-user.conf | 7 + fonts/conf.avail/51-local.conf | 6 + fonts/conf.avail/60-latin.conf | 70 + fonts/conf.avail/65-fonts-persian.conf | 419 ++ fonts/conf.avail/65-khmer.conf | 16 + fonts/conf.avail/65-nonlatin.conf | 195 + fonts/conf.avail/69-unifont.conf | 28 + fonts/conf.avail/70-no-bitmaps.conf | 12 + fonts/conf.avail/70-yes-bitmaps.conf | 12 + fonts/conf.avail/80-delicious.conf | 19 + fonts/conf.avail/90-synthetic.conf | 64 + fonts/conf.d/20-fix-globaladvance.conf | 1 + fonts/conf.d/20-unhint-small-vera.conf | 1 + fonts/conf.d/30-metric-aliases.conf | 1 + fonts/conf.d/30-urw-aliases.conf | 1 + fonts/conf.d/40-nonlatin.conf | 1 + fonts/conf.d/45-latin.conf | 1 + fonts/conf.d/49-sansserif.conf | 1 + fonts/conf.d/50-user.conf | 1 + fonts/conf.d/51-local.conf | 1 + fonts/conf.d/60-latin.conf | 1 + fonts/conf.d/65-fonts-persian.conf | 1 + fonts/conf.d/65-nonlatin.conf | 1 + fonts/conf.d/69-unifont.conf | 1 + fonts/conf.d/80-delicious.conf | 1 + fonts/conf.d/90-synthetic.conf | 1 + fonts/conf.d/README | 23 + fonts/fonts.conf | 151 + fonts/fonts.dtd | 224 + gpm/gpm-root.conf | 85 + gpm/gpm-syn.conf | 49 + gpm/gpm-twiddler.conf | 258 + gtk-2.0/gtkrc | 1 + gtk-2.0/im-multipress.conf | 22 + gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules | 39 + init.d/.rcs/books-prod-fcgi,v | 78 + init.d/amavisd | 71 + init.d/apache2 | 182 + init.d/atd | 21 + init.d/auditd | 58 + init.d/autofs | 70 + init.d/books-prod-fcgi | 54 + init.d/bootmisc | 171 + init.d/clamd | 102 + init.d/consolefont | 67 + init.d/courier-authlib | 41 + init.d/courier-imapd | 36 + init.d/courier-imapd-ssl | 41 + init.d/courier-pop3d | 36 + init.d/courier-pop3d-ssl | 41 + init.d/crypto-loop | 70 + init.d/cupsd | 20 + init.d/dbus | 51 + init.d/devfs | 36 + init.d/device-mapper | 30 + init.d/dhcpcd | 27 + init.d/dmesg | 18 + init.d/dmeventd | 23 + init.d/fancontrol | 33 + init.d/fsck | 109 + init.d/functions.sh | 1 + init.d/git-daemon | 30 + init.d/gpm | 38 + init.d/hostname | 17 + init.d/hwclock | 146 + init.d/ip6tables | 116 + init.d/iperf | 21 + init.d/iptables | 116 + init.d/keymaps | 70 + init.d/killprocs | 22 + init.d/lm_sensors | 105 + init.d/local | 51 + init.d/localmount | 80 + init.d/lvm | 39 + init.d/lvm-monitoring | 46 + init.d/mdadm | 26 + init.d/mdev | 9 + init.d/mdraid | 40 + init.d/mit-krb5kadmind | 31 + init.d/mit-krb5kdc | 31 + init.d/mit-krb5kpropd | 27 + init.d/modules | 63 + init.d/mount-ro | 44 + init.d/mtab | 36 + init.d/mysql | 358 ++ init.d/mysqlmanager | 230 + init.d/nagios | 57 + init.d/named | 250 + init.d/ndo2db | 25 + init.d/net.eth0 | 1 + init.d/net.lo | 737 +++ init.d/netmount | 106 + init.d/network | 352 + init.d/nrpe | 36 + init.d/nscd | 63 + init.d/ntp-client | 32 + init.d/ntpd | 36 + init.d/numlock | 42 + init.d/pciparm | 80 + init.d/php-fpm | 41 + init.d/policyd-weight | 25 + init.d/portmap | 59 + init.d/postfix | 48 + init.d/postgrey | 101 + init.d/procfs | 71 + init.d/proftpd | 52 + init.d/pwcheck | 21 + init.d/pydoc-2.7 | 29 + init.d/pydoc-3.1 | 29 + init.d/quota | 38 + init.d/reboot.sh | 11 + init.d/root | 32 + init.d/rpc.rquotad | 26 + init.d/rsyncd | 23 + init.d/samba | 59 + init.d/saslauthd | 21 + init.d/savecache | 41 + init.d/shutdown.sh | 13 + init.d/slapd | 22 + init.d/smartd | 43 + init.d/snmpd | 47 + init.d/snmptrapd | 24 + init.d/spamd | 45 + init.d/sshd | 84 + init.d/staticroute | 104 + init.d/svnserve | 26 + init.d/swap | 35 + init.d/swclock | 30 + init.d/sysctl | 34 + init.d/sysfs | 64 + init.d/syslog-ng | 60 + init.d/sysstat | 19 + init.d/teamspeak3-server | 42 + init.d/termencoding | 48 + init.d/twistd | 25 + init.d/udev | 272 + init.d/udev-dev-tarball | 95 + init.d/udev-mount | 107 + init.d/udev-postmount | 53 + init.d/ulogd | 36 + init.d/urandom | 45 + init.d/vixie-cron | 22 + iproute2/ematch_map | 5 + iproute2/rt_dsfield | 27 + iproute2/rt_protos | 30 + iproute2/rt_realms | 13 + iproute2/rt_scopes | 11 + iproute2/rt_tables | 11 + java-config-2/build/compilers.conf | 5 + java-config-2/build/jdk.conf | 12 + java-config-2/current-system-vm | 1 + java-config-2/virtuals | 4 + kernel-config/config-2.6.34-gentoo-r12-00 | 2536 ++++++++ kernel-config/config-2.6.36-gentoo-r5-00 | 2631 ++++++++ kernel-config/config-2.6.37-00 | 2725 ++++++++ kernel-config/config-2.6.37-gentoo-r4-00 | 2694 ++++++++ kernel-config/config-2.6.38-gentoo-r6-00 | 2722 ++++++++ kernel-config/config-2.6.39-gentoo-r3-00 | 2764 ++++++++ kernel-config/config-3.0.6-gentoo-00 | 2797 ++++++++ layman/layman.cfg | 81 + ld.so.conf.d/05binutils.conf | 1 + lftp/lftp.conf | 90 + local.d/README | 9 + local.d/baselayout1.start | 13 + local.d/baselayout1.stop | 16 + logrotate.d/.rcs/apache2,v | 73 + logrotate.d/.rcs/clamav,v | 61 + logrotate.d/.rcs/elog-save-summary,v | 51 + logrotate.d/.rcs/mysql,v | 55 + logrotate.d/.rcs/named,v | 51 + logrotate.d/.rcs/rsyncd,v | 49 + logrotate.d/.rcs/syslog-ng,v | 105 + logrotate.d/.rcs/ulogd,v | 67 + logrotate.d/apache2 | 26 + logrotate.d/clamav | 21 + logrotate.d/elog-save-summary | 12 + logrotate.d/mysql | 17 + logrotate.d/named | 27 + logrotate.d/openrc | 7 + logrotate.d/rsyncd | 11 + logrotate.d/syslog-ng | 59 + logrotate.d/ulogd | 22 + lvm/archive/vg0_00000.vg | 208 + lvm/archive/vg0_00001.vg | 208 + lvm/archive/vg0_00002.vg | 227 + lvm/backup/vg0 | 246 + lvm/cache/.cache | 121 + lvm/lvm.conf | 525 ++ mail/aliases | 1 + mail/aliases.dont_use | 33 + mail/spamassassin/init.pre | 36 + mail/spamassassin/local.cf | 85 + mail/spamassassin/local.cf.example | 2 + mail/spamassassin/sa-update-keys/pubring.gpg | Bin 0 -> 2783 bytes mail/spamassassin/sa-update-keys/pubring.gpg~ | 0 mail/spamassassin/sa-update-keys/secring.gpg | 0 mail/spamassassin/sa-update-keys/trustdb.gpg | Bin 0 -> 1200 bytes mail/spamassassin/secrets.cf.example | 14 + mail/spamassassin/v310.pre | 78 + mail/spamassassin/v312.pre | 29 + mail/spamassassin/v320.pre | 64 + mail/spamassassin/v330.pre | 28 + mc/cedit.menu | 468 ++ mc/edit.indent.rc | 31 + mc/edit.spell.rc | 11 + mc/filehighlight.ini | 45 + mc/mc.ext | 664 ++ mc/mc.keymap | 451 ++ mc/mc.keymap.default | 451 ++ mc/mc.keymap.emacs | 455 ++ mc/mc.menu | 383 ++ mc/mc.menu.sr | 344 + mc/sfs.ini | 28 + mdadm.conf | 65 + modprobe.d/aliases.conf | 42 + modprobe.d/blacklist.conf | 29 + modprobe.d/i386.conf | 4 + modprobe.d/pnp-aliases.conf | 17 + modprobe.d/usb-load-ehci-first.conf | 2 + mutt/Muttrc | 19 + mutt/Muttrc.dist | 5137 +++++++++++++++ mutt/mime.types | 1 + mutt/mime.types.dist | 113 + mysql/.rcs/my.cnf,v | 391 ++ mysql/.rcs/my.cnf.orig,v | 170 + mysql/my.cnf | 160 + mysql/my.cnf.orig | 146 + mysql/mysqlaccess.conf | 45 + nagios/cgi.cfg | 357 ++ nagios/nagios.cfg | 1322 ++++ nagios/ndo2db.cfg | 166 + nagios/ndomod.cfg | 151 + nagios/nrpe.cfg | 215 + nagios/objects/commands.cfg | 240 + nagios/objects/contacts.cfg | 55 + nagios/objects/localhost.cfg | 157 + nagios/objects/printer.cfg | 85 + nagios/objects/switch.cfg | 113 + nagios/objects/templates.cfg | 190 + nagios/objects/timeperiods.cfg | 117 + nagios/objects/windows.cfg | 145 + nagios/resource.cfg | 34 + openldap/.rcs/ldap.conf,v | 57 + openldap/.rcs/slapd.conf,v | 135 + openldap/DB_CONFIG.example | 28 + openldap/ldap.conf | 14 + openldap/ldap.conf.default | 13 + openldap/schema/.rcs/amavisd-new.schema,v | 817 +++ openldap/schema/.rcs/authldap.schema,v | 124 + openldap/schema/.rcs/collective.schema,v | 233 + openldap/schema/.rcs/corba.schema,v | 283 + openldap/schema/.rcs/core.schema,v | 653 ++ openldap/schema/.rcs/cosine.schema,v | 2614 ++++++++ openldap/schema/.rcs/duaconf.schema,v | 304 + openldap/schema/.rcs/dyngroup.schema,v | 134 + openldap/schema/.rcs/evolutionperson.schema,v | 236 + openldap/schema/.rcs/extension.schema,v | 68 + openldap/schema/.rcs/inetorgperson.schema,v | 198 + openldap/schema/.rcs/java.schema,v | 446 ++ openldap/schema/.rcs/kerberos.schema,v | 695 ++ openldap/schema/.rcs/misc.schema,v | 118 + openldap/schema/.rcs/mozilla.schema,v | 203 + openldap/schema/.rcs/mozillaorg.schema,v | 205 + openldap/schema/.rcs/nis.schema,v | 280 + openldap/schema/.rcs/openldap.schema,v | 97 + openldap/schema/.rcs/openssh.schema,v | 53 + openldap/schema/.rcs/pmi.schema,v | 507 ++ openldap/schema/.rcs/ppolicy.schema,v | 574 ++ openldap/schema/.rcs/quota.schema,v | 42 + openldap/schema/.rcs/samba.schema,v | 599 ++ openldap/schema/README | 80 + openldap/schema/amavisd-new.schema | 931 +++ openldap/schema/authldap.schema | 100 + openldap/schema/authldap.schema.default | 103 + openldap/schema/collective.schema | 190 + openldap/schema/collective.schema.default | 190 + openldap/schema/corba.schema | 239 + openldap/schema/corba.schema.default | 239 + openldap/schema/core.ldif | 591 ++ openldap/schema/core.schema | 610 ++ openldap/schema/core.schema.default | 610 ++ openldap/schema/cosine.ldif | 200 + openldap/schema/cosine.schema | 2571 ++++++++ openldap/schema/cosine.schema.default | 2571 ++++++++ openldap/schema/duaconf.schema | 261 + openldap/schema/duaconf.schema.default | 261 + openldap/schema/dyngroup.ldif | 71 + openldap/schema/dyngroup.schema | 91 + openldap/schema/dyngroup.schema.default | 91 + openldap/schema/evolutionperson.schema | 212 + openldap/schema/extension.schema | 44 + openldap/schema/inetorgperson.ldif | 69 + openldap/schema/inetorgperson.schema | 155 + openldap/schema/inetorgperson.schema.default | 155 + openldap/schema/java.schema | 403 ++ openldap/schema/java.schema.default | 403 ++ openldap/schema/kerberos.schema | 678 ++ openldap/schema/misc.schema | 75 + openldap/schema/misc.schema.default | 75 + openldap/schema/mozilla.schema.old | 179 + openldap/schema/mozillaorg.schema | 181 + openldap/schema/mozillaorg.schema.default | 175 + openldap/schema/nis.ldif | 120 + openldap/schema/nis.schema | 237 + openldap/schema/nis.schema.default | 237 + openldap/schema/openldap.ldif | 88 + openldap/schema/openldap.schema | 54 + openldap/schema/openldap.schema.default | 54 + openldap/schema/openssh.schema | 29 + openldap/schema/pmi.schema | 464 ++ openldap/schema/pmi.schema.default | 464 ++ openldap/schema/ppolicy.schema | 531 ++ openldap/schema/ppolicy.schema.default | 531 ++ openldap/schema/quota.schema | 18 + openldap/schema/samba.schema | 575 ++ openldap/slapd.conf | 97 + openldap/slapd.conf.default | 75 + openldap/ssl.orig/ldap.crt | 17 + openldap/ssl.orig/ldap.csr | 13 + openldap/ssl.orig/ldap.key | 15 + openldap/ssl.orig/ldap.pem | 33 + openldap/ssl/ca.rnd | Bin 0 -> 1024 bytes openldap/ssl/gencert.sh | 139 + openldap/ssl/ldap.cfg | 24 + openldap/ssl/ldap.crt | 17 + openldap/ssl/ldap.csr | 13 + openldap/ssl/ldap.key | 15 + openldap/ssl/ldap.pem | 32 + openldap/ssl/ldap.pem.orig | 33 + openldap/ssl/ldap.pem.sarah | 29 + pam.d/atd | 10 + pam.d/chage | 8 + pam.d/chfn | 8 + pam.d/chgpasswd | 8 + pam.d/chpasswd | 8 + pam.d/chsh | 8 + pam.d/cron | 7 + pam.d/cups | 5 + pam.d/cvs | 4 + pam.d/ftp | 18 + pam.d/groupadd | 8 + pam.d/groupdel | 8 + pam.d/groupmems | 4 + pam.d/groupmod | 8 + pam.d/imap | 8 + pam.d/imap4 | 1 + pam.d/imap4s | 1 + pam.d/imaps | 1 + pam.d/login | 6 + pam.d/newusers | 8 + pam.d/other | 4 + pam.d/passwd | 8 + pam.d/pop | 8 + pam.d/pop3 | 1 + pam.d/pop3s | 1 + pam.d/pops | 1 + pam.d/samba | 8 + pam.d/saslauthd | 8 + pam.d/screen | 4 + pam.d/shadow | 8 + pam.d/smtp | 5 + pam.d/sshd | 4 + pam.d/start-stop-daemon | 2 + pam.d/su | 33 + pam.d/sudo | 6 + pam.d/system-auth | 15 + pam.d/system-local-login | 4 + pam.d/system-login | 19 + pam.d/system-remote-login | 4 + pam.d/system-services | 7 + pam.d/useradd | 8 + pam.d/userdel | 8 + pam.d/usermod | 8 + pango/pangox.aliases | 220 + pango/x86_64-pc-linux-gnu/pango.modules | 35 + php/apache2-php5.3/.rcs/php.ini,v | 1950 ++++++ php/apache2-php5.3/.rcs/php.ini.orig,v | 1914 ++++++ php/apache2-php5.3/ext-active/apc.ini | 1 + php/apache2-php5.3/ext-active/bcmath.ini | 1 + php/apache2-php5.3/ext-active/bz2.ini | 1 + php/apache2-php5.3/ext-active/calendar.ini | 1 + php/apache2-php5.3/ext-active/crack.ini | 1 + php/apache2-php5.3/ext-active/curl.ini | 1 + php/apache2-php5.3/ext-active/dba.ini | 1 + php/apache2-php5.3/ext-active/enchant.ini | 1 + php/apache2-php5.3/ext-active/exif.ini | 1 + php/apache2-php5.3/ext-active/ftp.ini | 1 + php/apache2-php5.3/ext-active/gd.ini | 1 + php/apache2-php5.3/ext-active/gettext.ini | 1 + php/apache2-php5.3/ext-active/gmp.ini | 1 + php/apache2-php5.3/ext-active/http.ini | 1 + php/apache2-php5.3/ext-active/imagick.ini | 1 + php/apache2-php5.3/ext-active/imap.ini | 1 + php/apache2-php5.3/ext-active/intl.ini | 1 + php/apache2-php5.3/ext-active/ldap.ini | 1 + php/apache2-php5.3/ext-active/mailparse.ini | 1 + php/apache2-php5.3/ext-active/mbstring.ini | 1 + php/apache2-php5.3/ext-active/mcrypt.ini | 1 + php/apache2-php5.3/ext-active/mysql.ini | 1 + php/apache2-php5.3/ext-active/mysqli.ini | 1 + php/apache2-php5.3/ext-active/odbc.ini | 1 + php/apache2-php5.3/ext-active/pcntl.ini | 1 + php/apache2-php5.3/ext-active/pspell.ini | 1 + php/apache2-php5.3/ext-active/snmp.ini | 1 + php/apache2-php5.3/ext-active/soap.ini | 1 + php/apache2-php5.3/ext-active/sockets.ini | 1 + php/apache2-php5.3/ext-active/sysvmsg.ini | 1 + php/apache2-php5.3/ext-active/sysvsem.ini | 1 + php/apache2-php5.3/ext-active/sysvshm.ini | 1 + php/apache2-php5.3/ext-active/tidy.ini | 1 + php/apache2-php5.3/ext-active/wddx.ini | 1 + php/apache2-php5.3/ext-active/xmlrpc.ini | 1 + php/apache2-php5.3/ext-active/xsl.ini | 1 + php/apache2-php5.3/ext-active/zip.ini | 1 + php/apache2-php5.3/ext-active/zlib.ini | 1 + php/apache2-php5.3/ext/apc.ini | 26 + php/apache2-php5.3/ext/bcmath.ini | 1 + php/apache2-php5.3/ext/bz2.ini | 1 + php/apache2-php5.3/ext/calendar.ini | 1 + php/apache2-php5.3/ext/crack.ini | 1 + php/apache2-php5.3/ext/curl.ini | 1 + php/apache2-php5.3/ext/dba.ini | 1 + php/apache2-php5.3/ext/enchant.ini | 1 + php/apache2-php5.3/ext/exif.ini | 1 + php/apache2-php5.3/ext/ftp.ini | 1 + php/apache2-php5.3/ext/gd.ini | 1 + php/apache2-php5.3/ext/gettext.ini | 1 + php/apache2-php5.3/ext/gmp.ini | 1 + php/apache2-php5.3/ext/http.ini | 22 + php/apache2-php5.3/ext/imagick.ini | 1 + php/apache2-php5.3/ext/imap.ini | 1 + php/apache2-php5.3/ext/intl.ini | 1 + php/apache2-php5.3/ext/ldap.ini | 1 + php/apache2-php5.3/ext/mailparse.ini | 1 + php/apache2-php5.3/ext/mbstring.ini | 1 + php/apache2-php5.3/ext/mcrypt.ini | 1 + php/apache2-php5.3/ext/mysql.ini | 1 + php/apache2-php5.3/ext/mysqli.ini | 1 + php/apache2-php5.3/ext/odbc.ini | 1 + php/apache2-php5.3/ext/pcntl.ini | 1 + php/apache2-php5.3/ext/pspell.ini | 1 + php/apache2-php5.3/ext/snmp.ini | 1 + php/apache2-php5.3/ext/soap.ini | 1 + php/apache2-php5.3/ext/sockets.ini | 1 + php/apache2-php5.3/ext/sysvmsg.ini | 1 + php/apache2-php5.3/ext/sysvsem.ini | 1 + php/apache2-php5.3/ext/sysvshm.ini | 1 + php/apache2-php5.3/ext/tidy.ini | 1 + php/apache2-php5.3/ext/wddx.ini | 1 + php/apache2-php5.3/ext/xmlrpc.ini | 1 + php/apache2-php5.3/ext/xsl.ini | 1 + php/apache2-php5.3/ext/zip.ini | 1 + php/apache2-php5.3/ext/zlib.ini | 1 + php/apache2-php5.3/php.ini | 1898 ++++++ php/apache2-php5.3/php.ini.orig | 1890 ++++++ php/apache2-php5/.rcs/php.ini,v | 2652 ++++++++ php/apache2-php5/.rcs/php.ini.orig,v | 1923 ++++++ php/apache2-php5/ext/apc.ini | 26 + php/apache2-php5/php.ini | 1901 ++++++ php/apache2-php5/php.ini.orig | 1899 ++++++ php/cgi-php5.3/ext-active/apc.ini | 1 + php/cgi-php5.3/ext-active/bcmath.ini | 1 + php/cgi-php5.3/ext-active/bz2.ini | 1 + php/cgi-php5.3/ext-active/calendar.ini | 1 + php/cgi-php5.3/ext-active/crack.ini | 1 + php/cgi-php5.3/ext-active/curl.ini | 1 + php/cgi-php5.3/ext-active/dba.ini | 1 + php/cgi-php5.3/ext-active/enchant.ini | 1 + php/cgi-php5.3/ext-active/exif.ini | 1 + php/cgi-php5.3/ext-active/ftp.ini | 1 + php/cgi-php5.3/ext-active/gd.ini | 1 + php/cgi-php5.3/ext-active/gettext.ini | 1 + php/cgi-php5.3/ext-active/gmp.ini | 1 + php/cgi-php5.3/ext-active/http.ini | 1 + php/cgi-php5.3/ext-active/imagick.ini | 1 + php/cgi-php5.3/ext-active/imap.ini | 1 + php/cgi-php5.3/ext-active/intl.ini | 1 + php/cgi-php5.3/ext-active/ldap.ini | 1 + php/cgi-php5.3/ext-active/mailparse.ini | 1 + php/cgi-php5.3/ext-active/mbstring.ini | 1 + php/cgi-php5.3/ext-active/mcrypt.ini | 1 + php/cgi-php5.3/ext-active/mysql.ini | 1 + php/cgi-php5.3/ext-active/mysqli.ini | 1 + php/cgi-php5.3/ext-active/odbc.ini | 1 + php/cgi-php5.3/ext-active/pcntl.ini | 1 + php/cgi-php5.3/ext-active/pspell.ini | 1 + php/cgi-php5.3/ext-active/snmp.ini | 1 + php/cgi-php5.3/ext-active/soap.ini | 1 + php/cgi-php5.3/ext-active/sockets.ini | 1 + php/cgi-php5.3/ext-active/sysvmsg.ini | 1 + php/cgi-php5.3/ext-active/sysvsem.ini | 1 + php/cgi-php5.3/ext-active/sysvshm.ini | 1 + php/cgi-php5.3/ext-active/tidy.ini | 1 + php/cgi-php5.3/ext-active/wddx.ini | 1 + php/cgi-php5.3/ext-active/xmlrpc.ini | 1 + php/cgi-php5.3/ext-active/xsl.ini | 1 + php/cgi-php5.3/ext-active/zip.ini | 1 + php/cgi-php5.3/ext-active/zlib.ini | 1 + php/cgi-php5.3/ext/apc.ini | 26 + php/cgi-php5.3/ext/bcmath.ini | 1 + php/cgi-php5.3/ext/bz2.ini | 1 + php/cgi-php5.3/ext/calendar.ini | 1 + php/cgi-php5.3/ext/crack.ini | 1 + php/cgi-php5.3/ext/curl.ini | 1 + php/cgi-php5.3/ext/dba.ini | 1 + php/cgi-php5.3/ext/enchant.ini | 1 + php/cgi-php5.3/ext/exif.ini | 1 + php/cgi-php5.3/ext/ftp.ini | 1 + php/cgi-php5.3/ext/gd.ini | 1 + php/cgi-php5.3/ext/gettext.ini | 1 + php/cgi-php5.3/ext/gmp.ini | 1 + php/cgi-php5.3/ext/http.ini | 22 + php/cgi-php5.3/ext/imagick.ini | 1 + php/cgi-php5.3/ext/imap.ini | 1 + php/cgi-php5.3/ext/intl.ini | 1 + php/cgi-php5.3/ext/ldap.ini | 1 + php/cgi-php5.3/ext/mailparse.ini | 1 + php/cgi-php5.3/ext/mbstring.ini | 1 + php/cgi-php5.3/ext/mcrypt.ini | 1 + php/cgi-php5.3/ext/mysql.ini | 1 + php/cgi-php5.3/ext/mysqli.ini | 1 + php/cgi-php5.3/ext/odbc.ini | 1 + php/cgi-php5.3/ext/pcntl.ini | 1 + php/cgi-php5.3/ext/pspell.ini | 1 + php/cgi-php5.3/ext/snmp.ini | 1 + php/cgi-php5.3/ext/soap.ini | 1 + php/cgi-php5.3/ext/sockets.ini | 1 + php/cgi-php5.3/ext/sysvmsg.ini | 1 + php/cgi-php5.3/ext/sysvsem.ini | 1 + php/cgi-php5.3/ext/sysvshm.ini | 1 + php/cgi-php5.3/ext/tidy.ini | 1 + php/cgi-php5.3/ext/wddx.ini | 1 + php/cgi-php5.3/ext/xmlrpc.ini | 1 + php/cgi-php5.3/ext/xsl.ini | 1 + php/cgi-php5.3/ext/zip.ini | 1 + php/cgi-php5.3/ext/zlib.ini | 1 + php/cgi-php5.3/php.ini | 1894 ++++++ php/cli-php5.3/.rcs/php.ini,v | 1964 ++++++ php/cli-php5.3/.rcs/php.ini.orig,v | 1914 ++++++ php/cli-php5.3/ext-active/apc.ini | 1 + php/cli-php5.3/ext-active/bcmath.ini | 1 + php/cli-php5.3/ext-active/bz2.ini | 1 + php/cli-php5.3/ext-active/calendar.ini | 1 + php/cli-php5.3/ext-active/crack.ini | 1 + php/cli-php5.3/ext-active/curl.ini | 1 + php/cli-php5.3/ext-active/dba.ini | 1 + php/cli-php5.3/ext-active/enchant.ini | 1 + php/cli-php5.3/ext-active/exif.ini | 1 + php/cli-php5.3/ext-active/ftp.ini | 1 + php/cli-php5.3/ext-active/gd.ini | 1 + php/cli-php5.3/ext-active/gettext.ini | 1 + php/cli-php5.3/ext-active/gmp.ini | 1 + php/cli-php5.3/ext-active/http.ini | 1 + php/cli-php5.3/ext-active/imagick.ini | 1 + php/cli-php5.3/ext-active/imap.ini | 1 + php/cli-php5.3/ext-active/intl.ini | 1 + php/cli-php5.3/ext-active/ldap.ini | 1 + php/cli-php5.3/ext-active/mailparse.ini | 1 + php/cli-php5.3/ext-active/mbstring.ini | 1 + php/cli-php5.3/ext-active/mcrypt.ini | 1 + php/cli-php5.3/ext-active/mysql.ini | 1 + php/cli-php5.3/ext-active/mysqli.ini | 1 + php/cli-php5.3/ext-active/odbc.ini | 1 + php/cli-php5.3/ext-active/pcntl.ini | 1 + php/cli-php5.3/ext-active/pspell.ini | 1 + php/cli-php5.3/ext-active/snmp.ini | 1 + php/cli-php5.3/ext-active/soap.ini | 1 + php/cli-php5.3/ext-active/sockets.ini | 1 + php/cli-php5.3/ext-active/sysvmsg.ini | 1 + php/cli-php5.3/ext-active/sysvsem.ini | 1 + php/cli-php5.3/ext-active/sysvshm.ini | 1 + php/cli-php5.3/ext-active/tidy.ini | 1 + php/cli-php5.3/ext-active/wddx.ini | 1 + php/cli-php5.3/ext-active/xmlrpc.ini | 1 + php/cli-php5.3/ext-active/xsl.ini | 1 + php/cli-php5.3/ext-active/zip.ini | 1 + php/cli-php5.3/ext-active/zlib.ini | 1 + php/cli-php5.3/ext/apc.ini | 26 + php/cli-php5.3/ext/bcmath.ini | 1 + php/cli-php5.3/ext/bz2.ini | 1 + php/cli-php5.3/ext/calendar.ini | 1 + php/cli-php5.3/ext/crack.ini | 1 + php/cli-php5.3/ext/curl.ini | 1 + php/cli-php5.3/ext/dba.ini | 1 + php/cli-php5.3/ext/enchant.ini | 1 + php/cli-php5.3/ext/exif.ini | 1 + php/cli-php5.3/ext/ftp.ini | 1 + php/cli-php5.3/ext/gd.ini | 1 + php/cli-php5.3/ext/gettext.ini | 1 + php/cli-php5.3/ext/gmp.ini | 1 + php/cli-php5.3/ext/http.ini | 22 + php/cli-php5.3/ext/imagick.ini | 1 + php/cli-php5.3/ext/imap.ini | 1 + php/cli-php5.3/ext/intl.ini | 1 + php/cli-php5.3/ext/ldap.ini | 1 + php/cli-php5.3/ext/mailparse.ini | 1 + php/cli-php5.3/ext/mbstring.ini | 1 + php/cli-php5.3/ext/mcrypt.ini | 1 + php/cli-php5.3/ext/mysql.ini | 1 + php/cli-php5.3/ext/mysqli.ini | 1 + php/cli-php5.3/ext/odbc.ini | 1 + php/cli-php5.3/ext/pcntl.ini | 1 + php/cli-php5.3/ext/pspell.ini | 1 + php/cli-php5.3/ext/snmp.ini | 1 + php/cli-php5.3/ext/soap.ini | 1 + php/cli-php5.3/ext/sockets.ini | 1 + php/cli-php5.3/ext/sysvmsg.ini | 1 + php/cli-php5.3/ext/sysvsem.ini | 1 + php/cli-php5.3/ext/sysvshm.ini | 1 + php/cli-php5.3/ext/tidy.ini | 1 + php/cli-php5.3/ext/wddx.ini | 1 + php/cli-php5.3/ext/xmlrpc.ini | 1 + php/cli-php5.3/ext/xsl.ini | 1 + php/cli-php5.3/ext/zip.ini | 1 + php/cli-php5.3/ext/zlib.ini | 1 + php/cli-php5.3/php.ini | 1897 ++++++ php/cli-php5.3/php.ini.orig | 1890 ++++++ php/cli-php5/.rcs/php.ini,v | 2644 ++++++++ php/cli-php5/.rcs/php.ini.orig,v | 1923 ++++++ php/cli-php5/php.ini | 1900 ++++++ php/cli-php5/php.ini.orig | 1899 ++++++ php/embed-php5.3/ext-active/bcmath.ini | 1 + php/embed-php5.3/ext-active/bz2.ini | 1 + php/embed-php5.3/ext-active/calendar.ini | 1 + php/embed-php5.3/ext-active/curl.ini | 1 + php/embed-php5.3/ext-active/dba.ini | 1 + php/embed-php5.3/ext-active/enchant.ini | 1 + php/embed-php5.3/ext-active/exif.ini | 1 + php/embed-php5.3/ext-active/ftp.ini | 1 + php/embed-php5.3/ext-active/gd.ini | 1 + php/embed-php5.3/ext-active/gettext.ini | 1 + php/embed-php5.3/ext-active/gmp.ini | 1 + php/embed-php5.3/ext-active/imap.ini | 1 + php/embed-php5.3/ext-active/intl.ini | 1 + php/embed-php5.3/ext-active/ldap.ini | 1 + php/embed-php5.3/ext-active/mbstring.ini | 1 + php/embed-php5.3/ext-active/mcrypt.ini | 1 + php/embed-php5.3/ext-active/mysql.ini | 1 + php/embed-php5.3/ext-active/mysqli.ini | 1 + php/embed-php5.3/ext-active/odbc.ini | 1 + php/embed-php5.3/ext-active/pcntl.ini | 1 + php/embed-php5.3/ext-active/pspell.ini | 1 + php/embed-php5.3/ext-active/snmp.ini | 1 + php/embed-php5.3/ext-active/soap.ini | 1 + php/embed-php5.3/ext-active/sockets.ini | 1 + php/embed-php5.3/ext-active/sysvmsg.ini | 1 + php/embed-php5.3/ext-active/sysvsem.ini | 1 + php/embed-php5.3/ext-active/sysvshm.ini | 1 + php/embed-php5.3/ext-active/tidy.ini | 1 + php/embed-php5.3/ext-active/wddx.ini | 1 + php/embed-php5.3/ext-active/xmlrpc.ini | 1 + php/embed-php5.3/ext-active/xsl.ini | 1 + php/embed-php5.3/ext-active/zip.ini | 1 + php/embed-php5.3/ext-active/zlib.ini | 1 + php/embed-php5.3/ext/bcmath.ini | 1 + php/embed-php5.3/ext/bz2.ini | 1 + php/embed-php5.3/ext/calendar.ini | 1 + php/embed-php5.3/ext/curl.ini | 1 + php/embed-php5.3/ext/dba.ini | 1 + php/embed-php5.3/ext/enchant.ini | 1 + php/embed-php5.3/ext/exif.ini | 1 + php/embed-php5.3/ext/ftp.ini | 1 + php/embed-php5.3/ext/gd.ini | 1 + php/embed-php5.3/ext/gettext.ini | 1 + php/embed-php5.3/ext/gmp.ini | 1 + php/embed-php5.3/ext/imap.ini | 1 + php/embed-php5.3/ext/intl.ini | 1 + php/embed-php5.3/ext/ldap.ini | 1 + php/embed-php5.3/ext/mbstring.ini | 1 + php/embed-php5.3/ext/mcrypt.ini | 1 + php/embed-php5.3/ext/mysql.ini | 1 + php/embed-php5.3/ext/mysqli.ini | 1 + php/embed-php5.3/ext/odbc.ini | 1 + php/embed-php5.3/ext/pcntl.ini | 1 + php/embed-php5.3/ext/pspell.ini | 1 + php/embed-php5.3/ext/snmp.ini | 1 + php/embed-php5.3/ext/soap.ini | 1 + php/embed-php5.3/ext/sockets.ini | 1 + php/embed-php5.3/ext/sysvmsg.ini | 1 + php/embed-php5.3/ext/sysvsem.ini | 1 + php/embed-php5.3/ext/sysvshm.ini | 1 + php/embed-php5.3/ext/tidy.ini | 1 + php/embed-php5.3/ext/wddx.ini | 1 + php/embed-php5.3/ext/xmlrpc.ini | 1 + php/embed-php5.3/ext/xsl.ini | 1 + php/embed-php5.3/ext/zip.ini | 1 + php/embed-php5.3/ext/zlib.ini | 1 + php/embed-php5.3/php.ini | 1894 ++++++ php/fpm-php5.3/ext-active/apc.ini | 1 + php/fpm-php5.3/ext-active/bcmath.ini | 1 + php/fpm-php5.3/ext-active/bz2.ini | 1 + php/fpm-php5.3/ext-active/calendar.ini | 1 + php/fpm-php5.3/ext-active/crack.ini | 1 + php/fpm-php5.3/ext-active/curl.ini | 1 + php/fpm-php5.3/ext-active/dba.ini | 1 + php/fpm-php5.3/ext-active/enchant.ini | 1 + php/fpm-php5.3/ext-active/exif.ini | 1 + php/fpm-php5.3/ext-active/ftp.ini | 1 + php/fpm-php5.3/ext-active/gd.ini | 1 + php/fpm-php5.3/ext-active/gettext.ini | 1 + php/fpm-php5.3/ext-active/gmp.ini | 1 + php/fpm-php5.3/ext-active/http.ini | 1 + php/fpm-php5.3/ext-active/imagick.ini | 1 + php/fpm-php5.3/ext-active/imap.ini | 1 + php/fpm-php5.3/ext-active/intl.ini | 1 + php/fpm-php5.3/ext-active/ldap.ini | 1 + php/fpm-php5.3/ext-active/mailparse.ini | 1 + php/fpm-php5.3/ext-active/mbstring.ini | 1 + php/fpm-php5.3/ext-active/mcrypt.ini | 1 + php/fpm-php5.3/ext-active/mysql.ini | 1 + php/fpm-php5.3/ext-active/mysqli.ini | 1 + php/fpm-php5.3/ext-active/odbc.ini | 1 + php/fpm-php5.3/ext-active/pcntl.ini | 1 + php/fpm-php5.3/ext-active/pspell.ini | 1 + php/fpm-php5.3/ext-active/snmp.ini | 1 + php/fpm-php5.3/ext-active/soap.ini | 1 + php/fpm-php5.3/ext-active/sockets.ini | 1 + php/fpm-php5.3/ext-active/sysvmsg.ini | 1 + php/fpm-php5.3/ext-active/sysvsem.ini | 1 + php/fpm-php5.3/ext-active/sysvshm.ini | 1 + php/fpm-php5.3/ext-active/tidy.ini | 1 + php/fpm-php5.3/ext-active/wddx.ini | 1 + php/fpm-php5.3/ext-active/xmlrpc.ini | 1 + php/fpm-php5.3/ext-active/xsl.ini | 1 + php/fpm-php5.3/ext-active/zip.ini | 1 + php/fpm-php5.3/ext-active/zlib.ini | 1 + php/fpm-php5.3/ext/apc.ini | 26 + php/fpm-php5.3/ext/bcmath.ini | 1 + php/fpm-php5.3/ext/bz2.ini | 1 + php/fpm-php5.3/ext/calendar.ini | 1 + php/fpm-php5.3/ext/crack.ini | 1 + php/fpm-php5.3/ext/curl.ini | 1 + php/fpm-php5.3/ext/dba.ini | 1 + php/fpm-php5.3/ext/enchant.ini | 1 + php/fpm-php5.3/ext/exif.ini | 1 + php/fpm-php5.3/ext/ftp.ini | 1 + php/fpm-php5.3/ext/gd.ini | 1 + php/fpm-php5.3/ext/gettext.ini | 1 + php/fpm-php5.3/ext/gmp.ini | 1 + php/fpm-php5.3/ext/http.ini | 22 + php/fpm-php5.3/ext/imagick.ini | 1 + php/fpm-php5.3/ext/imap.ini | 1 + php/fpm-php5.3/ext/intl.ini | 1 + php/fpm-php5.3/ext/ldap.ini | 1 + php/fpm-php5.3/ext/mailparse.ini | 1 + php/fpm-php5.3/ext/mbstring.ini | 1 + php/fpm-php5.3/ext/mcrypt.ini | 1 + php/fpm-php5.3/ext/mysql.ini | 1 + php/fpm-php5.3/ext/mysqli.ini | 1 + php/fpm-php5.3/ext/odbc.ini | 1 + php/fpm-php5.3/ext/pcntl.ini | 1 + php/fpm-php5.3/ext/pspell.ini | 1 + php/fpm-php5.3/ext/snmp.ini | 1 + php/fpm-php5.3/ext/soap.ini | 1 + php/fpm-php5.3/ext/sockets.ini | 1 + php/fpm-php5.3/ext/sysvmsg.ini | 1 + php/fpm-php5.3/ext/sysvsem.ini | 1 + php/fpm-php5.3/ext/sysvshm.ini | 1 + php/fpm-php5.3/ext/tidy.ini | 1 + php/fpm-php5.3/ext/wddx.ini | 1 + php/fpm-php5.3/ext/xmlrpc.ini | 1 + php/fpm-php5.3/ext/xsl.ini | 1 + php/fpm-php5.3/ext/zip.ini | 1 + php/fpm-php5.3/ext/zlib.ini | 1 + php/fpm-php5.3/php-fpm.conf | 311 + php/fpm-php5.3/php.ini | 1894 ++++++ postfix/.orig/main.cf | 652 ++ postfix/.orig/master.cf | 115 + postfix/.orig/postgrey_whitelist_clients | 194 + postfix/.orig/postgrey_whitelist_recipients | 7 + postfix/.orig/saslpass | 3 + postfix/.rcs/access_client,v | 448 ++ postfix/.rcs/access_helo,v | 448 ++ postfix/.rcs/access_recipient,v | 466 ++ postfix/.rcs/access_sender,v | 449 ++ postfix/.rcs/body_checks,v | 653 ++ postfix/.rcs/generic,v | 28 + postfix/.rcs/header_checks,v | 353 + postfix/.rcs/main.cf,v | 887 +++ postfix/.rcs/master.cf,v | 207 + postfix/.rcs/master.cf.orig,v | 139 + postfix/.rcs/mysql-aliases.cf,v | 31 + postfix/.rcs/mysql-canonical.cf,v | 31 + postfix/.rcs/mysql-mydomains.cf,v | 31 + postfix/.rcs/mysql-recipient_bcc.cf,v | 31 + postfix/.rcs/mysql-relay-domains.cf,v | 31 + postfix/.rcs/mysql-relocated.cf,v | 31 + postfix/.rcs/mysql-sender_bcc.cf,v | 31 + postfix/.rcs/mysql-virtual-alias-domains.cf,v | 31 + .../.rcs/mysql-virtual-mailbox-domains.cf,v | 31 + postfix/.rcs/mysql-virtual-maps.cf,v | 31 + postfix/.rcs/mysql-virtual.cf,v | 31 + postfix/.rcs/postfix.pem,v | 61 + postfix/.rcs/postgrey_whitelist_clients,v | 218 + postfix/.rcs/postgrey_whitelist_recipients,v | 31 + postfix/.rcs/relay_clientcerts,v | 26 + postfix/.rcs/saslpass,v | 27 + postfix/.rcs/transport,v | 52 + postfix/body_checks | 680 ++ postfix/body_checks.2008-10-01_16:37:41 | 629 ++ postfix/body_checks.2011-04-05_15:44:59 | 657 ++ postfix/body_checks.2011-06-08_23:08:02 | 656 ++ postfix/body_checks.2011-06-20_16:43:35 | 657 ++ postfix/body_checks.2011-06-21_14:50:01 | 658 ++ postfix/body_checks.2011-06-27_15:26:45 | 660 ++ postfix/body_checks.2011-06-30_10:29:18 | 660 ++ postfix/body_checks.2011-07-18_10:17:44 | 662 ++ postfix/body_checks.2011-07-25_15:24:08 | 663 ++ postfix/body_checks.2011-07-28_10:10:53 | 664 ++ postfix/body_checks.2011-08-05_17:45:51 | 665 ++ postfix/body_checks.2011-08-08_14:49:21 | 667 ++ postfix/body_checks.2011-08-16_14:28:42 | 668 ++ postfix/body_checks.2011-09-02_10:39:04 | 669 ++ postfix/body_checks.2011-09-16_14:28:54 | 671 ++ postfix/body_checks.2011-09-20_11:27:23 | 672 ++ postfix/body_checks.2011-09-29_14:37:17 | 673 ++ postfix/body_checks.2011-10-18_08:55:16 | 674 ++ postfix/body_checks.2011-10-26_08:37:52 | 675 ++ postfix/body_checks.2011-10-28_17:45:27 | 677 ++ postfix/body_checks.2011-11-23_16:31:49 | 679 ++ postfix/bounce-templates/README | 120 + postfix/bounce-templates/bounce.cf.default | 112 + postfix/bounce-templates/bounce.de-DE.cf | 213 + postfix/bounce-templates/images/note.png | Bin 0 -> 490 bytes postfix/bounce-templates/index.html | 39 + postfix/bounce-templates/index.xml | 154 + postfix/bounce-templates/screen.css | 163 + postfix/get-checks-from-postfixbuch.sh | 53 + postfix/header_checks | 367 ++ postfix/header_checks.2008-09-12_12:52:55 | 329 + postfix/header_checks.2011-05-30_10:34:08 | 343 + postfix/header_checks.2011-06-08_23:08:14 | 343 + postfix/header_checks.2011-06-30_15:47:30 | 345 + postfix/header_checks.2011-07-06_12:41:42 | 348 + postfix/header_checks.2011-07-24_08:32:55 | 349 + postfix/header_checks.2011-08-18_13:18:57 | 349 + postfix/header_checks.2011-08-26_11:28:47 | 350 + postfix/header_checks.2011-08-29_13:39:31 | 351 + postfix/header_checks.2011-09-08_13:34:03 | 352 + postfix/header_checks.2011-09-16_12:04:56 | 354 + postfix/header_checks.2011-09-19_16:05:00 | 354 + postfix/header_checks.2011-09-25_11:26:07 | 357 ++ postfix/header_checks.2011-10-18_08:54:36 | 359 ++ postfix/header_checks.2011-10-28_17:54:06 | 362 ++ postfix/header_checks.2011-11-07_17:57:32 | 364 ++ postfix/header_checks.2011-11-08_11:48:39 | 365 ++ postfix/header_checks.2011-11-23_14:21:49 | 366 ++ postfix/main.cf | 736 +++ postfix/maps/.rcs/access_client,v | 448 ++ postfix/maps/.rcs/access_helo,v | 448 ++ postfix/maps/.rcs/access_recipient,v | 466 ++ postfix/maps/.rcs/access_sender,v | 449 ++ postfix/maps/.rcs/aliases,v | 76 + postfix/maps/.rcs/body_checks,v | 653 ++ postfix/maps/.rcs/canonical,v | 35 + postfix/maps/.rcs/generic,v | 28 + postfix/maps/.rcs/header_checks,v | 353 + postfix/maps/.rcs/mydomains,v | 52 + postfix/maps/.rcs/recipient_bcc,v | 35 + postfix/maps/.rcs/relay_clientcerts,v | 26 + postfix/maps/.rcs/relay_domains,v | 35 + postfix/maps/.rcs/relocated,v | 35 + postfix/maps/.rcs/sender_bcc,v | 35 + postfix/maps/.rcs/transport,v | 52 + postfix/maps/.rcs/virtual_alias_domains,v | 35 + postfix/maps/.rcs/virtual_alias_maps,v | 41 + postfix/maps/.rcs/virtual_mailbox_domains,v | 37 + postfix/maps/.rcs/virtual_mailbox_maps,v | 37 + postfix/maps/access_client | 424 ++ postfix/maps/access_helo | 424 ++ postfix/maps/access_helo.db | Bin 0 -> 12288 bytes postfix/maps/access_recipient | 428 ++ postfix/maps/access_recipient.db | Bin 0 -> 12288 bytes postfix/maps/access_sender | 425 ++ postfix/maps/access_sender.db | Bin 0 -> 12288 bytes postfix/maps/aliases | 52 + postfix/maps/aliases.db | Bin 0 -> 12288 bytes postfix/maps/body_checks | 629 ++ postfix/maps/canonical | 11 + postfix/maps/canonical.db | Bin 0 -> 12288 bytes postfix/maps/generic | 4 + postfix/maps/generic.db | Bin 0 -> 12288 bytes postfix/maps/header_checks | 329 + postfix/maps/mydomains | 28 + postfix/maps/mydomains.db | Bin 0 -> 12288 bytes postfix/maps/recipient_bcc | 11 + postfix/maps/recipient_bcc.db | Bin 0 -> 12288 bytes postfix/maps/relay_clientcerts | 2 + postfix/maps/relay_clientcerts.db | Bin 0 -> 12288 bytes postfix/maps/relay_domains | 11 + postfix/maps/relay_domains.db | Bin 0 -> 12288 bytes postfix/maps/relocated | 11 + postfix/maps/relocated.db | Bin 0 -> 12288 bytes postfix/maps/sender_bcc | 11 + postfix/maps/sender_bcc.db | Bin 0 -> 12288 bytes postfix/maps/transport | 28 + postfix/maps/transport.db | Bin 0 -> 12288 bytes postfix/maps/virtual_alias_domains | 11 + postfix/maps/virtual_alias_domains.db | Bin 0 -> 12288 bytes postfix/maps/virtual_alias_maps | 17 + postfix/maps/virtual_alias_maps.db | Bin 0 -> 12288 bytes postfix/maps/virtual_mailbox_domains | 13 + postfix/maps/virtual_mailbox_domains.db | Bin 0 -> 12288 bytes postfix/maps/virtual_mailbox_maps | 13 + postfix/maps/virtual_mailbox_maps.db | Bin 0 -> 12288 bytes postfix/maps/work/aliases | 52 + postfix/maps/work/canonical | 11 + postfix/maps/work/mydomains | 28 + postfix/maps/work/recipient_bcc | 11 + postfix/maps/work/relay_domains | 11 + postfix/maps/work/relocated | 11 + postfix/maps/work/sender_bcc | 11 + postfix/maps/work/virtual_alias_domains | 11 + postfix/maps/work/virtual_alias_maps | 17 + postfix/maps/work/virtual_mailbox_domains | 13 + postfix/maps/work/virtual_mailbox_maps | 13 + postfix/master.cf | 143 + postfix/master.cf.orig | 115 + postfix/old/access_client | 424 ++ postfix/old/access_helo | 424 ++ postfix/old/access_helo.db | Bin 0 -> 12288 bytes postfix/old/access_recipient | 428 ++ postfix/old/access_recipient.db | Bin 0 -> 12288 bytes postfix/old/access_sender | 425 ++ postfix/old/access_sender.db | Bin 0 -> 12288 bytes postfix/old/generic | 4 + postfix/old/generic.db | Bin 0 -> 12288 bytes postfix/old/mysql-aliases.cf | 7 + postfix/old/mysql-canonical.cf | 7 + postfix/old/mysql-mydomains.cf | 7 + postfix/old/mysql-recipient_bcc.cf | 7 + postfix/old/mysql-relay-domains.cf | 7 + postfix/old/mysql-relocated.cf | 7 + postfix/old/mysql-sender_bcc.cf | 7 + postfix/old/mysql-virtual-alias-domains.cf | 7 + postfix/old/mysql-virtual-mailbox-domains.cf | 7 + postfix/old/mysql-virtual-maps.cf | 7 + postfix/old/mysql-virtual.cf | 7 + postfix/old/relay_clientcerts | 2 + postfix/old/relay_clientcerts.db | Bin 0 -> 12288 bytes postfix/old/transport | 28 + postfix/old/transport.db | Bin 0 -> 12288 bytes postfix/postconf/helga.2010-05-31.00 | 643 ++ postfix/postconf/helga.2010-05-31.01 | 643 ++ postfix/postconf/helga.2010-05-31.02 | 643 ++ postfix/postconf/helga.2010-05-31.03 | 643 ++ postfix/postconf/helga.2010-05-31.04 | 643 ++ postfix/postconf/helga.2010-05-31.05 | 643 ++ postfix/postconf/helga.2010-05-31.06 | 643 ++ postfix/postconf/sarah.2010-05-31 | 643 ++ postfix/postfix.pem | 37 + postfix/postgrey_whitelist_clients | 220 + postfix/postgrey_whitelist_recipients | 7 + .../sarah/.old/aliases.2010-05-20_07-06-58 | 56 + .../.old/mysql-aliases.cf.2007-11-27_11-01-59 | 7 + .../mysql-canonical.cf.2007-11-27_13-32-33 | 7 + .../mysql-mydomains.cf.2007-11-27_13-56-42 | 7 + ...mysql-recipient_bcc.cf.2007-11-27_11-00-39 | 7 + ...mysql-relay-domains.cf.2007-11-27_13-59-18 | 7 + .../mysql-relocated.cf.2007-11-27_11-02-09 | 7 + .../mysql-sender_bcc.cf.2007-11-27_11-01-49 | 7 + .../mysql-transport.cf.2007-11-27_11-02-24 | 7 + ...rtual-alias-domains.cf.2007-11-27_13-58-48 | 7 + .../mysql-virtual-gid.cf.2007-11-27_10-57-15 | 7 + ...ual-mailbox-domains.cf.2007-11-27_13-59-42 | 7 + .../mysql-virtual-maps.cf.2007-11-27_10-54-55 | 7 + .../mysql-virtual-uid.cf.2007-11-27_10-57-41 | 7 + .../.old/mysql-virtual.cf.2007-11-27_10-59-04 | 7 + .../.old/post-install.2006-12-08_14-24-16 | 697 ++ .../.old/postfix-files.2006-12-08_14-24-16 | 377 ++ .../.old/postfix.pem.2006-12-08_23-46-30 | 37 + ...grey_whitelist_clients.2008-10-16_22-21-38 | 180 + ...y_whitelist_recipients.2008-10-16_22-21-38 | 7 + .../relay_clientcerts.2008-10-19_21-10-22 | 2 + .../sarah/.old/saslpass.2008-09-08_10-26-51 | 3 + .../sarah/.old/virtual.2010-05-20_07-06-58 | 24 + postfix/sarah/access_client | 424 ++ postfix/sarah/access_client,v | 448 ++ postfix/sarah/access_helo | 424 ++ postfix/sarah/access_helo,v | 448 ++ postfix/sarah/access_helo.db | Bin 0 -> 12288 bytes postfix/sarah/access_recipient | 424 ++ postfix/sarah/access_recipient,v | 448 ++ postfix/sarah/access_recipient.db | Bin 0 -> 12288 bytes postfix/sarah/access_sender | 425 ++ postfix/sarah/access_sender,v | 463 ++ postfix/sarah/access_sender.db | Bin 0 -> 12288 bytes postfix/sarah/aliases | 56 + postfix/sarah/aliases.db | Bin 0 -> 12288 bytes postfix/sarah/body_checks | 629 ++ postfix/sarah/body_checks,v | 653 ++ postfix/sarah/bounce-templates/.svn/entries | 235 + postfix/sarah/bounce-templates/.svn/format | 1 + .../.svn/prop-base/bounce.cf.default.svn-base | 9 + .../.svn/prop-base/bounce.de-DE.cf.svn-base | 9 + .../.svn/prop-base/index.html.svn-base | 5 + .../.svn/prop-base/index.xml.svn-base | 5 + .../.svn/prop-base/screen.css.svn-base | 5 + .../.svn/text-base/README.svn-base | 120 + .../.svn/text-base/bounce.cf.default.svn-base | 112 + .../.svn/text-base/bounce.de-DE.cf.svn-base | 213 + .../.svn/text-base/index.html.svn-base | 39 + .../.svn/text-base/index.xml.svn-base | 154 + .../.svn/text-base/screen.css.svn-base | 163 + postfix/sarah/bounce-templates/README | 120 + .../sarah/bounce-templates/bounce.cf.default | 112 + .../sarah/bounce-templates/bounce.de-DE.cf | 213 + .../bounce-templates/images/.svn/entries | 62 + .../sarah/bounce-templates/images/.svn/format | 1 + .../images/.svn/prop-base/note.png.svn-base | 5 + .../images/.svn/text-base/note.png.svn-base | Bin 0 -> 490 bytes .../sarah/bounce-templates/images/note.png | Bin 0 -> 490 bytes postfix/sarah/bounce-templates/index.html | 39 + postfix/sarah/bounce-templates/index.xml | 154 + postfix/sarah/bounce-templates/screen.css | 163 + postfix/sarah/generic | 4 + postfix/sarah/generic,v | 28 + postfix/sarah/generic.db | Bin 0 -> 12288 bytes postfix/sarah/get-lookup-tables.conf | 74 + .../greylist/.old/gr.cf.2008-04-01_09-27-01 | 39 + .../greylist/.old/gr.pl.2008-04-01_09-26-55 | 318 + .../.old/greylist.cf.2006-12-13_10-56-05 | 39 + .../.old/greylist.cf.2008-04-01_09-42-56 | 40 + .../.old/greylist.pl.2006-12-13_10-54-14 | 318 + .../.old/greylist.pl.2008-04-01_11-14-48 | 453 ++ postfix/sarah/greylist/.svn/all-wcprops | 35 + postfix/sarah/greylist/.svn/entries | 93 + postfix/sarah/greylist/.svn/format | 1 + .../.svn/prop-base/clear-greylist.pl.svn-base | 13 + .../prop-base/greylist-test.0.txt.svn-base | 9 + .../prop-base/greylist-test.1.txt.svn-base | 9 + .../.svn/prop-base/greylist.cf.svn-base | 9 + .../.svn/prop-base/greylist.pl.svn-base | 13 + .../.svn/text-base/clear-greylist.pl.svn-base | 240 + .../text-base/greylist-test.0.txt.svn-base | 15 + .../text-base/greylist-test.1.txt.svn-base | 24 + .../.svn/text-base/greylist.cf.svn-base | 40 + .../.svn/text-base/greylist.pl.svn-base | 452 ++ postfix/sarah/greylist/clear-greylist.pl | 240 + postfix/sarah/greylist/greylist-test.0.txt | 15 + postfix/sarah/greylist/greylist-test.1.txt | 24 + postfix/sarah/greylist/greylist.cf | 43 + postfix/sarah/greylist/greylist.pl | 452 ++ postfix/sarah/header_checks | 329 + postfix/sarah/header_checks,v | 353 + postfix/sarah/main.cf | 791 +++ postfix/sarah/main.cf,v | 1059 +++ postfix/sarah/make-virtual.sh | 4 + postfix/sarah/master.cf | 134 + postfix/sarah/master.cf,v | 393 ++ postfix/sarah/mydomain | 17 + postfix/sarah/mydomain,v | 41 + postfix/sarah/mysql-aliases.cf | 7 + postfix/sarah/mysql-canonical.cf | 7 + postfix/sarah/mysql-mydomains.cf | 7 + postfix/sarah/mysql-recipient_bcc.cf | 7 + postfix/sarah/mysql-relay-domains.cf | 7 + postfix/sarah/mysql-relocated.cf | 7 + postfix/sarah/mysql-sender_bcc.cf | 7 + postfix/sarah/mysql-transport.cf | 7 + postfix/sarah/mysql-virtual-alias-domains.cf | 7 + postfix/sarah/mysql-virtual-gid.cf | 7 + .../sarah/mysql-virtual-mailbox-domains.cf | 7 + postfix/sarah/mysql-virtual-maps.cf | 7 + postfix/sarah/mysql-virtual-uid.cf | 7 + postfix/sarah/mysql-virtual.cf | 7 + postfix/sarah/postconf.current | 544 ++ postfix/sarah/postconf.new | 544 ++ postfix/sarah/postconf.new1 | 643 ++ postfix/sarah/postfix.pem | 37 + postfix/sarah/postgrey_whitelist_clients | 194 + postfix/sarah/postgrey_whitelist_recipients | 7 + postfix/sarah/prng_exch | Bin 0 -> 1024 bytes postfix/sarah/relay_clientcerts | 2 + postfix/sarah/relay_clientcerts.db | Bin 0 -> 12288 bytes postfix/sarah/saslpass | 3 + postfix/sarah/tables/aliases | 56 + postfix/sarah/tables/aliases.db | Bin 0 -> 12288 bytes postfix/sarah/tables/virtual | 24 + postfix/sarah/tables/virtual.db | Bin 0 -> 12288 bytes postfix/sarah/transport | 28 + postfix/sarah/transport,v | 52 + postfix/sarah/transport.db | Bin 0 -> 12288 bytes postfix/sarah/virtual | 24 + postfix/sarah/virtual,v | 68 + postfix/sarah/virtual.db | Bin 0 -> 12288 bytes postfix/sarah/work/aliases | 56 + postfix/sarah/work/virtual | 24 + postfix/saslpass | 3 + profile.d/bash-completion.sh | 52 + profile.d/java-config-2.csh | 22 + profile.d/java-config-2.sh | 34 + proftpd/blacklist.dat | Bin 0 -> 1310700 bytes proftpd/dhparams.pem | 135 + proftpd/proftpd.conf.sample | 53 + reoback/.rcs/files.conf,v | 189 + reoback/.rcs/settings.conf,v | 135 + reoback/files.conf | 115 + reoback/settings.conf | 74 + revdep-rebuild/55-nagios-plugins-snmp-revdep | 1 + revdep-rebuild/60-java | 9 + revdep-rebuild/61-icedtea6-bin | 1 + revdep-rebuild/99revdep-rebuild | 21 + runlevels/boot/bootmisc | 1 + runlevels/boot/consolefont | 1 + runlevels/boot/device-mapper | 1 + runlevels/boot/fsck | 1 + runlevels/boot/hostname | 1 + runlevels/boot/hwclock | 1 + runlevels/boot/keymaps | 1 + runlevels/boot/localmount | 1 + runlevels/boot/lvm | 1 + runlevels/boot/modules | 1 + runlevels/boot/mtab | 1 + runlevels/boot/net.lo | 1 + runlevels/boot/procfs | 1 + runlevels/boot/root | 1 + runlevels/boot/swap | 1 + runlevels/boot/sysctl | 1 + runlevels/boot/termencoding | 1 + runlevels/boot/urandom | 1 + runlevels/default/amavisd | 1 + runlevels/default/apache2 | 1 + runlevels/default/atd | 1 + runlevels/default/books-prod-fcgi | 1 + runlevels/default/clamd | 1 + runlevels/default/courier-authlib | 1 + runlevels/default/courier-imapd | 1 + runlevels/default/courier-imapd-ssl | 1 + runlevels/default/courier-pop3d | 1 + runlevels/default/courier-pop3d-ssl | 1 + runlevels/default/git-daemon | 1 + runlevels/default/ip6tables | 1 + runlevels/default/iptables | 1 + runlevels/default/lm_sensors | 1 + runlevels/default/local | 1 + runlevels/default/mdadm | 1 + runlevels/default/mysql | 1 + runlevels/default/named | 1 + runlevels/default/net.eth0 | 1 + runlevels/default/netmount | 1 + runlevels/default/ntp-client | 1 + runlevels/default/ntpd | 1 + runlevels/default/policyd-weight | 1 + runlevels/default/postfix | 1 + runlevels/default/postgrey | 1 + runlevels/default/quota | 1 + runlevels/default/saslauthd | 1 + runlevels/default/slapd | 1 + runlevels/default/smartd | 1 + runlevels/default/spamd | 1 + runlevels/default/sshd | 1 + runlevels/default/syslog-ng | 1 + runlevels/default/udev-postmount | 1 + runlevels/default/ulogd | 1 + runlevels/default/vixie-cron | 1 + runlevels/nonetwork/local | 1 + runlevels/shutdown/killprocs | 1 + runlevels/shutdown/mount-ro | 1 + runlevels/shutdown/savecache | 1 + runlevels/sysinit/devfs | 1 + runlevels/sysinit/dmesg | 1 + runlevels/sysinit/udev | 1 + samba/lmhosts | 2 + samba/smb.conf.default | 274 + samba/smbusers | 7 + sandbox.d/00default | 20 + sandbox.d/10openssl | 1 + sandbox.d/37fontconfig | 1 + sasl2/.rcs/smtpd.conf,v | 63 + sasl2/sasldb2 | Bin 0 -> 12313 bytes sasl2/smtpd.conf | 4 + security/access.conf | 122 + security/capability.conf | 45 + security/group.conf | 106 + security/limits.conf | 50 + security/namespace.conf | 28 + security/namespace.init | 25 + security/pam_env.conf | 73 + security/time.conf | 65 + security/users.allow | 3 + sgml/catalog | 11 + sgml/dsssl-docbook-stylesheets.cat | 1 + sgml/linuxdoc.cat | 1 + sgml/openjade-1.3.2.cat | 2 + sgml/sgml-docbook-3.0.cat | 2 + sgml/sgml-docbook.cat | 3 + sgml/sgml-ent.cat | 1 + sgml/sgml.conf | 3 + sgml/xml-docbook-4.1.2.cat | 2 + sgml/xml-docbook-4.2.cat | 2 + sgml/xml-docbook-4.3.cat | 2 + sgml/xml-docbook-4.4.cat | 2 + sgml/xml-docbook-4.5.cat | 2 + skel/.bash_logout | 6 + skel/.bash_profile | 5 + skel/.bashrc | 18 + slsh.rc | 51 + snmp/snmpd.conf.example | 408 ++ ssh/moduli | 188 + ssh/ssh_config | 59 + ssh/ssh_host_dsa_key | 12 + ssh/ssh_host_dsa_key.pub | 1 + ssh/ssh_host_ecdsa_key | 5 + ssh/ssh_host_ecdsa_key.pub | 1 + ssh/ssh_host_rsa_key | 27 + ssh/ssh_host_rsa_key.pub | 1 + ssh/sshd_config | 201 + strato/nagios/.svn/dir-prop-base | 7 + strato/nagios/.svn/entries | 309 + strato/nagios/.svn/prop-base/cgi.cfg.svn-base | 9 + .../prop-base/check_msgs_mysql.conf.svn-base | 9 + .../nagios/.svn/prop-base/nagios.cfg.svn-base | 9 + .../nagios/.svn/prop-base/ndo2db.cfg.svn-base | 9 + .../nagios/.svn/prop-base/ndomod.cfg.svn-base | 9 + .../nagios/.svn/prop-base/nrpe.cfg.svn-base | 9 + .../.svn/prop-base/resource.cfg.svn-base | 9 + strato/nagios/.svn/text-base/cgi.cfg.svn-base | 323 + .../text-base/check_msgs_mysql.conf.svn-base | 370 ++ .../.svn/text-base/htpasswd.users.svn-base | 25 + .../nagios/.svn/text-base/nagios.cfg.svn-base | 1309 ++++ .../nagios/.svn/text-base/ndo2db.cfg.svn-base | 170 + .../nagios/.svn/text-base/ndomod.cfg.svn-base | 206 + .../nagios/.svn/text-base/nrpe.cfg.svn-base | 220 + .../.svn/text-base/resource.cfg.svn-base | 40 + strato/nagios/cgi.cfg | 323 + strato/nagios/check_logfiles/.svn/entries | 1524 +++++ .../.svn/prop-base/Adserver01.cfg.svn-base | 9 + .../.svn/prop-base/Affront.cfg.svn-base | 9 + .../.svn/prop-base/Apoc.cfg.svn-base | 9 + .../.svn/prop-base/Blade0.cfg.svn-base | 9 + .../.svn/prop-base/BladeCenter.cfg.svn-base | 9 + .../.svn/prop-base/Emma.cfg.svn-base | 9 + .../.svn/prop-base/Estragon.cfg.svn-base | 9 + .../.svn/prop-base/Freder.cfg.svn-base | 9 + .../.svn/prop-base/Gordon.cfg.svn-base | 9 + .../.svn/prop-base/Grauzone.cfg.svn-base | 9 + .../.svn/prop-base/Groth.cfg.svn-base | 9 + .../.svn/prop-base/Imperia.cfg.svn-base | 9 + .../.svn/prop-base/Jabber.cfg.svn-base | 9 + .../.svn/prop-base/Jani.cfg.svn-base | 9 + .../.svn/prop-base/Joh.cfg.svn-base | 9 + .../.svn/prop-base/Joseph.cfg.svn-base | 9 + .../.svn/prop-base/Kelvin.cfg.svn-base | 9 + .../.svn/prop-base/Kristel.cfg.svn-base | 9 + .../.svn/prop-base/Maria.cfg.svn-base | 9 + .../.svn/prop-base/Metropolis.cfg.svn-base | 9 + .../.svn/prop-base/Mx1.cfg.svn-base | 9 + .../.svn/prop-base/Mx2.cfg.svn-base | 9 + .../.svn/prop-base/Mystratodata2.cfg.svn-base | 9 + .../.svn/prop-base/Na30401.cfg.svn-base | 9 + .../.svn/prop-base/Na30402.cfg.svn-base | 9 + .../.svn/prop-base/Nexus.cfg.svn-base | 9 + .../prop-base/Onlineserver02.cfg.svn-base | 9 + .../prop-base/Onlineserver13.cfg.svn-base | 9 + .../.svn/prop-base/Plexus.cfg.svn-base | 9 + .../.svn/prop-base/Rheya.cfg.svn-base | 9 + .../.svn/prop-base/Rotwang.cfg.svn-base | 9 + .../.svn/prop-base/SD4-KK2.cfg.svn-base | 9 + .../.svn/prop-base/Schufulupiplu.cfg.svn-base | 9 + .../.svn/prop-base/Slim.cfg.svn-base | 9 + .../.svn/prop-base/Sunny1.cfg.svn-base | 9 + .../.svn/prop-base/Sunny2.cfg.svn-base | 9 + .../.svn/prop-base/Sunny3.cfg.svn-base | 9 + .../.svn/prop-base/Sunny4.cfg.svn-base | 9 + .../.svn/prop-base/Tank.cfg.svn-base | 9 + .../.svn/prop-base/Turtur.cfg.svn-base | 9 + .../.svn/prop-base/Vagas.cfg.svn-base | 9 + .../.svn/prop-base/Vagas2.cfg.svn-base | 9 + .../.svn/prop-base/Walter.cfg.svn-base | 9 + .../.svn/prop-base/Wutschel.cfg.svn-base | 9 + .../.svn/text-base/Adserver01.cfg.svn-base | 90 + .../.svn/text-base/Affront.cfg.svn-base | 93 + .../.svn/text-base/Apoc.cfg.svn-base | 93 + .../.svn/text-base/Blade0.cfg.svn-base | 95 + .../.svn/text-base/BladeCenter.cfg.svn-base | 119 + .../.svn/text-base/Emma.cfg.svn-base | 104 + .../.svn/text-base/Estragon.cfg.svn-base | 90 + .../.svn/text-base/Freder.cfg.svn-base | 90 + .../.svn/text-base/Gordon.cfg.svn-base | 100 + .../.svn/text-base/Grauzone.cfg.svn-base | 93 + .../.svn/text-base/Groth.cfg.svn-base | 90 + .../.svn/text-base/Imperia.cfg.svn-base | 90 + .../.svn/text-base/Jabber.cfg.svn-base | 90 + .../.svn/text-base/Jani.cfg.svn-base | 90 + .../.svn/text-base/Joh.cfg.svn-base | 90 + .../.svn/text-base/Joseph.cfg.svn-base | 100 + .../.svn/text-base/Kelvin.cfg.svn-base | 90 + .../.svn/text-base/Kristel.cfg.svn-base | 90 + .../.svn/text-base/Maria.cfg.svn-base | 96 + .../.svn/text-base/Metropolis.cfg.svn-base | 90 + .../.svn/text-base/Mx1.cfg.svn-base | 90 + .../.svn/text-base/Mx2.cfg.svn-base | 90 + .../.svn/text-base/Mystratodata2.cfg.svn-base | 90 + .../.svn/text-base/Na30401.cfg.svn-base | 171 + .../.svn/text-base/Na30402.cfg.svn-base | 171 + .../.svn/text-base/Nexus.cfg.svn-base | 90 + .../text-base/Onlineserver02.cfg.svn-base | 93 + .../text-base/Onlineserver13.cfg.svn-base | 109 + .../.svn/text-base/Plexus.cfg.svn-base | 112 + .../.svn/text-base/Rheya.cfg.svn-base | 93 + .../.svn/text-base/Rotwang.cfg.svn-base | 90 + .../.svn/text-base/SD4-KK2.cfg.svn-base | 90 + .../.svn/text-base/Schufulupiplu.cfg.svn-base | 90 + .../.svn/text-base/Slim.cfg.svn-base | 90 + .../.svn/text-base/Sunny1.cfg.svn-base | 148 + .../.svn/text-base/Sunny2.cfg.svn-base | 148 + .../.svn/text-base/Sunny3.cfg.svn-base | 148 + .../.svn/text-base/Sunny4.cfg.svn-base | 154 + .../.svn/text-base/Tank.cfg.svn-base | 93 + .../.svn/text-base/Turtur.cfg.svn-base | 98 + .../.svn/text-base/Vagas.cfg.svn-base | 102 + .../.svn/text-base/Vagas2.cfg.svn-base | 102 + .../.svn/text-base/Walter.cfg.svn-base | 93 + .../.svn/text-base/Wutschel.cfg.svn-base | 98 + strato/nagios/check_logfiles/Adserver01.cfg | 90 + strato/nagios/check_logfiles/Affront.cfg | 93 + strato/nagios/check_logfiles/Apoc.cfg | 93 + strato/nagios/check_logfiles/Blade0.cfg | 95 + strato/nagios/check_logfiles/BladeCenter.cfg | 119 + strato/nagios/check_logfiles/Emma.cfg | 104 + strato/nagios/check_logfiles/Estragon.cfg | 90 + strato/nagios/check_logfiles/Freder.cfg | 90 + strato/nagios/check_logfiles/Gordon.cfg | 100 + strato/nagios/check_logfiles/Grauzone.cfg | 93 + strato/nagios/check_logfiles/Groth.cfg | 90 + strato/nagios/check_logfiles/Imperia.cfg | 90 + strato/nagios/check_logfiles/Jabber.cfg | 90 + strato/nagios/check_logfiles/Jani.cfg | 90 + strato/nagios/check_logfiles/Joh.cfg | 90 + strato/nagios/check_logfiles/Joseph.cfg | 100 + strato/nagios/check_logfiles/Kelvin.cfg | 90 + strato/nagios/check_logfiles/Kristel.cfg | 90 + strato/nagios/check_logfiles/Maria.cfg | 96 + strato/nagios/check_logfiles/Metropolis.cfg | 90 + strato/nagios/check_logfiles/Mx1.cfg | 90 + strato/nagios/check_logfiles/Mx2.cfg | 90 + .../nagios/check_logfiles/Mystratodata2.cfg | 90 + strato/nagios/check_logfiles/Na30401.cfg | 171 + strato/nagios/check_logfiles/Na30402.cfg | 171 + strato/nagios/check_logfiles/Nexus.cfg | 90 + .../nagios/check_logfiles/Onlineserver02.cfg | 93 + .../nagios/check_logfiles/Onlineserver13.cfg | 109 + strato/nagios/check_logfiles/Plexus.cfg | 112 + strato/nagios/check_logfiles/Rheya.cfg | 93 + strato/nagios/check_logfiles/Rotwang.cfg | 90 + strato/nagios/check_logfiles/SD4-KK2.cfg | 90 + .../nagios/check_logfiles/Schufulupiplu.cfg | 90 + strato/nagios/check_logfiles/Slim.cfg | 90 + strato/nagios/check_logfiles/Sunny1.cfg | 148 + strato/nagios/check_logfiles/Sunny2.cfg | 148 + strato/nagios/check_logfiles/Sunny3.cfg | 148 + strato/nagios/check_logfiles/Sunny4.cfg | 154 + strato/nagios/check_logfiles/Tank.cfg | 93 + strato/nagios/check_logfiles/Turtur.cfg | 98 + strato/nagios/check_logfiles/Vagas.cfg | 102 + strato/nagios/check_logfiles/Vagas2.cfg | 102 + strato/nagios/check_logfiles/Walter.cfg | 93 + strato/nagios/check_logfiles/Wutschel.cfg | 98 + strato/nagios/check_msgs_mysql.conf | 370 ++ strato/nagios/htpasswd.users | 25 + strato/nagios/nagios.cfg | 1309 ++++ strato/nagios/ndo2db.cfg | 170 + strato/nagios/ndomod.cfg | 206 + strato/nagios/nrpe.cfg | 220 + strato/nagios/objects/.svn/dir-prop-base | 9 + strato/nagios/objects/.svn/entries | 695 ++ .../.svn/prop-base/commands-app.cfg.svn-base | 9 + .../.svn/prop-base/commands-esx.cfg.svn-base | 9 + .../.svn/prop-base/commands-f5.cfg.svn-base | 9 + .../.svn/prop-base/commands-ipmi.cfg.svn-base | 9 + .../prop-base/commands-netapp.cfg.svn-base | 9 + .../prop-base/commands-notify.cfg.svn-base | 9 + .../.svn/prop-base/commands-nrpe.cfg.svn-base | 9 + .../prop-base/commands-oracle.cfg.svn-base | 9 + .../prop-base/commands-perfdata.cfg.svn-base | 9 + .../.svn/prop-base/commands.cfg.svn-base | 9 + .../.svn/prop-base/contacts.cfg.svn-base | 9 + .../.svn/prop-base/groups.cfg.svn-base | 9 + .../prop-base/interhost-deps.cfg.svn-base | 9 + .../.svn/prop-base/localhost.cfg.svn-base | 9 + .../.svn/prop-base/printer.cfg.svn-base | 9 + .../.svn/prop-base/switch.cfg.svn-base | 9 + .../.svn/prop-base/templates.cfg.svn-base | 9 + .../.svn/prop-base/timeperiods.cfg.svn-base | 9 + .../.svn/prop-base/windows.cfg.svn-base | 9 + .../.svn/text-base/commands-app.cfg.svn-base | 103 + .../.svn/text-base/commands-esx.cfg.svn-base | 23 + .../.svn/text-base/commands-f5.cfg.svn-base | 63 + .../.svn/text-base/commands-ipmi.cfg.svn-base | 36 + .../text-base/commands-netapp.cfg.svn-base | 66 + .../text-base/commands-notify.cfg.svn-base | 72 + .../.svn/text-base/commands-nrpe.cfg.svn-base | 56 + .../text-base/commands-oracle.cfg.svn-base | 40 + .../text-base/commands-perfdata.cfg.svn-base | 62 + .../.svn/text-base/commands.cfg.svn-base | 272 + .../.svn/text-base/contacts.cfg.svn-base | 750 +++ .../.svn/text-base/groups.cfg.svn-base | 289 + .../text-base/interhost-deps.cfg.svn-base | 317 + .../.svn/text-base/localhost.cfg.svn-base | 433 ++ .../.svn/text-base/printer.cfg.svn-base | 87 + .../.svn/text-base/switch.cfg.svn-base | 222 + .../.svn/text-base/templates.cfg.svn-base | 557 ++ .../.svn/text-base/timeperiods.cfg.svn-base | 227 + .../.svn/text-base/windows.cfg.svn-base | 147 + strato/nagios/objects/apps/.svn/dir-prop-base | 9 + strato/nagios/objects/apps/.svn/entries | 130 + .../apps/.svn/prop-base/boss-db.cfg.svn-base | 9 + .../apps/.svn/prop-base/mydb0.cfg.svn-base | 9 + .../.svn/prop-base/stratodata.cfg.svn-base | 9 + .../apps/.svn/text-base/boss-db.cfg.svn-base | 186 + .../apps/.svn/text-base/mydb0.cfg.svn-base | 39 + .../.svn/text-base/stratodata.cfg.svn-base | 272 + strato/nagios/objects/apps/boss-db.cfg | 186 + strato/nagios/objects/apps/mydb0.cfg | 39 + strato/nagios/objects/apps/stratodata.cfg | 272 + strato/nagios/objects/commands-app.cfg | 103 + strato/nagios/objects/commands-esx.cfg | 23 + strato/nagios/objects/commands-f5.cfg | 63 + strato/nagios/objects/commands-ipmi.cfg | 36 + strato/nagios/objects/commands-netapp.cfg | 66 + strato/nagios/objects/commands-notify.cfg | 72 + strato/nagios/objects/commands-nrpe.cfg | 56 + strato/nagios/objects/commands-oracle.cfg | 40 + strato/nagios/objects/commands-perfdata.cfg | 62 + strato/nagios/objects/commands.cfg | 272 + strato/nagios/objects/contacts.cfg | 750 +++ strato/nagios/objects/groups.cfg | 289 + strato/nagios/objects/interhost-deps.cfg | 317 + .../objects/karlsruhe/.svn/dir-prop-base | 9 + strato/nagios/objects/karlsruhe/.svn/entries | 96 + .../.svn/prop-base/timesten.cfg.svn-base | 9 + .../.svn/prop-base/timesten3.cfg.svn-base | 9 + .../.svn/text-base/timesten.cfg.svn-base | 303 + .../.svn/text-base/timesten3.cfg.svn-base | 301 + strato/nagios/objects/karlsruhe/timesten.cfg | 303 + strato/nagios/objects/karlsruhe/timesten3.cfg | 301 + strato/nagios/objects/localhost.cfg | 433 ++ .../nagios/objects/netapp/.svn/dir-prop-base | 9 + strato/nagios/objects/netapp/.svn/entries | 130 + .../.svn/prop-base/na20201.cfg.svn-base | 9 + .../.svn/prop-base/na30401.cfg.svn-base | 9 + .../.svn/prop-base/na30402.cfg.svn-base | 9 + .../.svn/text-base/na20201.cfg.svn-base | 171 + .../.svn/text-base/na30401.cfg.svn-base | 304 + .../.svn/text-base/na30402.cfg.svn-base | 530 ++ strato/nagios/objects/netapp/na20201.cfg | 171 + strato/nagios/objects/netapp/na30401.cfg | 304 + strato/nagios/objects/netapp/na30402.cfg | 530 ++ .../nagios/objects/pascal/.svn/dir-prop-base | 9 + strato/nagios/objects/pascal/.svn/entries | 198 + .../.svn/prop-base/dc2008-001.cfg.svn-base | 9 + .../.svn/prop-base/dc2008-002.cfg.svn-base | 9 + .../pascal/.svn/prop-base/k2.cfg.svn-base | 9 + .../pascal/.svn/prop-base/kelvin.cfg.svn-base | 9 + .../pascal/.svn/prop-base/post1.cfg.svn-base | 9 + .../.svn/text-base/dc2008-001.cfg.svn-base | 36 + .../.svn/text-base/dc2008-002.cfg.svn-base | 36 + .../pascal/.svn/text-base/k2.cfg.svn-base | 349 + .../pascal/.svn/text-base/kelvin.cfg.svn-base | 251 + .../pascal/.svn/text-base/post1.cfg.svn-base | 289 + strato/nagios/objects/pascal/dc2008-001.cfg | 36 + strato/nagios/objects/pascal/dc2008-002.cfg | 36 + strato/nagios/objects/pascal/k2.cfg | 349 + strato/nagios/objects/pascal/kelvin.cfg | 251 + strato/nagios/objects/pascal/post1.cfg | 289 + strato/nagios/objects/printer.cfg | 87 + strato/nagios/objects/privat/.svn/entries | 28 + strato/nagios/objects/rz/.svn/dir-prop-base | 9 + strato/nagios/objects/rz/.svn/entries | 1558 +++++ .../rz/.svn/prop-base/affront.cfg.svn-base | 9 + .../rz/.svn/prop-base/bl0.cfg.svn-base | 9 + .../rz/.svn/prop-base/bl1.cfg.svn-base | 9 + .../rz/.svn/prop-base/bl2.cfg.svn-base | 9 + .../rz/.svn/prop-base/bl4.cfg.svn-base | 9 + .../rz/.svn/prop-base/bl6.cfg.svn-base | 9 + .../rz/.svn/prop-base/bl8.cfg.svn-base | 9 + .../rz/.svn/prop-base/blc.cfg.svn-base | 9 + .../.svn/prop-base/borelius-kvm.cfg.svn-base | 9 + .../rz/.svn/prop-base/borelius.cfg.svn-base | 9 + .../rz/.svn/prop-base/dc2008-003.cfg.svn-base | 9 + .../rz/.svn/prop-base/dieter.cfg.svn-base | 9 + .../rz/.svn/prop-base/emma.cfg.svn-base | 9 + .../rz/.svn/prop-base/estragon.cfg.svn-base | 9 + .../rz/.svn/prop-base/godot-kvm.cfg.svn-base | 9 + .../rz/.svn/prop-base/godot.cfg.svn-base | 9 + .../rz/.svn/prop-base/grauzone.cfg.svn-base | 9 + .../.svn/prop-base/heidrun-kvm.cfg.svn-base | 9 + .../rz/.svn/prop-base/heidrun.cfg.svn-base | 9 + .../rz/.svn/prop-base/joseph.cfg.svn-base | 9 + .../rz/.svn/prop-base/kristel.cfg.svn-base | 9 + .../rz/.svn/prop-base/leto-kvm.cfg.svn-base | 9 + .../rz/.svn/prop-base/leto.cfg.svn-base | 9 + .../rz/.svn/prop-base/lurkin-kvm.cfg.svn-base | 9 + .../rz/.svn/prop-base/lurkin.cfg.svn-base | 9 + .../rz/.svn/prop-base/maria.cfg.svn-base | 9 + .../rz/.svn/prop-base/msd2.cfg.svn-base | 9 + .../rz/.svn/prop-base/mx1.cfg.svn-base | 9 + .../rz/.svn/prop-base/mx2.cfg.svn-base | 9 + .../rz/.svn/prop-base/nexus.cfg.svn-base | 9 + .../rz/.svn/prop-base/one.cfg.svn-base | 9 + .../rz/.svn/prop-base/plexus.cfg.svn-base | 9 + .../rz/.svn/prop-base/rotwang.cfg.svn-base | 9 + .../rz/.svn/prop-base/sunny1-kvm.cfg.svn-base | 9 + .../rz/.svn/prop-base/sunny1.cfg.svn-base | 9 + .../rz/.svn/prop-base/sunny2-kvm.cfg.svn-base | 9 + .../rz/.svn/prop-base/sunny2.cfg.svn-base | 9 + .../rz/.svn/prop-base/sunny3-kvm.cfg.svn-base | 9 + .../rz/.svn/prop-base/sunny3.cfg.svn-base | 9 + .../rz/.svn/prop-base/turtur.cfg.svn-base | 9 + .../rz/.svn/prop-base/vagas.cfg.svn-base | 9 + .../rz/.svn/prop-base/walo.cfg.svn-base | 9 + .../rz/.svn/prop-base/walter.cfg.svn-base | 9 + .../rz/.svn/prop-base/wutschel.cfg.svn-base | 9 + .../rz/.svn/prop-base/zero.cfg.svn-base | 9 + .../rz/.svn/text-base/affront.cfg.svn-base | 384 ++ .../rz/.svn/text-base/bl0.cfg.svn-base | 96 + .../rz/.svn/text-base/bl1.cfg.svn-base | 100 + .../rz/.svn/text-base/bl2.cfg.svn-base | 51 + .../rz/.svn/text-base/bl4.cfg.svn-base | 51 + .../rz/.svn/text-base/bl6.cfg.svn-base | 100 + .../rz/.svn/text-base/bl8.cfg.svn-base | 100 + .../rz/.svn/text-base/blc.cfg.svn-base | 97 + .../.svn/text-base/borelius-kvm.cfg.svn-base | 100 + .../rz/.svn/text-base/borelius.cfg.svn-base | 293 + .../rz/.svn/text-base/dc2008-003.cfg.svn-base | 37 + .../rz/.svn/text-base/dieter.cfg.svn-base | 140 + .../rz/.svn/text-base/emma.cfg.svn-base | 429 ++ .../rz/.svn/text-base/estragon.cfg.svn-base | 268 + .../rz/.svn/text-base/godot-kvm.cfg.svn-base | 100 + .../rz/.svn/text-base/godot.cfg.svn-base | 255 + .../rz/.svn/text-base/grauzone.cfg.svn-base | 350 + .../.svn/text-base/heidrun-kvm.cfg.svn-base | 100 + .../rz/.svn/text-base/heidrun.cfg.svn-base | 255 + .../rz/.svn/text-base/joseph.cfg.svn-base | 194 + .../rz/.svn/text-base/kristel.cfg.svn-base | 237 + .../rz/.svn/text-base/leto-kvm.cfg.svn-base | 100 + .../rz/.svn/text-base/leto.cfg.svn-base | 255 + .../rz/.svn/text-base/lurkin-kvm.cfg.svn-base | 100 + .../rz/.svn/text-base/lurkin.cfg.svn-base | 266 + .../rz/.svn/text-base/maria.cfg.svn-base | 298 + .../rz/.svn/text-base/msd2.cfg.svn-base | 246 + .../rz/.svn/text-base/mx1.cfg.svn-base | 202 + .../rz/.svn/text-base/mx2.cfg.svn-base | 205 + .../rz/.svn/text-base/nexus.cfg.svn-base | 64 + .../rz/.svn/text-base/one.cfg.svn-base | 616 ++ .../rz/.svn/text-base/plexus.cfg.svn-base | 177 + .../rz/.svn/text-base/rotwang.cfg.svn-base | 188 + .../rz/.svn/text-base/sunny1-kvm.cfg.svn-base | 100 + .../rz/.svn/text-base/sunny1.cfg.svn-base | 92 + .../rz/.svn/text-base/sunny2-kvm.cfg.svn-base | 100 + .../rz/.svn/text-base/sunny2.cfg.svn-base | 92 + .../rz/.svn/text-base/sunny3-kvm.cfg.svn-base | 100 + .../rz/.svn/text-base/sunny3.cfg.svn-base | 92 + .../rz/.svn/text-base/turtur.cfg.svn-base | 202 + .../rz/.svn/text-base/vagas.cfg.svn-base | 293 + .../rz/.svn/text-base/walo.cfg.svn-base | 412 ++ .../rz/.svn/text-base/walter.cfg.svn-base | 234 + .../rz/.svn/text-base/wutschel.cfg.svn-base | 234 + .../rz/.svn/text-base/zero.cfg.svn-base | 618 ++ strato/nagios/objects/rz/affront.cfg | 384 ++ strato/nagios/objects/rz/bl0.cfg | 96 + strato/nagios/objects/rz/bl1.cfg | 100 + strato/nagios/objects/rz/bl2.cfg | 51 + strato/nagios/objects/rz/bl4.cfg | 51 + strato/nagios/objects/rz/bl6.cfg | 100 + strato/nagios/objects/rz/bl8.cfg | 100 + strato/nagios/objects/rz/blc.cfg | 97 + strato/nagios/objects/rz/borelius-kvm.cfg | 100 + strato/nagios/objects/rz/borelius.cfg | 293 + strato/nagios/objects/rz/dc2008-003.cfg | 37 + strato/nagios/objects/rz/dieter.cfg | 140 + strato/nagios/objects/rz/emma.cfg | 429 ++ strato/nagios/objects/rz/estragon.cfg | 268 + strato/nagios/objects/rz/godot-kvm.cfg | 100 + strato/nagios/objects/rz/godot.cfg | 255 + strato/nagios/objects/rz/grauzone.cfg | 350 + strato/nagios/objects/rz/heidrun-kvm.cfg | 100 + strato/nagios/objects/rz/heidrun.cfg | 255 + strato/nagios/objects/rz/joseph.cfg | 194 + strato/nagios/objects/rz/kristel.cfg | 237 + strato/nagios/objects/rz/leto-kvm.cfg | 100 + strato/nagios/objects/rz/leto.cfg | 255 + strato/nagios/objects/rz/lurkin-kvm.cfg | 100 + strato/nagios/objects/rz/lurkin.cfg | 266 + strato/nagios/objects/rz/maria.cfg | 298 + strato/nagios/objects/rz/msd2.cfg | 246 + strato/nagios/objects/rz/mx1.cfg | 202 + strato/nagios/objects/rz/mx2.cfg | 205 + strato/nagios/objects/rz/nexus.cfg | 64 + strato/nagios/objects/rz/one.cfg | 616 ++ strato/nagios/objects/rz/plexus.cfg | 177 + strato/nagios/objects/rz/rotwang.cfg | 188 + strato/nagios/objects/rz/sunny1-kvm.cfg | 100 + strato/nagios/objects/rz/sunny1.cfg | 92 + strato/nagios/objects/rz/sunny2-kvm.cfg | 100 + strato/nagios/objects/rz/sunny2.cfg | 92 + strato/nagios/objects/rz/sunny3-kvm.cfg | 100 + strato/nagios/objects/rz/sunny3.cfg | 92 + strato/nagios/objects/rz/turtur.cfg | 202 + strato/nagios/objects/rz/vagas.cfg | 293 + strato/nagios/objects/rz/walo.cfg | 412 ++ strato/nagios/objects/rz/walter.cfg | 234 + strato/nagios/objects/rz/wutschel.cfg | 234 + strato/nagios/objects/rz/zero.cfg | 618 ++ strato/nagios/objects/switch.cfg | 222 + strato/nagios/objects/templates.cfg | 557 ++ strato/nagios/objects/timeperiods.cfg | 227 + strato/nagios/objects/vm/.svn/dir-prop-base | 9 + strato/nagios/objects/vm/.svn/entries | 504 ++ .../vm/.svn/prop-base/adserver01.cfg.svn-base | 9 + .../vm/.svn/prop-base/imperia2.cfg.svn-base | 9 + .../vm/.svn/prop-base/jabber.cfg.svn-base | 9 + .../vm/.svn/prop-base/ols02.cfg.svn-base | 9 + .../vm/.svn/prop-base/ols13.cfg.svn-base | 9 + .../vm/.svn/prop-base/post2.cfg.svn-base | 9 + .../vm/.svn/prop-base/post3.cfg.svn-base | 9 + .../vm/.svn/prop-base/post4.cfg.svn-base | 9 + .../vm/.svn/prop-base/post5.cfg.svn-base | 9 + .../.svn/prop-base/schufulupiplu.cfg.svn-base | 9 + .../vm/.svn/prop-base/timesten2.cfg.svn-base | 9 + .../vm/.svn/prop-base/timesten4.cfg.svn-base | 9 + .../vm/.svn/prop-base/vagas2.cfg.svn-base | 9 + .../.svn/prop-base/webspiegel2.cfg.svn-base | 9 + .../vm/.svn/text-base/adserver01.cfg.svn-base | 318 + .../vm/.svn/text-base/imperia2.cfg.svn-base | 219 + .../vm/.svn/text-base/jabber.cfg.svn-base | 143 + .../vm/.svn/text-base/ols02.cfg.svn-base | 207 + .../vm/.svn/text-base/ols13.cfg.svn-base | 200 + .../vm/.svn/text-base/post2.cfg.svn-base | 278 + .../vm/.svn/text-base/post3.cfg.svn-base | 247 + .../vm/.svn/text-base/post4.cfg.svn-base | 247 + .../vm/.svn/text-base/post5.cfg.svn-base | 247 + .../.svn/text-base/schufulupiplu.cfg.svn-base | 293 + .../vm/.svn/text-base/timesten2.cfg.svn-base | 229 + .../vm/.svn/text-base/timesten4.cfg.svn-base | 188 + .../vm/.svn/text-base/vagas2.cfg.svn-base | 278 + .../.svn/text-base/webspiegel2.cfg.svn-base | 218 + strato/nagios/objects/vm/adserver01.cfg | 318 + strato/nagios/objects/vm/imperia2.cfg | 219 + strato/nagios/objects/vm/jabber.cfg | 143 + strato/nagios/objects/vm/ols02.cfg | 207 + strato/nagios/objects/vm/ols13.cfg | 200 + strato/nagios/objects/vm/post2.cfg | 278 + strato/nagios/objects/vm/post3.cfg | 247 + strato/nagios/objects/vm/post4.cfg | 247 + strato/nagios/objects/vm/post5.cfg | 247 + strato/nagios/objects/vm/schufulupiplu.cfg | 293 + strato/nagios/objects/vm/timesten2.cfg | 229 + strato/nagios/objects/vm/timesten4.cfg | 188 + strato/nagios/objects/vm/vagas2.cfg | 278 + strato/nagios/objects/vm/webspiegel2.cfg | 218 + strato/nagios/objects/windows.cfg | 147 + strato/nagios/pnp/.svn/dir-prop-base | 7 + strato/nagios/pnp/.svn/entries | 204 + .../.svn/prop-base/background.pdf.svn-base | 5 + .../pnp/.svn/prop-base/config.php.svn-base | 9 + .../pnp/.svn/prop-base/npcd.cfg.svn-base | 9 + .../prop-base/process_perfdata.cfg.svn-base | 9 + .../pnp/.svn/prop-base/rra.cfg.svn-base | 9 + .../.svn/text-base/background.pdf.svn-base | Bin 0 -> 6952 bytes .../pnp/.svn/text-base/config.php.svn-base | 144 + .../pnp/.svn/text-base/npcd.cfg.svn-base | 142 + .../text-base/process_perfdata.cfg.svn-base | 44 + .../pnp/.svn/text-base/rra.cfg.svn-base | 35 + strato/nagios/pnp/background.pdf | Bin 0 -> 6952 bytes .../pnp/check_commands/.svn/dir-prop-base | 7 + strato/nagios/pnp/check_commands/.svn/entries | 28 + strato/nagios/pnp/config.php | 144 + strato/nagios/pnp/npcd.cfg | 142 + strato/nagios/pnp/pages/.svn/dir-prop-base | 7 + strato/nagios/pnp/pages/.svn/entries | 164 + .../.svn/prop-base/apache_status.cfg.svn-base | 9 + .../.svn/prop-base/hosts-ping.cfg.svn-base | 9 + .../.svn/prop-base/mailqueues.cfg.svn-base | 9 + .../.svn/prop-base/messages.cfg.svn-base | 9 + .../.svn/text-base/apache_status.cfg.svn-base | 21 + .../.svn/text-base/hosts-ping.cfg.svn-base | 21 + .../.svn/text-base/mailqueues.cfg.svn-base | 21 + .../.svn/text-base/messages.cfg.svn-base | 21 + strato/nagios/pnp/pages/apache_status.cfg | 21 + strato/nagios/pnp/pages/hosts-ping.cfg | 21 + strato/nagios/pnp/pages/mailqueues.cfg | 21 + strato/nagios/pnp/pages/messages.cfg | 21 + strato/nagios/pnp/process_perfdata.cfg | 44 + strato/nagios/pnp/rra.cfg | 35 + strato/nagios/resource.cfg | 40 + 2470 files changed, 349908 insertions(+) create mode 100644 ImageMagick/coder.xml create mode 100644 ImageMagick/colors.xml create mode 100644 ImageMagick/delegates.xml create mode 100644 ImageMagick/log.xml create mode 100644 ImageMagick/magic.xml create mode 100644 ImageMagick/mime.xml create mode 100644 ImageMagick/policy.xml create mode 100644 ImageMagick/sRGB.icm create mode 100644 ImageMagick/thresholds.xml create mode 100644 ImageMagick/type-dejavu.xml create mode 100644 ImageMagick/type-ghostscript.xml create mode 100644 ImageMagick/type-windows.xml create mode 100644 ImageMagick/type.xml create mode 100755 X11/xinit/xinitrc.d/80-dbus create mode 100644 apache2/.original/httpd.conf create mode 100644 apache2/.original/magic create mode 100644 apache2/.original/modules.d/00_apache_manual.conf create mode 100644 apache2/.original/modules.d/00_default_settings.conf create mode 100644 apache2/.original/modules.d/00_error_documents.conf create mode 100644 apache2/.original/modules.d/00_languages.conf create mode 100644 apache2/.original/modules.d/00_mod_autoindex.conf create mode 100644 apache2/.original/modules.d/00_mod_info.conf create mode 100644 apache2/.original/modules.d/00_mod_log_config.conf create mode 100644 apache2/.original/modules.d/00_mod_mime.conf create mode 100644 apache2/.original/modules.d/00_mod_status.conf create mode 100644 apache2/.original/modules.d/00_mod_userdir.conf create mode 100644 apache2/.original/modules.d/00_mpm.conf create mode 100644 apache2/.original/modules.d/10_mod_mem_cache.conf create mode 100644 apache2/.original/modules.d/11_mod_auth_kerb.conf create mode 100644 apache2/.original/modules.d/12_mod_auth_mysql.conf create mode 100644 apache2/.original/modules.d/20_mod_fastcgi.conf create mode 100644 apache2/.original/modules.d/40_mod_ssl.conf create mode 100644 apache2/.original/modules.d/45_mod_dav.conf create mode 100644 apache2/.original/modules.d/46_mod_ldap.conf create mode 100644 apache2/.original/modules.d/47_mod_dav_svn.conf create mode 100644 apache2/.original/modules.d/70_mod_php5.conf create mode 100644 apache2/.original/modules.d/75_mod_perl.conf create mode 100644 apache2/.original/modules.d/76_mod_apreq.conf create mode 100644 apache2/.original/modules.d/99_nagios3.conf create mode 100644 apache2/.original/modules.d/apache2-mod_perl-startup.pl create mode 100644 apache2/.original/vhosts.d/00_default_ssl_vhost.conf create mode 100644 apache2/.original/vhosts.d/00_default_vhost.conf create mode 100644 apache2/.original/vhosts.d/default_vhost.include create mode 100644 apache2/.rcs/fotos_group,v create mode 100644 apache2/.rcs/fotos_passwd,v create mode 100644 apache2/.rcs/httpd.conf,v create mode 100644 apache2/.rcs/info_users_passwd,v create mode 100644 apache2/.rcs/svnusers,v create mode 100644 apache2/fotos_group create mode 100644 apache2/fotos_passwd create mode 100644 apache2/httpd.conf create mode 100644 apache2/info_users_passwd create mode 100644 apache2/magic create mode 100644 apache2/modules.d/.rcs/00_apache_manual.conf,v create mode 100644 apache2/modules.d/.rcs/00_default_settings.conf,v create mode 100644 apache2/modules.d/.rcs/00_error_documents.conf,v create mode 100644 apache2/modules.d/.rcs/00_languages.conf,v create mode 100644 apache2/modules.d/.rcs/00_mod_autoindex.conf,v create mode 100644 apache2/modules.d/.rcs/00_mod_info.conf,v create mode 100644 apache2/modules.d/.rcs/00_mod_log_config.conf,v create mode 100644 apache2/modules.d/.rcs/00_mod_mime.conf,v create mode 100644 apache2/modules.d/.rcs/00_mod_status.conf,v create mode 100644 apache2/modules.d/.rcs/00_mod_userdir.conf,v create mode 100644 apache2/modules.d/.rcs/00_mpm.conf,v create mode 100644 apache2/modules.d/.rcs/10_mod_mem_cache.conf,v create mode 100644 apache2/modules.d/.rcs/11_mod_auth_kerb.conf,v create mode 100644 apache2/modules.d/.rcs/12_mod_auth_mysql.conf,v create mode 100644 apache2/modules.d/.rcs/20_mod_fastcgi.conf,v create mode 100644 apache2/modules.d/.rcs/40_mod_ssl.conf,v create mode 100644 apache2/modules.d/.rcs/45_mod_dav.conf,v create mode 100644 apache2/modules.d/.rcs/46_mod_ldap.conf,v create mode 100644 apache2/modules.d/.rcs/47_mod_dav_svn.conf,v create mode 100644 apache2/modules.d/.rcs/70_mod_php5.conf,v create mode 100644 apache2/modules.d/.rcs/75_mod_perl.conf,v create mode 100644 apache2/modules.d/.rcs/76_mod_apreq.conf,v create mode 100644 apache2/modules.d/.rcs/99_nagios3.conf,v create mode 100644 apache2/modules.d/.rcs/apache2-mod_perl-startup.pl,v create mode 100644 apache2/modules.d/00_apache_manual.conf create mode 100644 apache2/modules.d/00_default_settings.conf create mode 100644 apache2/modules.d/00_error_documents.conf create mode 100644 apache2/modules.d/00_languages.conf create mode 100644 apache2/modules.d/00_mod_autoindex.conf create mode 100644 apache2/modules.d/00_mod_info.conf create mode 100644 apache2/modules.d/00_mod_log_config.conf create mode 100644 apache2/modules.d/00_mod_mime.conf create mode 100644 apache2/modules.d/00_mod_status.conf create mode 100644 apache2/modules.d/00_mod_userdir.conf create mode 100644 apache2/modules.d/00_mpm.conf create mode 100644 apache2/modules.d/10_mod_mem_cache.conf create mode 100644 apache2/modules.d/11_mod_auth_kerb.conf create mode 100644 apache2/modules.d/12_mod_auth_mysql.conf create mode 100644 apache2/modules.d/20_mod_fastcgi.conf create mode 100644 apache2/modules.d/40_mod_ssl.conf create mode 100644 apache2/modules.d/45_mod_dav.conf create mode 100644 apache2/modules.d/46_mod_ldap.conf create mode 100644 apache2/modules.d/47_mod_dav_svn.conf create mode 100644 apache2/modules.d/70_mod_php5.conf create mode 100644 apache2/modules.d/75_mod_perl.conf create mode 100644 apache2/modules.d/76_mod_apreq.conf create mode 100644 apache2/modules.d/99_nagios3.conf create mode 100644 apache2/modules.d/apache2-mod_perl-startup.pl create mode 100644 apache2/sarah/.old/apache2-builtin-mods create mode 100644 apache2/sarah/fotos_group create mode 100644 apache2/sarah/fotos_passwd create mode 100644 apache2/sarah/httpd-1.conf create mode 100644 apache2/sarah/httpd.conf create mode 100644 apache2/sarah/httpd.conf,v create mode 100644 apache2/sarah/info_users_passwd create mode 100644 apache2/sarah/magic create mode 100644 apache2/sarah/modules.d/.old/99_nagios.conf,v create mode 100644 apache2/sarah/modules.d/00_apache_manual.conf create mode 100644 apache2/sarah/modules.d/00_apache_manual.conf,v create mode 100644 apache2/sarah/modules.d/00_autoindex.conf,v create mode 100644 apache2/sarah/modules.d/00_default_settings.conf create mode 100644 apache2/sarah/modules.d/00_default_settings.conf,v create mode 100644 apache2/sarah/modules.d/00_error_documents.conf create mode 100644 apache2/sarah/modules.d/00_error_documents.conf,v create mode 100644 apache2/sarah/modules.d/00_languages.conf create mode 100644 apache2/sarah/modules.d/00_languages.conf,v create mode 100644 apache2/sarah/modules.d/00_mod_autoindex.conf create mode 100644 apache2/sarah/modules.d/00_mod_autoindex.conf,v create mode 100644 apache2/sarah/modules.d/00_mod_info.conf create mode 100644 apache2/sarah/modules.d/00_mod_info.conf,v create mode 100644 apache2/sarah/modules.d/00_mod_log_config.conf create mode 100644 apache2/sarah/modules.d/00_mod_log_config.conf,v create mode 100644 apache2/sarah/modules.d/00_mod_mime.conf create mode 100644 apache2/sarah/modules.d/00_mod_mime.conf,v create mode 100644 apache2/sarah/modules.d/00_mod_status.conf create mode 100644 apache2/sarah/modules.d/00_mod_status.conf,v create mode 100644 apache2/sarah/modules.d/00_mod_userdir.conf create mode 100644 apache2/sarah/modules.d/00_mod_userdir.conf,v create mode 100644 apache2/sarah/modules.d/00_mpm.conf create mode 100644 apache2/sarah/modules.d/00_mpm.conf,v create mode 100644 apache2/sarah/modules.d/10_mod_mem_cache.conf create mode 100644 apache2/sarah/modules.d/10_mod_mem_cache.conf,v create mode 100644 apache2/sarah/modules.d/11_mod_auth_kerb.conf create mode 100644 apache2/sarah/modules.d/11_mod_auth_kerb.conf,v create mode 100644 apache2/sarah/modules.d/12_mod_auth_mysql.conf create mode 100644 apache2/sarah/modules.d/12_mod_auth_mysql.conf,v create mode 100644 apache2/sarah/modules.d/20_mod_fastcgi.conf create mode 100644 apache2/sarah/modules.d/20_mod_fastcgi.conf,v create mode 100644 apache2/sarah/modules.d/40_mod_ssl.conf create mode 100644 apache2/sarah/modules.d/40_mod_ssl.conf,v create mode 100644 apache2/sarah/modules.d/41_mod_ssl.default-vhost,v create mode 100644 apache2/sarah/modules.d/45_mod_dav.conf create mode 100644 apache2/sarah/modules.d/45_mod_dav.conf,v create mode 100644 apache2/sarah/modules.d/46_mod_ldap.conf create mode 100644 apache2/sarah/modules.d/46_mod_ldap.conf,v create mode 100644 apache2/sarah/modules.d/47_mod_dav_svn.conf create mode 100644 apache2/sarah/modules.d/47_mod_dav_svn.conf,v create mode 100644 apache2/sarah/modules.d/70_mod_php5.conf create mode 100644 apache2/sarah/modules.d/70_mod_php5.conf,v create mode 100644 apache2/sarah/modules.d/75_mod_perl.conf create mode 100644 apache2/sarah/modules.d/75_mod_perl.conf,v create mode 100644 apache2/sarah/modules.d/76_mod_apreq.conf create mode 100644 apache2/sarah/modules.d/76_mod_apreq.conf,v create mode 100644 apache2/sarah/modules.d/99_nagios3.conf create mode 100644 apache2/sarah/modules.d/99_nagios3.conf,v create mode 100644 apache2/sarah/modules.d/apache2-mod_perl-startup.pl create mode 100644 apache2/sarah/modules.d/apache2-mod_perl-startup.pl,v create mode 100644 apache2/sarah/myadmin.passwd create mode 100644 apache2/sarah/ssl/myadmin-cert.pem create mode 100644 apache2/sarah/ssl/server.crt create mode 100644 apache2/sarah/ssl/server.key create mode 100644 apache2/sarah/ssl/webmail-cert.pem create mode 100644 apache2/sarah/svnusers create mode 100644 apache2/sarah/vhosts.d/.old/07_groupoffice.conf.not_used create mode 100644 apache2/sarah/vhosts.d/.old/08_sy.conf.not_used create mode 100644 apache2/sarah/vhosts.d/.old/08_typo3.conf.not_used create mode 100644 apache2/sarah/vhosts.d/00_default_ssl_vhost.conf create mode 100644 apache2/sarah/vhosts.d/00_default_ssl_vhost.conf,v create mode 100644 apache2/sarah/vhosts.d/00_default_vhost.conf create mode 100644 apache2/sarah/vhosts.d/00_default_vhost.conf,v create mode 100644 apache2/sarah/vhosts.d/01_myadmin.conf create mode 100644 apache2/sarah/vhosts.d/01_myadmin.conf,v create mode 100644 apache2/sarah/vhosts.d/01_vhost.conf create mode 100644 apache2/sarah/vhosts.d/01_vhost.conf,v create mode 100644 apache2/sarah/vhosts.d/02_morph.conf create mode 100644 apache2/sarah/vhosts.d/02_morph.conf,v create mode 100644 apache2/sarah/vhosts.d/03_webdav.conf create mode 100644 apache2/sarah/vhosts.d/03_webdav.conf,v create mode 100644 apache2/sarah/vhosts.d/04_fotoalbum.conf create mode 100644 apache2/sarah/vhosts.d/04_fotoalbum.conf,v create mode 100644 apache2/sarah/vhosts.d/05_bautagebuch.conf create mode 100644 apache2/sarah/vhosts.d/05_bautagebuch.conf,v create mode 100644 apache2/sarah/vhosts.d/06_webmail.conf create mode 100644 apache2/sarah/vhosts.d/06_webmail.conf,v create mode 100644 apache2/sarah/vhosts.d/07_groupoffice.conf.not_used create mode 100644 apache2/sarah/vhosts.d/08_sy.conf.not_used create mode 100644 apache2/sarah/vhosts.d/08_typo3.conf.not_used create mode 100644 apache2/sarah/vhosts.d/09_ldap.conf create mode 100644 apache2/sarah/vhosts.d/09_ldap.conf,v create mode 100644 apache2/sarah/vhosts.d/10_kfz-dlb.conf create mode 100644 apache2/sarah/vhosts.d/10_kfz-dlb.conf,v create mode 100644 apache2/sarah/vhosts.d/11_wow.conf.not_used create mode 100644 apache2/sarah/vhosts.d/12_dyndns.conf create mode 100644 apache2/sarah/vhosts.d/12_dyndns.conf,v create mode 100644 apache2/sarah/vhosts.d/default_vhost.include create mode 100644 apache2/sarah/vhosts.d/default_vhost.include,v create mode 100644 apache2/sarah/vhosts.d/nagios.include create mode 100644 apache2/sarah/vhosts.d/nagios.include,v create mode 100644 apache2/sarah/webdav.passwd create mode 100644 apache2/ssl/myadmin-cert.pem create mode 100644 apache2/ssl/webmail-cert.pem create mode 100644 apache2/svnusers create mode 100644 apache2/vhosts.d/.rcs/00_default_ssl_vhost.conf,v create mode 100644 apache2/vhosts.d/.rcs/00_default_vhost.conf,v create mode 100644 apache2/vhosts.d/.rcs/01_myadmin.conf,v create mode 100644 apache2/vhosts.d/.rcs/02_morph.conf,v create mode 100644 apache2/vhosts.d/.rcs/04_fotoalbum.conf,v create mode 100644 apache2/vhosts.d/.rcs/05_bautagebuch.conf,v create mode 100644 apache2/vhosts.d/.rcs/06_webmail.conf,v create mode 100644 apache2/vhosts.d/.rcs/09_ldap.conf,v create mode 100644 apache2/vhosts.d/.rcs/10_kfz-dlb.conf,v create mode 100644 apache2/vhosts.d/.rcs/11-books-nossl.conf,v create mode 100644 apache2/vhosts.d/.rcs/11-books-ssl.conf,v create mode 100644 apache2/vhosts.d/.rcs/12_dyndns.conf,v create mode 100644 apache2/vhosts.d/.rcs/books_vhost.include,v create mode 100644 apache2/vhosts.d/.rcs/default_vhost.include,v create mode 100644 apache2/vhosts.d/00_default_ssl_vhost.conf create mode 100644 apache2/vhosts.d/00_default_vhost.conf create mode 100644 apache2/vhosts.d/01_myadmin.conf create mode 100644 apache2/vhosts.d/02_morph.conf create mode 100644 apache2/vhosts.d/04_fotoalbum.conf create mode 100644 apache2/vhosts.d/05_bautagebuch.conf create mode 100644 apache2/vhosts.d/06_webmail.conf create mode 100644 apache2/vhosts.d/09_ldap.conf create mode 100644 apache2/vhosts.d/10_kfz-dlb.conf create mode 100644 apache2/vhosts.d/11-books-nossl.conf create mode 100644 apache2/vhosts.d/11-books-ssl.conf create mode 100644 apache2/vhosts.d/12_dyndns.conf create mode 100644 apache2/vhosts.d/books_vhost.include create mode 100644 apache2/vhosts.d/default_vhost.include create mode 100644 at/at.deny create mode 100644 audisp/audisp-remote.conf create mode 100644 audisp/audispd.conf create mode 100644 audisp/plugins.d/af_unix.conf create mode 100644 audisp/plugins.d/au-remote.conf create mode 100644 audisp/plugins.d/audispd-zos-remote.conf create mode 100644 audisp/plugins.d/syslog.conf create mode 100644 audisp/zos-remote.conf create mode 100644 audit/audit.rules create mode 100644 audit/audit.rules.stop.post create mode 100644 audit/audit.rules.stop.pre create mode 100644 audit/auditd.conf create mode 100644 autofs/auto.master create mode 100644 autofs/auto.misc create mode 100755 autofs/auto.net create mode 100755 autofs/auto.smb create mode 100644 autofs/autofs_ldap_auth.conf create mode 100644 bash/.rcs/bashrc,v create mode 100644 bash/.rcs/bashrc.orig,v create mode 100644 bash/bash_logout create mode 100644 bash/bashrc create mode 100644 bash/bashrc.orig create mode 120000 bash_completion.d/base create mode 120000 bash_completion.d/bash-builtins create mode 120000 bash_completion.d/bind-utils create mode 120000 bash_completion.d/bzip2 create mode 120000 bash_completion.d/dd create mode 120000 bash_completion.d/figlet create mode 120000 bash_completion.d/findutils create mode 120000 bash_completion.d/getent create mode 120000 bash_completion.d/git create mode 120000 bash_completion.d/gzip create mode 120000 bash_completion.d/iconv create mode 120000 bash_completion.d/imagemagick create mode 120000 bash_completion.d/iptables create mode 120000 bash_completion.d/lftp create mode 120000 bash_completion.d/lzma create mode 120000 bash_completion.d/man create mode 120000 bash_completion.d/openssl create mode 120000 bash_completion.d/perl create mode 120000 bash_completion.d/rcs create mode 120000 bash_completion.d/rrdtool create mode 120000 bash_completion.d/rsync create mode 120000 bash_completion.d/screen create mode 120000 bash_completion.d/ssh create mode 120000 bash_completion.d/strace create mode 120000 bash_completion.d/subversion create mode 120000 bash_completion.d/tar create mode 120000 bash_completion.d/tcpdump create mode 120000 bash_completion.d/tree create mode 120000 bash_completion.d/unrar create mode 120000 bash_completion.d/vim create mode 100644 bind/.old/.rcs/named-acl.conf.2010-06-21_23-35-50,v create mode 100644 bind/.old/named-acl.conf.2010-06-21_23-35-50 create mode 100644 bind/.orig/.rcs/bind.keys,v create mode 100644 bind/.orig/.rcs/named.conf,v create mode 100644 bind/.orig/.rcs/rndc.key,v create mode 100644 bind/.orig/bind.keys create mode 100644 bind/.orig/named.conf create mode 100644 bind/.orig/rndc.key create mode 100644 bind/.rcs/Kdyn_dns_updater.+157+29290.key,v create mode 100644 bind/.rcs/Kdyn_dns_updater.+157+29290.private,v create mode 100644 bind/.rcs/bind.keys,v create mode 100644 bind/.rcs/named-acl.conf,v create mode 100644 bind/.rcs/named-dyn.conf,v create mode 100644 bind/.rcs/named-log.conf,v create mode 100644 bind/.rcs/named-pri.conf,v create mode 100644 bind/.rcs/named-sec.conf,v create mode 100644 bind/.rcs/named.conf,v create mode 100644 bind/.rcs/named.conf.orig,v create mode 100644 bind/.rcs/rndc.key,v create mode 100644 bind/Kdyn_dns_updater.+157+29290.key create mode 100644 bind/Kdyn_dns_updater.+157+29290.private create mode 100644 bind/bind.keys create mode 120000 bind/dyn create mode 100644 bind/named-acl.conf create mode 100644 bind/named-dyn.conf create mode 100644 bind/named-log.conf create mode 100644 bind/named-pri.conf create mode 100644 bind/named-sec.conf create mode 100644 bind/named.conf create mode 100644 bind/named.conf.orig create mode 120000 bind/pri create mode 100644 bind/rndc.key create mode 120000 bind/sec create mode 100644 conf.d/.rcs/apache2,v create mode 100644 conf.d/.rcs/auditd,v create mode 100644 conf.d/.rcs/autofs,v create mode 100644 conf.d/.rcs/books-prod-fcgi,v create mode 100644 conf.d/.rcs/bootmisc,v create mode 100644 conf.d/.rcs/clamd,v create mode 100644 conf.d/.rcs/clock,v create mode 100644 conf.d/.rcs/consolefont,v create mode 100644 conf.d/.rcs/crypto-loop,v create mode 100644 conf.d/.rcs/device-mapper,v create mode 100644 conf.d/.rcs/env_whitelist,v create mode 100644 conf.d/.rcs/git-daemon,v create mode 100644 conf.d/.rcs/gpm,v create mode 100644 conf.d/.rcs/hostname,v create mode 100644 conf.d/.rcs/ip6tables,v create mode 100644 conf.d/.rcs/iptables,v create mode 100644 conf.d/.rcs/keymaps,v create mode 100644 conf.d/.rcs/lm_sensors,v create mode 100644 conf.d/.rcs/local.start,v create mode 100644 conf.d/.rcs/local.stop,v create mode 100644 conf.d/.rcs/lvm,v create mode 100644 conf.d/.rcs/mdadm,v create mode 100644 conf.d/.rcs/mdraid,v create mode 100644 conf.d/.rcs/mysql,v create mode 100644 conf.d/.rcs/mysqlmanager,v create mode 100644 conf.d/.rcs/nagios,v create mode 100644 conf.d/.rcs/named,v create mode 100644 conf.d/.rcs/net,v create mode 100644 conf.d/.rcs/net.example,v create mode 100644 conf.d/.rcs/ntp-client,v create mode 100644 conf.d/.rcs/ntpd,v create mode 100644 conf.d/.rcs/pciparm,v create mode 100644 conf.d/.rcs/portmap,v create mode 100644 conf.d/.rcs/postgrey,v create mode 100644 conf.d/.rcs/pydoc-2.6,v create mode 100644 conf.d/.rcs/pydoc-3.1,v create mode 100644 conf.d/.rcs/quota,v create mode 100644 conf.d/.rcs/rc,v create mode 100644 conf.d/.rcs/rsyncd,v create mode 100644 conf.d/.rcs/samba,v create mode 100644 conf.d/.rcs/saslauthd,v create mode 100644 conf.d/.rcs/slapd,v create mode 100644 conf.d/.rcs/smartd,v create mode 100644 conf.d/.rcs/snmpd,v create mode 100644 conf.d/.rcs/snmptrapd,v create mode 100644 conf.d/.rcs/spamd,v create mode 100644 conf.d/.rcs/sshd,v create mode 100644 conf.d/.rcs/svnserve,v create mode 100644 conf.d/.rcs/syslog-ng,v create mode 100644 conf.d/.rcs/teamspeak3-server,v create mode 100644 conf.d/.rcs/twistd,v create mode 100644 conf.d/.rcs/udev,v create mode 100644 conf.d/.rcs/urandom,v create mode 100644 conf.d/.rcs/wireless.example,v create mode 100644 conf.d/apache2 create mode 100644 conf.d/apache2.sarah create mode 100644 conf.d/auditd create mode 100644 conf.d/autofs create mode 100644 conf.d/books-prod-fcgi create mode 100644 conf.d/bootmisc create mode 100644 conf.d/clamd create mode 100644 conf.d/consolefont create mode 100644 conf.d/crypto-loop create mode 100644 conf.d/device-mapper create mode 100644 conf.d/dmesg create mode 100644 conf.d/env_whitelist create mode 100644 conf.d/fsck create mode 100644 conf.d/git-daemon create mode 100644 conf.d/gpm create mode 100644 conf.d/hostname create mode 100644 conf.d/hwclock create mode 100644 conf.d/ip6tables create mode 100644 conf.d/iperf create mode 100644 conf.d/iptables create mode 100644 conf.d/keymaps create mode 100644 conf.d/killprocs create mode 100644 conf.d/lm_sensors create mode 100644 conf.d/localmount create mode 100644 conf.d/lvm create mode 100644 conf.d/mdadm create mode 100644 conf.d/mdraid create mode 100644 conf.d/modules create mode 100644 conf.d/mysql create mode 100644 conf.d/mysqlmanager create mode 100644 conf.d/nagios create mode 100644 conf.d/named create mode 100644 conf.d/net create mode 100644 conf.d/net.example create mode 100644 conf.d/network create mode 100644 conf.d/ntp-client create mode 100644 conf.d/ntpd create mode 100644 conf.d/pciparm create mode 100644 conf.d/portmap create mode 100644 conf.d/postgrey create mode 100644 conf.d/pydoc-2.6 create mode 100644 conf.d/pydoc-2.7 create mode 100644 conf.d/pydoc-3.1 create mode 100644 conf.d/quota create mode 100644 conf.d/rc create mode 100644 conf.d/rsyncd create mode 100644 conf.d/samba create mode 100644 conf.d/saslauthd create mode 100644 conf.d/slapd create mode 100644 conf.d/smartd create mode 100644 conf.d/snmpd create mode 100644 conf.d/snmptrapd create mode 100644 conf.d/spamd create mode 100644 conf.d/sshd create mode 100644 conf.d/staticroute create mode 100644 conf.d/svnserve create mode 100644 conf.d/syslog-ng create mode 100644 conf.d/teamspeak3-server create mode 100644 conf.d/twistd create mode 100644 conf.d/udev create mode 100644 conf.d/urandom create mode 100644 conf.d/wireless.example create mode 100644 config-archive/etc/DIR_COLORS,v create mode 100644 config-archive/etc/amavisd.conf,v create mode 100644 config-archive/etc/amavisd.conf.dist.new create mode 100644 config-archive/etc/apache2/httpd.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_apache_manual.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_default_settings.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_error_documents.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_error_documents.conf.dist.new create mode 100644 config-archive/etc/apache2/modules.d/00_languages.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_languages.conf.dist.new create mode 100644 config-archive/etc/apache2/modules.d/00_mod_autoindex.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_mod_autoindex.conf.dist.new create mode 100644 config-archive/etc/apache2/modules.d/00_mod_info.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_mod_info.conf.dist.new create mode 100644 config-archive/etc/apache2/modules.d/00_mod_log_config.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_mod_log_config.conf.dist.new create mode 100644 config-archive/etc/apache2/modules.d/00_mod_mime.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_mod_status.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_mod_status.conf.dist.new create mode 100644 config-archive/etc/apache2/modules.d/00_mpm.conf,v create mode 100644 config-archive/etc/apache2/modules.d/00_mpm.conf.dist.new create mode 100644 config-archive/etc/apache2/modules.d/47_mod_dav_svn.conf,v create mode 100644 config-archive/etc/apache2/modules.d/47_mod_dav_svn.conf.dist.new create mode 100644 config-archive/etc/apache2/modules.d/70_mod_php5.conf,v create mode 100644 config-archive/etc/apache2/modules.d/75_mod_perl.conf,v create mode 100644 config-archive/etc/apache2/modules.d/75_mod_perl.conf.dist.new create mode 100644 config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf,v create mode 100644 config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf.dist.new create mode 100644 config-archive/etc/apache2/vhosts.d/00_default_vhost.conf,v create mode 100644 config-archive/etc/apache2/vhosts.d/00_default_vhost.conf.dist.new create mode 100644 config-archive/etc/apache2/vhosts.d/default_vhost.include,v create mode 100644 config-archive/etc/apache2/vhosts.d/default_vhost.include.dist.new create mode 100644 config-archive/etc/auto.master,v create mode 100644 config-archive/etc/auto.misc,v create mode 100644 config-archive/etc/auto.misc.dist.new create mode 100755 config-archive/etc/auto.smb,v create mode 100644 config-archive/etc/autofs_ldap_auth.conf,v create mode 100644 config-archive/etc/bash/bashrc,v create mode 100644 config-archive/etc/bash/bashrc.dist.new create mode 100644 config-archive/etc/bind/bind.keys,v create mode 100644 config-archive/etc/bind/named.conf,v create mode 100644 config-archive/etc/bind/named.conf.dist.new create mode 100644 config-archive/etc/clamd.conf,v create mode 100644 config-archive/etc/conf.d/apache2,v create mode 100644 config-archive/etc/conf.d/autofs,v create mode 100644 config-archive/etc/conf.d/bootmisc,v create mode 100644 config-archive/etc/conf.d/clock create mode 100644 config-archive/etc/conf.d/clock.dist.new create mode 100644 config-archive/etc/conf.d/consolefont,v create mode 100644 config-archive/etc/conf.d/hostname,v create mode 100644 config-archive/etc/conf.d/hwclock,v create mode 100644 config-archive/etc/conf.d/keymaps,v create mode 100644 config-archive/etc/conf.d/modules,v create mode 100644 config-archive/etc/conf.d/nagios,v create mode 100644 config-archive/etc/conf.d/named,v create mode 100644 config-archive/etc/conf.d/net.example,v create mode 100644 config-archive/etc/conf.d/ntpd,v create mode 100644 config-archive/etc/conf.d/ntpd.dist.new create mode 100644 config-archive/etc/conf.d/postgrey,v create mode 100644 config-archive/etc/conf.d/postgrey.dist.new create mode 100644 config-archive/etc/conf.d/pydoc-2.7,v create mode 100644 config-archive/etc/conf.d/pydoc-3.1,v create mode 100644 config-archive/etc/conf.d/samba,v create mode 100644 config-archive/etc/conf.d/slapd,v create mode 100644 config-archive/etc/conf.d/slapd.dist.new create mode 100644 config-archive/etc/conf.d/snmpd,v create mode 100644 config-archive/etc/conf.d/snmptrapd,v create mode 100644 config-archive/etc/conf.d/svnserve,v create mode 100644 config-archive/etc/conf.d/udev,v create mode 100644 config-archive/etc/conf.d/urandom,v create mode 100644 config-archive/etc/conf.d/wireless.example,v create mode 100644 config-archive/etc/courier-imap/imapd,v create mode 100644 config-archive/etc/courier-imap/imapd-ssl,v create mode 100644 config-archive/etc/courier-imap/pop3d,v create mode 100644 config-archive/etc/courier-imap/pop3d-ssl,v create mode 100644 config-archive/etc/courier/authlib/authdaemonrc,v create mode 100644 config-archive/etc/courier/authlib/authdaemonrc.dist.new create mode 100644 config-archive/etc/courier/authlib/authldaprc,v create mode 100644 config-archive/etc/courier/authlib/authmysqlrc,v create mode 100644 config-archive/etc/courier/authlib/authmysqlrc.dist.new create mode 100755 config-archive/etc/cron.daily/mlocate,v create mode 100755 config-archive/etc/cron.hourly/sysstat,v create mode 100644 config-archive/etc/cups/cupsd.conf,v create mode 100644 config-archive/etc/cups/cupsd.conf.default,v create mode 100644 config-archive/etc/cups/snmp.conf,v create mode 100644 config-archive/etc/dbus-1/session.conf,v create mode 100644 config-archive/etc/dhcpcd.conf,v create mode 100644 config-archive/etc/dispatch-conf.conf,v create mode 100644 config-archive/etc/elinks/elinks.conf,v create mode 100644 config-archive/etc/etc-update.conf,v create mode 100644 config-archive/etc/fonts/conf.avail/30-urw-aliases.conf,v create mode 100644 config-archive/etc/freshclam.conf,v create mode 100644 config-archive/etc/gai.conf,v create mode 100644 config-archive/etc/hosts,v create mode 100644 config-archive/etc/hosts.dist.new create mode 100755 config-archive/etc/init.d/sshd create mode 100755 config-archive/etc/init.d/sshd.dist create mode 100644 config-archive/etc/inittab,v create mode 100644 config-archive/etc/inittab.dist.new create mode 100644 config-archive/etc/inputrc,v create mode 100644 config-archive/etc/krb5.conf.example,v create mode 100644 config-archive/etc/layman/layman.cfg,v create mode 100644 config-archive/etc/locale.gen create mode 100644 config-archive/etc/locale.gen.dist.new create mode 100644 config-archive/etc/login.defs,v create mode 100644 config-archive/etc/logrotate.d/apache2,v create mode 100644 config-archive/etc/logrotate.d/apache2.dist.new create mode 100644 config-archive/etc/logrotate.d/clamav,v create mode 100644 config-archive/etc/logrotate.d/clamav.dist.new create mode 100644 config-archive/etc/logrotate.d/elog-save-summary,v create mode 100644 config-archive/etc/logrotate.d/ulogd,v create mode 100644 config-archive/etc/logrotate.d/ulogd.dist.new create mode 100644 config-archive/etc/lvm/lvm.conf,v create mode 100644 config-archive/etc/mail/spamassassin/local.cf,v create mode 100644 config-archive/etc/mail/spamassassin/local.cf.dist.new create mode 100644 config-archive/etc/mail/spamassassin/v310.pre,v create mode 100644 config-archive/etc/mail/spamassassin/v310.pre.dist.new create mode 100644 config-archive/etc/mail/spamassassin/v312.pre,v create mode 100644 config-archive/etc/mail/spamassassin/v312.pre.dist.new create mode 100644 config-archive/etc/man.conf,v create mode 100644 config-archive/etc/mc/mc.ext,v create mode 100644 config-archive/etc/mc/mc.keymap,v create mode 100644 config-archive/etc/mc/mc.keymap.default,v create mode 100644 config-archive/etc/mc/mc.keymap.emacs,v create mode 100644 config-archive/etc/mdadm.conf,v create mode 100644 config-archive/etc/mke2fs.conf,v create mode 100644 config-archive/etc/mlocate-cron.conf,v create mode 100644 config-archive/etc/modules.autoload.d/kernel-2.6 create mode 100644 config-archive/etc/modules.autoload.d/kernel-2.6.dist.new create mode 100644 config-archive/etc/mutt/Muttrc.dist,v create mode 100644 config-archive/etc/mysql/my.cnf,v create mode 100644 config-archive/etc/mysql/my.cnf.dist.new create mode 100644 config-archive/etc/nagios/cgi.cfg,v create mode 100644 config-archive/etc/nagios/nagios.cfg,v create mode 100644 config-archive/etc/nagios/objects/commands.cfg,v create mode 100644 config-archive/etc/nagios/objects/timeperiods.cfg,v create mode 100644 config-archive/etc/nagios/resource.cfg,v create mode 100644 config-archive/etc/nail.rc,v create mode 100644 config-archive/etc/networks,v create mode 100644 config-archive/etc/ntp.conf,v create mode 100644 config-archive/etc/ntp.conf.dist.new create mode 100644 config-archive/etc/openldap/ldap.conf,v create mode 100644 config-archive/etc/openldap/ldap.conf.dist.new create mode 100644 config-archive/etc/openldap/schema/README,v create mode 100644 config-archive/etc/openldap/schema/amavisd-new.schema,v create mode 100644 config-archive/etc/openldap/schema/authldap.schema,v create mode 100644 config-archive/etc/openldap/schema/authldap.schema.dist.new create mode 100644 config-archive/etc/openldap/schema/collective.schema,v create mode 100644 config-archive/etc/openldap/schema/corba.schema,v create mode 100644 config-archive/etc/openldap/schema/core.ldif,v create mode 100644 config-archive/etc/openldap/schema/core.schema,v create mode 100644 config-archive/etc/openldap/schema/cosine.ldif,v create mode 100644 config-archive/etc/openldap/schema/cosine.schema,v create mode 100644 config-archive/etc/openldap/schema/duaconf.schema,v create mode 100644 config-archive/etc/openldap/schema/dyngroup.schema,v create mode 100644 config-archive/etc/openldap/schema/inetorgperson.ldif,v create mode 100644 config-archive/etc/openldap/schema/inetorgperson.schema,v create mode 100644 config-archive/etc/openldap/schema/java.schema,v create mode 100644 config-archive/etc/openldap/schema/kerberos.schema,v create mode 100644 config-archive/etc/openldap/schema/misc.schema,v create mode 100644 config-archive/etc/openldap/schema/nis.ldif,v create mode 100644 config-archive/etc/openldap/schema/nis.schema,v create mode 100644 config-archive/etc/openldap/schema/openldap.ldif,v create mode 100644 config-archive/etc/openldap/schema/openldap.schema,v create mode 100644 config-archive/etc/openldap/schema/pmi.schema,v create mode 100644 config-archive/etc/openldap/schema/ppolicy.schema,v create mode 100644 config-archive/etc/openldap/slapd.conf,v create mode 100644 config-archive/etc/openldap/slapd.conf.default,v create mode 100644 config-archive/etc/openldap/slapd.conf.dist create mode 100644 config-archive/etc/openldap/slapd.conf.dist.new create mode 100644 config-archive/etc/pam.d/chgpasswd,v create mode 100644 config-archive/etc/pam.d/chpasswd,v create mode 100644 config-archive/etc/pam.d/login,v create mode 100644 config-archive/etc/pam.d/passwd,v create mode 100644 config-archive/etc/pam.d/start-stop-daemon,v create mode 100644 config-archive/etc/pam.d/su,v create mode 100644 config-archive/etc/pam.d/su.dist.new create mode 100644 config-archive/etc/pam.d/sudo,v create mode 100644 config-archive/etc/pam.d/system-auth,v create mode 100644 config-archive/etc/pam.d/system-login,v create mode 100644 config-archive/etc/pam.d/system-services,v create mode 100644 config-archive/etc/php/apache2-php5.3/php.ini,v create mode 100644 config-archive/etc/php/apache2-php5/ext/suhosin.ini,v create mode 100644 config-archive/etc/php/apache2-php5/php.ini,v create mode 100644 config-archive/etc/php/cgi-php5.3/php.ini,v create mode 100644 config-archive/etc/php/cgi-php5/ext/suhosin.ini,v create mode 100644 config-archive/etc/php/cgi-php5/php.ini,v create mode 100644 config-archive/etc/php/cli-php5.3/php.ini,v create mode 100644 config-archive/etc/php/cli-php5/ext/suhosin.ini,v create mode 100644 config-archive/etc/php/cli-php5/php.ini,v create mode 100644 config-archive/etc/php/embed-php5.3/php.ini,v create mode 100644 config-archive/etc/php/embed-php5/php.ini,v create mode 100644 config-archive/etc/php/fpm-php5.3/php-fpm.conf,v create mode 100644 config-archive/etc/php/fpm-php5.3/php.ini,v create mode 100755 config-archive/etc/portage/bin/post_sync,v create mode 100644 config-archive/etc/portage/package.use,v create mode 100644 config-archive/etc/portage/postsync.d/q-reinitialize,v create mode 100644 config-archive/etc/postfix/main.cf,v create mode 100644 config-archive/etc/postfix/master.cf,v create mode 100644 config-archive/etc/postfix/postgrey_whitelist_clients,v create mode 100644 config-archive/etc/postfix/saslpass,v create mode 100644 config-archive/etc/procmailrc,v create mode 100644 config-archive/etc/procmailrc.dist.new create mode 100644 config-archive/etc/profile,v create mode 100644 config-archive/etc/profile.d/bash-completion.sh,v create mode 100644 config-archive/etc/proftpd/proftpd.conf.sample,v create mode 100644 config-archive/etc/protocols,v create mode 100644 config-archive/etc/rc.conf,v create mode 100644 config-archive/etc/samba/lmhosts,v create mode 100644 config-archive/etc/samba/smb.conf.default,v create mode 100644 config-archive/etc/samba/smbusers,v create mode 100644 config-archive/etc/sasl2/smtpd.conf,v create mode 100644 config-archive/etc/screenrc,v create mode 100644 config-archive/etc/security/capability.conf,v create mode 100644 config-archive/etc/security/group.conf,v create mode 100755 config-archive/etc/security/namespace.init,v create mode 100644 config-archive/etc/sensors3.conf,v create mode 100644 config-archive/etc/services,v create mode 100644 config-archive/etc/skel/.bash_logout create mode 100644 config-archive/etc/skel/.bash_logout.dist.new create mode 100644 config-archive/etc/smartd.conf,v create mode 100644 config-archive/etc/ssh/ssh_config,v create mode 100644 config-archive/etc/ssh/sshd_config,v create mode 100644 config-archive/etc/ssl/openssl.cnf,v create mode 100644 config-archive/etc/ssl/openssl.cnf.dist.new create mode 100644 config-archive/etc/sudoers,v create mode 100644 config-archive/etc/sudoers.dist create mode 100644 config-archive/etc/sudoers.dist.new create mode 100644 config-archive/etc/sysctl.conf,v create mode 100644 config-archive/etc/syslog-ng/syslog-ng.conf,v create mode 100644 config-archive/etc/syslog-ng/syslog-ng.conf.dist.new create mode 100644 config-archive/etc/sysstat,v create mode 100644 config-archive/etc/texmf/texdoc.d/texdoc.cnf,v create mode 100644 config-archive/etc/texmf/texmf.d/00header.cnf,v create mode 100644 config-archive/etc/texmf/texmf.d/05searchpaths.cnf,v create mode 100644 config-archive/etc/texmf/texmf.d/10standardpaths.cnf,v create mode 100644 config-archive/etc/texmf/texmf.d/15options.cnf,v create mode 100644 config-archive/etc/texmf/texmf.d/20sizes.cnf,v create mode 100644 config-archive/etc/ulogd.conf,v create mode 100644 config-archive/etc/ulogd.conf.dist create mode 100644 config-archive/etc/ulogd.conf.dist.new create mode 100644 config-archive/etc/updatedb.conf,v create mode 100644 config-archive/var/www/bautagebuch/htdocs/wp-config.php,v create mode 100644 config-archive/var/www/bautagebuch/htdocs/wp-config.php.dist.new create mode 100644 config-archive/var/www/ldap/htdocs/config/config.php,v create mode 100644 config-archive/var/www/myadmin/htdocs/libraries/config.default.php,v create mode 100644 courier-imap/.orig/imapd create mode 100644 courier-imap/.orig/imapd-ssl create mode 100644 courier-imap/.orig/imapd.cnf create mode 100644 courier-imap/.orig/pop3d create mode 100644 courier-imap/.orig/pop3d-ssl create mode 100644 courier-imap/.orig/pop3d.cnf create mode 100644 courier-imap/.rcs/imapd,v create mode 100644 courier-imap/.rcs/imapd-ssl,v create mode 100644 courier-imap/.rcs/imapd.cnf,v create mode 100644 courier-imap/.rcs/pop3d,v create mode 100644 courier-imap/.rcs/pop3d-ssl,v create mode 100644 courier-imap/.rcs/pop3d.cnf,v create mode 100644 courier-imap/.rcs/quotawarnmsg,v create mode 100644 courier-imap/imapd create mode 100644 courier-imap/imapd-ssl create mode 100644 courier-imap/imapd.cnf create mode 100644 courier-imap/imapd.pem create mode 100644 courier-imap/pop3d create mode 100644 courier-imap/pop3d-ssl create mode 100644 courier-imap/pop3d.cnf create mode 100644 courier-imap/pop3d.pem create mode 100644 courier-imap/quotawarnmsg create mode 100644 courier-imap/quotawarnmsg.example create mode 100644 courier/authlib/.rcs/authdaemonrc,v create mode 100644 courier/authlib/.rcs/authldaprc,v create mode 100644 courier/authlib/.rcs/authmysqlrc,v create mode 100644 courier/authlib/authdaemonrc create mode 100644 courier/authlib/authdaemonrc.dist create mode 100644 courier/authlib/authldaprc create mode 100644 courier/authlib/authldaprc.dist create mode 100644 courier/authlib/authmysqlrc create mode 100644 courier/authlib/authmysqlrc.dist create mode 100755 cron.daily/.rcs/logrotate,v create mode 100755 cron.daily/get-checks-from-postfixbuch create mode 100755 cron.daily/logrotate create mode 100755 cron.daily/makewhatis create mode 100755 cron.daily/mlocate create mode 100755 cron.daily/rkhunter create mode 100755 cron.daily/run_reoback.sh create mode 100755 cron.daily/sysstat create mode 100755 cron.hourly/sysstat create mode 100755 cron.monthly/update-pciids create mode 100644 cups/client.conf create mode 100644 cups/cupsd.conf create mode 100644 cups/cupsd.conf.default create mode 100644 cups/snmp.conf create mode 100644 dbus-1/session.conf create mode 100644 dbus-1/system.conf create mode 100644 dbus-1/system.d/cups.conf create mode 100644 default/useradd create mode 100644 eclean/distfiles.exclude create mode 100644 eclean/packages.exclude create mode 100644 elinks/elinks.conf create mode 100644 elinks/keybind-full.sample create mode 100644 elinks/keybind.conf.sample create mode 100644 env.d/00basic create mode 100644 env.d/00glibc create mode 100644 env.d/04multilib create mode 100644 env.d/05binutils create mode 100644 env.d/05gcc-x86_64-pc-linux-gnu create mode 100644 env.d/09sandbox create mode 100644 env.d/10bind create mode 100644 env.d/20java-config create mode 100644 env.d/20php5.3 create mode 100644 env.d/30gnupg create mode 100644 env.d/30xdg-data-local create mode 100644 env.d/37fontconfig create mode 100644 env.d/50gtk2 create mode 100644 env.d/50guile create mode 100644 env.d/50ncurses create mode 100644 env.d/60python-docs-2.7 create mode 100644 env.d/60python-docs-3.1 create mode 100644 env.d/65python-docs create mode 100644 env.d/70less create mode 100644 env.d/80mercurial create mode 100644 env.d/80subversion-extras create mode 100644 env.d/90xdg-data-base create mode 100644 env.d/98ca-certificates create mode 100644 env.d/98texlive create mode 100644 env.d/99editor create mode 100644 env.d/99gentoolkit-env create mode 100644 env.d/binutils/config-x86_64-pc-linux-gnu create mode 100644 env.d/binutils/x86_64-pc-linux-gnu-2.21.1 create mode 120000 env.d/gcc/.NATIVE create mode 100644 env.d/gcc/config-x86_64-pc-linux-gnu create mode 100644 env.d/gcc/x86_64-pc-linux-gnu-4.5.3 create mode 100644 env.d/python/config create mode 120000 eselect/boost/active create mode 100644 fonts/conf.avail/10-autohint.conf create mode 100644 fonts/conf.avail/10-no-sub-pixel.conf create mode 100644 fonts/conf.avail/10-sub-pixel-bgr.conf create mode 100644 fonts/conf.avail/10-sub-pixel-rgb.conf create mode 100644 fonts/conf.avail/10-sub-pixel-vbgr.conf create mode 100644 fonts/conf.avail/10-sub-pixel-vrgb.conf create mode 100644 fonts/conf.avail/10-unhinted.conf create mode 100644 fonts/conf.avail/20-fix-globaladvance.conf create mode 100644 fonts/conf.avail/20-unhint-small-vera.conf create mode 100644 fonts/conf.avail/25-unhint-nonlatin.conf create mode 100644 fonts/conf.avail/30-metric-aliases.conf create mode 100644 fonts/conf.avail/30-urw-aliases.conf create mode 100644 fonts/conf.avail/40-nonlatin.conf create mode 100644 fonts/conf.avail/45-latin.conf create mode 100644 fonts/conf.avail/49-sansserif.conf create mode 100644 fonts/conf.avail/50-user.conf create mode 100644 fonts/conf.avail/51-local.conf create mode 100644 fonts/conf.avail/60-latin.conf create mode 100644 fonts/conf.avail/65-fonts-persian.conf create mode 100644 fonts/conf.avail/65-khmer.conf create mode 100644 fonts/conf.avail/65-nonlatin.conf create mode 100644 fonts/conf.avail/69-unifont.conf create mode 100644 fonts/conf.avail/70-no-bitmaps.conf create mode 100644 fonts/conf.avail/70-yes-bitmaps.conf create mode 100644 fonts/conf.avail/80-delicious.conf create mode 100644 fonts/conf.avail/90-synthetic.conf create mode 120000 fonts/conf.d/20-fix-globaladvance.conf create mode 120000 fonts/conf.d/20-unhint-small-vera.conf create mode 120000 fonts/conf.d/30-metric-aliases.conf create mode 120000 fonts/conf.d/30-urw-aliases.conf create mode 120000 fonts/conf.d/40-nonlatin.conf create mode 120000 fonts/conf.d/45-latin.conf create mode 120000 fonts/conf.d/49-sansserif.conf create mode 120000 fonts/conf.d/50-user.conf create mode 120000 fonts/conf.d/51-local.conf create mode 120000 fonts/conf.d/60-latin.conf create mode 120000 fonts/conf.d/65-fonts-persian.conf create mode 120000 fonts/conf.d/65-nonlatin.conf create mode 120000 fonts/conf.d/69-unifont.conf create mode 120000 fonts/conf.d/80-delicious.conf create mode 120000 fonts/conf.d/90-synthetic.conf create mode 100644 fonts/conf.d/README create mode 100644 fonts/fonts.conf create mode 100644 fonts/fonts.dtd create mode 100644 gpm/gpm-root.conf create mode 100644 gpm/gpm-syn.conf create mode 100644 gpm/gpm-twiddler.conf create mode 100644 gtk-2.0/gtkrc create mode 100644 gtk-2.0/im-multipress.conf create mode 100644 gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules create mode 100755 init.d/.rcs/books-prod-fcgi,v create mode 100755 init.d/amavisd create mode 100755 init.d/apache2 create mode 100755 init.d/atd create mode 100755 init.d/auditd create mode 100755 init.d/autofs create mode 100755 init.d/books-prod-fcgi create mode 100755 init.d/bootmisc create mode 100755 init.d/clamd create mode 100755 init.d/consolefont create mode 100755 init.d/courier-authlib create mode 100755 init.d/courier-imapd create mode 100755 init.d/courier-imapd-ssl create mode 100755 init.d/courier-pop3d create mode 100755 init.d/courier-pop3d-ssl create mode 100755 init.d/crypto-loop create mode 100755 init.d/cupsd create mode 100755 init.d/dbus create mode 100755 init.d/devfs create mode 100755 init.d/device-mapper create mode 100755 init.d/dhcpcd create mode 100755 init.d/dmesg create mode 100755 init.d/dmeventd create mode 100755 init.d/fancontrol create mode 100755 init.d/fsck create mode 120000 init.d/functions.sh create mode 100755 init.d/git-daemon create mode 100755 init.d/gpm create mode 100755 init.d/hostname create mode 100755 init.d/hwclock create mode 100755 init.d/ip6tables create mode 100755 init.d/iperf create mode 100755 init.d/iptables create mode 100755 init.d/keymaps create mode 100755 init.d/killprocs create mode 100755 init.d/lm_sensors create mode 100755 init.d/local create mode 100755 init.d/localmount create mode 100755 init.d/lvm create mode 100755 init.d/lvm-monitoring create mode 100755 init.d/mdadm create mode 100755 init.d/mdev create mode 100755 init.d/mdraid create mode 100755 init.d/mit-krb5kadmind create mode 100755 init.d/mit-krb5kdc create mode 100755 init.d/mit-krb5kpropd create mode 100755 init.d/modules create mode 100755 init.d/mount-ro create mode 100755 init.d/mtab create mode 100755 init.d/mysql create mode 100755 init.d/mysqlmanager create mode 100755 init.d/nagios create mode 100755 init.d/named create mode 100755 init.d/ndo2db create mode 120000 init.d/net.eth0 create mode 100755 init.d/net.lo create mode 100755 init.d/netmount create mode 100755 init.d/network create mode 100755 init.d/nrpe create mode 100755 init.d/nscd create mode 100755 init.d/ntp-client create mode 100755 init.d/ntpd create mode 100755 init.d/numlock create mode 100755 init.d/pciparm create mode 100755 init.d/php-fpm create mode 100755 init.d/policyd-weight create mode 100755 init.d/portmap create mode 100755 init.d/postfix create mode 100755 init.d/postgrey create mode 100755 init.d/procfs create mode 100755 init.d/proftpd create mode 100755 init.d/pwcheck create mode 100755 init.d/pydoc-2.7 create mode 100755 init.d/pydoc-3.1 create mode 100755 init.d/quota create mode 100755 init.d/reboot.sh create mode 100755 init.d/root create mode 100755 init.d/rpc.rquotad create mode 100755 init.d/rsyncd create mode 100755 init.d/samba create mode 100755 init.d/saslauthd create mode 100755 init.d/savecache create mode 100755 init.d/shutdown.sh create mode 100755 init.d/slapd create mode 100755 init.d/smartd create mode 100755 init.d/snmpd create mode 100755 init.d/snmptrapd create mode 100755 init.d/spamd create mode 100755 init.d/sshd create mode 100755 init.d/staticroute create mode 100755 init.d/svnserve create mode 100755 init.d/swap create mode 100755 init.d/swclock create mode 100755 init.d/sysctl create mode 100755 init.d/sysfs create mode 100755 init.d/syslog-ng create mode 100755 init.d/sysstat create mode 100755 init.d/teamspeak3-server create mode 100755 init.d/termencoding create mode 100755 init.d/twistd create mode 100755 init.d/udev create mode 100755 init.d/udev-dev-tarball create mode 100755 init.d/udev-mount create mode 100755 init.d/udev-postmount create mode 100755 init.d/ulogd create mode 100755 init.d/urandom create mode 100755 init.d/vixie-cron create mode 100644 iproute2/ematch_map create mode 100644 iproute2/rt_dsfield create mode 100644 iproute2/rt_protos create mode 100644 iproute2/rt_realms create mode 100644 iproute2/rt_scopes create mode 100644 iproute2/rt_tables create mode 100644 java-config-2/build/compilers.conf create mode 100644 java-config-2/build/jdk.conf create mode 120000 java-config-2/current-system-vm create mode 100644 java-config-2/virtuals create mode 100644 kernel-config/config-2.6.34-gentoo-r12-00 create mode 100644 kernel-config/config-2.6.36-gentoo-r5-00 create mode 100644 kernel-config/config-2.6.37-00 create mode 100644 kernel-config/config-2.6.37-gentoo-r4-00 create mode 100644 kernel-config/config-2.6.38-gentoo-r6-00 create mode 100644 kernel-config/config-2.6.39-gentoo-r3-00 create mode 100644 kernel-config/config-3.0.6-gentoo-00 create mode 100644 layman/layman.cfg create mode 100644 ld.so.conf.d/05binutils.conf create mode 100644 lftp/lftp.conf create mode 100644 local.d/README create mode 100755 local.d/baselayout1.start create mode 100755 local.d/baselayout1.stop create mode 100644 logrotate.d/.rcs/apache2,v create mode 100644 logrotate.d/.rcs/clamav,v create mode 100644 logrotate.d/.rcs/elog-save-summary,v create mode 100644 logrotate.d/.rcs/mysql,v create mode 100644 logrotate.d/.rcs/named,v create mode 100644 logrotate.d/.rcs/rsyncd,v create mode 100644 logrotate.d/.rcs/syslog-ng,v create mode 100644 logrotate.d/.rcs/ulogd,v create mode 100644 logrotate.d/apache2 create mode 100644 logrotate.d/clamav create mode 100644 logrotate.d/elog-save-summary create mode 100644 logrotate.d/mysql create mode 100644 logrotate.d/named create mode 100644 logrotate.d/openrc create mode 100644 logrotate.d/rsyncd create mode 100644 logrotate.d/syslog-ng create mode 100644 logrotate.d/ulogd create mode 100644 lvm/archive/vg0_00000.vg create mode 100644 lvm/archive/vg0_00001.vg create mode 100644 lvm/archive/vg0_00002.vg create mode 100644 lvm/backup/vg0 create mode 100644 lvm/cache/.cache create mode 100644 lvm/lvm.conf create mode 120000 mail/aliases create mode 100644 mail/aliases.dont_use create mode 100644 mail/spamassassin/init.pre create mode 100644 mail/spamassassin/local.cf create mode 100644 mail/spamassassin/local.cf.example create mode 100644 mail/spamassassin/sa-update-keys/pubring.gpg create mode 100644 mail/spamassassin/sa-update-keys/pubring.gpg~ create mode 100644 mail/spamassassin/sa-update-keys/secring.gpg create mode 100644 mail/spamassassin/sa-update-keys/trustdb.gpg create mode 100644 mail/spamassassin/secrets.cf.example create mode 100644 mail/spamassassin/v310.pre create mode 100644 mail/spamassassin/v312.pre create mode 100644 mail/spamassassin/v320.pre create mode 100644 mail/spamassassin/v330.pre create mode 100644 mc/cedit.menu create mode 100644 mc/edit.indent.rc create mode 100644 mc/edit.spell.rc create mode 100644 mc/filehighlight.ini create mode 100644 mc/mc.ext create mode 100644 mc/mc.keymap create mode 100644 mc/mc.keymap.default create mode 100644 mc/mc.keymap.emacs create mode 100644 mc/mc.menu create mode 100644 mc/mc.menu.sr create mode 100644 mc/sfs.ini create mode 100644 mdadm.conf create mode 100644 modprobe.d/aliases.conf create mode 100644 modprobe.d/blacklist.conf create mode 100644 modprobe.d/i386.conf create mode 100644 modprobe.d/pnp-aliases.conf create mode 100644 modprobe.d/usb-load-ehci-first.conf create mode 100644 mutt/Muttrc create mode 100644 mutt/Muttrc.dist create mode 120000 mutt/mime.types create mode 100644 mutt/mime.types.dist create mode 100644 mysql/.rcs/my.cnf,v create mode 100644 mysql/.rcs/my.cnf.orig,v create mode 100644 mysql/my.cnf create mode 100644 mysql/my.cnf.orig create mode 100644 mysql/mysqlaccess.conf create mode 100644 nagios/cgi.cfg create mode 100644 nagios/nagios.cfg create mode 100644 nagios/ndo2db.cfg create mode 100644 nagios/ndomod.cfg create mode 100644 nagios/nrpe.cfg create mode 100644 nagios/objects/commands.cfg create mode 100644 nagios/objects/contacts.cfg create mode 100644 nagios/objects/localhost.cfg create mode 100644 nagios/objects/printer.cfg create mode 100644 nagios/objects/switch.cfg create mode 100644 nagios/objects/templates.cfg create mode 100644 nagios/objects/timeperiods.cfg create mode 100644 nagios/objects/windows.cfg create mode 100644 nagios/resource.cfg create mode 100644 openldap/.rcs/ldap.conf,v create mode 100644 openldap/.rcs/slapd.conf,v create mode 100644 openldap/DB_CONFIG.example create mode 100644 openldap/ldap.conf create mode 100644 openldap/ldap.conf.default create mode 100644 openldap/schema/.rcs/amavisd-new.schema,v create mode 100644 openldap/schema/.rcs/authldap.schema,v create mode 100644 openldap/schema/.rcs/collective.schema,v create mode 100644 openldap/schema/.rcs/corba.schema,v create mode 100644 openldap/schema/.rcs/core.schema,v create mode 100644 openldap/schema/.rcs/cosine.schema,v create mode 100644 openldap/schema/.rcs/duaconf.schema,v create mode 100644 openldap/schema/.rcs/dyngroup.schema,v create mode 100644 openldap/schema/.rcs/evolutionperson.schema,v create mode 100644 openldap/schema/.rcs/extension.schema,v create mode 100644 openldap/schema/.rcs/inetorgperson.schema,v create mode 100644 openldap/schema/.rcs/java.schema,v create mode 100644 openldap/schema/.rcs/kerberos.schema,v create mode 100644 openldap/schema/.rcs/misc.schema,v create mode 100644 openldap/schema/.rcs/mozilla.schema,v create mode 100644 openldap/schema/.rcs/mozillaorg.schema,v create mode 100644 openldap/schema/.rcs/nis.schema,v create mode 100644 openldap/schema/.rcs/openldap.schema,v create mode 100644 openldap/schema/.rcs/openssh.schema,v create mode 100644 openldap/schema/.rcs/pmi.schema,v create mode 100644 openldap/schema/.rcs/ppolicy.schema,v create mode 100644 openldap/schema/.rcs/quota.schema,v create mode 100644 openldap/schema/.rcs/samba.schema,v create mode 100644 openldap/schema/README create mode 100644 openldap/schema/amavisd-new.schema create mode 100644 openldap/schema/authldap.schema create mode 100644 openldap/schema/authldap.schema.default create mode 100644 openldap/schema/collective.schema create mode 100644 openldap/schema/collective.schema.default create mode 100644 openldap/schema/corba.schema create mode 100644 openldap/schema/corba.schema.default create mode 100644 openldap/schema/core.ldif create mode 100644 openldap/schema/core.schema create mode 100644 openldap/schema/core.schema.default create mode 100644 openldap/schema/cosine.ldif create mode 100644 openldap/schema/cosine.schema create mode 100644 openldap/schema/cosine.schema.default create mode 100644 openldap/schema/duaconf.schema create mode 100644 openldap/schema/duaconf.schema.default create mode 100644 openldap/schema/dyngroup.ldif create mode 100644 openldap/schema/dyngroup.schema create mode 100644 openldap/schema/dyngroup.schema.default create mode 100644 openldap/schema/evolutionperson.schema create mode 100644 openldap/schema/extension.schema create mode 100644 openldap/schema/inetorgperson.ldif create mode 100644 openldap/schema/inetorgperson.schema create mode 100644 openldap/schema/inetorgperson.schema.default create mode 100644 openldap/schema/java.schema create mode 100644 openldap/schema/java.schema.default create mode 100644 openldap/schema/kerberos.schema create mode 100644 openldap/schema/misc.schema create mode 100644 openldap/schema/misc.schema.default create mode 100644 openldap/schema/mozilla.schema.old create mode 100644 openldap/schema/mozillaorg.schema create mode 100644 openldap/schema/mozillaorg.schema.default create mode 100644 openldap/schema/nis.ldif create mode 100644 openldap/schema/nis.schema create mode 100644 openldap/schema/nis.schema.default create mode 100644 openldap/schema/openldap.ldif create mode 100644 openldap/schema/openldap.schema create mode 100644 openldap/schema/openldap.schema.default create mode 100644 openldap/schema/openssh.schema create mode 100644 openldap/schema/pmi.schema create mode 100644 openldap/schema/pmi.schema.default create mode 100644 openldap/schema/ppolicy.schema create mode 100644 openldap/schema/ppolicy.schema.default create mode 100644 openldap/schema/quota.schema create mode 100644 openldap/schema/samba.schema create mode 100644 openldap/slapd.conf create mode 100644 openldap/slapd.conf.default create mode 100644 openldap/ssl.orig/ldap.crt create mode 100644 openldap/ssl.orig/ldap.csr create mode 100644 openldap/ssl.orig/ldap.key create mode 100644 openldap/ssl.orig/ldap.pem create mode 100644 openldap/ssl/ca.rnd create mode 100755 openldap/ssl/gencert.sh create mode 100644 openldap/ssl/ldap.cfg create mode 100644 openldap/ssl/ldap.crt create mode 100644 openldap/ssl/ldap.csr create mode 100644 openldap/ssl/ldap.key create mode 100644 openldap/ssl/ldap.pem create mode 100644 openldap/ssl/ldap.pem.orig create mode 100644 openldap/ssl/ldap.pem.sarah create mode 100644 pam.d/atd create mode 100644 pam.d/chage create mode 100644 pam.d/chfn create mode 100644 pam.d/chgpasswd create mode 100644 pam.d/chpasswd create mode 100644 pam.d/chsh create mode 100644 pam.d/cron create mode 100644 pam.d/cups create mode 100644 pam.d/cvs create mode 100644 pam.d/ftp create mode 100644 pam.d/groupadd create mode 100644 pam.d/groupdel create mode 100644 pam.d/groupmems create mode 100644 pam.d/groupmod create mode 100644 pam.d/imap create mode 120000 pam.d/imap4 create mode 120000 pam.d/imap4s create mode 120000 pam.d/imaps create mode 100644 pam.d/login create mode 100644 pam.d/newusers create mode 100644 pam.d/other create mode 100644 pam.d/passwd create mode 100644 pam.d/pop create mode 120000 pam.d/pop3 create mode 120000 pam.d/pop3s create mode 120000 pam.d/pops create mode 100644 pam.d/samba create mode 100644 pam.d/saslauthd create mode 100644 pam.d/screen create mode 100644 pam.d/shadow create mode 100644 pam.d/smtp create mode 100644 pam.d/sshd create mode 100644 pam.d/start-stop-daemon create mode 100644 pam.d/su create mode 100644 pam.d/sudo create mode 100644 pam.d/system-auth create mode 100644 pam.d/system-local-login create mode 100644 pam.d/system-login create mode 100644 pam.d/system-remote-login create mode 100644 pam.d/system-services create mode 100644 pam.d/useradd create mode 100644 pam.d/userdel create mode 100644 pam.d/usermod create mode 100644 pango/pangox.aliases create mode 100644 pango/x86_64-pc-linux-gnu/pango.modules create mode 100644 php/apache2-php5.3/.rcs/php.ini,v create mode 100644 php/apache2-php5.3/.rcs/php.ini.orig,v create mode 120000 php/apache2-php5.3/ext-active/apc.ini create mode 120000 php/apache2-php5.3/ext-active/bcmath.ini create mode 120000 php/apache2-php5.3/ext-active/bz2.ini create mode 120000 php/apache2-php5.3/ext-active/calendar.ini create mode 120000 php/apache2-php5.3/ext-active/crack.ini create mode 120000 php/apache2-php5.3/ext-active/curl.ini create mode 120000 php/apache2-php5.3/ext-active/dba.ini create mode 120000 php/apache2-php5.3/ext-active/enchant.ini create mode 120000 php/apache2-php5.3/ext-active/exif.ini create mode 120000 php/apache2-php5.3/ext-active/ftp.ini create mode 120000 php/apache2-php5.3/ext-active/gd.ini create mode 120000 php/apache2-php5.3/ext-active/gettext.ini create mode 120000 php/apache2-php5.3/ext-active/gmp.ini create mode 120000 php/apache2-php5.3/ext-active/http.ini create mode 120000 php/apache2-php5.3/ext-active/imagick.ini create mode 120000 php/apache2-php5.3/ext-active/imap.ini create mode 120000 php/apache2-php5.3/ext-active/intl.ini create mode 120000 php/apache2-php5.3/ext-active/ldap.ini create mode 120000 php/apache2-php5.3/ext-active/mailparse.ini create mode 120000 php/apache2-php5.3/ext-active/mbstring.ini create mode 120000 php/apache2-php5.3/ext-active/mcrypt.ini create mode 120000 php/apache2-php5.3/ext-active/mysql.ini create mode 120000 php/apache2-php5.3/ext-active/mysqli.ini create mode 120000 php/apache2-php5.3/ext-active/odbc.ini create mode 120000 php/apache2-php5.3/ext-active/pcntl.ini create mode 120000 php/apache2-php5.3/ext-active/pspell.ini create mode 120000 php/apache2-php5.3/ext-active/snmp.ini create mode 120000 php/apache2-php5.3/ext-active/soap.ini create mode 120000 php/apache2-php5.3/ext-active/sockets.ini create mode 120000 php/apache2-php5.3/ext-active/sysvmsg.ini create mode 120000 php/apache2-php5.3/ext-active/sysvsem.ini create mode 120000 php/apache2-php5.3/ext-active/sysvshm.ini create mode 120000 php/apache2-php5.3/ext-active/tidy.ini create mode 120000 php/apache2-php5.3/ext-active/wddx.ini create mode 120000 php/apache2-php5.3/ext-active/xmlrpc.ini create mode 120000 php/apache2-php5.3/ext-active/xsl.ini create mode 120000 php/apache2-php5.3/ext-active/zip.ini create mode 120000 php/apache2-php5.3/ext-active/zlib.ini create mode 100644 php/apache2-php5.3/ext/apc.ini create mode 100644 php/apache2-php5.3/ext/bcmath.ini create mode 100644 php/apache2-php5.3/ext/bz2.ini create mode 100644 php/apache2-php5.3/ext/calendar.ini create mode 100644 php/apache2-php5.3/ext/crack.ini create mode 100644 php/apache2-php5.3/ext/curl.ini create mode 100644 php/apache2-php5.3/ext/dba.ini create mode 100644 php/apache2-php5.3/ext/enchant.ini create mode 100644 php/apache2-php5.3/ext/exif.ini create mode 100644 php/apache2-php5.3/ext/ftp.ini create mode 100644 php/apache2-php5.3/ext/gd.ini create mode 100644 php/apache2-php5.3/ext/gettext.ini create mode 100644 php/apache2-php5.3/ext/gmp.ini create mode 100644 php/apache2-php5.3/ext/http.ini create mode 100644 php/apache2-php5.3/ext/imagick.ini create mode 100644 php/apache2-php5.3/ext/imap.ini create mode 100644 php/apache2-php5.3/ext/intl.ini create mode 100644 php/apache2-php5.3/ext/ldap.ini create mode 100644 php/apache2-php5.3/ext/mailparse.ini create mode 100644 php/apache2-php5.3/ext/mbstring.ini create mode 100644 php/apache2-php5.3/ext/mcrypt.ini create mode 100644 php/apache2-php5.3/ext/mysql.ini create mode 100644 php/apache2-php5.3/ext/mysqli.ini create mode 100644 php/apache2-php5.3/ext/odbc.ini create mode 100644 php/apache2-php5.3/ext/pcntl.ini create mode 100644 php/apache2-php5.3/ext/pspell.ini create mode 100644 php/apache2-php5.3/ext/snmp.ini create mode 100644 php/apache2-php5.3/ext/soap.ini create mode 100644 php/apache2-php5.3/ext/sockets.ini create mode 100644 php/apache2-php5.3/ext/sysvmsg.ini create mode 100644 php/apache2-php5.3/ext/sysvsem.ini create mode 100644 php/apache2-php5.3/ext/sysvshm.ini create mode 100644 php/apache2-php5.3/ext/tidy.ini create mode 100644 php/apache2-php5.3/ext/wddx.ini create mode 100644 php/apache2-php5.3/ext/xmlrpc.ini create mode 100644 php/apache2-php5.3/ext/xsl.ini create mode 100644 php/apache2-php5.3/ext/zip.ini create mode 100644 php/apache2-php5.3/ext/zlib.ini create mode 100644 php/apache2-php5.3/php.ini create mode 100644 php/apache2-php5.3/php.ini.orig create mode 100644 php/apache2-php5/.rcs/php.ini,v create mode 100644 php/apache2-php5/.rcs/php.ini.orig,v create mode 100644 php/apache2-php5/ext/apc.ini create mode 100644 php/apache2-php5/php.ini create mode 100644 php/apache2-php5/php.ini.orig create mode 120000 php/cgi-php5.3/ext-active/apc.ini create mode 120000 php/cgi-php5.3/ext-active/bcmath.ini create mode 120000 php/cgi-php5.3/ext-active/bz2.ini create mode 120000 php/cgi-php5.3/ext-active/calendar.ini create mode 120000 php/cgi-php5.3/ext-active/crack.ini create mode 120000 php/cgi-php5.3/ext-active/curl.ini create mode 120000 php/cgi-php5.3/ext-active/dba.ini create mode 120000 php/cgi-php5.3/ext-active/enchant.ini create mode 120000 php/cgi-php5.3/ext-active/exif.ini create mode 120000 php/cgi-php5.3/ext-active/ftp.ini create mode 120000 php/cgi-php5.3/ext-active/gd.ini create mode 120000 php/cgi-php5.3/ext-active/gettext.ini create mode 120000 php/cgi-php5.3/ext-active/gmp.ini create mode 120000 php/cgi-php5.3/ext-active/http.ini create mode 120000 php/cgi-php5.3/ext-active/imagick.ini create mode 120000 php/cgi-php5.3/ext-active/imap.ini create mode 120000 php/cgi-php5.3/ext-active/intl.ini create mode 120000 php/cgi-php5.3/ext-active/ldap.ini create mode 120000 php/cgi-php5.3/ext-active/mailparse.ini create mode 120000 php/cgi-php5.3/ext-active/mbstring.ini create mode 120000 php/cgi-php5.3/ext-active/mcrypt.ini create mode 120000 php/cgi-php5.3/ext-active/mysql.ini create mode 120000 php/cgi-php5.3/ext-active/mysqli.ini create mode 120000 php/cgi-php5.3/ext-active/odbc.ini create mode 120000 php/cgi-php5.3/ext-active/pcntl.ini create mode 120000 php/cgi-php5.3/ext-active/pspell.ini create mode 120000 php/cgi-php5.3/ext-active/snmp.ini create mode 120000 php/cgi-php5.3/ext-active/soap.ini create mode 120000 php/cgi-php5.3/ext-active/sockets.ini create mode 120000 php/cgi-php5.3/ext-active/sysvmsg.ini create mode 120000 php/cgi-php5.3/ext-active/sysvsem.ini create mode 120000 php/cgi-php5.3/ext-active/sysvshm.ini create mode 120000 php/cgi-php5.3/ext-active/tidy.ini create mode 120000 php/cgi-php5.3/ext-active/wddx.ini create mode 120000 php/cgi-php5.3/ext-active/xmlrpc.ini create mode 120000 php/cgi-php5.3/ext-active/xsl.ini create mode 120000 php/cgi-php5.3/ext-active/zip.ini create mode 120000 php/cgi-php5.3/ext-active/zlib.ini create mode 100644 php/cgi-php5.3/ext/apc.ini create mode 100644 php/cgi-php5.3/ext/bcmath.ini create mode 100644 php/cgi-php5.3/ext/bz2.ini create mode 100644 php/cgi-php5.3/ext/calendar.ini create mode 100644 php/cgi-php5.3/ext/crack.ini create mode 100644 php/cgi-php5.3/ext/curl.ini create mode 100644 php/cgi-php5.3/ext/dba.ini create mode 100644 php/cgi-php5.3/ext/enchant.ini create mode 100644 php/cgi-php5.3/ext/exif.ini create mode 100644 php/cgi-php5.3/ext/ftp.ini create mode 100644 php/cgi-php5.3/ext/gd.ini create mode 100644 php/cgi-php5.3/ext/gettext.ini create mode 100644 php/cgi-php5.3/ext/gmp.ini create mode 100644 php/cgi-php5.3/ext/http.ini create mode 100644 php/cgi-php5.3/ext/imagick.ini create mode 100644 php/cgi-php5.3/ext/imap.ini create mode 100644 php/cgi-php5.3/ext/intl.ini create mode 100644 php/cgi-php5.3/ext/ldap.ini create mode 100644 php/cgi-php5.3/ext/mailparse.ini create mode 100644 php/cgi-php5.3/ext/mbstring.ini create mode 100644 php/cgi-php5.3/ext/mcrypt.ini create mode 100644 php/cgi-php5.3/ext/mysql.ini create mode 100644 php/cgi-php5.3/ext/mysqli.ini create mode 100644 php/cgi-php5.3/ext/odbc.ini create mode 100644 php/cgi-php5.3/ext/pcntl.ini create mode 100644 php/cgi-php5.3/ext/pspell.ini create mode 100644 php/cgi-php5.3/ext/snmp.ini create mode 100644 php/cgi-php5.3/ext/soap.ini create mode 100644 php/cgi-php5.3/ext/sockets.ini create mode 100644 php/cgi-php5.3/ext/sysvmsg.ini create mode 100644 php/cgi-php5.3/ext/sysvsem.ini create mode 100644 php/cgi-php5.3/ext/sysvshm.ini create mode 100644 php/cgi-php5.3/ext/tidy.ini create mode 100644 php/cgi-php5.3/ext/wddx.ini create mode 100644 php/cgi-php5.3/ext/xmlrpc.ini create mode 100644 php/cgi-php5.3/ext/xsl.ini create mode 100644 php/cgi-php5.3/ext/zip.ini create mode 100644 php/cgi-php5.3/ext/zlib.ini create mode 100644 php/cgi-php5.3/php.ini create mode 100644 php/cli-php5.3/.rcs/php.ini,v create mode 100644 php/cli-php5.3/.rcs/php.ini.orig,v create mode 120000 php/cli-php5.3/ext-active/apc.ini create mode 120000 php/cli-php5.3/ext-active/bcmath.ini create mode 120000 php/cli-php5.3/ext-active/bz2.ini create mode 120000 php/cli-php5.3/ext-active/calendar.ini create mode 120000 php/cli-php5.3/ext-active/crack.ini create mode 120000 php/cli-php5.3/ext-active/curl.ini create mode 120000 php/cli-php5.3/ext-active/dba.ini create mode 120000 php/cli-php5.3/ext-active/enchant.ini create mode 120000 php/cli-php5.3/ext-active/exif.ini create mode 120000 php/cli-php5.3/ext-active/ftp.ini create mode 120000 php/cli-php5.3/ext-active/gd.ini create mode 120000 php/cli-php5.3/ext-active/gettext.ini create mode 120000 php/cli-php5.3/ext-active/gmp.ini create mode 120000 php/cli-php5.3/ext-active/http.ini create mode 120000 php/cli-php5.3/ext-active/imagick.ini create mode 120000 php/cli-php5.3/ext-active/imap.ini create mode 120000 php/cli-php5.3/ext-active/intl.ini create mode 120000 php/cli-php5.3/ext-active/ldap.ini create mode 120000 php/cli-php5.3/ext-active/mailparse.ini create mode 120000 php/cli-php5.3/ext-active/mbstring.ini create mode 120000 php/cli-php5.3/ext-active/mcrypt.ini create mode 120000 php/cli-php5.3/ext-active/mysql.ini create mode 120000 php/cli-php5.3/ext-active/mysqli.ini create mode 120000 php/cli-php5.3/ext-active/odbc.ini create mode 120000 php/cli-php5.3/ext-active/pcntl.ini create mode 120000 php/cli-php5.3/ext-active/pspell.ini create mode 120000 php/cli-php5.3/ext-active/snmp.ini create mode 120000 php/cli-php5.3/ext-active/soap.ini create mode 120000 php/cli-php5.3/ext-active/sockets.ini create mode 120000 php/cli-php5.3/ext-active/sysvmsg.ini create mode 120000 php/cli-php5.3/ext-active/sysvsem.ini create mode 120000 php/cli-php5.3/ext-active/sysvshm.ini create mode 120000 php/cli-php5.3/ext-active/tidy.ini create mode 120000 php/cli-php5.3/ext-active/wddx.ini create mode 120000 php/cli-php5.3/ext-active/xmlrpc.ini create mode 120000 php/cli-php5.3/ext-active/xsl.ini create mode 120000 php/cli-php5.3/ext-active/zip.ini create mode 120000 php/cli-php5.3/ext-active/zlib.ini create mode 100644 php/cli-php5.3/ext/apc.ini create mode 100644 php/cli-php5.3/ext/bcmath.ini create mode 100644 php/cli-php5.3/ext/bz2.ini create mode 100644 php/cli-php5.3/ext/calendar.ini create mode 100644 php/cli-php5.3/ext/crack.ini create mode 100644 php/cli-php5.3/ext/curl.ini create mode 100644 php/cli-php5.3/ext/dba.ini create mode 100644 php/cli-php5.3/ext/enchant.ini create mode 100644 php/cli-php5.3/ext/exif.ini create mode 100644 php/cli-php5.3/ext/ftp.ini create mode 100644 php/cli-php5.3/ext/gd.ini create mode 100644 php/cli-php5.3/ext/gettext.ini create mode 100644 php/cli-php5.3/ext/gmp.ini create mode 100644 php/cli-php5.3/ext/http.ini create mode 100644 php/cli-php5.3/ext/imagick.ini create mode 100644 php/cli-php5.3/ext/imap.ini create mode 100644 php/cli-php5.3/ext/intl.ini create mode 100644 php/cli-php5.3/ext/ldap.ini create mode 100644 php/cli-php5.3/ext/mailparse.ini create mode 100644 php/cli-php5.3/ext/mbstring.ini create mode 100644 php/cli-php5.3/ext/mcrypt.ini create mode 100644 php/cli-php5.3/ext/mysql.ini create mode 100644 php/cli-php5.3/ext/mysqli.ini create mode 100644 php/cli-php5.3/ext/odbc.ini create mode 100644 php/cli-php5.3/ext/pcntl.ini create mode 100644 php/cli-php5.3/ext/pspell.ini create mode 100644 php/cli-php5.3/ext/snmp.ini create mode 100644 php/cli-php5.3/ext/soap.ini create mode 100644 php/cli-php5.3/ext/sockets.ini create mode 100644 php/cli-php5.3/ext/sysvmsg.ini create mode 100644 php/cli-php5.3/ext/sysvsem.ini create mode 100644 php/cli-php5.3/ext/sysvshm.ini create mode 100644 php/cli-php5.3/ext/tidy.ini create mode 100644 php/cli-php5.3/ext/wddx.ini create mode 100644 php/cli-php5.3/ext/xmlrpc.ini create mode 100644 php/cli-php5.3/ext/xsl.ini create mode 100644 php/cli-php5.3/ext/zip.ini create mode 100644 php/cli-php5.3/ext/zlib.ini create mode 100644 php/cli-php5.3/php.ini create mode 100644 php/cli-php5.3/php.ini.orig create mode 100644 php/cli-php5/.rcs/php.ini,v create mode 100644 php/cli-php5/.rcs/php.ini.orig,v create mode 100644 php/cli-php5/php.ini create mode 100644 php/cli-php5/php.ini.orig create mode 120000 php/embed-php5.3/ext-active/bcmath.ini create mode 120000 php/embed-php5.3/ext-active/bz2.ini create mode 120000 php/embed-php5.3/ext-active/calendar.ini create mode 120000 php/embed-php5.3/ext-active/curl.ini create mode 120000 php/embed-php5.3/ext-active/dba.ini create mode 120000 php/embed-php5.3/ext-active/enchant.ini create mode 120000 php/embed-php5.3/ext-active/exif.ini create mode 120000 php/embed-php5.3/ext-active/ftp.ini create mode 120000 php/embed-php5.3/ext-active/gd.ini create mode 120000 php/embed-php5.3/ext-active/gettext.ini create mode 120000 php/embed-php5.3/ext-active/gmp.ini create mode 120000 php/embed-php5.3/ext-active/imap.ini create mode 120000 php/embed-php5.3/ext-active/intl.ini create mode 120000 php/embed-php5.3/ext-active/ldap.ini create mode 120000 php/embed-php5.3/ext-active/mbstring.ini create mode 120000 php/embed-php5.3/ext-active/mcrypt.ini create mode 120000 php/embed-php5.3/ext-active/mysql.ini create mode 120000 php/embed-php5.3/ext-active/mysqli.ini create mode 120000 php/embed-php5.3/ext-active/odbc.ini create mode 120000 php/embed-php5.3/ext-active/pcntl.ini create mode 120000 php/embed-php5.3/ext-active/pspell.ini create mode 120000 php/embed-php5.3/ext-active/snmp.ini create mode 120000 php/embed-php5.3/ext-active/soap.ini create mode 120000 php/embed-php5.3/ext-active/sockets.ini create mode 120000 php/embed-php5.3/ext-active/sysvmsg.ini create mode 120000 php/embed-php5.3/ext-active/sysvsem.ini create mode 120000 php/embed-php5.3/ext-active/sysvshm.ini create mode 120000 php/embed-php5.3/ext-active/tidy.ini create mode 120000 php/embed-php5.3/ext-active/wddx.ini create mode 120000 php/embed-php5.3/ext-active/xmlrpc.ini create mode 120000 php/embed-php5.3/ext-active/xsl.ini create mode 120000 php/embed-php5.3/ext-active/zip.ini create mode 120000 php/embed-php5.3/ext-active/zlib.ini create mode 100644 php/embed-php5.3/ext/bcmath.ini create mode 100644 php/embed-php5.3/ext/bz2.ini create mode 100644 php/embed-php5.3/ext/calendar.ini create mode 100644 php/embed-php5.3/ext/curl.ini create mode 100644 php/embed-php5.3/ext/dba.ini create mode 100644 php/embed-php5.3/ext/enchant.ini create mode 100644 php/embed-php5.3/ext/exif.ini create mode 100644 php/embed-php5.3/ext/ftp.ini create mode 100644 php/embed-php5.3/ext/gd.ini create mode 100644 php/embed-php5.3/ext/gettext.ini create mode 100644 php/embed-php5.3/ext/gmp.ini create mode 100644 php/embed-php5.3/ext/imap.ini create mode 100644 php/embed-php5.3/ext/intl.ini create mode 100644 php/embed-php5.3/ext/ldap.ini create mode 100644 php/embed-php5.3/ext/mbstring.ini create mode 100644 php/embed-php5.3/ext/mcrypt.ini create mode 100644 php/embed-php5.3/ext/mysql.ini create mode 100644 php/embed-php5.3/ext/mysqli.ini create mode 100644 php/embed-php5.3/ext/odbc.ini create mode 100644 php/embed-php5.3/ext/pcntl.ini create mode 100644 php/embed-php5.3/ext/pspell.ini create mode 100644 php/embed-php5.3/ext/snmp.ini create mode 100644 php/embed-php5.3/ext/soap.ini create mode 100644 php/embed-php5.3/ext/sockets.ini create mode 100644 php/embed-php5.3/ext/sysvmsg.ini create mode 100644 php/embed-php5.3/ext/sysvsem.ini create mode 100644 php/embed-php5.3/ext/sysvshm.ini create mode 100644 php/embed-php5.3/ext/tidy.ini create mode 100644 php/embed-php5.3/ext/wddx.ini create mode 100644 php/embed-php5.3/ext/xmlrpc.ini create mode 100644 php/embed-php5.3/ext/xsl.ini create mode 100644 php/embed-php5.3/ext/zip.ini create mode 100644 php/embed-php5.3/ext/zlib.ini create mode 100644 php/embed-php5.3/php.ini create mode 120000 php/fpm-php5.3/ext-active/apc.ini create mode 120000 php/fpm-php5.3/ext-active/bcmath.ini create mode 120000 php/fpm-php5.3/ext-active/bz2.ini create mode 120000 php/fpm-php5.3/ext-active/calendar.ini create mode 120000 php/fpm-php5.3/ext-active/crack.ini create mode 120000 php/fpm-php5.3/ext-active/curl.ini create mode 120000 php/fpm-php5.3/ext-active/dba.ini create mode 120000 php/fpm-php5.3/ext-active/enchant.ini create mode 120000 php/fpm-php5.3/ext-active/exif.ini create mode 120000 php/fpm-php5.3/ext-active/ftp.ini create mode 120000 php/fpm-php5.3/ext-active/gd.ini create mode 120000 php/fpm-php5.3/ext-active/gettext.ini create mode 120000 php/fpm-php5.3/ext-active/gmp.ini create mode 120000 php/fpm-php5.3/ext-active/http.ini create mode 120000 php/fpm-php5.3/ext-active/imagick.ini create mode 120000 php/fpm-php5.3/ext-active/imap.ini create mode 120000 php/fpm-php5.3/ext-active/intl.ini create mode 120000 php/fpm-php5.3/ext-active/ldap.ini create mode 120000 php/fpm-php5.3/ext-active/mailparse.ini create mode 120000 php/fpm-php5.3/ext-active/mbstring.ini create mode 120000 php/fpm-php5.3/ext-active/mcrypt.ini create mode 120000 php/fpm-php5.3/ext-active/mysql.ini create mode 120000 php/fpm-php5.3/ext-active/mysqli.ini create mode 120000 php/fpm-php5.3/ext-active/odbc.ini create mode 120000 php/fpm-php5.3/ext-active/pcntl.ini create mode 120000 php/fpm-php5.3/ext-active/pspell.ini create mode 120000 php/fpm-php5.3/ext-active/snmp.ini create mode 120000 php/fpm-php5.3/ext-active/soap.ini create mode 120000 php/fpm-php5.3/ext-active/sockets.ini create mode 120000 php/fpm-php5.3/ext-active/sysvmsg.ini create mode 120000 php/fpm-php5.3/ext-active/sysvsem.ini create mode 120000 php/fpm-php5.3/ext-active/sysvshm.ini create mode 120000 php/fpm-php5.3/ext-active/tidy.ini create mode 120000 php/fpm-php5.3/ext-active/wddx.ini create mode 120000 php/fpm-php5.3/ext-active/xmlrpc.ini create mode 120000 php/fpm-php5.3/ext-active/xsl.ini create mode 120000 php/fpm-php5.3/ext-active/zip.ini create mode 120000 php/fpm-php5.3/ext-active/zlib.ini create mode 100644 php/fpm-php5.3/ext/apc.ini create mode 100644 php/fpm-php5.3/ext/bcmath.ini create mode 100644 php/fpm-php5.3/ext/bz2.ini create mode 100644 php/fpm-php5.3/ext/calendar.ini create mode 100644 php/fpm-php5.3/ext/crack.ini create mode 100644 php/fpm-php5.3/ext/curl.ini create mode 100644 php/fpm-php5.3/ext/dba.ini create mode 100644 php/fpm-php5.3/ext/enchant.ini create mode 100644 php/fpm-php5.3/ext/exif.ini create mode 100644 php/fpm-php5.3/ext/ftp.ini create mode 100644 php/fpm-php5.3/ext/gd.ini create mode 100644 php/fpm-php5.3/ext/gettext.ini create mode 100644 php/fpm-php5.3/ext/gmp.ini create mode 100644 php/fpm-php5.3/ext/http.ini create mode 100644 php/fpm-php5.3/ext/imagick.ini create mode 100644 php/fpm-php5.3/ext/imap.ini create mode 100644 php/fpm-php5.3/ext/intl.ini create mode 100644 php/fpm-php5.3/ext/ldap.ini create mode 100644 php/fpm-php5.3/ext/mailparse.ini create mode 100644 php/fpm-php5.3/ext/mbstring.ini create mode 100644 php/fpm-php5.3/ext/mcrypt.ini create mode 100644 php/fpm-php5.3/ext/mysql.ini create mode 100644 php/fpm-php5.3/ext/mysqli.ini create mode 100644 php/fpm-php5.3/ext/odbc.ini create mode 100644 php/fpm-php5.3/ext/pcntl.ini create mode 100644 php/fpm-php5.3/ext/pspell.ini create mode 100644 php/fpm-php5.3/ext/snmp.ini create mode 100644 php/fpm-php5.3/ext/soap.ini create mode 100644 php/fpm-php5.3/ext/sockets.ini create mode 100644 php/fpm-php5.3/ext/sysvmsg.ini create mode 100644 php/fpm-php5.3/ext/sysvsem.ini create mode 100644 php/fpm-php5.3/ext/sysvshm.ini create mode 100644 php/fpm-php5.3/ext/tidy.ini create mode 100644 php/fpm-php5.3/ext/wddx.ini create mode 100644 php/fpm-php5.3/ext/xmlrpc.ini create mode 100644 php/fpm-php5.3/ext/xsl.ini create mode 100644 php/fpm-php5.3/ext/zip.ini create mode 100644 php/fpm-php5.3/ext/zlib.ini create mode 100644 php/fpm-php5.3/php-fpm.conf create mode 100644 php/fpm-php5.3/php.ini create mode 100644 postfix/.orig/main.cf create mode 100644 postfix/.orig/master.cf create mode 100644 postfix/.orig/postgrey_whitelist_clients create mode 100644 postfix/.orig/postgrey_whitelist_recipients create mode 100644 postfix/.orig/saslpass create mode 100644 postfix/.rcs/access_client,v create mode 100644 postfix/.rcs/access_helo,v create mode 100644 postfix/.rcs/access_recipient,v create mode 100644 postfix/.rcs/access_sender,v create mode 100644 postfix/.rcs/body_checks,v create mode 100644 postfix/.rcs/generic,v create mode 100644 postfix/.rcs/header_checks,v create mode 100644 postfix/.rcs/main.cf,v create mode 100644 postfix/.rcs/master.cf,v create mode 100644 postfix/.rcs/master.cf.orig,v create mode 100644 postfix/.rcs/mysql-aliases.cf,v create mode 100644 postfix/.rcs/mysql-canonical.cf,v create mode 100644 postfix/.rcs/mysql-mydomains.cf,v create mode 100644 postfix/.rcs/mysql-recipient_bcc.cf,v create mode 100644 postfix/.rcs/mysql-relay-domains.cf,v create mode 100644 postfix/.rcs/mysql-relocated.cf,v create mode 100644 postfix/.rcs/mysql-sender_bcc.cf,v create mode 100644 postfix/.rcs/mysql-virtual-alias-domains.cf,v create mode 100644 postfix/.rcs/mysql-virtual-mailbox-domains.cf,v create mode 100644 postfix/.rcs/mysql-virtual-maps.cf,v create mode 100644 postfix/.rcs/mysql-virtual.cf,v create mode 100644 postfix/.rcs/postfix.pem,v create mode 100644 postfix/.rcs/postgrey_whitelist_clients,v create mode 100644 postfix/.rcs/postgrey_whitelist_recipients,v create mode 100644 postfix/.rcs/relay_clientcerts,v create mode 100644 postfix/.rcs/saslpass,v create mode 100644 postfix/.rcs/transport,v create mode 100644 postfix/body_checks create mode 100644 postfix/body_checks.2008-10-01_16:37:41 create mode 100644 postfix/body_checks.2011-04-05_15:44:59 create mode 100644 postfix/body_checks.2011-06-08_23:08:02 create mode 100644 postfix/body_checks.2011-06-20_16:43:35 create mode 100644 postfix/body_checks.2011-06-21_14:50:01 create mode 100644 postfix/body_checks.2011-06-27_15:26:45 create mode 100644 postfix/body_checks.2011-06-30_10:29:18 create mode 100644 postfix/body_checks.2011-07-18_10:17:44 create mode 100644 postfix/body_checks.2011-07-25_15:24:08 create mode 100644 postfix/body_checks.2011-07-28_10:10:53 create mode 100644 postfix/body_checks.2011-08-05_17:45:51 create mode 100644 postfix/body_checks.2011-08-08_14:49:21 create mode 100644 postfix/body_checks.2011-08-16_14:28:42 create mode 100644 postfix/body_checks.2011-09-02_10:39:04 create mode 100644 postfix/body_checks.2011-09-16_14:28:54 create mode 100644 postfix/body_checks.2011-09-20_11:27:23 create mode 100644 postfix/body_checks.2011-09-29_14:37:17 create mode 100644 postfix/body_checks.2011-10-18_08:55:16 create mode 100644 postfix/body_checks.2011-10-26_08:37:52 create mode 100644 postfix/body_checks.2011-10-28_17:45:27 create mode 100644 postfix/body_checks.2011-11-23_16:31:49 create mode 100644 postfix/bounce-templates/README create mode 100644 postfix/bounce-templates/bounce.cf.default create mode 100644 postfix/bounce-templates/bounce.de-DE.cf create mode 100644 postfix/bounce-templates/images/note.png create mode 100644 postfix/bounce-templates/index.html create mode 100644 postfix/bounce-templates/index.xml create mode 100644 postfix/bounce-templates/screen.css create mode 100755 postfix/get-checks-from-postfixbuch.sh create mode 100644 postfix/header_checks create mode 100644 postfix/header_checks.2008-09-12_12:52:55 create mode 100644 postfix/header_checks.2011-05-30_10:34:08 create mode 100644 postfix/header_checks.2011-06-08_23:08:14 create mode 100644 postfix/header_checks.2011-06-30_15:47:30 create mode 100644 postfix/header_checks.2011-07-06_12:41:42 create mode 100644 postfix/header_checks.2011-07-24_08:32:55 create mode 100644 postfix/header_checks.2011-08-18_13:18:57 create mode 100644 postfix/header_checks.2011-08-26_11:28:47 create mode 100644 postfix/header_checks.2011-08-29_13:39:31 create mode 100644 postfix/header_checks.2011-09-08_13:34:03 create mode 100644 postfix/header_checks.2011-09-16_12:04:56 create mode 100644 postfix/header_checks.2011-09-19_16:05:00 create mode 100644 postfix/header_checks.2011-09-25_11:26:07 create mode 100644 postfix/header_checks.2011-10-18_08:54:36 create mode 100644 postfix/header_checks.2011-10-28_17:54:06 create mode 100644 postfix/header_checks.2011-11-07_17:57:32 create mode 100644 postfix/header_checks.2011-11-08_11:48:39 create mode 100644 postfix/header_checks.2011-11-23_14:21:49 create mode 100644 postfix/main.cf create mode 100644 postfix/maps/.rcs/access_client,v create mode 100644 postfix/maps/.rcs/access_helo,v create mode 100644 postfix/maps/.rcs/access_recipient,v create mode 100644 postfix/maps/.rcs/access_sender,v create mode 100644 postfix/maps/.rcs/aliases,v create mode 100644 postfix/maps/.rcs/body_checks,v create mode 100644 postfix/maps/.rcs/canonical,v create mode 100644 postfix/maps/.rcs/generic,v create mode 100644 postfix/maps/.rcs/header_checks,v create mode 100644 postfix/maps/.rcs/mydomains,v create mode 100644 postfix/maps/.rcs/recipient_bcc,v create mode 100644 postfix/maps/.rcs/relay_clientcerts,v create mode 100644 postfix/maps/.rcs/relay_domains,v create mode 100644 postfix/maps/.rcs/relocated,v create mode 100644 postfix/maps/.rcs/sender_bcc,v create mode 100644 postfix/maps/.rcs/transport,v create mode 100644 postfix/maps/.rcs/virtual_alias_domains,v create mode 100644 postfix/maps/.rcs/virtual_alias_maps,v create mode 100644 postfix/maps/.rcs/virtual_mailbox_domains,v create mode 100644 postfix/maps/.rcs/virtual_mailbox_maps,v create mode 100644 postfix/maps/access_client create mode 100644 postfix/maps/access_helo create mode 100644 postfix/maps/access_helo.db create mode 100644 postfix/maps/access_recipient create mode 100644 postfix/maps/access_recipient.db create mode 100644 postfix/maps/access_sender create mode 100644 postfix/maps/access_sender.db create mode 100644 postfix/maps/aliases create mode 100644 postfix/maps/aliases.db create mode 100644 postfix/maps/body_checks create mode 100644 postfix/maps/canonical create mode 100644 postfix/maps/canonical.db create mode 100644 postfix/maps/generic create mode 100644 postfix/maps/generic.db create mode 100644 postfix/maps/header_checks create mode 100644 postfix/maps/mydomains create mode 100644 postfix/maps/mydomains.db create mode 100644 postfix/maps/recipient_bcc create mode 100644 postfix/maps/recipient_bcc.db create mode 100644 postfix/maps/relay_clientcerts create mode 100644 postfix/maps/relay_clientcerts.db create mode 100644 postfix/maps/relay_domains create mode 100644 postfix/maps/relay_domains.db create mode 100644 postfix/maps/relocated create mode 100644 postfix/maps/relocated.db create mode 100644 postfix/maps/sender_bcc create mode 100644 postfix/maps/sender_bcc.db create mode 100644 postfix/maps/transport create mode 100644 postfix/maps/transport.db create mode 100644 postfix/maps/virtual_alias_domains create mode 100644 postfix/maps/virtual_alias_domains.db create mode 100644 postfix/maps/virtual_alias_maps create mode 100644 postfix/maps/virtual_alias_maps.db create mode 100644 postfix/maps/virtual_mailbox_domains create mode 100644 postfix/maps/virtual_mailbox_domains.db create mode 100644 postfix/maps/virtual_mailbox_maps create mode 100644 postfix/maps/virtual_mailbox_maps.db create mode 100644 postfix/maps/work/aliases create mode 100644 postfix/maps/work/canonical create mode 100644 postfix/maps/work/mydomains create mode 100644 postfix/maps/work/recipient_bcc create mode 100644 postfix/maps/work/relay_domains create mode 100644 postfix/maps/work/relocated create mode 100644 postfix/maps/work/sender_bcc create mode 100644 postfix/maps/work/virtual_alias_domains create mode 100644 postfix/maps/work/virtual_alias_maps create mode 100644 postfix/maps/work/virtual_mailbox_domains create mode 100644 postfix/maps/work/virtual_mailbox_maps create mode 100644 postfix/master.cf create mode 100644 postfix/master.cf.orig create mode 100644 postfix/old/access_client create mode 100644 postfix/old/access_helo create mode 100644 postfix/old/access_helo.db create mode 100644 postfix/old/access_recipient create mode 100644 postfix/old/access_recipient.db create mode 100644 postfix/old/access_sender create mode 100644 postfix/old/access_sender.db create mode 100644 postfix/old/generic create mode 100644 postfix/old/generic.db create mode 100644 postfix/old/mysql-aliases.cf create mode 100644 postfix/old/mysql-canonical.cf create mode 100644 postfix/old/mysql-mydomains.cf create mode 100644 postfix/old/mysql-recipient_bcc.cf create mode 100644 postfix/old/mysql-relay-domains.cf create mode 100644 postfix/old/mysql-relocated.cf create mode 100644 postfix/old/mysql-sender_bcc.cf create mode 100644 postfix/old/mysql-virtual-alias-domains.cf create mode 100644 postfix/old/mysql-virtual-mailbox-domains.cf create mode 100644 postfix/old/mysql-virtual-maps.cf create mode 100644 postfix/old/mysql-virtual.cf create mode 100644 postfix/old/relay_clientcerts create mode 100644 postfix/old/relay_clientcerts.db create mode 100644 postfix/old/transport create mode 100644 postfix/old/transport.db create mode 100644 postfix/postconf/helga.2010-05-31.00 create mode 100644 postfix/postconf/helga.2010-05-31.01 create mode 100644 postfix/postconf/helga.2010-05-31.02 create mode 100644 postfix/postconf/helga.2010-05-31.03 create mode 100644 postfix/postconf/helga.2010-05-31.04 create mode 100644 postfix/postconf/helga.2010-05-31.05 create mode 100644 postfix/postconf/helga.2010-05-31.06 create mode 100644 postfix/postconf/sarah.2010-05-31 create mode 100644 postfix/postfix.pem create mode 100644 postfix/postgrey_whitelist_clients create mode 100644 postfix/postgrey_whitelist_recipients create mode 100644 postfix/sarah/.old/aliases.2010-05-20_07-06-58 create mode 100644 postfix/sarah/.old/mysql-aliases.cf.2007-11-27_11-01-59 create mode 100644 postfix/sarah/.old/mysql-canonical.cf.2007-11-27_13-32-33 create mode 100644 postfix/sarah/.old/mysql-mydomains.cf.2007-11-27_13-56-42 create mode 100644 postfix/sarah/.old/mysql-recipient_bcc.cf.2007-11-27_11-00-39 create mode 100644 postfix/sarah/.old/mysql-relay-domains.cf.2007-11-27_13-59-18 create mode 100644 postfix/sarah/.old/mysql-relocated.cf.2007-11-27_11-02-09 create mode 100644 postfix/sarah/.old/mysql-sender_bcc.cf.2007-11-27_11-01-49 create mode 100644 postfix/sarah/.old/mysql-transport.cf.2007-11-27_11-02-24 create mode 100644 postfix/sarah/.old/mysql-virtual-alias-domains.cf.2007-11-27_13-58-48 create mode 100644 postfix/sarah/.old/mysql-virtual-gid.cf.2007-11-27_10-57-15 create mode 100644 postfix/sarah/.old/mysql-virtual-mailbox-domains.cf.2007-11-27_13-59-42 create mode 100644 postfix/sarah/.old/mysql-virtual-maps.cf.2007-11-27_10-54-55 create mode 100644 postfix/sarah/.old/mysql-virtual-uid.cf.2007-11-27_10-57-41 create mode 100644 postfix/sarah/.old/mysql-virtual.cf.2007-11-27_10-59-04 create mode 100755 postfix/sarah/.old/post-install.2006-12-08_14-24-16 create mode 100644 postfix/sarah/.old/postfix-files.2006-12-08_14-24-16 create mode 100644 postfix/sarah/.old/postfix.pem.2006-12-08_23-46-30 create mode 100644 postfix/sarah/.old/postgrey_whitelist_clients.2008-10-16_22-21-38 create mode 100644 postfix/sarah/.old/postgrey_whitelist_recipients.2008-10-16_22-21-38 create mode 100644 postfix/sarah/.old/relay_clientcerts.2008-10-19_21-10-22 create mode 100644 postfix/sarah/.old/saslpass.2008-09-08_10-26-51 create mode 100644 postfix/sarah/.old/virtual.2010-05-20_07-06-58 create mode 100644 postfix/sarah/access_client create mode 100644 postfix/sarah/access_client,v create mode 100644 postfix/sarah/access_helo create mode 100644 postfix/sarah/access_helo,v create mode 100644 postfix/sarah/access_helo.db create mode 100644 postfix/sarah/access_recipient create mode 100644 postfix/sarah/access_recipient,v create mode 100644 postfix/sarah/access_recipient.db create mode 100644 postfix/sarah/access_sender create mode 100644 postfix/sarah/access_sender,v create mode 100644 postfix/sarah/access_sender.db create mode 100644 postfix/sarah/aliases create mode 100644 postfix/sarah/aliases.db create mode 100644 postfix/sarah/body_checks create mode 100644 postfix/sarah/body_checks,v create mode 100644 postfix/sarah/bounce-templates/.svn/entries create mode 100644 postfix/sarah/bounce-templates/.svn/format create mode 100644 postfix/sarah/bounce-templates/.svn/prop-base/bounce.cf.default.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/prop-base/bounce.de-DE.cf.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/prop-base/index.html.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/prop-base/index.xml.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/prop-base/screen.css.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/text-base/README.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/text-base/bounce.cf.default.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/text-base/bounce.de-DE.cf.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/text-base/index.html.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/text-base/index.xml.svn-base create mode 100644 postfix/sarah/bounce-templates/.svn/text-base/screen.css.svn-base create mode 100644 postfix/sarah/bounce-templates/README create mode 100644 postfix/sarah/bounce-templates/bounce.cf.default create mode 100644 postfix/sarah/bounce-templates/bounce.de-DE.cf create mode 100644 postfix/sarah/bounce-templates/images/.svn/entries create mode 100644 postfix/sarah/bounce-templates/images/.svn/format create mode 100644 postfix/sarah/bounce-templates/images/.svn/prop-base/note.png.svn-base create mode 100644 postfix/sarah/bounce-templates/images/.svn/text-base/note.png.svn-base create mode 100644 postfix/sarah/bounce-templates/images/note.png create mode 100644 postfix/sarah/bounce-templates/index.html create mode 100644 postfix/sarah/bounce-templates/index.xml create mode 100644 postfix/sarah/bounce-templates/screen.css create mode 100644 postfix/sarah/generic create mode 100644 postfix/sarah/generic,v create mode 100644 postfix/sarah/generic.db create mode 100644 postfix/sarah/get-lookup-tables.conf create mode 100644 postfix/sarah/greylist/.old/gr.cf.2008-04-01_09-27-01 create mode 100755 postfix/sarah/greylist/.old/gr.pl.2008-04-01_09-26-55 create mode 100644 postfix/sarah/greylist/.old/greylist.cf.2006-12-13_10-56-05 create mode 100644 postfix/sarah/greylist/.old/greylist.cf.2008-04-01_09-42-56 create mode 100755 postfix/sarah/greylist/.old/greylist.pl.2006-12-13_10-54-14 create mode 100755 postfix/sarah/greylist/.old/greylist.pl.2008-04-01_11-14-48 create mode 100644 postfix/sarah/greylist/.svn/all-wcprops create mode 100644 postfix/sarah/greylist/.svn/entries create mode 100644 postfix/sarah/greylist/.svn/format create mode 100644 postfix/sarah/greylist/.svn/prop-base/clear-greylist.pl.svn-base create mode 100644 postfix/sarah/greylist/.svn/prop-base/greylist-test.0.txt.svn-base create mode 100644 postfix/sarah/greylist/.svn/prop-base/greylist-test.1.txt.svn-base create mode 100644 postfix/sarah/greylist/.svn/prop-base/greylist.cf.svn-base create mode 100644 postfix/sarah/greylist/.svn/prop-base/greylist.pl.svn-base create mode 100644 postfix/sarah/greylist/.svn/text-base/clear-greylist.pl.svn-base create mode 100644 postfix/sarah/greylist/.svn/text-base/greylist-test.0.txt.svn-base create mode 100644 postfix/sarah/greylist/.svn/text-base/greylist-test.1.txt.svn-base create mode 100644 postfix/sarah/greylist/.svn/text-base/greylist.cf.svn-base create mode 100644 postfix/sarah/greylist/.svn/text-base/greylist.pl.svn-base create mode 100755 postfix/sarah/greylist/clear-greylist.pl create mode 100644 postfix/sarah/greylist/greylist-test.0.txt create mode 100644 postfix/sarah/greylist/greylist-test.1.txt create mode 100644 postfix/sarah/greylist/greylist.cf create mode 100755 postfix/sarah/greylist/greylist.pl create mode 100644 postfix/sarah/header_checks create mode 100644 postfix/sarah/header_checks,v create mode 100644 postfix/sarah/main.cf create mode 100644 postfix/sarah/main.cf,v create mode 100755 postfix/sarah/make-virtual.sh create mode 100644 postfix/sarah/master.cf create mode 100644 postfix/sarah/master.cf,v create mode 100644 postfix/sarah/mydomain create mode 100644 postfix/sarah/mydomain,v create mode 100644 postfix/sarah/mysql-aliases.cf create mode 100644 postfix/sarah/mysql-canonical.cf create mode 100644 postfix/sarah/mysql-mydomains.cf create mode 100644 postfix/sarah/mysql-recipient_bcc.cf create mode 100644 postfix/sarah/mysql-relay-domains.cf create mode 100644 postfix/sarah/mysql-relocated.cf create mode 100644 postfix/sarah/mysql-sender_bcc.cf create mode 100644 postfix/sarah/mysql-transport.cf create mode 100644 postfix/sarah/mysql-virtual-alias-domains.cf create mode 100644 postfix/sarah/mysql-virtual-gid.cf create mode 100644 postfix/sarah/mysql-virtual-mailbox-domains.cf create mode 100644 postfix/sarah/mysql-virtual-maps.cf create mode 100644 postfix/sarah/mysql-virtual-uid.cf create mode 100644 postfix/sarah/mysql-virtual.cf create mode 100644 postfix/sarah/postconf.current create mode 100644 postfix/sarah/postconf.new create mode 100644 postfix/sarah/postconf.new1 create mode 100644 postfix/sarah/postfix.pem create mode 100644 postfix/sarah/postgrey_whitelist_clients create mode 100644 postfix/sarah/postgrey_whitelist_recipients create mode 100644 postfix/sarah/prng_exch create mode 100644 postfix/sarah/relay_clientcerts create mode 100644 postfix/sarah/relay_clientcerts.db create mode 100644 postfix/sarah/saslpass create mode 100644 postfix/sarah/tables/aliases create mode 100644 postfix/sarah/tables/aliases.db create mode 100644 postfix/sarah/tables/virtual create mode 100644 postfix/sarah/tables/virtual.db create mode 100644 postfix/sarah/transport create mode 100644 postfix/sarah/transport,v create mode 100644 postfix/sarah/transport.db create mode 100644 postfix/sarah/virtual create mode 100644 postfix/sarah/virtual,v create mode 100644 postfix/sarah/virtual.db create mode 100644 postfix/sarah/work/aliases create mode 100644 postfix/sarah/work/virtual create mode 100644 postfix/saslpass create mode 100644 profile.d/bash-completion.sh create mode 100644 profile.d/java-config-2.csh create mode 100644 profile.d/java-config-2.sh create mode 100644 proftpd/blacklist.dat create mode 100644 proftpd/dhparams.pem create mode 100644 proftpd/proftpd.conf.sample create mode 100644 reoback/.rcs/files.conf,v create mode 100644 reoback/.rcs/settings.conf,v create mode 100644 reoback/files.conf create mode 100644 reoback/settings.conf create mode 100644 revdep-rebuild/55-nagios-plugins-snmp-revdep create mode 100644 revdep-rebuild/60-java create mode 100644 revdep-rebuild/61-icedtea6-bin create mode 100644 revdep-rebuild/99revdep-rebuild create mode 120000 runlevels/boot/bootmisc create mode 120000 runlevels/boot/consolefont create mode 120000 runlevels/boot/device-mapper create mode 120000 runlevels/boot/fsck create mode 120000 runlevels/boot/hostname create mode 120000 runlevels/boot/hwclock create mode 120000 runlevels/boot/keymaps create mode 120000 runlevels/boot/localmount create mode 120000 runlevels/boot/lvm create mode 120000 runlevels/boot/modules create mode 120000 runlevels/boot/mtab create mode 120000 runlevels/boot/net.lo create mode 120000 runlevels/boot/procfs create mode 120000 runlevels/boot/root create mode 120000 runlevels/boot/swap create mode 120000 runlevels/boot/sysctl create mode 120000 runlevels/boot/termencoding create mode 120000 runlevels/boot/urandom create mode 120000 runlevels/default/amavisd create mode 120000 runlevels/default/apache2 create mode 120000 runlevels/default/atd create mode 120000 runlevels/default/books-prod-fcgi create mode 120000 runlevels/default/clamd create mode 120000 runlevels/default/courier-authlib create mode 120000 runlevels/default/courier-imapd create mode 120000 runlevels/default/courier-imapd-ssl create mode 120000 runlevels/default/courier-pop3d create mode 120000 runlevels/default/courier-pop3d-ssl create mode 120000 runlevels/default/git-daemon create mode 120000 runlevels/default/ip6tables create mode 120000 runlevels/default/iptables create mode 120000 runlevels/default/lm_sensors create mode 120000 runlevels/default/local create mode 120000 runlevels/default/mdadm create mode 120000 runlevels/default/mysql create mode 120000 runlevels/default/named create mode 120000 runlevels/default/net.eth0 create mode 120000 runlevels/default/netmount create mode 120000 runlevels/default/ntp-client create mode 120000 runlevels/default/ntpd create mode 120000 runlevels/default/policyd-weight create mode 120000 runlevels/default/postfix create mode 120000 runlevels/default/postgrey create mode 120000 runlevels/default/quota create mode 120000 runlevels/default/saslauthd create mode 120000 runlevels/default/slapd create mode 120000 runlevels/default/smartd create mode 120000 runlevels/default/spamd create mode 120000 runlevels/default/sshd create mode 120000 runlevels/default/syslog-ng create mode 120000 runlevels/default/udev-postmount create mode 120000 runlevels/default/ulogd create mode 120000 runlevels/default/vixie-cron create mode 120000 runlevels/nonetwork/local create mode 120000 runlevels/shutdown/killprocs create mode 120000 runlevels/shutdown/mount-ro create mode 120000 runlevels/shutdown/savecache create mode 120000 runlevels/sysinit/devfs create mode 120000 runlevels/sysinit/dmesg create mode 120000 runlevels/sysinit/udev create mode 100644 samba/lmhosts create mode 100644 samba/smb.conf.default create mode 100644 samba/smbusers create mode 100644 sandbox.d/00default create mode 100644 sandbox.d/10openssl create mode 100644 sandbox.d/37fontconfig create mode 100644 sasl2/.rcs/smtpd.conf,v create mode 100644 sasl2/sasldb2 create mode 100644 sasl2/smtpd.conf create mode 100644 security/access.conf create mode 100644 security/capability.conf create mode 100644 security/group.conf create mode 100644 security/limits.conf create mode 100644 security/namespace.conf create mode 100755 security/namespace.init create mode 100644 security/pam_env.conf create mode 100644 security/time.conf create mode 100644 security/users.allow create mode 100644 sgml/catalog create mode 100644 sgml/dsssl-docbook-stylesheets.cat create mode 100644 sgml/linuxdoc.cat create mode 100644 sgml/openjade-1.3.2.cat create mode 100644 sgml/sgml-docbook-3.0.cat create mode 100644 sgml/sgml-docbook.cat create mode 100644 sgml/sgml-ent.cat create mode 100644 sgml/sgml.conf create mode 100644 sgml/xml-docbook-4.1.2.cat create mode 100644 sgml/xml-docbook-4.2.cat create mode 100644 sgml/xml-docbook-4.3.cat create mode 100644 sgml/xml-docbook-4.4.cat create mode 100644 sgml/xml-docbook-4.5.cat create mode 100644 skel/.bash_logout create mode 100644 skel/.bash_profile create mode 100644 skel/.bashrc create mode 100644 slsh.rc create mode 100644 snmp/snmpd.conf.example create mode 100644 ssh/moduli create mode 100644 ssh/ssh_config create mode 100644 ssh/ssh_host_dsa_key create mode 100644 ssh/ssh_host_dsa_key.pub create mode 100644 ssh/ssh_host_ecdsa_key create mode 100644 ssh/ssh_host_ecdsa_key.pub create mode 100644 ssh/ssh_host_rsa_key create mode 100644 ssh/ssh_host_rsa_key.pub create mode 100644 ssh/sshd_config create mode 100644 strato/nagios/.svn/dir-prop-base create mode 100644 strato/nagios/.svn/entries create mode 100644 strato/nagios/.svn/prop-base/cgi.cfg.svn-base create mode 100644 strato/nagios/.svn/prop-base/check_msgs_mysql.conf.svn-base create mode 100644 strato/nagios/.svn/prop-base/nagios.cfg.svn-base create mode 100644 strato/nagios/.svn/prop-base/ndo2db.cfg.svn-base create mode 100644 strato/nagios/.svn/prop-base/ndomod.cfg.svn-base create mode 100644 strato/nagios/.svn/prop-base/nrpe.cfg.svn-base create mode 100644 strato/nagios/.svn/prop-base/resource.cfg.svn-base create mode 100644 strato/nagios/.svn/text-base/cgi.cfg.svn-base create mode 100644 strato/nagios/.svn/text-base/check_msgs_mysql.conf.svn-base create mode 100644 strato/nagios/.svn/text-base/htpasswd.users.svn-base create mode 100644 strato/nagios/.svn/text-base/nagios.cfg.svn-base create mode 100644 strato/nagios/.svn/text-base/ndo2db.cfg.svn-base create mode 100644 strato/nagios/.svn/text-base/ndomod.cfg.svn-base create mode 100644 strato/nagios/.svn/text-base/nrpe.cfg.svn-base create mode 100644 strato/nagios/.svn/text-base/resource.cfg.svn-base create mode 100644 strato/nagios/cgi.cfg create mode 100644 strato/nagios/check_logfiles/.svn/entries create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Adserver01.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Affront.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Apoc.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Blade0.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/BladeCenter.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Emma.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Estragon.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Freder.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Gordon.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Grauzone.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Groth.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Imperia.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Jabber.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Jani.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Joh.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Joseph.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Kelvin.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Kristel.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Maria.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Metropolis.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Mx1.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Mx2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Mystratodata2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Na30401.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Na30402.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Nexus.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Onlineserver02.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Onlineserver13.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Plexus.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Rheya.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Rotwang.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/SD4-KK2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Schufulupiplu.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Slim.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Sunny1.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Sunny2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Sunny3.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Sunny4.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Tank.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Turtur.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Vagas.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Vagas2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Walter.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/prop-base/Wutschel.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Adserver01.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Affront.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Apoc.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Blade0.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/BladeCenter.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Emma.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Estragon.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Freder.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Gordon.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Grauzone.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Groth.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Imperia.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Jabber.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Jani.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Joh.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Joseph.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Kelvin.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Kristel.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Maria.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Metropolis.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Mx1.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Mx2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Mystratodata2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Na30401.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Na30402.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Nexus.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Onlineserver02.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Onlineserver13.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Plexus.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Rheya.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Rotwang.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/SD4-KK2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Schufulupiplu.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Slim.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Sunny1.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Sunny2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Sunny3.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Sunny4.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Tank.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Turtur.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Vagas.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Vagas2.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Walter.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/.svn/text-base/Wutschel.cfg.svn-base create mode 100644 strato/nagios/check_logfiles/Adserver01.cfg create mode 100644 strato/nagios/check_logfiles/Affront.cfg create mode 100644 strato/nagios/check_logfiles/Apoc.cfg create mode 100644 strato/nagios/check_logfiles/Blade0.cfg create mode 100644 strato/nagios/check_logfiles/BladeCenter.cfg create mode 100644 strato/nagios/check_logfiles/Emma.cfg create mode 100644 strato/nagios/check_logfiles/Estragon.cfg create mode 100644 strato/nagios/check_logfiles/Freder.cfg create mode 100644 strato/nagios/check_logfiles/Gordon.cfg create mode 100644 strato/nagios/check_logfiles/Grauzone.cfg create mode 100644 strato/nagios/check_logfiles/Groth.cfg create mode 100644 strato/nagios/check_logfiles/Imperia.cfg create mode 100644 strato/nagios/check_logfiles/Jabber.cfg create mode 100644 strato/nagios/check_logfiles/Jani.cfg create mode 100644 strato/nagios/check_logfiles/Joh.cfg create mode 100644 strato/nagios/check_logfiles/Joseph.cfg create mode 100644 strato/nagios/check_logfiles/Kelvin.cfg create mode 100644 strato/nagios/check_logfiles/Kristel.cfg create mode 100644 strato/nagios/check_logfiles/Maria.cfg create mode 100644 strato/nagios/check_logfiles/Metropolis.cfg create mode 100644 strato/nagios/check_logfiles/Mx1.cfg create mode 100644 strato/nagios/check_logfiles/Mx2.cfg create mode 100644 strato/nagios/check_logfiles/Mystratodata2.cfg create mode 100644 strato/nagios/check_logfiles/Na30401.cfg create mode 100644 strato/nagios/check_logfiles/Na30402.cfg create mode 100644 strato/nagios/check_logfiles/Nexus.cfg create mode 100644 strato/nagios/check_logfiles/Onlineserver02.cfg create mode 100644 strato/nagios/check_logfiles/Onlineserver13.cfg create mode 100644 strato/nagios/check_logfiles/Plexus.cfg create mode 100644 strato/nagios/check_logfiles/Rheya.cfg create mode 100644 strato/nagios/check_logfiles/Rotwang.cfg create mode 100644 strato/nagios/check_logfiles/SD4-KK2.cfg create mode 100644 strato/nagios/check_logfiles/Schufulupiplu.cfg create mode 100644 strato/nagios/check_logfiles/Slim.cfg create mode 100644 strato/nagios/check_logfiles/Sunny1.cfg create mode 100644 strato/nagios/check_logfiles/Sunny2.cfg create mode 100644 strato/nagios/check_logfiles/Sunny3.cfg create mode 100644 strato/nagios/check_logfiles/Sunny4.cfg create mode 100644 strato/nagios/check_logfiles/Tank.cfg create mode 100644 strato/nagios/check_logfiles/Turtur.cfg create mode 100644 strato/nagios/check_logfiles/Vagas.cfg create mode 100644 strato/nagios/check_logfiles/Vagas2.cfg create mode 100644 strato/nagios/check_logfiles/Walter.cfg create mode 100644 strato/nagios/check_logfiles/Wutschel.cfg create mode 100644 strato/nagios/check_msgs_mysql.conf create mode 100644 strato/nagios/htpasswd.users create mode 100644 strato/nagios/nagios.cfg create mode 100644 strato/nagios/ndo2db.cfg create mode 100644 strato/nagios/ndomod.cfg create mode 100644 strato/nagios/nrpe.cfg create mode 100644 strato/nagios/objects/.svn/dir-prop-base create mode 100644 strato/nagios/objects/.svn/entries create mode 100644 strato/nagios/objects/.svn/prop-base/commands-app.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands-esx.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands-f5.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands-ipmi.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands-netapp.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands-notify.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands-nrpe.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands-oracle.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands-perfdata.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/commands.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/contacts.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/groups.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/interhost-deps.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/localhost.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/printer.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/switch.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/templates.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/timeperiods.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/prop-base/windows.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-app.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-esx.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-f5.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-ipmi.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-netapp.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-notify.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-nrpe.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-oracle.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands-perfdata.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/commands.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/contacts.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/groups.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/interhost-deps.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/localhost.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/printer.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/switch.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/templates.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/timeperiods.cfg.svn-base create mode 100644 strato/nagios/objects/.svn/text-base/windows.cfg.svn-base create mode 100644 strato/nagios/objects/apps/.svn/dir-prop-base create mode 100644 strato/nagios/objects/apps/.svn/entries create mode 100644 strato/nagios/objects/apps/.svn/prop-base/boss-db.cfg.svn-base create mode 100644 strato/nagios/objects/apps/.svn/prop-base/mydb0.cfg.svn-base create mode 100644 strato/nagios/objects/apps/.svn/prop-base/stratodata.cfg.svn-base create mode 100644 strato/nagios/objects/apps/.svn/text-base/boss-db.cfg.svn-base create mode 100644 strato/nagios/objects/apps/.svn/text-base/mydb0.cfg.svn-base create mode 100644 strato/nagios/objects/apps/.svn/text-base/stratodata.cfg.svn-base create mode 100644 strato/nagios/objects/apps/boss-db.cfg create mode 100644 strato/nagios/objects/apps/mydb0.cfg create mode 100644 strato/nagios/objects/apps/stratodata.cfg create mode 100644 strato/nagios/objects/commands-app.cfg create mode 100644 strato/nagios/objects/commands-esx.cfg create mode 100644 strato/nagios/objects/commands-f5.cfg create mode 100644 strato/nagios/objects/commands-ipmi.cfg create mode 100644 strato/nagios/objects/commands-netapp.cfg create mode 100644 strato/nagios/objects/commands-notify.cfg create mode 100644 strato/nagios/objects/commands-nrpe.cfg create mode 100644 strato/nagios/objects/commands-oracle.cfg create mode 100644 strato/nagios/objects/commands-perfdata.cfg create mode 100644 strato/nagios/objects/commands.cfg create mode 100644 strato/nagios/objects/contacts.cfg create mode 100644 strato/nagios/objects/groups.cfg create mode 100644 strato/nagios/objects/interhost-deps.cfg create mode 100644 strato/nagios/objects/karlsruhe/.svn/dir-prop-base create mode 100644 strato/nagios/objects/karlsruhe/.svn/entries create mode 100644 strato/nagios/objects/karlsruhe/.svn/prop-base/timesten.cfg.svn-base create mode 100644 strato/nagios/objects/karlsruhe/.svn/prop-base/timesten3.cfg.svn-base create mode 100644 strato/nagios/objects/karlsruhe/.svn/text-base/timesten.cfg.svn-base create mode 100644 strato/nagios/objects/karlsruhe/.svn/text-base/timesten3.cfg.svn-base create mode 100644 strato/nagios/objects/karlsruhe/timesten.cfg create mode 100644 strato/nagios/objects/karlsruhe/timesten3.cfg create mode 100644 strato/nagios/objects/localhost.cfg create mode 100644 strato/nagios/objects/netapp/.svn/dir-prop-base create mode 100644 strato/nagios/objects/netapp/.svn/entries create mode 100644 strato/nagios/objects/netapp/.svn/prop-base/na20201.cfg.svn-base create mode 100644 strato/nagios/objects/netapp/.svn/prop-base/na30401.cfg.svn-base create mode 100644 strato/nagios/objects/netapp/.svn/prop-base/na30402.cfg.svn-base create mode 100644 strato/nagios/objects/netapp/.svn/text-base/na20201.cfg.svn-base create mode 100644 strato/nagios/objects/netapp/.svn/text-base/na30401.cfg.svn-base create mode 100644 strato/nagios/objects/netapp/.svn/text-base/na30402.cfg.svn-base create mode 100644 strato/nagios/objects/netapp/na20201.cfg create mode 100644 strato/nagios/objects/netapp/na30401.cfg create mode 100644 strato/nagios/objects/netapp/na30402.cfg create mode 100644 strato/nagios/objects/pascal/.svn/dir-prop-base create mode 100644 strato/nagios/objects/pascal/.svn/entries create mode 100644 strato/nagios/objects/pascal/.svn/prop-base/dc2008-001.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/prop-base/dc2008-002.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/prop-base/k2.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/prop-base/kelvin.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/prop-base/post1.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/text-base/dc2008-001.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/text-base/dc2008-002.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/text-base/k2.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/text-base/kelvin.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/.svn/text-base/post1.cfg.svn-base create mode 100644 strato/nagios/objects/pascal/dc2008-001.cfg create mode 100644 strato/nagios/objects/pascal/dc2008-002.cfg create mode 100644 strato/nagios/objects/pascal/k2.cfg create mode 100644 strato/nagios/objects/pascal/kelvin.cfg create mode 100644 strato/nagios/objects/pascal/post1.cfg create mode 100644 strato/nagios/objects/printer.cfg create mode 100644 strato/nagios/objects/privat/.svn/entries create mode 100644 strato/nagios/objects/rz/.svn/dir-prop-base create mode 100644 strato/nagios/objects/rz/.svn/entries create mode 100644 strato/nagios/objects/rz/.svn/prop-base/affront.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/bl0.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/bl1.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/bl2.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/bl4.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/bl6.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/bl8.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/blc.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/borelius-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/borelius.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/dc2008-003.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/dieter.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/emma.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/estragon.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/godot-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/godot.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/grauzone.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/heidrun-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/heidrun.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/joseph.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/kristel.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/leto-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/leto.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/lurkin-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/lurkin.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/maria.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/msd2.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/mx1.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/mx2.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/nexus.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/one.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/plexus.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/rotwang.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/sunny1-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/sunny1.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/sunny2-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/sunny2.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/sunny3-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/sunny3.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/turtur.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/vagas.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/walo.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/walter.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/wutschel.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/prop-base/zero.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/affront.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/bl0.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/bl1.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/bl2.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/bl4.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/bl6.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/bl8.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/blc.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/borelius-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/borelius.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/dc2008-003.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/dieter.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/emma.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/estragon.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/godot-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/godot.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/grauzone.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/heidrun-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/heidrun.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/joseph.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/kristel.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/leto-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/leto.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/lurkin-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/lurkin.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/maria.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/msd2.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/mx1.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/mx2.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/nexus.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/one.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/plexus.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/rotwang.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/sunny1-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/sunny1.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/sunny2-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/sunny2.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/sunny3-kvm.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/sunny3.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/turtur.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/vagas.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/walo.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/walter.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/wutschel.cfg.svn-base create mode 100644 strato/nagios/objects/rz/.svn/text-base/zero.cfg.svn-base create mode 100644 strato/nagios/objects/rz/affront.cfg create mode 100644 strato/nagios/objects/rz/bl0.cfg create mode 100644 strato/nagios/objects/rz/bl1.cfg create mode 100644 strato/nagios/objects/rz/bl2.cfg create mode 100644 strato/nagios/objects/rz/bl4.cfg create mode 100644 strato/nagios/objects/rz/bl6.cfg create mode 100644 strato/nagios/objects/rz/bl8.cfg create mode 100644 strato/nagios/objects/rz/blc.cfg create mode 100644 strato/nagios/objects/rz/borelius-kvm.cfg create mode 100644 strato/nagios/objects/rz/borelius.cfg create mode 100644 strato/nagios/objects/rz/dc2008-003.cfg create mode 100644 strato/nagios/objects/rz/dieter.cfg create mode 100644 strato/nagios/objects/rz/emma.cfg create mode 100644 strato/nagios/objects/rz/estragon.cfg create mode 100644 strato/nagios/objects/rz/godot-kvm.cfg create mode 100644 strato/nagios/objects/rz/godot.cfg create mode 100644 strato/nagios/objects/rz/grauzone.cfg create mode 100644 strato/nagios/objects/rz/heidrun-kvm.cfg create mode 100644 strato/nagios/objects/rz/heidrun.cfg create mode 100644 strato/nagios/objects/rz/joseph.cfg create mode 100644 strato/nagios/objects/rz/kristel.cfg create mode 100644 strato/nagios/objects/rz/leto-kvm.cfg create mode 100644 strato/nagios/objects/rz/leto.cfg create mode 100644 strato/nagios/objects/rz/lurkin-kvm.cfg create mode 100644 strato/nagios/objects/rz/lurkin.cfg create mode 100644 strato/nagios/objects/rz/maria.cfg create mode 100644 strato/nagios/objects/rz/msd2.cfg create mode 100644 strato/nagios/objects/rz/mx1.cfg create mode 100644 strato/nagios/objects/rz/mx2.cfg create mode 100644 strato/nagios/objects/rz/nexus.cfg create mode 100644 strato/nagios/objects/rz/one.cfg create mode 100644 strato/nagios/objects/rz/plexus.cfg create mode 100644 strato/nagios/objects/rz/rotwang.cfg create mode 100644 strato/nagios/objects/rz/sunny1-kvm.cfg create mode 100644 strato/nagios/objects/rz/sunny1.cfg create mode 100644 strato/nagios/objects/rz/sunny2-kvm.cfg create mode 100644 strato/nagios/objects/rz/sunny2.cfg create mode 100644 strato/nagios/objects/rz/sunny3-kvm.cfg create mode 100644 strato/nagios/objects/rz/sunny3.cfg create mode 100644 strato/nagios/objects/rz/turtur.cfg create mode 100644 strato/nagios/objects/rz/vagas.cfg create mode 100644 strato/nagios/objects/rz/walo.cfg create mode 100644 strato/nagios/objects/rz/walter.cfg create mode 100644 strato/nagios/objects/rz/wutschel.cfg create mode 100644 strato/nagios/objects/rz/zero.cfg create mode 100644 strato/nagios/objects/switch.cfg create mode 100644 strato/nagios/objects/templates.cfg create mode 100644 strato/nagios/objects/timeperiods.cfg create mode 100644 strato/nagios/objects/vm/.svn/dir-prop-base create mode 100644 strato/nagios/objects/vm/.svn/entries create mode 100644 strato/nagios/objects/vm/.svn/prop-base/adserver01.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/imperia2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/jabber.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/ols02.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/ols13.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/post2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/post3.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/post4.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/post5.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/schufulupiplu.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/timesten2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/timesten4.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/vagas2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/prop-base/webspiegel2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/adserver01.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/imperia2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/jabber.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/ols02.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/ols13.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/post2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/post3.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/post4.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/post5.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/schufulupiplu.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/timesten2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/timesten4.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/vagas2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/.svn/text-base/webspiegel2.cfg.svn-base create mode 100644 strato/nagios/objects/vm/adserver01.cfg create mode 100644 strato/nagios/objects/vm/imperia2.cfg create mode 100644 strato/nagios/objects/vm/jabber.cfg create mode 100644 strato/nagios/objects/vm/ols02.cfg create mode 100644 strato/nagios/objects/vm/ols13.cfg create mode 100644 strato/nagios/objects/vm/post2.cfg create mode 100644 strato/nagios/objects/vm/post3.cfg create mode 100644 strato/nagios/objects/vm/post4.cfg create mode 100644 strato/nagios/objects/vm/post5.cfg create mode 100644 strato/nagios/objects/vm/schufulupiplu.cfg create mode 100644 strato/nagios/objects/vm/timesten2.cfg create mode 100644 strato/nagios/objects/vm/timesten4.cfg create mode 100644 strato/nagios/objects/vm/vagas2.cfg create mode 100644 strato/nagios/objects/vm/webspiegel2.cfg create mode 100644 strato/nagios/objects/windows.cfg create mode 100644 strato/nagios/pnp/.svn/dir-prop-base create mode 100644 strato/nagios/pnp/.svn/entries create mode 100644 strato/nagios/pnp/.svn/prop-base/background.pdf.svn-base create mode 100644 strato/nagios/pnp/.svn/prop-base/config.php.svn-base create mode 100644 strato/nagios/pnp/.svn/prop-base/npcd.cfg.svn-base create mode 100644 strato/nagios/pnp/.svn/prop-base/process_perfdata.cfg.svn-base create mode 100644 strato/nagios/pnp/.svn/prop-base/rra.cfg.svn-base create mode 100644 strato/nagios/pnp/.svn/text-base/background.pdf.svn-base create mode 100644 strato/nagios/pnp/.svn/text-base/config.php.svn-base create mode 100644 strato/nagios/pnp/.svn/text-base/npcd.cfg.svn-base create mode 100644 strato/nagios/pnp/.svn/text-base/process_perfdata.cfg.svn-base create mode 100644 strato/nagios/pnp/.svn/text-base/rra.cfg.svn-base create mode 100644 strato/nagios/pnp/background.pdf create mode 100644 strato/nagios/pnp/check_commands/.svn/dir-prop-base create mode 100644 strato/nagios/pnp/check_commands/.svn/entries create mode 100644 strato/nagios/pnp/config.php create mode 100644 strato/nagios/pnp/npcd.cfg create mode 100644 strato/nagios/pnp/pages/.svn/dir-prop-base create mode 100644 strato/nagios/pnp/pages/.svn/entries create mode 100644 strato/nagios/pnp/pages/.svn/prop-base/apache_status.cfg.svn-base create mode 100644 strato/nagios/pnp/pages/.svn/prop-base/hosts-ping.cfg.svn-base create mode 100644 strato/nagios/pnp/pages/.svn/prop-base/mailqueues.cfg.svn-base create mode 100644 strato/nagios/pnp/pages/.svn/prop-base/messages.cfg.svn-base create mode 100644 strato/nagios/pnp/pages/.svn/text-base/apache_status.cfg.svn-base create mode 100644 strato/nagios/pnp/pages/.svn/text-base/hosts-ping.cfg.svn-base create mode 100644 strato/nagios/pnp/pages/.svn/text-base/mailqueues.cfg.svn-base create mode 100644 strato/nagios/pnp/pages/.svn/text-base/messages.cfg.svn-base create mode 100644 strato/nagios/pnp/pages/apache_status.cfg create mode 100644 strato/nagios/pnp/pages/hosts-ping.cfg create mode 100644 strato/nagios/pnp/pages/mailqueues.cfg create mode 100644 strato/nagios/pnp/pages/messages.cfg create mode 100644 strato/nagios/pnp/process_perfdata.cfg create mode 100644 strato/nagios/pnp/rra.cfg create mode 100644 strato/nagios/resource.cfg diff --git a/ImageMagick/coder.xml b/ImageMagick/coder.xml new file mode 100644 index 0000000..5c62cb4 --- /dev/null +++ b/ImageMagick/coder.xml @@ -0,0 +1,22 @@ + + + + + +]> + + + + + + diff --git a/ImageMagick/colors.xml b/ImageMagick/colors.xml new file mode 100644 index 0000000..55bfb5d --- /dev/null +++ b/ImageMagick/colors.xml @@ -0,0 +1,28 @@ + + + + + + +]> + + + + + + + + + + + + diff --git a/ImageMagick/delegates.xml b/ImageMagick/delegates.xml new file mode 100644 index 0000000..f671293 --- /dev/null +++ b/ImageMagick/delegates.xml @@ -0,0 +1,112 @@ + + + + + + + + + + +]> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ImageMagick/log.xml b/ImageMagick/log.xml new file mode 100644 index 0000000..cdacdab --- /dev/null +++ b/ImageMagick/log.xml @@ -0,0 +1,40 @@ + + + + + + + + + +]> + + + + + + + + + diff --git a/ImageMagick/magic.xml b/ImageMagick/magic.xml new file mode 100644 index 0000000..7f17731 --- /dev/null +++ b/ImageMagick/magic.xml @@ -0,0 +1,23 @@ + + + + + + +]> + + + + + + + diff --git a/ImageMagick/mime.xml b/ImageMagick/mime.xml new file mode 100644 index 0000000..4dd55f2 --- /dev/null +++ b/ImageMagick/mime.xml @@ -0,0 +1,1141 @@ + + + + + + + + + + + + + +]> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ImageMagick/policy.xml b/ImageMagick/policy.xml new file mode 100644 index 0000000..28eda17 --- /dev/null +++ b/ImageMagick/policy.xml @@ -0,0 +1,57 @@ + + + + + + + + +]> + + + + + + + + + + + + + diff --git a/ImageMagick/sRGB.icm b/ImageMagick/sRGB.icm new file mode 100644 index 0000000000000000000000000000000000000000..7f9d18d097d1bcccb32e6d5743ac4af593170b6f GIT binary patch literal 3144 zcmbW3cT`i^7KhKhH@(mjA|NI78hQyJ(mO~M1W}1efKUR4geG=G1x6GRDOO}uzyU{x zB4b4q3xk4U*9r0vP{zSgL`CJ@jB5$+tu^!Bn*GOF-`VH4*V$+9eb>4GQ2c@f!gN>x zfHa|46z=Q6ToMz@#P0Oj{6)6@8zOaL$xnP1H3 zCZTMJGDQ>_?uqgO00@-CIlOWXi}^Wdo&b2JXXJ_miAiFn5!aY$<><&}`th?<`C>6E zl*3KohJ5ztS`M50QMwWn;o;hl~n+=Z3aN);jB;ZAOP|O0JPqm^B#t5UXsM(3?~bV z?CflF0iSCwE9f`-pMr17zlJ&Ynal3`Ry(E_KY=4j6*FZ;<)){mOGM1f3=WsiWc~LL z|Kq?pY0b&QES#Uf7x9JYRZ-}a351DgyM;V~SdcDc3WR^v;eQx5CkGjRoof_mbzcB| zg*i~TNe9SpJpe-^10-%gdIEjxTM#h{$iBR2t&y*Dk1~4x=lUNDT#9btOhF=3=JpJa zWO5~-11?AcX+Q+BK|a_3 z3PCa00d|9GZ~)YSde8(;f;MmlTm)CZ4R8w#fJZ5%ns2D1Ps-Z(rJ@g}V8oCHwgZiKc&>%Dh{Q-T1 z5tstgVGY;-wt(5NI~)i{!pq=9com!n7r@)$O1Kt24!6P=;T!M(EQMdflL$b_2m{eZ zSO^>OL_&~QBmog2Ymp+P0;xrskPf69xs6DXapVIAhoNDZ7#7AEHf9hrf%$@^V%4#xSSPGMb_q5Sn~g2RR$z}{Td>%$GT@D&7?Df)BxS@M3%+z6yUFe;(hDAI85YkO^7@ zYl06UmLMc-BvcR@2gb~6tQGuvWbRvcjdBj{|DY1^&LA*&ECQg$SNrogBQY0yv zw1HGfY9d`GJtn;&lgT<{M{*chKweL-B%dH(B@dE6P?RVp6i-SVMMBw5IZC-ec|dtX zrBV&3Zq!(+n7W->PrXEaN_{U!lQWm|m*dH;ldF+ymFt&#B~O&smv@(6E}th~A%9B# zru?`9QNcjLQ-PzfR-s1Ww8A}wNky8Xm12lunqrA!gW@&CQ6;>Rfs(fpPpLrZu+k-^ zAsRx{rFqi0v`w@++GW}>9Y;5$`_q%@#q=NOz4QrXC1qRXDCHdG8s)RfQU<~>VE8jq z8KsPqjJu4F^EBqU&*RVAHm_-3|GX)c`6_NIe3c@VW|aYzkE%>nZ`BmlovLlBPt-7K zCTd}7*=qaME~|~tr_Xnu&z)a1|K$9K>aeXRCp8onAC8dVyXG{!X< znr@oOn&q13G{>}PS_`!VTIE{jwO%llneNO~W+k(WIiant?WZl#KBV2NJ*{J?vsh=N zPP5JvU6L+aH$k^tw^MgQPfIUYFJG@w@1Z_XpRJ#yzem4Yf6BnnAlhJyL7Ty-p^Blu zVV+^5;bSAJk*m=vqgtao#yDfPafahC5 z+Qgb`U1NR6hHB$uv(Bd7=C!S z*mQO%yM%q!5$ovTxX$s6;|C{uC$ZB>r{A4f&MD3f&Z7$q7w{L-x-1*Nx|P#BIdg*ge_(xce&)OAnDpi^r6wljj=G3totquUC;* zueXx-V()72r#?D9i9U@!6TWu7t9>u{Vf_OAcKY4(*YM~1*ZWTdI0UQ-=nA9+Mg&#| zJ_|Al5(RYx!@&W;yMiAt(qAN8)D{9l{6ltyJP9=nT^0Is7%nU{tS0PvxK((5cy|OX zVnswl#Jfn3$kND1i;Wgb7I#L;N5w_eM@>b0MVCcOmsl)Wv*bpMT8tp3Jr*Au6?-Ih za;f*y-Ajk#?BWXJ?k+Q2mb2{Ia<%2D%g?TmU%^>%Djpjj9p4cDi4(%93l#rC8 zDKn|jsm*DGwD`2sLM35}uq$0NJtw^{!!)BXL%Pao)$UajqCnA+Oek|%X1kb<{!H~q zj3k>SgINo+YO>yEM`fSNQOptM^yHf4Zp$6X^U3>uHD)z;b!WbI{)YU)HSTK;t%cUE zT-&)$cU{4{;q|`jk8L1rNZIhqM$3(58{ck<-qcZ`QLw&XXtVF;#zMJ5QQ^HU&RY&_ z#cUO9?cHXxt!mqsB3{w;V$0%+;!h>qlI!1DeOLM2%=U!sy`}c0`*+}W2zT7w>ALe+ znPOR9+0d@wU9IKJ@}ly$yI1VKR$*IlU=L}JWRJ8msIt9EuWCotr|P8Yff|pR=Dq5B zx9y$U$J^Jx-)(=>0gVI22Rfw1Ho}dP#Y+O@16`i z*?Ee6s_7^FpZ2!UT8dhs*4);Kwxl*`drW)Z>44Ln9nKvsKb!x2^o;hInzPDhOV5$c z6`Y$npLc%pLdJ#hi-{M9I#+Z)y0qldovyI1-phfPuU_%Fa;e+B`}|dxt7on`T|0f9 zeZB35{f*WhyPlR`?0#wKweM}c>2S0CmgB9Cz6E{f`d#}k-uAkE<&OWI8v~05`tB~i zd;ebCJ?VYk{m}=h4_-gadN}=P{bTIoq9+PZDxRu8t^L*b*Ji1`^z5M5V9&FNXOD)s zLoff8`L9pI1<$F^D@L?N>PM|d&y4wu-FmU~#qi6Fm($~gzbXE<_m$DBpMH1yy=P*{ z#PDm;>zO}F-l)Dg`quVs=Va*Q(|2j_rl*SDtG++>f&HQTWAw+7>FiJVPnDmIKX-fy L{PK7vZD!`*_k{EN literal 0 HcmV?d00001 diff --git a/ImageMagick/thresholds.xml b/ImageMagick/thresholds.xml new file mode 100644 index 0000000..2ca2dab --- /dev/null +++ b/ImageMagick/thresholds.xml @@ -0,0 +1,334 @@ + + + + + + + + + +]> + + + + + + Threshold 1x1 (non-dither) + + 1 + + + + + Checkerboard 2x1 (dither) + + 1 2 + 2 1 + + + + + + Ordered 2x2 (dispersed) + + 1 3 + 4 2 + + + + + Ordered 3x3 (dispersed) + + 3 7 4 + 6 1 9 + 2 8 5 + + + + + + Ordered 4x4 (dispersed) + + 1 9 3 11 + 13 5 15 7 + 4 12 2 10 + 16 8 14 6 + + + + + + Ordered 8x8 (dispersed) + + 1 49 13 61 4 52 16 64 + 33 17 45 29 36 20 48 32 + 9 57 5 53 12 60 8 56 + 41 25 37 21 44 28 40 24 + 3 51 15 63 2 50 14 62 + 35 19 47 31 34 18 46 30 + 11 59 7 55 10 58 6 54 + 43 27 39 23 42 26 38 22 + + + + + + Halftone 4x4 (angled) + + 4 2 7 5 + 3 1 8 6 + 7 5 4 2 + 8 6 3 1 + + + + + Halftone 6x6 (angled) + + 14 13 10 8 2 3 + 16 18 12 7 1 4 + 15 17 11 9 6 5 + 8 2 3 14 13 10 + 7 1 4 16 18 12 + 9 6 5 15 17 11 + + + + + Halftone 8x8 (angled) + + 13 7 8 14 17 21 22 18 + 6 1 3 9 28 31 29 23 + 5 2 4 10 27 32 30 24 + 16 12 11 15 20 26 25 19 + 17 21 22 18 13 7 8 14 + 28 31 29 23 6 1 3 9 + 27 32 30 24 5 2 4 10 + 20 26 25 19 16 12 11 15 + + + + + + Halftone 4x4 (orthogonal) + + 7 13 11 4 + 12 16 14 8 + 10 15 6 2 + 5 9 3 1 + + + + + Halftone 6x6 (orthogonal) + + 7 17 27 14 9 4 + 21 29 33 31 18 11 + 24 32 36 34 25 22 + 19 30 35 28 20 10 + 8 15 26 16 6 2 + 5 13 23 12 3 1 + + + + + Halftone 8x8 (orthogonal) + + 7 21 33 43 36 19 9 4 + 16 27 51 55 49 29 14 11 + 31 47 57 61 59 45 35 23 + 41 53 60 64 62 52 40 38 + 37 44 58 63 56 46 30 22 + 15 28 48 54 50 26 17 10 + 8 18 34 42 32 20 6 2 + 5 13 25 39 24 12 3 1 + + + + + + Halftone 16x16 (orthogonal) + + 4 12 24 44 72 100 136 152 150 134 98 70 42 23 11 3 + 7 16 32 52 76 104 144 160 158 142 102 74 50 31 15 6 + 19 27 40 60 92 132 168 180 178 166 130 90 58 39 26 18 + 36 48 56 80 124 176 188 204 203 187 175 122 79 55 47 35 + 64 68 84 116 164 200 212 224 223 211 199 162 114 83 67 63 + 88 96 112 156 192 216 232 240 239 231 214 190 154 111 95 87 + 108 120 148 184 208 228 244 252 251 243 226 206 182 147 119 107 + 128 140 172 196 219 235 247 256 255 246 234 218 194 171 139 127 + 126 138 170 195 220 236 248 253 254 245 233 217 193 169 137 125 + 106 118 146 183 207 227 242 249 250 241 225 205 181 145 117 105 + 86 94 110 155 191 215 229 238 237 230 213 189 153 109 93 85 + 62 66 82 115 163 198 210 221 222 209 197 161 113 81 65 61 + 34 46 54 78 123 174 186 202 201 185 173 121 77 53 45 33 + 20 28 37 59 91 131 167 179 177 165 129 89 57 38 25 17 + 8 13 29 51 75 103 143 159 157 141 101 73 49 30 14 5 + 1 9 21 43 71 99 135 151 149 133 97 69 41 22 10 2 + + + + + + + Circles 5x5 (black) + + 1 21 16 15 4 + 5 17 20 19 14 + 6 21 25 24 12 + 7 18 22 23 11 + 2 8 9 10 3 + + + + + + Circles 5x5 (white) + + 25 21 10 11 22 + 20 9 6 7 12 + 19 5 1 2 13 + 18 8 4 3 14 + 24 17 16 15 23 + + + + + Circles 6x6 (black) + + 1 5 14 13 12 4 + 6 22 28 27 21 11 + 15 29 35 34 26 20 + 16 30 36 33 25 19 + 7 23 31 32 24 10 + 2 8 17 18 9 3 + + + + + Circles 6x6 (white) + + 36 32 23 24 25 33 + 31 15 9 10 16 26 + 22 8 2 3 11 17 + 21 7 1 4 12 18 + 30 14 6 5 13 27 + 35 29 20 19 28 34 + + + + + Circles 7x7 (black) + + 3 9 18 28 17 8 2 + 10 24 33 39 32 23 7 + 19 34 44 48 43 31 16 + 25 40 45 49 47 38 27 + 20 35 41 46 42 29 15 + 11 21 36 37 28 22 6 + 4 12 13 26 14 5 1 + + + + + + Circles 7x7 (white) + + 47 41 32 22 33 42 48 + 40 26 17 11 18 27 43 + 31 16 6 2 7 19 34 + 25 10 5 1 3 12 23 + 30 15 9 4 8 20 35 + 39 29 14 13 21 28 44 + 46 38 37 24 36 45 49 + + + + + + + diff --git a/ImageMagick/type-dejavu.xml b/ImageMagick/type-dejavu.xml new file mode 100644 index 0000000..88c0d72 --- /dev/null +++ b/ImageMagick/type-dejavu.xml @@ -0,0 +1,62 @@ + + + + + + + + + + + + + + + + +]> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ImageMagick/type-ghostscript.xml b/ImageMagick/type-ghostscript.xml new file mode 100644 index 0000000..30182b8 --- /dev/null +++ b/ImageMagick/type-ghostscript.xml @@ -0,0 +1,54 @@ + + + + + + + + + + + + + + + + +]> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ImageMagick/type-windows.xml b/ImageMagick/type-windows.xml new file mode 100644 index 0000000..f518c3a --- /dev/null +++ b/ImageMagick/type-windows.xml @@ -0,0 +1,102 @@ + + + + + + + + + + + + + + + + +]> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ImageMagick/type.xml b/ImageMagick/type.xml new file mode 100644 index 0000000..9197be4 --- /dev/null +++ b/ImageMagick/type.xml @@ -0,0 +1,21 @@ + + + + + + + + + + + + + + + + +]> + + + diff --git a/X11/xinit/xinitrc.d/80-dbus b/X11/xinit/xinitrc.d/80-dbus new file mode 100755 index 0000000..5593e2c --- /dev/null +++ b/X11/xinit/xinitrc.d/80-dbus @@ -0,0 +1,13 @@ +#!/bin/bash + +# launches a session dbus instance + +dbuslaunch="`which dbus-launch 2>/dev/null`" +if [ -n "$dbuslaunch" ] && [ -x "$dbuslaunch" ] && [ -z "$DBUS_SESSION_BUS_ADDRESS" ]; then + if [ -n "$command" ]; then + command="$dbuslaunch --exit-with-session $command" + else + eval `$dbuslaunch --sh-syntax --exit-with-session` + fi +fi + diff --git a/apache2/.original/httpd.conf b/apache2/.original/httpd.conf new file mode 100644 index 0000000..1a5936a --- /dev/null +++ b/apache2/.original/httpd.conf @@ -0,0 +1,196 @@ +# This is a modification of the default Apache 2.2 configuration file +# for Gentoo Linux. +# +# Support: +# http://www.gentoo.org/main/en/lists.xml [mailing lists] +# http://forums.gentoo.org/ [web forums] +# irc://irc.freenode.net#gentoo-apache [irc chat] +# +# Bug Reports: +# http://bugs.gentoo.org [gentoo related bugs] +# http://httpd.apache.org/bug_report.html [apache httpd related bugs] +# +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log" +# with ServerRoot set to "/usr" will be interpreted by the +# server as "/usr/var/log/apache2/foo.log". + +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to point the LockFile directive +# at a local disk. If you wish to share the same ServerRoot for multiple +# httpd daemons, you will need to change at least LockFile and PidFile. +ServerRoot "/usr/lib64/apache2" + +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable. +# Do not change manually, it will be overwritten on upgrade. +# +# The following modules are considered as the default configuration. +# If you wish to disable one of them, you may have to alter other +# configuration directives. +# +# Change these at your own risk! + +LoadModule actions_module modules/mod_actions.so +LoadModule alias_module modules/mod_alias.so +LoadModule asis_module modules/mod_asis.so +LoadModule auth_basic_module modules/mod_auth_basic.so + +LoadModule auth_digest_module modules/mod_auth_digest.so + +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +LoadModule authn_dbd_module modules/mod_authn_dbd.so +LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authn_file_module modules/mod_authn_file.so + +LoadModule authnz_ldap_module modules/mod_authnz_ldap.so + +LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule autoindex_module modules/mod_autoindex.so + +LoadModule cache_module modules/mod_cache.so + +LoadModule cgi_module modules/mod_cgi.so +LoadModule cgid_module modules/mod_cgid.so +LoadModule charset_lite_module modules/mod_charset_lite.so + +LoadModule dav_module modules/mod_dav.so + + +LoadModule dav_fs_module modules/mod_dav_fs.so + + +LoadModule dav_lock_module modules/mod_dav_lock.so + +LoadModule dbd_module modules/mod_dbd.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule dir_module modules/mod_dir.so + +LoadModule disk_cache_module modules/mod_disk_cache.so + +LoadModule env_module modules/mod_env.so +LoadModule expires_module modules/mod_expires.so +LoadModule ext_filter_module modules/mod_ext_filter.so + +LoadModule file_cache_module modules/mod_file_cache.so + +LoadModule filter_module modules/mod_filter.so +LoadModule headers_module modules/mod_headers.so +LoadModule ident_module modules/mod_ident.so +LoadModule imagemap_module modules/mod_imagemap.so +LoadModule include_module modules/mod_include.so + +LoadModule info_module modules/mod_info.so + + +LoadModule ldap_module modules/mod_ldap.so + +LoadModule log_config_module modules/mod_log_config.so +LoadModule log_forensic_module modules/mod_log_forensic.so +LoadModule logio_module modules/mod_logio.so + +LoadModule mem_cache_module modules/mod_mem_cache.so + +LoadModule mime_module modules/mod_mime.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule negotiation_module modules/mod_negotiation.so + +LoadModule proxy_module modules/mod_proxy.so + + +LoadModule proxy_ajp_module modules/mod_proxy_ajp.so + + +LoadModule proxy_balancer_module modules/mod_proxy_balancer.so + + +LoadModule proxy_connect_module modules/mod_proxy_connect.so + + +LoadModule proxy_ftp_module modules/mod_proxy_ftp.so + + +LoadModule proxy_http_module modules/mod_proxy_http.so + +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule speling_module modules/mod_speling.so + +LoadModule ssl_module modules/mod_ssl.so + + +LoadModule status_module modules/mod_status.so + +LoadModule substitute_module modules/mod_substitute.so + +LoadModule suexec_module modules/mod_suexec.so + +LoadModule unique_id_module modules/mod_unique_id.so + +LoadModule userdir_module modules/mod_userdir.so + +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so + +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +User apache +Group apache + +# Supplemental configuration +# +# Most of the configuration files in the /etc/apache2/modules.d/ directory can +# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features +# or to modify the default configuration of the server. +# +# To know which flag to add to APACHE2_OPTS, look at the first line of the +# the file, which will usually be an where OPTION is the +# flag to use. +Include /etc/apache2/modules.d/*.conf + +# Virtual-host support +# +# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we +# include a default vhost (enabled by adding -D DEFAULT_VHOST to +# APACHE2_OPTS in /etc/conf.d/apache2). +Include /etc/apache2/vhosts.d/*.conf + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/magic b/apache2/.original/magic new file mode 100644 index 0000000..0de7336 --- /dev/null +++ b/apache2/.original/magic @@ -0,0 +1,382 @@ +# Magic data for mod_mime_magic Apache module (originally for file(1) command) +# The module is described in /manual/mod/mod_mime_magic.html +# +# The format is 4-5 columns: +# Column #1: byte number to begin checking from, ">" indicates continuation +# Column #2: type of data to match +# Column #3: contents of data to match +# Column #4: MIME type of result +# Column #5: MIME encoding of result (optional) + +#------------------------------------------------------------------------------ +# Localstuff: file(1) magic for locally observed files +# Add any locally observed files here. + +#------------------------------------------------------------------------------ +# end local stuff +#------------------------------------------------------------------------------ + +#------------------------------------------------------------------------------ +# Java + +0 short 0xcafe +>2 short 0xbabe application/java + +#------------------------------------------------------------------------------ +# audio: file(1) magic for sound formats +# +# from Jan Nicolai Langfeldt , +# + +# Sun/NeXT audio data +0 string .snd +>12 belong 1 audio/basic +>12 belong 2 audio/basic +>12 belong 3 audio/basic +>12 belong 4 audio/basic +>12 belong 5 audio/basic +>12 belong 6 audio/basic +>12 belong 7 audio/basic + +>12 belong 23 audio/x-adpcm + +# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format +# that uses little-endian encoding and has a different magic number +# (0x0064732E in little-endian encoding). +0 lelong 0x0064732E +>12 lelong 1 audio/x-dec-basic +>12 lelong 2 audio/x-dec-basic +>12 lelong 3 audio/x-dec-basic +>12 lelong 4 audio/x-dec-basic +>12 lelong 5 audio/x-dec-basic +>12 lelong 6 audio/x-dec-basic +>12 lelong 7 audio/x-dec-basic +# compressed (G.721 ADPCM) +>12 lelong 23 audio/x-dec-adpcm + +# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM" +# AIFF audio data +8 string AIFF audio/x-aiff +# AIFF-C audio data +8 string AIFC audio/x-aiff +# IFF/8SVX audio data +8 string 8SVX audio/x-aiff + +# Creative Labs AUDIO stuff +# Standard MIDI data +0 string MThd audio/unknown +#>9 byte >0 (format %d) +#>11 byte >1 using %d channels +# Creative Music (CMF) data +0 string CTMF audio/unknown +# SoundBlaster instrument data +0 string SBI audio/unknown +# Creative Labs voice data +0 string Creative\ Voice\ File audio/unknown +## is this next line right? it came this way... +#>19 byte 0x1A +#>23 byte >0 - version %d +#>22 byte >0 \b.%d + +# [GRR 950115: is this also Creative Labs? Guessing that first line +# should be string instead of unknown-endian long...] +#0 long 0x4e54524b MultiTrack sound data +#0 string NTRK MultiTrack sound data +#>4 long x - version %ld + +# Microsoft WAVE format (*.wav) +# [GRR 950115: probably all of the shorts and longs should be leshort/lelong] +# Microsoft RIFF +0 string RIFF audio/unknown +# - WAVE format +>8 string WAVE audio/x-wav +# MPEG audio. +0 beshort&0xfff0 0xfff0 audio/mpeg +# C64 SID Music files, from Linus Walleij +0 string PSID audio/prs.sid + +#------------------------------------------------------------------------------ +# c-lang: file(1) magic for C programs or various scripts +# + +# XPM icons (Greg Roelofs, newt@uchicago.edu) +# ideally should go into "images", but entries below would tag XPM as C source +0 string /*\ XPM image/x-xbm 7bit + +# this first will upset you if you're a PL/1 shop... (are there any left?) +# in which case rm it; ascmagic will catch real C programs +# C or REXX program text +0 string /* text/plain +# C++ program text +0 string // text/plain + +#------------------------------------------------------------------------------ +# compress: file(1) magic for pure-compression formats (no archives) +# +# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc. +# +# Formats for various forms of compressed data +# Formats for "compress" proper have been moved into "compress.c", +# because it tries to uncompress it to figure out what's inside. + +# standard unix compress +0 string \037\235 application/octet-stream x-compress + +# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver) +0 string \037\213 application/octet-stream x-gzip + +# According to gzip.h, this is the correct byte order for packed data. +0 string \037\036 application/octet-stream +# +# This magic number is byte-order-independent. +# +0 short 017437 application/octet-stream + +# XXX - why *two* entries for "compacted data", one of which is +# byte-order independent, and one of which is byte-order dependent? +# +# compacted data +0 short 0x1fff application/octet-stream +0 string \377\037 application/octet-stream +# huf output +0 short 0145405 application/octet-stream + +# Squeeze and Crunch... +# These numbers were gleaned from the Unix versions of the programs to +# handle these formats. Note that I can only uncrunch, not crunch, and +# I didn't have a crunched file handy, so the crunch number is untested. +# Keith Waclena +#0 leshort 0x76FF squeezed data (CP/M, DOS) +#0 leshort 0x76FE crunched data (CP/M, DOS) + +# Freeze +#0 string \037\237 Frozen file 2.1 +#0 string \037\236 Frozen file 1.0 (or gzip 0.5) + +# lzh? +#0 string \037\240 LZH compressed data + +#------------------------------------------------------------------------------ +# frame: file(1) magic for FrameMaker files +# +# This stuff came on a FrameMaker demo tape, most of which is +# copyright, but this file is "published" as witness the following: +# +0 string \ +# and Anna Shergold +# +0 string \ +0 string \14 byte 12 (OS/2 1.x format) +#>14 byte 64 (OS/2 2.x format) +#>14 byte 40 (Windows 3.x format) +#0 string IC icon +#0 string PI pointer +#0 string CI color icon +#0 string CP color pointer +#0 string BA bitmap array + + +#------------------------------------------------------------------------------ +# lisp: file(1) magic for lisp programs +# +# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com) +0 string ;; text/plain 8bit +# Emacs 18 - this is always correct, but not very magical. +0 string \012( application/x-elc +# Emacs 19 +0 string ;ELC\023\000\000\000 application/x-elc + +#------------------------------------------------------------------------------ +# mail.news: file(1) magic for mail and news +# +# There are tests to ascmagic.c to cope with mail and news. +0 string Relay-Version: message/rfc822 7bit +0 string #!\ rnews message/rfc822 7bit +0 string N#!\ rnews message/rfc822 7bit +0 string Forward\ to message/rfc822 7bit +0 string Pipe\ to message/rfc822 7bit +0 string Return-Path: message/rfc822 7bit +0 string Path: message/news 8bit +0 string Xref: message/news 8bit +0 string From: message/rfc822 7bit +0 string Article message/news 8bit +#------------------------------------------------------------------------------ +# msword: file(1) magic for MS Word files +# +# Contributor claims: +# Reversed-engineered MS Word magic numbers +# + +0 string \376\067\0\043 application/msword +0 string \333\245-\0\0\0 application/msword + +# disable this one because it applies also to other +# Office/OLE documents for which msword is not correct. See PR#2608. +#0 string \320\317\021\340\241\261 application/msword + + + +#------------------------------------------------------------------------------ +# printer: file(1) magic for printer-formatted files +# + +# PostScript +0 string %! application/postscript +0 string \004%! application/postscript + +# Acrobat +# (due to clamen@cs.cmu.edu) +0 string %PDF- application/pdf + +#------------------------------------------------------------------------------ +# sc: file(1) magic for "sc" spreadsheet +# +38 string Spreadsheet application/x-sc + +#------------------------------------------------------------------------------ +# tex: file(1) magic for TeX files +# +# XXX - needs byte-endian stuff (big-endian and little-endian DVI?) +# +# From + +# Although we may know the offset of certain text fields in TeX DVI +# and font files, we can't use them reliably because they are not +# zero terminated. [but we do anyway, christos] +0 string \367\002 application/x-dvi +#0 string \367\203 TeX generic font data +#0 string \367\131 TeX packed font data +#0 string \367\312 TeX virtual font data +#0 string This\ is\ TeX, TeX transcript text +#0 string This\ is\ METAFONT, METAFONT transcript text + +# There is no way to detect TeX Font Metric (*.tfm) files without +# breaking them apart and reading the data. The following patterns +# match most *.tfm files generated by METAFONT or afm2tfm. +#2 string \000\021 TeX font metric data +#2 string \000\022 TeX font metric data +#>34 string >\0 (%s) + +# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com) +#0 string \\input\ texinfo Texinfo source text +#0 string This\ is\ Info\ file GNU Info text + +# correct TeX magic for Linux (and maybe more) +# from Peter Tobias (tobias@server.et-inf.fho-emden.de) +# +0 leshort 0x02f7 application/x-dvi + +# RTF - Rich Text Format +0 string {\\rtf application/rtf + +#------------------------------------------------------------------------------ +# animation: file(1) magic for animation/movie formats +# +# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8) +# MPEG file +0 string \000\000\001\263 video/mpeg +# +# The contributor claims: +# I couldn't find a real magic number for these, however, this +# -appears- to work. Note that it might catch other files, too, +# so BE CAREFUL! +# +# Note that title and author appear in the two 20-byte chunks +# at decimal offsets 2 and 22, respectively, but they are XOR'ed with +# 255 (hex FF)! DL format SUCKS BIG ROCKS. +# +# DL file version 1 , medium format (160x100, 4 images/screen) +0 byte 1 video/unknown +0 byte 2 video/unknown +# Quicktime video, from Linus Walleij +# from Apple quicktime file format documentation. +4 string moov video/quicktime +4 string mdat video/quicktime + diff --git a/apache2/.original/modules.d/00_apache_manual.conf b/apache2/.original/modules.d/00_apache_manual.conf new file mode 100644 index 0000000..3dbfc56 --- /dev/null +++ b/apache2/.original/modules.d/00_apache_manual.conf @@ -0,0 +1,26 @@ +# Provide access to the documentation on your server as +# http://yourserver.example.com/manual/ +# The documentation is always available at +# http://httpd.apache.org/docs/2.2/ + +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.16/manual$1" + + + Options Indexes + AllowOverride None + Order allow,deny + Allow from all + + + SetHandler type-map + + + SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1 + RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2 + + LanguagePriority en de es fr ja ko pt-br + ForceLanguagePriority Prefer Fallback + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_default_settings.conf b/apache2/.original/modules.d/00_default_settings.conf new file mode 100644 index 0000000..5dc223b --- /dev/null +++ b/apache2/.original/modules.d/00_default_settings.conf @@ -0,0 +1,114 @@ +# This configuration file reflects default settings for Apache HTTP Server. +# You may change these, but chances are that you may not need to. + +# Timeout: The number of seconds before receives and sends time out. +Timeout 300 + +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +KeepAlive On + +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +MaxKeepAliveRequests 100 + +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +KeepAliveTimeout 15 + +# UseCanonicalName: Determines how Apache constructs self-referencing +# URLs and the SERVER_NAME and SERVER_PORT variables. +# When set "Off", Apache will use the Hostname and Port supplied +# by the client. When set "On", Apache will use the value of the +# ServerName directive. +UseCanonicalName Off + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +AccessFileName .htaccess + +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minor | Minimal | Major | Prod +# where Full conveys the most information, and Prod the least. +ServerTokens Prod + +# TraceEnable +# This directive overrides the behavior of TRACE for both the core server and +# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616, +# which disallows any request body to accompany the request. TraceEnable off +# causes the core server and mod_proxy to return a 405 (Method not allowed) +# error to the client. +# For security reasons this is turned off by default. (bug #240680) +TraceEnable off + +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +ServerSignature On + +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +HostnameLookups Off + +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall is used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +#EnableMMAP off +#EnableSendfile off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +ErrorLog /var/log/apache2/error_log + +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +LogLevel warn + +# We configure the "default" to be a very restrictive set of features. + + Options FollowSymLinks + AllowOverride None + Order deny,allow + Deny from all + + +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# +# The index.html.var file (a type-map) is used to deliver content- +# negotiated documents. The MultiViews Options can be used for the +# same purpose, but it is much slower. +# +# To add files to that list use AddDirectoryIndex in a custom config +# file. Do not change this entry unless you know what you are doing. + + DirectoryIndex index.html index.html.var + + +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. + + Order allow,deny + Deny from all + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_error_documents.conf b/apache2/.original/modules.d/00_error_documents.conf new file mode 100644 index 0000000..815668f --- /dev/null +++ b/apache2/.original/modules.d/00_error_documents.conf @@ -0,0 +1,58 @@ +# The configuration below implements multi-language error documents through +# content-negotiation. + +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html + +# Required modules: mod_alias, mod_include, mod_negotiation +# We use Alias to redirect any /error/HTTP_.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# You can modify the messages' appearance without changing any of the +# default HTTP_.html.var files by adding the line: +# Alias /error/include/ "/your/include/path/" +# which allows you to create your own set of files by starting with the +# /var/www/localhost/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. The default include files will display +# your Apache version number and your ServerAdmin email address regardless +# of the setting of ServerSignature. + + +Alias /error/ "/usr/share/apache2/error/" + + + AllowOverride None + Options IncludesNoExec + AddOutputFilter Includes html + AddHandler type-map var + Order allow,deny + Allow from all + LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr + ForceLanguagePriority Prefer Fallback + + +ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +ErrorDocument 410 /error/HTTP_GONE.html.var +ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_languages.conf b/apache2/.original/modules.d/00_languages.conf new file mode 100644 index 0000000..c429bf9 --- /dev/null +++ b/apache2/.original/modules.d/00_languages.conf @@ -0,0 +1,133 @@ +# Settings for hosting different languages. + +# DefaultLanguage and AddLanguage allows you to specify the language of +# a document. You can then use content negotiation to give a browser a +# file in a language the user can understand. +# +# Specify a default language. This means that all data +# going out without a specific language tag (see below) will +# be marked with this one. You probably do NOT want to set +# this unless you are sure it is correct for all cases. +# +# It is generally better to not mark a page as +# being a certain language than marking it with the wrong +# language! +# +# DefaultLanguage nl +# +# Note 1: The suffix does not have to be the same as the language +# keyword --- those with documents in Polish (whose net-standard +# language code is pl) may wish to use "AddLanguage pl .po" to +# avoid the ambiguity with the common suffix for perl scripts. +# +# Note 2: The example entries below illustrate that in some cases +# the two character 'Language' abbreviation is not identical to +# the two character 'Country' code for its country, +# E.g. 'Danmark/dk' versus 'Danish/da'. +# +# Note 3: In the case of 'ltz' we violate the RFC by using a three char +# specifier. There is 'work in progress' to fix this and get +# the reference data for rfc1766 cleaned up. +# +# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) +# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) +# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) +# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) +# Norwegian (no) - Polish (pl) - Portugese (pt) +# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) +# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +# LanguagePriority allows you to give precedence to some languages +# in case of a tie during content negotiation. +# +# Just list the languages in decreasing order of preference. We have +# more or less alphabetized them here. You probably want to change this. +LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW + +# ForceLanguagePriority allows you to serve a result page rather than +# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) +# [in case no accepted languages matched the available variants] +ForceLanguagePriority Prefer Fallback + +# Commonly used filename extensions to character sets. You probably +# want to avoid clashes with the language extensions, unless you +# are good at carefully testing your setup after each change. +# See http://www.iana.org/assignments/character-sets for the +# official list of charset names and their respective RFCs. +AddCharset us-ascii.ascii .us-ascii +AddCharset ISO-8859-1 .iso8859-1 .latin1 +AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen +AddCharset ISO-8859-3 .iso8859-3 .latin3 +AddCharset ISO-8859-4 .iso8859-4 .latin4 +AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru +AddCharset ISO-8859-6 .iso8859-6 .arb .arabic +AddCharset ISO-8859-7 .iso8859-7 .grk .greek +AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew +AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk +AddCharset ISO-8859-10 .iso8859-10 .latin6 +AddCharset ISO-8859-13 .iso8859-13 +AddCharset ISO-8859-14 .iso8859-14 .latin8 +AddCharset ISO-8859-15 .iso8859-15 .latin9 +AddCharset ISO-8859-16 .iso8859-16 .latin10 +AddCharset ISO-2022-JP .iso2022-jp .jis +AddCharset ISO-2022-KR .iso2022-kr .kis +AddCharset ISO-2022-CN .iso2022-cn .cis +AddCharset Big5.Big5 .big5 .b5 +AddCharset cn-Big5 .cn-big5 +# For russian, more than one charset is used (depends on client, mostly): +AddCharset WINDOWS-1251 .cp-1251 .win-1251 +AddCharset CP866 .cp866 +AddCharset KOI8 .koi8 +AddCharset KOI8-E .koi8-e +AddCharset KOI8-r .koi8-r .koi8-ru +AddCharset KOI8-U .koi8-u +AddCharset KOI8-ru .koi8-uk .ua +AddCharset ISO-10646-UCS-2 .ucs2 +AddCharset ISO-10646-UCS-4 .ucs4 +AddCharset UTF-7 .utf7 +AddCharset UTF-8 .utf8 +AddCharset UTF-16 .utf16 +AddCharset UTF-16BE .utf16be +AddCharset UTF-16LE .utf16le +AddCharset UTF-32 .utf32 +AddCharset UTF-32BE .utf32be +AddCharset UTF-32LE .utf32le +AddCharset euc-cn .euc-cn +AddCharset euc-gb .euc-gb +AddCharset euc-jp .euc-jp +AddCharset euc-kr .euc-kr +# Not sure how euc-tw got in - IANA doesn't list it??? +AddCharset EUC-TW .euc-tw +AddCharset gb2312 .gb2312 .gb +AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2 +AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4 +AddCharset shift_jis .shift_jis .sjis + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_mod_autoindex.conf b/apache2/.original/modules.d/00_mod_autoindex.conf new file mode 100644 index 0000000..ca2a168 --- /dev/null +++ b/apache2/.original/modules.d/00_mod_autoindex.conf @@ -0,0 +1,83 @@ + + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +Alias /icons/ "/usr/share/apache2/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + +# Directives controlling the display of server-generated directory listings. +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. + +# IndexOptions: Controls the appearance of server-generated directory +# listings. +IndexOptions FancyIndexing VersionSort + +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename + +#AddDescription "GZIP compressed document" .gz +#AddDescription "tar archive" .tar +#AddDescription "GZIP compressed tar archive" .tgz + +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. + +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_mod_info.conf b/apache2/.original/modules.d/00_mod_info.conf new file mode 100644 index 0000000..809c223 --- /dev/null +++ b/apache2/.original/modules.d/00_mod_info.conf @@ -0,0 +1,12 @@ + +# Allow remote server configuration reports, with the URL of +# http://servername/server-info + + SetHandler server-info + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_mod_log_config.conf b/apache2/.original/modules.d/00_mod_log_config.conf new file mode 100644 index 0000000..ce0238e --- /dev/null +++ b/apache2/.original/modules.d/00_mod_log_config.conf @@ -0,0 +1,35 @@ + +# The following directives define some format nicknames for use with +# a CustomLog directive (see below). +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common + +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-Agent}i" agent +LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost + + +# You need to enable mod_logio.c to use %I and %O +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio + + +# The location and format of the access logfile (Common Logfile Format). +# If you do not define any access logfiles within a +# container, they will be logged here. Contrariwise, if you *do* +# define per- access logfiles, transactions will be +# logged therein and *not* in this file. +CustomLog /var/log/apache2/access_log common + +# If you would like to have agent and referer logfiles, +# uncomment the following directives. +#CustomLog /var/log/apache2/referer_log referer +#CustomLog /var/log/apache2/agent_logs agent + +# If you prefer a logfile with access, agent, and referer information +# (Combined Logfile Format) you can use the following directive. +#CustomLog /var/log/apache2/access_log combined + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_mod_mime.conf b/apache2/.original/modules.d/00_mod_mime.conf new file mode 100644 index 0000000..51f23d5 --- /dev/null +++ b/apache2/.original/modules.d/00_mod_mime.conf @@ -0,0 +1,55 @@ +# DefaultType: the default MIME type the server will use for a document +# if it cannot otherwise determine one, such as from filename extensions. +# If your server contains mostly text or HTML documents, "text/plain" is +# a good value. If most of your content is binary, such as applications +# or images, you may want to use "application/octet-stream" instead to +# keep browsers from trying to display binary files as though they are +# text. +DefaultType text/plain + + +# TypesConfig points to the file containing the list of mappings from +# filename extension to MIME-type. +TypesConfig /etc/mime.types + +# AddType allows you to add to or override the MIME configuration +# file specified in TypesConfig for specific file types. +#AddType application/x-gzip .tgz + +# AddEncoding allows you to have certain browsers uncompress +# information on the fly. Note: Not all browsers support this. +#AddEncoding x-compress .Z +#AddEncoding x-gzip .gz .tgz + +# If the AddEncoding directives above are commented-out, then you +# probably should define those extensions to indicate media types: +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz + +# AddHandler allows you to map certain file extensions to "handlers": +# actions unrelated to filetype. These can be either built into the server +# or added with the Action directive (see below) + +# To use CGI scripts outside of ScriptAliased directories: +# (You will also need to add "ExecCGI" to the "Options" directive.) +#AddHandler cgi-script .cgi + +# For type maps (negotiated resources): +#AddHandler type-map var + +# Filters allow you to process content before it is sent to the client. +# +# To parse .shtml files for server-side includes (SSI): +# (You will also need to add "Includes" to the "Options" directive.) +#AddType text/html .shtml +#AddOutputFilter INCLUDES .shtml + + + +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +MIMEMagicFile /etc/apache2/magic + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_mod_status.conf b/apache2/.original/modules.d/00_mod_status.conf new file mode 100644 index 0000000..edd46a4 --- /dev/null +++ b/apache2/.original/modules.d/00_mod_status.conf @@ -0,0 +1,17 @@ + +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + +# ExtendedStatus controls whether Apache will generate "full" status +# information (ExtendedStatus On) or just basic information (ExtendedStatus +# Off) when the "server-status" handler is called. +ExtendedStatus On + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_mod_userdir.conf b/apache2/.original/modules.d/00_mod_userdir.conf new file mode 100644 index 0000000..da7d0fb --- /dev/null +++ b/apache2/.original/modules.d/00_mod_userdir.conf @@ -0,0 +1,34 @@ +# Settings for user home directories + +# UserDir: The name of the directory that is appended onto a user's home +# directory if a ~user request is received. Note that you must also set +# the default access control for these directories, as in the example below. +UserDir public_html + +# Control access to UserDir directories. The following is an example +# for a site where these directories are restricted to read-only. + + AllowOverride FileInfo AuthConfig Limit Indexes + Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec + + Order allow,deny + Allow from all + + + Order deny,allow + Deny from all + + + +# Suexec isn't really required to run cgi-scripts, but it's a really good +# idea if you have multiple users serving websites... + + + Options ExecCGI + SetHandler cgi-script + + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/00_mpm.conf b/apache2/.original/modules.d/00_mpm.conf new file mode 100644 index 0000000..20effa9 --- /dev/null +++ b/apache2/.original/modules.d/00_mpm.conf @@ -0,0 +1,99 @@ +# Server-Pool Management (MPM specific) + +# PidFile: The file in which the server should record its process +# identification number when it starts. +# +# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING +PidFile /var/run/apache2.pid + +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +#LockFile /var/run/apache2.lock + +# Only one of the below sections will be relevant on your +# installed httpd. Use "/usr/sbin/apache2 -l" to find out the +# active mpm. + +# common MPM configuration +# These configuration directives apply to all MPMs +# +# StartServers: Number of child server processes created at startup +# MaxClients: Maximum number of child processes to serve requests +# MaxRequestsPerChild: Limit on the number of requests that an individual child +# server will handle during its life + + +# prefork MPM +# This is the default MPM if USE=-threads +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# worker MPM +# This is the default MPM if USE=threads +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# event MPM +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# peruser MPM +# +# MinSpareProcessors: Minimum number of idle child server processes +# MinProcessors: Minimum number of processors per virtual host +# MaxProcessors: Maximum number of processors per virtual host +# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable +# Multiplexer: Specify a Multiplexer child configuration. +# Processor: Specify a user and group for a specific child process + + MinSpareProcessors 2 + MinProcessors 2 + MaxProcessors 10 + MaxClients 150 + MaxRequestsPerChild 1000 + ExpireTimeout 1800 + + Multiplexer nobody nobody + Processor apache apache + + +# itk MPM +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/10_mod_mem_cache.conf b/apache2/.original/modules.d/10_mod_mem_cache.conf new file mode 100644 index 0000000..520d9fd --- /dev/null +++ b/apache2/.original/modules.d/10_mod_mem_cache.conf @@ -0,0 +1,10 @@ + +# 128MB cache for objects < 2MB +CacheEnable mem / +MCacheSize 131072 +MCacheMaxObjectCount 1000 +MCacheMinObjectSize 1 +MCacheMaxObjectSize 2097152 + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/11_mod_auth_kerb.conf b/apache2/.original/modules.d/11_mod_auth_kerb.conf new file mode 100644 index 0000000..e567274 --- /dev/null +++ b/apache2/.original/modules.d/11_mod_auth_kerb.conf @@ -0,0 +1,14 @@ + +LoadModule auth_kerb_module modules/mod_auth_kerb.so + + + AuthType Kerberos + AuthName "Kerberos Login" + # See the INSTALL file about howto create the keytab + Krb5Keytab conf/apache.keytab + KrbAuthRealms EXAMPLE.COM + Require valid-user + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/12_mod_auth_mysql.conf b/apache2/.original/modules.d/12_mod_auth_mysql.conf new file mode 100644 index 0000000..f33ced4 --- /dev/null +++ b/apache2/.original/modules.d/12_mod_auth_mysql.conf @@ -0,0 +1,132 @@ + +LoadModule mysql_auth_module modules/mod_auth_mysql.so + +# mod_auth_mysql can be used to limit access to documents by checking +# data in a MySQL database. + +# This will enable user-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# +# require valid-user +# + +# This will enable group-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass'), 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass'), 'admin'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupField user_group +# +# require group admin +# + +# Like the above this enables group-based MySQL authentication of +# everything within /home/httpd, but this configuration allows users to +# belong to more than one group. You'll need to do the following as +# the MySQL root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# CREATE TABLE groups ( +# user_name CHAR(30) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name, user_group) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# GRANT SELECT +# ON auth.groups +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testuser', 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testadmin', 'admin'); +# INSERT INTO groups VALUES ('testadmin', 'user'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupTable groups +# AuthMySQLGroupField user_group +# +# require group user +# + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/20_mod_fastcgi.conf b/apache2/.original/modules.d/20_mod_fastcgi.conf new file mode 100644 index 0000000..583524b --- /dev/null +++ b/apache2/.original/modules.d/20_mod_fastcgi.conf @@ -0,0 +1,6 @@ + +LoadModule fastcgi_module modules/mod_fastcgi.so +AddHandler fastcgi-script fcg fcgi fpl + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/40_mod_ssl.conf b/apache2/.original/modules.d/40_mod_ssl.conf new file mode 100644 index 0000000..3d0a043 --- /dev/null +++ b/apache2/.original/modules.d/40_mod_ssl.conf @@ -0,0 +1,63 @@ +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + + +# This is the Apache server configuration file providing SSL support. +# It contains the configuration directives to instruct the server how to +# serve pages over an https connection. For detailing information about these +# directives see + +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. + +## Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the SSL library. +# The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. This means you then cannot use the /dev/random device +# because it would lead to very long connection times (as long as +# it requires to make more entropy available). But usually those +# platforms additionally provide a /dev/urandom device which doesn't +# block. So, if available, use this one instead. Read the mod_ssl User +# Manual for more details. +#SSLRandomSeed startup file:/dev/random 512 +#SSLRandomSeed startup file:/dev/urandom 512 +#SSLRandomSeed connect file:/dev/random 512 +#SSLRandomSeed connect file:/dev/urandom 512 + +## SSL Global Context: +# All SSL configuration in this context applies both to the main server and +# all SSL-enabled virtual hosts. + +# Some MIME-types for downloading Certificates and CRLs + + AddType application/x-x509-ca-cert .crt + AddType application/x-pkcs7-crl .crl + + +## Pass Phrase Dialog: +# Configure the pass phrase gathering process. The filtering dialog program +# (`builtin' is a internal terminal dialog) has to provide the pass phrase on +# stdout. +SSLPassPhraseDialog builtin + +## Inter-Process Session Cache: +# Configure the SSL Session Cache: First the mechanism to use and second the +# expiring timeout (in seconds). +#SSLSessionCache dbm:/var/run/ssl_scache +SSLSessionCache shmcb:/var/run/ssl_scache(512000) +SSLSessionCacheTimeout 300 + +## Semaphore: +# Configure the path to the mutual exclusion semaphore the SSL engine uses +# internally for inter-process synchronization. +SSLMutex file:/var/run/ssl_mutex + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/45_mod_dav.conf b/apache2/.original/modules.d/45_mod_dav.conf new file mode 100644 index 0000000..36f6b9c --- /dev/null +++ b/apache2/.original/modules.d/45_mod_dav.conf @@ -0,0 +1,19 @@ + +DavLockDB "/var/lib/dav/lockdb" + +# The following directives disable redirects on non-GET requests for +# a directory that does not include the trailing slash. This fixes a +# problem with several clients that do not appropriately handle +# redirects for folders with DAV methods. + +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[012345678]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/46_mod_ldap.conf b/apache2/.original/modules.d/46_mod_ldap.conf new file mode 100644 index 0000000..c2893f8 --- /dev/null +++ b/apache2/.original/modules.d/46_mod_ldap.conf @@ -0,0 +1,20 @@ +# Examples below are taken from the online documentation +# Refer to: +# http://localhost/manual/mod/mod_ldap.html +# http://localhost/manual/mod/mod_auth_ldap.html + +LDAPSharedCacheSize 200000 +LDAPCacheEntries 1024 +LDAPCacheTTL 600 +LDAPOpCacheEntries 1024 +LDAPOpCacheTTL 600 + + + SetHandler ldap-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/47_mod_dav_svn.conf b/apache2/.original/modules.d/47_mod_dav_svn.conf new file mode 100644 index 0000000..396d242 --- /dev/null +++ b/apache2/.original/modules.d/47_mod_dav_svn.conf @@ -0,0 +1,16 @@ + +LoadModule dav_svn_module modules/mod_dav_svn.so + +LoadModule authz_svn_module modules/mod_authz_svn.so + + +# Example configuration: +# +# DAV svn +# SVNPath /var/svn/repos +# AuthType Basic +# AuthName "Subversion repository" +# AuthUserFile /var/svn/conf/svnusers +# Require valid-user +# + diff --git a/apache2/.original/modules.d/70_mod_php5.conf b/apache2/.original/modules.d/70_mod_php5.conf new file mode 100644 index 0000000..7ec8739 --- /dev/null +++ b/apache2/.original/modules.d/70_mod_php5.conf @@ -0,0 +1,14 @@ + + # Load the module first + + LoadModule php5_module modules/libphp5.so + + + # Set it to handle the files + + AddHandler application/x-httpd-php .php .php5 .phtml + AddHandler application/x-httpd-php-source .phps + + + DirectoryIndex index.php index.phtml + diff --git a/apache2/.original/modules.d/75_mod_perl.conf b/apache2/.original/modules.d/75_mod_perl.conf new file mode 100644 index 0000000..596d2cc --- /dev/null +++ b/apache2/.original/modules.d/75_mod_perl.conf @@ -0,0 +1,50 @@ + +LoadModule perl_module modules/mod_perl.so + +#PerlTrace all +PerlRequire "/etc/apache2/modules.d/apache2-mod_perl-startup.pl" +PerlModule ModPerl::Registry + +# Provide two aliases to the same cgi-bin directory, to see the effects of the +# 2 different mod_perl modes for Apache2::Registry Mode +Alias /perl/ /var/www/localhost/perl/ +# for Apache2::Perlrun Mode +Alias /cgi-perl/ /var/www/localhost/perl/ + + + SetHandler perl-script + PerlResponseHandler Apache2::Status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlOptions +ParseHeaders + + +# set Apache::Registry Mode for /perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + +# set Apache::PerlRun Mode for /cgi-perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/76_mod_apreq.conf b/apache2/.original/modules.d/76_mod_apreq.conf new file mode 100644 index 0000000..15d925d --- /dev/null +++ b/apache2/.original/modules.d/76_mod_apreq.conf @@ -0,0 +1,13 @@ + +LoadModule apreq_module modules/mod_apreq2.so + +# load the Perl modules +# uncomment the ones you require +#PerlModule APR::Request::Apache2 +#PerlModule APR::Request::CGI +#PerlModule APR::Request::Cookie +#PerlModule Apache2::Cookie +#PerlModule Apache2::Request + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/modules.d/99_nagios3.conf b/apache2/.original/modules.d/99_nagios3.conf new file mode 100644 index 0000000..074f9ce --- /dev/null +++ b/apache2/.original/modules.d/99_nagios3.conf @@ -0,0 +1,15 @@ + + ScriptAlias /nagios/cgi-bin/ /usr/lib/nagios/cgi-bin/ + + AllowOverride AuthConfig + Options ExecCGI + Order allow,deny + Allow from all + + Alias /nagios /usr/share/nagios/htdocs + + AllowOverride AuthConfig + Order allow,deny + Allow from all + + diff --git a/apache2/.original/modules.d/apache2-mod_perl-startup.pl b/apache2/.original/modules.d/apache2-mod_perl-startup.pl new file mode 100644 index 0000000..afc048a --- /dev/null +++ b/apache2/.original/modules.d/apache2-mod_perl-startup.pl @@ -0,0 +1,24 @@ +use lib qw(/home/httpd/perl); + +# enable if the mod_perl 1.0 compatibility is needed +#use Apache2::compat (); + +use ModPerl::Util (); #for CORE::GLOBAL::exit + +use Apache2::RequestRec (); +use Apache2::RequestIO (); +use Apache2::RequestUtil (); + +use Apache2::ServerRec (); +use Apache2::ServerUtil (); +use Apache2::Connection (); +use Apache2::Log (); + +use APR::Table (); + +use ModPerl::Registry (); + +use Apache2::Const -compile => ':common'; +use APR::Const -compile => ':common'; + +1; diff --git a/apache2/.original/vhosts.d/00_default_ssl_vhost.conf b/apache2/.original/vhosts.d/00_default_ssl_vhost.conf new file mode 100644 index 0000000..98bfc2f --- /dev/null +++ b/apache2/.original/vhosts.d/00_default_ssl_vhost.conf @@ -0,0 +1,179 @@ + + + +# see bug #178966 why this is in here + +# When we also provide SSL we have to listen to the HTTPS port +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" +Listen 443 + + + ServerName localhost + Include /etc/apache2/vhosts.d/default_vhost.include + ErrorLog /var/log/apache2/ssl_error_log + + + TransferLog /var/log/apache2/ssl_access_log + + + ## SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + ## SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + ## Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If the certificate + # is encrypted, then you will be prompted for a pass phrase. Note that a + # kill -HUP will prompt again. Keep in mind that if you have both an RSA + # and a DSA certificate you can configure both in parallel (to also allow + # the use of DSA ciphers, etc.) + SSLCertificateFile /etc/ssl/apache2/server.crt + + ## Server Private Key: + # If the key is not combined with the certificate, use this directive to + # point at the key file. Keep in mind that if you've both a RSA and a DSA + # private key you can configure both in parallel (to also allow the use of + # DSA ciphers, etc.) + SSLCertificateKeyFile /etc/ssl/apache2/server.key + + ## Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the concatenation of + # PEM encoded CA certificates which form the certificate chain for the + # server certificate. Alternatively the referenced file can be the same as + # SSLCertificateFile when the CA certificates are directly appended to the + # server certificate for convinience. + #SSLCertificateChainFile /etc/ssl/apache2/ca.crt + + ## Certificate Authority (CA): + # Set the CA certificate verification path where to find CA certificates + # for client authentication or alternatively one huge file containing all + # of them (file must be PEM encoded). + # Note: Inside SSLCACertificatePath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCACertificatePath /etc/ssl/apache2/ssl.crt + #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt + + ## Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client authentication + # or alternatively one huge file containing all of them (file must be PEM + # encoded). + # Note: Inside SSLCARevocationPath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCARevocationPath /etc/ssl/apache2/ssl.crl + #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl + + ## Client Authentication (Type): + # Client certificate verification type and depth. Types are none, optional, + # require and optional_no_ca. Depth is a number which specifies how deeply + # to verify the certificate issuer chain before deciding the certificate is + # not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + ## Access Control: + # With SSLRequire you can do per-directory access control based on arbitrary + # complex boolean expressions containing server variable checks and other + # lookup directives. The syntax is a mixture between C and Perl. See the + # mod_ssl documentation for more details. + # + # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + # + + ## SSL Engine Options: + # Set various options for the SSL engine. + + ## FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that the + # standard Auth/DBMAuth methods can be used for access control. The user + # name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + + ## ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server + # (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates into + # CGI scripts. + + ## StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the exportation + # for CGI and SSI requests only. + + ## StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under + # a "Satisfy any" situation, i.e. when it applies access is denied and no + # other module can change it. + + ## OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + ## SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait + # for the close notify alert from client. When you need a different + # shutdown approach you can use one of the following variables: + + ## ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates the + # SSL/TLS standard but is needed for some brain-dead browsers. Use this when + # you receive I/O errors because of the standard approach where mod_ssl + # sends the close notify alert. + + ## ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation works + # correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + + BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + + ## Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a compact + # non-error SSL logfile on a virtual host basis. + + CustomLog /var/log/apache2/ssl_request_log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/vhosts.d/00_default_vhost.conf b/apache2/.original/vhosts.d/00_default_vhost.conf new file mode 100644 index 0000000..9fa425a --- /dev/null +++ b/apache2/.original/vhosts.d/00_default_vhost.conf @@ -0,0 +1,48 @@ +# Virtual Hosts +# +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + + +# see bug #178966 why this is in here + +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 + +# Use name-based virtual hosting. +NameVirtualHost *:80 + +# When virtual hosts are enabled, the main host defined in the default +# httpd.conf configuration will go away. We redefine it here so that it is +# still available. +# +# If you disable this vhost by removing -D DEFAULT_VHOST from +# /etc/conf.d/apache2, the first defined virtual host elsewhere will be +# the default. + + ServerName localhost + Include /etc/apache2/vhosts.d/default_vhost.include + + + ServerEnvironment apache apache + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/.original/vhosts.d/default_vhost.include b/apache2/.original/vhosts.d/default_vhost.include new file mode 100644 index 0000000..6d45888 --- /dev/null +++ b/apache2/.original/vhosts.d/default_vhost.include @@ -0,0 +1,73 @@ +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +ServerAdmin root@localhost + +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +# If you change this to something that isn't under /var/www then suexec +# will no longer work. +DocumentRoot "/var/www/localhost/htdocs" + +# This should be changed to whatever you set DocumentRoot to. + + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.2/mod/core.html#options + # for more information. + Options Indexes FollowSymLinks + + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit + AllowOverride All + + # Controls who can get stuff from this server. + Order allow,deny + Allow from all + + + + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" + + +# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. + + AllowOverride None + Options None + Order allow,deny + Allow from all + + +# vim: ts=4 filetype=apache diff --git a/apache2/.rcs/fotos_group,v b/apache2/.rcs/fotos_group,v new file mode 100644 index 0000000..2c7202e --- /dev/null +++ b/apache2/.rcs/fotos_group,v @@ -0,0 +1,47 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.10.19.21.42.00; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2009.11.01.16.06.33; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@wir_selbst: frank doris heiko patrick vivi +kameu: kameu +meusels: kameu robert anne +oymel: katrin +kecks: heike.keck +brehms-weissbach: baerbel reina hartmut +brehms-marne: steffen +thomas-schmidt: thomas-schmidt +hausbau: peter.tennigkeit hle +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +@ diff --git a/apache2/.rcs/fotos_passwd,v b/apache2/.rcs/fotos_passwd,v new file mode 100644 index 0000000..b8c6022 --- /dev/null +++ b/apache2/.rcs/fotos_passwd,v @@ -0,0 +1,43 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2009.11.01.16.03.07; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@frank:$apr1$NhtfK...$gYaRx7wj/VLS.u0ZnUtJy0 +doris:$apr1$e7vmb...$g5e0fL82TWB94CzyABmf/1 +kameu:$apr1$qxLJw/..$RpbAz8gd6t7VI.wUb6RlF. +kurt:$apr1$8upRV/..$IwtdSLyL0QlTc8eeqA04X. +robert:$apr1$fjH8q...$qpJhUtp6yTPClwXhOi8TD/ +anne:$apr1$BLjn./..$3EvwL8T1gKILcbu79KRB8/ +hartmut:$apr1$t9A5K...$lk0WKR.hp8638iU7Qb/JX0 +reina:$apr1$2MC4M...$KlIKsq9/CDHhMGjj/kG.I/ +baerbel:$apr1$aW8fz/..$6asGDBS55k3lDwTw8SPL4. +thomas-schmidt:$apr1$MAmza/..$fNVUjJJuJRyverD/WZjew0 +heike.keck:EQ4MHDTKYOgpM +patrickvivi:lyLBEQnnstVnM +katrin:$apr1$s585v/..$v5HdVAO7qQk2xpszgvvoS0 +heiko:3yLCOE8QoEfok +steffen:$apr1$OQHwpCfd$DTTuho/NbAsdlHGzq21XI. +peter.tennigkeit:$apr1$GWEMXDWv$j5E1Glkh5uzEffjyU1mEE1 +hle:$apr1$ZzHkw.dV$o9FxB6Xn//DpPhcPONjE81 +patrick:.aq4vqyIwViCA +vivi:$apr1$hfWXVpkX$AEFDCHLkC6p1hfhlJT8Ou0 +@ diff --git a/apache2/.rcs/httpd.conf,v b/apache2/.rcs/httpd.conf,v new file mode 100644 index 0000000..585337b --- /dev/null +++ b/apache2/.rcs/httpd.conf,v @@ -0,0 +1,256 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2010.07.12.13.12.00; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.02.21.25; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@# This is a modification of the default Apache 2.2 configuration file +# for Gentoo Linux. +# +# Support: +# http://www.gentoo.org/main/en/lists.xml [mailing lists] +# http://forums.gentoo.org/ [web forums] +# irc://irc.freenode.net#gentoo-apache [irc chat] +# +# Bug Reports: +# http://bugs.gentoo.org [gentoo related bugs] +# http://httpd.apache.org/bug_report.html [apache httpd related bugs] +# +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log" +# with ServerRoot set to "/usr" will be interpreted by the +# server as "/usr/var/log/apache2/foo.log". + +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to point the LockFile directive +# at a local disk. If you wish to share the same ServerRoot for multiple +# httpd daemons, you will need to change at least LockFile and PidFile. +ServerRoot "/usr/lib64/apache2" + +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable. +# Do not change manually, it will be overwritten on upgrade. +# +# The following modules are considered as the default configuration. +# If you wish to disable one of them, you may have to alter other +# configuration directives. +# +# Change these at your own risk! + +LoadModule actions_module modules/mod_actions.so +LoadModule alias_module modules/mod_alias.so +LoadModule asis_module modules/mod_asis.so +LoadModule auth_basic_module modules/mod_auth_basic.so + +LoadModule auth_digest_module modules/mod_auth_digest.so + +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +LoadModule authn_dbd_module modules/mod_authn_dbd.so +LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authn_file_module modules/mod_authn_file.so + +LoadModule authnz_ldap_module modules/mod_authnz_ldap.so + +LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule autoindex_module modules/mod_autoindex.so + +LoadModule cache_module modules/mod_cache.so + +LoadModule cgi_module modules/mod_cgi.so +#LoadModule cgid_module modules/mod_cgid.so +LoadModule charset_lite_module modules/mod_charset_lite.so + +LoadModule dav_module modules/mod_dav.so + + +LoadModule dav_fs_module modules/mod_dav_fs.so + + +LoadModule dav_lock_module modules/mod_dav_lock.so + +LoadModule dbd_module modules/mod_dbd.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule dir_module modules/mod_dir.so + +LoadModule disk_cache_module modules/mod_disk_cache.so + +LoadModule env_module modules/mod_env.so +LoadModule expires_module modules/mod_expires.so +LoadModule ext_filter_module modules/mod_ext_filter.so + +LoadModule file_cache_module modules/mod_file_cache.so + +LoadModule filter_module modules/mod_filter.so +LoadModule headers_module modules/mod_headers.so +LoadModule ident_module modules/mod_ident.so +LoadModule imagemap_module modules/mod_imagemap.so +LoadModule include_module modules/mod_include.so + +LoadModule info_module modules/mod_info.so + + +LoadModule ldap_module modules/mod_ldap.so + +LoadModule log_config_module modules/mod_log_config.so +LoadModule log_forensic_module modules/mod_log_forensic.so +LoadModule logio_module modules/mod_logio.so + +LoadModule mem_cache_module modules/mod_mem_cache.so + +LoadModule mime_module modules/mod_mime.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule negotiation_module modules/mod_negotiation.so + +LoadModule proxy_module modules/mod_proxy.so + + +LoadModule proxy_ajp_module modules/mod_proxy_ajp.so + + +LoadModule proxy_balancer_module modules/mod_proxy_balancer.so + + +LoadModule proxy_connect_module modules/mod_proxy_connect.so + + +LoadModule proxy_ftp_module modules/mod_proxy_ftp.so + + +LoadModule proxy_http_module modules/mod_proxy_http.so + +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule speling_module modules/mod_speling.so + +LoadModule ssl_module modules/mod_ssl.so + + +LoadModule status_module modules/mod_status.so + +LoadModule substitute_module modules/mod_substitute.so + +LoadModule suexec_module modules/mod_suexec.so + +LoadModule unique_id_module modules/mod_unique_id.so + +LoadModule userdir_module modules/mod_userdir.so + +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so + +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +User apache +Group apache + +# Supplemental configuration +# +# Most of the configuration files in the /etc/apache2/modules.d/ directory can +# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features +# or to modify the default configuration of the server. +# +# To know which flag to add to APACHE2_OPTS, look at the first line of the +# the file, which will usually be an where OPTION is the +# flag to use. +Include /etc/apache2/modules.d/*.conf + +# Virtual-host support +# +# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we +# include a default vhost (enabled by adding -D DEFAULT_VHOST to +# APACHE2_OPTS in /etc/conf.d/apache2). +Include /etc/apache2/vhosts.d/*.conf + +# vim: ts=4 filetype=apache +@ + + +1.2 +log +@Checked in. +@ +text +@d88 1 +@ + + +1.1 +log +@Initial revision +@ +text +@d63 1 +d65 3 +d70 1 +d88 1 +d98 1 +d112 2 +d122 1 +d130 18 +d157 1 +@ diff --git a/apache2/.rcs/info_users_passwd,v b/apache2/.rcs/info_users_passwd,v new file mode 100644 index 0000000..4ee23a2 --- /dev/null +++ b/apache2/.rcs/info_users_passwd,v @@ -0,0 +1,25 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.10.25.12; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@monitoring:$apr1$TqC87rAF$vXWiZcbRZMQIfC9XAVUgM. +@ diff --git a/apache2/.rcs/svnusers,v b/apache2/.rcs/svnusers,v new file mode 100644 index 0000000..3022566 --- /dev/null +++ b/apache2/.rcs/svnusers,v @@ -0,0 +1,25 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.10.40.38; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@frank:$apr1$i6kSY/..$U8o7IvhHKvwnVTERFfhB80 +@ diff --git a/apache2/fotos_group b/apache2/fotos_group new file mode 100644 index 0000000..27292f0 --- /dev/null +++ b/apache2/fotos_group @@ -0,0 +1,9 @@ +wir_selbst: frank doris heiko patrick vivi +kameu: kameu +meusels: kameu robert anne +oymel: katrin +kecks: heike.keck +brehms-weissbach: baerbel reina hartmut +brehms-marne: steffen +thomas-schmidt: thomas-schmidt +hausbau: peter.tennigkeit hle diff --git a/apache2/fotos_passwd b/apache2/fotos_passwd new file mode 100644 index 0000000..6a51264 --- /dev/null +++ b/apache2/fotos_passwd @@ -0,0 +1,19 @@ +frank:$apr1$NhtfK...$gYaRx7wj/VLS.u0ZnUtJy0 +doris:$apr1$e7vmb...$g5e0fL82TWB94CzyABmf/1 +kameu:$apr1$qxLJw/..$RpbAz8gd6t7VI.wUb6RlF. +kurt:$apr1$8upRV/..$IwtdSLyL0QlTc8eeqA04X. +robert:$apr1$fjH8q...$qpJhUtp6yTPClwXhOi8TD/ +anne:$apr1$BLjn./..$3EvwL8T1gKILcbu79KRB8/ +hartmut:$apr1$t9A5K...$lk0WKR.hp8638iU7Qb/JX0 +reina:$apr1$2MC4M...$KlIKsq9/CDHhMGjj/kG.I/ +baerbel:$apr1$aW8fz/..$6asGDBS55k3lDwTw8SPL4. +thomas-schmidt:$apr1$MAmza/..$fNVUjJJuJRyverD/WZjew0 +heike.keck:EQ4MHDTKYOgpM +patrickvivi:lyLBEQnnstVnM +katrin:$apr1$s585v/..$v5HdVAO7qQk2xpszgvvoS0 +heiko:3yLCOE8QoEfok +steffen:$apr1$OQHwpCfd$DTTuho/NbAsdlHGzq21XI. +peter.tennigkeit:$apr1$GWEMXDWv$j5E1Glkh5uzEffjyU1mEE1 +hle:$apr1$ZzHkw.dV$o9FxB6Xn//DpPhcPONjE81 +patrick:.aq4vqyIwViCA +vivi:$apr1$hfWXVpkX$AEFDCHLkC6p1hfhlJT8Ou0 diff --git a/apache2/httpd.conf b/apache2/httpd.conf new file mode 100644 index 0000000..31eb439 --- /dev/null +++ b/apache2/httpd.conf @@ -0,0 +1,201 @@ +# This is a modification of the default Apache 2.2 configuration file +# for Gentoo Linux. +# +# Support: +# http://www.gentoo.org/main/en/lists.xml [mailing lists] +# http://forums.gentoo.org/ [web forums] +# irc://irc.freenode.net#gentoo-apache [irc chat] +# +# Bug Reports: +# http://bugs.gentoo.org [gentoo related bugs] +# http://httpd.apache.org/bug_report.html [apache httpd related bugs] +# +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log" +# with ServerRoot set to "/usr" will be interpreted by the +# server as "/usr/var/log/apache2/foo.log". + +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to point the LockFile directive +# at a local disk. If you wish to share the same ServerRoot for multiple +# httpd daemons, you will need to change at least LockFile and PidFile. +ServerRoot "/usr/lib64/apache2" + +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable. +# Do not change manually, it will be overwritten on upgrade. +# +# The following modules are considered as the default configuration. +# If you wish to disable one of them, you may have to alter other +# configuration directives. +# +# Change these at your own risk! + +LoadModule actions_module modules/mod_actions.so +LoadModule alias_module modules/mod_alias.so +LoadModule asis_module modules/mod_asis.so +LoadModule auth_basic_module modules/mod_auth_basic.so + +LoadModule auth_digest_module modules/mod_auth_digest.so + +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +LoadModule authn_dbd_module modules/mod_authn_dbd.so +LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authn_file_module modules/mod_authn_file.so + +LoadModule authnz_ldap_module modules/mod_authnz_ldap.so + +LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule autoindex_module modules/mod_autoindex.so + +LoadModule cache_module modules/mod_cache.so + +#LoadModule cern_meta_module modules/mod_cern_meta.so +LoadModule cgi_module modules/mod_cgi.so +#LoadModule cgid_module modules/mod_cgid.so +LoadModule charset_lite_module modules/mod_charset_lite.so + +LoadModule dav_module modules/mod_dav.so + + +LoadModule dav_fs_module modules/mod_dav_fs.so + + +LoadModule dav_lock_module modules/mod_dav_lock.so + +LoadModule dbd_module modules/mod_dbd.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule dir_module modules/mod_dir.so + +LoadModule disk_cache_module modules/mod_disk_cache.so + +#LoadModule dumpio_module modules/mod_dumpio.so +LoadModule env_module modules/mod_env.so +LoadModule expires_module modules/mod_expires.so +LoadModule ext_filter_module modules/mod_ext_filter.so + +LoadModule file_cache_module modules/mod_file_cache.so + +LoadModule filter_module modules/mod_filter.so +LoadModule headers_module modules/mod_headers.so +LoadModule ident_module modules/mod_ident.so +LoadModule imagemap_module modules/mod_imagemap.so +LoadModule include_module modules/mod_include.so + +LoadModule info_module modules/mod_info.so + + +LoadModule ldap_module modules/mod_ldap.so + +LoadModule log_config_module modules/mod_log_config.so +LoadModule log_forensic_module modules/mod_log_forensic.so +LoadModule logio_module modules/mod_logio.so + +LoadModule mem_cache_module modules/mod_mem_cache.so + +LoadModule mime_module modules/mod_mime.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule negotiation_module modules/mod_negotiation.so + +LoadModule proxy_module modules/mod_proxy.so + + +LoadModule proxy_ajp_module modules/mod_proxy_ajp.so + + +LoadModule proxy_balancer_module modules/mod_proxy_balancer.so + + +LoadModule proxy_connect_module modules/mod_proxy_connect.so + + +LoadModule proxy_ftp_module modules/mod_proxy_ftp.so + + +LoadModule proxy_http_module modules/mod_proxy_http.so + +#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +#LoadModule reqtimeout_module modules/mod_reqtimeout.so +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule speling_module modules/mod_speling.so + +LoadModule ssl_module modules/mod_ssl.so + + +LoadModule status_module modules/mod_status.so + +LoadModule substitute_module modules/mod_substitute.so + +LoadModule suexec_module modules/mod_suexec.so + +LoadModule unique_id_module modules/mod_unique_id.so + +LoadModule userdir_module modules/mod_userdir.so + +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule version_module modules/mod_version.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so + +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +User apache +Group apache + +# Supplemental configuration +# +# Most of the configuration files in the /etc/apache2/modules.d/ directory can +# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features +# or to modify the default configuration of the server. +# +# To know which flag to add to APACHE2_OPTS, look at the first line of the +# the file, which will usually be an where OPTION is the +# flag to use. +Include /etc/apache2/modules.d/*.conf + +# Virtual-host support +# +# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we +# include a default vhost (enabled by adding -D DEFAULT_VHOST to +# APACHE2_OPTS in /etc/conf.d/apache2). +Include /etc/apache2/vhosts.d/*.conf + +# vim: ts=4 filetype=apache diff --git a/apache2/info_users_passwd b/apache2/info_users_passwd new file mode 100644 index 0000000..c8c2fad --- /dev/null +++ b/apache2/info_users_passwd @@ -0,0 +1 @@ +monitoring:$apr1$TqC87rAF$vXWiZcbRZMQIfC9XAVUgM. diff --git a/apache2/magic b/apache2/magic new file mode 100644 index 0000000..0de7336 --- /dev/null +++ b/apache2/magic @@ -0,0 +1,382 @@ +# Magic data for mod_mime_magic Apache module (originally for file(1) command) +# The module is described in /manual/mod/mod_mime_magic.html +# +# The format is 4-5 columns: +# Column #1: byte number to begin checking from, ">" indicates continuation +# Column #2: type of data to match +# Column #3: contents of data to match +# Column #4: MIME type of result +# Column #5: MIME encoding of result (optional) + +#------------------------------------------------------------------------------ +# Localstuff: file(1) magic for locally observed files +# Add any locally observed files here. + +#------------------------------------------------------------------------------ +# end local stuff +#------------------------------------------------------------------------------ + +#------------------------------------------------------------------------------ +# Java + +0 short 0xcafe +>2 short 0xbabe application/java + +#------------------------------------------------------------------------------ +# audio: file(1) magic for sound formats +# +# from Jan Nicolai Langfeldt , +# + +# Sun/NeXT audio data +0 string .snd +>12 belong 1 audio/basic +>12 belong 2 audio/basic +>12 belong 3 audio/basic +>12 belong 4 audio/basic +>12 belong 5 audio/basic +>12 belong 6 audio/basic +>12 belong 7 audio/basic + +>12 belong 23 audio/x-adpcm + +# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format +# that uses little-endian encoding and has a different magic number +# (0x0064732E in little-endian encoding). +0 lelong 0x0064732E +>12 lelong 1 audio/x-dec-basic +>12 lelong 2 audio/x-dec-basic +>12 lelong 3 audio/x-dec-basic +>12 lelong 4 audio/x-dec-basic +>12 lelong 5 audio/x-dec-basic +>12 lelong 6 audio/x-dec-basic +>12 lelong 7 audio/x-dec-basic +# compressed (G.721 ADPCM) +>12 lelong 23 audio/x-dec-adpcm + +# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM" +# AIFF audio data +8 string AIFF audio/x-aiff +# AIFF-C audio data +8 string AIFC audio/x-aiff +# IFF/8SVX audio data +8 string 8SVX audio/x-aiff + +# Creative Labs AUDIO stuff +# Standard MIDI data +0 string MThd audio/unknown +#>9 byte >0 (format %d) +#>11 byte >1 using %d channels +# Creative Music (CMF) data +0 string CTMF audio/unknown +# SoundBlaster instrument data +0 string SBI audio/unknown +# Creative Labs voice data +0 string Creative\ Voice\ File audio/unknown +## is this next line right? it came this way... +#>19 byte 0x1A +#>23 byte >0 - version %d +#>22 byte >0 \b.%d + +# [GRR 950115: is this also Creative Labs? Guessing that first line +# should be string instead of unknown-endian long...] +#0 long 0x4e54524b MultiTrack sound data +#0 string NTRK MultiTrack sound data +#>4 long x - version %ld + +# Microsoft WAVE format (*.wav) +# [GRR 950115: probably all of the shorts and longs should be leshort/lelong] +# Microsoft RIFF +0 string RIFF audio/unknown +# - WAVE format +>8 string WAVE audio/x-wav +# MPEG audio. +0 beshort&0xfff0 0xfff0 audio/mpeg +# C64 SID Music files, from Linus Walleij +0 string PSID audio/prs.sid + +#------------------------------------------------------------------------------ +# c-lang: file(1) magic for C programs or various scripts +# + +# XPM icons (Greg Roelofs, newt@uchicago.edu) +# ideally should go into "images", but entries below would tag XPM as C source +0 string /*\ XPM image/x-xbm 7bit + +# this first will upset you if you're a PL/1 shop... (are there any left?) +# in which case rm it; ascmagic will catch real C programs +# C or REXX program text +0 string /* text/plain +# C++ program text +0 string // text/plain + +#------------------------------------------------------------------------------ +# compress: file(1) magic for pure-compression formats (no archives) +# +# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc. +# +# Formats for various forms of compressed data +# Formats for "compress" proper have been moved into "compress.c", +# because it tries to uncompress it to figure out what's inside. + +# standard unix compress +0 string \037\235 application/octet-stream x-compress + +# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver) +0 string \037\213 application/octet-stream x-gzip + +# According to gzip.h, this is the correct byte order for packed data. +0 string \037\036 application/octet-stream +# +# This magic number is byte-order-independent. +# +0 short 017437 application/octet-stream + +# XXX - why *two* entries for "compacted data", one of which is +# byte-order independent, and one of which is byte-order dependent? +# +# compacted data +0 short 0x1fff application/octet-stream +0 string \377\037 application/octet-stream +# huf output +0 short 0145405 application/octet-stream + +# Squeeze and Crunch... +# These numbers were gleaned from the Unix versions of the programs to +# handle these formats. Note that I can only uncrunch, not crunch, and +# I didn't have a crunched file handy, so the crunch number is untested. +# Keith Waclena +#0 leshort 0x76FF squeezed data (CP/M, DOS) +#0 leshort 0x76FE crunched data (CP/M, DOS) + +# Freeze +#0 string \037\237 Frozen file 2.1 +#0 string \037\236 Frozen file 1.0 (or gzip 0.5) + +# lzh? +#0 string \037\240 LZH compressed data + +#------------------------------------------------------------------------------ +# frame: file(1) magic for FrameMaker files +# +# This stuff came on a FrameMaker demo tape, most of which is +# copyright, but this file is "published" as witness the following: +# +0 string \ +# and Anna Shergold +# +0 string \ +0 string \14 byte 12 (OS/2 1.x format) +#>14 byte 64 (OS/2 2.x format) +#>14 byte 40 (Windows 3.x format) +#0 string IC icon +#0 string PI pointer +#0 string CI color icon +#0 string CP color pointer +#0 string BA bitmap array + + +#------------------------------------------------------------------------------ +# lisp: file(1) magic for lisp programs +# +# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com) +0 string ;; text/plain 8bit +# Emacs 18 - this is always correct, but not very magical. +0 string \012( application/x-elc +# Emacs 19 +0 string ;ELC\023\000\000\000 application/x-elc + +#------------------------------------------------------------------------------ +# mail.news: file(1) magic for mail and news +# +# There are tests to ascmagic.c to cope with mail and news. +0 string Relay-Version: message/rfc822 7bit +0 string #!\ rnews message/rfc822 7bit +0 string N#!\ rnews message/rfc822 7bit +0 string Forward\ to message/rfc822 7bit +0 string Pipe\ to message/rfc822 7bit +0 string Return-Path: message/rfc822 7bit +0 string Path: message/news 8bit +0 string Xref: message/news 8bit +0 string From: message/rfc822 7bit +0 string Article message/news 8bit +#------------------------------------------------------------------------------ +# msword: file(1) magic for MS Word files +# +# Contributor claims: +# Reversed-engineered MS Word magic numbers +# + +0 string \376\067\0\043 application/msword +0 string \333\245-\0\0\0 application/msword + +# disable this one because it applies also to other +# Office/OLE documents for which msword is not correct. See PR#2608. +#0 string \320\317\021\340\241\261 application/msword + + + +#------------------------------------------------------------------------------ +# printer: file(1) magic for printer-formatted files +# + +# PostScript +0 string %! application/postscript +0 string \004%! application/postscript + +# Acrobat +# (due to clamen@cs.cmu.edu) +0 string %PDF- application/pdf + +#------------------------------------------------------------------------------ +# sc: file(1) magic for "sc" spreadsheet +# +38 string Spreadsheet application/x-sc + +#------------------------------------------------------------------------------ +# tex: file(1) magic for TeX files +# +# XXX - needs byte-endian stuff (big-endian and little-endian DVI?) +# +# From + +# Although we may know the offset of certain text fields in TeX DVI +# and font files, we can't use them reliably because they are not +# zero terminated. [but we do anyway, christos] +0 string \367\002 application/x-dvi +#0 string \367\203 TeX generic font data +#0 string \367\131 TeX packed font data +#0 string \367\312 TeX virtual font data +#0 string This\ is\ TeX, TeX transcript text +#0 string This\ is\ METAFONT, METAFONT transcript text + +# There is no way to detect TeX Font Metric (*.tfm) files without +# breaking them apart and reading the data. The following patterns +# match most *.tfm files generated by METAFONT or afm2tfm. +#2 string \000\021 TeX font metric data +#2 string \000\022 TeX font metric data +#>34 string >\0 (%s) + +# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com) +#0 string \\input\ texinfo Texinfo source text +#0 string This\ is\ Info\ file GNU Info text + +# correct TeX magic for Linux (and maybe more) +# from Peter Tobias (tobias@server.et-inf.fho-emden.de) +# +0 leshort 0x02f7 application/x-dvi + +# RTF - Rich Text Format +0 string {\\rtf application/rtf + +#------------------------------------------------------------------------------ +# animation: file(1) magic for animation/movie formats +# +# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8) +# MPEG file +0 string \000\000\001\263 video/mpeg +# +# The contributor claims: +# I couldn't find a real magic number for these, however, this +# -appears- to work. Note that it might catch other files, too, +# so BE CAREFUL! +# +# Note that title and author appear in the two 20-byte chunks +# at decimal offsets 2 and 22, respectively, but they are XOR'ed with +# 255 (hex FF)! DL format SUCKS BIG ROCKS. +# +# DL file version 1 , medium format (160x100, 4 images/screen) +0 byte 1 video/unknown +0 byte 2 video/unknown +# Quicktime video, from Linus Walleij +# from Apple quicktime file format documentation. +4 string moov video/quicktime +4 string mdat video/quicktime + diff --git a/apache2/modules.d/.rcs/00_apache_manual.conf,v b/apache2/modules.d/.rcs/00_apache_manual.conf,v new file mode 100644 index 0000000..8caf9c9 --- /dev/null +++ b/apache2/modules.d/.rcs/00_apache_manual.conf,v @@ -0,0 +1,69 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.10.05.05.24.44; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.27; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# Provide access to the documentation on your server as +# http://yourserver.example.com/manual/ +# The documentation is always available at +# http://httpd.apache.org/docs/2.2/ + +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.16/manual$1" + + + Options Indexes + AllowOverride None + Order allow,deny + Allow from all + + + SetHandler type-map + + + SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1 + RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2 + + LanguagePriority en de es fr ja ko pt-br + ForceLanguagePriority Prefer Fallback + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.15/manual$1" +d8 1 +a8 1 + +@ diff --git a/apache2/modules.d/.rcs/00_default_settings.conf,v b/apache2/modules.d/.rcs/00_default_settings.conf,v new file mode 100644 index 0000000..9cdb95f --- /dev/null +++ b/apache2/modules.d/.rcs/00_default_settings.conf,v @@ -0,0 +1,163 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.19.52; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# This configuration file reflects default settings for Apache HTTP Server. +# You may change these, but chances are that you may not need to. + +# Timeout: The number of seconds before receives and sends time out. +Timeout 300 + +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +KeepAlive On + +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +MaxKeepAliveRequests 100 + +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +KeepAliveTimeout 15 + +# UseCanonicalName: Determines how Apache constructs self-referencing +# URLs and the SERVER_NAME and SERVER_PORT variables. +# When set "Off", Apache will use the Hostname and Port supplied +# by the client. When set "On", Apache will use the value of the +# ServerName directive. +UseCanonicalName Off + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +AccessFileName .htaccess + +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minor | Minimal | Major | Prod +# where Full conveys the most information, and Prod the least. +ServerTokens Full + +# TraceEnable +# This directive overrides the behavior of TRACE for both the core server and +# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616, +# which disallows any request body to accompany the request. TraceEnable off +# causes the core server and mod_proxy to return a 405 (Method not allowed) +# error to the client. +# For security reasons this is turned off by default. (bug #240680) +TraceEnable off + +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +ServerSignature On + +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +HostnameLookups Off + +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall is used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +#EnableMMAP off +#EnableSendfile off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +ErrorLog /var/log/apache2/error.log + +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +LogLevel info + +# We configure the "default" to be a very restrictive set of features. + + Options FollowSymLinks + AllowOverride None + Order deny,allow + Deny from all + + +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# +# The index.html.var file (a type-map) is used to deliver content- +# negotiated documents. The MultiViews Options can be used for the +# same purpose, but it is much slower. +# +# To add files to that list use AddDirectoryIndex in a custom config +# file. Do not change this entry unless you know what you are doing. + + DirectoryIndex index.html index.html.var index.shtml index.htm + + +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. + + Order allow,deny + Deny from all + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d38 1 +a38 1 +ServerTokens Prod +d79 1 +a79 1 +ErrorLog /var/log/apache2/error_log +d84 1 +a84 1 +LogLevel warn +d104 1 +a104 1 + DirectoryIndex index.html index.html.var +@ diff --git a/apache2/modules.d/.rcs/00_error_documents.conf,v b/apache2/modules.d/.rcs/00_error_documents.conf,v new file mode 100644 index 0000000..2d47b9e --- /dev/null +++ b/apache2/modules.d/.rcs/00_error_documents.conf,v @@ -0,0 +1,98 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.21.37; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# The configuration below implements multi-language error documents through +# content-negotiation. + +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html + +# Required modules: mod_alias, mod_include, mod_negotiation +# We use Alias to redirect any /error/HTTP_.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# You can modify the messages' appearance without changing any of the +# default HTTP_.html.var files by adding the line: +# Alias /error/include/ "/your/include/path/" +# which allows you to create your own set of files by starting with the +# /var/www/localhost/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. The default include files will display +# your Apache version number and your ServerAdmin email address regardless +# of the setting of ServerSignature. + + +Alias /error/ "/usr/share/apache2/error/" + + + AllowOverride None + Options IncludesNoExec + AddOutputFilter Includes html + AddHandler type-map var + Order allow,deny + Allow from all + LanguagePriority de en cs es fr it ja ko nl pl pt-br ro sv tr + ForceLanguagePriority Prefer Fallback + + +ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +ErrorDocument 410 /error/HTTP_GONE.html.var +ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d35 1 +a35 1 + LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr +@ diff --git a/apache2/modules.d/.rcs/00_languages.conf,v b/apache2/modules.d/.rcs/00_languages.conf,v new file mode 100644 index 0000000..256fad6 --- /dev/null +++ b/apache2/modules.d/.rcs/00_languages.conf,v @@ -0,0 +1,173 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.22.42; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# Settings for hosting different languages. + +# DefaultLanguage and AddLanguage allows you to specify the language of +# a document. You can then use content negotiation to give a browser a +# file in a language the user can understand. +# +# Specify a default language. This means that all data +# going out without a specific language tag (see below) will +# be marked with this one. You probably do NOT want to set +# this unless you are sure it is correct for all cases. +# +# It is generally better to not mark a page as +# being a certain language than marking it with the wrong +# language! +# +# DefaultLanguage nl +# +# Note 1: The suffix does not have to be the same as the language +# keyword --- those with documents in Polish (whose net-standard +# language code is pl) may wish to use "AddLanguage pl .po" to +# avoid the ambiguity with the common suffix for perl scripts. +# +# Note 2: The example entries below illustrate that in some cases +# the two character 'Language' abbreviation is not identical to +# the two character 'Country' code for its country, +# E.g. 'Danmark/dk' versus 'Danish/da'. +# +# Note 3: In the case of 'ltz' we violate the RFC by using a three char +# specifier. There is 'work in progress' to fix this and get +# the reference data for rfc1766 cleaned up. +# +# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) +# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) +# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) +# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) +# Norwegian (no) - Polish (pl) - Portugese (pt) +# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) +# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +# LanguagePriority allows you to give precedence to some languages +# in case of a tie during content negotiation. +# +# Just list the languages in decreasing order of preference. We have +# more or less alphabetized them here. You probably want to change this. +LanguagePriority de en ca cs da el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW + +# ForceLanguagePriority allows you to serve a result page rather than +# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) +# [in case no accepted languages matched the available variants] +ForceLanguagePriority Prefer Fallback + +# Commonly used filename extensions to character sets. You probably +# want to avoid clashes with the language extensions, unless you +# are good at carefully testing your setup after each change. +# See http://www.iana.org/assignments/character-sets for the +# official list of charset names and their respective RFCs. +AddCharset us-ascii.ascii .us-ascii +AddCharset ISO-8859-1 .iso8859-1 .latin1 +AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen +AddCharset ISO-8859-3 .iso8859-3 .latin3 +AddCharset ISO-8859-4 .iso8859-4 .latin4 +AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru +AddCharset ISO-8859-6 .iso8859-6 .arb .arabic +AddCharset ISO-8859-7 .iso8859-7 .grk .greek +AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew +AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk +AddCharset ISO-8859-10 .iso8859-10 .latin6 +AddCharset ISO-8859-13 .iso8859-13 +AddCharset ISO-8859-14 .iso8859-14 .latin8 +AddCharset ISO-8859-15 .iso8859-15 .latin9 +AddCharset ISO-8859-16 .iso8859-16 .latin10 +AddCharset ISO-2022-JP .iso2022-jp .jis +AddCharset ISO-2022-KR .iso2022-kr .kis +AddCharset ISO-2022-CN .iso2022-cn .cis +AddCharset Big5.Big5 .big5 .b5 +AddCharset cn-Big5 .cn-big5 +# For russian, more than one charset is used (depends on client, mostly): +AddCharset WINDOWS-1251 .cp-1251 .win-1251 +AddCharset CP866 .cp866 +AddCharset KOI8 .koi8 +AddCharset KOI8-E .koi8-e +AddCharset KOI8-r .koi8-r .koi8-ru +AddCharset KOI8-U .koi8-u +AddCharset KOI8-ru .koi8-uk .ua +AddCharset ISO-10646-UCS-2 .ucs2 +AddCharset ISO-10646-UCS-4 .ucs4 +AddCharset UTF-7 .utf7 +AddCharset UTF-8 .utf8 +AddCharset UTF-16 .utf16 +AddCharset UTF-16BE .utf16be +AddCharset UTF-16LE .utf16le +AddCharset UTF-32 .utf32 +AddCharset UTF-32BE .utf32be +AddCharset UTF-32LE .utf32le +AddCharset euc-cn .euc-cn +AddCharset euc-gb .euc-gb +AddCharset euc-jp .euc-jp +AddCharset euc-kr .euc-kr +# Not sure how euc-tw got in - IANA doesn't list it??? +AddCharset EUC-TW .euc-tw +AddCharset gb2312 .gb2312 .gb +AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2 +AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4 +AddCharset shift_jis .shift_jis .sjis + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d71 1 +a71 1 +LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW +@ diff --git a/apache2/modules.d/.rcs/00_mod_autoindex.conf,v b/apache2/modules.d/.rcs/00_mod_autoindex.conf,v new file mode 100644 index 0000000..a30a7a8 --- /dev/null +++ b/apache2/modules.d/.rcs/00_mod_autoindex.conf,v @@ -0,0 +1,138 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.23.49; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +Alias /icons/ "/usr/share/apache2/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + +# Directives controlling the display of server-generated directory listings. +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. + +# IndexOptions: Controls the appearance of server-generated directory +# listings. +#IndexOptions FancyIndexing VersionSort +IndexOptions FancyIndexing VersionSort FoldersFirst HTMLTable IgnoreCase NameWidth=50 + +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (CDR,/icons/corel-document.png) image/x-coreldraw + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/corel-document.png .cdr + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename + +AddDescription "GZIP-komprimiertes Tar-Archiv" .tar.gz +AddDescription "GZIP-komprimiertes Dokument" .gz +AddDescription "Tar-Archive" .tar +AddDescription "GZIP-komprimiertes Tar-Archiv" .tgz +AddDescription "PDF-Dokument" .pdf +AddDescription "CorelDraw-Zeichnung" .cdr + +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. + +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d23 2 +a24 1 +IndexOptions FancyIndexing VersionSort +d31 2 +d55 2 +d71 6 +a76 3 +#AddDescription "GZIP compressed document" .gz +#AddDescription "tar archive" .tar +#AddDescription "GZIP compressed tar archive" .tgz +@ diff --git a/apache2/modules.d/.rcs/00_mod_info.conf,v b/apache2/modules.d/.rcs/00_mod_info.conf,v new file mode 100644 index 0000000..85ca29a --- /dev/null +++ b/apache2/modules.d/.rcs/00_mod_info.conf,v @@ -0,0 +1,56 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.24.43; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +# Allow remote server configuration reports, with the URL of +# http://servername/server-info + + SetHandler server-info + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d9 6 +@ diff --git a/apache2/modules.d/.rcs/00_mod_log_config.conf,v b/apache2/modules.d/.rcs/00_mod_log_config.conf,v new file mode 100644 index 0000000..82fafad --- /dev/null +++ b/apache2/modules.d/.rcs/00_mod_log_config.conf,v @@ -0,0 +1,79 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.26.16; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +# The following directives define some format nicknames for use with +# a CustomLog directive (see below). +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\"" full +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common + +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-Agent}i" agent +LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost + + +# You need to enable mod_logio.c to use %I and %O +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\" %I %O" full_io +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio + + +# The location and format of the access logfile (Common Logfile Format). +# If you do not define any access logfiles within a +# container, they will be logged here. Contrariwise, if you *do* +# define per- access logfiles, transactions will be +# logged therein and *not* in this file. +CustomLog /var/log/apache2/access.log full + +# If you would like to have agent and referer logfiles, +# uncomment the following directives. +#CustomLog /var/log/apache2/referer_log referer +#CustomLog /var/log/apache2/agent_logs agent + +# If you prefer a logfile with access, agent, and referer information +# (Combined Logfile Format) you can use the following directive. +#CustomLog /var/log/apache2/access_log combined + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d4 1 +d15 1 +d25 1 +a25 1 +CustomLog /var/log/apache2/access_log common +@ diff --git a/apache2/modules.d/.rcs/00_mod_mime.conf,v b/apache2/modules.d/.rcs/00_mod_mime.conf,v new file mode 100644 index 0000000..11fb1cd --- /dev/null +++ b/apache2/modules.d/.rcs/00_mod_mime.conf,v @@ -0,0 +1,106 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.26.41; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# DefaultType: the default MIME type the server will use for a document +# if it cannot otherwise determine one, such as from filename extensions. +# If your server contains mostly text or HTML documents, "text/plain" is +# a good value. If most of your content is binary, such as applications +# or images, you may want to use "application/octet-stream" instead to +# keep browsers from trying to display binary files as though they are +# text. +DefaultType text/plain + + +# TypesConfig points to the file containing the list of mappings from +# filename extension to MIME-type. +TypesConfig /etc/mime.types + +# AddType allows you to add to or override the MIME configuration +# file specified in TypesConfig for specific file types. +#AddType application/x-gzip .tgz + +# AddEncoding allows you to have certain browsers uncompress +# information on the fly. Note: Not all browsers support this. +AddEncoding x-compress .Z +AddEncoding x-gzip .gz .tgz + +# If the AddEncoding directives above are commented-out, then you +# probably should define those extensions to indicate media types: +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz + +# AddHandler allows you to map certain file extensions to "handlers": +# actions unrelated to filetype. These can be either built into the server +# or added with the Action directive (see below) + +# To use CGI scripts outside of ScriptAliased directories: +# (You will also need to add "ExecCGI" to the "Options" directive.) +#AddHandler cgi-script .cgi + +# For files that include their own HTTP headers: +#AddHandler send-as-is asis + +# For server-parsed imagemap files: +#AddHandler imap-file map + +# For type maps (negotiated resources): +AddHandler type-map var + +# Filters allow you to process content before it is sent to the client. +# +# To parse .shtml files for server-side includes (SSI): +# (You will also need to add "Includes" to the "Options" directive.) +#AddType text/html .shtml +#AddOutputFilter INCLUDES .shtml + + + +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +MIMEMagicFile /etc/apache2/magic + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d21 2 +a22 2 +#AddEncoding x-compress .Z +#AddEncoding x-gzip .gz .tgz +d37 6 +d44 1 +a44 1 +#AddHandler type-map var +@ diff --git a/apache2/modules.d/.rcs/00_mod_status.conf,v b/apache2/modules.d/.rcs/00_mod_status.conf,v new file mode 100644 index 0000000..693c810 --- /dev/null +++ b/apache2/modules.d/.rcs/00_mod_status.conf,v @@ -0,0 +1,61 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.28.00; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + +# ExtendedStatus controls whether Apache will generate "full" status +# information (ExtendedStatus On) or just basic information (ExtendedStatus +# Off) when the "server-status" handler is called. +ExtendedStatus On + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d9 6 +@ diff --git a/apache2/modules.d/.rcs/00_mod_userdir.conf,v b/apache2/modules.d/.rcs/00_mod_userdir.conf,v new file mode 100644 index 0000000..20e1f35 --- /dev/null +++ b/apache2/modules.d/.rcs/00_mod_userdir.conf,v @@ -0,0 +1,58 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# Settings for user home directories + +# UserDir: The name of the directory that is appended onto a user's home +# directory if a ~user request is received. Note that you must also set +# the default access control for these directories, as in the example below. +UserDir public_html + +# Control access to UserDir directories. The following is an example +# for a site where these directories are restricted to read-only. + + AllowOverride FileInfo AuthConfig Limit Indexes + Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec + + Order allow,deny + Allow from all + + + Order deny,allow + Deny from all + + + +# Suexec isn't really required to run cgi-scripts, but it's a really good +# idea if you have multiple users serving websites... + + + Options ExecCGI + SetHandler cgi-script + + + + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/modules.d/.rcs/00_mpm.conf,v b/apache2/modules.d/.rcs/00_mpm.conf,v new file mode 100644 index 0000000..403003b --- /dev/null +++ b/apache2/modules.d/.rcs/00_mpm.conf,v @@ -0,0 +1,140 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.28.50; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# Server-Pool Management (MPM specific) + +# PidFile: The file in which the server should record its process +# identification number when it starts. +# +# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING +PidFile /var/run/apache2.pid + +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +#LockFile /var/run/apache2.lock + +# Only one of the below sections will be relevant on your +# installed httpd. Use "/usr/sbin/apache2 -l" to find out the +# active mpm. + +# common MPM configuration +# These configuration directives apply to all MPMs +# +# StartServers: Number of child server processes created at startup +# MaxClients: Maximum number of child processes to serve requests +# MaxRequestsPerChild: Limit on the number of requests that an individual child +# server will handle during its life + + +# prefork MPM +# This is the default MPM if USE=-threads +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 2 + MinSpareServers 2 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# worker MPM +# This is the default MPM if USE=threads +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# event MPM +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# peruser MPM +# +# MinSpareProcessors: Minimum number of idle child server processes +# MinProcessors: Minimum number of processors per virtual host +# MaxProcessors: Maximum number of processors per virtual host +# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable +# Multiplexer: Specify a Multiplexer child configuration. +# Processor: Specify a user and group for a specific child process + + MinSpareProcessors 2 + MinProcessors 2 + MaxProcessors 10 + MaxClients 150 + MaxRequestsPerChild 1000 + ExpireTimeout 1800 + + Multiplexer nobody nobody + Processor apache apache + + +# itk MPM +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d31 2 +a32 2 + StartServers 5 + MinSpareServers 5 +@ diff --git a/apache2/modules.d/.rcs/10_mod_mem_cache.conf,v b/apache2/modules.d/.rcs/10_mod_mem_cache.conf,v new file mode 100644 index 0000000..b1430ed --- /dev/null +++ b/apache2/modules.d/.rcs/10_mod_mem_cache.conf,v @@ -0,0 +1,34 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +# 128MB cache for objects < 2MB +CacheEnable mem / +MCacheSize 131072 +MCacheMaxObjectCount 1000 +MCacheMinObjectSize 1 +MCacheMaxObjectSize 2097152 + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/modules.d/.rcs/11_mod_auth_kerb.conf,v b/apache2/modules.d/.rcs/11_mod_auth_kerb.conf,v new file mode 100644 index 0000000..b0b5107 --- /dev/null +++ b/apache2/modules.d/.rcs/11_mod_auth_kerb.conf,v @@ -0,0 +1,38 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.15.18.30; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +LoadModule auth_kerb_module modules/mod_auth_kerb.so + + + AuthType Kerberos + AuthName "Kerberos Login" + # See the INSTALL file about howto create the keytab + Krb5Keytab conf/apache.keytab + KrbAuthRealms EXAMPLE.COM + Require valid-user + + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/modules.d/.rcs/12_mod_auth_mysql.conf,v b/apache2/modules.d/.rcs/12_mod_auth_mysql.conf,v new file mode 100644 index 0000000..034f922 --- /dev/null +++ b/apache2/modules.d/.rcs/12_mod_auth_mysql.conf,v @@ -0,0 +1,156 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.15.18.48; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +LoadModule mysql_auth_module modules/mod_auth_mysql.so + +# mod_auth_mysql can be used to limit access to documents by checking +# data in a MySQL database. + +# This will enable user-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# +# require valid-user +# + +# This will enable group-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass'), 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass'), 'admin'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupField user_group +# +# require group admin +# + +# Like the above this enables group-based MySQL authentication of +# everything within /home/httpd, but this configuration allows users to +# belong to more than one group. You'll need to do the following as +# the MySQL root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# CREATE TABLE groups ( +# user_name CHAR(30) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name, user_group) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# GRANT SELECT +# ON auth.groups +# TO authuser@@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testuser', 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testadmin', 'admin'); +# INSERT INTO groups VALUES ('testadmin', 'user'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupTable groups +# AuthMySQLGroupField user_group +# +# require group user +# + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/modules.d/.rcs/20_mod_fastcgi.conf,v b/apache2/modules.d/.rcs/20_mod_fastcgi.conf,v new file mode 100644 index 0000000..6260aac --- /dev/null +++ b/apache2/modules.d/.rcs/20_mod_fastcgi.conf,v @@ -0,0 +1,82 @@ +head 1.4; +access; +symbols; +locks; strict; +comment @# @; + + +1.4 +date 2011.03.25.19.32.48; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.06.07.20.36.10; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.28.10.31.51; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.15.18.41; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.4 +log +@Checked in. +@ +text +@ + LoadModule fastcgi_module modules/mod_fastcgi.so + AddHandler fastcgi-script fcg fcgi fpl + FastCgiExternalServer /tmp/frbr_books_app.fcgi -socket /tmp/frbr_books_app.sock + #FastCgiServer /var/www/books/script/frbr_books_fastcgi.pl -processes 2 + + +# vim: ts=4 filetype=apache +@ + + +1.3 +log +@Checked in. +@ +text +@d2 4 +a5 4 +LoadModule fastcgi_module modules/mod_fastcgi.so +AddHandler fastcgi-script fcg fcgi fpl + FastCgiExternalServer /tmp/frbr_books_app.fcgi -socket /tmp/frbr_books_app.sock + #FastCgiServer /var/www/books/script/frbr_books_fastcgi.pl -processes 2 +@ + + +1.2 +log +@Checked in. +@ +text +@d4 2 +a5 2 +#FastCgiServer /var/www/books/script/frbr_books_fastcgi.pl -processes 2 +#FastCgiExternalServer /tmp/frbr_books_app.fcgi -socket /tmp/frbr_books_app.sock +@ + + +1.1 +log +@Initial revision +@ +text +@d4 2 +@ diff --git a/apache2/modules.d/.rcs/40_mod_ssl.conf,v b/apache2/modules.d/.rcs/40_mod_ssl.conf,v new file mode 100644 index 0000000..5ac6908 --- /dev/null +++ b/apache2/modules.d/.rcs/40_mod_ssl.conf,v @@ -0,0 +1,87 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + + +# This is the Apache server configuration file providing SSL support. +# It contains the configuration directives to instruct the server how to +# serve pages over an https connection. For detailing information about these +# directives see + +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. + +## Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the SSL library. +# The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. This means you then cannot use the /dev/random device +# because it would lead to very long connection times (as long as +# it requires to make more entropy available). But usually those +# platforms additionally provide a /dev/urandom device which doesn't +# block. So, if available, use this one instead. Read the mod_ssl User +# Manual for more details. +#SSLRandomSeed startup file:/dev/random 512 +#SSLRandomSeed startup file:/dev/urandom 512 +#SSLRandomSeed connect file:/dev/random 512 +#SSLRandomSeed connect file:/dev/urandom 512 + +## SSL Global Context: +# All SSL configuration in this context applies both to the main server and +# all SSL-enabled virtual hosts. + +# Some MIME-types for downloading Certificates and CRLs + + AddType application/x-x509-ca-cert .crt + AddType application/x-pkcs7-crl .crl + + +## Pass Phrase Dialog: +# Configure the pass phrase gathering process. The filtering dialog program +# (`builtin' is a internal terminal dialog) has to provide the pass phrase on +# stdout. +SSLPassPhraseDialog builtin + +## Inter-Process Session Cache: +# Configure the SSL Session Cache: First the mechanism to use and second the +# expiring timeout (in seconds). +#SSLSessionCache dbm:/var/run/ssl_scache +SSLSessionCache shmcb:/var/run/ssl_scache(512000) +SSLSessionCacheTimeout 300 + +## Semaphore: +# Configure the path to the mutual exclusion semaphore the SSL engine uses +# internally for inter-process synchronization. +SSLMutex file:/var/run/ssl_mutex + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/modules.d/.rcs/45_mod_dav.conf,v b/apache2/modules.d/.rcs/45_mod_dav.conf,v new file mode 100644 index 0000000..2610f95 --- /dev/null +++ b/apache2/modules.d/.rcs/45_mod_dav.conf,v @@ -0,0 +1,43 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +DavLockDB "/var/lib/dav/lockdb" + +# The following directives disable redirects on non-GET requests for +# a directory that does not include the trailing slash. This fixes a +# problem with several clients that do not appropriately handle +# redirects for folders with DAV methods. + +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[012345678]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully + + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/modules.d/.rcs/46_mod_ldap.conf,v b/apache2/modules.d/.rcs/46_mod_ldap.conf,v new file mode 100644 index 0000000..b6ad859 --- /dev/null +++ b/apache2/modules.d/.rcs/46_mod_ldap.conf,v @@ -0,0 +1,44 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# Examples below are taken from the online documentation +# Refer to: +# http://localhost/manual/mod/mod_ldap.html +# http://localhost/manual/mod/mod_auth_ldap.html + +LDAPSharedCacheSize 200000 +LDAPCacheEntries 1024 +LDAPCacheTTL 600 +LDAPOpCacheEntries 1024 +LDAPOpCacheTTL 600 + + + SetHandler ldap-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/modules.d/.rcs/47_mod_dav_svn.conf,v b/apache2/modules.d/.rcs/47_mod_dav_svn.conf,v new file mode 100644 index 0000000..be8e0ae --- /dev/null +++ b/apache2/modules.d/.rcs/47_mod_dav_svn.conf,v @@ -0,0 +1,115 @@ +head 1.4; +access; +symbols; +locks; strict; +comment @# @; + + +1.4 +date 2010.07.01.11.55.08; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.06.28.19.35.51; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.28.10.39.41; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.05.14.01; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.4 +log +@Checked in. +@ +text +@ + LoadModule dav_svn_module modules/mod_dav_svn.so + + LoadModule authz_svn_module modules/mod_authz_svn.so + + +# Example configuration: +# +# DAV svn +# SVNPath /var/svn/repos +# AuthType Basic +# AuthName "Subversion repository" +# AuthUserFile /var/svn/conf/svnusers +# Require valid-user +# + + + DAV svn + SVNParentPath /var/lib/svn-repos + AuthType Basic + AuthName "Subversion repository" + AuthUserFile /etc/apache2/svnusers + + Require valid-user + + + + + DAV svn + SVNParentPath /var/lib/svn-repos-priv + AuthType Basic + AuthName "Subversion private repository" + AuthUserFile /etc/apache2/svnusers + Require valid-user + + + + SVNIndexXSLT /repo-browser/books/svnindex.xsl + + + + +# vim: ts=4 filetype=apache +@ + + +1.3 +log +@Checked in. +@ +text +@d28 9 +@ + + +1.2 +log +@Checked in. +@ +text +@d33 2 +@ + + +1.1 +log +@Initial revision +@ +text +@d2 4 +a5 4 +LoadModule dav_svn_module modules/mod_dav_svn.so + +LoadModule authz_svn_module modules/mod_authz_svn.so + +d16 16 +@ diff --git a/apache2/modules.d/.rcs/70_mod_php5.conf,v b/apache2/modules.d/.rcs/70_mod_php5.conf,v new file mode 100644 index 0000000..edc7a2b --- /dev/null +++ b/apache2/modules.d/.rcs/70_mod_php5.conf,v @@ -0,0 +1,77 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2011.01.09.11.34.16; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.10.29.22.18.52; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.05.47.52; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@ + # Load the module first + + LoadModule php5_module modules/libphp5.so + #LoadModule php5_module /usr/lib64/php5.3/lib64/libphp5.so + + + # Set it to handle the files + + AddHandler application/x-httpd-php .php .php5 .phtml + AddHandler application/x-httpd-php-source .phps + + + DirectoryIndex index.php index.phtml + +@ + + +1.2 +log +@Checked in. +@ +text +@d4 2 +a5 1 + LoadModule php5_module modules/libphp5.so +@ + + +1.1 +log +@Initial revision +@ +text +@d8 4 +a11 7 + + SetHandler application/x-httpd-php + + + + SetHandler application/x-httpd-php-source + +@ diff --git a/apache2/modules.d/.rcs/75_mod_perl.conf,v b/apache2/modules.d/.rcs/75_mod_perl.conf,v new file mode 100644 index 0000000..85c2a94 --- /dev/null +++ b/apache2/modules.d/.rcs/75_mod_perl.conf,v @@ -0,0 +1,94 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.10.43.15; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.12.37.18; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +LoadModule perl_module modules/mod_perl.so + +#PerlTrace all +PerlRequire "/etc/apache2/modules.d/apache2-mod_perl-startup.pl" +PerlModule ModPerl::Registry + +# Provide two aliases to the same cgi-bin directory, to see the effects of the +# 2 different mod_perl modes for Apache2::Registry Mode +Alias /perl/ /var/www/localhost/perl/ +# for Apache2::Perlrun Mode +Alias /cgi-perl/ /var/www/localhost/perl/ + + + SetHandler perl-script + PerlResponseHandler Apache2::Status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlOptions +ParseHeaders + + +# set Apache::Registry Mode for /perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + +# set Apache::PerlRun Mode for /cgi-perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d20 6 +@ diff --git a/apache2/modules.d/.rcs/76_mod_apreq.conf,v b/apache2/modules.d/.rcs/76_mod_apreq.conf,v new file mode 100644 index 0000000..bfd7e1e --- /dev/null +++ b/apache2/modules.d/.rcs/76_mod_apreq.conf,v @@ -0,0 +1,37 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.12.38.25; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +LoadModule apreq_module modules/mod_apreq2.so + +# load the Perl modules +# uncomment the ones you require +#PerlModule APR::Request::Apache2 +#PerlModule APR::Request::CGI +#PerlModule APR::Request::Cookie +#PerlModule Apache2::Cookie +#PerlModule Apache2::Request + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/modules.d/.rcs/99_nagios3.conf,v b/apache2/modules.d/.rcs/99_nagios3.conf,v new file mode 100644 index 0000000..7a446e8 --- /dev/null +++ b/apache2/modules.d/.rcs/99_nagios3.conf,v @@ -0,0 +1,39 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.15.09.21; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + ScriptAlias /nagios/cgi-bin/ /usr/lib/nagios/cgi-bin/ + + AllowOverride AuthConfig + Options ExecCGI + Order allow,deny + Allow from all + + Alias /nagios /usr/share/nagios/htdocs + + AllowOverride AuthConfig + Order allow,deny + Allow from all + + +@ diff --git a/apache2/modules.d/.rcs/apache2-mod_perl-startup.pl,v b/apache2/modules.d/.rcs/apache2-mod_perl-startup.pl,v new file mode 100644 index 0000000..df92096 --- /dev/null +++ b/apache2/modules.d/.rcs/apache2-mod_perl-startup.pl,v @@ -0,0 +1,48 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.12.37.43; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@use lib qw(/home/httpd/perl); + +# enable if the mod_perl 1.0 compatibility is needed +#use Apache2::compat (); + +use ModPerl::Util (); #for CORE::GLOBAL::exit + +use Apache2::RequestRec (); +use Apache2::RequestIO (); +use Apache2::RequestUtil (); + +use Apache2::ServerRec (); +use Apache2::ServerUtil (); +use Apache2::Connection (); +use Apache2::Log (); + +use APR::Table (); + +use ModPerl::Registry (); + +use Apache2::Const -compile => ':common'; +use APR::Const -compile => ':common'; + +1; +@ diff --git a/apache2/modules.d/00_apache_manual.conf b/apache2/modules.d/00_apache_manual.conf new file mode 100644 index 0000000..a1bfed2 --- /dev/null +++ b/apache2/modules.d/00_apache_manual.conf @@ -0,0 +1,26 @@ +# Provide access to the documentation on your server as +# http://yourserver.example.com/manual/ +# The documentation is always available at +# http://httpd.apache.org/docs/2.2/ + +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.21-r1/manual$1" + + + Options Indexes + AllowOverride None + Order allow,deny + Allow from all + + + SetHandler type-map + + + SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1 + RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2 + + LanguagePriority en de es fr ja ko pt-br + ForceLanguagePriority Prefer Fallback + + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_default_settings.conf b/apache2/modules.d/00_default_settings.conf new file mode 100644 index 0000000..c548b5b --- /dev/null +++ b/apache2/modules.d/00_default_settings.conf @@ -0,0 +1,136 @@ +# This configuration file reflects default settings for Apache HTTP Server. +# You may change these, but chances are that you may not need to. + +# Timeout: The number of seconds before receives and sends time out. +Timeout 300 + +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +KeepAlive On + +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +MaxKeepAliveRequests 100 + +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +KeepAliveTimeout 15 + +# UseCanonicalName: Determines how Apache constructs self-referencing +# URLs and the SERVER_NAME and SERVER_PORT variables. +# When set "Off", Apache will use the Hostname and Port supplied +# by the client. When set "On", Apache will use the value of the +# ServerName directive. +UseCanonicalName Off + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +AccessFileName .htaccess + +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minor | Minimal | Major | Prod +# where Full conveys the most information, and Prod the least. +ServerTokens Full + +# TraceEnable +# This directive overrides the behavior of TRACE for both the core server and +# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616, +# which disallows any request body to accompany the request. TraceEnable off +# causes the core server and mod_proxy to return a 405 (Method not allowed) +# error to the client. +# For security reasons this is turned off by default. (bug #240680) +TraceEnable off + +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +ServerSignature On + +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +HostnameLookups Off + +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall is used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +EnableMMAP off +EnableSendfile off +#EnableMMAP On +#EnableSendfile On + +# FileEtag: Configures the file attributes that are used to create +# the ETag (entity tag) response header field when the document is +# based on a static file. (The ETag value is used in cache management +# to save network bandwidth.) +FileEtag INode MTime Size + +# ContentDigest: This directive enables the generation of Content-MD5 +# headers as defined in RFC1864 respectively RFC2616. +# The Content-MD5 header provides an end-to-end message integrity +# check (MIC) of the entity-body. A proxy or client may check this +# header for detecting accidental modification of the entity-body +# in transit. +# Note that this can cause performance problems on your server since +# the message digest is computed on every request (the values are +# not cached). +# Content-MD5 is only sent for documents served by the core, and not +# by any module. For example, SSI documents, output from CGI scripts, +# and byte range responses do not have this header. +ContentDigest Off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +ErrorLog /var/log/apache2/error.log + +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +LogLevel info + +# We configure the "default" to be a very restrictive set of features. + + Options FollowSymLinks + AllowOverride None + Order deny,allow + Deny from all + + +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# +# The index.html.var file (a type-map) is used to deliver content- +# negotiated documents. The MultiViews Options can be used for the +# same purpose, but it is much slower. +# +# To add files to that list use AddDirectoryIndex in a custom config +# file. Do not change this entry unless you know what you are doing. + + DirectoryIndex index.html index.html.var index.shtml index.htm + + +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. + + Order allow,deny + Deny from all + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_error_documents.conf b/apache2/modules.d/00_error_documents.conf new file mode 100644 index 0000000..90c6b0a --- /dev/null +++ b/apache2/modules.d/00_error_documents.conf @@ -0,0 +1,58 @@ +# The configuration below implements multi-language error documents through +# content-negotiation. + +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html + +# Required modules: mod_alias, mod_include, mod_negotiation +# We use Alias to redirect any /error/HTTP_.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# You can modify the messages' appearance without changing any of the +# default HTTP_.html.var files by adding the line: +# Alias /error/include/ "/your/include/path/" +# which allows you to create your own set of files by starting with the +# /var/www/localhost/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. The default include files will display +# your Apache version number and your ServerAdmin email address regardless +# of the setting of ServerSignature. + + +Alias /error/ "/usr/share/apache2/error/" + + + AllowOverride None + Options IncludesNoExec + AddOutputFilter Includes html + AddHandler type-map var + Order allow,deny + Allow from all + LanguagePriority de en cs es fr it ja ko nl pl pt-br ro sv tr + ForceLanguagePriority Prefer Fallback + + +ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +ErrorDocument 410 /error/HTTP_GONE.html.var +ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_languages.conf b/apache2/modules.d/00_languages.conf new file mode 100644 index 0000000..48af93d --- /dev/null +++ b/apache2/modules.d/00_languages.conf @@ -0,0 +1,133 @@ +# Settings for hosting different languages. + +# DefaultLanguage and AddLanguage allows you to specify the language of +# a document. You can then use content negotiation to give a browser a +# file in a language the user can understand. +# +# Specify a default language. This means that all data +# going out without a specific language tag (see below) will +# be marked with this one. You probably do NOT want to set +# this unless you are sure it is correct for all cases. +# +# It is generally better to not mark a page as +# being a certain language than marking it with the wrong +# language! +# +# DefaultLanguage nl +# +# Note 1: The suffix does not have to be the same as the language +# keyword --- those with documents in Polish (whose net-standard +# language code is pl) may wish to use "AddLanguage pl .po" to +# avoid the ambiguity with the common suffix for perl scripts. +# +# Note 2: The example entries below illustrate that in some cases +# the two character 'Language' abbreviation is not identical to +# the two character 'Country' code for its country, +# E.g. 'Danmark/dk' versus 'Danish/da'. +# +# Note 3: In the case of 'ltz' we violate the RFC by using a three char +# specifier. There is 'work in progress' to fix this and get +# the reference data for rfc1766 cleaned up. +# +# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) +# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) +# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) +# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) +# Norwegian (no) - Polish (pl) - Portugese (pt) +# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) +# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +# LanguagePriority allows you to give precedence to some languages +# in case of a tie during content negotiation. +# +# Just list the languages in decreasing order of preference. We have +# more or less alphabetized them here. You probably want to change this. +LanguagePriority de en ca cs da el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW + +# ForceLanguagePriority allows you to serve a result page rather than +# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) +# [in case no accepted languages matched the available variants] +ForceLanguagePriority Prefer Fallback + +# Commonly used filename extensions to character sets. You probably +# want to avoid clashes with the language extensions, unless you +# are good at carefully testing your setup after each change. +# See http://www.iana.org/assignments/character-sets for the +# official list of charset names and their respective RFCs. +AddCharset us-ascii.ascii .us-ascii +AddCharset ISO-8859-1 .iso8859-1 .latin1 +AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen +AddCharset ISO-8859-3 .iso8859-3 .latin3 +AddCharset ISO-8859-4 .iso8859-4 .latin4 +AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru +AddCharset ISO-8859-6 .iso8859-6 .arb .arabic +AddCharset ISO-8859-7 .iso8859-7 .grk .greek +AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew +AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk +AddCharset ISO-8859-10 .iso8859-10 .latin6 +AddCharset ISO-8859-13 .iso8859-13 +AddCharset ISO-8859-14 .iso8859-14 .latin8 +AddCharset ISO-8859-15 .iso8859-15 .latin9 +AddCharset ISO-8859-16 .iso8859-16 .latin10 +AddCharset ISO-2022-JP .iso2022-jp .jis +AddCharset ISO-2022-KR .iso2022-kr .kis +AddCharset ISO-2022-CN .iso2022-cn .cis +AddCharset Big5.Big5 .big5 .b5 +AddCharset cn-Big5 .cn-big5 +# For russian, more than one charset is used (depends on client, mostly): +AddCharset WINDOWS-1251 .cp-1251 .win-1251 +AddCharset CP866 .cp866 +AddCharset KOI8 .koi8 +AddCharset KOI8-E .koi8-e +AddCharset KOI8-r .koi8-r .koi8-ru +AddCharset KOI8-U .koi8-u +AddCharset KOI8-ru .koi8-uk .ua +AddCharset ISO-10646-UCS-2 .ucs2 +AddCharset ISO-10646-UCS-4 .ucs4 +AddCharset UTF-7 .utf7 +AddCharset UTF-8 .utf8 +AddCharset UTF-16 .utf16 +AddCharset UTF-16BE .utf16be +AddCharset UTF-16LE .utf16le +AddCharset UTF-32 .utf32 +AddCharset UTF-32BE .utf32be +AddCharset UTF-32LE .utf32le +AddCharset euc-cn .euc-cn +AddCharset euc-gb .euc-gb +AddCharset euc-jp .euc-jp +AddCharset euc-kr .euc-kr +# Not sure how euc-tw got in - IANA doesn't list it??? +AddCharset EUC-TW .euc-tw +AddCharset gb2312 .gb2312 .gb +AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2 +AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4 +AddCharset shift_jis .shift_jis .sjis + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_mod_autoindex.conf b/apache2/modules.d/00_mod_autoindex.conf new file mode 100644 index 0000000..8e34554 --- /dev/null +++ b/apache2/modules.d/00_mod_autoindex.conf @@ -0,0 +1,91 @@ + + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +Alias /icons/ "/usr/share/apache2/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + +# Directives controlling the display of server-generated directory listings. +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. + +# IndexOptions: Controls the appearance of server-generated directory +# listings. +#IndexOptions FancyIndexing VersionSort +IndexOptions FancyIndexing VersionSort FoldersFirst HTMLTable IgnoreCase NameWidth=50 + +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (CDR,/icons/corel-document.png) image/x-coreldraw + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/corel-document.png .cdr + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename + +AddDescription "GZIP-komprimiertes Tar-Archiv" .tar.gz +AddDescription "GZIP-komprimiertes Dokument" .gz +AddDescription "Tar-Archive" .tar +AddDescription "GZIP-komprimiertes Tar-Archiv" .tgz +AddDescription "PDF-Dokument" .pdf +AddDescription "CorelDraw-Zeichnung" .cdr + +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. + +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_mod_info.conf b/apache2/modules.d/00_mod_info.conf new file mode 100644 index 0000000..44379d1 --- /dev/null +++ b/apache2/modules.d/00_mod_info.conf @@ -0,0 +1,18 @@ + +# Allow remote server configuration reports, with the URL of +# http://servername/server-info + + SetHandler server-info + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_mod_log_config.conf b/apache2/modules.d/00_mod_log_config.conf new file mode 100644 index 0000000..d4bd85c --- /dev/null +++ b/apache2/modules.d/00_mod_log_config.conf @@ -0,0 +1,37 @@ + +# The following directives define some format nicknames for use with +# a CustomLog directive (see below). +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\"" full +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common + +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-Agent}i" agent +LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost + + +# You need to enable mod_logio.c to use %I and %O +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\" %I %O" full_io +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio + + +# The location and format of the access logfile (Common Logfile Format). +# If you do not define any access logfiles within a +# container, they will be logged here. Contrariwise, if you *do* +# define per- access logfiles, transactions will be +# logged therein and *not* in this file. +CustomLog /var/log/apache2/access.log full + +# If you would like to have agent and referer logfiles, +# uncomment the following directives. +#CustomLog /var/log/apache2/referer_log referer +#CustomLog /var/log/apache2/agent_logs agent + +# If you prefer a logfile with access, agent, and referer information +# (Combined Logfile Format) you can use the following directive. +#CustomLog /var/log/apache2/access_log combined + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_mod_mime.conf b/apache2/modules.d/00_mod_mime.conf new file mode 100644 index 0000000..6229e61 --- /dev/null +++ b/apache2/modules.d/00_mod_mime.conf @@ -0,0 +1,55 @@ +# DefaultType: the default MIME type the server will use for a document +# if it cannot otherwise determine one, such as from filename extensions. +# If your server contains mostly text or HTML documents, "text/plain" is +# a good value. If most of your content is binary, such as applications +# or images, you may want to use "application/octet-stream" instead to +# keep browsers from trying to display binary files as though they are +# text. +DefaultType text/plain + + +# TypesConfig points to the file containing the list of mappings from +# filename extension to MIME-type. +TypesConfig /etc/mime.types + +# AddType allows you to add to or override the MIME configuration +# file specified in TypesConfig for specific file types. +#AddType application/x-gzip .tgz + +# AddEncoding allows you to have certain browsers uncompress +# information on the fly. Note: Not all browsers support this. +AddEncoding x-compress .Z +AddEncoding x-gzip .gz .tgz + +# If the AddEncoding directives above are commented-out, then you +# probably should define those extensions to indicate media types: +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz + +# AddHandler allows you to map certain file extensions to "handlers": +# actions unrelated to filetype. These can be either built into the server +# or added with the Action directive (see below) + +# To use CGI scripts outside of ScriptAliased directories: +# (You will also need to add "ExecCGI" to the "Options" directive.) +#AddHandler cgi-script .cgi + +# For type maps (negotiated resources): +AddHandler type-map var + +# Filters allow you to process content before it is sent to the client. +# +# To parse .shtml files for server-side includes (SSI): +# (You will also need to add "Includes" to the "Options" directive.) +#AddType text/html .shtml +#AddOutputFilter INCLUDES .shtml + + + +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +MIMEMagicFile /etc/apache2/magic + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_mod_status.conf b/apache2/modules.d/00_mod_status.conf new file mode 100644 index 0000000..9ebd91f --- /dev/null +++ b/apache2/modules.d/00_mod_status.conf @@ -0,0 +1,23 @@ + +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + +# ExtendedStatus controls whether Apache will generate "full" status +# information (ExtendedStatus On) or just basic information (ExtendedStatus +# Off) when the "server-status" handler is called. +ExtendedStatus On + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_mod_userdir.conf b/apache2/modules.d/00_mod_userdir.conf new file mode 100644 index 0000000..da7d0fb --- /dev/null +++ b/apache2/modules.d/00_mod_userdir.conf @@ -0,0 +1,34 @@ +# Settings for user home directories + +# UserDir: The name of the directory that is appended onto a user's home +# directory if a ~user request is received. Note that you must also set +# the default access control for these directories, as in the example below. +UserDir public_html + +# Control access to UserDir directories. The following is an example +# for a site where these directories are restricted to read-only. + + AllowOverride FileInfo AuthConfig Limit Indexes + Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec + + Order allow,deny + Allow from all + + + Order deny,allow + Deny from all + + + +# Suexec isn't really required to run cgi-scripts, but it's a really good +# idea if you have multiple users serving websites... + + + Options ExecCGI + SetHandler cgi-script + + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/00_mpm.conf b/apache2/modules.d/00_mpm.conf new file mode 100644 index 0000000..27dc24d --- /dev/null +++ b/apache2/modules.d/00_mpm.conf @@ -0,0 +1,99 @@ +# Server-Pool Management (MPM specific) + +# PidFile: The file in which the server should record its process +# identification number when it starts. +# +# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING +PidFile /var/run/apache2.pid + +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +#LockFile /var/run/apache2.lock + +# Only one of the below sections will be relevant on your +# installed httpd. Use "/usr/sbin/apache2 -l" to find out the +# active mpm. + +# common MPM configuration +# These configuration directives apply to all MPMs +# +# StartServers: Number of child server processes created at startup +# MaxClients: Maximum number of child processes to serve requests +# MaxRequestsPerChild: Limit on the number of requests that an individual child +# server will handle during its life + + +# prefork MPM +# This is the default MPM if USE=-threads +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 2 + MinSpareServers 2 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# worker MPM +# This is the default MPM if USE=threads +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# event MPM +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# peruser MPM +# +# MinSpareProcessors: Minimum number of idle child server processes +# MinProcessors: Minimum number of processors per virtual host +# MaxProcessors: Maximum number of processors per virtual host +# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable +# Multiplexer: Specify a Multiplexer child configuration. +# Processor: Specify a user and group for a specific child process + + MinSpareProcessors 2 + MinProcessors 2 + MaxProcessors 10 + MaxClients 150 + MaxRequestsPerChild 1000 + ExpireTimeout 1800 + + Multiplexer nobody nobody + Processor apache apache + + +# itk MPM +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/10_mod_mem_cache.conf b/apache2/modules.d/10_mod_mem_cache.conf new file mode 100644 index 0000000..520d9fd --- /dev/null +++ b/apache2/modules.d/10_mod_mem_cache.conf @@ -0,0 +1,10 @@ + +# 128MB cache for objects < 2MB +CacheEnable mem / +MCacheSize 131072 +MCacheMaxObjectCount 1000 +MCacheMinObjectSize 1 +MCacheMaxObjectSize 2097152 + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/11_mod_auth_kerb.conf b/apache2/modules.d/11_mod_auth_kerb.conf new file mode 100644 index 0000000..e567274 --- /dev/null +++ b/apache2/modules.d/11_mod_auth_kerb.conf @@ -0,0 +1,14 @@ + +LoadModule auth_kerb_module modules/mod_auth_kerb.so + + + AuthType Kerberos + AuthName "Kerberos Login" + # See the INSTALL file about howto create the keytab + Krb5Keytab conf/apache.keytab + KrbAuthRealms EXAMPLE.COM + Require valid-user + + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/12_mod_auth_mysql.conf b/apache2/modules.d/12_mod_auth_mysql.conf new file mode 100644 index 0000000..f33ced4 --- /dev/null +++ b/apache2/modules.d/12_mod_auth_mysql.conf @@ -0,0 +1,132 @@ + +LoadModule mysql_auth_module modules/mod_auth_mysql.so + +# mod_auth_mysql can be used to limit access to documents by checking +# data in a MySQL database. + +# This will enable user-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# +# require valid-user +# + +# This will enable group-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass'), 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass'), 'admin'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupField user_group +# +# require group admin +# + +# Like the above this enables group-based MySQL authentication of +# everything within /home/httpd, but this configuration allows users to +# belong to more than one group. You'll need to do the following as +# the MySQL root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# CREATE TABLE groups ( +# user_name CHAR(30) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name, user_group) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# GRANT SELECT +# ON auth.groups +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testuser', 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testadmin', 'admin'); +# INSERT INTO groups VALUES ('testadmin', 'user'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupTable groups +# AuthMySQLGroupField user_group +# +# require group user +# + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/20_mod_fastcgi.conf b/apache2/modules.d/20_mod_fastcgi.conf new file mode 100644 index 0000000..4541fa6 --- /dev/null +++ b/apache2/modules.d/20_mod_fastcgi.conf @@ -0,0 +1,8 @@ + + LoadModule fastcgi_module modules/mod_fastcgi.so + AddHandler fastcgi-script fcg fcgi fpl + FastCgiExternalServer /tmp/frbr_books_app.fcgi -socket /tmp/frbr_books_app.sock + #FastCgiServer /var/www/books/script/frbr_books_fastcgi.pl -processes 2 + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/40_mod_ssl.conf b/apache2/modules.d/40_mod_ssl.conf new file mode 100644 index 0000000..3d0a043 --- /dev/null +++ b/apache2/modules.d/40_mod_ssl.conf @@ -0,0 +1,63 @@ +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + + +# This is the Apache server configuration file providing SSL support. +# It contains the configuration directives to instruct the server how to +# serve pages over an https connection. For detailing information about these +# directives see + +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. + +## Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the SSL library. +# The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. This means you then cannot use the /dev/random device +# because it would lead to very long connection times (as long as +# it requires to make more entropy available). But usually those +# platforms additionally provide a /dev/urandom device which doesn't +# block. So, if available, use this one instead. Read the mod_ssl User +# Manual for more details. +#SSLRandomSeed startup file:/dev/random 512 +#SSLRandomSeed startup file:/dev/urandom 512 +#SSLRandomSeed connect file:/dev/random 512 +#SSLRandomSeed connect file:/dev/urandom 512 + +## SSL Global Context: +# All SSL configuration in this context applies both to the main server and +# all SSL-enabled virtual hosts. + +# Some MIME-types for downloading Certificates and CRLs + + AddType application/x-x509-ca-cert .crt + AddType application/x-pkcs7-crl .crl + + +## Pass Phrase Dialog: +# Configure the pass phrase gathering process. The filtering dialog program +# (`builtin' is a internal terminal dialog) has to provide the pass phrase on +# stdout. +SSLPassPhraseDialog builtin + +## Inter-Process Session Cache: +# Configure the SSL Session Cache: First the mechanism to use and second the +# expiring timeout (in seconds). +#SSLSessionCache dbm:/var/run/ssl_scache +SSLSessionCache shmcb:/var/run/ssl_scache(512000) +SSLSessionCacheTimeout 300 + +## Semaphore: +# Configure the path to the mutual exclusion semaphore the SSL engine uses +# internally for inter-process synchronization. +SSLMutex file:/var/run/ssl_mutex + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/45_mod_dav.conf b/apache2/modules.d/45_mod_dav.conf new file mode 100644 index 0000000..36f6b9c --- /dev/null +++ b/apache2/modules.d/45_mod_dav.conf @@ -0,0 +1,19 @@ + +DavLockDB "/var/lib/dav/lockdb" + +# The following directives disable redirects on non-GET requests for +# a directory that does not include the trailing slash. This fixes a +# problem with several clients that do not appropriately handle +# redirects for folders with DAV methods. + +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[012345678]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully + + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/46_mod_ldap.conf b/apache2/modules.d/46_mod_ldap.conf new file mode 100644 index 0000000..c2893f8 --- /dev/null +++ b/apache2/modules.d/46_mod_ldap.conf @@ -0,0 +1,20 @@ +# Examples below are taken from the online documentation +# Refer to: +# http://localhost/manual/mod/mod_ldap.html +# http://localhost/manual/mod/mod_auth_ldap.html + +LDAPSharedCacheSize 200000 +LDAPCacheEntries 1024 +LDAPCacheTTL 600 +LDAPOpCacheEntries 1024 +LDAPOpCacheTTL 600 + + + SetHandler ldap-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/47_mod_dav_svn.conf b/apache2/modules.d/47_mod_dav_svn.conf new file mode 100644 index 0000000..1afdab1 --- /dev/null +++ b/apache2/modules.d/47_mod_dav_svn.conf @@ -0,0 +1,43 @@ + + LoadModule dav_svn_module modules/mod_dav_svn.so + + LoadModule authz_svn_module modules/mod_authz_svn.so + + +# Example configuration: +# +# DAV svn +# SVNPath /var/svn/repos +# AuthType Basic +# AuthName "Subversion repository" +# AuthUserFile /var/svn/conf/svnusers +# Require valid-user +# + + + DAV svn + SVNParentPath /var/lib/svn-repos + AuthType Basic + AuthName "Subversion repository" + AuthUserFile /etc/apache2/svnusers + + Require valid-user + + + + + DAV svn + SVNParentPath /var/lib/svn-repos-priv + AuthType Basic + AuthName "Subversion private repository" + AuthUserFile /etc/apache2/svnusers + Require valid-user + + + + SVNIndexXSLT /repo-browser/books/svnindex.xsl + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/70_mod_php5.conf b/apache2/modules.d/70_mod_php5.conf new file mode 100644 index 0000000..d1d4829 --- /dev/null +++ b/apache2/modules.d/70_mod_php5.conf @@ -0,0 +1,15 @@ + + # Load the module first + + LoadModule php5_module modules/libphp5.so + #LoadModule php5_module /usr/lib64/php5.3/lib64/libphp5.so + + + # Set it to handle the files + + AddHandler application/x-httpd-php .php .php5 .phtml + AddHandler application/x-httpd-php-source .phps + + + DirectoryIndex index.php index.phtml + diff --git a/apache2/modules.d/75_mod_perl.conf b/apache2/modules.d/75_mod_perl.conf new file mode 100644 index 0000000..4915cb6 --- /dev/null +++ b/apache2/modules.d/75_mod_perl.conf @@ -0,0 +1,56 @@ + +LoadModule perl_module modules/mod_perl.so + +#PerlTrace all +PerlRequire "/etc/apache2/modules.d/apache2-mod_perl-startup.pl" +PerlModule ModPerl::Registry + +# Provide two aliases to the same cgi-bin directory, to see the effects of the +# 2 different mod_perl modes for Apache2::Registry Mode +Alias /perl/ /var/www/localhost/perl/ +# for Apache2::Perlrun Mode +Alias /cgi-perl/ /var/www/localhost/perl/ + + + SetHandler perl-script + PerlResponseHandler Apache2::Status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlOptions +ParseHeaders + + +# set Apache::Registry Mode for /perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + +# set Apache::PerlRun Mode for /cgi-perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/76_mod_apreq.conf b/apache2/modules.d/76_mod_apreq.conf new file mode 100644 index 0000000..15d925d --- /dev/null +++ b/apache2/modules.d/76_mod_apreq.conf @@ -0,0 +1,13 @@ + +LoadModule apreq_module modules/mod_apreq2.so + +# load the Perl modules +# uncomment the ones you require +#PerlModule APR::Request::Apache2 +#PerlModule APR::Request::CGI +#PerlModule APR::Request::Cookie +#PerlModule Apache2::Cookie +#PerlModule Apache2::Request + + +# vim: ts=4 filetype=apache diff --git a/apache2/modules.d/99_nagios3.conf b/apache2/modules.d/99_nagios3.conf new file mode 100644 index 0000000..074f9ce --- /dev/null +++ b/apache2/modules.d/99_nagios3.conf @@ -0,0 +1,15 @@ + + ScriptAlias /nagios/cgi-bin/ /usr/lib/nagios/cgi-bin/ + + AllowOverride AuthConfig + Options ExecCGI + Order allow,deny + Allow from all + + Alias /nagios /usr/share/nagios/htdocs + + AllowOverride AuthConfig + Order allow,deny + Allow from all + + diff --git a/apache2/modules.d/apache2-mod_perl-startup.pl b/apache2/modules.d/apache2-mod_perl-startup.pl new file mode 100644 index 0000000..afc048a --- /dev/null +++ b/apache2/modules.d/apache2-mod_perl-startup.pl @@ -0,0 +1,24 @@ +use lib qw(/home/httpd/perl); + +# enable if the mod_perl 1.0 compatibility is needed +#use Apache2::compat (); + +use ModPerl::Util (); #for CORE::GLOBAL::exit + +use Apache2::RequestRec (); +use Apache2::RequestIO (); +use Apache2::RequestUtil (); + +use Apache2::ServerRec (); +use Apache2::ServerUtil (); +use Apache2::Connection (); +use Apache2::Log (); + +use APR::Table (); + +use ModPerl::Registry (); + +use Apache2::Const -compile => ':common'; +use APR::Const -compile => ':common'; + +1; diff --git a/apache2/sarah/.old/apache2-builtin-mods b/apache2/sarah/.old/apache2-builtin-mods new file mode 100644 index 0000000..a0174bd --- /dev/null +++ b/apache2/sarah/.old/apache2-builtin-mods @@ -0,0 +1,95 @@ +# This file will be installed into /etc/apache2 when you first emerge +# Apache2. If/when you upgrade, it will be consulted for your options, +# thus preserving your previous configuration. The default configuration +# in files/ is used if the one in /etc/apache2 isn't available. +# +# The syntax in this file has recently changed. To build a static module, put +# 'static' next to it. To build a DSO module, put 'shared' next to it. To +# disable a module (i.e. not built at all), put 'disabled' next to it. +# +# Examples: +# mod_authz_host shared ( this would build a DSO ) +# mod_actions static ( this would get compiled statically ) +# mod_alias disabled ( this module would not be built at all ) +# +# Also new with 2.2, any shared modules defined in this file will have +# LoadModule lines placed in the configuration for them. +# +# WARNING: Edit this file at your own risk! Some modules depend on other +# modules being enabled as well - make sure you have everything satisfied, or +# your apache may not compile or work correctly. + +VERSION: 2.2 + +mod_actions shared +mod_alias shared +mod_asis disabled +mod_auth_basic shared +mod_auth_digest shared +mod_authn_alias disabled +mod_authn_anon shared +mod_authn_dbd shared +mod_authn_dbm shared +mod_authn_default shared +mod_authn_file shared +#mod_authnz_ldap disabled # enable via USE-flag +mod_authz_dbm shared +mod_authz_default shared +mod_authz_groupfile shared +mod_authz_host shared +mod_authz_owner shared +mod_authz_user shared +mod_autoindex shared +mod_cache shared +mod_cern_meta disabled +#mod_cgi disabled # enable via USE-flag +#mod_cgid disabled # enable via USE-flag +mod_charset_lite disabled +mod_dav shared +mod_dav_fs shared +mod_dav_lock shared +mod_dbd shared +mod_deflate shared +mod_dir shared +mod_disk_cache shared +mod_dumpio disabled +mod_echo disabled +mod_env shared +mod_example disabled +mod_expires shared +mod_ext_filter shared +mod_file_cache shared +mod_filter shared +mod_headers shared +mod_ident shared +mod_imagemap shared +mod_include shared +mod_info shared +#mod_ldap disabled # enable via USE-flag +mod_log_config shared +mod_log_forensic disabled +mod_logio shared +mod_mem_cache shared +mod_mime shared +mod_mime_magic shared +mod_negotiation shared +mod_proxy shared +mod_proxy_ajp shared +mod_proxy_balancer shared +mod_proxy_connect shared +mod_proxy_ftp disabled +mod_proxy_http shared +mod_rewrite shared +mod_setenvif shared +mod_so static +mod_speling shared +#mod_ssl disabled # enable via USE-flag +mod_status shared +#mod_suexec disabled # disable via USE-flag +mod_unique_id shared +mod_userdir shared +mod_usertrack shared +mod_version disabled +mod_vhost_alias shared + +# vim: ts=4 diff --git a/apache2/sarah/fotos_group b/apache2/sarah/fotos_group new file mode 100644 index 0000000..7e4bb8e --- /dev/null +++ b/apache2/sarah/fotos_group @@ -0,0 +1,8 @@ +wir_selbst: frank doris heiko patrick vivi +meusels: kameu robert anne +oymel: katrin +kecks: heike.keck +brehms-weissbach: baerbel reina hartmut +brehms-marne: steffen +thomas-schmidt: thomas-schmidt +hausbau: peter.tennigkeit hle diff --git a/apache2/sarah/fotos_passwd b/apache2/sarah/fotos_passwd new file mode 100644 index 0000000..6a51264 --- /dev/null +++ b/apache2/sarah/fotos_passwd @@ -0,0 +1,19 @@ +frank:$apr1$NhtfK...$gYaRx7wj/VLS.u0ZnUtJy0 +doris:$apr1$e7vmb...$g5e0fL82TWB94CzyABmf/1 +kameu:$apr1$qxLJw/..$RpbAz8gd6t7VI.wUb6RlF. +kurt:$apr1$8upRV/..$IwtdSLyL0QlTc8eeqA04X. +robert:$apr1$fjH8q...$qpJhUtp6yTPClwXhOi8TD/ +anne:$apr1$BLjn./..$3EvwL8T1gKILcbu79KRB8/ +hartmut:$apr1$t9A5K...$lk0WKR.hp8638iU7Qb/JX0 +reina:$apr1$2MC4M...$KlIKsq9/CDHhMGjj/kG.I/ +baerbel:$apr1$aW8fz/..$6asGDBS55k3lDwTw8SPL4. +thomas-schmidt:$apr1$MAmza/..$fNVUjJJuJRyverD/WZjew0 +heike.keck:EQ4MHDTKYOgpM +patrickvivi:lyLBEQnnstVnM +katrin:$apr1$s585v/..$v5HdVAO7qQk2xpszgvvoS0 +heiko:3yLCOE8QoEfok +steffen:$apr1$OQHwpCfd$DTTuho/NbAsdlHGzq21XI. +peter.tennigkeit:$apr1$GWEMXDWv$j5E1Glkh5uzEffjyU1mEE1 +hle:$apr1$ZzHkw.dV$o9FxB6Xn//DpPhcPONjE81 +patrick:.aq4vqyIwViCA +vivi:$apr1$hfWXVpkX$AEFDCHLkC6p1hfhlJT8Ou0 diff --git a/apache2/sarah/httpd-1.conf b/apache2/sarah/httpd-1.conf new file mode 100644 index 0000000..e80812c --- /dev/null +++ b/apache2/sarah/httpd-1.conf @@ -0,0 +1,185 @@ +# This is a modification of the default Apache 2.2 configuration file +# for Gentoo Linux. +# +# Support: +# http://www.gentoo.org/main/en/lists.xml [mailing lists] +# http://forums.gentoo.org/ [web forums] +# irc://irc.freenode.net#gentoo-apache [irc chat] +# +# Bug Reports: +# http://bugs.gentoo.org [gentoo related bugs] +# http://httpd.apache.org/bug_report.html [apache httpd related bugs] +# +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo.log" +# with ServerRoot set to "/usr" will be interpreted by the +# server as "/usr/var/log/apache2/foo.log". + +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to point the LockFile directive +# at a local disk. If you wish to share the same ServerRoot for multiple +# httpd daemons, you will need to change at least LockFile and PidFile. +ServerRoot "/usr/lib/apache2" + +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +# GENTOO: Automatically defined based on apache2-builtin-mods at compile time +# +# The following modules are considered as the default configuration. +# If you wish to disable one of them, you may have to alter other +# configuration directives. +# +# Change these at your own risk! + +LoadModule actions_module modules/mod_actions.so +LoadModule alias_module modules/mod_alias.so +LoadModule auth_basic_module modules/mod_auth_basic.so +LoadModule auth_digest_module modules/mod_auth_digest.so +LoadModule authn_anon_module modules/mod_authn_anon.so +LoadModule authn_dbd_module modules/mod_authn_dbd.so +LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authn_file_module modules/mod_authn_file.so +LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule autoindex_module modules/mod_autoindex.so + +LoadModule cache_module modules/mod_cache.so + +LoadModule cgi_module modules/mod_cgi.so +LoadModule cgid_module modules/mod_cgid.so + +LoadModule dav_module modules/mod_dav.so + + +LoadModule dav_fs_module modules/mod_dav_fs.so + + +LoadModule dav_lock_module modules/mod_dav_lock.so + +LoadModule dbd_module modules/mod_dbd.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule dir_module modules/mod_dir.so + +LoadModule disk_cache_module modules/mod_disk_cache.so + +LoadModule env_module modules/mod_env.so +LoadModule expires_module modules/mod_expires.so +LoadModule ext_filter_module modules/mod_ext_filter.so + +LoadModule file_cache_module modules/mod_file_cache.so + +LoadModule filter_module modules/mod_filter.so +LoadModule headers_module modules/mod_headers.so +LoadModule ident_module modules/mod_ident.so +LoadModule imagemap_module modules/mod_imagemap.so +LoadModule include_module modules/mod_include.so + +LoadModule info_module modules/mod_info.so + +LoadModule log_config_module modules/mod_log_config.so +LoadModule logio_module modules/mod_logio.so + +LoadModule mem_cache_module modules/mod_mem_cache.so + +LoadModule mime_module modules/mod_mime.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule negotiation_module modules/mod_negotiation.so + +LoadModule proxy_module modules/mod_proxy.so + + +LoadModule proxy_ajp_module modules/mod_proxy_ajp.so + + +LoadModule proxy_balancer_module modules/mod_proxy_balancer.so + + +LoadModule proxy_connect_module modules/mod_proxy_connect.so + + +LoadModule proxy_http_module modules/mod_proxy_http.so + +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule speling_module modules/mod_speling.so + +LoadModule status_module modules/mod_status.so + +LoadModule unique_id_module modules/mod_unique_id.so + +LoadModule userdir_module modules/mod_userdir.so + +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so + +LoadModule ldap_module modules/mod_ldap.so + + +LoadModule authnz_ldap_module modules/mod_authnz_ldap.so + + +LoadModule ssl_module modules/mod_ssl.so + + +LoadModule suexec_module modules/mod_suexec.so + + +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +User apache +Group apache + +# Supplemental configuration +# +# Most of the configuration files in the /etc/apache2/modules.d/ directory can +# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features +# or to modify the default configuration of the server. +# +# To know which flag to add to APACHE2_OPTS, look at the first line of the +# the file, which will usually be an where OPTIONS is the +# flag to use. +Include /etc/apache2/modules.d/*.conf + +# Virtual-host support +# +# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we +# include a default vhost (enabled by adding -D DEFAULT_VHOST to +# APACHE2_OPTS in /etc/conf.d/apache2). +Include /etc/apache2/vhosts.d/*.conf + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/httpd.conf b/apache2/sarah/httpd.conf new file mode 100644 index 0000000..a17c88a --- /dev/null +++ b/apache2/sarah/httpd.conf @@ -0,0 +1,195 @@ +# This is a modification of the default Apache 2.2 configuration file +# for Gentoo Linux. +# +# Support: +# http://www.gentoo.org/main/en/lists.xml [mailing lists] +# http://forums.gentoo.org/ [web forums] +# irc://irc.freenode.net#gentoo-apache [irc chat] +# +# Bug Reports: +# http://bugs.gentoo.org [gentoo related bugs] +# http://httpd.apache.org/bug_report.html [apache httpd related bugs] +# +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log" +# with ServerRoot set to "/usr" will be interpreted by the +# server as "/usr/var/log/apache2/foo.log". + +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to point the LockFile directive +# at a local disk. If you wish to share the same ServerRoot for multiple +# httpd daemons, you will need to change at least LockFile and PidFile. +ServerRoot "/usr/lib/apache2" + +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable. +# Do not change manually, it will be overwritten on upgrade. +# +# The following modules are considered as the default configuration. +# If you wish to disable one of them, you may have to alter other +# configuration directives. +# +# Change these at your own risk! + +LoadModule actions_module modules/mod_actions.so +LoadModule alias_module modules/mod_alias.so +LoadModule asis_module modules/mod_asis.so +LoadModule auth_basic_module modules/mod_auth_basic.so + +LoadModule auth_digest_module modules/mod_auth_digest.so + +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +LoadModule authn_dbd_module modules/mod_authn_dbd.so +LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authn_file_module modules/mod_authn_file.so + +LoadModule authnz_ldap_module modules/mod_authnz_ldap.so + +LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule autoindex_module modules/mod_autoindex.so + +LoadModule cache_module modules/mod_cache.so + +LoadModule cgi_module modules/mod_cgi.so +LoadModule charset_lite_module modules/mod_charset_lite.so + +LoadModule dav_module modules/mod_dav.so + + +LoadModule dav_fs_module modules/mod_dav_fs.so + + +LoadModule dav_lock_module modules/mod_dav_lock.so + +LoadModule dbd_module modules/mod_dbd.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule dir_module modules/mod_dir.so + +LoadModule disk_cache_module modules/mod_disk_cache.so + +LoadModule env_module modules/mod_env.so +LoadModule expires_module modules/mod_expires.so +LoadModule ext_filter_module modules/mod_ext_filter.so + +LoadModule file_cache_module modules/mod_file_cache.so + +LoadModule filter_module modules/mod_filter.so +LoadModule headers_module modules/mod_headers.so +LoadModule ident_module modules/mod_ident.so +LoadModule imagemap_module modules/mod_imagemap.so +LoadModule include_module modules/mod_include.so + +LoadModule info_module modules/mod_info.so + + +LoadModule ldap_module modules/mod_ldap.so + +LoadModule log_config_module modules/mod_log_config.so +LoadModule log_forensic_module modules/mod_log_forensic.so +LoadModule logio_module modules/mod_logio.so + +LoadModule mem_cache_module modules/mod_mem_cache.so + +LoadModule mime_module modules/mod_mime.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule negotiation_module modules/mod_negotiation.so + +LoadModule proxy_module modules/mod_proxy.so + + +LoadModule proxy_ajp_module modules/mod_proxy_ajp.so + + +LoadModule proxy_balancer_module modules/mod_proxy_balancer.so + + +LoadModule proxy_connect_module modules/mod_proxy_connect.so + + +LoadModule proxy_ftp_module modules/mod_proxy_ftp.so + + +LoadModule proxy_http_module modules/mod_proxy_http.so + +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule speling_module modules/mod_speling.so + +LoadModule ssl_module modules/mod_ssl.so + + +LoadModule status_module modules/mod_status.so + +LoadModule substitute_module modules/mod_substitute.so + +LoadModule suexec_module modules/mod_suexec.so + +LoadModule unique_id_module modules/mod_unique_id.so + +LoadModule userdir_module modules/mod_userdir.so + +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so + +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +User apache +Group apache + +# Supplemental configuration +# +# Most of the configuration files in the /etc/apache2/modules.d/ directory can +# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features +# or to modify the default configuration of the server. +# +# To know which flag to add to APACHE2_OPTS, look at the first line of the +# the file, which will usually be an where OPTION is the +# flag to use. +Include /etc/apache2/modules.d/*.conf + +# Virtual-host support +# +# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we +# include a default vhost (enabled by adding -D DEFAULT_VHOST to +# APACHE2_OPTS in /etc/conf.d/apache2). +Include /etc/apache2/vhosts.d/*.conf + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/httpd.conf,v b/apache2/sarah/httpd.conf,v new file mode 100644 index 0000000..360baaa --- /dev/null +++ b/apache2/sarah/httpd.conf,v @@ -0,0 +1,219 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2009.04.27.17.41.20; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# This is a modification of the default Apache 2.2 configuration file +# for Gentoo Linux. +# +# Support: +# http://www.gentoo.org/main/en/lists.xml [mailing lists] +# http://forums.gentoo.org/ [web forums] +# irc://irc.freenode.net#gentoo-apache [irc chat] +# +# Bug Reports: +# http://bugs.gentoo.org [gentoo related bugs] +# http://httpd.apache.org/bug_report.html [apache httpd related bugs] +# +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log" +# with ServerRoot set to "/usr" will be interpreted by the +# server as "/usr/var/log/apache2/foo.log". + +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to point the LockFile directive +# at a local disk. If you wish to share the same ServerRoot for multiple +# httpd daemons, you will need to change at least LockFile and PidFile. +ServerRoot "/usr/lib/apache2" + +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable. +# Do not change manually, it will be overwritten on upgrade. +# +# The following modules are considered as the default configuration. +# If you wish to disable one of them, you may have to alter other +# configuration directives. +# +# Change these at your own risk! + +LoadModule actions_module modules/mod_actions.so +LoadModule alias_module modules/mod_alias.so +LoadModule asis_module modules/mod_asis.so +LoadModule auth_basic_module modules/mod_auth_basic.so + +LoadModule auth_digest_module modules/mod_auth_digest.so + +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +LoadModule authn_dbd_module modules/mod_authn_dbd.so +LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authn_file_module modules/mod_authn_file.so + +LoadModule authnz_ldap_module modules/mod_authnz_ldap.so + +LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule autoindex_module modules/mod_autoindex.so + +LoadModule cache_module modules/mod_cache.so + +LoadModule cgi_module modules/mod_cgi.so +LoadModule charset_lite_module modules/mod_charset_lite.so + +LoadModule dav_module modules/mod_dav.so + + +LoadModule dav_fs_module modules/mod_dav_fs.so + + +LoadModule dav_lock_module modules/mod_dav_lock.so + +LoadModule dbd_module modules/mod_dbd.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule dir_module modules/mod_dir.so + +LoadModule disk_cache_module modules/mod_disk_cache.so + +LoadModule env_module modules/mod_env.so +LoadModule expires_module modules/mod_expires.so +LoadModule ext_filter_module modules/mod_ext_filter.so + +LoadModule file_cache_module modules/mod_file_cache.so + +LoadModule filter_module modules/mod_filter.so +LoadModule headers_module modules/mod_headers.so +LoadModule ident_module modules/mod_ident.so +LoadModule imagemap_module modules/mod_imagemap.so +LoadModule include_module modules/mod_include.so + +LoadModule info_module modules/mod_info.so + + +LoadModule ldap_module modules/mod_ldap.so + +LoadModule log_config_module modules/mod_log_config.so +LoadModule log_forensic_module modules/mod_log_forensic.so +LoadModule logio_module modules/mod_logio.so + +LoadModule mem_cache_module modules/mod_mem_cache.so + +LoadModule mime_module modules/mod_mime.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule negotiation_module modules/mod_negotiation.so + +LoadModule proxy_module modules/mod_proxy.so + + +LoadModule proxy_ajp_module modules/mod_proxy_ajp.so + + +LoadModule proxy_balancer_module modules/mod_proxy_balancer.so + + +LoadModule proxy_connect_module modules/mod_proxy_connect.so + + +LoadModule proxy_ftp_module modules/mod_proxy_ftp.so + + +LoadModule proxy_http_module modules/mod_proxy_http.so + +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule speling_module modules/mod_speling.so + +LoadModule ssl_module modules/mod_ssl.so + + +LoadModule status_module modules/mod_status.so + +LoadModule substitute_module modules/mod_substitute.so + +LoadModule suexec_module modules/mod_suexec.so + +LoadModule unique_id_module modules/mod_unique_id.so + +LoadModule userdir_module modules/mod_userdir.so + +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so + +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +User apache +Group apache + +# Supplemental configuration +# +# Most of the configuration files in the /etc/apache2/modules.d/ directory can +# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features +# or to modify the default configuration of the server. +# +# To know which flag to add to APACHE2_OPTS, look at the first line of the +# the file, which will usually be an where OPTION is the +# flag to use. +Include /etc/apache2/modules.d/*.conf + +# Virtual-host support +# +# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we +# include a default vhost (enabled by adding -D DEFAULT_VHOST to +# APACHE2_OPTS in /etc/conf.d/apache2). +Include /etc/apache2/vhosts.d/*.conf + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/sarah/info_users_passwd b/apache2/sarah/info_users_passwd new file mode 100644 index 0000000..c8c2fad --- /dev/null +++ b/apache2/sarah/info_users_passwd @@ -0,0 +1 @@ +monitoring:$apr1$TqC87rAF$vXWiZcbRZMQIfC9XAVUgM. diff --git a/apache2/sarah/magic b/apache2/sarah/magic new file mode 100644 index 0000000..0de7336 --- /dev/null +++ b/apache2/sarah/magic @@ -0,0 +1,382 @@ +# Magic data for mod_mime_magic Apache module (originally for file(1) command) +# The module is described in /manual/mod/mod_mime_magic.html +# +# The format is 4-5 columns: +# Column #1: byte number to begin checking from, ">" indicates continuation +# Column #2: type of data to match +# Column #3: contents of data to match +# Column #4: MIME type of result +# Column #5: MIME encoding of result (optional) + +#------------------------------------------------------------------------------ +# Localstuff: file(1) magic for locally observed files +# Add any locally observed files here. + +#------------------------------------------------------------------------------ +# end local stuff +#------------------------------------------------------------------------------ + +#------------------------------------------------------------------------------ +# Java + +0 short 0xcafe +>2 short 0xbabe application/java + +#------------------------------------------------------------------------------ +# audio: file(1) magic for sound formats +# +# from Jan Nicolai Langfeldt , +# + +# Sun/NeXT audio data +0 string .snd +>12 belong 1 audio/basic +>12 belong 2 audio/basic +>12 belong 3 audio/basic +>12 belong 4 audio/basic +>12 belong 5 audio/basic +>12 belong 6 audio/basic +>12 belong 7 audio/basic + +>12 belong 23 audio/x-adpcm + +# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format +# that uses little-endian encoding and has a different magic number +# (0x0064732E in little-endian encoding). +0 lelong 0x0064732E +>12 lelong 1 audio/x-dec-basic +>12 lelong 2 audio/x-dec-basic +>12 lelong 3 audio/x-dec-basic +>12 lelong 4 audio/x-dec-basic +>12 lelong 5 audio/x-dec-basic +>12 lelong 6 audio/x-dec-basic +>12 lelong 7 audio/x-dec-basic +# compressed (G.721 ADPCM) +>12 lelong 23 audio/x-dec-adpcm + +# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM" +# AIFF audio data +8 string AIFF audio/x-aiff +# AIFF-C audio data +8 string AIFC audio/x-aiff +# IFF/8SVX audio data +8 string 8SVX audio/x-aiff + +# Creative Labs AUDIO stuff +# Standard MIDI data +0 string MThd audio/unknown +#>9 byte >0 (format %d) +#>11 byte >1 using %d channels +# Creative Music (CMF) data +0 string CTMF audio/unknown +# SoundBlaster instrument data +0 string SBI audio/unknown +# Creative Labs voice data +0 string Creative\ Voice\ File audio/unknown +## is this next line right? it came this way... +#>19 byte 0x1A +#>23 byte >0 - version %d +#>22 byte >0 \b.%d + +# [GRR 950115: is this also Creative Labs? Guessing that first line +# should be string instead of unknown-endian long...] +#0 long 0x4e54524b MultiTrack sound data +#0 string NTRK MultiTrack sound data +#>4 long x - version %ld + +# Microsoft WAVE format (*.wav) +# [GRR 950115: probably all of the shorts and longs should be leshort/lelong] +# Microsoft RIFF +0 string RIFF audio/unknown +# - WAVE format +>8 string WAVE audio/x-wav +# MPEG audio. +0 beshort&0xfff0 0xfff0 audio/mpeg +# C64 SID Music files, from Linus Walleij +0 string PSID audio/prs.sid + +#------------------------------------------------------------------------------ +# c-lang: file(1) magic for C programs or various scripts +# + +# XPM icons (Greg Roelofs, newt@uchicago.edu) +# ideally should go into "images", but entries below would tag XPM as C source +0 string /*\ XPM image/x-xbm 7bit + +# this first will upset you if you're a PL/1 shop... (are there any left?) +# in which case rm it; ascmagic will catch real C programs +# C or REXX program text +0 string /* text/plain +# C++ program text +0 string // text/plain + +#------------------------------------------------------------------------------ +# compress: file(1) magic for pure-compression formats (no archives) +# +# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc. +# +# Formats for various forms of compressed data +# Formats for "compress" proper have been moved into "compress.c", +# because it tries to uncompress it to figure out what's inside. + +# standard unix compress +0 string \037\235 application/octet-stream x-compress + +# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver) +0 string \037\213 application/octet-stream x-gzip + +# According to gzip.h, this is the correct byte order for packed data. +0 string \037\036 application/octet-stream +# +# This magic number is byte-order-independent. +# +0 short 017437 application/octet-stream + +# XXX - why *two* entries for "compacted data", one of which is +# byte-order independent, and one of which is byte-order dependent? +# +# compacted data +0 short 0x1fff application/octet-stream +0 string \377\037 application/octet-stream +# huf output +0 short 0145405 application/octet-stream + +# Squeeze and Crunch... +# These numbers were gleaned from the Unix versions of the programs to +# handle these formats. Note that I can only uncrunch, not crunch, and +# I didn't have a crunched file handy, so the crunch number is untested. +# Keith Waclena +#0 leshort 0x76FF squeezed data (CP/M, DOS) +#0 leshort 0x76FE crunched data (CP/M, DOS) + +# Freeze +#0 string \037\237 Frozen file 2.1 +#0 string \037\236 Frozen file 1.0 (or gzip 0.5) + +# lzh? +#0 string \037\240 LZH compressed data + +#------------------------------------------------------------------------------ +# frame: file(1) magic for FrameMaker files +# +# This stuff came on a FrameMaker demo tape, most of which is +# copyright, but this file is "published" as witness the following: +# +0 string \ +# and Anna Shergold +# +0 string \ +0 string \14 byte 12 (OS/2 1.x format) +#>14 byte 64 (OS/2 2.x format) +#>14 byte 40 (Windows 3.x format) +#0 string IC icon +#0 string PI pointer +#0 string CI color icon +#0 string CP color pointer +#0 string BA bitmap array + + +#------------------------------------------------------------------------------ +# lisp: file(1) magic for lisp programs +# +# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com) +0 string ;; text/plain 8bit +# Emacs 18 - this is always correct, but not very magical. +0 string \012( application/x-elc +# Emacs 19 +0 string ;ELC\023\000\000\000 application/x-elc + +#------------------------------------------------------------------------------ +# mail.news: file(1) magic for mail and news +# +# There are tests to ascmagic.c to cope with mail and news. +0 string Relay-Version: message/rfc822 7bit +0 string #!\ rnews message/rfc822 7bit +0 string N#!\ rnews message/rfc822 7bit +0 string Forward\ to message/rfc822 7bit +0 string Pipe\ to message/rfc822 7bit +0 string Return-Path: message/rfc822 7bit +0 string Path: message/news 8bit +0 string Xref: message/news 8bit +0 string From: message/rfc822 7bit +0 string Article message/news 8bit +#------------------------------------------------------------------------------ +# msword: file(1) magic for MS Word files +# +# Contributor claims: +# Reversed-engineered MS Word magic numbers +# + +0 string \376\067\0\043 application/msword +0 string \333\245-\0\0\0 application/msword + +# disable this one because it applies also to other +# Office/OLE documents for which msword is not correct. See PR#2608. +#0 string \320\317\021\340\241\261 application/msword + + + +#------------------------------------------------------------------------------ +# printer: file(1) magic for printer-formatted files +# + +# PostScript +0 string %! application/postscript +0 string \004%! application/postscript + +# Acrobat +# (due to clamen@cs.cmu.edu) +0 string %PDF- application/pdf + +#------------------------------------------------------------------------------ +# sc: file(1) magic for "sc" spreadsheet +# +38 string Spreadsheet application/x-sc + +#------------------------------------------------------------------------------ +# tex: file(1) magic for TeX files +# +# XXX - needs byte-endian stuff (big-endian and little-endian DVI?) +# +# From + +# Although we may know the offset of certain text fields in TeX DVI +# and font files, we can't use them reliably because they are not +# zero terminated. [but we do anyway, christos] +0 string \367\002 application/x-dvi +#0 string \367\203 TeX generic font data +#0 string \367\131 TeX packed font data +#0 string \367\312 TeX virtual font data +#0 string This\ is\ TeX, TeX transcript text +#0 string This\ is\ METAFONT, METAFONT transcript text + +# There is no way to detect TeX Font Metric (*.tfm) files without +# breaking them apart and reading the data. The following patterns +# match most *.tfm files generated by METAFONT or afm2tfm. +#2 string \000\021 TeX font metric data +#2 string \000\022 TeX font metric data +#>34 string >\0 (%s) + +# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com) +#0 string \\input\ texinfo Texinfo source text +#0 string This\ is\ Info\ file GNU Info text + +# correct TeX magic for Linux (and maybe more) +# from Peter Tobias (tobias@server.et-inf.fho-emden.de) +# +0 leshort 0x02f7 application/x-dvi + +# RTF - Rich Text Format +0 string {\\rtf application/rtf + +#------------------------------------------------------------------------------ +# animation: file(1) magic for animation/movie formats +# +# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8) +# MPEG file +0 string \000\000\001\263 video/mpeg +# +# The contributor claims: +# I couldn't find a real magic number for these, however, this +# -appears- to work. Note that it might catch other files, too, +# so BE CAREFUL! +# +# Note that title and author appear in the two 20-byte chunks +# at decimal offsets 2 and 22, respectively, but they are XOR'ed with +# 255 (hex FF)! DL format SUCKS BIG ROCKS. +# +# DL file version 1 , medium format (160x100, 4 images/screen) +0 byte 1 video/unknown +0 byte 2 video/unknown +# Quicktime video, from Linus Walleij +# from Apple quicktime file format documentation. +4 string moov video/quicktime +4 string mdat video/quicktime + diff --git a/apache2/sarah/modules.d/.old/99_nagios.conf,v b/apache2/sarah/modules.d/.old/99_nagios.conf,v new file mode 100644 index 0000000..e0166e3 --- /dev/null +++ b/apache2/sarah/modules.d/.old/99_nagios.conf,v @@ -0,0 +1,39 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.02.18.11.28.32; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + ScriptAlias /nagios/cgi-bin/ /usr/nagios/sbin/ + + AllowOverride AuthConfig + Options ExecCGI + Order allow,deny + Allow from all + + Alias /nagios /usr/nagios/share/ + + AllowOverride AuthConfig + Order allow,deny + Allow from all + + +@ diff --git a/apache2/sarah/modules.d/00_apache_manual.conf b/apache2/sarah/modules.d/00_apache_manual.conf new file mode 100644 index 0000000..2e66b2e --- /dev/null +++ b/apache2/sarah/modules.d/00_apache_manual.conf @@ -0,0 +1,26 @@ +# Provide access to the documentation on your server as +# http://yourserver.example.com/manual/ +# The documentation is always available at +# http://httpd.apache.org/docs/2.2/ + +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.15/manual$1" + + + Options Indexes + AllowOverride None + Order allow,deny + Allow from all + + + SetHandler type-map + + + SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1 + RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2 + + LanguagePriority en de es fr ja ko pt-br + ForceLanguagePriority Prefer Fallback + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_apache_manual.conf,v b/apache2/sarah/modules.d/00_apache_manual.conf,v new file mode 100644 index 0000000..c2af657 --- /dev/null +++ b/apache2/sarah/modules.d/00_apache_manual.conf,v @@ -0,0 +1,102 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2009.11.10.08.40.17; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2008.06.23.09.36.05; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.02.04.10.56.55; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@# Provide access to the documentation on your server as +# http://yourserver.example.com/manual/ +# The documentation is always available at +# http://httpd.apache.org/docs/2.2/ + +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.14-r1/manual$1" + + + Options Indexes + AllowOverride None + Order allow,deny + Allow from all + + + SetHandler type-map + + + SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1 + RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2 + + LanguagePriority en de es fr ja ko pt-br + ForceLanguagePriority Prefer Fallback + + + +# vim: ts=4 filetype=apache +@ + + +1.2 +log +@Checked in. +@ +text +@d6 1 +a6 4 + + + +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.9/manual$1" +d8 1 +a8 1 + +a23 3 + + + +@ + + +1.1 +log +@Initial revision +@ +text +@d9 1 +a9 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru))?(/.*)?$ "/usr/share/doc/apache-2.2.8/manual$1" +d11 1 +a11 1 + +d21 2 +a22 2 + SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br|ru)/ prefer-language=$1 + RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br|ru)){2,}(/.*)?$ /manual/$1$2 +d24 1 +a24 1 + LanguagePriority en de es fr ja ko pt-br ru +@ diff --git a/apache2/sarah/modules.d/00_autoindex.conf,v b/apache2/sarah/modules.d/00_autoindex.conf,v new file mode 100644 index 0000000..29e63d8 --- /dev/null +++ b/apache2/sarah/modules.d/00_autoindex.conf,v @@ -0,0 +1,115 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.09.11.07.05.41; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + +# Directives controlling the display of server-generated directory listings. +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. + +# IndexOptions: Controls the appearance of server-generated directory +# listings. +IndexOptions FancyIndexing VersionSort FoldersFirst HTMLTable IgnoreCase NameWidth=50 + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +Alias /icons/ "/var/www/localhost/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (CDR,/icons/corel-document.png) image/x-coreldraw + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/pdf.gif .pdf +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/corel-document.png .cdr + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename + +AddDescription "GZIP-komprimiertes Tar-Archiv" .tar.gz +AddDescription "GZIP-komprimiertes Dokument" .gz +AddDescription "Tar-Archiv" .tar +AddDescription "GZIP-komprimiertes Tar-Archiv" .tgz +AddDescription "PDF-Dokument" .pdf +AddDescription "CorelDraw-Zeichnung" .cdr + +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. + +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/sarah/modules.d/00_default_settings.conf b/apache2/sarah/modules.d/00_default_settings.conf new file mode 100644 index 0000000..d7a9b86 --- /dev/null +++ b/apache2/sarah/modules.d/00_default_settings.conf @@ -0,0 +1,115 @@ +# This configuration file reflects default settings for Apache HTTP Server. +# You may change these, but chances are that you may not need to. + +# Timeout: The number of seconds before receives and sends time out. +Timeout 300 + +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +KeepAlive On + +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +MaxKeepAliveRequests 100 + +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +KeepAliveTimeout 15 + +# UseCanonicalName: Determines how Apache constructs self-referencing +# URLs and the SERVER_NAME and SERVER_PORT variables. +# When set "Off", Apache will use the Hostname and Port supplied +# by the client. When set "On", Apache will use the value of the +# ServerName directive. +UseCanonicalName Off + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +AccessFileName .htaccess + +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minor | Minimal | Major | Prod +# where Full conveys the most information, and Prod the least. +#ServerTokens Full +ServerTokens Minimal + +# TraceEnable +# This directive overrides the behavior of TRACE for both the core server and +# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616, +# which disallows any request body to accompany the request. TraceEnable off +# causes the core server and mod_proxy to return a 405 (Method not allowed) +# error to the client. +# For security reasons this is turned off by default. (bug #240680) +TraceEnable off + +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +ServerSignature On + +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +HostnameLookups Off + +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall is used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +#EnableMMAP off +#EnableSendfile off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +ErrorLog /var/log/apache2/error.log + +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +LogLevel info + +# We configure the "default" to be a very restrictive set of features. + + Options FollowSymLinks + AllowOverride None + Order deny,allow + Deny from all + + +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# +# The index.html.var file (a type-map) is used to deliver content- +# negotiated documents. The MultiViews Options can be used for the +# same purpose, but it is much slower. +# +# To add files to that list use AddDirectoryIndex in a custom config +# file. Do not change this entry unless you know what you are doing. + + DirectoryIndex index.html index.html.var index.shtml index.htm Default.htm default.htm + + +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. + + Order allow,deny + Deny from all + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_default_settings.conf,v b/apache2/sarah/modules.d/00_default_settings.conf,v new file mode 100644 index 0000000..4c522f8 --- /dev/null +++ b/apache2/sarah/modules.d/00_default_settings.conf,v @@ -0,0 +1,169 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2009.11.09.21.07.26; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2009.01.05.13.00.28; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.01.09.11.29.34; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@# This configuration file reflects default settings for Apache HTTP Server. +# You may change these, but chances are that you may not need to. + +# Timeout: The number of seconds before receives and sends time out. +Timeout 300 + +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +KeepAlive On + +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +MaxKeepAliveRequests 100 + +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +KeepAliveTimeout 15 + +# UseCanonicalName: Determines how Apache constructs self-referencing +# URLs and the SERVER_NAME and SERVER_PORT variables. +# When set "Off", Apache will use the Hostname and Port supplied +# by the client. When set "On", Apache will use the value of the +# ServerName directive. +UseCanonicalName Off + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +AccessFileName .htaccess + +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minor | Minimal | Major | Prod +# where Full conveys the most information, and Prod the least. +#ServerTokens Full +ServerTokens Minimal + +# TraceEnable +# This directive overrides the behavior of TRACE for both the core server and +# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616, +# which disallows any request body to accompany the request. TraceEnable off +# causes the core server and mod_proxy to return a 405 (Method not allowed) +# error to the client. +# For security reasons this is turned off by default. (bug #240680) +TraceEnable off + +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +ServerSignature On + +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +HostnameLookups Off + +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall is used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +#EnableMMAP off +#EnableSendfile off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +ErrorLog /var/log/apache2/error.log + +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +LogLevel info + +# We configure the "default" to be a very restrictive set of features. + + Options FollowSymLinks + AllowOverride None + Order deny,allow + Deny from all + + +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# +# The index.html.var file (a type-map) is used to deliver content- +# negotiated documents. The MultiViews Options can be used for the +# same purpose, but it is much slower. +# +# To add files to that list use AddDirectoryIndex in a custom config +# file. Do not change this entry unless you know what you are doing. + + DirectoryIndex index.html index.html.var index.shtml index.htm Default.htm default.htm + + +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. + + Order allow,deny + Deny from all + + +# vim: ts=4 filetype=apache +@ + + +1.2 +log +@Checked in. +@ +text +@d38 2 +a39 1 +ServerTokens Full +@ + + +1.1 +log +@Initial revision +@ +text +@d40 9 +@ diff --git a/apache2/sarah/modules.d/00_error_documents.conf b/apache2/sarah/modules.d/00_error_documents.conf new file mode 100644 index 0000000..90c6b0a --- /dev/null +++ b/apache2/sarah/modules.d/00_error_documents.conf @@ -0,0 +1,58 @@ +# The configuration below implements multi-language error documents through +# content-negotiation. + +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html + +# Required modules: mod_alias, mod_include, mod_negotiation +# We use Alias to redirect any /error/HTTP_.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# You can modify the messages' appearance without changing any of the +# default HTTP_.html.var files by adding the line: +# Alias /error/include/ "/your/include/path/" +# which allows you to create your own set of files by starting with the +# /var/www/localhost/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. The default include files will display +# your Apache version number and your ServerAdmin email address regardless +# of the setting of ServerSignature. + + +Alias /error/ "/usr/share/apache2/error/" + + + AllowOverride None + Options IncludesNoExec + AddOutputFilter Includes html + AddHandler type-map var + Order allow,deny + Allow from all + LanguagePriority de en cs es fr it ja ko nl pl pt-br ro sv tr + ForceLanguagePriority Prefer Fallback + + +ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +ErrorDocument 410 /error/HTTP_GONE.html.var +ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_error_documents.conf,v b/apache2/sarah/modules.d/00_error_documents.conf,v new file mode 100644 index 0000000..fe1b429 --- /dev/null +++ b/apache2/sarah/modules.d/00_error_documents.conf,v @@ -0,0 +1,110 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.09.23.06.25; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.09.11.07.10.49; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# The configuration below implements multi-language error documents through +# content-negotiation. + +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html + +# Required modules: mod_alias, mod_include, mod_negotiation +# We use Alias to redirect any /error/HTTP_.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# You can modify the messages' appearance without changing any of the +# default HTTP_.html.var files by adding the line: +# Alias /error/include/ "/your/include/path/" +# which allows you to create your own set of files by starting with the +# /var/www/localhost/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. The default include files will display +# your Apache version number and your ServerAdmin email address regardless +# of the setting of ServerSignature. + + +Alias /error/ "/usr/share/apache2/error/" + + + AllowOverride None + Options IncludesNoExec + AddOutputFilter Includes html + AddHandler type-map var + Order allow,deny + Allow from all + LanguagePriority de en cs es fr it ja ko nl pl pt-br ro sv tr + ForceLanguagePriority Prefer Fallback + + +ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +ErrorDocument 410 /error/HTTP_GONE.html.var +ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d26 1 +a26 3 + + + +d28 1 +a28 3 +Alias /error/ "/var/www/localhost/error/" + + +a55 4 + + + + +@ diff --git a/apache2/sarah/modules.d/00_languages.conf b/apache2/sarah/modules.d/00_languages.conf new file mode 100644 index 0000000..48af93d --- /dev/null +++ b/apache2/sarah/modules.d/00_languages.conf @@ -0,0 +1,133 @@ +# Settings for hosting different languages. + +# DefaultLanguage and AddLanguage allows you to specify the language of +# a document. You can then use content negotiation to give a browser a +# file in a language the user can understand. +# +# Specify a default language. This means that all data +# going out without a specific language tag (see below) will +# be marked with this one. You probably do NOT want to set +# this unless you are sure it is correct for all cases. +# +# It is generally better to not mark a page as +# being a certain language than marking it with the wrong +# language! +# +# DefaultLanguage nl +# +# Note 1: The suffix does not have to be the same as the language +# keyword --- those with documents in Polish (whose net-standard +# language code is pl) may wish to use "AddLanguage pl .po" to +# avoid the ambiguity with the common suffix for perl scripts. +# +# Note 2: The example entries below illustrate that in some cases +# the two character 'Language' abbreviation is not identical to +# the two character 'Country' code for its country, +# E.g. 'Danmark/dk' versus 'Danish/da'. +# +# Note 3: In the case of 'ltz' we violate the RFC by using a three char +# specifier. There is 'work in progress' to fix this and get +# the reference data for rfc1766 cleaned up. +# +# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) +# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) +# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) +# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) +# Norwegian (no) - Polish (pl) - Portugese (pt) +# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) +# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +# LanguagePriority allows you to give precedence to some languages +# in case of a tie during content negotiation. +# +# Just list the languages in decreasing order of preference. We have +# more or less alphabetized them here. You probably want to change this. +LanguagePriority de en ca cs da el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW + +# ForceLanguagePriority allows you to serve a result page rather than +# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) +# [in case no accepted languages matched the available variants] +ForceLanguagePriority Prefer Fallback + +# Commonly used filename extensions to character sets. You probably +# want to avoid clashes with the language extensions, unless you +# are good at carefully testing your setup after each change. +# See http://www.iana.org/assignments/character-sets for the +# official list of charset names and their respective RFCs. +AddCharset us-ascii.ascii .us-ascii +AddCharset ISO-8859-1 .iso8859-1 .latin1 +AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen +AddCharset ISO-8859-3 .iso8859-3 .latin3 +AddCharset ISO-8859-4 .iso8859-4 .latin4 +AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru +AddCharset ISO-8859-6 .iso8859-6 .arb .arabic +AddCharset ISO-8859-7 .iso8859-7 .grk .greek +AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew +AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk +AddCharset ISO-8859-10 .iso8859-10 .latin6 +AddCharset ISO-8859-13 .iso8859-13 +AddCharset ISO-8859-14 .iso8859-14 .latin8 +AddCharset ISO-8859-15 .iso8859-15 .latin9 +AddCharset ISO-8859-16 .iso8859-16 .latin10 +AddCharset ISO-2022-JP .iso2022-jp .jis +AddCharset ISO-2022-KR .iso2022-kr .kis +AddCharset ISO-2022-CN .iso2022-cn .cis +AddCharset Big5.Big5 .big5 .b5 +AddCharset cn-Big5 .cn-big5 +# For russian, more than one charset is used (depends on client, mostly): +AddCharset WINDOWS-1251 .cp-1251 .win-1251 +AddCharset CP866 .cp866 +AddCharset KOI8 .koi8 +AddCharset KOI8-E .koi8-e +AddCharset KOI8-r .koi8-r .koi8-ru +AddCharset KOI8-U .koi8-u +AddCharset KOI8-ru .koi8-uk .ua +AddCharset ISO-10646-UCS-2 .ucs2 +AddCharset ISO-10646-UCS-4 .ucs4 +AddCharset UTF-7 .utf7 +AddCharset UTF-8 .utf8 +AddCharset UTF-16 .utf16 +AddCharset UTF-16BE .utf16be +AddCharset UTF-16LE .utf16le +AddCharset UTF-32 .utf32 +AddCharset UTF-32BE .utf32be +AddCharset UTF-32LE .utf32le +AddCharset euc-cn .euc-cn +AddCharset euc-gb .euc-gb +AddCharset euc-jp .euc-jp +AddCharset euc-kr .euc-kr +# Not sure how euc-tw got in - IANA doesn't list it??? +AddCharset EUC-TW .euc-tw +AddCharset gb2312 .gb2312 .gb +AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2 +AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4 +AddCharset shift_jis .shift_jis .sjis + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_languages.conf,v b/apache2/sarah/modules.d/00_languages.conf,v new file mode 100644 index 0000000..1e86e70 --- /dev/null +++ b/apache2/sarah/modules.d/00_languages.conf,v @@ -0,0 +1,176 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.09.23.06.25; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.09.11.07.11.17; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# Settings for hosting different languages. + +# DefaultLanguage and AddLanguage allows you to specify the language of +# a document. You can then use content negotiation to give a browser a +# file in a language the user can understand. +# +# Specify a default language. This means that all data +# going out without a specific language tag (see below) will +# be marked with this one. You probably do NOT want to set +# this unless you are sure it is correct for all cases. +# +# It is generally better to not mark a page as +# being a certain language than marking it with the wrong +# language! +# +# DefaultLanguage nl +# +# Note 1: The suffix does not have to be the same as the language +# keyword --- those with documents in Polish (whose net-standard +# language code is pl) may wish to use "AddLanguage pl .po" to +# avoid the ambiguity with the common suffix for perl scripts. +# +# Note 2: The example entries below illustrate that in some cases +# the two character 'Language' abbreviation is not identical to +# the two character 'Country' code for its country, +# E.g. 'Danmark/dk' versus 'Danish/da'. +# +# Note 3: In the case of 'ltz' we violate the RFC by using a three char +# specifier. There is 'work in progress' to fix this and get +# the reference data for rfc1766 cleaned up. +# +# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) +# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) +# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) +# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) +# Norwegian (no) - Polish (pl) - Portugese (pt) +# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) +# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +# LanguagePriority allows you to give precedence to some languages +# in case of a tie during content negotiation. +# +# Just list the languages in decreasing order of preference. We have +# more or less alphabetized them here. You probably want to change this. +LanguagePriority de en ca cs da el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW + +# ForceLanguagePriority allows you to serve a result page rather than +# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) +# [in case no accepted languages matched the available variants] +ForceLanguagePriority Prefer Fallback + +# Commonly used filename extensions to character sets. You probably +# want to avoid clashes with the language extensions, unless you +# are good at carefully testing your setup after each change. +# See http://www.iana.org/assignments/character-sets for the +# official list of charset names and their respective RFCs. +AddCharset us-ascii.ascii .us-ascii +AddCharset ISO-8859-1 .iso8859-1 .latin1 +AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen +AddCharset ISO-8859-3 .iso8859-3 .latin3 +AddCharset ISO-8859-4 .iso8859-4 .latin4 +AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru +AddCharset ISO-8859-6 .iso8859-6 .arb .arabic +AddCharset ISO-8859-7 .iso8859-7 .grk .greek +AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew +AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk +AddCharset ISO-8859-10 .iso8859-10 .latin6 +AddCharset ISO-8859-13 .iso8859-13 +AddCharset ISO-8859-14 .iso8859-14 .latin8 +AddCharset ISO-8859-15 .iso8859-15 .latin9 +AddCharset ISO-8859-16 .iso8859-16 .latin10 +AddCharset ISO-2022-JP .iso2022-jp .jis +AddCharset ISO-2022-KR .iso2022-kr .kis +AddCharset ISO-2022-CN .iso2022-cn .cis +AddCharset Big5.Big5 .big5 .b5 +AddCharset cn-Big5 .cn-big5 +# For russian, more than one charset is used (depends on client, mostly): +AddCharset WINDOWS-1251 .cp-1251 .win-1251 +AddCharset CP866 .cp866 +AddCharset KOI8 .koi8 +AddCharset KOI8-E .koi8-e +AddCharset KOI8-r .koi8-r .koi8-ru +AddCharset KOI8-U .koi8-u +AddCharset KOI8-ru .koi8-uk .ua +AddCharset ISO-10646-UCS-2 .ucs2 +AddCharset ISO-10646-UCS-4 .ucs4 +AddCharset UTF-7 .utf7 +AddCharset UTF-8 .utf8 +AddCharset UTF-16 .utf16 +AddCharset UTF-16BE .utf16be +AddCharset UTF-16LE .utf16le +AddCharset UTF-32 .utf32 +AddCharset UTF-32BE .utf32be +AddCharset UTF-32LE .utf32le +AddCharset euc-cn .euc-cn +AddCharset euc-gb .euc-gb +AddCharset euc-jp .euc-jp +AddCharset euc-kr .euc-kr +# Not sure how euc-tw got in - IANA doesn't list it??? +AddCharset EUC-TW .euc-tw +AddCharset gb2312 .gb2312 .gb +AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2 +AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4 +AddCharset shift_jis .shift_jis .sjis + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@a2 2 + + +a130 2 + + +@ diff --git a/apache2/sarah/modules.d/00_mod_autoindex.conf b/apache2/sarah/modules.d/00_mod_autoindex.conf new file mode 100644 index 0000000..8e34554 --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_autoindex.conf @@ -0,0 +1,91 @@ + + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +Alias /icons/ "/usr/share/apache2/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + +# Directives controlling the display of server-generated directory listings. +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. + +# IndexOptions: Controls the appearance of server-generated directory +# listings. +#IndexOptions FancyIndexing VersionSort +IndexOptions FancyIndexing VersionSort FoldersFirst HTMLTable IgnoreCase NameWidth=50 + +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (CDR,/icons/corel-document.png) image/x-coreldraw + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/corel-document.png .cdr + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename + +AddDescription "GZIP-komprimiertes Tar-Archiv" .tar.gz +AddDescription "GZIP-komprimiertes Dokument" .gz +AddDescription "Tar-Archive" .tar +AddDescription "GZIP-komprimiertes Tar-Archiv" .tgz +AddDescription "PDF-Dokument" .pdf +AddDescription "CorelDraw-Zeichnung" .cdr + +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. + +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_mod_autoindex.conf,v b/apache2/sarah/modules.d/00_mod_autoindex.conf,v new file mode 100644 index 0000000..25b235e --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_autoindex.conf,v @@ -0,0 +1,157 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2009.11.09.23.07.30; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2008.03.18.21.08.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.02.04.10.56.54; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@ + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +Alias /icons/ "/usr/share/apache2/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + +# Directives controlling the display of server-generated directory listings. +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. + +# IndexOptions: Controls the appearance of server-generated directory +# listings. +#IndexOptions FancyIndexing VersionSort +IndexOptions FancyIndexing VersionSort FoldersFirst HTMLTable IgnoreCase NameWidth=50 + +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (CDR,/icons/corel-document.png) image/x-coreldraw + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/corel-document.png .cdr + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename + +AddDescription "GZIP-komprimiertes Tar-Archiv" .tar.gz +AddDescription "GZIP-komprimiertes Dokument" .gz +AddDescription "Tar-Archive" .tar +AddDescription "GZIP-komprimiertes Tar-Archiv" .tgz +AddDescription "PDF-Dokument" .pdf +AddDescription "CorelDraw-Zeichnung" .cdr + +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. + +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + + +# vim: ts=4 filetype=apache +@ + + +1.2 +log +@Checked in. +@ +text +@d5 1 +a5 1 +Alias /icons/ "/var/www/localhost/icons/" +d7 1 +a7 1 + +@ + + +1.1 +log +@Initial revision +@ +text +@d23 2 +a24 1 +IndexOptions FancyIndexing VersionSort +d31 2 +d55 2 +d71 6 +a76 3 +#AddDescription "GZIP compressed document" .gz +#AddDescription "tar archive" .tar +#AddDescription "GZIP compressed tar archive" .tgz +@ diff --git a/apache2/sarah/modules.d/00_mod_info.conf b/apache2/sarah/modules.d/00_mod_info.conf new file mode 100644 index 0000000..44379d1 --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_info.conf @@ -0,0 +1,18 @@ + +# Allow remote server configuration reports, with the URL of +# http://servername/server-info + + SetHandler server-info + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_mod_info.conf,v b/apache2/sarah/modules.d/00_mod_info.conf,v new file mode 100644 index 0000000..24aed60 --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_info.conf,v @@ -0,0 +1,55 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.09.23.06.25; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.01.09.11.32.12; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +# Allow remote server configuration reports, with the URL of +# http://servername/server-info + + SetHandler server-info + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + Allow from 194.97.188.108 + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@a1 1 + +a11 1 + +@ diff --git a/apache2/sarah/modules.d/00_mod_log_config.conf b/apache2/sarah/modules.d/00_mod_log_config.conf new file mode 100644 index 0000000..d4bd85c --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_log_config.conf @@ -0,0 +1,37 @@ + +# The following directives define some format nicknames for use with +# a CustomLog directive (see below). +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\"" full +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common + +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-Agent}i" agent +LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost + + +# You need to enable mod_logio.c to use %I and %O +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\" %I %O" full_io +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio + + +# The location and format of the access logfile (Common Logfile Format). +# If you do not define any access logfiles within a +# container, they will be logged here. Contrariwise, if you *do* +# define per- access logfiles, transactions will be +# logged therein and *not* in this file. +CustomLog /var/log/apache2/access.log full + +# If you would like to have agent and referer logfiles, +# uncomment the following directives. +#CustomLog /var/log/apache2/referer_log referer +#CustomLog /var/log/apache2/agent_logs agent + +# If you prefer a logfile with access, agent, and referer information +# (Combined Logfile Format) you can use the following directive. +#CustomLog /var/log/apache2/access_log combined + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_mod_log_config.conf,v b/apache2/sarah/modules.d/00_mod_log_config.conf,v new file mode 100644 index 0000000..7ac30f9 --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_log_config.conf,v @@ -0,0 +1,77 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2008.06.10.19.45.04; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.01.09.11.34.01; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +# The following directives define some format nicknames for use with +# a CustomLog directive (see below). +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\"" full +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common + +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-Agent}i" agent +LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost + + +# You need to enable mod_logio.c to use %I and %O +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\" %I %O" full_io +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio + + +# The location and format of the access logfile (Common Logfile Format). +# If you do not define any access logfiles within a +# container, they will be logged here. Contrariwise, if you *do* +# define per- access logfiles, transactions will be +# logged therein and *not* in this file. +CustomLog /var/log/apache2/access.log full + +# If you would like to have agent and referer logfiles, +# uncomment the following directives. +#CustomLog /var/log/apache2/referer_log referer +#CustomLog /var/log/apache2/agent_logs agent + +# If you prefer a logfile with access, agent, and referer information +# (Combined Logfile Format) you can use the following directive. +#CustomLog /var/log/apache2/access_log combined + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d11 1 +a11 1 +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i VLOG=%{VLOG}e" vhost +@ diff --git a/apache2/sarah/modules.d/00_mod_mime.conf b/apache2/sarah/modules.d/00_mod_mime.conf new file mode 100644 index 0000000..f2b82c1 --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_mime.conf @@ -0,0 +1,61 @@ +# DefaultType: the default MIME type the server will use for a document +# if it cannot otherwise determine one, such as from filename extensions. +# If your server contains mostly text or HTML documents, "text/plain" is +# a good value. If most of your content is binary, such as applications +# or images, you may want to use "application/octet-stream" instead to +# keep browsers from trying to display binary files as though they are +# text. +DefaultType text/plain + + +# TypesConfig points to the file containing the list of mappings from +# filename extension to MIME-type. +TypesConfig /etc/mime.types + +# AddType allows you to add to or override the MIME configuration +# file specified in TypesConfig for specific file types. +#AddType application/x-gzip .tgz + +# AddEncoding allows you to have certain browsers uncompress +# information on the fly. Note: Not all browsers support this. +AddEncoding x-compress .Z +AddEncoding x-gzip .gz .tgz + +# If the AddEncoding directives above are commented-out, then you +# probably should define those extensions to indicate media types: +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz + +# AddHandler allows you to map certain file extensions to "handlers": +# actions unrelated to filetype. These can be either built into the server +# or added with the Action directive (see below) + +# To use CGI scripts outside of ScriptAliased directories: +# (You will also need to add "ExecCGI" to the "Options" directive.) +#AddHandler cgi-script .cgi + +# For files that include their own HTTP headers: +#AddHandler send-as-is asis + +# For server-parsed imagemap files: +#AddHandler imap-file map + +# For type maps (negotiated resources): +AddHandler type-map var + +# Filters allow you to process content before it is sent to the client. +# +# To parse .shtml files for server-side includes (SSI): +# (You will also need to add "Includes" to the "Options" directive.) +#AddType text/html .shtml +#AddOutputFilter INCLUDES .shtml + + + +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +MIMEMagicFile /etc/apache2/magic + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_mod_mime.conf,v b/apache2/sarah/modules.d/00_mod_mime.conf,v new file mode 100644 index 0000000..44ea41b --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_mime.conf,v @@ -0,0 +1,85 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.01.09.11.35.44; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# DefaultType: the default MIME type the server will use for a document +# if it cannot otherwise determine one, such as from filename extensions. +# If your server contains mostly text or HTML documents, "text/plain" is +# a good value. If most of your content is binary, such as applications +# or images, you may want to use "application/octet-stream" instead to +# keep browsers from trying to display binary files as though they are +# text. +DefaultType text/plain + + +# TypesConfig points to the file containing the list of mappings from +# filename extension to MIME-type. +TypesConfig /etc/mime.types + +# AddType allows you to add to or override the MIME configuration +# file specified in TypesConfig for specific file types. +#AddType application/x-gzip .tgz + +# AddEncoding allows you to have certain browsers uncompress +# information on the fly. Note: Not all browsers support this. +AddEncoding x-compress .Z +AddEncoding x-gzip .gz .tgz + +# If the AddEncoding directives above are commented-out, then you +# probably should define those extensions to indicate media types: +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz + +# AddHandler allows you to map certain file extensions to "handlers": +# actions unrelated to filetype. These can be either built into the server +# or added with the Action directive (see below) + +# To use CGI scripts outside of ScriptAliased directories: +# (You will also need to add "ExecCGI" to the "Options" directive.) +#AddHandler cgi-script .cgi + +# For files that include their own HTTP headers: +#AddHandler send-as-is asis + +# For server-parsed imagemap files: +#AddHandler imap-file map + +# For type maps (negotiated resources): +AddHandler type-map var + +# Filters allow you to process content before it is sent to the client. +# +# To parse .shtml files for server-side includes (SSI): +# (You will also need to add "Includes" to the "Options" directive.) +#AddType text/html .shtml +#AddOutputFilter INCLUDES .shtml + + + +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +MIMEMagicFile /etc/apache2/magic + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/sarah/modules.d/00_mod_status.conf b/apache2/sarah/modules.d/00_mod_status.conf new file mode 100644 index 0000000..9ebd91f --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_status.conf @@ -0,0 +1,23 @@ + +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + +# ExtendedStatus controls whether Apache will generate "full" status +# information (ExtendedStatus On) or just basic information (ExtendedStatus +# Off) when the "server-status" handler is called. +ExtendedStatus On + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_mod_status.conf,v b/apache2/sarah/modules.d/00_mod_status.conf,v new file mode 100644 index 0000000..333dde5 --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_status.conf,v @@ -0,0 +1,63 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.10.08.40.16; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.01.09.11.40.45; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + +# ExtendedStatus controls whether Apache will generate "full" status +# information (ExtendedStatus On) or just basic information (ExtendedStatus +# Off) when the "server-status" handler is called. +ExtendedStatus On + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@a1 1 + +d8 1 +a8 3 + Allow from 127.0.0.1 + Allow from localhost + Allow from 194.97.188.108 +a14 1 + +@ diff --git a/apache2/sarah/modules.d/00_mod_userdir.conf b/apache2/sarah/modules.d/00_mod_userdir.conf new file mode 100644 index 0000000..da7d0fb --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_userdir.conf @@ -0,0 +1,34 @@ +# Settings for user home directories + +# UserDir: The name of the directory that is appended onto a user's home +# directory if a ~user request is received. Note that you must also set +# the default access control for these directories, as in the example below. +UserDir public_html + +# Control access to UserDir directories. The following is an example +# for a site where these directories are restricted to read-only. + + AllowOverride FileInfo AuthConfig Limit Indexes + Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec + + Order allow,deny + Allow from all + + + Order deny,allow + Deny from all + + + +# Suexec isn't really required to run cgi-scripts, but it's a really good +# idea if you have multiple users serving websites... + + + Options ExecCGI + SetHandler cgi-script + + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_mod_userdir.conf,v b/apache2/sarah/modules.d/00_mod_userdir.conf,v new file mode 100644 index 0000000..d3b8072 --- /dev/null +++ b/apache2/sarah/modules.d/00_mod_userdir.conf,v @@ -0,0 +1,82 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.10.08.40.16; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.02.04.10.56.54; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# Settings for user home directories + +# UserDir: The name of the directory that is appended onto a user's home +# directory if a ~user request is received. Note that you must also set +# the default access control for these directories, as in the example below. +UserDir public_html + +# Control access to UserDir directories. The following is an example +# for a site where these directories are restricted to read-only. + + AllowOverride FileInfo AuthConfig Limit Indexes + Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec + + Order allow,deny + Allow from all + + + Order deny,allow + Deny from all + + + +# Suexec isn't really required to run cgi-scripts, but it's a really good +# idea if you have multiple users serving websites... + + + Options ExecCGI + SetHandler cgi-script + + + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@a1 1 + +a2 2 + + +a25 1 + +a29 1 + +a31 1 + +@ diff --git a/apache2/sarah/modules.d/00_mpm.conf b/apache2/sarah/modules.d/00_mpm.conf new file mode 100644 index 0000000..27dc24d --- /dev/null +++ b/apache2/sarah/modules.d/00_mpm.conf @@ -0,0 +1,99 @@ +# Server-Pool Management (MPM specific) + +# PidFile: The file in which the server should record its process +# identification number when it starts. +# +# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING +PidFile /var/run/apache2.pid + +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +#LockFile /var/run/apache2.lock + +# Only one of the below sections will be relevant on your +# installed httpd. Use "/usr/sbin/apache2 -l" to find out the +# active mpm. + +# common MPM configuration +# These configuration directives apply to all MPMs +# +# StartServers: Number of child server processes created at startup +# MaxClients: Maximum number of child processes to serve requests +# MaxRequestsPerChild: Limit on the number of requests that an individual child +# server will handle during its life + + +# prefork MPM +# This is the default MPM if USE=-threads +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 2 + MinSpareServers 2 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# worker MPM +# This is the default MPM if USE=threads +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# event MPM +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# peruser MPM +# +# MinSpareProcessors: Minimum number of idle child server processes +# MinProcessors: Minimum number of processors per virtual host +# MaxProcessors: Maximum number of processors per virtual host +# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable +# Multiplexer: Specify a Multiplexer child configuration. +# Processor: Specify a user and group for a specific child process + + MinSpareProcessors 2 + MinProcessors 2 + MaxProcessors 10 + MaxClients 150 + MaxRequestsPerChild 1000 + ExpireTimeout 1800 + + Multiplexer nobody nobody + Processor apache apache + + +# itk MPM +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/00_mpm.conf,v b/apache2/sarah/modules.d/00_mpm.conf,v new file mode 100644 index 0000000..a7dac74 --- /dev/null +++ b/apache2/sarah/modules.d/00_mpm.conf,v @@ -0,0 +1,156 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2008.09.01.07.46.01; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2008.06.10.19.45.04; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.12.17.10.17.55; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@# Server-Pool Management (MPM specific) + +# PidFile: The file in which the server should record its process +# identification number when it starts. +# +# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING +PidFile /var/run/apache2.pid + +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +#LockFile /var/run/apache2.lock + +# Only one of the below sections will be relevant on your +# installed httpd. Use "/usr/sbin/apache2 -l" to find out the +# active mpm. + +# common MPM configuration +# These configuration directives apply to all MPMs +# +# StartServers: Number of child server processes created at startup +# MaxClients: Maximum number of child processes to serve requests +# MaxRequestsPerChild: Limit on the number of requests that an individual child +# server will handle during its life + + +# prefork MPM +# This is the default MPM if USE=-threads +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 2 + MinSpareServers 2 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# worker MPM +# This is the default MPM if USE=threads +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# event MPM +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# peruser MPM +# +# MinSpareProcessors: Minimum number of idle child server processes +# MinProcessors: Minimum number of processors per virtual host +# MaxProcessors: Maximum number of processors per virtual host +# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable +# Multiplexer: Specify a Multiplexer child configuration. +# Processor: Specify a user and group for a specific child process + + MinSpareProcessors 2 + MinProcessors 2 + MaxProcessors 10 + MaxClients 150 + MaxRequestsPerChild 1000 + ExpireTimeout 1800 + + Multiplexer nobody nobody + Processor apache apache + + +# itk MPM +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# vim: ts=4 filetype=apache +@ + + +1.2 +log +@Checked in. +@ +text +@a82 3 + # KeepAlive *MUST* be set to off + KeepAlive Off + +@ + + +1.1 +log +@Initial revision +@ +text +@d6 1 +a6 1 +# Note that this is the default PidFile for most MPMs. +@ diff --git a/apache2/sarah/modules.d/10_mod_mem_cache.conf b/apache2/sarah/modules.d/10_mod_mem_cache.conf new file mode 100644 index 0000000..520d9fd --- /dev/null +++ b/apache2/sarah/modules.d/10_mod_mem_cache.conf @@ -0,0 +1,10 @@ + +# 128MB cache for objects < 2MB +CacheEnable mem / +MCacheSize 131072 +MCacheMaxObjectCount 1000 +MCacheMinObjectSize 1 +MCacheMaxObjectSize 2097152 + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/10_mod_mem_cache.conf,v b/apache2/sarah/modules.d/10_mod_mem_cache.conf,v new file mode 100644 index 0000000..7a5e3cd --- /dev/null +++ b/apache2/sarah/modules.d/10_mod_mem_cache.conf,v @@ -0,0 +1,34 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.02.04.10.56.54; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +# 128MB cache for objects < 2MB +CacheEnable mem / +MCacheSize 131072 +MCacheMaxObjectCount 1000 +MCacheMinObjectSize 1 +MCacheMaxObjectSize 2048 + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/sarah/modules.d/11_mod_auth_kerb.conf b/apache2/sarah/modules.d/11_mod_auth_kerb.conf new file mode 100644 index 0000000..e567274 --- /dev/null +++ b/apache2/sarah/modules.d/11_mod_auth_kerb.conf @@ -0,0 +1,14 @@ + +LoadModule auth_kerb_module modules/mod_auth_kerb.so + + + AuthType Kerberos + AuthName "Kerberos Login" + # See the INSTALL file about howto create the keytab + Krb5Keytab conf/apache.keytab + KrbAuthRealms EXAMPLE.COM + Require valid-user + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/11_mod_auth_kerb.conf,v b/apache2/sarah/modules.d/11_mod_auth_kerb.conf,v new file mode 100644 index 0000000..7f6a880 --- /dev/null +++ b/apache2/sarah/modules.d/11_mod_auth_kerb.conf,v @@ -0,0 +1,38 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.08.14.20.09.45; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +LoadModule auth_kerb_module modules/mod_auth_kerb.so + + + AuthType Kerberos + AuthName "Kerberos Login" + # See the INSTALL file about howto create the keytab + Krb5Keytab conf/apache.keytab + KrbAuthRealms EXAMPLE.COM + Require valid-user + + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/sarah/modules.d/12_mod_auth_mysql.conf b/apache2/sarah/modules.d/12_mod_auth_mysql.conf new file mode 100644 index 0000000..f33ced4 --- /dev/null +++ b/apache2/sarah/modules.d/12_mod_auth_mysql.conf @@ -0,0 +1,132 @@ + +LoadModule mysql_auth_module modules/mod_auth_mysql.so + +# mod_auth_mysql can be used to limit access to documents by checking +# data in a MySQL database. + +# This will enable user-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# +# require valid-user +# + +# This will enable group-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass'), 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass'), 'admin'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupField user_group +# +# require group admin +# + +# Like the above this enables group-based MySQL authentication of +# everything within /home/httpd, but this configuration allows users to +# belong to more than one group. You'll need to do the following as +# the MySQL root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# CREATE TABLE groups ( +# user_name CHAR(30) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name, user_group) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# GRANT SELECT +# ON auth.groups +# TO authuser@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testuser', 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testadmin', 'admin'); +# INSERT INTO groups VALUES ('testadmin', 'user'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupTable groups +# AuthMySQLGroupField user_group +# +# require group user +# + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/12_mod_auth_mysql.conf,v b/apache2/sarah/modules.d/12_mod_auth_mysql.conf,v new file mode 100644 index 0000000..b7de769 --- /dev/null +++ b/apache2/sarah/modules.d/12_mod_auth_mysql.conf,v @@ -0,0 +1,156 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.08.14.20.08.36; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +LoadModule mysql_auth_module modules/mod_auth_mysql.so + +# mod_auth_mysql can be used to limit access to documents by checking +# data in a MySQL database. + +# This will enable user-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# +# require valid-user +# + +# This will enable group-based MySQL authentication of everything +# within /home/httpd. You'll need to do the following as the MySQL +# root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass'), 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass'), 'admin'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupField user_group +# +# require group admin +# + +# Like the above this enables group-based MySQL authentication of +# everything within /home/httpd, but this configuration allows users to +# belong to more than one group. You'll need to do the following as +# the MySQL root user beforehand: +# +# CREATE DATABASE auth; +# USE auth; +# CREATE TABLE users ( +# user_name CHAR(30) NOT NULL, +# user_passwd CHAR(20) NOT NULL, +# PRIMARY KEY (user_name) +# ); +# CREATE TABLE groups ( +# user_name CHAR(30) NOT NULL, +# user_group CHAR(20) NOT NULL, +# PRIMARY KEY (user_name, user_group) +# ); +# GRANT SELECT +# ON auth.users +# TO authuser@@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# GRANT SELECT +# ON auth.groups +# TO authuser@@localhost +# IDENTIFIED BY 'PaSsW0Rd'; +# +# INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testuser', 'user'); +# INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass')); +# INSERT INTO groups VALUES ('testadmin', 'admin'); +# INSERT INTO groups VALUES ('testadmin', 'user'); +# +# +# # If you want tot make mod_auth_mysql work with apache-2.2, please uncomment +# # the following line: +# #AuthBasicAuthoritative Off +# AuthName "MySQL group authenticated zone" +# AuthType Basic +# +# AuthMySQLUser authuser +# AuthMySQLPassword PaSsW0Rd +# AuthMySQLDB auth +# AuthMySQLUserTable users +# AuthMySQLNameField user_name +# AuthMySQLPasswordField user_passwd +# AuthMySQLGroupTable groups +# AuthMySQLGroupField user_group +# +# require group user +# + + +# vim: ts=4 filetype=apache +@ diff --git a/apache2/sarah/modules.d/20_mod_fastcgi.conf b/apache2/sarah/modules.d/20_mod_fastcgi.conf new file mode 100644 index 0000000..39e08c5 --- /dev/null +++ b/apache2/sarah/modules.d/20_mod_fastcgi.conf @@ -0,0 +1,7 @@ + +LoadModule fastcgi_module modules/mod_fastcgi.so +AddHandler fastcgi-script fcg fcgi fpl +FastCgiServer /var/www/books/script/frbr_books_fastcgi.pl -processes 2 + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/20_mod_fastcgi.conf,v b/apache2/sarah/modules.d/20_mod_fastcgi.conf,v new file mode 100644 index 0000000..bc7e4d7 --- /dev/null +++ b/apache2/sarah/modules.d/20_mod_fastcgi.conf,v @@ -0,0 +1,53 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2008.03.25.11.24.10; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.12.06.15.23.03; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +LoadModule fastcgi_module modules/mod_fastcgi.so +AddHandler fastcgi-script fcg fcgi fpl +FastCgiServer /var/www/books/script/frbr_books_fastcgi.pl -processes 2 + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d2 4 +a5 3 + + LoadModule fastcgi_module modules/mod_fastcgi.so + +d7 1 +a7 2 + AddHandler fastcgi-script fcg fcgi fpl + +@ diff --git a/apache2/sarah/modules.d/40_mod_ssl.conf b/apache2/sarah/modules.d/40_mod_ssl.conf new file mode 100644 index 0000000..3d0a043 --- /dev/null +++ b/apache2/sarah/modules.d/40_mod_ssl.conf @@ -0,0 +1,63 @@ +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + + +# This is the Apache server configuration file providing SSL support. +# It contains the configuration directives to instruct the server how to +# serve pages over an https connection. For detailing information about these +# directives see + +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. + +## Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the SSL library. +# The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. This means you then cannot use the /dev/random device +# because it would lead to very long connection times (as long as +# it requires to make more entropy available). But usually those +# platforms additionally provide a /dev/urandom device which doesn't +# block. So, if available, use this one instead. Read the mod_ssl User +# Manual for more details. +#SSLRandomSeed startup file:/dev/random 512 +#SSLRandomSeed startup file:/dev/urandom 512 +#SSLRandomSeed connect file:/dev/random 512 +#SSLRandomSeed connect file:/dev/urandom 512 + +## SSL Global Context: +# All SSL configuration in this context applies both to the main server and +# all SSL-enabled virtual hosts. + +# Some MIME-types for downloading Certificates and CRLs + + AddType application/x-x509-ca-cert .crt + AddType application/x-pkcs7-crl .crl + + +## Pass Phrase Dialog: +# Configure the pass phrase gathering process. The filtering dialog program +# (`builtin' is a internal terminal dialog) has to provide the pass phrase on +# stdout. +SSLPassPhraseDialog builtin + +## Inter-Process Session Cache: +# Configure the SSL Session Cache: First the mechanism to use and second the +# expiring timeout (in seconds). +#SSLSessionCache dbm:/var/run/ssl_scache +SSLSessionCache shmcb:/var/run/ssl_scache(512000) +SSLSessionCacheTimeout 300 + +## Semaphore: +# Configure the path to the mutual exclusion semaphore the SSL engine uses +# internally for inter-process synchronization. +SSLMutex file:/var/run/ssl_mutex + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/40_mod_ssl.conf,v b/apache2/sarah/modules.d/40_mod_ssl.conf,v new file mode 100644 index 0000000..18eab70 --- /dev/null +++ b/apache2/sarah/modules.d/40_mod_ssl.conf,v @@ -0,0 +1,104 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.10.08.40.16; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.02.04.10.56.54; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + + +# This is the Apache server configuration file providing SSL support. +# It contains the configuration directives to instruct the server how to +# serve pages over an https connection. For detailing information about these +# directives see + +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. + +## Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the SSL library. +# The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. This means you then cannot use the /dev/random device +# because it would lead to very long connection times (as long as +# it requires to make more entropy available). But usually those +# platforms additionally provide a /dev/urandom device which doesn't +# block. So, if available, use this one instead. Read the mod_ssl User +# Manual for more details. +#SSLRandomSeed startup file:/dev/random 512 +#SSLRandomSeed startup file:/dev/urandom 512 +#SSLRandomSeed connect file:/dev/random 512 +#SSLRandomSeed connect file:/dev/urandom 512 + +## SSL Global Context: +# All SSL configuration in this context applies both to the main server and +# all SSL-enabled virtual hosts. + +# Some MIME-types for downloading Certificates and CRLs + + AddType application/x-x509-ca-cert .crt + AddType application/x-pkcs7-crl .crl + + +## Pass Phrase Dialog: +# Configure the pass phrase gathering process. The filtering dialog program +# (`builtin' is a internal terminal dialog) has to provide the pass phrase on +# stdout. +SSLPassPhraseDialog builtin + +## Inter-Process Session Cache: +# Configure the SSL Session Cache: First the mechanism to use and second the +# expiring timeout (in seconds). +#SSLSessionCache dbm:/var/run/ssl_scache +SSLSessionCache shmcb:/var/run/ssl_scache(512000) +SSLSessionCacheTimeout 300 + +## Semaphore: +# Configure the path to the mutual exclusion semaphore the SSL engine uses +# internally for inter-process synchronization. +SSLMutex file:/var/run/ssl_mutex + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@a9 1 + +a60 1 + +@ diff --git a/apache2/sarah/modules.d/41_mod_ssl.default-vhost,v b/apache2/sarah/modules.d/41_mod_ssl.default-vhost,v new file mode 100644 index 0000000..685886c --- /dev/null +++ b/apache2/sarah/modules.d/41_mod_ssl.default-vhost,v @@ -0,0 +1,214 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.09.09.16.43.42; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + # We now wrap the entire default vhost in a seperate IfDefine to fix bug + # 100624. If you are using this default vhost, add it to /etc/conf.d/apache2 + + + +## +## SSL Virtual Host Context +## + + + + # General setup for the virtual host + DocumentRoot "/var/www/localhost/htdocs" + #ServerName localhost:443 + #ServerAdmin root@@localhost + ErrorLog logs/ssl_error.log + + TransferLog logs/ssl_access.log + + +# SSL Engine Switch: +# Enable/Disable SSL for this virtual host. +SSLEngine on + +# SSL Cipher Suite: +# List the ciphers that the client is permitted to negotiate. +# See the mod_ssl documentation for a complete list. +SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + +# Server Certificate: +# Point SSLCertificateFile at a PEM encoded certificate. If +# the certificate is encrypted, then you will be prompted for a +# pass phrase. Note that a kill -HUP will prompt again. A test +# certificate can be generated with `make certificate' under +# built time. Keep in mind that if you've both a RSA and a DSA +# certificate you can configure both in parallel (to also allow +# the use of DSA ciphers, etc.) +SSLCertificateFile conf/ssl/myadmin-cert.pem + +# Server Private Key: +# If the key is not combined with the certificate, use this +# directive to point at the key file. Keep in mind that if +# you've both a RSA and a DSA private key you can configure +# both in parallel (to also allow the use of DSA ciphers, etc.) + +SSLCertificateKeyFile conf/ssl/myadmin-cert.pem + +# Server Certificate Chain: +# Point SSLCertificateChainFile at a file containing the +# concatenation of PEM encoded CA certificates which form the +# certificate chain for the server certificate. Alternatively +# the referenced file can be the same as SSLCertificateFile +# when the CA certificates are directly appended to the server +# certificate for convinience. +#SSLCertificateChainFile conf/ssl/ca.crt + +# Certificate Authority (CA): +# Set the CA certificate verification path where to find CA +# certificates for client authentication or alternatively one +# huge file containing all of them (file must be PEM encoded) +# Note: Inside SSLCACertificatePath you need hash symlinks +# to point to the certificate files. Use the provided +# Makefile to update the hash symlinks after changes. +#SSLCACertificatePath conf/ssl/ssl.crt +#SSLCACertificateFile conf/ssl/ca-bundle.crt + +# Certificate Revocation Lists (CRL): +# Set the CA revocation path where to find CA CRLs for client +# authentication or alternatively one huge file containing all +# of them (file must be PEM encoded) +# Note: Inside SSLCARevocationPath you need hash symlinks +# to point to the certificate files. Use the provided +# Makefile to update the hash symlinks after changes. +#SSLCARevocationPath conf/ssl/ssl.crl +#SSLCARevocationFile conf/ssl/ca-bundle.crl + +# Client Authentication (Type): +# Client certificate verification type and depth. Types are +# none, optional, require and optional_no_ca. Depth is a +# number which specifies how deeply to verify the certificate +# issuer chain before deciding the certificate is not valid. +#SSLVerifyClient require +#SSLVerifyDepth 10 + +# Access Control: +# With SSLRequire you can do per-directory access control based +# on arbitrary complex boolean expressions containing server +# variable checks and other lookup directives. The syntax is a +# mixture between C and Perl. See the mod_ssl documentation +# for more details. +# +#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ +# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ +# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ +# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ +# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ +# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ +# + +# SSL Engine Options: +# Set various options for the SSL engine. +# o FakeBasicAuth: +# Translate the client X.509 into a Basic Authorisation. This means that +# the standard Auth/DBMAuth methods can be used for access control. The +# user name is the `one line' version of the client's X.509 certificate. +# Note that no password is obtained from the user. Every entry in the user +# file needs this password: `xxj31ZMTZzkVA'. +# o ExportCertData: +# This exports two additional environment variables: SSL_CLIENT_CERT and +# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the +# server (always existing) and the client (only existing when client +# authentication is used). This can be used to import the certificates +# into CGI scripts. +# o StdEnvVars: +# This exports the standard SSL/TLS related `SSL_*' environment variables. +# Per default this exportation is switched off for performance reasons, +# because the extraction step is an expensive operation and is usually +# useless for serving static content. So one usually enables the +# exportation for CGI and SSI requests only. +# o CompatEnvVars: +# This exports obsolete environment variables for backward compatibility +# to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this +# to provide compatibility to existing CGI scripts. +# o StrictRequire: +# This denies access when "SSLRequireSSL" or "SSLRequire" applied even +# under a "Satisfy any" situation, i.e. when it applies access is denied +# and no other module can change it. +# o OptRenegotiate: +# This enables optimized SSL connection renegotiation handling when SSL +# directives are used in per-directory context. +#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire + + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + +# SSL Protocol Adjustments: +# The safe and default but still SSL/TLS standard compliant shutdown +# approach is that mod_ssl sends the close notify alert but doesn't wait for +# the close notify alert from client. When you need a different shutdown +# approach you can use one of the following variables: +# o ssl-unclean-shutdown: +# This forces an unclean shutdown when the connection is closed, i.e. no +# SSL close notify alert is send or allowed to received. This violates +# the SSL/TLS standard but is needed for some brain-dead browsers. Use +# this when you receive I/O errors because of the standard approach where +# mod_ssl sends the close notify alert. +# o ssl-accurate-shutdown: +# This forces an accurate shutdown when the connection is closed, i.e. a +# SSL close notify alert is send and mod_ssl waits for the close notify +# alert of the client. This is 100% SSL/TLS standard compliant, but in +# practice often causes hanging connections with brain-dead browsers. Use +# this only for browsers where you know that their SSL implementation +# works correctly. +# Notice: Most problems of broken clients are also related to the HTTP +# keep-alive facility, so you usually additionally want to disable +# keep-alive for those clients, too. Use variable "nokeepalive" for this. +# Similarly, one has to force some clients to use HTTP/1.0 to workaround +# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and +# "force-response-1.0" for this. + + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + +# Per-Server Logging: +# The home of a custom SSL log file. Use this when you want a +# compact non-error SSL logfile on a virtual host basis. + +CustomLog logs/ssl_request.log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + +RewriteEngine On +RewriteOptions inherit + + + + + + + + +@ diff --git a/apache2/sarah/modules.d/45_mod_dav.conf b/apache2/sarah/modules.d/45_mod_dav.conf new file mode 100644 index 0000000..36f6b9c --- /dev/null +++ b/apache2/sarah/modules.d/45_mod_dav.conf @@ -0,0 +1,19 @@ + +DavLockDB "/var/lib/dav/lockdb" + +# The following directives disable redirects on non-GET requests for +# a directory that does not include the trailing slash. This fixes a +# problem with several clients that do not appropriately handle +# redirects for folders with DAV methods. + +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[012345678]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/45_mod_dav.conf,v b/apache2/sarah/modules.d/45_mod_dav.conf,v new file mode 100644 index 0000000..325bcc1 --- /dev/null +++ b/apache2/sarah/modules.d/45_mod_dav.conf,v @@ -0,0 +1,103 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.10.08.40.16; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.02.04.10.56.54; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +DavLockDB "/var/lib/dav/lockdb" + +# The following directives disable redirects on non-GET requests for +# a directory that does not include the trailing slash. This fixes a +# problem with several clients that do not appropriately handle +# redirects for folders with DAV methods. + +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[012345678]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@a1 2 + + +a3 34 +# The following example gives DAV write access to a directory called +# "uploads" under the ServerRoot directory. + + + +Alias /uploads "/var/www/uploads" + + + Dav On + + AuthType Digest + AuthName DAV-upload + + # You can use the htdigest program to create the password database: + # htdigest -c "/var/www/.htpasswd-dav" DAV-upload admin + AuthUserFile "/var/www/.htpasswd-dav" + + # Allow access from any host + Order allow,deny + Allow from all + + # Allow universal read-access, but writes are restricted + # to the admin user. + + require user admin + + + + + + + + + +d5 2 +a6 2 +# a directory that does not include the trailing slash. This fixes a +# problem with several clients that do not appropriately handle +d12 1 +a12 1 +BrowserMatch "^WebDAVFS/1.[012345]" redirect-carefully +a16 1 + +@ diff --git a/apache2/sarah/modules.d/46_mod_ldap.conf b/apache2/sarah/modules.d/46_mod_ldap.conf new file mode 100644 index 0000000..c2893f8 --- /dev/null +++ b/apache2/sarah/modules.d/46_mod_ldap.conf @@ -0,0 +1,20 @@ +# Examples below are taken from the online documentation +# Refer to: +# http://localhost/manual/mod/mod_ldap.html +# http://localhost/manual/mod/mod_auth_ldap.html + +LDAPSharedCacheSize 200000 +LDAPCacheEntries 1024 +LDAPCacheTTL 600 +LDAPOpCacheEntries 1024 +LDAPOpCacheTTL 600 + + + SetHandler ldap-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/46_mod_ldap.conf,v b/apache2/sarah/modules.d/46_mod_ldap.conf,v new file mode 100644 index 0000000..8984679 --- /dev/null +++ b/apache2/sarah/modules.d/46_mod_ldap.conf,v @@ -0,0 +1,68 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.10.08.40.16; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.02.04.10.56.54; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# Examples below are taken from the online documentation +# Refer to: +# http://localhost/manual/mod/mod_ldap.html +# http://localhost/manual/mod/mod_auth_ldap.html + +LDAPSharedCacheSize 200000 +LDAPCacheEntries 1024 +LDAPCacheTTL 600 +LDAPOpCacheEntries 1024 +LDAPOpCacheTTL 600 + + + SetHandler ldap-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@a5 1 + +a17 8 + + + + + + #AuthLDAPURL ldap://ldap1.airius.com:389/ou=People, o=Airius?uid?sub?(objectClass=*) + #require valid-user + +@ diff --git a/apache2/sarah/modules.d/47_mod_dav_svn.conf b/apache2/sarah/modules.d/47_mod_dav_svn.conf new file mode 100644 index 0000000..a249738 --- /dev/null +++ b/apache2/sarah/modules.d/47_mod_dav_svn.conf @@ -0,0 +1,28 @@ + + + LoadModule dav_svn_module modules/mod_dav_svn.so + + + + DAV svn + SVNParentPath /var/lib/svn-repos + #SVNPath /var/svn/repos + AuthType Basic + AuthName "Subversion repository" + #AuthUserFile /var/svn/conf/svnusers + AuthUserFile /etc/apache2/svnusers + + Require valid-user + + + + + SVNIndexXSLT /repo-browser/books/svnindex.xsl + + + + + LoadModule authz_svn_module modules/mod_authz_svn.so + + + diff --git a/apache2/sarah/modules.d/47_mod_dav_svn.conf,v b/apache2/sarah/modules.d/47_mod_dav_svn.conf,v new file mode 100644 index 0000000..43d2cc7 --- /dev/null +++ b/apache2/sarah/modules.d/47_mod_dav_svn.conf,v @@ -0,0 +1,66 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.01.16.16.06.49; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.09.09.12.40.48; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + + LoadModule dav_svn_module modules/mod_dav_svn.so + + + + DAV svn + SVNParentPath /var/lib/svn-repos + #SVNPath /var/svn/repos + AuthType Basic + AuthName "Subversion repository" + #AuthUserFile /var/svn/conf/svnusers + AuthUserFile /etc/apache2/svnusers + + Require valid-user + + + + + SVNIndexXSLT /repo-browser/books/svnindex.xsl + + + + + LoadModule authz_svn_module modules/mod_authz_svn.so + + + +@ + + +1.1 +log +@Initial revision +@ +text +@d19 4 +@ diff --git a/apache2/sarah/modules.d/70_mod_php5.conf b/apache2/sarah/modules.d/70_mod_php5.conf new file mode 100644 index 0000000..50911ad --- /dev/null +++ b/apache2/sarah/modules.d/70_mod_php5.conf @@ -0,0 +1,17 @@ + + # Load the module first + + LoadModule php5_module modules/libphp5.so + + + # Set it to handle the files + + SetHandler application/x-httpd-php + + + + SetHandler application/x-httpd-php-source + + + DirectoryIndex index.php index.phtml + diff --git a/apache2/sarah/modules.d/70_mod_php5.conf,v b/apache2/sarah/modules.d/70_mod_php5.conf,v new file mode 100644 index 0000000..7e6fc88 --- /dev/null +++ b/apache2/sarah/modules.d/70_mod_php5.conf,v @@ -0,0 +1,64 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.16.11.33.05; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.03.11.12.57.16; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + # Load the module first + + LoadModule php5_module modules/libphp5.so + + + # Set it to handle the files + + SetHandler application/x-httpd-php + + + + SetHandler application/x-httpd-php-source + + + DirectoryIndex index.php index.phtml + +@ + + +1.1 +log +@Initial revision +@ +text +@d8 7 +a14 8 + + AddType application/x-httpd-php .php + AddType application/x-httpd-php .phtml + AddType application/x-httpd-php .php3 + AddType application/x-httpd-php .php4 + AddType application/x-httpd-php .php5 + AddType application/x-httpd-php-source .phps + +@ diff --git a/apache2/sarah/modules.d/75_mod_perl.conf b/apache2/sarah/modules.d/75_mod_perl.conf new file mode 100644 index 0000000..a68fcca --- /dev/null +++ b/apache2/sarah/modules.d/75_mod_perl.conf @@ -0,0 +1,51 @@ + +LoadModule perl_module modules/mod_perl.so + +#PerlTrace all +PerlRequire "/etc/apache2/modules.d/apache2-mod_perl-startup.pl" +PerlModule ModPerl::Registry + +# Provide two aliases to the same cgi-bin directory, to see the effects of the +# 2 different mod_perl modes for Apache2::Registry Mode +Alias /perl/ /var/www/localhost/perl/ +# for Apache2::Perlrun Mode +Alias /cgi-perl/ /var/www/localhost/perl/ + + + SetHandler perl-script + PerlResponseHandler Apache2::Status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from 194.97.188.108 + + + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlOptions +ParseHeaders + + +# set Apache::Registry Mode for /perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + +# set Apache::PerlRun Mode for /cgi-perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/75_mod_perl.conf,v b/apache2/sarah/modules.d/75_mod_perl.conf,v new file mode 100644 index 0000000..0935af9 --- /dev/null +++ b/apache2/sarah/modules.d/75_mod_perl.conf,v @@ -0,0 +1,145 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2008.02.11.10.10.59; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.09.17.11.01.40; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +LoadModule perl_module modules/mod_perl.so + +#PerlTrace all +PerlRequire "/etc/apache2/modules.d/apache2-mod_perl-startup.pl" +PerlModule ModPerl::Registry + +# Provide two aliases to the same cgi-bin directory, to see the effects of the +# 2 different mod_perl modes for Apache2::Registry Mode +Alias /perl/ /var/www/localhost/perl/ +# for Apache2::Perlrun Mode +Alias /cgi-perl/ /var/www/localhost/perl/ + + + SetHandler perl-script + PerlResponseHandler Apache2::Status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from 194.97.188.108 + + + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlOptions +ParseHeaders + + +# set Apache::Registry Mode for /perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + +# set Apache::PerlRun Mode for /cgi-perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d2 47 +a48 3 + + LoadModule perl_module modules/mod_perl.so + +d51 1 +a51 50 + + #PerlTrace all + PerlRequire "/etc/apache2/modules.d/apache2-mod_perl-startup.pl" + + #Provide two aliases to the same cgi-bin directory, + #to see the effects of the 2 different mod_perl modes + #for Apache2::Registry Mode + Alias /perl/ /var/www/localhost/perl/ + #for Apache2::Perlrun Mode + Alias /cgi-perl/ /var/www/localhost/perl/ + + + + SetHandler perl-script + PerlResponseHandler Apache2::Status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlOptions +ParseHeaders + + + PerlModule ModPerl::Registry + #set Apache::Registry Mode for /perl Alias + # To set subdirectories to use perl set the following + # and comment the orignial: + # + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + + + #set Apache::PerlRun Mode for /cgi-perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + + + + +@ diff --git a/apache2/sarah/modules.d/76_mod_apreq.conf b/apache2/sarah/modules.d/76_mod_apreq.conf new file mode 100644 index 0000000..15d925d --- /dev/null +++ b/apache2/sarah/modules.d/76_mod_apreq.conf @@ -0,0 +1,13 @@ + +LoadModule apreq_module modules/mod_apreq2.so + +# load the Perl modules +# uncomment the ones you require +#PerlModule APR::Request::Apache2 +#PerlModule APR::Request::CGI +#PerlModule APR::Request::Cookie +#PerlModule Apache2::Cookie +#PerlModule Apache2::Request + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/modules.d/76_mod_apreq.conf,v b/apache2/sarah/modules.d/76_mod_apreq.conf,v new file mode 100644 index 0000000..bb51c45 --- /dev/null +++ b/apache2/sarah/modules.d/76_mod_apreq.conf,v @@ -0,0 +1,63 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.10.10.10.22; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.01.21.10.37.06; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ +LoadModule apreq_module modules/mod_apreq2.so + +# load the Perl modules +# uncomment the ones you require +#PerlModule APR::Request::Apache2 +#PerlModule APR::Request::CGI +#PerlModule APR::Request::Cookie +#PerlModule Apache2::Cookie +#PerlModule Apache2::Request + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 + LoadModule apreq_module modules/mod_apreq2.so +d4 7 +a10 7 + # load the Perl modules + # uncomment the ones you require + #PerlModule APR::Request::Apache2 + #PerlModule APR::Request::CGI + #PerlModule APR::Request::Cookie + #PerlModule Apache2::Cookie + #PerlModule Apache2::Request +d12 2 +@ diff --git a/apache2/sarah/modules.d/99_nagios3.conf b/apache2/sarah/modules.d/99_nagios3.conf new file mode 100644 index 0000000..074f9ce --- /dev/null +++ b/apache2/sarah/modules.d/99_nagios3.conf @@ -0,0 +1,15 @@ + + ScriptAlias /nagios/cgi-bin/ /usr/lib/nagios/cgi-bin/ + + AllowOverride AuthConfig + Options ExecCGI + Order allow,deny + Allow from all + + Alias /nagios /usr/share/nagios/htdocs + + AllowOverride AuthConfig + Order allow,deny + Allow from all + + diff --git a/apache2/sarah/modules.d/99_nagios3.conf,v b/apache2/sarah/modules.d/99_nagios3.conf,v new file mode 100644 index 0000000..fbc36cd --- /dev/null +++ b/apache2/sarah/modules.d/99_nagios3.conf,v @@ -0,0 +1,39 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.05.26.16.47.41; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + ScriptAlias /nagios/cgi-bin/ /usr/lib/nagios/cgi-bin/ + + AllowOverride AuthConfig + Options ExecCGI + Order allow,deny + Allow from all + + Alias /nagios /usr/share/nagios/htdocs + + AllowOverride AuthConfig + Order allow,deny + Allow from all + + +@ diff --git a/apache2/sarah/modules.d/apache2-mod_perl-startup.pl b/apache2/sarah/modules.d/apache2-mod_perl-startup.pl new file mode 100644 index 0000000..afc048a --- /dev/null +++ b/apache2/sarah/modules.d/apache2-mod_perl-startup.pl @@ -0,0 +1,24 @@ +use lib qw(/home/httpd/perl); + +# enable if the mod_perl 1.0 compatibility is needed +#use Apache2::compat (); + +use ModPerl::Util (); #for CORE::GLOBAL::exit + +use Apache2::RequestRec (); +use Apache2::RequestIO (); +use Apache2::RequestUtil (); + +use Apache2::ServerRec (); +use Apache2::ServerUtil (); +use Apache2::Connection (); +use Apache2::Log (); + +use APR::Table (); + +use ModPerl::Registry (); + +use Apache2::Const -compile => ':common'; +use APR::Const -compile => ':common'; + +1; diff --git a/apache2/sarah/modules.d/apache2-mod_perl-startup.pl,v b/apache2/sarah/modules.d/apache2-mod_perl-startup.pl,v new file mode 100644 index 0000000..e564691 --- /dev/null +++ b/apache2/sarah/modules.d/apache2-mod_perl-startup.pl,v @@ -0,0 +1,48 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.02.11.09.56.49; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@use lib qw(/home/httpd/perl); + +# enable if the mod_perl 1.0 compatibility is needed +#use Apache2::compat (); + +use ModPerl::Util (); #for CORE::GLOBAL::exit + +use Apache2::RequestRec (); +use Apache2::RequestIO (); +use Apache2::RequestUtil (); + +use Apache2::ServerRec (); +use Apache2::ServerUtil (); +use Apache2::Connection (); +use Apache2::Log (); + +use APR::Table (); + +use ModPerl::Registry (); + +use Apache2::Const -compile => ':common'; +use APR::Const -compile => ':common'; + +1; +@ diff --git a/apache2/sarah/myadmin.passwd b/apache2/sarah/myadmin.passwd new file mode 100644 index 0000000..4f0bda9 --- /dev/null +++ b/apache2/sarah/myadmin.passwd @@ -0,0 +1,3 @@ +frank:$apr1$zB6Pu...$vLDDEaRqTxL7zLx.BI9sW1 +taurec:$apr1$aIByn.zw$HuqtNPuXReU4CqFQ21D0m1 +root:vpelAtjjy02yo diff --git a/apache2/sarah/ssl/myadmin-cert.pem b/apache2/sarah/ssl/myadmin-cert.pem new file mode 100644 index 0000000..cf5de34 --- /dev/null +++ b/apache2/sarah/ssl/myadmin-cert.pem @@ -0,0 +1,37 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQC0+qDrRPNPHnd/sD2Vp6ZRy87g0X22CpVMLZpjj2tEKPyf1N/t +VoiHdOHSVLJZrmBf26A5MknUENgEFHqvjO3dPFV7x/VL9OzrrGKS5QBEoaDGheAp +Qow/FKMYA93uFGiG4jcoC7gj+uA3zNeU+fUSHHbqEf9hm+cBtOKG7XVb5QIDAQAB +AoGAJrrP/ylFTHQ/rILB2yoCjNSp1DDgzzlak+/ab1383ZxL28SJm1f+ZcacoQ9h +D5Iiq8Dre/IIHKryH4Vmb/Uf3fFlLbfDcalIIZRKlLmJ43oahUI4aPRthaEN+t2X +4PgL0uQ/4BeCs32ivGz+QWjgx2tuxIkIv7B+JYjyjJ/9QoECQQDd2QCnd70OcQVT +0EYkWKOkRohjiuM4M+vtN7jiiWDmAsKGFaQwNnUCIMl1nGph00DBz2cyb9XvF0Cb +hcrjC5fFAkEA0Nb/Absi8Clz9tdjOE+hWthUIkQhdtCJ8Hdm4JdUUvsGH+GyKJfh +Fq3CyNzTsFBk8eoeEJ6zY7FKEZpmwJTVoQJBAIeC5kNlgLYxk29+6VmKS2stKmKj +k+fgz1w3jVfTUr0tMmV1ErXgjdie7nBI+zKGOCgq6H6GkcdaDLzzHNtTWYECQQCS +SKbjPYQhmcfC9ehoP08U5Uc5oWOXaEfXCqwjUZ0davxFRMCYsppWWmyAaj5V2Fp9 +IbLhjWi2wi7R2cdzyk1BAkB6cOePmPRIIggpl12rKor1Uw+PFWf94tQZRjOPAhWW +H10M7NiPZSzh1UUDlhiNsV220TKzr+XN9idDCxq1ho58 +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIC4zCCAkygAwIBAgIJAN/wUh5zk64nMA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDjAMBgNV +BAoTBUJyZWhtMRwwGgYDVQQLExNGcmFuayBCcmVobSBTU0wgS2V5MSEwHwYDVQQD +ExhteWFkbWluLmJyZWhtLW9ubGluZS5jb20xJTAjBgkqhkiG9w0BCQEWFmZyYW5r +QGJyZWhtLW9ubGluZS5jb20wHhcNMDYxMjA4MjIzNjU5WhcNMTIwMTI2MjIzNjU5 +WjCBpzELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVy +bGluMQ4wDAYDVQQKEwVCcmVobTEcMBoGA1UECxMTRnJhbmsgQnJlaG0gU1NMIEtl +eTEhMB8GA1UEAxMYbXlhZG1pbi5icmVobS1vbmxpbmUuY29tMSUwIwYJKoZIhvcN +AQkBFhZmcmFua0BicmVobS1vbmxpbmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQC0+qDrRPNPHnd/sD2Vp6ZRy87g0X22CpVMLZpjj2tEKPyf1N/tVoiH +dOHSVLJZrmBf26A5MknUENgEFHqvjO3dPFV7x/VL9OzrrGKS5QBEoaDGheApQow/ +FKMYA93uFGiG4jcoC7gj+uA3zNeU+fUSHHbqEf9hm+cBtOKG7XVb5QIDAQABoxUw +EzARBglghkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADgYEAA+PPUJ1IWo+i +lZlDQAOfLscsjv37dJtrvZguPV9aNTSRv1RgJSFseMt/CYjrzxXD2GKhDk8wyE1D +qTy87Os2WXqBKm+6L38hheZoUcIorPwTOmh5KZXwtbyxfmKXg3lXXGDm60E6Pkf7 +O2+jRSctKlQe36TIAZxUpfumY2pVQZA= +-----END CERTIFICATE----- +-----BEGIN DH PARAMETERS----- +MEYCQQDYf1RIczbTmgovRnZ8SA/b9l4b+t0dPW3/CHEUJU93w20YQ3yap6xrWIQk +wVzhsgf+zmajDFpfQU2JJKc35oA7AgEC +-----END DH PARAMETERS----- diff --git a/apache2/sarah/ssl/server.crt b/apache2/sarah/ssl/server.crt new file mode 100644 index 0000000..75dd5dd --- /dev/null +++ b/apache2/sarah/ssl/server.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICFTCCAX6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADBVMRswGQYDVQQKExJBcGFj +aGUgSFRUUCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciB0ZXN0aW5nIHB1cnBvc2VzIG9u +bHkxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0wNjEyMDcxNjUyMjZaFw0wNzEyMDcx +NjUyMjZaMEwxGzAZBgNVBAoTEkFwYWNoZSBIVFRQIFNlcnZlcjEZMBcGA1UECxMQ +VGVzdCBDZXJ0aWZpY2F0ZTESMBAGA1UEAxMJbG9jYWxob3N0MIGfMA0GCSqGSIb3 +DQEBAQUAA4GNADCBiQKBgQDFfirw5vo2iATmlF25libApx1zCMxo+L5AtmxlDOBE +w2l19ky8FEL5kAacZDRH9GbEtEXcOV3CnqJQJRN27hBfpknuAoDxNxLMtU6c7ks2 +2nMcKG8uz4v8gQH+I3dqL0sSgzBKgrxUPYt6Yj2pIXVIfkQfJBqUnC7Vake29hze +dwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAAViLOQsKiz/JNxRFEZKReC5wiV5WrvN +tcgt+/bfDfMFOJMTPZ1WBy6sFfK9s3HcIR8vf0PTKSEEGtcpv9AY8EclacxxaNTW +pDKYx9RA5drqvzVUffSsgYD/yXx2QuUbp9kS2kqjas1Ia84tWaVC5P2BUS+Dezyp +0jP4LpEkcinc +-----END CERTIFICATE----- diff --git a/apache2/sarah/ssl/server.key b/apache2/sarah/ssl/server.key new file mode 100644 index 0000000..248cf85 --- /dev/null +++ b/apache2/sarah/ssl/server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQDFfirw5vo2iATmlF25libApx1zCMxo+L5AtmxlDOBEw2l19ky8 +FEL5kAacZDRH9GbEtEXcOV3CnqJQJRN27hBfpknuAoDxNxLMtU6c7ks22nMcKG8u +z4v8gQH+I3dqL0sSgzBKgrxUPYt6Yj2pIXVIfkQfJBqUnC7Vake29hzedwIDAQAB +AoGAd2ACGMelKt0hCTdZR9rI5d6d4HDLDhB8/6TE9HfKAAaWcqVEUNN2gF9cf5/a +Mjw6+l91ct6CHCfDOOqQT20rG3Wq9W9Pf3ajrN6Ld/ZJcOjZb5MpIXcxQXE826Y2 +7pb7/Oq2sx0VfZAsIEcsJjJfGc2cDTVyAnXXlMbATawyQpECQQDtsyQ6qkvmud78 +xq1dYMT+n0b+fYHCkhOXE+dc9lm0ZVUiL6wGNoIjtdX3KYKPT7JY/T3QV7jJCQeh +eK3cB+MdAkEA1LKVCHgOwLvBE9DubibzWYFYJu2TJb+M84FcRxNXWMxbMrwAuoga +rOgvsxr97qQD2JhuDgmOutK08OGeWnXfowJAXIB6eNoM750lyfkHPm+KOgyB9Eej +V7TBKunz/5lfD3TfzI4Aw+oyevMocScWR+8b2MW0aH+6yYFaFtx/zEDFgQJANRYB +VmTIodf6n5yE9d8o240J2GVxVXmSj3AY/PBZ26LdnDMKJ4QyzDcDOLui5z3ua8/X +oA9InV5bpMdbA47p6wJAHQnx8iZjGB2ZNi1otRUBMjAfQfA9P1j8UBaledUFDy+M +xkIBDKcnJQY3gwzM9HJ5sJKTECM9KDEKY4BnGH2s3A== +-----END RSA PRIVATE KEY----- diff --git a/apache2/sarah/ssl/webmail-cert.pem b/apache2/sarah/ssl/webmail-cert.pem new file mode 100644 index 0000000..fd2de1c --- /dev/null +++ b/apache2/sarah/ssl/webmail-cert.pem @@ -0,0 +1,37 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCsrn1fttalMjRvpAVCkc/CCtprt8ifRyXuiq0njfw5x//eNjxg +G551XNrNHOUagA3gwXFJaU9ZnjYx0nnzqhIzV3ZySbxXcDM7yDwFsygCgvLlAiO9 +hiyjGnMGx83Bm+fAYt/UgyXw1Ur7QjbbKlhZvaIFZprZL3YavjhgQg64dwIDAQAB +AoGBAKuJEgYYjJTBkJEuMAN28RjiyyKiCGsgtC+IFoXqZ5nGcQf+fG9EQF55hOio +QXXXqvGPd8fjEu4FWfSYDojccwJnizcrt8bpSQW3tEr8/wsqX4UJhV8N+gk4+HTM +8ZpATdqp6q21BkkYcnMK6fqYjt4ekhLsbJk+IR5lLzKxy/IRAkEA1+lCM3miOVmD +MMXFUKltLtuDthZQw8p4tQ4/k1u0OfwU+PQlKY4F1AgLFqtkHoWJwWvUnMvT5+9F +AB6njPi5owJBAMy+btu+jow8ix+nII09BAJQDfe+Fa1ngkFV+FRTsrpTcF4MNt+l +L2BwwFkbsAnoGWU6B83UUJZ4TparR5hUmx0CQHN94luGhLAIoZRFNfafqjeWVC3i +YfFZLJgstvUr6Ivbu5wvfHFt9tAkPUozA6sP41ADTgdRQFigNFiMDTPrF+ECQGIC +VvcCBSLEaKTCUCbMKnsg707Ew4O6pPO5v6I+XrQq9QNQPYRZgpBb6Pe+9UoIvP9k +BBBXriwZcyVU4HTfK1ECQQDV0JEKQ3r5eKPPWaefKGYUtrWHh8KpNT8oujVMSWxG +0OazqbiyHhucgmLsbi6JCrAEGhFJBYZ32chVnmLlXTpb +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIC1zCCAkCgAwIBAgIJAPNANtEQARp7MA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDjAMBgNV +BAoTBUJyZWhtMRYwFAYDVQQLEw1CcmVobSBTU0wgS2V5MSEwHwYDVQQDExh3ZWJt +YWlsLmJyZWhtLW9ubGluZS5jb20xJTAjBgkqhkiG9w0BCQEWFmZyYW5rQGJyZWht +LW9ubGluZS5jb20wHhcNMDYxMjA4MjIzNjU5WhcNMTIwMTI2MjIzNjU5WjCBoTEL +MAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ4w +DAYDVQQKEwVCcmVobTEWMBQGA1UECxMNQnJlaG0gU1NMIEtleTEhMB8GA1UEAxMY +d2VibWFpbC5icmVobS1vbmxpbmUuY29tMSUwIwYJKoZIhvcNAQkBFhZmcmFua0Bi +cmVobS1vbmxpbmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsrn1f +ttalMjRvpAVCkc/CCtprt8ifRyXuiq0njfw5x//eNjxgG551XNrNHOUagA3gwXFJ +aU9ZnjYx0nnzqhIzV3ZySbxXcDM7yDwFsygCgvLlAiO9hiyjGnMGx83Bm+fAYt/U +gyXw1Ur7QjbbKlhZvaIFZprZL3YavjhgQg64dwIDAQABoxUwEzARBglghkgBhvhC +AQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADgYEAFGM8hI3QLDFaZYuiOMUyZpf1G4Pi +OaFpA+syrqmcZXvVM+ioiRU1+Mbu0FFku0Ac9WWAwMyjIFh4ZQQYWfoEsQrH/hBJ +BkD4zNAhjjPIuJ8iDs1sUqw91yq5UUeRQAzY3/rFZHvbeswQUDVOJaCSYuOt1gOc +oZYY42gyvdmBnWc= +-----END CERTIFICATE----- +-----BEGIN DH PARAMETERS----- +MEYCQQCZLOhh5tHEUjvRnBolCP22LO27aCcqwCfLPtGICExFfUi6dt1uxeTWh3Od +Kr4x2UXbRAyuc7f0/akmlV2iXLNrAgEC +-----END DH PARAMETERS----- diff --git a/apache2/sarah/svnusers b/apache2/sarah/svnusers new file mode 100644 index 0000000..18db74d --- /dev/null +++ b/apache2/sarah/svnusers @@ -0,0 +1 @@ +frank:$apr1$i6kSY/..$U8o7IvhHKvwnVTERFfhB80 diff --git a/apache2/sarah/vhosts.d/.old/07_groupoffice.conf.not_used b/apache2/sarah/vhosts.d/.old/07_groupoffice.conf.not_used new file mode 100644 index 0000000..74572cd --- /dev/null +++ b/apache2/sarah/vhosts.d/.old/07_groupoffice.conf.not_used @@ -0,0 +1,50 @@ + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName groupoffice.brehm-online.com + ServerAlias groupoffice + ServerAlias groupoffice.brehm-online.eu + ServerAlias groupoffice.brehm-berlin.de + + DocumentRoot /var/www/groupoffice/htdocs + + ErrorLog /var/log/apache2/groupoffice-error.log + CustomLog /var/log/apache2/groupoffice-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + + + + + + diff --git a/apache2/sarah/vhosts.d/.old/08_sy.conf.not_used b/apache2/sarah/vhosts.d/.old/08_sy.conf.not_used new file mode 100644 index 0000000..5e13256 --- /dev/null +++ b/apache2/sarah/vhosts.d/.old/08_sy.conf.not_used @@ -0,0 +1,87 @@ + + + + ServerName sy.uhu-banane.net + ServerAlias sy + ServerAlias sy.brehm-online.eu + ServerAlias sy.brehm-berlin.de + + DocumentRoot /home/thomas/sy/htdocs + + ErrorLog /var/log/apache2/sy-error.log + CustomLog /var/log/apache2/sy-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_flag allow_url_fopen On + + + ########################### + # REWRITE-Definitionen ... + + RewriteEngine on + # RewriteLog /data/www/shopyoo/devel/log/rewrite.log + # RewriteLogLevel 2 + + # Neue Rewrite Rule mittels Rewrite Map + # http://www.shopyoo.www/Shopkatalog/Auto-Verkehr-c_0_0_0_0_sy.html + RewriteMap basis_url prg:/home/thomas/sy/bin/url_new.pl + RewriteRule ^([^_]*)([^_]*)_([^_]*)_([^_]*)_([^_]*)_([^_]*)_sy[a-zA-Z0-9]{0,2}\.html$ ${basis_url:%{REQUEST_URI}} [NE,PT,L] + + # Alte Rewrite Rule + # http://shopyoo.de/sy/$timestamp/$xs_id/$xm_id/$sc_id/$xd_id/$xd_type/$x_tmp1/$x_tmp2/$path/$file + + RewriteCond %{REQUEST_URI} ^/sy/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/.+\.html$ + # @shopyoo.com aus den Pfadangaben rausschmeißen + RewriteRule "^/sy/(.*)@shopyoo.com/(.*)$" "/sy/$1/$2" [NE,N] + RewriteRule ^/sy/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/(.+)\.html$ \ + /$9.php?timestamp=$1&xs_id=$2&xm_id=$3&sc_id=$4&xd_id=$5&xd_type=$6&x_tmp1=$7&x_tmp2=$8 [NE,PT,L] + # NE: noescape + # PT: passthrough + # L: Last (rewrite rule) + # N: Next + + # Neue Rewrite Rule + # http://shopyoo.de/sy/$path/$timestamp/$file[-.php]-$xs_id-$xm_id-$sc_id-$xd_id-$xd_type-$x_tmp1-$x_tmp2[+.html] + # besser: + # http://shopyoo.de/sy/$path/$file[-.php]-$timestamp-$xs_id-$xm_id-$sc_id-$xd_id-$xd_type-$x_tmp1-$x_tmp2[+.html] + + RewriteCond %{REQUEST_URI} ^/sy/[^-]+-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*\.html$ + RewriteRule "^/sy/(.*)@shopyoo.com/(.*)$" "/sy/$1/$2" [NE,N] + RewriteRule ^/sy/([^-]+)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)\.html$ \ + /$1.php?timestamp=$2&xs_id=$3&xm_id=$4&sc_id=$5&xd_id=$6&xd_type=$7&x_tmp1=$8&x_tmp2=$9 [NE,PT,L] + + # Ganz neue Rewrite Rule + + RewriteCond "%{REQUEST_URI}" "^/ys/[^-]+-[^-]*-[^\-]*/[^-]+-[^-]*-[^/]*/[^/]*/[^/]*/[^/]*/[^-]+-[^-]*-\d+\.html$" + # 1 2 3 4 5 6 7 8 + RewriteRule "^/ys/([^-]+)-[^-]*-([^\-]*)/([^-]+)-[^-]*-([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^-]+)-[^-]*-\d+\.html$" \ + "/$8.php?xs_id=$1&xm_id=$2&sc_id=$3&xd_id=$4&x_tmp3=$5&x_tmp1=$6&x_tmp2=$7" [NE,PT,L] + + + php_value include_path ".:/usr/share/php:/home/thomas/sy/inc" + php_value output_buffering Off + php_value display_errors Off + php_value log_errors On + php_value track_errors On + php_flag register_globals On + php_value error_log /home/thomas/sy/log/error_sy.log + #PHPINIDir "/data/www/shopyoo.de/conf4" + + + + + + diff --git a/apache2/sarah/vhosts.d/.old/08_typo3.conf.not_used b/apache2/sarah/vhosts.d/.old/08_typo3.conf.not_used new file mode 100644 index 0000000..a82bda1 --- /dev/null +++ b/apache2/sarah/vhosts.d/.old/08_typo3.conf.not_used @@ -0,0 +1,32 @@ + + + + ServerName typo3.uhu-banane.net + ServerAlias typo3 + ServerAlias typo3.brehm-online.eu + ServerAlias typo3.brehm-berlin.de + + DocumentRoot /home/thomas/typo3/stable + + ErrorLog /var/log/apache2/typo3-error.log + CustomLog /var/log/apache2/typo3-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_flag allow_url_fopen On + + + + diff --git a/apache2/sarah/vhosts.d/00_default_ssl_vhost.conf b/apache2/sarah/vhosts.d/00_default_ssl_vhost.conf new file mode 100644 index 0000000..05f2a29 --- /dev/null +++ b/apache2/sarah/vhosts.d/00_default_ssl_vhost.conf @@ -0,0 +1,187 @@ + + + +# see bug #178966 why this is in here + +# When we also provide SSL we have to listen to the HTTPS port +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" +Listen 85.214.73.141:443 +Listen 127.0.0.1:443 + +NameVirtualHost *:443 + + + Include /etc/apache2/vhosts.d/default_vhost.include + Include /etc/apache2/vhosts.d/nagios.include + ErrorLog /var/log/apache2/ssl_error.log + + + # TransferLog /var/log/apache2/ssl_access_log + CustomLog /var/log/apache2/ssl_access.log full + + + ## SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + ## SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + ## Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If the certificate + # is encrypted, then you will be prompted for a pass phrase. Note that a + # kill -HUP will prompt again. Keep in mind that if you have both an RSA + # and a DSA certificate you can configure both in parallel (to also allow + # the use of DSA ciphers, etc.) + #SSLCertificateFile /etc/apache2/ssl/server.crt + #SSLCertificateFile /etc/apache2/ssl/server-dsa.crt + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Private Key: + # If the key is not combined with the certificate, use this directive to + # point at the key file. Keep in mind that if you've both a RSA and a DSA + # private key you can configure both in parallel (to also allow the use of + # DSA ciphers, etc.) + #SSLCertificateKeyFile /etc/apache2/ssl/server.key + #SSLCertificateKeyFile /etc/apache2/ssl/server-dsa.key + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the concatenation of + # PEM encoded CA certificates which form the certificate chain for the + # server certificate. Alternatively the referenced file can be the same as + # SSLCertificateFile when the CA certificates are directly appended to the + # server certificate for convinience. + #SSLCertificateChainFile /etc/apache2/ssl/ca.crt + + ## Certificate Authority (CA): + # Set the CA certificate verification path where to find CA certificates + # for client authentication or alternatively one huge file containing all + # of them (file must be PEM encoded). + # Note: Inside SSLCACertificatePath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCACertificatePath /etc/apache2/ssl/ssl.crt + #SSLCACertificateFile /etc/apache2/ssl/ca-bundle.crt + + ## Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client authentication + # or alternatively one huge file containing all of them (file must be PEM + # encoded). + # Note: Inside SSLCARevocationPath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCARevocationPath /etc/apache2/ssl/ssl.crl + #SSLCARevocationFile /etc/apache2/ssl/ca-bundle.crl + + ## Client Authentication (Type): + # Client certificate verification type and depth. Types are none, optional, + # require and optional_no_ca. Depth is a number which specifies how deeply + # to verify the certificate issuer chain before deciding the certificate is + # not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + ## Access Control: + # With SSLRequire you can do per-directory access control based on arbitrary + # complex boolean expressions containing server variable checks and other + # lookup directives. The syntax is a mixture between C and Perl. See the + # mod_ssl documentation for more details. + # + # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + # + + ## SSL Engine Options: + # Set various options for the SSL engine. + + ## FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that the + # standard Auth/DBMAuth methods can be used for access control. The user + # name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + + ## ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server + # (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates into + # CGI scripts. + + ## StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the exportation + # for CGI and SSI requests only. + + ## StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under + # a "Satisfy any" situation, i.e. when it applies access is denied and no + # other module can change it. + + ## OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + ## SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait + # for the close notify alert from client. When you need a different + # shutdown approach you can use one of the following variables: + + ## ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates the + # SSL/TLS standard but is needed for some brain-dead browsers. Use this when + # you receive I/O errors because of the standard approach where mod_ssl + # sends the close notify alert. + + ## ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation works + # correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + + BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + + ## Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a compact + # non-error SSL logfile on a virtual host basis. + + CustomLog /var/log/apache2/ssl_request.log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/vhosts.d/00_default_ssl_vhost.conf,v b/apache2/sarah/vhosts.d/00_default_ssl_vhost.conf,v new file mode 100644 index 0000000..3e3da9a --- /dev/null +++ b/apache2/sarah/vhosts.d/00_default_ssl_vhost.conf,v @@ -0,0 +1,225 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2008.02.18.12.02.41; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.09.11.07.15.35; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + + +# see bug #178966 why this is in here + +# When we also provide SSL we have to listen to the HTTPS port +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" +Listen 85.214.73.141:443 +Listen 127.0.0.1:443 + +NameVirtualHost *:443 + + + Include /etc/apache2/vhosts.d/default_vhost.include + Include /etc/apache2/vhosts.d/nagios.include + ErrorLog /var/log/apache2/ssl_error.log + + + # TransferLog /var/log/apache2/ssl_access_log + CustomLog /var/log/apache2/ssl_access.log full + + + ## SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + ## SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + ## Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If the certificate + # is encrypted, then you will be prompted for a pass phrase. Note that a + # kill -HUP will prompt again. Keep in mind that if you have both an RSA + # and a DSA certificate you can configure both in parallel (to also allow + # the use of DSA ciphers, etc.) + #SSLCertificateFile /etc/apache2/ssl/server.crt + #SSLCertificateFile /etc/apache2/ssl/server-dsa.crt + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Private Key: + # If the key is not combined with the certificate, use this directive to + # point at the key file. Keep in mind that if you've both a RSA and a DSA + # private key you can configure both in parallel (to also allow the use of + # DSA ciphers, etc.) + #SSLCertificateKeyFile /etc/apache2/ssl/server.key + #SSLCertificateKeyFile /etc/apache2/ssl/server-dsa.key + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the concatenation of + # PEM encoded CA certificates which form the certificate chain for the + # server certificate. Alternatively the referenced file can be the same as + # SSLCertificateFile when the CA certificates are directly appended to the + # server certificate for convinience. + #SSLCertificateChainFile /etc/apache2/ssl/ca.crt + + ## Certificate Authority (CA): + # Set the CA certificate verification path where to find CA certificates + # for client authentication or alternatively one huge file containing all + # of them (file must be PEM encoded). + # Note: Inside SSLCACertificatePath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCACertificatePath /etc/apache2/ssl/ssl.crt + #SSLCACertificateFile /etc/apache2/ssl/ca-bundle.crt + + ## Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client authentication + # or alternatively one huge file containing all of them (file must be PEM + # encoded). + # Note: Inside SSLCARevocationPath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCARevocationPath /etc/apache2/ssl/ssl.crl + #SSLCARevocationFile /etc/apache2/ssl/ca-bundle.crl + + ## Client Authentication (Type): + # Client certificate verification type and depth. Types are none, optional, + # require and optional_no_ca. Depth is a number which specifies how deeply + # to verify the certificate issuer chain before deciding the certificate is + # not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + ## Access Control: + # With SSLRequire you can do per-directory access control based on arbitrary + # complex boolean expressions containing server variable checks and other + # lookup directives. The syntax is a mixture between C and Perl. See the + # mod_ssl documentation for more details. + # + # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + # + + ## SSL Engine Options: + # Set various options for the SSL engine. + + ## FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that the + # standard Auth/DBMAuth methods can be used for access control. The user + # name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + + ## ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server + # (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates into + # CGI scripts. + + ## StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the exportation + # for CGI and SSI requests only. + + ## StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under + # a "Satisfy any" situation, i.e. when it applies access is denied and no + # other module can change it. + + ## OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + ## SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait + # for the close notify alert from client. When you need a different + # shutdown approach you can use one of the following variables: + + ## ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates the + # SSL/TLS standard but is needed for some brain-dead browsers. Use this when + # you receive I/O errors because of the standard approach where mod_ssl + # sends the close notify alert. + + ## ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation works + # correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + + BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + + ## Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a compact + # non-error SSL logfile on a virtual host basis. + + CustomLog /var/log/apache2/ssl_request.log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d16 1 +@ diff --git a/apache2/sarah/vhosts.d/00_default_vhost.conf b/apache2/sarah/vhosts.d/00_default_vhost.conf new file mode 100644 index 0000000..05a47e0 --- /dev/null +++ b/apache2/sarah/vhosts.d/00_default_vhost.conf @@ -0,0 +1,50 @@ +# Virtual Hosts +# +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + + +# see bug #178966 why this is in here + +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 127.0.0.1:80 +Listen 85.214.73.141:80 + +# Use name-based virtual hosting. +NameVirtualHost *:80 + +# When virtual hosts are enabled, the main host defined in the default +# httpd.conf configuration will go away. We redefine it here so that it is +# still available. +# +# If you disable this vhost by removing -D DEFAULT_VHOST from +# /etc/conf.d/apache2, the first defined virtual host elsewhere will be +# the default. + + ServerName www.brehm-online.com + Include /etc/apache2/vhosts.d/default_vhost.include + Include /etc/apache2/vhosts.d/nagios.include + + + ServerEnvironment apache apache + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/sarah/vhosts.d/00_default_vhost.conf,v b/apache2/sarah/vhosts.d/00_default_vhost.conf,v new file mode 100644 index 0000000..d58366d --- /dev/null +++ b/apache2/sarah/vhosts.d/00_default_vhost.conf,v @@ -0,0 +1,266 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2008.02.18.12.02.10; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2007.09.11.07.05.41; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.09.09.12.30.28; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@# Virtual Hosts +# +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + + +# see bug #178966 why this is in here + +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 127.0.0.1:80 +Listen 85.214.73.141:80 + +# Use name-based virtual hosting. +NameVirtualHost *:80 + +# When virtual hosts are enabled, the main host defined in the default +# httpd.conf configuration will go away. We redefine it here so that it is +# still available. +# +# If you disable this vhost by removing -D DEFAULT_VHOST from +# /etc/conf.d/apache2, the first defined virtual host elsewhere will be +# the default. + + ServerName www.brehm-online.com + Include /etc/apache2/vhosts.d/default_vhost.include + Include /etc/apache2/vhosts.d/nagios.include + + + ServerEnvironment apache apache + + + + +# vim: ts=4 filetype=apache +@ + + +1.2 +log +@Checked in. +@ +text +@d40 1 +d42 1 +@ + + +1.1 +log +@Initial revision +@ +text +@d1 1 +a1 1 +### Section 3: Virtual Hosts +d3 1 +a3 1 +# VirtualHost: If you want to maintain multiple domains/hostnames on your +d8 2 +a9 2 +# Please see the documentation at +# +d15 14 +a28 1 +# +a29 1 +# +a30 21 +NameVirtualHost *:443 + +# +# VirtualHost example: +# Almost any Apache directive may go into a VirtualHost container. +# The first VirtualHost section is used for requests without a known +# server name. +# +# +# ServerAdmin webmaster@@dummy-host.example.com +# DocumentRoot /www/docs/dummy-host.example.com +# ServerName dummy-host.example.com +# ErrorLog @@rel_logfiledir@@/dummy-host.example.com-error_log +# CustomLog @@rel_logfiledir@@/dummy-host.example.com-access_log common +# + +# +# The First Virtual Host is also your DEFAULT Virtual Host. +# This means any requests that do not match any other vhosts will +# goto this virtual host. +# +d32 7 +a38 1 + +d40 1 +a40 89 + # + # DocumentRoot: The directory out of which you will serve your + # documents. By default, all requests are taken from this directory, but + # symbolic links and aliases may be used to point to other locations. + # + DocumentRoot "/var/www/localhost/htdocs" + + # + # This should be changed to whatever you set DocumentRoot to. + # + + + # + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs-2.0/mod/core.html#options + # for more information. + # + Options Indexes FollowSymLinks + + # + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit + # + AllowOverride None + + # + # Controls who can get stuff from this server. + # + Order allow,deny + Allow from all + + + + # this must match a Processor + ServerEnvironment apache apache + + # these are optional - defaults to the values specified in httpd.conf + MinSpareProcessors 4 + MaxProcessors 20 + + + + # The userid and groupid this VirtualHost will run as + AssignUserID apache apache + + # Optional: A separate MaxClients for the VirtualHost, + # to limit the maximum number of processes + MaxClientsVHost 50 + + # Note that if you do not assign a user ID for your + # VirtualHosts, none will be assigned by default, + # ie. you'll run as root. Don't forget this! + + + + AllowOverride All + + + Alias /Neues_Haus /home/frank/docs/Neues_Haus + Alias /neues_haus /home/frank/docs/Neues_Haus + Alias /Neues-Haus /home/frank/docs/Neues_Haus + Alias /neues-haus /home/frank/docs/Neues_Haus + Alias /NeuesHaus /home/frank/docs/Neues_Haus + Alias /neueshaus /home/frank/docs/Neues_Haus + #Alias /Neues_Haus/ /home/frank/docs/Neues_Haus/ + #Alias /neues_haus/ /home/frank/docs/Neues_Haus/ + #Alias /Neues-Haus/ /home/frank/docs/Neues_Haus/ + #Alias /neues-haus/ /home/frank/docs/Neues_Haus/ + #Alias /NeuesHaus/ /home/frank/docs/Neues_Haus/ + #Alias /neueshaus/ /home/frank/docs/Neues_Haus/ + + + Options Indexes FollowSymLinks + # IndexOptions FancyIndexing FoldersFirst IgnoreCase NameWidth=60 + # IndexOptions FancyIndexing FoldersFirst HTMLTable IgnoreCase NameWidth=50 + # AddDefaultCharset utf-8 + CharsetDefault UTF-8 + AllowOverride All + Order allow,deny + Allow from all + +d42 3 +d46 1 +d48 1 +a48 29 + + + DocumentRoot "/var/www/localhost/htdocs" + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + AllowOverride All + + + + ServerEnvironment apache apache + MinSpareProcessors 4 + MaxProcessors 20 + + + + AssignUserID apache apache + MaxClientsVHost 50 + + + + + +@ diff --git a/apache2/sarah/vhosts.d/01_myadmin.conf b/apache2/sarah/vhosts.d/01_myadmin.conf new file mode 100644 index 0000000..718982b --- /dev/null +++ b/apache2/sarah/vhosts.d/01_myadmin.conf @@ -0,0 +1,55 @@ + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName myadmin.brehm-online.com + ServerAlias myadmin + ServerAlias myadmin.brehm-online.eu + ServerAlias myadmin.brehm-berlin.de + + DocumentRoot /var/www/myadmin/htdocs + + ErrorLog /var/log/apache2/myadmin-error.log + CustomLog /var/log/apache2/myadmin-access.log full + + + php_value session.gc_maxlifetime 3600 + + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpMyadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + diff --git a/apache2/sarah/vhosts.d/01_myadmin.conf,v b/apache2/sarah/vhosts.d/01_myadmin.conf,v new file mode 100644 index 0000000..5024264 --- /dev/null +++ b/apache2/sarah/vhosts.d/01_myadmin.conf,v @@ -0,0 +1,93 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2009.11.24.20.19.01; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.10.31.09.06.42; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName myadmin.brehm-online.com + ServerAlias myadmin + ServerAlias myadmin.brehm-online.eu + ServerAlias myadmin.brehm-berlin.de + + DocumentRoot /var/www/myadmin/htdocs + + ErrorLog /var/log/apache2/myadmin-error.log + CustomLog /var/log/apache2/myadmin-access.log full + + + php_value session.gc_maxlifetime 3600 + + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + AuthType Basic + AuthName "phpMyadmin brehm-online.com" + AuthUserFile /etc/apache2/myadmin.passwd + Require valid-user + + + + + + + + + + +@ + + +1.1 +log +@Initial revision +@ +text +@d33 4 +@ diff --git a/apache2/sarah/vhosts.d/01_vhost.conf b/apache2/sarah/vhosts.d/01_vhost.conf new file mode 100644 index 0000000..e69de29 diff --git a/apache2/sarah/vhosts.d/01_vhost.conf,v b/apache2/sarah/vhosts.d/01_vhost.conf,v new file mode 100644 index 0000000..64db922 --- /dev/null +++ b/apache2/sarah/vhosts.d/01_vhost.conf,v @@ -0,0 +1,245 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2007.10.31.09.09.38; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.10.01.06.17.12; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@@ + + +1.1 +log +@Initial revision +@ +text +@a0 207 + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName myadmin.brehm-online.com + ServerAlias myadmin + ServerAlias myadmin.brehm-online.eu + ServerAlias myadmin.brehm-berlin.de + + DocumentRoot /var/www/myadmin/htdocs + + ErrorLog /var/log/apache2/myadmin-error.log + CustomLog /var/log/apache2/myadmin-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + AuthType Basic + AuthName "phpMyadmin brehm-online.com" + AuthUserFile /etc/apache2/myadmin.passwd + Require valid-user + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName groupoffice.brehm-online.com + ServerAlias groupoffice + ServerAlias groupoffice.brehm-online.eu + ServerAlias groupoffice.brehm-berlin.de + + DocumentRoot /var/www/groupoffice/htdocs + + ErrorLog /var/log/apache2/groupoffice-error.log + CustomLog /var/log/apache2/groupoffice-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + + + + + + + + ServerName typo3.uhu-banane.net + ServerAlias typo3 + ServerAlias typo3.brehm-online.eu + ServerAlias typo3.brehm-berlin.de + + DocumentRoot /home/thomas/typo3/stable + + ErrorLog /var/log/apache2/typo3-error.log + CustomLog /var/log/apache2/typo3-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_flag allow_url_fopen On + + + + + + + ServerName sy.uhu-banane.net + ServerAlias sy + ServerAlias sy.brehm-online.eu + ServerAlias sy.brehm-berlin.de + + DocumentRoot /home/thomas/sy/htdocs + + ErrorLog /var/log/apache2/sy-error.log + CustomLog /var/log/apache2/sy-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_flag allow_url_fopen On + + + ########################### + # REWRITE-Definitionen ... + + RewriteEngine on + # RewriteLog /data/www/shopyoo/devel/log/rewrite.log + # RewriteLogLevel 2 + + # Neue Rewrite Rule mittels Rewrite Map + # http://www.shopyoo.www/Shopkatalog/Auto-Verkehr-c_0_0_0_0_sy.html + RewriteMap basis_url prg:/home/thomas/sy/bin/url_new.pl + RewriteRule ^([^_]*)([^_]*)_([^_]*)_([^_]*)_([^_]*)_([^_]*)_sy[a-zA-Z0-9]{0,2}\.html$ ${basis_url:%{REQUEST_URI}} [NE,PT,L] + + # Alte Rewrite Rule + # http://shopyoo.de/sy/$timestamp/$xs_id/$xm_id/$sc_id/$xd_id/$xd_type/$x_tmp1/$x_tmp2/$path/$file + + RewriteCond %{REQUEST_URI} ^/sy/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/.+\.html$ + # @@shopyoo.com aus den Pfadangaben rausschmeißen + RewriteRule "^/sy/(.*)@@shopyoo.com/(.*)$" "/sy/$1/$2" [NE,N] + RewriteRule ^/sy/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/(.+)\.html$ \ + /$9.php?timestamp=$1&xs_id=$2&xm_id=$3&sc_id=$4&xd_id=$5&xd_type=$6&x_tmp1=$7&x_tmp2=$8 [NE,PT,L] + # NE: noescape + # PT: passthrough + # L: Last (rewrite rule) + # N: Next + + # Neue Rewrite Rule + # http://shopyoo.de/sy/$path/$timestamp/$file[-.php]-$xs_id-$xm_id-$sc_id-$xd_id-$xd_type-$x_tmp1-$x_tmp2[+.html] + # besser: + # http://shopyoo.de/sy/$path/$file[-.php]-$timestamp-$xs_id-$xm_id-$sc_id-$xd_id-$xd_type-$x_tmp1-$x_tmp2[+.html] + + RewriteCond %{REQUEST_URI} ^/sy/[^-]+-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*\.html$ + RewriteRule "^/sy/(.*)@@shopyoo.com/(.*)$" "/sy/$1/$2" [NE,N] + RewriteRule ^/sy/([^-]+)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)\.html$ \ + /$1.php?timestamp=$2&xs_id=$3&xm_id=$4&sc_id=$5&xd_id=$6&xd_type=$7&x_tmp1=$8&x_tmp2=$9 [NE,PT,L] + + # Ganz neue Rewrite Rule + + RewriteCond "%{REQUEST_URI}" "^/ys/[^-]+-[^-]*-[^\-]*/[^-]+-[^-]*-[^/]*/[^/]*/[^/]*/[^/]*/[^-]+-[^-]*-\d+\.html$" + # 1 2 3 4 5 6 7 8 + RewriteRule "^/ys/([^-]+)-[^-]*-([^\-]*)/([^-]+)-[^-]*-([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^-]+)-[^-]*-\d+\.html$" \ + "/$8.php?xs_id=$1&xm_id=$2&sc_id=$3&xd_id=$4&x_tmp3=$5&x_tmp1=$6&x_tmp2=$7" [NE,PT,L] + + + php_value include_path ".:/usr/share/php:/home/thomas/sy/inc" + php_value output_buffering Off + php_value display_errors Off + php_value log_errors On + php_value track_errors On + php_flag register_globals On + php_value error_log /home/thomas/sy/log/error_sy.log + #PHPINIDir "/data/www/shopyoo.de/conf4" + + + + + + +@ diff --git a/apache2/sarah/vhosts.d/02_morph.conf b/apache2/sarah/vhosts.d/02_morph.conf new file mode 100644 index 0000000..982daf7 --- /dev/null +++ b/apache2/sarah/vhosts.d/02_morph.conf @@ -0,0 +1,132 @@ + + + ServerName bmrmorph.de + ServerAlias www.bmrmorph.de + + DocumentRoot /home/morph/htdocs + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName ddr.bmrmorph.de + ServerAlias www.ddr.bmrmorph.de + + DocumentRoot /home/morph/htdocs/ddr.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName allianz-der-schattenritter.de + ServerAlias www.allianz-der-schattenritter.de + + DocumentRoot /home/morph/htdocs/allianz-der-schattenritter.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName webalizer.bmrmorph.de + ServerAlias www.webalizer.bmrmorph.de + + DocumentRoot /home/morph/htdocs/webalizer.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName phpmyadmin.bmrmorph.de + ServerAlias www.phpmyadmin.bmrmorph.de + + DocumentRoot /home/morph/htdocs/phpmyadmin.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + + + + + ServerName reunion.bmrmorph.de + ServerAlias www.reunion.bmrmorph.de + + DocumentRoot /home/morph/htdocs/reunion.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + + + + + ServerName joomla.bmrmorph.de + ServerAlias www.joomla.bmrmorph.de + + DocumentRoot /home/morph/htdocs/joomla.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + diff --git a/apache2/sarah/vhosts.d/02_morph.conf,v b/apache2/sarah/vhosts.d/02_morph.conf,v new file mode 100644 index 0000000..cf2ef5c --- /dev/null +++ b/apache2/sarah/vhosts.d/02_morph.conf,v @@ -0,0 +1,214 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2008.04.22.13.51.40; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2008.02.25.20.39.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.09.09.17.07.28; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@ + + ServerName bmrmorph.de + ServerAlias www.bmrmorph.de + + DocumentRoot /home/morph/htdocs + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName ddr.bmrmorph.de + ServerAlias www.ddr.bmrmorph.de + + DocumentRoot /home/morph/htdocs/ddr.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName ads.bmrmorph.de + ServerAlias www.ads.bmrmorph.de + + DocumentRoot /home/morph/htdocs/ads.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName allianz-der-schattenritter.de + ServerAlias www.allianz-der-schattenritter.de + + DocumentRoot /home/morph/htdocs/allianz-der-schattenritter.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName webalizer.bmrmorph.de + ServerAlias www.webalizer.bmrmorph.de + + DocumentRoot /home/morph/htdocs/webalizer.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName phpmyadmin.bmrmorph.de + ServerAlias www.phpmyadmin.bmrmorph.de + + DocumentRoot /home/morph/htdocs/phpmyadmin.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + + + + + ServerName reunion.bmrmorph.de + ServerAlias www.reunion.bmrmorph.de + + DocumentRoot /home/morph/htdocs/reunion.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + + + + + ServerName joomla.bmrmorph.de + ServerAlias www.joomla.bmrmorph.de + + DocumentRoot /home/morph/htdocs/joomla.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + +@ + + +1.2 +log +@Checked in. +@ +text +@d60 19 +d133 19 +@ + + +1.1 +log +@Initial revision +@ +text +@d41 2 +a42 2 + ServerName cms.bmrmorph.de + ServerAlias www.cms.bmrmorph.de +d44 1 +a44 1 + DocumentRoot /home/morph/htdocs/cms.bmrmorph.de +d49 1 +a49 1 + +d76 38 +@ diff --git a/apache2/sarah/vhosts.d/03_webdav.conf b/apache2/sarah/vhosts.d/03_webdav.conf new file mode 100644 index 0000000..763d962 --- /dev/null +++ b/apache2/sarah/vhosts.d/03_webdav.conf @@ -0,0 +1,69 @@ + + + + + ServerName webdav.brehm-online.com + ServerAlias webdav + ServerAlias webdav.brehm-online.eu + ServerAlias webdav.brehm-berlin.de + + DocumentRoot /var/www/webdav/htdocs + + ErrorLog /var/log/apache2/webdav-error.log + CustomLog /var/log/apache2/webdav-access.log full + + + Options Indexes + Dav On + AllowOverride None + Order allow,deny + Allow from all + Satisfy All + AuthType Basic + AuthName "WebDAV brehm-online.com" + AuthUserFile /etc/apache2/webdav.passwd + + Require valid-user + + + + + + + + ServerName calendar.brehm-online.com + ServerAlias calendar + ServerAlias calendar.brehm-online.eu + ServerAlias calendar.brehm-berlin.de + + DocumentRoot /var/www/calendar/htdocs + + ErrorLog /var/log/apache2/webdav-error.log + CustomLog /var/log/apache2/webdav-access.log full + + + Options Indexes + Dav On + AllowOverride None + Order allow,deny + Allow from all + Satisfy All + AuthType Basic + AuthName "WebDAV brehm-online.com" + AuthUserFile /etc/apache2/webdav.passwd + + Require valid-user + + + + + + # + # Options None + # Dav On + # Require user greg + # + # + + + diff --git a/apache2/sarah/vhosts.d/03_webdav.conf,v b/apache2/sarah/vhosts.d/03_webdav.conf,v new file mode 100644 index 0000000..a81454d --- /dev/null +++ b/apache2/sarah/vhosts.d/03_webdav.conf,v @@ -0,0 +1,93 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.09.09.17.06.30; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + + + ServerName webdav.brehm-online.com + ServerAlias webdav + ServerAlias webdav.brehm-online.eu + ServerAlias webdav.brehm-berlin.de + + DocumentRoot /var/www/webdav/htdocs + + ErrorLog /var/log/apache2/webdav-error.log + CustomLog /var/log/apache2/webdav-access.log full + + + Options Indexes + Dav On + AllowOverride None + Order allow,deny + Allow from all + Satisfy All + AuthType Basic + AuthName "WebDAV brehm-online.com" + AuthUserFile /etc/apache2/webdav.passwd + + Require valid-user + + + + + + + + ServerName calendar.brehm-online.com + ServerAlias calendar + ServerAlias calendar.brehm-online.eu + ServerAlias calendar.brehm-berlin.de + + DocumentRoot /var/www/calendar/htdocs + + ErrorLog /var/log/apache2/webdav-error.log + CustomLog /var/log/apache2/webdav-access.log full + + + Options Indexes + Dav On + AllowOverride None + Order allow,deny + Allow from all + Satisfy All + AuthType Basic + AuthName "WebDAV brehm-online.com" + AuthUserFile /etc/apache2/webdav.passwd + + Require valid-user + + + + + + # + # Options None + # Dav On + # Require user greg + # + # + + + +@ diff --git a/apache2/sarah/vhosts.d/04_fotoalbum.conf b/apache2/sarah/vhosts.d/04_fotoalbum.conf new file mode 100644 index 0000000..fec7aad --- /dev/null +++ b/apache2/sarah/vhosts.d/04_fotoalbum.conf @@ -0,0 +1,39 @@ + + + ServerName fotoalbum.brehm-online.com + ServerAlias fotoalbum.hennig-berlin.org + ServerAlias fotoalbum.uhu-banane.de + ServerAlias fotoalbum.uhu-banane.net + ServerAlias fotoalbum.brehm-online.eu + ServerAlias fotoalbum + + DocumentRoot /var/www/fotoalbum/htdocs + + ErrorLog /var/log/apache2/fotoalbum-error.log + CustomLog /var/log/apache2/fotoalbum-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + Alias /album_themes "/var/www/localhost/htdocs/album_themes" + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + ScriptAlias /cgi-bin/ "/var/www/fotoalbum/cgi-bin/" + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + diff --git a/apache2/sarah/vhosts.d/04_fotoalbum.conf,v b/apache2/sarah/vhosts.d/04_fotoalbum.conf,v new file mode 100644 index 0000000..72ec802 --- /dev/null +++ b/apache2/sarah/vhosts.d/04_fotoalbum.conf,v @@ -0,0 +1,63 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.09.14.08.11.42; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + ServerName fotoalbum.brehm-online.com + ServerAlias fotoalbum.hennig-berlin.org + ServerAlias fotoalbum.uhu-banane.de + ServerAlias fotoalbum.uhu-banane.net + ServerAlias fotoalbum.brehm-online.eu + ServerAlias fotoalbum + + DocumentRoot /var/www/fotoalbum/htdocs + + ErrorLog /var/log/apache2/fotoalbum-error.log + CustomLog /var/log/apache2/fotoalbum-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + Alias /album_themes "/var/www/localhost/htdocs/album_themes" + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + ScriptAlias /cgi-bin/ "/var/www/fotoalbum/cgi-bin/" + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + +@ diff --git a/apache2/sarah/vhosts.d/05_bautagebuch.conf b/apache2/sarah/vhosts.d/05_bautagebuch.conf new file mode 100644 index 0000000..ba82c16 --- /dev/null +++ b/apache2/sarah/vhosts.d/05_bautagebuch.conf @@ -0,0 +1,31 @@ + + + ServerName bautagebuch.brehm-online.com + ServerAlias bautagebuch.hennig-berlin.org + ServerAlias bautagebuch.uhu-banane.de + ServerAlias bautagebuch.uhu-banane.net + ServerAlias bautagebuch.brehm-online.eu + ServerAlias bautagebuch + + DocumentRoot /var/www/bautagebuch/htdocs + + ErrorLog /var/log/apache2/bautagebuch-error.log + CustomLog /var/log/apache2/bautagebuch-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + ScriptAlias /cgi-bin/ "/var/www/bautagebuch/cgi-bin/" + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + diff --git a/apache2/sarah/vhosts.d/05_bautagebuch.conf,v b/apache2/sarah/vhosts.d/05_bautagebuch.conf,v new file mode 100644 index 0000000..3d9f3ac --- /dev/null +++ b/apache2/sarah/vhosts.d/05_bautagebuch.conf,v @@ -0,0 +1,55 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.09.14.08.24.28; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + ServerName bautagebuch.brehm-online.com + ServerAlias bautagebuch.hennig-berlin.org + ServerAlias bautagebuch.uhu-banane.de + ServerAlias bautagebuch.uhu-banane.net + ServerAlias bautagebuch.brehm-online.eu + ServerAlias bautagebuch + + DocumentRoot /var/www/bautagebuch/htdocs + + ErrorLog /var/log/apache2/bautagebuch-error.log + CustomLog /var/log/apache2/bautagebuch-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + ScriptAlias /cgi-bin/ "/var/www/bautagebuch/cgi-bin/" + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + +@ diff --git a/apache2/sarah/vhosts.d/06_webmail.conf b/apache2/sarah/vhosts.d/06_webmail.conf new file mode 100644 index 0000000..7481a8a --- /dev/null +++ b/apache2/sarah/vhosts.d/06_webmail.conf @@ -0,0 +1,127 @@ + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName webmail.brehm-online.com +# ServerAlias webmail +# ServerAlias webmail.brehm-online.eu +# ServerAlias webmail.brehm-berlin.de +# ServerAlias webmail.hennig-berlin.org +# ServerAlias webmail.uhu-banane.de +# ServerAlias webmail.uhu-banane.com + +# DocumentRoot /var/www/webmail/htdocs/horde/imp + DocumentRoot /var/www/webmail/htdocs/horde + + Alias /horde/ /var/www/webmail/htdocs/horde/ +# Alias /js/ /var/www/webmail/htdocs/horde/js/ + Alias /gollem/ /var/www/webmail/htdocs/horde/gollem/ + Alias /imp/ /var/www/webmail/htdocs/horde/imp/ + Alias /ingo/ /var/www/webmail/htdocs/horde/ingo/ + Alias /kronolith/ /var/www/webmail/htdocs/horde/kronolith/ + Alias /mnemo/ /var/www/webmail/htdocs/horde/mnemo/ + Alias /nag/ /var/www/webmail/htdocs/horde/nag/ + Alias /passwd/ /var/www/webmail/htdocs/horde/passwd/ + Alias /turba/ /var/www/webmail/htdocs/horde/turba/ + + ErrorLog /var/log/apache2/webmail-error.log + CustomLog /var/log/apache2/webmail-access.log full + + + php_admin_flag engine on + php_admin_flag magic_quotes_gpc off + php_admin_flag safe_mode off + php_admin_flag display_errors off + php_admin_flag log_errors on + php_admin_value error_reporting "E_ALL & ~E_NOTICE" + + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + # AuthType Basic + # AuthName "phpMyadmin brehm-online.com" + # AuthUserFile /etc/apache2/myadmin.passwd + # Require valid-user + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName webmail.brehm-online.eu + ServerAlias webmail + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com + + DocumentRoot /var/www/webmail/htdocs/horde/imp + + Redirect permanent / https://webmail.brehm-online.com/ + + ErrorLog /var/log/apache2/webmail-error.log + CustomLog /var/log/apache2/webmail-access-redirect.log full + + + + + + + + + + ServerName webmail.brehm-online.com + ServerAlias webmail + ServerAlias webmail.brehm-online.eu + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com + + DocumentRoot /var/www/webmail/htdocs/horde/imp + + Redirect permanent / https://webmail.brehm-online.com/ + + ErrorLog /var/log/apache2/webmail-error.log + CustomLog /var/log/apache2/webmail-access-redirect.log full + + + + diff --git a/apache2/sarah/vhosts.d/06_webmail.conf,v b/apache2/sarah/vhosts.d/06_webmail.conf,v new file mode 100644 index 0000000..86d2634 --- /dev/null +++ b/apache2/sarah/vhosts.d/06_webmail.conf,v @@ -0,0 +1,180 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2007.10.01.07.13.39; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.10.01.06.21.07; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName webmail.brehm-online.com +# ServerAlias webmail +# ServerAlias webmail.brehm-online.eu +# ServerAlias webmail.brehm-berlin.de +# ServerAlias webmail.hennig-berlin.org +# ServerAlias webmail.uhu-banane.de +# ServerAlias webmail.uhu-banane.com + +# DocumentRoot /var/www/webmail/htdocs/horde/imp + DocumentRoot /var/www/webmail/htdocs/horde + + Alias /horde/ /var/www/webmail/htdocs/horde/ +# Alias /js/ /var/www/webmail/htdocs/horde/js/ + Alias /gollem/ /var/www/webmail/htdocs/horde/gollem/ + Alias /imp/ /var/www/webmail/htdocs/horde/imp/ + Alias /ingo/ /var/www/webmail/htdocs/horde/ingo/ + Alias /kronolith/ /var/www/webmail/htdocs/horde/kronolith/ + Alias /mnemo/ /var/www/webmail/htdocs/horde/mnemo/ + Alias /nag/ /var/www/webmail/htdocs/horde/nag/ + Alias /passwd/ /var/www/webmail/htdocs/horde/passwd/ + Alias /turba/ /var/www/webmail/htdocs/horde/turba/ + + ErrorLog /var/log/apache2/webmail-error.log + CustomLog /var/log/apache2/webmail-access.log full + + + php_admin_flag engine on + php_admin_flag magic_quotes_gpc off + php_admin_flag safe_mode off + php_admin_flag display_errors off + php_admin_flag log_errors on + php_admin_value error_reporting "E_ALL & ~E_NOTICE" + + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + # AuthType Basic + # AuthName "phpMyadmin brehm-online.com" + # AuthUserFile /etc/apache2/myadmin.passwd + # Require valid-user + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName webmail.brehm-online.eu + ServerAlias webmail + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com + + DocumentRoot /var/www/webmail/htdocs/horde/imp + + Redirect permanent / https://webmail.brehm-online.com/ + + ErrorLog /var/log/apache2/webmail-error.log + CustomLog /var/log/apache2/webmail-access-redirect.log full + + + + + + + + + + ServerName webmail.brehm-online.com + ServerAlias webmail + ServerAlias webmail.brehm-online.eu + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com + + DocumentRoot /var/www/webmail/htdocs/horde/imp + + Redirect permanent / https://webmail.brehm-online.com/ + + ErrorLog /var/log/apache2/webmail-error.log + CustomLog /var/log/apache2/webmail-access-redirect.log full + + + + +@ + + +1.1 +log +@Initial revision +@ +text +@d24 6 +a29 6 + ServerAlias webmail + ServerAlias webmail.brehm-online.eu + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com +d31 2 +a32 1 + DocumentRoot /var/www/webmail/htdocs/horde/imp +d35 1 +d70 34 +d123 1 +a123 1 + CustomLog /var/log/apache2/webmail-access.log full +@ diff --git a/apache2/sarah/vhosts.d/07_groupoffice.conf.not_used b/apache2/sarah/vhosts.d/07_groupoffice.conf.not_used new file mode 100644 index 0000000..74572cd --- /dev/null +++ b/apache2/sarah/vhosts.d/07_groupoffice.conf.not_used @@ -0,0 +1,50 @@ + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName groupoffice.brehm-online.com + ServerAlias groupoffice + ServerAlias groupoffice.brehm-online.eu + ServerAlias groupoffice.brehm-berlin.de + + DocumentRoot /var/www/groupoffice/htdocs + + ErrorLog /var/log/apache2/groupoffice-error.log + CustomLog /var/log/apache2/groupoffice-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + + + + + + diff --git a/apache2/sarah/vhosts.d/08_sy.conf.not_used b/apache2/sarah/vhosts.d/08_sy.conf.not_used new file mode 100644 index 0000000..5e13256 --- /dev/null +++ b/apache2/sarah/vhosts.d/08_sy.conf.not_used @@ -0,0 +1,87 @@ + + + + ServerName sy.uhu-banane.net + ServerAlias sy + ServerAlias sy.brehm-online.eu + ServerAlias sy.brehm-berlin.de + + DocumentRoot /home/thomas/sy/htdocs + + ErrorLog /var/log/apache2/sy-error.log + CustomLog /var/log/apache2/sy-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_flag allow_url_fopen On + + + ########################### + # REWRITE-Definitionen ... + + RewriteEngine on + # RewriteLog /data/www/shopyoo/devel/log/rewrite.log + # RewriteLogLevel 2 + + # Neue Rewrite Rule mittels Rewrite Map + # http://www.shopyoo.www/Shopkatalog/Auto-Verkehr-c_0_0_0_0_sy.html + RewriteMap basis_url prg:/home/thomas/sy/bin/url_new.pl + RewriteRule ^([^_]*)([^_]*)_([^_]*)_([^_]*)_([^_]*)_([^_]*)_sy[a-zA-Z0-9]{0,2}\.html$ ${basis_url:%{REQUEST_URI}} [NE,PT,L] + + # Alte Rewrite Rule + # http://shopyoo.de/sy/$timestamp/$xs_id/$xm_id/$sc_id/$xd_id/$xd_type/$x_tmp1/$x_tmp2/$path/$file + + RewriteCond %{REQUEST_URI} ^/sy/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/[^/]*/.+\.html$ + # @shopyoo.com aus den Pfadangaben rausschmeißen + RewriteRule "^/sy/(.*)@shopyoo.com/(.*)$" "/sy/$1/$2" [NE,N] + RewriteRule ^/sy/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/(.+)\.html$ \ + /$9.php?timestamp=$1&xs_id=$2&xm_id=$3&sc_id=$4&xd_id=$5&xd_type=$6&x_tmp1=$7&x_tmp2=$8 [NE,PT,L] + # NE: noescape + # PT: passthrough + # L: Last (rewrite rule) + # N: Next + + # Neue Rewrite Rule + # http://shopyoo.de/sy/$path/$timestamp/$file[-.php]-$xs_id-$xm_id-$sc_id-$xd_id-$xd_type-$x_tmp1-$x_tmp2[+.html] + # besser: + # http://shopyoo.de/sy/$path/$file[-.php]-$timestamp-$xs_id-$xm_id-$sc_id-$xd_id-$xd_type-$x_tmp1-$x_tmp2[+.html] + + RewriteCond %{REQUEST_URI} ^/sy/[^-]+-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*-[^\-]*\.html$ + RewriteRule "^/sy/(.*)@shopyoo.com/(.*)$" "/sy/$1/$2" [NE,N] + RewriteRule ^/sy/([^-]+)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)-([^\-]*)\.html$ \ + /$1.php?timestamp=$2&xs_id=$3&xm_id=$4&sc_id=$5&xd_id=$6&xd_type=$7&x_tmp1=$8&x_tmp2=$9 [NE,PT,L] + + # Ganz neue Rewrite Rule + + RewriteCond "%{REQUEST_URI}" "^/ys/[^-]+-[^-]*-[^\-]*/[^-]+-[^-]*-[^/]*/[^/]*/[^/]*/[^/]*/[^-]+-[^-]*-\d+\.html$" + # 1 2 3 4 5 6 7 8 + RewriteRule "^/ys/([^-]+)-[^-]*-([^\-]*)/([^-]+)-[^-]*-([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^-]+)-[^-]*-\d+\.html$" \ + "/$8.php?xs_id=$1&xm_id=$2&sc_id=$3&xd_id=$4&x_tmp3=$5&x_tmp1=$6&x_tmp2=$7" [NE,PT,L] + + + php_value include_path ".:/usr/share/php:/home/thomas/sy/inc" + php_value output_buffering Off + php_value display_errors Off + php_value log_errors On + php_value track_errors On + php_flag register_globals On + php_value error_log /home/thomas/sy/log/error_sy.log + #PHPINIDir "/data/www/shopyoo.de/conf4" + + + + + + diff --git a/apache2/sarah/vhosts.d/08_typo3.conf.not_used b/apache2/sarah/vhosts.d/08_typo3.conf.not_used new file mode 100644 index 0000000..a82bda1 --- /dev/null +++ b/apache2/sarah/vhosts.d/08_typo3.conf.not_used @@ -0,0 +1,32 @@ + + + + ServerName typo3.uhu-banane.net + ServerAlias typo3 + ServerAlias typo3.brehm-online.eu + ServerAlias typo3.brehm-berlin.de + + DocumentRoot /home/thomas/typo3/stable + + ErrorLog /var/log/apache2/typo3-error.log + CustomLog /var/log/apache2/typo3-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + #AuthType Basic + #AuthName "phpMyadmin brehm-online.com" + #AuthUserFile /etc/apache2/myadmin.passwd + #Require valid-user + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_flag allow_url_fopen On + + + + diff --git a/apache2/sarah/vhosts.d/09_ldap.conf b/apache2/sarah/vhosts.d/09_ldap.conf new file mode 100644 index 0000000..6635ba4 --- /dev/null +++ b/apache2/sarah/vhosts.d/09_ldap.conf @@ -0,0 +1,72 @@ + + + ServerName ldap.brehm-online.com + ServerAlias ldap + ServerAlias ldap.brehm-online.eu + ServerAlias ldap.brehm-berlin.de + + DocumentRoot /var/www/ldap/htdocs/htdocs + + ErrorLog /var/log/apache2/ldap-error.log + CustomLog /var/log/apache2/ldap-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpldapadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName ldap.brehm-online.com + ServerAlias ldap + ServerAlias ldap.brehm-online.eu + ServerAlias ldap.brehm-berlin.de + + DocumentRoot /var/www/ldap/htdocs/htdocs + + ErrorLog /var/log/apache2/ldap-error.log + CustomLog /var/log/apache2/ldap-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpldapadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + diff --git a/apache2/sarah/vhosts.d/09_ldap.conf,v b/apache2/sarah/vhosts.d/09_ldap.conf,v new file mode 100644 index 0000000..88bac01 --- /dev/null +++ b/apache2/sarah/vhosts.d/09_ldap.conf,v @@ -0,0 +1,96 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.12.02.14.58.10; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + ServerName ldap.brehm-online.com + ServerAlias ldap + ServerAlias ldap.brehm-online.eu + ServerAlias ldap.brehm-berlin.de + + DocumentRoot /var/www/ldap/htdocs/htdocs + + ErrorLog /var/log/apache2/ldap-error.log + CustomLog /var/log/apache2/ldap-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpldapadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName ldap.brehm-online.com + ServerAlias ldap + ServerAlias ldap.brehm-online.eu + ServerAlias ldap.brehm-berlin.de + + DocumentRoot /var/www/ldap/htdocs/htdocs + + ErrorLog /var/log/apache2/ldap-error.log + CustomLog /var/log/apache2/ldap-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpldapadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + +@ diff --git a/apache2/sarah/vhosts.d/10_kfz-dlb.conf b/apache2/sarah/vhosts.d/10_kfz-dlb.conf new file mode 100644 index 0000000..a38b458 --- /dev/null +++ b/apache2/sarah/vhosts.d/10_kfz-dlb.conf @@ -0,0 +1,36 @@ + + + ServerName kfz-dlb.uhu-banane.net + ServerAlias kfz-dlb.uhu-banane.de + ServerAlias kfz-dlb.brehm-online.com + ServerAlias www.kfz-dlb.uhu-banane.net + ServerAlias www.kfz-dlb.uhu-banane.de + ServerAlias www.kfz-dlb.brehm-online.com + + DocumentRoot /var/www/kfz-dlb/htdocs + + ErrorLog /var/log/apache2/kfz-dlb-error.log + CustomLog /var/log/apache2/kfz-dlb-access.log full + + Alias /uploads "/var/www/kfz-dlb/htdocs/uploads" + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_value upload_max_filesize "15M" + php_admin_flag allow_url_fopen off + php_flag register_globals off + php_flag register_argc_argv off + php_flag magic_quotes_gpc off + php_value variables_order "GPCS" + + + + diff --git a/apache2/sarah/vhosts.d/10_kfz-dlb.conf,v b/apache2/sarah/vhosts.d/10_kfz-dlb.conf,v new file mode 100644 index 0000000..c186580 --- /dev/null +++ b/apache2/sarah/vhosts.d/10_kfz-dlb.conf,v @@ -0,0 +1,60 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.12.11.20.05.20; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + ServerName kfz-dlb.uhu-banane.net + ServerAlias kfz-dlb.uhu-banane.de + ServerAlias kfz-dlb.brehm-online.com + ServerAlias www.kfz-dlb.uhu-banane.net + ServerAlias www.kfz-dlb.uhu-banane.de + ServerAlias www.kfz-dlb.brehm-online.com + + DocumentRoot /var/www/kfz-dlb/htdocs + + ErrorLog /var/log/apache2/kfz-dlb-error.log + CustomLog /var/log/apache2/kfz-dlb-access.log full + + Alias /uploads "/var/www/kfz-dlb/htdocs/uploads" + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_value upload_max_filesize "15M" + php_admin_flag allow_url_fopen off + php_flag register_globals off + php_flag register_argc_argv off + php_flag magic_quotes_gpc off + php_value variables_order "GPCS" + + + + +@ diff --git a/apache2/sarah/vhosts.d/11_wow.conf.not_used b/apache2/sarah/vhosts.d/11_wow.conf.not_used new file mode 100644 index 0000000..c528962 --- /dev/null +++ b/apache2/sarah/vhosts.d/11_wow.conf.not_used @@ -0,0 +1,24 @@ + + + ServerName wow.clan-mov.de + + DocumentRoot /home/taurec/htdocs/wow + + ErrorLog /var/log/apache2/wow-error.log + CustomLog /var/log/apache2/wow-access.log full + + + Options Indexes FollowSymLinks + AllowOverride Indexes + Order allow,deny + Allow from all + + + + #php_flag session.auto_start Off + php_value default_charset "utf8" + #php_flag allow_url_fopen On + + + + diff --git a/apache2/sarah/vhosts.d/12_dyndns.conf b/apache2/sarah/vhosts.d/12_dyndns.conf new file mode 100644 index 0000000..6835709 --- /dev/null +++ b/apache2/sarah/vhosts.d/12_dyndns.conf @@ -0,0 +1,59 @@ + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + ScriptAlias /cgi-bin/ "/var/www/dyndns/cgi-bin/" + + + + SSLOptions +StdEnvVars + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName dyndns.uhu-banane.de + ServerAlias dyndns + ServerAlias dyndns.brehm-online.eu + ServerAlias dyndns.brehm-berlin.de + ServerAlias dyndns.brehm-online.com + ServerAlias dyndns.uhu-banane.net + + DocumentRoot /var/www/dyndns/htdocs + + ErrorLog /var/log/apache2/dyndns-error.log + CustomLog /var/log/apache2/dyndns-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + + + + + + diff --git a/apache2/sarah/vhosts.d/12_dyndns.conf,v b/apache2/sarah/vhosts.d/12_dyndns.conf,v new file mode 100644 index 0000000..bd9d75d --- /dev/null +++ b/apache2/sarah/vhosts.d/12_dyndns.conf,v @@ -0,0 +1,83 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.08.05.17.15.49; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + ScriptAlias /cgi-bin/ "/var/www/dyndns/cgi-bin/" + + + + SSLOptions +StdEnvVars + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName dyndns.uhu-banane.de + ServerAlias dyndns + ServerAlias dyndns.brehm-online.eu + ServerAlias dyndns.brehm-berlin.de + ServerAlias dyndns.brehm-online.com + ServerAlias dyndns.uhu-banane.net + + DocumentRoot /var/www/dyndns/htdocs + + ErrorLog /var/log/apache2/dyndns-error.log + CustomLog /var/log/apache2/dyndns-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + + + + + + +@ diff --git a/apache2/sarah/vhosts.d/default_vhost.include b/apache2/sarah/vhosts.d/default_vhost.include new file mode 100644 index 0000000..4eef3e9 --- /dev/null +++ b/apache2/sarah/vhosts.d/default_vhost.include @@ -0,0 +1,77 @@ +ServerAdmin frank@brehm-online.com + +DocumentRoot "/var/www/localhost/htdocs" + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + +Alias /distfiles/ /usr/portage/distfiles/ + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + + ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" + + +Redirect permanent /FotoAlbum http://fotoalbum.brehm-online.com +Redirect permanent /fotoalbum http://fotoalbum.brehm-online.com +Redirect permanent /Foto_Album http://fotoalbum.brehm-online.com +Redirect permanent /foto_album http://fotoalbum.brehm-online.com +Redirect permanent /Foto-Album http://fotoalbum.brehm-online.com +Redirect permanent /foto-album http://fotoalbum.brehm-online.com + +Alias /Neues_Haus /home/frank/docs/Neues_Haus +Alias /neues_haus /home/frank/docs/Neues_Haus +Alias /Neues-Haus /home/frank/docs/Neues_Haus +Alias /neues-haus /home/frank/docs/Neues_Haus +Alias /NeuesHaus /home/frank/docs/Neues_Haus +Alias /neueshaus /home/frank/docs/Neues_Haus + + + Options Indexes FollowSymLinks + # IndexOptions FancyIndexing FoldersFirst IgnoreCase NameWidth=60 + # IndexOptions FancyIndexing FoldersFirst HTMLTable IgnoreCase NameWidth=50 + # AddDefaultCharset utf-8 + AddDefaultCharset utf-8 + AllowOverride All + Order allow,deny + Allow from all + + + + Alias /books/static /var/www/books/root/static + Alias /books/ /var/www/books/script/frbr_books_fastcgi.pl/ + + #AllowOverride None + Options None + Order allow,deny + Allow from all + + + +Alias /repo-browser/books/ /home/frank/devel/books/repo-browser/ + + Options Indexes FollowSymLinks + Allow from all + + + +# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + diff --git a/apache2/sarah/vhosts.d/default_vhost.include,v b/apache2/sarah/vhosts.d/default_vhost.include,v new file mode 100644 index 0000000..45bc596 --- /dev/null +++ b/apache2/sarah/vhosts.d/default_vhost.include,v @@ -0,0 +1,229 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2009.01.16.16.03.10; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2008.01.09.11.38.59; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.09.14.08.09.09; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@ServerAdmin frank@@brehm-online.com + +DocumentRoot "/var/www/localhost/htdocs" + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + +Alias /distfiles/ /usr/portage/distfiles/ + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + + ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" + + +Redirect permanent /FotoAlbum http://fotoalbum.brehm-online.com +Redirect permanent /fotoalbum http://fotoalbum.brehm-online.com +Redirect permanent /Foto_Album http://fotoalbum.brehm-online.com +Redirect permanent /foto_album http://fotoalbum.brehm-online.com +Redirect permanent /Foto-Album http://fotoalbum.brehm-online.com +Redirect permanent /foto-album http://fotoalbum.brehm-online.com + +Alias /Neues_Haus /home/frank/docs/Neues_Haus +Alias /neues_haus /home/frank/docs/Neues_Haus +Alias /Neues-Haus /home/frank/docs/Neues_Haus +Alias /neues-haus /home/frank/docs/Neues_Haus +Alias /NeuesHaus /home/frank/docs/Neues_Haus +Alias /neueshaus /home/frank/docs/Neues_Haus + + + Options Indexes FollowSymLinks + # IndexOptions FancyIndexing FoldersFirst IgnoreCase NameWidth=60 + # IndexOptions FancyIndexing FoldersFirst HTMLTable IgnoreCase NameWidth=50 + # AddDefaultCharset utf-8 + AddDefaultCharset utf-8 + AllowOverride All + Order allow,deny + Allow from all + + + + Alias /books/static /var/www/books/root/static + Alias /books/ /var/www/books/script/frbr_books_fastcgi.pl/ + + #AllowOverride None + Options None + Order allow,deny + Allow from all + + + +Alias /repo-browser/books/ /home/frank/devel/books/repo-browser/ + + Options Indexes FollowSymLinks + Allow from all + + + +# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + +@ + + +1.2 +log +@Checked in. +@ +text +@a0 3 +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@@your-domain.com +a2 6 +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +# If you change this to something that isn't under /var/www then suexec +# will no longer work. +a4 1 +# This should be changed to whatever you set DocumentRoot to. +a5 10 + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.2/mod/core.html#options + # for more information. +d7 4 +d12 4 +a15 3 + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit +a16 2 + + # Controls who can get stuff from this server. +a21 22 + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. +a24 4 +# +# AllowOverride All +# + +a37 6 +#Alias /Neues_Haus/ /home/frank/docs/Neues_Haus/ +#Alias /neues_haus/ /home/frank/docs/Neues_Haus/ +#Alias /Neues-Haus/ /home/frank/docs/Neues_Haus/ +#Alias /neues-haus/ /home/frank/docs/Neues_Haus/ +#Alias /NeuesHaus/ /home/frank/docs/Neues_Haus/ +#Alias /neueshaus/ /home/frank/docs/Neues_Haus/ +d50 17 +a66 20 +# +# +# +# +# DocumentRoot "/var/www/localhost/htdocs" +# +# +# Options Indexes FollowSymLinks +# AllowOverride None +# Order allow,deny +# Allow from all +# +# +# +# AllowOverride All +# +# +# +# +# +d77 1 +a77 1 +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@a5 8 +# ServerName gives the name and port that the server uses to identify itself. +# This can often be determined automatically, but we recommend you specify +# it explicitly to prevent problems during startup. +# +# If your host doesn't have a registered DNS name, enter its IP address here. +# +#ServerName www.example.com:80 + +@ diff --git a/apache2/sarah/vhosts.d/nagios.include b/apache2/sarah/vhosts.d/nagios.include new file mode 100644 index 0000000..74bef44 --- /dev/null +++ b/apache2/sarah/vhosts.d/nagios.include @@ -0,0 +1,27 @@ +ScriptAlias /nagios/cgi-bin /usr/nagios/sbin + + + Options ExecCGI + AllowOverride None + Order allow,deny + Allow from all + AuthName "Nagios Access" + AuthType Basic + AuthUserFile /etc/nagios/htpasswd.users + Require valid-user + + +Alias /nagios /usr/nagios/share + + + Options None + AllowOverride None + Order allow,deny + Allow from all + AuthName "Nagios Access" + AuthType Basic + AuthUserFile /etc/nagios/htpasswd.users + Require valid-user + + + diff --git a/apache2/sarah/vhosts.d/nagios.include,v b/apache2/sarah/vhosts.d/nagios.include,v new file mode 100644 index 0000000..229d28e --- /dev/null +++ b/apache2/sarah/vhosts.d/nagios.include,v @@ -0,0 +1,51 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.02.18.12.01.19; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ScriptAlias /nagios/cgi-bin /usr/nagios/sbin + + + Options ExecCGI + AllowOverride None + Order allow,deny + Allow from all + AuthName "Nagios Access" + AuthType Basic + AuthUserFile /etc/nagios/htpasswd.users + Require valid-user + + +Alias /nagios /usr/nagios/share + + + Options None + AllowOverride None + Order allow,deny + Allow from all + AuthName "Nagios Access" + AuthType Basic + AuthUserFile /etc/nagios/htpasswd.users + Require valid-user + + + +@ diff --git a/apache2/sarah/webdav.passwd b/apache2/sarah/webdav.passwd new file mode 100644 index 0000000..bc0790f --- /dev/null +++ b/apache2/sarah/webdav.passwd @@ -0,0 +1,2 @@ +frank:$apr1$wRfqf...$nPVpGEs6Fz4lGcQn2NCYh0 +doris:$apr1$WpLBs...$t.4jk4FcMflmrVY3lrtM70 diff --git a/apache2/ssl/myadmin-cert.pem b/apache2/ssl/myadmin-cert.pem new file mode 100644 index 0000000..cf5de34 --- /dev/null +++ b/apache2/ssl/myadmin-cert.pem @@ -0,0 +1,37 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQC0+qDrRPNPHnd/sD2Vp6ZRy87g0X22CpVMLZpjj2tEKPyf1N/t +VoiHdOHSVLJZrmBf26A5MknUENgEFHqvjO3dPFV7x/VL9OzrrGKS5QBEoaDGheAp +Qow/FKMYA93uFGiG4jcoC7gj+uA3zNeU+fUSHHbqEf9hm+cBtOKG7XVb5QIDAQAB +AoGAJrrP/ylFTHQ/rILB2yoCjNSp1DDgzzlak+/ab1383ZxL28SJm1f+ZcacoQ9h +D5Iiq8Dre/IIHKryH4Vmb/Uf3fFlLbfDcalIIZRKlLmJ43oahUI4aPRthaEN+t2X +4PgL0uQ/4BeCs32ivGz+QWjgx2tuxIkIv7B+JYjyjJ/9QoECQQDd2QCnd70OcQVT +0EYkWKOkRohjiuM4M+vtN7jiiWDmAsKGFaQwNnUCIMl1nGph00DBz2cyb9XvF0Cb +hcrjC5fFAkEA0Nb/Absi8Clz9tdjOE+hWthUIkQhdtCJ8Hdm4JdUUvsGH+GyKJfh +Fq3CyNzTsFBk8eoeEJ6zY7FKEZpmwJTVoQJBAIeC5kNlgLYxk29+6VmKS2stKmKj +k+fgz1w3jVfTUr0tMmV1ErXgjdie7nBI+zKGOCgq6H6GkcdaDLzzHNtTWYECQQCS +SKbjPYQhmcfC9ehoP08U5Uc5oWOXaEfXCqwjUZ0davxFRMCYsppWWmyAaj5V2Fp9 +IbLhjWi2wi7R2cdzyk1BAkB6cOePmPRIIggpl12rKor1Uw+PFWf94tQZRjOPAhWW +H10M7NiPZSzh1UUDlhiNsV220TKzr+XN9idDCxq1ho58 +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIC4zCCAkygAwIBAgIJAN/wUh5zk64nMA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDjAMBgNV +BAoTBUJyZWhtMRwwGgYDVQQLExNGcmFuayBCcmVobSBTU0wgS2V5MSEwHwYDVQQD +ExhteWFkbWluLmJyZWhtLW9ubGluZS5jb20xJTAjBgkqhkiG9w0BCQEWFmZyYW5r +QGJyZWhtLW9ubGluZS5jb20wHhcNMDYxMjA4MjIzNjU5WhcNMTIwMTI2MjIzNjU5 +WjCBpzELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVy +bGluMQ4wDAYDVQQKEwVCcmVobTEcMBoGA1UECxMTRnJhbmsgQnJlaG0gU1NMIEtl +eTEhMB8GA1UEAxMYbXlhZG1pbi5icmVobS1vbmxpbmUuY29tMSUwIwYJKoZIhvcN +AQkBFhZmcmFua0BicmVobS1vbmxpbmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQC0+qDrRPNPHnd/sD2Vp6ZRy87g0X22CpVMLZpjj2tEKPyf1N/tVoiH +dOHSVLJZrmBf26A5MknUENgEFHqvjO3dPFV7x/VL9OzrrGKS5QBEoaDGheApQow/ +FKMYA93uFGiG4jcoC7gj+uA3zNeU+fUSHHbqEf9hm+cBtOKG7XVb5QIDAQABoxUw +EzARBglghkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADgYEAA+PPUJ1IWo+i +lZlDQAOfLscsjv37dJtrvZguPV9aNTSRv1RgJSFseMt/CYjrzxXD2GKhDk8wyE1D +qTy87Os2WXqBKm+6L38hheZoUcIorPwTOmh5KZXwtbyxfmKXg3lXXGDm60E6Pkf7 +O2+jRSctKlQe36TIAZxUpfumY2pVQZA= +-----END CERTIFICATE----- +-----BEGIN DH PARAMETERS----- +MEYCQQDYf1RIczbTmgovRnZ8SA/b9l4b+t0dPW3/CHEUJU93w20YQ3yap6xrWIQk +wVzhsgf+zmajDFpfQU2JJKc35oA7AgEC +-----END DH PARAMETERS----- diff --git a/apache2/ssl/webmail-cert.pem b/apache2/ssl/webmail-cert.pem new file mode 100644 index 0000000..fd2de1c --- /dev/null +++ b/apache2/ssl/webmail-cert.pem @@ -0,0 +1,37 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCsrn1fttalMjRvpAVCkc/CCtprt8ifRyXuiq0njfw5x//eNjxg +G551XNrNHOUagA3gwXFJaU9ZnjYx0nnzqhIzV3ZySbxXcDM7yDwFsygCgvLlAiO9 +hiyjGnMGx83Bm+fAYt/UgyXw1Ur7QjbbKlhZvaIFZprZL3YavjhgQg64dwIDAQAB +AoGBAKuJEgYYjJTBkJEuMAN28RjiyyKiCGsgtC+IFoXqZ5nGcQf+fG9EQF55hOio +QXXXqvGPd8fjEu4FWfSYDojccwJnizcrt8bpSQW3tEr8/wsqX4UJhV8N+gk4+HTM +8ZpATdqp6q21BkkYcnMK6fqYjt4ekhLsbJk+IR5lLzKxy/IRAkEA1+lCM3miOVmD +MMXFUKltLtuDthZQw8p4tQ4/k1u0OfwU+PQlKY4F1AgLFqtkHoWJwWvUnMvT5+9F +AB6njPi5owJBAMy+btu+jow8ix+nII09BAJQDfe+Fa1ngkFV+FRTsrpTcF4MNt+l +L2BwwFkbsAnoGWU6B83UUJZ4TparR5hUmx0CQHN94luGhLAIoZRFNfafqjeWVC3i +YfFZLJgstvUr6Ivbu5wvfHFt9tAkPUozA6sP41ADTgdRQFigNFiMDTPrF+ECQGIC +VvcCBSLEaKTCUCbMKnsg707Ew4O6pPO5v6I+XrQq9QNQPYRZgpBb6Pe+9UoIvP9k +BBBXriwZcyVU4HTfK1ECQQDV0JEKQ3r5eKPPWaefKGYUtrWHh8KpNT8oujVMSWxG +0OazqbiyHhucgmLsbi6JCrAEGhFJBYZ32chVnmLlXTpb +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIC1zCCAkCgAwIBAgIJAPNANtEQARp7MA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDjAMBgNV +BAoTBUJyZWhtMRYwFAYDVQQLEw1CcmVobSBTU0wgS2V5MSEwHwYDVQQDExh3ZWJt +YWlsLmJyZWhtLW9ubGluZS5jb20xJTAjBgkqhkiG9w0BCQEWFmZyYW5rQGJyZWht +LW9ubGluZS5jb20wHhcNMDYxMjA4MjIzNjU5WhcNMTIwMTI2MjIzNjU5WjCBoTEL +MAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ4w +DAYDVQQKEwVCcmVobTEWMBQGA1UECxMNQnJlaG0gU1NMIEtleTEhMB8GA1UEAxMY +d2VibWFpbC5icmVobS1vbmxpbmUuY29tMSUwIwYJKoZIhvcNAQkBFhZmcmFua0Bi +cmVobS1vbmxpbmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsrn1f +ttalMjRvpAVCkc/CCtprt8ifRyXuiq0njfw5x//eNjxgG551XNrNHOUagA3gwXFJ +aU9ZnjYx0nnzqhIzV3ZySbxXcDM7yDwFsygCgvLlAiO9hiyjGnMGx83Bm+fAYt/U +gyXw1Ur7QjbbKlhZvaIFZprZL3YavjhgQg64dwIDAQABoxUwEzARBglghkgBhvhC +AQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADgYEAFGM8hI3QLDFaZYuiOMUyZpf1G4Pi +OaFpA+syrqmcZXvVM+ioiRU1+Mbu0FFku0Ac9WWAwMyjIFh4ZQQYWfoEsQrH/hBJ +BkD4zNAhjjPIuJ8iDs1sUqw91yq5UUeRQAzY3/rFZHvbeswQUDVOJaCSYuOt1gOc +oZYY42gyvdmBnWc= +-----END CERTIFICATE----- +-----BEGIN DH PARAMETERS----- +MEYCQQCZLOhh5tHEUjvRnBolCP22LO27aCcqwCfLPtGICExFfUi6dt1uxeTWh3Od +Kr4x2UXbRAyuc7f0/akmlV2iXLNrAgEC +-----END DH PARAMETERS----- diff --git a/apache2/svnusers b/apache2/svnusers new file mode 100644 index 0000000..18db74d --- /dev/null +++ b/apache2/svnusers @@ -0,0 +1 @@ +frank:$apr1$i6kSY/..$U8o7IvhHKvwnVTERFfhB80 diff --git a/apache2/vhosts.d/.rcs/00_default_ssl_vhost.conf,v b/apache2/vhosts.d/.rcs/00_default_ssl_vhost.conf,v new file mode 100644 index 0000000..1eac4b8 --- /dev/null +++ b/apache2/vhosts.d/.rcs/00_default_ssl_vhost.conf,v @@ -0,0 +1,249 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.11.50.45; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + + +# see bug #178966 why this is in here + +# When we also provide SSL we have to listen to the HTTPS port +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" +Listen 443 +#Listen 127.0.0.1:443 +#Listen 85.214.134.152:443 +#Listen [::1]:443 +#Listen [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]:443 +#Listen [fe80::4261:86ff:feec:c1eb]:443 + +# Use name-based virtual hosting. +NameVirtualHost *:443 + +# + + ServerName www.brehm-online.com + Include /etc/apache2/vhosts.d/default_vhost.include + #Include /etc/apache2/vhosts.d/nagios.include + ErrorLog /var/log/apache2/ssl_error.log + + + #TransferLog /var/log/apache2/ssl_access_log + CustomLog /var/log/apache2/ssl_access.log full + + + ## SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + ## SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + ## Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If the certificate + # is encrypted, then you will be prompted for a pass phrase. Note that a + # kill -HUP will prompt again. Keep in mind that if you have both an RSA + # and a DSA certificate you can configure both in parallel (to also allow + # the use of DSA ciphers, etc.) + #SSLCertificateFile /etc/ssl/apache2/server.crt + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Private Key: + # If the key is not combined with the certificate, use this directive to + # point at the key file. Keep in mind that if you've both a RSA and a DSA + # private key you can configure both in parallel (to also allow the use of + # DSA ciphers, etc.) + #SSLCertificateKeyFile /etc/ssl/apache2/server.key + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the concatenation of + # PEM encoded CA certificates which form the certificate chain for the + # server certificate. Alternatively the referenced file can be the same as + # SSLCertificateFile when the CA certificates are directly appended to the + # server certificate for convinience. + #SSLCertificateChainFile /etc/ssl/apache2/ca.crt + + ## Certificate Authority (CA): + # Set the CA certificate verification path where to find CA certificates + # for client authentication or alternatively one huge file containing all + # of them (file must be PEM encoded). + # Note: Inside SSLCACertificatePath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCACertificatePath /etc/ssl/apache2/ssl.crt + #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt + + ## Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client authentication + # or alternatively one huge file containing all of them (file must be PEM + # encoded). + # Note: Inside SSLCARevocationPath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCARevocationPath /etc/ssl/apache2/ssl.crl + #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl + + ## Client Authentication (Type): + # Client certificate verification type and depth. Types are none, optional, + # require and optional_no_ca. Depth is a number which specifies how deeply + # to verify the certificate issuer chain before deciding the certificate is + # not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + ## Access Control: + # With SSLRequire you can do per-directory access control based on arbitrary + # complex boolean expressions containing server variable checks and other + # lookup directives. The syntax is a mixture between C and Perl. See the + # mod_ssl documentation for more details. + # + # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + # + + ## SSL Engine Options: + # Set various options for the SSL engine. + + ## FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that the + # standard Auth/DBMAuth methods can be used for access control. The user + # name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + + ## ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server + # (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates into + # CGI scripts. + + ## StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the exportation + # for CGI and SSI requests only. + + ## StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under + # a "Satisfy any" situation, i.e. when it applies access is denied and no + # other module can change it. + + ## OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + ## SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait + # for the close notify alert from client. When you need a different + # shutdown approach you can use one of the following variables: + + ## ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates the + # SSL/TLS standard but is needed for some brain-dead browsers. Use this when + # you receive I/O errors because of the standard approach where mod_ssl + # sends the close notify alert. + + ## ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation works + # correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + + BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + + ## Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a compact + # non-error SSL logfile on a virtual host basis. + + CustomLog /var/log/apache2/ssl_request.log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d10 12 +a21 3 + + + ServerName localhost +d23 2 +a24 1 + ErrorLog /var/log/apache2/ssl_error_log +d27 2 +a28 1 + TransferLog /var/log/apache2/ssl_access_log +d46 2 +a47 1 + SSLCertificateFile /etc/ssl/apache2/server.crt +d54 2 +a55 1 + SSLCertificateKeyFile /etc/ssl/apache2/server.key +d184 1 +a184 1 + CustomLog /var/log/apache2/ssl_request_log \ +@ diff --git a/apache2/vhosts.d/.rcs/00_default_vhost.conf,v b/apache2/vhosts.d/.rcs/00_default_vhost.conf,v new file mode 100644 index 0000000..39d2bac --- /dev/null +++ b/apache2/vhosts.d/.rcs/00_default_vhost.conf,v @@ -0,0 +1,96 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.28.11.26.56; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# Virtual Hosts +# +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + + +# see bug #178966 why this is in here + +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 +#Listen 127.0.0.1:80 +#Listen 85.214.134.152:80 +#Listen [::1]:80 +#Listen [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]:80 +#Listen [fe80::4261:86ff:feec:c1eb]:80 + +# Use name-based virtual hosting. +NameVirtualHost *:80 + +# When virtual hosts are enabled, the main host defined in the default +# httpd.conf configuration will go away. We redefine it here so that it is +# still available. +# +# If you disable this vhost by removing -D DEFAULT_VHOST from +# /etc/conf.d/apache2, the first defined virtual host elsewhere will be +# the default. + + ServerName www.brehm-online.com + Include /etc/apache2/vhosts.d/default_vhost.include + #Include /etc/apache2/vhosts.d/nagios.include + + + ServerEnvironment apache apache + + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d27 5 +d44 1 +a44 1 + ServerName localhost +d46 1 +@ diff --git a/apache2/vhosts.d/.rcs/01_myadmin.conf,v b/apache2/vhosts.d/.rcs/01_myadmin.conf,v new file mode 100644 index 0000000..a96ba1b --- /dev/null +++ b/apache2/vhosts.d/.rcs/01_myadmin.conf,v @@ -0,0 +1,123 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.10.20.08.45.11; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.12.47.02; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName myadmin.brehm-online.com + ServerAlias myadmin + ServerAlias myadmin.brehm-online.eu + ServerAlias myadmin.brehm-berlin.de + + DocumentRoot /var/www/myadmin/htdocs + + ErrorLog /var/log/apache2/myadmin-error.log + LogLevel warn + CustomLog /var/log/apache2/myadmin-access.log full + + + php_value session.gc_maxlifetime 3600 + + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpMyadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + #AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + #php_value include_path . + + # Suhosin dependend .. + # suhosin.request.max_vars should be increased (eg. 2048) + php_value suhosin.request.max_vars 2048 + # suhosin.post.max_vars should be increased (eg. 2048) + php_value suhosin.post.max_vars 2048 + # suhosin.request.max_array_index_length should be increased (eg. 256) + php_value suhosin.request.max_array_index_length 256 + # suhosin.post.max_array_index_length should be increased (eg. 256) + php_value suhosin.post.max_array_index_length 256 + # suhosin.request.max_totalname_length should be increased (eg. 8192) + php_value suhosin.request.max_totalname_length 8192 + # suhosin.post.max_totalname_length should be increased (eg. 8192) + php_value suhosin.post.max_totalname_length 8192 + # suhosin.sql.bailout_on_error needs to be disabled (the default) + php_flag suhosin.sql.bailout_on_error off + # suhosin.log.* should not include SQL, otherwise you get big slowdown + + + + + + + + + + + + +# vim: ts=4 filetype=apache +@ + + +1.1 +log +@Initial revision +@ +text +@d47 30 +@ diff --git a/apache2/vhosts.d/.rcs/02_morph.conf,v b/apache2/vhosts.d/.rcs/02_morph.conf,v new file mode 100644 index 0000000..bdf2064 --- /dev/null +++ b/apache2/vhosts.d/.rcs/02_morph.conf,v @@ -0,0 +1,263 @@ +head 1.5; +access; +symbols; +locks; strict; +comment @# @; + + +1.5 +date 2011.02.04.11.40.09; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2010.11.25.08.59.29; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.08.13.07.28.35; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.28.13.29.15; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.13.23.42; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.5 +log +@Checked in. +@ +text +@ + + ServerName bmrmorph.de + ServerAlias www.bmrmorph.de + + redirect permanent / http://blog.bmrmorph.de/ + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + + + + ServerName ddr.bmrmorph.de + ServerAlias www.ddr.bmrmorph.de + + DocumentRoot /home/morph/htdocs/ddr.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + Options -Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName allianz-der-schattenritter.de + ServerAlias www.allianz-der-schattenritter.de + + DocumentRoot /home/morph/htdocs/allianz-der-schattenritter.de + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + Options -Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName blog.bmrmorph.de + + DocumentRoot /home/morph/htdocs/blog.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + Options -Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + Options -Indexes FollowSymLinks + AllowOverride None + ErrorDocument 403 http://blog.bmrmorph.de/ + RewriteEngine On + RewriteCond %{HTTP_REFERER} !^http://blog\.bmrmorph\.de/ [NC] + RewriteRule .*\.(jpg|bmp|png|gif|doc|xls|pdf|xlsx|docx|zip|tar|gz)$ http://blog.bmrmorph.de/ [NC] + + + + + + + ServerName testing.bmrmorph.de + + DocumentRoot /home/morph/htdocs/testing.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + + +# vim: ts=4 filetype=apache +@ + + +1.4 +log +@Checked in. +@ +text +@d6 1 +a6 1 + DocumentRoot /home/morph/htdocs +a11 7 + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + +d26 1 +a26 1 + Options Indexes FollowSymLinks +d46 1 +a46 1 + Options Indexes FollowSymLinks +d56 1 +a56 2 + ServerName reunion.bmrmorph.de + ServerAlias www.reunion.bmrmorph.de +d58 1 +a58 1 + DocumentRoot /home/morph/htdocs/reunion.bmrmorph.de +d64 2 +a65 2 + + Options Indexes FollowSymLinks +d70 8 +@ + + +1.3 +log +@Checked in. +@ +text +@d83 1 +a83 2 + ServerName joomla.bmrmorph.de + ServerAlias www.joomla.bmrmorph.de +d85 1 +a85 1 + DocumentRoot /home/morph/htdocs/joomla.bmrmorph.de +d91 1 +a91 1 + +@ + + +1.2 +log +@Checked in. +@ +text +@a62 40 + ServerName webalizer.bmrmorph.de + ServerAlias www.webalizer.bmrmorph.de + + DocumentRoot /home/morph/htdocs/webalizer.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName phpmyadmin.bmrmorph.de + ServerAlias www.phpmyadmin.bmrmorph.de + + DocumentRoot /home/morph/htdocs/phpmyadmin.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + + + + +@ + + +1.1 +log +@Initial revision +@ +text +@d9 1 +d29 1 +d49 1 +d69 1 +d89 1 +d109 1 +d129 1 +@ diff --git a/apache2/vhosts.d/.rcs/04_fotoalbum.conf,v b/apache2/vhosts.d/.rcs/04_fotoalbum.conf,v new file mode 100644 index 0000000..7424b2e --- /dev/null +++ b/apache2/vhosts.d/.rcs/04_fotoalbum.conf,v @@ -0,0 +1,64 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.13.36.49; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + ServerName fotoalbum.brehm-online.com + ServerAlias fotoalbum.hennig-berlin.org + ServerAlias fotoalbum.uhu-banane.de + ServerAlias fotoalbum.uhu-banane.net + ServerAlias fotoalbum.brehm-online.eu + ServerAlias fotoalbum + + DocumentRoot /var/www/fotoalbum/htdocs + + ErrorLog /var/log/apache2/fotoalbum-error.log + LogLevel warn + CustomLog /var/log/apache2/fotoalbum-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + Alias /album_themes "/var/www/localhost/htdocs/album_themes" + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + ScriptAlias /cgi-bin/ "/var/www/fotoalbum/cgi-bin/" + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + +@ diff --git a/apache2/vhosts.d/.rcs/05_bautagebuch.conf,v b/apache2/vhosts.d/.rcs/05_bautagebuch.conf,v new file mode 100644 index 0000000..ea3ede4 --- /dev/null +++ b/apache2/vhosts.d/.rcs/05_bautagebuch.conf,v @@ -0,0 +1,56 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.28.13.47.18; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + ServerName bautagebuch.brehm-online.com + ServerAlias bautagebuch.hennig-berlin.org + ServerAlias bautagebuch.uhu-banane.de + ServerAlias bautagebuch.uhu-banane.net + ServerAlias bautagebuch.brehm-online.eu + ServerAlias bautagebuch + + DocumentRoot /var/www/bautagebuch/htdocs + + ErrorLog /var/log/apache2/bautagebuch-error.log + LogLevel warn + CustomLog /var/log/apache2/bautagebuch-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + ScriptAlias /cgi-bin/ "/var/www/bautagebuch/cgi-bin/" + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + +@ diff --git a/apache2/vhosts.d/.rcs/06_webmail.conf,v b/apache2/vhosts.d/.rcs/06_webmail.conf,v new file mode 100644 index 0000000..44cb11e --- /dev/null +++ b/apache2/vhosts.d/.rcs/06_webmail.conf,v @@ -0,0 +1,154 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.29.21.41.01; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName webmail.brehm-online.com +# ServerAlias webmail +# ServerAlias webmail.brehm-online.eu +# ServerAlias webmail.brehm-berlin.de +# ServerAlias webmail.hennig-berlin.org +# ServerAlias webmail.uhu-banane.de +# ServerAlias webmail.uhu-banane.com + +# DocumentRoot /var/www/webmail/htdocs/horde/imp + DocumentRoot /var/www/webmail/htdocs/horde + + Alias /horde/ /var/www/webmail/htdocs/horde/ +# Alias /js/ /var/www/webmail/htdocs/horde/js/ + Alias /gollem/ /var/www/webmail/htdocs/horde/gollem/ + Alias /imp/ /var/www/webmail/htdocs/horde/imp/ + Alias /ingo/ /var/www/webmail/htdocs/horde/ingo/ + Alias /kronolith/ /var/www/webmail/htdocs/horde/kronolith/ + Alias /mnemo/ /var/www/webmail/htdocs/horde/mnemo/ + Alias /nag/ /var/www/webmail/htdocs/horde/nag/ + Alias /passwd/ /var/www/webmail/htdocs/horde/passwd/ + Alias /turba/ /var/www/webmail/htdocs/horde/turba/ + + ErrorLog /var/log/apache2/webmail-error.log + LogLevel warn + CustomLog /var/log/apache2/webmail-access.log full + + + php_admin_flag engine on + php_admin_flag magic_quotes_gpc off + php_admin_flag safe_mode off + php_admin_flag display_errors off + php_admin_flag log_errors on + php_admin_value error_reporting "E_ALL & ~E_NOTICE" + + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + # AuthType Basic + # AuthName "phpMyadmin brehm-online.com" + # AuthUserFile /etc/apache2/myadmin.passwd + # Require valid-user + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName webmail.brehm-online.eu + ServerAlias webmail + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com + + DocumentRoot /var/www/webmail/htdocs/horde/imp + + Redirect permanent / https://webmail.brehm-online.com/ + + ErrorLog /var/log/apache2/webmail-error.log + LogLevel warn + CustomLog /var/log/apache2/webmail-access-redirect.log full + + + + + + + + + + ServerName webmail.brehm-online.com + ServerAlias webmail + ServerAlias webmail.brehm-online.eu + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com + + DocumentRoot /var/www/webmail/htdocs/horde/imp + + Redirect permanent / https://webmail.brehm-online.com/ + + ErrorLog /var/log/apache2/webmail-error.log + LogLevel warn + CustomLog /var/log/apache2/webmail-access-redirect.log full + + + + +@ diff --git a/apache2/vhosts.d/.rcs/09_ldap.conf,v b/apache2/vhosts.d/.rcs/09_ldap.conf,v new file mode 100644 index 0000000..0ee9be7 --- /dev/null +++ b/apache2/vhosts.d/.rcs/09_ldap.conf,v @@ -0,0 +1,113 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.06.17.19.54.00; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2007.12.02.14.58.10; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + + ServerName ldap.brehm-online.com + ServerAlias ldap + ServerAlias ldap.brehm-online.eu + ServerAlias ldap.brehm-berlin.de + + DocumentRoot /var/www/ldap/htdocs/htdocs + + ErrorLog /var/log/apache2/ldap-error.log + LogLevel warn + CustomLog /var/log/apache2/ldap-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpldapadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName ldap.brehm-online.com + ServerAlias ldap + ServerAlias ldap.brehm-online.eu + ServerAlias ldap.brehm-berlin.de + + DocumentRoot /var/www/ldap/htdocs/htdocs + + ErrorLog /var/log/apache2/ldap-error.log + LogLevel warn + CustomLog /var/log/apache2/ldap-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpldapadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + +@ + + +1.1 +log +@Initial revision +@ +text +@d11 1 +d53 1 +@ diff --git a/apache2/vhosts.d/.rcs/10_kfz-dlb.conf,v b/apache2/vhosts.d/.rcs/10_kfz-dlb.conf,v new file mode 100644 index 0000000..0db6f56 --- /dev/null +++ b/apache2/vhosts.d/.rcs/10_kfz-dlb.conf,v @@ -0,0 +1,88 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.11.02.19.49.03; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.30.07.35.31; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@ + + ServerName kfz-dlb.uhu-banane.net + ServerAlias kfz-dlb.uhu-banane.de + ServerAlias kfz-dlb.brehm-online.com + ServerAlias kfz-dlb.brehm-online.eu + ServerAlias www.kfz-dlb.uhu-banane.net + ServerAlias www.kfz-dlb.uhu-banane.de + ServerAlias www.kfz-dlb.brehm-online.com + ServerAlias www.kfz-dlb.brehm-online.eu + + DocumentRoot /var/www/kfz-dlb/htdocs + + ErrorLog /var/log/apache2/kfz-dlb-error.log + CustomLog /var/log/apache2/kfz-dlb-access.log full + + Alias /uploads "/var/www/kfz-dlb/htdocs/uploads" + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_value upload_max_filesize "15M" + php_admin_flag allow_url_fopen off + php_flag register_globals off + php_flag register_argc_argv off + php_flag magic_quotes_gpc off + php_value variables_order "GPCS" + # php_value error_reporting "E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR" + php_value error_reporting "4177" + + + + +@ + + +1.1 +log +@Initial revision +@ +text +@d27 3 +a29 3 + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_value upload_max_filesize "15M" +d31 6 +a36 4 + php_flag register_globals off + php_flag register_argc_argv off + php_flag magic_quotes_gpc off + php_value variables_order "GPCS" +@ diff --git a/apache2/vhosts.d/.rcs/11-books-nossl.conf,v b/apache2/vhosts.d/.rcs/11-books-nossl.conf,v new file mode 100644 index 0000000..62abb8f --- /dev/null +++ b/apache2/vhosts.d/.rcs/11-books-nossl.conf,v @@ -0,0 +1,31 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.03.25.19.14.06; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@ + + Include /etc/apache2/vhosts.d/books_vhost.include + + + +# vim: ts=4 filetype=apache expandtab fileencoding=utf-8 +@ diff --git a/apache2/vhosts.d/.rcs/11-books-ssl.conf,v b/apache2/vhosts.d/.rcs/11-books-ssl.conf,v new file mode 100644 index 0000000..a0df0c9 --- /dev/null +++ b/apache2/vhosts.d/.rcs/11-books-ssl.conf,v @@ -0,0 +1,62 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.03.25.19.22.26; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@ + + + + + Include /etc/apache2/vhosts.d/books_vhost.include + + #TransferLog /var/log/apache2/ssl_access_log + CustomLog /var/log/apache2/ssl_access.log full + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + + CustomLog /var/log/apache2/ssl_request.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + + +# vim: ts=4 filetype=apache expandtab fileencoding=utf-8 +@ diff --git a/apache2/vhosts.d/.rcs/12_dyndns.conf,v b/apache2/vhosts.d/.rcs/12_dyndns.conf,v new file mode 100644 index 0000000..fc5c1d2 --- /dev/null +++ b/apache2/vhosts.d/.rcs/12_dyndns.conf,v @@ -0,0 +1,84 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.30.07.15.57; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + ScriptAlias /cgi-bin/ "/var/www/dyndns/cgi-bin/" + + + + SSLOptions +StdEnvVars + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName dyndns.uhu-banane.de + ServerAlias dyndns + ServerAlias dyndns.brehm-online.eu + ServerAlias dyndns.brehm-berlin.de + ServerAlias dyndns.brehm-online.com + ServerAlias dyndns.uhu-banane.net + + DocumentRoot /var/www/dyndns/htdocs + + ErrorLog /var/log/apache2/dyndns-error.log + LogLevel warn + CustomLog /var/log/apache2/dyndns-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + + + + + + +@ diff --git a/apache2/vhosts.d/.rcs/books_vhost.include,v b/apache2/vhosts.d/.rcs/books_vhost.include,v new file mode 100644 index 0000000..1da70b9 --- /dev/null +++ b/apache2/vhosts.d/.rcs/books_vhost.include,v @@ -0,0 +1,51 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.03.25.19.47.39; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@ServerName books.brehm-online.com +ServerAlias books +ServerAlias buecher +ServerAlias buecher.brehm-online.com +ServerAlias books.brehm-berlin.de +ServerAlias buecher.brehm-berlin.de +ServerAlias books.brehm-online.eu +ServerAlias buecher.brehm-online.eu + +#FastCgiExternalServer /tmp/frbr_books1_app.fcgi -socket /tmp/frbr_books_app.sock + +DocumentRoot /var/www/books/root +Alias /static /var/www/books/root/static +Alias / /tmp/frbr_books_app.fcgi/ + +ErrorLog /var/log/apache2/books-error.log +LogLevel info +CustomLog /var/log/apache2/books-access.log full + + + #AllowOverride None + Options None + Order allow,deny + Allow from all + + +# vim: filetype=apache ts=4 expandtab fileencoding=utf-8 +@ diff --git a/apache2/vhosts.d/.rcs/default_vhost.include,v b/apache2/vhosts.d/.rcs/default_vhost.include,v new file mode 100644 index 0000000..e8c3d2c --- /dev/null +++ b/apache2/vhosts.d/.rcs/default_vhost.include,v @@ -0,0 +1,277 @@ +head 1.5; +access; +symbols; +locks; strict; +comment @# @; + + +1.5 +date 2011.03.25.19.03.28; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2010.08.20.05.30.45; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.06.07.20.36.11; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.28.11.43.29; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.5 +log +@Checked in. +@ +text +@# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@@your-domain.com +#ServerAdmin root@@localhost +ServerAdmin frank@@brehm-online.com + +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +# If you change this to something that isn't under /var/www then suexec +# will no longer work. +DocumentRoot "/var/www/localhost/htdocs" + +# This should be changed to whatever you set DocumentRoot to. + + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.2/mod/core.html#options + # for more information. + Options Indexes FollowSymLinks + + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit + AllowOverride All + + # Controls who can get stuff from this server. + Order allow,deny + Allow from all + + + + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + Alias /distfiles/ /usr/portage/distfiles/ + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + Redirect permanent /FotoAlbum http://fotoalbum.brehm-online.com + Redirect permanent /fotoalbum http://fotoalbum.brehm-online.com + Redirect permanent /Foto_Album http://fotoalbum.brehm-online.com + Redirect permanent /foto_album http://fotoalbum.brehm-online.com + Redirect permanent /Foto-Album http://fotoalbum.brehm-online.com + Redirect permanent /foto-album http://fotoalbum.brehm-online.com + + Alias /Neues_Haus /home/frank/docs/Neues_Haus + Alias /neues_haus /home/frank/docs/Neues_Haus + Alias /Neues-Haus /home/frank/docs/Neues_Haus + Alias /neues-haus /home/frank/docs/Neues_Haus + Alias /NeuesHaus /home/frank/docs/Neues_Haus + Alias /neueshaus /home/frank/docs/Neues_Haus + + + Options Indexes FollowSymLinks + # IndexOptions FancyIndexing FoldersFirst IgnoreCase NameWidth=60 + # IndexOptions FancyIndexing FoldersFirst HTMLTable IgnoreCase NameWidth=50 + # AddDefaultCharset utf-8 + AddDefaultCharset utf-8 + AllowOverride All + Order allow,deny + Allow from all + + + Alias /oreilly /var/lib/backup-once/oreilly + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" + + + Alias /books/static /var/www/books/root/static + Alias /books/ /tmp/frbr_books_app.fcgi/ + #Alias /books/ /var/www/books/script/frbr_books_fastcgi.pl/ + + #AllowOverride None + Options None + Order allow,deny + Allow from all + + + + Alias /repo-browser/books/ /home/frank/devel/books/repo-browser/ + + Options Indexes FollowSymLinks + Allow from all + + + + +# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. + + AllowOverride None + Options None + Order allow,deny + Allow from all + + +# vim: filetype=apache ts=4 expandtab fileencoding=utf-8 +@ + + +1.4 +log +@Checked in. +@ +text +@d17 20 +a36 20 + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.2/mod/core.html#options + # for more information. + Options Indexes FollowSymLinks + + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit + AllowOverride All + + # Controls who can get stuff from this server. + Order allow,deny + Allow from all +d40 21 +a60 21 + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + Alias /distfiles/ /usr/portage/distfiles/ + + + Options Indexes FollowSymLinks + AllowOverride All +d135 1 +a135 1 +# vim: ts=4 filetype=apache +@ + + +1.3 +log +@Checked in. +@ +text +@d90 8 +@ + + +1.2 +log +@Checked in. +@ +text +@d98 11 +a108 10 +# +# Alias /books/static /var/www/books/root/static +# Alias /books/ /var/www/books/script/frbr_books_fastcgi.pl/ +# +# #AllowOverride None +# Options None +# Order allow,deny +# Allow from all +# +# +@ + + +1.1 +log +@Initial revision +@ +text +@d4 2 +a5 1 +ServerAdmin root@@localhost +d56 34 +d97 18 +@ diff --git a/apache2/vhosts.d/00_default_ssl_vhost.conf b/apache2/vhosts.d/00_default_ssl_vhost.conf new file mode 100644 index 0000000..3ebe821 --- /dev/null +++ b/apache2/vhosts.d/00_default_ssl_vhost.conf @@ -0,0 +1,192 @@ + + + +# see bug #178966 why this is in here + +# When we also provide SSL we have to listen to the HTTPS port +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" +Listen 443 +#Listen 127.0.0.1:443 +#Listen 85.214.134.152:443 +#Listen [::1]:443 +#Listen [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]:443 +#Listen [fe80::4261:86ff:feec:c1eb]:443 + +# Use name-based virtual hosting. +NameVirtualHost *:443 + +# + + ServerName www.brehm-online.com + Include /etc/apache2/vhosts.d/default_vhost.include + #Include /etc/apache2/vhosts.d/nagios.include + ErrorLog /var/log/apache2/ssl_error.log + + + #TransferLog /var/log/apache2/ssl_access_log + CustomLog /var/log/apache2/ssl_access.log full + + + ## SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + ## SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + ## Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If the certificate + # is encrypted, then you will be prompted for a pass phrase. Note that a + # kill -HUP will prompt again. Keep in mind that if you have both an RSA + # and a DSA certificate you can configure both in parallel (to also allow + # the use of DSA ciphers, etc.) + #SSLCertificateFile /etc/ssl/apache2/server.crt + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Private Key: + # If the key is not combined with the certificate, use this directive to + # point at the key file. Keep in mind that if you've both a RSA and a DSA + # private key you can configure both in parallel (to also allow the use of + # DSA ciphers, etc.) + #SSLCertificateKeyFile /etc/ssl/apache2/server.key + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the concatenation of + # PEM encoded CA certificates which form the certificate chain for the + # server certificate. Alternatively the referenced file can be the same as + # SSLCertificateFile when the CA certificates are directly appended to the + # server certificate for convinience. + #SSLCertificateChainFile /etc/ssl/apache2/ca.crt + + ## Certificate Authority (CA): + # Set the CA certificate verification path where to find CA certificates + # for client authentication or alternatively one huge file containing all + # of them (file must be PEM encoded). + # Note: Inside SSLCACertificatePath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCACertificatePath /etc/ssl/apache2/ssl.crt + #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt + + ## Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client authentication + # or alternatively one huge file containing all of them (file must be PEM + # encoded). + # Note: Inside SSLCARevocationPath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCARevocationPath /etc/ssl/apache2/ssl.crl + #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl + + ## Client Authentication (Type): + # Client certificate verification type and depth. Types are none, optional, + # require and optional_no_ca. Depth is a number which specifies how deeply + # to verify the certificate issuer chain before deciding the certificate is + # not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + ## Access Control: + # With SSLRequire you can do per-directory access control based on arbitrary + # complex boolean expressions containing server variable checks and other + # lookup directives. The syntax is a mixture between C and Perl. See the + # mod_ssl documentation for more details. + # + # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + # + + ## SSL Engine Options: + # Set various options for the SSL engine. + + ## FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that the + # standard Auth/DBMAuth methods can be used for access control. The user + # name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + + ## ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server + # (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates into + # CGI scripts. + + ## StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the exportation + # for CGI and SSI requests only. + + ## StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under + # a "Satisfy any" situation, i.e. when it applies access is denied and no + # other module can change it. + + ## OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + ## SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait + # for the close notify alert from client. When you need a different + # shutdown approach you can use one of the following variables: + + ## ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates the + # SSL/TLS standard but is needed for some brain-dead browsers. Use this when + # you receive I/O errors because of the standard approach where mod_ssl + # sends the close notify alert. + + ## ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation works + # correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + + BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + + ## Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a compact + # non-error SSL logfile on a virtual host basis. + + CustomLog /var/log/apache2/ssl_request.log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/vhosts.d/00_default_vhost.conf b/apache2/vhosts.d/00_default_vhost.conf new file mode 100644 index 0000000..cb477ea --- /dev/null +++ b/apache2/vhosts.d/00_default_vhost.conf @@ -0,0 +1,54 @@ +# Virtual Hosts +# +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + + +# see bug #178966 why this is in here + +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 +#Listen 127.0.0.1:80 +#Listen 85.214.134.152:80 +#Listen [::1]:80 +#Listen [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]:80 +#Listen [fe80::4261:86ff:feec:c1eb]:80 + +# Use name-based virtual hosting. +NameVirtualHost *:80 + +# When virtual hosts are enabled, the main host defined in the default +# httpd.conf configuration will go away. We redefine it here so that it is +# still available. +# +# If you disable this vhost by removing -D DEFAULT_VHOST from +# /etc/conf.d/apache2, the first defined virtual host elsewhere will be +# the default. + + ServerName www.brehm-online.com + Include /etc/apache2/vhosts.d/default_vhost.include + #Include /etc/apache2/vhosts.d/nagios.include + + + ServerEnvironment apache apache + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/vhosts.d/01_myadmin.conf b/apache2/vhosts.d/01_myadmin.conf new file mode 100644 index 0000000..0df3854 --- /dev/null +++ b/apache2/vhosts.d/01_myadmin.conf @@ -0,0 +1,85 @@ + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName myadmin.brehm-online.com + ServerAlias myadmin + ServerAlias myadmin.brehm-online.eu + ServerAlias myadmin.brehm-berlin.de + + DocumentRoot /var/www/myadmin/htdocs + + ErrorLog /var/log/apache2/myadmin-error.log + LogLevel warn + CustomLog /var/log/apache2/myadmin-access.log full + + + php_value session.gc_maxlifetime 3600 + + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpMyadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + #AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + #php_value include_path . + + # Suhosin dependend .. + # suhosin.request.max_vars should be increased (eg. 2048) + php_value suhosin.request.max_vars 2048 + # suhosin.post.max_vars should be increased (eg. 2048) + php_value suhosin.post.max_vars 2048 + # suhosin.request.max_array_index_length should be increased (eg. 256) + php_value suhosin.request.max_array_index_length 256 + # suhosin.post.max_array_index_length should be increased (eg. 256) + php_value suhosin.post.max_array_index_length 256 + # suhosin.request.max_totalname_length should be increased (eg. 8192) + php_value suhosin.request.max_totalname_length 8192 + # suhosin.post.max_totalname_length should be increased (eg. 8192) + php_value suhosin.post.max_totalname_length 8192 + # suhosin.sql.bailout_on_error needs to be disabled (the default) + php_flag suhosin.sql.bailout_on_error off + # suhosin.log.* should not include SQL, otherwise you get big slowdown + + + + + + + + + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/vhosts.d/02_morph.conf b/apache2/vhosts.d/02_morph.conf new file mode 100644 index 0000000..da18fed --- /dev/null +++ b/apache2/vhosts.d/02_morph.conf @@ -0,0 +1,41 @@ + + + ServerName ddr.bmrmorph.de + ServerAlias www.ddr.bmrmorph.de + + DocumentRoot /home/morph/htdocs/ddr.bmrmorph.de + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + Options -Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + ServerName allianz-der-schattenritter.de + ServerAlias www.allianz-der-schattenritter.de + + DocumentRoot /home/morph/htdocs/allianz-der-schattenritter.de + + ErrorLog /var/log/apache2/morph-error.log + LogLevel warn + CustomLog /var/log/apache2/morph-access.log full + + + Options -Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/vhosts.d/04_fotoalbum.conf b/apache2/vhosts.d/04_fotoalbum.conf new file mode 100644 index 0000000..0b4587a --- /dev/null +++ b/apache2/vhosts.d/04_fotoalbum.conf @@ -0,0 +1,40 @@ + + + ServerName fotoalbum.brehm-online.com + ServerAlias fotoalbum.hennig-berlin.org + ServerAlias fotoalbum.uhu-banane.de + ServerAlias fotoalbum.uhu-banane.net + ServerAlias fotoalbum.brehm-online.eu + ServerAlias fotoalbum + + DocumentRoot /var/www/fotoalbum/htdocs + + ErrorLog /var/log/apache2/fotoalbum-error.log + LogLevel warn + CustomLog /var/log/apache2/fotoalbum-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + Alias /album_themes "/var/www/localhost/htdocs/album_themes" + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + ScriptAlias /cgi-bin/ "/var/www/fotoalbum/cgi-bin/" + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + diff --git a/apache2/vhosts.d/05_bautagebuch.conf b/apache2/vhosts.d/05_bautagebuch.conf new file mode 100644 index 0000000..8785dbe --- /dev/null +++ b/apache2/vhosts.d/05_bautagebuch.conf @@ -0,0 +1,32 @@ + + + ServerName bautagebuch.brehm-online.com + ServerAlias bautagebuch.hennig-berlin.org + ServerAlias bautagebuch.uhu-banane.de + ServerAlias bautagebuch.uhu-banane.net + ServerAlias bautagebuch.brehm-online.eu + ServerAlias bautagebuch + + DocumentRoot /var/www/bautagebuch/htdocs + + ErrorLog /var/log/apache2/bautagebuch-error.log + LogLevel warn + CustomLog /var/log/apache2/bautagebuch-access.log full + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + ScriptAlias /cgi-bin/ "/var/www/bautagebuch/cgi-bin/" + + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + diff --git a/apache2/vhosts.d/06_webmail.conf b/apache2/vhosts.d/06_webmail.conf new file mode 100644 index 0000000..aec5996 --- /dev/null +++ b/apache2/vhosts.d/06_webmail.conf @@ -0,0 +1,130 @@ + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName webmail.brehm-online.com +# ServerAlias webmail +# ServerAlias webmail.brehm-online.eu +# ServerAlias webmail.brehm-berlin.de +# ServerAlias webmail.hennig-berlin.org +# ServerAlias webmail.uhu-banane.de +# ServerAlias webmail.uhu-banane.com + +# DocumentRoot /var/www/webmail/htdocs/horde/imp + DocumentRoot /var/www/webmail/htdocs/horde + + Alias /horde/ /var/www/webmail/htdocs/horde/ +# Alias /js/ /var/www/webmail/htdocs/horde/js/ + Alias /gollem/ /var/www/webmail/htdocs/horde/gollem/ + Alias /imp/ /var/www/webmail/htdocs/horde/imp/ + Alias /ingo/ /var/www/webmail/htdocs/horde/ingo/ + Alias /kronolith/ /var/www/webmail/htdocs/horde/kronolith/ + Alias /mnemo/ /var/www/webmail/htdocs/horde/mnemo/ + Alias /nag/ /var/www/webmail/htdocs/horde/nag/ + Alias /passwd/ /var/www/webmail/htdocs/horde/passwd/ + Alias /turba/ /var/www/webmail/htdocs/horde/turba/ + + ErrorLog /var/log/apache2/webmail-error.log + LogLevel warn + CustomLog /var/log/apache2/webmail-access.log full + + + php_admin_flag engine on + php_admin_flag magic_quotes_gpc off + php_admin_flag safe_mode off + php_admin_flag display_errors off + php_admin_flag log_errors on + php_admin_value error_reporting "E_ALL & ~E_NOTICE" + + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + # AuthType Basic + # AuthName "phpMyadmin brehm-online.com" + # AuthUserFile /etc/apache2/myadmin.passwd + # Require valid-user + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName webmail.brehm-online.eu + ServerAlias webmail + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com + + DocumentRoot /var/www/webmail/htdocs/horde/imp + + Redirect permanent / https://webmail.brehm-online.com/ + + ErrorLog /var/log/apache2/webmail-error.log + LogLevel warn + CustomLog /var/log/apache2/webmail-access-redirect.log full + + + + + + + + + + ServerName webmail.brehm-online.com + ServerAlias webmail + ServerAlias webmail.brehm-online.eu + ServerAlias webmail.brehm-berlin.de + ServerAlias webmail.hennig-berlin.org + ServerAlias webmail.uhu-banane.de + ServerAlias webmail.uhu-banane.com + + DocumentRoot /var/www/webmail/htdocs/horde/imp + + Redirect permanent / https://webmail.brehm-online.com/ + + ErrorLog /var/log/apache2/webmail-error.log + LogLevel warn + CustomLog /var/log/apache2/webmail-access-redirect.log full + + + + diff --git a/apache2/vhosts.d/09_ldap.conf b/apache2/vhosts.d/09_ldap.conf new file mode 100644 index 0000000..3d32481 --- /dev/null +++ b/apache2/vhosts.d/09_ldap.conf @@ -0,0 +1,74 @@ + + + ServerName ldap.brehm-online.com + ServerAlias ldap + ServerAlias ldap.brehm-online.eu + ServerAlias ldap.brehm-berlin.de + + DocumentRoot /var/www/ldap/htdocs/htdocs + + ErrorLog /var/log/apache2/ldap-error.log + LogLevel warn + CustomLog /var/log/apache2/ldap-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpldapadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName ldap.brehm-online.com + ServerAlias ldap + ServerAlias ldap.brehm-online.eu + ServerAlias ldap.brehm-berlin.de + + DocumentRoot /var/www/ldap/htdocs/htdocs + + ErrorLog /var/log/apache2/ldap-error.log + LogLevel warn + CustomLog /var/log/apache2/ldap-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +# AuthType Basic +# AuthName "phpldapadmin brehm-online.com" +# AuthUserFile /etc/apache2/myadmin.passwd +# Require valid-user + + + + + + + + + + diff --git a/apache2/vhosts.d/10_kfz-dlb.conf b/apache2/vhosts.d/10_kfz-dlb.conf new file mode 100644 index 0000000..90e78e7 --- /dev/null +++ b/apache2/vhosts.d/10_kfz-dlb.conf @@ -0,0 +1,40 @@ + + + ServerName kfz-dlb.uhu-banane.net + ServerAlias kfz-dlb.uhu-banane.de + ServerAlias kfz-dlb.brehm-online.com + ServerAlias kfz-dlb.brehm-online.eu + ServerAlias www.kfz-dlb.uhu-banane.net + ServerAlias www.kfz-dlb.uhu-banane.de + ServerAlias www.kfz-dlb.brehm-online.com + ServerAlias www.kfz-dlb.brehm-online.eu + + DocumentRoot /var/www/kfz-dlb/htdocs + + ErrorLog /var/log/apache2/kfz-dlb-error.log + CustomLog /var/log/apache2/kfz-dlb-access.log full + + Alias /uploads "/var/www/kfz-dlb/htdocs/uploads" + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + php_flag session.auto_start Off + php_value default_charset "utf-8" + php_value upload_max_filesize "15M" + php_admin_flag allow_url_fopen off + php_flag register_globals off + php_flag register_argc_argv off + php_flag magic_quotes_gpc off + php_value variables_order "GPCS" + # php_value error_reporting "E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR" + php_value error_reporting "4177" + + + + diff --git a/apache2/vhosts.d/11-books-nossl.conf b/apache2/vhosts.d/11-books-nossl.conf new file mode 100644 index 0000000..06157c9 --- /dev/null +++ b/apache2/vhosts.d/11-books-nossl.conf @@ -0,0 +1,7 @@ + + + Include /etc/apache2/vhosts.d/books_vhost.include + + + +# vim: ts=4 filetype=apache expandtab fileencoding=utf-8 diff --git a/apache2/vhosts.d/11-books-ssl.conf b/apache2/vhosts.d/11-books-ssl.conf new file mode 100644 index 0000000..50ffe89 --- /dev/null +++ b/apache2/vhosts.d/11-books-ssl.conf @@ -0,0 +1,38 @@ + + + + + + Include /etc/apache2/vhosts.d/books_vhost.include + + #TransferLog /var/log/apache2/ssl_access_log + CustomLog /var/log/apache2/ssl_access.log full + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + + CustomLog /var/log/apache2/ssl_request.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + + +# vim: ts=4 filetype=apache expandtab fileencoding=utf-8 diff --git a/apache2/vhosts.d/12_dyndns.conf b/apache2/vhosts.d/12_dyndns.conf new file mode 100644 index 0000000..e5a10bc --- /dev/null +++ b/apache2/vhosts.d/12_dyndns.conf @@ -0,0 +1,60 @@ + + + + + + + SSLEngine on + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + SSLOptions +StdEnvVars + + + + ScriptAlias /cgi-bin/ "/var/www/dyndns/cgi-bin/" + + + + SSLOptions +StdEnvVars + AllowOverride None + Options None + Order allow,deny + Allow from all + + + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + ServerName dyndns.uhu-banane.de + ServerAlias dyndns + ServerAlias dyndns.brehm-online.eu + ServerAlias dyndns.brehm-berlin.de + ServerAlias dyndns.brehm-online.com + ServerAlias dyndns.uhu-banane.net + + DocumentRoot /var/www/dyndns/htdocs + + ErrorLog /var/log/apache2/dyndns-error.log + LogLevel warn + CustomLog /var/log/apache2/dyndns-access.log full + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + + + + + + + + + diff --git a/apache2/vhosts.d/books_vhost.include b/apache2/vhosts.d/books_vhost.include new file mode 100644 index 0000000..8fe2219 --- /dev/null +++ b/apache2/vhosts.d/books_vhost.include @@ -0,0 +1,27 @@ +ServerName books.brehm-online.com +ServerAlias books +ServerAlias buecher +ServerAlias buecher.brehm-online.com +ServerAlias books.brehm-berlin.de +ServerAlias buecher.brehm-berlin.de +ServerAlias books.brehm-online.eu +ServerAlias buecher.brehm-online.eu + +#FastCgiExternalServer /tmp/frbr_books1_app.fcgi -socket /tmp/frbr_books_app.sock + +DocumentRoot /var/www/books/root +Alias /static /var/www/books/root/static +Alias / /tmp/frbr_books_app.fcgi/ + +ErrorLog /var/log/apache2/books-error.log +LogLevel info +CustomLog /var/log/apache2/books-access.log full + + + #AllowOverride None + Options None + Order allow,deny + Allow from all + + +# vim: filetype=apache ts=4 expandtab fileencoding=utf-8 diff --git a/apache2/vhosts.d/default_vhost.include b/apache2/vhosts.d/default_vhost.include new file mode 100644 index 0000000..c6eb4e3 --- /dev/null +++ b/apache2/vhosts.d/default_vhost.include @@ -0,0 +1,135 @@ +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +#ServerAdmin root@localhost +ServerAdmin frank@brehm-online.com + +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +# If you change this to something that isn't under /var/www then suexec +# will no longer work. +DocumentRoot "/var/www/localhost/htdocs" + +# This should be changed to whatever you set DocumentRoot to. + + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.2/mod/core.html#options + # for more information. + Options Indexes FollowSymLinks + + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit + AllowOverride All + + # Controls who can get stuff from this server. + Order allow,deny + Allow from all + + + + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + Alias /distfiles/ /usr/portage/distfiles/ + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + Redirect permanent /FotoAlbum http://fotoalbum.brehm-online.com + Redirect permanent /fotoalbum http://fotoalbum.brehm-online.com + Redirect permanent /Foto_Album http://fotoalbum.brehm-online.com + Redirect permanent /foto_album http://fotoalbum.brehm-online.com + Redirect permanent /Foto-Album http://fotoalbum.brehm-online.com + Redirect permanent /foto-album http://fotoalbum.brehm-online.com + + Alias /Neues_Haus /home/frank/docs/Neues_Haus + Alias /neues_haus /home/frank/docs/Neues_Haus + Alias /Neues-Haus /home/frank/docs/Neues_Haus + Alias /neues-haus /home/frank/docs/Neues_Haus + Alias /NeuesHaus /home/frank/docs/Neues_Haus + Alias /neueshaus /home/frank/docs/Neues_Haus + + + Options Indexes FollowSymLinks + # IndexOptions FancyIndexing FoldersFirst IgnoreCase NameWidth=60 + # IndexOptions FancyIndexing FoldersFirst HTMLTable IgnoreCase NameWidth=50 + # AddDefaultCharset utf-8 + AddDefaultCharset utf-8 + AllowOverride All + Order allow,deny + Allow from all + + + Alias /oreilly /var/lib/backup-once/oreilly + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" + + + Alias /books/static /var/www/books/root/static + Alias /books/ /tmp/frbr_books_app.fcgi/ + #Alias /books/ /var/www/books/script/frbr_books_fastcgi.pl/ + + #AllowOverride None + Options None + Order allow,deny + Allow from all + + + + Alias /repo-browser/books/ /home/frank/devel/books/repo-browser/ + + Options Indexes FollowSymLinks + Allow from all + + + + +# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. + + AllowOverride None + Options None + Order allow,deny + Allow from all + + +# vim: filetype=apache ts=4 expandtab fileencoding=utf-8 diff --git a/at/at.deny b/at/at.deny new file mode 100644 index 0000000..6db2ed9 --- /dev/null +++ b/at/at.deny @@ -0,0 +1,28 @@ +alias +backup +bin +daemon +ftp +games +gnats +guest +irc +lp +mail +man +mysql +news +nobody +operator +proxy +qmaild +qmaill +qmailp +qmailq +qmailr +qmails +squid +sync +sys +uucp +www-data diff --git a/audisp/audisp-remote.conf b/audisp/audisp-remote.conf new file mode 100644 index 0000000..93d01c1 --- /dev/null +++ b/audisp/audisp-remote.conf @@ -0,0 +1,12 @@ +# +# This file controls the configuration of the audit remote +# logging subsystem, audisp-remote. +# + +remote_server = +port = 60 +transport = tcp +mode = immediate +queue_depth = 20 +fail_action = SYSLOG + diff --git a/audisp/audispd.conf b/audisp/audispd.conf new file mode 100644 index 0000000..9989dc2 --- /dev/null +++ b/audisp/audispd.conf @@ -0,0 +1,11 @@ +# +# This file controls the configuration of the audit event +# dispatcher daemon, audispd. +# + +q_depth = 80 +overflow_action = SYSLOG +priority_boost = 4 +name_format = HOSTNAME +#name = mydomain + diff --git a/audisp/plugins.d/af_unix.conf b/audisp/plugins.d/af_unix.conf new file mode 100644 index 0000000..8bba3e3 --- /dev/null +++ b/audisp/plugins.d/af_unix.conf @@ -0,0 +1,14 @@ + +# This file controls the configuration of the +# af_unix socket plugin. It simply takes events +# and writes them to a unix domain socket. This +# plugin can take 2 arguments, the path for the +# socket and the socket permissions in octal. + +active = yes +direction = out +path = builtin_af_unix +type = builtin +args = 0640 /var/run/audispd_events +format = string + diff --git a/audisp/plugins.d/au-remote.conf b/audisp/plugins.d/au-remote.conf new file mode 100644 index 0000000..e0adf96 --- /dev/null +++ b/audisp/plugins.d/au-remote.conf @@ -0,0 +1,12 @@ + +# This file controls the audispd data path to the +# remote event logger. This plugin will send events to +# a remote machine (Central Logger). + +active = no +direction = out +path = /sbin/audisp-remote +type = always +#args = +format = string + diff --git a/audisp/plugins.d/audispd-zos-remote.conf b/audisp/plugins.d/audispd-zos-remote.conf new file mode 100644 index 0000000..13aef2c --- /dev/null +++ b/audisp/plugins.d/audispd-zos-remote.conf @@ -0,0 +1,14 @@ +# This is the configuration for the audispd-zos-remote +# audit dispatcher plugin - See audispd(8) +# +# Note that this specific plugin has a configuration file of +# its own. The complete path for this file must be entered as +# the argument for the plugin in the 'args' field below +# See audispd-zos-remote(8) + +active = no +direction = out +path = /sbin/audispd-zos-remote +type = always +args = /etc/audisp/zos-remote.conf +format = string diff --git a/audisp/plugins.d/syslog.conf b/audisp/plugins.d/syslog.conf new file mode 100644 index 0000000..a0c9df7 --- /dev/null +++ b/audisp/plugins.d/syslog.conf @@ -0,0 +1,10 @@ +# This file controls the configuration of the +# syslog plugin. It simply takes events and writes +# them to syslog. + +active = no +direction = out +path = builtin_syslog +type = builtin +args = LOG_INFO +format = string diff --git a/audisp/zos-remote.conf b/audisp/zos-remote.conf new file mode 100644 index 0000000..8cf85f7 --- /dev/null +++ b/audisp/zos-remote.conf @@ -0,0 +1,10 @@ +## This is the configuration file for the audispd-zos-remote +## Audit dispatcher plugin. +## See zos-remote.conf(5) for more information + +server = zos_server.localdomain +port = 389 +user = RACF_ID +password = racf_password +timeout = 15 +q_depth = 64 diff --git a/audit/audit.rules b/audit/audit.rules new file mode 100644 index 0000000..9d9578e --- /dev/null +++ b/audit/audit.rules @@ -0,0 +1,25 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ +# +# This file contains the auditctl rules that are loaded +# whenever the audit daemon is started via the initscripts. +# The rules are simply the parameters that would be passed +# to auditctl. + +# First rule - delete all +# This is to clear out old rules, so we don't append to them. +-D + +# Feel free to add below this line. See auditctl man page + +# The following rule would cause all of the syscalls listed to be ignored in logging. +# -a entry,never -S read -S write -S open -S fstat -S fstat64 -S mmap -S brk -S munmap -S _llseek -S nanosleep -S fcntl64 -S close -S dup2 -S rt_sigaction -S stat64 -S stat + +# The following rule would cause the capture of all systems not caught above. +# -a entry,always -S all + +# Increase the buffers to survive stress events +-b 256 + +# vim:ft=conf: diff --git a/audit/audit.rules.stop.post b/audit/audit.rules.stop.post new file mode 100644 index 0000000..34db08c --- /dev/null +++ b/audit/audit.rules.stop.post @@ -0,0 +1,13 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.post,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ +# +# This file contains the auditctl rules that are loaded immediately after the +# audit deamon is stopped via the initscripts. +# The rules are simply the parameters that would be passed +# to auditctl. + +# Not used for the default Gentoo configuration as of v1.2.3 +# Paranoid security types might wish to reconfigure kauditd here. + +# vim:ft=conf: diff --git a/audit/audit.rules.stop.pre b/audit/audit.rules.stop.pre new file mode 100644 index 0000000..c404b51 --- /dev/null +++ b/audit/audit.rules.stop.pre @@ -0,0 +1,13 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.pre,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ +# +# This file contains the auditctl rules that are loaded immediately before the +# audit deamon is stopped via the initscripts. +# The rules are simply the parameters that would be passed +# to auditctl. + +# auditd is stopping, don't capture events anymore +-D + +# vim:ft=conf: diff --git a/audit/auditd.conf b/audit/auditd.conf new file mode 100644 index 0000000..e8071a0 --- /dev/null +++ b/audit/auditd.conf @@ -0,0 +1,25 @@ +# +# This file controls the configuration of the audit daemon +# + +log_file = /var/log/audit/audit.log +log_format = RAW +log_group = root +priority_boost = 4 +flush = INCREMENTAL +freq = 20 +num_logs = 4 +disp_qos = lossy +dispatcher = /sbin/audispd +name_format = NONE +##name = mydomain +max_log_file = 5 +max_log_file_action = ROTATE +space_left = 75 +space_left_action = SYSLOG +action_mail_acct = root +admin_space_left = 50 +admin_space_left_action = SUSPEND +disk_full_action = SUSPEND +disk_error_action = SUSPEND + diff --git a/autofs/auto.master b/autofs/auto.master new file mode 100644 index 0000000..4b10001 --- /dev/null +++ b/autofs/auto.master @@ -0,0 +1,24 @@ +# $Id: autofs5-auto.master,v 1.1 2011/05/23 08:29:05 pva Exp $ +# Sample auto.master file +# This is an automounter map and it has the following format +# key [ -mount-options-separated-by-comma ] location +# For details of the format look at autofs(5). +# +#/misc /etc/autofs/auto.misc +#/net /etc/autofs/auto.net +# +# NOTE: mounts done from a hosts map will be mounted with the +# "nosuid" and "nodev" options unless the "suid" and "dev" +# options are explicitly given. +# +#/net -hosts +# +# Include central master map if it can be found using +# nsswitch sources. +# +# Note that if there are entries for /net or /misc (as +# above) in the included master map any keys that are the +# same will not be seen as the first read key seen takes +# precedence. +# +#+auto.master diff --git a/autofs/auto.misc b/autofs/auto.misc new file mode 100644 index 0000000..0ee5e75 --- /dev/null +++ b/autofs/auto.misc @@ -0,0 +1,15 @@ +# +# This is an automounter map and it has the following format +# key [ -mount-options-separated-by-comma ] location +# Details may be found in the autofs(5) manpage + +cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom + +# the following entries are samples to pique your imagination +#linux -ro,soft,intr ftp.example.org:/pub/linux +#boot -fstype=ext2 :/dev/hda1 +#floppy -fstype=auto :/dev/fd0 +#floppy -fstype=ext2 :/dev/fd0 +#e2floppy -fstype=ext2 :/dev/fd0 +#jaz -fstype=ext2 :/dev/sdc1 +#removable -fstype=ext2 :/dev/hdd diff --git a/autofs/auto.net b/autofs/auto.net new file mode 100755 index 0000000..ba03447 --- /dev/null +++ b/autofs/auto.net @@ -0,0 +1,43 @@ +#!/bin/bash + +# This file must be executable to work! chmod 755! + +# Look at what a host is exporting to determine what we can mount. +# This is very simple, but it appears to work surprisingly well + +key="$1" + +# add "nosymlink" here if you want to suppress symlinking local filesystems +# add "nonstrict" to make it OK for some filesystems to not mount +opts="-fstype=nfs,hard,intr,nodev,nosuid" + +# Showmount comes in a number of names and varieties. "showmount" is +# typically an older version which accepts the '--no-headers' flag +# but ignores it. "kshowmount" is the newer version installed with knfsd, +# which both accepts and acts on the '--no-headers' flag. +#SHOWMOUNT="kshowmount --no-headers -e $key" +#SHOWMOUNT="showmount -e $key | tail -n +2" + +for P in /bin /sbin /usr/bin /usr/sbin +do + for M in showmount kshowmount + do + if [ -x $P/$M ] + then + SMNT=$P/$M + break + fi + done +done + +[ -x $SMNT ] || exit 1 + +# Newer distributions get this right +SHOWMOUNT="$SMNT --no-headers -e $key" + +$SHOWMOUNT | LC_ALL=C sort -k 1 | \ + awk -v key="$key" -v opts="$opts" -- ' + BEGIN { ORS=""; first=1 } + { if (first) { print opts; first=0 }; print " \\\n\t" $1, key ":" $1 } + END { if (!first) print "\n"; else exit 1 } + ' | sed 's/#/\\#/g' diff --git a/autofs/auto.smb b/autofs/auto.smb new file mode 100755 index 0000000..2dfb8f8 --- /dev/null +++ b/autofs/auto.smb @@ -0,0 +1,34 @@ +#!/bin/bash + +# This file must be executable to work! chmod 755! + +key="$1" +opts="-fstype=cifs" + +for P in /bin /sbin /usr/bin /usr/sbin +do + if [ -x $P/smbclient ] + then + SMBCLIENT=$P/smbclient + break + fi +done + +[ -x $SMBCLIENT ] || exit 1 + +$SMBCLIENT -gNL $key 2>/dev/null| awk -v key="$key" -v opts="$opts" -F'|' -- ' + BEGIN { ORS=""; first=1 } + /Disk/ { + if (first) + print opts; first=0 + dir = $2 + loc = $2 + # Enclose mount dir and location in quotes + # Double quote "$" in location as it is special + gsub(/\$$/, "\\$", loc); + gsub(/\&/,"\\\\&",loc) + print " \\\n\t \"/" dir "\"", "\"://" key "/" loc "\"" + } + END { if (!first) print "\n"; else exit 1 } + ' + diff --git a/autofs/autofs_ldap_auth.conf b/autofs/autofs_ldap_auth.conf new file mode 100644 index 0000000..4033ba0 --- /dev/null +++ b/autofs/autofs_ldap_auth.conf @@ -0,0 +1,11 @@ + + + + diff --git a/bash/.rcs/bashrc,v b/bash/.rcs/bashrc,v new file mode 100644 index 0000000..7fb24c5 --- /dev/null +++ b/bash/.rcs/bashrc,v @@ -0,0 +1,187 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.25.13.31.55; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.25.08.08.20; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# /etc/bash/bashrc +# +# This file is sourced by all *interactive* bash shells on startup, +# including some apparently interactive shells such as scp and rcp +# that can't tolerate any output. So make sure this doesn't display +# anything or bad things will happen ! + + +if [ -d /usr/scripts ] ; then + PATH=/usr/scripts:$PATH + export PATH +fi + +if [ -d $HOME/bin ] ; then + PATH=$PATH:$HOME/bin + export PATH +fi + +if [ -d $HOME/lib ] ; then + PERL5LIB=$HOME/lib + export PERL5LIB +fi + +# Test for an interactive shell. There is no need to set anything +# past this point for scp and rcp, and it's important to refrain from +# outputting anything in those cases. +if [[ $- != *i* ]] ; then + # Shell is non-interactive. Be done now! + return +fi + +# Bash won't get SIGWINCH if another process is in the foreground. +# Enable checkwinsize so that bash will check the terminal size when +# it regains control. #65623 +# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) +shopt -s checkwinsize + +# Enable history appending instead of overwriting. #139609 +shopt -s histappend + +# Change the window title of X terminals +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +use_color=false + +# Set colorful PS1 only on colorful terminals. +# dircolors --print-database uses its own built-in database +# instead of using /etc/DIR_COLORS. Try to use the external file +# first to take advantage of user additions. Use internal bash +# globbing instead of external grep binary. +safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM +match_lhs="" +[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" +[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) +[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true + +if ${use_color} ; then + # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 + if type -P dircolors >/dev/null ; then + if [[ -f ~/.dir_colors ]] ; then + eval $(dircolors -b ~/.dir_colors) + elif [[ -f /etc/DIR_COLORS ]] ; then + eval $(dircolors -b /etc/DIR_COLORS) + fi + fi + + if [[ ${EUID} == 0 ]] ; then + #PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' + PS1='$? \[\033[01;31m\]\h\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' + #PS1='$? \[\033[01;31m\]Gentoo (chroot)\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' + else + #PS1='\[\033[01;32m\]\u@@\h\[\033[01;34m\] \w \$\[\033[00m\] ' + PS1='$? \[\033[01;32m\]\u@@\h\[\033[01;30m\]:\[\033[01;34m\]\w > \[\033[00m\]' + fi + + alias ls='ls --color=auto' + #alias grep='grep --colour=auto' +else + if [[ ${EUID} == 0 ]] ; then + # show root@@ when we don't have colors + PS1='\u@@\h \W \$ ' + else + PS1='\u@@\h \w \$ ' + fi +fi + +if [[ ${EUID} == 0 ]] ; then + alias ll="ls -lA" +else + alias ll="ls -l" +fi +alias la="ls -la" +alias md=mkdir +alias rd=rmdir +alias ..='cd ..' +alias ...='cd ../..' +alias cd..='cd ..' +alias cd...='cd ../..' +alias pl="ps -fu $USER" +grep='grep --colour=auto' +alias cpwd='cd `realpath .`' + +HISTCONTROL=ignoreboth +HISTSIZE=5000 +HISTFILESIZE=5000 +HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S ' + +# Change the window title of X terminals +case $TERM in + xterm*|rxvt|Eterm|eterm) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +if [ -f /usr/share/mc/mc.gentoo ]; then + . /usr/share/mc/mc.gentoo +fi + +if [ -f /etc/profile.d/bash-completion ]; then + . /etc/profile.d/bash-completion +fi + + + +# Try to keep environment pollution down, EPA loves us. +unset use_color safe_term match_lhs +@ + + +1.1 +log +@Initial revision +@ +text +@d9 15 +d78 3 +a80 1 + PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' +d82 2 +a83 1 + PS1='\[\033[01;32m\]\u@@\h\[\033[01;34m\] \w \$\[\033[00m\] ' +d87 1 +a87 1 + alias grep='grep --colour=auto' +d97 41 +@ diff --git a/bash/.rcs/bashrc.orig,v b/bash/.rcs/bashrc.orig,v new file mode 100644 index 0000000..1f5ab0e --- /dev/null +++ b/bash/.rcs/bashrc.orig,v @@ -0,0 +1,104 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.25.08.08.20; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/bash/bashrc +# +# This file is sourced by all *interactive* bash shells on startup, +# including some apparently interactive shells such as scp and rcp +# that can't tolerate any output. So make sure this doesn't display +# anything or bad things will happen ! + + +# Test for an interactive shell. There is no need to set anything +# past this point for scp and rcp, and it's important to refrain from +# outputting anything in those cases. +if [[ $- != *i* ]] ; then + # Shell is non-interactive. Be done now! + return +fi + +# Bash won't get SIGWINCH if another process is in the foreground. +# Enable checkwinsize so that bash will check the terminal size when +# it regains control. #65623 +# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) +shopt -s checkwinsize + +# Enable history appending instead of overwriting. #139609 +shopt -s histappend + +# Change the window title of X terminals +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +use_color=false + +# Set colorful PS1 only on colorful terminals. +# dircolors --print-database uses its own built-in database +# instead of using /etc/DIR_COLORS. Try to use the external file +# first to take advantage of user additions. Use internal bash +# globbing instead of external grep binary. +safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM +match_lhs="" +[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" +[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) +[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true + +if ${use_color} ; then + # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 + if type -P dircolors >/dev/null ; then + if [[ -f ~/.dir_colors ]] ; then + eval $(dircolors -b ~/.dir_colors) + elif [[ -f /etc/DIR_COLORS ]] ; then + eval $(dircolors -b /etc/DIR_COLORS) + fi + fi + + if [[ ${EUID} == 0 ]] ; then + PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' + else + PS1='\[\033[01;32m\]\u@@\h\[\033[01;34m\] \w \$\[\033[00m\] ' + fi + + alias ls='ls --color=auto' + alias grep='grep --colour=auto' +else + if [[ ${EUID} == 0 ]] ; then + # show root@@ when we don't have colors + PS1='\u@@\h \W \$ ' + else + PS1='\u@@\h \w \$ ' + fi +fi + +# Try to keep environment pollution down, EPA loves us. +unset use_color safe_term match_lhs +@ diff --git a/bash/bash_logout b/bash/bash_logout new file mode 100644 index 0000000..50a7933 --- /dev/null +++ b/bash/bash_logout @@ -0,0 +1,9 @@ +# /etc/bash/bash_logout + +# This file is sourced when a login shell terminates. + +# You may wish to clear everyone's screen when they logout. +#clear + +# Or maybe you want to leave a thoughtful note. +#fortune diff --git a/bash/bashrc b/bash/bashrc new file mode 100644 index 0000000..32e6743 --- /dev/null +++ b/bash/bashrc @@ -0,0 +1,155 @@ +# /etc/bash/bashrc +# +# This file is sourced by all *interactive* bash shells on startup, +# including some apparently interactive shells such as scp and rcp +# that can't tolerate any output. So make sure this doesn't display +# anything or bad things will happen ! + + +if [ -d /usr/scripts ] ; then + PATH=/usr/scripts:$PATH + export PATH +fi + +if [ -d $HOME/bin ] ; then + PATH=$PATH:$HOME/bin + export PATH +fi + +if [ -d $HOME/lib ] ; then + PERL5LIB=$HOME/lib + export PERL5LIB +fi + +# Test for an interactive shell. There is no need to set anything +# past this point for scp and rcp, and it's important to refrain from +# outputting anything in those cases. +if [[ $- != *i* ]] ; then + # Shell is non-interactive. Be done now! + return +fi + +# Bash won't get SIGWINCH if another process is in the foreground. +# Enable checkwinsize so that bash will check the terminal size when +# it regains control. #65623 +# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) +shopt -s checkwinsize + +# Enable history appending instead of overwriting. #139609 +shopt -s histappend + +# Change the window title of X terminals +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +use_color=false + +# Set colorful PS1 only on colorful terminals. +# dircolors --print-database uses its own built-in database +# instead of using /etc/DIR_COLORS. Try to use the external file +# first to take advantage of user additions. Use internal bash +# globbing instead of external grep binary. +safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM +match_lhs="" +[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" +[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) +[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true + +if ${use_color} ; then + # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 + if type -P dircolors >/dev/null ; then + if [[ -f ~/.dir_colors ]] ; then + eval $(dircolors -b ~/.dir_colors) + elif [[ -f /etc/DIR_COLORS ]] ; then + eval $(dircolors -b /etc/DIR_COLORS) + fi + fi + + if [[ ${EUID} == 0 ]] ; then + #PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' + PS1='$? \[\033[01;31m\]\h\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' + #PS1='$? \[\033[01;31m\]Gentoo (chroot)\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' + else + #PS1='\[\033[01;32m\]\u@\h\[\033[01;34m\] \w \$\[\033[00m\] ' + PS1='$? \[\033[01;32m\]\u@\h\[\033[01;30m\]:\[\033[01;34m\]\w > \[\033[00m\]' + fi + + alias ls='ls --color=auto' + #alias grep='grep --colour=auto' +else + if [[ ${EUID} == 0 ]] ; then + # show root@ when we don't have colors + PS1='\u@\h \W \$ ' + else + PS1='\u@\h \w \$ ' + fi +fi + +if [[ ${EUID} == 0 ]] ; then + alias ll="ls -lA" +else + alias ll="ls -l" +fi +alias la="ls -la" +alias md=mkdir +alias rd=rmdir +alias ..='cd ..' +alias ...='cd ../..' +alias cd..='cd ..' +alias cd...='cd ../..' +alias pl="ps -fu $USER" +grep='grep --colour=auto' +alias cpwd='cd `realpath .`' + +lcd() { + cd $( perl -e ' +use strict; +use Cwd; +my $new = shift; +my $cwd = Cwd::abs_path(getcwd()); +my $newa = $cwd; +if ($new){ + $newa = Cwd::abs_path($new); + $newa = $cwd unless $newa; +}; +printf("%s\n", $newa); +' $1 ) +} + + +HISTCONTROL=ignoreboth +HISTSIZE=5000 +HISTFILESIZE=5000 +HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S ' + +# Change the window title of X terminals +case $TERM in + xterm*|rxvt|Eterm|eterm) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +if [ -f /usr/share/mc/mc.gentoo ]; then + . /usr/share/mc/mc.gentoo +fi + +if [ -f /etc/profile.d/bash-completion ]; then + . /etc/profile.d/bash-completion +fi + + + +# Try to keep environment pollution down, EPA loves us. +unset use_color safe_term match_lhs diff --git a/bash/bashrc.orig b/bash/bashrc.orig new file mode 100644 index 0000000..9ee6b9d --- /dev/null +++ b/bash/bashrc.orig @@ -0,0 +1,80 @@ +# /etc/bash/bashrc +# +# This file is sourced by all *interactive* bash shells on startup, +# including some apparently interactive shells such as scp and rcp +# that can't tolerate any output. So make sure this doesn't display +# anything or bad things will happen ! + + +# Test for an interactive shell. There is no need to set anything +# past this point for scp and rcp, and it's important to refrain from +# outputting anything in those cases. +if [[ $- != *i* ]] ; then + # Shell is non-interactive. Be done now! + return +fi + +# Bash won't get SIGWINCH if another process is in the foreground. +# Enable checkwinsize so that bash will check the terminal size when +# it regains control. #65623 +# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) +shopt -s checkwinsize + +# Enable history appending instead of overwriting. #139609 +shopt -s histappend + +# Change the window title of X terminals +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +use_color=false + +# Set colorful PS1 only on colorful terminals. +# dircolors --print-database uses its own built-in database +# instead of using /etc/DIR_COLORS. Try to use the external file +# first to take advantage of user additions. Use internal bash +# globbing instead of external grep binary. +safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM +match_lhs="" +[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" +[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) +[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true + +if ${use_color} ; then + # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 + if type -P dircolors >/dev/null ; then + if [[ -f ~/.dir_colors ]] ; then + eval $(dircolors -b ~/.dir_colors) + elif [[ -f /etc/DIR_COLORS ]] ; then + eval $(dircolors -b /etc/DIR_COLORS) + fi + fi + + if [[ ${EUID} == 0 ]] ; then + PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' + else + PS1='\[\033[01;32m\]\u@\h\[\033[01;34m\] \w \$\[\033[00m\] ' + fi + + alias ls='ls --color=auto' + alias grep='grep --colour=auto' +else + if [[ ${EUID} == 0 ]] ; then + # show root@ when we don't have colors + PS1='\u@\h \W \$ ' + else + PS1='\u@\h \w \$ ' + fi +fi + +# Try to keep environment pollution down, EPA loves us. +unset use_color safe_term match_lhs diff --git a/bash_completion.d/base b/bash_completion.d/base new file mode 120000 index 0000000..9864b2d --- /dev/null +++ b/bash_completion.d/base @@ -0,0 +1 @@ +/usr/share/bash-completion/base \ No newline at end of file diff --git a/bash_completion.d/bash-builtins b/bash_completion.d/bash-builtins new file mode 120000 index 0000000..8f0dbcb --- /dev/null +++ b/bash_completion.d/bash-builtins @@ -0,0 +1 @@ +/usr/share/bash-completion/bash-builtins \ No newline at end of file diff --git a/bash_completion.d/bind-utils b/bash_completion.d/bind-utils new file mode 120000 index 0000000..7c83bdd --- /dev/null +++ b/bash_completion.d/bind-utils @@ -0,0 +1 @@ +/usr/share/bash-completion/bind-utils \ No newline at end of file diff --git a/bash_completion.d/bzip2 b/bash_completion.d/bzip2 new file mode 120000 index 0000000..459b394 --- /dev/null +++ b/bash_completion.d/bzip2 @@ -0,0 +1 @@ +/usr/share/bash-completion/bzip2 \ No newline at end of file diff --git a/bash_completion.d/dd b/bash_completion.d/dd new file mode 120000 index 0000000..a1d0e89 --- /dev/null +++ b/bash_completion.d/dd @@ -0,0 +1 @@ +/usr/share/bash-completion/dd \ No newline at end of file diff --git a/bash_completion.d/figlet b/bash_completion.d/figlet new file mode 120000 index 0000000..c575644 --- /dev/null +++ b/bash_completion.d/figlet @@ -0,0 +1 @@ +/usr/share/bash-completion/figlet \ No newline at end of file diff --git a/bash_completion.d/findutils b/bash_completion.d/findutils new file mode 120000 index 0000000..dafec1c --- /dev/null +++ b/bash_completion.d/findutils @@ -0,0 +1 @@ +/usr/share/bash-completion/findutils \ No newline at end of file diff --git a/bash_completion.d/getent b/bash_completion.d/getent new file mode 120000 index 0000000..2930d94 --- /dev/null +++ b/bash_completion.d/getent @@ -0,0 +1 @@ +/usr/share/bash-completion/getent \ No newline at end of file diff --git a/bash_completion.d/git b/bash_completion.d/git new file mode 120000 index 0000000..3768409 --- /dev/null +++ b/bash_completion.d/git @@ -0,0 +1 @@ +/usr/share/bash-completion/git \ No newline at end of file diff --git a/bash_completion.d/gzip b/bash_completion.d/gzip new file mode 120000 index 0000000..949a9a8 --- /dev/null +++ b/bash_completion.d/gzip @@ -0,0 +1 @@ +/usr/share/bash-completion/gzip \ No newline at end of file diff --git a/bash_completion.d/iconv b/bash_completion.d/iconv new file mode 120000 index 0000000..b4dd5be --- /dev/null +++ b/bash_completion.d/iconv @@ -0,0 +1 @@ +/usr/share/bash-completion/iconv \ No newline at end of file diff --git a/bash_completion.d/imagemagick b/bash_completion.d/imagemagick new file mode 120000 index 0000000..4f4728b --- /dev/null +++ b/bash_completion.d/imagemagick @@ -0,0 +1 @@ +/usr/share/bash-completion/imagemagick \ No newline at end of file diff --git a/bash_completion.d/iptables b/bash_completion.d/iptables new file mode 120000 index 0000000..c34199e --- /dev/null +++ b/bash_completion.d/iptables @@ -0,0 +1 @@ +/usr/share/bash-completion/iptables \ No newline at end of file diff --git a/bash_completion.d/lftp b/bash_completion.d/lftp new file mode 120000 index 0000000..76b1e9d --- /dev/null +++ b/bash_completion.d/lftp @@ -0,0 +1 @@ +/usr/share/bash-completion/lftp \ No newline at end of file diff --git a/bash_completion.d/lzma b/bash_completion.d/lzma new file mode 120000 index 0000000..42ba9d5 --- /dev/null +++ b/bash_completion.d/lzma @@ -0,0 +1 @@ +/usr/share/bash-completion/lzma \ No newline at end of file diff --git a/bash_completion.d/man b/bash_completion.d/man new file mode 120000 index 0000000..bf92da6 --- /dev/null +++ b/bash_completion.d/man @@ -0,0 +1 @@ +/usr/share/bash-completion/man \ No newline at end of file diff --git a/bash_completion.d/openssl b/bash_completion.d/openssl new file mode 120000 index 0000000..2173e2c --- /dev/null +++ b/bash_completion.d/openssl @@ -0,0 +1 @@ +/usr/share/bash-completion/openssl \ No newline at end of file diff --git a/bash_completion.d/perl b/bash_completion.d/perl new file mode 120000 index 0000000..e77b7dc --- /dev/null +++ b/bash_completion.d/perl @@ -0,0 +1 @@ +/usr/share/bash-completion/perl \ No newline at end of file diff --git a/bash_completion.d/rcs b/bash_completion.d/rcs new file mode 120000 index 0000000..713e394 --- /dev/null +++ b/bash_completion.d/rcs @@ -0,0 +1 @@ +/usr/share/bash-completion/rcs \ No newline at end of file diff --git a/bash_completion.d/rrdtool b/bash_completion.d/rrdtool new file mode 120000 index 0000000..257acae --- /dev/null +++ b/bash_completion.d/rrdtool @@ -0,0 +1 @@ +/usr/share/bash-completion/rrdtool \ No newline at end of file diff --git a/bash_completion.d/rsync b/bash_completion.d/rsync new file mode 120000 index 0000000..af8edc8 --- /dev/null +++ b/bash_completion.d/rsync @@ -0,0 +1 @@ +/usr/share/bash-completion/rsync \ No newline at end of file diff --git a/bash_completion.d/screen b/bash_completion.d/screen new file mode 120000 index 0000000..786889b --- /dev/null +++ b/bash_completion.d/screen @@ -0,0 +1 @@ +/usr/share/bash-completion/screen \ No newline at end of file diff --git a/bash_completion.d/ssh b/bash_completion.d/ssh new file mode 120000 index 0000000..e0cc2bb --- /dev/null +++ b/bash_completion.d/ssh @@ -0,0 +1 @@ +/usr/share/bash-completion/ssh \ No newline at end of file diff --git a/bash_completion.d/strace b/bash_completion.d/strace new file mode 120000 index 0000000..534a6b1 --- /dev/null +++ b/bash_completion.d/strace @@ -0,0 +1 @@ +/usr/share/bash-completion/strace \ No newline at end of file diff --git a/bash_completion.d/subversion b/bash_completion.d/subversion new file mode 120000 index 0000000..3a08c00 --- /dev/null +++ b/bash_completion.d/subversion @@ -0,0 +1 @@ +/usr/share/bash-completion/subversion \ No newline at end of file diff --git a/bash_completion.d/tar b/bash_completion.d/tar new file mode 120000 index 0000000..74657bc --- /dev/null +++ b/bash_completion.d/tar @@ -0,0 +1 @@ +/usr/share/bash-completion/tar \ No newline at end of file diff --git a/bash_completion.d/tcpdump b/bash_completion.d/tcpdump new file mode 120000 index 0000000..5e7a522 --- /dev/null +++ b/bash_completion.d/tcpdump @@ -0,0 +1 @@ +/usr/share/bash-completion/tcpdump \ No newline at end of file diff --git a/bash_completion.d/tree b/bash_completion.d/tree new file mode 120000 index 0000000..a0a85b4 --- /dev/null +++ b/bash_completion.d/tree @@ -0,0 +1 @@ +/usr/share/bash-completion/tree \ No newline at end of file diff --git a/bash_completion.d/unrar b/bash_completion.d/unrar new file mode 120000 index 0000000..855098b --- /dev/null +++ b/bash_completion.d/unrar @@ -0,0 +1 @@ +/usr/share/bash-completion/unrar \ No newline at end of file diff --git a/bash_completion.d/vim b/bash_completion.d/vim new file mode 120000 index 0000000..5a66274 --- /dev/null +++ b/bash_completion.d/vim @@ -0,0 +1 @@ +/usr/share/bash-completion/vim \ No newline at end of file diff --git a/bind/.old/.rcs/named-acl.conf.2010-06-21_23-35-50,v b/bind/.old/.rcs/named-acl.conf.2010-06-21_23-35-50,v new file mode 100644 index 0000000..458ba9c --- /dev/null +++ b/bind/.old/.rcs/named-acl.conf.2010-06-21_23-35-50,v @@ -0,0 +1,65 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.21.21.35.50; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@//############################################################### +//# Bind9-Konfigurationsdatei - Access-Control-Listen +//# /etc/bind/named-acl.conf +//# +//# $Header: /etc/bind/named-acl.conf,v 1.3 2010/06/09 09:31:36 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Access-Control-Listen + +acl common-allow-transfer { + 213.20.92.7; + 80.154.16.7; + 85.199.64.7; + 85.214.43.33; + 85.214.73.141; + 85.214.134.152; + 85.214.147.150; + 2a01:238:4239:8a00:d4da:215d:3d01:f9b9; + 195.50.185.24; + 195.50.185.7; + 127.0.0.1; + ::1; + 85.214.134.152; + 2a01:238:4225:6e00:8f8c:808a:7fb8:88df; +}; + +acl allow-dyn-update { + 127.0.0.1; + 85.214.73.141; + 85.214.134.152; +}; + + +# vim: ts=4 filetype=named noai +@ diff --git a/bind/.old/named-acl.conf.2010-06-21_23-35-50 b/bind/.old/named-acl.conf.2010-06-21_23-35-50 new file mode 100644 index 0000000..b41fec9 --- /dev/null +++ b/bind/.old/named-acl.conf.2010-06-21_23-35-50 @@ -0,0 +1,41 @@ +//############################################################### +//# Bind9-Konfigurationsdatei - Access-Control-Listen +//# /etc/bind/named-acl.conf +//# +//# $Header: /etc/bind/.old/.rcs/named-acl.conf.2010-06-21_23-35-50,v 1.1 2010/06/21 21:35:50 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Access-Control-Listen + +acl common-allow-transfer { + 213.20.92.7; + 80.154.16.7; + 85.199.64.7; + 85.214.43.33; + 85.214.73.141; + 85.214.134.152; + 85.214.147.150; + 2a01:238:4239:8a00:d4da:215d:3d01:f9b9; + 195.50.185.24; + 195.50.185.7; + 127.0.0.1; + ::1; + 85.214.134.152; + 2a01:238:4225:6e00:8f8c:808a:7fb8:88df; +}; + +acl allow-dyn-update { + 127.0.0.1; + 85.214.73.141; + 85.214.134.152; +}; + + +# vim: ts=4 filetype=named noai diff --git a/bind/.orig/.rcs/bind.keys,v b/bind/.orig/.rcs/bind.keys,v new file mode 100644 index 0000000..d59319e --- /dev/null +++ b/bind/.orig/.rcs/bind.keys,v @@ -0,0 +1,30 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.20.45.42; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@managed-keys { + # NOTE: This key is current as of October 2009. + # If it fails to initialize correctly, it may have expired; + # see https://www.isc.org/solutions/dlv for a replacement. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt TDN0YUuWrBNh"; +}; +@ diff --git a/bind/.orig/.rcs/named.conf,v b/bind/.orig/.rcs/named.conf,v new file mode 100644 index 0000000..3b72334 --- /dev/null +++ b/bind/.orig/.rcs/named.conf,v @@ -0,0 +1,240 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.20.45.42; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@/* + * Refer to the named.conf(5) and named(8) man pages, and the documentation + * in /usr/share/doc/bind-9 for more details. + * Online versions of the documentation can be found here: + * http://www.isc.org/software/bind/documentation + * + * If you are going to set up an authoritative server, make sure you + * understand the hairy details of how DNS works. Even with simple mistakes, + * you can break connectivity for affected parties, or cause huge amounts of + * useless Internet traffic. + */ + +acl "xfer" { + /* Allow no transfers. If we have other name servers, place them here. */ + //127.0.0.1/32; + //::1/128; + "none"; +}; + +/* + * You might put in here some ips which are allowed to use the cache or + * recursive queries + */ +acl "trusted" { + 127.0.0.0/8; + ::1/128; +}; + +options { + directory "/var/bind"; + pid-file "/var/run/named/named.pid"; + + /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ + // bindkeys-file "/etc/bind/bind.keys"; + + listen-on-v6 { ::1; }; + listen-on { 127.0.0.1; }; + + allow-query { + /* + * Accept queries from our "trusted" ACL. We will + * allow anyone to query our master zones below. + * This prevents us from becoming a free DNS server + * to the masses. + */ + trusted; + }; + + allow-query-cache { + /* Use the cache for the "trusted" ACL. */ + trusted; + }; + + allow-transfer { + /* + * Zone tranfers limited to members of the + * "xfer" ACL (e.g. secondary nameserver). + */ + xfer; + }; + +/* + * If you've got a DNS server around at your upstream provider, enter its + * IP address here, and enable the line below. This will make you benefit + * from its cache, thus reduce overall DNS traffic in the Internet. + * + * Uncomment the following lines to turn on DNS forwarding, and change + * and/or update the forwarding ip address(es): + */ +/* + forward first; + forwarders { + // 123.123.123.123; // Your ISP NS + // 124.124.124.124; // Your ISP NS + 4.2.2.1; // Level3 Public DNS + 4.2.2.2; // Level3 Public DNS + 8.8.8.8; // Google Open DNS + 8.8.4.4; // Google Open DNS + }; + +*/ + + // dnssec-enable yes; + // dnssec-validation yes; + + /* if you have problems and are behind a firewall: */ + //query-source address * port 53; +}; + +logging { + channel default_log { + file "/var/log/named/named.log" versions 5 size 50M; + print-time yes; + print-severity yes; + print-category yes; + }; + + category default { default_log; }; + category general { default_log; }; +}; + +include "/etc/bind/rndc.key"; +controls { + inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; +}; + + +view "internal" in { + /* + * Our internal (trusted) view. We permit the internal networks + * to freely access this view. We perform recursion for our + * internal hosts, and retrieve data from the cache for them. + */ + + match-clients { trusted; }; + recursion yes; + additional-from-auth yes; + additional-from-cache yes; + + zone "." in { + type hint; + file "/var/bind/root.cache"; + }; + + zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; + allow-query { any; }; + allow-transfer { none; }; + }; + + zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; + allow-query { any; }; + allow-transfer { none; }; + }; + + /* + * NOTE: All zone blocks for "public" view should be listed here in "internal" + * too! Otherwise you'll have trouble to resolv the public zones properly. + * That affects all hosts from the "trusted" ACL. + * A separate config, which contains all zone blocks, might be better in + * this case. Then you can simply add: + * include "/etc/bind/zones.cfg"; + * for "internal" and "public" view. + */ + + /* + * Briefly, a zone which has been declared delegation-only will be effectively + * limited to containing NS RRs for subdomains, but no actual data beyond its + * own apex (for example, its SOA RR and apex NS RRset). This can be used to + * filter out "wildcard" or "synthesized" data from NAT boxes or from + * authoritative name servers whose undelegated (in-zone) data is of no + * interest. + * See http://www.isc.org/software/bind/delegation-only for more info + */ + + //zone "COM" { type delegation-only; }; + //zone "NET" { type delegation-only; }; +}; + +view "public" in { + /* + * Our external (untrusted) view. We permit any client to access + * portions of this view. We do not perform recursion or cache + * access for hosts using this view. + */ + + match-clients { any; }; + recursion no; + additional-from-auth no; + additional-from-cache no; + + zone "." in { + type hint; + file "/var/bind/root.cache"; + }; + + //zone "YOUR-DOMAIN.TLD" { + // type master; + // file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; + // allow-query { any; }; + // allow-transfer { xfer; }; + //}; + + //zone "YOUR-SLAVE.TLD" { + // type slave; + // file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; + // masters { ; }; + + // /* Anybody is allowed to query but transfer should be controlled by the master. */ + // allow-query { any; }; + // allow-transfer { none; }; + + // /* The master should be the only one who notifies the slaves, shouldn't it? */ + // allow-notify { ; }; + // notify no; + //}; +}; + +/* Hide the bind version */ +/* +view "chaos" chaos { + match-clients { any; }; + allow-query { none; }; + zone "." { + type hint; + file "/dev/null"; // or any empty file + }; +}; +*/ +@ diff --git a/bind/.orig/.rcs/rndc.key,v b/bind/.orig/.rcs/rndc.key,v new file mode 100644 index 0000000..33c41b2 --- /dev/null +++ b/bind/.orig/.rcs/rndc.key,v @@ -0,0 +1,28 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.20.45.49; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@key "rndc-key" { + algorithm hmac-md5; + secret "cFBAmcAZaLb9yFB5HQG9Qg=="; +}; +@ diff --git a/bind/.orig/bind.keys b/bind/.orig/bind.keys new file mode 100644 index 0000000..1b5cab1 --- /dev/null +++ b/bind/.orig/bind.keys @@ -0,0 +1,6 @@ +managed-keys { + # NOTE: This key is current as of October 2009. + # If it fails to initialize correctly, it may have expired; + # see https://www.isc.org/solutions/dlv for a replacement. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt TDN0YUuWrBNh"; +}; diff --git a/bind/.orig/named.conf b/bind/.orig/named.conf new file mode 100644 index 0000000..35ee364 --- /dev/null +++ b/bind/.orig/named.conf @@ -0,0 +1,216 @@ +/* + * Refer to the named.conf(5) and named(8) man pages, and the documentation + * in /usr/share/doc/bind-9 for more details. + * Online versions of the documentation can be found here: + * http://www.isc.org/software/bind/documentation + * + * If you are going to set up an authoritative server, make sure you + * understand the hairy details of how DNS works. Even with simple mistakes, + * you can break connectivity for affected parties, or cause huge amounts of + * useless Internet traffic. + */ + +acl "xfer" { + /* Allow no transfers. If we have other name servers, place them here. */ + //127.0.0.1/32; + //::1/128; + "none"; +}; + +/* + * You might put in here some ips which are allowed to use the cache or + * recursive queries + */ +acl "trusted" { + 127.0.0.0/8; + ::1/128; +}; + +options { + directory "/var/bind"; + pid-file "/var/run/named/named.pid"; + + /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ + // bindkeys-file "/etc/bind/bind.keys"; + + listen-on-v6 { ::1; }; + listen-on { 127.0.0.1; }; + + allow-query { + /* + * Accept queries from our "trusted" ACL. We will + * allow anyone to query our master zones below. + * This prevents us from becoming a free DNS server + * to the masses. + */ + trusted; + }; + + allow-query-cache { + /* Use the cache for the "trusted" ACL. */ + trusted; + }; + + allow-transfer { + /* + * Zone tranfers limited to members of the + * "xfer" ACL (e.g. secondary nameserver). + */ + xfer; + }; + +/* + * If you've got a DNS server around at your upstream provider, enter its + * IP address here, and enable the line below. This will make you benefit + * from its cache, thus reduce overall DNS traffic in the Internet. + * + * Uncomment the following lines to turn on DNS forwarding, and change + * and/or update the forwarding ip address(es): + */ +/* + forward first; + forwarders { + // 123.123.123.123; // Your ISP NS + // 124.124.124.124; // Your ISP NS + 4.2.2.1; // Level3 Public DNS + 4.2.2.2; // Level3 Public DNS + 8.8.8.8; // Google Open DNS + 8.8.4.4; // Google Open DNS + }; + +*/ + + // dnssec-enable yes; + // dnssec-validation yes; + + /* if you have problems and are behind a firewall: */ + //query-source address * port 53; +}; + +logging { + channel default_log { + file "/var/log/named/named.log" versions 5 size 50M; + print-time yes; + print-severity yes; + print-category yes; + }; + + category default { default_log; }; + category general { default_log; }; +}; + +include "/etc/bind/rndc.key"; +controls { + inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; +}; + + +view "internal" in { + /* + * Our internal (trusted) view. We permit the internal networks + * to freely access this view. We perform recursion for our + * internal hosts, and retrieve data from the cache for them. + */ + + match-clients { trusted; }; + recursion yes; + additional-from-auth yes; + additional-from-cache yes; + + zone "." in { + type hint; + file "/var/bind/root.cache"; + }; + + zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; + allow-query { any; }; + allow-transfer { none; }; + }; + + zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; + allow-query { any; }; + allow-transfer { none; }; + }; + + /* + * NOTE: All zone blocks for "public" view should be listed here in "internal" + * too! Otherwise you'll have trouble to resolv the public zones properly. + * That affects all hosts from the "trusted" ACL. + * A separate config, which contains all zone blocks, might be better in + * this case. Then you can simply add: + * include "/etc/bind/zones.cfg"; + * for "internal" and "public" view. + */ + + /* + * Briefly, a zone which has been declared delegation-only will be effectively + * limited to containing NS RRs for subdomains, but no actual data beyond its + * own apex (for example, its SOA RR and apex NS RRset). This can be used to + * filter out "wildcard" or "synthesized" data from NAT boxes or from + * authoritative name servers whose undelegated (in-zone) data is of no + * interest. + * See http://www.isc.org/software/bind/delegation-only for more info + */ + + //zone "COM" { type delegation-only; }; + //zone "NET" { type delegation-only; }; +}; + +view "public" in { + /* + * Our external (untrusted) view. We permit any client to access + * portions of this view. We do not perform recursion or cache + * access for hosts using this view. + */ + + match-clients { any; }; + recursion no; + additional-from-auth no; + additional-from-cache no; + + zone "." in { + type hint; + file "/var/bind/root.cache"; + }; + + //zone "YOUR-DOMAIN.TLD" { + // type master; + // file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; + // allow-query { any; }; + // allow-transfer { xfer; }; + //}; + + //zone "YOUR-SLAVE.TLD" { + // type slave; + // file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; + // masters { ; }; + + // /* Anybody is allowed to query but transfer should be controlled by the master. */ + // allow-query { any; }; + // allow-transfer { none; }; + + // /* The master should be the only one who notifies the slaves, shouldn't it? */ + // allow-notify { ; }; + // notify no; + //}; +}; + +/* Hide the bind version */ +/* +view "chaos" chaos { + match-clients { any; }; + allow-query { none; }; + zone "." { + type hint; + file "/dev/null"; // or any empty file + }; +}; +*/ diff --git a/bind/.orig/rndc.key b/bind/.orig/rndc.key new file mode 100644 index 0000000..d617dc1 --- /dev/null +++ b/bind/.orig/rndc.key @@ -0,0 +1,4 @@ +key "rndc-key" { + algorithm hmac-md5; + secret "cFBAmcAZaLb9yFB5HQG9Qg=="; +}; diff --git a/bind/.rcs/Kdyn_dns_updater.+157+29290.key,v b/bind/.rcs/Kdyn_dns_updater.+157+29290.key,v new file mode 100644 index 0000000..d36cea8 --- /dev/null +++ b/bind/.rcs/Kdyn_dns_updater.+157+29290.key,v @@ -0,0 +1,25 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.08.06.12.41.15; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@DYN_DNS_UPDATER. IN KEY 0 3 157 gi69Yjzo1OSPVQ/oTTgw+Q== +@ diff --git a/bind/.rcs/Kdyn_dns_updater.+157+29290.private,v b/bind/.rcs/Kdyn_dns_updater.+157+29290.private,v new file mode 100644 index 0000000..92cb1c2 --- /dev/null +++ b/bind/.rcs/Kdyn_dns_updater.+157+29290.private,v @@ -0,0 +1,28 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.08.06.12.41.15; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@Private-key-format: v1.2 +Algorithm: 157 (HMAC_MD5) +Key: gi69Yjzo1OSPVQ/oTTgw+Q== +Bits: AAA= +@ diff --git a/bind/.rcs/bind.keys,v b/bind/.rcs/bind.keys,v new file mode 100644 index 0000000..56ae2ff --- /dev/null +++ b/bind/.rcs/bind.keys,v @@ -0,0 +1,115 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2011.02.26.23.31.46; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.02.09.13.57.10; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.12.07.06.20.37; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.3 +log +@Checked in. +@ +text +@/* $Id: bind.keys,v 1.5.42.2 2011-01-04 19:14:48 each Exp $ */ +# The bind.keys file is used to override built-in DNSSEC trust anchors +# which are included as part of BIND 9. As of the current release (BIND +# 9.7), the only trust anchor it sets is the one for the ISC DNSSEC +# Lookaside Validation zone ("dlv.isc.org"). Trust anchors for any other +# zones MUST be configured elsewhere; if they are configured here, they +# will not be recognized or used by named. +# +# This file also contains a copy of the trust anchor for the DNS root zone +# ("."). However, named does not use it; it is provided here for +# informational purposes only. To switch on DNSSEC validation at the +# root, the root key below can be copied into named.conf. +# +# The built-in DLV trust anchor in this file is used directly by named. +# However, it is not activated unless specifically switched on. To use +# the DLV key, set "dnssec-lookaside auto;" in the named.conf options. +# Without this option being set, the key in this file is ignored. +# +# This file is NOT expected to be user-configured. +# +# These keys are current as of January 2011. If any key fails to +# initialize correctly, it may have expired. In that event you should +# replace this file with a current version. The latest version of +# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. + +managed-keys { + # ISC DLV: See https://www.isc.org/solutions/dlv for details. + # NOTE: This key is activated by setting "dnssec-lookaside auto;" + # in named.conf. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 + brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ + 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 + ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk + Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM + QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt + TDN0YUuWrBNh"; + + # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml + # for current trust anchor information. + # NOTE: This key is activated by setting "dnssec-validation auto;" + # in named.conf. + . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF + FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX + bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD + X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz + W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS + Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq + QxA+Uk1ihz0="; +}; +# vim: ts=4 filetype=named noai +@ + + +1.2 +log +@Checked in. +@ +text +@d1 25 +a25 1 +/* $Id: bind.keys,v 1.1 2010/12/07 06:20:37 root Exp $ */ +d27 22 +a48 4 + # NOTE: This key is current as of October 2009. + # If it fails to initialize correctly, it may have expired; + # see https://www.isc.org/solutions/dlv for a replacement. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt TDN0YUuWrBNh"; +a49 1 + +@ + + +1.1 +log +@Initial revision +@ +text +@d1 1 +a1 1 +/* $Id: bind.keys,v 1.5.42.1 2010/06/20 07:32:24 marka Exp $ */ +d8 2 +@ diff --git a/bind/.rcs/named-acl.conf,v b/bind/.rcs/named-acl.conf,v new file mode 100644 index 0000000..83331a7 --- /dev/null +++ b/bind/.rcs/named-acl.conf,v @@ -0,0 +1,185 @@ +head 1.8; +access; +symbols; +locks; strict; +comment @# @; + + +1.8 +date 2011.01.09.18.18.18; author root; state Exp; +branches; +next 1.7; + +1.7 +date 2010.11.30.22.08.39; author root; state Exp; +branches; +next 1.6; + +1.6 +date 2010.06.30.21.41.24; author root; state Exp; +branches; +next 1.5; + +1.5 +date 2010.06.24.13.24.37; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2010.06.21.21.35.50; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.06.09.09.31.36; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.26.20.22.54; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.20.19.00; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.8 +log +@Checked in. +@ +text +@//############################################################### +//# Bind9-Konfigurationsdatei - Access-Control-Listen +//# /etc/bind/named-acl.conf +//# +//# $Header: /etc/bind/.rcs/named-acl.conf,v 1.7 2010/11/30 22:08:39 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Access-Control-Listen + +acl common-allow-transfer { + 213.20.92.7; + 80.154.16.7; + 85.199.64.7; + 85.214.43.33; + 85.214.134.152; + 85.214.147.150; + 195.50.185.7; + 2a01:238:4239:8a00:d4da:215d:3d01:f9b9; + 127.0.0.1; + ::1; + 85.214.134.152; + 2a01:238:4225:6e00:8f8c:808a:7fb8:88df; + 2001:6f8:1db7::1; + 2001:6f8:1c00:365::2; +}; + +acl allow-dyn-update { + 127.0.0.1; + 85.214.134.152; +}; + + +# vim: ts=4 filetype=named noai +@ + + +1.7 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/.rcs/named-acl.conf,v 1.6 2010/06/30 21:41:24 root Exp $ +d30 2 +@ + + +1.6 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-acl.conf,v 1.5 2010/06/24 13:24:37 root Exp $ +d24 1 +@ + + +1.5 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-acl.conf,v 1.4 2010/06/21 21:35:50 root Exp $ +a21 1 + 85.214.73.141; +a32 1 + 85.214.73.141; +@ + + +1.4 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-acl.conf,v 1.3 2010/06/09 09:31:36 root Exp $ +a25 2 + 195.50.185.24; + 195.50.185.7; +@ + + +1.3 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-acl.conf,v 1.2 2010/05/26 20:22:54 root Exp $ +d28 4 +@ + + +1.2 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/portage/package.keywords,v 1.59 2010/05/17 08:54:49 root Exp $ +d24 2 +@ + + +1.1 +log +@Initial revision +@ +text +@d5 2 +@ diff --git a/bind/.rcs/named-dyn.conf,v b/bind/.rcs/named-dyn.conf,v new file mode 100644 index 0000000..bac7f72 --- /dev/null +++ b/bind/.rcs/named-dyn.conf,v @@ -0,0 +1,107 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.30.07.00.46; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.20.53.38; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@//############################################################### +//# Bind9-Konfigurationsdatei - Dynamische Master-Zonen +//# /etc/bind/named-dyn.conf +//# +//# $Header: /etc/bind/named-dyn.conf,v 1.1 2010/05/26 20:53:38 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@@brehm-online.com +//# +//############################################################### + +//############################################################### +//# dynamische Zonen (sind aber Master) + +zone "dyn.brehm-online.com" IN { + type master; + file "dyn/dyn.brehm-online.com.zone"; + allow-update { + allow-dyn-update; + key DYN_DNS_UPDATER; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "dyn.uhu-banane.de" IN { + type master; + file "dyn/dyn.uhu-banane.de.zone"; + allow-update { + allow-dyn-update; + key DYN_DNS_UPDATER; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +# vim: ts=4 filetype=named noai +@ + + +1.1 +log +@Initial revision +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-pri.conf,v 1.1 2010/05/26 20:30:20 root Exp $ +d17 11 +a27 11 +#zone "dyn.brehm-online.com" IN { +# type master; +# file "dyn/dyn.brehm-online.com.zone"; +# allow-update { +# allow-dyn-update; +# key DYN_DNS_UPDATER; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; +d29 11 +a39 11 +#zone "dyn.uhu-banane.de" IN { +# type master; +# file "dyn/dyn.uhu-banane.de.zone"; +# allow-update { +# allow-dyn-update; +# key DYN_DNS_UPDATER; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; +@ diff --git a/bind/.rcs/named-log.conf,v b/bind/.rcs/named-log.conf,v new file mode 100644 index 0000000..1464e93 --- /dev/null +++ b/bind/.rcs/named-log.conf,v @@ -0,0 +1,127 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2010.05.26.20.23.00; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.26.20.12.49; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.20.08.18; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@//############################################################### +//# Bind9-Konfigurationsdatei Logging +//# /etc/bind/named-log.conf +//# +//# $Header: /etc/portage/package.keywords,v 1.59 2010/05/17 08:54:49 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Angaben zum Logging + +logging { + + // Kategorien + + category default { + default_debug; + logtofile; + }; + category general { + logtofile; + syslog-warning; + }; + category lame-servers { + null; + }; + category queries { + query_logging; + }; + + // Kanäle + + channel complete_debug { + file "/var/log/named/complete-debug.log"; + print-category yes; + print-severity yes; + print-time yes; + severity debug 99; + }; + channel logtofile { + file "/var/log/named/named.log"; + print-category yes; + print-severity yes; + print-time yes; + severity info; + }; + channel moderate_debug { + file "/var/log/named/debug.log"; + print-category yes; + print-severity yes; + print-time yes; + severity debug 1; + }; + channel query_logging { + file "/var/log/named/query.log"; + print-time yes; + }; + channel syslog-warning { + syslog daemon; + severity warning; + }; + +}; + +# vim: ts=4 filetype=named noai +@ + + +1.2 +log +@Checked in. +@ +text +@d5 2 +@ + + +1.1 +log +@Initial revision +@ +text +@d5 1 +a5 1 +//# Host Sarah +d7 1 +a7 1 +//# Generiert am: 07.12.2006 +@ diff --git a/bind/.rcs/named-pri.conf,v b/bind/.rcs/named-pri.conf,v new file mode 100644 index 0000000..78541f0 --- /dev/null +++ b/bind/.rcs/named-pri.conf,v @@ -0,0 +1,299 @@ +head 1.5; +access; +symbols; +locks; strict; +comment @# @; + + +1.5 +date 2011.01.09.22.09.13; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2011.01.09.20.22.31; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.06.30.21.41.39; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.06.03.13.43.25; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.20.30.20; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.5 +log +@Checked in. +@ +text +@//############################################################### +//# Bind9-Konfigurationsdatei - Primäre Zonen +//# /etc/bind/named-pri.conf +//# +//# $Header: /etc/bind/.rcs/named-pri.conf,v 1.4 2011/01/09 20:22:31 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Master-Zonen (Primary) + +//zone "brehm-berlin.de" { +// type master; +// file "pri/brehm-berlin.de.zone"; +// allow-update { none; }; +// allow-transfer { +// common-allow-transfer; +// }; +//}; + +zone "brehm-online.com" { + type master; + file "pri/brehm-online.com.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; +}; + +//zone "brehm-online.eu" { +// type master; +// file "pri/brehm-online.eu.zone"; +// allow-update { none; }; +// allow-transfer { +// common-allow-transfer; +// }; +//}; + +zone "home.brehm-online.com" { + type master; + file "pri/home.brehm-online.com.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "hennig-berlin.org" { + type master; + file "pri/hennig-berlin.org.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; +}; + +//zone "uhu-banane.com" IN { +// type master; +// file "pri/uhu-banane.com.zone"; +// allow-update { none; }; +// allow-transfer { +// common-allow-transfer; +// }; +//}; + +zone "uhu-banane.de" IN { + type master; + file "pri/uhu-banane.de.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; +}; + +//zone "uhu-banane.net" IN { +// type master; +// file "pri/uhu-banane.net.zone"; +// allow-update { none; }; +// allow-transfer { +// common-allow-transfer; +// }; +//}; + +######################################################## +# Reverse Zonen +######################################################## + +zone "7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa" IN { + type master; + file "pri/rev.2001-6f8-1db7.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; + also-notify { + 2001:6f8:1c00:365::2; + }; +}; + +zone "0.0.0.0.7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa" IN { + type master; + file "pri/rev.2001-6f8-1db7-0.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; + also-notify { + 2001:6f8:1c00:365::2; + }; +}; + +# vim: ts=4 filetype=named noai +@ + + +1.4 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/.rcs/named-pri.conf,v 1.3 2010/06/30 21:41:39 root Exp $ +d44 9 +@ + + +1.3 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-pri.conf,v 1.2 2010/06/03 13:43:25 root Exp $ +d80 28 +@ + + +1.2 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-pri.conf,v 1.1 2010/05/26 20:30:20 root Exp $ +a23 3 +// also-notify { +// 85.214.73.141; +// }; +a32 3 + also-notify { + 85.214.73.141; + }; +a41 3 +// also-notify { +// 85.214.73.141; +// }; +a50 3 + also-notify { + 85.214.73.141; + }; +a59 3 +// also-notify { +// 85.214.73.141; +// }; +a68 3 + also-notify { + 85.214.73.141; + }; +a77 3 +// also-notify { +// 85.214.73.141; +// }; +@ + + +1.1 +log +@Initial revision +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-pri.conf,v 1.2 2010/05/26 20:22:54 root Exp $ +d17 83 +a99 62 +#zone "brehm-berlin.de" { +# type master; +# file "pri/brehm-berlin.de.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "brehm-online.com" { +# type master; +# file "pri/brehm-online.com.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "brehm-online.eu" { +# type master; +# file "pri/brehm-online.eu.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "hennig-berlin.org" { +# type master; +# file "pri/hennig-berlin.org.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.com" IN { +# type master; +# file "pri/uhu-banane.com.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.de" IN { +# type master; +# file "pri/uhu-banane.de.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.net" IN { +# type master; +# file "pri/uhu-banane.net.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; +@ diff --git a/bind/.rcs/named-sec.conf,v b/bind/.rcs/named-sec.conf,v new file mode 100644 index 0000000..8a44eca --- /dev/null +++ b/bind/.rcs/named-sec.conf,v @@ -0,0 +1,1008 @@ +head 1.9; +access; +symbols; +locks; strict; +comment @# @; + + +1.9 +date 2011.02.09.13.54.33; author root; state Exp; +branches; +next 1.8; + +1.8 +date 2010.06.30.21.34.57; author root; state Exp; +branches; +next 1.7; + +1.7 +date 2010.06.24.13.26.12; author root; state Exp; +branches; +next 1.6; + +1.6 +date 2010.06.17.21.25.47; author root; state Exp; +branches; +next 1.5; + +1.5 +date 2010.06.01.08.15.30; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2010.05.30.06.58.59; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.05.26.20.55.37; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.26.20.49.57; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.20.41.58; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.9 +log +@Checked in. +@ +text +@//############################################################### +//# Bind9-Konfigurationsdatei - Sekundäre Zonen +//# /etc/bind/named-sec +//# +//# $Header: /etc/bind/.rcs/named-sec.conf,v 1.8 2010/06/30 21:34:57 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Slave-Zonen (Secondary) + +zone "60-plus-ag.de" IN { + type slave; + file "sec/60-plus-ag.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "60plusag.de" IN { + type slave; + file "sec/60plusag.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "acwain.com" IN { + type slave; + file "sec/acwain.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "acwain.de" IN { + type slave; + file "sec/acwain.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "acwain.net" IN { + type slave; + file "sec/acwain.net.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "don-dona.de" IN { + type slave; + file "sec/don-dona.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "dondona.de" IN { + type slave; + file "sec/dondona.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "e-nergieplus.de" IN { + type slave; + file "sec/e-nergieplus.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "ereda.de" IN { + type slave; + file "sec/ereda.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "gl-versicherungsmakler.de" IN { + type slave; + file "sec/gl-versicherungsmakler.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "irtk.de" IN { + type slave; + file "sec/irtk.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "kleinanzeigen-mv.de" IN { + type slave; + file "sec/kleinanzeigen-mv.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexventure.com" IN { + type slave; + file "sec/mexventure.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexventures.com" IN { + type slave; + file "sec/mexventures.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexventure.de" IN { + type slave; + file "sec/mexventure.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexventures.de" IN { + type slave; + file "sec/mexventures.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mypettown.com" IN { + type slave; + file "sec/mypettown.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mypettown.de" IN { + type slave; + file "sec/mypettown.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "planetec.de" IN { + type slave; + file "sec/planetec.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +#zone "profitbricks.com" IN { +# type slave; +# file "sec/profitbricks.com.zone"; +# masters { +# 62.116.131.31; +# 83.169.55.5; +# 195.34.161.195; +# 74.208.164.110; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "profitbricks.de" IN { +# type slave; +# file "sec/profitbricks.de.zone"; +# masters { +# 62.116.131.31; +# 83.169.55.5; +# 195.34.161.195; +# 74.208.164.110; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +zone "ruby-love.de" IN { + type slave; + file "sec/ruby-love.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "rubylove.de" IN { + type slave; + file "sec/rubylove.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "saeger.cc" IN { + type slave; + file "sec/saeger.cc.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shopyoo.com" IN { + type slave; + file "sec/shopyoo.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shop-yoo.de" IN { + type slave; + file "sec/shop-yoo.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shopyoo.de" IN { + type slave; + file "sec/shopyoo.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shop-you.de" IN { + type slave; + file "sec/shop-you.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shopyou.de" IN { + type slave; + file "sec/shopyou.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "spridgets.net" IN { + type slave; + file "sec/spridgets.net.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "timo-adam.de" IN { + type slave; + file "sec/timo-adam.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "timoadam.de" IN { + type slave; + file "sec/timoadam.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "tomsue.de" IN { + type slave; + file "sec/tomsue.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "vital-beauty.net" IN { + type slave; + file "sec/vital-beauty.net.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "vitalbeauty.net" IN { + type slave; + file "sec/vitalbeauty.net.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +# vim: ts=4 filetype=named noai +@ + + +1.8 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-sec.conf,v 1.7 2010/06/24 13:26:12 root Exp $ +d72 22 +d226 50 +@ + + +1.7 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-sec.conf,v 1.6 2010/06/17 21:25:47 root Exp $ +d21 1 +a21 1 + 85.214.73.141; +d32 1 +a32 1 + 85.214.73.141; +d43 1 +a43 1 + 85.214.73.141; +d54 1 +a54 1 + 85.214.73.141; +d65 1 +a65 1 + 85.214.73.141; +d76 1 +a76 1 + 85.214.73.141; +d87 1 +a87 1 + 85.214.73.141; +d98 1 +a98 1 + 85.214.73.141; +d109 1 +a109 1 + 85.214.73.141; +d120 1 +a120 1 + 85.214.73.141; +d131 1 +a131 1 + 85.214.73.141; +d142 1 +a142 1 + 85.214.73.141; +d153 1 +a153 1 + 85.214.73.141; +d164 1 +a164 1 + 85.214.73.141; +d175 1 +a175 1 + 85.214.73.141; +d186 1 +a186 1 + 85.214.73.141; +d197 1 +a197 1 + 85.214.73.141; +d208 1 +a208 1 + 85.214.73.141; +d219 1 +a219 1 + 85.214.73.141; +d230 1 +a230 1 + 85.214.73.141; +d241 1 +a241 1 + 85.214.73.141; +d252 1 +a252 1 + 85.214.73.141; +d263 1 +a263 1 + 85.214.73.141; +d274 1 +a274 1 + 85.214.73.141; +d285 1 +a285 1 + 85.214.73.141; +d296 1 +a296 1 + 85.214.73.141; +d307 1 +a307 1 + 85.214.73.141; +d318 1 +a318 1 + 85.214.73.141; +d329 1 +a329 1 + 85.214.73.141; +@ + + +1.6 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-sec.conf,v 1.5 2010/06/01 08:15:30 root Exp $ +a21 1 + 195.50.185.24; +a32 1 + 195.50.185.24; +a43 1 + 195.50.185.24; +a54 1 + 195.50.185.24; +a65 1 + 195.50.185.24; +a76 1 + 195.50.185.24; +a87 1 + 195.50.185.24; +a98 1 + 195.50.185.24; +a109 1 + 195.50.185.24; +a120 1 + 195.50.185.24; +a131 1 + 195.50.185.24; +a142 1 + 195.50.185.24; +a153 1 + 195.50.185.24; +a164 1 + 195.50.185.24; +a175 1 + 195.50.185.24; +a186 1 + 195.50.185.24; +a197 1 + 195.50.185.24; +a208 13 + 195.50.185.24; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shop-yoo.com" IN { + type slave; + file "sec/shop-yoo.com.zone"; + masters { + 85.214.73.141; + 195.50.185.24; +a219 1 + 195.50.185.24; +a230 1 + 195.50.185.24; +a241 13 + 195.50.185.24; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shopyou.com" IN { + type slave; + file "sec/shopyou.com.zone"; + masters { + 85.214.73.141; + 195.50.185.24; +a252 1 + 195.50.185.24; +a263 1 + 195.50.185.24; +a274 1 + 195.50.185.24; +a285 1 + 195.50.185.24; +a296 1 + 195.50.185.24; +a307 1 + 195.50.185.24; +a318 1 + 195.50.185.24; +a329 1 + 195.50.185.24; +@ + + +1.5 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-sec.conf,v 1.4 2010/05/30 06:58:59 root Exp $ +d17 35 +a51 1 +#### Zeitweilig hier aufgehoben: +d53 11 +a63 98 +#zone "brehm-berlin.de" { +# type slave; +# file "sec/brehm-berlin.de.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "brehm-online.com" { +# type slave; +# file "sec/brehm-online.com.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "brehm-online.eu" { +# type slave; +# file "sec/brehm-online.eu.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "hennig-berlin.org" { +# type slave; +# file "sec/hennig-berlin.org.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.com" IN { +# type slave; +# file "sec/uhu-banane.com.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.de" IN { +# type slave; +# file "sec/uhu-banane.de.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.net" IN { +# type slave; +# file "sec/uhu-banane.net.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "dyn.brehm-online.com" IN { +# type slave; +# file "dyn/dyn.brehm-online.com.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; +# +#zone "dyn.uhu-banane.de" IN { +# type slave; +# file "dyn/dyn.uhu-banane.de.zone"; +# masters { +# 85.214.73.141; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; +d65 11 +a75 1 +#### Ende von zeitweilig ... +d101 12 +d125 12 +d209 12 +d233 84 +d329 24 +@ + + +1.4 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-sec.conf,v 1.3 2010/05/26 20:55:37 root Exp $ +d19 10 +a28 10 +zone "brehm-berlin.de" { + type slave; + file "sec/brehm-berlin.de.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; +d30 10 +a39 10 +zone "brehm-online.com" { + type slave; + file "sec/brehm-online.com.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; +d41 10 +a50 10 +zone "brehm-online.eu" { + type slave; + file "sec/brehm-online.eu.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; +d52 10 +a61 10 +zone "hennig-berlin.org" { + type slave; + file "sec/hennig-berlin.org.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; +d63 10 +a72 10 +zone "uhu-banane.com" IN { + type slave; + file "sec/uhu-banane.com.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; +d74 10 +a83 10 +zone "uhu-banane.de" IN { + type slave; + file "sec/uhu-banane.de.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; +d85 10 +a94 10 +zone "uhu-banane.net" IN { + type slave; + file "sec/uhu-banane.net.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; +@ + + +1.3 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-sec.conf,v 1.2 2010/05/26 20:49:57 root Exp $ +d96 21 +a116 21 +zone "dyn.brehm-online.com" IN { + type slave; + file "dyn/dyn.brehm-online.com.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "dyn.uhu-banane.de" IN { + type slave; + file "dyn/dyn.uhu-banane.de.zone"; + masters { + 85.214.73.141; + }; + allow-transfer { + common-allow-transfer; + }; +}; +@ + + +1.2 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-sec.conf,v 1.1 2010/05/26 20:41:58 root Exp $ +d96 22 +@ + + +1.1 +log +@Initial revision +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named-pri.conf,v 1.1 2010/05/26 20:30:20 root Exp $ +d17 12 +a28 8 +#zone "brehm-berlin.de" { +# type master; +# file "pri/brehm-berlin.de.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; +a35 1 + allow-update { none; }; +d41 56 +a96 44 +#zone "brehm-online.eu" { +# type master; +# file "pri/brehm-online.eu.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "hennig-berlin.org" { +# type master; +# file "pri/hennig-berlin.org.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.com" IN { +# type master; +# file "pri/uhu-banane.com.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.de" IN { +# type master; +# file "pri/uhu-banane.de.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "uhu-banane.net" IN { +# type master; +# file "pri/uhu-banane.net.zone"; +# allow-update { none; }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; +@ diff --git a/bind/.rcs/named.conf,v b/bind/.rcs/named.conf,v new file mode 100644 index 0000000..1fb3c0e --- /dev/null +++ b/bind/.rcs/named.conf,v @@ -0,0 +1,332 @@ +head 1.10; +access; +symbols; +locks; strict; +comment @# @; + + +1.10 +date 2011.02.09.13.58.03; author root; state Exp; +branches; +next 1.9; + +1.9 +date 2011.01.09.20.11.09; author root; state Exp; +branches; +next 1.8; + +1.8 +date 2010.06.30.21.40.49; author root; state Exp; +branches; +next 1.7; + +1.7 +date 2010.06.24.13.23.38; author root; state Exp; +branches; +next 1.6; + +1.6 +date 2010.05.27.10.20.35; author root; state Exp; +branches; +next 1.5; + +1.5 +date 2010.05.26.20.56.15; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2010.05.26.20.43.34; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.05.26.20.23.07; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.26.20.21.10; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.13.12.52; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.10 +log +@Checked in. +@ +text +@//############################################################### +//# Bind9-Konfigurationsdatei +//# /etc/bind/named.conf +//# +//# $Header: /etc/bind/.rcs/named.conf,v 1.9 2011/01/09 20:11:09 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@@brehm-online.com +//# +//############################################################### + + + +//############################################################### +//# Allgemeine Optionen + +options { + directory "/var/bind"; + + // uncomment the following lines to turn on DNS forwarding, + // and change the forwarding ip address(es) : + //forward first; + //forwarders { + // 123.123.123.123; + // 123.123.123.123; + //}; + + # Auf allen Ports lauschen ... + listen-on-v6 { + any; + }; + listen-on { + any; + }; + + // to allow only specific hosts to use the DNS server: + //allow-query { + // 127.0.0.1; + //}; + + allow-notify { + 85.214.147.150; + 85.214.134.152; + 127.0.0.1/8; + ::1; + 2a01:238:4225:6e00:8f8c:808a:7fb8:88df; + 2a01:238:4239:8a00:d4da:215d:3d01:f9b9; + }; + + // if you have problems and are behind a firewall: + //query-source address * port 53; + pid-file "/var/run/named/named.pid"; + + version "none"; + +}; + +// Logging +include "/etc/bind/named-log.conf"; + +// Managed Keys +include "/etc/bind/bind.keys"; + +//############################################################### +//# Kontrollkanäle für RNDC + +controls { + inet 127.0.0.1 port 953 allow { + 127.0.0.1; + } keys { + "rndc-key"; + }; +}; + +//############################################################### +//# Id-Schlüssel + +key rndc-key { + algorithm hmac-md5; + secret "qVWegky7GAFenNmgrZgf6A=="; +}; + +key DYN_DNS_UPDATER { + algorithm hmac-md5; + secret "gi69Yjzo1OSPVQ/oTTgw+Q=="; +}; + +// Access-Control-Listen +include "/etc/bind/named-acl.conf"; + +// Briefly, a zone which has been declared delegation-only will be effectively +// limited to containing NS RRs for subdomains, but no actual data beyond its +// own apex (for example, its SOA RR and apex NS RRset). This can be used to +// filter out "wildcard" or "synthesized" data from NAT boxes or from +// authoritative name servers whose undelegated (in-zone) data is of no +// interest. +// See http://www.isc.org/products/BIND/delegation-only.html for more info + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//############################################################### +//# Hint-Zonen (zum Finden der Root-Server) + +zone "." IN { + type hint; + file "named.cache"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; +}; + +//############################################################### +// Include der Zonendefinitionen + +// Master-Zonen +include "/etc/bind/named-pri.conf"; + +// Dynamische Zonen +include "/etc/bind/named-dyn.conf"; + +// Slave-Zonen +include "/etc/bind/named-sec.conf"; + + + +# vim: ts=4 filetype=named noai +@ + + +1.9 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/.rcs/named.conf,v 1.8 2010/06/30 21:40:49 root Exp $ +d63 3 +@ + + +1.8 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named.conf,v 1.7 2010/06/24 13:23:38 root Exp $ +d49 1 +@ + + +1.7 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named.conf,v 1.6 2010/05/27 10:20:35 root Exp $ +a43 1 + 85.214.73.141; +@ + + +1.6 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named.conf,v 1.5 2010/05/26 20:56:15 root Exp $ +d45 5 +a49 1 + 195.50.185.24; +@ + + +1.5 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named.conf,v 1.4 2010/05/26 20:43:34 root Exp $ +d31 6 +a36 2 + #listen-on-v6 { none; }; + #listen-on { 127.0.0.1; }; +d43 5 +@ + + +1.4 +log +@Checked in. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named.conf,v 1.3 2010/05/26 20:23:07 root Exp $ +d116 3 +@ + + +1.3 +log +@Checked in. +@ +text +@d1 1 +a1 1 +/############################################################### +d5 1 +a5 1 +//# $Header: /etc/portage/package.keywords,v 1.59 2010/05/17 08:54:49 root Exp $ +d75 1 +a75 1 +include "/etc/bind/named-acl"; +d110 11 +@ + + +1.2 +log +@Checked in. +@ +text +@d5 2 +@ + + +1.1 +log +@Initial revision +@ +text +@d1 16 +d28 3 +a30 2 + listen-on-v6 { none; }; + listen-on { 127.0.0.1; }; +d40 17 +d59 16 +d86 3 +d107 2 +@ diff --git a/bind/.rcs/named.conf.orig,v b/bind/.rcs/named.conf.orig,v new file mode 100644 index 0000000..f887a47 --- /dev/null +++ b/bind/.rcs/named.conf.orig,v @@ -0,0 +1,357 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.07.06.20.40; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.10.04.21.21.02; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@/* + * Refer to the named.conf(5) and named(8) man pages, and the documentation + * in /usr/share/doc/bind-9 for more details. + * Online versions of the documentation can be found here: + * http://www.isc.org/software/bind/documentation + * + * If you are going to set up an authoritative server, make sure you + * understand the hairy details of how DNS works. Even with simple mistakes, + * you can break connectivity for affected parties, or cause huge amounts of + * useless Internet traffic. + */ + +acl "xfer" { + /* Deny transfers by default except for the listed hosts. + * If we have other name servers, place them here. + */ + none; +}; + +/* + * You might put in here some ips which are allowed to use the cache or + * recursive queries + */ +acl "trusted" { + 127.0.0.0/8; + ::1/128; +}; + +options { + directory "/var/bind"; + pid-file "/var/run/named/named.pid"; + + /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ + //bindkeys-file "/etc/bind/bind.keys"; + + listen-on-v6 { ::1; }; + listen-on { 127.0.0.1; }; + + allow-query { + /* + * Accept queries from our "trusted" ACL. We will + * allow anyone to query our master zones below. + * This prevents us from becoming a free DNS server + * to the masses. + */ + trusted; + }; + + allow-query-cache { + /* Use the cache for the "trusted" ACL. */ + trusted; + }; + + allow-recursion { + /* Only trusted addresses are allowed to use recursion. */ + trusted; + }; + + allow-transfer { + /* Zone tranfers are denied by default. */ + none; + }; + + allow-update { + /* Don't allow updates, e.g. via nsupdate. */ + none; + }; + + /* + * If you've got a DNS server around at your upstream provider, enter its + * IP address here, and enable the line below. This will make you benefit + * from its cache, thus reduce overall DNS traffic in the Internet. + * + * Uncomment the following lines to turn on DNS forwarding, and change + * and/or update the forwarding ip address(es): + */ +/* + forward first; + forwarders { + // 123.123.123.123; // Your ISP NS + // 124.124.124.124; // Your ISP NS + // 4.2.2.1; // Level3 Public DNS + // 4.2.2.2; // Level3 Public DNS + 8.8.8.8; // Google Open DNS + 8.8.4.4; // Google Open DNS + }; + +*/ + + //dnssec-enable yes; + //dnssec-validation yes; + + /* if you have problems and are behind a firewall: */ + //query-source address * port 53; +}; + +/* +logging { + channel default_log { + file "/var/log/named/named.log" versions 5 size 50M; + print-time yes; + print-severity yes; + print-category yes; + }; + + category default { default_log; }; + category general { default_log; }; +}; +*/ + +include "/etc/bind/rndc.key"; +controls { + inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; +}; + +zone "." in { + type hint; + file "/var/bind/root.cache"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + notify no; +}; + +/* + * Briefly, a zone which has been declared delegation-only will be effectively + * limited to containing NS RRs for subdomains, but no actual data beyond its + * own apex (for example, its SOA RR and apex NS RRset). This can be used to + * filter out "wildcard" or "synthesized" data from NAT boxes or from + * authoritative name servers whose undelegated (in-zone) data is of no + * interest. + * See http://www.isc.org/software/bind/delegation-only for more info + */ + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//zone "YOUR-DOMAIN.TLD" { +// type master; +// file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; +// allow-query { any; }; +// allow-transfer { xfer; }; +//}; + +//zone "YOUR-SLAVE.TLD" { +// type slave; +// file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; +// masters { ; }; + + /* Anybody is allowed to query but transfer should be controlled by the master. */ +// allow-query { any; }; +// allow-transfer { none; }; + + /* The master should be the only one who notifies the slaves, shouldn't it? */ +// allow-notify { ; }; +// notify no; +//}; +@ + + +1.1 +log +@Initial revision +@ +text +@d14 4 +a17 4 + /* Allow no transfers. If we have other name servers, place them here. */ + //127.0.0.1/32; + //::1/128; + "none"; +d20 1 +a20 1 +/* +d34 1 +a34 1 + // bindkeys-file "/etc/bind/bind.keys"; +d54 5 +d60 7 +a66 5 + /* + * Zone tranfers limited to members of the + * "xfer" ACL (e.g. secondary nameserver). + */ + xfer; +d69 8 +a76 8 +/* + * If you've got a DNS server around at your upstream provider, enter its + * IP address here, and enable the line below. This will make you benefit + * from its cache, thus reduce overall DNS traffic in the Internet. + * + * Uncomment the following lines to turn on DNS forwarding, and change + * and/or update the forwarding ip address(es): + */ +d82 2 +a83 2 + 4.2.2.1; // Level3 Public DNS + 4.2.2.2; // Level3 Public DNS +d90 2 +a91 2 + // dnssec-enable yes; + // dnssec-validation yes; +d97 1 +d109 1 +d116 4 +d121 5 +a125 6 +view "internal" in { + /* + * Our internal (trusted) view. We permit the internal networks + * to freely access this view. We perform recursion for our + * internal hosts, and retrieve data from the cache for them. + */ +d127 4 +a130 50 + match-clients { trusted; }; + recursion yes; + additional-from-auth yes; + additional-from-cache yes; + + zone "." in { + type hint; + file "/var/bind/root.cache"; + }; + + zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; + allow-query { any; }; + allow-transfer { none; }; + }; + + zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; + allow-query { any; }; + allow-transfer { none; }; + }; + + /* + * NOTE: All zone blocks for "public" view should be listed here in "internal" + * too! Otherwise you'll have trouble to resolv the public zones properly. + * That affects all hosts from the "trusted" ACL. + * A separate config, which contains all zone blocks, might be better in + * this case. Then you can simply add: + * include "/etc/bind/zones.cfg"; + * for "internal" and "public" view. + */ + + /* + * Briefly, a zone which has been declared delegation-only will be effectively + * limited to containing NS RRs for subdomains, but no actual data beyond its + * own apex (for example, its SOA RR and apex NS RRset). This can be used to + * filter out "wildcard" or "synthesized" data from NAT boxes or from + * authoritative name servers whose undelegated (in-zone) data is of no + * interest. + * See http://www.isc.org/software/bind/delegation-only for more info + */ + + //zone "COM" { type delegation-only; }; + //zone "NET" { type delegation-only; }; +d133 9 +a141 6 +view "public" in { + /* + * Our external (untrusted) view. We permit any client to access + * portions of this view. We do not perform recursion or cache + * access for hosts using this view. + */ +d143 2 +a144 31 + match-clients { any; }; + recursion no; + additional-from-auth no; + additional-from-cache no; + + zone "." in { + type hint; + file "/var/bind/root.cache"; + }; + + //zone "YOUR-DOMAIN.TLD" { + // type master; + // file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; + // allow-query { any; }; + // allow-transfer { xfer; }; + //}; + + //zone "YOUR-SLAVE.TLD" { + // type slave; + // file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; + // masters { ; }; + + // /* Anybody is allowed to query but transfer should be controlled by the master. */ + // allow-query { any; }; + // allow-transfer { none; }; + + // /* The master should be the only one who notifies the slaves, shouldn't it? */ + // allow-notify { ; }; + // notify no; + //}; +}; +d146 20 +a165 11 +/* Hide the bind version */ +/* +view "chaos" chaos { + match-clients { any; }; + allow-query { none; }; + zone "." { + type hint; + file "/dev/null"; // or any empty file + }; +}; +*/ +@ diff --git a/bind/.rcs/rndc.key,v b/bind/.rcs/rndc.key,v new file mode 100644 index 0000000..8333d43 --- /dev/null +++ b/bind/.rcs/rndc.key,v @@ -0,0 +1,44 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.26.20.00.08; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.13.12.57; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@key "rndc-key" { + algorithm hmac-md5; + secret "qVWegky7GAFenNmgrZgf6A=="; +}; +@ + + +1.1 +log +@Initial revision +@ +text +@d3 1 +a3 1 + secret "IV/ZC8XeMILWBlCn2Mw4tg=="; +@ diff --git a/bind/Kdyn_dns_updater.+157+29290.key b/bind/Kdyn_dns_updater.+157+29290.key new file mode 100644 index 0000000..de7ce08 --- /dev/null +++ b/bind/Kdyn_dns_updater.+157+29290.key @@ -0,0 +1 @@ +DYN_DNS_UPDATER. IN KEY 0 3 157 gi69Yjzo1OSPVQ/oTTgw+Q== diff --git a/bind/Kdyn_dns_updater.+157+29290.private b/bind/Kdyn_dns_updater.+157+29290.private new file mode 100644 index 0000000..8ce7689 --- /dev/null +++ b/bind/Kdyn_dns_updater.+157+29290.private @@ -0,0 +1,4 @@ +Private-key-format: v1.2 +Algorithm: 157 (HMAC_MD5) +Key: gi69Yjzo1OSPVQ/oTTgw+Q== +Bits: AAA= diff --git a/bind/bind.keys b/bind/bind.keys new file mode 100644 index 0000000..93fa2f8 --- /dev/null +++ b/bind/bind.keys @@ -0,0 +1,50 @@ +/* $Id: bind.keys,v 1.5.42.3 2011-03-25 17:46:40 each Exp $ */ +# The bind.keys file is used to override built-in DNSSEC trust anchors +# which are included as part of BIND 9. As of the current release (BIND +# 9.7), the only trust anchor it sets is the one for the ISC DNSSEC +# Lookaside Validation zone ("dlv.isc.org"). Trust anchors for any other +# zones MUST be configured elsewhere; if they are configured here, they +# will not be recognized or used by named. +# +# This file also contains a copy of the trust anchor for the DNS root zone +# ("."). However, named does not use it; it is provided here for +# informational purposes only. To switch on DNSSEC validation at the +# root, the root key below can be copied into named.conf. +# +# The built-in DLV trust anchor in this file is used directly by named. +# However, it is not activated unless specifically switched on. To use +# the DLV key, set "dnssec-lookaside auto;" in the named.conf options. +# Without this option being set, the key in this file is ignored. +# +# This file is NOT expected to be user-configured. +# +# These keys are current as of January 2011. If any key fails to +# initialize correctly, it may have expired. In that event you should +# replace this file with a current version. The latest version of +# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. + +managed-keys { + # ISC DLV: See https://www.isc.org/solutions/dlv for details. + # NOTE: This key is activated by setting "dnssec-lookaside auto;" + # in named.conf. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 + brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ + 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 + ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk + Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM + QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt + TDN0YUuWrBNh"; + + # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml + # for current trust anchor information. + # NOTE: This key not active; to use it, copy it into a managed-keys + # statement in named.conf + . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF + FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX + bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD + X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz + W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS + Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq + QxA+Uk1ihz0="; +}; +# vim: ts=4 filetype=named noai diff --git a/bind/dyn b/bind/dyn new file mode 120000 index 0000000..67a7f03 --- /dev/null +++ b/bind/dyn @@ -0,0 +1 @@ +/var/bind/dyn \ No newline at end of file diff --git a/bind/named-acl.conf b/bind/named-acl.conf new file mode 100644 index 0000000..9902fb6 --- /dev/null +++ b/bind/named-acl.conf @@ -0,0 +1,40 @@ +//############################################################### +//# Bind9-Konfigurationsdatei - Access-Control-Listen +//# /etc/bind/named-acl.conf +//# +//# $Header: /etc/bind/.rcs/named-acl.conf,v 1.8 2011/01/09 18:18:18 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Access-Control-Listen + +acl common-allow-transfer { + 213.20.92.7; + 80.154.16.7; + 85.199.64.7; + 85.214.43.33; + 85.214.134.152; + 85.214.147.150; + 195.50.185.7; + 2a01:238:4239:8a00:d4da:215d:3d01:f9b9; + 127.0.0.1; + ::1; + 85.214.134.152; + 2a01:238:4225:6e00:8f8c:808a:7fb8:88df; + 2001:6f8:1db7::1; + 2001:6f8:1c00:365::2; +}; + +acl allow-dyn-update { + 127.0.0.1; + 85.214.134.152; +}; + + +# vim: ts=4 filetype=named noai diff --git a/bind/named-dyn.conf b/bind/named-dyn.conf new file mode 100644 index 0000000..8648285 --- /dev/null +++ b/bind/named-dyn.conf @@ -0,0 +1,41 @@ +//############################################################### +//# Bind9-Konfigurationsdatei - Dynamische Master-Zonen +//# /etc/bind/named-dyn.conf +//# +//# $Header: /etc/bind/.rcs/named-dyn.conf,v 1.2 2010/05/30 07:00:46 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@brehm-online.com +//# +//############################################################### + +//############################################################### +//# dynamische Zonen (sind aber Master) + +zone "dyn.brehm-online.com" IN { + type master; + file "dyn/dyn.brehm-online.com.zone"; + allow-update { + allow-dyn-update; + key DYN_DNS_UPDATER; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "dyn.uhu-banane.de" IN { + type master; + file "dyn/dyn.uhu-banane.de.zone"; + allow-update { + allow-dyn-update; + key DYN_DNS_UPDATER; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +# vim: ts=4 filetype=named noai diff --git a/bind/named-log.conf b/bind/named-log.conf new file mode 100644 index 0000000..a8a0751 --- /dev/null +++ b/bind/named-log.conf @@ -0,0 +1,70 @@ +//############################################################### +//# Bind9-Konfigurationsdatei Logging +//# /etc/bind/named-log.conf +//# +//# $Header: /etc/bind/.rcs/named-log.conf,v 1.3 2010/05/26 20:23:00 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Angaben zum Logging + +logging { + + // Kategorien + + category default { + default_debug; + logtofile; + }; + category general { + logtofile; + syslog-warning; + }; + category lame-servers { + null; + }; + category queries { + query_logging; + }; + + // Kanäle + + channel complete_debug { + file "/var/log/named/complete-debug.log"; + print-category yes; + print-severity yes; + print-time yes; + severity debug 99; + }; + channel logtofile { + file "/var/log/named/named.log"; + print-category yes; + print-severity yes; + print-time yes; + severity info; + }; + channel moderate_debug { + file "/var/log/named/debug.log"; + print-category yes; + print-severity yes; + print-time yes; + severity debug 1; + }; + channel query_logging { + file "/var/log/named/query.log"; + print-time yes; + }; + channel syslog-warning { + syslog daemon; + severity warning; + }; + +}; + +# vim: ts=4 filetype=named noai diff --git a/bind/named-pri.conf b/bind/named-pri.conf new file mode 100644 index 0000000..27a927f --- /dev/null +++ b/bind/named-pri.conf @@ -0,0 +1,117 @@ +//############################################################### +//# Bind9-Konfigurationsdatei - Primäre Zonen +//# /etc/bind/named-pri.conf +//# +//# $Header: /etc/bind/.rcs/named-pri.conf,v 1.5 2011/01/09 22:09:13 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Master-Zonen (Primary) + +//zone "brehm-berlin.de" { +// type master; +// file "pri/brehm-berlin.de.zone"; +// allow-update { none; }; +// allow-transfer { +// common-allow-transfer; +// }; +//}; + +zone "brehm-online.com" { + type master; + file "pri/brehm-online.com.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; +}; + +//zone "brehm-online.eu" { +// type master; +// file "pri/brehm-online.eu.zone"; +// allow-update { none; }; +// allow-transfer { +// common-allow-transfer; +// }; +//}; + +zone "home.brehm-online.com" { + type master; + file "pri/home.brehm-online.com.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "hennig-berlin.org" { + type master; + file "pri/hennig-berlin.org.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; +}; + +//zone "uhu-banane.com" IN { +// type master; +// file "pri/uhu-banane.com.zone"; +// allow-update { none; }; +// allow-transfer { +// common-allow-transfer; +// }; +//}; + +zone "uhu-banane.de" IN { + type master; + file "pri/uhu-banane.de.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; +}; + +//zone "uhu-banane.net" IN { +// type master; +// file "pri/uhu-banane.net.zone"; +// allow-update { none; }; +// allow-transfer { +// common-allow-transfer; +// }; +//}; + +######################################################## +# Reverse Zonen +######################################################## + +zone "7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa" IN { + type master; + file "pri/rev.2001-6f8-1db7.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; + also-notify { + 2001:6f8:1c00:365::2; + }; +}; + +zone "0.0.0.0.7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa" IN { + type master; + file "pri/rev.2001-6f8-1db7-0.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; + also-notify { + 2001:6f8:1c00:365::2; + }; +}; + +# vim: ts=4 filetype=named noai diff --git a/bind/named-sec.conf b/bind/named-sec.conf new file mode 100644 index 0000000..5d343af --- /dev/null +++ b/bind/named-sec.conf @@ -0,0 +1,562 @@ +//############################################################### +//# Bind9-Konfigurationsdatei - Sekundäre Zonen +//# /etc/bind/named-sec +//# +//# $Header: /etc/bind/.rcs/named-sec.conf,v 1.9 2011/02/09 13:54:33 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@brehm-online.com +//# +//############################################################### + +//############################################################### +//# Slave-Zonen (Secondary) + +zone "60-plus-ag.de" IN { + type slave; + file "sec/60-plus-ag.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "60plusag.de" IN { + type slave; + file "sec/60plusag.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "acwain.com" IN { + type slave; + file "sec/acwain.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "acwain.de" IN { + type slave; + file "sec/acwain.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "acwain.net" IN { + type slave; + file "sec/acwain.net.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "don-dona.de" IN { + type slave; + file "sec/don-dona.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "dondona.de" IN { + type slave; + file "sec/dondona.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "e-nergieplus.de" IN { + type slave; + file "sec/e-nergieplus.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "ereda.de" IN { + type slave; + file "sec/ereda.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "gl-versicherungsmakler.de" IN { + type slave; + file "sec/gl-versicherungsmakler.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "irtk.de" IN { + type slave; + file "sec/irtk.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "kleinanzeigen-mv.de" IN { + type slave; + file "sec/kleinanzeigen-mv.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexico-language-school.com" IN { + type slave; + file "sec/mexico-language-school.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexico-travel-and-tours.com" IN { + type slave; + file "sec/mexico-travel-and-tours.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexico-viajes.com" IN { + type slave; + file "sec/mexico-viajes.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexventure.com" IN { + type slave; + file "sec/mexventure.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexventures.com" IN { + type slave; + file "sec/mexventures.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexventure.de" IN { + type slave; + file "sec/mexventure.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mexventures.de" IN { + type slave; + file "sec/mexventures.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mypettown.com" IN { + type slave; + file "sec/mypettown.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "mypettown.de" IN { + type slave; + file "sec/mypettown.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "planetec.de" IN { + type slave; + file "sec/planetec.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +#zone "profitbricks.com" IN { +# type slave; +# file "sec/profitbricks.com.zone"; +# masters { +# 62.116.131.31; +# 83.169.55.5; +# 195.34.161.195; +# 74.208.164.110; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +#zone "profitbricks.de" IN { +# type slave; +# file "sec/profitbricks.de.zone"; +# masters { +# 62.116.131.31; +# 83.169.55.5; +# 195.34.161.195; +# 74.208.164.110; +# }; +# allow-transfer { +# common-allow-transfer; +# }; +#}; + +zone "reisen-mexico.com" IN { + type slave; + file "sec/reisen-mexico.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "reisen-mexiko.com" IN { + type slave; + file "sec/reisen-mexiko.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "ruby-love.de" IN { + type slave; + file "sec/ruby-love.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "rubylove.de" IN { + type slave; + file "sec/rubylove.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "saeger.cc" IN { + type slave; + file "sec/saeger.cc.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shirlyfcosta.com" IN { + type slave; + file "sec/shirlyfcosta.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shopyoo.com" IN { + type slave; + file "sec/shopyoo.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shop-yoo.de" IN { + type slave; + file "sec/shop-yoo.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shopyoo.de" IN { + type slave; + file "sec/shopyoo.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shop-you.de" IN { + type slave; + file "sec/shop-you.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "shopyou.de" IN { + type slave; + file "sec/shopyou.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "spanisch-in-mexiko.com" IN { + type slave; + file "sec/spanisch-in-mexiko.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "spanisch-online-lernen.com" IN { + type slave; + file "sec/spanisch-online-lernen.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "spanish-and-mexico.com" IN { + type slave; + file "sec/spanish-and-mexico.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "spanish-online-study.com" IN { + type slave; + file "sec/spanish-online-study.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "spanish-school-mexico.com" IN { + type slave; + file "sec/spanish-school-mexico.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "sprachreisen-mexiko.com" IN { + type slave; + file "sec/sprachreisen-mexiko.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "sprachschule-mexiko.com" IN { + type slave; + file "sec/sprachschule-mexiko.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "spridgets.net" IN { + type slave; + file "sec/spridgets.net.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "timo-adam.de" IN { + type slave; + file "sec/timo-adam.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "timoadam.de" IN { + type slave; + file "sec/timoadam.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "tomsue.de" IN { + type slave; + file "sec/tomsue.de.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "vacation-in-mexico.com" IN { + type slave; + file "sec/vacation-in-mexico.com.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "vital-beauty.net" IN { + type slave; + file "sec/vital-beauty.net.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "vitalbeauty.net" IN { + type slave; + file "sec/vitalbeauty.net.zone"; + masters { + 85.214.147.150; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +# vim: ts=4 filetype=named noai diff --git a/bind/named.conf b/bind/named.conf new file mode 100644 index 0000000..0717c2a --- /dev/null +++ b/bind/named.conf @@ -0,0 +1,140 @@ +//############################################################### +//# Bind9-Konfigurationsdatei +//# /etc/bind/named.conf +//# +//# $Header: /etc/bind/.rcs/named.conf,v 1.10 2011/02/09 13:58:03 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@brehm-online.com +//# +//############################################################### + + + +//############################################################### +//# Allgemeine Optionen + +options { + directory "/var/bind"; + + // uncomment the following lines to turn on DNS forwarding, + // and change the forwarding ip address(es) : + //forward first; + //forwarders { + // 123.123.123.123; + // 123.123.123.123; + //}; + + # Auf allen Ports lauschen ... + listen-on-v6 { + any; + }; + listen-on { + any; + }; + + // to allow only specific hosts to use the DNS server: + //allow-query { + // 127.0.0.1; + //}; + + allow-notify { + 85.214.147.150; + 85.214.134.152; + 127.0.0.1/8; + ::1; + 2a01:238:4225:6e00:8f8c:808a:7fb8:88df; + 2a01:238:4239:8a00:d4da:215d:3d01:f9b9; + }; + + // if you have problems and are behind a firewall: + //query-source address * port 53; + pid-file "/var/run/named/named.pid"; + + version "none"; + +}; + +// Logging +include "/etc/bind/named-log.conf"; + +// Managed Keys +include "/etc/bind/bind.keys"; + +//############################################################### +//# Kontrollkanäle für RNDC + +controls { + inet 127.0.0.1 port 953 allow { + 127.0.0.1; + } keys { + "rndc-key"; + }; +}; + +//############################################################### +//# Id-Schlüssel + +key rndc-key { + algorithm hmac-md5; + secret "qVWegky7GAFenNmgrZgf6A=="; +}; + +key DYN_DNS_UPDATER { + algorithm hmac-md5; + secret "gi69Yjzo1OSPVQ/oTTgw+Q=="; +}; + +// Access-Control-Listen +include "/etc/bind/named-acl.conf"; + +// Briefly, a zone which has been declared delegation-only will be effectively +// limited to containing NS RRs for subdomains, but no actual data beyond its +// own apex (for example, its SOA RR and apex NS RRset). This can be used to +// filter out "wildcard" or "synthesized" data from NAT boxes or from +// authoritative name servers whose undelegated (in-zone) data is of no +// interest. +// See http://www.isc.org/products/BIND/delegation-only.html for more info + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//############################################################### +//# Hint-Zonen (zum Finden der Root-Server) + +zone "." IN { + type hint; + file "named.cache"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; +}; + +//############################################################### +// Include der Zonendefinitionen + +// Master-Zonen +include "/etc/bind/named-pri.conf"; + +// Dynamische Zonen +include "/etc/bind/named-dyn.conf"; + +// Slave-Zonen +include "/etc/bind/named-sec.conf"; + + + +# vim: ts=4 filetype=named noai diff --git a/bind/named.conf.orig b/bind/named.conf.orig new file mode 100644 index 0000000..20dfa79 --- /dev/null +++ b/bind/named.conf.orig @@ -0,0 +1,165 @@ +/* + * Refer to the named.conf(5) and named(8) man pages, and the documentation + * in /usr/share/doc/bind-9 for more details. + * Online versions of the documentation can be found here: + * http://www.isc.org/software/bind/documentation + * + * If you are going to set up an authoritative server, make sure you + * understand the hairy details of how DNS works. Even with simple mistakes, + * you can break connectivity for affected parties, or cause huge amounts of + * useless Internet traffic. + */ + +acl "xfer" { + /* Deny transfers by default except for the listed hosts. + * If we have other name servers, place them here. + */ + none; +}; + +/* + * You might put in here some ips which are allowed to use the cache or + * recursive queries + */ +acl "trusted" { + 127.0.0.0/8; + ::1/128; +}; + +options { + directory "/var/bind"; + pid-file "/var/run/named/named.pid"; + + /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ + //bindkeys-file "/etc/bind/bind.keys"; + + listen-on-v6 { ::1; }; + listen-on { 127.0.0.1; }; + + allow-query { + /* + * Accept queries from our "trusted" ACL. We will + * allow anyone to query our master zones below. + * This prevents us from becoming a free DNS server + * to the masses. + */ + trusted; + }; + + allow-query-cache { + /* Use the cache for the "trusted" ACL. */ + trusted; + }; + + allow-recursion { + /* Only trusted addresses are allowed to use recursion. */ + trusted; + }; + + allow-transfer { + /* Zone tranfers are denied by default. */ + none; + }; + + allow-update { + /* Don't allow updates, e.g. via nsupdate. */ + none; + }; + + /* + * If you've got a DNS server around at your upstream provider, enter its + * IP address here, and enable the line below. This will make you benefit + * from its cache, thus reduce overall DNS traffic in the Internet. + * + * Uncomment the following lines to turn on DNS forwarding, and change + * and/or update the forwarding ip address(es): + */ +/* + forward first; + forwarders { + // 123.123.123.123; // Your ISP NS + // 124.124.124.124; // Your ISP NS + // 4.2.2.1; // Level3 Public DNS + // 4.2.2.2; // Level3 Public DNS + 8.8.8.8; // Google Open DNS + 8.8.4.4; // Google Open DNS + }; + +*/ + + //dnssec-enable yes; + //dnssec-validation yes; + + /* if you have problems and are behind a firewall: */ + //query-source address * port 53; +}; + +/* +logging { + channel default_log { + file "/var/log/named/named.log" versions 5 size 50M; + print-time yes; + print-severity yes; + print-category yes; + }; + + category default { default_log; }; + category general { default_log; }; +}; +*/ + +include "/etc/bind/rndc.key"; +controls { + inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; +}; + +zone "." in { + type hint; + file "/var/bind/root.cache"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + notify no; +}; + +/* + * Briefly, a zone which has been declared delegation-only will be effectively + * limited to containing NS RRs for subdomains, but no actual data beyond its + * own apex (for example, its SOA RR and apex NS RRset). This can be used to + * filter out "wildcard" or "synthesized" data from NAT boxes or from + * authoritative name servers whose undelegated (in-zone) data is of no + * interest. + * See http://www.isc.org/software/bind/delegation-only for more info + */ + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//zone "YOUR-DOMAIN.TLD" { +// type master; +// file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; +// allow-query { any; }; +// allow-transfer { xfer; }; +//}; + +//zone "YOUR-SLAVE.TLD" { +// type slave; +// file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; +// masters { ; }; + + /* Anybody is allowed to query but transfer should be controlled by the master. */ +// allow-query { any; }; +// allow-transfer { none; }; + + /* The master should be the only one who notifies the slaves, shouldn't it? */ +// allow-notify { ; }; +// notify no; +//}; diff --git a/bind/pri b/bind/pri new file mode 120000 index 0000000..aab69e6 --- /dev/null +++ b/bind/pri @@ -0,0 +1 @@ +/var/bind/pri \ No newline at end of file diff --git a/bind/rndc.key b/bind/rndc.key new file mode 100644 index 0000000..d273f26 --- /dev/null +++ b/bind/rndc.key @@ -0,0 +1,4 @@ +key "rndc-key" { + algorithm hmac-md5; + secret "qVWegky7GAFenNmgrZgf6A=="; +}; diff --git a/bind/sec b/bind/sec new file mode 120000 index 0000000..810ce2a --- /dev/null +++ b/bind/sec @@ -0,0 +1 @@ +/var/bind/sec \ No newline at end of file diff --git a/conf.d/.rcs/apache2,v b/conf.d/.rcs/apache2,v new file mode 100644 index 0000000..ed380fa --- /dev/null +++ b/conf.d/.rcs/apache2,v @@ -0,0 +1,117 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.02.13.19.02; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.26; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# /etc/conf.d/apache2: config file for /etc/init.d/apache2 + +# When you install a module it is easy to activate or deactivate the modules +# and other features of apache using the APACHE2_OPTS line. Every module should +# install a configuration in /etc/apache2/modules.d. In that file will have an +# directive where NNN is the option to enable that module. +# +# Here are the options available in the default configuration: +# +# AUTH_DIGEST Enables mod_auth_digest +# AUTHNZ_LDAP Enables authentication through mod_ldap (available if USE=ldap) +# CACHE Enables mod_cache +# DAV Enables mod_dav +# ERRORDOCS Enables default error documents for many languages. +# INFO Enables mod_info, a useful module for debugging +# LANGUAGE Enables content-negotiation based on language and charset. +# LDAP Enables mod_ldap (available if USE=ldap) +# MANUAL Enables /manual/ to be the apache manual (available if USE=docs) +# MEM_CACHE Enables default configuration mod_mem_cache +# PROXY Enables mod_proxy +# SSL Enables SSL (available if USE=ssl) +# SUEXEC Enables running CGI scripts (in USERDIR) through suexec. +# USERDIR Enables /~username mapping to /home/username/public_html +# +# +# The following two options provide the default virtual host for the HTTP and +# HTTPS protocol. YOU NEED TO ENABLE AT LEAST ONE OF THEM, otherwise apache +# will not listen for incomming connections on the approriate port. +# +# DEFAULT_VHOST Enables name-based virtual hosts, with the default +# virtual host being in /var/www/localhost/htdocs +# SSL_DEFAULT_VHOST Enables default vhost for SSL (you should enable this +# when you enable SSL) +# +#APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D LANGUAGE" +APACHE2_OPTS="-D DEFAULT_VHOST -D PHP5 -D SSL -D SSL_DEFAULT_VHOST -D MANUAL -D PERL -D INFO -D STATUS -D DAV -D SVN -D ERRORDOCS -D LANGUAGE -D FASTCGI" + +# Extended options for advanced uses of Apache ONLY +# You don't need to edit these unless you are doing crazy Apache stuff +# As not having them set correctly, or feeding in an incorrect configuration +# via them will result in Apache failing to start +# YOU HAVE BEEN WARNED. + +# PID file +#PIDFILE=/var/run/apache2.pid + +# timeout for startup/shutdown checks +#TIMEOUT=10 + +# ServerRoot setting +#SERVERROOT=/usr/lib64/apache2 + +# Configuration file location +# - If this does NOT start with a '/', then it is treated relative to +# $SERVERROOT by Apache +#CONFIGFILE=/etc/apache2/httpd.conf + +# Location to log startup errors to +# They are normally dumped to your terminal. +STARTUPERRORLOG="/var/log/apache2/startuperror.log" + +# A command that outputs a formatted text version of the HTML at the URL +# of the command line. Designed for lynx, however other programs may work. +#LYNX="lynx -dump" + +# The URL to your server's mod_status status page. +# Required for status and fullstatus +#STATUSURL="http://localhost/server-status" + +# Method to use when reloading the server +# Valid options are 'restart' and 'graceful' +# See http://httpd.apache.org/docs/2.2/stopping.html for information on +# what they do and how they differ. +#RELOAD_TYPE="graceful" +@ + + +1.1 +log +@Initial revision +@ +text +@d35 2 +a36 1 +APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D LANGUAGE" +d60 1 +a60 1 +#STARTUPERRORLOG="/var/log/apache2/startuperror.log" +@ diff --git a/conf.d/.rcs/auditd,v b/conf.d/.rcs/auditd,v new file mode 100644 index 0000000..177e7e9 --- /dev/null +++ b/conf.d/.rcs/auditd,v @@ -0,0 +1,40 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.21.59.04; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-conf.d-1.2.3,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ + +# Configuration options for auditd +# -f for foreground mode +# There are some other options as well, but you'll have to look in the source +# code to find them as they aren't ready for use yet. +EXTRAOPTIONS='' + +# Audit rules file to run after starting auditd +RULEFILE_STARTUP=/etc/audit/audit.rules + +# Audit rules file to run before and after stopping auditd +RULEFILE_STOP_PRE=/etc/audit/audit.rules.stop.pre +RULEFILE_STOP_POST=/etc/audit/audit.rules.stop.post +@ diff --git a/conf.d/.rcs/autofs,v b/conf.d/.rcs/autofs,v new file mode 100644 index 0000000..e5c6a53 --- /dev/null +++ b/conf.d/.rcs/autofs,v @@ -0,0 +1,151 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.11.29.45; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# +# Define default options for autofs. +# +# MASTER_MAP_NAME - default map name for the master map. +# +#MASTER_MAP_NAME="auto.master" +# +# TIMEOUT - set the default mount timeout (default 600). +# +TIMEOUT=300 +# +# NEGATIVE_TIMEOUT - set the default negative timeout for +# failed mount attempts (default 60). +# +#NEGATIVE_TIMEOUT=60 +# +# UMOUNT_WAIT - time to wait for a response from umount(8). +# +#UMOUNT_WAIT=12 +# +# BROWSE_MODE - maps are browsable by default. +# +BROWSE_MODE="no" +# +# MOUNT_NFS_DEFAULT_PROTOCOL - specify the default protocol used by +# mount.nfs(8). Since we can't identify +# the default automatically we need to +# set it in our configuration. This will +# only make a difference for replicated +# map entries as availability probing isn't +# used for single host map entries. +# +#MOUNT_NFS_DEFAULT_PROTOCOL=3 +# +# APPEND_OPTIONS - append to global options instead of replace. +# +#APPEND_OPTIONS="yes" +# +# LOGGING - set default log level "none", "verbose" or "debug" +# +#LOGGING="none" +# +# Define server URIs +# +# LDAP_URI - space seperated list of server uris of the form +# ://[/] where can be ldap +# or ldaps. The option can be given multiple times. +# Map entries that include a server name override +# this option. +# +# This configuration option can also be used to +# request autofs lookup SRV RRs for a domain of +# the form :///[]. Note that a +# trailing "/" is not allowed when using this form. +# If the domain dn is not specified the dns domain +# name (if any) is used to construct the domain dn +# for the SRV RR lookup. The server list returned +# from an SRV RR lookup is refreshed according to +# the minimum ttl found in the SRV RR records or +# after one hour, whichever is less. +# +#LDAP_URI="" +# +# LDAP__TIMEOUT - timeout value for the synchronous API calls +# (default is LDAP library default). +# +#LDAP_TIMEOUT=-1 +# +# LDAP_NETWORK_TIMEOUT - set the network response timeout (default 8). +# +#LDAP_NETWORK_TIMEOUT=8 +# +# Define base dn for map dn lookup. +# +# SEARCH_BASE - base dn to use for searching for map search dn. +# Multiple entries can be given and they are checked +# in the order they occur here. +# +#SEARCH_BASE="" +# +# Define the LDAP schema to used for lookups +# +# If no schema is set autofs will check each of the schemas +# below in the order given to try and locate an appropriate +# basdn for lookups. If you want to minimize the number of +# queries to the server set the values here. +# +#MAP_OBJECT_CLASS="nisMap" +#ENTRY_OBJECT_CLASS="nisObject" +#MAP_ATTRIBUTE="nisMapName" +#ENTRY_ATTRIBUTE="cn" +#VALUE_ATTRIBUTE="nisMapEntry" +# +# Other common LDAP nameing +# +#MAP_OBJECT_CLASS="automountMap" +#ENTRY_OBJECT_CLASS="automount" +#MAP_ATTRIBUTE="ou" +#ENTRY_ATTRIBUTE="cn" +#VALUE_ATTRIBUTE="automountInformation" +# +#MAP_OBJECT_CLASS="automountMap" +#ENTRY_OBJECT_CLASS="automount" +#MAP_ATTRIBUTE="automountMapName" +#ENTRY_ATTRIBUTE="automountKey" +#VALUE_ATTRIBUTE="automountInformation" +# +# AUTH_CONF_FILE - set the default location for the SASL +# authentication configuration file. +# +#AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf" +# +# MAP_HASH_TABLE_SIZE - set the map cache hash table size. +# Should be a power of 2 with a ratio roughly +# between 1:10 and 1:20 for each map. +# +#MAP_HASH_TABLE_SIZE=1024 +# +# General global options +# +# If the kernel supports using the autofs miscellanous device +# and you wish to use it you must set this configuration option +# to "yes" otherwise it will not be used. +USE_MISC_DEVICE="yes" +# +#OPTIONS="" +# +@ diff --git a/conf.d/.rcs/books-prod-fcgi,v b/conf.d/.rcs/books-prod-fcgi,v new file mode 100644 index 0000000..79cb9cd --- /dev/null +++ b/conf.d/.rcs/books-prod-fcgi,v @@ -0,0 +1,45 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.07.20.12.35; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/books-prod-fcgi: config file for /etc/init.d/books-prod-fcgi + +DAEMON_USER="frank" +DAEMON_GROUP="users" +PID_DIR="/var/run/frank" + +# Pid file to use (needs to be absolute path). +DAEMON_PIDFILE="${PID_DIR}/books-prod.pid" + +# Working directory (needs to be absolute path). +DAEMON_DIR="/var/www/books" + +# Path to the binary (needs to be absolute path). +DAEMON_BINARY="${DAEMON_DIR}/script/frbr_books_fastcgi.pl" + +# Path to the socket for Apache mod_fastcgi +DAEMON_SOCKET="/tmp/frbr_books_app.sock" + +# Count of daemon processes +DAEMON_COUNT=2 + +@ diff --git a/conf.d/.rcs/bootmisc,v b/conf.d/.rcs/bootmisc,v new file mode 100644 index 0000000..7c9e7a0 --- /dev/null +++ b/conf.d/.rcs/bootmisc,v @@ -0,0 +1,36 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.18.08.57.19; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/bootmisc + +# Put a nologin file in /etc to prevent people from logging in before +# system startup is complete + +DELAYLOGIN="no" + + +# Should we completely wipe out /tmp or just selectively remove known +# locks / files / etc... ? + +WIPE_TMP="yes" +@ diff --git a/conf.d/.rcs/clamd,v b/conf.d/.rcs/clamd,v new file mode 100644 index 0000000..2190c7c --- /dev/null +++ b/conf.d/.rcs/clamd,v @@ -0,0 +1,33 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.19.01.48; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Config file for /etc/init.d/clamd + +# NOTICE: Since clamav-0.85-r1, only START_CLAMD and START_FRESHCLAM settings +# are used, other are silently ignored + +START_CLAMD=yes +START_FRESHCLAM=yes +CLAMD_NICELEVEL=3 +FRESHCLAM_NICELEVEL=19 +@ diff --git a/conf.d/.rcs/clock,v b/conf.d/.rcs/clock,v new file mode 100644 index 0000000..d77e050 --- /dev/null +++ b/conf.d/.rcs/clock,v @@ -0,0 +1,60 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.17.41.04; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/clock + +# Set CLOCK to "UTC" if your hardware clock is set to UTC (also known as +# Greenwich Mean Time). If that clock is set to the local time, then +# set CLOCK to "local". +# Note that if you dual boot with Windows, then you should set it to +# "local" because Windows always sets the hardware clock to local time. + +CLOCK="UTC" + +# Select the proper timezone. For valid values, peek inside of the +# /usr/share/zoneinfo/ directory. For example, some common values are +# "America/New_York" or "EST5EDT" or "Europe/Berlin". If you want to +# manage /etc/localtime yourself, set this to "". + +#TIMEZONE="Factory" +TIMEZONE="Europe/Berlin" + +# If you wish to pass any other arguments to hwclock during bootup, +# you may do so here. + +CLOCK_OPTS="" + +# If you want to set the Hardware Clock to the current System Time (software +# clock) during shutdown, then say "yes" here. + +CLOCK_SYSTOHC="yes" + + +### ALPHA SPECIFIC OPTIONS ### + +# If your alpha uses the SRM console, set this to "yes". +SRM="no" + +# If your alpha uses the ARC console, set this to "yes". +ARC="no" +@ diff --git a/conf.d/.rcs/consolefont,v b/conf.d/.rcs/consolefont,v new file mode 100644 index 0000000..fea392c --- /dev/null +++ b/conf.d/.rcs/consolefont,v @@ -0,0 +1,40 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.18.08.57.19; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/consolefont + +# CONSOLEFONT specifies the default font that you'd like Linux to use on the +# console. You can find a good selection of fonts in /usr/share/consolefonts; +# you shouldn't specify the trailing ".psf.gz", just the font name below. +# To use the default console font, comment out the CONSOLEFONT setting below. +# This setting is used by the /etc/init.d/consolefont script (NOTE: if you do +# not want to use it, run "rc-update del consolefont" as root). + +CONSOLEFONT="default8x16" + +# CONSOLETRANSLATION is the charset map file to use. Leave commented to use +# the default one. Have a look in /usr/share/consoletrans for a selection of +# map files you can use. + +#CONSOLETRANSLATION="8859-1_to_uni" +@ diff --git a/conf.d/.rcs/crypto-loop,v b/conf.d/.rcs/crypto-loop,v new file mode 100644 index 0000000..56cdcf9 --- /dev/null +++ b/conf.d/.rcs/crypto-loop,v @@ -0,0 +1,33 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.18.39.55; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/crypto-loop: Configuration file for /etc/init.d/crypto-loop + +# More info can be found in the init.d script + +# Specify loopback configurations here. The format of this file is +# shown in the following commented-out example. One line per loopback +# configuration. For possible hash values, see `man hashalot`. + +# loop=/dev/loop0 hash='' cipher=serpent keysize=256 device=/dev/system/test other='' +@ diff --git a/conf.d/.rcs/device-mapper,v b/conf.d/.rcs/device-mapper,v new file mode 100644 index 0000000..5f7987b --- /dev/null +++ b/conf.d/.rcs/device-mapper,v @@ -0,0 +1,25 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.17.49.09; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@RC_AFTER="lvm" +@ diff --git a/conf.d/.rcs/env_whitelist,v b/conf.d/.rcs/env_whitelist,v new file mode 100644 index 0000000..5fcc907 --- /dev/null +++ b/conf.d/.rcs/env_whitelist,v @@ -0,0 +1,30 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.18.08.57.19; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/env_whitelist: Environment whitelist for rc-system + +# Specify which variables are allowed to be passed from the environment to the +# rc-system. If it is not set by the environment, then the variable will be +# taken from /etc/profile.env - meaning, if you need to set LANG or such, +# do it in a /etc/env.d/99myownstuff file for example, and run env-update. +@ diff --git a/conf.d/.rcs/git-daemon,v b/conf.d/.rcs/git-daemon,v new file mode 100644 index 0000000..26b1e75 --- /dev/null +++ b/conf.d/.rcs/git-daemon,v @@ -0,0 +1,43 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.22.59.33; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# conf.d file for git-daemon +# +# Please check man 1 git-daemon for more information about the options +# git-daemon accepts. You MUST edit this to include your repositories you wish +# to serve. +# +# Some of the meaningful options are: +# --syslog --- Enables syslog logging +# --verbose --- Enables verbose logging +# --export-all --- Exports all repositories +# --port=XXXX --- Starts in port XXXX instead of 9418 +# +GITDAEMON_OPTS="--syslog /var/git" + +# To run an anonymous git safely, the following user should be able to only +# read your Git repositories. It should not able able to write to anywhere on +# your system, esp. not the repositories. +GIT_USER="nobody" +GIT_GROUP="nobody" +@ diff --git a/conf.d/.rcs/gpm,v b/conf.d/.rcs/gpm,v new file mode 100644 index 0000000..b93e0cd --- /dev/null +++ b/conf.d/.rcs/gpm,v @@ -0,0 +1,47 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.17.43.30; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/init.d/gpm + +# Please uncomment the type of mouse you have and the appropriate MOUSEDEV entry + +MOUSE=ps2 +#MOUSE=imps2 +#MOUSEDEV=/dev/psaux +MOUSEDEV=/dev/input/mice + +# Extra settings + +#RESPONSIVENESS= +#REPEAT_TYPE=raw + +# Please uncomment this line if you want gpm to understand charsets used +# in URLs and names with ~ or : in them, etc. This is a good idea to turn on! + +#APPEND="-l \"a-zA-Z0-9_.:~/\300-\326\330-\366\370-\377\"" + +# Various other options, see gpm(8) manpage for more. + +#APPEND="-g 1 -A60" +#APPEND="-l \"a-zA-Z0-9_.:~/\300-\326\330-\366\370-\377\" -g 1 -A60" +@ diff --git a/conf.d/.rcs/hostname,v b/conf.d/.rcs/hostname,v new file mode 100644 index 0000000..d19e43b --- /dev/null +++ b/conf.d/.rcs/hostname,v @@ -0,0 +1,28 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.25.11.05.48; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/hostname + +# Set to the hostname of this machine +HOSTNAME="helga" +@ diff --git a/conf.d/.rcs/ip6tables,v b/conf.d/.rcs/ip6tables,v new file mode 100644 index 0000000..20d9a4c --- /dev/null +++ b/conf.d/.rcs/ip6tables,v @@ -0,0 +1,35 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.21.26.03; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/ip6tables + +# Location in which iptables initscript will save set rules on +# service shutdown +IP6TABLES_SAVE="/var/lib/ip6tables/rules-save" + +# Options to pass to iptables-save and iptables-restore +SAVE_RESTORE_OPTIONS="-c" + +# Save state on stopping iptables +SAVE_ON_STOP="yes" +@ diff --git a/conf.d/.rcs/iptables,v b/conf.d/.rcs/iptables,v new file mode 100644 index 0000000..0c97f7d --- /dev/null +++ b/conf.d/.rcs/iptables,v @@ -0,0 +1,35 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.21.26.03; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/iptables + +# Location in which iptables initscript will save set rules on +# service shutdown +IPTABLES_SAVE="/var/lib/iptables/rules-save" + +# Options to pass to iptables-save and iptables-restore +SAVE_RESTORE_OPTIONS="-c" + +# Save state on stopping iptables +SAVE_ON_STOP="yes" +@ diff --git a/conf.d/.rcs/keymaps,v b/conf.d/.rcs/keymaps,v new file mode 100644 index 0000000..b640b20 --- /dev/null +++ b/conf.d/.rcs/keymaps,v @@ -0,0 +1,51 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.25.11.41.40; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/keymaps + +# Use KEYMAP to specify the default console keymap. There is a complete tree +# of keymaps in /usr/share/keymaps to choose from. + +#KEYMAP="us" +KEYMAP="de-latin1-nodeadkeys" + + +# Should we first load the 'windowkeys' console keymap? Most x86 users will +# say "yes" here. Note that non-x86 users should leave it as "no". + +SET_WINDOWKEYS="no" + + +# The maps to load for extended keyboards. Most users will leave this as is. + +EXTENDED_KEYMAPS="" +#EXTENDED_KEYMAPS="backspace keypad euro" + + +# Tell dumpkeys(1) to interpret character action codes to be +# from the specified character set. +# This only matters if you set UNICODE="yes" in /etc/rc.conf. +# For a list of valid sets, run `dumpkeys --help` + +DUMPKEYS_CHARSET="" +@ diff --git a/conf.d/.rcs/lm_sensors,v b/conf.d/.rcs/lm_sensors,v new file mode 100644 index 0000000..262e9d3 --- /dev/null +++ b/conf.d/.rcs/lm_sensors,v @@ -0,0 +1,49 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.22.57.50; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Generated by sensors-detect on Wed Dec 1 23:57:50 2010 +# This file is sourced by /etc/init.d/lm_sensors and defines the modules to +# be loaded/unloaded. +# +# The format of this file is a shell script that simply defines variables: +# HWMON_MODULES for hardware monitoring driver modules, and optionally +# BUS_MODULES for any required bus driver module (for example for I2C or SPI). + +# Load modules at startup +LOADMODULES=yes + +# Initialize sensors at startup +INITSENSORS=yes + +HWMON_MODULES="w83627ehf" + +# For compatibility reasons, modules are also listed individually as variables +# MODULE_0, MODULE_1, MODULE_2, etc. +# Please note that the numbers in MODULE_X must start at 0 and increase in +# steps of 1. Any number that is missing will make the init script skip the +# rest of the modules. Use MODULE_X_ARGS for arguments. +# +# You should use BUS_MODULES and HWMON_MODULES instead if possible. + +MODULE_0=w83627ehf +@ diff --git a/conf.d/.rcs/local.start,v b/conf.d/.rcs/local.start,v new file mode 100644 index 0000000..b403c9f --- /dev/null +++ b/conf.d/.rcs/local.start,v @@ -0,0 +1,35 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.06.20.56.22; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/local.start + +# This is a good place to load any misc programs +# on startup (use &>/dev/null to hide output) + +echo "Setze Standard-Route IPv6 via fe80::1 dev eth0" +/sbin/ip -6 route add default via fe80::1 dev eth0 + +echo "Sende Mail wegen Boot ..." +echo "Server `hostname` wird '`date`' gebootet" | /usr/bin/mailx -s "Boot von `hostname`" root@@localhost + +@ diff --git a/conf.d/.rcs/local.stop,v b/conf.d/.rcs/local.stop,v new file mode 100644 index 0000000..bad247f --- /dev/null +++ b/conf.d/.rcs/local.stop,v @@ -0,0 +1,40 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.06.20.54.37; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/local.stop + +# This is a good place to unload any misc. +# programs you started above. +# For example, if you are using OSS and have +# "/usr/local/bin/soundon" above, put +# "/usr/local/bin/soundoff" here. + +echo "Sende Mail wegen Shutdown ..." +echo "Server `hostname` wird '`date`' ordentlich heruntergefahren" | /usr/bin/mailx -s "Shutdown von `hostname`" root@@localhost + +echo +echo "Warte 5 Sekunden ..." +echo +sleep 5 + +@ diff --git a/conf.d/.rcs/lvm,v b/conf.d/.rcs/lvm,v new file mode 100644 index 0000000..adab529 --- /dev/null +++ b/conf.d/.rcs/lvm,v @@ -0,0 +1,29 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.17.49.08; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# LVM should normally only be started after mdraid is available +# this is because LVM physical volumes are very often MD devices. +RC_AFTER="mdraid" + +# vim: ft=gentoo-conf-d +@ diff --git a/conf.d/.rcs/mdadm,v b/conf.d/.rcs/mdadm,v new file mode 100644 index 0000000..6d3f36c --- /dev/null +++ b/conf.d/.rcs/mdadm,v @@ -0,0 +1,31 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.17.47.44; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/mdadm: config file for /etc/init.d/mdadm + +# Misc options to pass to mdadm in monitor mode. +# For more info, run `mdadm --monitor --help` or see +# the mdadm(8) manpage. + +MDADM_OPTS="--syslog" +@ diff --git a/conf.d/.rcs/mdraid,v b/conf.d/.rcs/mdraid,v new file mode 100644 index 0000000..c3b7118 --- /dev/null +++ b/conf.d/.rcs/mdraid,v @@ -0,0 +1,29 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.17.47.44; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/mdraid: config file for /etc/init.d/mdraid + +# For people who run raid on top of some other layer (like +# dmcrypt), use rc_need to specify that requirement. See +# the runscript(8) man page for more information. +@ diff --git a/conf.d/.rcs/mysql,v b/conf.d/.rcs/mysql,v new file mode 100644 index 0000000..cfbfde7 --- /dev/null +++ b/conf.d/.rcs/mysql,v @@ -0,0 +1,104 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.06.29.11; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Here is where we define which server(s) to start. +# Additional parameters to be passed to mysqld at startup may be added here, +# which will override the ones in "my.cnf". +# +# Below are described some suggested parameters to use. +# The parameters not recognized will be passed through to the mysqld daemon +# directly! +# To avoid starting a server just comment it's definition. +# +# Last but not least, SPACES are NOT allowed inside the parameters! +# +# Parameter : description +# ----------------+----------------------------------------------------------- +# nice : integer [-20 .. 19 ] default 0 +# : change the priority of the server -20 (high) to 19 (low) +# : see "man nice 1" for description +# ----------------+----------------------------------------------------------- +# mycnf : string [full path to my.cnf] +# : specify the path to my.cnf file to be used +# ----------------+----------------------------------------------------------- +# startup_timeout : integer [seconds] default 15 +# : time to wait for mysqld up and running, after this it's +# : marked as failed +# ----------------+----------------------------------------------------------- +# +# Additional parameters +# Parameter : description +# ----------------+----------------------------------------------------------- +# server-id : integer [1 .. 255] +# : Uniquely identifies the server instance in the community +# : of replication partners. +# ----------------+----------------------------------------------------------- +# port : integer [1025 .. 65535] default 3306 +# : Port number to use for connection. +# : Looses any meaning if skip-networking is set. +# ----------------+----------------------------------------------------------- +# skip-networking : NULL +# : Don't allow connection through TCP/IP. +# ----------------+----------------------------------------------------------- +# log-bin : string [name of the binlog files] +# : Log update queries in binary format. Optional (but +# : strongly recommended to avoid replication problems if +# : server's hostname changes) argument should be the chosen +# : location for the binary log files. +# ----------------+----------------------------------------------------------- +# Additionally the following variables are recognized: +# +# Be more verbose, accepts values from 1 to 4 +#DEBUG=4 +# +# The default location for the "master" pid file +#MYSQL_GLOB_PID_FILE="/var/run/svc-started-mysqld" +# +# The timeout for a failed attempt to stop a server +#STOPTIMEOUT=120 +# + +# The parameters are passed in a bash array variable, +# the variable name is mysql_slot_0_[server-num] +# "server-num" is an optional number used to start multiple servers +# +# Examples: +# +# start a default server with default options: +#mysql_slot_0=() +# +# start MySQL reniced, overriding some start parameters +#mysql_slot_0=( +# "nice=-5" +# "server-id=123" +# "log-bin="myhost" +# "port=3307" +#) +# +# start another server, different my.cnf +#mysql_slot_0_1=( +# "mycnf=/home/test/my.cnf" +# "server-id=124" +#) +# +@ diff --git a/conf.d/.rcs/mysqlmanager,v b/conf.d/.rcs/mysqlmanager,v new file mode 100644 index 0000000..ceeb2f0 --- /dev/null +++ b/conf.d/.rcs/mysqlmanager,v @@ -0,0 +1,52 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.06.29.11; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Here is where we define which server(s) to start. +# Additional parameters to be passed to mysqlmanager at startup may be added here, +# which will override the ones in "my.cnf". +# +# To avoid starting a server just comment it's definition +# here or it will rant (no default start). +# Last but not least, spaces are NOT allowed inside the parameters! +# +# Below are described some suggested parameters to use. +# The parameters not recognized will be passed through to the mysqlmanager directly. +# +# Parameter : description + +# ----------------+----------------------------------------------------------- +# mycnf : string [full path to my.cnf] +# : specify the path to my.cnf file to be used +# : may contain a [manager] section +# ----------------+----------------------------------------------------------- +# +# Basic default +# +#mysqlmanager_slot_0=() +# +# Start MySQL 5.0.X overriding the my.cnf path +#mysqlmanager_slot_500=( +# "mycnf=/home/test/my.cnf" +#) +# +@ diff --git a/conf.d/.rcs/nagios,v b/conf.d/.rcs/nagios,v new file mode 100644 index 0000000..057f758 --- /dev/null +++ b/conf.d/.rcs/nagios,v @@ -0,0 +1,34 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.11.49.07; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-core/files/conf.d,v 1.1 2004/08/20 13:38:13 eldad Exp $ + +# Distributed monitoring users will want to configure here the ip/hostname of the central server. +# It will be used by submit_check_result_via_nsca. +NAGIOS_NSCA_HOST="localhost" + + + +@ diff --git a/conf.d/.rcs/named,v b/conf.d/.rcs/named,v new file mode 100644 index 0000000..cec8e61 --- /dev/null +++ b/conf.d/.rcs/named,v @@ -0,0 +1,50 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.22.05.00; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Set various named options here. +# +OPTIONS="" + +# Set this to the number of processors you want bind to use. +# Leave this unchanged if you want bind to automatically detect the number +#CPU="1" + +# If you wish to run bind in a chroot: +# 1) un-comment the CHROOT= assignment, below. You may use +# a different chroot directory but MAKE SURE it's empty. +# 2) run: emerge --config = +# +# CHROOT="/chroot/dns" + +# RNDC needs to be told what server we're using sometimes. +#SERVER="-s 127.0.0.1" +# rndc key to use +RNDC_KEY="${CHROOT}/etc/bind/rndc.key" + +# Default pid file location +PIDFILE="${CHROOT}/var/run/named/named.pid" + +# Scheduling priority: 19 is the lowest and -20 is the highest. +# +NAMED_NICELEVEL="0" +@ diff --git a/conf.d/.rcs/net,v b/conf.d/.rcs/net,v new file mode 100644 index 0000000..5fb46d2 --- /dev/null +++ b/conf.d/.rcs/net,v @@ -0,0 +1,58 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.19.09.20.15; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# This blank configuration will automatically use DHCP for any net.* +# scripts in /etc/init.d. To create a more complete configuration, +# please review /etc/conf.d/net.example and save your configuration +# in /etc/conf.d/net (this file :]!). + +dns_domain_lo="brehm-online.com" +dns_servers_lo="127.0.0.1 81.169.163.106 85.214.7.22" +dns_search_lo="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" + +config_eth0=( + "85.214.134.152/32 brd 85.214.134.152" + "2a01:238:4225:6e00:8f8c:808a:7fb8:88df/128" +) + +#routes_eth0=( +# "default via 192.168.0.1" # IPv4 default route +# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route +# "::/0" # IPv6 unicast +#) + +# 85.214.128.1 dev eth0 scope link +# 169.254.0.0/16 dev eth0 scope link +# default via 85.214.128.1 dev eth0 + +routes_eth0=( + "85.214.128.1 dev eth0 scope link" + "169.254.0.0/16 dev eth0 scope link" + "default via 85.214.128.1" +) +# "-family inet6 default via fe80::1 dev eth0" + +dns_domain_eth0="brehm-online.com" +dns_servers_eth0="127.0.0.1 81.169.163.106 85.214.7.22" +dns_search_eth0="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" +@ diff --git a/conf.d/.rcs/net.example,v b/conf.d/.rcs/net.example,v new file mode 100644 index 0000000..24ae334 --- /dev/null +++ b/conf.d/.rcs/net.example,v @@ -0,0 +1,889 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.18.08.57.19; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@############################################################################## +# QUICK-START +# +# The quickest start is if you want to use DHCP. +# In that case, everything should work out of the box, no configuration +# necessary, though the startup script will warn you that you haven't +# specified anything. + +# WARNING :- some examples have a mixture of IPv4 (ie 192.168.0.1) and IPv6 +# (ie 4321:0:1:2:3:4:567:89ab) internet addresses. They only work if you have +# the relevant kernel option enabled. So if you don't have an IPv6 enabled +# kernel then remove the IPv6 address from your config. + +# If you want to use a static address or use DHCP explicitly, jump +# down to the section labelled INTERFACE HANDLERS. +# +# If you want to do anything more fancy, you should take the time to +# read through the rest of this file. + +############################################################################## +# MODULES +# +# We now support modular networking scripts which means we can easily +# add support for new interface types and modules while keeping +# compatability with existing ones. +# +# Modules load by default if the package they need is installed. If +# you specify a module here that doesn't have it's package installed +# then you get an error stating which package you need to install. +# Ideally, you only use the modules setting when you have two or more +# packages installed that supply the same service. +# +# In other words, you probably should DO NOTHING HERE... + +# Prefer ifconfig over iproute2 +#modules=( "ifconfig" ) + +# You can also specify other modules for an interface +# In this case we prefer udhcpc over dhcpcd +#modules_eth0=( "udhcpc" ) + +# You can also specify which modules not to use - for example you may be +# using a supplicant or linux-wlan-ng to control wireless configuration but +# you still want to configure network settings per ESSID associated with. +#modules=( "!iwconfig" "!wpa_supplicant" ) +# IMPORTANT: If you need the above, please disable modules in that order + + +############################################################################## +# INTERFACE HANDLERS +# +# We provide two interface handlers presently: ifconfig and iproute2. +# You need one of these to do any kind of network configuration. +# For ifconfig support, emerge sys-apps/net-tools +# For iproute2 support, emerge sys-apps/iproute2 + +# If you don't specify an interface then we prefer iproute2 if it's installed +# To prefer ifconfig over iproute2 +#modules=( "ifconfig" ) + +# For a static configuration, use something like this +# (They all do exactly the same thing btw) +#config_eth0=( "192.168.0.2/24" ) +#config_eth0=( "192.168.0.2 netmask 255.255.255.0" ) + +# We can also specify a broadcast +#config_eth0=( "192.168.0.2/24 brd 192.168.0.255" ) +#config_eth0=( "192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255" ) + +# If you need more than one address, you can use something like this +# NOTE: ifconfig creates an aliased device for each extra IPv4 address +# (eth0:1, eth0:2, etc) +# iproute2 does not do this as there is no need to +#config_eth0=( +# "192.168.0.2/24" +# "192.168.0.3/24" +# "192.168.0.4/24" +#) +# Or you can use sequence expressions +#config_eth0=( "192.168.0.{2..4}/24" ) +# which does the same as above. Be careful though as if you use this and +# fallbacks, you have to ensure that both end up with the same number of +# values otherwise your fallback won't work correctly. + +# You can also use IPv6 addresses +# (you should always specify a prefix length with IPv6 here) +#config_eth0=( +# "192.168.0.2/24" +# "4321:0:1:2:3:4:567:89ab/64" +# "4321:0:1:2:3:4:567:89ac/64" +#) + +# If you wish to keep existing addresses + routing and the interface is up, +# you can specify a noop (no operation). If the interface is down or there +# are no addresses assigned, then we move onto the next step (default dhcp) +# This is useful when configuring your interface with a kernel command line +# or similar +#config_eth0=( "noop" "192.168.0.2/24" ) + +# If you don't want ANY address (only useful when calling for advanced stuff) +#config_eth0=( "null" ) + +# Here's how to do routing if you need it +#routes_eth0=( +# "default via 192.168.0.1" # IPv4 default route +# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route +# "::/0" # IPv6 unicast +#) + +# If a specified module fails (like dhcp - see below), you can specify a +# fallback like so +#fallback_eth0=( "192.168.0.2 netmask 255.255.255.0" ) +#fallback_route_eth0=( "default via 192.168.0.1" ) + +# NOTE: fallback entry must match the entry location in config_eth0 +# As such you can only have one fallback route. + +# Some users may need to alter the MTU - here's how +#mtu_eth0="1500" + +# Each module described below can set a default base metric, lower is +# preferred over higher. This is so we can prefer a wired route over a +# wireless route automaticaly. You can override this by setting +#metric_eth0="100" +# or on a global basis +#metric="100" +# The only downside of the global setting is that you have to ensure that +# there are no conflicting routes yourself. For users with large routing +# tables you may have to set a global metric as the due to a simple read of +# the routing table taking over a minute at a time. + +############################################################################## +# OPTIONAL MODULES + +# INTERFACE RENAMING +# There is no consistent device renaming scheme for Linux. +# The preferred way of naming devices is via the kernel module directly or +# by using udev (http://www.reactivated.net/udevrules.php) + +# If you are unable to write udev rules, then we do provide a way of renaming +# the interface based on it's MAC address, but it is not optimal. +# Here is how to rename an interface whose MAC address is 00:11:22:33:44:55 +# to foo1 +#rename_001122334455="foo1" + +# You can also do this based on current device name - although this is not +# recommended. Here we rename eth1 to foo2. +#rename_eth1="foo2" + +#----------------------------------------------------------------------------- +# WIRELESS (802.11 support) +# Wireless can be provided by iwconfig or wpa_supplicant + +# iwconfig +# emerge net-wireless/wireless-tools +# Wireless options are held in /etc/conf.d/wireless - but could be here too +# Consult the sample file /etc/conf.d/wireless.example for instructions +# iwconfig is the default + +# wpa_supplicant +# emerge net-wireless/wpa_supplicant +# Wireless options are held in /etc/wpa_supplicant/wpa_supplicant.conf +# Consult the wpa_supplicant.conf.example that is installed in +# /usr/share/doc/wpa_supplicant +# To choose wpa_supplicant over iwconfig +#modules=( "wpa_supplicant" ) +# To configure wpa_supplicant +#wpa_supplicant_eth0="-Dwext" # For generic wireless +#wpa_supplicant_ath0="-Dmadwifi" # For Atheros based cards +# Consult wpa_supplicant for more drivers +# By default don't wait for wpa_suppliant to associate and authenticate. +# If you would like to, so can specify how long in seconds +#associate_timeout_eth0=60 +# A value of 0 means wait forever. + +# GENERIC WIRELESS OPTIONS +# PLEASE READ THE INSTRUCTIONS IN /etc/conf.d/wireless.example FOR +# HOW TO USE THIS ESSID VARIABLE +# You can also override any settings found here per ESSID - which is very +# handy if you use different networks a lot +#config_ESSID=( "dhcp" ) +#dhcpcd_ESSID="-t 5" + +# Setting name/domain server causes /etc/resolv.conf to be overwritten +# Note that if DHCP is used, and you want this to take precedence then +# set dhcp_ESSID="nodns" +#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) +#dns_domain_ESSID="some.domain" +#dns_search_ESSID="search.this.domain search.that.domain" +# Please check the man page for resolv.conf for more information +# as domain and search are mutually exclusive. + +# You can also override any settings found here per MAC address of the AP +# in case you use Access Points with the same ESSID but need different +# networking configs. Below is an example - of course you use the same +# method with other variables +#mac_config_001122334455=( "dhcp" ) +#mac_dhcpcd_001122334455="-t 10" +#mac_dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) + +# When an interface has been associated with an Access Point, a global +# variable called ESSID is set to the Access Point's ESSID for use in the +# pre/post user functions below (although it's not available in preup as you +# won't have associated then) + +# If you're using anything else to configure wireless on your interface AND +# you have installed any of the above packages, you need to disable them +#modules=( "!iwconfig" "!wpa_supplicant" ) + +#----------------------------------------------------------------------------- +# DHCP +# DHCP can be provided by dhclient, dhcpcd, pump or udhcpc. +# +# dhclient: emerge net-misc/dhcp +# dhcpcd: emerge net-misc/dhcpcd +# pump: emerge net-misc/pump +# udhcpc: emerge net-misc/udhcp + +# If you have more than one DHCP client installed, you need to specify which +# one to use - otherwise we default to dhcpcd if available. +#modules=( "dhclient" ) # to select dhclient over dhcpcd +# +# Notes: +# - All clients send the current hostname to the DHCP server by default +# - dhcpcd does not daemonize when the lease time is infinite +# - udhcp-0.9.3-r3 and earlier do not support getting NTP servers +# - pump does not support getting NIS servers +# - DHCP tends to erase any existing device information - so add +# static addresses after dhcp if you need them +# - dhclient and udhcpc can set other resolv.conf options such as "option" +# and "sortlist"- see the System module for more details + +# Regardless of which DHCP client you prefer, you configure them the +# same way using one of following depending on which interface modules +# you're using. +#config_eth0=( "dhcp" ) + +# For passing custom options to dhcpcd use something like the following. This +# example reduces the timeout for retrieving an address from 60 seconds (the +# default) to 10 seconds. +#dhcpcd_eth0="-t 10" + +# dhclient, udhcpc and pump don't have many runtime options +# You can pass options to them in a similar manner to dhcpcd though +#dhclient_eth0="..." +#udhcpc_eth0="..." +#pump_eth0="..." + +# GENERIC DHCP OPTIONS +# Set generic DHCP options like so +#dhcp_eth0="release nodns nontp nonis nogateway nosendhost" + +# This tells the dhcp client to release it's lease when it stops, not to +# overwrite dns, ntp and nis settings, not to set a default route and not to +# send the current hostname to the dhcp server and when it starts. +# You can use any combination of the above options - the default is not to +# use any of them. + +#----------------------------------------------------------------------------- +# For APIPA support, emerge net-misc/iputils or net-analyzer/arping + +# APIPA is a module that tries to find a free address in the range +# 169.254.0.0-169.254.255.255 by arping a random address in that range on the +# interface. If no reply is found then we assign that address to the interface + +# This is only useful for LANs where there is no DHCP server and you don't +# connect directly to the internet. +#config_eth0=( "dhcp" ) +#fallback_eth0=( "apipa" ) + +#----------------------------------------------------------------------------- +# ARPING Gateway configuration +# and +# Automatic Private IP Addressing (APIPA) +# For arpingnet / apipa support, emerge net-misc/iputils or net-analyzer/arping +# +# This is a module that tries to find a gateway IP. If it exists then we use +# that gateways configuration for our own. For the configuration variables +# simply ensure that each octet is zero padded and the dots are removed. +# Below is an example. +# +#gateways_eth0="192.168.0.1 10.0.0.1" +#config_192168000001=( "192.168.0.2/24" ) +#routes_192168000001=( "default via 192.168.0.1" ) +#dns_servers_192168000001=( "192.168.0.1" ) +#config_010000000001=( "10.0.0.254/8" ) +#routes_010000000001=( "default via 10.0.0.1" ) +#dns_servers_010000000001=( "10.0.0.1" ) + +# We can also specify a specific MAC address for each gateway if different +# networks have the same gateway. +#gateways_eth0="192.168.0.1,00:11:22:AA:BB:CC 10.0.0.1,33:44:55:DD:EE:FF" +#config_192168000001_001122AABBCC=( "192.168.0.2/24" ) +#routes_192168000001_001122AABBCC=( "default via 192.168.0.1" ) +#dns_servers_192168000001_001122AABBCC=( "192.168.0.1" ) +#config_010000000001_334455DDEEFF=( "10.0.0.254/8" ) +#routes_010000000001_334455DDEEFF=( "default via 10.0.0.1" ) +#dns_servers_010000000001_334455DDEEFF=( "10.0.0.1" ) + +# If we don't find any gateways (or there are none configured) then we try and +# use APIPA to find a free address in the range 169.254.0.0-169.254.255.255 +# by arping a random address in that range on the interface. If no reply is +# found then we assign that address to the interface. + +# This is only useful for LANs where there is no DHCP server. +#config_eth0=( "arping" ) + +# or if no DHCP server can be found +#config_eth0=( "dhcp" ) +#fallback_eth0=( "arping" ) + +# NOTE: We default to sleeping for 1 second the first time we attempt an +# arping to give the interface time to settle on the LAN. This appears to +# be a good default for most instances, but if not you can alter it here. +#arping_sleep=5 +#arping_sleep_lan=7 + +# NOTE: We default to waiting 3 seconds to get an arping response. You can +# change the default wait like so. +#arping_wait=3 +#arping_wait_lan=2 + +#----------------------------------------------------------------------------- +# VLAN (802.1q support) +# For VLAN support, emerge net-misc/vconfig + +# Specify the VLAN numbers for the interface like so +# Please ensure your VLAN IDs are NOT zero-padded +#vlans_eth0="1 2" + +# You may not want to assign an IP the the physical interface, but we still +# need it up. +#config_eth0=( "null" ) + +# You can also configure the VLAN - see for vconfig man page for more details +#vconfig_eth0=( "set_name_type VLAN_PLUS_VID_NO_PAD" ) +#vconfig_vlan1=( "set_flag 1" "set_egress_map 2 6" ) +#config_vlan1=( "172.16.3.1 netmask 255.255.254.0" ) +#config_vlan2=( "172.16.2.1 netmask 255.255.254.0" ) + +# NOTE: Vlans can be configured with a . in their interface names +# When configuring vlans with this name type, you need to replace . with a _ +#config_eth0.1=( "dhcp" ) - does not work +#config_eth0_1=( "dhcp" ) - does work + +# NOTE: Vlans are controlled by their physical interface and not per vlan +# This means you do not need to create init scripts in /etc/init.d for each +# vlan, you must need to create one for the physical interface. +# If you wish to control the configuration of each vlan through a separate +# script, or wish to rename the vlan interface to something that vconfig +# cannot then you need to do this. +#vlan_start_eth0="no" + +# If you do the above then you may want to depend on eth0 like so +# RC_NEED_vlan1="net.eth0" +# NOTE: depend functions only work in /etc/conf.d/net +# and not in profile configs such as /etc/conf.d/net.foo + +#----------------------------------------------------------------------------- +# Bonding +# For link bonding/trunking emerge net-misc/ifenslave + +# To bond interfaces together +#slaves_bond0="eth0 eth1 eth2" +#config_bond0=( "null" ) # You may not want to assign an IP the the bond + +# If any of the slaves require extra configuration - for example wireless or +# ppp devices - we need to depend function on the bonded interfaces +#RC_NEED_bond0="net.eth0 net.eth1" + + +#----------------------------------------------------------------------------- +# Classical IP over ATM +# For CLIP support emerge net-dialup/linux-atm + +# Ensure that you have /etc/atmsigd.conf setup correctly +# Now setup each clip interface like so +#clip_atm0=( "peer_ip [if.]vpi.vci [opts]" ... ) +# where "peer_ip" is the IP address of a PVC peer (in case of an ATM connection +# with your ISP, your only peer is usually the ISP gateway closest to you), +# "if" is the number of the ATM interface which will carry the PVC, "vpi.vci" +# is the ATM VC address, and "opts" may optionally specify VC parameters like +# qos, pcr, and the like (see "atmarp -s" for further reference). Please also +# note quoting: it is meant to distinguish the VCs you want to create. You may, +# in example, create an atm0 interface to more peers, like this: +#clip_atm0=( "1.1.1.254 0.8.35" "1.1.1.253 1.8.35" ) + +# By default, the PVC will use the LLC/SNAP encapsulation. If you rather need a +# null encapsulation (aka "VC mode"), please add the keyword "null" to opts. + + +#----------------------------------------------------------------------------- +# PPP +# For PPP support, emerge net-dialup/ppp +# PPP is used for most dialup connections, including ADSL. +# The older ADSL module is documented below, but you are encouraged to try +# this module first. +# +# You need to create the PPP net script yourself. Make it like so +#ln -s net.lo /etc/init.d/net.ppp0 +# +# We have to instruct ppp0 to actually use ppp +#config_ppp0=( "ppp" ) +# +# Each PPP interface requires an interface to use as a "Link" +#link_ppp0="/dev/ttyS0" # Most PPP links will use a serial port +#link_ppp0="eth0" # PPPoE requires an ethernet interface +#link_ppp0="[itf.]vpi.vci" # PPPoA requires the ATM VC's address +#link_ppp0="/dev/null" # ISDN links should have this +#link_ppp0="pty 'your_link_command'" # PPP links over ssh, rsh, etc +# +# Here you should specify what pppd plugins you want to use +# Available plugins are: pppoe, pppoa, capi, dhcpc, minconn, radius, +# radattr, radrealms and winbind +#plugins_ppp0=( +# "pppoe" # Required plugin for PPPoE +# "pppoa vc-encaps" # Required plugin for PPPoA with an option +# "capi" # Required plugin for ISDN +#) +# +# PPP requires at least a username. You can optionally set a password here too +# If you don't, then it will use the password specified in /etc/ppp/*-secrets +# against the specified username +#username_ppp0='user' +#password_ppp0='password' +# NOTE: You can set a blank password like so +#password_ppp0= +# +# The PPP daemon has many options you can specify - although there are many +# and may seem daunting, it is recommended that you read the pppd man page +# before enabling any of them +#pppd_ppp0=( +# "maxfail 0" # WARNING: It's not recommended you use this +# # if you don't specify maxfail then we assume 0 +# "updetach" # If not set, "/etc/init.d/net.ppp0 start" will return +# # immediately, without waiting the link to come up +# # for the first time. +# # Do not use it for dial-on-demand links! +# "debug" # Enables syslog debugging +# "noauth" # Do not require the peer to authenticate itself +# "defaultroute" # Make this PPP interface the default route +# "usepeerdns" # Use the DNS settings provided by PPP +# +# On demand options +# "demand" # Enable dial on demand +# "idle 30" # Link goes down after 30 seconds of inactivity +# "10.112.112.112:10.112.112.113" # Phony IP addresses +# "ipcp-accept-remote" # Accept the peers idea of remote address +# "ipcp-accept-local" # Accept the peers idea of local address +# "holdoff 3" # Wait 3 seconds after link dies before re-starting +# +# Dead peer detection +# "lcp-echo-interval 15" # Send a LCP echo every 15 seconds +# "lcp-echo-failure 3" # Make peer dead after 3 consective +# # echo-requests +# +# Compression options - use these to completely disable compression +# noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp +# +# Dial-up settings +# "lock" # Lock serial port +# "115200" # Set the serial port baud rate +# "modem crtscts" # Enable hardware flow control +# "192.168.0.1:192.168.0.2" # Local and remote IP addresses +#) +# +# Dial-up PPP users need to specify at least one telephone number +#phone_number_ppp0=( "12345689" ) # Maximum 2 phone numbers are supported +# They will also need a chat script - here's a good one +#chat_ppp0=( +# 'ABORT' 'BUSY' +# 'ABORT' 'ERROR' +# 'ABORT' 'NO ANSWER' +# 'ABORT' 'NO CARRIER' +# 'ABORT' 'NO DIALTONE' +# 'ABORT' 'Invalid Login' +# 'ABORT' 'Login incorrect' +# 'TIMEOUT' '5' +# '' 'ATZ' +# 'OK' 'AT' # Put your modem initialization string here +# 'OK' 'ATDT\T' +# 'TIMEOUT' '60' +# 'CONNECT' '' +# 'TIMEOUT' '5' +# '~--' '' +#) + +# If the link require extra configuration - for example wireless or +# RFC 268 bridge - we need to depend on the bridge so they get +# configured correctly. +#RC_NEED_ppp0="net.nas0" + +#WARNING: if MTU of the PPP interface is less than 1500 and you use this +#machine as a router, you should add the following rule to your firewall +# +#iptables -I FORWARD 1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu + +#----------------------------------------------------------------------------- +# ADSL +# For ADSL support, emerge net-dialup/rp-pppoe +# WARNING: This ADSL module is being deprecated in favour of the PPP module +# above. +# You should make the following settings and also put your +# username/password information in /etc/ppp/pap-secrets + +# Configure the interface to use ADSL +#config_eth0=( "adsl" ) + +# You probably won't need to edit /etc/ppp/pppoe.conf if you set this +#adsl_user_eth0="my-adsl-username" + +#----------------------------------------------------------------------------- +# ISDN +# For ISDN support, emerge net-dialup/isdn4k-utils +# You should make the following settings and also put your +# username/password information in /etc/ppp/pap-secrets + +# Configure the interface to use ISDN +#config_ippp0=( "dhcp" ) +# It's important to specify dhcp if you need it! +#config_ippp0=( "192.168.0.1/24" ) +# Otherwise, you can use a static IP + +# NOTE: The interface name must be either ippp or isdn followed by a number + +# You may need this option to set the default route +#ipppd_eth0="defaultroute" + +#----------------------------------------------------------------------------- +# MAC changer +# To set a specific MAC address +#mac_eth0="00:11:22:33:44:55" + +# For changing MAC addresses using the below, emerge net-analyzer/macchanger +# - to randomize the last 3 bytes only +#mac_eth0="random-ending" +# - to randomize between the same physical type of connection (e.g. fibre, +# copper, wireless) , all vendors +#mac_eth0="random-samekind" +# - to randomize between any physical type of connection (e.g. fibre, copper, +# wireless) , all vendors +#mac_eth0="random-anykind" +# - full randomization - WARNING: some MAC addresses generated by this may NOT +# act as expected +#mac_eth0="random-full" +# custom - passes all parameters directly to net-analyzer/macchanger +#mac_eth0="some custom set of parameters" + +# You can also set other options based on the MAC address of your network card +# Handy if you use different docking stations with laptops +#config_001122334455=( "dhcp" ) + +#----------------------------------------------------------------------------- +# TUN/TAP +# For TUN/TAP support emerge net-misc/openvpn or sys-apps/usermode-utilities +# +# You must specify if we're a tun or tap device. Then you can give it any +# name you like - such as vpn +#tuntap_vpn="tun" +#config_vpn=( "192.168.0.1/24") + +# Or stick wit the generic names - like tap0 +#tuntap_tap0="tap" +#config_tap0=( "192.168.0.1/24") + +# For passing custom options to tunctl use something like the following. This +# example sets the owner to adm +#tunctl_tun1="-u adm" +# When using openvpn, there are no options + +#----------------------------------------------------------------------------- +# Bridging (802.1d) +# For bridging support emerge net-misc/bridge-utils + +# To add ports to bridge br0 +#bridge_br0="eth0 eth1" +# or dynamically add them when the interface comes up +#bridge_add_eth0="br0" +#bridge_add_eth1="br0" + +# You need to configure the ports to null values so dhcp does not get started +#config_eth0=( "null" ) +#config_eth1=( "null" ) + +# Finally give the bridge an address - dhcp or a static IP +#config_br0=( "dhcp" ) # may not work when adding ports dynamically +#config_br0=( "192.168.0.1/24" ) + +# If any of the ports require extra configuration - for example wireless or +# ppp devices - we need to depend on them like so. +#RC_NEED_br0="net.eth0 net.eth1" + +# Below is an example of configuring the bridge +# Consult "man brctl" for more details +#brctl_br0=( "setfd 0" "sethello 0" "stp off" ) + +#----------------------------------------------------------------------------- +# RFC 2684 Bridge Support +# For RFC 2684 bridge support emerge net-misc/br2684ctl + +# Interface names have to be of the form nas0, nas1, nas2, etc. +# You have to specify a VPI and VCI for the interface like so +#br2684ctl_nas0="-a 0.38" # UK VPI and VCI + +# You may want to configure the encapsulation method as well by adding the -e +# option to the command above (may need to be before the -a command) +# -e 0 # LLC (default) +# -e 1 # VC mux + +# Then you can configure the interface as normal +#config_nas0=( "192.168.0.1/24" ) + +#----------------------------------------------------------------------------- +# Tunnelling +# WARNING: For tunnelling it is highly recommended that you +# emerge sys-apps/iproute2 +# +# For GRE tunnels +#iptunnel_vpn0="mode gre remote 207.170.82.1 key 0xffffffff ttl 255" + +# For IPIP tunnels +#iptunnel_vpn0="mode ipip remote 207.170.82.2 ttl 255" + +# To configure the interface +#config_vpn0=( "192.168.0.2 pointopoint 192.168.1.2" ) # ifconfig style +#config_vpn0=( "192.168.0.2 peer 192.168.1.1" ) # iproute2 style + +# 6to4 Tunnels allow IPv6 to work over IPv4 addresses, provided you +# have a non-private address configured on an interface. +# link_6to4="eth0" # Interface to base it's addresses on +# config_6to4=( "ip6to4" ) +# You may want to depend on eth0 like so +#RC_NEED_6to4="net.eth0" +# To ensure that eth0 is configured before 6to4. Of course, the tunnel could be +# any name and this also works for any configured interface. +# NOTE: If you're not using iproute2 then your 6to4 tunnel has to be called +# sit0 - otherwise use a different name like 6to4 in the example above. + + +#----------------------------------------------------------------------------- +# System +# For configuring system specifics such as domain, dns, ntp and nis servers +# It's rare that you would need todo this, but you can anyway. +# This is most benefit to wireless users who don't use DHCP so they can change +# their configs based on ESSID. See wireless.example for more details + +# To use dns settings such as these, dns_servers_eth0 must be set! +# If you omit the _eth0 suffix, then it applies to all interfaces unless +# overridden by the interface suffix. +#dns_domain_eth0="your.domain" +#dns_servers_eth0="192.168.0.2 192.168.0.3" +#dns_search_eth0="this.domain that.domain" +#dns_options_eth0=( "timeout 1" "rotate" ) +#dns_sortlist_eth0="130.155.160.0/255.255.240.0 130.155.0.0" +# See the man page for resolv.conf for details about the options and sortlist +# directives + +#ntp_servers_eth0="192.168.0.2 192.168.0.3" + +#nis_domain_eth0="domain" +#nis_servers_eth0="192.168.0.2 192.168.0.3" + +# NOTE: Setting any of these will stamp on the files in question. So if you +# don't specify dns_servers but you do specify dns_domain then no nameservers +# will be listed in /etc/resolv.conf even if there were any there to start +# with. +# If this is an issue for you then maybe you should look into a resolv.conf +# manager like resolvconf-gentoo to manage this file for you. All packages +# that baselayout supports use resolvconf-gentoo if installed. + +#----------------------------------------------------------------------------- +# Cable in/out detection +# Sometimes the cable is in, others it's out. Obviously you don't want to +# restart net.eth0 every time when you plug it in either. +# +# netplug is a package that detects this and requires no extra configuration +# on your part. +# emerge sys-apps/netplug +# or +# emerge sys-apps/ifplugd +# and you're done :) + +# By default we don't wait for netplug/ifplugd to configure the interface. +# If you would like it to wait so that other services now that network is up +# then you can specify a timeout here. +#plug_timeout="10" +# A value of 0 means wait forever. + +# If you don't want to use netplug on a specific interface but you have it +# installed, you can disable it for that interface via the modules statement +#modules_eth0=( "!netplug" ) +# You can do the same for ifplugd +# +# You can disable them both with the generic plug +#modules_eth0=( "!plug" ) + +# To use specific ifplugd options, fex specifying wireless mode +#ifplugd_eth0="--api-mode=wlan" +# man ifplugd for more options + +############################################################################## +# ADVANCED CONFIGURATION +# +# Four functions can be defined which will be called surrounding the +# start/stop operations. The functions are called with the interface +# name first so that one function can control multiple adapters. An extra two +# functions can be defined when an interface fails to start or stop. +# +# The return values for the preup and predown functions should be 0 +# (success) to indicate that configuration or deconfiguration of the +# interface can continue. If preup returns a non-zero value, then +# interface configuration will be aborted. If predown returns a +# non-zero value, then the interface will not be allowed to continue +# deconfiguration. +# +# The return values for the postup, postdown, failup and faildown functions are +# ignored since there's nothing to do if they indicate failure. +# +# ${IFACE} is set to the interface being brought up/down +# ${IFVAR} is ${IFACE} converted to variable name bash allows + +#preup() { +# # Test for link on the interface prior to bringing it up. This +# # only works on some network adapters and requires the mii-diag +# # package to be installed. +# if mii-tool "${IFACE}" 2> /dev/null | grep -q 'no link'; then +# ewarn "No link on ${IFACE}, aborting configuration" +# return 1 +# fi +# +# # Test for link on the interface prior to bringing it up. This +# # only works on some network adapters and requires the ethtool +# # package to be installed. +# if ethtool "${IFACE}" | grep -q 'Link detected: no'; then +# ewarn "No link on ${IFACE}, aborting configuration" +# return 1 +# fi +# +# +# # Remember to return 0 on success +# return 0 +#} + +#predown() { +# # The default in the script is to test for NFS root and disallow +# # downing interfaces in that case. Note that if you specify a +# # predown() function you will override that logic. Here it is, in +# # case you still want it... +# if is_net_fs /; then +# eerror "root filesystem is network mounted -- can't stop ${IFACE}" +# return 1 +# fi +# +# # Remember to return 0 on success +# return 0 +#} + +#postup() { +# # This function could be used, for example, to register with a +# # dynamic DNS service. Another possibility would be to +# # send/receive mail once the interface is brought up. + +# # Here is an example that allows the use of iproute rules +# # which have been configured using the rules_eth0 variable. +# #rules_eth0=( +# # "from 24.80.102.112/32 to 192.168.1.0/24 table localnet priority 100" +# # "from 216.113.223.51/32 to 192.168.1.0/24 table localnet priority 100" +# #) +# local x="rules_${IFVAR}[@@]" +# local -a rules=( "${!x}" ) +# if [[ -n ${rules} ]] ; then +# einfo "Adding IP policy routing rules" +# eindent +# # Ensure that the kernel supports policy routing +# if ! ip rule list | grep -q "^" ; then +# eerror "You need to enable IP Policy Routing (CONFIG_IP_MULTIPLE_TABLES)" +# eerror "in your kernel to use ip rules" +# else +# for x in "${rules[@@]}" ; do +# ebegin "${x}" +# ip rule add ${x} +# eend $? +# done +# fi +# eoutdent +# # Flush the cache +# ip route flush cache dev "${IFACE}" +# fi + +#} + +#postdown() { +# # Enable Wake-On-LAN for every interface except for lo +# # Probably a good idea to set RC_DOWN_INTERFACE="no" in /etc/conf.d/rc +# # as well ;) +# [[ ${IFACE} != "lo" ]] && ethtool -s "${IFACE}" wol g + +# Automatically erase any ip rules created in the example postup above +# if interface_exists "${IFACE}" ; then +# # Remove any rules for this interface +# local rule +# ip rule list | grep " iif ${IFACE}[ ]*" | { +# while read rule ; do +# rule="${rule#*:}" +# ip rule del ${rule} +# done +# } +# # Flush the route cache +# ip route flush cache dev "${IFACE}" +# fi + +# # Return 0 always +# return 0 +#} + +#failup() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +#} + +#faildown() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +#} + +############################################################################## +# FORCING MODULES +# The Big Fat Warning :- If you use module forcing do not complain to us or +# file bugs about it not working! +# +# Loading modules is a slow affair - we have to check each one for the following +# 1) Code sanity +# 2) Has the required package been emerged? +# 3) Has it modified anything? +# 4) Have all the dependant modules been loaded? + +# Then we have to strip out the conflicting modules based on user preference +# and default configuration and sort them into the correct order. +# Finally we check the end result for dependencies. + +# This, of course, takes valuable CPU time so we provide module forcing as a +# means to speed things up. We still do *some* checking but not much. + +# It is essential that you force modules in the correct order and supply all +# the modules you need. You must always supply an interface module - we +# supply ifconfig or iproute2. + +# The Big Fat Warning :- If you use module forcing do not complain to us or +# file bugs about it not working! + +# Now that we've warned you twice, here's how to do it +#modules_force=( "ifconfig" ) +#modules_force=( "iproute2" "dhcpcd" ) + +# We can also apply this to a specific interface +#modules_force_eth1=( "iproute2" ) + +# The below will not work +#modules_force=( "dhcpcd" ) +# No interface (ifconfig/iproute2) +#modules_force=( "ifconfig" "essidnet" "iwconfig" ) +# Although it will not crash, essidnet will not work as it has to come after +# iwconfig +#modules_force=( "iproute2" "ifconfig" ) +# The interface will be setup twice which will cause problems +@ diff --git a/conf.d/.rcs/ntp-client,v b/conf.d/.rcs/ntp-client,v new file mode 100644 index 0000000..b814641 --- /dev/null +++ b/conf.d/.rcs/ntp-client,v @@ -0,0 +1,40 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.17.14.52; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/ntp-client + +# Command to run to set the clock initially +# Most people should just leave this line alone ... +# however, if you know what you're doing, and you +# want to use ntpd to set the clock, change this to 'ntpd' +NTPCLIENT_CMD="ntpdate" + +# Options to pass to the above command +# This default setting should work fine but you should +# change the default 'pool.ntp.org' to something closer +# to your machine. See http://www.pool.ntp.org/ or +# try running `netselect -s 3 pool.ntp.org`. +NTPCLIENT_OPTS="-s -b -u \ + 0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org \ + 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org" +@ diff --git a/conf.d/.rcs/ntpd,v b/conf.d/.rcs/ntpd,v new file mode 100644 index 0000000..1e51824 --- /dev/null +++ b/conf.d/.rcs/ntpd,v @@ -0,0 +1,30 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.22.12.19; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/ntpd + +# Options to pass to the ntpd process +# Most people should leave this line alone ... +# however, if you know what you're doing, feel free to tweak +NTPD_OPTS="" +@ diff --git a/conf.d/.rcs/pciparm,v b/conf.d/.rcs/pciparm,v new file mode 100644 index 0000000..ebe1197 --- /dev/null +++ b/conf.d/.rcs/pciparm,v @@ -0,0 +1,52 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.17.59.02; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# PCI tweaking article: +# http://www.gentoo.org/doc/en/articles/hardware-stability-p2.xml +# +# Apply to all devices: +# PCIPARM_ALL="...." +# Cards also can be addressed by vid:pid or by bus:slot.func +# (see setpci man page relative to -d and -s options) +# PCIPARM_(BUS|VENDOR)_#="...." +# Where # is sequentially numbered from zero. + +# Examples: +# "open up" the PCI bus by allowing fairly long bursts +# for all devices, increasing performance +# (equivalent to: setpci -v -d *:* latency_timer=b0) +#PCIPARM_ALL="latency_timer=b0" + +# maximize latency timers for network and audio, +# allowing them to transmit more data per burst, +# preventing buffer over/under-run conditions +#PCIPARM_BUS_0="00:04.0 latency_timer=ff" +#PCIPARM_BUS_1="01:04.0 latency_timer=ff" +#PCIPARM_VENDOR_0="1057:3410 latency_timer=ff" + +# -v : whether to be verbose about changes +# -D : dry-run, no commit +# -f : do not warn if the change is already set +# (see the setpci manpage for more advanced options) +SETPCI_OPT="-f" +@ diff --git a/conf.d/.rcs/portmap,v b/conf.d/.rcs/portmap,v new file mode 100644 index 0000000..4ee36bc --- /dev/null +++ b/conf.d/.rcs/portmap,v @@ -0,0 +1,29 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.17.58.35; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/portmap: config file for /etc/init.d/portmap + +# Options for `portmap`. +# For a full list, just run `portmap -h`. +#PORTMAP_OPTS="-l" +@ diff --git a/conf.d/.rcs/postgrey,v b/conf.d/.rcs/postgrey,v new file mode 100644 index 0000000..ba629d2 --- /dev/null +++ b/conf.d/.rcs/postgrey,v @@ -0,0 +1,95 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.01.23.36.28; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.12.01.15.25.02; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# Config file for /etc/init.d/postgrey + +# LISTEN TYPE +# Set to 'inet' if you want to use a TCP socket. +# Set to 'unix' if you want to use an UNIX socket. +POSTGREY_TYPE="unix" + +# HOST +# What IP should postgrey bind to? +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_HOST="127.0.0.1" + +# PORT +# What TCP port should postgrey listen on? +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_PORT="10030" + +# SOCKET +# Unix socket to listen on, if POSTGREY_TYPE is set to 'unix'. +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'inet') +POSTGREY_SOCKET="/var/spool/postfix/private/postgrey" + +# PID +# Postgrey pid file. +# Do not change, if you don't know what this is! +POSTGREY_PID="/var/run/postgrey.pid" + +# DELAY +# How long to delay mail that is greylisted in seconds. +POSTGREY_DELAY=300 + +# TEXT +# The response we'll send back with delayed mail. +POSTGREY_TEXT="Greylisted for %s seconds" + +# Additional Postgrey options +# +# -v, --verbose increase verbosity level +# --max-age=N delete entries older than N days since the last time +# that they have been seen (default: 30) +# --retry-window=N allow only N days for the first retrial (default: 2) +# append 'h' if you want to specify it in hours +# --greylist-action=A if greylisted, return A to Postfix (default: DEFER_IF_PERMIT) +# --lookup-by-subnet strip the last 8 bits from IP addresses (default) +# --lookup-by-host do not strip the last 8 bits from IP addresses +# --whitelist-clients=FILE default: /etc/postfix/postgrey_whitelist_clients +# --whitelist-recipients=FILE default: /etc/postfix/postgrey_whitelist_recipients +# +# Note that the --whitelist-x options can be specified multiple times, and that +# per default /etc/postfix/postgrey_whitelist_clients.local is also read, so +# that you can put there local entries. +# +POSTGREY_OPTS="" +@ + + +1.1 +log +@Initial revision +@ +text +@d6 1 +a6 1 +POSTGREY_TYPE="inet" +@ diff --git a/conf.d/.rcs/pydoc-2.6,v b/conf.d/.rcs/pydoc-2.6,v new file mode 100644 index 0000000..d8b7fec --- /dev/null +++ b/conf.d/.rcs/pydoc-2.6,v @@ -0,0 +1,32 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.20.43.53; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/init.d/pydoc.conf +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.2 2008/06/30 15:10:28 hawking Exp $ + +# This file contains the configuration information for pydoc's internal +# webserver. The variables should be rather self explanatory :-) + +# Default port for Python's pydoc server +PYDOC_PORT=7464 +@ diff --git a/conf.d/.rcs/pydoc-3.1,v b/conf.d/.rcs/pydoc-3.1,v new file mode 100644 index 0000000..d8e7f5d --- /dev/null +++ b/conf.d/.rcs/pydoc-3.1,v @@ -0,0 +1,32 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.20.41.39; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/init.d/pydoc.conf +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.2 2008/06/30 15:10:28 hawking Exp $ + +# This file contains the configuration information for pydoc's internal +# webserver. The variables should be rather self explanatory :-) + +# Default port for Python's pydoc server +PYDOC_PORT=7464 +@ diff --git a/conf.d/.rcs/quota,v b/conf.d/.rcs/quota,v new file mode 100644 index 0000000..bdb1662 --- /dev/null +++ b/conf.d/.rcs/quota,v @@ -0,0 +1,44 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.22.01.53; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/quota: config file for /etc/init.d/quota + +# Note: if your console is hooked up to a serial terminal, +# you prob want to drop the '-v' from the OPTS vars below. + + +# Run quotacheck ? +RUN_QUOTACHECK="yes" + + +# Options for quotacheck +QUOTACHECK_OPTS="-avug" + + +# Options for quotaon +QUOTAON_OPTS="-avug" + + +# Options for quotaoff +QUOTAOFF_OPTS="-avug" +@ diff --git a/conf.d/.rcs/rc,v b/conf.d/.rcs/rc,v new file mode 100644 index 0000000..7bf5be2 --- /dev/null +++ b/conf.d/.rcs/rc,v @@ -0,0 +1,265 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.19.09.20.12; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/rc: Global config file for the Gentoo RC System + +# This is the number of tty's used in most of the rc-scripts (like +# consolefont, numlock, etc ...) + +RC_TTY_NUMBER=12 + +# Set to "yes" if you want the rc system to try and start services +# in parallel for a slight speed improvement. NOTE: When RC_PARALLEL_STARTUP +# is enabled, init script output is replaced with simple "service foo +# starting/stopping" messages so that output is not mixed up. +# You can stop this from happening on the command line by passing --verbose +# to the init script or by setting RC_VERBOSE="yes" below. + +RC_PARALLEL_STARTUP="no" + +# Set RC_INTERACTIVE to "yes" and you'll be able to press the I key during +# boot so you can choose to start specific services. Set to "no" to disable +# this feature. + +RC_INTERACTIVE="yes" + +# Do we allow services to be hotplugged? If not, set to RC_HOTPLUG="no" +# NOTE: This does not affect anything hotplug/udev related, just the +# starting/stopping of the init.d service triggered by hotplug. + +RC_HOTPLUG="yes" + +# Dynamic /dev managers can trigger coldplug events which cause services to +# start before we are ready for them. If this happens, we can defer these +# services to start in the boot runlevel. Set RC_COLDPLUG="no" if you don't +# want this. +# NOTE: This also affects module coldplugging in udev-096 and higher +# If you want module coldplugging but not coldplugging of services then you +# can set RC_COLDPLUG="yes" and RC_PLUG_SERVICES="!*" + +RC_COLDPLUG="yes" + +# Some people want a finer grain over hotplug/coldplug. RC_PLUG_SERVICES is a +# list of services that are matched in order, either allowing or not. By +# default we allow services through as RC_COLDPLUG/RC_HOTPLUG has to be yes +# anyway. +# Example - RC_PLUG_SERVICES="net.wlan !net.*" +# This allows net.wlan and any service not matching net.* to be plugged. + +RC_PLUG_SERVICES="" + +# RC_NET_STRICT_CHECKING allows some flexibility with the 'net' service. +# The following values are allowed: +# none - The 'net' service is always considered up. +# no - This basically means that at least one net.* service besides net.lo +# must be up. This can be used by notebook users that have a wifi and +# a static nic, and only wants one up at any given time to have the +# 'net' service seen as up. +# lo - This is the same as the 'no' option, but net.lo is also counted. +# This should be useful to people that do not care about any specific +# interface being up at boot. +# yes - For this ALL network interfaces MUST be up for the 'net' service to +# be considered up. + +RC_NET_STRICT_CHECKING="no" + +# RC_DOWN_INTERFACE allows you to specify if RC will bring the interface +# completely down when it stops. The default is yes, but there are some +# instances where you may not want this to happen such as using Wake On LAN. + +RC_DOWN_INTERFACE="yes" + +# RC_VOLUME_ORDER allows you to specify, or even remove the volume setup +# for various volume managers (MD, EVMS2, LVM, DM, etc). Note that they are +# stopped in reverse order. + +RC_VOLUME_ORDER="raid evms lvm dm" + +# RC_VERBOSE will make init scripts more verbose. Only networking scripts +# really use this at this time, and this is useful for trouble shooting +# any issues you may have. +# This is also used to re-enable init script output for init scripts +# started or stopped from the command line. + +RC_VERBOSE="no" + +# RC_BOOTLOG will generate a log of the boot messages shown on the console. +# Useful for headless machines or debugging. You need to emerge the +# app-admin/showconsole package for this to work. Note that this probably +# won't work correctly with boot splash. + +RC_BOOTLOG="no" + +# Set to "yes" if you want to benchmark system boot with bootchart. +# You'll need to emerge the app-benchmarks/bootchart package for this to work. + +RC_BOOTCHART="no" + +# RC_USE_FSTAB allows you to override the default mount options for the +# standard /proc, /sys, /dev, and /dev/pts mount points. Note that this +# is the new way for selecting ramfs/tmpfs/etc... for udev mounting. + +RC_USE_FSTAB="no" + +# RC_USE_CONFIG_PROFILE allows you to have different /etc/conf.d files +# based on your runlevel - if a conf.d file for your profile does not exist +# then we try and use the default one. +# To enable runlevel selection at boot, append "softlevel=foobar" to your +# kernel line to change to the foobar runlevel. Here we would search for +# /etc/conf.d/.foobar config files before trying to use the default +# /etc/conf.d/. +# Note that it is only active if 'softlevel' was specified via the kernel line, +# and it is intended to use for different grub/lilo entries to specify config +# changes for say laptops between home and work, where you would have setup +# 'work' and 'home' runlevels, with /etc/conf.d/*. as needed. + +RC_USE_CONFIG_PROFILE="yes" + +# RC_FORCE_AUTO tries its best to prevent user interaction during the boot and +# shutdown process. For example, fsck will automatically be run or volumes +# remounted to create proper directory trees. This feature can be dangerous +# and is meant ONLY for headless machines where getting a physical console +# hooked up is a huge pita. + +RC_FORCE_AUTO="no" + +# Use this variable to control the /dev management behavior. +# auto - let the scripts figure out what's best at boot +# devfs - use devfs (requires sys-fs/devfsd) +# udev - use udev (requires sys-fs/udev) +# static - let the user manage /dev (YOU need to create ALL device nodes) + +RC_DEVICES="auto" + +# UDEV OPTION: +# Set to "yes" if you want to save /dev to a tarball on shutdown +# and restore it on startup. This is useful if you have a lot of +# custom device nodes that udev does not handle/know about. + +RC_DEVICE_TARBALL="no" + +# RC_DMESG_LEVEL sets the level at which logging of messages is done to the +# console. See dmesg(8) for more info. + +RC_DMESG_LEVEL="1" + + + + + +# +# Controlling start-stop-daemon behavior + +# Set to "yes" if start-stop-daemon should always retry killing the +# service with sig KILL if it fails the first time. + +RC_RETRY_KILL="yes" + + +# Set the amount of seconds start-stop-daemon should wait between +# retries. + +RC_RETRY_TIMEOUT=1 + + +# Set the amount of times start-stop-daemon should try to kill +# a service before giving up. + +RC_RETRY_COUNT=5 + + +# Set to "yes" if start-stop-daemon should fail if the service +# is marked as started, but not actually running on stop. + +RC_FAIL_ON_ZOMBIE="no" + + +# Set to "yes" if start-stop-daemon should attempt to kill +# any children left in the system. +# Be careful with this as it really does what it was on the tin. +# fex, if you're in an ssh process and you restart a service on which ssh +# depends then your terminal will be killed also. + +RC_KILL_CHILDREN="no" + + +# Set the amount of seconds start-stop-daemon waits after starting +# the daemon to check it is still running. If it's not then we +# try and stop any children if possible. +RC_WAIT_ON_START="0.1" + + +############################################################################## +# SERVICE CONFIGURATION VARIABLES +# These variables are documented here, but should be configured in +# /etc/conf.d/foo for service foo and NOT enabled here unless you +# really want them to work on a global basis. + +# Some daemons are started and stopped via start-stop-daemon. +# We can launch them through other daemons here, for example valgrind. +# This is only useful for serious debugging of the daemon +# WARNING: If the script's "stop" function does not supply a PID file then +# all processes using the same daemon will be killed. +#RC_DAEMON="/usr/bin/valgrind --tool=memcheck --log-file=/tmp/valgrind.syslog-ng" + +# strace needs to be prefixed with --background as it does not detach when +# it's following +#RC_DAEMON="--background /usr/sbin/strace -f -o /tmp/strace.syslog-ng" + +# Pass ulimit parameters +#RC_ULIMIT="-u 30" + +############################################################################## + + +# +# Internal configuration variables +# +# NB: These are for advanced users, and you should really +# know what you are doing before changing them! +# + +# rc-scripts dep-cache directory +# +# NOTE: Do not remove the next line, as its needed by the baselayout ebuild! +# +# svcdir="/var/lib/init.d" + +svcdir="/var/lib/init.d" + +# Should we mount $svcdir in a ram disk for some speed increase +# for slower machines, or for the more extreme setups ? + +svcmount="no" + +# FS type that should be used for $svcdir. Note that you need +# $svcmount above set to "yes" for this to work ... Currently +# tmpfs, ramfs, and ramdisk are supported (tmpfs is the default). + +svcfstype="tmpfs" + +# Size of $svcdir in KB. Note that ramfs doesn't support this +# due to kernel limitations. + +svcsize=2048 +@ diff --git a/conf.d/.rcs/rsyncd,v b/conf.d/.rcs/rsyncd,v new file mode 100644 index 0000000..0e707a2 --- /dev/null +++ b/conf.d/.rcs/rsyncd,v @@ -0,0 +1,29 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.16.27.03; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/rsyncd: config file for /etc/init.d/rsyncd + +# see man pages for rsync or run `rsync --help` +# for valid cmdline options +#RSYNC_OPTS="" +@ diff --git a/conf.d/.rcs/samba,v b/conf.d/.rcs/samba,v new file mode 100644 index 0000000..f5d2625 --- /dev/null +++ b/conf.d/.rcs/samba,v @@ -0,0 +1,52 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.07.52.12; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@#add "winbind" to the daemon_list if you also want winbind to start +daemon_list="smbd nmbd" + +#---------------------------------------------------------------------------- +# Daemons calls: _ +#---------------------------------------------------------------------------- +my_service_name="samba" +my_service_PRE="unset TMP TMPDIR" +my_service_POST="" + +#---------------------------------------------------------------------------- +# Daemons calls: _ +#---------------------------------------------------------------------------- +smbd_start_options="-D" +smbd_start="start-stop-daemon --start --exec /usr/sbin/smbd -- ${smbd_start_options}" +smbd_stop="start-stop-daemon --stop --exec /usr/sbin/smbd" +smbd_reload="killall -HUP smbd" + +nmbd_start_options="-D" +nmbd_start="start-stop-daemon --start --exec /usr/sbin/nmbd -- ${nmbd_start_options}" +nmbd_stop="start-stop-daemon --stop --exec /usr/sbin/nmbd" +nmbd_reload="killall -HUP nmbd" + +winbind_start_options="" +winbind_start="start-stop-daemon --start --exec /usr/sbin/winbindd -- ${winbind_start_options}" +winbind_stop="start-stop-daemon --stop --oknodo --exec /usr/sbin/winbindd" +winbind_reload="killall -HUP winbindd" + +@ diff --git a/conf.d/.rcs/saslauthd,v b/conf.d/.rcs/saslauthd,v new file mode 100644 index 0000000..3410d3c --- /dev/null +++ b/conf.d/.rcs/saslauthd,v @@ -0,0 +1,49 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.06.52.36; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/files/saslauthd-2.1.21.conf,v 1.2 2007/04/07 13:03:55 chtekk Exp $ + +# Config file for /etc/init.d/saslauthd + +# Initial (empty) options. +SASLAUTHD_OPTS="" + +# Specify the authentications mechanism. +# **NOTE** For a list see: saslauthd -v +# Since 2.1.19, add "-r" to options for old behavior, +# ie. reassemble user and realm to user@@realm form. +#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam -r" +SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam" + +# Specify the hostname for remote IMAP server. +# **NOTE** Only needed if rimap auth mechanism is used. +#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost" + +# Specify the number of worker processes to create. +#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -n 5" + +# Enable credential cache, set cache size and timeout. +# **NOTE** Size is measured in kilobytes. +# Timeout is measured in seconds. +#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -c -s 128 -t 30" +@ diff --git a/conf.d/.rcs/slapd,v b/conf.d/.rcs/slapd,v new file mode 100644 index 0000000..e8d143c --- /dev/null +++ b/conf.d/.rcs/slapd,v @@ -0,0 +1,34 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.16.08.52; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# conf.d file for openldap +# +# To enable both the standard unciphered server and the ssl encrypted +# one uncomment this line or set any other server starting options +# you may desire. +# +# OPTS="-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +OPTS="-h 'ldaps:/// ldap:/// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +# Uncomment the below to use the new slapd configuration for openldap 2.3 +#OPTS="-F /etc/openldap/slapd.d -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +@ diff --git a/conf.d/.rcs/smartd,v b/conf.d/.rcs/smartd,v new file mode 100644 index 0000000..204034f --- /dev/null +++ b/conf.d/.rcs/smartd,v @@ -0,0 +1,28 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.29.22.15.07; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/smartd: config file for /etc/init.d/smartd + +# Insert any other options needed +SMARTD_OPTS="" +@ diff --git a/conf.d/.rcs/snmpd,v b/conf.d/.rcs/snmpd,v new file mode 100644 index 0000000..61f861e --- /dev/null +++ b/conf.d/.rcs/snmpd,v @@ -0,0 +1,41 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.06.42.43; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmpd.conf,v 1.8 2006/11/26 21:37:22 cedk Exp $ + +# Initial (empty) options. +SNMPD_FLAGS="" + +# Enable connection logging. +#SNMPD_FLAGS="${SNMPD_FLAGS} -a" + +# Enable syslog and disable file log. +#SNMPD_FLAGS="${SNMPD_FLAGS} -Lsd -Lf /dev/null" + +# Enable agentx socket as /var/agentx/master +# *NOTE* Before uncommenting this, make sure +# the /var/agentx directory exists. +#SNMPD_FLAGS="${SNMPD_FLAGS} -x /var/agentx/master" +@ diff --git a/conf.d/.rcs/snmptrapd,v b/conf.d/.rcs/snmptrapd,v new file mode 100644 index 0000000..6f2c22e --- /dev/null +++ b/conf.d/.rcs/snmptrapd,v @@ -0,0 +1,40 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.06.42.43; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmptrapd.conf,v 1.1 2005/01/28 11:19:25 ka0ttic Exp $ + +# extra flags to pass to snmptrapd +SNMPTRAPD_FLAGS="" + +# ignore authentication failure traps +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -a" + +# log messages to specified file +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -Lf /var/log/snmptrapd.log" + +# log messages to syslog with the specified facility +# where facility is: 'd' = LOG_DAEMON, 'u' = LOG_USER, [0-7] = LOG_LOCAL[0-7] +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -Ls d" +@ diff --git a/conf.d/.rcs/spamd,v b/conf.d/.rcs/spamd,v new file mode 100644 index 0000000..5fd446f --- /dev/null +++ b/conf.d/.rcs/spamd,v @@ -0,0 +1,70 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.15.48.42; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Config file for /etc/init.d/spamd + + +# ***WARNING*** +# spamd was not designed to listed to an untrusted network. spamd +# is vulnerable to DoS attacks (and eternal doom) if used to listen +# to an untrusted network. +# + + +# Some options: +# +# -c to create a per user configuration file +# -H [dir] to switch home dirs for helper apps, dir optional +# -i [ip] to listen on the specified IP, +# 127.0.0.1 if omitted, +# 0.0.0.0 (ie. all) if given without value; +# must be used in combination with -A to actually allow +# connections from anybody but localhost +# -m limit to set the number of children, default 5 +# -u user the user to run spamd as +# -L if you want to run no net tests +# +# for more help look in man spamd +# +# Note: if you plan on using the -u flag to spamd you will need to +# make sure the location of the PID file is writable by that user. +# This can be done by making the directory /var/run/spamd and +# changing the owner to the UID that runs spamd. You will then +# need to edit $pidfile in /etc/init.d/spamd. This should fix the +# problem with stop/restart in the init scripts. +# +# See http://bugs.gentoo.org/show_bug.cgi?id=70124 for a full +# explanation. + +SPAMD_OPTS="-m 5 -c -H" + +# spamd stores its pid in this file. If you use the -u option to +# run spamd under another user, you might need to adjust it. + +PIDFILE="/var/run/spamd.pid" + +# SPAMD_NICELEVEL lets you set the 'nice'ness of the running +# spamd process + +# SPAMD_NICELEVEL=5 +@ diff --git a/conf.d/.rcs/sshd,v b/conf.d/.rcs/sshd,v new file mode 100644 index 0000000..54d8043 --- /dev/null +++ b/conf.d/.rcs/sshd,v @@ -0,0 +1,45 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.06.55.35; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/sshd: config file for /etc/init.d/sshd + +# Where is your sshd_config file stored? + +SSHD_CONFDIR="/etc/ssh" + + +# Any random options you want to pass to sshd. +# See the sshd(8) manpage for more info. + +SSHD_OPTS="" + + +# Pid file to use (needs to be absolute path). + +#SSHD_PIDFILE="/var/run/sshd.pid" + + +# Path to the sshd binary (needs to be absolute path). + +#SSHD_BINARY="/usr/sbin/sshd" +@ diff --git a/conf.d/.rcs/svnserve,v b/conf.d/.rcs/svnserve,v new file mode 100644 index 0000000..6cef241 --- /dev/null +++ b/conf.d/.rcs/svnserve,v @@ -0,0 +1,34 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.07.02.11; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# The commented variables in this file are the defaults that are used +# in the init-script. You don't need to uncomment them except to +# customize them to different values. + +# Options for svnserve +#SVNSERVE_OPTS="--root=/var/svn" + +# User and group as which to run svnserve +#SVNSERVE_USER="svn" +#SVNSERVE_GROUP="svnusers" +@ diff --git a/conf.d/.rcs/syslog-ng,v b/conf.d/.rcs/syslog-ng,v new file mode 100644 index 0000000..a48bfd5 --- /dev/null +++ b/conf.d/.rcs/syslog-ng,v @@ -0,0 +1,30 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.21.54.44; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Config file for /etc/init.d/syslog-ng + +# Put any additional options for syslog-ng here. +# See syslog-ng(8) for more information. + +SYSLOG_NG_OPTS="" +@ diff --git a/conf.d/.rcs/teamspeak3-server,v b/conf.d/.rcs/teamspeak3-server,v new file mode 100644 index 0000000..2846630 --- /dev/null +++ b/conf.d/.rcs/teamspeak3-server,v @@ -0,0 +1,25 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.27.20.49.16; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@export LD_LIBRARY_PATH=".:$LD_LIBRARY_PATH" +@ diff --git a/conf.d/.rcs/twistd,v b/conf.d/.rcs/twistd,v new file mode 100644 index 0000000..5527bdb --- /dev/null +++ b/conf.d/.rcs/twistd,v @@ -0,0 +1,31 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.06.44.59; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@ +# These are passed to twistd. +# TWISTD_OPTS="--no_save --logfile=/var/log/twistd -y /etc/twistd.tac" +# TWISTD_OPTS="--no_save --logfile=/var/log/twistd -f /etc/twistd.tap" + +# Make any additions to PYTHONPATH the twistd needs here. +# PYTHONPATH="/path/to/extra/python/modules" +@ diff --git a/conf.d/.rcs/udev,v b/conf.d/.rcs/udev,v new file mode 100644 index 0000000..3b929d5 --- /dev/null +++ b/conf.d/.rcs/udev,v @@ -0,0 +1,87 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.20.36.32; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/udev: config file for udev + +# We discourage to disable persistent-net!! +# this may lead to random interface naming + +# Disable adding new rules for persistent-net +persistent_net_disable="no" + +# Disable adding new rules for persistent-cd +# Disabling this will stop new cdrom devices to appear +# as /dev/{cdrom,cdrw,dvd,dvdrw} +persistent_cd_disable="no" + +# Set to "yes" if you want to save /dev to a tarball on shutdown +# and restore it on startup. This is useful if you have a lot of +# custom device nodes that udev does not handle/know about. +# +# As this option is fragile, we recommend you +# to create your devices in /lib64/udev/devices. +# These will be copied to /dev on boot. +#rc_device_tarball="NO" + +# udev can trigger coldplug events which cause services to start and +# kernel modules to be loaded. +# Services are deferred to start in the boot runlevel. +# Set rc_coldplug="NO" if you don't want this. +# If you want module coldplugging but not coldplugging of services then you +# can disable service coldplugging in baselayout/openrc config files. +# The setting is named different in different versions. +# in /etc/rc.conf: rc_hotplug="!*" or +# in /etc/conf.d/rc: rc_plug_services="!*" +#rc_coldplug="YES" + + + + +# Expert options: + +# Disable warning about unreliable kernel/udev combination +#unreliable_kernel_warning="no" + +# Timeout in seconds to wait for processing of uevents at boot. +# There should be no need to change this. +#udev_settle_timeout="60" + +# Run udevd so that all events are serialized, read more in man udevd at --debug-trace +#udev_trace="YES" + +# Run udevd --debug and write output to /dev/.udev/udev.log +# Should not be kept on as it fills diskspace slowly +#udev_debug="YES" + +# Run udevadmin monitor to get a log of all events +# in /dev/.udev/udevmonitor.log +#udev_monitor="YES" + +# Keep udevmonitor running after populating /dev. +#udev_monitor_keep_running="no" + +# Set cmdline options for udevmonitor. +# could be some of --env --kernel --udev +#udev_monitor_opts="--env" + +@ diff --git a/conf.d/.rcs/urandom,v b/conf.d/.rcs/urandom,v new file mode 100644 index 0000000..a0400ce --- /dev/null +++ b/conf.d/.rcs/urandom,v @@ -0,0 +1,32 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.18.08.57.19; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/urandom + +# Sometimes you want to have urandom start before "localmount" +# (say for crypt swap), so you will need to customize this +# behavior. If you have /var on a separate partition, then +# make sure this path lives on your root device somewhere. + +URANDOM_SEED="/var/run/random-seed" +@ diff --git a/conf.d/.rcs/wireless.example,v b/conf.d/.rcs/wireless.example,v new file mode 100644 index 0000000..246e158 --- /dev/null +++ b/conf.d/.rcs/wireless.example,v @@ -0,0 +1,322 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.18.08.57.19; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/conf.d/wireless: +# Global wireless config file for net.* rc-scripts + +# +# Usage of /etc/conf.d/wireless is deprecated ... make sure you +# put all settings in /etc/conf.d/net +# + + +############################################################################## +# IMPORTANT +# linux-wlan-ng is not supported as they have their own configuration program +# ensure that /etc/conf.d/net has the entry "!iwconfig" in it's modules line +# Try and use an alternative driver if you need to use this - hostap-driver +# supports non-usb linux-wlan-ng driven devices +############################################################################## + +############################################################################## +# HINTS +############################################################################## +# Remember to change eth0 to your wireless interface which may be +# eth0, eth1, wlan0, ath0 - you get the idea. If you're not sure +# you can type "iwconfig" at the command prompt and it will tell you which +# interfaces are wireless. +# Say that your wireless interface is ath0 - the line +# #essid_eth0="any" +# becomes +# #essid_ath0="any" +# +# Remember to change ESSID to your ESSID. +# Say that your ESSID is My NET - the line +# #key_ESSID="s:passkey" +# becomes +# #key_My_NET="s:passkey" +# Notice that the space has changed to an underscore - do the same with all +# characters not in a-z A-Z (english alphabet) 0-9. This only applies to +# variables and not values. +# +# Any ESSID's in values like essid_eth0="My NET" may need to be escaped +# This means placing the character \ before the character +# \" need to be escaped for example +# So if your ESSID is +# My "\ NET +# it becomes +# My \"\\ NET +# for example +# #essid_eth0="My\"\\NET" +# +# So using the above we can use +# #dns_domain_My____NET="My\"\\NET" +# which is an invalid dns domain, but shows the how to use the variable +# structure +# +# As a final note, most users will just need to set the following options +# key_ESSID1="s:yourkeyhere enc open" # s: means a text key +# key_ESSID2="aaaa-bbbb-cccc-dd" # no s: means a hex key +# preferred_aps=( "ESSID1" "ESSID2" ) +# +# Clear? Good. Now configure your wireless network below +######################################################### + +############################################################################## +# SETTINGS +############################################################################## +# Hard code an ESSID to an interface - leave this unset if you wish the driver +# to scan for available Access Points +# Set to "any" to connect to any ESSID - the driver picks an Access Point +# This needs to be done when the driver doesn't support scanning +# This may work for drivers that don't support scanning but you need automatic +# AP association +# I would only set this as a last resort really - use the preferred_aps +# setting at the bottom of this file + +# However, using ad-hoc (without scanning for APs) and master mode +# do require the ESSID to be set - do this here +#essid_eth0="any" + +# Set the mode of the interface (managed, ad-hoc, master or auto) +# The default is auto +# If it's ad-hoc or master you also may need to specify the channel below +#mode_eth0="auto" + +# If managed mode fails, drop to ad-hoc mode with the below ESSID? +#adhoc_essid_eth0="WLAN" + +#Channel can be set (1-14), but defaults to 3 if not set. +# +# The below is taken verbatim from the BSD wavelan documentation found at +# http://www.netbsd.org/Documentation/network/wavelan.html +# There are 14 channels possible; We are told that channels 1-11 are legal for +# North America, channels 1-13 for most of Europe, channels 10-13 for France, +# and only channel 14 for Japan. If in doubt, please refer to the documentation +# that came with your card or access point. Make sure that the channel you +# select is the same channel your access point (or the other card in an ad-hoc +# network) is on. The default for cards sold in North America and most of Europe +# is 3; the default for cards sold in France is 11, and the default for cards +# sold in Japan is 14. +#channel_eth0="3" + +# Setup any other config commands. This is basically the iwconfig argument +# without the iwconfig $iface. +#iwconfig_eth0="" + +# Set private driver ioctls. This is basically the iwpriv argument without +# the iwpriv $iface. If you use the rt2500 driver (not the rt2x00 one) then +# you can set WPA here, below is an example. +#iwpriv_eth0="" +#iwpriv_ESSID=( +# "set AuthMode=WPAPSK" +# "set EncrypType=TKIP" +# "set WPAPSK=yourpasskey" +#) +#NOTE: Even though you can use WPA like so, you may have to set a WEP key +#if your driver claims the AP is encrypted. The WEP key itself will not be +#used though. + +# Seconds to wait before scanning +# Some drivers need to wait until they have finished "loading" +# before they can scan - otherwise they error and claim that they cannot scan +# or resource is unavailable. The default is to wait zero seconds +#sleep_scan_eth0="1" + +# Seconds to wait until associated. The default is to wait 10 seconds. +# 0 means wait indefinitely. WARNING: this can cause an infinite delay when +# booting. +#associate_timeout_eth0="5" + +# By default a successful association in Managed mode sets the MAC +# address of the AP connected to. However, some drivers (namely +# the ipw2100) don't set an invalid MAC address when association +# fails - so we need to check on link quality which some drivers +# don't report properly either. +# So if you have connection problems try flipping this setting +# Valid options are MAC, quality and all - defaults to MAC +#associate_test_eth0="MAC" + +# Some driver/card combinations need to scan in Ad-Hoc mode +# After scanning, the mode is reset to the one defined above +#scan_mode_eth0="Ad-Hoc" + +# Below you can define private ioctls to run before and after scanning +# Format is the same as the iwpriv_eth0 above +# This is needed for the HostAP drivers +#iwpriv_scan_pre_eth0="host_roaming 2" +#iwpriv_scan_post_eth0="host_roaming 0" + +# Define a WEP key per ESSID or MAC address (of the AP, not your card) +# The encryption type (open or restricted) must match the +# encryption type on the Access Point +# You can't use "any" for an ESSID here +#key_ESSID="1234-1234-1234-1234-1234-1234-56" +# or you can use strings. Passphrase IS NOT supported +# To use a string, prefix it with s: +# Note - this example also sets the encryption method to open +# which is regarded as more secure than restricted +#key_ESSID="s:foobar enc open" +#key_ESSID="s:foobar enc restricted" + +# If you have whitespace in your key, here's how to set it and use other +# commands like using open encryption. +#key_ESSID="s:'foo bar' enc open" + +# WEP key for the AP with MAC address 001122334455 +#mac_key_001122334455="s:foobar" + +# Here are some more examples of keys as some users find others work +# and some don't where they should all do the same thing +#key_ESSID="open s:foobar" +#key_ESSID="open 1234-5678-9012" +#key_ESSID="s:foobar enc open" +#key_ESSID="1234-5678-9012 enc open" + +# You may want to set multiple keys - here's an example +# It sets 4 keys on the card and instructs to use key 2 by default +#key_ESSID="[1] s:passkey1 key [2] s:passkey2 key [3] s:passkey3 key [4] s:passkey4 key [2]" + +# You can also override the interface settings found in /etc/conf.d/net +# per ESSID - which is very handy if you use different networks a lot +#config_ESSID=( "dhcp" ) +#dhcpcd_ESSID="-t 5" +#routes_ESSID=() +#fallback_ESSID=() + +# Setting name/domain server causes /etc/resolv.conf to be overwritten +# Note that if DHCP is used, and you want this to take precedence then +# please put -R in your dhcpcd options +#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) +#dns_domain_ESSID="some.domain" +#dns_search_path_ESSID="search.this.domain search.that.domain" +# Please check the man page for resolv.conf for more information +# as domain and search (searchdomains) are mutually exclusive and +# searchdomains takes precedence + +# You can also set any of the /etc/conf.d/net variables per MAC address +# in case you use Access Points with the same ESSID but need different +# networking configs. Below is an example - of course you use the same +# method with other variables +#config_001122334455=( "dhcp" ) +#dhcpcd_001122334455="-t 10" +#dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) + +# Map a MAC address to an ESSID +# This is used when the Access Point is not broadcasting it's ESSID +# WARNING: This will override the ESSID being broadcast due to some +# Access Points sending an ESSID even when they have been configured +# not to! +# Change 001122334455 to the MAC address and ESSID to the ESSID +# it should map to +#mac_essid_001122334455="ESSID" + +# This lists the preferred ESSIDs to connect to in order +# ESSID's can contain any characters here as they must match the broadcast +# ESSID exactly. +# Surround each ESSID with the " character and separate them with a space +# If the first ESSID isn't found then it moves onto the next +# If this isn't defined then it connects to the first one found +#preferred_aps=( "ESSID 1" "ESSID 2" ) + +# You can also define a preferred_aps list per interface +#preferred_aps_eth0=( "ESSID 3" "ESSID 4" ) + +# You can also say whether we only connect to preferred APs or not +# Values are "any", "preferredonly", "forcepreferred", "forcepreferredonly" and "forceany" +# "any" means it will connect to visible APs in the preferred list and then any +# other available AP +# "preferredonly" means it will only connect to visible APs in the preferred list +# "forcepreferred" means it will forcibly connect to APs in order if it does not find +# them in a scan +# "forcepreferredonly" means it forcibly connects to the APs in order and does not bother +# to scan +# "forceany" does the same as forcepreferred + connects to any other available AP +# Default is "any" +#associate_order="any" +#associate_order_eth0="any" + +# You can define blacklisted Access Points in the same way +#blacklist_aps=( "ESSID 1" "ESSID 2" ) +#blacklist_aps_eth0=( "ESSID 3" ESSID 4" ) + +# If you have more than one wireless card, you can say if you want +# to allow each card to associate with the same Access Point or not +# Values are "yes" and "no" +# Default is "yes" +#unique_ap="yes" +#unique_ap_eth0="yes" + +# IMPORTANT: preferred_only, blacklisted_aps and unique_ap only work when +# essid_eth0 is not set and your card is capable of scanning + +# NOTE: preferred_aps list ignores blacklisted_aps - so if you have +# the same ESSID in both, well, you're a bit silly :p + + +############################################################################## +# ADVANCED CONFIGURATION +# +# Two functions can be defined which will be called surrounding the +# associate function. The functions are called with the interface +# name first so that one function can control multiple adapters. +# +# The return values for the preassociate function should be 0 +# (success) to indicate that configuration or deconfiguration of the +# interface can continue. If preassociate returns a non-zero value, then +# interface configuration will be aborted. +# +# The return value for the postassociate function is ignored +# since there's nothing to do if it indicates failure. + +#preassociate() { +# # The below adds two configuration variables leap_user_ESSID +# # and leap_pass_ESSID. When they are both configured for the ESSID +# # being connected to then we run the CISCO LEAP script +# +# local user pass +# eval user=\"\$\{leap_user_${ESSIDVAR}\}\" +# eval pass=\"\$\{leap_pass_${ESSIDVAR}\}\" +# +# if [[ -n ${user} && -n ${pass} ]]; then +# if [[ ! -x /opt/cisco/bin/leapscript ]]; then +# eend "For LEAP support, please emerge net-misc/cisco-aironet-client-utils" +# return 1 +# fi +# einfo "Waiting for LEAP Authentication on \"${ESSID//\\\\//}\"" +# if /opt/cisco/bin/leapscript ${user} ${pass} | grep -q 'Login incorrect'; then +# ewarn "Login Failed for ${user}" +# return 1 +# fi +# fi +# +# return 0 +#} + +#postassociate() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +# # Return 0 always +# return 0 +#} +@ diff --git a/conf.d/apache2 b/conf.d/apache2 new file mode 100644 index 0000000..700cdce --- /dev/null +++ b/conf.d/apache2 @@ -0,0 +1,75 @@ +# /etc/conf.d/apache2: config file for /etc/init.d/apache2 + +# When you install a module it is easy to activate or deactivate the modules +# and other features of apache using the APACHE2_OPTS line. Every module should +# install a configuration in /etc/apache2/modules.d. In that file will have an +# directive where NNN is the option to enable that module. +# +# Here are the options available in the default configuration: +# +# AUTH_DIGEST Enables mod_auth_digest +# AUTHNZ_LDAP Enables authentication through mod_ldap (available if USE=ldap) +# CACHE Enables mod_cache +# DAV Enables mod_dav +# ERRORDOCS Enables default error documents for many languages. +# INFO Enables mod_info, a useful module for debugging +# LANGUAGE Enables content-negotiation based on language and charset. +# LDAP Enables mod_ldap (available if USE=ldap) +# MANUAL Enables /manual/ to be the apache manual (available if USE=docs) +# MEM_CACHE Enables default configuration mod_mem_cache +# PROXY Enables mod_proxy +# SSL Enables SSL (available if USE=ssl) +# STATUS Enabled mod_status, a useful module for statistics +# SUEXEC Enables running CGI scripts (in USERDIR) through suexec. +# USERDIR Enables /~username mapping to /home/username/public_html +# +# +# The following two options provide the default virtual host for the HTTP and +# HTTPS protocol. YOU NEED TO ENABLE AT LEAST ONE OF THEM, otherwise apache +# will not listen for incomming connections on the approriate port. +# +# DEFAULT_VHOST Enables name-based virtual hosts, with the default +# virtual host being in /var/www/localhost/htdocs +# SSL_DEFAULT_VHOST Enables default vhost for SSL (you should enable this +# when you enable SSL) +# +#APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D LANGUAGE" +APACHE2_OPTS="-D DEFAULT_VHOST -D PHP5 -D SSL -D SSL_DEFAULT_VHOST -D MANUAL -D PERL -D INFO -D STATUS -D DAV -D SVN -D ERRORDOCS -D LANGUAGE -D FASTCGI" + +# Extended options for advanced uses of Apache ONLY +# You don't need to edit these unless you are doing crazy Apache stuff +# As not having them set correctly, or feeding in an incorrect configuration +# via them will result in Apache failing to start +# YOU HAVE BEEN WARNED. + +# PID file +#PIDFILE=/var/run/apache2.pid + +# timeout for startup/shutdown checks +#TIMEOUT=10 + +# ServerRoot setting +#SERVERROOT=/usr/lib64/apache2 + +# Configuration file location +# - If this does NOT start with a '/', then it is treated relative to +# $SERVERROOT by Apache +#CONFIGFILE=/etc/apache2/httpd.conf + +# Location to log startup errors to +# They are normally dumped to your terminal. +STARTUPERRORLOG="/var/log/apache2/startuperror.log" + +# A command that outputs a formatted text version of the HTML at the URL +# of the command line. Designed for lynx, however other programs may work. +#LYNX="lynx -dump" + +# The URL to your server's mod_status status page. +# Required for status and fullstatus +#STATUSURL="http://localhost/server-status" + +# Method to use when reloading the server +# Valid options are 'restart' and 'graceful' +# See http://httpd.apache.org/docs/2.2/stopping.html for information on +# what they do and how they differ. +#RELOAD_TYPE="graceful" diff --git a/conf.d/apache2.sarah b/conf.d/apache2.sarah new file mode 100644 index 0000000..437f214 --- /dev/null +++ b/conf.d/apache2.sarah @@ -0,0 +1,74 @@ +# /etc/conf.d/apache2: config file for /etc/init.d/apache2 + +# When you install a module it is easy to activate or deactivate the modules +# and other features of apache using the APACHE2_OPTS line. Every module should +# install a configuration in /etc/apache2/modules.d. In that file will have an +# directive where NNN is the option to enable that module. +# +# Here are the options available in the default configuration: +# +# AUTH_DIGEST Enables mod_auth_digest +# AUTHNZ_LDAP Enables authentication through mod_ldap (available if USE=ldap) +# CACHE Enables mod_cache +# DAV Enables mod_dav +# ERRORDOCS Enables default error documents for many languages. +# INFO Enables mod_info, a useful module for debugging +# LANGUAGE Enables content-negotiation based on language and charset. +# LDAP Enables mod_ldap (available if USE=ldap) +# MANUAL Enables /manual/ to be the apache manual (available if USE=docs) +# MEM_CACHE Enables default configuration mod_mem_cache +# PROXY Enables mod_proxy +# SSL Enables SSL (available if USE=ssl) +# SUEXEC Enables running CGI scripts (in USERDIR) through suexec. +# USERDIR Enables /~username mapping to /home/username/public_html +# +# +# The following two options provide the default virtual host for the HTTP and +# HTTPS protocol. YOU NEED TO ENABLE AT LEAST ONE OF THEM, otherwise apache +# will not listen for incomming connections on the approriate port. +# +# DEFAULT_VHOST Enables name-based virtual hosts, with the default +# virtual host being in /var/www/localhost/htdocs +# SSL_DEFAULT_VHOST Enables default vhost for SSL (you should enable this +# when you enable SSL) +# +#APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC" +APACHE2_OPTS="-D DEFAULT_VHOST -D PHP5 -D SSL -D SSL_DEFAULT_VHOST -D MANUAL -D PERL -D INFO -D STATUS -D DAV -D SVN -D ERRORDOCS -D LANGUAGE -D FASTCGI" + +# Extended options for advanced uses of Apache ONLY +# You don't need to edit these unless you are doing crazy Apache stuff +# As not having them set correctly, or feeding in an incorrect configuration +# via them will result in Apache failing to start +# YOU HAVE BEEN WARNED. + +# PID file +#PIDFILE=/var/run/apache2.pid + +# timeout for startup/shutdown checks +#TIMEOUT=10 + +# ServerRoot setting +#SERVERROOT=/usr/lib/apache2 + +# Configuration file location +# - If this does NOT start with a '/', then it is treated relative to +# $SERVERROOT by Apache +#CONFIGFILE=/etc/apache2/httpd.conf + +# Location to log startup errors to +# They are normally dumped to your terminal. +STARTUPERRORLOG="/var/log/apache2/startuperror.log" + +# A command that outputs a formatted text version of the HTML at the URL +# of the command line. Designed for lynx, however other programs may work. +#LYNX="lynx -dump" + +# The URL to your server's mod_status status page. +# Required for status and fullstatus +#STATUSURL="http://localhost/server-status" + +# Method to use when reloading the server +# Valid options are 'restart' and 'graceful' +# See http://httpd.apache.org/docs/2.2/stopping.html for information on +# what they do and how they differ. +#RELOAD_TYPE="graceful" diff --git a/conf.d/auditd b/conf.d/auditd new file mode 100644 index 0000000..6156c45 --- /dev/null +++ b/conf.d/auditd @@ -0,0 +1,16 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /etc/conf.d/.rcs/auditd,v 1.1 2010/11/30 21:59:04 root Exp $ + +# Configuration options for auditd +# -f for foreground mode +# There are some other options as well, but you'll have to look in the source +# code to find them as they aren't ready for use yet. +EXTRAOPTIONS='' + +# Audit rules file to run after starting auditd +RULEFILE_STARTUP=/etc/audit/audit.rules + +# Audit rules file to run before and after stopping auditd +RULEFILE_STOP_PRE=/etc/audit/audit.rules.stop.pre +RULEFILE_STOP_POST=/etc/audit/audit.rules.stop.post diff --git a/conf.d/autofs b/conf.d/autofs new file mode 100644 index 0000000..6c8d9c7 --- /dev/null +++ b/conf.d/autofs @@ -0,0 +1,136 @@ +# +# Define default options for autofs. +# +# MASTER_MAP_NAME - default map name for the master map. +# +#MASTER_MAP_NAME="auto.master" +# +# TIMEOUT - set the default mount timeout (default 600). +# +TIMEOUT=300 +# +# NEGATIVE_TIMEOUT - set the default negative timeout for +# failed mount attempts (default 60). +# +#NEGATIVE_TIMEOUT=60 +# +# MOUNT_WAIT - time to wait for a response from umount(8). +# Setting this timeout can cause problems when +# mount would otherwise wait for a server that +# is temporarily unavailable, such as when it's +# restarting. The defailt of waiting for mount(8) +# usually results in a wait of around 3 minutes. +# +#MOUNT_WAIT=-1 +# +# UMOUNT_WAIT - time to wait for a response from umount(8). +# +#UMOUNT_WAIT=12 +# +# BROWSE_MODE - maps are browsable by default. +# +BROWSE_MODE="no" +# +# MOUNT_NFS_DEFAULT_PROTOCOL - specify the default protocol used by +# mount.nfs(8). Since we can't identify +# the default automatically we need to +# set it in our configuration. This will +# only make a difference for replicated +# map entries as availability probing isn't +# used for single host map entries. +# +#MOUNT_NFS_DEFAULT_PROTOCOL=3 +# +# APPEND_OPTIONS - append to global options instead of replace. +# +#APPEND_OPTIONS="yes" +# +# LOGGING - set default log level "none", "verbose" or "debug" +# +#LOGGING="none" +# +# Define server URIs +# +# LDAP_URI - space seperated list of server uris of the form +# ://[/] where can be ldap +# or ldaps. The option can be given multiple times. +# Map entries that include a server name override +# this option. +# +# This configuration option can also be used to +# request autofs lookup SRV RRs for a domain of +# the form :///[]. Note that a +# trailing "/" is not allowed when using this form. +# If the domain dn is not specified the dns domain +# name (if any) is used to construct the domain dn +# for the SRV RR lookup. The server list returned +# from an SRV RR lookup is refreshed according to +# the minimum ttl found in the SRV RR records or +# after one hour, whichever is less. +# +#LDAP_URI="" +# +# LDAP__TIMEOUT - timeout value for the synchronous API calls +# (default is LDAP library default). +# +#LDAP_TIMEOUT=-1 +# +# LDAP_NETWORK_TIMEOUT - set the network response timeout (default 8). +# +#LDAP_NETWORK_TIMEOUT=8 +# +# Define base dn for map dn lookup. +# +# SEARCH_BASE - base dn to use for searching for map search dn. +# Multiple entries can be given and they are checked +# in the order they occur here. +# +#SEARCH_BASE="" +# +# Define the LDAP schema to used for lookups +# +# If no schema is set autofs will check each of the schemas +# below in the order given to try and locate an appropriate +# basdn for lookups. If you want to minimize the number of +# queries to the server set the values here. +# +#MAP_OBJECT_CLASS="nisMap" +#ENTRY_OBJECT_CLASS="nisObject" +#MAP_ATTRIBUTE="nisMapName" +#ENTRY_ATTRIBUTE="cn" +#VALUE_ATTRIBUTE="nisMapEntry" +# +# Other common LDAP nameing +# +#MAP_OBJECT_CLASS="automountMap" +#ENTRY_OBJECT_CLASS="automount" +#MAP_ATTRIBUTE="ou" +#ENTRY_ATTRIBUTE="cn" +#VALUE_ATTRIBUTE="automountInformation" +# +#MAP_OBJECT_CLASS="automountMap" +#ENTRY_OBJECT_CLASS="automount" +#MAP_ATTRIBUTE="automountMapName" +#ENTRY_ATTRIBUTE="automountKey" +#VALUE_ATTRIBUTE="automountInformation" +# +# AUTH_CONF_FILE - set the default location for the SASL +# authentication configuration file. +# +#AUTH_CONF_FILE="/etc/autofs/autofs_ldap_auth.conf" +# +# MAP_HASH_TABLE_SIZE - set the map cache hash table size. +# Should be a power of 2 with a ratio roughly +# between 1:10 and 1:20 for each map. +# +#MAP_HASH_TABLE_SIZE=1024 +# +# General global options +# +# If the kernel supports using the autofs miscellanous device +# and you wish to use it you must set this configuration option +# to "yes" otherwise it will not be used. +USE_MISC_DEVICE="yes" +# +#OPTIONS="" +# diff --git a/conf.d/books-prod-fcgi b/conf.d/books-prod-fcgi new file mode 100644 index 0000000..476dc49 --- /dev/null +++ b/conf.d/books-prod-fcgi @@ -0,0 +1,21 @@ +# /etc/conf.d/books-prod-fcgi: config file for /etc/init.d/books-prod-fcgi + +DAEMON_USER="frank" +DAEMON_GROUP="users" +PID_DIR="/var/run/frank" + +# Pid file to use (needs to be absolute path). +DAEMON_PIDFILE="${PID_DIR}/books-prod.pid" + +# Working directory (needs to be absolute path). +DAEMON_DIR="/var/www/books" + +# Path to the binary (needs to be absolute path). +DAEMON_BINARY="${DAEMON_DIR}/script/frbr_books_fastcgi.pl" + +# Path to the socket for Apache mod_fastcgi +DAEMON_SOCKET="/tmp/frbr_books_app.sock" + +# Count of daemon processes +DAEMON_COUNT=2 + diff --git a/conf.d/bootmisc b/conf.d/bootmisc new file mode 100644 index 0000000..d79706c --- /dev/null +++ b/conf.d/bootmisc @@ -0,0 +1,10 @@ +# List of /tmp directories we should clean up +clean_tmp_dirs="/tmp" + +# Should we wipe the tmp paths completely or just selectively remove known +# locks / files / etc... ? +wipe_tmp="YES" + +# Write the initial dmesg log into /var/log/dmesg after boot +# This may be useful if you need the kernel boot log afterwards +log_dmesg="YES" diff --git a/conf.d/clamd b/conf.d/clamd new file mode 100644 index 0000000..ee05513 --- /dev/null +++ b/conf.d/clamd @@ -0,0 +1,9 @@ +# Config file for /etc/init.d/clamd + +# NOTICE: Since clamav-0.85-r1, only START_CLAMD and START_FRESHCLAM settings +# are used, other are silently ignored + +START_CLAMD=yes +START_FRESHCLAM=yes +CLAMD_NICELEVEL=3 +FRESHCLAM_NICELEVEL=19 diff --git a/conf.d/consolefont b/conf.d/consolefont new file mode 100644 index 0000000..21c260f --- /dev/null +++ b/conf.d/consolefont @@ -0,0 +1,17 @@ +# consolefont specifies the default font that you'd like Linux to use on the +# console. You can find a good selection of fonts in /usr/share/consolefonts; +# you shouldn't specify the trailing ".psf.gz", just the font name below. +# To use the default console font, comment out the CONSOLEFONT setting below. +# This setting is used by the /etc/init.d/consolefont script (NOTE: if you do +# not want to use it, run "rc-update del consolefont boot" as root). +consolefont="default8x16" + +# consoletranslation is the charset map file to use. Leave commented to use +# the default one. Have a look in /usr/share/consoletrans for a selection of +# map files you can use. +consoletranslation="8859-1_to_uni" + +# unicodemap is the unicode map file to use. Leave commented to use the +# default one. Have a look in /usr/share/unimaps for a selection of map files +# you can use. +#unicodemap="iso01" diff --git a/conf.d/crypto-loop b/conf.d/crypto-loop new file mode 100644 index 0000000..6a88434 --- /dev/null +++ b/conf.d/crypto-loop @@ -0,0 +1,9 @@ +# /etc/conf.d/crypto-loop: Configuration file for /etc/init.d/crypto-loop + +# More info can be found in the init.d script + +# Specify loopback configurations here. The format of this file is +# shown in the following commented-out example. One line per loopback +# configuration. For possible hash values, see `man hashalot`. + +# loop=/dev/loop0 hash='' cipher=serpent keysize=256 device=/dev/system/test other='' diff --git a/conf.d/device-mapper b/conf.d/device-mapper new file mode 100644 index 0000000..bc7a251 --- /dev/null +++ b/conf.d/device-mapper @@ -0,0 +1 @@ +RC_AFTER="lvm" diff --git a/conf.d/dmesg b/conf.d/dmesg new file mode 100644 index 0000000..eb065f2 --- /dev/null +++ b/conf.d/dmesg @@ -0,0 +1,3 @@ +# Sets the level at which logging of messages is done to the +# console. See dmesg(8) for more info. +dmesg_level="1" diff --git a/conf.d/env_whitelist b/conf.d/env_whitelist new file mode 100644 index 0000000..30a3695 --- /dev/null +++ b/conf.d/env_whitelist @@ -0,0 +1,6 @@ +# /etc/conf.d/env_whitelist: Environment whitelist for rc-system + +# Specify which variables are allowed to be passed from the environment to the +# rc-system. If it is not set by the environment, then the variable will be +# taken from /etc/profile.env - meaning, if you need to set LANG or such, +# do it in a /etc/env.d/99myownstuff file for example, and run env-update. diff --git a/conf.d/fsck b/conf.d/fsck new file mode 100644 index 0000000..5d42c9d --- /dev/null +++ b/conf.d/fsck @@ -0,0 +1,27 @@ +# Pass any arguments to fsck. +# By default we preen. +# Linux systems also force -C0 and -T. +# If fsck_args is not specified then Linux systems also use -A +# (and -R if / is rw) +#fsck_args="-p" + +# We can also specify the passno in /etc/fstab to check +# If you multiplex fsck (ie ln -s fsck /etc/init.d/fsck.late) then you can +# do an fsck outside of the normal scope, say for /home. +# Here are some exampes:- +#fsck_passno="=1 =2" +#fsck_passno=">1" +#fsck_passno="<2" + +# Most modern fs's don't require a full fsck on boot, but for those that do +# it may be advisable to skip this when running on battery. +# WARNING: Do not turn this off if you have any JFS partitions. +fsck_on_battery="YES" + +# fsck_shutdown causes fsck to trigger during shutdown as well as startup. +# The end result of this is that if any periodic non-root filesystem checks are +# scheduled, under normal circumstances the actual check will happen during +# shutdown rather than at next boot. +# This is useful when periodic filesystem checks are causing undesirable +# delays at startup, but such delays at shutdown are acceptable. +fsck_shutdown="NO" diff --git a/conf.d/git-daemon b/conf.d/git-daemon new file mode 100644 index 0000000..83867a2 --- /dev/null +++ b/conf.d/git-daemon @@ -0,0 +1,20 @@ +# conf.d file for git-daemon +# +# Please check man 1 git-daemon for more information about the options +# git-daemon accepts. You MUST edit this to include your repositories you wish +# to serve. +# +# Some of the meaningful options are: +# --syslog --- Enables syslog logging +# --verbose --- Enables verbose logging +# --export-all --- Exports all repositories +# --port=XXXX --- Starts in port XXXX instead of 9418 +# +#GITDAEMON_OPTS="--syslog --export-all --verbose /var/lib/git" +GITDAEMON_OPTS="--syslog --verbose --base-path=/var/lib/git /var/lib/git" + +# To run an anonymous git safely, the following user should be able to only +# read your Git repositories. It should not able able to write to anywhere on +# your system, esp. not the repositories. +GIT_USER="nobody" +GIT_GROUP="nobody" diff --git a/conf.d/gpm b/conf.d/gpm new file mode 100644 index 0000000..f21c257 --- /dev/null +++ b/conf.d/gpm @@ -0,0 +1,23 @@ +# /etc/init.d/gpm + +# Please uncomment the type of mouse you have and the appropriate MOUSEDEV entry + +MOUSE=ps2 +#MOUSE=imps2 +#MOUSEDEV=/dev/psaux +MOUSEDEV=/dev/input/mice + +# Extra settings + +#RESPONSIVENESS= +#REPEAT_TYPE=raw + +# Please uncomment this line if you want gpm to understand charsets used +# in URLs and names with ~ or : in them, etc. This is a good idea to turn on! + +#APPEND="-l \"a-zA-Z0-9_.:~/\300-\326\330-\366\370-\377\"" + +# Various other options, see gpm(8) manpage for more. + +#APPEND="-g 1 -A60" +#APPEND="-l \"a-zA-Z0-9_.:~/\300-\326\330-\366\370-\377\" -g 1 -A60" diff --git a/conf.d/hostname b/conf.d/hostname new file mode 100644 index 0000000..738cad5 --- /dev/null +++ b/conf.d/hostname @@ -0,0 +1,2 @@ +# Set to the hostname of this machine +hostname="helga" diff --git a/conf.d/hwclock b/conf.d/hwclock new file mode 100644 index 0000000..4e66ff9 --- /dev/null +++ b/conf.d/hwclock @@ -0,0 +1,22 @@ +# Set CLOCK to "UTC" if your Hardware Clock is set to UTC (also known as +# Greenwich Mean Time). If that clock is set to the local time, then +# set CLOCK to "local". Note that if you dual boot with Windows, then +# you should set it to "local". +clock="UTC" + +# If you want to set the Hardware Clock to the current System Time +# (software clock) during shutdown, then say "YES" here. +# You normally don't need to do this if you run a ntp daemon. +clock_systohc="NO" + +# If you want to set the system time to the current hardware clock +# during bootup, then say "YES" here. You do not need this if you are +# running a modern kernel with CONFIG_RTC_HCTOSYS set to y. +# Also, be aware that if you set this to "NO", the system time will +# never be saved to the hardware clock unless you set +# clock_systohc="YES" above. +clock_hctosys="YES" + +# If you wish to pass any other arguments to hwclock during bootup, +# you may do so here. Alpha users may wish to use --arc or --srm here. +clock_args="" diff --git a/conf.d/ip6tables b/conf.d/ip6tables new file mode 100644 index 0000000..93c0bc8 --- /dev/null +++ b/conf.d/ip6tables @@ -0,0 +1,11 @@ +# /etc/conf.d/ip6tables + +# Location in which iptables initscript will save set rules on +# service shutdown +IP6TABLES_SAVE="/var/lib/ip6tables/rules-save" + +# Options to pass to iptables-save and iptables-restore +SAVE_RESTORE_OPTIONS="-c" + +# Save state on stopping iptables +SAVE_ON_STOP="yes" diff --git a/conf.d/iperf b/conf.d/iperf new file mode 100644 index 0000000..adf2389 --- /dev/null +++ b/conf.d/iperf @@ -0,0 +1,6 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/iperf/files/iperf.confd,v 1.1 2005/01/23 10:52:13 ka0ttic Exp $ + +# extra options (run iperf -h for a list of supported options) +IPERF_OPTS="--format Mbytes" diff --git a/conf.d/iptables b/conf.d/iptables new file mode 100644 index 0000000..91287de --- /dev/null +++ b/conf.d/iptables @@ -0,0 +1,11 @@ +# /etc/conf.d/iptables + +# Location in which iptables initscript will save set rules on +# service shutdown +IPTABLES_SAVE="/var/lib/iptables/rules-save" + +# Options to pass to iptables-save and iptables-restore +SAVE_RESTORE_OPTIONS="-c" + +# Save state on stopping iptables +SAVE_ON_STOP="yes" diff --git a/conf.d/keymaps b/conf.d/keymaps new file mode 100644 index 0000000..a55f29a --- /dev/null +++ b/conf.d/keymaps @@ -0,0 +1,25 @@ +# Use keymap to specify the default console keymap. There is a complete tree +# of keymaps in /usr/share/keymaps to choose from. + +#keymap="us" +keymap="de-latin1-nodeadkeys" + +# Should we first load the 'windowkeys' console keymap? Most x86 users will +# say "yes" here. Note that non-x86 users should leave it as "no". +# Loading this keymap will enable VT switching (like ALT+Left/Right) +# using the special windows keys on the linux console. +windowkeys="YES" + +# The maps to load for extended keyboards. Most users will leave this as is. +extended_keymaps="" +#extended_keymaps="backspace keypad euro2" + +# Tell dumpkeys(1) to interpret character action codes to be +# from the specified character set. +# This only matters if you set unicode="yes" in /etc/rc.conf. +# For a list of valid sets, run `dumpkeys --help` +dumpkeys_charset="" + +# Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro € +# To fix this, set to "yes" +fix_euro="NO" diff --git a/conf.d/killprocs b/conf.d/killprocs new file mode 100644 index 0000000..0cf10d0 --- /dev/null +++ b/conf.d/killprocs @@ -0,0 +1,3 @@ +# If you wish to pass any options to killall5 during shutdown, +# you should do so here. +killall5_opts="" diff --git a/conf.d/lm_sensors b/conf.d/lm_sensors new file mode 100644 index 0000000..0815378 --- /dev/null +++ b/conf.d/lm_sensors @@ -0,0 +1,25 @@ +# Generated by sensors-detect on Wed Dec 1 23:57:50 2010 +# This file is sourced by /etc/init.d/lm_sensors and defines the modules to +# be loaded/unloaded. +# +# The format of this file is a shell script that simply defines variables: +# HWMON_MODULES for hardware monitoring driver modules, and optionally +# BUS_MODULES for any required bus driver module (for example for I2C or SPI). + +# Load modules at startup +LOADMODULES=yes + +# Initialize sensors at startup +INITSENSORS=yes + +HWMON_MODULES="w83627ehf" + +# For compatibility reasons, modules are also listed individually as variables +# MODULE_0, MODULE_1, MODULE_2, etc. +# Please note that the numbers in MODULE_X must start at 0 and increase in +# steps of 1. Any number that is missing will make the init script skip the +# rest of the modules. Use MODULE_X_ARGS for arguments. +# +# You should use BUS_MODULES and HWMON_MODULES instead if possible. + +MODULE_0=w83627ehf diff --git a/conf.d/localmount b/conf.d/localmount new file mode 100644 index 0000000..e3361da --- /dev/null +++ b/conf.d/localmount @@ -0,0 +1,3 @@ +# Stop the unmounting of certain points. +# This could be useful for some NFS related work. +#no_umounts="/dir1:/var/dir2" diff --git a/conf.d/lvm b/conf.d/lvm new file mode 100644 index 0000000..2fbd866 --- /dev/null +++ b/conf.d/lvm @@ -0,0 +1,5 @@ +# LVM should normally only be started after mdraid is available +# this is because LVM physical volumes are very often MD devices. +RC_AFTER="mdraid" + +# vim: ft=gentoo-conf-d diff --git a/conf.d/mdadm b/conf.d/mdadm new file mode 100644 index 0000000..a4ead14 --- /dev/null +++ b/conf.d/mdadm @@ -0,0 +1,7 @@ +# /etc/conf.d/mdadm: config file for /etc/init.d/mdadm + +# Misc options to pass to mdadm in monitor mode. +# For more info, run `mdadm --monitor --help` or see +# the mdadm(8) manpage. + +MDADM_OPTS="--syslog" diff --git a/conf.d/mdraid b/conf.d/mdraid new file mode 100644 index 0000000..daa17ab --- /dev/null +++ b/conf.d/mdraid @@ -0,0 +1,5 @@ +# /etc/conf.d/mdraid: config file for /etc/init.d/mdraid + +# For people who run raid on top of some other layer (like +# dmcrypt), use rc_need to specify that requirement. See +# the runscript(8) man page for more information. diff --git a/conf.d/modules b/conf.d/modules new file mode 100644 index 0000000..a062a62 --- /dev/null +++ b/conf.d/modules @@ -0,0 +1,23 @@ +# You can define a list modules for a specific kernel version, +# a released kernel version, a main kernel version or just a list. +# The most specific versioned variable will take precedence. +#modules_2_6_23_gentoo_r5="ieee1394 ohci1394" +#modules_2_6_23="tun ieee1394" +#modules_2_6="tun" +#modules_2="ipv6" +#modules="ohci1394" + +# You can give modules a different name when they load - the new name +# will also be used to pick arguments below. +#modules="dummy:dummy1" + +# Give the modules some arguments if needed, per version if necessary. +# Again, the most specific versioned variable will take precedence. +#module_ieee1394_args="debug" +#module_ieee1394_args_2_6_23_gentoo_r5="debug2" +#module_ieee1394_args_2_6_23="debug3" +#module_ieee1394_args_2_6="debug4" +#module_ieee1394_args_2="debug5" + +# You should consult your kernel documentation and configuration +# for a list of modules and their options. diff --git a/conf.d/mysql b/conf.d/mysql new file mode 100644 index 0000000..15ff170 --- /dev/null +++ b/conf.d/mysql @@ -0,0 +1,80 @@ +# Here is where we define which server(s) to start. +# Additional parameters to be passed to mysqld at startup may be added here, +# which will override the ones in "my.cnf". +# +# Below are described some suggested parameters to use. +# The parameters not recognized will be passed through to the mysqld daemon +# directly! +# To avoid starting a server just comment it's definition. +# +# Last but not least, SPACES are NOT allowed inside the parameters! +# +# Parameter : description +# ----------------+----------------------------------------------------------- +# nice : integer [-20 .. 19 ] default 0 +# : change the priority of the server -20 (high) to 19 (low) +# : see "man nice 1" for description +# ----------------+----------------------------------------------------------- +# mycnf : string [full path to my.cnf] +# : specify the path to my.cnf file to be used +# ----------------+----------------------------------------------------------- +# startup_timeout : integer [seconds] default 15 +# : time to wait for mysqld up and running, after this it's +# : marked as failed +# ----------------+----------------------------------------------------------- +# +# Additional parameters +# Parameter : description +# ----------------+----------------------------------------------------------- +# server-id : integer [1 .. 255] +# : Uniquely identifies the server instance in the community +# : of replication partners. +# ----------------+----------------------------------------------------------- +# port : integer [1025 .. 65535] default 3306 +# : Port number to use for connection. +# : Looses any meaning if skip-networking is set. +# ----------------+----------------------------------------------------------- +# skip-networking : NULL +# : Don't allow connection through TCP/IP. +# ----------------+----------------------------------------------------------- +# log-bin : string [name of the binlog files] +# : Log update queries in binary format. Optional (but +# : strongly recommended to avoid replication problems if +# : server's hostname changes) argument should be the chosen +# : location for the binary log files. +# ----------------+----------------------------------------------------------- +# Additionally the following variables are recognized: +# +# Be more verbose, accepts values from 1 to 4 +#DEBUG=4 +# +# The default location for the "master" pid file +#MYSQL_GLOB_PID_FILE="/var/run/svc-started-mysqld" +# +# The timeout for a failed attempt to stop a server +#STOPTIMEOUT=120 +# + +# The parameters are passed in a bash array variable, +# the variable name is mysql_slot_0_[server-num] +# "server-num" is an optional number used to start multiple servers +# +# Examples: +# +# start a default server with default options: +#mysql_slot_0=() +# +# start MySQL reniced, overriding some start parameters +#mysql_slot_0=( +# "nice=-5" +# "server-id=123" +# "log-bin="myhost" +# "port=3307" +#) +# +# start another server, different my.cnf +#mysql_slot_0_1=( +# "mycnf=/home/test/my.cnf" +# "server-id=124" +#) +# diff --git a/conf.d/mysqlmanager b/conf.d/mysqlmanager new file mode 100644 index 0000000..8666f71 --- /dev/null +++ b/conf.d/mysqlmanager @@ -0,0 +1,28 @@ +# Here is where we define which server(s) to start. +# Additional parameters to be passed to mysqlmanager at startup may be added here, +# which will override the ones in "my.cnf". +# +# To avoid starting a server just comment it's definition +# here or it will rant (no default start). +# Last but not least, spaces are NOT allowed inside the parameters! +# +# Below are described some suggested parameters to use. +# The parameters not recognized will be passed through to the mysqlmanager directly. +# +# Parameter : description + +# ----------------+----------------------------------------------------------- +# mycnf : string [full path to my.cnf] +# : specify the path to my.cnf file to be used +# : may contain a [manager] section +# ----------------+----------------------------------------------------------- +# +# Basic default +# +#mysqlmanager_slot_0=() +# +# Start MySQL 5.0.X overriding the my.cnf path +#mysqlmanager_slot_500=( +# "mycnf=/home/test/my.cnf" +#) +# diff --git a/conf.d/nagios b/conf.d/nagios new file mode 100644 index 0000000..338311a --- /dev/null +++ b/conf.d/nagios @@ -0,0 +1,10 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-core/files/conf.d,v 1.1 2004/08/20 13:38:13 eldad Exp $ + +# Distributed monitoring users will want to configure here the ip/hostname of the central server. +# It will be used by submit_check_result_via_nsca. +NAGIOS_NSCA_HOST="localhost" + + + diff --git a/conf.d/named b/conf.d/named new file mode 100644 index 0000000..0450d5b --- /dev/null +++ b/conf.d/named @@ -0,0 +1,48 @@ +# Set various named options here. +# +#OPTIONS="" + +# Set this to the number of processors you want bind to use. +# Leave this unchanged if you want bind to automatically detect the number +#CPU="1" + +# If you wish to run bind in a chroot: +# 1) un-comment the CHROOT= assignment, below. You may use +# a different chroot directory but MAKE SURE it's empty. +# 2) run: emerge --config = +# +#CHROOT="/chroot/dns" + +# Uncomment to enable binmount of /usr/share/GeoIP +#CHROOT_GEOIP="1" + +# Uncomment the line below to avoid that the init script mounts the needed paths +# into the chroot directory. +# You have to copy all needed config files by hand if you say CHROOT_NOMOUNT="1". +#CHROOT_NOMOUNT="1" + +# Uncomment this option if you have setup your own chroot environment and you +# don't want/need the chroot consistency check +#CHROOT_NOCHECK=1 + +# Default pid file location +PIDFILE="${CHROOT}/var/run/named/named.pid" + +# Scheduling priority: 19 is the lowest and -20 is the highest. +# Default: 0 +#NAMED_NICELEVEL="0" + +# Uncomment rc_named_use/rc_named_after for the database you need. +# Its necessary to ensure the database backend will be started before named. + +# MySQL +#rc_named_use="mysql" +#rc_named_after="mysql" + +# PostgreSQL +#rc_named_use="pg_autovacuum postgresql" +#rc_named_after="pg_autovacuum postgresql" + +# LDAP +#rc_named_use="ldap" +#rc_named_after="ldap" diff --git a/conf.d/net b/conf.d/net new file mode 100644 index 0000000..4e6947b --- /dev/null +++ b/conf.d/net @@ -0,0 +1,40 @@ +# This blank configuration will automatically use DHCP for any net.* +# scripts in /etc/init.d. To create a more complete configuration, +# please review /etc/conf.d/net.example and save your configuration +# in /etc/conf.d/net (this file :]!). + +dns_domain_lo="brehm-online.com" +dns_servers_lo="127.0.0.1 81.169.163.106 85.214.7.22" +dns_search_lo="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" + +#config_eth0=( +# "85.214.134.152/32 brd 85.214.134.152" +# "85.214.109.1/32 brd 85.214.109.1" +# "2a01:238:4225:6e00:8f8c:808a:7fb8:88df/128" +#) +config_eth0="85.214.134.152/32 85.214.109.1/32 2a01:238:4225:6e00:8f8c:808a:7fb8:88df/128" + +#routes_eth0=( +# "default via 192.168.0.1" # IPv4 default route +# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route +# "::/0" # IPv6 unicast +#) + +# 85.214.128.1 dev eth0 scope link +# 169.254.0.0/16 dev eth0 scope link +# default via 85.214.128.1 dev eth0 + +#routes_eth0=( +# "85.214.128.1 dev eth0 scope link" +# "169.254.0.0/16 dev eth0 scope link" +# "default via 85.214.128.1" +#) +# "-family inet6 default via fe80::1 dev eth0" +routes_eth0="85.214.128.1 dev eth0 scope link +169.254.0.0/16 dev eth0 scope link +default via 85.214.128.1 +" + +dns_domain_eth0="brehm-online.com" +dns_servers_eth0="127.0.0.1 81.169.163.106 85.214.7.22" +dns_search_eth0="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" diff --git a/conf.d/net.example b/conf.d/net.example new file mode 100644 index 0000000..e60b10c --- /dev/null +++ b/conf.d/net.example @@ -0,0 +1,871 @@ +# This file is obsolete. + +# This file is obsolete. + +# This file is obsolete. + +############################################################################## +# QUICK-START +# +# The quickest start is if you want to use DHCP. +# In that case, everything should work out of the box, no configuration +# necessary, though the startup script will warn you that you haven't +# specified anything. + +# WARNING :- some examples have a mixture of IPv4 (ie 192.168.0.1) and IPv6 +# (ie 4321:0:1:2:3:4:567:89ab) internet addresses. They only work if you have +# the relevant kernel option enabled. So if you don't have an IPv6 enabled +# kernel then remove the IPv6 address from your config. + +# If you want to use a static address or use DHCP explicitly, jump +# down to the section labelled INTERFACE HANDLERS. +# +# If you want to do anything more fancy, you should take the time to +# read through the rest of this file. + +############################################################################## +# MODULES +# +# We now support modular networking scripts which means we can easily +# add support for new interface types and modules while keeping +# compatability with existing ones. +# +# Modules load by default if the package they need is installed. If +# you specify a module here that doesn't have it's package installed +# then you get an error stating which package you need to install. +# Ideally, you only use the modules setting when you have two or more +# packages installed that supply the same service. +# +# In other words, you probably should DO NOTHING HERE... + +# Prefer ifconfig over iproute2 +#modules=( "ifconfig" ) + +# You can also specify other modules for an interface +# In this case we prefer udhcpc over dhcpcd +#modules_eth0=( "udhcpc" ) + +# You can also specify which modules not to use - for example you may be +# using a supplicant or linux-wlan-ng to control wireless configuration but +# you still want to configure network settings per ESSID associated with. +#modules=( "!iwconfig" "!wpa_supplicant" ) +# IMPORTANT: If you need the above, please disable modules in that order + + +############################################################################## +# INTERFACE HANDLERS +# +# We provide two interface handlers presently: ifconfig and iproute2. +# You need one of these to do any kind of network configuration. +# For ifconfig support, emerge sys-apps/net-tools +# For iproute2 support, emerge sys-apps/iproute2 + +# If you don't specify an interface then we prefer iproute2 if it's installed +# To prefer ifconfig over iproute2 +#modules=( "ifconfig" ) + +# For a static configuration, use something like this +# (They all do exactly the same thing btw) +#config_eth0=( "192.168.0.2/24" ) +#config_eth0=( "192.168.0.2 netmask 255.255.255.0" ) + +# We can also specify a broadcast +#config_eth0=( "192.168.0.2/24 brd 192.168.0.255" ) +#config_eth0=( "192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255" ) + +# If you need more than one address, you can use something like this +# NOTE: ifconfig creates an aliased device for each extra IPv4 address +# (eth0:1, eth0:2, etc) +# iproute2 does not do this as there is no need to +#config_eth0=( +# "192.168.0.2/24" +# "192.168.0.3/24" +# "192.168.0.4/24" +#) +# Or you can use sequence expressions +#config_eth0=( "192.168.0.{2..4}/24" ) +# which does the same as above. Be careful though as if you use this and +# fallbacks, you have to ensure that both end up with the same number of +# values otherwise your fallback won't work correctly. + +# You can also use IPv6 addresses +# (you should always specify a prefix length with IPv6 here) +#config_eth0=( +# "192.168.0.2/24" +# "4321:0:1:2:3:4:567:89ab/64" +# "4321:0:1:2:3:4:567:89ac/64" +#) + +# If you wish to keep existing addresses + routing and the interface is up, +# you can specify a noop (no operation). If the interface is down or there +# are no addresses assigned, then we move onto the next step (default dhcp) +# This is useful when configuring your interface with a kernel command line +# or similar +#config_eth0=( "noop" "192.168.0.2/24" ) + +# If you don't want ANY address (only useful when calling for advanced stuff) +#config_eth0=( "null" ) + +# Here's how to do routing if you need it +#routes_eth0=( +# "default via 192.168.0.1" # IPv4 default route +# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route +# "::/0" # IPv6 unicast +#) + +# If a specified module fails (like dhcp - see below), you can specify a +# fallback like so +#fallback_eth0=( "192.168.0.2 netmask 255.255.255.0" ) +#fallback_route_eth0=( "default via 192.168.0.1" ) + +# NOTE: fallback entry must match the entry location in config_eth0 +# As such you can only have one fallback route. + +# Some users may need to alter the MTU - here's how +#mtu_eth0="1500" + +# Each module described below can set a default base metric, lower is +# preferred over higher. This is so we can prefer a wired route over a +# wireless route automaticaly. You can override this by setting +#metric_eth0="100" +# or on a global basis +#metric="100" +# The only downside of the global setting is that you have to ensure that +# there are no conflicting routes yourself. For users with large routing +# tables you may have to set a global metric as the due to a simple read of +# the routing table taking over a minute at a time. + +############################################################################## +# OPTIONAL MODULES + +# INTERFACE RENAMING +# There is no consistent device renaming scheme for Linux. +# The preferred way of naming devices is via the kernel module directly or +# by using udev (http://www.reactivated.net/udevrules.php) + +# If you are unable to write udev rules, then we do provide a way of renaming +# the interface based on it's MAC address, but it is not optimal. +# Here is how to rename an interface whose MAC address is 00:11:22:33:44:55 +# to foo1 +#rename_001122334455="foo1" + +# You can also do this based on current device name - although this is not +# recommended. Here we rename eth1 to foo2. +#rename_eth1="foo2" + +#----------------------------------------------------------------------------- +# WIRELESS (802.11 support) +# Wireless can be provided by iwconfig or wpa_supplicant + +# iwconfig +# emerge net-wireless/wireless-tools +# Wireless options are held in /etc/conf.d/wireless - but could be here too +# Consult the sample file /etc/conf.d/wireless.example for instructions +# iwconfig is the default + +# wpa_supplicant +# emerge net-wireless/wpa_supplicant +# Wireless options are held in /etc/wpa_supplicant/wpa_supplicant.conf +# Consult the wpa_supplicant.conf.example that is installed in +# /usr/share/doc/wpa_supplicant +# To choose wpa_supplicant over iwconfig +#modules=( "wpa_supplicant" ) +# To configure wpa_supplicant +#wpa_supplicant_eth0="-Dwext" # For generic wireless +#wpa_supplicant_ath0="-Dmadwifi" # For Atheros based cards +# Consult wpa_supplicant for more drivers +# By default don't wait for wpa_suppliant to associate and authenticate. +# If you would like to, so can specify how long in seconds +#associate_timeout_eth0=60 +# A value of 0 means wait forever. + +# GENERIC WIRELESS OPTIONS +# PLEASE READ THE INSTRUCTIONS IN /etc/conf.d/wireless.example FOR +# HOW TO USE THIS ESSID VARIABLE +# You can also override any settings found here per ESSID - which is very +# handy if you use different networks a lot +#config_ESSID=( "dhcp" ) +#dhcpcd_ESSID="-t 5" + +# Setting name/domain server causes /etc/resolv.conf to be overwritten +# Note that if DHCP is used, and you want this to take precedence then +# set dhcp_ESSID="nodns" +#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) +#dns_domain_ESSID="some.domain" +#dns_search_ESSID="search.this.domain search.that.domain" +# Please check the man page for resolv.conf for more information +# as domain and search are mutually exclusive. + +# You can also override any settings found here per MAC address of the AP +# in case you use Access Points with the same ESSID but need different +# networking configs. Below is an example - of course you use the same +# method with other variables +#mac_config_001122334455=( "dhcp" ) +#mac_dhcpcd_001122334455="-t 10" +#mac_dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) + +# When an interface has been associated with an Access Point, a global +# variable called ESSID is set to the Access Point's ESSID for use in the +# pre/post user functions below (although it's not available in preup as you +# won't have associated then) + +# If you're using anything else to configure wireless on your interface AND +# you have installed any of the above packages, you need to disable them +#modules=( "!iwconfig" "!wpa_supplicant" ) + +#----------------------------------------------------------------------------- +# DHCP +# DHCP can be provided by dhclient, dhcpcd, pump or udhcpc. +# +# dhclient: emerge net-misc/dhcp +# dhcpcd: emerge net-misc/dhcpcd +# pump: emerge net-misc/pump +# udhcpc: emerge net-misc/udhcp + +# If you have more than one DHCP client installed, you need to specify which +# one to use - otherwise we default to dhcpcd if available. +#modules=( "dhclient" ) # to select dhclient over dhcpcd +# +# Notes: +# - All clients send the current hostname to the DHCP server by default +# - dhcpcd does not daemonize when the lease time is infinite +# - udhcp-0.9.3-r3 and earlier do not support getting NTP servers +# - pump does not support getting NIS servers +# - DHCP tends to erase any existing device information - so add +# static addresses after dhcp if you need them +# - dhclient and udhcpc can set other resolv.conf options such as "option" +# and "sortlist"- see the System module for more details + +# Regardless of which DHCP client you prefer, you configure them the +# same way using one of following depending on which interface modules +# you're using. +#config_eth0=( "dhcp" ) + +# For passing custom options to dhcpcd use something like the following. This +# example reduces the timeout for retrieving an address from 60 seconds (the +# default) to 10 seconds. +#dhcpcd_eth0="-t 10" + +# dhclient, udhcpc and pump don't have many runtime options +# You can pass options to them in a similar manner to dhcpcd though +#dhclient_eth0="..." +#udhcpc_eth0="..." +#pump_eth0="..." + +# GENERIC DHCP OPTIONS +# Set generic DHCP options like so +#dhcp_eth0="release nodns nontp nonis nogateway nosendhost" + +# This tells the dhcp client to release it's lease when it stops, not to +# overwrite dns, ntp and nis settings, not to set a default route and not to +# send the current hostname to the dhcp server and when it starts. +# You can use any combination of the above options - the default is not to +# use any of them. + +#----------------------------------------------------------------------------- +# For APIPA support, emerge net-misc/iputils or net-analyzer/arping + +# APIPA is a module that tries to find a free address in the range +# 169.254.0.0-169.254.255.255 by arping a random address in that range on the +# interface. If no reply is found then we assign that address to the interface + +# This is only useful for LANs where there is no DHCP server and you don't +# connect directly to the internet. +#config_eth0=( "dhcp" ) +#fallback_eth0=( "apipa" ) + +#----------------------------------------------------------------------------- +# ARPING Gateway configuration +# and +# Automatic Private IP Addressing (APIPA) +# For arpingnet / apipa support, emerge net-misc/iputils or net-analyzer/arping +# +# This is a module that tries to find a gateway IP. If it exists then we use +# that gateways configuration for our own. For the configuration variables +# simply ensure that each octet is zero padded and the dots are removed. +# Below is an example. +# +#gateways_eth0="192.168.0.1 10.0.0.1" +#config_192168000001=( "192.168.0.2/24" ) +#routes_192168000001=( "default via 192.168.0.1" ) +#dns_servers_192168000001=( "192.168.0.1" ) +#config_010000000001=( "10.0.0.254/8" ) +#routes_010000000001=( "default via 10.0.0.1" ) +#dns_servers_010000000001=( "10.0.0.1" ) + +# We can also specify a specific MAC address for each gateway if different +# networks have the same gateway. +#gateways_eth0="192.168.0.1,00:11:22:AA:BB:CC 10.0.0.1,33:44:55:DD:EE:FF" +#config_192168000001_001122AABBCC=( "192.168.0.2/24" ) +#routes_192168000001_001122AABBCC=( "default via 192.168.0.1" ) +#dns_servers_192168000001_001122AABBCC=( "192.168.0.1" ) +#config_010000000001_334455DDEEFF=( "10.0.0.254/8" ) +#routes_010000000001_334455DDEEFF=( "default via 10.0.0.1" ) +#dns_servers_010000000001_334455DDEEFF=( "10.0.0.1" ) + +# If we don't find any gateways (or there are none configured) then we try and +# use APIPA to find a free address in the range 169.254.0.0-169.254.255.255 +# by arping a random address in that range on the interface. If no reply is +# found then we assign that address to the interface. + +# This is only useful for LANs where there is no DHCP server. +#config_eth0=( "arping" ) + +# or if no DHCP server can be found +#config_eth0=( "dhcp" ) +#fallback_eth0=( "arping" ) + +# NOTE: We default to sleeping for 1 second the first time we attempt an +# arping to give the interface time to settle on the LAN. This appears to +# be a good default for most instances, but if not you can alter it here. +#arping_sleep=5 +#arping_sleep_lan=7 + +# NOTE: We default to waiting 3 seconds to get an arping response. You can +# change the default wait like so. +#arping_wait=3 +#arping_wait_lan=2 + +#----------------------------------------------------------------------------- +# VLAN (802.1q support) +# For VLAN support, emerge net-misc/vconfig + +# Specify the VLAN numbers for the interface like so +# Please ensure your VLAN IDs are NOT zero-padded +#vlans_eth0="1 2" + +# You may not want to assign an IP the the physical interface, but we still +# need it up. +#config_eth0=( "null" ) + +# You can also configure the VLAN - see for vconfig man page for more details +#vconfig_eth0=( "set_name_type VLAN_PLUS_VID_NO_PAD" ) +#vconfig_vlan1=( "set_flag 1" "set_egress_map 2 6" ) +#config_vlan1=( "172.16.3.1 netmask 255.255.254.0" ) +#config_vlan2=( "172.16.2.1 netmask 255.255.254.0" ) + +# NOTE: Vlans can be configured with a . in their interface names +# When configuring vlans with this name type, you need to replace . with a _ +#config_eth0.1=( "dhcp" ) - does not work +#config_eth0_1=( "dhcp" ) - does work + +# NOTE: Vlans are controlled by their physical interface and not per vlan +# This means you do not need to create init scripts in /etc/init.d for each +# vlan, you must need to create one for the physical interface. +# If you wish to control the configuration of each vlan through a separate +# script, or wish to rename the vlan interface to something that vconfig +# cannot then you need to do this. +#vlan_start_eth0="no" + +# If you do the above then you may want to depend on eth0 like so +# RC_NEED_vlan1="net.eth0" +# NOTE: depend functions only work in /etc/conf.d/net +# and not in profile configs such as /etc/conf.d/net.foo + +#----------------------------------------------------------------------------- +# Bonding +# For link bonding/trunking emerge net-misc/ifenslave + +# To bond interfaces together +#slaves_bond0="eth0 eth1 eth2" +#config_bond0=( "null" ) # You may not want to assign an IP the the bond + +# If any of the slaves require extra configuration - for example wireless or +# ppp devices - we need to depend function on the bonded interfaces +#RC_NEED_bond0="net.eth0 net.eth1" + + +#----------------------------------------------------------------------------- +# Classical IP over ATM +# For CLIP support emerge net-dialup/linux-atm + +# Ensure that you have /etc/atmsigd.conf setup correctly +# Now setup each clip interface like so +#clip_atm0=( "peer_ip [if.]vpi.vci [opts]" ... ) +# where "peer_ip" is the IP address of a PVC peer (in case of an ATM connection +# with your ISP, your only peer is usually the ISP gateway closest to you), +# "if" is the number of the ATM interface which will carry the PVC, "vpi.vci" +# is the ATM VC address, and "opts" may optionally specify VC parameters like +# qos, pcr, and the like (see "atmarp -s" for further reference). Please also +# note quoting: it is meant to distinguish the VCs you want to create. You may, +# in example, create an atm0 interface to more peers, like this: +#clip_atm0=( "1.1.1.254 0.8.35" "1.1.1.253 1.8.35" ) + +# By default, the PVC will use the LLC/SNAP encapsulation. If you rather need a +# null encapsulation (aka "VC mode"), please add the keyword "null" to opts. + + +#----------------------------------------------------------------------------- +# PPP +# For PPP support, emerge net-dialup/ppp +# PPP is used for most dialup connections, including ADSL. +# The older ADSL module is documented below, but you are encouraged to try +# this module first. +# +# You need to create the PPP net script yourself. Make it like so +#ln -s net.lo /etc/init.d/net.ppp0 +# +# We have to instruct ppp0 to actually use ppp +#config_ppp0=( "ppp" ) +# +# Each PPP interface requires an interface to use as a "Link" +#link_ppp0="/dev/ttyS0" # Most PPP links will use a serial port +#link_ppp0="eth0" # PPPoE requires an ethernet interface +#link_ppp0="[itf.]vpi.vci" # PPPoA requires the ATM VC's address +#link_ppp0="/dev/null" # ISDN links should have this +#link_ppp0="pty 'your_link_command'" # PPP links over ssh, rsh, etc +# +# Here you should specify what pppd plugins you want to use +# Available plugins are: pppoe, pppoa, capi, dhcpc, minconn, radius, +# radattr, radrealms and winbind +#plugins_ppp0=( +# "pppoe" # Required plugin for PPPoE +# "pppoa vc-encaps" # Required plugin for PPPoA with an option +# "capi" # Required plugin for ISDN +#) +# +# PPP requires at least a username. You can optionally set a password here too +# If you don't, then it will use the password specified in /etc/ppp/*-secrets +# against the specified username +#username_ppp0='user' +#password_ppp0='password' +# NOTE: You can set a blank password like so +#password_ppp0= +# +# The PPP daemon has many options you can specify - although there are many +# and may seem daunting, it is recommended that you read the pppd man page +# before enabling any of them +#pppd_ppp0=( +# "maxfail 0" # WARNING: It's not recommended you use this +# # if you don't specify maxfail then we assume 0 +# "updetach" # If not set, "/etc/init.d/net.ppp0 start" will return +# # immediately, without waiting the link to come up +# # for the first time. +# # Do not use it for dial-on-demand links! +# "debug" # Enables syslog debugging +# "noauth" # Do not require the peer to authenticate itself +# "defaultroute" # Make this PPP interface the default route +# "usepeerdns" # Use the DNS settings provided by PPP +# +# On demand options +# "demand" # Enable dial on demand +# "idle 30" # Link goes down after 30 seconds of inactivity +# "10.112.112.112:10.112.112.113" # Phony IP addresses +# "ipcp-accept-remote" # Accept the peers idea of remote address +# "ipcp-accept-local" # Accept the peers idea of local address +# "holdoff 3" # Wait 3 seconds after link dies before re-starting +# +# Dead peer detection +# "lcp-echo-interval 15" # Send a LCP echo every 15 seconds +# "lcp-echo-failure 3" # Make peer dead after 3 consective +# # echo-requests +# +# Compression options - use these to completely disable compression +# noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp +# +# Dial-up settings +# "lock" # Lock serial port +# "115200" # Set the serial port baud rate +# "modem crtscts" # Enable hardware flow control +# "192.168.0.1:192.168.0.2" # Local and remote IP addresses +#) +# +# Dial-up PPP users need to specify at least one telephone number +#phone_number_ppp0=( "12345689" ) # Maximum 2 phone numbers are supported +# They will also need a chat script - here's a good one +#chat_ppp0=( +# 'ABORT' 'BUSY' +# 'ABORT' 'ERROR' +# 'ABORT' 'NO ANSWER' +# 'ABORT' 'NO CARRIER' +# 'ABORT' 'NO DIALTONE' +# 'ABORT' 'Invalid Login' +# 'ABORT' 'Login incorrect' +# 'TIMEOUT' '5' +# '' 'ATZ' +# 'OK' 'AT' # Put your modem initialization string here +# 'OK' 'ATDT\T' +# 'TIMEOUT' '60' +# 'CONNECT' '' +# 'TIMEOUT' '5' +# '~--' '' +#) + +# If the link require extra configuration - for example wireless or +# RFC 268 bridge - we need to depend on the bridge so they get +# configured correctly. +#RC_NEED_ppp0="net.nas0" + +#WARNING: if MTU of the PPP interface is less than 1500 and you use this +#machine as a router, you should add the following rule to your firewall +# +#iptables -I FORWARD 1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu + +#----------------------------------------------------------------------------- +# ADSL +# For ADSL support, emerge net-dialup/rp-pppoe +# WARNING: This ADSL module is being deprecated in favour of the PPP module +# above. +# You should make the following settings and also put your +# username/password information in /etc/ppp/pap-secrets + +# Configure the interface to use ADSL +#config_eth0=( "adsl" ) + +# You probably won't need to edit /etc/ppp/pppoe.conf if you set this +#adsl_user_eth0="my-adsl-username" + +#----------------------------------------------------------------------------- +# ISDN +# For ISDN support, emerge net-dialup/isdn4k-utils +# You should make the following settings and also put your +# username/password information in /etc/ppp/pap-secrets + +# Configure the interface to use ISDN +#config_ippp0=( "dhcp" ) +# It's important to specify dhcp if you need it! +#config_ippp0=( "192.168.0.1/24" ) +# Otherwise, you can use a static IP + +# NOTE: The interface name must be either ippp or isdn followed by a number + +# You may need this option to set the default route +#ipppd_eth0="defaultroute" + +#----------------------------------------------------------------------------- +# MAC changer +# To set a specific MAC address +#mac_eth0="00:11:22:33:44:55" + +# For changing MAC addresses using the below, emerge net-analyzer/macchanger +# - to randomize the last 3 bytes only +#mac_eth0="random-ending" +# - to randomize between the same physical type of connection (e.g. fibre, +# copper, wireless) , all vendors +#mac_eth0="random-samekind" +# - to randomize between any physical type of connection (e.g. fibre, copper, +# wireless) , all vendors +#mac_eth0="random-anykind" +# - full randomization - WARNING: some MAC addresses generated by this may NOT +# act as expected +#mac_eth0="random-full" +# custom - passes all parameters directly to net-analyzer/macchanger +#mac_eth0="some custom set of parameters" + +# You can also set other options based on the MAC address of your network card +# Handy if you use different docking stations with laptops +#config_001122334455=( "dhcp" ) + +#----------------------------------------------------------------------------- +# TUN/TAP +# For TUN/TAP support emerge net-misc/openvpn or sys-apps/usermode-utilities +# +# You must specify if we're a tun or tap device. Then you can give it any +# name you like - such as vpn +#tuntap_vpn="tun" +#config_vpn=( "192.168.0.1/24") + +# Or stick wit the generic names - like tap0 +#tuntap_tap0="tap" +#config_tap0=( "192.168.0.1/24") + +# For passing custom options to tunctl use something like the following. This +# example sets the owner to adm +#tunctl_tun1="-u adm" +# When using openvpn, there are no options + +#----------------------------------------------------------------------------- +# Bridging (802.1d) +# For bridging support emerge net-misc/bridge-utils + +# To add ports to bridge br0 +#bridge_br0="eth0 eth1" +# or dynamically add them when the interface comes up +#bridge_add_eth0="br0" +#bridge_add_eth1="br0" + +# You need to configure the ports to null values so dhcp does not get started +#config_eth0=( "null" ) +#config_eth1=( "null" ) + +# Finally give the bridge an address - dhcp or a static IP +#config_br0=( "dhcp" ) # may not work when adding ports dynamically +#config_br0=( "192.168.0.1/24" ) + +# If any of the ports require extra configuration - for example wireless or +# ppp devices - we need to depend on them like so. +#RC_NEED_br0="net.eth0 net.eth1" + +# Below is an example of configuring the bridge +# Consult "man brctl" for more details +#brctl_br0=( "setfd 0" "sethello 0" "stp off" ) + +#----------------------------------------------------------------------------- +# RFC 2684 Bridge Support +# For RFC 2684 bridge support emerge net-misc/br2684ctl + +# Interface names have to be of the form nas0, nas1, nas2, etc. +# You have to specify a VPI and VCI for the interface like so +#br2684ctl_nas0="-a 0.38" # UK VPI and VCI + +# You may want to configure the encapsulation method as well by adding the -e +# option to the command above (may need to be before the -a command) +# -e 0 # LLC (default) +# -e 1 # VC mux + +# Then you can configure the interface as normal +#config_nas0=( "192.168.0.1/24" ) + +#----------------------------------------------------------------------------- +# Tunnelling +# WARNING: For tunnelling it is highly recommended that you +# emerge sys-apps/iproute2 +# +# For GRE tunnels +#iptunnel_vpn0="mode gre remote 207.170.82.1 key 0xffffffff ttl 255" + +# For IPIP tunnels +#iptunnel_vpn0="mode ipip remote 207.170.82.2 ttl 255" + +# To configure the interface +#config_vpn0=( "192.168.0.2 pointopoint 192.168.1.2" ) # ifconfig style +#config_vpn0=( "192.168.0.2 peer 192.168.1.1" ) # iproute2 style + +# 6to4 Tunnels allow IPv6 to work over IPv4 addresses, provided you +# have a non-private address configured on an interface. +# link_6to4="eth0" # Interface to base it's addresses on +# config_6to4=( "ip6to4" ) +# You may want to depend on eth0 like so +#RC_NEED_6to4="net.eth0" +# To ensure that eth0 is configured before 6to4. Of course, the tunnel could be +# any name and this also works for any configured interface. +# NOTE: If you're not using iproute2 then your 6to4 tunnel has to be called +# sit0 - otherwise use a different name like 6to4 in the example above. + + +#----------------------------------------------------------------------------- +# System +# For configuring system specifics such as domain, dns, ntp and nis servers +# It's rare that you would need todo this, but you can anyway. +# This is most benefit to wireless users who don't use DHCP so they can change +# their configs based on ESSID. See wireless.example for more details + +# To use dns settings such as these, dns_servers_eth0 must be set! +# If you omit the _eth0 suffix, then it applies to all interfaces unless +# overridden by the interface suffix. +#dns_domain_eth0="your.domain" +#dns_servers_eth0="192.168.0.2 192.168.0.3" +#dns_search_eth0="this.domain that.domain" +#dns_options_eth0=( "timeout 1" "rotate" ) +#dns_sortlist_eth0="130.155.160.0/255.255.240.0 130.155.0.0" +# See the man page for resolv.conf for details about the options and sortlist +# directives + +#ntp_servers_eth0="192.168.0.2 192.168.0.3" + +#nis_domain_eth0="domain" +#nis_servers_eth0="192.168.0.2 192.168.0.3" + +# NOTE: Setting any of these will stamp on the files in question. So if you +# don't specify dns_servers but you do specify dns_domain then no nameservers +# will be listed in /etc/resolv.conf even if there were any there to start +# with. +# If this is an issue for you then maybe you should look into a resolv.conf +# manager like resolvconf-gentoo to manage this file for you. All packages +# that baselayout supports use resolvconf-gentoo if installed. + +#----------------------------------------------------------------------------- +# Cable in/out detection +# Sometimes the cable is in, others it's out. Obviously you don't want to +# restart net.eth0 every time when you plug it in either. +# +# netplug is a package that detects this and requires no extra configuration +# on your part. +# emerge sys-apps/netplug +# or +# emerge sys-apps/ifplugd +# and you're done :) + +# By default we don't wait for netplug/ifplugd to configure the interface. +# If you would like it to wait so that other services now that network is up +# then you can specify a timeout here. +#plug_timeout="10" +# A value of 0 means wait forever. + +# If you don't want to use netplug on a specific interface but you have it +# installed, you can disable it for that interface via the modules statement +#modules_eth0=( "!netplug" ) +# You can do the same for ifplugd +# +# You can disable them both with the generic plug +#modules_eth0=( "!plug" ) + +# To use specific ifplugd options, fex specifying wireless mode +#ifplugd_eth0="--api-mode=wlan" +# man ifplugd for more options + +############################################################################## +# ADVANCED CONFIGURATION +# +# Four functions can be defined which will be called surrounding the +# start/stop operations. The functions are called with the interface +# name first so that one function can control multiple adapters. An extra two +# functions can be defined when an interface fails to start or stop. +# +# The return values for the preup and predown functions should be 0 +# (success) to indicate that configuration or deconfiguration of the +# interface can continue. If preup returns a non-zero value, then +# interface configuration will be aborted. If predown returns a +# non-zero value, then the interface will not be allowed to continue +# deconfiguration. +# +# The return values for the postup, postdown, failup and faildown functions are +# ignored since there's nothing to do if they indicate failure. +# +# ${IFACE} is set to the interface being brought up/down +# ${IFVAR} is ${IFACE} converted to variable name bash allows + +#preup() { +# # Test for link on the interface prior to bringing it up. This +# # only works on some network adapters and requires the mii-diag +# # package to be installed. +# if mii-tool "${IFACE}" 2> /dev/null | grep -q 'no link'; then +# ewarn "No link on ${IFACE}, aborting configuration" +# return 1 +# fi +# +# # Test for link on the interface prior to bringing it up. This +# # only works on some network adapters and requires the ethtool +# # package to be installed. +# if ethtool "${IFACE}" | grep -q 'Link detected: no'; then +# ewarn "No link on ${IFACE}, aborting configuration" +# return 1 +# fi +# +# +# # Remember to return 0 on success +# return 0 +#} + +#predown() { +# # The default in the script is to test for NFS root and disallow +# # downing interfaces in that case. Note that if you specify a +# # predown() function you will override that logic. Here it is, in +# # case you still want it... +# if is_net_fs /; then +# eerror "root filesystem is network mounted -- can't stop ${IFACE}" +# return 1 +# fi +# +# # Remember to return 0 on success +# return 0 +#} + +#postup() { +# # This function could be used, for example, to register with a +# # dynamic DNS service. Another possibility would be to +# # send/receive mail once the interface is brought up. + +# # Here is an example that allows the use of iproute rules +# # which have been configured using the rules_eth0 variable. +# #rules_eth0=( +# # "from 24.80.102.112/32 to 192.168.1.0/24 table localnet priority 100" +# # "from 216.113.223.51/32 to 192.168.1.0/24 table localnet priority 100" +# #) +# local x="rules_${IFVAR}[@]" +# local -a rules=( "${!x}" ) +# if [[ -n ${rules} ]] ; then +# einfo "Adding IP policy routing rules" +# eindent +# # Ensure that the kernel supports policy routing +# if ! ip rule list | grep -q "^" ; then +# eerror "You need to enable IP Policy Routing (CONFIG_IP_MULTIPLE_TABLES)" +# eerror "in your kernel to use ip rules" +# else +# for x in "${rules[@]}" ; do +# ebegin "${x}" +# ip rule add ${x} +# eend $? +# done +# fi +# eoutdent +# # Flush the cache +# ip route flush cache dev "${IFACE}" +# fi + +#} + +#postdown() { +# # Enable Wake-On-LAN for every interface except for lo +# # Probably a good idea to set RC_DOWN_INTERFACE="no" in /etc/conf.d/rc +# # as well ;) +# [[ ${IFACE} != "lo" ]] && ethtool -s "${IFACE}" wol g + +# Automatically erase any ip rules created in the example postup above +# if interface_exists "${IFACE}" ; then +# # Remove any rules for this interface +# local rule +# ip rule list | grep " iif ${IFACE}[ ]*" | { +# while read rule ; do +# rule="${rule#*:}" +# ip rule del ${rule} +# done +# } +# # Flush the route cache +# ip route flush cache dev "${IFACE}" +# fi + +# # Return 0 always +# return 0 +#} + +#failup() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +#} + +#faildown() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +#} + +############################################################################## +# FORCING MODULES +# The Big Fat Warning :- If you use module forcing do not complain to us or +# file bugs about it not working! +# +# Loading modules is a slow affair - we have to check each one for the following +# 1) Code sanity +# 2) Has the required package been emerged? +# 3) Has it modified anything? +# 4) Have all the dependant modules been loaded? + +# Then we have to strip out the conflicting modules based on user preference +# and default configuration and sort them into the correct order. +# Finally we check the end result for dependencies. + +# This, of course, takes valuable CPU time so we provide module forcing as a +# means to speed things up. We still do *some* checking but not much. + +# It is essential that you force modules in the correct order and supply all +# the modules you need. You must always supply an interface module - we +# supply ifconfig or iproute2. + +# The Big Fat Warning :- If you use module forcing do not complain to us or +# file bugs about it not working! + +# Now that we've warned you twice, here's how to do it +#modules_force=( "ifconfig" ) +#modules_force=( "iproute2" "dhcpcd" ) + +# We can also apply this to a specific interface +#modules_force_eth1=( "iproute2" ) + +# The below will not work +#modules_force=( "dhcpcd" ) +# No interface (ifconfig/iproute2) +#modules_force=( "ifconfig" "essidnet" "iwconfig" ) +# Although it will not crash, essidnet will not work as it has to come after +# iwconfig +#modules_force=( "iproute2" "ifconfig" ) +# The interface will be setup twice which will cause problems diff --git a/conf.d/network b/conf.d/network new file mode 100644 index 0000000..13d1c90 --- /dev/null +++ b/conf.d/network @@ -0,0 +1,71 @@ +# Assign static IP addresses and run custom scripts per interface. +# Seperate commands with ; +# Prefix with ! to run a shell script. +# Use \$int to represent the interface +#ifconfig_eth0="192.168.0.10 netmask 255.255.255.0" + +# You also have ifup_eth0 and ifdown_eth0 to run other commands when +# eth0 is started and stopped. +# You should note that we don't stop the network at system shutdown by default. +# If you really need this, then set shutdown_network=YES + +# Lastly, the interfaces variable pulls in virtual interfaces that cannot +# be automatically detected. +#interfaces="br0 bond0 vlan0" + +# You can also use files instead of variables here if you like: +# /etc/ifconfig.eth0 is equivalent to ifconfig_eth0 +# /etc/ip.eth0 is equivalent to ifconfig_eth0 +# /etc/ifup.eth0 is equivalent to ifup_eth0 +# /etc/ifdown.eth0 is equivalent to ifdown_eth0 +# Any files found will automatically be put into the interfaces variable. +# You don't need to escape variables in files, so use $int instead of \$int. + +# If you require DHCP, you should install dhcpcd and it to the boot or +# default runlevel. + +# NIS users can set the domain name here +#domainname="foobar" + +# You can assign a default route +#defaultroute="gw 192.168.0.1" +#defaultroute6="gw 2001:a:b:c" + +# ifconfig under Linux is not that powerful and doesn't easily handle +# multiple addresses +# On the other hand, ip (iproute2) is quite powerful and is also supported +#ip_eth0="192.168.0.10/24; 192.168.10.10/24" + +# You can also use ip to add the default route. +#defaultiproute="via 192.168.0.1" +#defaultiproute6="via 2001:a:b:c" + +# ip doesn't handle MTU like ifconfig, but we can do it like so +#ifup_eth0="ip link set \$int mtu 1500" + +# Create a bonded interface +#interfaces="bond0" +#ifup_bond0="modprobe bonding; ifconfig \$int up; ifenslave \$int bge0" +#ifconfig_bond0="192.168.0.10 netmask 255.255.255.0" +#ifdown_bond0="rmmod bonding" + +# Create tap interface and a bridge interface. +# We add the tap to the bridge. +# An external program, like dhcpcd, will configure the IP on the bridge +#interfaces="tun0 br0" +#ifup_tun0="tunctl -t \$int" +#ifdown_tun0="tunctl -d \$int" +#ifup_br0="brctl addbr \$int; brctl add \$int eth1; brtctl add \$int eth2" +#ifdown_br0="ifconfig \$int down; btctl delbr \$int" + +# Create VLAN +#interfaces="eth0_2 eth0_3 eth0_4" +#ifup_eth0="vconfig add \$int 2; vconfig add \$int 3; vconfig add \$int 4" +#ifconfig_eth0_2="192.168.2.10 netmask 255.255.255.0" +#ifconfig_eth0_3="192.168.3.10 netmask 255.255.255.0" +#ifconfig_eth0_4="192.168.4.10 netmask 255.255.255.0" +#ifdown_eth0="vconfig rem \$int.2; vconfig rem \$int.3; vconfig rem \$int.4" + +# Normally you would use wpa_supplicant to configure wireless, but you can +# use iwconfig also +#ifup_wlan0="iwconfig \$int key s:secretkey enc open essid foobar" diff --git a/conf.d/ntp-client b/conf.d/ntp-client new file mode 100644 index 0000000..e85502c --- /dev/null +++ b/conf.d/ntp-client @@ -0,0 +1,16 @@ +# /etc/conf.d/ntp-client + +# Command to run to set the clock initially +# Most people should just leave this line alone ... +# however, if you know what you're doing, and you +# want to use ntpd to set the clock, change this to 'ntpd' +NTPCLIENT_CMD="ntpdate" + +# Options to pass to the above command +# This default setting should work fine but you should +# change the default 'pool.ntp.org' to something closer +# to your machine. See http://www.pool.ntp.org/ or +# try running `netselect -s 3 pool.ntp.org`. +NTPCLIENT_OPTS="-s -b -u \ + 0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org \ + 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org" diff --git a/conf.d/ntpd b/conf.d/ntpd new file mode 100644 index 0000000..6b86e9f --- /dev/null +++ b/conf.d/ntpd @@ -0,0 +1,6 @@ +# /etc/conf.d/ntpd + +# Options to pass to the ntpd process +# Most people should leave this line alone ... +# however, if you know what you're doing, feel free to tweak +NTPD_OPTS="" diff --git a/conf.d/pciparm b/conf.d/pciparm new file mode 100644 index 0000000..f036b15 --- /dev/null +++ b/conf.d/pciparm @@ -0,0 +1,28 @@ +# PCI tweaking article: +# http://www.gentoo.org/doc/en/articles/hardware-stability-p2.xml +# +# Apply to all devices: +# PCIPARM_ALL="...." +# Cards also can be addressed by vid:pid or by bus:slot.func +# (see setpci man page relative to -d and -s options) +# PCIPARM_(BUS|VENDOR)_#="...." +# Where # is sequentially numbered from zero. + +# Examples: +# "open up" the PCI bus by allowing fairly long bursts +# for all devices, increasing performance +# (equivalent to: setpci -v -d *:* latency_timer=b0) +#PCIPARM_ALL="latency_timer=b0" + +# maximize latency timers for network and audio, +# allowing them to transmit more data per burst, +# preventing buffer over/under-run conditions +#PCIPARM_BUS_0="00:04.0 latency_timer=ff" +#PCIPARM_BUS_1="01:04.0 latency_timer=ff" +#PCIPARM_VENDOR_0="1057:3410 latency_timer=ff" + +# -v : whether to be verbose about changes +# -D : dry-run, no commit +# -f : do not warn if the change is already set +# (see the setpci manpage for more advanced options) +SETPCI_OPT="-f" diff --git a/conf.d/portmap b/conf.d/portmap new file mode 100644 index 0000000..c2756c9 --- /dev/null +++ b/conf.d/portmap @@ -0,0 +1,5 @@ +# /etc/conf.d/portmap: config file for /etc/init.d/portmap + +# Options for `portmap`. +# For a full list, just run `portmap -h`. +#PORTMAP_OPTS="-l" diff --git a/conf.d/postgrey b/conf.d/postgrey new file mode 100644 index 0000000..c88be74 --- /dev/null +++ b/conf.d/postgrey @@ -0,0 +1,55 @@ +# Config file for /etc/init.d/postgrey + +# LISTEN TYPE +# Set to 'inet' if you want to use a TCP socket. +# Set to 'unix' if you want to use an UNIX socket. +POSTGREY_TYPE="unix" + +# HOST +# What IP should postgrey bind to? +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_HOST="127.0.0.1" + +# PORT +# What TCP port should postgrey listen on? +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_PORT="10030" + +# SOCKET +# Unix socket to listen on, if POSTGREY_TYPE is set to 'unix'. +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'inet') +POSTGREY_SOCKET="/var/spool/postfix/private/postgrey" + +# PID +# Postgrey pid file. +# Do not change, if you don't know what this is! +POSTGREY_PID="/var/run/postgrey.pid" + +# DELAY +# How long to delay mail that is greylisted in seconds. +POSTGREY_DELAY=300 + +# TEXT +# The response we'll send back with delayed mail. +POSTGREY_TEXT="Greylisted for %s seconds" + +# Additional Postgrey options +# +# -v, --verbose increase verbosity level +# --max-age=N delete entries older than N days since the last time +# that they have been seen (default: 30) +# --retry-window=N allow only N days for the first retrial (default: 2) +# append 'h' if you want to specify it in hours +# --greylist-action=A if greylisted, return A to Postfix (default: DEFER_IF_PERMIT) +# --lookup-by-subnet strip the last 8 bits from IP addresses (default) +# --lookup-by-host do not strip the last 8 bits from IP addresses +# --whitelist-clients=FILE default: /etc/postfix/postgrey_whitelist_clients +# --whitelist-recipients=FILE default: /etc/postfix/postgrey_whitelist_recipients +# +# Note that the --whitelist-x options can be specified multiple times, and that +# per default /etc/postfix/postgrey_whitelist_clients.local is also read, so +# that you can put there local entries. +# +POSTGREY_OPTS="" diff --git a/conf.d/pydoc-2.6 b/conf.d/pydoc-2.6 new file mode 100644 index 0000000..c0917ea --- /dev/null +++ b/conf.d/pydoc-2.6 @@ -0,0 +1,8 @@ +# /etc/init.d/pydoc.conf +# $Header: /etc/conf.d/.rcs/pydoc-2.6,v 1.1 2010/11/30 20:43:53 root Exp $ + +# This file contains the configuration information for pydoc's internal +# webserver. The variables should be rather self explanatory :-) + +# Default port for Python's pydoc server +PYDOC_PORT=7464 diff --git a/conf.d/pydoc-2.7 b/conf.d/pydoc-2.7 new file mode 100644 index 0000000..50633ca --- /dev/null +++ b/conf.d/pydoc-2.7 @@ -0,0 +1,7 @@ +# /etc/init.d/pydoc.conf +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.3 2011/10/27 13:56:55 neurogeek Exp $ + +# This file contains the configuration for pydoc's internal webserver. + +# Default port for Python's pydoc server. +PYDOC2_7_PORT="7464" diff --git a/conf.d/pydoc-3.1 b/conf.d/pydoc-3.1 new file mode 100644 index 0000000..bb8b9ad --- /dev/null +++ b/conf.d/pydoc-3.1 @@ -0,0 +1,7 @@ +# /etc/init.d/pydoc.conf +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.3 2011/10/27 13:56:55 neurogeek Exp $ + +# This file contains the configuration for pydoc's internal webserver. + +# Default port for Python's pydoc server. +PYDOC3_1_PORT="7464" diff --git a/conf.d/quota b/conf.d/quota new file mode 100644 index 0000000..6e66c88 --- /dev/null +++ b/conf.d/quota @@ -0,0 +1,20 @@ +# /etc/conf.d/quota: config file for /etc/init.d/quota + +# Note: if your console is hooked up to a serial terminal, +# you prob want to drop the '-v' from the OPTS vars below. + + +# Run quotacheck ? +RUN_QUOTACHECK="yes" + + +# Options for quotacheck +QUOTACHECK_OPTS="-avug" + + +# Options for quotaon +QUOTAON_OPTS="-avug" + + +# Options for quotaoff +QUOTAOFF_OPTS="-avug" diff --git a/conf.d/rc b/conf.d/rc new file mode 100644 index 0000000..d4382c6 --- /dev/null +++ b/conf.d/rc @@ -0,0 +1,241 @@ +# /etc/conf.d/rc: Global config file for the Gentoo RC System + +# This is the number of tty's used in most of the rc-scripts (like +# consolefont, numlock, etc ...) + +RC_TTY_NUMBER=12 + +# Set to "yes" if you want the rc system to try and start services +# in parallel for a slight speed improvement. NOTE: When RC_PARALLEL_STARTUP +# is enabled, init script output is replaced with simple "service foo +# starting/stopping" messages so that output is not mixed up. +# You can stop this from happening on the command line by passing --verbose +# to the init script or by setting RC_VERBOSE="yes" below. + +RC_PARALLEL_STARTUP="no" + +# Set RC_INTERACTIVE to "yes" and you'll be able to press the I key during +# boot so you can choose to start specific services. Set to "no" to disable +# this feature. + +RC_INTERACTIVE="yes" + +# Do we allow services to be hotplugged? If not, set to RC_HOTPLUG="no" +# NOTE: This does not affect anything hotplug/udev related, just the +# starting/stopping of the init.d service triggered by hotplug. + +RC_HOTPLUG="yes" + +# Dynamic /dev managers can trigger coldplug events which cause services to +# start before we are ready for them. If this happens, we can defer these +# services to start in the boot runlevel. Set RC_COLDPLUG="no" if you don't +# want this. +# NOTE: This also affects module coldplugging in udev-096 and higher +# If you want module coldplugging but not coldplugging of services then you +# can set RC_COLDPLUG="yes" and RC_PLUG_SERVICES="!*" + +RC_COLDPLUG="yes" + +# Some people want a finer grain over hotplug/coldplug. RC_PLUG_SERVICES is a +# list of services that are matched in order, either allowing or not. By +# default we allow services through as RC_COLDPLUG/RC_HOTPLUG has to be yes +# anyway. +# Example - RC_PLUG_SERVICES="net.wlan !net.*" +# This allows net.wlan and any service not matching net.* to be plugged. + +RC_PLUG_SERVICES="" + +# RC_NET_STRICT_CHECKING allows some flexibility with the 'net' service. +# The following values are allowed: +# none - The 'net' service is always considered up. +# no - This basically means that at least one net.* service besides net.lo +# must be up. This can be used by notebook users that have a wifi and +# a static nic, and only wants one up at any given time to have the +# 'net' service seen as up. +# lo - This is the same as the 'no' option, but net.lo is also counted. +# This should be useful to people that do not care about any specific +# interface being up at boot. +# yes - For this ALL network interfaces MUST be up for the 'net' service to +# be considered up. + +RC_NET_STRICT_CHECKING="no" + +# RC_DOWN_INTERFACE allows you to specify if RC will bring the interface +# completely down when it stops. The default is yes, but there are some +# instances where you may not want this to happen such as using Wake On LAN. + +RC_DOWN_INTERFACE="yes" + +# RC_VOLUME_ORDER allows you to specify, or even remove the volume setup +# for various volume managers (MD, EVMS2, LVM, DM, etc). Note that they are +# stopped in reverse order. + +RC_VOLUME_ORDER="raid evms lvm dm" + +# RC_VERBOSE will make init scripts more verbose. Only networking scripts +# really use this at this time, and this is useful for trouble shooting +# any issues you may have. +# This is also used to re-enable init script output for init scripts +# started or stopped from the command line. + +RC_VERBOSE="no" + +# RC_BOOTLOG will generate a log of the boot messages shown on the console. +# Useful for headless machines or debugging. You need to emerge the +# app-admin/showconsole package for this to work. Note that this probably +# won't work correctly with boot splash. + +RC_BOOTLOG="no" + +# Set to "yes" if you want to benchmark system boot with bootchart. +# You'll need to emerge the app-benchmarks/bootchart package for this to work. + +RC_BOOTCHART="no" + +# RC_USE_FSTAB allows you to override the default mount options for the +# standard /proc, /sys, /dev, and /dev/pts mount points. Note that this +# is the new way for selecting ramfs/tmpfs/etc... for udev mounting. + +RC_USE_FSTAB="no" + +# RC_USE_CONFIG_PROFILE allows you to have different /etc/conf.d files +# based on your runlevel - if a conf.d file for your profile does not exist +# then we try and use the default one. +# To enable runlevel selection at boot, append "softlevel=foobar" to your +# kernel line to change to the foobar runlevel. Here we would search for +# /etc/conf.d/.foobar config files before trying to use the default +# /etc/conf.d/. +# Note that it is only active if 'softlevel' was specified via the kernel line, +# and it is intended to use for different grub/lilo entries to specify config +# changes for say laptops between home and work, where you would have setup +# 'work' and 'home' runlevels, with /etc/conf.d/*. as needed. + +RC_USE_CONFIG_PROFILE="yes" + +# RC_FORCE_AUTO tries its best to prevent user interaction during the boot and +# shutdown process. For example, fsck will automatically be run or volumes +# remounted to create proper directory trees. This feature can be dangerous +# and is meant ONLY for headless machines where getting a physical console +# hooked up is a huge pita. + +RC_FORCE_AUTO="no" + +# Use this variable to control the /dev management behavior. +# auto - let the scripts figure out what's best at boot +# devfs - use devfs (requires sys-fs/devfsd) +# udev - use udev (requires sys-fs/udev) +# static - let the user manage /dev (YOU need to create ALL device nodes) + +RC_DEVICES="auto" + +# UDEV OPTION: +# Set to "yes" if you want to save /dev to a tarball on shutdown +# and restore it on startup. This is useful if you have a lot of +# custom device nodes that udev does not handle/know about. + +RC_DEVICE_TARBALL="no" + +# RC_DMESG_LEVEL sets the level at which logging of messages is done to the +# console. See dmesg(8) for more info. + +RC_DMESG_LEVEL="1" + + + + + +# +# Controlling start-stop-daemon behavior + +# Set to "yes" if start-stop-daemon should always retry killing the +# service with sig KILL if it fails the first time. + +RC_RETRY_KILL="yes" + + +# Set the amount of seconds start-stop-daemon should wait between +# retries. + +RC_RETRY_TIMEOUT=1 + + +# Set the amount of times start-stop-daemon should try to kill +# a service before giving up. + +RC_RETRY_COUNT=5 + + +# Set to "yes" if start-stop-daemon should fail if the service +# is marked as started, but not actually running on stop. + +RC_FAIL_ON_ZOMBIE="no" + + +# Set to "yes" if start-stop-daemon should attempt to kill +# any children left in the system. +# Be careful with this as it really does what it was on the tin. +# fex, if you're in an ssh process and you restart a service on which ssh +# depends then your terminal will be killed also. + +RC_KILL_CHILDREN="no" + + +# Set the amount of seconds start-stop-daemon waits after starting +# the daemon to check it is still running. If it's not then we +# try and stop any children if possible. +RC_WAIT_ON_START="0.1" + + +############################################################################## +# SERVICE CONFIGURATION VARIABLES +# These variables are documented here, but should be configured in +# /etc/conf.d/foo for service foo and NOT enabled here unless you +# really want them to work on a global basis. + +# Some daemons are started and stopped via start-stop-daemon. +# We can launch them through other daemons here, for example valgrind. +# This is only useful for serious debugging of the daemon +# WARNING: If the script's "stop" function does not supply a PID file then +# all processes using the same daemon will be killed. +#RC_DAEMON="/usr/bin/valgrind --tool=memcheck --log-file=/tmp/valgrind.syslog-ng" + +# strace needs to be prefixed with --background as it does not detach when +# it's following +#RC_DAEMON="--background /usr/sbin/strace -f -o /tmp/strace.syslog-ng" + +# Pass ulimit parameters +#RC_ULIMIT="-u 30" + +############################################################################## + + +# +# Internal configuration variables +# +# NB: These are for advanced users, and you should really +# know what you are doing before changing them! +# + +# rc-scripts dep-cache directory +# +# NOTE: Do not remove the next line, as its needed by the baselayout ebuild! +# +# svcdir="/var/lib/init.d" + +svcdir="/var/lib/init.d" + +# Should we mount $svcdir in a ram disk for some speed increase +# for slower machines, or for the more extreme setups ? + +svcmount="no" + +# FS type that should be used for $svcdir. Note that you need +# $svcmount above set to "yes" for this to work ... Currently +# tmpfs, ramfs, and ramdisk are supported (tmpfs is the default). + +svcfstype="tmpfs" + +# Size of $svcdir in KB. Note that ramfs doesn't support this +# due to kernel limitations. + +svcsize=2048 diff --git a/conf.d/rsyncd b/conf.d/rsyncd new file mode 100644 index 0000000..c3d897e --- /dev/null +++ b/conf.d/rsyncd @@ -0,0 +1,5 @@ +# /etc/conf.d/rsyncd: config file for /etc/init.d/rsyncd + +# see man pages for rsync or run `rsync --help` +# for valid cmdline options +#RSYNC_OPTS="" diff --git a/conf.d/samba b/conf.d/samba new file mode 100644 index 0000000..1b329da --- /dev/null +++ b/conf.d/samba @@ -0,0 +1,28 @@ +#add "winbind" to the daemon_list if you also want winbind to start +daemon_list="smbd nmbd" + +#---------------------------------------------------------------------------- +# Daemons calls: _ +#---------------------------------------------------------------------------- +my_service_name="samba" +my_service_PRE="unset TMP TMPDIR" +my_service_POST="" + +#---------------------------------------------------------------------------- +# Daemons calls: _ +#---------------------------------------------------------------------------- +smbd_start_options="-D" +smbd_start="start-stop-daemon --start --exec /usr/sbin/smbd -- ${smbd_start_options}" +smbd_stop="start-stop-daemon --stop --exec /usr/sbin/smbd" +smbd_reload="killall -HUP smbd" + +nmbd_start_options="-D" +nmbd_start="start-stop-daemon --start --exec /usr/sbin/nmbd -- ${nmbd_start_options}" +nmbd_stop="start-stop-daemon --stop --exec /usr/sbin/nmbd" +nmbd_reload="killall -HUP nmbd" + +winbind_start_options="" +winbind_start="start-stop-daemon --start --exec /usr/sbin/winbindd -- ${winbind_start_options}" +winbind_stop="start-stop-daemon --stop --exec /usr/sbin/winbindd" +winbind_reload="killall -HUP winbindd" + diff --git a/conf.d/saslauthd b/conf.d/saslauthd new file mode 100644 index 0000000..e9554b1 --- /dev/null +++ b/conf.d/saslauthd @@ -0,0 +1,25 @@ +# $Header: /etc/conf.d/.rcs/saslauthd,v 1.1 2010/12/01 06:52:36 root Exp $ + +# Config file for /etc/init.d/saslauthd + +# Initial (empty) options. +SASLAUTHD_OPTS="" + +# Specify the authentications mechanism. +# **NOTE** For a list see: saslauthd -v +# Since 2.1.19, add "-r" to options for old behavior, +# ie. reassemble user and realm to user@realm form. +#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam -r" +SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam" + +# Specify the hostname for remote IMAP server. +# **NOTE** Only needed if rimap auth mechanism is used. +#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost" + +# Specify the number of worker processes to create. +#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -n 5" + +# Enable credential cache, set cache size and timeout. +# **NOTE** Size is measured in kilobytes. +# Timeout is measured in seconds. +#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -c -s 128 -t 30" diff --git a/conf.d/slapd b/conf.d/slapd new file mode 100644 index 0000000..15f6eec --- /dev/null +++ b/conf.d/slapd @@ -0,0 +1,10 @@ +# conf.d file for openldap +# +# To enable both the standard unciphered server and the ssl encrypted +# one uncomment this line or set any other server starting options +# you may desire. +# +# OPTS="-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +OPTS="-h 'ldaps:/// ldap:/// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +# Uncomment the below to use the new slapd configuration for openldap 2.3 +#OPTS="-F /etc/openldap/slapd.d -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" diff --git a/conf.d/smartd b/conf.d/smartd new file mode 100644 index 0000000..4b7db4d --- /dev/null +++ b/conf.d/smartd @@ -0,0 +1,4 @@ +# /etc/conf.d/smartd: config file for /etc/init.d/smartd + +# Insert any other options needed +SMARTD_OPTS="" diff --git a/conf.d/snmpd b/conf.d/snmpd new file mode 100644 index 0000000..97a1d70 --- /dev/null +++ b/conf.d/snmpd @@ -0,0 +1,17 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmpd.conf,v 1.8 2006/11/26 21:37:22 cedk Exp $ + +# Initial (empty) options. +SNMPD_FLAGS="" + +# Enable connection logging. +#SNMPD_FLAGS="${SNMPD_FLAGS} -a" + +# Enable syslog and disable file log. +#SNMPD_FLAGS="${SNMPD_FLAGS} -Lsd -Lf /dev/null" + +# Enable agentx socket as /var/agentx/master +# *NOTE* Before uncommenting this, make sure +# the /var/agentx directory exists. +#SNMPD_FLAGS="${SNMPD_FLAGS} -x /var/agentx/master" diff --git a/conf.d/snmptrapd b/conf.d/snmptrapd new file mode 100644 index 0000000..b6259fc --- /dev/null +++ b/conf.d/snmptrapd @@ -0,0 +1,16 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmptrapd.conf,v 1.1 2005/01/28 11:19:25 ka0ttic Exp $ + +# extra flags to pass to snmptrapd +SNMPTRAPD_FLAGS="" + +# ignore authentication failure traps +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -a" + +# log messages to specified file +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -Lf /var/log/snmptrapd.log" + +# log messages to syslog with the specified facility +# where facility is: 'd' = LOG_DAEMON, 'u' = LOG_USER, [0-7] = LOG_LOCAL[0-7] +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -Ls d" diff --git a/conf.d/spamd b/conf.d/spamd new file mode 100644 index 0000000..b6fca03 --- /dev/null +++ b/conf.d/spamd @@ -0,0 +1,46 @@ +# Config file for /etc/init.d/spamd + + +# ***WARNING*** +# spamd was not designed to listed to an untrusted network. spamd +# is vulnerable to DoS attacks (and eternal doom) if used to listen +# to an untrusted network. +# + + +# Some options: +# +# -c to create a per user configuration file +# -H [dir] to switch home dirs for helper apps, dir optional +# -i [ip] to listen on the specified IP, +# 127.0.0.1 if omitted, +# 0.0.0.0 (ie. all) if given without value; +# must be used in combination with -A to actually allow +# connections from anybody but localhost +# -m limit to set the number of children, default 5 +# -u user the user to run spamd as +# -L if you want to run no net tests +# +# for more help look in man spamd +# +# Note: if you plan on using the -u flag to spamd you will need to +# make sure the location of the PID file is writable by that user. +# This can be done by making the directory /var/run/spamd and +# changing the owner to the UID that runs spamd. You will then +# need to edit $pidfile in /etc/init.d/spamd. This should fix the +# problem with stop/restart in the init scripts. +# +# See http://bugs.gentoo.org/show_bug.cgi?id=70124 for a full +# explanation. + +SPAMD_OPTS="-m 5 -c -H" + +# spamd stores its pid in this file. If you use the -u option to +# run spamd under another user, you might need to adjust it. + +PIDFILE="/var/run/spamd.pid" + +# SPAMD_NICELEVEL lets you set the 'nice'ness of the running +# spamd process + +# SPAMD_NICELEVEL=5 diff --git a/conf.d/sshd b/conf.d/sshd new file mode 100644 index 0000000..28952b4 --- /dev/null +++ b/conf.d/sshd @@ -0,0 +1,21 @@ +# /etc/conf.d/sshd: config file for /etc/init.d/sshd + +# Where is your sshd_config file stored? + +SSHD_CONFDIR="/etc/ssh" + + +# Any random options you want to pass to sshd. +# See the sshd(8) manpage for more info. + +SSHD_OPTS="" + + +# Pid file to use (needs to be absolute path). + +#SSHD_PIDFILE="/var/run/sshd.pid" + + +# Path to the sshd binary (needs to be absolute path). + +#SSHD_BINARY="/usr/sbin/sshd" diff --git a/conf.d/staticroute b/conf.d/staticroute new file mode 100644 index 0000000..68d22eb --- /dev/null +++ b/conf.d/staticroute @@ -0,0 +1,8 @@ +# Separate multiple routes using ; or new lines. + +# Example static routes. See route(8) for syntax. +#staticroute="net 192.168.0.0 netmask 255.255.255.0 gw 10.73.1.1 +#net 192.168.1.0 netmask 255.255.255.0 gw 10.73.1.1" + +# Example static routes using iproute2. See ip(8) for syntax. +#staticiproute="192.168.0.0/24 via 10.73.1.1; 192.168.1.0/24 via 10.73.1.1" diff --git a/conf.d/svnserve b/conf.d/svnserve new file mode 100644 index 0000000..83997ce --- /dev/null +++ b/conf.d/svnserve @@ -0,0 +1,10 @@ +# The commented variables in this file are the defaults that are used +# in the init-script. You don't need to uncomment them except to +# customize them to different values. + +# Options for svnserve +#SVNSERVE_OPTS="--root=/var/svn" + +# User and group as which to run svnserve +#SVNSERVE_USER="svn" +#SVNSERVE_GROUP="svnusers" diff --git a/conf.d/syslog-ng b/conf.d/syslog-ng new file mode 100644 index 0000000..170862f --- /dev/null +++ b/conf.d/syslog-ng @@ -0,0 +1,6 @@ +# Config file for /etc/init.d/syslog-ng + +# Put any additional options for syslog-ng here. +# See syslog-ng(8) for more information. + +SYSLOG_NG_OPTS="" diff --git a/conf.d/teamspeak3-server b/conf.d/teamspeak3-server new file mode 100644 index 0000000..23f7fd4 --- /dev/null +++ b/conf.d/teamspeak3-server @@ -0,0 +1 @@ +export LD_LIBRARY_PATH=".:$LD_LIBRARY_PATH" diff --git a/conf.d/twistd b/conf.d/twistd new file mode 100644 index 0000000..53788cd --- /dev/null +++ b/conf.d/twistd @@ -0,0 +1,7 @@ + +# These are passed to twistd. +# TWISTD_OPTS="--no_save --logfile=/var/log/twistd -y /etc/twistd.tac" +# TWISTD_OPTS="--no_save --logfile=/var/log/twistd -f /etc/twistd.tap" + +# Make any additions to PYTHONPATH the twistd needs here. +# PYTHONPATH="/path/to/extra/python/modules" diff --git a/conf.d/udev b/conf.d/udev new file mode 100644 index 0000000..6fd1470 --- /dev/null +++ b/conf.d/udev @@ -0,0 +1,64 @@ +# /etc/conf.d/udev: config file for udev + +# We discourage to disable persistent-net!! +# this may lead to random interface naming + +# Disable adding new rules for persistent-net +persistent_net_disable="no" + +# Disable adding new rules for persistent-cd +# Disabling this will stop new cdrom devices to appear +# as /dev/{cdrom,cdrw,dvd,dvdrw} +persistent_cd_disable="no" + +# Set to "yes" if you want to save /dev to a tarball on shutdown +# and restore it on startup. This is useful if you have a lot of +# custom device nodes that udev does not handle/know about. +# +# As this option is fragile, we recommend you +# to create your devices in /lib64/udev/devices. +# These will be copied to /dev on boot. +#rc_device_tarball="NO" + +# udev can trigger coldplug events which cause services to start and +# kernel modules to be loaded. +# Services are deferred to start in the boot runlevel. +# Set rc_coldplug="NO" if you don't want this. +# If you want module coldplugging but not coldplugging of services then you +# can disable service coldplugging in baselayout/openrc config files. +# The setting is named different in different versions. +# in /etc/rc.conf: rc_hotplug="!*" or +# in /etc/conf.d/rc: rc_plug_services="!*" +#rc_coldplug="YES" + + + + +# Expert options: + +# Disable warning about unreliable kernel/udev combination +#unreliable_kernel_warning="no" + +# Timeout in seconds to wait for processing of uevents at boot. +# There should be no need to change this. +#udev_settle_timeout="60" + +# Add extra command line options to udevd, use with care +# udevd --help for possible values +#udev_opts="" + +# Run udevd --debug and write output to /dev/.udev/udev.log +# Should not be kept on as it fills diskspace slowly +#udev_debug="YES" + +# Run udevadmin monitor to get a log of all events +# in /dev/.udev/udevmonitor.log +#udev_monitor="YES" + +# Keep udevmonitor running after populating /dev. +#udev_monitor_keep_running="no" + +# Set cmdline options for udevmonitor. +# could be some of --env --kernel --udev +#udev_monitor_opts="--env" + diff --git a/conf.d/urandom b/conf.d/urandom new file mode 100644 index 0000000..fbaf4e8 --- /dev/null +++ b/conf.d/urandom @@ -0,0 +1,5 @@ +# Sometimes you want to have urandom start before "localmount" +# (say for crypt swap), so you will need to customize this +# behavior. If you have /var on a separate partition, then +# make sure this path lives on your root device somewhere. +urandom_seed="/var/run/random-seed" diff --git a/conf.d/wireless.example b/conf.d/wireless.example new file mode 100644 index 0000000..92506f6 --- /dev/null +++ b/conf.d/wireless.example @@ -0,0 +1,304 @@ +# This file is obsolete. + +# This file is obsolete. + +# This file is obsolete. + +# /etc/conf.d/wireless: +# Global wireless config file for net.* rc-scripts + +# +# Usage of /etc/conf.d/wireless is deprecated ... make sure you +# put all settings in /etc/conf.d/net +# + + +############################################################################## +# IMPORTANT +# linux-wlan-ng is not supported as they have their own configuration program +# ensure that /etc/conf.d/net has the entry "!iwconfig" in it's modules line +# Try and use an alternative driver if you need to use this - hostap-driver +# supports non-usb linux-wlan-ng driven devices +############################################################################## + +############################################################################## +# HINTS +############################################################################## +# Remember to change eth0 to your wireless interface which may be +# eth0, eth1, wlan0, ath0 - you get the idea. If you're not sure +# you can type "iwconfig" at the command prompt and it will tell you which +# interfaces are wireless. +# Say that your wireless interface is ath0 - the line +# #essid_eth0="any" +# becomes +# #essid_ath0="any" +# +# Remember to change ESSID to your ESSID. +# Say that your ESSID is My NET - the line +# #key_ESSID="s:passkey" +# becomes +# #key_My_NET="s:passkey" +# Notice that the space has changed to an underscore - do the same with all +# characters not in a-z A-Z (english alphabet) 0-9. This only applies to +# variables and not values. +# +# Any ESSID's in values like essid_eth0="My NET" may need to be escaped +# This means placing the character \ before the character +# \" need to be escaped for example +# So if your ESSID is +# My "\ NET +# it becomes +# My \"\\ NET +# for example +# #essid_eth0="My\"\\NET" +# +# So using the above we can use +# #dns_domain_My____NET="My\"\\NET" +# which is an invalid dns domain, but shows the how to use the variable +# structure +# +# As a final note, most users will just need to set the following options +# key_ESSID1="s:yourkeyhere enc open" # s: means a text key +# key_ESSID2="aaaa-bbbb-cccc-dd" # no s: means a hex key +# preferred_aps=( "ESSID1" "ESSID2" ) +# +# Clear? Good. Now configure your wireless network below +######################################################### + +############################################################################## +# SETTINGS +############################################################################## +# Hard code an ESSID to an interface - leave this unset if you wish the driver +# to scan for available Access Points +# Set to "any" to connect to any ESSID - the driver picks an Access Point +# This needs to be done when the driver doesn't support scanning +# This may work for drivers that don't support scanning but you need automatic +# AP association +# I would only set this as a last resort really - use the preferred_aps +# setting at the bottom of this file + +# However, using ad-hoc (without scanning for APs) and master mode +# do require the ESSID to be set - do this here +#essid_eth0="any" + +# Set the mode of the interface (managed, ad-hoc, master or auto) +# The default is auto +# If it's ad-hoc or master you also may need to specify the channel below +#mode_eth0="auto" + +# If managed mode fails, drop to ad-hoc mode with the below ESSID? +#adhoc_essid_eth0="WLAN" + +#Channel can be set (1-14), but defaults to 3 if not set. +# +# The below is taken verbatim from the BSD wavelan documentation found at +# http://www.netbsd.org/Documentation/network/wavelan.html +# There are 14 channels possible; We are told that channels 1-11 are legal for +# North America, channels 1-13 for most of Europe, channels 10-13 for France, +# and only channel 14 for Japan. If in doubt, please refer to the documentation +# that came with your card or access point. Make sure that the channel you +# select is the same channel your access point (or the other card in an ad-hoc +# network) is on. The default for cards sold in North America and most of Europe +# is 3; the default for cards sold in France is 11, and the default for cards +# sold in Japan is 14. +#channel_eth0="3" + +# Setup any other config commands. This is basically the iwconfig argument +# without the iwconfig $iface. +#iwconfig_eth0="" + +# Set private driver ioctls. This is basically the iwpriv argument without +# the iwpriv $iface. If you use the rt2500 driver (not the rt2x00 one) then +# you can set WPA here, below is an example. +#iwpriv_eth0="" +#iwpriv_ESSID=( +# "set AuthMode=WPAPSK" +# "set EncrypType=TKIP" +# "set WPAPSK=yourpasskey" +#) +#NOTE: Even though you can use WPA like so, you may have to set a WEP key +#if your driver claims the AP is encrypted. The WEP key itself will not be +#used though. + +# Seconds to wait before scanning +# Some drivers need to wait until they have finished "loading" +# before they can scan - otherwise they error and claim that they cannot scan +# or resource is unavailable. The default is to wait zero seconds +#sleep_scan_eth0="1" + +# Seconds to wait until associated. The default is to wait 10 seconds. +# 0 means wait indefinitely. WARNING: this can cause an infinite delay when +# booting. +#associate_timeout_eth0="5" + +# By default a successful association in Managed mode sets the MAC +# address of the AP connected to. However, some drivers (namely +# the ipw2100) don't set an invalid MAC address when association +# fails - so we need to check on link quality which some drivers +# don't report properly either. +# So if you have connection problems try flipping this setting +# Valid options are MAC, quality and all - defaults to MAC +#associate_test_eth0="MAC" + +# Some driver/card combinations need to scan in Ad-Hoc mode +# After scanning, the mode is reset to the one defined above +#scan_mode_eth0="Ad-Hoc" + +# Below you can define private ioctls to run before and after scanning +# Format is the same as the iwpriv_eth0 above +# This is needed for the HostAP drivers +#iwpriv_scan_pre_eth0="host_roaming 2" +#iwpriv_scan_post_eth0="host_roaming 0" + +# Define a WEP key per ESSID or MAC address (of the AP, not your card) +# The encryption type (open or restricted) must match the +# encryption type on the Access Point +# You can't use "any" for an ESSID here +#key_ESSID="1234-1234-1234-1234-1234-1234-56" +# or you can use strings. Passphrase IS NOT supported +# To use a string, prefix it with s: +# Note - this example also sets the encryption method to open +# which is regarded as more secure than restricted +#key_ESSID="s:foobar enc open" +#key_ESSID="s:foobar enc restricted" + +# If you have whitespace in your key, here's how to set it and use other +# commands like using open encryption. +#key_ESSID="s:'foo bar' enc open" + +# WEP key for the AP with MAC address 001122334455 +#mac_key_001122334455="s:foobar" + +# Here are some more examples of keys as some users find others work +# and some don't where they should all do the same thing +#key_ESSID="open s:foobar" +#key_ESSID="open 1234-5678-9012" +#key_ESSID="s:foobar enc open" +#key_ESSID="1234-5678-9012 enc open" + +# You may want to set multiple keys - here's an example +# It sets 4 keys on the card and instructs to use key 2 by default +#key_ESSID="[1] s:passkey1 key [2] s:passkey2 key [3] s:passkey3 key [4] s:passkey4 key [2]" + +# You can also override the interface settings found in /etc/conf.d/net +# per ESSID - which is very handy if you use different networks a lot +#config_ESSID=( "dhcp" ) +#dhcpcd_ESSID="-t 5" +#routes_ESSID=() +#fallback_ESSID=() + +# Setting name/domain server causes /etc/resolv.conf to be overwritten +# Note that if DHCP is used, and you want this to take precedence then +# please put -R in your dhcpcd options +#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) +#dns_domain_ESSID="some.domain" +#dns_search_path_ESSID="search.this.domain search.that.domain" +# Please check the man page for resolv.conf for more information +# as domain and search (searchdomains) are mutually exclusive and +# searchdomains takes precedence + +# You can also set any of the /etc/conf.d/net variables per MAC address +# in case you use Access Points with the same ESSID but need different +# networking configs. Below is an example - of course you use the same +# method with other variables +#config_001122334455=( "dhcp" ) +#dhcpcd_001122334455="-t 10" +#dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) + +# Map a MAC address to an ESSID +# This is used when the Access Point is not broadcasting it's ESSID +# WARNING: This will override the ESSID being broadcast due to some +# Access Points sending an ESSID even when they have been configured +# not to! +# Change 001122334455 to the MAC address and ESSID to the ESSID +# it should map to +#mac_essid_001122334455="ESSID" + +# This lists the preferred ESSIDs to connect to in order +# ESSID's can contain any characters here as they must match the broadcast +# ESSID exactly. +# Surround each ESSID with the " character and separate them with a space +# If the first ESSID isn't found then it moves onto the next +# If this isn't defined then it connects to the first one found +#preferred_aps=( "ESSID 1" "ESSID 2" ) + +# You can also define a preferred_aps list per interface +#preferred_aps_eth0=( "ESSID 3" "ESSID 4" ) + +# You can also say whether we only connect to preferred APs or not +# Values are "any", "preferredonly", "forcepreferred", "forcepreferredonly" and "forceany" +# "any" means it will connect to visible APs in the preferred list and then any +# other available AP +# "preferredonly" means it will only connect to visible APs in the preferred list +# "forcepreferred" means it will forcibly connect to APs in order if it does not find +# them in a scan +# "forcepreferredonly" means it forcibly connects to the APs in order and does not bother +# to scan +# "forceany" does the same as forcepreferred + connects to any other available AP +# Default is "any" +#associate_order="any" +#associate_order_eth0="any" + +# You can define blacklisted Access Points in the same way +#blacklist_aps=( "ESSID 1" "ESSID 2" ) +#blacklist_aps_eth0=( "ESSID 3" ESSID 4" ) + +# If you have more than one wireless card, you can say if you want +# to allow each card to associate with the same Access Point or not +# Values are "yes" and "no" +# Default is "yes" +#unique_ap="yes" +#unique_ap_eth0="yes" + +# IMPORTANT: preferred_only, blacklisted_aps and unique_ap only work when +# essid_eth0 is not set and your card is capable of scanning + +# NOTE: preferred_aps list ignores blacklisted_aps - so if you have +# the same ESSID in both, well, you're a bit silly :p + + +############################################################################## +# ADVANCED CONFIGURATION +# +# Two functions can be defined which will be called surrounding the +# associate function. The functions are called with the interface +# name first so that one function can control multiple adapters. +# +# The return values for the preassociate function should be 0 +# (success) to indicate that configuration or deconfiguration of the +# interface can continue. If preassociate returns a non-zero value, then +# interface configuration will be aborted. +# +# The return value for the postassociate function is ignored +# since there's nothing to do if it indicates failure. + +#preassociate() { +# # The below adds two configuration variables leap_user_ESSID +# # and leap_pass_ESSID. When they are both configured for the ESSID +# # being connected to then we run the CISCO LEAP script +# +# local user pass +# eval user=\"\$\{leap_user_${ESSIDVAR}\}\" +# eval pass=\"\$\{leap_pass_${ESSIDVAR}\}\" +# +# if [[ -n ${user} && -n ${pass} ]]; then +# if [[ ! -x /opt/cisco/bin/leapscript ]]; then +# eend "For LEAP support, please emerge net-misc/cisco-aironet-client-utils" +# return 1 +# fi +# einfo "Waiting for LEAP Authentication on \"${ESSID//\\\\//}\"" +# if /opt/cisco/bin/leapscript ${user} ${pass} | grep -q 'Login incorrect'; then +# ewarn "Login Failed for ${user}" +# return 1 +# fi +# fi +# +# return 0 +#} + +#postassociate() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +# # Return 0 always +# return 0 +#} diff --git a/config-archive/etc/DIR_COLORS,v b/config-archive/etc/DIR_COLORS,v new file mode 100644 index 0000000..d43152c --- /dev/null +++ b/config-archive/etc/DIR_COLORS,v @@ -0,0 +1,297 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.01.09.10.16.07; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.05.10.15.40; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.01.09.10.16.08; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# Configuration file for dircolors, a utility to help you set the +# LS_COLORS environment variable used by GNU ls with the --color option. + +# Copyright (C) 1996, 1999-2010 Free Software Foundation, Inc. +# Copying and distribution of this file, with or without modification, +# are permitted provided the copyright notice and this notice are preserved. + +# The keywords COLOR, OPTIONS, and EIGHTBIT (honored by the +# slackware version of dircolors) are recognized but ignored. + +# You can copy this file to .dir_colors in your $HOME directory to override +# the system defaults. + +# Below, there should be one TERM entry for each termtype that is colorizable +TERM Eterm +TERM ansi +TERM color-xterm +TERM con132x25 +TERM con132x30 +TERM con132x43 +TERM con132x60 +TERM con80x25 +TERM con80x28 +TERM con80x30 +TERM con80x43 +TERM con80x50 +TERM con80x60 +TERM cons25 +TERM console +TERM cygwin +TERM dtterm +TERM eterm-color +TERM gnome +TERM gnome-256color +TERM jfbterm +TERM konsole +TERM kterm +TERM linux +TERM linux-c +TERM mach-color +TERM mlterm +TERM putty +TERM rxvt +TERM rxvt-256color +TERM rxvt-cygwin +TERM rxvt-cygwin-native +TERM rxvt-unicode +TERM rxvt-unicode256 +TERM screen +TERM screen-256color +TERM screen-256color-bce +TERM screen-bce +TERM screen-w +TERM screen.linux +TERM vt100 +TERM xterm +TERM xterm-16color +TERM xterm-256color +TERM xterm-88color +TERM xterm-color +TERM xterm-debian + +# Below are the color init strings for the basic file types. A color init +# string consists of one or more of the following numeric codes: +# Attribute codes: +# 00=none 01=bold 04=underscore 05=blink 07=reverse 08=concealed +# Text color codes: +# 30=black 31=red 32=green 33=yellow 34=blue 35=magenta 36=cyan 37=white +# Background color codes: +# 40=black 41=red 42=green 43=yellow 44=blue 45=magenta 46=cyan 47=white +#NORMAL 00 # no color code at all +#FILE 00 # regular file: use no color at all +RESET 0 # reset to "normal" color +DIR 01;34 # directory +LINK 01;36 # symbolic link. (If you set this to 'target' instead of a + # numerical value, the color is as for the file pointed to.) +MULTIHARDLINK 00 # regular file with more than one link +FIFO 40;33 # pipe +SOCK 01;35 # socket +DOOR 01;35 # door +BLK 40;33;01 # block device driver +CHR 40;33;01 # character device driver +ORPHAN 01;05;37;41 # orphaned syminks +MISSING 01;05;37;41 # ... and the files they point to +SETUID 37;41 # file that is setuid (u+s) +SETGID 30;43 # file that is setgid (g+s) +CAPABILITY 30;41 # file with capability +STICKY_OTHER_WRITABLE 30;42 # dir that is sticky and other-writable (+t,o+w) +OTHER_WRITABLE 34;42 # dir that is other-writable (o+w) and not sticky +STICKY 37;44 # dir with the sticky bit set (+t) and not other-writable + +# This is for files with execute permission: +EXEC 01;32 + +# List any file extensions like '.gz' or '.tar' that you would like ls +# to colorize below. Put the extension, a space, and the color init string. +# (and any comments you want to add after a '#') + +# If you use DOS-style suffixes, you may want to uncomment the following: +#.cmd 01;32 # executables (bright green) +#.exe 01;32 +#.com 01;32 +#.btm 01;32 +#.bat 01;32 +# Or if you want to colorize scripts even if they do not have the +# executable bit actually set. +#.sh 01;32 +#.csh 01;32 + + # archives or compressed (bright red) +.tar 01;31 +.tgz 01;31 +.arj 01;31 +.taz 01;31 +.lzh 01;31 +.lzma 01;31 +.tlz 01;31 +.txz 01;31 +.zip 01;31 +.z 01;31 +.Z 01;31 +.dz 01;31 +.gz 01;31 +.lz 01;31 +.xz 01;31 +.bz2 01;31 +.bz 01;31 +.tbz 01;31 +.tbz2 01;31 +.tz 01;31 +.deb 01;31 +.rpm 01;31 +.jar 01;31 +.rar 01;31 +.ace 01;31 +.zoo 01;31 +.cpio 01;31 +.7z 01;31 +.rz 01;31 + +# image formats +.jpg 01;35 +.jpeg 01;35 +.gif 01;35 +.bmp 01;35 +.pbm 01;35 +.pgm 01;35 +.ppm 01;35 +.tga 01;35 +.xbm 01;35 +.xpm 01;35 +.tif 01;35 +.tiff 01;35 +.png 01;35 +.svg 01;35 +.svgz 01;35 +.mng 01;35 +.pcx 01;35 +.mov 01;35 +.mpg 01;35 +.mpeg 01;35 +.m2v 01;35 +.mkv 01;35 +.ogm 01;35 +.mp4 01;35 +.m4v 01;35 +.mp4v 01;35 +.vob 01;35 +.qt 01;35 +.nuv 01;35 +.wmv 01;35 +.asf 01;35 +.rm 01;35 +.rmvb 01;35 +.flc 01;35 +.avi 01;35 +.fli 01;35 +.flv 01;35 +.gl 01;35 +.dl 01;35 +.xcf 01;35 +.xwd 01;35 +.yuv 01;35 +.cgm 01;35 +.emf 01;35 + +# http://wiki.xiph.org/index.php/MIME_Types_and_File_Extensions +.axv 01;35 +.anx 01;35 +.ogv 01;35 +.ogx 01;35 + +# Document files +.pdf 00;32 +.ps 00;32 +.txt 00;32 +.patch 00;32 +.diff 00;32 +.log 00;32 +.tex 00;32 +.doc 00;32 + +# audio formats +.aac 00;36 +.au 00;36 +.flac 00;36 +.mid 00;36 +.midi 00;36 +.mka 00;36 +.mp3 00;36 +.mpc 00;36 +.ogg 00;36 +.ra 00;36 +.wav 00;36 + +# http://wiki.xiph.org/index.php/MIME_Types_and_File_Extensions +.axa 00;36 +.oga 00;36 +.spx 00;36 +.xspf 00;36 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d44 1 +d48 1 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a43 1 +TERM rxvt-256color +a46 1 +TERM rxvt-unicode256 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a47 1 +TERM rxvt-unicode-256color +a53 1 +TERM screen.rxvt +a54 1 +TERM terminator +@ diff --git a/config-archive/etc/amavisd.conf,v b/config-archive/etc/amavisd.conf,v new file mode 100644 index 0000000..543d3d2 --- /dev/null +++ b/config-archive/etc/amavisd.conf,v @@ -0,0 +1,2584 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.09.08.21.18.36; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@use strict; + +# Sample configuration file for amavisd-new (traditional style, chatty, +# you may prefer to start with the more concise supplied amavisd.conf) +# +# See amavisd.conf-default for a list of all variables with their defaults; +# for more details see documentation in INSTALL, README_FILES/* +# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html + +# This software is licensed under the GNU General Public License (GPL). +# See comments at the start of amavisd-new for the whole license text. + +#Sections: +# Section I - Essential daemon and MTA settings +# Section II - MTA specific +# Section III - Logging +# Section IV - Notifications/DSN, bounce/reject/discard/pass, quarantine +# Section V - Per-recipient and per-sender handling, whitelisting, etc. +# Section VI - Resource limits +# Section VII - External programs, virus scanners, SpamAssassin +# Section VIII - Debugging +# Section IX - Policy banks (dynamic policy switching) + +#GENERAL NOTES: +# This file is a normal Perl code, interpreted by Perl itself. +# - make sure this file (or directory where it resides) is NOT WRITABLE +# by mere mortals (not even vscan/amavis; best to make it owned by root), +# otherwise it can represent a severe security risk! +# - for values which are interpreted as booleans, it is recommended +# to use 1 for true, and 0 or undef or '' for false; +# Note that this interpretation of boolean values does not apply directly +# to LDAP and SQL lookups, which follow their own rules - see README.lookups +# and README.ldap (in short: use Y/N in SQL, and TRUE/FALSE in LDAP); +# - Perl syntax applies. Most notably: strings in "" may include variables +# (which start with $ or @@); to include characters $ and @@ and \ in double +# quoted strings precede them by a backslash; in single-quoted strings +# the $ and @@ lose their special meaning, so it is usually easier to use +# single quoted strings (or qw operator) for e-mail addresses. +# In both types of quoting a backslash should to be doubled. +# - variables with names starting with a '@@' are lists, the values assigned +# to them should be lists too, e.g. ('one@@foo', $mydomain, "three"); +# note the comma-separation and parenthesis. If strings in the list +# do not contain spaces nor variables, a Perl operator qw() may be used +# as a shorthand to split its argument on whitespace and produce a list +# of strings, e.g. qw( one@@foo example.com three ); Note that the argument +# to qw is quoted implicitly and no variable interpretation is done within +# (no '$' variable evaluations). The #-initiated comments can NOT be used +# within a string. In other words, $ and # lose their special meaning +# within a qw argument, just like within '...' strings. +# - all e-mail addresses in this file and as used internally by the daemon +# are in their raw (rfc2821-unquoted and non-bracketed) form, i.e. +# Bob "Funny" Dude@@example.com, not: "Bob \"Funny\" Dude"@@example.com +# and not <"Bob \"Funny\" Dude"@@example.com>; also: '' and not '<>'. +# - the term 'default value' in examples below refers to the value of a +# variable pre-assigned to it by the program; any explicit assignment +# to a variable in this configuration file overrides the default value; + + +# +# Section I - Essential daemon and MTA settings +# + +# $MYHOME serves as a quick default for some other configuration settings. +# More refined control is available with each individual setting further down. +# $MYHOME is not used directly by the program. No trailing slash! +$MYHOME = '/var/amavis'; # (default is '/var/amavis'), -H + +# $mydomain serves as a quick default for some other configuration settings. +# More refined control is available with each individual setting further down. +# $mydomain is never used directly by the program. +$mydomain = 'brehm-online.com'; # (no useful default) + +# $myhostname = 'host.example.com'; # fqdn of this host, default by uname(3) +$myhostname = 'helga.brehm-online.com'; + +# Set the user and group to which the daemon will change if started as root +# (otherwise just keeps the UID unchanged, and these settings have no effect): +$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u +$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g + +# Runtime working directory (cwd), and a place where +# temporary directories for unpacking mail are created. +# (no trailing slash, may be a scratch file system) +#$TEMPBASE = $MYHOME; # (must be set if other config vars use is), -T +$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean? + +#$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db", -D + +# $helpers_home sets environment variable HOME, and is passed as option +# 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory +# on a normal persistent file system, not a scratch or temporary file system +#$helpers_home = $MYHOME; # (defaults to $MYHOME), -S + +# Run the daemon in the specified chroot jail if nonempty: +#$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot), -R + +#$pid_file = "$MYHOME/amavisd.pid"; # (default is "$MYHOME/amavisd.pid"), -P +#$lock_file = "$MYHOME/amavisd.lock"; # (default is "$MYHOME/amavisd.lock"), -L + +# set environment variables if you want (no defaults): +$ENV{TMPDIR} = $TEMPBASE; # used for SA temporary files, by some decoders, etc. + +$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) +$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1 + +$enable_dkim_verification = 0; # enable DKIM signatures verification +$enable_dkim_signing = 0; # load DKIM signing code, keys defined by dkim_key + +# MTA SETTINGS, UNCOMMENT AS APPROPRIATE, +# both $forward_method and $notify_method default to 'smtp:[127.0.0.1]:10025' + +# POSTFIX, or SENDMAIL in dual-MTA setup, or EXIM V4 +# (set host and port number as required; host can be specified +# as an IP address or a DNS name (A or CNAME, but MX is ignored) +#$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail +#$notify_method = $forward_method; # where to submit notifications + +#$os_fingerprint_method = 'p0f:127.0.0.1:2345'; # query p0f-analyzer.pl + +# To make it possible for several hosts to share one content checking daemon, +# the IP address and/or the port number in $forward_method and $notify_method +# may be spacified as an asterisk. An asterisk in the colon-separated +# second field (host) will be replaced by the SMTP client peer address, +# An asterisk in the third field (tcp port) will be replaced by the incoming +# SMTP/LMTP session port number plus one. This obsoletes the previously used +# less flexible configuration parameter $relayhost_is_client. An example: +# $forward_method = 'smtp:*:*'; $notify_method = 'smtp:*:10587'; + + +# NOTE: The defaults (above) are good for Postfix or dual-sendmail. You MUST +# uncomment the appropriate settings below if using other setups! + +# SENDMAIL MILTER, using amavis-milter.c helper program: +#$forward_method = undef; # no explicit forwarding, sendmail does it by itself +# milter; option -odd is needed to avoid deadlocks +#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -odd -f ${sender} -- ${recipient}'; +# just a thought: can we use use -Am instead of -odd ? + +# SENDMAIL (old non-milter setup, as relay, deprecated): +#$forward_method = 'pipe:flags=q argv=/usr/sbin/sendmail -C/etc/sendmail.orig.cf -i -f ${sender} -- ${recipient}'; +#$notify_method = $forward_method; + +# SENDMAIL (old non-milter setup, amavis.c calls local delivery agent, deprecated): +#$forward_method = undef; # no explicit forwarding, amavis.c will call LDA +#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -f ${sender} -- ${recipient}'; + +# EXIM v3 (not recommended with v4 or later, which can use SMTP setup instead): +#$forward_method = 'pipe:flags=q argv=/usr/sbin/exim -oMr scanned-ok -i -f ${sender} -- ${recipient}'; +#$notify_method = $forward_method; + +# COURIER using courierfilter +#$forward_method = undef; # no explicit forwarding, Courier does it itself +#$notify_method = 'pipe:flags=q argv=perl -e $pid=fork();if($pid==-1){exit(75)}elsif($pid==0){exec(@@ARGV)}else{exit(0)} /usr/sbin/sendmail -f ${sender} -- ${recipient}'; +# Only set $courierfilter_shutdown to 1 if you are using courierfilter to +# control the startup and shutdown of amavis +#$courierfilter_shutdown = 1; # (default 0) + +# prefer to collect mail for forwarding as BSMTP files? +#$forward_method = "bsmtp:$MYHOME/out-%i-%n.bsmtp"; +#$notify_method = $forward_method; + +@@auth_mech_avail = qw(PLAIN LOGIN); +$auth_required_inp = 0; +$auth_required_out = 0; + +# Net::Server pre-forking settings +# The $max_servers should match the width of your MTA pipe +# feeding amavisd, e.g. with Postfix the 'Max procs' field in the +# master.cf file, like the '2' in the: smtp-amavis unix - - n - 2 smtp +# +$max_servers = 2; # num of pre-forked children (2..30 is common), -m +$max_requests = 20; # retire a child after that many accepts (default 20) + +$child_timeout=5*60; # abort child if it does not complete its processing in + # approximately n seconds (default: 8*60 seconds) + +$smtpd_timeout = 120; # disconnect session if client is idle for too long + # (default: 8*60 seconds); should be higher than a + # Postfix setting max_idle (default 100s) + +# Here is a QUICK WAY to completely DISABLE some sections of code +# that WE DO NOT WANT (it won't even be compiled-in). +# For more refined controls leave the following two lines commented out, +# and see further down what these two lookup lists really mean. +# +# @@bypass_virus_checks_maps = (1); # controls running of anti-virus code +# @@bypass_spam_checks_maps = (1); # controls running of anti-spam code +# $bypass_decode_parts = 1; # controls running of decoders&dearchivers +# +# Any setting can be changed with a new assignment, so make sure +# you do not unintentionally override these settings further down! + +# Check also the settings of @@av_scanners at the end if you want to use +# virus scanners. If not, you may want to delete the whole long assignment +# to the variable @@av_scanners and @@av_scanners_backup, which will also +# remove the virus checking code (e.g. if you only want to do spam scanning). + + +# Lookup list of local domains (see README.lookups for syntax details) +# +# @@local_domains_maps is a list of lookup tables which are used in deciding +# whether a recipient is local or not, or in other words, if the message is +# outgoing or not. This affects inserting spam-related and OS fingerprinting +# header fields for local recipients, editing Subject header field and allowing +# mail body defanging, limiting recipient notifications to local recipients, +# in deciding if address extension may be appended, in matching mail addresses +# to non-fqdn SQL record keys, for proper operation of pen pals feature, +# for selecting statistics counters (distinguishing outgoing from internal- +# to internal mail), and possibly more in future versions. +# Set it up correctly if you need features that rely on this setting. +# +# With Postfix (2.0) a quick hint on what local domains normally are: +# a union of domains specified in: mydestination, virtual_alias_domains, +# virtual_mailbox_domains, and relay_domains. + +@@local_domains_maps = ( [".$mydomain"] ); # $mydomain and its subdomains +# @@local_domains_maps = (); # default is empty list, no recip. considered local +# @@local_domains_maps = # using ACL lookup table +# ( [ ".$mydomain", 'sub.example.net', '.example.com' ] ); +# @@local_domains_maps = # similar, split list elements on whitespace +# ( [qw( .example.com !host.sub.example.net .sub.example.net )] ); +# @@local_domains_maps = ( new_RE( qr'[@@.]example\.com$'i ) ); # using regexp +# @@local_domains_maps = ( read_hash("$MYHOME/local_domains") ); # using hash +# perhaps combined with Postfix: mydestination = /var/amavis/local_domains +# for debugging purposes: dump_hash($local_domains_maps[0]); +# +# Section II - MTA specific (defaults should be ok) +# + +#$insert_received_line = 1; # behave like MTA: insert 'Received:' header + # (does not apply to sendmail/milter) + # (default is true) + +# AMAVIS-CLIENT AND COURIER PROTOCOL INPUT SETTINGS (e.g. amavisd-release, or +# sendmail milter through helper clients like amavis-milter.c and amavis.c) +# option(s) -p overrides $inet_socket_port and $unix_socketname +$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket +#$unix_socketname = undef; # disable listening on a unix socket + # (default is undef, i.e. disabled) +#$unix_socketname = "/var/lib/courier/allfilters/amavisd"; # Courier socket + # (usual setting is $MYHOME/amavisd.sock) + +# SMTP SERVER (INPUT) PROTOCOL SETTINGS (e.g. with Postfix, Exim v4, ...) +# (used when MTA is configured to pass mail to amavisd via SMTP or LMTP) +$inet_socket_port = 10024; # accept SMTP on this local TCP port + # (default is undef, i.e. disabled) +# multiple ports may be provided: $inet_socket_port = [10024, 10026, 10028]; + +# SMTP SERVER (INPUT) access control +# - do not allow free access to the amavisd SMTP port !!! +# +# when MTA is at the same host, use the following (one or the other or both): +#$inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface + # (default is '127.0.0.1') +@@inet_acl = qw(127.0.0.1 [::1]); # allow SMTP access only from localhost IP + # (default is qw(127.0.0.1 [::1]) ) + +# when MTA (one or more) is on a different host, use the following: +#@@inet_acl = qw(127.0.0.0/8 [::1] 10.1.0.1 10.1.0.2); # adjust list as needed +#$inet_socket_bind = undef; # bind to all IP interfaces if undef + +# +# Example1: +# @@inet_acl = qw( 127/8 10/8 172.16/12 192.168/16 ); +# permit only SMTP access from loopback and rfc1918 private address space +# +# Example2: +# @@inet_acl = qw( !192.168.1.12 172.16.3.3 !172.16.3/255.255.255.0 +# 127.0.0.1 10/8 172.16/12 192.168/16 ); +# matches loopback and rfc1918 private address space except host 192.168.1.12 +# and net 172.16.3/24 (but host 172.16.3.3 within 172.16.3/24 still matches) +# +# Example3: +# @@inet_acl = qw( 127/8 +# !172.16.3.0 !172.16.3.127 172.16.3.0/25 +# !172.16.3.128 !172.16.3.255 172.16.3.128/25 ); +# matches loopback and both halves of the 172.16.3/24 C-class, +# split into two subnets, except all four broadcast addresses +# for these subnets + + +# @@mynetworks is an IP access list which determines if the original SMTP client +# IP address belongs to our internal networks, i.e. mail is coming from inside. +# It is much like the Postfix parameter 'mynetworks' in semantics and similar +# in syntax, and its value should normally match the Postfix counterpart. +# It only affects the value of a macro %l (=sender-is-local), +# and the loading of policy 'MYNETS' if present (see below). +# Note that '-o smtp_send_xforward_command=yes' (or its lmtp counterpart) +# must be enabled in the Postfix service that feeds amavisd, otherwise +# client IP address is not available to amavisd-new. +# +# @@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 +# 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); # default +# +# A list of networks can also be read from a file, either as an IP acl in +# CIDR notation, one address per line (comments and empty lines are allowed): +# @@mynetworks_maps = (read_array('/etc/amavisd-mynetworks'), \@@mynetworks); +# +# or less flexibly (but provides faster lookups for large lists) by reading +# into a hash lookup table, which only allows for full addresses or classful +# IPv4 subnets with truncated octets, such as 127, 10, 192.168, 10.11.12.13, +# one address per line (comments and empty lines are allowed): +# @@mynetworks_maps = (read_hash('/etc/amavisd-mynetworks'), \@@mynetworks); + +# See README.lookups for details on specifying access control lists. + + +# +# Section III - Logging +# + +# true (e.g. 1) => syslog; false (e.g. 0) => logging to file +$DO_SYSLOG = 1; # (defaults to 0) + +$syslog_ident = 'amavis'; # Syslog ident string (defaults to 'amavis') +$syslog_facility = 'mail'; # Syslog facility as a string + # e.g.: mail, daemon, user, local0, ... local7, ... +$syslog_priority = 'info'; # Syslog base (minimal) priority as a string, + # choose from: emerg, alert, crit, err, warning, notice, info, debug + +# Log file (if not using syslog) +$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log) + +#NOTE: levels are not strictly observed and are somewhat arbitrary +# 0: startup/exit/failure messages, viruses detected +# 1: args passed from client, some more interesting messages +# 2: virus scanner output, timing +# 3: server, client +# 4: decompose parts +# 5: more debug details +$log_level = 3; # (defaults to 0), -d + +# Customizable template for the most interesting log file entry (e.g. with +# $log_level=0) (take care to properly quote Perl special characters like '\') +# For a list of available macros see README.customize . + +# $log_templ = undef; # undef disables by-message level-0 log entries +$log_recip_templ = undef; # undef disables by-recipient level-0 log entries + + +# log both infected and noninfected messages (as deflt, with size,subj,tests): +# (remove the leading '#' and a space in the following lines to activate) + +# $log_templ = <<'EOD'; +# [?%#D|#|Passed # +# [? [:ccat|major] |OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\ +# UNCHECKED|BANNED (%F)|INFECTED (%V)]# +# , [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%D|,]# +# [? %q ||, quarantine: %q]# +# [? %Q ||, Queue-ID: %Q]# +# [? %m ||, Message-ID: %m]# +# [? %r ||, Resent-Message-ID: %r]# +# , mail_id: %i# +# , Hits: [:SCORE]# +# , size: %z# +# [~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\ +# [remote_mta_smtp_response|[~%x|["queued as ([0-9A-Z]+)$"]|["%1"]|["%0"]]|/]# +# [? [:header_field|Subject] ||, Subject: [:dquote|[:header_field|Subject]]]# +# [? [:header_field|From] ||, From: [:uquote|[:header_field|From]]]# +# [? [:useragent|name] ||, [:useragent|name]: [:uquote|[:useragent|body]]]# +# [? %#T ||, Tests: \[[%T|,]\]]# +# [:supplementary_info|SCTYPE|, shortcircuit=%%s]# +# [:supplementary_info|AUTOLEARN|, autolearn=%%s]# +# , %y ms# +# ] +# [?%#O|#|Blocked # +# [? [:ccat|major|blocking] |# +# OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\ +# UNCHECKED|BANNED (%F)|INFECTED (%V)]# +# , [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%O|,]# +# [? %q ||, quarantine: %q]# +# [? %Q ||, Queue-ID: %Q]# +# [? %m ||, Message-ID: %m]# +# [? %r ||, Resent-Message-ID: %r]# +# , mail_id: %i# +# , Hits: [:SCORE]# +# , size: %z# +# #, smtp_resp: [:smtp_response]# +# [? [:header_field|Subject] ||, Subject: [:dquote|[:header_field|Subject]]]# +# [? [:header_field|From] ||, From: [:uquote|[:header_field|From]]]# +# [? [:useragent|name] ||, [:useragent|name]: [:uquote|[:useragent|body]]]# +# [? %#T ||, Tests: \[[%T|,]\]]# +# [:supplementary_info|SCTYPE|, shortcircuit=%%s]# +# [:supplementary_info|AUTOLEARN|, autolearn=%%s]# +# , %y ms# +# ] +# EOD + +# +# Section IV - Notifications/DSN, bounce/reject/discard/pass, quarantine +# + +# Select notifications text encoding when Unicode-aware Perl is converting +# text from internal character representation to external encoding (charset +# in MIME terminology). Used as argument to Perl Encode::encode subroutine. +# +# to be used in RFC 2047-encoded header field bodies, e.g. in Subject: +#$hdr_encoding = 'iso-8859-1'; # MIME charset (default: 'iso-8859-1') +#$hdr_encoding_qb = 'Q'; # MIME encoding: quoted-printable (default) +#$hdr_encoding_qb = 'B'; # MIME encoding: base64 +# +# to be used in notification body text: its encoding and Content-type.charset +#$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1') + +# Default template texts for notifications may be overruled by directly +# assigning new text to template variables, or by reading template text +# from files. A second argument may be specified in a call to read_text(), +# specifying character encoding layer to be used when reading from the +# external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding. +# Text will be converted to internal character representation by Perl 5.8.0 +# or later; second argument is ignored otherwise. See PerlIO::encoding, +# Encode::PerlIO and perluniintro man pages. +# +# $notify_sender_templ = read_text("$MYHOME/notify_sender.txt"); +# $notify_virus_sender_templ= read_text("$MYHOME/notify_virus_sender.txt"); +# $notify_virus_admin_templ = read_text("$MYHOME/notify_virus_admin.txt"); +# $notify_virus_recips_templ= read_text("$MYHOME/notify_virus_recips.txt"); +# $notify_spam_sender_templ = read_text("$MYHOME/notify_spam_sender.txt"); +# $notify_spam_admin_templ = read_text("$MYHOME/notify_spam_admin.txt"); + +# If notification template files are collectively available in some directory, +# one may call read_l10n_templates which invokes read_text for each known +# template. This is primarily a Debian-specific feature, but was incorporated +# into base code to facilitate porting. +# +# read_l10n_templates('/etc/amavis/en_US'); +# +# If read_l10n_templates is called, a localization template directory must +# contain the following files: +# charset this file should contain a one-line name +# of the character set used in the template +# files (e.g. utf8, iso-8859-2, ...) and is +# passed as the second argument to read_text; +# template-dsn.txt content fills the $notify_sender_templ +# template-virus-sender.txt content fills the $notify_virus_sender_templ +# template-virus-admin.txt content fills the $notify_virus_admin_templ +# template-virus-recipient.txt content fills the $notify_virus_recips_templ +# template-spam-sender.txt content fills the $notify_spam_sender_templ +# template-spam-admin.txt content fills the $notify_spam_admin_templ + +# Here is an overall picture (sequence of events) of how pieces fit together +# +# bypass_virus_checks set for all recipients? ==> PASS +# no viruses? ==> PASS +# log virus if $log_templ is nonempty +# quarantine if $virus_quarantine_to is nonempty +# notify admin if $virus_admin (lookup) nonempty +# notify recips if $warnvirusrecip and (recipient is local or $warn_offsite) +# add address extensions for local recipients (when enabled) +# send (non-)delivery notifications +# to sender if DSN needed (BOUNCE or ($warnvirussender and D_PASS)) +# virus_lovers or final_destiny==D_PASS ==> PASS +# DISCARD (2xx) or REJECT (5xx) (depending on final_*_destiny) +# +# Equivalent flow diagram applies for spam checks. +# If a virus is detected, spam checking is skipped entirely. + +# The following symbolic constants can be used in *_destiny settings: +# +# D_PASS mail will pass to recipients, regardless of bad contents; +# +# D_DISCARD mail will not be delivered to its recipients, sender will NOT be +# notified. Effectively we lose mail (but will be quarantined +# unless disabled). Losing mail is not decent for a mailer, +# but might be desired. +# +# D_BOUNCE mail will not be delivered to its recipients, a non-delivery +# notification (bounce) will be sent to the sender by amavisd-new; +# Exception: bounce (DSN) will not be sent if a virus name matches +# @@viruses_that_fake_sender_maps, or to messages from mailing lists +# (Precedence: bulk|list|junk), or for spam level that exceeds +# the $sa_dsn_cutoff_level. +# +# D_REJECT mail will not be delivered to its recipients, sender should +# preferably get a reject, e.g. SMTP permanent reject response +# (e.g. with milter), or non-delivery notification from MTA +# (e.g. Postfix). If this is not possible (e.g. different recipients +# have different tolerances to bad mail contents and not using LMTP) +# amavisd-new sends a bounce by itself (same as D_BOUNCE). +# Not to be used with Postfix or dual-MTA setups! +# +# Notes: +# D_REJECT and D_BOUNCE are similar, the difference is in who is responsible +# for informing the sender about non-delivery, and how informative +# the notification can be (amavisd-new knows more than MTA); +# With D_REJECT, MTA may reject original SMTP, or send DSN (delivery status +# notification, colloquially called 'bounce') - depending on MTA; +# Best suited for sendmail milter and Courier, especially for spam. +# With D_BOUNCE, amavisd-new (not MTA) sends DSN (can better explain the +# reason for mail non-delivery or even suppress DSN, but unable +# to reject the original SMTP session). Best suited to reporting +# viruses, and for Postfix and other dual-MTA setups, which can't +# reject original client SMTP session, as the mail has already +# been enqueued. + +# Alternatives to consider for spam: +# - use D_PASS if clients will do filtering based on inserted +# mail headers or added address extensions ('plus-addressing'); +# - use D_DISCARD, if kill_level is set comfortably high; +# +# D_BOUNCE is preferred for viruses, but consider: +# - use D_PASS (or virus_lovers) to deliver viruses; +# - use D_REJECT instead of D_BOUNCE if using Courier or milter and under heavy +# virus storm; + + +# The use of new *_by_ccat hashes is illustrated by the following examples +# on configuring final_*_destiny. + + +# using traditional settings of $final_*_destiny variables, relying on a +# default setting of an associative array %final_destiny_by_ccat which is +# backwards compatible and contains references to these traditional variables: +# +$final_virus_destiny = D_REJECT; # (defaults to D_DISCARD) +$final_banned_destiny = D_REJECT; # (defaults to D_BOUNCE) +$final_spam_destiny = D_REJECT; # (defaults to D_BOUNCE) +$final_bad_header_destiny = D_PASS; # (defaults to D_PASS) + +######## +# +# Please think about what you are doing when you set these options. +# If necessary, question your origanization's e-mail policies: +# +# D_BOUNCE contributes to the overall spread of virii and spam on the +# internet. Both the envelope and header from addresses can be forged +# accurately with no effort, causing the bounces to go to innocent parties, +# whose addresses have been forged. +# +# D_DISCARD breaks internet mail specifications. However, with a +# properly implemented Quaratine system, the concern for breaking the +# specification is addressed to some extent. +# +# D_PASS is the safest way to handle e-mails. You must implement +# client-side filtering to handle this method. +# +# -Cory Visi 07/28/04 +# +####### + +# to explicitly list all (or most) possible contents category (ccat) keys: +%final_destiny_by_ccat = ( + CC_VIRUS, D_DISCARD, + CC_BANNED, D_BOUNCE, + CC_UNCHECKED, D_PASS, + CC_SPAM, D_DISCARD, + CC_BADH, D_PASS, + CC_OVERSIZED, D_BOUNCE, + CC_CLEAN, D_PASS, + CC_CATCHALL, D_PASS, +); + +# to rely on a catchall ccat key and only list exceptions (alternative 1): +#%final_destiny_by_ccat = ( +# CC_VIRUS, D_DISCARD, +# CC_BANNED, D_BOUNCE, +# CC_SPAM, D_BOUNCE, +# CC_BADH.',4', D_BOUNCE, # BadHdrSpace +# CC_BADH.',3', D_BOUNCE, # BadHdrChar +# CC_OVERSIZED, D_BOUNCE, +# CC_CATCHALL, D_PASS, +#); + +# to rely on a catchall ccat key and list exceptions (alternative 2): +#%final_destiny_by_ccat = ( +# CC_VIRUS, D_DISCARD, +# CC_UNCHECKED, D_PASS, +# CC_BADH.',6', D_PASS, # BadHdrSyntax +# CC_BADH.',5', D_PASS, # BadHdrLong +# CC_BADH.',2', D_PASS, # BadHdr8bit +# CC_BADH.',1', D_PASS, # BadHdrMime +# CC_CLEAN, D_PASS, +# CC_CATCHALL, D_BOUNCE, +#); + +# to rely on a catchall ccat key and list exceptions (alternative 3): +#%final_destiny_by_ccat = ( +# CC_VIRUS, D_DISCARD, +# CC_UNCHECKED, D_PASS, +# CC_BADH.',4', D_BOUNCE, # BadHdrSpace +# CC_BADH.',3', D_BOUNCE, # BadHdrChar +# CC_BADH, D_PASS, # sub-catchall for CC_BADH +# CC_CLEAN, D_PASS, +# CC_CATCHALL, D_BOUNCE, +#); + +# to rely on a default %final_destiny_by_ccat and only change few settings: +#$final_destiny_by_ccat{+CC_SPAM} = D_PASS; +#$final_destiny_by_ccat{+CC_BADH} = D_BOUNCE; +#$final_destiny_by_ccat{+CC_BADH.',2'} = D_PASS; # BadHdr8bit + + + +# For monitoring / testing purposes let the administrator receive a copy +# of certain delivery status notifications that are mailed back to senders: +# +#%dsn_bcc_by_ccat = ( +# CC_BANNED, undef, +# CC_SPAM, undef, +# CC_BADH, undef, +# CC_CATCHALL, 'admin+test@@example.com', +#); +# +# or use a simpler form, taking advantage of defaults in %dsn_bcc_by_ccat: +#$dsn_bcc = 'admin+test@@example.com'; + + +# The following $warn*sender settings are ONLY used when mail is +# actually passed to recipients ($final_*_destiny=D_PASS, or *_lovers*). +# Bounces or rejects produce non-delivery status notification regardless. +# +# Notify sender of syntactically invalid header containing non-ASCII chars? +#$warnbadhsender = 1; # (defaults to false (undef)) + +# Notify virus (or banned files or bad headers) RECIPIENT? +# (not very useful, but some policies demand it) +#$warnvirusrecip = 1; # (defaults to false (undef)) +#$warnbannedrecip = 1; # (defaults to false (undef)) +#$warnbadhrecip = 1; # (defaults to false (undef)) + +# Notify also non-local virus/banned recipients if $warn*recip is true? +# (including those not matching local_domains*) +#$warn_offsite = 1; # (defaults to false (undef), i.e. only notify locals) + + +# Treat envelope sender address as unreliable and don't send sender +# notification / bounces if name(s) of detected virus(es) match the list. +# Note that virus names are supplied by external virus scanner(s) and are +# not standardized, so virus names may need to be adjusted. +# See README.lookups for syntax, check also README.policy-on-notifications. +# If the intention is to treat all viruses as faking the sender address, it +# is equivalent but more efficient to just set $final_virus_destiny=D_DISCARD; +# +@@viruses_that_fake_sender_maps = (new_RE( + qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i, + qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i, + qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i, + qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i, + qr'@@mm|@@MM', # mass mailing viruses as labeled by f-prot and uvscan + qr'Worm'i, # worms as labeled by ClamAV, Kaspersky, etc +# [qr'^(EICAR|Joke\.|Junk\.)'i => 0], +# [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i => 0], + [qr/^/ => 1], # true by default (remove or comment-out if undesired) +)); + +# where to send ADMIN VIRUS NOTIFICATIONS (should be a fully qualified address) +# - the administrator envelope address may be a simple fixed e-mail address +# (a scalar), or may depend on the RECIPIENT address (e.g. its domain). +# +# Empty or undef lookup disables virus admin notifications. + +# The full set of configurable administrator addresses is: +# @@virus_admin_maps ... notifications to admin about viruses +# @@newvirus_admin_maps ... newly encountered viruses since amavisd startup +# @@spam_admin_maps ... notifications to admin about spam +# @@banned_admin_maps ... notifications to admin about banned contents +# @@bad_header_admin_maps ... notifications to admin about bad headers + +$virus_admin = "virusalert\@@$mydomain"; +# $virus_admin = 'virus-admin@@example.com'; +# $virus_admin = undef; # do not send virus admin notifications (default) +# +#@@virus_admin_maps = ( # by-recipient maps +# {'not.example.com' => '', +# '.' => 'virusalert@@example.com'}, +# $virus_admin, # the usual default +#); + +# equivalent to $virus_admin, but for spam admin notifications: +# $spam_admin = "spamalert\@@$mydomain"; +# $spam_admin = undef; # do not send spam admin notifications (default) +#@@spam_admin_maps = ( # by-recipient maps +# {'not.example.com' => '', +# '.' => 'spamalert@@example.com'}, +# $spam_admin, # the usual default +#); + +# receive a copy of all delivery status notifications sent; +# useful for testing or monitoring +#$dsn_bcc = "mailadmin\@@$mydomain"; + +#advanced example, using a hash lookup table and a scalar default, +#lookup key is a recipient envelope address: +#@@virus_admin_maps = ( # by-recipient maps +# { 'baduser@@sub1.example.com' => 'HisBoss@@sub1.example.com', +# '.sub1.example.com' => 'virusalert@@sub1.example.com', +# '.sub2.example.com' => '', # don't send admin notifications +# 'a.sub3.example.com' => 'abuse@@sub3.example.com', +# '.sub3.example.com' => 'virusalert@@sub3.example.com', +# '.example.com' => 'noc@@example.com', # default for our virus senders +# }, +# 'virusalert@@hq.example.com', # catchall for the rest +#); + +# sender envelope address, from which notification reports are sent from; +# may be a null reverse path, or a fully qualified address: +# (admin and recip sender addresses default to a null return path). +# If using strings in double quotes, don't forget to quote @@, i.e. \@@ +# +$mailfrom_notify_admin = "virusalert\@@$mydomain"; +$mailfrom_notify_recip = "virusalert\@@$mydomain"; +$mailfrom_notify_spamadmin = "spam.police\@@$mydomain"; + +# 'From' HEADER FIELD for sender and admin notifications. +# This should be a replyable address, see rfc1894. Not to be confused +# with $mailfrom_notify_sender, which is the envelope return address +# and can be empty (null reverse path) according to rfc2821. +# +# The syntax of the 'From' header field is specified in rfc2822, section +# '3.4. Address Specification'. Note in particular that display-name must be +# a quoted-string if it contains any special characters like spaces and dots. +# +# $hdrfrom_notify_sender = "amavisd-new "; +# $hdrfrom_notify_sender = 'amavisd-new '; +# $hdrfrom_notify_sender = '"Content-Filter Master" '; +# $hdrfrom_notify_admin = $mailfrom_notify_admin; +# $hdrfrom_notify_spamadmin = $mailfrom_notify_spamadmin; +# (default: "\"Content-filter at $myhostname\" ") + +# whom quarantined messages appear to be sent from (envelope sender); +# keeps original sender if undef, or set it explicitly, default is undef +$mailfrom_to_quarantine = ''; # override sender address with null return path + + +# Location to put infected mail into: (applies to 'local:' quarantine method) +# empty for not quarantining, may be a file (Unix-style mailbox), +# or a directory (no trailing slash) +# (the default value is undef, meaning no quarantine) +# +$QUARANTINEDIR = "$MYHOME/quarantine"; + +#$quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine + +#$clean_quarantine_method = 'local:clean-%m'; # disabled by default +#$virus_quarantine_method = 'local:virus-%m'; # default +#$spam_quarantine_method = 'local:spam-%m.gz'; # default +#$banned_files_quarantine_method = 'local:banned-%m'; # default +#$bad_header_quarantine_method = 'local:badh-%m'; # default + +# Separate quarantine subdirectories virus, spam, banned and badh within +# the directory $QUARANTINEDIR may be specified by the following settings +# (the subdirectories need to exist - must be created manually): +#$clean_quarantine_method = 'local:clean/%m'; +#$virus_quarantine_method = 'local:virus/%m'; +#$spam_quarantine_method = 'local:spam/%m.gz'; +#$banned_files_quarantine_method = 'local:banned/%m'; +#$bad_header_quarantine_method = 'local:badh/%m'; +# +#use the 'bsmtp:' method as an alternative to the default 'local:' +#$virus_quarantine_method = "bsmtp:$QUARANTINEDIR/virus-%m.bsmtp"; +#$spam_quarantine_method = "bsmtp:$QUARANTINEDIR/spam-%m.bsmtp"; +# +#using the 'pipe:' method might be useful for some special purpose: +#$mailfrom_to_quarantine = undef; # pass on the original sender address +#$spam_quarantine_method = 'pipe:argv=/usr/bin/myscript.sh spam-%b ${sender}'; +# +#using the 'sql:' method to store quarantined message to a SQL database: +#$virus_quarantine_method = $spam_quarantine_method = +# $banned_files_quarantine_method = $bad_header_quarantine_method = 'sql:'; + +# Send copy of every mail to an archival mail address: +#$archive_quarantine_method = $notify_method; +#@@archive_quarantine_to_maps = ( 'collector@@example.com' ); + + +# When using the 'local:' quarantine method (default), the following applies: +# +# A finer control of quarantining is available through +# variables $virus_quarantine_method/$spam_quarantine_method/ +# $banned_files_quarantine_method/$bad_header_quarantine_method. +# +# The value of scalar $virus_quarantine_to/$spam_quarantine_to (or a +# per-recipient lookup result from lookup tables @@virus_quarantine_to_maps) +# is/are interpreted as follows: +# +# VARIANT 1: +# empty or undef disables quarantine; +# +# VARIANT 2: +# a string NOT containing an '@@'; +# amavisd will behave as a local delivery agent (LDA) and will quarantine +# viruses to local files according to hash %local_delivery_aliases (pseudo +# aliases map) - see subroutine mail_to_local_mailbox() for details. +# Some of the predefined aliases are 'virus-quarantine' and 'spam-quarantine'. +# Setting $virus_quarantine_to ($spam_quarantine_to) to this string will: +# +# * if $QUARANTINEDIR is a directory, each quarantined virus will go +# to a separate file in the $QUARANTINEDIR directory (traditional +# amavis style, similar to maildir mailbox format); +# +# * otherwise $QUARANTINEDIR is treated as a file name of a Unix-style +# mailbox. All quarantined messages will be appended to this file. +# Amavisd child process must obtain an exclusive lock on the file during +# delivery, so this may be less efficient than using individual files +# or forwarding to MTA, and it may not work across NFS or other non-local +# file systems (but may be handy for pickup of quarantined files via IMAP +# for example); +# +# VARIANT 3: +# any email address (must contain '@@'). +# The e-mail messages to be quarantined will be handed to MTA +# for delivery to the specified address. If a recipient address local to MTA +# is desired, you may leave the domain part empty, e.g. 'infected@@', but the +# '@@' character must nevertheless be included to distinguish it from variant 2. +# +# This variant enables more refined delivery control made available by MTA +# (e.g. its aliases file, other local delivery agents, dealing with +# privileges and file locking when delivering to user's mailbox, nonlocal +# delivery and forwarding, fan-out lists). Make sure the mail-to-be-quarantined +# will not be handed back to amavisd for checking, as this will cause a loop +# (hopefully broken at some stage)! If this can be assured, notifications +# will benefit too from not being unnecessarily virus-scanned. +# +# By default this is safe to do with Postfix and Exim v4 and dual-sendmail +# setup, but probably not safe with sendmail milter interface without tricks. + +# (default values are: virus-quarantine, banned-quarantine, spam-quarantine) + +$virus_quarantine_to = 'virus-quarantine'; # traditional local quarantine +#$virus_quarantine_to = 'infected@@'; # forward to MTA for delivery +#$virus_quarantine_to = "virus-quarantine\@@$mydomain"; # similar +#$virus_quarantine_to = 'virus-quarantine@@example.com'; # similar +#$virus_quarantine_to = undef; # no quarantine +# +# lookup key is envelope recipient address: +#@@virus_quarantine_to_maps = ( # per-recip multiple quarantines +# new_RE( [qr'^user@@example\.com$'i => 'infected@@'], +# [qr'^(.*)@@example\.com$'i => 'virus-${1}@@example.com'], +# [qr'^(.*)(@@[^@@])?$'i => 'virus-${1}${2}'] ), +# $virus_quarantine_to, # the usual default +#); + +# similar for banned names and bad headers and spam (set to undef to disable) +$banned_quarantine_to = 'banned-quarantine'; # local quarantine +$bad_header_quarantine_to = 'bad-header-quarantine'; # local quarantine +$spam_quarantine_to = 'spam-quarantine'; # local quarantine + +# or to a mailbox: +#$spam_quarantine_to = "spam-quarantine\@@$mydomain"; +# +#@@spam_quarantine_to_maps = ( # per-recip quarantines +# new_RE( [qr'^(.*)@@example\.com$'i => 'spam-${1}@@example.com'] ), +# $spam_quarantine_to, # the usual default +#); + + +# In addition to per-recip quarantine, a by-sender lookup is possible. +# It is similar to $spam_quarantine_to, but the lookup key is the +# envelope sender address: +#$spam_quarantine_bysender_to = undef; # dflt: no by-sender spam quarantine + + +# Spam level beyond which quarantining is disabled (global value): +#$sa_quarantine_cutoff_level = 20; # dflt: undef, which disables this feature + +#@@spam_quarantine_cutoff_level_maps = ( # per-recip. quarantine cutoff levels +# { 'user1@@example.com' => 20.5, +# 'postmaster@@example.com' => 9999, +# '.example.com' => 25 }, +# \$sa_quarantine_cutoff_level, # catchall default +#); + + +# Add X-Virus-Scanned header field to mail? +$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: 'X-Virus-Scanned') + +# Set to empty to add no header field # (dflt "$myproduct_name at $mydomain") +# $X_HEADER_LINE = "$myproduct_name at $mydomain"; +# $X_HEADER_LINE = "by $myproduct_name using ClamAV at $mydomain"; +# $X_HEADER_LINE = "$myproduct_name $myversion_id ($myversion_date) at $mydomain"; + +# a string to prepend to Subject (for local recipients only) if mail could +# not be decoded or checked entirely, e.g. due to password-protected archives +$undecipherable_subject_tag = '***UNCHECKED*** '; # undef disables it + +# MIME defanging wraps the entire original mail in a MIME container of type +# 'Content-type: multipart/mixed', where the first part is a text/plain with +# a short explanation, and the second part is a complete original mail, +# enclosed in a 'Content-type: message/rfc822' MIME part. +# Defanging is only done when enabled (selectively by malware type), +# and mail is considered malware (virus/spam/...), and the malware is allowed +# to pass (*_lovers or *_destiny=D_PASS) +# +$defang_virus = 1; # default is false: don't modify mail body +$defang_banned = 1; # default is false: don't modify mail body +# $defang_bad_header = 1; # default is false: don't modify mail body +# $defang_undecipherable = 1; # default is false: don't modify mail body +# $defang_spam = 1; # default is false: don't modify mail body + +# NOTE: setting the following variables to true may break mail signatures +# (DKIM and DomainKeys) when verification is done after content filtering: +# $remove_existing_x_scanned_headers, $remove_existing_x_scanned_headers, +# and $allow_fixing_improper_header_folding (and defanging, described +# elsewhere). This is rarely an issue, as mail signing should be done +# after content filtering, and mail verification should preferably be done +# before filtering or by SpamAssassin called from within amavisd, which +# sees still-unmodified mail. +# +$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone + # (defaults to false) +#$remove_existing_x_scanned_headers= 1; # remove existing X-Virus-Scanned +#$remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone +$remove_existing_spam_headers = 1; # remove existing spam headers if + # spam scanning is enabled (default) +#$allow_fixing_improper_header_folding = 1; # (default is true) + +# set $bypass_decode_parts to true if you only do spam scanning, or if you +# have a good virus scanner that can deal with compression and recursively +# unpacking archives by itself, and save amavisd the trouble. +# Disabling decoding also causes banned_files checking NOT to see MIME types +# and content classification types as provided by the file(1) utility. +# It is a double-edged sword, make sure you know what you are doing! +# +#$bypass_decode_parts = 1; # (defaults to false) + +# don't trust this file type or corresponding unpacker for this file type, +# keep both the original and the unpacked file for a virus checker to see +# (lookup key is what file(1) utility returned): +# +@@keep_decoded_original_maps = (new_RE( +# qr'^MAIL$', # retain full original message for virus checking (can be slow) + qr'^MAIL-UNDECIPHERABLE$', # retain full mail if it contains undecipherables + qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, +# qr'^Zip archive data', # don't trust Archive::Zip +)); + + +# Checking for banned MIME types and names. If any mail part matches, +# the whole mail is rejected. Object $banned_filename_re provides a list +# of Perl regular expressions to be matched against each part's: +# +# * Content-Type value (both declared and effective mime-type), +# such as the possible security-risk content types +# 'message/partial' and 'message/external-body', as specified in rfc2046 +# or 'application/x-msdownload' and 'application/x-msdos-program'; +# +# * declared (recommended) file names as specified by MIME subfields +# Content-Disposition.filename and Content-Type.name, both in their +# raw (encoded) form and in rfc2047-decoded form if applicable +# as well as (recommended) file names specified in archives; +# +# * file content type as guessed by 'file(1)' utility, mapped +# (by @@map_full_type_to_short_type_maps) into short type names such as +# .asc, .txt, .html, .doc, .jpg, .pdf, .zip, .exe-ms, ..., which always +# starts with a dot. These short types are available unless +# $bypass_decode_parts is true. +# +# All nodes (mail parts) of the fully recursively decoded mail and embedded +# archives are checked, each node independently from remaining nodes. +# +# For each node all its ancestor nodes including itself are checked against +# $banned_filename_re lookup list, top-down. The search for a node stops +# at the first match, the right-hand side of the matching key determines +# the result (true or false, absent right-hand side implies true, as explained +# in README.lookups). +# +# Although repeatedly re-checking ancestor nodes may seem excessive, it gives +# the opportunity to specify rules which make a particular node hide its +# descendents, e.g. allow any name or file type within a .zip, even though +# .exe files may otherwise not be allowed. +# +# Leave $banned_filename_re undefined to disable these checks +# (giving an empty list to new_RE() will also always return false) + +# for $banned_namepath_re (a new-style of banned table) see amavisd.conf-sample + +$banned_filename_re = new_RE( + +### BLOCKED ANYWHERE +# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components + qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary +# qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types + +### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: +# [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2 + [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives + + qr'.\.(pif|scr)$'i, # banned extensions - rudimentary +# qr'^\.zip$', # block zip type + +### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES: +# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives + + qr'^application/x-msdownload$'i, # block these MIME types + qr'^application/x-msdos-program$'i, + qr'^application/hta$'i, + +# qr'^message/partial$'i, # rfc2046 MIME type +# qr'^message/external-body$'i, # rfc2046 MIME type + +# qr'^(application/x-msmetafile|image/x-wmf)$'i, # Windows Metafile MIME type +# qr'^\.wmf$', # Windows Metafile file(1) type + + # block certain double extensions in filenames + qr'\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i, + +# qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Class ID CLSID, strict +# qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extension CLSID, loose + + qr'.\.(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic +# qr'.\.(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd +# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| +# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst| +# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs| +# wmf|wsc|wsf|wsh)$'ix, # banned ext - long +# qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename +# qr'^\.ani$', # banned animated cursor file(1) type + +# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. +); +# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631 +# and http://www.cknow.com/vtutor/vtextensions.htm + +# A little trick: a pattern qr'\.exe$' matches both a short type name '.exe', +# as well as any file name which happens to end with .exe. If only matching +# a file name is desired, but not the short type, a pattern qr'.\.exe$'i +# or similar may be used, which requires that at least one character precedes +# the '.exe', and so it will never match short file types which always start +# with a dot. + + +# the syntax of these Perl regular expressions is a bit awkward if not +# familiar with them, so please do follow examples and stick to the idioms: +# \A ... at the beginning of the first component +# \z ... at the end of the the last (leaf) component +# ^ ... at the beginning of each component in the path +# $ ... at the end of each component in the path +# (.*\t)? ... at the beginning of a field +# (\t.*)? ... at the end of a field +# \t(.*\t)* ... separating fields +# [^\t\n] ... any single character, but don't escape from this field +# (.*\n)+ ... one or more levels down +# (?#...) ... a comment within a regexp + +# new-style of banned lookup table +$banned_namepath_re = new_RE( + +### BLOCKED ANYWHERE + + qr'(?# BLOCK Microsoft EXECUTABLES and DLL ) + ^ (.*\t)? T=(exe-ms|dll) (\t.*)? $'xm, # banned file(1) types, rudimentary + +# qr'(?# BLOCK ANY EXECUTABLE ) +# ^ (.*\t)? T=exe (\t.*)? $'xm, # banned file(1) type + +# qr'(?# BLOCK THESE TYPES ) +# ^ (.*\t)? T=(exe|lha|tnef|cab|dll) (\t.*)? $'xm, # banned file(1) types + + +### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: + +# # within traditional gzip and bzip2 allow any name and type +# [ qr'(?#rule-3) ^ (.*\t)? T=(gz|bz2) (\t.*)? $'xmi => 0 ], # allow + + # within traditional Unix archives allow any name and type + [ qr'(?#rule-4) ^ (.*\t)? T=(tar|rpm|cpio) (\t.*)? $'xmi => 0 ], # allow + + # banned filename extensions (in declared names) anywhere - rudimentary + qr'(?# BLOCK COMMON NAME EXENSIONS ) + ^ (.*\t)? N= [^\t\n]* \. (pif|scr) (\t.*)? $'xmi, + +# # block anything within a zip +# qr'(?#rule-5) ^ (.*\t)? T=zip (\t.*)? (.*\n)+ .* $'xmi, + + +### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES OR CRYPTED: + +# # within PC archives allow any types or names at any depth +# [ qr'(?#rule-7) ^ (.*\t)? T=(zip|rar|arc|arj|zoo) (\t.*)? $'xmi => 0 ], # ok + +# # within certain archives allow leaf members at any depth if crypted +# [ qr'(?# ALLOW ENCRYPTED ) +# ^ (.*\t)? T=(zip|rar|arj) (.*\n)+ (.*\t)? A=C (\t.*)? \z'xmi => 0 ], + +# # allow crypted leaf members regardless of their name or type +# [ qr'(?# ALLOW IF ENCRYPTED ) ^ (.*\t)? A=C (\t.*)? \z'xmi => 0 ], + + # block these MIME types + qr'(?#NO X-MSDOWNLOAD) ^(.*\t)? M=application/x-msdownload (\t.*)? $'xmi, + qr'(?#NO X-MSDOS-PROGRAM)^(.*\t)? M=application/x-msdos-program(\t.*)? $'xmi, + qr'(?#NO HTA) ^(.*\t)? M=application/hta (\t.*)? $'xmi, + +# # block rfc2046 MIME types +# qr'(?# BLOCK RFC2046 ) ^ (.*\t)? M=message/partial (\t.*)? $'xmi, +# qr'(?# BLOCK RFC2046 ) ^ (.*\t)? M=message/external-body (\t.*)? $'xmi, + +# qr'(?#No Metafile MIME) ^(.*\t)? M=application/x-msmetafile (\t.*)? $'xmi, +# qr'(?#No Metafile MIME) ^(.*\t)? M=image/x-wmf (\t.*)? $'xmi, +# qr'(?#No Metafile file) ^(.*\t)? T=wmf (\t.*)? $'xm, +# qr'(?#No animated cursors) ^(.*\t)? T=ani (\t.*)? $'xm, + + # block certain double extensions in filenames + qr'(?# BLOCK DOUBLE-EXTENSIONS ) + ^ (.*\t)? N= [^\t\n]* \. [^./\t\n]* [A-Za-z] [^./\t\n]* \. \ * + (exe|vbs|pif|scr|bat|cmd|com|cpl|dll) [. ]* (\t.*)? $'xmi, + + [ qr'(?# BLOCK EMPTY MIME PART APPLICATION/OCTET-STREAM ) + ^ (.*\t)? M=application/(octet-stream|x-msdownload|x-msdos-program) + \t(.*\t)* T=empty (\t.*)? $'xmi + => 'DISCARD' ], + +# [ qr'(?# BLOCK EMPTY MIME PARTS ) +# ^ (.*\t)? M= [^\t\n]+ \t(.*\t)* T=empty (\t.*)? $'xmi => 'DISCARD' ], + +# # block Class ID (CLSID) extensions in filenames, strict +# qr'(?# BLOCK CLSID-EXTENSIONS ) +# ^ (.*\t)? N= [^\t\n]* \{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}? +# [^\t\n]* (\t.*)? $'xmi, + +# # banned suggested names with three or more consecutive spaces +# qr'(?# BLOCK NAMES WITH SPACES ) +# ^ (.*\t)? N= [^\t\n]* [ ]{3,} 'xmi, + +# # block if any component can not be decoded (is encrypted or bad archive) +# qr'(?# BLOCK IF UNDECIPHERABLE ) ^ (.*\t)? A=U (\t.*)? \z'xmi, + +# [ qr'(?# SPECIAL ALLOWANCES - MAGIC NAMES) +# \A (.*\t)? T=(rpm|cpio|tar|zip|rar|arc|arj|zoo|Z|gz|bz2) +# \t(.*\t)* N=example\d+[^\t\n]* +# (\t.*)? $'xmi => 0 ], + + # banned filename extensions (in suggested names) anywhere - basic + qr'(?# BLOCK COMMON NAME EXENSIONS ) + ^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|cpl) (\t.*)? $'xmi, + +# # banned filename extensions (in suggested names) anywhere - basic+cmd +# qr'(?# BLOCK COMMON NAME EXENSIONS ) +# ^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|cpl|bat|cmd|com) (\t.*)? $'xmi, + +# # banned filename extensions (in suggested names) anywhere - long +# qr'(?# BLOCK MORE NAME EXTENSIONS ) +# ^ (.*\t)? N= [^\t\n]* \. ( +# ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| +# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst| +# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs| +# wmf|wsc|wsf|wsh) (\t.*)? $'xmi, + +# qr'(?# BLOCK CURSOR AND ICON NAME EXENSIONS ) +# ^ (.*\t)? N= [^\t\n]* \. (ani|cur|ico) (\t.*)? $'xmi, + +# # banned filename extensions anywhere - WinZip vulnerability (pre-V9) +# qr'(?# BLOCK WinZip VULNERABILITY EXENSIONS ) +# ^ (.*\t)? N= [^\t\n]* \. (mim|b64|bhx|hqx|xxe|uu|uue) (\t.*)? $'xmi, + +); + +# use old or new style of banned lookup table; not both to avoid confusion +# +# @@banned_filename_maps = (); # to disable old-style + $banned_namepath_re = undef; # to disable new-style + + +%banned_rules = ( + 'MYNETS-DEFAULT' => new_RE( # permissive set of rules for internal hosts + [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any name/type in Unix archives + qr'.\.(vbs|pif|scr)$'i, # banned extension - rudimentary + ), + 'DEFAULT' => $banned_filename_re, +); + + +# +# Section V - Per-recipient and per-sender handling, whitelisting, etc. +# + +# @@virus_lovers_maps list of lookup tables: +# (this should be considered a policy option, is does not disable checks, +# see bypass*checks for that!) +# +# Exclude certain RECIPIENTS from virus filtering by adding their (lower-cased) +# envelope e-mail address (or domain only) to one of the lookup tables in +# the @@virus_lovers_maps list - see README.lookups and examples. +# Make sure the appropriate form (e.g. external/internal) of address +# is used in case of virtual domains, or when mapping external to internal +# addresses, etc. - this is MTA-specific. +# +# Notifications would still be generated however (see the overall +# picture above), and infected mail (if passed) gets additional header: +# X-AMaViS-Alert: INFECTED, message contains virus: ... +# (header not inserted with Courier or milter interface!) +# +# Setting $final_*_destiny=D_PASS is functionally equivalent to having +# all recipients match the @@*_lovers_maps. +# +# NOTE (milter interface only): in case of multiple recipients, +# it is only possible to drop or accept the message in its entirety - for all +# recipients. If all of them are virus lovers, we'll accept mail, but if +# at least one recipient is not a virus lover, we'll discard the message. + + +# @@bypass_virus_checks_maps list of lookup tables: +# (this is mainly a time-saving option, unlike virus_lovers* !) +# +# Similar in concept to @@virus_lovers_maps, a @@bypass_virus_checks_maps +# is used to skip entirely the decoding, unpacking and virus checking, +# but only if ALL recipients match the lookup. +# +# @@bypass_virus_checks_maps does NOT GUARANTEE the message will NOT be checked +# for viruses - this may still happen when there is more than one recipient +# for a message and not all of them match these lookup tables, or when +# check result was cached (i.e. the same contents was recently sent to other +# recipients). To guarantee virus delivery, a recipient must also match +# @@virus_lovers_maps lookups (but see milter limitations above), +# +# The following table summarizes the possible combinations: +# bypass lover +# 0 0 useful, check for malware and block it +# 0 1 useful, check but deliver nevertheless, possibly tagged +# 1 0 not too useful, free riding on cached or other-people's checks +# 1 1 useful, no checks if possible, and no effects + +# NOTE: it would not be clever to base enabling of virus checks on SENDER +# address, since there are no guarantees that it is genuine. Many viruses +# and spam messages fake sender address. To achieve selective filtering +# based on the source of the mail (e.g. IP address, MTA port number, ...), +# use mechanisms provided by MTA if available, possibly combined with policy +# banks feature. + +# Similar to lists of lookup tables controlling virus checking, there are +# counterparts for spam scanning, banned names/types, and headers_checks +# control: +# @@spam_lovers_maps, +# @@banned_files_lovers_maps, +# @@bad_header_lovers_maps +# and: +# @@bypass_spam_checks_maps, +# @@bypass_banned_checks_maps, +# @@bypass_header_checks_maps + +# Example: +# @@bypass_header_checks_maps = ( [qw( user@@example.com )] ); +# @@bad_header_lovers_maps = ( [qw( user@@example.com )] ); + +# The following example disables spam checking altogether, +# since it matches any recipient e-mail address. +# @@bypass_spam_checks_maps = (1); + + +# See README.lookups for further detail, and examples below. + +# In the following example a list of lookup tables @@virus_lovers_maps +# contains three elements, the first is a reference to an ACL lookup table +# (brackets in Perl indicate a ref to a list), the second is a reference +# to a hash lookup table (curly braces in Perl indicate a ref to a hash), +# the third is a regexp lookup table, indicated by the type of object +# created by new_RE() : +# +#@@virus_lovers_maps = ( +# [ qw( me@@lab.xxx.com !lab.xxx.com .xxx.com yyy.org ) ], +# { "postmaster\@@$mydomain" => 1, # double quotes permit variable evaluation +# 'postmaster@@example.com'=> 1, # in single quotes the '@@' need not be quoted +# 'abuse@@example.com'=> 1, +# 'some.user@@' => 1, # this recipient, regardless of domain +# 'boss@@example.com' => 0, # never, even if domain matches +# 'example.com' => 1, # this domain, but not its subdomains +# '.example.com' => 1, # this domain, including its subdomains +# }, +# new_RE( qr'^(helpdesk|postmaster)@@example\.com$'i ), +#); + +#@@spam_lovers_maps = ( +# ["postmaster\@@$mydomain", 'postmaster@@example.com', 'abuse@@example.com'], +#); + +#@@bad_header_lovers_maps = ( +# ["postmaster\@@", "abuse\@@$mydomain"], +#); + + +# as an alternative to fiddling with @@_lovers_maps and similar _maps, here +# is an illustration of using a more general *_by_ccat associative array, +# introduced with 2.4.0, like %lovers_maps_by_ccat in this example: +# +#$lovers_maps_by_ccat{+CC_SPAM} = [ +# read_hash("$MYHOME/etc/spam_lovers.txt"), +# [qw(postmaster@@example.com abuse@@example.com)], +#]; +# +#$lovers_maps_by_ccat{+CC_BANNED} = [ +# { map {lc $_ => 1} # construct a hash lookup table from a list +# qw(user1@@example.com user2.example.com) +# }, +#]; + + +# to save some typing of quotes and commas, a Perl operator qw can be used +# to split its argument on whitespace and to quote resulting elements: +#@@bypass_spam_checks_maps = ( +# [ qw( some.ddd !butnot.example.com .example.com ) ], +#); + + +# don't run spam check for these RECIPIENT domains: +# @@bypass_spam_checks_maps = ( [qw( d1.com .d2.com a.d3.com )] ); +# or the other way around (bypass check for all BUT these): +# @@bypass_spam_checks_maps = ( [qw( !d1.com !.d2.com !a.d3.com . )] ); +# a practical application: don't check outgoing mail for spam: +# @@bypass_spam_checks_maps = ( [ "!.$mydomain", "." ] ); +# or calculated (negated) from the %local_domains: +# @@bypass_spam_checks_maps = +# ( {map {$_ => !$local_domains{$_}} keys %local_domains}, 1); +# (a downside of which is that such mail will not count as ham in SA bayes db) +# +# Note that 'outgoing' is not the same as 'originating from inside'. We refer +# to 'outgoing' here as 'mail addressed to recipients outside our domain(s)'. +# The internal-to-internal mail is not outgoing, but is still originating from +# inside. To base rules on 'originating from inside', the use of a policy bank +# with 'originating => 1' is needed (such as MYNETS), in conjunction with +# XFORWARD Postfix extension to SMTP. + +# Where to find SQL server(s) and database to support SQL lookups? +# A list of triples: (dsn,user,passw). (dsn = data source name) +# More than one entry may be specified for multiple (backup) SQL servers. +# See 'man DBI', 'man DBD::mysql', 'man DBD::Pg', ... for details. +# When chroot-ed, accessing SQL server over inet socket may be more convenient. +# +# @@lookup_sql_dsn = +# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'], +# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'], +# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] ); +# @@storage_sql_dsn = @@lookup_sql_dsn; # none, same, or separate database +# +# ('mail' in the example is the database name, choose what you like) +# With PostgreSQL the dsn (first element of the triple) may look like: +# 'DBI:Pg:dbname=mail;host=host1' + +# The SQL select clause to fetch per-recipient policy settings. +# The %k will be replaced by a comma-separated list of query addresses +# (e.g. full address, domain only (stripped level by level), and a catchall). +# Use ORDER if there is a chance that multiple records will match - the first +# match wins. If field names are not unique (e.g. 'id'), the later field +# overwrites the earlier in a hash returned by lookup, which is why we use +# '*,users.id' instead of just '*'. No need to uncomment the following +# assignment if the default is ok. +# $sql_select_policy = 'SELECT *,users.id FROM users,policy'. +# ' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'. +# ' ORDER BY users.priority DESC'; +# +# The SQL select clause to check sender in per-recipient whitelist/blacklist +# The first SELECT argument '?' will be users.id from recipient SQL lookup, +# the %k will be sender addresses (e.g. full address, domain only, catchall). +# The default value is: +# $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'. +# ' WHERE (wblist.rid=?) AND (wblist.sid=mailaddr.id)'. +# ' AND (mailaddr.email IN (%k))'. +# ' ORDER BY mailaddr.priority DESC'; +# +# To disable SQL white/black list, set to undef (otherwise comment-out +# the following statement, leaving it at the default value): +$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting + +# Controls the format of timestamps in the field msgs.time_iso: +# $timestamp_fmt_mysql = 1; # if using MySQL *and* msgs.time_iso is TIMESTAMP; +# defaults to 0, which is good for non-MySQL or if msgs.time_iso is CHAR(16) + +# Does a database mail address field with no '@@' character represent a +# local username or a domain name? By default it implies a username in +# SQL and LDAP lookups (but represents a domain in hash and acl lookups), +# so domain names in SQL and LDAP should be specified as '@@domain'. +# Setting these to true will cause 'xxx' to be interpreted as a domain +# name, just like in hash or acl lookups. +# +# $sql_lookups_no_at_means_domain = 0; # default is 0 +# $ldap_lookups_no_at_means_domain = 0; # default is 0 + +# Here is an example of a SELECT clause that fabricates an artificial 'users' +# table from actual table 'postfix_domains' containing a field 'domain_name'. +# The effect is that domains listed in the 'postfix_domains' table will be +# treated as local by amavisd, and be given settings from a policy id 99 +# if such a policy id exists, or just fall back to static lookups. +# The user.id (with a value 1) is there only to provide a user id (same id +# for all listed domains) when global SQL-based white/blacklisting is used. +# +# $sql_lookups_no_at_means_domain = 1; +# $sql_select_policy = +# 'SELECT *, user.id'. +# ' FROM (SELECT 1 as id, 99 as policy_id, "Y" AS local'. +# ' FROM postfix_domains WHERE domain_name IN (%k)) AS user'. +# ' LEFT JOIN policy ON policy_id=policy.id'; + +# If passing malware to certain recipients ($final_*_destiny=D_PASS or +# *_lovers), the recipient-based lookup tables @@addr_extension_*_maps may +# return a string, which (if nonempty) will be added as an address extension +# to the local-part of the recipient's address. This extension may be used +# by the final local delivery agent (LDA) to place such mail into different +# subfolders (the extension is usually interpreted as a folder name). +# This is sometimes known as the 'plus addressing'. Appending address +# extensions is prevented when: +# - recipient does not match lookup tables @@local_domains_maps; +# - lookup into corresponding @@addr_extension_*_maps results +# in an empty string or undef; +# - $recipient_delimiter is empty (see below) +# LDAs usually default to stripping away address extension if no special +# handling is specified or if a named subfolder or alias does not exist, +# so adding address extensions normally does no harm. + +# @@addr_extension_virus_maps = ('virus'); # defaults to empty +# @@addr_extension_spam_maps = ('spam'); # defaults to empty +# @@addr_extension_banned_maps = ('banned'); # defaults to empty +# @@addr_extension_bad_header_maps = ('badh'); # defaults to empty +# +# A more complex example: +# @@addr_extension_virus_maps = ( +# {'sub.example.com'=>'infected', '.example.com'=>'filtered'}, 'virus' ); + +# Delimiter between local part of the envelope recipient address and address +# extension (which can optionally be added, see @@addr_extension_*_maps. E.g. +# recipient address is changed to . +# +# Delimiter must match the equivalent (final) MTA delimiter setting. +# (e.g. for Postfix add 'recipient_delimiter = +' to main.cf) +# Setting it to an empty string or to undef disables adding extensions +# regardless of $addr_extension_*_maps. + +# $recipient_delimiter = '+'; # (default is undef, i.e. disabled) + +# true: replace extension; false: append extension +# $replace_existing_extension = 1; # (default is true) + +# Affects matching of localpart of e-mail addresses (left of '@@') +# in lookups: true = case sensitive, false = case insensitive +$localpart_is_case_sensitive = 0; # (default is false) + + +# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING + +# Instead of hard black- or whitelisting, a softer approach is to add +# score points (penalties) to the SA score for mail from certain senders. +# Positive points lean towards blacklisting, negative towards whitelisting. +# This is much like adding SA rules or using its white/blacklisting, except +# that here only envelope sender addresses are considered (not addresses +# in a mail header), and that score points can be assigned per-recipient +# (or globally), and the assigned penalties are customarily much lower +# than the default SA white/blacklisting score. +# +# The table structure is similar to $per_recip_blacklist_sender_lookup_tables +# i.e. the first level key is recipient, pointing to by-sender lookup tables. +# The essential difference is that scores from _all_ matching by-recipient +# lookups (not just the first that matches) are summed to give the final +# score boost. That means that both the site and domain administrators, +# as well as the recipient can have a say on the final score. +# +# NOTE: keep hash keys in lowercase, either manually or by using function lc + +@@score_sender_maps = ({ # a by-recipient hash lookup table + +# # per-recipient personal tables (NOTE: positive: black, negative: white) +# 'user1@@example.com' => [{'bla-mobile.press@@example.com' => 10.0}], +# 'user3@@example.com' => [{'.ebay.com' => -3.0}], +# 'user4@@example.com' => [{'cleargreen@@cleargreen.com' => -7.0, +# '.cleargreen.com' => -5.0}], + + # site-wide opinions about senders (the '.' matches any recipient) + '.' => [ # the _first_ matching sender determines the score boost + + new_RE( # regexp-type lookup table, just happens to be all soft-blacklist + [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@@'i => 5.0], + [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@@'i=> 5.0], + [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@@'i=> 5.0], + [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@@'i => 5.0], + [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@@'i => 5.0], + [qr'^(your_friend|greatoffers)@@'i => 5.0], + [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@@'i => 5.0], + [ qr'@@strato(?:-rz)\.de$'i => -5.0 ], + [ qr'^Doris\.Hennig@@BA-MH\.Verwalt-Berlin\.de$'i => -5.0 ], + [ qr'^doris@@hennig-berlin\.org$'i => -5.0 ], + ), + +# read_hash("/var/amavis/sender_scores_sitewide"), + + { # a hash-type lookup table (associative array) + 'nobody@@cert.org' => -3.0, + 'cert-advisory@@us-cert.gov' => -3.0, + 'owner-alert@@iss.net' => -3.0, + 'slashdot@@slashdot.org' => -3.0, + 'securityfocus.com' => -3.0, + 'ntbugtraq@@listserv.ntbugtraq.com' => -3.0, + 'security-alerts@@linuxsecurity.com' => -3.0, + 'mailman-announce-admin@@python.org' => -3.0, + 'amavis-user-admin@@lists.sourceforge.net'=> -3.0, + 'amavis-user-bounces@@lists.sourceforge.net' => -3.0, + 'spamassassin.apache.org' => -3.0, + 'notification-return@@lists.sophos.com' => -3.0, + 'owner-postfix-users@@postfix.org' => -3.0, + 'owner-postfix-announce@@postfix.org' => -3.0, + 'owner-sendmail-announce@@lists.sendmail.org' => -3.0, + 'sendmail-announce-request@@lists.sendmail.org' => -3.0, + 'donotreply@@sendmail.org' => -3.0, + 'ca+envelope@@sendmail.org' => -3.0, + 'noreply@@freshmeat.net' => -3.0, + 'owner-technews@@postel.acm.org' => -3.0, + 'ietf-123-owner@@loki.ietf.org' => -3.0, + 'cvs-commits-list-admin@@gnome.org' => -3.0, + 'rt-users-admin@@lists.fsck.com' => -3.0, + 'clp-request@@comp.nus.edu.sg' => -3.0, + 'surveys-errors@@lists.nua.ie' => -3.0, + 'emailnews@@genomeweb.com' => -5.0, + 'yahoo-dev-null@@yahoo-inc.com' => -3.0, + 'returns.groups.yahoo.com' => -3.0, + 'clusternews@@linuxnetworx.com' => -3.0, + lc('lvs-users-admin@@LinuxVirtualServer.org') => -3.0, + lc('owner-textbreakingnews@@CNNIMAIL12.CNN.COM') => -5.0, + 'niels@@google.com' => -3.0, + 'kameu@@gmx.de' => -3.0, + + # soft-blacklisting (positive score) + 'sender@@example.net' => 3.0, + '.example.net' => 1.0, + + }, + ], # end of site-wide tables +}); + + +# ENVELOPE SENDER WHITELISTING / BLACKLISTING - GLOBAL (RECIPIENT-INDEPENDENT) +# (affects spam checking only, has no effect on virus and other checks) + +# WHITELISTING: use ENVELOPE SENDER lookups to ENSURE DELIVERY from whitelisted +# senders even if the message would be recognized as spam. Effectively, for +# the specified senders, message recipients temporarily become 'spam_lovers'. +# To avoid surprises, whitelisted sender also suppresses inserting/editing +# the tag2-level header fields (X-Spam-*, Subject), appending spam address +# extension, and quarantining. +# +# BLACKLISTING: messages from specified SENDERS are DECLARED SPAM. +# Effectively, for messages from blacklisted envelope sender addresses, spam +# level is artificially pushed high, and the normal spam processing applies, +# resulting in 'X-Spam-Flag: YES', high 'X-Spam-Level' bar and other usual +# reactions to spam, including possible rejection. If the message nevertheless +# still passes (e.g. for spam loving recipients), it is tagged as BLACKLISTED +# in the 'X-Spam-Status' header field, but the reported spam value and +# set of tests in this report header field (if available from SpamAssassin, +# which may or may not have been called) is not adjusted. +# +# A sender may be both white- and blacklisted at the same time, settings +# are independent. For example, being both white- and blacklisted, message +# is delivered to recipients, but is not tagged as spam (X-Spam-Flag: No; +# X-Spam-Status: No, ...), but the reported spam level (if computed) may +# still indicate high spam score. +# +# If ALL recipients of the message either white- or blacklist the sender, +# spam scanning (calling the SpamAssassin) is bypassed, saving on time. +# +# The following variables (lists of lookup tables) are available, +# with the semantics and syntax as specified in README.lookups: +# @@whitelist_sender_maps, @@blacklist_sender_maps + +# SOME EXAMPLES: +# +#ACL: +# @@whitelist_sender_maps = ( ['.example.org', '.example.net'] ); +# @@whitelist_sender_maps = ( [qw(.example.org .example.net)] ); # same thing +# +# @@whitelist_sender_maps = ( [".$mydomain"] ); # $mydomain and its subdomains +# NOTE: This is not a reliable way of turning off spam checks for +# locally-originating mail, as sender address can easily be faked. +# To reliably avoid spam-scanning outgoing mail, use @@bypass_spam_checks_maps +# for nonlocal recipients. To reliably avoid spam scanning for locally +# originating mail (including internal-to-internal mail), recognized by +# the original SMTP client IP address matching @@mynetworks, use policy bank +# MYNETS, adjust @@mynetworks, and turn on XFORWARD in the Postfix smtp client +# service feeding amavisd. + +#with regexps: +# @@whitelist_sender_maps = ( new_RE( +# qr'^postmaster@@.*\bexample\.com$'i, +# qr'^owner-[^@@]*@@'i, qr'-request@@'i, +# qr'\.example\.com$'i +# )); + + +# illustrates the use of regexp lookup table: + +@@blacklist_sender_maps = ( new_RE( + qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@@'i, + qr'^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@@'i, + qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@@'i, + qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@@'i, + qr'^(workathome|yesitsfree|your_friend|greatoffers)@@'i, + qr'^(inkjetplanet|marketopt|MakeMoney)\d*@@'i, +)); + + +# NOTE: whitelisting is becoming deprecated because sender address is +# all too often faked; use @@score_sender_maps for soft-whitelisting! +# +# Illustrates the use of several lookup tables: +# +# @@whitelist_sender_maps = ( +# +# # read_hash("$MYHOME/whitelist_sender"), # a hash table read from a file +# +# # and another hash lookup table constructed in-line, with keys lowercased: +# { map {lc $_ => 1} qw( +# nobody@@cert.org +# cert-advisory@@us-cert.gov +# owner-alert@@iss.net +# slashdot@@slashdot.org +# bugtraq@@securityfocus.com +# NTBUGTRAQ@@LISTSERV.NTBUGTRAQ.COM +# security-alerts@@linuxsecurity.com +# amavis-user-admin@@lists.sourceforge.net +# amavis-user-bounces@@lists.sourceforge.net +# notification-return@@lists.sophos.com +# mailman-announce-admin@@python.org +# owner-postfix-users@@postfix.org +# owner-postfix-announce@@postfix.org +# owner-sendmail-announce@@lists.sendmail.org +# sendmail-announce-request@@lists.sendmail.org +# owner-technews@@postel.ACM.ORG +# lvs-users-admin@@LinuxVirtualServer.org +# ietf-123-owner@@loki.ietf.org +# cvs-commits-list-admin@@gnome.org +# rt-users-admin@@lists.fsck.com +# clp-request@@comp.nus.edu.sg +# surveys-errors@@lists.nua.ie +# emailNews@@genomeweb.com +# owner-textbreakingnews@@CNNIMAIL12.CNN.COM +# yahoo-dev-null@@yahoo-inc.com +# returns.groups.yahoo.com +# )}, +# +# # { '' => 1 }, # and another one, containing just an empty reverse path (DSN) +# +# ); + + +# ENVELOPE SENDER WHITELISTING / BLACKLISTING - PER-RECIPIENT + +# The same semantics as for global white/blacklisting applies, but this +# time each recipient (or its domain, or subdomain, ...) can be given +# an individual lookup table for matching senders. The per-recipient lookups +# take precedence over the global lookups, which serve as a fallback default. + +# Specify a two-level lookup table: the key for the outer table is recipient, +# and the result should be an inner lookup table (hash or ACL or RE), +# where the key used will be the sender. (Note that this structure is flatter +# than @@score_sender_maps, where the first level result is a ref to a _list_ +# of inner lookup tables, not a ref to a single lookup table.) +# +#$per_recip_blacklist_sender_lookup_tables = { +# 'user1@@my.example.com'=>new_RE(qr'^(inkjetplanet|marketopt|MakeMoney)\d*@@'i), +# 'user2@@my.example.com'=>[qw( spammer@@d1.example,org .d2.example,org )], +#}; +#$per_recip_whitelist_sender_lookup_tables = { +# 'user@@my.example.com' => [qw( friend@@example.org .other.example.org )], +# '.my1.example.com' => [qw( !foe.other.example,org .other.example,org )], +# '.my2.example.com' => read_hash("$MYHOME/my2-wl.dat"), +# 'abuse@@' => { 'postmaster@@'=>1, +# 'cert-advisory-owner@@cert.org'=>1, 'owner-alert@@iss.net'=>1 }, +#}; + + +# +# Section VI - Resource limits +# + +# Sanity limit to the number of allowed recipients per SMTP transaction +# $smtpd_recipient_limit = 1100; # (default is 1100) + +# Resource limits to protect unpackers, decompressors and virus scanners +# against mail bombs (e.g. 42.zip) + + +# Maximum recursion level for extraction/decoding (0 or undef disables limit) +$MAXLEVELS = 14; # (default is undef, no limit) + +# Maximum number of extracted files (0 or undef disables the limit) +$MAXFILES = 1500; # (default is undef, no limit) + +# For the cumulative total of all decoded mail parts we set max storage size +# to defend against mail bombs. Even though parts may be deleted (replaced +# by decoded text) during decoding, the size they occupied is _not_ returned +# to the quota pool. +# +# Parameters to storage quota formula for unpacking/decoding/decompressing +# Formula: +# quota = max($MIN_EXPANSION_QUOTA, +# $mail_size*$MIN_EXPANSION_FACTOR, +# min($MAX_EXPANSION_QUOTA, $mail_size*$MAX_EXPANSION_FACTOR)) +# In plain words (later condition overrules previous ones): +# allow MAX_EXPANSION_FACTOR times initial mail size, +# but not more than MAX_EXPANSION_QUOTA, +# but not less than MIN_EXPANSION_FACTOR times initial mail size, +# but never less than MIN_EXPANSION_QUOTA +# +$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) +$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) +$MIN_EXPANSION_FACTOR = 5; # times original mail size (default is 5) +$MAX_EXPANSION_FACTOR = 500; # times original mail size (default is 500) + +# expiration time of cached results: time to live in seconds +# (how long the result of a virus/spam test remains valid) +$virus_check_negative_ttl= 3*60; # time to remember that mail was not infected +$virus_check_positive_ttl= 30*60; # time to remember that mail was infected +$spam_check_negative_ttl = 10*60; # time to remember that mail was not spam +$spam_check_positive_ttl = 30*60; # time to remember that mail was spam +# +# NOTE: +# Cache size will be determined by the largest of the $*_ttl values. +# Depending on the mail rate, the cache database may grow quite large. +# Reasonable compromise for the max value is 15 minutes to 2 hours. + +# +# Section VII - External programs, virus scanners +# + +# Specify a path string, which is a colon-separated string of directories +# (no trailing slashes!) to be assigned to the environment variable PATH +# and to serve for locating external programs below. + +# NOTE: if $daemon_chroot_dir is nonempty, the directories will be +# relative to the chroot directory specified; + +$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/opt/bin'; + +# For external programs specify one string or a search list of strings (first +# match wins). The string (or: each string in a list) may be an absolute path, +# or just a program name, to be located via $path; +# Empty string or undef (=default) disables the use of that external program. +# Optionally command arguments may be specified - only the first substring +# up to the whitespace is used for file searching. + +$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability +$dspam = 'dspam'; + +# A list of pairs or n-tuples: [short-type, code_ref, optional-args...]. +# Maps short types to a decoding routine, the first match wins. +# Arguments beyond the first two can be program path string (or a listref of +# paths to be searched) or a reference to a variable containing such a path, +# which allows for lazy evaluation, making possible to assign values to +# legacy configuration variables even after the assignment to @@decoders. +# +@@decoders = ( + ['mail', \&do_mime_decode], + ['asc', \&do_ascii], + ['uue', \&do_ascii], + ['hqx', \&do_ascii], + ['ync', \&do_ascii], + ['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ], + ['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ], + ['gz', \&do_uncompress, 'gzip -d'], + ['gz', \&do_gunzip], + ['bz2', \&do_uncompress, 'bzip2 -d'], + ['lzo', \&do_uncompress, 'lzop -d'], + ['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ], + ['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ], + ['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ], + ['deb', \&do_ar, 'ar'], +# ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill + ['zip', \&do_unzip], + ['7z', \&do_7zip, ['7zr','7za','7z'] ], + ['rar', \&do_unrar, ['rar','unrar'] ], + ['arj', \&do_unarj, ['arj','unarj'] ], + ['arc', \&do_arc, ['nomarch','arc'] ], + ['zoo', \&do_zoo, ['zoo','unzoo'] ], + ['lha', \&do_lha, 'lha'], +# ['doc', \&do_ole, 'ripole'], + ['cab', \&do_cabextract, 'cabextract'], + ['tnef', \&do_tnef_ext, 'tnef'], + ['tnef', \&do_tnef], +# ['sit', \&do_unstuff, 'unstuff'], # broken/unsafe decoder + ['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ], +); + + +# SpamAssassin settings + +# $sa_local_tests_only is passed to Mail::SpamAssassin::new as a value +# of the option local_tests_only. See Mail::SpamAssassin man page. +# If set to 1, no SA tests that require internet access will be performed. +# +$sa_local_tests_only = 0; # only tests which do not require internet access? +#$sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant + # for SA 3.0, its cf option is use_auto_whitelist) + +$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger + # (less than 1% of spam is > 64k) + # default: undef, no limitations + +# default values, customarily used in the @@spam_*_level_maps as the last entry +$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level; + # undef is interpreted as lower than any spam level +$sa_tag2_level_deflt = 6.31;# add 'spam detected' headers at that level to + # passed mail, adding address extensions; +$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions + # at or above that level: bounce/reject/drop, + # quarantine +$sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, + # effectively turning D_BOUNCE into D_DISCARD; + # undef disables this feature and is a default; +# see also $sa_quarantine_cutoff_level above, which only controls quarantining + +# $penpals_bonus_score = 5; # (positive) score by which spam score is lowered + # when sender is known to have previously received mail from our + # local user from this mail system; zero or undef disables penpals + # lookups in SQL; default: undef +# $penpals_halflife = 10*24*60*60; #exponential decay time constant in seconds; + # penpal bonus is halved for each halflife period from the last mail + # sent by a local user to a current mail's sender; default: 7 days +# $penpals_threshold_low = 1.0; # no need for pen pals lookup on low spam score +# $penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam + +# $bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces + # bounce killer needs operational SQL logging (pen pals) ! + +# advanced example specifying per-recipient values using a hash lookup: +#@@spam_tag_level_maps = (\$sa_tag_level_deflt); # this is a default +#@@spam_tag2_level_maps = ( +# { 'user1@@example.com' => 8.0, '.example.com' => 6.0 }, +# \$sa_tag2_level_deflt, # catchall default +#); +#@@spam_kill_level_maps = ( +# { 'user1@@example.com' => 8.0, '.example.com' => 6.0 }, +# \$sa_kill_level_deflt, # catchall default +#); +#@@spam_dsn_cutoff_level_maps = ( +# { 'user1@@example.com' => 10, '.example.com' => 15 }, +# \$sa_dsn_cutoff_level, # catchall default +#); + +# selectively trim down bounces to domains sending their own bounces with +# non-null return path, to frequently abused domains, or to those sending +# marginal spam +@@spam_dsn_cutoff_level_bysender_maps = ( + { # an associative array (hash) lookup table, use lowercase keys + 'virgilio.it' => 7, 'mail.ru' => 7, '0451.com' => 7, + 'yahoo.co.uk' => 7, 'yahoo.co.jp' => 7, 'nobody@@' => 7, + 'noreply@@' => 0, 'no-reply@@' => 0, 'donotreply@@' => 0, + 'opt-in@@' => 0, 'opt-out@@' => 0, 'yahoo-dev-null@@' => 0, + '.optin-out.com' => 0, 'daily@@astrocenter.com' => 0, + 'spamadmin@@fraunhofer.de'=> 7, # Sophos PureMessage spam bounces + }, + \$sa_dsn_cutoff_level, # catchall default value +); + +# a quick reference: +# tag_level contents category: CC_CLEAN, +# controls adding the X-Spam-Status and X-Spam-Level headers, +# tag2_level contents category: CC_SPAMMY, +# controls adding 'X-Spam-Flag: YES', editing (tagging) Subject, +# and adding address extensions, +# tag3_level contents category: CC_SPAMMY, minor category 1, +# like tag2, but may insert different Subject tag +# e.g. @@spam_subject_tag3_maps=('***BLATANT*SPAM*** '); +# kill_level contents category: CC_SPAM, +# controls 'evasive actions' (reject, quarantine); +# it only makes sense to maintain the relationship: +# tag_level <= tag2_level <= tag3_level <= kill_level < +# < dsn_cutoff_level <= quarantine_cutoff_level + +# string to prepend to Subject header field when message exceeds tag2 level +#$sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disabled) + # (only seen when spam is passed and recipient is + # in local_domains*) +# more examples, using @@*_maps directly: +#@@spam_subject_tag_maps = ('[possible-spam:_SCORE_] '); +#@@spam_subject_tag2_maps = ('***SPAM*** _SCORE_ (_REQD_) '); +#@@spam_subject_tag3_maps = ('***BLATANT*SPAM**** _SCORE_ (_REQD_) '); +# another examples, using _maps_by_ccat: +#$subject_tag_maps_by_ccat{+CC_CLEAN} = [ +# { lc('TestUser@@example.net') => +# '**TEST:_U_,hits=_SCORE_,req=_REQD_,amid=_TASKID_,mid=_MAILID_**' } ]; + +#$sa_spam_modifies_subj = 1; # in @@spam_modifies_subj_maps, default is true + +# Example: modify Subject for all local recipients except user@@example.com +#@@spam_modifies_subj_maps = ( [qw( !user@@example.com . )] ); + +#$sa_spam_level_char = '*'; # char for X-Spam-Level bar, defaults to '*'; + # undef or empty disables inserting X-Spam-Level +#$sa_spam_report_header = 0; # insert X-Spam-Report header field? default false + +# stop anti-virus scanning when the first scanner detects a virus? +#$first_infected_stops_scan = 1; # default is false, all scanners in a section + # are called + +# @@av_scanners is a list of n-tuples, where fields semantics is: +# 1. av scanner plain name, to be used in log and reports; +# 2a.scanner program name; this string will be submitted to subroutine +# find_external_programs(), which will try to find the full program path +# name during startup; if program is not found, this scanner is disabled. +# Besides a simple string (full program path name or just the basename +# to be looked for in PATH), this may be an array ref of alternative +# program names or full paths - the first match in the list will be used; +# 2b.alternatively, this second field may be a subroutine reference, +# and the whole n-tuple entry is passed to it as args; it should return +# a triple: ($scan_status,$output,$virusnames_ref), where: +# - $scan_status is: true if a virus was found, 0 if no viruses, +# undef if scanner was unable to complete its job (failed); +# - $output is an optional result string to appear in logging and macro %v; +# - $virusnames_ref is a ref to a list of detected virus names (may be +# undef or a ref to an empty list); +# 3. command arguments to be given to the scanner program; +# a substring {} will be replaced by the directory name to be scanned, i.e. +# "$tempdir/parts", a "*" will be replaced by base file names of parts; +# 4. an array ref of av scanner exit status values, or a regexp (to be +# matched against scanner output), indicating NO VIRUSES found; +# a special case is a value undef, which does not claim file to be clean +# (i.e. it never matches, similar to []), but suppresses a failure warning; +# to be used when the result is inconclusive (useful for specialized and +# quick partial scanners such as jpeg checker); +# 5. an array ref of av scanner exit status values, or a regexp (to be +# matched against scanner output), indicating VIRUSES WERE FOUND; +# a value undef may be used and it never matches (for consistency with 4.); +# Note: the virus match prevails over a 'not found' match, so it is safe +# even if the no. 4. matches for viruses too; +# 6. a regexp (to be matched against scanner output), returning a list +# of virus names found, or a sub ref, returning such a list when given +# scanner output as argument; +# 7. and 8.: (optional) subroutines to be executed before and after scanner +# (e.g. to set environment or current directory); +# see examples for these at KasperskyLab AVP and NAI uvscan. + +# NOTES: +# +# - NOT DEFINING @@av_scanners (e.g. setting it to empty list, or deleting the +# whole assignment) TURNS OFF LOADING AND COMPILING OF THE ANTIVIRUS CODE +# (which can be handy if all you want to do is spam scanning); +# +# - the order matters: although _all_ available entries from the list +# are tried regardless of their verdict, scanners are run in the order +# specified: the report from the first one detecting a virus will be used +# (providing virus names and scanner output); REARRANGE THE ORDER TO WILL; +# see also $first_infected_stops_scan; +# +# - it doesn't hurt to keep an unused command line scanner entry in the list +# if the program can not be found; the path search is only performed once +# during the program startup; +# +# COROLLARY: to disable a scanner that _does_ exist on your system, +# comment out its entry or use undef or '' as its program name/path +# (second parameter). An example where this is almost a must: disable +# Sophos 'sweep' if you have its daemonized version Sophie or SAVI-Perl +# (same for Trophie/vscan, and clamd/clamscan), or if another unrelated +# program happens to have a name matching one of the entries ('sweep' +# again comes to mind); +# +# - it DOES HURT to keep unwanted entries which use INTERNAL SUBROUTINES +# for interfacing (where the second parameter starts with \&). +# Keeping such entry and not having a corresponding virus scanner daemon +# causes an unnecessary connection attempt (which eventually times out, +# but it wastes precious time). For this reason the daemonized entries +# are commented in the distribution - just remove the '#' where needed. +# +# CERT list of av resources: http://www.cert.org/other_sources/viruses.html + +@@av_scanners = ( + +# ### http://www.clanfield.info/sophie/ (http://www.vanja.com/tools/sophie/) +# ['Sophie', +# \&ask_daemon, ["{}/\n", '/var/run/sophie'], +# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, +# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], + +# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/ +# ['Sophos SAVI', \&sophos_savi ], + +### http://www.clamav.net/ +['ClamAV-clamd', + \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"], + qr/\bOK$/m, qr/\bFOUND$/m, + qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], +# NOTE: run clamd under the same user as amavisd, or run it under its own +# uid such as clamav, add user clamav to the amavis group, and then add +# AllowSupplementaryGroups to clamd.conf; +# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in +# this entry; when running chrooted one may prefer socket "$MYHOME/clamd". + +# ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred) +# # note that Mail::ClamAV requires perl to be build with threading! +# ['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/m ], + +# ### http://www.openantivirus.org/ +# ['OpenAntiVirus ScannerDaemon (OAV)', +# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'], +# qr/^OK/m, qr/^FOUND: /m, qr/^FOUND: (.+)/m ], + +# ### http://www.vanja.com/tools/trophie/ +# ['Trophie', +# \&ask_daemon, ["{}/\n", '/var/run/trophie'], +# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, +# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], + +# ### http://www.grisoft.com/ +# ['AVG Anti-Virus', +# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:55555'], +# qr/^200/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ], + +# ### http://www.f-prot.com/ +# ['F-Prot fpscand', # F-PROT Antivirus for BSD/Linux/Solaris, version 6 +# \&ask_daemon, +# ["SCAN FILE {}/*\n", '127.0.0.1:10200'], +# qr/^(0|8|64) /m, +# qr/^([1235679]|1[01345]) |<[^>:]*(?i)(infected|suspicious|unwanted)/m, +# qr/(?i)<[^>:]*(?:infected|suspicious|unwanted)[^>:]*: ([^>]*)>/m ], + +# ### http://www.f-prot.com/ +# ['F-Prot f-protd', # old version +# \&ask_daemon, +# ["GET {}/*?-dumb%20-archive%20-packed HTTP/1.0\r\n\r\n", +# ['127.0.0.1:10200', '127.0.0.1:10201', '127.0.0.1:10202', +# '127.0.0.1:10203', '127.0.0.1:10204'] ], +# qr/(?i)]*>clean<\/summary>/m, +# qr/(?i)]*>infected<\/summary>/m, +# qr/(?i)(.+)<\/name>/m ], + +# ### http://www.sald.com/, http://www.dials.ru/english/, http://www.drweb.ru/ +# ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later +# [pack('N',1). # DRWEBD_SCAN_CMD +# pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES +# pack('N', # path length +# length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/pxxx")). +# '{}/*'. # path +# pack('N',0). # content size +# pack('N',0), +# '/var/drweb/run/drwebd.sock', +# # '/var/amavis/var/run/drwebd.sock', # suitable for chroot +# # '/usr/local/drweb/run/drwebd.sock', # FreeBSD drweb ports default +# # '127.0.0.1:3000', # or over an inet socket +# ], +# qr/\A\x00[\x10\x11][\x00\x10]\x00/sm, # IS_CLEAN,EVAL_KEY; SKIPPED +# qr/\A\x00[\x00\x01][\x00\x10][\x20\x40\x80]/sm,# KNOWN_V,UNKNOWN_V,V._MODIF +# qr/\A.{12}(?:infected with )?([^\x00]+)\x00/sm, +# ], +# # NOTE: If using amavis-milter, change length to: +# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx"). + + ### http://www.kaspersky.com/ (kav4mailservers) + ['KasperskyLab AVP - aveclient', + ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient', + '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'], + '-p /var/run/aveserver -s {}/*', + [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m, + qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m, + ], + # NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious, + # currupted or protected archives are to be handled + + ### http://www.kaspersky.com/ + ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'], + '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ? + qr/infected: (.+)/m, + sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"}, + sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, + ], + + ### The kavdaemon and AVPDaemonClient have been removed from Kasperky + ### products and replaced by aveserver and aveclient + ['KasperskyLab AVPDaemonClient', + [ '/opt/AVP/kavdaemon', 'kavdaemon', + '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient', + '/opt/AVP/AvpTeamDream', 'AvpTeamDream', + '/opt/AVP/avpdc', 'avpdc' ], + "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ], + # change the startup-script in /etc/init.d/kavd to: + # DPARMS="-* -Y -dl -f=/var/amavis /var/amavis" + # (or perhaps: DPARMS="-I0 -Y -* /var/amavis" ) + # adjusting /var/amavis above to match your $TEMPBASE. + # The '-f=/var/amavis' is needed if not running it as root, so it + # can find, read, and write its pid file, etc., see 'man kavdaemon'. + # defUnix.prf: there must be an entry "*/var/amavis" (or whatever + # directory $TEMPBASE specifies) in the 'Names=' section. + # cd /opt/AVP/DaemonClients; configure; cd Sample; make + # cp AvpDaemonClient /opt/AVP/ + # su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}" + + ### http://www.centralcommand.com/ + ['CentralCommand Vexira (new) vascan', + ['vascan','/usr/lib/Vexira/vascan'], + "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ". + "--log=/var/log/vascan.log {}", + [0,3], [1,2,5], + qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ], + # Adjust the path of the binary and the virus database as needed. + # 'vascan' does not allow to have the temp directory to be the same as + # the quarantine directory, and the quarantine option can not be disabled. + # If $QUARANTINEDIR is not used, then another directory must be specified + # to appease 'vascan'. Move status 3 to the second list if password + # protected files are to be considered infected. + + ### http://www.avira.com/ + ### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus + ['Avira AntiVir', ['antivir','vexira'], + '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m, + qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | + (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ], + # NOTE: if you only have a demo version, remove -z and add 214, as in: + # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/, + + ### http://www.commandsoftware.com/ + ['Command AntiVirus for Linux', 'csav', + '-all -archive -packed {}', [50], [51,52,53], + qr/Infection: (.+)/m ], + + ### http://www.symantec.com/ + ['Symantec CarrierScan via Symantec CommandLineScanner', + 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}', + qr/^Files Infected:\s+0$/m, qr/^Infected\b/m, + qr/^(?:Info|Virus Name):\s+(.+)/m ], + + ### http://www.symantec.com/ + ['Symantec AntiVirus Scan Engine', + 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}', + [0], qr/^Infected\b/m, + qr/^(?:Info|Virus Name):\s+(.+)/m ], + # NOTE: check options and patterns to see which entry better applies + +# ### http://www.f-secure.com/products/anti-virus/ version 4.65 +# ['F-Secure Antivirus for Linux servers', +# ['/opt/f-secure/fsav/bin/fsav', 'fsav'], +# '--delete=no --disinf=no --rename=no --archive=yes --auto=yes '. +# '--dumb=yes --list=no --mime=yes {}', [0], [3,6,8], +# qr/(?:infection|Infected|Suspected): (.+)/m ], + + ### http://www.f-secure.com/products/anti-virus/ version 5.52 + ['F-Secure Antivirus for Linux servers', + ['/opt/f-secure/fsav/bin/fsav', 'fsav'], + '--virus-action1=report --archive=yes --auto=yes '. + '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8], + qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], + # NOTE: internal archive handling may be switched off by '--archive=no' + # to prevent fsav from exiting with status 9 on broken archives + +# ### http://www.avast.com/ +# ['avast! Antivirus daemon', +# \&ask_daemon, # greets with 220, terminate with QUIT +# ["SCAN {}\015\012QUIT\015\012", '/var/run/avast4/mailscanner.sock'], +# qr/\t\[\+\]/m, qr/\t\[L\]\t/m, qr/\t\[L\]\t([^[ \t\015\012]+)/m ], + +# ### http://www.avast.com/ +# ['avast! Antivirus - Client/Server Version', 'avastlite', +# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1], +# qr/\t\[L\]\t([^[ \t\015\012]+)/m ], + + ['CAI InoculateIT', 'inocucmd', # retired product + '-sec -nex {}', [0], [100], + qr/was infected by virus (.+)/m ], + # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html + + ### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT) + ['CAI eTrust Antivirus', 'etrust-wrapper', + '-arc -nex -spm h {}', [0], [101], + qr/is infected by virus: (.+)/m ], + # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer + # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783 + + ### http://mks.com.pl/english.html + ['MkS_Vir for Linux (beta)', ['mks32','mks'], + '-s {}/*', [0], [1,2], + qr/--[ \t]*(.+)/m ], + + ### http://mks.com.pl/english.html + ['MkS_Vir daemon', 'mksscan', + '-s -q {}', [0], [1..7], + qr/^... (\S+)/m ], + +# ### http://www.nod32.com/, version v2.52 (old) +# ['ESET NOD32 for Linux Mail servers', +# ['/opt/eset/nod32/bin/nod32cli', 'nod32cli'], +# '--subdir --files -z --sfx --rtp --adware --unsafe --pattern --heur '. +# '-w -a --action-on-infected=accept --action-on-uncleanable=accept '. +# '--action-on-notscanned=accept {}', +# [0,3], [1,2], qr/virus="([^"]+)"/m ], + +# ### http://www.eset.com/, version v2.7 (old) +# ['ESET NOD32 Linux Mail Server - command line interface', +# ['/usr/bin/nod32cli', '/opt/eset/nod32/bin/nod32cli', 'nod32cli'], +# '--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/m ], + +# ### http://www.eset.com/, version 2.71.12 +# ['ESET Software ESETS Command Line Interface', +# ['/usr/bin/esets_cli', 'esets_cli'], +# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ], + + ### http://www.eset.com/, version 3.0 + ['ESET Software ESETS Command Line Interface', + ['/usr/bin/esets_cli', 'esets_cli'], + '--subdir {}', [0], [1,2,3], + qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ], + + ## http://www.nod32.com/, NOD32LFS version 2.5 and above + ['ESET NOD32 for Linux File servers', + ['/opt/eset/nod32/sbin/nod32','nod32'], + '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '. + '-w -a --action=1 -b {}', + [0], [1,10], qr/^object=.*, virus="(.*?)",/m ], + +# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31 +# ['ESET Software NOD32 Client/Server (NOD32SS)', +# \&ask_daemon2, # greets with 200, persistent, terminate with QUIT +# ["SCAN {}/*\r\n", '127.0.0.1:8448' ], +# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ], + + ### http://www.norman.com/products_nvc.shtml + ['Norman Virus Control v5 / Linux', 'nvcc', + '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14], + qr/(?i).* virus in .* -> \'(.+)\'/m ], + + ### http://www.pandasoftware.com/ + ['Panda CommandLineSecure 9 for Linux', + ['/opt/pavcl/usr/bin/pavcl','pavcl'], + '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}', + qr/Number of files infected[ .]*: 0+(?!\d)/m, + qr/Number of files infected[ .]*: 0*[1-9]/m, + qr/Found virus :\s*(\S+)/m ], + # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr' + # before starting amavisd - the bases are then loaded only once at startup. + # To reload bases in a signature update script: + # /opt/pavcl/usr/bin/pavcl -tsr -ulr; /opt/pavcl/usr/bin/pavcl -tsr + # Please review other options of pavcl, for example: + # -nomalw, -nojoke, -nodial, -nohackt, -nospyw, -nocookies + +# ### http://www.pandasoftware.com/ +# ['Panda Antivirus for Linux', ['pavcl'], +# '-TSR -aut -aex -heu -cmp -nbr -nor -nso -eng {}', +# [0], [0x10, 0x30, 0x50, 0x70, 0x90, 0xB0, 0xD0, 0xF0], +# qr/Found virus :\s*(\S+)/m ], + +# GeCAD AV technology is acquired by Microsoft; RAV has been discontinued. +# Check your RAV license terms before fiddling with the following two lines! +# ['GeCAD RAV AntiVirus 8', 'ravav', +# '--all --archive --mail {}', [1], [2,3,4,5], qr/Infected: (.+)/m ], +# # NOTE: the command line switches changed with scan engine 8.5 ! +# # (btw, assigning stdin to /dev/null causes RAV to fail) + + ### http://www.nai.com/ + ['NAI McAfee AntiVirus (uvscan)', 'uvscan', + '--secure -rv --mime --summary --noboot --mailbox --program --timeout 180 - {}', [0], [13], + qr/(?x) Found (?: + \ the\ (.+)\ (?:virus|trojan) | + \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | + :\ (.+)\ NOT\ a\ virus)/m, + # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'}, + # sub {delete $ENV{LD_PRELOAD}}, + ], + # NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before + # anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6 + # and then clear it when finished to avoid confusing anything else. + # NOTE2: to treat encrypted files as viruses replace the [13] with: + # qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/ + + ### http://www.virusbuster.hu/en/ + ['VirusBuster', ['vbuster', 'vbengcl'], + "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1], + qr/: '(.*)' - Virus/m ], + # VirusBuster Ltd. does not support the daemon version for the workstation + # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of + # binaries, some parameters AND return codes have changed (from 3 to 1). + # See also the new Vexira entry 'vascan' which is possibly related. + +# ### http://www.virusbuster.hu/en/ +# ['VirusBuster (Client + Daemon)', 'vbengd', +# '-f -log scandir {}', [0], [3], +# qr/Virus found = (.*);/m ], +# # HINT: for an infected file it always returns 3, +# # although the man-page tells a different story + + ### http://www.cyber.com/ + ['CyberSoft VFind', 'vfind', + '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m, + # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'}, + ], + + ### http://www.avast.com/ + ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'], + '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ], + + ### http://www.ikarus-software.com/ + ['Ikarus AntiVirus for Linux', 'ikarus', + '{}', [0], [40], qr/Signature (.+) found/m ], + + ### http://www.bitdefender.com/ + ['BitDefender', 'bdscan', # new version + '--action=ignore --no-list {}', qr/^Infected files *:0+(?!\d)/m, + qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, + qr/(?:suspected|infected): (.*)(?:\033|$)/m ], + + ### http://www.bitdefender.com/ + ['BitDefender', 'bdc', # old version + '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m, + qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, + qr/(?:suspected|infected): (.*)(?:\033|$)/m ], + # consider also: --all --nowarn --alev=15 --flev=15. The --all argument may + # not apply to your version of bdc, check documentation and see 'bdc --help' + + ### ArcaVir for Linux and Unix http://www.arcabit.pl/ + ['ArcaVir for Linux', ['arcacmd','arcacmd.static'], + '-v 1 -summary 0 -s {}', [0], [1,2], + qr/(?:VIR|WIR):[ \t]*(.+)/m ], + +# ['File::Scan', sub {Amavis::AV::ask_av(sub{ +# use File::Scan; my($fn)=@@_; +# my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0); +# my($vname) = $f->scan($fn); +# $f->error ? (2,"Error: ".$f->error) +# : ($vname ne '') ? (1,"$vname FOUND") : (0,"Clean")}, @@_) }, +# ["{}/*"], [0], [1], qr/^(.*) FOUND$/m ], + +# ### fully-fledged checker for JPEG marker segments of invalid length +# ['check-jpeg', +# sub { use JpegTester (); Amavis::AV::ask_av(\&JpegTester::test_jpeg, @@_) }, +# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ], +# # NOTE: place file JpegTester.pm somewhere where Perl can find it, +# # for example in /usr/local/lib/perl5/site_perl + +# ### example: simpleminded checker for JPEG marker segments with +# ### invalid length (only checks first 32k, which is not thorough enough) +# ['check-jpeg-simple', +# sub { Amavis::AV::ask_av(sub { +# my($f)=@@_; local(*FF,$_,$1,$2); my(@@r)=(0,'not jpeg'); +# open(FF,$f) or die "jpeg: open err $f: $!"; +# binmode(FF) or die "jpeg: binmode err $f: $!"; +# defined read(FF,$_,32000) or die "jpeg: read err $f: $!"; +# close(FF) or die "jpeg: close err $f: $!"; +# if (/^\xff\xd8\xff/) { +# @@r=(0,'jpeg ok'); +# while (!/\G(?:\xff\xd9|\z)/gc) { # EOI or eof +# if (/\G\xff+(?=\xff|\z)/gc) {} # fill-bytes before marker +# elsif (/\G\xff([\x01\xd0-\xd8])/gc) {} # TEM, RSTi, SOI +# elsif (/\G\xff([^\x00\xff])(..)/gcs) { # marker segment start +# my($n)=unpack("n",$2)-2; +# $n=32766 if $n>32766; # Perl regexp limit +# if ($n<0) {@@r=(1,"bad jpeg: len=$n, pos=".pos); last} +# elsif (/\G.{$n}/gcs) {} # ok +# elsif (/\G.{0,$n}\z/gcs) {last} # truncated +# else {@@r=(1,"bad jpeg: unexpected, pos=".pos); last} +# } +# elsif (/\G[^\xff]+/gc) {} # ECS +# elsif (/\G(?:\xff\x00)+/gc) {} # ECS +# else {@@r=(2,"bad jpeg: unexpected char, pos=".pos); last} +# } +# }; @@r}, @@_) }, +# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ], + +# ### an example/testing/template virus scanner (external), wastes 3 seconds +# ['wasteful sleeper example', +# '/bin/sleep', '3', # calls external program +# undef, undef, qr/no such/m ], + +# ### an example/testing/template virus scanner (internal), does nothing +# ['null', +# sub {}, ["{}"], # supplies its own subroutine, no external program +# undef, undef, qr/no such/m ], + +); + + +# If no virus scanners from the @@av_scanners list produce 'clean' nor +# 'infected' status (i.e. they all fail to run or the list is empty), +# then _all_ scanners from the @@av_scanners_backup list are tried +# (again, subject to $first_infected_stops_scan). When there are both +# daemonized and equivalent or similar command-line scanners available, +# it is customary to place slower command-line scanners in the +# @@av_scanners_backup list. The default choice is somewhat arbitrary, +# move entries from one list to another as desired, keeping main scanners +# in the primary list to avoid warnings. + +@@av_scanners_backup = ( + + ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV + ['ClamAV-clamscan', 'clamscan', + "--stdout --no-summary -r --tempdir=$TEMPBASE {}", + [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], + + ### http://www.f-prot.com/ - backs up F-Prot Daemon, V6 + ['F-PROT Antivirus for UNIX', ['fpscan'], + '--report --mount --adware {}', # consider: --applications -s 4 -u 3 -z 10 + [0,8,64], [1,2,3, 4+1,4+2,4+3, 8+1,8+2,8+3, 12+1,12+2,12+3], + qr/^\[Found\s+[^\]]*\]\s+<([^ \t(>]*)/m ], + + ### http://www.f-prot.com/ - backs up F-Prot Daemon (old) + ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'], + '-dumb -ai -archive -packed -server {}', [0,8], [3,6], # or: [0], [3,6,8], + qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/m ], + + ### http://www.trendmicro.com/ - backs up Trophie + ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'], + '-za -a {}', [0], qr/Found virus/m, qr/Found virus (.+) in/m ], + + ### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD + ['drweb - DrWeb Antivirus', # security LHA hole in Dr.Web 4.33 and earlier + ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'], + '-path={} -al -go -ot -cn -upn -ok-', + [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'m ], + + ### http://www.kaspersky.com/ + ['Kaspersky Antivirus v5.5', + ['/opt/kaspersky/kav4fs/bin/kav4fs-kavscanner', + '/opt/kav/5.5/kav4unix/bin/kavscanner', + '/opt/kav/5.5/kav4mailservers/bin/kavscanner', 'kavscanner'], + '-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25], + qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/m, +# sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"}, +# sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, + ], + +# Commented out because the name 'sweep' clashes with Debian and FreeBSD +# package/port of an audio editor. Make sure the correct 'sweep' is found +# in the path when enabling. +# +# ### http://www.sophos.com/ - backs up Sophie or SAVI-Perl +# ['Sophos Anti Virus (sweep)', 'sweep', +# '-nb -f -all -rec -ss -sc -archive -cab -mime -oe -tnef '. +# '--no-reset-atime {}', +# [0,2], qr/Virus .*? found/m, +# qr/^>>> Virus(?: fragment)? '?(.*?)'? found/m, +# ], +# # other options to consider: -idedir=/usr/local/sav + +# Always succeeds and considers mail clean. +# Potentially useful when all other scanners fail and it is desirable +# to let mail continue to flow with no virus checking (when uncommented). +# ['always-clean', sub {0}], + +); + + +# +# Section VIII - Debugging +# + +# The most useful debugging tool is to run amavisd-new non-detached +# from a terminal window using command: # amavisd debug + +# Some more refined approaches: + +# If sender matches ACL, turn debugging fully up, just for this one message +#@@debug_sender_maps = ( ["test-sender\@@$mydomain"] ); +#@@debug_sender_maps = ( [qw( debug@@example.com debug@@example.net )] ); + +# May be useful along with @@debug_sender_maps: +# Prevent all decoded originals being deleted (replaced by decoded part) +#@@keep_decoded_original_maps = (1); + +# Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd debug') +#$sa_debug = '1,all'; # defaults to false + + +# +# Section IX - Policy banks (dynamic policy switching) +# + +## Define some policy banks (sets of settings) and give them +## arbitrary names (the names '', 'MYNETS' and 'MYUSERS' have special meaning): +# +# $policy_bank{'ALT'} = { +# log_level => 3, +# syslog_ident => 'alt-amavis', +# syslog_facility => 'LOCAL3', +# inet_acl => [qw( 10.0.1.14 )], +# final_spam_destiny => D_PASS, final_bad_header_destiny => D_PASS, +# forward_method => 'smtp:*:*', +# notify_method => 'smtp:[127.0.0.1]:10025', +# virus_admin_maps => "abuse\@@$mydomain", +# spam_lovers_maps => [@@spam_lovers_maps, [qw( abuse@@example.com )]], +# spam_tag_level_maps => 2.1, +# spam_tag2_level_maps => 6.32, +# spam_kill_level_maps => 6.72, +# spam_dsn_cutoff_level_maps => 8, +# defang_spam => 1, +# local_client_bind_address => '10.11.12.13', +# localhost_name => 'amavis.example.com', +# smtpd_greeting_banner => +# '${helo-name} ${protocol} ${product} ${version-id} (${version-date}) TEST service ready'; +# auth_mech_avail => [qw(PLAIN LOGIN)], +# auth_required_inp => 1, +# auth_required_out => 1, +# amavis_auth_user => 'amavisd', amavis_auth_pass = 'tOpsecretX', +# av_scanners => [ # provide only 'free' scanners +# ['ClamAV-clamd', +# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], +# qr/\bOK$/, qr/\bFOUND$/, +# qr/^.*?: (?!Infected Archive)(.*) FOUND$/, +# ], +# ], +# av_scanners_backup => [ +# ['ClamAV-clamscan', 'clamscan', +# "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1], +# qr/^.*?: (?!Infected Archive)(.*) FOUND$/, +# ], +# ], +# }; + +# NOTE: the use of policy banks for changing protocol on the input socket is +# only needed when different protocols need to be spoken on different sockets +# at the same time. For normal use just set globally e.g.: $protocol='AM.PDP'; +# +#$policy_bank{'AM.PDP-SOCK'} = { +# protocol => 'AM.PDP', # Amavis policy delegation protocol +# auth_required_release => 0, # do not require secret_id for amavisd-release +#}; +# +#$policy_bank{'AM.PDP-INET'} = { +# protocol => 'AM.PDP', # Amavis policy delegation protocol +# inet_acl => [qw( 127.0.0.1 [::1] )], # restrict to these IP addresses +#}; +# +## the name 'MYNETS' has special semantics: this policy bank gets loaded +## whenever MTA supplies the original SMTP client IP address (Postfix XFORWARD +## extension or a new AM.PDP protocol) and that address matches @@mynetworks. +# +# $terminate_dsn_on_notify_success = 1; +# $policy_bank{'MYNETS'} = { # mail originating from @@mynetworks +# originating => 1, # is true in MYNETS by deflt, but let's make it explicit +# terminate_dsn_on_notify_success => 0, +# spam_kill_level_maps => 6.9, +# syslog_facility => 'LOCAL4', # tell syslog to log to a separate file +# virus_admin_maps => ["virusalert\@@$mydomain"], # alert of internal viruses +# spam_admin_maps => ["spamalert\@@$mydomain"], # alert of internal spam +# bypass_spam_checks_maps => [1], # or: don't spam-check internal mail +# bypass_banned_checks_maps => [1], # don't banned-check internal mail +# warnbadhsender => 1, # warn local senders about their broken MUA +# banned_filename_maps => ['MYNETS-DEFAULT'], # more permissive banning rules +# spam_quarantine_cutoff_level_maps => undef, # quarantine all local spam +# spam_dsn_cutoff_level_maps => undef, # ensure NDN regardless of spam level +# spam_dsn_cutoff_level_bysender_maps => # but only from local domain senders +# [ { lc(".$mydomain") => undef, '.' => 15 } ], +# }; + +## the name 'MYUSERS' has special semantics: this policy bank gets loaded +## whenever the sender matches @@local_domains_maps. This only makes sense +## if local sender addresses can be trusted -- for example by requiring +## authentication before letting users send with their local address. +# +# $policy_bank{'MYUSERS'} = { +# final_virus_destiny => D_BOUNCE, # bounce only to authenticated local users +# final_banned_destiny=> D_BOUNCE, +# }; + +# Needed for Courier: speak courier protocol on the socket +#$interface_policy{'SOCK'} = 'AM-SOCK'; +#$policy_bank{'AM-SOCK'} = {protocol => 'COURIER'}; + +## Now we can assign policy banks to amavisd tcp port numbers listed in +## $inet_socket_port. Whenever the connection from MTA is received, first +## a built-in policy bank $policy_bank{''} gets loaded, which bringings-in +## all the global/legacy settings, then it gets overlaid by the bank +## named in the $interface_policy{$port} if any, and finally the bank +## 'MYNETS' is overlaid if it exists and the SMTP client IP address +## is known (by XFORWARD command from MTA) and it matches @@mynetworks. + +# $interface_policy{'10026'} = 'ALT'; + +# used by amavisd-release utility of a new AM.PDP-based amavis-milter client +#$interface_policy{'9998'} = 'AM.PDP-INET'; +#$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; + +# invoke custom hooks or additional configuration files: +# include_config_files('/etc/amavisd-custom.conf'); + +# Want to execute additional configuration files from some directory? +#{ my($d) = '/etc/amavis/conf.d'; # do *.cf or *.conf files in this directory +# local(*D); opendir(D,$d) or die "Can't open dir $d: $!"; +# my(@@d) = sort grep {/\.(cf|conf)$/ && -f} map {/^(.*)$/,"$d/$1"} readdir(D); +# closedir(D) or die "Can't close $d: $!"; +# include_config_files($_) for (@@d); +#} + +1; # insure a defined return value +@ diff --git a/config-archive/etc/amavisd.conf.dist.new b/config-archive/etc/amavisd.conf.dist.new new file mode 100644 index 0000000..7e6eb35 --- /dev/null +++ b/config-archive/etc/amavisd.conf.dist.new @@ -0,0 +1,806 @@ +use strict; + +# a minimalistic configuration file for amavisd-new with all necessary settings +# +# see amavisd.conf-default for a list of all variables with their defaults; +# for more details see documentation in INSTALL, README_FILES/* +# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html + + +# COMMONLY ADJUSTED SETTINGS: + +# @bypass_virus_checks_maps = (1); # controls running of anti-virus code +# @bypass_spam_checks_maps = (1); # controls running of anti-spam code +# $bypass_decode_parts = 1; # controls running of decoders&dearchivers + +$max_servers = 2; # num of pre-forked children (2..30 is common), -m +$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u +$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g + +$mydomain = 'example.com'; # a convenient default for other settings + +# $MYHOME = '/var/amavis'; # a convenient default for other settings, -H +$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T +$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc. +$QUARANTINEDIR = "$MYHOME/quarantine"; # -Q +# $quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine +# $release_format = 'resend'; # 'attach', 'plain', 'resend' +# $report_format = 'arf'; # 'attach', 'plain', 'resend', 'arf' + +# $daemon_chroot_dir = $MYHOME; # chroot directory or undef, -R + +# $db_home = "$MYHOME/db"; # dir for bdb nanny/cache/snmp databases, -D +# $helpers_home = "$MYHOME/var"; # working directory for SpamAssassin, -S +# $lock_file = "$MYHOME/var/amavisd.lock"; # -L +# $pid_file = "$MYHOME/var/amavisd.pid"; # -P +#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually + +$log_level = 0; # verbosity 0..5, -d +$log_recip_templ = undef; # disable by-recipient level-0 log entries +$do_syslog = 1; # log via syslogd (preferred) +$syslog_facility = 'mail'; # Syslog facility as a string + # e.g.: mail, daemon, user, local0, ... local7 + +$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) +$nanny_details_level = 2; # nanny verbosity: 1: traditional, 2: detailed +$enable_dkim_verification = 0; # enable DKIM signatures verification +$enable_dkim_signing = 0; # load DKIM signing code, keys defined by dkim_key + +@local_domains_maps = ( [".$mydomain"] ); # list of all local domains + +@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 + 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); + +$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter + # option(s) -p overrides $inet_socket_port and $unix_socketname + +$inet_socket_port = 10024; # listen on this local TCP port(s) +# $inet_socket_port = [10024,10026]; # listen on multiple TCP ports + +$policy_bank{'MYNETS'} = { # mail originating from @mynetworks + originating => 1, # is true in MYNETS by default, but let's make it explicit + os_fingerprint_method => undef, # don't query p0f for internal clients +}; + +# it is up to MTA to re-route mail from authenticated roaming users or +# from internal hosts to a dedicated TCP port (such as 10026) for filtering +$interface_policy{'10026'} = 'ORIGINATING'; + +$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users + originating => 1, # declare that mail was submitted by our smtp client + allow_disclaimers => 1, # enables disclaimer insertion if available + # notify administrator of locally originating malware + virus_admin_maps => ["virusalert\@$mydomain"], + spam_admin_maps => ["virusalert\@$mydomain"], + warnbadhsender => 1, + # forward to a smtpd service providing DKIM signing service + forward_method => 'smtp:[127.0.0.1]:10027', + # force MTA conversion to 7-bit (e.g. before DKIM signing) + smtpd_discard_ehlo_keywords => ['8BITMIME'], + bypass_banned_checks_maps => [1], # allow sending any file names and types + terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option +}; + +$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with $unix_socketname + +# Use with amavis-release over a socket or with Petr Rehor's amavis-milter.c +# (with amavis-milter.c from this package or old amavis.c client use 'AM.CL'): +$policy_bank{'AM.PDP-SOCK'} = { + protocol => 'AM.PDP', + auth_required_release => 0, # do not require secret_id for amavisd-release +}; + +$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level +$sa_tag2_level_deflt = 6.2; # add 'spam detected' headers at that level +$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail) +$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent +$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From +# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off +$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database) +$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam +$bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces + +$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger +$sa_local_tests_only = 0; # only tests which do not require internet access? + +# @lookup_sql_dsn = +# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'], +# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'], +# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] ); +# @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate database + +# $timestamp_fmt_mysql = 1; # if using MySQL *and* msgs.time_iso is TIMESTAMP; +# defaults to 0, which is good for non-MySQL or if msgs.time_iso is CHAR(16) + +$virus_admin = "virusalert\@$mydomain"; # notifications recip. + +$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender +$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender +$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender +$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef + +@addr_extension_virus_maps = ('virus'); +@addr_extension_banned_maps = ('banned'); +@addr_extension_spam_maps = ('spam'); +@addr_extension_bad_header_maps = ('badh'); +# $recipient_delimiter = '+'; # undef disables address extensions altogether +# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+ + +$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; +# $dspam = 'dspam'; + +$MAXLEVELS = 14; +$MAXFILES = 1500; +$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) +$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) + +$sa_spam_subject_tag = '***Spam*** '; +$defang_virus = 1; # MIME-wrap passed infected mail +$defang_banned = 1; # MIME-wrap passed mail containing banned name +# for defanging bad headers only turn on certain minor contents categories: +$defang_by_ccat{CC_BADH.",3"} = 1; # NUL or CR character in header +$defang_by_ccat{CC_BADH.",5"} = 1; # header line longer than 998 characters +$defang_by_ccat{CC_BADH.",6"} = 1; # header field syntax error + + +# OTHER MORE COMMON SETTINGS (defaults may suffice): + +# $myhostname = 'host.example.com'; # must be a fully-qualified domain name! + +# $notify_method = 'smtp:[127.0.0.1]:10025'; +# $forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter! + +# $final_virus_destiny = D_DISCARD; +# $final_banned_destiny = D_DISCARD; +# $final_spam_destiny = D_PASS; #!!! D_DISCARD / D_REJECT +# $final_bad_header_destiny = D_PASS; +# $bad_header_quarantine_method = undef; + +# $os_fingerprint_method = 'p0f:*:2345'; # to query p0f-analyzer.pl + +## hierarchy by which a final setting is chosen: +## policy bank (based on port or IP address) -> *_by_ccat +## *_by_ccat (based on mail contents) -> *_maps +## *_maps (based on recipient address) -> final configuration value + + +# SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for all) + +# $warnbadhsender, +# $warnvirusrecip, $warnbannedrecip, $warnbadhrecip, (or @warn*recip_maps) +# +# @bypass_virus_checks_maps, @bypass_spam_checks_maps, +# @bypass_banned_checks_maps, @bypass_header_checks_maps, +# +# @virus_lovers_maps, @spam_lovers_maps, +# @banned_files_lovers_maps, @bad_header_lovers_maps, +# +# @blacklist_sender_maps, @score_sender_maps, +# +# $clean_quarantine_method, $virus_quarantine_to, $banned_quarantine_to, +# $bad_header_quarantine_to, $spam_quarantine_to, +# +# $defang_bad_header, $defang_undecipherable, $defang_spam + + +# REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS + +@keep_decoded_original_maps = (new_RE( + qr'^MAIL$', # retain full original message for virus checking + qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables + qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, +# qr'^Zip archive data', # don't trust Archive::Zip +)); + + +$banned_filename_re = new_RE( + +### BLOCKED ANYWHERE +# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components + qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary +# qr'^\.(exe|lha|cab|dll)$', # banned file(1) types + +### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: +# [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2 + [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives + + qr'.\.(pif|scr)$'i, # banned extensions - rudimentary +# qr'^\.zip$', # block zip type + +### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES: +# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives + + qr'^application/x-msdownload$'i, # block these MIME types + qr'^application/x-msdos-program$'i, + qr'^application/hta$'i, + +# qr'^message/partial$'i, # rfc2046 MIME type +# qr'^message/external-body$'i, # rfc2046 MIME type + +# qr'^(application/x-msmetafile|image/x-wmf)$'i, # Windows Metafile MIME type +# qr'^\.wmf$', # Windows Metafile file(1) type + + # block certain double extensions in filenames + qr'^(?!cid:).*\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i, + +# qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Class ID CLSID, strict +# qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extension CLSID, loose + + qr'.\.(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic +# qr'.\.(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd +# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| +# inf|ini|ins|isp|js|jse|lib|lnk|mda|mdb|mde|mdt|mdw|mdz|msc|msi| +# msp|mst|ocx|ops|pcd|pif|prg|reg|scr|sct|shb|shs|sys|vb|vbe|vbs|vxd| +# wmf|wsc|wsf|wsh)$'ix, # banned extensions - long +# qr'.\.(asd|asf|asx|url|vcs|wmd|wmz)$'i, # consider also +# qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename +# qr'^\.ani$', # banned animated cursor file(1) type +# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. +); +# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631 +# and http://www.cknow.com/vtutor/vtextensions.htm + + +# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING + +@score_sender_maps = ({ # a by-recipient hash lookup table, + # results from all matching recipient tables are summed + +# ## per-recipient personal tables (NOTE: positive: black, negative: white) +# 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}], +# 'user3@example.com' => [{'.ebay.com' => -3.0}], +# 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0, +# '.cleargreen.com' => -5.0}], + + ## site-wide opinions about senders (the '.' matches any recipient) + '.' => [ # the _first_ matching sender determines the score boost + + new_RE( # regexp-type lookup table, just happens to be all soft-blacklist + [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0], + [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0], + [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0], + [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0], + [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0], + [qr'^(your_friend|greatoffers)@'i => 5.0], + [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0], + ), + +# read_hash("/var/amavis/sender_scores_sitewide"), + + { # a hash-type lookup table (associative array) + 'nobody@cert.org' => -3.0, + 'cert-advisory@us-cert.gov' => -3.0, + 'owner-alert@iss.net' => -3.0, + 'slashdot@slashdot.org' => -3.0, + 'securityfocus.com' => -3.0, + 'ntbugtraq@listserv.ntbugtraq.com' => -3.0, + 'security-alerts@linuxsecurity.com' => -3.0, + 'mailman-announce-admin@python.org' => -3.0, + 'amavis-user-admin@lists.sourceforge.net'=> -3.0, + 'amavis-user-bounces@lists.sourceforge.net' => -3.0, + 'spamassassin.apache.org' => -3.0, + 'notification-return@lists.sophos.com' => -3.0, + 'owner-postfix-users@postfix.org' => -3.0, + 'owner-postfix-announce@postfix.org' => -3.0, + 'owner-sendmail-announce@lists.sendmail.org' => -3.0, + 'sendmail-announce-request@lists.sendmail.org' => -3.0, + 'donotreply@sendmail.org' => -3.0, + 'ca+envelope@sendmail.org' => -3.0, + 'noreply@freshmeat.net' => -3.0, + 'owner-technews@postel.acm.org' => -3.0, + 'ietf-123-owner@loki.ietf.org' => -3.0, + 'cvs-commits-list-admin@gnome.org' => -3.0, + 'rt-users-admin@lists.fsck.com' => -3.0, + 'clp-request@comp.nus.edu.sg' => -3.0, + 'surveys-errors@lists.nua.ie' => -3.0, + 'emailnews@genomeweb.com' => -5.0, + 'yahoo-dev-null@yahoo-inc.com' => -3.0, + 'returns.groups.yahoo.com' => -3.0, + 'clusternews@linuxnetworx.com' => -3.0, + lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0, + lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0, + + # soft-blacklisting (positive score) + 'sender@example.net' => 3.0, + '.example.net' => 1.0, + + }, + ], # end of site-wide tables +}); + + +@decoders = ( + ['mail', \&do_mime_decode], +# ['asc', \&do_ascii], +# ['uue', \&do_ascii], +# ['hqx', \&do_ascii], +# ['ync', \&do_ascii], + ['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ], + ['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ], + ['gz', \&do_uncompress, 'gzip -d'], + ['gz', \&do_gunzip], + ['bz2', \&do_uncompress, 'bzip2 -d'], + ['xz', \&Amavis::Unpackers::do_uncompress, + ['xzdec'. 'xz -dc', 'unxz -c', 'xzcat'] ], + ['lzma', \&Amavis::Unpackers::do_uncompress, + ['lzmadec', 'xz -dc --format=lzma', + 'lzma -dc', 'unlzma -c', 'lzcat', 'lzmadec'] ], + ['lzo', \&do_uncompress, 'lzop -d'], + ['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ], + ['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ], + ['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ], + ['deb', \&do_ar, 'ar'], +# ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill + ['zip', \&do_unzip], + ['7z', \&do_7zip, ['7zr','7za','7z'] ], + ['rar', \&do_unrar, ['rar','unrar'] ], + ['arj', \&do_unarj, ['arj','unarj'] ], + ['arc', \&do_arc, ['nomarch','arc'] ], + ['zoo', \&do_zoo, ['zoo','unzoo'] ], + ['lha', \&do_lha, 'lha'], +# ['doc', \&do_ole, 'ripole'], + ['cab', \&do_cabextract, 'cabextract'], + ['tnef', \&do_tnef_ext, 'tnef'], + ['tnef', \&do_tnef], +# ['sit', \&do_unstuff, 'unstuff'], # broken/unsafe decoder + ['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ], +); + + +@av_scanners = ( + +# ### http://www.sophos.com/ +# ['Sophos-SSSP', +# \&ask_daemon, ["{}", 'sssp:/var/run/savdi/sssp.sock'], +# # or: ["{}", 'sssp:[127.0.0.1]:4010'], +# qr/^DONE OK\b/m, qr/^VIRUS\b/m, qr/^VIRUS\s*(\S*)/m ], + +# ### http://www.clanfield.info/sophie/ (http://www.vanja.com/tools/sophie/) +# ['Sophie', +# \&ask_daemon, ["{}/\n", 'sophie:/var/run/sophie'], +# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/, +# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], + +# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/ +# ['Sophos SAVI', \&ask_daemon, ['{}','savi-perl:'] ], + +# ['Avira SAVAPI', +# \&ask_daemon, ["*", 'savapi:/var/tmp/.savapi3', 'product-id'], +# qr/^(200|210)/m, qr/^(310|420|319)/m, +# qr/^(?:310|420)[,\s]*(?:.* <<< )?(.+?)(?: ; |$)/m +# settings for the SAVAPI3.conf: ArchiveScan=1, HeurLevel=2, MailboxScan=1 + +# ### http://www.clamav.net/ +# ['ClamAV-clamd', +# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], +# qr/\bOK$/m, qr/\bFOUND$/m, +# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], +# # NOTE: run clamd under the same user as amavisd, or run it under its own +# # uid such as clamav, add user clamav to the amavis group, and then add +# # AllowSupplementaryGroups to clamd.conf; +# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in +# # this entry; when running chrooted one may prefer socket "$MYHOME/clamd". + +# ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred) +# # note that Mail::ClamAV requires perl to be build with threading! +# ['Mail::ClamAV', \&ask_daemon, ['{}','clamav-perl:'], +# [0], [1], qr/^INFECTED: (.+)/m], + +# ### http://www.openantivirus.org/ +# ['OpenAntiVirus ScannerDaemon (OAV)', +# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'], +# qr/^OK/m, qr/^FOUND: /m, qr/^FOUND: (.+)/m ], + +# ### http://www.vanja.com/tools/trophie/ +# ['Trophie', +# \&ask_daemon, ["{}/\n", 'trophie:/var/run/trophie'], +# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, +# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], + +# ### http://www.grisoft.com/ +# ['AVG Anti-Virus', +# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:55555'], +# qr/^200/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ], + +# ### http://www.f-prot.com/ +# ['F-Prot fpscand', # F-PROT Antivirus for BSD/Linux/Solaris, version 6 +# \&ask_daemon, +# ["SCAN FILE {}/*\n", '127.0.0.1:10200'], +# qr/^(0|8|64) /m, +# qr/^([1235679]|1[01345]) |<[^>:]*(?i)(infected|suspicious|unwanted)/m, +# qr/(?i)<[^>:]*(?:infected|suspicious|unwanted)[^>:]*: ([^>]*)>/m ], + +# ### http://www.f-prot.com/ +# ['F-Prot f-protd', # old version +# \&ask_daemon, +# ["GET {}/*?-dumb%20-archive%20-packed HTTP/1.0\r\n\r\n", +# ['127.0.0.1:10200', '127.0.0.1:10201', '127.0.0.1:10202', +# '127.0.0.1:10203', '127.0.0.1:10204'] ], +# qr/(?i)]*>clean<\/summary>/m, +# qr/(?i)]*>infected<\/summary>/m, +# qr/(?i)(.+)<\/name>/m ], + +# ### http://www.sald.com/, http://www.dials.ru/english/, http://www.drweb.ru/ +# ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later +# [pack('N',1). # DRWEBD_SCAN_CMD +# pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES +# pack('N', # path length +# length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/pxxx")). +# '{}/*'. # path +# pack('N',0). # content size +# pack('N',0), +# '/var/drweb/run/drwebd.sock', +# # '/var/amavis/var/run/drwebd.sock', # suitable for chroot +# # '/usr/local/drweb/run/drwebd.sock', # FreeBSD drweb ports default +# # '127.0.0.1:3000', # or over an inet socket +# ], +# qr/\A\x00[\x10\x11][\x00\x10]\x00/sm, # IS_CLEAN,EVAL_KEY; SKIPPED +# qr/\A\x00[\x00\x01][\x00\x10][\x20\x40\x80]/sm,# KNOWN_V,UNKNOWN_V,V._MODIF +# qr/\A.{12}(?:infected with )?([^\x00]+)\x00/sm, +# ], +# # NOTE: If using amavis-milter, change length to: +# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx"). + + ### http://www.kaspersky.com/ (kav4mailservers) + ['KasperskyLab AVP - aveclient', + ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient', + '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'], + '-p /var/run/aveserver -s {}/*', + [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m, + qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m, + ], + # NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious, + # currupted or protected archives are to be handled + + ### http://www.kaspersky.com/ + ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'], + '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ? + qr/infected: (.+)/m, + sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"}, + sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, + ], + + ### The kavdaemon and AVPDaemonClient have been removed from Kasperky + ### products and replaced by aveserver and aveclient + ['KasperskyLab AVPDaemonClient', + [ '/opt/AVP/kavdaemon', 'kavdaemon', + '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient', + '/opt/AVP/AvpTeamDream', 'AvpTeamDream', + '/opt/AVP/avpdc', 'avpdc' ], + "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ], + # change the startup-script in /etc/init.d/kavd to: + # DPARMS="-* -Y -dl -f=/var/amavis /var/amavis" + # (or perhaps: DPARMS="-I0 -Y -* /var/amavis" ) + # adjusting /var/amavis above to match your $TEMPBASE. + # The '-f=/var/amavis' is needed if not running it as root, so it + # can find, read, and write its pid file, etc., see 'man kavdaemon'. + # defUnix.prf: there must be an entry "*/var/amavis" (or whatever + # directory $TEMPBASE specifies) in the 'Names=' section. + # cd /opt/AVP/DaemonClients; configure; cd Sample; make + # cp AvpDaemonClient /opt/AVP/ + # su - amavis -c "${PREFIX}/kavdaemon ${DPARMS}" + + ### http://www.centralcommand.com/ + ['CentralCommand Vexira (new) vascan', + ['vascan','/usr/lib/Vexira/vascan'], + "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ". + "--log=/var/log/vascan.log {}", + [0,3], [1,2,5], + qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ], + # Adjust the path of the binary and the virus database as needed. + # 'vascan' does not allow to have the temp directory to be the same as + # the quarantine directory, and the quarantine option can not be disabled. + # If $QUARANTINEDIR is not used, then another directory must be specified + # to appease 'vascan'. Move status 3 to the second list if password + # protected files are to be considered infected. + + ### http://www.avira.com/ + ### old Avira AntiVir 2.x (ex H+BEDV) or old CentralCommand Vexira Antivirus + ['Avira AntiVir', ['antivir','vexira'], + '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m, + qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | + (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ], + # NOTE: if you only have a demo version, remove -z and add 214, as in: + # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/, + + ### http://www.avira.com/ + ### Avira for UNIX 3.x + ['Avira AntiVir', ['avscan'], + '-s --batch --alert-action=none {}', [0,4], qr/(?:ALERT|FUND):/m, + qr/(?:ALERT|FUND): (?:.* <<< )?(.+?)(?: ; |$)/m ], + + ### http://www.commandsoftware.com/ + ['Command AntiVirus for Linux', 'csav', + '-all -archive -packed {}', [50], [51,52,53], + qr/Infection: (.+)/m ], + + ### http://www.symantec.com/ + ['Symantec CarrierScan via Symantec CommandLineScanner', + 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}', + qr/^Files Infected:\s+0$/m, qr/^Infected\b/m, + qr/^(?:Info|Virus Name):\s+(.+)/m ], + + ### http://www.symantec.com/ + ['Symantec AntiVirus Scan Engine', + 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}', + [0], qr/^Infected\b/m, + qr/^(?:Info|Virus Name):\s+(.+)/m ], + # NOTE: check options and patterns to see which entry better applies + +# ### http://www.f-secure.com/products/anti-virus/ version 4.65 +# ['F-Secure Antivirus for Linux servers', +# ['/opt/f-secure/fsav/bin/fsav', 'fsav'], +# '--delete=no --disinf=no --rename=no --archive=yes --auto=yes '. +# '--dumb=yes --list=no --mime=yes {}', [0], [3,6,8], +# qr/(?:infection|Infected|Suspected): (.+)/m ], + + ### http://www.f-secure.com/products/anti-virus/ version 5.52 + ['F-Secure Antivirus for Linux servers', + ['/opt/f-secure/fsav/bin/fsav', 'fsav'], + '--virus-action1=report --archive=yes --auto=yes '. + '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8], + qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], + # NOTE: internal archive handling may be switched off by '--archive=no' + # to prevent fsav from exiting with status 9 on broken archives + +# ### http://www.avast.com/ +# ['avast! Antivirus daemon', +# \&ask_daemon, # greets with 220, terminate with QUIT +# ["SCAN {}\015\012QUIT\015\012", '/var/run/avast4/mailscanner.sock'], +# qr/\t\[\+\]/m, qr/\t\[L\]\t/m, qr/\t\[L\]\t([^[ \t\015\012]+)/m ], + +# ### http://www.avast.com/ +# ['avast! Antivirus - Client/Server Version', 'avastlite', +# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1], +# qr/\t\[L\]\t([^[ \t\015\012]+)/m ], + + ['CAI InoculateIT', 'inocucmd', # retired product + '-sec -nex {}', [0], [100], + qr/was infected by virus (.+)/m ], + # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html + + ### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT) + ['CAI eTrust Antivirus', 'etrust-wrapper', + '-arc -nex -spm h {}', [0], [101], + qr/is infected by virus: (.+)/m ], + # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer + # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783 + + ### http://mks.com.pl/english.html + ['MkS_Vir for Linux (beta)', ['mks32','mks'], + '-s {}/*', [0], [1,2], + qr/--[ \t]*(.+)/m ], + + ### http://mks.com.pl/english.html + ['MkS_Vir daemon', 'mksscan', + '-s -q {}', [0], [1..7], + qr/^... (\S+)/m ], + +# ### http://www.nod32.com/, version v2.52 (old) +# ['ESET NOD32 for Linux Mail servers', +# ['/opt/eset/nod32/bin/nod32cli', 'nod32cli'], +# '--subdir --files -z --sfx --rtp --adware --unsafe --pattern --heur '. +# '-w -a --action-on-infected=accept --action-on-uncleanable=accept '. +# '--action-on-notscanned=accept {}', +# [0,3], [1,2], qr/virus="([^"]+)"/m ], + +# ### http://www.eset.com/, version v2.7 (old) +# ['ESET NOD32 Linux Mail Server - command line interface', +# ['/usr/bin/nod32cli', '/opt/eset/nod32/bin/nod32cli', 'nod32cli'], +# '--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/m ], + +# ### http://www.eset.com/, version 2.71.12 +# ['ESET Software ESETS Command Line Interface', +# ['/usr/bin/esets_cli', 'esets_cli'], +# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ], + + ### http://www.eset.com/, version 3.0 + ['ESET Software ESETS Command Line Interface', + ['/usr/bin/esets_cli', 'esets_cli'], + '--subdir {}', [0], [1,2,3], + qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ], + + ## http://www.nod32.com/, NOD32LFS version 2.5 and above + ['ESET NOD32 for Linux File servers', + ['/opt/eset/nod32/sbin/nod32','nod32'], + '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '. + '-w -a --action=1 -b {}', + [0], [1,10], qr/^object=.*, virus="(.*?)",/m ], + +# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31 +# ['ESET Software NOD32 Client/Server (NOD32SS)', +# \&ask_daemon2, # greets with 200, persistent, terminate with QUIT +# ["SCAN {}/*\r\n", '127.0.0.1:8448' ], +# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ], + + ### http://www.norman.com/products_nvc.shtml + ['Norman Virus Control v5 / Linux', 'nvcc', + '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14], + qr/(?i).* virus in .* -> \'(.+)\'/m ], + + ### http://www.pandasoftware.com/ + ['Panda CommandLineSecure 9 for Linux', + ['/opt/pavcl/usr/bin/pavcl','pavcl'], + '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}', + qr/Number of files infected[ .]*: 0+(?!\d)/m, + qr/Number of files infected[ .]*: 0*[1-9]/m, + qr/Found virus :\s*(\S+)/m ], + # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr' + # before starting amavisd - the bases are then loaded only once at startup. + # To reload bases in a signature update script: + # /opt/pavcl/usr/bin/pavcl -tsr -ulr; /opt/pavcl/usr/bin/pavcl -tsr + # Please review other options of pavcl, for example: + # -nomalw, -nojoke, -nodial, -nohackt, -nospyw, -nocookies + +# ### http://www.pandasoftware.com/ +# ['Panda Antivirus for Linux', ['pavcl'], +# '-TSR -aut -aex -heu -cmp -nbr -nor -nso -eng {}', +# [0], [0x10, 0x30, 0x50, 0x70, 0x90, 0xB0, 0xD0, 0xF0], +# qr/Found virus :\s*(\S+)/m ], + +# GeCAD AV technology is acquired by Microsoft; RAV has been discontinued. +# Check your RAV license terms before fiddling with the following two lines! +# ['GeCAD RAV AntiVirus 8', 'ravav', +# '--all --archive --mail {}', [1], [2,3,4,5], qr/Infected: (.+)/m ], +# # NOTE: the command line switches changed with scan engine 8.5 ! +# # (btw, assigning stdin to /dev/null causes RAV to fail) + + ### http://www.nai.com/ + ['NAI McAfee AntiVirus (uvscan)', 'uvscan', + '--secure -rv --mime --summary --noboot - {}', [0], [13], + qr/(?x) Found (?: + \ the\ (.+)\ (?:virus|trojan) | + \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | + :\ (.+)\ NOT\ a\ virus)/m, + # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'}, + # sub {delete $ENV{LD_PRELOAD}}, + ], + # NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before + # anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6 + # and then clear it when finished to avoid confusing anything else. + # NOTE2: to treat encrypted files as viruses replace the [13] with: + # qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/ + + ### http://www.virusbuster.hu/en/ + ['VirusBuster', ['vbuster', 'vbengcl'], + "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1], + qr/: '(.*)' - Virus/m ], + # VirusBuster Ltd. does not support the daemon version for the workstation + # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of + # binaries, some parameters AND return codes have changed (from 3 to 1). + # See also the new Vexira entry 'vascan' which is possibly related. + +# ### http://www.virusbuster.hu/en/ +# ['VirusBuster (Client + Daemon)', 'vbengd', +# '-f -log scandir {}', [0], [3], +# qr/Virus found = (.*);/m ], +# # HINT: for an infected file it always returns 3, +# # although the man-page tells a different story + + ### http://www.cyber.com/ + ['CyberSoft VFind', 'vfind', + '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m, + # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'}, + ], + + ### http://www.avast.com/ + ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'], + '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ], + + ### http://www.ikarus-software.com/ + ['Ikarus AntiVirus for Linux', 'ikarus', + '{}', [0], [40], qr/Signature (.+) found/m ], + + ### http://www.bitdefender.com/ + ['BitDefender', 'bdscan', # new version + '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m, + qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m, + qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ], + + ### http://www.bitdefender.com/ + ['BitDefender', 'bdc', # old version + '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m, + qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, + qr/(?:suspected|infected): (.*)(?:\033|$)/m ], + # consider also: --all --nowarn --alev=15 --flev=15. The --all argument may + # not apply to your version of bdc, check documentation and see 'bdc --help' + + ### ArcaVir for Linux and Unix http://www.arcabit.pl/ + ['ArcaVir for Linux', ['arcacmd','arcacmd.static'], + '-v 1 -summary 0 -s {}', [0], [1,2], + qr/(?:VIR|WIR):[ \t]*(.+)/m ], + +# ### a generic SMTP-client interface to a SMTP-based virus scanner +# ['av_smtp', \&ask_av_smtp, +# ['{}', 'smtp:[127.0.0.1]:5525', 'dummy@localhost'], +# qr/^2/, qr/^5/, qr/^\s*(.*?)\s*$/m ], + +# ['File::Scan', sub {Amavis::AV::ask_av(sub{ +# use File::Scan; my($fn)=@_; +# my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0); +# my($vname) = $f->scan($fn); +# $f->error ? (2,"Error: ".$f->error) +# : ($vname ne '') ? (1,"$vname FOUND") : (0,"Clean")}, @_) }, +# ["{}/*"], [0], [1], qr/^(.*) FOUND$/m ], + +# ### fully-fledged checker for JPEG marker segments of invalid length +# ['check-jpeg', +# sub { use JpegTester (); Amavis::AV::ask_av(\&JpegTester::test_jpeg, @_) }, +# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ], +# # NOTE: place file JpegTester.pm somewhere where Perl can find it, +# # for example in /usr/local/lib/perl5/site_perl + +); + + +@av_scanners_backup = ( + + ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV + ['ClamAV-clamscan', 'clamscan', + "--stdout --no-summary -r --tempdir=$TEMPBASE {}", + [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], + +# ### http://www.clamav.net/ - using remote clamd scanner as a backup +# ['ClamAV-clamdscan', 'clamdscan', +# "--stdout --no-summary --config-file=/etc/clamd-client.conf {}", +# [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], + +# ['ClamAV-clamd-stream', +# \&ask_daemon, ["*", 'clamd:/var/run/clamav/clamd'], +# qr/\bOK$/m, qr/\bFOUND$/m, +# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], + + ### http://www.f-prot.com/ - backs up F-Prot Daemon, V6 + ['F-PROT Antivirus for UNIX', ['fpscan'], + '--report --mount --adware {}', # consider: --applications -s 4 -u 3 -z 10 + [0,8,64], [1,2,3, 4+1,4+2,4+3, 8+1,8+2,8+3, 12+1,12+2,12+3], + qr/^\[Found\s+[^\]]*\]\s+<([^ \t(>]*)/m ], + + ### http://www.f-prot.com/ - backs up F-Prot Daemon (old) + ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'], + '-dumb -archive -packed {}', [0,8], [3,6], # or: [0], [3,6,8], + qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/m ], + + ### http://www.trendmicro.com/ - backs up Trophie + ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'], + '-za -a {}', [0], qr/Found virus/m, qr/Found virus (.+) in/m ], + + ### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD + ['drweb - DrWeb Antivirus', # security LHA hole in Dr.Web 4.33 and earlier + ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'], + '-path={} -al -go -ot -cn -upn -ok-', + [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'m ], + + ### http://www.kaspersky.com/ + ['Kaspersky Antivirus v5.5', + ['/opt/kaspersky/kav4fs/bin/kav4fs-kavscanner', + '/opt/kav/5.5/kav4unix/bin/kavscanner', + '/opt/kav/5.5/kav4mailservers/bin/kavscanner', 'kavscanner'], + '-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25], + qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/m, +# sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"}, +# sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, + ], + +# Commented out because the name 'sweep' clashes with Debian and FreeBSD +# package/port of an audio editor. Make sure the correct 'sweep' is found +# in the path when enabling. +# +# ### http://www.sophos.com/ - backs up Sophie or SAVI-Perl +# ['Sophos Anti Virus (sweep)', 'sweep', +# '-nb -f -all -rec -ss -sc -archive -cab -mime -oe -tnef '. +# '--no-reset-atime {}', +# [0,2], qr/Virus .*? found/m, +# qr/^>>> Virus(?: fragment)? '?(.*?)'? found/m, +# ], +# # other options to consider: -idedir=/usr/local/sav + +# Always succeeds and considers mail clean. +# Potentially useful when all other scanners fail and it is desirable +# to let mail continue to flow with no virus checking (when uncommented). +# ['always-clean', sub {0}], + +); + + +1; # insure a defined return value diff --git a/config-archive/etc/apache2/httpd.conf,v b/config-archive/etc/apache2/httpd.conf,v new file mode 100644 index 0000000..b154a13 --- /dev/null +++ b/config-archive/etc/apache2/httpd.conf,v @@ -0,0 +1,346 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.05.03.05.05.32; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.07.12.13.11.32; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.28.10.14.59; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.07.12.13.11.32; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.05.03.05.07.03; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@# This is a modification of the default Apache 2.2 configuration file +# for Gentoo Linux. +# +# Support: +# http://www.gentoo.org/main/en/lists.xml [mailing lists] +# http://forums.gentoo.org/ [web forums] +# irc://irc.freenode.net#gentoo-apache [irc chat] +# +# Bug Reports: +# http://bugs.gentoo.org [gentoo related bugs] +# http://httpd.apache.org/bug_report.html [apache httpd related bugs] +# +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log" +# with ServerRoot set to "/usr" will be interpreted by the +# server as "/usr/var/log/apache2/foo.log". + +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to point the LockFile directive +# at a local disk. If you wish to share the same ServerRoot for multiple +# httpd daemons, you will need to change at least LockFile and PidFile. +ServerRoot "/usr/lib64/apache2" + +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable. +# Do not change manually, it will be overwritten on upgrade. +# +# The following modules are considered as the default configuration. +# If you wish to disable one of them, you may have to alter other +# configuration directives. +# +# Change these at your own risk! + +LoadModule actions_module modules/mod_actions.so +LoadModule alias_module modules/mod_alias.so +LoadModule asis_module modules/mod_asis.so +LoadModule auth_basic_module modules/mod_auth_basic.so + +LoadModule auth_digest_module modules/mod_auth_digest.so + +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +LoadModule authn_dbd_module modules/mod_authn_dbd.so +LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authn_file_module modules/mod_authn_file.so + +LoadModule authnz_ldap_module modules/mod_authnz_ldap.so + +LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule autoindex_module modules/mod_autoindex.so + +LoadModule cache_module modules/mod_cache.so + +LoadModule cgi_module modules/mod_cgi.so +#LoadModule cgid_module modules/mod_cgid.so +LoadModule charset_lite_module modules/mod_charset_lite.so + +LoadModule dav_module modules/mod_dav.so + + +LoadModule dav_fs_module modules/mod_dav_fs.so + + +LoadModule dav_lock_module modules/mod_dav_lock.so + +LoadModule dbd_module modules/mod_dbd.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule dir_module modules/mod_dir.so + +LoadModule disk_cache_module modules/mod_disk_cache.so + +LoadModule env_module modules/mod_env.so +LoadModule expires_module modules/mod_expires.so +LoadModule ext_filter_module modules/mod_ext_filter.so + +LoadModule file_cache_module modules/mod_file_cache.so + +LoadModule filter_module modules/mod_filter.so +LoadModule headers_module modules/mod_headers.so +LoadModule ident_module modules/mod_ident.so +LoadModule imagemap_module modules/mod_imagemap.so +LoadModule include_module modules/mod_include.so + +LoadModule info_module modules/mod_info.so + + +LoadModule ldap_module modules/mod_ldap.so + +LoadModule log_config_module modules/mod_log_config.so +LoadModule log_forensic_module modules/mod_log_forensic.so +LoadModule logio_module modules/mod_logio.so + +LoadModule mem_cache_module modules/mod_mem_cache.so + +LoadModule mime_module modules/mod_mime.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule negotiation_module modules/mod_negotiation.so + +LoadModule proxy_module modules/mod_proxy.so + + +LoadModule proxy_ajp_module modules/mod_proxy_ajp.so + + +LoadModule proxy_balancer_module modules/mod_proxy_balancer.so + + +LoadModule proxy_connect_module modules/mod_proxy_connect.so + + +LoadModule proxy_ftp_module modules/mod_proxy_ftp.so + + +LoadModule proxy_http_module modules/mod_proxy_http.so + +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule speling_module modules/mod_speling.so + +LoadModule ssl_module modules/mod_ssl.so + + +LoadModule status_module modules/mod_status.so + +LoadModule substitute_module modules/mod_substitute.so + +LoadModule suexec_module modules/mod_suexec.so + +LoadModule unique_id_module modules/mod_unique_id.so + +LoadModule userdir_module modules/mod_userdir.so + +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so + +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +User apache +Group apache + +# Supplemental configuration +# +# Most of the configuration files in the /etc/apache2/modules.d/ directory can +# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features +# or to modify the default configuration of the server. +# +# To know which flag to add to APACHE2_OPTS, look at the first line of the +# the file, which will usually be an where OPTION is the +# flag to use. +Include /etc/apache2/modules.d/*.conf + +# Virtual-host support +# +# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we +# include a default vhost (enabled by adding -D DEFAULT_VHOST to +# APACHE2_OPTS in /etc/conf.d/apache2). +Include /etc/apache2/vhosts.d/*.conf + +# vim: ts=4 filetype=apache +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d88 1 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d63 1 +d65 3 +d70 1 +d88 1 +d98 1 +d112 2 +d122 1 +d130 18 +d157 1 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a62 1 +LoadModule asis_module modules/mod_asis.so +a63 3 + +LoadModule auth_digest_module modules/mod_auth_digest.so + +a65 1 +LoadModule authn_dbd_module modules/mod_authn_dbd.so +a82 1 +LoadModule charset_lite_module modules/mod_charset_lite.so +a91 1 +LoadModule dbd_module modules/mod_dbd.so +a104 2 +LoadModule ident_module modules/mod_ident.so +LoadModule imagemap_module modules/mod_imagemap.so +a112 1 +LoadModule log_forensic_module modules/mod_log_forensic.so +a119 18 + +LoadModule proxy_module modules/mod_proxy.so + + +LoadModule proxy_ajp_module modules/mod_proxy_ajp.so + + +LoadModule proxy_balancer_module modules/mod_proxy_balancer.so + + +LoadModule proxy_connect_module modules/mod_proxy_connect.so + + +LoadModule proxy_ftp_module modules/mod_proxy_ftp.so + + +LoadModule proxy_http_module modules/mod_proxy_http.so + +a128 1 +LoadModule substitute_module modules/mod_substitute.so +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a87 1 +LoadModule cgid_module modules/mod_cgid.so +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@a86 1 +LoadModule cern_meta_module modules/mod_cern_meta.so +a104 1 +LoadModule dumpio_module modules/mod_dumpio.so +a148 2 +LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +a166 1 +LoadModule version_module modules/mod_version.so +@ diff --git a/config-archive/etc/apache2/modules.d/00_apache_manual.conf,v b/config-archive/etc/apache2/modules.d/00_apache_manual.conf,v new file mode 100644 index 0000000..240602e --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_apache_manual.conf,v @@ -0,0 +1,223 @@ +head 1.5; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.5 +date 2011.10.26.07.00.23; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2011.10.04.05.17.39; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2011.09.08.21.18.38; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.05.03.05.05.32; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.20.36.51; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.20.37.33; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.05.03.05.05.32; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.09.08.21.18.38; author root; state Exp; +branches; +next 1.1.1.4; + +1.1.1.4 +date 2011.10.04.05.17.39; author root; state Exp; +branches; +next 1.1.1.5; + +1.1.1.5 +date 2011.10.26.07.00.23; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.5 +log +@dispatch-conf update. +@ +text +@# Provide access to the documentation on your server as +# http://yourserver.example.com/manual/ +# The documentation is always available at +# http://httpd.apache.org/docs/2.2/ + +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.21/manual$1" + + + Options Indexes + AllowOverride None + Order allow,deny + Allow from all + + + SetHandler type-map + + + SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1 + RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2 + + LanguagePriority en de es fr ja ko pt-br + ForceLanguagePriority Prefer Fallback + + + +# vim: ts=4 filetype=apache +@ + + +1.4 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.20/manual$1" +d8 1 +a8 1 + +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.17/manual$1" +d8 1 +a8 1 + +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.16/manual$1" +d8 1 +a8 1 + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.15/manual$1" +d8 1 +a8 1 + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.16/manual$1" +d8 1 +a8 1 + +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.17/manual$1" +d8 1 +a8 1 + +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.20/manual$1" +d8 1 +a8 1 + +@ + + +1.1.1.4 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.21/manual$1" +d8 1 +a8 1 + +@ + + +1.1.1.5 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.21-r1/manual$1" +d8 1 +a8 1 + +@ diff --git a/config-archive/etc/apache2/modules.d/00_default_settings.conf,v b/config-archive/etc/apache2/modules.d/00_default_settings.conf,v new file mode 100644 index 0000000..eb25ddf --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_default_settings.conf,v @@ -0,0 +1,189 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2011.05.03.05.05.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.10.26.07.01.37; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# This configuration file reflects default settings for Apache HTTP Server. +# You may change these, but chances are that you may not need to. + +# Timeout: The number of seconds before receives and sends time out. +Timeout 300 + +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +KeepAlive On + +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +MaxKeepAliveRequests 100 + +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +KeepAliveTimeout 15 + +# UseCanonicalName: Determines how Apache constructs self-referencing +# URLs and the SERVER_NAME and SERVER_PORT variables. +# When set "Off", Apache will use the Hostname and Port supplied +# by the client. When set "On", Apache will use the value of the +# ServerName directive. +UseCanonicalName Off + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +AccessFileName .htaccess + +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minor | Minimal | Major | Prod +# where Full conveys the most information, and Prod the least. +ServerTokens Full + +# TraceEnable +# This directive overrides the behavior of TRACE for both the core server and +# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616, +# which disallows any request body to accompany the request. TraceEnable off +# causes the core server and mod_proxy to return a 405 (Method not allowed) +# error to the client. +# For security reasons this is turned off by default. (bug #240680) +TraceEnable off + +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +ServerSignature On + +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +HostnameLookups Off + +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall is used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +#EnableMMAP off +#EnableSendfile off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +ErrorLog /var/log/apache2/error.log + +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +LogLevel info + +# We configure the "default" to be a very restrictive set of features. + + Options FollowSymLinks + AllowOverride None + Order deny,allow + Deny from all + + +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# +# The index.html.var file (a type-map) is used to deliver content- +# negotiated documents. The MultiViews Options can be used for the +# same purpose, but it is much slower. +# +# To add files to that list use AddDirectoryIndex in a custom config +# file. Do not change this entry unless you know what you are doing. + + DirectoryIndex index.html index.html.var index.shtml index.htm + + +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. + + Order allow,deny + Deny from all + + +# vim: ts=4 filetype=apache +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d38 1 +a38 1 +ServerTokens Prod +d71 2 +a72 22 +EnableMMAP On +EnableSendfile On + +# FileEtag: Configures the file attributes that are used to create +# the ETag (entity tag) response header field when the document is +# based on a static file. (The ETag value is used in cache management +# to save network bandwidth.) +FileEtag INode MTime Size + +# ContentDigest: This directive enables the generation of Content-MD5 +# headers as defined in RFC1864 respectively RFC2616. +# The Content-MD5 header provides an end-to-end message integrity +# check (MIC) of the entity-body. A proxy or client may check this +# header for detecting accidental modification of the entity-body +# in transit. +# Note that this can cause performance problems on your server since +# the message digest is computed on every request (the values are +# not cached). +# Content-MD5 is only sent for documents served by the core, and not +# by any module. For example, SSI documents, output from CGI scripts, +# and byte range responses do not have this header. +ContentDigest Off +d79 1 +a79 1 +ErrorLog /var/log/apache2/error_log +d84 1 +a84 1 +LogLevel warn +d104 1 +a104 1 + DirectoryIndex index.html index.html.var +@ diff --git a/config-archive/etc/apache2/modules.d/00_error_documents.conf,v b/config-archive/etc/apache2/modules.d/00_error_documents.conf,v new file mode 100644 index 0000000..884516f --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_error_documents.conf,v @@ -0,0 +1,82 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.32; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# The configuration below implements multi-language error documents through +# content-negotiation. + +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html + +# Required modules: mod_alias, mod_include, mod_negotiation +# We use Alias to redirect any /error/HTTP_.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# You can modify the messages' appearance without changing any of the +# default HTTP_.html.var files by adding the line: +# Alias /error/include/ "/your/include/path/" +# which allows you to create your own set of files by starting with the +# /var/www/localhost/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. The default include files will display +# your Apache version number and your ServerAdmin email address regardless +# of the setting of ServerSignature. + + +Alias /error/ "/usr/share/apache2/error/" + + + AllowOverride None + Options IncludesNoExec + AddOutputFilter Includes html + AddHandler type-map var + Order allow,deny + Allow from all + LanguagePriority de en cs es fr it ja ko nl pl pt-br ro sv tr + ForceLanguagePriority Prefer Fallback + + +ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +ErrorDocument 410 /error/HTTP_GONE.html.var +ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/00_error_documents.conf.dist.new b/config-archive/etc/apache2/modules.d/00_error_documents.conf.dist.new new file mode 100644 index 0000000..815668f --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_error_documents.conf.dist.new @@ -0,0 +1,58 @@ +# The configuration below implements multi-language error documents through +# content-negotiation. + +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html + +# Required modules: mod_alias, mod_include, mod_negotiation +# We use Alias to redirect any /error/HTTP_.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# You can modify the messages' appearance without changing any of the +# default HTTP_.html.var files by adding the line: +# Alias /error/include/ "/your/include/path/" +# which allows you to create your own set of files by starting with the +# /var/www/localhost/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. The default include files will display +# your Apache version number and your ServerAdmin email address regardless +# of the setting of ServerSignature. + + +Alias /error/ "/usr/share/apache2/error/" + + + AllowOverride None + Options IncludesNoExec + AddOutputFilter Includes html + AddHandler type-map var + Order allow,deny + Allow from all + LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr + ForceLanguagePriority Prefer Fallback + + +ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +ErrorDocument 410 /error/HTTP_GONE.html.var +ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/modules.d/00_languages.conf,v b/config-archive/etc/apache2/modules.d/00_languages.conf,v new file mode 100644 index 0000000..d7e5903 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_languages.conf,v @@ -0,0 +1,157 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.32; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Settings for hosting different languages. + +# DefaultLanguage and AddLanguage allows you to specify the language of +# a document. You can then use content negotiation to give a browser a +# file in a language the user can understand. +# +# Specify a default language. This means that all data +# going out without a specific language tag (see below) will +# be marked with this one. You probably do NOT want to set +# this unless you are sure it is correct for all cases. +# +# It is generally better to not mark a page as +# being a certain language than marking it with the wrong +# language! +# +# DefaultLanguage nl +# +# Note 1: The suffix does not have to be the same as the language +# keyword --- those with documents in Polish (whose net-standard +# language code is pl) may wish to use "AddLanguage pl .po" to +# avoid the ambiguity with the common suffix for perl scripts. +# +# Note 2: The example entries below illustrate that in some cases +# the two character 'Language' abbreviation is not identical to +# the two character 'Country' code for its country, +# E.g. 'Danmark/dk' versus 'Danish/da'. +# +# Note 3: In the case of 'ltz' we violate the RFC by using a three char +# specifier. There is 'work in progress' to fix this and get +# the reference data for rfc1766 cleaned up. +# +# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) +# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) +# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) +# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) +# Norwegian (no) - Polish (pl) - Portugese (pt) +# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) +# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +# LanguagePriority allows you to give precedence to some languages +# in case of a tie during content negotiation. +# +# Just list the languages in decreasing order of preference. We have +# more or less alphabetized them here. You probably want to change this. +LanguagePriority de en ca cs da el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW + +# ForceLanguagePriority allows you to serve a result page rather than +# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) +# [in case no accepted languages matched the available variants] +ForceLanguagePriority Prefer Fallback + +# Commonly used filename extensions to character sets. You probably +# want to avoid clashes with the language extensions, unless you +# are good at carefully testing your setup after each change. +# See http://www.iana.org/assignments/character-sets for the +# official list of charset names and their respective RFCs. +AddCharset us-ascii.ascii .us-ascii +AddCharset ISO-8859-1 .iso8859-1 .latin1 +AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen +AddCharset ISO-8859-3 .iso8859-3 .latin3 +AddCharset ISO-8859-4 .iso8859-4 .latin4 +AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru +AddCharset ISO-8859-6 .iso8859-6 .arb .arabic +AddCharset ISO-8859-7 .iso8859-7 .grk .greek +AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew +AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk +AddCharset ISO-8859-10 .iso8859-10 .latin6 +AddCharset ISO-8859-13 .iso8859-13 +AddCharset ISO-8859-14 .iso8859-14 .latin8 +AddCharset ISO-8859-15 .iso8859-15 .latin9 +AddCharset ISO-8859-16 .iso8859-16 .latin10 +AddCharset ISO-2022-JP .iso2022-jp .jis +AddCharset ISO-2022-KR .iso2022-kr .kis +AddCharset ISO-2022-CN .iso2022-cn .cis +AddCharset Big5.Big5 .big5 .b5 +AddCharset cn-Big5 .cn-big5 +# For russian, more than one charset is used (depends on client, mostly): +AddCharset WINDOWS-1251 .cp-1251 .win-1251 +AddCharset CP866 .cp866 +AddCharset KOI8 .koi8 +AddCharset KOI8-E .koi8-e +AddCharset KOI8-r .koi8-r .koi8-ru +AddCharset KOI8-U .koi8-u +AddCharset KOI8-ru .koi8-uk .ua +AddCharset ISO-10646-UCS-2 .ucs2 +AddCharset ISO-10646-UCS-4 .ucs4 +AddCharset UTF-7 .utf7 +AddCharset UTF-8 .utf8 +AddCharset UTF-16 .utf16 +AddCharset UTF-16BE .utf16be +AddCharset UTF-16LE .utf16le +AddCharset UTF-32 .utf32 +AddCharset UTF-32BE .utf32be +AddCharset UTF-32LE .utf32le +AddCharset euc-cn .euc-cn +AddCharset euc-gb .euc-gb +AddCharset euc-jp .euc-jp +AddCharset euc-kr .euc-kr +# Not sure how euc-tw got in - IANA doesn't list it??? +AddCharset EUC-TW .euc-tw +AddCharset gb2312 .gb2312 .gb +AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2 +AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4 +AddCharset shift_jis .shift_jis .sjis + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/00_languages.conf.dist.new b/config-archive/etc/apache2/modules.d/00_languages.conf.dist.new new file mode 100644 index 0000000..c429bf9 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_languages.conf.dist.new @@ -0,0 +1,133 @@ +# Settings for hosting different languages. + +# DefaultLanguage and AddLanguage allows you to specify the language of +# a document. You can then use content negotiation to give a browser a +# file in a language the user can understand. +# +# Specify a default language. This means that all data +# going out without a specific language tag (see below) will +# be marked with this one. You probably do NOT want to set +# this unless you are sure it is correct for all cases. +# +# It is generally better to not mark a page as +# being a certain language than marking it with the wrong +# language! +# +# DefaultLanguage nl +# +# Note 1: The suffix does not have to be the same as the language +# keyword --- those with documents in Polish (whose net-standard +# language code is pl) may wish to use "AddLanguage pl .po" to +# avoid the ambiguity with the common suffix for perl scripts. +# +# Note 2: The example entries below illustrate that in some cases +# the two character 'Language' abbreviation is not identical to +# the two character 'Country' code for its country, +# E.g. 'Danmark/dk' versus 'Danish/da'. +# +# Note 3: In the case of 'ltz' we violate the RFC by using a three char +# specifier. There is 'work in progress' to fix this and get +# the reference data for rfc1766 cleaned up. +# +# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) +# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) +# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) +# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) +# Norwegian (no) - Polish (pl) - Portugese (pt) +# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) +# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +# LanguagePriority allows you to give precedence to some languages +# in case of a tie during content negotiation. +# +# Just list the languages in decreasing order of preference. We have +# more or less alphabetized them here. You probably want to change this. +LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW + +# ForceLanguagePriority allows you to serve a result page rather than +# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) +# [in case no accepted languages matched the available variants] +ForceLanguagePriority Prefer Fallback + +# Commonly used filename extensions to character sets. You probably +# want to avoid clashes with the language extensions, unless you +# are good at carefully testing your setup after each change. +# See http://www.iana.org/assignments/character-sets for the +# official list of charset names and their respective RFCs. +AddCharset us-ascii.ascii .us-ascii +AddCharset ISO-8859-1 .iso8859-1 .latin1 +AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen +AddCharset ISO-8859-3 .iso8859-3 .latin3 +AddCharset ISO-8859-4 .iso8859-4 .latin4 +AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru +AddCharset ISO-8859-6 .iso8859-6 .arb .arabic +AddCharset ISO-8859-7 .iso8859-7 .grk .greek +AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew +AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk +AddCharset ISO-8859-10 .iso8859-10 .latin6 +AddCharset ISO-8859-13 .iso8859-13 +AddCharset ISO-8859-14 .iso8859-14 .latin8 +AddCharset ISO-8859-15 .iso8859-15 .latin9 +AddCharset ISO-8859-16 .iso8859-16 .latin10 +AddCharset ISO-2022-JP .iso2022-jp .jis +AddCharset ISO-2022-KR .iso2022-kr .kis +AddCharset ISO-2022-CN .iso2022-cn .cis +AddCharset Big5.Big5 .big5 .b5 +AddCharset cn-Big5 .cn-big5 +# For russian, more than one charset is used (depends on client, mostly): +AddCharset WINDOWS-1251 .cp-1251 .win-1251 +AddCharset CP866 .cp866 +AddCharset KOI8 .koi8 +AddCharset KOI8-E .koi8-e +AddCharset KOI8-r .koi8-r .koi8-ru +AddCharset KOI8-U .koi8-u +AddCharset KOI8-ru .koi8-uk .ua +AddCharset ISO-10646-UCS-2 .ucs2 +AddCharset ISO-10646-UCS-4 .ucs4 +AddCharset UTF-7 .utf7 +AddCharset UTF-8 .utf8 +AddCharset UTF-16 .utf16 +AddCharset UTF-16BE .utf16be +AddCharset UTF-16LE .utf16le +AddCharset UTF-32 .utf32 +AddCharset UTF-32BE .utf32be +AddCharset UTF-32LE .utf32le +AddCharset euc-cn .euc-cn +AddCharset euc-gb .euc-gb +AddCharset euc-jp .euc-jp +AddCharset euc-kr .euc-kr +# Not sure how euc-tw got in - IANA doesn't list it??? +AddCharset EUC-TW .euc-tw +AddCharset gb2312 .gb2312 .gb +AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2 +AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4 +AddCharset shift_jis .shift_jis .sjis + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/modules.d/00_mod_autoindex.conf,v b/config-archive/etc/apache2/modules.d/00_mod_autoindex.conf,v new file mode 100644 index 0000000..bed6844 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_autoindex.conf,v @@ -0,0 +1,115 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.32; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +Alias /icons/ "/usr/share/apache2/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + +# Directives controlling the display of server-generated directory listings. +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. + +# IndexOptions: Controls the appearance of server-generated directory +# listings. +#IndexOptions FancyIndexing VersionSort +IndexOptions FancyIndexing VersionSort FoldersFirst HTMLTable IgnoreCase NameWidth=50 + +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (CDR,/icons/corel-document.png) image/x-coreldraw + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/corel-document.png .cdr + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename + +AddDescription "GZIP-komprimiertes Tar-Archiv" .tar.gz +AddDescription "GZIP-komprimiertes Dokument" .gz +AddDescription "Tar-Archive" .tar +AddDescription "GZIP-komprimiertes Tar-Archiv" .tgz +AddDescription "PDF-Dokument" .pdf +AddDescription "CorelDraw-Zeichnung" .cdr + +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. + +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/00_mod_autoindex.conf.dist.new b/config-archive/etc/apache2/modules.d/00_mod_autoindex.conf.dist.new new file mode 100644 index 0000000..ca2a168 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_autoindex.conf.dist.new @@ -0,0 +1,83 @@ + + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +Alias /icons/ "/usr/share/apache2/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + +# Directives controlling the display of server-generated directory listings. +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. + +# IndexOptions: Controls the appearance of server-generated directory +# listings. +IndexOptions FancyIndexing VersionSort + +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename + +#AddDescription "GZIP compressed document" .gz +#AddDescription "tar archive" .tar +#AddDescription "GZIP compressed tar archive" .tgz + +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. + +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/modules.d/00_mod_info.conf,v b/config-archive/etc/apache2/modules.d/00_mod_info.conf,v new file mode 100644 index 0000000..b232233 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_info.conf,v @@ -0,0 +1,42 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.32; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ +# Allow remote server configuration reports, with the URL of +# http://servername/server-info + + SetHandler server-info + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/00_mod_info.conf.dist.new b/config-archive/etc/apache2/modules.d/00_mod_info.conf.dist.new new file mode 100644 index 0000000..809c223 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_info.conf.dist.new @@ -0,0 +1,12 @@ + +# Allow remote server configuration reports, with the URL of +# http://servername/server-info + + SetHandler server-info + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/modules.d/00_mod_log_config.conf,v b/config-archive/etc/apache2/modules.d/00_mod_log_config.conf,v new file mode 100644 index 0000000..2a84509 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_log_config.conf,v @@ -0,0 +1,61 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ +# The following directives define some format nicknames for use with +# a CustomLog directive (see below). +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\"" full +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common + +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-Agent}i" agent +LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost + + +# You need to enable mod_logio.c to use %I and %O +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\" %I %O" full_io +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio + + +# The location and format of the access logfile (Common Logfile Format). +# If you do not define any access logfiles within a +# container, they will be logged here. Contrariwise, if you *do* +# define per- access logfiles, transactions will be +# logged therein and *not* in this file. +CustomLog /var/log/apache2/access.log full + +# If you would like to have agent and referer logfiles, +# uncomment the following directives. +#CustomLog /var/log/apache2/referer_log referer +#CustomLog /var/log/apache2/agent_logs agent + +# If you prefer a logfile with access, agent, and referer information +# (Combined Logfile Format) you can use the following directive. +#CustomLog /var/log/apache2/access_log combined + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/00_mod_log_config.conf.dist.new b/config-archive/etc/apache2/modules.d/00_mod_log_config.conf.dist.new new file mode 100644 index 0000000..ce0238e --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_log_config.conf.dist.new @@ -0,0 +1,35 @@ + +# The following directives define some format nicknames for use with +# a CustomLog directive (see below). +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common + +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-Agent}i" agent +LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost + + +# You need to enable mod_logio.c to use %I and %O +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio + + +# The location and format of the access logfile (Common Logfile Format). +# If you do not define any access logfiles within a +# container, they will be logged here. Contrariwise, if you *do* +# define per- access logfiles, transactions will be +# logged therein and *not* in this file. +CustomLog /var/log/apache2/access_log common + +# If you would like to have agent and referer logfiles, +# uncomment the following directives. +#CustomLog /var/log/apache2/referer_log referer +#CustomLog /var/log/apache2/agent_logs agent + +# If you prefer a logfile with access, agent, and referer information +# (Combined Logfile Format) you can use the following directive. +#CustomLog /var/log/apache2/access_log combined + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/modules.d/00_mod_mime.conf,v b/config-archive/etc/apache2/modules.d/00_mod_mime.conf,v new file mode 100644 index 0000000..68e75dc --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_mime.conf,v @@ -0,0 +1,107 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.09.01; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# DefaultType: the default MIME type the server will use for a document +# if it cannot otherwise determine one, such as from filename extensions. +# If your server contains mostly text or HTML documents, "text/plain" is +# a good value. If most of your content is binary, such as applications +# or images, you may want to use "application/octet-stream" instead to +# keep browsers from trying to display binary files as though they are +# text. +DefaultType text/plain + + +# TypesConfig points to the file containing the list of mappings from +# filename extension to MIME-type. +TypesConfig /etc/mime.types + +# AddType allows you to add to or override the MIME configuration +# file specified in TypesConfig for specific file types. +#AddType application/x-gzip .tgz + +# AddEncoding allows you to have certain browsers uncompress +# information on the fly. Note: Not all browsers support this. +AddEncoding x-compress .Z +AddEncoding x-gzip .gz .tgz + +# If the AddEncoding directives above are commented-out, then you +# probably should define those extensions to indicate media types: +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz + +# AddHandler allows you to map certain file extensions to "handlers": +# actions unrelated to filetype. These can be either built into the server +# or added with the Action directive (see below) + +# To use CGI scripts outside of ScriptAliased directories: +# (You will also need to add "ExecCGI" to the "Options" directive.) +#AddHandler cgi-script .cgi + +# For files that include their own HTTP headers: +#AddHandler send-as-is asis + +# For server-parsed imagemap files: +#AddHandler imap-file map + +# For type maps (negotiated resources): +AddHandler type-map var + +# Filters allow you to process content before it is sent to the client. +# +# To parse .shtml files for server-side includes (SSI): +# (You will also need to add "Includes" to the "Options" directive.) +#AddType text/html .shtml +#AddOutputFilter INCLUDES .shtml + + + +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +MIMEMagicFile /etc/apache2/magic + + +# vim: ts=4 filetype=apache +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d21 2 +a22 2 +#AddEncoding x-compress .Z +#AddEncoding x-gzip .gz .tgz +d37 6 +d44 1 +a44 1 +#AddHandler type-map var +@ diff --git a/config-archive/etc/apache2/modules.d/00_mod_status.conf,v b/config-archive/etc/apache2/modules.d/00_mod_status.conf,v new file mode 100644 index 0000000..754d476 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_status.conf,v @@ -0,0 +1,47 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + +# ExtendedStatus controls whether Apache will generate "full" status +# information (ExtendedStatus On) or just basic information (ExtendedStatus +# Off) when the "server-status" handler is called. +ExtendedStatus On + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/00_mod_status.conf.dist.new b/config-archive/etc/apache2/modules.d/00_mod_status.conf.dist.new new file mode 100644 index 0000000..edd46a4 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mod_status.conf.dist.new @@ -0,0 +1,17 @@ + +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + +# ExtendedStatus controls whether Apache will generate "full" status +# information (ExtendedStatus On) or just basic information (ExtendedStatus +# Off) when the "server-status" handler is called. +ExtendedStatus On + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/modules.d/00_mpm.conf,v b/config-archive/etc/apache2/modules.d/00_mpm.conf,v new file mode 100644 index 0000000..ca8ce23 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mpm.conf,v @@ -0,0 +1,123 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Server-Pool Management (MPM specific) + +# PidFile: The file in which the server should record its process +# identification number when it starts. +# +# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING +PidFile /var/run/apache2.pid + +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +#LockFile /var/run/apache2.lock + +# Only one of the below sections will be relevant on your +# installed httpd. Use "/usr/sbin/apache2 -l" to find out the +# active mpm. + +# common MPM configuration +# These configuration directives apply to all MPMs +# +# StartServers: Number of child server processes created at startup +# MaxClients: Maximum number of child processes to serve requests +# MaxRequestsPerChild: Limit on the number of requests that an individual child +# server will handle during its life + + +# prefork MPM +# This is the default MPM if USE=-threads +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 2 + MinSpareServers 2 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# worker MPM +# This is the default MPM if USE=threads +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# event MPM +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# peruser MPM +# +# MinSpareProcessors: Minimum number of idle child server processes +# MinProcessors: Minimum number of processors per virtual host +# MaxProcessors: Maximum number of processors per virtual host +# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable +# Multiplexer: Specify a Multiplexer child configuration. +# Processor: Specify a user and group for a specific child process + + MinSpareProcessors 2 + MinProcessors 2 + MaxProcessors 10 + MaxClients 150 + MaxRequestsPerChild 1000 + ExpireTimeout 1800 + + Multiplexer nobody nobody + Processor apache apache + + +# itk MPM +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/00_mpm.conf.dist.new b/config-archive/etc/apache2/modules.d/00_mpm.conf.dist.new new file mode 100644 index 0000000..20effa9 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/00_mpm.conf.dist.new @@ -0,0 +1,99 @@ +# Server-Pool Management (MPM specific) + +# PidFile: The file in which the server should record its process +# identification number when it starts. +# +# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING +PidFile /var/run/apache2.pid + +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +#LockFile /var/run/apache2.lock + +# Only one of the below sections will be relevant on your +# installed httpd. Use "/usr/sbin/apache2 -l" to find out the +# active mpm. + +# common MPM configuration +# These configuration directives apply to all MPMs +# +# StartServers: Number of child server processes created at startup +# MaxClients: Maximum number of child processes to serve requests +# MaxRequestsPerChild: Limit on the number of requests that an individual child +# server will handle during its life + + +# prefork MPM +# This is the default MPM if USE=-threads +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# worker MPM +# This is the default MPM if USE=threads +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# event MPM +# +# MinSpareThreads: Minimum number of idle threads available to handle request spikes +# MaxSpareThreads: Maximum number of idle threads +# ThreadsPerChild: Number of threads created by each child process + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# peruser MPM +# +# MinSpareProcessors: Minimum number of idle child server processes +# MinProcessors: Minimum number of processors per virtual host +# MaxProcessors: Maximum number of processors per virtual host +# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable +# Multiplexer: Specify a Multiplexer child configuration. +# Processor: Specify a user and group for a specific child process + + MinSpareProcessors 2 + MinProcessors 2 + MaxProcessors 10 + MaxClients 150 + MaxRequestsPerChild 1000 + ExpireTimeout 1800 + + Multiplexer nobody nobody + Processor apache apache + + +# itk MPM +# +# MinSpareServers: Minimum number of idle child server processes +# MaxSpareServers: Maximum number of idle child server processes + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 10000 + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/modules.d/47_mod_dav_svn.conf,v b/config-archive/etc/apache2/modules.d/47_mod_dav_svn.conf,v new file mode 100644 index 0000000..cd01af5 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/47_mod_dav_svn.conf,v @@ -0,0 +1,68 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2011.01.09.10.16.08; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ + LoadModule dav_svn_module modules/mod_dav_svn.so + + LoadModule authz_svn_module modules/mod_authz_svn.so + + +# Example configuration: +# +# DAV svn +# SVNPath /var/svn/repos +# AuthType Basic +# AuthName "Subversion repository" +# AuthUserFile /var/svn/conf/svnusers +# Require valid-user +# + + + DAV svn + SVNParentPath /var/lib/svn-repos + AuthType Basic + AuthName "Subversion repository" + AuthUserFile /etc/apache2/svnusers + + Require valid-user + + + + + DAV svn + SVNParentPath /var/lib/svn-repos-priv + AuthType Basic + AuthName "Subversion private repository" + AuthUserFile /etc/apache2/svnusers + Require valid-user + + + + SVNIndexXSLT /repo-browser/books/svnindex.xsl + + + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/47_mod_dav_svn.conf.dist.new b/config-archive/etc/apache2/modules.d/47_mod_dav_svn.conf.dist.new new file mode 100644 index 0000000..52d08b7 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/47_mod_dav_svn.conf.dist.new @@ -0,0 +1,16 @@ + +LoadModule dav_svn_module modules/mod_dav_svn.so + +LoadModule authz_svn_module modules/mod_authz_svn.so + + +# Example configuration: +# +# DAV svn +# SVNPath ${SVN_REPOS_LOC}/repos +# AuthType Basic +# AuthName "Subversion repository" +# AuthUserFile ${SVN_REPOS_LOC}/conf/svnusers +# Require valid-user +# + diff --git a/config-archive/etc/apache2/modules.d/70_mod_php5.conf,v b/config-archive/etc/apache2/modules.d/70_mod_php5.conf,v new file mode 100644 index 0000000..6f44c34 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/70_mod_php5.conf,v @@ -0,0 +1,61 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.08.19.20.46.20; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.19.20.46.56; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ + # Load the module first + + LoadModule php5_module modules/libphp5.so + + + # Set it to handle the files + + SetHandler application/x-httpd-php + + + + SetHandler application/x-httpd-php-source + + + DirectoryIndex index.php index.phtml + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d8 7 +a14 4 + + AddHandler application/x-httpd-php .php .php5 .phtml + AddHandler application/x-httpd-php-source .phps + +@ diff --git a/config-archive/etc/apache2/modules.d/75_mod_perl.conf,v b/config-archive/etc/apache2/modules.d/75_mod_perl.conf,v new file mode 100644 index 0000000..3ee6000 --- /dev/null +++ b/config-archive/etc/apache2/modules.d/75_mod_perl.conf,v @@ -0,0 +1,80 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.30.19.30.29; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ +LoadModule perl_module modules/mod_perl.so + +#PerlTrace all +PerlRequire "/etc/apache2/modules.d/apache2-mod_perl-startup.pl" +PerlModule ModPerl::Registry + +# Provide two aliases to the same cgi-bin directory, to see the effects of the +# 2 different mod_perl modes for Apache2::Registry Mode +Alias /perl/ /var/www/localhost/perl/ +# for Apache2::Perlrun Mode +Alias /cgi-perl/ /var/www/localhost/perl/ + + + SetHandler perl-script + PerlResponseHandler Apache2::Status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from localhost + AuthName "Server Status Access" + AuthType Basic + AuthUserFile /etc/apache2/info_users_passwd + Require valid-user + Satisfy Any + + + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlOptions +ParseHeaders + + +# set Apache::Registry Mode for /perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + +# set Apache::PerlRun Mode for /cgi-perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/modules.d/75_mod_perl.conf.dist.new b/config-archive/etc/apache2/modules.d/75_mod_perl.conf.dist.new new file mode 100644 index 0000000..596d2cc --- /dev/null +++ b/config-archive/etc/apache2/modules.d/75_mod_perl.conf.dist.new @@ -0,0 +1,50 @@ + +LoadModule perl_module modules/mod_perl.so + +#PerlTrace all +PerlRequire "/etc/apache2/modules.d/apache2-mod_perl-startup.pl" +PerlModule ModPerl::Registry + +# Provide two aliases to the same cgi-bin directory, to see the effects of the +# 2 different mod_perl modes for Apache2::Registry Mode +Alias /perl/ /var/www/localhost/perl/ +# for Apache2::Perlrun Mode +Alias /cgi-perl/ /var/www/localhost/perl/ + + + SetHandler perl-script + PerlResponseHandler Apache2::Status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + + + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlOptions +ParseHeaders + + +# set Apache::Registry Mode for /perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + +# set Apache::PerlRun Mode for /cgi-perl Alias + + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + Order allow,deny + Allow from all + + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf,v b/config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf,v new file mode 100644 index 0000000..9a3d591 --- /dev/null +++ b/config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf,v @@ -0,0 +1,216 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ + + +# see bug #178966 why this is in here + +# When we also provide SSL we have to listen to the HTTPS port +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" +Listen 443 +#Listen 127.0.0.1:443 +#Listen 85.214.134.152:443 +#Listen [::1]:443 +#Listen [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]:443 +#Listen [fe80::4261:86ff:feec:c1eb]:443 + +# Use name-based virtual hosting. +NameVirtualHost *:443 + +# + + ServerName www.brehm-online.com + Include /etc/apache2/vhosts.d/default_vhost.include + #Include /etc/apache2/vhosts.d/nagios.include + ErrorLog /var/log/apache2/ssl_error.log + + + #TransferLog /var/log/apache2/ssl_access_log + CustomLog /var/log/apache2/ssl_access.log full + + + ## SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + ## SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + ## Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If the certificate + # is encrypted, then you will be prompted for a pass phrase. Note that a + # kill -HUP will prompt again. Keep in mind that if you have both an RSA + # and a DSA certificate you can configure both in parallel (to also allow + # the use of DSA ciphers, etc.) + #SSLCertificateFile /etc/ssl/apache2/server.crt + SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Private Key: + # If the key is not combined with the certificate, use this directive to + # point at the key file. Keep in mind that if you've both a RSA and a DSA + # private key you can configure both in parallel (to also allow the use of + # DSA ciphers, etc.) + #SSLCertificateKeyFile /etc/ssl/apache2/server.key + SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem + + ## Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the concatenation of + # PEM encoded CA certificates which form the certificate chain for the + # server certificate. Alternatively the referenced file can be the same as + # SSLCertificateFile when the CA certificates are directly appended to the + # server certificate for convinience. + #SSLCertificateChainFile /etc/ssl/apache2/ca.crt + + ## Certificate Authority (CA): + # Set the CA certificate verification path where to find CA certificates + # for client authentication or alternatively one huge file containing all + # of them (file must be PEM encoded). + # Note: Inside SSLCACertificatePath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCACertificatePath /etc/ssl/apache2/ssl.crt + #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt + + ## Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client authentication + # or alternatively one huge file containing all of them (file must be PEM + # encoded). + # Note: Inside SSLCARevocationPath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCARevocationPath /etc/ssl/apache2/ssl.crl + #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl + + ## Client Authentication (Type): + # Client certificate verification type and depth. Types are none, optional, + # require and optional_no_ca. Depth is a number which specifies how deeply + # to verify the certificate issuer chain before deciding the certificate is + # not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + ## Access Control: + # With SSLRequire you can do per-directory access control based on arbitrary + # complex boolean expressions containing server variable checks and other + # lookup directives. The syntax is a mixture between C and Perl. See the + # mod_ssl documentation for more details. + # + # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + # + + ## SSL Engine Options: + # Set various options for the SSL engine. + + ## FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that the + # standard Auth/DBMAuth methods can be used for access control. The user + # name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + + ## ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server + # (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates into + # CGI scripts. + + ## StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the exportation + # for CGI and SSI requests only. + + ## StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under + # a "Satisfy any" situation, i.e. when it applies access is denied and no + # other module can change it. + + ## OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + ## SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait + # for the close notify alert from client. When you need a different + # shutdown approach you can use one of the following variables: + + ## ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates the + # SSL/TLS standard but is needed for some brain-dead browsers. Use this when + # you receive I/O errors because of the standard approach where mod_ssl + # sends the close notify alert. + + ## ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation works + # correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + + BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + + ## Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a compact + # non-error SSL logfile on a virtual host basis. + + CustomLog /var/log/apache2/ssl_request.log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf.dist.new b/config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf.dist.new new file mode 100644 index 0000000..98bfc2f --- /dev/null +++ b/config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf.dist.new @@ -0,0 +1,179 @@ + + + +# see bug #178966 why this is in here + +# When we also provide SSL we have to listen to the HTTPS port +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" +Listen 443 + + + ServerName localhost + Include /etc/apache2/vhosts.d/default_vhost.include + ErrorLog /var/log/apache2/ssl_error_log + + + TransferLog /var/log/apache2/ssl_access_log + + + ## SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + ## SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + ## Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If the certificate + # is encrypted, then you will be prompted for a pass phrase. Note that a + # kill -HUP will prompt again. Keep in mind that if you have both an RSA + # and a DSA certificate you can configure both in parallel (to also allow + # the use of DSA ciphers, etc.) + SSLCertificateFile /etc/ssl/apache2/server.crt + + ## Server Private Key: + # If the key is not combined with the certificate, use this directive to + # point at the key file. Keep in mind that if you've both a RSA and a DSA + # private key you can configure both in parallel (to also allow the use of + # DSA ciphers, etc.) + SSLCertificateKeyFile /etc/ssl/apache2/server.key + + ## Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the concatenation of + # PEM encoded CA certificates which form the certificate chain for the + # server certificate. Alternatively the referenced file can be the same as + # SSLCertificateFile when the CA certificates are directly appended to the + # server certificate for convinience. + #SSLCertificateChainFile /etc/ssl/apache2/ca.crt + + ## Certificate Authority (CA): + # Set the CA certificate verification path where to find CA certificates + # for client authentication or alternatively one huge file containing all + # of them (file must be PEM encoded). + # Note: Inside SSLCACertificatePath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCACertificatePath /etc/ssl/apache2/ssl.crt + #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt + + ## Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client authentication + # or alternatively one huge file containing all of them (file must be PEM + # encoded). + # Note: Inside SSLCARevocationPath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCARevocationPath /etc/ssl/apache2/ssl.crl + #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl + + ## Client Authentication (Type): + # Client certificate verification type and depth. Types are none, optional, + # require and optional_no_ca. Depth is a number which specifies how deeply + # to verify the certificate issuer chain before deciding the certificate is + # not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + ## Access Control: + # With SSLRequire you can do per-directory access control based on arbitrary + # complex boolean expressions containing server variable checks and other + # lookup directives. The syntax is a mixture between C and Perl. See the + # mod_ssl documentation for more details. + # + # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + # + + ## SSL Engine Options: + # Set various options for the SSL engine. + + ## FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that the + # standard Auth/DBMAuth methods can be used for access control. The user + # name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + + ## ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server + # (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates into + # CGI scripts. + + ## StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the exportation + # for CGI and SSI requests only. + + ## StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under + # a "Satisfy any" situation, i.e. when it applies access is denied and no + # other module can change it. + + ## OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + ## SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait + # for the close notify alert from client. When you need a different + # shutdown approach you can use one of the following variables: + + ## ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates the + # SSL/TLS standard but is needed for some brain-dead browsers. Use this when + # you receive I/O errors because of the standard approach where mod_ssl + # sends the close notify alert. + + ## ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation works + # correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + + BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + + ## Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a compact + # non-error SSL logfile on a virtual host basis. + + CustomLog /var/log/apache2/ssl_request_log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/vhosts.d/00_default_vhost.conf,v b/config-archive/etc/apache2/vhosts.d/00_default_vhost.conf,v new file mode 100644 index 0000000..54448df --- /dev/null +++ b/config-archive/etc/apache2/vhosts.d/00_default_vhost.conf,v @@ -0,0 +1,78 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Virtual Hosts +# +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + + +# see bug #178966 why this is in here + +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 +#Listen 127.0.0.1:80 +#Listen 85.214.134.152:80 +#Listen [::1]:80 +#Listen [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]:80 +#Listen [fe80::4261:86ff:feec:c1eb]:80 + +# Use name-based virtual hosting. +NameVirtualHost *:80 + +# When virtual hosts are enabled, the main host defined in the default +# httpd.conf configuration will go away. We redefine it here so that it is +# still available. +# +# If you disable this vhost by removing -D DEFAULT_VHOST from +# /etc/conf.d/apache2, the first defined virtual host elsewhere will be +# the default. + + ServerName www.brehm-online.com + Include /etc/apache2/vhosts.d/default_vhost.include + #Include /etc/apache2/vhosts.d/nagios.include + + + ServerEnvironment apache apache + + + + +# vim: ts=4 filetype=apache +@ diff --git a/config-archive/etc/apache2/vhosts.d/00_default_vhost.conf.dist.new b/config-archive/etc/apache2/vhosts.d/00_default_vhost.conf.dist.new new file mode 100644 index 0000000..9fa425a --- /dev/null +++ b/config-archive/etc/apache2/vhosts.d/00_default_vhost.conf.dist.new @@ -0,0 +1,48 @@ +# Virtual Hosts +# +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + + +# see bug #178966 why this is in here + +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 + +# Use name-based virtual hosting. +NameVirtualHost *:80 + +# When virtual hosts are enabled, the main host defined in the default +# httpd.conf configuration will go away. We redefine it here so that it is +# still available. +# +# If you disable this vhost by removing -D DEFAULT_VHOST from +# /etc/conf.d/apache2, the first defined virtual host elsewhere will be +# the default. + + ServerName localhost + Include /etc/apache2/vhosts.d/default_vhost.include + + + ServerEnvironment apache apache + + + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/apache2/vhosts.d/default_vhost.include,v b/config-archive/etc/apache2/vhosts.d/default_vhost.include,v new file mode 100644 index 0000000..3d3f650 --- /dev/null +++ b/config-archive/etc/apache2/vhosts.d/default_vhost.include,v @@ -0,0 +1,159 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@@your-domain.com +#ServerAdmin root@@localhost +ServerAdmin frank@@brehm-online.com + +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +# If you change this to something that isn't under /var/www then suexec +# will no longer work. +DocumentRoot "/var/www/localhost/htdocs" + +# This should be changed to whatever you set DocumentRoot to. + + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.2/mod/core.html#options + # for more information. + Options Indexes FollowSymLinks + + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit + AllowOverride All + + # Controls who can get stuff from this server. + Order allow,deny + Allow from all + + + + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + Alias /distfiles/ /usr/portage/distfiles/ + + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + Redirect permanent /FotoAlbum http://fotoalbum.brehm-online.com + Redirect permanent /fotoalbum http://fotoalbum.brehm-online.com + Redirect permanent /Foto_Album http://fotoalbum.brehm-online.com + Redirect permanent /foto_album http://fotoalbum.brehm-online.com + Redirect permanent /Foto-Album http://fotoalbum.brehm-online.com + Redirect permanent /foto-album http://fotoalbum.brehm-online.com + + Alias /Neues_Haus /home/frank/docs/Neues_Haus + Alias /neues_haus /home/frank/docs/Neues_Haus + Alias /Neues-Haus /home/frank/docs/Neues_Haus + Alias /neues-haus /home/frank/docs/Neues_Haus + Alias /NeuesHaus /home/frank/docs/Neues_Haus + Alias /neueshaus /home/frank/docs/Neues_Haus + + + Options Indexes FollowSymLinks + # IndexOptions FancyIndexing FoldersFirst IgnoreCase NameWidth=60 + # IndexOptions FancyIndexing FoldersFirst HTMLTable IgnoreCase NameWidth=50 + # AddDefaultCharset utf-8 + AddDefaultCharset utf-8 + AllowOverride All + Order allow,deny + Allow from all + + + Alias /oreilly /var/lib/backup-once/oreilly + + Options Indexes FollowSymLinks + AllowOverride All + Order allow,deny + Allow from all + + + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" + + + Alias /books/static /var/www/books/root/static + Alias /books/ /tmp/frbr_books_app.fcgi/ + #Alias /books/ /var/www/books/script/frbr_books_fastcgi.pl/ + + #AllowOverride None + Options None + Order allow,deny + Allow from all + + + + Alias /repo-browser/books/ /home/frank/devel/books/repo-browser/ + + Options Indexes FollowSymLinks + Allow from all + + + + +# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. + + AllowOverride None + Options None + Order allow,deny + Allow from all + + +# vim: filetype=apache ts=4 expandtab fileencoding=utf-8 +@ diff --git a/config-archive/etc/apache2/vhosts.d/default_vhost.include.dist.new b/config-archive/etc/apache2/vhosts.d/default_vhost.include.dist.new new file mode 100644 index 0000000..6d45888 --- /dev/null +++ b/config-archive/etc/apache2/vhosts.d/default_vhost.include.dist.new @@ -0,0 +1,73 @@ +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +ServerAdmin root@localhost + +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +# If you change this to something that isn't under /var/www then suexec +# will no longer work. +DocumentRoot "/var/www/localhost/htdocs" + +# This should be changed to whatever you set DocumentRoot to. + + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.2/mod/core.html#options + # for more information. + Options Indexes FollowSymLinks + + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit + AllowOverride All + + # Controls who can get stuff from this server. + Order allow,deny + Allow from all + + + + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" + + +# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. + + AllowOverride None + Options None + Order allow,deny + Allow from all + + +# vim: ts=4 filetype=apache diff --git a/config-archive/etc/auto.master,v b/config-archive/etc/auto.master,v new file mode 100644 index 0000000..04d6324 --- /dev/null +++ b/config-archive/etc/auto.master,v @@ -0,0 +1,64 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# Sample auto.master file +# This is an automounter map and it has the following format +# key [ -mount-options-separated-by-comma ] location +# For details of the format look at autofs(5). +# +/misc /etc/auto.misc +# +# NOTE: mounts done from a hosts map will be mounted with the +# "nosuid" and "nodev" options unless the "suid" and "dev" +# options are explicitly given. +# +/net -hosts +# +# Include central master map if it can be found using +# nsswitch sources. +# +# Note that if there are entries for /net or /misc (as +# above) in the included master map any keys that are the +# same will not be seen as the first read key seen takes +# precedence. +# +#+auto.master +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d23 1 +a23 1 ++auto.master +@ diff --git a/config-archive/etc/auto.misc,v b/config-archive/etc/auto.misc,v new file mode 100644 index 0000000..173dc97 --- /dev/null +++ b/config-archive/etc/auto.misc,v @@ -0,0 +1,40 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# This is an automounter map and it has the following format +# key [ -mount-options-separated-by-comma ] location +# Details may be found in the autofs(5) manpage + +#cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom + +# the following entries are samples to pique your imagination +#linux -ro,soft,intr ftp.example.org:/pub/linux +#boot -fstype=ext2 :/dev/hda1 +boot -fstype=ext3 :/dev/md0 +#floppy -fstype=auto :/dev/fd0 +#floppy -fstype=ext2 :/dev/fd0 +#e2floppy -fstype=ext2 :/dev/fd0 +#jaz -fstype=ext2 :/dev/sdc1 +#removable -fstype=ext2 :/dev/hdd +@ diff --git a/config-archive/etc/auto.misc.dist.new b/config-archive/etc/auto.misc.dist.new new file mode 100644 index 0000000..0ee5e75 --- /dev/null +++ b/config-archive/etc/auto.misc.dist.new @@ -0,0 +1,15 @@ +# +# This is an automounter map and it has the following format +# key [ -mount-options-separated-by-comma ] location +# Details may be found in the autofs(5) manpage + +cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom + +# the following entries are samples to pique your imagination +#linux -ro,soft,intr ftp.example.org:/pub/linux +#boot -fstype=ext2 :/dev/hda1 +#floppy -fstype=auto :/dev/fd0 +#floppy -fstype=ext2 :/dev/fd0 +#e2floppy -fstype=ext2 :/dev/fd0 +#jaz -fstype=ext2 :/dev/sdc1 +#removable -fstype=ext2 :/dev/hdd diff --git a/config-archive/etc/auto.smb,v b/config-archive/etc/auto.smb,v new file mode 100755 index 0000000..353c21d --- /dev/null +++ b/config-archive/etc/auto.smb,v @@ -0,0 +1,73 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.07.12.17.18.42; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.07.12.17.18.58; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#!/bin/bash + +# This file must be executable to work! chmod 755! + +key="$1" +opts="-fstype=cifs" + +for P in /bin /sbin /usr/bin /usr/sbin +do + if [ -x $P/smbclient ] + then + SMBCLIENT=$P/smbclient + break + fi +done + +[ -x $SMBCLIENT ] || exit 1 + +$SMBCLIENT -gNL $key 2>/dev/null| awk -v key="$key" -v opts="$opts" -F'|' -- ' + BEGIN { ORS=""; first=1 } + /Disk/ { + if (first) + print opts; first=0 + dir = $2 + loc = $2 + # Enclose mount dir and location in quotes + # Double quote "$" in location as it is special + gsub(/\$$/, "\\$", loc); + print " \\\n\t \"/" dir "\"", "\"://" key "/" loc "\"" + } + END { if (!first) print "\n"; else exit 1 } + ' + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a28 1 + gsub(/\&/,"\\\\&",loc) +@ diff --git a/config-archive/etc/autofs_ldap_auth.conf,v b/config-archive/etc/autofs_ldap_auth.conf,v new file mode 100644 index 0000000..bd25196 --- /dev/null +++ b/config-archive/etc/autofs_ldap_auth.conf,v @@ -0,0 +1,111 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.07.12.17.18.42; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.07.12.17.19.13; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ + + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d4 60 +a63 1 +See autofs_ldap_auth.conf(5) for more information. +@ diff --git a/config-archive/etc/bash/bashrc,v b/config-archive/etc/bash/bashrc,v new file mode 100644 index 0000000..c42e8e1 --- /dev/null +++ b/config-archive/etc/bash/bashrc,v @@ -0,0 +1,163 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.18.48.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/bash/bashrc +# +# This file is sourced by all *interactive* bash shells on startup, +# including some apparently interactive shells such as scp and rcp +# that can't tolerate any output. So make sure this doesn't display +# anything or bad things will happen ! + + +if [ -d /usr/scripts ] ; then + PATH=/usr/scripts:$PATH + export PATH +fi + +if [ -d $HOME/bin ] ; then + PATH=$PATH:$HOME/bin + export PATH +fi + +if [ -d $HOME/lib ] ; then + PERL5LIB=$HOME/lib + export PERL5LIB +fi + +# Test for an interactive shell. There is no need to set anything +# past this point for scp and rcp, and it's important to refrain from +# outputting anything in those cases. +if [[ $- != *i* ]] ; then + # Shell is non-interactive. Be done now! + return +fi + +# Bash won't get SIGWINCH if another process is in the foreground. +# Enable checkwinsize so that bash will check the terminal size when +# it regains control. #65623 +# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) +shopt -s checkwinsize + +# Enable history appending instead of overwriting. #139609 +shopt -s histappend + +# Change the window title of X terminals +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +use_color=false + +# Set colorful PS1 only on colorful terminals. +# dircolors --print-database uses its own built-in database +# instead of using /etc/DIR_COLORS. Try to use the external file +# first to take advantage of user additions. Use internal bash +# globbing instead of external grep binary. +safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM +match_lhs="" +[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" +[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) +[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true + +if ${use_color} ; then + # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 + if type -P dircolors >/dev/null ; then + if [[ -f ~/.dir_colors ]] ; then + eval $(dircolors -b ~/.dir_colors) + elif [[ -f /etc/DIR_COLORS ]] ; then + eval $(dircolors -b /etc/DIR_COLORS) + fi + fi + + if [[ ${EUID} == 0 ]] ; then + #PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' + PS1='$? \[\033[01;31m\]\h\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' + #PS1='$? \[\033[01;31m\]Gentoo (chroot)\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' + else + #PS1='\[\033[01;32m\]\u@@\h\[\033[01;34m\] \w \$\[\033[00m\] ' + PS1='$? \[\033[01;32m\]\u@@\h\[\033[01;30m\]:\[\033[01;34m\]\w > \[\033[00m\]' + fi + + alias ls='ls --color=auto' + #alias grep='grep --colour=auto' +else + if [[ ${EUID} == 0 ]] ; then + # show root@@ when we don't have colors + PS1='\u@@\h \W \$ ' + else + PS1='\u@@\h \w \$ ' + fi +fi + +if [[ ${EUID} == 0 ]] ; then + alias ll="ls -lA" +else + alias ll="ls -l" +fi +alias la="ls -la" +alias md=mkdir +alias rd=rmdir +alias ..='cd ..' +alias ...='cd ../..' +alias cd..='cd ..' +alias cd...='cd ../..' +alias pl="ps -fu $USER" +grep='grep --colour=auto' +alias cpwd='cd `realpath .`' + +HISTCONTROL=ignoreboth +HISTSIZE=5000 +HISTFILESIZE=5000 +HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S ' + +# Change the window title of X terminals +case $TERM in + xterm*|rxvt|Eterm|eterm) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +if [ -f /usr/share/mc/mc.gentoo ]; then + . /usr/share/mc/mc.gentoo +fi + +if [ -f /etc/profile.d/bash-completion ]; then + . /etc/profile.d/bash-completion +fi + + + +# Try to keep environment pollution down, EPA loves us. +unset use_color safe_term match_lhs +@ diff --git a/config-archive/etc/bash/bashrc.dist.new b/config-archive/etc/bash/bashrc.dist.new new file mode 100644 index 0000000..9ee6b9d --- /dev/null +++ b/config-archive/etc/bash/bashrc.dist.new @@ -0,0 +1,80 @@ +# /etc/bash/bashrc +# +# This file is sourced by all *interactive* bash shells on startup, +# including some apparently interactive shells such as scp and rcp +# that can't tolerate any output. So make sure this doesn't display +# anything or bad things will happen ! + + +# Test for an interactive shell. There is no need to set anything +# past this point for scp and rcp, and it's important to refrain from +# outputting anything in those cases. +if [[ $- != *i* ]] ; then + # Shell is non-interactive. Be done now! + return +fi + +# Bash won't get SIGWINCH if another process is in the foreground. +# Enable checkwinsize so that bash will check the terminal size when +# it regains control. #65623 +# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) +shopt -s checkwinsize + +# Enable history appending instead of overwriting. #139609 +shopt -s histappend + +# Change the window title of X terminals +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +use_color=false + +# Set colorful PS1 only on colorful terminals. +# dircolors --print-database uses its own built-in database +# instead of using /etc/DIR_COLORS. Try to use the external file +# first to take advantage of user additions. Use internal bash +# globbing instead of external grep binary. +safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM +match_lhs="" +[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" +[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) +[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true + +if ${use_color} ; then + # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 + if type -P dircolors >/dev/null ; then + if [[ -f ~/.dir_colors ]] ; then + eval $(dircolors -b ~/.dir_colors) + elif [[ -f /etc/DIR_COLORS ]] ; then + eval $(dircolors -b /etc/DIR_COLORS) + fi + fi + + if [[ ${EUID} == 0 ]] ; then + PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' + else + PS1='\[\033[01;32m\]\u@\h\[\033[01;34m\] \w \$\[\033[00m\] ' + fi + + alias ls='ls --color=auto' + alias grep='grep --colour=auto' +else + if [[ ${EUID} == 0 ]] ; then + # show root@ when we don't have colors + PS1='\u@\h \W \$ ' + else + PS1='\u@\h \w \$ ' + fi +fi + +# Try to keep environment pollution down, EPA loves us. +unset use_color safe_term match_lhs diff --git a/config-archive/etc/bind/bind.keys,v b/config-archive/etc/bind/bind.keys,v new file mode 100644 index 0000000..08cbaee --- /dev/null +++ b/config-archive/etc/bind/bind.keys,v @@ -0,0 +1,214 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.02.26.23.29.19; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.12.07.06.31.14; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.12.07.06.31.36; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.31.55; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.12.08.22.42.39; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@/* $Id: bind.keys,v 1.3 2011/02/26 23:31:46 root Exp $ */ +# The bind.keys file is used to override built-in DNSSEC trust anchors +# which are included as part of BIND 9. As of the current release (BIND +# 9.7), the only trust anchor it sets is the one for the ISC DNSSEC +# Lookaside Validation zone ("dlv.isc.org"). Trust anchors for any other +# zones MUST be configured elsewhere; if they are configured here, they +# will not be recognized or used by named. +# +# This file also contains a copy of the trust anchor for the DNS root zone +# ("."). However, named does not use it; it is provided here for +# informational purposes only. To switch on DNSSEC validation at the +# root, the root key below can be copied into named.conf. +# +# The built-in DLV trust anchor in this file is used directly by named. +# However, it is not activated unless specifically switched on. To use +# the DLV key, set "dnssec-lookaside auto;" in the named.conf options. +# Without this option being set, the key in this file is ignored. +# +# This file is NOT expected to be user-configured. +# +# These keys are current as of January 2011. If any key fails to +# initialize correctly, it may have expired. In that event you should +# replace this file with a current version. The latest version of +# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. + +managed-keys { + # ISC DLV: See https://www.isc.org/solutions/dlv for details. + # NOTE: This key is activated by setting "dnssec-lookaside auto;" + # in named.conf. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 + brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ + 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 + ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk + Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM + QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt + TDN0YUuWrBNh"; + + # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml + # for current trust anchor information. + # NOTE: This key is activated by setting "dnssec-validation auto;" + # in named.conf. + . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF + FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX + bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD + X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz + W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS + Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq + QxA+Uk1ihz0="; +}; +# vim: ts=4 filetype=named noai +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d1 25 +a25 1 +/* $Id: bind.keys,v 1.2 2011/02/09 13:57:10 root Exp $ */ +d27 22 +a48 4 + # NOTE: This key is current as of October 2009. + # If it fails to initialize correctly, it may have expired; + # see https://www.isc.org/solutions/dlv for a replacement. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt TDN0YUuWrBNh"; +a49 1 + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +d8 2 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a0 1 +/* $Id: bind.keys,v 1.5.42.1 2010/06/20 07:32:24 marka Exp $ */ +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 25 +/* $Id: bind.keys,v 1.5.42.2 2011-01-04 19:14:48 each Exp $ */ +# The bind.keys file is used to override built-in DNSSEC trust anchors +# which are included as part of BIND 9. As of the current release (BIND +# 9.7), the only trust anchor it sets is the one for the ISC DNSSEC +# Lookaside Validation zone ("dlv.isc.org"). Trust anchors for any other +# zones MUST be configured elsewhere; if they are configured here, they +# will not be recognized or used by named. +# +# This file also contains a copy of the trust anchor for the DNS root zone +# ("."). However, named does not use it; it is provided here for +# informational purposes only. To switch on DNSSEC validation at the +# root, the root key below can be copied into named.conf. +# +# The built-in DLV trust anchor in this file is used directly by named. +# However, it is not activated unless specifically switched on. To use +# the DLV key, set "dnssec-lookaside auto;" in the named.conf options. +# Without this option being set, the key in this file is ignored. +# +# This file is NOT expected to be user-configured. +# +# These keys are current as of January 2011. If any key fails to +# initialize correctly, it may have expired. In that event you should +# replace this file with a current version. The latest version of +# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. + +d3 4 +a6 22 + # ISC DLV: See https://www.isc.org/solutions/dlv for details. + # NOTE: This key is activated by setting "dnssec-lookaside auto;" + # in named.conf. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 + brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ + 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 + ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk + Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM + QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt + TDN0YUuWrBNh"; + + # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml + # for current trust anchor information. + # NOTE: This key is activated by setting "dnssec-validation auto;" + # in named.conf. + . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF + FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX + bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD + X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz + W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS + Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq + QxA+Uk1ihz0="; +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +/* $Id: bind.keys,v 1.5.42.3 2011-03-25 17:46:40 each Exp $ */ +d40 2 +a41 2 + # NOTE: This key not active; to use it, copy it into a managed-keys + # statement in named.conf +@ diff --git a/config-archive/etc/bind/named.conf,v b/config-archive/etc/bind/named.conf,v new file mode 100644 index 0000000..7ab9f1a --- /dev/null +++ b/config-archive/etc/bind/named.conf,v @@ -0,0 +1,199 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.11.30.17.17.05; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.10.04.21.35.27; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@//############################################################### +//# Bind9-Konfigurationsdatei +//# /etc/bind/named.conf +//# +//# $Header: /etc/bind/.rcs/named.conf,v 1.10 2011/02/09 13:58:03 root Exp $ +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@@brehm-online.com +//# +//############################################################### + + + +//############################################################### +//# Allgemeine Optionen + +options { + directory "/var/bind"; + + // uncomment the following lines to turn on DNS forwarding, + // and change the forwarding ip address(es) : + //forward first; + //forwarders { + // 123.123.123.123; + // 123.123.123.123; + //}; + + # Auf allen Ports lauschen ... + listen-on-v6 { + any; + }; + listen-on { + any; + }; + + // to allow only specific hosts to use the DNS server: + //allow-query { + // 127.0.0.1; + //}; + + allow-notify { + 85.214.147.150; + 85.214.134.152; + 127.0.0.1/8; + ::1; + 2a01:238:4225:6e00:8f8c:808a:7fb8:88df; + 2a01:238:4239:8a00:d4da:215d:3d01:f9b9; + }; + + // if you have problems and are behind a firewall: + //query-source address * port 53; + pid-file "/var/run/named/named.pid"; + + version "none"; + +}; + +// Logging +include "/etc/bind/named-log.conf"; + +// Managed Keys +include "/etc/bind/bind.keys"; + +//############################################################### +//# Kontrollkanäle für RNDC + +controls { + inet 127.0.0.1 port 953 allow { + 127.0.0.1; + } keys { + "rndc-key"; + }; +}; + +//############################################################### +//# Id-Schlüssel + +key rndc-key { + algorithm hmac-md5; + secret "qVWegky7GAFenNmgrZgf6A=="; +}; + +key DYN_DNS_UPDATER { + algorithm hmac-md5; + secret "gi69Yjzo1OSPVQ/oTTgw+Q=="; +}; + +// Access-Control-Listen +include "/etc/bind/named-acl.conf"; + +// Briefly, a zone which has been declared delegation-only will be effectively +// limited to containing NS RRs for subdomains, but no actual data beyond its +// own apex (for example, its SOA RR and apex NS RRset). This can be used to +// filter out "wildcard" or "synthesized" data from NAT boxes or from +// authoritative name servers whose undelegated (in-zone) data is of no +// interest. +// See http://www.isc.org/products/BIND/delegation-only.html for more info + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//############################################################### +//# Hint-Zonen (zum Finden der Root-Server) + +zone "." IN { + type hint; + file "named.cache"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; +}; + +//############################################################### +// Include der Zonendefinitionen + +// Master-Zonen +include "/etc/bind/named-pri.conf"; + +// Dynamische Zonen +include "/etc/bind/named-dyn.conf"; + +// Slave-Zonen +include "/etc/bind/named-sec.conf"; + + + +# vim: ts=4 filetype=named noai +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/.rcs/named.conf,v 1.8 2010/06/30 21:40:49 root Exp $ +d49 1 +d62 3 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d5 1 +a5 1 +//# $Header: /etc/bind/named.conf,v 1.8 2010/06/30 21:40:49 root Exp $ +@ diff --git a/config-archive/etc/bind/named.conf.dist.new b/config-archive/etc/bind/named.conf.dist.new new file mode 100644 index 0000000..aab639f --- /dev/null +++ b/config-archive/etc/bind/named.conf.dist.new @@ -0,0 +1,172 @@ +/* + * Refer to the named.conf(5) and named(8) man pages, and the documentation + * in /usr/share/doc/bind-9 for more details. + * Online versions of the documentation can be found here: + * http://www.isc.org/software/bind/documentation + * + * If you are going to set up an authoritative server, make sure you + * understand the hairy details of how DNS works. Even with simple mistakes, + * you can break connectivity for affected parties, or cause huge amounts of + * useless Internet traffic. + */ + +acl "xfer" { + /* Deny transfers by default except for the listed hosts. + * If we have other name servers, place them here. + */ + none; +}; + +/* + * You might put in here some ips which are allowed to use the cache or + * recursive queries + */ +acl "trusted" { + 127.0.0.0/8; + ::1/128; +}; + +options { + directory "/var/bind"; + pid-file "/var/run/named/named.pid"; + + /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ + //bindkeys-file "/etc/bind/bind.keys"; + + listen-on-v6 { ::1; }; + listen-on { 127.0.0.1; }; + + allow-query { + /* + * Accept queries from our "trusted" ACL. We will + * allow anyone to query our master zones below. + * This prevents us from becoming a free DNS server + * to the masses. + */ + trusted; + }; + + allow-query-cache { + /* Use the cache for the "trusted" ACL. */ + trusted; + }; + + allow-recursion { + /* Only trusted addresses are allowed to use recursion. */ + trusted; + }; + + allow-transfer { + /* Zone tranfers are denied by default. */ + none; + }; + + allow-update { + /* Don't allow updates, e.g. via nsupdate. */ + none; + }; + + /* + * If you've got a DNS server around at your upstream provider, enter its + * IP address here, and enable the line below. This will make you benefit + * from its cache, thus reduce overall DNS traffic in the Internet. + * + * Uncomment the following lines to turn on DNS forwarding, and change + * and/or update the forwarding ip address(es): + */ +/* + forward first; + forwarders { + // 123.123.123.123; // Your ISP NS + // 124.124.124.124; // Your ISP NS + // 4.2.2.1; // Level3 Public DNS + // 4.2.2.2; // Level3 Public DNS + 8.8.8.8; // Google Open DNS + 8.8.4.4; // Google Open DNS + }; + +*/ + + //dnssec-enable yes; + //dnssec-validation yes; + + /* + * As of bind 9.8.0: + * "If the root key provided has expired, + * named will log the expiration and validation will not work." + */ + //dnssec-validation auto; + + /* if you have problems and are behind a firewall: */ + //query-source address * port 53; +}; + +/* +logging { + channel default_log { + file "/var/log/named/named.log" versions 5 size 50M; + print-time yes; + print-severity yes; + print-category yes; + }; + + category default { default_log; }; + category general { default_log; }; +}; +*/ + +include "/etc/bind/rndc.key"; +controls { + inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; +}; + +zone "." in { + type hint; + file "/var/bind/root.cache"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + notify no; +}; + +/* + * Briefly, a zone which has been declared delegation-only will be effectively + * limited to containing NS RRs for subdomains, but no actual data beyond its + * own apex (for example, its SOA RR and apex NS RRset). This can be used to + * filter out "wildcard" or "synthesized" data from NAT boxes or from + * authoritative name servers whose undelegated (in-zone) data is of no + * interest. + * See http://www.isc.org/software/bind/delegation-only for more info + */ + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//zone "YOUR-DOMAIN.TLD" { +// type master; +// file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; +// allow-query { any; }; +// allow-transfer { xfer; }; +//}; + +//zone "YOUR-SLAVE.TLD" { +// type slave; +// file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; +// masters { ; }; + + /* Anybody is allowed to query but transfer should be controlled by the master. */ +// allow-query { any; }; +// allow-transfer { none; }; + + /* The master should be the only one who notifies the slaves, shouldn't it? */ +// allow-notify { ; }; +// notify no; +//}; diff --git a/config-archive/etc/clamd.conf,v b/config-archive/etc/clamd.conf,v new file mode 100644 index 0000000..a8640d0 --- /dev/null +++ b/config-archive/etc/clamd.conf,v @@ -0,0 +1,737 @@ +head 1.6; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.6 +date 2011.10.26.07.00.23; author root; state Exp; +branches; +next 1.5; + +1.5 +date 2011.08.09.19.10.50; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2011.02.26.21.34.30; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2011.01.09.10.16.08; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.11.25.23.01.21; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.37.04; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.09.10.37.04; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.11.25.23.01.21; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.01.09.10.16.08; author root; state Exp; +branches; +next 1.1.1.4; + +1.1.1.4 +date 2011.02.26.21.34.30; author root; state Exp; +branches; +next 1.1.1.5; + +1.1.1.5 +date 2011.08.09.19.10.50; author root; state Exp; +branches; +next 1.1.1.6; + +1.1.1.6 +date 2011.10.26.07.00.23; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.6 +log +@dispatch-conf update. +@ +text +@## +## Example config file for the Clam AV daemon +## Please read the clamd.conf(5) manual before editing this file. +## + + +# Comment or remove the line below. +# Example + +# Uncomment this option to enable logging. +# LogFile must be writable for the user running daemon. +# A full path is required. +# Default: disabled +LogFile /var/log/clamav/clamd.log + +# By default the log file is locked for writing - the lock protects against +# running clamd multiple times (if want to run another clamd, please +# copy the configuration file, change the LogFile variable, and run +# the daemon with --config-file option). +# This option disables log file locking. +# Default: no +#LogFileUnlock yes + +# Maximum size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size +# in bytes just don't use modifiers. +# Default: 1M +#LogFileMaxSize 2M + +# Log time with each message. +# Default: no +LogTime yes + +# Also log clean files. Useful in debugging but drastically increases the +# log size. +# Default: no +#LogClean yes + +# Use system logger (can work together with LogFile). +# Default: no +#LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# Log additional information about the infected file, such as its +# size and hash, together with the virus name. +#ExtendedDetectionInfo yes + +# This option allows you to save a process identifier of the listening +# daemon (main thread). +# Default: disabled +PidFile /var/run/clamav/clamd.pid + +# Optional path to the global temporary directory. +# Default: system specific (usually /tmp or /var/tmp). +#TemporaryDirectory /var/tmp + +# Path to the database directory. +# Default: hardcoded (depends on installation options) +#DatabaseDirectory /var/lib/clamav + +# Only load the official signatures published by the ClamAV project. +# Default: no +#OfficialDatabaseOnly no + +# The daemon can work in local mode, network mode or both. +# Due to security reasons we recommend the local mode. + +# Path to a local socket file the daemon will listen on. +# Default: disabled (must be specified by a user) +LocalSocket /var/run/clamav/clamd.sock + +# Sets the group ownership on the unix socket. +# Default: disabled (the primary group of the user running clamd) +#LocalSocketGroup virusgroup + +# Sets the permissions on the unix socket to the specified mode. +# Default: disabled (socket is world accessible) +#LocalSocketMode 660 + +# Remove stale socket after unclean shutdown. +# Default: yes +#FixStaleSocket yes + +# TCP port address. +# Default: no +#TCPSocket 3310 + +# TCP address. +# By default we bind to INADDR_ANY, probably not wise. +# Enable the following to provide some degree of protection +# from the outside world. +# Default: no +#TCPAddr 127.0.0.1 + +# Maximum length the queue of pending connections may grow to. +# Default: 200 +#MaxConnectionQueueLength 30 + +# Clamd uses FTP-like protocol to receive data from remote clients. +# If you are using clamav-milter to balance load between remote clamd daemons +# on firewall servers you may need to tune the options below. + +# Close the connection when the data size limit is exceeded. +# The value should match your MTA's limit for a maximum attachment size. +# Default: 25M +#StreamMaxLength 10M + +# Limit port range. +# Default: 1024 +#StreamMinPort 30000 +# Default: 2048 +#StreamMaxPort 32000 + +# Maximum number of threads running at the same time. +# Default: 10 +#MaxThreads 20 + +# Waiting for data from a client socket will timeout after this time (seconds). +# Default: 120 +#ReadTimeout 300 + +# This option specifies the time (in seconds) after which clamd should +# timeout if a client doesn't provide any initial command after connecting. +# Default: 5 +#CommandReadTimeout 5 + +# This option specifies how long to wait (in miliseconds) if the send buffer is full. +# Keep this value low to prevent clamd hanging +# +# Default: 500 +#SendBufTimeout 200 + +# Maximum number of queued items (including those being processed by MaxThreads threads) +# It is recommended to have this value at least twice MaxThreads if possible. +# WARNING: you shouldn't increase this too much to avoid running out of file descriptors, +# the following condition should hold: +# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) +# +# Default: 100 +#MaxQueue 200 + +# Waiting for a new job will timeout after this time (seconds). +# Default: 30 +#IdleTimeout 60 + +# Don't scan files and directories matching regex +# This directive can be used multiple times +# Default: scan all +#ExcludePath ^/proc/ +#ExcludePath ^/sys/ + +# Maximum depth directories are scanned at. +# Default: 15 +#MaxDirectoryRecursion 20 + +# Follow directory symlinks. +# Default: no +#FollowDirectorySymlinks yes + +# Follow regular file symlinks. +# Default: no +#FollowFileSymlinks yes + +# Scan files and directories on other filesystems. +# Default: yes +#CrossFilesystems yes + +# Perform a database check. +# Default: 600 (10 min) +#SelfCheck 600 + +# Execute a command when virus is found. In the command string %v will +# be replaced with the virus name. +# Default: no +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" + +# Run as another user (clamd must be started by root for this option to work) +# Default: don't drop privileges +User clamav + +# Initialize supplementary group access (clamd must be started by root). +# Default: no +AllowSupplementaryGroups yes + +# Stop daemon when libclamav reports out of memory condition. +#ExitOnOOM yes + +# Don't fork into background. +# Default: no +#Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Do not remove temporary files (for debug purposes). +# Default: no +#LeaveTemporaryFiles yes + +# Detect Possibly Unwanted Applications. +# Default: no +#DetectPUA yes + +# Exclude a specific PUA category. This directive can be used multiple times. +# See http://www.clamav.net/support/pua for the complete list of PUA +# categories. +# Default: Load all categories (if DetectPUA is activated) +#ExcludePUA NetTool +#ExcludePUA PWTool + +# Only include a specific PUA category. This directive can be used multiple +# times. +# Default: Load all categories (if DetectPUA is activated) +#IncludePUA Spy +#IncludePUA Scanner +#IncludePUA RAT + +# In some cases (eg. complex malware, exploits in graphic files, and others), +# ClamAV uses special algorithms to provide accurate detection. This option +# controls the algorithmic detection. +# Default: yes +#AlgorithmicDetection yes + + +## +## Executable files +## + +# PE stands for Portable Executable - it's an executable file format used +# in all 32 and 64-bit versions of Windows operating systems. This option allows +# ClamAV to perform a deeper analysis of executable files and it's also +# required for decompression of popular executable packers such as UPX, FSG, +# and Petite. +# Default: yes +#ScanPE yes + +# Executable and Linking Format is a standard format for UN*X executables. +# This option allows you to control the scanning of ELF files. +# Default: yes +#ScanELF yes + +# With this option clamav will try to detect broken executables (both PE and +# ELF) and mark them as Broken.Executable. +# Default: no +#DetectBrokenExecutables yes + + +## +## Documents +## + +# This option enables scanning of OLE2 files, such as Microsoft Office +# documents and .msi files. +# Default: yes +#ScanOLE2 yes + + +# With this option enabled OLE2 files with VBA macros, which were not +# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". +# Default: no +#OLE2BlockMacros no + +# This option enables scanning within PDF files. +# Default: yes +#ScanPDF yes + + +## +## Mail files +## + +# Enable internal e-mail scanner. +# Default: yes +#ScanMail yes + +# Scan RFC1341 messages split over many emails. +# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. +# WARNING: This option may open your system to a DoS attack. +# Never use it on loaded servers. +# Default: no +#ScanPartialMessages yes + + +# With this option enabled ClamAV will try to detect phishing attempts by using +# signatures. +# Default: yes +#PhishingSignatures yes + +# Scan URLs found in mails for phishing attempts using heuristics. +# Default: yes +#PhishingScanURLs yes + +# Always block SSL mismatches in URLs, even if the URL isn't in the database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockSSLMismatch no + +# Always block cloaked URLs, even if URL isn't in database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockCloak no + +# Allow heuristic match to take precedence. +# When enabled, if a heuristic scan (such as phishingScan) detects +# a possible virus/phish it will stop scan immediately. Recommended, saves CPU +# scan-time. +# When disabled, virus/phish detected by heuristic scans will be reported only at +# the end of a scan. If an archive contains both a heuristically detected +# virus/phish, and a real malware, the real malware will be reported +# +# Keep this disabled if you intend to handle "*.Heuristics.*" viruses +# differently from "real" malware. +# If a non-heuristically-detected virus (signature-based) is found first, +# the scan is interrupted immediately, regardless of this config option. +# +# Default: no +#HeuristicScanPrecedence yes + +## +## Data Loss Prevention (DLP) +## + +# Enable the DLP module +# Default: No +#StructuredDataDetection yes + +# This option sets the lowest number of Credit Card numbers found in a file +# to generate a detect. +# Default: 3 +#StructuredMinCreditCardCount 5 + +# This option sets the lowest number of Social Security Numbers found +# in a file to generate a detect. +# Default: 3 +#StructuredMinSSNCount 5 + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxx-yy-zzzz +# Default: yes +#StructuredSSNFormatNormal yes + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxxyyzzzz +# Default: no +#StructuredSSNFormatStripped yes + + +## +## HTML +## + +# Perform HTML normalisation and decryption of MS Script Encoder code. +# Default: yes +#ScanHTML yes + + +## +## Archives +## + +# ClamAV can scan within archives and compressed files. +# Default: yes +#ScanArchive yes + +# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). +# Default: no +#ArchiveBlockEncrypted no + + +## +## Limits +## + +# The options below protect your system against Denial of Service attacks +# using archive bombs. + +# This option sets the maximum amount of data to be scanned for each input file. +# Archives and other containers are recursively extracted and scanned up to this +# value. +# Value of 0 disables the limit +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 100M +#MaxScanSize 150M + +# Files larger than this limit won't be scanned. Affects the input file itself +# as well as files contained inside it (when the input file is an archive, a +# document or some other kind of container). +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 25M +#MaxFileSize 30M + +# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR +# file, all files within it will also be scanned. This options specifies how +# deeply the process should be continued. +# Note: setting this limit too high may result in severe damage to the system. +# Default: 16 +#MaxRecursion 10 + +# Number of files to be scanned within an archive, a document, or any other +# container file. +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10000 +#MaxFiles 15000 + + +## +## Clamuko settings +## + +# Enable Clamuko. Dazuko must be configured and running. Clamuko supports +# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS +# is the preferred option. For more information please visit www.dazuko.org +# Default: no +#ClamukoScanOnAccess yes + +# The number of scanner threads that will be started (DazukoFS only). +# Having multiple scanner threads allows Clamuko to serve multiple +# processes simultaneously. This is particularly beneficial on SMP machines. +# Default: 3 +#ClamukoScannerCount 3 + +# Don't scan files larger than ClamukoMaxFileSize +# Value of 0 disables the limit. +# Default: 5M +#ClamukoMaxFileSize 10M + +# Set access mask for Clamuko (Dazuko only). +# Default: no +#ClamukoScanOnOpen yes +#ClamukoScanOnClose yes +#ClamukoScanOnExec yes + +# Set the include paths (all files inside them will be scanned). You can have +# multiple ClamukoIncludePath directives but each directory must be added +# in a seperate line. (Dazuko only) +# Default: disabled +#ClamukoIncludePath /home +#ClamukoIncludePath /students + +# Set the exclude paths. All subdirectories are also excluded. (Dazuko only) +# Default: disabled +#ClamukoExcludePath /home/bofh + +# With this option you can whitelist specific UIDs. Processes with these UIDs +# will be able to access all files. +# This option can be used multiple times (one per line). +# Default: disabled +#ClamukoExcludeUID 0 + +# With this option enabled ClamAV will load bytecode from the database. +# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses. +# Default: yes +#Bytecode yes + +# Set bytecode security level. +# Possible values: +# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS +# This value is only available if clamav was built with --enable-debug! +# TrustSigned - trust bytecode loaded from signed .c[lv]d files, +# insert runtime safety checks for bytecode loaded from other sources +# Paranoid - don't trust any bytecode, insert runtime checks for all +# Recommended: TrustSigned, because bytecode in .cvd files already has these checks +# Note that by default only signed bytecode is loaded, currently you can only +# load unsigned bytecode in --enable-debug mode. +# +# Default: TrustSigned +#BytecodeSecurity TrustSigned + +# Set bytecode timeout in miliseconds. +# +# Default: 5000 +# BytecodeTimeout 1000 +@ + + +1.5 +log +@dispatch-conf update. +@ +text +@a128 1 +# Value of 0 disables the timeout. +d460 6 +@ + + +1.4 +log +@dispatch-conf update. +@ +text +@d106 1 +a106 1 +# Default: 15 +d483 2 +a484 2 +# Default: 60000 +# BytecodeTimeout 60000 +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@d54 2 +a55 3 +# Provide additional information about the infected file, such as its +# size and hash, together with the virus name. It's recommended to enable +# this option along with SubmitDetectionStats in freshclam.conf. +d268 6 +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d54 5 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d401 1 +a401 3 +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Value of 0 disables the limit. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d401 3 +a403 1 +# Note: setting this limit too high may result in severe damage to the system. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a53 5 +# Provide additional information about the infected file, such as its +# size and hash, together with the virus name. It's recommended to enable +# this option along with SubmitDetectionStats in freshclam.conf. +#ExtendedDetectionInfo yes + +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d54 3 +a56 2 +# Log additional information about the infected file, such as its +# size and hash, together with the virus name. +a268 6 + +# With this option enabled OLE2 files with VBA macros, which were not +# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". +# Default: no +#OLE2BlockMacros no + +@ + + +1.1.1.4 +log +@dispatch-conf update. +@ +text +@d106 1 +a106 1 +# Default: 200 +d483 2 +a484 2 +# Default: 5000 +# BytecodeTimeout 1000 +@ + + +1.1.1.5 +log +@dispatch-conf update. +@ +text +@d129 1 +a460 6 + +# With this option you can whitelist specific UIDs. Processes with these UIDs +# will be able to access all files. +# This option can be used multiple times (one per line). +# Default: disabled +#ClamukoExcludeUID 0 +@ + + +1.1.1.6 +log +@dispatch-conf update. +@ +text +@d243 1 +a243 2 +# and Petite. If you turn off this option, the original files will still be +# scanned, but without additional processing. +a248 2 +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +a263 2 +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +a273 2 +# If you turn off this option, the original files will still be scanned, but +# without decoding and additional processing. +a282 2 +# If you turn off this option, the original files will still be scanned, but +# without parsing individual messages/attachments. +a365 2 +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +a373 2 +# If you turn off this option, the original files will still be scanned, but +# without unpacking and additional processing. +@ diff --git a/config-archive/etc/conf.d/apache2,v b/config-archive/etc/conf.d/apache2,v new file mode 100644 index 0000000..bacccad --- /dev/null +++ b/config-archive/etc/conf.d/apache2,v @@ -0,0 +1,150 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.28.10.14.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.28.10.15.10; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# /etc/conf.d/apache2: config file for /etc/init.d/apache2 + +# When you install a module it is easy to activate or deactivate the modules +# and other features of apache using the APACHE2_OPTS line. Every module should +# install a configuration in /etc/apache2/modules.d. In that file will have an +# directive where NNN is the option to enable that module. +# +# Here are the options available in the default configuration: +# +# AUTH_DIGEST Enables mod_auth_digest +# AUTHNZ_LDAP Enables authentication through mod_ldap (available if USE=ldap) +# CACHE Enables mod_cache +# DAV Enables mod_dav +# ERRORDOCS Enables default error documents for many languages. +# INFO Enables mod_info, a useful module for debugging +# LANGUAGE Enables content-negotiation based on language and charset. +# LDAP Enables mod_ldap (available if USE=ldap) +# MANUAL Enables /manual/ to be the apache manual (available if USE=docs) +# MEM_CACHE Enables default configuration mod_mem_cache +# PROXY Enables mod_proxy +# SSL Enables SSL (available if USE=ssl) +# SUEXEC Enables running CGI scripts (in USERDIR) through suexec. +# USERDIR Enables /~username mapping to /home/username/public_html +# +# +# The following two options provide the default virtual host for the HTTP and +# HTTPS protocol. YOU NEED TO ENABLE AT LEAST ONE OF THEM, otherwise apache +# will not listen for incomming connections on the approriate port. +# +# DEFAULT_VHOST Enables name-based virtual hosts, with the default +# virtual host being in /var/www/localhost/htdocs +# SSL_DEFAULT_VHOST Enables default vhost for SSL (you should enable this +# when you enable SSL) +# +#APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D LANGUAGE" +APACHE2_OPTS="-D DEFAULT_VHOST -D PHP5 -D SSL -D SSL_DEFAULT_VHOST -D MANUAL -D PERL -D INFO -D STATUS -D DAV -D SVN -D ERRORDOCS -D LANGUAGE -D FASTCGI" + +# Extended options for advanced uses of Apache ONLY +# You don't need to edit these unless you are doing crazy Apache stuff +# As not having them set correctly, or feeding in an incorrect configuration +# via them will result in Apache failing to start +# YOU HAVE BEEN WARNED. + +# PID file +#PIDFILE=/var/run/apache2.pid + +# timeout for startup/shutdown checks +#TIMEOUT=10 + +# ServerRoot setting +#SERVERROOT=/usr/lib64/apache2 + +# Configuration file location +# - If this does NOT start with a '/', then it is treated relative to +# $SERVERROOT by Apache +#CONFIGFILE=/etc/apache2/httpd.conf + +# Location to log startup errors to +# They are normally dumped to your terminal. +STARTUPERRORLOG="/var/log/apache2/startuperror.log" + +# A command that outputs a formatted text version of the HTML at the URL +# of the command line. Designed for lynx, however other programs may work. +#LYNX="lynx -dump" + +# The URL to your server's mod_status status page. +# Required for status and fullstatus +#STATUSURL="http://localhost/server-status" + +# Method to use when reloading the server +# Valid options are 'restart' and 'graceful' +# See http://httpd.apache.org/docs/2.2/stopping.html for information on +# what they do and how they differ. +#RELOAD_TYPE="graceful" +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d35 2 +a36 1 +APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D LANGUAGE -D PHP5" +d60 1 +a60 1 +#STARTUPERRORLOG="/var/log/apache2/startuperror.log" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d35 1 +a35 1 +APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D LANGUAGE" +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a21 1 +# STATUS Enabled mod_status, a useful module for statistics +@ diff --git a/config-archive/etc/conf.d/autofs,v b/config-archive/etc/conf.d/autofs,v new file mode 100644 index 0000000..81c04ee --- /dev/null +++ b/config-archive/etc/conf.d/autofs,v @@ -0,0 +1,281 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.08.29.21.57.45; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.07.12.17.18.42; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.24.08.00.41; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.07.12.17.18.42; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.08.29.21.57.45; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@# +# Define default options for autofs. +# +# MASTER_MAP_NAME - default map name for the master map. +# +#MASTER_MAP_NAME="auto.master" +# +# TIMEOUT - set the default mount timeout (default 600). +# +TIMEOUT=300 +# +# NEGATIVE_TIMEOUT - set the default negative timeout for +# failed mount attempts (default 60). +# +#NEGATIVE_TIMEOUT=60 +# +# MOUNT_WAIT - time to wait for a response from umount(8). +# Setting this timeout can cause problems when +# mount would otherwise wait for a server that +# is temporarily unavailable, such as when it's +# restarting. The defailt of waiting for mount(8) +# usually results in a wait of around 3 minutes. +# +#MOUNT_WAIT=-1 +# +# UMOUNT_WAIT - time to wait for a response from umount(8). +# +#UMOUNT_WAIT=12 +# +# BROWSE_MODE - maps are browsable by default. +# +BROWSE_MODE="no" +# +# MOUNT_NFS_DEFAULT_PROTOCOL - specify the default protocol used by +# mount.nfs(8). Since we can't identify +# the default automatically we need to +# set it in our configuration. This will +# only make a difference for replicated +# map entries as availability probing isn't +# used for single host map entries. +# +#MOUNT_NFS_DEFAULT_PROTOCOL=3 +# +# APPEND_OPTIONS - append to global options instead of replace. +# +#APPEND_OPTIONS="yes" +# +# LOGGING - set default log level "none", "verbose" or "debug" +# +#LOGGING="none" +# +# Define server URIs +# +# LDAP_URI - space seperated list of server uris of the form +# ://[/] where can be ldap +# or ldaps. The option can be given multiple times. +# Map entries that include a server name override +# this option. +# +# This configuration option can also be used to +# request autofs lookup SRV RRs for a domain of +# the form :///[]. Note that a +# trailing "/" is not allowed when using this form. +# If the domain dn is not specified the dns domain +# name (if any) is used to construct the domain dn +# for the SRV RR lookup. The server list returned +# from an SRV RR lookup is refreshed according to +# the minimum ttl found in the SRV RR records or +# after one hour, whichever is less. +# +#LDAP_URI="" +# +# LDAP__TIMEOUT - timeout value for the synchronous API calls +# (default is LDAP library default). +# +#LDAP_TIMEOUT=-1 +# +# LDAP_NETWORK_TIMEOUT - set the network response timeout (default 8). +# +#LDAP_NETWORK_TIMEOUT=8 +# +# Define base dn for map dn lookup. +# +# SEARCH_BASE - base dn to use for searching for map search dn. +# Multiple entries can be given and they are checked +# in the order they occur here. +# +#SEARCH_BASE="" +# +# Define the LDAP schema to used for lookups +# +# If no schema is set autofs will check each of the schemas +# below in the order given to try and locate an appropriate +# basdn for lookups. If you want to minimize the number of +# queries to the server set the values here. +# +#MAP_OBJECT_CLASS="nisMap" +#ENTRY_OBJECT_CLASS="nisObject" +#MAP_ATTRIBUTE="nisMapName" +#ENTRY_ATTRIBUTE="cn" +#VALUE_ATTRIBUTE="nisMapEntry" +# +# Other common LDAP nameing +# +#MAP_OBJECT_CLASS="automountMap" +#ENTRY_OBJECT_CLASS="automount" +#MAP_ATTRIBUTE="ou" +#ENTRY_ATTRIBUTE="cn" +#VALUE_ATTRIBUTE="automountInformation" +# +#MAP_OBJECT_CLASS="automountMap" +#ENTRY_OBJECT_CLASS="automount" +#MAP_ATTRIBUTE="automountMapName" +#ENTRY_ATTRIBUTE="automountKey" +#VALUE_ATTRIBUTE="automountInformation" +# +# AUTH_CONF_FILE - set the default location for the SASL +# authentication configuration file. +# +#AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf" +# +# MAP_HASH_TABLE_SIZE - set the map cache hash table size. +# Should be a power of 2 with a ratio roughly +# between 1:10 and 1:20 for each map. +# +#MAP_HASH_TABLE_SIZE=1024 +# +# General global options +# +# If the kernel supports using the autofs miscellanous device +# and you wish to use it you must set this configuration option +# to "yes" otherwise it will not be used. +USE_MISC_DEVICE="yes" +# +#OPTIONS="" +# +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d17 9 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d25 10 +d51 11 +d113 6 +d120 5 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a24 10 +# MOUNT_NFS_DEFAULT_PROTOCOL - specify the default protocol used by +# mount.nfs(8). Since we can't identify +# the default automatically we need to +# set it in our configuration. This will +# only make a difference for replicated +# map entries as availability probing isn't +# used for single host map entries. +# +#MOUNT_NFS_DEFAULT_PROTOCOL=3 +# +a40 11 +# This configuration option can also be used to +# request autofs lookup SRV RRs for a domain of +# the form :///[]. Note that a +# trailing "/" is not allowed when using this form. +# If the domain dn is not specified the dns domain +# name (if any) is used to construct the domain dn +# for the SRV RR lookup. The server list returned +# from an SRV RR lookup is refreshed according to +# the minimum ttl found in the SRV RR records or +# after one hour, whichever is less. +# +a91 6 +# MAP_HASH_TABLE_SIZE - set the map cache hash table size. +# Should be a power of 2 with a ratio roughly +# between 1:10 and 1:20 for each map. +# +#MAP_HASH_TABLE_SIZE=1024 +# +a93 5 +# If the kernel supports using the autofs miscellanous device +# and you wish to use it you must set this configuration option +# to "yes" otherwise it will not be used. +USE_MISC_DEVICE="yes" +# +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a16 9 +# MOUNT_WAIT - time to wait for a response from umount(8). +# Setting this timeout can cause problems when +# mount would otherwise wait for a server that +# is temporarily unavailable, such as when it's +# restarting. The defailt of waiting for mount(8) +# usually results in a wait of around 3 minutes. +# +#MOUNT_WAIT=-1 +# +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d120 1 +a120 1 +#AUTH_CONF_FILE="/etc/autofs/autofs_ldap_auth.conf" +@ diff --git a/config-archive/etc/conf.d/bootmisc,v b/config-archive/etc/conf.d/bootmisc,v new file mode 100644 index 0000000..5d7fb53 --- /dev/null +++ b/config-archive/etc/conf.d/bootmisc,v @@ -0,0 +1,102 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2011.06.07.07.29.30; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.35.57; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# List of /tmp directories we should clean up +clean_tmp_dirs="/tmp" + +# Should we wipe the tmp paths completely or just selectively remove known +# locks / files / etc... ? +wipe_tmp="YES" +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 2 +a2 1 +# /etc/conf.d/bootmisc +d4 1 +a4 7 +# Put a nologin file in /etc to prevent people from logging in before +# system startup is complete + +DELAYLOGIN="no" + + +# Should we completely wipe out /tmp or just selectively remove known +d6 1 +a6 2 + +WIPE_TMP="yes" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 2 +# List of /tmp directories we should clean up +clean_tmp_dirs="/tmp" +d3 7 +a9 1 +# Should we wipe the tmp paths completely or just selectively remove known +d11 2 +a12 1 +wipe_tmp="YES" +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a6 4 + +# Write the initial dmesg log into /var/log/dmesg after boot +# This may be useful if you need the kernel boot log afterwards +log_dmesg="YES" +@ diff --git a/config-archive/etc/conf.d/clock b/config-archive/etc/conf.d/clock new file mode 100644 index 0000000..7cfae43 --- /dev/null +++ b/config-archive/etc/conf.d/clock @@ -0,0 +1,36 @@ +# /etc/conf.d/clock + +# Set CLOCK to "UTC" if your hardware clock is set to UTC (also known as +# Greenwich Mean Time). If that clock is set to the local time, then +# set CLOCK to "local". +# Note that if you dual boot with Windows, then you should set it to +# "local" because Windows always sets the hardware clock to local time. + +CLOCK="UTC" + +# Select the proper timezone. For valid values, peek inside of the +# /usr/share/zoneinfo/ directory. For example, some common values are +# "America/New_York" or "EST5EDT" or "Europe/Berlin". If you want to +# manage /etc/localtime yourself, set this to "". + +#TIMEZONE="Factory" +TIMEZONE="Europe/Berlin" + +# If you wish to pass any other arguments to hwclock during bootup, +# you may do so here. + +CLOCK_OPTS="" + +# If you want to set the Hardware Clock to the current System Time (software +# clock) during shutdown, then say "yes" here. + +CLOCK_SYSTOHC="no" + + +### ALPHA SPECIFIC OPTIONS ### + +# If your alpha uses the SRM console, set this to "yes". +SRM="no" + +# If your alpha uses the ARC console, set this to "yes". +ARC="no" diff --git a/config-archive/etc/conf.d/clock.dist.new b/config-archive/etc/conf.d/clock.dist.new new file mode 100644 index 0000000..4efc9a7 --- /dev/null +++ b/config-archive/etc/conf.d/clock.dist.new @@ -0,0 +1,35 @@ +# /etc/conf.d/clock + +# Set CLOCK to "UTC" if your hardware clock is set to UTC (also known as +# Greenwich Mean Time). If that clock is set to the local time, then +# set CLOCK to "local". +# Note that if you dual boot with Windows, then you should set it to +# "local" because Windows always sets the hardware clock to local time. + +CLOCK="UTC" + +# Select the proper timezone. For valid values, peek inside of the +# /usr/share/zoneinfo/ directory. For example, some common values are +# "America/New_York" or "EST5EDT" or "Europe/Berlin". If you want to +# manage /etc/localtime yourself, set this to "". + +#TIMEZONE="Factory" + +# If you wish to pass any other arguments to hwclock during bootup, +# you may do so here. + +CLOCK_OPTS="" + +# If you want to set the Hardware Clock to the current System Time (software +# clock) during shutdown, then say "yes" here. + +CLOCK_SYSTOHC="no" + + +### ALPHA SPECIFIC OPTIONS ### + +# If your alpha uses the SRM console, set this to "yes". +SRM="no" + +# If your alpha uses the ARC console, set this to "yes". +ARC="no" diff --git a/config-archive/etc/conf.d/consolefont,v b/config-archive/etc/conf.d/consolefont,v new file mode 100644 index 0000000..945cfce --- /dev/null +++ b/config-archive/etc/conf.d/consolefont,v @@ -0,0 +1,116 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.07.12.17.18.42; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2011.06.07.07.29.30; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.36.10; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.07.12.17.18.42; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# consolefont specifies the default font that you'd like Linux to use on the +# console. You can find a good selection of fonts in /usr/share/consolefonts; +# you shouldn't specify the trailing ".psf.gz", just the font name below. +# To use the default console font, comment out the CONSOLEFONT setting below. +# This setting is used by the /etc/init.d/consolefont script (NOTE: if you do +# not want to use it, run "rc-update del consolefont" as root). +consolefont="default8x16" + +# consoletranslation is the charset map file to use. Leave commented to use +# the default one. Have a look in /usr/share/consoletrans for a selection of +# map files you can use. +consoletranslation="8859-1_to_uni" + +# unicodemap is the unicode map file to use. Leave commented to use the +# default one. Have a look in /usr/share/unimaps for a selection of map files +# you can use. +#unicodemap="iso01" +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 3 +# /etc/conf.d/consolefont + +# CONSOLEFONT specifies the default font that you'd like Linux to use on the +d7 1 +d9 1 +a9 3 +CONSOLEFONT="default8x16" + +# CONSOLETRANSLATION is the charset map file to use. Leave commented to use +d12 1 +d14 4 +a17 1 +#CONSOLETRANSLATION="8859-1_to_uni" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 3 +a3 1 +# consolefont specifies the default font that you'd like Linux to use on the +a8 1 +consolefont="default8x16" +d10 3 +a12 1 +# consoletranslation is the charset map file to use. Leave commented to use +a14 1 +#consoletranslation="8859-1_to_uni" +d16 1 +a16 4 +# unicodemap is the unicode map file to use. Leave commented to use the +# default one. Have a look in /usr/share/unimaps for a selection of map files +# you can use. +#unicodemap="iso01" +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d6 1 +a6 1 +# not want to use it, run "rc-update del consolefont boot" as root). +@ diff --git a/config-archive/etc/conf.d/hostname,v b/config-archive/etc/conf.d/hostname,v new file mode 100644 index 0000000..0165907 --- /dev/null +++ b/config-archive/etc/conf.d/hostname,v @@ -0,0 +1,46 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.07.07.29.31; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.36.12; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/conf.d/hostname + +# Set to the hostname of this machine +HOSTNAME="helga" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 2 +d4 1 +a4 1 +hostname="helga" +@ diff --git a/config-archive/etc/conf.d/hwclock,v b/config-archive/etc/conf.d/hwclock,v new file mode 100644 index 0000000..658e6c0 --- /dev/null +++ b/config-archive/etc/conf.d/hwclock,v @@ -0,0 +1,99 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.07.07.29.31; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.37.12; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/conf.d/clock + +# Set CLOCK to "UTC" if your hardware clock is set to UTC (also known as +# Greenwich Mean Time). If that clock is set to the local time, then +# set CLOCK to "local". +# Note that if you dual boot with Windows, then you should set it to +# "local" because Windows always sets the hardware clock to local time. + +CLOCK="UTC" + +# Select the proper timezone. For valid values, peek inside of the +# /usr/share/zoneinfo/ directory. For example, some common values are +# "America/New_York" or "EST5EDT" or "Europe/Berlin". If you want to +# manage /etc/localtime yourself, set this to "". + +#TIMEZONE="Factory" +TIMEZONE="Europe/Berlin" + +# If you wish to pass any other arguments to hwclock during bootup, +# you may do so here. + +CLOCK_OPTS="" + +# If you want to set the Hardware Clock to the current System Time (software +# clock) during shutdown, then say "yes" here. + +CLOCK_SYSTOHC="yes" + + +### ALPHA SPECIFIC OPTIONS ### + +# If your alpha uses the SRM console, set this to "yes". +SRM="no" + +# If your alpha uses the ARC console, set this to "yes". +ARC="no" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 3 +a3 1 +# Set CLOCK to "UTC" if your Hardware Clock is set to UTC (also known as +d5 32 +a36 20 +# set CLOCK to "local". Note that if you dual boot with Windows, then +# you should set it to "local". +clock="UTC" + +# If you want to set the Hardware Clock to the current System Time +# (software clock) during shutdown, then say "YES" here. +# You normally don't need to do this if you run a ntp daemon. +clock_systohc="NO" + +# If you want to set the system time to the current hardware clock +# during bootup, then say "YES" here. You do not need this if you are +# running a modern kernel with CONFIG_RTC_HCTOSYS set to y. +# Also, be aware that if you set this to "NO", the system time will +# never be saved to the hardware clock unless you set +# clock_systohc="YES" above. +clock_hctosys="YES" + +# If you wish to pass any other arguments to hwclock during bootup, +# you may do so here. Alpha users may wish to use --arc or --srm here. +clock_args="" +@ diff --git a/config-archive/etc/conf.d/keymaps,v b/config-archive/etc/conf.d/keymaps,v new file mode 100644 index 0000000..bf9fc87 --- /dev/null +++ b/config-archive/etc/conf.d/keymaps,v @@ -0,0 +1,142 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.07.12.17.18.42; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2011.06.07.07.29.31; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.39.30; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.07.12.17.18.42; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# Use KEYMAP to specify the default console keymap. There is a complete tree +# of keymaps in /usr/share/keymaps to choose from. + +#keymap="us" +keymap="de-latin1-nodeadkeys" + +# Should we first load the 'windowkeys' console keymap? Most x86 users will +# say "yes" here. Note that non-x86 users should leave it as "no". +# Loading this keymap will enable VT switching (like ALT+Left/Right) +# using the special windows keys on the linux console. +windowkeys="YES" + +# The maps to load for extended keyboards. Most users will leave this as is. +extended_keymaps="" +#extended_keymaps="backspace keypad euro2" + +# Tell dumpkeys(1) to interpret character action codes to be +# from the specified character set. +# This only matters if you set unicode="yes" in /etc/rc.conf. +# For a list of valid sets, run `dumpkeys --help` +dumpkeys_charset="" + +# Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro € +# To fix this, set to "yes" +fix_euro="NO" +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@a0 2 +# /etc/conf.d/keymaps + +d4 2 +a5 3 +#KEYMAP="us" +KEYMAP="de-latin1-nodeadkeys" + +d9 3 +a11 3 + +SET_WINDOWKEYS="no" + +d14 2 +a15 4 + +EXTENDED_KEYMAPS="" +#EXTENDED_KEYMAPS="backspace keypad euro" + +d19 1 +a19 1 +# This only matters if you set UNICODE="yes" in /etc/rc.conf. +d21 1 +d23 3 +a25 1 +DUMPKEYS_CHARSET="" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 2 +d5 4 +a8 1 +keymap="us" +d12 3 +a14 3 +# Loading this keymap will enable VT switching (like ALT+Left/Right) +# using the special windows keys on the linux console. +windowkeys="YES" +d17 4 +a20 2 +extended_keymaps="" +#extended_keymaps="backspace keypad euro2" +d24 1 +a24 1 +# This only matters if you set unicode="yes" in /etc/rc.conf. +a25 1 +dumpkeys_charset="" +d27 1 +a27 3 +# Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro € +# To fix this, set to "yes" +fix_euro="NO" +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# Use keymap to specify the default console keymap. There is a complete tree +@ diff --git a/config-archive/etc/conf.d/modules,v b/config-archive/etc/conf.d/modules,v new file mode 100644 index 0000000..1cc9849 --- /dev/null +++ b/config-archive/etc/conf.d/modules,v @@ -0,0 +1,69 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.12.08.22.41.52; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# You can define a list modules for a specific kernel version, +# a released kernel version, a main kernel version or just a list. +#modules_2_6_23_gentoo_r5="ieee1394 ohci1394" +#modules_2_6_23="tun ieee1394" +#modules_2_6="tun" +#modules="ohci1394" + +# You can give modules a different name when they load - the new name +# will also be used to pick arguments below. +#modules="dummy:dummy1" + +# Give the modules some arguments if needed, per version if necessary. +#module_ieee1394_args="debug" +#module_ieee1394_args_2_6_23_gentoo_r5="ieee1394 ohci1394" +#module_ieee1394_args_2_6_23="tun ieee1394" +#module_ieee1394_args_2_6="tun" + +# You should consult your kernel documentation and configuration +# for a list of modules and their options. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a2 1 +# The most specific versioned variable will take precedence. +a5 1 +#modules_2="ipv6" +a12 1 +# Again, the most specific versioned variable will take precedence. +d14 3 +a16 4 +#module_ieee1394_args_2_6_23_gentoo_r5="debug2" +#module_ieee1394_args_2_6_23="debug3" +#module_ieee1394_args_2_6="debug4" +#module_ieee1394_args_2="debug5" +@ diff --git a/config-archive/etc/conf.d/nagios,v b/config-archive/etc/conf.d/nagios,v new file mode 100644 index 0000000..912aa58 --- /dev/null +++ b/config-archive/etc/conf.d/nagios,v @@ -0,0 +1,51 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.09.19.10.50; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.09.19.10.50; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /etc/conf.d/.rcs/nagios,v 1.1 2010/12/01 11:49:07 root Exp $ + +# Distributed monitoring users will want to configure here the ip/hostname of the central server. +# It will be used by submit_check_result_via_nsca. +NAGIOS_NSCA_HOST="localhost" + + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-core/files/conf.d,v 1.1 2004/08/20 13:38:13 eldad Exp $ +@ diff --git a/config-archive/etc/conf.d/named,v b/config-archive/etc/conf.d/named,v new file mode 100644 index 0000000..258bd77 --- /dev/null +++ b/config-archive/etc/conf.d/named,v @@ -0,0 +1,255 @@ +head 1.4; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.4 +date 2011.06.07.07.29.31; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2011.02.26.23.29.19; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.12.07.06.31.14; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.10.04.21.35.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.04.21.38.21; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.12.07.06.31.14; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.02.26.23.29.19; author root; state Exp; +branches; +next 1.1.1.4; + +1.1.1.4 +date 2011.06.07.07.29.31; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.4 +log +@dispatch-conf update. +@ +text +@# Set various named options here. +# +#OPTIONS="" + +# Set this to the number of processors you want bind to use. +# Leave this unchanged if you want bind to automatically detect the number +#CPU="1" + +# If you wish to run bind in a chroot: +# 1) un-comment the CHROOT= assignment, below. You may use +# a different chroot directory but MAKE SURE it's empty. +# 2) run: emerge --config = +# +#CHROOT="/chroot/dns" + +# Uncomment to enable binmount of /usr/share/GeoIP +#CHROOT_GEOIP="1" + +# Uncomment the line below to avoid that the init script mounts the needed paths +# into the chroot directory. +# You have to copy all needed config files by hand if you say CHROOT_NOMOUNT="1". +#CHROOT_NOMOUNT="1" + +# Default pid file location +PIDFILE="${CHROOT}/var/run/named/named.pid" + +# Scheduling priority: 19 is the lowest and -20 is the highest. +# Default: 0 +#NAMED_NICELEVEL="0" + +# Uncomment rc_named_use/rc_named_after for the database you need. +# Its necessary to ensure the database backend will be started before named. + +# MySQL +#rc_named_use="mysql" +#rc_named_after="mysql" + +# PostgreSQL +#rc_named_use="pg_autovacuum postgresql" +#rc_named_after="pg_autovacuum postgresql" + +# LDAP +#rc_named_use="ldap" +#rc_named_after="ldap" +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@d16 3 +a22 5 + +# RNDC needs to be told what server we're using sometimes. +#SERVER="-s 127.0.0.1" +# rndc key to use +#RNDC_KEY="${CHROOT}/etc/bind/rndc.key" +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +OPTIONS="" +d14 6 +a19 1 +# CHROOT="/chroot/dns" +d24 1 +a24 1 +RNDC_KEY="${CHROOT}/etc/bind/rndc.key" +d30 17 +a46 2 +# +NAMED_NICELEVEL="0" +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d5 8 +a12 1 +# Set this to the number of processors you have. +d14 1 +a14 1 +CPU="1" +d16 4 +a19 5 +# If you wish to run bind in a chroot, run: +# emerge --config = +# and un-comment the following line. +# You can specify a different chroot directory but MAKE SURE it's empty. +# CHROOT="/chroot/dns" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d5 3 +a7 3 +# Set this to the number of processors you want bind to use. +# Leave this unchanged if you want bind to automatically detect the number +#CPU="1" +d9 4 +a12 5 +# If you wish to run bind in a chroot: +# 1) un-comment the CHROOT= assignment, below. You may use +# a different chroot directory but MAKE SURE it's empty. +# 2) run: emerge --config = +# +a14 5 +# RNDC needs to be told what server we're using sometimes. +#SERVER="-s 127.0.0.1" +# rndc key to use +RNDC_KEY="${CHROOT}/etc/bind/rndc.key" + +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +#OPTIONS="" +d14 1 +a14 6 +#CHROOT="/chroot/dns" + +# Uncomment the line below to avoid that the init script mounts the needed paths +# into the chroot directory. +# You have to copy all needed config files by hand if you say CHROOT_NOMOUNT="1". +#CHROOT_NOMOUNT="1" +d19 1 +a19 1 +#RNDC_KEY="${CHROOT}/etc/bind/rndc.key" +d25 2 +a26 17 +# Default: 0 +#NAMED_NICELEVEL="0" + +# Uncomment rc_named_use/rc_named_after for the database you need. +# Its necessary to ensure the database backend will be started before named. + +# MySQL +#rc_named_use="mysql" +#rc_named_after="mysql" + +# PostgreSQL +#rc_named_use="pg_autovacuum postgresql" +#rc_named_after="pg_autovacuum postgresql" + +# LDAP +#rc_named_use="ldap" +#rc_named_after="ldap" +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@a15 3 +# Uncomment to enable binmount of /usr/share/GeoIP +#CHROOT_GEOIP="1" + +d21 5 +@ + + +1.1.1.4 +log +@dispatch-conf update. +@ +text +@a23 4 +# Uncomment this option if you have setup your own chroot environment and you +# don't want/need the chroot consistency check +#CHROOT_NOCHECK=1 + +@ diff --git a/config-archive/etc/conf.d/net.example,v b/config-archive/etc/conf.d/net.example,v new file mode 100644 index 0000000..34be1d6 --- /dev/null +++ b/config-archive/etc/conf.d/net.example,v @@ -0,0 +1,911 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@############################################################################## +# QUICK-START +# +# The quickest start is if you want to use DHCP. +# In that case, everything should work out of the box, no configuration +# necessary, though the startup script will warn you that you haven't +# specified anything. + +# WARNING :- some examples have a mixture of IPv4 (ie 192.168.0.1) and IPv6 +# (ie 4321:0:1:2:3:4:567:89ab) internet addresses. They only work if you have +# the relevant kernel option enabled. So if you don't have an IPv6 enabled +# kernel then remove the IPv6 address from your config. + +# If you want to use a static address or use DHCP explicitly, jump +# down to the section labelled INTERFACE HANDLERS. +# +# If you want to do anything more fancy, you should take the time to +# read through the rest of this file. + +############################################################################## +# MODULES +# +# We now support modular networking scripts which means we can easily +# add support for new interface types and modules while keeping +# compatability with existing ones. +# +# Modules load by default if the package they need is installed. If +# you specify a module here that doesn't have it's package installed +# then you get an error stating which package you need to install. +# Ideally, you only use the modules setting when you have two or more +# packages installed that supply the same service. +# +# In other words, you probably should DO NOTHING HERE... + +# Prefer ifconfig over iproute2 +#modules=( "ifconfig" ) + +# You can also specify other modules for an interface +# In this case we prefer udhcpc over dhcpcd +#modules_eth0=( "udhcpc" ) + +# You can also specify which modules not to use - for example you may be +# using a supplicant or linux-wlan-ng to control wireless configuration but +# you still want to configure network settings per ESSID associated with. +#modules=( "!iwconfig" "!wpa_supplicant" ) +# IMPORTANT: If you need the above, please disable modules in that order + + +############################################################################## +# INTERFACE HANDLERS +# +# We provide two interface handlers presently: ifconfig and iproute2. +# You need one of these to do any kind of network configuration. +# For ifconfig support, emerge sys-apps/net-tools +# For iproute2 support, emerge sys-apps/iproute2 + +# If you don't specify an interface then we prefer iproute2 if it's installed +# To prefer ifconfig over iproute2 +#modules=( "ifconfig" ) + +# For a static configuration, use something like this +# (They all do exactly the same thing btw) +#config_eth0=( "192.168.0.2/24" ) +#config_eth0=( "192.168.0.2 netmask 255.255.255.0" ) + +# We can also specify a broadcast +#config_eth0=( "192.168.0.2/24 brd 192.168.0.255" ) +#config_eth0=( "192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255" ) + +# If you need more than one address, you can use something like this +# NOTE: ifconfig creates an aliased device for each extra IPv4 address +# (eth0:1, eth0:2, etc) +# iproute2 does not do this as there is no need to +#config_eth0=( +# "192.168.0.2/24" +# "192.168.0.3/24" +# "192.168.0.4/24" +#) +# Or you can use sequence expressions +#config_eth0=( "192.168.0.{2..4}/24" ) +# which does the same as above. Be careful though as if you use this and +# fallbacks, you have to ensure that both end up with the same number of +# values otherwise your fallback won't work correctly. + +# You can also use IPv6 addresses +# (you should always specify a prefix length with IPv6 here) +#config_eth0=( +# "192.168.0.2/24" +# "4321:0:1:2:3:4:567:89ab/64" +# "4321:0:1:2:3:4:567:89ac/64" +#) + +# If you wish to keep existing addresses + routing and the interface is up, +# you can specify a noop (no operation). If the interface is down or there +# are no addresses assigned, then we move onto the next step (default dhcp) +# This is useful when configuring your interface with a kernel command line +# or similar +#config_eth0=( "noop" "192.168.0.2/24" ) + +# If you don't want ANY address (only useful when calling for advanced stuff) +#config_eth0=( "null" ) + +# Here's how to do routing if you need it +#routes_eth0=( +# "default via 192.168.0.1" # IPv4 default route +# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route +# "::/0" # IPv6 unicast +#) + +# If a specified module fails (like dhcp - see below), you can specify a +# fallback like so +#fallback_eth0=( "192.168.0.2 netmask 255.255.255.0" ) +#fallback_route_eth0=( "default via 192.168.0.1" ) + +# NOTE: fallback entry must match the entry location in config_eth0 +# As such you can only have one fallback route. + +# Some users may need to alter the MTU - here's how +#mtu_eth0="1500" + +# Each module described below can set a default base metric, lower is +# preferred over higher. This is so we can prefer a wired route over a +# wireless route automaticaly. You can override this by setting +#metric_eth0="100" +# or on a global basis +#metric="100" +# The only downside of the global setting is that you have to ensure that +# there are no conflicting routes yourself. For users with large routing +# tables you may have to set a global metric as the due to a simple read of +# the routing table taking over a minute at a time. + +############################################################################## +# OPTIONAL MODULES + +# INTERFACE RENAMING +# There is no consistent device renaming scheme for Linux. +# The preferred way of naming devices is via the kernel module directly or +# by using udev (http://www.reactivated.net/udevrules.php) + +# If you are unable to write udev rules, then we do provide a way of renaming +# the interface based on it's MAC address, but it is not optimal. +# Here is how to rename an interface whose MAC address is 00:11:22:33:44:55 +# to foo1 +#rename_001122334455="foo1" + +# You can also do this based on current device name - although this is not +# recommended. Here we rename eth1 to foo2. +#rename_eth1="foo2" + +#----------------------------------------------------------------------------- +# WIRELESS (802.11 support) +# Wireless can be provided by iwconfig or wpa_supplicant + +# iwconfig +# emerge net-wireless/wireless-tools +# Wireless options are held in /etc/conf.d/wireless - but could be here too +# Consult the sample file /etc/conf.d/wireless.example for instructions +# iwconfig is the default + +# wpa_supplicant +# emerge net-wireless/wpa-supplicant +# Wireless options are held in /etc/wpa_supplicant.conf +# Consult the sample file /etc/wpa_supplicant.conf.example for instructions +# To choose wpa_supplicant over iwconfig +#modules=( "wpa_supplicant" ) +# To configure wpa_supplicant +#wpa_supplicant_eth0="-Dwext" # For generic wireless +#wpa_supplicant_ath0="-Dmadwifi" # For Atheros based cards +# Consult wpa_supplicant for more drivers +# By default don't wait for wpa_suppliant to associate and authenticate. +# If you would like to, so can specify how long in seconds +#associate_timeout_eth0=60 +# A value of 0 means wait forever. + +# GENERIC WIRELESS OPTIONS +# PLEASE READ THE INSTRUCTIONS IN /etc/conf.d/wireless.example FOR +# HOW TO USE THIS ESSID VARIABLE +# You can also override any settings found here per ESSID - which is very +# handy if you use different networks a lot +#config_ESSID=( "dhcp" ) +#dhcpcd_ESSID="-t 5" + +# Setting name/domain server causes /etc/resolv.conf to be overwritten +# Note that if DHCP is used, and you want this to take precedence then +# set dhcp_ESSID="nodns" +#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) +#dns_domain_ESSID="some.domain" +#dns_search_ESSID="search.this.domain search.that.domain" +# Please check the man page for resolv.conf for more information +# as domain and search are mutually exclusive. + +# You can also override any settings found here per MAC address of the AP +# in case you use Access Points with the same ESSID but need different +# networking configs. Below is an example - of course you use the same +# method with other variables +#mac_config_001122334455=( "dhcp" ) +#mac_dhcpcd_001122334455="-t 10" +#mac_dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) + +# When an interface has been associated with an Access Point, a global +# variable called ESSID is set to the Access Point's ESSID for use in the +# pre/post user functions below (although it's not available in preup as you +# won't have associated then) + +# If you're using anything else to configure wireless on your interface AND +# you have installed any of the above packages, you need to disable them +#modules=( "!iwconfig" "!wpa_supplicant" ) + +#----------------------------------------------------------------------------- +# DHCP +# DHCP can be provided by dhclient, dhcpcd, pump or udhcpc. +# +# dhclient: emerge net-misc/dhcp +# dhcpcd: emerge net-misc/dhcpcd +# pump: emerge net-misc/pump +# udhcpc: emerge net-misc/udhcp + +# If you have more than one DHCP client installed, you need to specify which +# one to use - otherwise we default to dhcpcd if available. +#modules=( "dhclient" ) # to select dhclient over dhcpcd +# +# Notes: +# - All clients send the current hostname to the DHCP server by default +# - dhcpcd does not daemonize when the lease time is infinite +# - udhcp-0.9.3-r3 and earlier do not support getting NTP servers +# - pump does not support getting NIS servers +# - DHCP tends to erase any existing device information - so add +# static addresses after dhcp if you need them +# - dhclient and udhcpc can set other resolv.conf options such as "option" +# and "sortlist"- see the System module for more details + +# Regardless of which DHCP client you prefer, you configure them the +# same way using one of following depending on which interface modules +# you're using. +#config_eth0=( "dhcp" ) + +# For passing custom options to dhcpcd use something like the following. This +# example reduces the timeout for retrieving an address from 60 seconds (the +# default) to 10 seconds. +#dhcpcd_eth0="-t 10" + +# dhclient, udhcpc and pump don't have many runtime options +# You can pass options to them in a similar manner to dhcpcd though +#dhclient_eth0="..." +#udhcpc_eth0="..." +#pump_eth0="..." + +# GENERIC DHCP OPTIONS +# Set generic DHCP options like so +#dhcp_eth0="release nodns nontp nonis nogateway nosendhost" + +# This tells the dhcp client to release it's lease when it stops, not to +# overwrite dns, ntp and nis settings, not to set a default route and not to +# send the current hostname to the dhcp server and when it starts. +# You can use any combination of the above options - the default is not to +# use any of them. + +#----------------------------------------------------------------------------- +# For APIPA support, emerge net-misc/iputils or net-analyzer/arping + +# APIPA is a module that tries to find a free address in the range +# 169.254.0.0-169.254.255.255 by arping a random address in that range on the +# interface. If no reply is found then we assign that address to the interface + +# This is only useful for LANs where there is no DHCP server and you don't +# connect directly to the internet. +#config_eth0=( "dhcp" ) +#fallback_eth0=( "apipa" ) + +#----------------------------------------------------------------------------- +# ARPING Gateway configuration +# and +# Automatic Private IP Addressing (APIPA) +# For arpingnet / apipa support, emerge net-misc/iputils or net-analyzer/arping +# +# This is a module that tries to find a gateway IP. If it exists then we use +# that gateways configuration for our own. For the configuration variables +# simply ensure that each octet is zero padded and the dots are removed. +# Below is an example. +# +#gateways_eth0="192.168.0.1 10.0.0.1" +#config_192168000001=( "192.168.0.2/24" ) +#routes_192168000001=( "default via 192.168.0.1" ) +#dns_servers_192168000001=( "192.168.0.1" ) +#config_010000000001=( "10.0.0.254/8" ) +#routes_010000000001=( "default via 10.0.0.1" ) +#dns_servers_010000000001=( "10.0.0.1" ) + +# We can also specify a specific MAC address for each gateway if different +# networks have the same gateway. +#gateways_eth0="192.168.0.1,00:11:22:AA:BB:CC 10.0.0.1,33:44:55:DD:EE:FF" +#config_192168000001_001122AABBCC=( "192.168.0.2/24" ) +#routes_192168000001_001122AABBCC=( "default via 192.168.0.1" ) +#dns_servers_192168000001_001122AABBCC=( "192.168.0.1" ) +#config_010000000001_334455DDEEFF=( "10.0.0.254/8" ) +#routes_010000000001_334455DDEEFF=( "default via 10.0.0.1" ) +#dns_servers_010000000001_334455DDEEFF=( "10.0.0.1" ) + +# If we don't find any gateways (or there are none configured) then we try and +# use APIPA to find a free address in the range 169.254.0.0-169.254.255.255 +# by arping a random address in that range on the interface. If no reply is +# found then we assign that address to the interface. + +# This is only useful for LANs where there is no DHCP server. +#config_eth0=( "arping" ) + +# or if no DHCP server can be found +#config_eth0=( "dhcp" ) +#fallback_eth0=( "arping" ) + +# NOTE: We default to sleeping for 1 second the first time we attempt an +# arping to give the interface time to settle on the LAN. This appears to +# be a good default for most instances, but if not you can alter it here. +#arping_sleep=5 +#arping_sleep_lan=7 + +# NOTE: We default to waiting 3 seconds to get an arping response. You can +# change the default wait like so. +#arping_wait=3 +#arping_wait_lan=2 + +#----------------------------------------------------------------------------- +# VLAN (802.1q support) +# For VLAN support, emerge net-misc/vconfig + +# Specify the VLAN numbers for the interface like so +# Please ensure your VLAN IDs are NOT zero-padded +#vlans_eth0="1 2" + +# You may not want to assign an IP the the physical interface, but we still +# need it up. +#config_eth0=( "null" ) + +# You can also configure the VLAN - see for vconfig man page for more details +#vconfig_eth0=( "set_name_type VLAN_PLUS_VID_NO_PAD" ) +#vconfig_vlan1=( "set_flag 1" "set_egress_map 2 6" ) +#config_vlan1=( "172.16.3.1 netmask 255.255.254.0" ) +#config_vlan2=( "172.16.2.1 netmask 255.255.254.0" ) + +# NOTE: Vlans can be configured with a . in their interface names +# When configuring vlans with this name type, you need to replace . with a _ +#config_eth0.1=( "dhcp" ) - does not work +#config_eth0_1=( "dhcp" ) - does work + +# NOTE: Vlans are controlled by their physical interface and not per vlan +# This means you do not need to create init scripts in /etc/init.d for each +# vlan, you must need to create one for the physical interface. +# If you wish to control the configuration of each vlan through a separate +# script, or wish to rename the vlan interface to something that vconfig +# cannot then you need to do this. +#vlan_start_eth0="no" + +# If you do the above then you may want to depend on eth0 like so +# RC_NEED_vlan1="net.eth0" +# NOTE: depend functions only work in /etc/conf.d/net +# and not in profile configs such as /etc/conf.d/net.foo + +#----------------------------------------------------------------------------- +# Bonding +# For link bonding/trunking emerge net-misc/ifenslave + +# To bond interfaces together +#slaves_bond0="eth0 eth1 eth2" +#config_bond0=( "null" ) # You may not want to assign an IP the the bond + +# If any of the slaves require extra configuration - for example wireless or +# ppp devices - we need to depend function on the bonded interfaces +#RC_NEED_bond0="net.eth0 net.eth1" + + +#----------------------------------------------------------------------------- +# Classical IP over ATM +# For CLIP support emerge net-dialup/linux-atm + +# Ensure that you have /etc/atmsigd.conf setup correctly +# Now setup each clip interface like so +#clip_atm0=( "peer_ip [if.]vpi.vci [opts]" ... ) +# where "peer_ip" is the IP address of a PVC peer (in case of an ATM connection +# with your ISP, your only peer is usually the ISP gateway closest to you), +# "if" is the number of the ATM interface which will carry the PVC, "vpi.vci" +# is the ATM VC address, and "opts" may optionally specify VC parameters like +# qos, pcr, and the like (see "atmarp -s" for further reference). Please also +# note quoting: it is meant to distinguish the VCs you want to create. You may, +# in example, create an atm0 interface to more peers, like this: +#clip_atm0=( "1.1.1.254 0.8.35" "1.1.1.253 1.8.35" ) + +# By default, the PVC will use the LLC/SNAP encapsulation. If you rather need a +# null encapsulation (aka "VC mode"), please add the keyword "null" to opts. + + +#----------------------------------------------------------------------------- +# PPP +# For PPP support, emerge net-dialup/ppp +# PPP is used for most dialup connections, including ADSL. +# The older ADSL module is documented below, but you are encouraged to try +# this module first. +# +# You need to create the PPP net script yourself. Make it like so +#ln -s net.lo /etc/init.d/net.ppp0 +# +# We have to instruct ppp0 to actually use ppp +#config_ppp0=( "ppp" ) +# +# Each PPP interface requires an interface to use as a "Link" +#link_ppp0="/dev/ttyS0" # Most PPP links will use a serial port +#link_ppp0="eth0" # PPPoE requires an ethernet interface +#link_ppp0="[itf.]vpi.vci" # PPPoA requires the ATM VC's address +#link_ppp0="/dev/null" # ISDN links should have this +#link_ppp0="pty 'your_link_command'" # PPP links over ssh, rsh, etc +# +# Here you should specify what pppd plugins you want to use +# Available plugins are: pppoe, pppoa, capi, dhcpc, minconn, radius, +# radattr, radrealms and winbind +#plugins_ppp0=( +# "pppoe" # Required plugin for PPPoE +# "pppoa vc-encaps" # Required plugin for PPPoA with an option +# "capi" # Required plugin for ISDN +#) +# +# PPP requires at least a username. You can optionally set a password here too +# If you don't, then it will use the password specified in /etc/ppp/*-secrets +# against the specified username +#username_ppp0='user' +#password_ppp0='password' +# NOTE: You can set a blank password like so +#password_ppp0= +# +# The PPP daemon has many options you can specify - although there are many +# and may seem daunting, it is recommended that you read the pppd man page +# before enabling any of them +#pppd_ppp0=( +# "maxfail 0" # WARNING: It's not recommended you use this +# # if you don't specify maxfail then we assume 0 +# "updetach" # If not set, "/etc/init.d/net.ppp0 start" will return +# # immediately, without waiting the link to come up +# # for the first time. +# # Do not use it for dial-on-demand links! +# "debug" # Enables syslog debugging +# "noauth" # Do not require the peer to authenticate itself +# "defaultroute" # Make this PPP interface the default route +# "usepeerdns" # Use the DNS settings provided by PPP +# +# On demand options +# "demand" # Enable dial on demand +# "idle 30" # Link goes down after 30 seconds of inactivity +# "10.112.112.112:10.112.112.113" # Phony IP addresses +# "ipcp-accept-remote" # Accept the peers idea of remote address +# "ipcp-accept-local" # Accept the peers idea of local address +# "holdoff 3" # Wait 3 seconds after link dies before re-starting +# +# Dead peer detection +# "lcp-echo-interval 15" # Send a LCP echo every 15 seconds +# "lcp-echo-failure 3" # Make peer dead after 3 consective +# # echo-requests +# +# Compression options - use these to completely disable compression +# noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp +# +# Dial-up settings +# "lock" # Lock serial port +# "115200" # Set the serial port baud rate +# "modem crtscts" # Enable hardware flow control +# "192.168.0.1:192.168.0.2" # Local and remote IP addresses +#) +# +# Dial-up PPP users need to specify at least one telephone number +#phone_number_ppp0=( "12345689" ) # Maximum 2 phone numbers are supported +# They will also need a chat script - here's a good one +#chat_ppp0=( +# 'ABORT' 'BUSY' +# 'ABORT' 'ERROR' +# 'ABORT' 'NO ANSWER' +# 'ABORT' 'NO CARRIER' +# 'ABORT' 'NO DIALTONE' +# 'ABORT' 'Invalid Login' +# 'ABORT' 'Login incorrect' +# 'TIMEOUT' '5' +# '' 'ATZ' +# 'OK' 'AT' # Put your modem initialization string here +# 'OK' 'ATDT\T' +# 'TIMEOUT' '60' +# 'CONNECT' '' +# 'TIMEOUT' '5' +# '~--' '' +#) + +# If the link require extra configuration - for example wireless or +# RFC 268 bridge - we need to depend on the bridge so they get +# configured correctly. +#RC_NEED_ppp0="net.nas0" + +#WARNING: if MTU of the PPP interface is less than 1500 and you use this +#machine as a router, you should add the following rule to your firewall +# +#iptables -I FORWARD 1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu + +#----------------------------------------------------------------------------- +# ADSL +# For ADSL support, emerge net-dialup/rp-pppoe +# WARNING: This ADSL module is being deprecated in favour of the PPP module +# above. +# You should make the following settings and also put your +# username/password information in /etc/ppp/pap-secrets + +# Configure the interface to use ADSL +#config_eth0=( "adsl" ) + +# You probably won't need to edit /etc/ppp/pppoe.conf if you set this +#adsl_user_eth0="my-adsl-username" + +#----------------------------------------------------------------------------- +# ISDN +# For ISDN support, emerge net-dialup/isdn4k-utils +# You should make the following settings and also put your +# username/password information in /etc/ppp/pap-secrets + +# Configure the interface to use ISDN +#config_ippp0=( "dhcp" ) +# It's important to specify dhcp if you need it! +#config_ippp0=( "192.168.0.1/24" ) +# Otherwise, you can use a static IP + +# NOTE: The interface name must be either ippp or isdn followed by a number + +# You may need this option to set the default route +#ipppd_eth0="defaultroute" + +#----------------------------------------------------------------------------- +# MAC changer +# To set a specific MAC address +#mac_eth0="00:11:22:33:44:55" + +# For changing MAC addresses using the below, emerge net-analyzer/macchanger +# - to randomize the last 3 bytes only +#mac_eth0="random-ending" +# - to randomize between the same physical type of connection (e.g. fibre, +# copper, wireless) , all vendors +#mac_eth0="random-samekind" +# - to randomize between any physical type of connection (e.g. fibre, copper, +# wireless) , all vendors +#mac_eth0="random-anykind" +# - full randomization - WARNING: some MAC addresses generated by this may NOT +# act as expected +#mac_eth0="random-full" +# custom - passes all parameters directly to net-analyzer/macchanger +#mac_eth0="some custom set of parameters" + +# You can also set other options based on the MAC address of your network card +# Handy if you use different docking stations with laptops +#config_001122334455=( "dhcp" ) + +#----------------------------------------------------------------------------- +# TUN/TAP +# For TUN/TAP support emerge net-misc/openvpn or sys-apps/usermode-utilities +# +# You must specify if we're a tun or tap device. Then you can give it any +# name you like - such as vpn +#tuntap_vpn="tun" +#config_vpn=( "192.168.0.1/24") + +# Or stick wit the generic names - like tap0 +#tuntap_tap0="tap" +#config_tap0=( "192.168.0.1/24") + +# For passing custom options to tunctl use something like the following. This +# example sets the owner to adm +#tunctl_tun1="-u adm" +# When using openvpn, there are no options + +#----------------------------------------------------------------------------- +# Bridging (802.1d) +# For bridging support emerge net-misc/bridge-utils + +# To add ports to bridge br0 +#bridge_br0="eth0 eth1" +# or dynamically add them when the interface comes up +#bridge_add_eth0="br0" +#bridge_add_eth1="br0" + +# You need to configure the ports to null values so dhcp does not get started +#config_eth0=( "null" ) +#config_eth1=( "null" ) + +# Finally give the bridge an address - dhcp or a static IP +#config_br0=( "dhcp" ) # may not work when adding ports dynamically +#config_br0=( "192.168.0.1/24" ) + +# If any of the ports require extra configuration - for example wireless or +# ppp devices - we need to depend on them like so. +#RC_NEED_br0="net.eth0 net.eth1" + +# Below is an example of configuring the bridge +# Consult "man brctl" for more details +#brctl_br0=( "setfd 0" "sethello 0" "stp off" ) + +#----------------------------------------------------------------------------- +# RFC 2684 Bridge Support +# For RFC 2684 bridge support emerge net-misc/br2684ctl + +# Interface names have to be of the form nas0, nas1, nas2, etc. +# You have to specify a VPI and VCI for the interface like so +#br2684ctl_nas0="-a 0.38" # UK VPI and VCI + +# You may want to configure the encapsulation method as well by adding the -e +# option to the command above (may need to be before the -a command) +# -e 0 # LLC (default) +# -e 1 # VC mux + +# Then you can configure the interface as normal +#config_nas0=( "192.168.0.1/24" ) + +#----------------------------------------------------------------------------- +# Tunnelling +# WARNING: For tunnelling it is highly recommended that you +# emerge sys-apps/iproute2 +# +# For GRE tunnels +#iptunnel_vpn0="mode gre remote 207.170.82.1 key 0xffffffff ttl 255" + +# For IPIP tunnels +#iptunnel_vpn0="mode ipip remote 207.170.82.2 ttl 255" + +# To configure the interface +#config_vpn0=( "192.168.0.2 pointopoint 192.168.1.2" ) # ifconfig style +#config_vpn0=( "192.168.0.2 peer 192.168.1.1" ) # iproute2 style + +# 6to4 Tunnels allow IPv6 to work over IPv4 addresses, provided you +# have a non-private address configured on an interface. +# link_6to4="eth0" # Interface to base it's addresses on +# config_6to4=( "ip6to4" ) +# You may want to depend on eth0 like so +#RC_NEED_6to4="net.eth0" +# To ensure that eth0 is configured before 6to4. Of course, the tunnel could be +# any name and this also works for any configured interface. +# NOTE: If you're not using iproute2 then your 6to4 tunnel has to be called +# sit0 - otherwise use a different name like 6to4 in the example above. + + +#----------------------------------------------------------------------------- +# System +# For configuring system specifics such as domain, dns, ntp and nis servers +# It's rare that you would need todo this, but you can anyway. +# This is most benefit to wireless users who don't use DHCP so they can change +# their configs based on ESSID. See wireless.example for more details + +# To use dns settings such as these, dns_servers_eth0 must be set! +# If you omit the _eth0 suffix, then it applies to all interfaces unless +# overridden by the interface suffix. +#dns_domain_eth0="your.domain" +#dns_servers_eth0="192.168.0.2 192.168.0.3" +#dns_search_eth0="this.domain that.domain" +#dns_options_eth0=( "timeout 1" "rotate" ) +#dns_sortlist_eth0="130.155.160.0/255.255.240.0 130.155.0.0" +# See the man page for resolv.conf for details about the options and sortlist +# directives + +#ntp_servers_eth0="192.168.0.2 192.168.0.3" + +#nis_domain_eth0="domain" +#nis_servers_eth0="192.168.0.2 192.168.0.3" + +# NOTE: Setting any of these will stamp on the files in question. So if you +# don't specify dns_servers but you do specify dns_domain then no nameservers +# will be listed in /etc/resolv.conf even if there were any there to start +# with. +# If this is an issue for you then maybe you should look into a resolv.conf +# manager like resolvconf-gentoo to manage this file for you. All packages +# that baselayout supports use resolvconf-gentoo if installed. + +#----------------------------------------------------------------------------- +# Cable in/out detection +# Sometimes the cable is in, others it's out. Obviously you don't want to +# restart net.eth0 every time when you plug it in either. +# +# netplug is a package that detects this and requires no extra configuration +# on your part. +# emerge sys-apps/netplug +# or +# emerge sys-apps/ifplugd +# and you're done :) + +# By default we don't wait for netplug/ifplugd to configure the interface. +# If you would like it to wait so that other services now that network is up +# then you can specify a timeout here. +#plug_timeout="10" +# A value of 0 means wait forever. + +# If you don't want to use netplug on a specific interface but you have it +# installed, you can disable it for that interface via the modules statement +#modules_eth0=( "!netplug" ) +# You can do the same for ifplugd +# +# You can disable them both with the generic plug +#modules_eth0=( "!plug" ) + +# To use specific ifplugd options, fex specifying wireless mode +#ifplugd_eth0="--api-mode=wlan" +# man ifplugd for more options + +############################################################################## +# ADVANCED CONFIGURATION +# +# Four functions can be defined which will be called surrounding the +# start/stop operations. The functions are called with the interface +# name first so that one function can control multiple adapters. An extra two +# functions can be defined when an interface fails to start or stop. +# +# The return values for the preup and predown functions should be 0 +# (success) to indicate that configuration or deconfiguration of the +# interface can continue. If preup returns a non-zero value, then +# interface configuration will be aborted. If predown returns a +# non-zero value, then the interface will not be allowed to continue +# deconfiguration. +# +# The return values for the postup, postdown, failup and faildown functions are +# ignored since there's nothing to do if they indicate failure. +# +# ${IFACE} is set to the interface being brought up/down +# ${IFVAR} is ${IFACE} converted to variable name bash allows + +#preup() { +# # Test for link on the interface prior to bringing it up. This +# # only works on some network adapters and requires the mii-diag +# # package to be installed. +# if mii-tool "${IFACE}" 2> /dev/null | grep -q 'no link'; then +# ewarn "No link on ${IFACE}, aborting configuration" +# return 1 +# fi +# +# # Test for link on the interface prior to bringing it up. This +# # only works on some network adapters and requires the ethtool +# # package to be installed. +# if ethtool "${IFACE}" | grep -q 'Link detected: no'; then +# ewarn "No link on ${IFACE}, aborting configuration" +# return 1 +# fi +# +# +# # Remember to return 0 on success +# return 0 +#} + +#predown() { +# # The default in the script is to test for NFS root and disallow +# # downing interfaces in that case. Note that if you specify a +# # predown() function you will override that logic. Here it is, in +# # case you still want it... +# if is_net_fs /; then +# eerror "root filesystem is network mounted -- can't stop ${IFACE}" +# return 1 +# fi +# +# # Remember to return 0 on success +# return 0 +#} + +#postup() { +# # This function could be used, for example, to register with a +# # dynamic DNS service. Another possibility would be to +# # send/receive mail once the interface is brought up. + +# # Here is an example that allows the use of iproute rules +# # which have been configured using the rules_eth0 variable. +# #rules_eth0=( +# # "from 24.80.102.112/32 to 192.168.1.0/24 table localnet priority 100" +# # "from 216.113.223.51/32 to 192.168.1.0/24 table localnet priority 100" +# #) +# local x="rules_${IFVAR}[@@]" +# local -a rules=( "${!x}" ) +# if [[ -n ${rules} ]] ; then +# einfo "Adding IP policy routing rules" +# eindent +# # Ensure that the kernel supports policy routing +# if ! ip rule list | grep -q "^" ; then +# eerror "You need to enable IP Policy Routing (CONFIG_IP_MULTIPLE_TABLES)" +# eerror "in your kernel to use ip rules" +# else +# for x in "${rules[@@]}" ; do +# ebegin "${x}" +# ip rule add ${x} dev "${IFACE}" +# eend $? +# done +# fi +# eoutdent +# # Flush the cache +# ip route flush cache dev "${IFACE}" +# fi + +#} + +#postdown() { +# # Enable Wake-On-LAN for every interface except for lo +# # Probably a good idea to set RC_DOWN_INTERFACE="no" in /etc/conf.d/rc +# # as well ;) +# [[ ${IFACE} != "lo" ]] && ethtool -s "${IFACE}" wol g + +# Automatically erase any ip rules created in the example postup above +# if interface_exists "${IFACE}" ; then +# # Remove any rules for this interface +# local rule +# ip rule list | grep " iif ${IFACE}[ ]*" | { +# while read rule ; do +# rule="${rule#*:}" +# ip rule del ${rule} +# done +# } +# # Flush the route cache +# ip route flush cache dev "${IFACE}" +# fi + +# # Return 0 always +# return 0 +#} + +#failup() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +#} + +#faildown() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +#} + +############################################################################## +# FORCING MODULES +# The Big Fat Warning :- If you use module forcing do not complain to us or +# file bugs about it not working! +# +# Loading modules is a slow affair - we have to check each one for the following +# 1) Code sanity +# 2) Has the required package been emerged? +# 3) Has it modified anything? +# 4) Have all the dependant modules been loaded? + +# Then we have to strip out the conflicting modules based on user preference +# and default configuration and sort them into the correct order. +# Finally we check the end result for dependencies. + +# This, of course, takes valuable CPU time so we provide module forcing as a +# means to speed things up. We still do *some* checking but not much. + +# It is essential that you force modules in the correct order and supply all +# the modules you need. You must always supply an interface module - we +# supply ifconfig or iproute2. + +# The Big Fat Warning :- If you use module forcing do not complain to us or +# file bugs about it not working! + +# Now that we've warned you twice, here's how to do it +#modules_force=( "ifconfig" ) +#modules_force=( "iproute2" "dhcpcd" ) + +# We can also apply this to a specific interface +#modules_force_eth1=( "iproute2" ) + +# The below will not work +#modules_force=( "dhcpcd" ) +# No interface (ifconfig/iproute2) +#modules_force=( "ifconfig" "essidnet" "iwconfig" ) +# Although it will not crash, essidnet will not work as it has to come after +# iwconfig +#modules_force=( "iproute2" "ifconfig" ) +# The interface will be setup twice which will cause problems +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d161 3 +a163 4 +# emerge net-wireless/wpa_supplicant +# Wireless options are held in /etc/wpa_supplicant/wpa_supplicant.conf +# Consult the wpa_supplicant.conf.example that is installed in +# /usr/share/doc/wpa_supplicant +d780 1 +a780 1 +# ip rule add ${x} +@ diff --git a/config-archive/etc/conf.d/ntpd,v b/config-archive/etc/conf.d/ntpd,v new file mode 100644 index 0000000..6dc8332 --- /dev/null +++ b/config-archive/etc/conf.d/ntpd,v @@ -0,0 +1,30 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.17.17.05; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/conf.d/ntpd + +# Options to pass to the ntpd process +# Most people should leave this line alone ... +# however, if you know what you're doing, feel free to tweak +NTPD_OPTS="" +@ diff --git a/config-archive/etc/conf.d/ntpd.dist.new b/config-archive/etc/conf.d/ntpd.dist.new new file mode 100644 index 0000000..c651e80 --- /dev/null +++ b/config-archive/etc/conf.d/ntpd.dist.new @@ -0,0 +1,6 @@ +# /etc/conf.d/ntpd + +# Options to pass to the ntpd process +# Most people should leave this line alone ... +# however, if you know what you're doing, feel free to tweak +NTPD_OPTS="-u ntp:ntp" diff --git a/config-archive/etc/conf.d/postgrey,v b/config-archive/etc/conf.d/postgrey,v new file mode 100644 index 0000000..193ca90 --- /dev/null +++ b/config-archive/etc/conf.d/postgrey,v @@ -0,0 +1,79 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Config file for /etc/init.d/postgrey + +# LISTEN TYPE +# Set to 'inet' if you want to use a TCP socket. +# Set to 'unix' if you want to use an UNIX socket. +POSTGREY_TYPE="unix" + +# HOST +# What IP should postgrey bind to? +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_HOST="127.0.0.1" + +# PORT +# What TCP port should postgrey listen on? +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_PORT="10030" + +# SOCKET +# Unix socket to listen on, if POSTGREY_TYPE is set to 'unix'. +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'inet') +POSTGREY_SOCKET="/var/spool/postfix/private/postgrey" + +# PID +# Postgrey pid file. +# Do not change, if you don't know what this is! +POSTGREY_PID="/var/run/postgrey.pid" + +# DELAY +# How long to delay mail that is greylisted in seconds. +POSTGREY_DELAY=300 + +# TEXT +# The response we'll send back with delayed mail. +POSTGREY_TEXT="Greylisted for %s seconds" + +# Additional Postgrey options +# +# -v, --verbose increase verbosity level +# --max-age=N delete entries older than N days since the last time +# that they have been seen (default: 30) +# --retry-window=N allow only N days for the first retrial (default: 2) +# append 'h' if you want to specify it in hours +# --greylist-action=A if greylisted, return A to Postfix (default: DEFER_IF_PERMIT) +# --lookup-by-subnet strip the last 8 bits from IP addresses (default) +# --lookup-by-host do not strip the last 8 bits from IP addresses +# --whitelist-clients=FILE default: /etc/postfix/postgrey_whitelist_clients +# --whitelist-recipients=FILE default: /etc/postfix/postgrey_whitelist_recipients +# +# Note that the --whitelist-x options can be specified multiple times, and that +# per default /etc/postfix/postgrey_whitelist_clients.local is also read, so +# that you can put there local entries. +# +POSTGREY_OPTS="" +@ diff --git a/config-archive/etc/conf.d/postgrey.dist.new b/config-archive/etc/conf.d/postgrey.dist.new new file mode 100644 index 0000000..7a6deb5 --- /dev/null +++ b/config-archive/etc/conf.d/postgrey.dist.new @@ -0,0 +1,55 @@ +# Config file for /etc/init.d/postgrey + +# LISTEN TYPE +# Set to 'inet' if you want to use a TCP socket. +# Set to 'unix' if you want to use an UNIX socket. +POSTGREY_TYPE="inet" + +# HOST +# What IP should postgrey bind to? +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_HOST="127.0.0.1" + +# PORT +# What TCP port should postgrey listen on? +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_PORT="10030" + +# SOCKET +# Unix socket to listen on, if POSTGREY_TYPE is set to 'unix'. +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'inet') +POSTGREY_SOCKET="/var/spool/postfix/private/postgrey" + +# PID +# Postgrey pid file. +# Do not change, if you don't know what this is! +POSTGREY_PID="/var/run/postgrey.pid" + +# DELAY +# How long to delay mail that is greylisted in seconds. +POSTGREY_DELAY=300 + +# TEXT +# The response we'll send back with delayed mail. +POSTGREY_TEXT="Greylisted for %s seconds" + +# Additional Postgrey options +# +# -v, --verbose increase verbosity level +# --max-age=N delete entries older than N days since the last time +# that they have been seen (default: 30) +# --retry-window=N allow only N days for the first retrial (default: 2) +# append 'h' if you want to specify it in hours +# --greylist-action=A if greylisted, return A to Postfix (default: DEFER_IF_PERMIT) +# --lookup-by-subnet strip the last 8 bits from IP addresses (default) +# --lookup-by-host do not strip the last 8 bits from IP addresses +# --whitelist-clients=FILE default: /etc/postfix/postgrey_whitelist_clients +# --whitelist-recipients=FILE default: /etc/postfix/postgrey_whitelist_recipients +# +# Note that the --whitelist-x options can be specified multiple times, and that +# per default /etc/postfix/postgrey_whitelist_clients.local is also read, so +# that you can put there local entries. +# +POSTGREY_OPTS="" diff --git a/config-archive/etc/conf.d/pydoc-2.7,v b/config-archive/etc/conf.d/pydoc-2.7,v new file mode 100644 index 0000000..e2cb294 --- /dev/null +++ b/config-archive/etc/conf.d/pydoc-2.7,v @@ -0,0 +1,56 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.11.11.06.22.13; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.11.11.06.22.28; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/init.d/pydoc.conf +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.2 2008/06/30 15:10:28 hawking Exp $ + +# This file contains the configuration information for pydoc's internal +# webserver. The variables should be rather self explanatory :-) + +# Default port for Python's pydoc server +PYDOC_PORT=7464 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.3 2011/10/27 13:56:55 neurogeek Exp $ +d4 2 +a5 1 +# This file contains the configuration for pydoc's internal webserver. +d7 2 +a8 2 +# Default port for Python's pydoc server. +PYDOC2_7_PORT="7464" +@ diff --git a/config-archive/etc/conf.d/pydoc-3.1,v b/config-archive/etc/conf.d/pydoc-3.1,v new file mode 100644 index 0000000..3fccf5e --- /dev/null +++ b/config-archive/etc/conf.d/pydoc-3.1,v @@ -0,0 +1,56 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.11.11.06.22.13; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.11.11.06.22.31; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/init.d/pydoc.conf +# $Header: /etc/conf.d/.rcs/pydoc-3.1,v 1.1 2010/11/30 20:41:39 root Exp $ + +# This file contains the configuration information for pydoc's internal +# webserver. The variables should be rather self explanatory :-) + +# Default port for Python's pydoc server +PYDOC_PORT=7464 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.3 2011/10/27 13:56:55 neurogeek Exp $ +d4 2 +a5 1 +# This file contains the configuration for pydoc's internal webserver. +d7 2 +a8 2 +# Default port for Python's pydoc server. +PYDOC3_1_PORT="7464" +@ diff --git a/config-archive/etc/conf.d/samba,v b/config-archive/etc/conf.d/samba,v new file mode 100644 index 0000000..b2c6dc3 --- /dev/null +++ b/config-archive/etc/conf.d/samba,v @@ -0,0 +1,69 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.30.05.08.58; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.30.05.09.21; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#add "winbind" to the daemon_list if you also want winbind to start +daemon_list="smbd nmbd" + +#---------------------------------------------------------------------------- +# Daemons calls: _ +#---------------------------------------------------------------------------- +my_service_name="samba" +my_service_PRE="unset TMP TMPDIR" +my_service_POST="" + +#---------------------------------------------------------------------------- +# Daemons calls: _ +#---------------------------------------------------------------------------- +smbd_start_options="-D" +smbd_start="start-stop-daemon --start --exec /usr/sbin/smbd -- ${smbd_start_options}" +smbd_stop="start-stop-daemon --stop --exec /usr/sbin/smbd" +smbd_reload="killall -HUP smbd" + +nmbd_start_options="-D" +nmbd_start="start-stop-daemon --start --exec /usr/sbin/nmbd -- ${nmbd_start_options}" +nmbd_stop="start-stop-daemon --stop --exec /usr/sbin/nmbd" +nmbd_reload="killall -HUP nmbd" + +winbind_start_options="" +winbind_start="start-stop-daemon --start --exec /usr/sbin/winbindd -- ${winbind_start_options}" +winbind_stop="start-stop-daemon --stop --oknodo --exec /usr/sbin/winbindd" +winbind_reload="killall -HUP winbindd" + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d26 1 +a26 1 +winbind_stop="start-stop-daemon --stop --exec /usr/sbin/winbindd" +@ diff --git a/config-archive/etc/conf.d/slapd,v b/config-archive/etc/conf.d/slapd,v new file mode 100644 index 0000000..f57975e --- /dev/null +++ b/config-archive/etc/conf.d/slapd,v @@ -0,0 +1,34 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.22.11.02; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# conf.d file for openldap +# +# To enable both the standard unciphered server and the ssl encrypted +# one uncomment this line or set any other server starting options +# you may desire. +# +# OPTS="-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +OPTS="-h 'ldaps:/// ldap:/// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +# Uncomment the below to use the new slapd configuration for openldap 2.3 +#OPTS="-F /etc/openldap/slapd.d -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +@ diff --git a/config-archive/etc/conf.d/slapd.dist.new b/config-archive/etc/conf.d/slapd.dist.new new file mode 100644 index 0000000..2240ad3 --- /dev/null +++ b/config-archive/etc/conf.d/slapd.dist.new @@ -0,0 +1,9 @@ +# conf.d file for openldap +# +# To enable both the standard unciphered server and the ssl encrypted +# one uncomment this line or set any other server starting options +# you may desire. +# +# OPTS="-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" +# Uncomment the below to use the new slapd configuration for openldap 2.3 +#OPTS="-F /etc/openldap/slapd.d -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" diff --git a/config-archive/etc/conf.d/snmpd,v b/config-archive/etc/conf.d/snmpd,v new file mode 100644 index 0000000..32746ef --- /dev/null +++ b/config-archive/etc/conf.d/snmpd,v @@ -0,0 +1,58 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.22.11.42.13; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.22.11.42.13; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /etc/conf.d/.rcs/snmpd,v 1.1 2010/12/01 06:42:43 root Exp $ + +# Initial (empty) options. +SNMPD_FLAGS="" + +# Enable connection logging. +#SNMPD_FLAGS="${SNMPD_FLAGS} -a" + +# Enable syslog and disable file log. +#SNMPD_FLAGS="${SNMPD_FLAGS} -Lsd -Lf /dev/null" + +# Enable agentx socket as /var/agentx/master +# *NOTE* Before uncommenting this, make sure +# the /var/agentx directory exists. +#SNMPD_FLAGS="${SNMPD_FLAGS} -x /var/agentx/master" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmpd.conf,v 1.8 2006/11/26 21:37:22 cedk Exp $ +@ diff --git a/config-archive/etc/conf.d/snmptrapd,v b/config-archive/etc/conf.d/snmptrapd,v new file mode 100644 index 0000000..957beba --- /dev/null +++ b/config-archive/etc/conf.d/snmptrapd,v @@ -0,0 +1,57 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.22.11.42.13; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.22.11.42.13; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /etc/conf.d/.rcs/snmptrapd,v 1.1 2010/12/01 06:42:43 root Exp $ + +# extra flags to pass to snmptrapd +SNMPTRAPD_FLAGS="" + +# ignore authentication failure traps +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -a" + +# log messages to specified file +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -Lf /var/log/snmptrapd.log" + +# log messages to syslog with the specified facility +# where facility is: 'd' = LOG_DAEMON, 'u' = LOG_USER, [0-7] = LOG_LOCAL[0-7] +#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -Ls d" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmptrapd.conf,v 1.1 2005/01/28 11:19:25 ka0ttic Exp $ +@ diff --git a/config-archive/etc/conf.d/svnserve,v b/config-archive/etc/conf.d/svnserve,v new file mode 100644 index 0000000..a07a47d --- /dev/null +++ b/config-archive/etc/conf.d/svnserve,v @@ -0,0 +1,87 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2010.06.28.21.17.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.26.04.51.47; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.06.28.21.17.24; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# The commented variables in this file are the defaults that are used +# in the init-script. You don't need to uncomment them except to +# customize them to different values. + +# Options for svnserve +#SVNSERVE_OPTS="--root=/var/svn" + +# User and group as which to run svnserve +#SVNSERVE_USER="apache" +#SVNSERVE_GROUP="apache" +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d9 2 +a10 2 +SVNSERVE_USER="svn" +SVNSERVE_GROUP="svnusers" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d9 2 +a10 2 +#SVNSERVE_USER="apache" +#SVNSERVE_GROUP="apache" +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d9 2 +a10 2 +#SVNSERVE_USER="svn" +#SVNSERVE_GROUP="svnusers" +@ diff --git a/config-archive/etc/conf.d/udev,v b/config-archive/etc/conf.d/udev,v new file mode 100644 index 0000000..6d7707d --- /dev/null +++ b/config-archive/etc/conf.d/udev,v @@ -0,0 +1,142 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.06.22.12.00.56; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.04.20.23.14; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.04.20.23.14; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.06.22.12.00.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# /etc/conf.d/udev: config file for udev + +# We discourage to disable persistent-net!! +# this may lead to random interface naming + +# Disable adding new rules for persistent-net +persistent_net_disable="no" + +# Disable adding new rules for persistent-cd +# Disabling this will stop new cdrom devices to appear +# as /dev/{cdrom,cdrw,dvd,dvdrw} +persistent_cd_disable="no" + +# Set to "yes" if you want to save /dev to a tarball on shutdown +# and restore it on startup. This is useful if you have a lot of +# custom device nodes that udev does not handle/know about. +# +# As this option is fragile, we recommend you +# to create your devices in /lib64/udev/devices. +# These will be copied to /dev on boot. +#rc_device_tarball="NO" + +# udev can trigger coldplug events which cause services to start and +# kernel modules to be loaded. +# Services are deferred to start in the boot runlevel. +# Set rc_coldplug="NO" if you don't want this. +# If you want module coldplugging but not coldplugging of services then you +# can disable service coldplugging in baselayout/openrc config files. +# The setting is named different in different versions. +# in /etc/rc.conf: rc_hotplug="!*" or +# in /etc/conf.d/rc: rc_plug_services="!*" +#rc_coldplug="YES" + + + + +# Expert options: + +# Disable warning about unreliable kernel/udev combination +#unreliable_kernel_warning="no" + +# Timeout in seconds to wait for processing of uevents at boot. +# There should be no need to change this. +#udev_settle_timeout="60" + +# Run udevd so that all events are serialized, read more in man udevd at --debug-trace +#udev_trace="YES" + +# Run udevd --debug and write output to /dev/.udev/udev.log +# Should not be kept on as it fills diskspace slowly +#udev_debug="YES" + +# Run udevadmin monitor to get a log of all events +# in /dev/.udev/udevmonitor.log +#udev_monitor="YES" + +# Keep udevmonitor running after populating /dev. +#udev_monitor_keep_running="no" + +# Set cmdline options for udevmonitor. +# could be some of --env --kernel --udev +#udev_monitor_opts="--env" + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d46 7 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a45 7 +# Run udevd so that all events are serialized, read more in man udevd at --debug-trace +#udev_trace="YES" + +# Run udevd --debug and write output to /dev/.udev/udev.log +# Should not be kept on as it fills diskspace slowly +#udev_debug="YES" + +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d46 2 +a47 3 +# Add extra command line options to udevd, use with care +# udevd --help for possible values +#udev_opts="" +@ diff --git a/config-archive/etc/conf.d/urandom,v b/config-archive/etc/conf.d/urandom,v new file mode 100644 index 0000000..61c8fac --- /dev/null +++ b/config-archive/etc/conf.d/urandom,v @@ -0,0 +1,50 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.07.07.29.31; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.39.42; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/conf.d/urandom + +# Sometimes you want to have urandom start before "localmount" +# (say for crypt swap), so you will need to customize this +# behavior. If you have /var on a separate partition, then +# make sure this path lives on your root device somewhere. + +URANDOM_SEED="/var/run/random-seed" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 2 +d7 2 +a8 1 +urandom_seed="/var/run/random-seed" +@ diff --git a/config-archive/etc/conf.d/wireless.example,v b/config-archive/etc/conf.d/wireless.example,v new file mode 100644 index 0000000..947509a --- /dev/null +++ b/config-archive/etc/conf.d/wireless.example,v @@ -0,0 +1,354 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/conf.d/wireless: +# Global wireless config file for net.* rc-scripts + +# +# Usage of /etc/conf.d/wireless is deprecated ... make sure you +# put all settings in /etc/conf.d/net +# + + +############################################################################## +# IMPORTANT +# linux-wlan-ng is not supported as they have their own configuration program +# ensure that /etc/conf.d/net has the entry "!iwconfig" in it's modules line +# Try and use an alternative driver if you need to use this - hostap-driver +# supports non-usb linux-wlan-ng driven devices +############################################################################## + +############################################################################## +# HINTS +############################################################################## +# Remember to change eth0 to your wireless interface which may be +# eth0, eth1, wlan0, ath0 - you get the idea. If you're not sure +# you can type "iwconfig" at the command prompt and it will tell you which +# interfaces are wireless. +# Say that your wireless interface is ath0 - the line +# #essid_eth0="any" +# becomes +# #essid_ath0="any" +# +# Remember to change ESSID to your ESSID. +# Say that your ESSID is My NET - the line +# #key_ESSID="s:passkey" +# becomes +# #key_My_NET="s:passkey" +# Notice that the space has changed to an underscore - do the same with all +# characters not in a-z A-Z (english alphabet) 0-9. This only applies to +# variables and not values. +# +# Any ESSID's in values like essid_eth0="My NET" may need to be escaped +# This means placing the character \ before the character +# \" need to be escaped for example +# So if your ESSID is +# My "\ NET +# it becomes +# My \"\\ NET +# for example +# #essid_eth0="My\"\\NET" +# +# So using the above we can use +# #dns_domain_My____NET="My\"\\NET" +# which is an invalid dns domain, but shows the how to use the variable +# structure +# +# As a final note, most users will just need to set the following options +# key_ESSID1="s:yourkeyhere enc open" # s: means a text key +# key_ESSID2="aaaa-bbbb-cccc-dd" # no s: means a hex key +# preferred_aps=( "ESSID1" "ESSID2" ) +# +# Clear? Good. Now configure your wireless network below +######################################################### + +############################################################################## +# SETTINGS +############################################################################## +# Hard code an ESSID to an interface - leave this unset if you wish the driver +# to scan for available Access Points +# Set to "any" to connect to any ESSID - the driver picks an Access Point +# This needs to be done when the driver doesn't support scanning +# This may work for drivers that don't support scanning but you need automatic +# AP association +# I would only set this as a last resort really - use the preferred_aps +# setting at the bottom of this file + +# However, using ad-hoc (without scanning for APs) and master mode +# do require the ESSID to be set - do this here +#essid_eth0="any" + +# Set the mode of the interface (managed, ad-hoc, master or auto) +# The default is auto +# If it's ad-hoc or master you also may need to specify the channel below +#mode_eth0="auto" + +# If managed mode fails, drop to ad-hoc mode with the below ESSID? +#adhoc_essid_eth0="WLAN" + +#Channel can be set (1-14), but defaults to 3 if not set. +# +# The below is taken verbatim from the BSD wavelan documentation found at +# http://www.netbsd.org/Documentation/network/wavelan.html +# There are 14 channels possible; We are told that channels 1-11 are legal for +# North America, channels 1-13 for most of Europe, channels 10-13 for France, +# and only channel 14 for Japan. If in doubt, please refer to the documentation +# that came with your card or access point. Make sure that the channel you +# select is the same channel your access point (or the other card in an ad-hoc +# network) is on. The default for cards sold in North America and most of Europe +# is 3; the default for cards sold in France is 11, and the default for cards +# sold in Japan is 14. +#channel_eth0="3" + +# Setup any other config commands. This is basically the iwconfig argument +# without the iwconfig $iface. +#iwconfig_eth0="" + +# Set private driver ioctls. This is basically the iwpriv argument without +# the iwpriv $iface. If you use the rt2500 driver (not the rt2x00 one) then +# you can set WPA here, below is an example. +#iwpriv_eth0="" +#iwpriv_ESSID=( +# "set AuthMode=WPAPSK" +# "set EncrypType=TKIP" +# "set WPAPSK=yourpasskey" +#) +#NOTE: Even though you can use WPA like so, you may have to set a WEP key +#if your driver claims the AP is encrypted. The WEP key itself will not be +#used though. + +# Seconds to wait before scanning +# Some drivers need to wait until they have finished "loading" +# before they can scan - otherwise they error and claim that they cannot scan +# or resource is unavailable. The default is to wait zero seconds +#sleep_scan_eth0="1" + +# Seconds to wait until associated. The default is to wait 10 seconds. +# 0 means wait indefinitely. WARNING: this can cause an infinite delay when +# booting. +#associate_timeout_eth0="5" + +# By default a successful association in Managed mode sets the MAC +# address of the AP connected to. However, some drivers (namely +# the ipw2100) don't set an invalid MAC address when association +# fails - so we need to check on link quality which some drivers +# don't report properly either. +# So if you have connection problems try flipping this setting +# Valid options are MAC, quality and all - defaults to MAC +#associate_test_eth0="MAC" + +# Some driver/card combinations need to scan in Ad-Hoc mode +# After scanning, the mode is reset to the one defined above +#scan_mode_eth0="Ad-Hoc" + +# Below you can define private ioctls to run before and after scanning +# Format is the same as the iwpriv_eth0 above +# This is needed for the HostAP drivers +#iwpriv_scan_pre_eth0="host_roaming 2" +#iwpriv_scan_post_eth0="host_roaming 0" + +# Define a WEP key per ESSID or MAC address (of the AP, not your card) +# The encryption type (open or restricted) must match the +# encryption type on the Access Point +# You can't use "any" for an ESSID here +#key_ESSID="1234-1234-1234-1234-1234-1234-56" +# or you can use strings. Passphrase IS NOT supported +# To use a string, prefix it with s: +# Note - this example also sets the encryption method to open +# which is regarded as more secure than restricted +#key_ESSID="s:foobar enc open" +#key_ESSID="s:foobar enc restricted" + +# If you have whitespace in your key, here's how to set it and use other +# commands like using open encryption. +#key_ESSID="s:'foo bar' enc open" + +# WEP key for the AP with MAC address 001122334455 +#mac_key_001122334455="s:foobar" + +# Here are some more examples of keys as some users find others work +# and some don't where they should all do the same thing +#key_ESSID="open s:foobar" +#key_ESSID="open 1234-5678-9012" +#key_ESSID="s:foobar enc open" +#key_ESSID="1234-5678-9012 enc open" + +# You may want to set muliple keys - here's an example +# It sets 4 keys on the card and instructs to use key 2 by default +#key_ESSID="[1] s:passkey1 key [2] s:passkey2 key [3] s:passkey3 key [4] s:passkey4 key [2]" + +# You can also override the interface settings found in /etc/conf.d/net +# per ESSID - which is very handy if you use different networks a lot +#config_ESSID=( "dhcp" ) +#dhcpcd_ESSID="-t 5" +#routes_ESSID=() +#fallback_ESSID=() + +# Setting name/domain server causes /etc/resolv.conf to be overwritten +# Note that if DHCP is used, and you want this to take precedence then +# please put -R in your dhcpcd options +#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) +#dns_domain_ESSID="some.domain" +#dns_search_path_ESSID="search.this.domain search.that.domain" +# Please check the man page for resolv.conf for more information +# as domain and search (searchdomains) are mutually exclusive and +# searchdomains takes precedence + +# You can also set any of the /etc/conf.d/net variables per MAC address +# incase you use Access Points with the same ESSID but need different +# networking configs. Below is an example - of course you use the same +# method with other variables +#config_001122334455=( "dhcp" ) +#dhcpcd_001122334455="-t 10" +#dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) + +# Map a MAC address to an ESSID +# This is used when the Access Point is not broadcasting it's ESSID +# WARNING: This will override the ESSID being broadcast due to some +# Access Points sending an ESSID even when they have been configured +# not to! +# Change 001122334455 to the MAC address and ESSID to the ESSID +# it should map to +#mac_essid_001122334455="ESSID" + +# This lists the preferred ESSIDs to connect to in order +# ESSID's can contain any characters here as they must match the broadcast +# ESSID exactly. +# Surround each ESSID with the " character and seperate them with a space +# If the first ESSID isn't found then it moves onto the next +# If this isn't defined then it connects to the first one found +#preferred_aps=( "ESSID 1" "ESSID 2" ) + +# You can also define a preferred_aps list per interface +#preferred_aps_eth0=( "ESSID 3" "ESSID 4" ) + +# You can also say whether we only connect to preferred APs or not +# Values are "any", "preferredonly", "forcepreferred", "forcepreferredonly" and "forceany" +# "any" means it will connect to visible APs in the preferred list and then any +# other available AP +# "preferredonly" means it will only connect to visible APs in the preferred list +# "forcepreferred" means it will forceably connect to APs in order if it does not find +# them in a scan +# "forcepreferredonly" means it forceably connects to the APs in order and does not bother +# to scan +# "forceany" does the same as forcepreferred + connects to any other available AP +# Default is "any" +#associate_order="any" +#associate_order_eth0="any" + +# You can define blacklisted Access Points in the same way +#blacklist_aps=( "ESSID 1" "ESSID 2" ) +#blacklist_aps_eth0=( "ESSID 3" ESSID 4" ) + +# If you have more than one wireless card, you can say if you want +# to allow each card to associate with the same Access Point or not +# Values are "yes" and "no" +# Default is "yes" +#unique_ap="yes" +#unique_ap_eth0="yes" + +# IMPORTANT: preferred_only, blacklisted_aps and unique_ap only work when +# essid_eth0 is not set and your card is capable of scanning + +# NOTE: preferred_aps list ignores blacklisted_aps - so if you have +# the same ESSID in both, well, you're a bit silly :p + + +############################################################################## +# ADVANCED CONFIGURATION +# +# Two functions can be defined which will be called surrounding the +# associate function. The functions are called with the interface +# name first so that one function can control multiple adapters. +# +# The return values for the preassociate function should be 0 +# (success) to indicate that configuration or deconfiguration of the +# interface can continue. If preassociate returns a non-zero value, then +# interface configuration will be aborted. +# +# The return value for the postassociate function is ignored +# since there's nothing to do if it indicates failure. + +#preassociate() { +# # The below adds two configuration variables leap_user_ESSID +# # and leap_pass_ESSID. When they are both confiugred for the ESSID +# # being connected to then we run the CISCO LEAP script +# +# local user pass +# eval user=\"\$\{leap_user_${ESSIDVAR}\}\" +# eval pass=\"\$\{leap_pass_${ESSIDVAR}\}\" +# +# if [[ -n ${user} && -n ${pass} ]]; then +# if [[ ! -x /opt/cisco/bin/leapscript ]]; then +# eend "For LEAP support, please emerge net-misc/cisco-aironet-client-utils" +# return 1 +# fi +# einfo "Waiting for LEAP Authentication on \"${ESSID//\\\\//}\"" +# if /opt/cisco/bin/leapscript ${user} ${pass} | grep -q 'Login incorrect'; then +# ewarn "Login Failed for ${user}" +# return 1 +# fi +# fi +# +# return 0 +#} + +#postassociate() { +# # This function is mostly here for completeness... I haven't +# # thought of anything nifty to do with it yet ;-) +# # Return 0 always +# return 0 +#} +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d173 1 +a173 1 +# You may want to set multiple keys - here's an example +d195 1 +a195 1 +# in case you use Access Points with the same ESSID but need different +d214 1 +a214 1 +# Surround each ESSID with the " character and separate them with a space +d227 1 +a227 1 +# "forcepreferred" means it will forcibly connect to APs in order if it does not find +d229 1 +a229 1 +# "forcepreferredonly" means it forcibly connects to the APs in order and does not bother +d271 1 +a271 1 +# # and leap_pass_ESSID. When they are both configured for the ESSID +@ diff --git a/config-archive/etc/courier-imap/imapd,v b/config-archive/etc/courier-imap/imapd,v new file mode 100644 index 0000000..db6ea79 --- /dev/null +++ b/config-archive/etc/courier-imap/imapd,v @@ -0,0 +1,479 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.05.17.23.57; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.05.17.24.52; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@##VERSION: $Id: imapd,v 1.1 2009/11/09 22:10:31 root Exp $ +# +# imapd created from imapd.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used with the couriertcpd server. +# A lot of the stuff here is documented in the manual page for couriertcpd. +# +# NOTE - do not use \ to split long variable contents on multiple lines. +# This will break the default imapd.rc script, which parses this file. +# +##NAME: ADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# ADDRESS=127.0.0.1 + +ADDRESS=0 + +##NAME: PORT:1 +# +# Port numbers that connections are accepted on. The default is 143, +# the standard IMAP port. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possible to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The previous ADDRESS setting is a default for ports that do not have +# a specified IP address. + +PORT=143 + +##NAME: AUTHSERVICE:0 +# +# It's possible to authenticate using a different 'service' parameter +# depending on the connection's port. This only works with authentication +# modules that use the 'service' parameter, such as PAM. Example: +# +# AUTHSERVICE143=imap +# AUTHSERVICE993=imaps + +##NAME: MAXDAEMONS:0 +# +# Maximum number of IMAP servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:0 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=10 + +##NAME: PIDFILE:0 +# +# File where couriertcpd will save its process ID +# + +PIDFILE=/var/run/imapd.pid + +##NAME: TCPDOPTS:0 +# +# Miscellaneous couriertcpd options that shouldn't be changed. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=imapd" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@@example.com" + +##NAME: IMAP_CAPABILITY:1 +# +# IMAP_CAPABILITY specifies what most of the response should be to the +# CAPABILITY command. +# +# If you have properly configured Courier to use CRAM-MD5, CRAM-SHA1, or +# CRAM-SHA256 authentication (see INSTALL), set IMAP_CAPABILITY as follows: +# +# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" +# + +IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE" + +##NAME: KEYWORDS_CAPABILITY:0 +# +# IMAP_KEYWORDS=1 enables custom IMAP keywords. Set this option to 0 to +# disable custom keywords. +# +# IMAP_KEYWORDS=2 also enables custom IMAP keywords, but uses a slower +# algorithm. Use this setting if keyword-related problems occur when +# multiple IMAP clients are updating keywords on the same message. + +IMAP_KEYWORDS=1 + +##NAME: ACL_CAPABILITY:0 +# +# IMAP_ACL=1 enables IMAP ACL extension. Set this option to 0 to +# disable ACL capabilities announce. + +IMAP_ACL=1 + +##NAME: SMAP1_CAPABILITY:0 +# +# EXPERIMENTAL +# +# To enable the experimental "Simple Mail Access Protocol" extensions, +# uncomment the following setting. +# +# SMAP_CAPABILITY=SMAP1 + +##NAME: IMAP_CAPABILITY_ORIG:2 +# +# For use by webadmin + +IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" + +##NAME: IMAP_PROXY:0 +# +# Enable proxying. See README.proxy + +IMAP_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. +# +# PROXY_HOSTNAME= + +##NAME: IMAP_PROXY_FOREIGN:0 +# +# Proxying to non-Courier servers. Re-sends the CAPABILITY command after +# logging in to the remote server. May not work with all IMAP clients. + +IMAP_PROXY_FOREIGN=0 + +##NAME: IMAP_IDLE_TIMEOUT:0 +# +# This setting controls how often +# the server polls for changes to the folder, in IDLE mode (in seconds). + +IMAP_IDLE_TIMEOUT=60 + +##NAME: IMAP_MAILBOX_SANITY_CHECK:0 +# +# Sanity check -- make sure home directory and maildir's ownership matches +# the IMAP server's effective uid and gid + +IMAP_MAILBOX_SANITY_CHECK=1 + +##NAME: IMAP_CAPABILITY_TLS:0 +# +# The following setting will advertise SASL PLAIN authentication after +# STARTTLS is established. If you want to allow SASL PLAIN authentication +# with or without TLS then just comment this out, and add AUTH=PLAIN to +# IMAP_CAPABILITY + +IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN" + +##NAME: IMAP_TLS_ORIG:0 +# +# For use by webadmin + +IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN" + +##NAME: IMAP_DISABLETHREADSORT:0 +# +# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands - +# server side sorting and threading. +# +# Those capabilities will still be advertised, but the server will reject +# them. Set this option if you want to disable all the extra load from +# server-side threading and sorting. Not advertising those capabilities +# will simply result in the clients reading the entire folder, and sorting +# it on the client side. That will still put some load on the server. +# advertising these capabilities, but rejecting the commands, will stop this +# silliness. +# + +IMAP_DISABLETHREADSORT=0 + +##NAME: IMAP_CHECK_ALL_FOLDERS:0 +# +# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new +# mail in every folder. Not all IMAP clients use the IMAP's new mail +# indicator, but some do. Normally new mail is checked only in INBOX, +# because it is a comparatively time consuming operation, and it would be +# a complete waste of time unless mail filters are used to deliver +# mail directly to folders. +# +# When IMAP clients are used which support new mail indication, and when +# mail filters are used to sort incoming mail into folders, setting +# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new +# mail in folders. Note that this will result in slightly more load on the +# server. +# + +IMAP_CHECK_ALL_FOLDERS=0 + +##NAME: IMAP_OBSOLETE_CLIENT:0 +# +# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \\NoInferiors to mean +# what \\HasNoChildren really means. + +IMAP_OBSOLETE_CLIENT=0 + +##NAME: IMAP_UMASK:0 +# +# IMAP_UMASK sets the umask of the server process. The value of IMAP_UMASK is +# simply passed to the "umask" command. The default value is 022. +# +# This feature is mostly useful for shared folders, where the file permissions +# of the messages may be important. + +IMAP_UMASK=022 + +##NAME: IMAP_ULIMITD:0 +# +# IMAP_ULIMITD sets the maximum size of the data segment of the server +# process. The value of IMAP_ULIMITD is simply passed to the "ulimit -d" +# command (or ulimit -v). The argument to ulimi sets the upper limit on the +# size of the data segment of the server process, in kilobytes. The default +# value of 65536 sets a very generous limit of 64 megabytes, which should +# be more than plenty for anyone. +# +# This feature is used as an additional safety check that should stop +# any potential denial-of-service attacks that exploit any kind of +# a memory leak to exhaust all the available memory on the server. +# It is theoretically possible that obscenely huge folders will also +# result in the server running out of memory when doing server-side +# sorting (by my calculations you have to have at least 100,000 messages +# in a single folder, for that to happen). + +IMAP_ULIMITD=65536 + +##NAME: IMAP_USELOCKS:0 +# +# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent +# multiple access to the same folder. This incurs slight additional +# overhead. Concurrent multiple access will still work without this setting, +# however occasionally a minor race condition may result in an IMAP client +# downloading the same message twice, or a keyword update will fail. +# +# IMAP_USELOCKS=1 is strongly recommended when shared folders are used. + +IMAP_USELOCKS=1 + +##NAME: IMAP_SHAREDINDEXFILE:0 +# +# The index of all accessible folders. Do not change this setting unless +# you know what you're doing. See README.sharedfolders for additional +# information. + +IMAP_SHAREDINDEXFILE=/etc/courier-imap/shared/index + +##NAME: IMAP_ENHANCEDIDLE:0 +# +# If Courier was compiled with the File Alteration Monitor, setting +# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple +# clients may open the same folder concurrently, and receive updates to +# folder contents in realtime. See the imapd(8) man page for additional +# information. +# +# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included +# in the IMAP_CAPABILITY list. +# + +IMAP_ENHANCEDIDLE=0 + +##NAME: IMAP_TRASHFOLDERNAME:0 +# +# The name of the magic trash Folder. For MSOE compatibility, +# you can set IMAP_TRASHFOLDERNAME="Deleted Items". +# +# IMPORTANT: If you change this, you must also change IMAP_EMPTYTRASH + +IMAP_TRASHFOLDERNAME=Trash + +##NAME: IMAP_EMPTYTRASH:0 +# +# The following setting is optional, and causes messages from the given +# folder to be automatically deleted after the given number of days. +# IMAP_EMPTYTRASH is a comma-separated list of folder:days. The default +# setting, below, purges 7 day old messages from the Trash folder. +# Another useful setting would be: +# +# IMAP_EMPTYTRASH=Trash:7,Sent:30 +# +# This would also delete messages from the Sent folder (presumably copies +# of sent mail) after 30 days. This is a global setting that is applied to +# every mail account, and is probably useful in a controlled, corporate +# environment. +# +# Important: the purging is controlled by CTIME, not MTIME (the file time +# as shown by ls). It is perfectly ordinary to see stuff in Trash that's +# a year old. That's the file modification time, MTIME, that's displayed. +# This is generally when the message was originally delivered to this +# mailbox. Purging is controlled by a different timestamp, CTIME, which is +# changed when the file is moved to the Trash folder (and at other times too). +# +# You might want to disable this setting in certain situations - it results +# in a stat() of every file in each folder, at login and logout. +# + +IMAP_EMPTYTRASH=Trash:7 + +##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0 +# +# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash. This +# effectively allows an undo of message deletion by fishing the deleted +# mail from trash. Trash can be manually expunged as usually, and mail +# will get automatically expunged from Trash according to IMAP_EMPTYTRASH. +# +# NOTE: shared folders are still expunged as usual. Shared folders are +# not affected. +# + +IMAP_MOVE_EXPUNGE_TO_TRASH=0 + + +##NAME: OUTBOX:0 +# +# The next set of options deal with the "Outbox" enhancement. +# Uncomment the following setting to create a special folder, named +# INBOX.Outbox +# +# OUTBOX=.Outbox + +##NAME: SENDMAIL:0 +# +# If OUTBOX is defined, mail can be sent via the IMAP connection by copying +# a message to the INBOX.Outbox folder. For all practical matters, +# INBOX.Outbox looks and behaves just like any other IMAP folder. If this +# folder doesn't exist it must be created by the IMAP mail client, just +# like any other IMAP folder. The kicker: any message copied or moved to +# this folder is will be E-mailed by the Courier-IMAP server, by running +# the SENDMAIL program. Therefore, messages copied or moved to this +# folder must be well-formed RFC-2822 messages, with the recipient list +# specified in the To:, Cc:, and Bcc: headers. Courier-IMAP relies on +# SENDMAIL to read the recipient list from these headers (and delete the Bcc: +# header) by running the command "$SENDMAIL -oi -t -f $SENDER", with the +# message piped on standard input. $SENDER will be the return address +# of the message, which is set by the authentication module. +# +# DO NOT MODIFY SENDMAIL, below, unless you know what you're doing. +# + +SENDMAIL=/usr/sbin/sendmail + +##NAME: HEADERFROM:0 +# +# For administrative and oversight purposes, the return address, $SENDER +# will also be saved in the X-IMAP-Sender mail header. This header gets +# added to the sent E-mail (but it doesn't get saved in the copy of the +# message that's saved in the folder) +# +# WARNING - By enabling OUTBOX above, *every* IMAP mail client will receive +# the magic OUTBOX treatment. Therefore advance LARTing is in order for +# _all_ of your lusers, until every one of them is aware of this. Otherwise if +# OUTBOX is left at its default setting - a folder name that might be used +# accidentally - some people may be in for a rude surprise. You can redefine +# the name of the magic folder by changing OUTBOX, above. You should do that +# and pick a less-obvious name. Perhaps brand it with your organizational +# name ( OUTBOX=.WidgetsAndSonsOutbox ) + +HEADERFROM=X-IMAP-Sender + +##NAME: OUTBOX_MULTIPLE_SEND:0 +# +# Remove the following comment to allow a COPY of more than one message to +# the Outbox, at a time. +# +# OUTBOX_MULTIPLE_SEND=1 + +##NAME: IMAPDSTART:0 +# +# IMAPDSTART is not used directly. Rather, this is a convenient flag to +# be read by your system startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/imapd +# +# case x$IMAPDSTART in +# x[yY]*) +# /usr/lib/courier-imap/imapd.rc start +# ;; +# esac +# +# The default setting is going to be NO, so you'll have to manually flip +# it to yes. + +IMAPDSTART=YES + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +##VERSION: $Id: imapd.dist.in,v 1.41 2008/06/21 16:01:23 mrsam Exp $ +d60 1 +a60 1 +MAXPERIP=4 +d407 1 +a407 1 +# /usr/lib64/courier-imap/imapd.rc start +d414 1 +a414 1 +IMAPDSTART=NO +@ diff --git a/config-archive/etc/courier-imap/imapd-ssl,v b/config-archive/etc/courier-imap/imapd-ssl,v new file mode 100644 index 0000000..c55a07a --- /dev/null +++ b/config-archive/etc/courier-imap/imapd-ssl,v @@ -0,0 +1,381 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.05.17.23.57; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.05.17.25.04; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@##VERSION: $Id: imapd-ssl,v 1.1 2009/11/12 16:09:36 root Exp $ +# +# imapd-ssl created from imapd-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL IMAP connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL IMAP +# connections, you will start two instances of couriertcpd, one on the +# IMAP port 143, and another one on the IMAP-SSL port 993. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:1 +# +# Options in the imapd-ssl configuration file AUGMENT the options in the +# imapd configuration file. First the imapd configuration file is read, +# then the imapd-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 993. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=993 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# +# That's the SSL IMAP port we'll listen on. +# Feel free to redefine MAXDAEMONS, TCPDOPTS, and MAXPERIP. + +SSLPIDFILE=/var/run/imapd-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=imapd-ssl" + +##NAME: IMAPDSSLSTART:0 +# +# Different pid files, so that both instances of couriertcpd can coexist +# happily. +# +# You can also redefine IMAP_CAPABILITY, although I can't +# think of why you'd want to do that. +# +# +# Ok, the following settings are new to imapd-ssl: +# +# Whether or not to start IMAP over SSL on simap port: + +IMAPDSSLSTART=NO + +##NAME: IMAPDSTARTTLS:0 +# +# Whether or not to implement IMAP STARTTLS extension instead: + +IMAPDSTARTTLS=YES + +##NAME: IMAP_TLS_REQUIRED:1 +# +# Set IMAP_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED IMAP capability, until STARTTLS +# is issued). + +IMAP_TLS_REQUIRED=0 + + +######################################################################### +# +# The following variables configure IMAP over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. +# +##NAME: COURIERTLS:0 +# + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) +TLS_PROTOCOL="SSL3" + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the IMAP STARTTLS +# extension, as opposed to IMAP over SSL on port 993. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL +TLS_STARTTLS_PROTOCOL=TLS1 + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/imapd.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for IMAP clients +# that open multiple SSL sessions to the server. TLS_CACHEFILE will be +# automatically created, TLS_CACHESIZE bytes long, and used as a cache +# buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +##VERSION: $Id: imapd-ssl.dist.in,v 1.21 2008/07/12 20:17:24 mrsam Exp $ +d134 1 +d142 1 +@ diff --git a/config-archive/etc/courier-imap/pop3d,v b/config-archive/etc/courier-imap/pop3d,v new file mode 100644 index 0000000..d86e130 --- /dev/null +++ b/config-archive/etc/courier-imap/pop3d,v @@ -0,0 +1,199 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.05.17.23.57; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.05.17.23.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@##VERSION: $Id: pop3d,v 1.1 2009/11/12 16:55:53 root Exp $ +# +# pop3d created from pop3d.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Courier POP3 daemon configuration +# +##NAME: PIDFILE:0 +# + +PIDFILE=/var/run/pop3d.pid + +##NAME: MAXDAEMONS:0 +# +# Maximum number of POP3 servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:4 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=4 + +##NAME: POP3AUTH:1 +# +# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH +# variable: +# +# POP3AUTH="LOGIN" +# +# If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH +# to something like this: +# +# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" + +POP3AUTH="" + +##NAME: POP3AUTH_ORIG:1 +# +# For use by webadmin + +POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" + +##NAME: POP3AUTH_TLS:1 +# +# To also advertise SASL PLAIN if SSL is enabled, uncomment the +# POP3AUTH_TLS environment variable: +# +# POP3AUTH_TLS="LOGIN PLAIN" + +POP3AUTH_TLS="" + +##NAME: POP3AUTH_TLS_ORIG:0 +# +# For use by webadmin + +POP3AUTH_TLS_ORIG="LOGIN PLAIN" + +##NAME: POP3_PROXY:0 +# +# Enable proxying. See README.proxy + +POP3_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. + +# PROXY_HOSTNAME= + +##NAME: PORT:1 +# +# Port to listen on for connections. The default is port 110. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The ADDRESS setting is a default for ports that do not have a specified +# IP address. + +PORT=110 + +##NAME: ADDRESS:0 +# +# IP address to listen on. 0 means all IP addresses. + +ADDRESS=0 + +##NAME: TCPDOPTS:0 +# +# Other couriertcpd(1) options. The following defaults should be fine. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=pop3d" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@@example.com" + +##NAME: POP3DSTART:0 +# +# POP3DSTART is not referenced anywhere in the standard Courier programs +# or scripts. Rather, this is a convenient flag to be read by your system +# startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/pop3d +# case x$POP3DSTART in +# x[yY]*) +# /usr/lib/courier-imap/pop3d.rc start +# ;; +# esac +# +# The default setting is going to be NO, until Courier is shipped by default +# with enough platforms so that people get annoyed with having to flip it to +# YES every time. + +POP3DSTART=NO + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +##VERSION: $Id: pop3d.dist.in,v 1.16 2005/07/05 12:42:51 mrsam Exp $ +d132 1 +a132 1 +# /usr/lib64/courier-imap/pop3d.rc start +@ diff --git a/config-archive/etc/courier-imap/pop3d-ssl,v b/config-archive/etc/courier-imap/pop3d-ssl,v new file mode 100644 index 0000000..968b69b --- /dev/null +++ b/config-archive/etc/courier-imap/pop3d-ssl,v @@ -0,0 +1,363 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.05.17.23.57; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.05.17.23.58; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@##VERSION: $Id: pop3d-ssl,v 1.1 2009/11/12 16:55:53 root Exp $ +# +# pop3d-ssl created from pop3d-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000-2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL POP3 connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL POP3 +# connections, you will start two instances of couriertcpd, one on the +# POP3 port 110, and another one on the POP3-SSL port 995. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:0 +# +# Options in the pop3d-ssl configuration file AUGMENT the options in the +# pop3d configuration file. First the pop3d configuration file is read, +# then the pop3d-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 995. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=995 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# + +SSLPIDFILE=/var/run/pop3d-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=pop3d-ssl" + +##NAME: POP3DSSLSTART:0 +# +# Whether or not to start POP3 over SSL on spop3 port: + +POP3DSSLSTART=NO + +##NAME: POP3_STARTTLS:0 +# +# Whether or not to implement the POP3 STLS extension: + +POP3_STARTTLS=YES + +##NAME: POP3_TLS_REQUIRED:1 +# +# Set POP3_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED POP3 capability, until STARTTLS +# is issued). + +POP3_TLS_REQUIRED=0 + +##NAME: COURIERTLS:0 +# +# The following variables configure POP3 over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the POP3 STARTTLS +# extension, as opposed to POP3 over SSL on port 995. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL + +TLS_STARTTLS_PROTOCOL=TLS1 + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/pop3d.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for long-running +# POP3 clients. TLS_CACHEFILE will be automatically created, TLS_CACHESIZE +# bytes long, and used as a cache buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +##VERSION: $Id: pop3d-ssl.dist.in,v 1.22 2008/07/12 20:17:25 mrsam Exp $ +@ diff --git a/config-archive/etc/courier/authlib/authdaemonrc,v b/config-archive/etc/courier/authlib/authdaemonrc,v new file mode 100644 index 0000000..795a0e0 --- /dev/null +++ b/config-archive/etc/courier/authlib/authdaemonrc,v @@ -0,0 +1,130 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.10.05.17.23.58; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $ +# +# Copyright 2000-2005 Double Precision, Inc. See COPYING for +# distribution information. +# +# authdaemonrc created from authdaemonrc.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# This file configures authdaemond, the resident authentication daemon. +# +# Comments in this file are ignored. Although this file is intended to +# be sourced as a shell script, authdaemond parses it manually, so +# the acceptable syntax is a bit limited. Multiline variable contents, +# with the \ continuation character, are not allowed. Everything must +# fit on one line. Do not use any additional whitespace for indentation, +# or anything else. + +##NAME: authmodulelist:2 +# +# The authentication modules that are linked into authdaemond. The +# default list is installed. You may selectively disable modules simply +# by removing them from the following list. The available modules you +# can use are: authuserdb authpam authshadow authldap authmysql authcustom authpipe + +#authmodulelist="authmysql authldap authpam authuserdb authshadow authcustom authpipe" +#authmodulelist="authpam authuserdb authshadow authcustom authpipe" +authmodulelist="authmysql authpam" + +##NAME: authmodulelistorig:3 +# +# This setting is used by Courier's webadmin module, and should be left +# alone + +authmodulelistorig="authuserdb authpam authshadow authldap authmysql authcustom authpipe" + +##NAME: daemons:0 +# +# The number of daemon processes that are started. authdaemon is typically +# installed where authentication modules are relatively expensive: such +# as authldap, or authmysql, so it's better to have a number of them running. +# PLEASE NOTE: Some platforms may experience a problem if there's more than +# one daemon. Specifically, SystemV derived platforms that use TLI with +# socket emulation. I'm suspicious of TLI's ability to handle multiple +# processes accepting connections on the same filesystem domain socket. +# +# You may need to increase daemons if as your system load increases. Symptoms +# include sporadic authentication failures. If you start getting +# authentication failures, increase daemons. However, the default of 5 +# SHOULD be sufficient. Bumping up daemon count is only a short-term +# solution. The permanent solution is to add more resources: RAM, faster +# disks, faster CPUs... + +daemons=5 + +##NAME: authdaemonvar:2 +# +# authdaemonvar is here, but is not used directly by authdaemond. It's +# used by various configuration and build scripts, so don't touch it! + +authdaemonvar=/var/lib/courier/authdaemon + +##NAME: DEBUG_LOGIN:0 +# +# Dump additional diagnostics to syslog +# +# DEBUG_LOGIN=0 - turn off debugging +# DEBUG_LOGIN=1 - turn on debugging +# DEBUG_LOGIN=2 - turn on debugging + log passwords too +# +# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog. +# +# Note that most information is sent to syslog at level 'debug', so +# you may need to modify your /etc/syslog.conf to be able to see it. + +DEBUG_LOGIN=0 + +##NAME: DEFAULTOPTIONS:0 +# +# A comma-separated list of option=value pairs. Each option is applied +# to an account if the account does not have its own specific value for +# that option. So for example, you can set +# DEFAULTOPTIONS="disablewebmail=1,disableimap=1" +# and then enable webmail and/or imap on individual accounts by setting +# disablewebmail=0 and/or disableimap=0 on the account. + +DEFAULTOPTIONS="" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options, e.g. to set syslog facility +# + +LOGGEROPTS="" + +##NAME: LDAP_TLS_OPTIONS:0 +# +# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'. +# Examples: +# +#LDAPTLS_CACERT=/path/to/cacert.pem +#LDAPTLS_REQCERT=demand +#LDAPTLS_CERT=/path/to/clientcert.pem +#LDAPTLS_KEY=/path/to/clientkey.pem +@ diff --git a/config-archive/etc/courier/authlib/authdaemonrc.dist.new b/config-archive/etc/courier/authlib/authdaemonrc.dist.new new file mode 100644 index 0000000..9dba818 --- /dev/null +++ b/config-archive/etc/courier/authlib/authdaemonrc.dist.new @@ -0,0 +1,103 @@ +##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $ +# +# Copyright 2000-2005 Double Precision, Inc. See COPYING for +# distribution information. +# +# authdaemonrc created from authdaemonrc.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# This file configures authdaemond, the resident authentication daemon. +# +# Comments in this file are ignored. Although this file is intended to +# be sourced as a shell script, authdaemond parses it manually, so +# the acceptable syntax is a bit limited. Multiline variable contents, +# with the \ continuation character, are not allowed. Everything must +# fit on one line. Do not use any additional whitespace for indentation, +# or anything else. + +##NAME: authmodulelist:2 +# +# The authentication modules that are linked into authdaemond. The +# default list is installed. You may selectively disable modules simply +# by removing them from the following list. The available modules you +# can use are: authuserdb authpam authshadow authldap authmysql authcustom authpipe + +authmodulelist="authmysql " + +##NAME: authmodulelistorig:3 +# +# This setting is used by Courier's webadmin module, and should be left +# alone + +authmodulelistorig="authuserdb authpam authshadow authldap authmysql authcustom authpipe" + +##NAME: daemons:0 +# +# The number of daemon processes that are started. authdaemon is typically +# installed where authentication modules are relatively expensive: such +# as authldap, or authmysql, so it's better to have a number of them running. +# PLEASE NOTE: Some platforms may experience a problem if there's more than +# one daemon. Specifically, SystemV derived platforms that use TLI with +# socket emulation. I'm suspicious of TLI's ability to handle multiple +# processes accepting connections on the same filesystem domain socket. +# +# You may need to increase daemons if as your system load increases. Symptoms +# include sporadic authentication failures. If you start getting +# authentication failures, increase daemons. However, the default of 5 +# SHOULD be sufficient. Bumping up daemon count is only a short-term +# solution. The permanent solution is to add more resources: RAM, faster +# disks, faster CPUs... + +daemons=5 + +##NAME: authdaemonvar:2 +# +# authdaemonvar is here, but is not used directly by authdaemond. It's +# used by various configuration and build scripts, so don't touch it! + +authdaemonvar=/var/lib/courier/authdaemon + +##NAME: DEBUG_LOGIN:0 +# +# Dump additional diagnostics to syslog +# +# DEBUG_LOGIN=0 - turn off debugging +# DEBUG_LOGIN=1 - turn on debugging +# DEBUG_LOGIN=2 - turn on debugging + log passwords too +# +# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog. +# +# Note that most information is sent to syslog at level 'debug', so +# you may need to modify your /etc/syslog.conf to be able to see it. + +DEBUG_LOGIN=0 + +##NAME: DEFAULTOPTIONS:0 +# +# A comma-separated list of option=value pairs. Each option is applied +# to an account if the account does not have its own specific value for +# that option. So for example, you can set +# DEFAULTOPTIONS="disablewebmail=1,disableimap=1" +# and then enable webmail and/or imap on individual accounts by setting +# disablewebmail=0 and/or disableimap=0 on the account. + +DEFAULTOPTIONS="" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options, e.g. to set syslog facility +# + +LOGGEROPTS="" + +##NAME: LDAP_TLS_OPTIONS:0 +# +# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'. +# Examples: +# +#LDAPTLS_CACERT=/path/to/cacert.pem +#LDAPTLS_REQCERT=demand +#LDAPTLS_CERT=/path/to/clientcert.pem +#LDAPTLS_KEY=/path/to/clientkey.pem diff --git a/config-archive/etc/courier/authlib/authldaprc,v b/config-archive/etc/courier/authlib/authldaprc,v new file mode 100644 index 0000000..d24bfb0 --- /dev/null +++ b/config-archive/etc/courier/authlib/authldaprc,v @@ -0,0 +1,314 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.02.26.23.29.19; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.02.26.23.29.19; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@##VERSION: $Id: authldaprc,v 1.1 2010/11/30 22:01:39 root Exp $ +# +# Copyright 2000-2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authldaprc created from authldaprc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the LDAP admin password! +# +# This configuration file specifies LDAP authentication parameters +# +# The format of this file must be as follows: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. No trailing spaces. +# +# Here are the fields: + +##NAME: LOCATION:1 +# +# Location of your LDAP server(s). If you have multiple LDAP servers, +# you can list them separated by commas and spaces, and they will be tried in +# turn. + +LDAP_URI ldaps://ldap.example.com, ldaps://backup.example.com + +##NAME: LDAP_PROTOCOL_VERSION:0 +# +# Which version of LDAP protocol to use + +LDAP_PROTOCOL_VERSION 3 + +##NAME: LDAP_BASEDN:0 +# +# Look for authentication here: + +LDAP_BASEDN o=example, c=com + +##NAME: LDAP_BINDDN:0 +# +# You may or may not need to specify the following. Because you've got +# a password here, authldaprc should not be world-readable!!! + +LDAP_BINDDN cn=administrator, o=example, c=com +LDAP_BINDPW toto + +##NAME: LDAP_TIMEOUT:0 +# +# Timeout for LDAP search and connection + +LDAP_TIMEOUT 5 + +##NAME: LDAP_AUTHBIND:0 +# +# Define this to have the ldap server authenticate passwords. If LDAP_AUTHBIND +# the password is validated by rebinding with the supplied userid and password. +# If rebind succeeds, this is considered to be an authenticated request. This +# does not support CRAM-MD5 authentication, which requires clearPassword. +# Additionally, if LDAP_AUTHBIND is 1 then password changes are done under +# the credentials of the user themselves, not LDAP_BINDDN/BINDPW +# +# LDAP_AUTHBIND 1 + +##NAME: LDAP_MAIL:0 +# +# Here's the field on which we query + +LDAP_MAIL mail + +##NAME: LDAP_FILTER:0 +# +# This LDAP filter will be ANDed with the query for the field defined above +# in LDAP_MAIL. So if you are querying for mail, and you have LDAP_FILTER +# defined to be "(objectClass=CourierMailAccount)" the query that is performed +# will be "(&(objectClass=CourierMailAccount)(mail=))" +# +# LDAP_FILTER (objectClass=CourierMailAccount) + +##NAME: LDAP_DOMAIN:0 +# +# The following default domain will be appended, if not explicitly specified. +# +# LDAP_DOMAIN example.com + +##NAME: LDAP_GLOB_IDS:0 +# +# The following two variables can be used to set everybody's uid and gid. +# This is convenient if your LDAP specifies a bunch of virtual mail accounts +# The values can be usernames or userids: +# +# LDAP_GLOB_UID vmail +# LDAP_GLOB_GID vmail + +##NAME: LDAP_HOMEDIR:0 +# +# We will retrieve the following attributes +# +# The HOMEDIR attribute MUST exist, and we MUST be able to chdir to it + +LDAP_HOMEDIR homeDirectory + +##NAME: LDAP_MAILROOT:0 +# +# If homeDirectory is not an absolute path, define the root of the +# relative paths in LDAP_MAILROOT +# +# LDAP_MAILROOT /var/mail + + +##NAME: LDAP_MAILDIR:0 +# +# The MAILDIR attribute is OPTIONAL, and specifies the location of the +# mail directory. If not specified, ./Maildir will be used + +LDAP_MAILDIR mailbox + +##NAME: LDAP_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional attribute specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd + +LDAP_DEFAULTDELIVERY defaultDelivery + +##NAME: LDAP_MAILDIRQUOTA:0 +# +# The following variable, if defined, specifies the field containing the +# maildir quota, see README.maildirquota for more information +# +# LDAP_MAILDIRQUOTA quota + + +##NAME: LDAP_FULLNAME:0 +# +# FULLNAME is optional, specifies the user's full name + +LDAP_FULLNAME cn + +##NAME: LDAP_PW:0 +# +# CLEARPW is the clear text password. CRYPT is the crypted password. +# ONE OF THESE TWO ATTRIBUTES IS REQUIRED. If CLEARPW is provided, and +# libhmac.a is available, CRAM authentication will be possible! + +LDAP_CLEARPW clearPassword +LDAP_CRYPTPW userPassword + +##NAME: LDAP_IDS:0 +# +# Uncomment the following, and modify as appropriate, if your LDAP database +# stores individual userids and groupids. Otherwise, you must uncomment +# LDAP_GLOB_UID and LDAP_GLOB_GID above. LDAP_GLOB_UID and LDAP_GLOB_GID +# specify a uid/gid for everyone. Otherwise, LDAP_UID and LDAP_GID must +# be defined as attributes for everyone. +# +# LDAP_UID uidNumber +# LDAP_GID gidNumber + + +##NAME: LDAP_AUXOPTIONS:0 +# +# Auxiliary options. The LDAP_AUXOPTIONS setting should contain a list of +# comma-separated "ATTRIBUTE=NAME" pairs. These names are additional +# attributes that define various per-account "options", as given in +# INSTALL's description of the OPTIONS setting. +# +# Each ATTRIBUTE specifies an LDAP attribute name. If it is present, +# the attribute value gets placed in the OPTIONS variable, with the name +# NAME. For example: +# +# LDAP_AUXOPTIONS shared=sharedgroup,disableimap=disableimap +# +# Then, if an LDAP record contains the following attributes: +# +# shared: domain1 +# disableimap: 0 +# +# Then authldap will initialize OPTIONS to "sharedgroup=domain1,disableimap=0" +# +# NOTE: ** no spaces in this setting **, the above example has exactly +# one tab character after LDAP_AUXOPTIONS + + +##NAME: LDAP_ENUMERATE_FILTER:0 +# +# {EXPERIMENTAL} +# Optional custom filter used when enumerating accounts for authenumerate, +# in order to compile a list of accounts for shared folders. If present, +# this filter will be used instead of LDAP_FILTER. +# +# LDAP_ENUMERATE_FILTER (&(objectClass=CourierMailAccount)(!(disableshared=1))) + + +##NAME: LDAP_DEREF:0 +# +# Determines how aliases are handled during a search. This option is available +# only with OpenLDAP 2.0 +# +# LDAP_DEREF can be one of the following values: +# never, searching, finding, always. If not specified, aliases are +# never dereferenced. + +LDAP_DEREF never + +##NAME: LDAP_TLS:0 +# +# Set LDAP_TLS to 1 to use the Start TLS extension (RFC 2830). This is +# when the server accepts a normal LDAP connection on port 389 which +# the client then requests 'upgrading' to TLS, and is equivalent to the +# -ZZ flag to ldapsearch. If you are using an ldaps:// URI then do not +# set this option. +# +# For additional LDAP-related options, see the authdaemonrc config file. + +LDAP_TLS 0 + +##NAME: LDAP_EMAILMAP:0 +# +# The following optional settings, if enabled, result in an extra LDAP +# lookup to first locate a handle for an E-mail address, then a second lookup +# on that handle to get the actual authentication record. You'll need +# to uncomment these settings to enable an email handle lookup. +# +# The E-mail address must be of the form user@@realm, and this is plugged +# into the following search string. "@@user@@" and "@@realm@@" are placeholders +# for the user and the realm portions of the login ID. +# +# LDAP_EMAILMAP (&(userid=@@user@@)(realm=@@realm@@)) + +##NAME: LDAP_EMAILMAP_BASEDN:0 +# +# Specify the basedn for the email lookup. The default is LDAP_BASEDN. +# +# LDAP_EMAILMAP_BASEDN o=emailmap, c=com + + +##NAME: LDAP_EMAILMAP_ATTRIBUTE:0 +# +# The attribute which holds the handle. The contents of this attribute +# are then plugged into the regular authentication lookup, and you must set +# LDAP_EMAILMAP_MAIL to the name of this attribute in the authentication +# records (which may be the same as LDAP_MAIL). +# You MUST also leave LDAP_DOMAIN undefined. This enables authenticating +# by handles only. +# +# Here's an example: +# +# dn: userid=john, realm=example.com, o=emailmap, c=com # LDAP_EMAILMAP_BASEDN +# userid: john # LDAP_EMAILMAP search +# realm: example.com # LDAP_EMAILMAP search +# handle: cc223344 # LDAP_EMAILMAP_ATTRIBUTE +# +# +# dn: controlHandle=cc223344, o=example, c=com # LDAP_BASEDN +# controlHandle: cc223344 # LDAP_EMAILMAP_MAIL set to "controlHandle" +# uid: ... +# gid: ... +# [ etc... ] +# +# LDAP_EMAILMAP_ATTRIBUTE handle + +##NAME: LDAP_EMAILMAP_MAIL:0 +# +# After reading LDAP_EMAIL_ATTRIBUTE, the second query will go against +# LDAP_BASEDN, but will key against LDAP_EMAILMAP_MAIL instead of LDAP_MAIL. +# +# LDAP_EMAILMAP_MAIL mail +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +##VERSION: $Id: authldaprc,v 1.25 2005/10/05 00:07:32 mrsam Exp $ +@ diff --git a/config-archive/etc/courier/authlib/authmysqlrc,v b/config-archive/etc/courier/authlib/authmysqlrc,v new file mode 100644 index 0000000..2f31de4 --- /dev/null +++ b/config-archive/etc/courier/authlib/authmysqlrc,v @@ -0,0 +1,321 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.02.26.23.29.19; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@##VERSION: $Id: authmysqlrc,v 1.20 2007/10/07 02:50:45 mrsam Exp $ +# +# Copyright 2000-2007 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authmysqlrc created from authmysqlrc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the MySQL admin password! +# +# Each line in this file must follow the following format: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. Trailing spaces are prohibited. + + +##NAME: LOCATION:0 +# +# The server name, userid, and password used to log in. +# +#MYSQL_SERVER mysql.example.com +#MYSQL_USERNAME admin +#MYSQL_PASSWORD admin +# + +MYSQL_SERVER localhost +MYSQL_USERNAME vmail +MYSQL_PASSWORD Pee5au0T + +##NAME: SSLINFO:0 +# +# The SSL information. +# +# To use SSL-encrypted connections, define the following variables (available +# in MySQL 4.0, or higher): +# +# +# MYSQL_SSL_KEY /path/to/file +# MYSQL_SSL_CERT /path/to/file +# MYSQL_SSL_CACERT /path/to/file +# MYSQL_SSL_CAPATH /path/to/file +# MYSQL_SSL_CIPHERS ALL:!DES + +##NAME: MYSQL_SOCKET:0 +# +# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the +# filesystem pipe used for the connection +# +MYSQL_SOCKET /var/run/mysqld/mysqld.sock + +##NAME: MYSQL_PORT:0 +# +# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to +# connect to. + +MYSQL_PORT 0 + +##NAME: MYSQL_OPT:0 +# +# Leave MYSQL_OPT as 0, unless you know what you're doing. + +MYSQL_OPT 0 + +##NAME: MYSQL_DATABASE:0 +# +# The name of the MySQL database we will open: + +MYSQL_DATABASE vmail + +#NAME: MYSQL_CHARACTER_SET:0 +# +# This is optional. MYSQL_CHARACTER_SET installs a character set. This option +# can be used with MySQL version 4.1 or later. MySQL supports 70+ collations +# for 30+ character sets. See MySQL documentations for more detalis. +# +# MYSQL_CHARACTER_SET latin1 + +##NAME: MYSQL_USER_TABLE:0 +# +# The name of the table containing your user data. See README.authmysqlrc +# for the required fields in this table. + +MYSQL_USER_TABLE users + +##NAME: MYSQL_CRYPT_PWFIELD:0 +# +# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both +# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext +# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow +# CRAM-MD5 authentication to be implemented. + +#MYSQL_CRYPT_PWFIELD crypt + +##NAME: MYSQL_CLEAR_PWFIELD:0 +# +# +MYSQL_CLEAR_PWFIELD clear + +##NAME: MYSQL_DEFAULT_DOMAIN:0 +# +# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', +# we will look up 'user@@DEFAULT_DOMAIN' instead. +# +# +# DEFAULT_DOMAIN example.com + +##NAME: MYSQL_UID_FIELD:0 +# +# Other fields in the mysql table: +# +# MYSQL_UID_FIELD - contains the numerical userid of the account +# +MYSQL_UID_FIELD uid + +##NAME: MYSQL_GID_FIELD:0 +# +# Numerical groupid of the account + +MYSQL_GID_FIELD gid + +##NAME: MYSQL_LOGIN_FIELD:0 +# +# The login id, default is id. Basically the query is: +# +# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid' +# + +MYSQL_LOGIN_FIELD email + +##NAME: MYSQL_HOME_FIELD:0 +# + +MYSQL_HOME_FIELD homedir + +##NAME: MYSQL_NAME_FIELD:0 +# +# The user's name (optional) + +MYSQL_NAME_FIELD name + +##NAME: MYSQL_MAILDIR_FIELD:0 +# +# This is an optional field, and can be used to specify an arbitrary +# location of the maildir for the account, which normally defaults to +# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD). +# +# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this +# out. +# +MYSQL_MAILDIR_FIELD maildir + +##NAME: MYSQL_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional field specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd +# +# MYSQL_DEFAULTDELIVERY defaultdelivery + +##NAME: MYSQL_QUOTA_FIELD:0 +# +# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally +# specify a maildir quota. See README.maildirquota for more information +# +MYSQL_QUOTA_FIELD quota + +##NAME: MYSQL_AUXOPTIONS:0 +# +# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that +# contains a single string consisting of comma-separated "ATTRIBUTE=NAME" +# pairs. These names are additional attributes that define various per-account +# "options", as given in INSTALL's description of the "Account OPTIONS" +# setting. +# +# MYSQL_AUXOPTIONS_FIELD auxoptions +# +# You might want to try something like this, if you'd like to use a bunch +# of individual fields, instead of a single text blob: +# +# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) +# +# This will let you define fields called "disableimap", etc, with the end result +# being something that the OPTIONS parser understands. + + +##NAME: MYSQL_WHERE_CLAUSE:0 +# +# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary +# fixed string that is appended to the WHERE clause of our query +# +MYSQL_WHERE_CLAUSE enabled='y' + +##NAME: MYSQL_SELECT_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do a SELECT operation on database, which should return fields +# in order specified bellow: +# +# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options +# +# The username field should include the domain (see example below). +# +# Enabling this option causes ignorance of any other field-related +# options, excluding default domain. +# +# There are two variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. These variables are: +# $(local_part), $(domain), $(service) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# +# $(service) will expand out to the service being authenticated: imap, imaps, +# pop3 or pop3s. Courier mail server only: service will also expand out to +# "courier", when searching for local mail account's location. In this case, +# if the "maildir" field is not empty it will be used in place of +# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing +# authenticated ESMTP. +# +# This example is a little bit modified adaptation of vmail-sql +# database scheme: +# +# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@@', popbox.domain_name), \ +# CONCAT('{MD5}', popbox.password_hash), \ +# popbox.clearpw, \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# domain.quota, \ +# '', \ +# CONCAT("disableimap=",disableimap,",disablepop3=", \ +# disablepop3,",disablewebmail=",disablewebmail, \ +# ",sharedgroup=",sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: MYSQL_ENUMERATE_CLAUSE:1 +# +# {EXPERIMENTAL} +# Optional custom SQL query used to enumerate accounts for authenumerate, +# in order to compile a list of accounts for shared folders. The query +# should return the following fields: name, uid, gid, homedir, maildir, options +# +# Example: +# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@@', popbox.domain_name), \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# CONCAT('sharedgroup=', sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + + +##NAME: MYSQL_CHPASS_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do an UPDATE operation on database. In other words, it is +# used, when changing password. +# +# There are four variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. There variables are: +# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# $(newpass) contains plain password +# $(newpass_crypt) contains its crypted form +# +# MYSQL_CHPASS_CLAUSE UPDATE popbox \ +# SET clearpw='$(newpass)', \ +# password_hash='$(newpass_crypt)' \ +# WHERE local_part='$(local_part)' \ +# AND domain_name='$(domain)' +# + +MYSQL_CHPASS_CLAUSE UPDATE users \ + SET clear='$(newpass)' \ + WHERE email='$(local_part)@@$(domain)' +@ diff --git a/config-archive/etc/courier/authlib/authmysqlrc.dist.new b/config-archive/etc/courier/authlib/authmysqlrc.dist.new new file mode 100644 index 0000000..dd645e1 --- /dev/null +++ b/config-archive/etc/courier/authlib/authmysqlrc.dist.new @@ -0,0 +1,288 @@ +##VERSION: $Id: authmysqlrc,v 1.20 2007/10/07 02:50:45 mrsam Exp $ +# +# Copyright 2000-2007 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authmysqlrc created from authmysqlrc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the MySQL admin password! +# +# Each line in this file must follow the following format: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. Trailing spaces are prohibited. + + +##NAME: LOCATION:0 +# +# The server name, userid, and password used to log in. + +MYSQL_SERVER mysql.example.com +MYSQL_USERNAME admin +MYSQL_PASSWORD admin + +##NAME: SSLINFO:0 +# +# The SSL information. +# +# To use SSL-encrypted connections, define the following variables (available +# in MySQL 4.0, or higher): +# +# +# MYSQL_SSL_KEY /path/to/file +# MYSQL_SSL_CERT /path/to/file +# MYSQL_SSL_CACERT /path/to/file +# MYSQL_SSL_CAPATH /path/to/file +# MYSQL_SSL_CIPHERS ALL:!DES + +##NAME: MYSQL_SOCKET:0 +# +# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the +# filesystem pipe used for the connection +# +# MYSQL_SOCKET /var/mysql/mysql.sock + +##NAME: MYSQL_PORT:0 +# +# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to +# connect to. + +MYSQL_PORT 0 + +##NAME: MYSQL_OPT:0 +# +# Leave MYSQL_OPT as 0, unless you know what you're doing. + +MYSQL_OPT 0 + +##NAME: MYSQL_DATABASE:0 +# +# The name of the MySQL database we will open: + +MYSQL_DATABASE mysql + +#NAME: MYSQL_CHARACTER_SET:0 +# +# This is optional. MYSQL_CHARACTER_SET installs a character set. This option +# can be used with MySQL version 4.1 or later. MySQL supports 70+ collations +# for 30+ character sets. See MySQL documentations for more detalis. +# +# MYSQL_CHARACTER_SET latin1 + +##NAME: MYSQL_USER_TABLE:0 +# +# The name of the table containing your user data. See README.authmysqlrc +# for the required fields in this table. + +MYSQL_USER_TABLE passwd + +##NAME: MYSQL_CRYPT_PWFIELD:0 +# +# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both +# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext +# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow +# CRAM-MD5 authentication to be implemented. + +MYSQL_CRYPT_PWFIELD crypt + +##NAME: MYSQL_CLEAR_PWFIELD:0 +# +# +# MYSQL_CLEAR_PWFIELD clear + +##NAME: MYSQL_DEFAULT_DOMAIN:0 +# +# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', +# we will look up 'user@DEFAULT_DOMAIN' instead. +# +# +# DEFAULT_DOMAIN example.com + +##NAME: MYSQL_UID_FIELD:0 +# +# Other fields in the mysql table: +# +# MYSQL_UID_FIELD - contains the numerical userid of the account +# +MYSQL_UID_FIELD uid + +##NAME: MYSQL_GID_FIELD:0 +# +# Numerical groupid of the account + +MYSQL_GID_FIELD gid + +##NAME: MYSQL_LOGIN_FIELD:0 +# +# The login id, default is id. Basically the query is: +# +# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid' +# + +MYSQL_LOGIN_FIELD id + +##NAME: MYSQL_HOME_FIELD:0 +# + +MYSQL_HOME_FIELD home + +##NAME: MYSQL_NAME_FIELD:0 +# +# The user's name (optional) + +MYSQL_NAME_FIELD name + +##NAME: MYSQL_MAILDIR_FIELD:0 +# +# This is an optional field, and can be used to specify an arbitrary +# location of the maildir for the account, which normally defaults to +# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD). +# +# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this +# out. +# +# MYSQL_MAILDIR_FIELD maildir + +##NAME: MYSQL_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional field specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd +# +# MYSQL_DEFAULTDELIVERY defaultdelivery + +##NAME: MYSQL_QUOTA_FIELD:0 +# +# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally +# specify a maildir quota. See README.maildirquota for more information +# +# MYSQL_QUOTA_FIELD quota + +##NAME: MYSQL_AUXOPTIONS:0 +# +# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that +# contains a single string consisting of comma-separated "ATTRIBUTE=NAME" +# pairs. These names are additional attributes that define various per-account +# "options", as given in INSTALL's description of the "Account OPTIONS" +# setting. +# +# MYSQL_AUXOPTIONS_FIELD auxoptions +# +# You might want to try something like this, if you'd like to use a bunch +# of individual fields, instead of a single text blob: +# +# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) +# +# This will let you define fields called "disableimap", etc, with the end result +# being something that the OPTIONS parser understands. + + +##NAME: MYSQL_WHERE_CLAUSE:0 +# +# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary +# fixed string that is appended to the WHERE clause of our query +# +# MYSQL_WHERE_CLAUSE server='mailhost.example.com' + +##NAME: MYSQL_SELECT_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do a SELECT operation on database, which should return fields +# in order specified bellow: +# +# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options +# +# The username field should include the domain (see example below). +# +# Enabling this option causes ignorance of any other field-related +# options, excluding default domain. +# +# There are two variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. These variables are: +# $(local_part), $(domain), $(service) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# +# $(service) will expand out to the service being authenticated: imap, imaps, +# pop3 or pop3s. Courier mail server only: service will also expand out to +# "courier", when searching for local mail account's location. In this case, +# if the "maildir" field is not empty it will be used in place of +# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing +# authenticated ESMTP. +# +# This example is a little bit modified adaptation of vmail-sql +# database scheme: +# +# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \ +# CONCAT('{MD5}', popbox.password_hash), \ +# popbox.clearpw, \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# domain.quota, \ +# '', \ +# CONCAT("disableimap=",disableimap,",disablepop3=", \ +# disablepop3,",disablewebmail=",disablewebmail, \ +# ",sharedgroup=",sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: MYSQL_ENUMERATE_CLAUSE:1 +# +# {EXPERIMENTAL} +# Optional custom SQL query used to enumerate accounts for authenumerate, +# in order to compile a list of accounts for shared folders. The query +# should return the following fields: name, uid, gid, homedir, maildir, options +# +# Example: +# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# CONCAT('sharedgroup=', sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + + +##NAME: MYSQL_CHPASS_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do an UPDATE operation on database. In other words, it is +# used, when changing password. +# +# There are four variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. There variables are: +# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# $(newpass) contains plain password +# $(newpass_crypt) contains its crypted form +# +# MYSQL_CHPASS_CLAUSE UPDATE popbox \ +# SET clearpw='$(newpass)', \ +# password_hash='$(newpass_crypt)' \ +# WHERE local_part='$(local_part)' \ +# AND domain_name='$(domain)' +# diff --git a/config-archive/etc/cron.daily/mlocate,v b/config-archive/etc/cron.daily/mlocate,v new file mode 100755 index 0000000..b0cc70c --- /dev/null +++ b/config-archive/etc/cron.daily/mlocate,v @@ -0,0 +1,206 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.03.16.10.47.57; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2011.01.31.12.51.25; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.01.31.12.52.23; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.03.16.10.47.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@#! /bin/sh +set -e + +# check if we run on battery and if so then don't run +if which on_ac_power >/dev/null 2>&1; then + ON_BATTERY=0 + on_ac_power >/dev/null 2>&1 || ON_BATTERY=$? + if [ "${ON_BATTERY}" -eq 1 ]; then + exit 0 + fi +fi + +# check if we are already running (lockfile) +LOCKFILE="/var/lock/mlocate.daily.lock" +trap "rm -f ${LOCKFILE}" EXIT +if [ -e "${LOCKFILE}" ]; then + echo >&2 "Warning: \"${LOCKFILE}\" already present, not running updatedb." + exit 1 +else + touch "${LOCKFILE}" +fi + +# source the user specified variables +if [ -f /etc/mlocate-cron.conf ]; then + . /etc/mlocate-cron.conf +fi + +# check the config file +ARGS="" +if [ ! -f /etc/updatedb.conf ]; then + nodevs=$(< /proc/filesystems awk '$1 == "nodev" && $2 != "rootfs" { print $2 }') + ARGS="-f ${nodevs}" +fi + +# alter the priority of the updatedb process +if [ -x /usr/bin/renice ]; then + /usr/bin/renice +${NICE:-19} -p $$ > /dev/null 2>&1 +fi +if [ -x /usr/bin/ionice ] && /usr/bin/ionice -c3 true 2>/dev/null; then + /usr/bin/ionice -c${IONICE_CLASS:-2} -n${IONICE_PRIORITY:-7} -p $$ > /dev/null 2>&1 +fi + +# run the updatedb if possible +if [ -x /usr/bin/updatedb ]; then + /usr/bin/updatedb ${ARGS} +else + echo >&2 "Warning: \"/usr/bin/updatedb\" is not executable, unable to run updatedb." + exit 0 +fi +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +d4 6 +a9 7 +if [ -x /usr/bin/updatedb ] +then + if [ -f /etc/updatedb.conf ] + then + args="" + else + args="-f proc" +d11 16 +d28 6 +a33 4 + if [ -f /etc/mlocate-cron.conf ] + then + . /etc/mlocate-cron.conf + fi +d35 7 +a41 3 + # run on active process in case ionice isnt installed, or + # system is really old and ionice doesnt work ... + ionice -c ${IONICE_CLASS:-2} -n ${IONICE_PRIORITY:-7} -p $$ 2>/dev/null +d43 6 +a48 1 + nice -n ${NICE:-10} /usr/bin/updatedb ${args} +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a1 1 +set -e +d3 7 +a9 6 +# check if we run on battery and if so then don't run +if which on_ac_power >/dev/null 2>&1; then + ON_BATTERY=0 + on_ac_power >/dev/null 2>&1 || ON_BATTERY=$? + if [ "${ON_BATTERY}" -eq 1 ]; then + exit 0 +a10 1 +fi +d12 4 +a15 14 +# check if we are already running (lockfile) +LOCKFILE="/var/lock/mlocate.daily.lock" +trap "rm -f ${LOCKFILE}" EXIT +if [ -e "${LOCKFILE}" ]; then + echo >&2 "Warning: \"${LOCKFILE}\" already present, not running updatedb." + exit 1 +else + touch "${LOCKFILE}" +fi + +# source the user specified variables +if [ -f /etc/mlocate-cron.conf ]; then + . /etc/mlocate-cron.conf +fi +d17 3 +a19 14 +# check the config file +ARGS="" +if [ ! -f /etc/updatedb.conf ]; then + nodevs=$(< /proc/filesystems awk '$1 == "nodev" && $2 != "rootfs" { print $2 }') + ARGS="-f ${nodevs}" +fi + +# alter the priority of the updatedb process +if [ -x /usr/bin/renice ]; then + /usr/bin/renice +${NICE:-19} -p $$ > /dev/null 2>&1 +fi +if [ -x /usr/bin/ionice ] && /usr/bin/ionice -c3 true 2>/dev/null; then + /usr/bin/ionice -c${IONICE_CLASS:-2} -n${IONICE_PRIORITY:-7} -p $$ > /dev/null 2>&1 +fi +d21 1 +a21 6 +# run the updatedb if possible +if [ -x /usr/bin/updatedb ]; then + /usr/bin/updatedb ${ARGS} +else + echo >&2 "Warning: \"/usr/bin/updatedb\" is not executable, unable to run updatedb." + exit 0 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d15 1 +d19 2 +a21 3 +touch "${LOCKFILE}" +# trap the lockfile only if we really run the updatedb +trap "rm -f ${LOCKFILE}" EXIT +d29 1 +a29 1 +NODEVS="" +d31 2 +a32 1 + NODEVS=$(< /proc/filesystems awk '$1 == "nodev" && $2 != "rootfs" { print $2 }') +d45 1 +a45 1 + /usr/bin/updatedb -f "${NODEVS}" +@ diff --git a/config-archive/etc/cron.hourly/sysstat,v b/config-archive/etc/cron.hourly/sysstat,v new file mode 100755 index 0000000..2bfc165 --- /dev/null +++ b/config-archive/etc/cron.hourly/sysstat,v @@ -0,0 +1,44 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.10.08; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#!/bin/sh +# Run system activity accounting tool every 10 minutes +/usr/lib64/sa/sa1 -S DISK 600 6 & +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +/usr/lib64/sa/sa1 600 6 & +@ diff --git a/config-archive/etc/cups/cupsd.conf,v b/config-archive/etc/cups/cupsd.conf,v new file mode 100644 index 0000000..9593a14 --- /dev/null +++ b/config-archive/etc/cups/cupsd.conf,v @@ -0,0 +1,219 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.06.22.12.00.57; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.26.04.51.54; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.06.22.12.00.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# +# "$Id: cupsd.conf.in 7199 2008-01-08 00:16:30Z mike $" +# +# Sample configuration file for the Common UNIX Printing System (CUPS) +# scheduler. See "man cupsd.conf" for a complete description of this +# file. +# + +# Log general information in error_log - change "info" to "debug" for +# troubleshooting... +LogLevel info + +# Administrator user group... +SystemGroup lpadmin + + +# Only listen for connections from the local machine. +Listen localhost:631 +Listen /var/run/cups/cups.sock + +# Show shared printers on the local network. +Browsing On +BrowseOrder allow,deny +BrowseAllow all + +# Default authentication type, when authentication is required... +DefaultAuthType Basic + +# Restrict access to the server... + + Order allow,deny + + +# Restrict access to the admin pages... + + Encryption Required + Order allow,deny + + +# Restrict access to configuration files... + + AuthType Default + Require user @@SYSTEM + Order allow,deny + + +# Set the default printer/job policies... + + # Job-related operations must be done by the owner or an administrator... + + Require user @@OWNER @@SYSTEM + Order deny,allow + + + # All administration operations require an administrator to authenticate... + + AuthType Default + Require user @@SYSTEM + Order deny,allow + + + # All printer operations require a printer operator to authenticate... + + AuthType Default + Require user @@SYSTEM + Order deny,allow + + + # Only the owner or an administrator can cancel or authenticate a job... + + Require user @@OWNER @@SYSTEM + Order deny,allow + + + + Order deny,allow + + + +# +# End of "$Id: cupsd.conf.in 7199 2008-01-08 00:16:30Z mike $". +# +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d36 1 +a36 1 + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d36 1 +a36 1 + Encryption Required +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $" +d4 3 +a6 2 +# Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a +# complete description of this file. +d9 3 +a11 3 +# Log general information in error_log - change "warn" to "debug" +# for troubleshooting... +LogLevel warn +a24 1 +BrowseLocalProtocols CUPS +d36 1 +d50 1 +a50 44 + + Order deny,allow + + + + Require user @@OWNER @@SYSTEM + Order deny,allow + + + # All administration operations require an administrator to authenticate... + + AuthType Default + Require user @@SYSTEM + Order deny,allow + + + # All printer operations require a printer operator to authenticate... + + AuthType Default + Require user @@SYSTEM + Order deny,allow + + + # Only the owner or an administrator can cancel or authenticate a job... + + Require user @@OWNER @@SYSTEM + Order deny,allow + + + + Order deny,allow + + + +# Set the authenticated printer/job policies... + + # Job-related operations must be done by the owner or an administrator... + + AuthType Default + Order deny,allow + + + + AuthType Default +a70 1 + AuthType Default +d81 1 +a81 1 +# End of "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $". +@ diff --git a/config-archive/etc/cups/cupsd.conf.default,v b/config-archive/etc/cups/cupsd.conf.default,v new file mode 100644 index 0000000..1bf6b99 --- /dev/null +++ b/config-archive/etc/cups/cupsd.conf.default,v @@ -0,0 +1,219 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.06.22.12.00.57; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.26.04.51.56; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.06.22.12.00.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# +# "$Id: cupsd.conf.in 7199 2008-01-08 00:16:30Z mike $" +# +# Sample configuration file for the Common UNIX Printing System (CUPS) +# scheduler. See "man cupsd.conf" for a complete description of this +# file. +# + +# Log general information in error_log - change "info" to "debug" for +# troubleshooting... +LogLevel info + +# Administrator user group... +SystemGroup lpadmin + + +# Only listen for connections from the local machine. +Listen localhost:631 +Listen /var/run/cups/cups.sock + +# Show shared printers on the local network. +Browsing On +BrowseOrder allow,deny +BrowseAllow all + +# Default authentication type, when authentication is required... +DefaultAuthType Basic + +# Restrict access to the server... + + Order allow,deny + + +# Restrict access to the admin pages... + + Encryption Required + Order allow,deny + + +# Restrict access to configuration files... + + AuthType Default + Require user @@SYSTEM + Order allow,deny + + +# Set the default printer/job policies... + + # Job-related operations must be done by the owner or an administrator... + + Require user @@OWNER @@SYSTEM + Order deny,allow + + + # All administration operations require an administrator to authenticate... + + AuthType Default + Require user @@SYSTEM + Order deny,allow + + + # All printer operations require a printer operator to authenticate... + + AuthType Default + Require user @@SYSTEM + Order deny,allow + + + # Only the owner or an administrator can cancel or authenticate a job... + + Require user @@OWNER @@SYSTEM + Order deny,allow + + + + Order deny,allow + + + +# +# End of "$Id: cupsd.conf.in 7199 2008-01-08 00:16:30Z mike $". +# +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d36 1 +a36 1 + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d36 1 +a36 1 + Encryption Required +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $" +d4 3 +a6 2 +# Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a +# complete description of this file. +d9 3 +a11 3 +# Log general information in error_log - change "warn" to "debug" +# for troubleshooting... +LogLevel warn +a24 1 +BrowseLocalProtocols CUPS +d36 1 +d50 1 +a50 44 + + Order deny,allow + + + + Require user @@OWNER @@SYSTEM + Order deny,allow + + + # All administration operations require an administrator to authenticate... + + AuthType Default + Require user @@SYSTEM + Order deny,allow + + + # All printer operations require a printer operator to authenticate... + + AuthType Default + Require user @@SYSTEM + Order deny,allow + + + # Only the owner or an administrator can cancel or authenticate a job... + + Require user @@OWNER @@SYSTEM + Order deny,allow + + + + Order deny,allow + + + +# Set the authenticated printer/job policies... + + # Job-related operations must be done by the owner or an administrator... + + AuthType Default + Order deny,allow + + + + AuthType Default +a70 1 + AuthType Default +d81 1 +a81 1 +# End of "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $". +@ diff --git a/config-archive/etc/cups/snmp.conf,v b/config-archive/etc/cups/snmp.conf,v new file mode 100644 index 0000000..b610291 --- /dev/null +++ b/config-archive/etc/cups/snmp.conf,v @@ -0,0 +1,54 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.22.12.00.57; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.22.12.00.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# "$Id$" +# +# Sample SNMP configuration file for CUPS. See "man cups-smnp.conf" for a +# complete description of this file. +# + +Address @@LOCAL +Community public + +# +# End of "$Id$". +# +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d4 1 +a4 1 +# Sample SNMP configuration file for CUPS. See "man cups-snmp.conf" for a +@ diff --git a/config-archive/etc/dbus-1/session.conf,v b/config-archive/etc/dbus-1/session.conf,v new file mode 100644 index 0000000..9e6921c --- /dev/null +++ b/config-archive/etc/dbus-1/session.conf,v @@ -0,0 +1,104 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.01.09.10.16.08; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.01.09.10.17.19; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ + + + + + session + + + + + unix:tmpdir=/tmp + + + + + + + + + + + + + + session.d + + + session-local.conf + + contexts/dbus_contexts + + + + + 1000000000 + 1000000000 + 1000000000 + 120000 + 240000 + 100000 + 10000 + 100000 + 10000 + 50000 + 50000 + 50000 + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a47 1 + 250000000 +a48 1 + 250000000 +a49 1 + 4096 +@ diff --git a/config-archive/etc/dhcpcd.conf,v b/config-archive/etc/dhcpcd.conf,v new file mode 100644 index 0000000..5fcabe5 --- /dev/null +++ b/config-archive/etc/dhcpcd.conf,v @@ -0,0 +1,75 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.01.09.10.16.08; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.01.09.10.16.39; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# A sample configuration for dhcpcd. +# See dhcpcd.conf(5) for details. + +# dhcpcd-run-hooks uses these options. +option domain_name_servers, domain_name, domain_search, host_name + +# Most distros have ntp support. +option ntp_servers + +# We should behave nicely on networks and respect their MTU. +# However, a lot of buggy DHCP servers set invalid MTUs so this is not +# enabled by default. +#option interface_mtu +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d4 2 +a5 6 +# Inform the DHCP server of our hostname for DDNS. +hostname +# To share the DHCP lease across OSX and Windows a ClientID is needed. +# Enabling this may get a different lease than the kernel DHCP client. +# Some upstream DHCP servers may also require a ClientID, such as FRITZ!Box. +#clientid +d7 1 +a7 4 +# A list of options to request from the DHCP server. +option domain_name_servers, domain_name, domain_search, host_name +option classless_static_routes +# Most distributions have NTP support. +a8 4 +# Respect the network MTU. +option interface_mtu +# A ServerID is required by RFC2131. +require dhcp_server_identifier +d10 4 +a13 3 +# A hook script is provided to lookup the hostname if not set by the DHCP +# server, but it should not be run by default. +nohook lookup-hostname +@ diff --git a/config-archive/etc/dispatch-conf.conf,v b/config-archive/etc/dispatch-conf.conf,v new file mode 100644 index 0000000..07230d4 --- /dev/null +++ b/config-archive/etc/dispatch-conf.conf,v @@ -0,0 +1,110 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.03.14.16.51.12; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.03.14.16.54.49; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# dispatch-conf.conf +# + +# Directory to archive replaced configs +archive-dir=/etc/config-archive + +# Use rcs for storing files in the archive directory? +# (yes or no) +use-rcs=yes + +# Diff for display +# %s old file +# %s new file +diff="diff -Nu '%s' '%s' | colordiff | less --no-init --QUIT-AT-EOF" + +# Diff for interactive merges. +# %s output file +# %s old file +# %s new file +merge="sdiff --suppress-common-lines --output='%s' '%s' '%s'" + +# Automerge files comprising only CVS interpolations (e.g. Header or Id) +# (yes or no) +replace-cvs=yes + +# Automerge files comprising only whitespace and/or comments +# (yes or no) +replace-wscomments=yes + +# Automerge files that the user hasn't modified +# (yes or no) +replace-unmodified=yes + +# Ignore a version that is identical to the previously merged version, +# even though it is different from the current user modified version +# Note that emerge already has a similar feature enabled by default, +# which can be disabled by the emerge --noconfmem option. +# (yes or no) +ignore-previously-merged=no + +# Per-session log file of changes made to configuration files +log-file=/var/log/dispatch-conf.log + +# List of frozen files for which dispatch-conf will automatically zap updates +#frozen-files="" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a8 8 +# WARNING: When configured to use rcs, read and execute permissions of +# archived files may be inherited from the first check in of a working +# file, as documented in the ci(1) man page. This means that even if +# the permissions of the working file have since changed, the older +# permissions of the first check in may be inherited. As mentioned in +# the ci(1) man page, users can control access to RCS files by setting +# the permissions of the directory containing the files (see +# archive-dir above). +d10 1 +a10 1 +use-rcs=no +d15 1 +a15 3 +# If using colordiff instead of diff, the less -R option may be required +# for correct display. +diff="diff -Nu '%s' '%s' | less --no-init --QUIT-AT-EOF" +d29 1 +a29 1 +replace-wscomments=no +d33 1 +a33 1 +replace-unmodified=no +d43 1 +a43 1 +#log-file=/var/log/dispatch-conf.log +@ diff --git a/config-archive/etc/elinks/elinks.conf,v b/config-archive/etc/elinks/elinks.conf,v new file mode 100644 index 0000000..6347f45 --- /dev/null +++ b/config-archive/etc/elinks/elinks.conf,v @@ -0,0 +1,627 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.06.12.02; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.12.01.06.12.11; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@## This is ELinks configuration file. You can edit it manually, +## if you wish so; this file is edited by ELinks when you save +## options through UI, however only option values will be altered +## and missing options will be added at the end of file; if option +## is not written in this file, but in some file included from it, +## it is NOT counted as missing. Note that all your formatting, +## own comments and so on will be kept as-is. + + + ## config.saving_style_w [0|1] + # This is internal option used when displaying a warning about + # obsolete config.saving_style. You shouldn't touch it. + set config.saving_style_w = 1 + + ## terminal.linux.transparency [0|1] + set terminal.linux.transparency = 1 + ## terminal.linux.colors [0|1] + set terminal.linux.colors = 1 + ## terminal.linux.block_cursor [0|1] + set terminal.linux.block_cursor = 0 + ## terminal.linux.restrict_852 [0|1] + set terminal.linux.restrict_852 = 0 + ## terminal.linux.utf_8_io [0|1] + set terminal.linux.utf_8_io = 0 + ## terminal.linux.m11_hack [0|1] + set terminal.linux.m11_hack = 1 + ## terminal.linux.type + set terminal.linux.type = 2 + + ## terminal.vt100.transparency [0|1] + set terminal.vt100.transparency = 1 + ## terminal.vt100.colors [0|1] + set terminal.vt100.colors = 1 + ## terminal.vt100.block_cursor [0|1] + set terminal.vt100.block_cursor = 0 + ## terminal.vt100.restrict_852 [0|1] + set terminal.vt100.restrict_852 = 0 + ## terminal.vt100.utf_8_io [0|1] + set terminal.vt100.utf_8_io = 0 + ## terminal.vt100.m11_hack [0|1] + set terminal.vt100.m11_hack = 0 + ## terminal.vt100.type + set terminal.vt100.type = 1 + + ## terminal.vt110.transparency [0|1] + set terminal.vt110.transparency = 1 + ## terminal.vt110.colors [0|1] + set terminal.vt110.colors = 1 + ## terminal.vt110.block_cursor [0|1] + set terminal.vt110.block_cursor = 0 + ## terminal.vt110.restrict_852 [0|1] + set terminal.vt110.restrict_852 = 0 + ## terminal.vt110.utf_8_io [0|1] + set terminal.vt110.utf_8_io = 0 + ## terminal.vt110.m11_hack [0|1] + set terminal.vt110.m11_hack = 0 + ## terminal.vt110.type + set terminal.vt110.type = 1 + + ## terminal.xterm.transparency [0|1] + set terminal.xterm.transparency = 1 + ## terminal.xterm.colors [0|1] + set terminal.xterm.colors = 1 + ## terminal.xterm.block_cursor [0|1] + set terminal.xterm.block_cursor = 0 + ## terminal.xterm.restrict_852 [0|1] + set terminal.xterm.restrict_852 = 0 + ## terminal.xterm.utf_8_io [0|1] + set terminal.xterm.utf_8_io = 0 + ## terminal.xterm.m11_hack [0|1] + set terminal.xterm.m11_hack = 0 + ## terminal.xterm.type + set terminal.xterm.type = 1 + + ## terminal.xterm-color.transparency [0|1] + set terminal.xterm-color.transparency = 1 + ## terminal.xterm-color.colors [0|1] + set terminal.xterm-color.colors = 1 + ## terminal.xterm-color.block_cursor [0|1] + set terminal.xterm-color.block_cursor = 0 + ## terminal.xterm-color.restrict_852 [0|1] + set terminal.xterm-color.restrict_852 = 0 + ## terminal.xterm-color.utf_8_io [0|1] + set terminal.xterm-color.utf_8_io = 0 + ## terminal.xterm-color.m11_hack [0|1] + set terminal.xterm-color.m11_hack = 0 + ## terminal.xterm-color.type + set terminal.xterm-color.type = 1 + + ## terminal.screen.transparency [0|1] + set terminal.screen.transparency = 1 + ## terminal.screen.colors [0|1] + set terminal.screen.colors = 1 + ## terminal.screen.block_cursor [0|1] + set terminal.screen.block_cursor = 0 + ## terminal.screen.restrict_852 [0|1] + set terminal.screen.restrict_852 = 0 + ## terminal.screen.utf_8_io [0|1] + set terminal.screen.utf_8_io = 0 + ## terminal.screen.m11_hack [0|1] + set terminal.screen.m11_hack = 0 + ## terminal.screen.type + set terminal.screen.type = 1 + + + + ## connection.async_dns [0|1] + # Use asynchronous DNS resolver? + set connection.async_dns = 1 + + ## connection.max_connections + # Maximum number of concurrent connections. + set connection.max_connections = 10 + + ## connection.max_connections_to_host + # Maximum number of concurrent connections to a given host. + set connection.max_connections_to_host = 5 + + ## connection.retries + # Number of tries to establish a connection. + set connection.retries = 3 + + ## connection.receive_timeout + # Receive timeout (in seconds). + set connection.receive_timeout = 120 + + ## connection.unrestartable_receive_timeout + # Timeout for non-restartable connections (in seconds). + set connection.unrestartable_receive_timeout = 600 + + + + ## cookies.accept_policy + # Cookies accepting policy: + # 0 is accept no cookies + # 1 is ask for confirmation before accepting cookie (UNIMPLEMENTED) + # 2 is accept all cookies + set cookies.accept_policy = 2 + + ## cookies.paranoid_security [0|1] + # When enabled, we'll require three dots in cookies domain for all + # non-international domains (instead of just two dots). Please see + # code (cookies.c:check_domain_security()) for explanation. + set cookies.paranoid_security = 0 + + ## cookies.save [0|1] + # Load/save cookies from/to disk? + set cookies.save = 1 + + ## cookies.resave [0|1] + # Save cookies after each change in cookies list? No effect when + # cookies_save is off. + set cookies.resave = 1 + + + + ## document.browse.accesskey.auto_follow [0|1] + # Automatically follow a link or submit a form if appropriate + # accesskey is pressed - this is the standard behaviour, but it's + # considered dangerous. + set document.browse.accesskey.auto_follow = 0 + + ## document.browse.accesskey.priority + # Priority of 'accesskey' HTML attribute: + # 0 is first try all normal bindings; if it fails, check accesskey + # 1 is first try only frame bindings; if it fails, check accesskey + # 2 is first check accesskey (this can be dangerous) + set document.browse.accesskey.priority = 1 + + ## document.browse.forms.auto_submit [0|1] + # Automagically submit a form when enter is pressed with a text + # field selected. + set document.browse.forms.auto_submit = 1 + + ## document.browse.forms.confirm_submit [0|1] + # Ask for confirmation when submitting a form. + set document.browse.forms.confirm_submit = 1 + + ## document.browse.images.display_style + # Display style for image tags when displayed: + # 0 means always display IMG + # 1 means always display filename + # 2 means display alt/title attribute if possible, IMG if not + # 3 means display alt/title attribute if possible, filename if not + set document.browse.images.display_style = 2 + + ## document.browse.images.show_as_links [0|1] + # Display links to images. + set document.browse.images.show_as_links = 1 + + ## document.browse.links.color_dirs [0|1] + # Highlight links to directories in FTP and local directory listing. + set document.browse.links.color_dirs = 1 + + ## document.browse.links.numbering [0|1] + # Display numbers next to the links. + set document.browse.links.numbering = 0 + + ## document.browse.links.number_keys_select_link + # Number keys select links rather than specify command prefixes. This + # is a tristate: + # 0 never + # 1 if document.browse.links.numbering = 1 + # 2 always + set document.browse.links.number_keys_select_link = 1 + + ## document.browse.links.wraparound [0|1] + # When pressing 'down' on the last link, jump at the first one, and + # vice versa. + set document.browse.links.wraparound = 0 + + + + ## document.browse.margin_width + # Horizontal text margin. + set document.browse.margin_width = 3 + + ## document.browse.scrolling.margin + # Size of the virtual margin - when you click inside of that margin, + # document scrolls in that direction. + set document.browse.scrolling.margin = 3 + + ## document.browse.table_move_order [0|1] + # Move by columns in table, instead of rows. + set document.browse.table_move_order = 0 + + ## document.cache.cache_redirects [0|1] + # Cache even redirects sent by server (usually thru HTTP by a 302 + # HTTP code and a Location header). This was the original behaviour + # for a quite some time, but it causes problems in a situation very + # common to various web login systems - frequently, when accessing + # certain location, they will redirect you to a login page if they + # don't receive an auth cookie, the login page then gives you the + # cookie and redirects you back to the original page, but there you + # have already cached redirect back to the login page! If this + # option has value of 0, this malfunction is fixed, but occassionally + # you may get superfluous (depends on how you take it ;-) requests to + # the server. If this option has value of 1, experienced users can + # still workaround it by clever combination of usage of reload, + # jumping around in session history and hitting ctrl+enter. + # Note that this option is checked when retrieving the information + # from cache, not when saving it to cache - thus if you will enable + # it, even previous redirects will be taken from cache instead of + # asking the server. + set document.cache.cache_redirects = 0 + + ## document.cache.ignore_cache_control [0|1] + # Ignore Cache-Control and Pragma server headers. + # When set, the document is cached even with 'Cache-Control: no-cache'. + set document.cache.ignore_cache_control = 1 + + ## document.cache.format.size + # Number of cached formatted pages. + set document.cache.format.size = 5 + + ## document.cache.memory.size + # Memory cache size (in kilobytes). + set document.cache.memory.size = 1M + + + + ## document.codepage.force_assumed [0|1] + # Ignore charset info sent by server. + set document.codepage.force_assumed = 0 + + + + ## document.colors.text + # Default text color. + set document.colors.text = "#bfbfbf" + + ## document.colors.background + # Default background color. + set document.colors.background = "black" + + ## document.colors.link + # Default link color. + set document.colors.link = "blue" + + ## document.colors.vlink + # Default visited link color. + set document.colors.vlink = "yellow" + + ## document.colors.dirs + # Default directory color. + # See document.browse.links.color_dirs option. + set document.colors.dirs = "yellow" + + ## document.colors.allow_dark_on_black [0|1] + # Allow dark colors on black background. + set document.colors.allow_dark_on_black = 0 + + ## document.colors.use_document_colors [0|1] + # Use colors specified in document. + set document.colors.use_document_colors = 1 + + + + ## mime.default_type + # Document MIME-type to assume by default (when we are unable to + # guess it properly from known information about the document). + set mime.default_type = "text/plain" + + ## document.download.directory + # Default download directory. + set document.download.directory = "./" + + ## document.download.set_original_time [0|1] + # Set the timestamp of each downloaded file to the timestamp + # stored on the server. + set document.download.set_original_time = 1 + + ## document.download.overwrite + # Prevent overwriting the local files: + # 0 is files will silently be overwritten. + # 1 is add a suffix .{number} (for example '.1') to the name. + # 2 is ask the user. + set document.download.overwrite = 2 + + ## document.download.notify_bell + # Audio notification when download is completed: + # 0 is never. + # 1 is when background notification is active. + # 2 is always + set document.download.notify_bell = 1 + + + + + + ## document.dump.width + # Width of screen in characters when dumping a HTML document. + set document.dump.width = 80 + + + + + ## document.history.global.enable [0|1] + # Enable global history ("history of all pages visited"). + set document.history.global.enable = 1 + + ## document.history.global.max_items + # Maximum number of entries in the global history. + set document.history.global.max_items = 1k + + ## document.history.global.display_type + # What to display in global history dialog: + # 0 is URLs + # 1 is page titles + set document.history.global.display_type = 1 + + ## document.history.keep_unhistory [0|1] + # Keep unhistory ("forward history")? + set document.history.keep_unhistory = 1 + + + + + ## document.html.display_frames [0|1] + # Display frames. + set document.html.display_frames = 1 + + ## document.html.display_tables [0|1] + # Display tables. + set document.html.display_tables = 1 + + ## document.html.display_subs [0|1] + # Display subscripts (as [thing]). + set document.html.display_subs = 1 + + ## document.html.display_sups [0|1] + # Display superscripts (as ^thing). + set document.html.display_sups = 1 + + + + + ## mime.extension.gif + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.gif = "image/gif" + + ## mime.extension.jpg + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.jpg = "image/jpeg" + + ## mime.extension.jpeg + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.jpeg = "image/jpeg" + + ## mime.extension.png + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.png = "image/png" + + ## mime.extension.txt + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.txt = "text/plain" + + ## mime.extension.htm + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.htm = "text/html" + + ## mime.extension.html + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.html = "text/html" + + + + + ## protocol.http.bugs.allow_blacklist [0|1] + # Allow blacklisting of buggy servers. + set protocol.http.bugs.allow_blacklist = 1 + + ## protocol.http.bugs.broken_302_redirect [0|1] + # Broken 302 redirect (violates RFC but compatible with Netscape). + # This is a problem for a lot of web discussion boards and the like.If they will do strange things to you, try to play with this. + set protocol.http.bugs.broken_302_redirect = 1 + + ## protocol.http.bugs.post_no_keepalive [0|1] + # Disable keepalive connection after POST request. + set protocol.http.bugs.post_no_keepalive = 0 + + ## protocol.http.bugs.http10 [0|1] + # Use HTTP/1.0 protocol instead of HTTP/1.1. + set protocol.http.bugs.http10 = 0 + + ## protocol.http.proxy.host + # Host and port-number (host:port) of the HTTP proxy, or blank. + # If it's blank, HTTP_PROXY environment variable is checked as well. + set protocol.http.proxy.host = "" + + ## protocol.http.proxy.user + # Proxy authentication username. + set protocol.http.proxy.user = "" + + ## protocol.http.proxy.passwd + # Proxy authentication password. + set protocol.http.proxy.passwd = "" + + ## protocol.http.referer.policy + # Mode of sending HTTP referer: + # 0 is send no referer + # 1 is send current URL as referer + # 2 is send fixed fake referer + # 3 is send previous URL as referer (correct, but insecure) + # + set protocol.http.referer.policy = 1 + + ## protocol.http.referer.fake + # Fake referer to be sent when policy is 2. + set protocol.http.referer.fake = "" + + ## protocol.http.accept_language + # Send Accept-Language header. + set protocol.http.accept_language = "" + + ## protocol.http.accept_ui_language [0|1] + # Request localised versions of documents from web-servers (using the + # Accept-Language header) using the language you have configured for + # ELinks' user-interface. Note that some see this as a potential security + # risk because it tells web-masters about your preference in language. + set protocol.http.accept_ui_language = 0 + + ## protocol.http.user_agent + # Change the User Agent ID. That means identification string, which + # is sent to HTTP server when a document is requested. + # %v in the string means ELinks version + # %s in the string means system identification + # %t in the string means size of the terminal + # Use " " if you don't want any User-Agent header to be sent at all. + set protocol.http.user_agent = "ELinks (%v; %s; %t)" + + ## protocol.http.trace [0|1] + # If active, all HTTP requests are sent with TRACE as their method + # rather than GET or POST. This is useful for debugging of both ELinks + # and various server-side scripts --- the server only returns the client's + # request back to the client verbatim. Note that this type of request may + # not be enabled on all servers. + set protocol.http.trace = 0 + + + + +# ## protocol.ftp.proxy.host + # Host and port-number (host:port) of the FTP proxy, or blank. + # If it's blank, FTP_PROXY environment variable is checked as well. +# set protocol.ftp.proxy.host = "" + +# ## protocol.ftp.anon_passwd + # FTP anonymous password to be sent. +# set protocol.ftp.anon_passwd = "elinksUSER@@gentoo.org" + +# ## protocol.ftp.use_pasv [0|1] + # Use PASV instead of PORT (passive vs active mode, IPv4 only). +# set protocol.ftp.use_pasv = 1 + +# ## protocol.ftp.use_epsv [0|1] + # Use EPSV instead of EPRT (passive vs active mode, IPv6 only). +# # set protocol.ftp.use_epsv = 0 + + ## protocol.file.allow_special_files [0|1] + # Allow reading from non-regular files? (DANGEROUS - reading + # /dev/urandom or /dev/zero can ruin your day!) + set protocol.file.allow_special_files = 0 + + ## protocol.file.try_encoding_extensions [0|1] + # When set, if we can't open a file named 'filename', we'll try + # to open 'filename' + some encoding extensions (ie. + # 'filename.gz'); it depends on the supported encodings. + set protocol.file.try_encoding_extensions = 1 + + + + + ## protocol.user.mailto.unix + set protocol.user.mailto.unix = "mutt %h -s \"%s\"" + ## protocol.user.mailto.unix-xwin + set protocol.user.mailto.unix-xwin = "mutt %h -s \"%s\"" + ## protocol.user.telnet.unix + set protocol.user.telnet.unix = "telnet %h %p" + ## protocol.user.telnet.unix-xwin + set protocol.user.telnet.unix-xwin = "telnet %h %p" + ## protocol.user.tn3270.unix + set protocol.user.tn3270.unix = "tn3270 %h %p" + ## protocol.user.tn3270.unix-xwin + set protocol.user.tn3270.unix-xwin = "tn3270 %h %p" + ## protocol.user.gopher.unix + set protocol.user.gopher.unix = "lynx %u" + ## protocol.user.gopher.unix-xwin + set protocol.user.gopher.unix-xwin = "lynx %u" + ## protocol.user.news.unix + set protocol.user.news.unix = "lynx %u" + ## protocol.user.news.unix-xwin + set protocol.user.news.unix-xwin = "lynx %u" + ## ui.show_status_bar [0|1] + # Show status bar on the screen. + set ui.show_status_bar = 1 + + ## ui.show_title_bar [0|1] + # Show title bar on the screen. + set ui.show_title_bar = 1 + + ## ui.startup_goto_dialog [0|1] + # Pop up goto dialog on startup when there's no homepage set. + set ui.startup_goto_dialog = 1 + + ## ui.window_title [0|1] + # Whether ELinks window title should be touched when ELinks is + # run in a windowing environment. + set ui.window_title = 1 + +## secure_file_saving [0|1] +# First write data to 'file.tmp', then rename to 'file' upon +# successfully finishing this. Note that this relates only to +# config files, not downloaded files. You may want to disable +# it, if you want some config file with some exotic permissions. +# Secure file saving is automagically disabled if file is symlink. +set secure_file_saving = 1 + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d490 1 +a490 1 + ## protocol.ftp.proxy.host +d493 1 +a493 1 + set protocol.ftp.proxy.host = "" +d495 1 +a495 1 + ## protocol.ftp.anon_passwd +d497 1 +a497 1 + set protocol.ftp.anon_passwd = "elinksUSER@@gentoo.org" +d499 1 +a499 1 + ## protocol.ftp.use_pasv [0|1] +d501 1 +a501 1 + set protocol.ftp.use_pasv = 1 +d503 1 +a503 1 + ## protocol.ftp.use_epsv [0|1] +d505 1 +a505 1 +# set protocol.ftp.use_epsv = 0 +@ diff --git a/config-archive/etc/etc-update.conf,v b/config-archive/etc/etc-update.conf,v new file mode 100644 index 0000000..1ddb2de --- /dev/null +++ b/config-archive/etc/etc-update.conf,v @@ -0,0 +1,152 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.07.10.23.35.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2011.03.14.16.51.12; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.03.14.16.51.12; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.07.10.23.35.34; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# /etc/etc-update.conf: config file for `etc-update` utility +# edit the lines below to your liking + +# mode - 0 for text, 1 for menu (support incomplete) +# note that you need dev-util/dialog installed +mode="0" + +# Whether trivial/comment changes should be automerged +eu_automerge="yes" + +# arguments used whenever rm is called +rm_opts="-i" + +# arguments used whenever mv is called +mv_opts="-i" + +# arguments used whenever cp is called +cp_opts="-i" + +# pager for use with diff commands +pager="less" +#pager="" + +# For emacs-users (see NOTE_2) +# diff_command="eval emacs -nw --eval=\'\(ediff\ \"%file1\"\ \"%file2\"\)\'" +#using_editor=1 + +# vim-users: you CAN use vimdiff for diff_command. (see NOTE_1 and NOTE_2) +#diff_command="vim -d %file1 %file2" +#using_editor=1 + +# If using colordiff instead of diff, the less -R option may be required +# for correct display (see 'pager' setting above). +diff_command="diff -uN %file1 %file2" +using_editor=0 + + +# vim-users: don't use vimdiff for merging (see NOTE_1) +merge_command="sdiff -s -o %merged %orig %new" + +# EXPLANATION +# +# pager: +# +# Examples of pager usage: +# pager="" # don't use a pager +# pager="less -E" # less +# pager="more" # more +# +# +# diff_command: +# +# Arguments: +# %file1 [REQUIRED] +# %file2 [REQUIRED] +# +# Examples of diff_command: +# diff_command="diff -uN %file1 %file2" # diff +# diff_command="vim -d %file1 %file2" # vimdiff +# +# +# merge_command: +# +# Arguments: +# %orig [REQUIRED] +# %new [REQUIRED] +# %merged [REQUIRED] +# +# Examples of merge_command: +# merge_command="sdiff -s -o %merged %old %new" # sdiff +# + +# NOTE_1: Editors such as vim/vimdiff are not usable for the merge_command +# because it is not known what filenames the produced files have (the user can +# choose while using those programs) + +# NOTE_2: Make sure using_editor is set to "1" when using an editor as +# diff_command! +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d32 2 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a31 2 +# If using colordiff instead of diff, the less -R option may be required +# for correct display (see 'pager' setting above). +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a7 4 +# Whether to clear the term prior to each display +#clear_term="yes" +clear_term="no" + +@ diff --git a/config-archive/etc/fonts/conf.avail/30-urw-aliases.conf,v b/config-archive/etc/fonts/conf.avail/30-urw-aliases.conf,v new file mode 100644 index 0000000..c90fd55 --- /dev/null +++ b/config-archive/etc/fonts/conf.avail/30-urw-aliases.conf,v @@ -0,0 +1,83 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.10.13; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ + + + + + Avant Garde + URW Gothic L + + + Bookman + URW Bookman L + + + New Century Schoolbook + Century Schoolbook L + + + Palatino + URW Palladio L + + + Zapf Chancery + URW Chancery L + + + Zapf Dingbats + Dingbats + + + + Symbol + + + Standard Symbols L + + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a31 4 + + ZapfDingbats + Dingbats + +@ diff --git a/config-archive/etc/freshclam.conf,v b/config-archive/etc/freshclam.conf,v new file mode 100644 index 0000000..cbb93b5 --- /dev/null +++ b/config-archive/etc/freshclam.conf,v @@ -0,0 +1,366 @@ +head 1.4; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.4 +date 2011.08.29.21.27.01; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2011.01.09.10.16.08; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.11.25.23.01.21; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.37.04; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.09.10.37.04; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.11.25.23.01.21; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.01.09.10.16.08; author root; state Exp; +branches; +next 1.1.1.4; + +1.1.1.4 +date 2011.08.29.21.27.01; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.4 +log +@dispatch-conf update. +@ +text +@## +## Example config file for freshclam +## Please read the freshclam.conf(5) manual before editing this file. +## + + +# Comment or remove the line below. +# Example + +# Path to the database directory. +# WARNING: It must match clamd.conf's directive! +# Default: hardcoded (depends on installation options) +#DatabaseDirectory /var/lib/clamav + +# Path to the log file (make sure it has proper permissions) +# Default: disabled +UpdateLogFile /var/log/clamav/freshclam.log + +# Maximum size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). +# in bytes just don't use modifiers. +# Default: 1M +#LogFileMaxSize 2M + +# Log time with each message. +# Default: no +#LogTime yes + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# Use system logger (can work together with UpdateLogFile). +# Default: no +#LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# This option allows you to save the process identifier of the daemon +# Default: disabled +PidFile /var/run/clamav/freshclam.pid + +# By default when started freshclam drops privileges and switches to the +# "clamav" user. This directive allows you to change the database owner. +# Default: clamav (may depend on installation options) +DatabaseOwner clamav + +# Initialize supplementary group access (freshclam must be started by root). +# Default: no +AllowSupplementaryGroups yes + +# Use DNS to verify virus database version. Freshclam uses DNS TXT records +# to verify database and software versions. With this directive you can change +# the database verification domain. +# WARNING: Do not touch it unless you're configuring freshclam to use your +# own database verification domain. +# Default: current.cvd.clamav.net +#DNSDatabaseInfo current.cvd.clamav.net + +# Uncomment the following line and replace XY with your country +# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list. +# You can use db.XY.ipv6.clamav.net for IPv6 connections. +#DatabaseMirror db.XY.clamav.net + +# database.clamav.net is a round-robin record which points to our most +# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is +# not working. DO NOT TOUCH the following line unless you know what you +# are doing. +DatabaseMirror database.clamav.net + +# How many attempts to make before giving up. +# Default: 3 (per mirror) +#MaxAttempts 5 + +# With this option you can control scripted updates. It's highly recommended +# to keep it enabled. +# Default: yes +ScriptedUpdates yes + +# By default freshclam will keep the local databases (.cld) uncompressed to +# make their handling faster. With this option you can enable the compression; +# the change will take effect with the next database update. +# Default: no +#CompressLocalDatabase no + +# With this option you can provide custom sources (http:// or file://) for +# database files. This option can be used multiple times. +# Default: no custom URLs +#DatabaseCustomURL http://myserver.com/mysigs.ndb +#DatabaseCustomURL file:///mnt/nfs/local.hdb + +# Number of database checks per day. +# Default: 12 (every two hours) +#Checks 24 + +# Proxy settings +# Default: disabled +#HTTPProxyServer myproxy.com +#HTTPProxyPort 1234 +#HTTPProxyUsername myusername +#HTTPProxyPassword mypass + +# If your servers are behind a firewall/proxy which applies User-Agent +# filtering you can use this option to force the use of a different +# User-Agent header. +# Default: clamav/version_number +#HTTPUserAgent SomeUserAgentIdString + +# Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for +# multi-homed systems. +# Default: Use OS'es default outgoing IP address. +#LocalIPAddress aaa.bbb.ccc.ddd + +# Send the RELOAD command to clamd. +# Default: no +NotifyClamd /etc/clamd.conf + +# Run command after successful database update. +# Default: disabled +#OnUpdateExecute command + +# Run command when database update process fails. +# Default: disabled +#OnErrorExecute command + +# Run command when freshclam reports outdated version. +# In the command string %v will be replaced by the new version number. +# Default: disabled +#OnOutdatedExecute command + +# Don't fork into background. +# Default: no +#Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Timeout in seconds when connecting to database server. +# Default: 30 +#ConnectTimeout 60 + +# Timeout in seconds when reading from database server. +# Default: 30 +#ReceiveTimeout 60 + +# With this option enabled, freshclam will attempt to load new +# databases into memory to make sure they are properly handled +# by libclamav before replacing the old ones. +# Default: yes +#TestDatabases yes + +# When enabled freshclam will submit statistics to the ClamAV Project about +# the latest virus detections in your environment. The ClamAV maintainers +# will then use this data to determine what types of malware are the most +# detected in the field and in what geographic area they are. +# Freshclam will connect to clamd in order to get recent statistics. +# Default: no +#SubmitDetectionStats /path/to/clamd.conf + +# Country of origin of malware/detection statistics (for statistical +# purposes only). The statistics collector at ClamAV.net will look up +# your IP address to determine the geographical origin of the malware +# reported by your installation. If this installation is mainly used to +# scan data which comes from a different location, please enable this +# option and enter a two-letter code (see http://www.iana.org/domains/root/db/) +# of the country of origin. +# Default: disabled +#DetectionStatsCountry country-code + +# This option enables support for our "Personal Statistics" service. +# When this option is enabled, the information on malware detected by +# your clamd installation is made available to you through our website. +# To get your HostID, log on http://www.stats.clamav.net and add a new +# host to your host list. Once you have the HostID, uncomment this option +# and paste the HostID here. As soon as your freshclam starts submitting +# information to our stats collecting service, you will be able to view +# the statistics of this clamd installation by logging into +# http://www.stats.clamav.net with the same credentials you used to +# generate the HostID. For more information refer to: +# http://www.clamav.net/support/faq/faq-cctts/ +# This feature requires SubmitDetectionStats to be enabled. +# Default: disabled +#DetectionStatsHostID unique-id + +# This option enables support for Google Safe Browsing. When activated for +# the first time, freshclam will download a new database file (safebrowsing.cvd) +# which will be automatically loaded by clamd and clamscan during the next +# reload, provided that the heuristic phishing detection is turned on. This +# database includes information about websites that may be phishing sites or +# possible sources of malware. When using this option, it's mandatory to run +# freshclam at least every 30 minutes. +# Freshclam uses the ClamAV's mirror infrastructure to distribute the +# database and its updates but all the contents are provided under Google's +# terms of use. See http://code.google.com/support/bin/answer.py?answer=70015 +# and http://safebrowsing.clamav.net for more information. +# Default: disabled +#SafeBrowsing yes + +# This option enables downloading of bytecode.cvd, which includes additional +# detection mechanisms and improvements to the ClamAV engine. +# Default: enabled +#Bytecode yes +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@d67 1 +d91 6 +d162 1 +a162 2 +# This feature requires LogTime and LogFile to be enabled in clamd.conf, +# it's also recommended to turn on ExtendedDetectionInfo. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d155 2 +a156 1 +# This feature requires LogTime and LogFile to be enabled in clamd.conf. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d145 6 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a144 6 +# With this option enabled, freshclam will attempt to load new +# databases into memory to make sure they are properly handled +# by libclamav before replacing the old ones. +# Default: yes +#TestDatabases yes + +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d155 1 +a155 2 +# This feature requires LogTime and LogFile to be enabled in clamd.conf, +# it's also recommended to turn on ExtendedDetectionInfo. +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@a66 1 +# You can use db.XY.ipv6.clamav.net for IPv6 connections. +a89 6 +# With this option you can provide custom sources (http:// or file://) for +# database files. This option can be used multiple times. +# Default: no custom URLs +#DatabaseCustomURL http://myserver.com/mysigs.ndb +#DatabaseCustomURL file:///mnt/nfs/local.hdb + +d155 2 +a156 1 +# Freshclam will connect to clamd in order to get recent statistics. +@ + + +1.1.1.4 +log +@dispatch-conf update. +@ +text +@a208 7 + +# Download an additional 3rd party signature database distributed through +# the ClamAV mirrors. Here you can find a list of available databases: +# http://www.clamav.net/download/cvd/3rdparty +# This option can be used multiple times. +#ExtraDatabase dbname1 +#ExtraDatabase dbname2 +@ diff --git a/config-archive/etc/gai.conf,v b/config-archive/etc/gai.conf,v new file mode 100644 index 0000000..625fe31 --- /dev/null +++ b/config-archive/etc/gai.conf,v @@ -0,0 +1,206 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2010.10.30.19.30.28; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.06.28.21.17.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.24.08.00.24; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.06.28.21.17.24; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2010.10.30.19.30.29; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@# Configuration for getaddrinfo(3). +# +# So far only configuration for the destination address sorting is needed. +# RFC 3484 governs the sorting. But the RFC also says that system +# administrators should be able to overwrite the defaults. This can be +# achieved here. +# +# All lines have an initial identifier specifying the option followed by +# up to two values. Information specified in this file replaces the +# default information. Complete absence of data of one kind causes the +# appropriate default information to be used. The supported commands include: +# +# reload +# If set to yes, each getaddrinfo(3) call will check whether this file +# changed and if necessary reload. This option should not really be +# used. There are possible runtime problems. The default is no. +# +# label +# Add another rule to the RFC 3484 label table. See section 2.1 in +# RFC 3484. The default is: +# +#label ::1/128 0 +#label ::/0 1 +#label 2002::/16 2 +#label ::/96 3 +#label ::ffff:0:0/96 4 +#label fec0::/10 5 +#label fc00::/7 6 +#label 2001:0::/32 7 +# +# This default differs from the tables given in RFC 3484 by handling +# (now obsolete) site-local IPv6 addresses and Unique Local Addresses. +# The reason for this difference is that these addresses are never +# NATed while IPv4 site-local addresses most probably are. Given +# the precedence of IPv6 over IPv4 (see below) on machines having only +# site-local IPv4 and IPv6 addresses a lookup for a global address would +# see the IPv6 be preferred. The result is a long delay because the +# site-local IPv6 addresses cannot be used while the IPv4 address is +# (at least for the foreseeable future) NATed. We also treat Teredo +# tunnels special. +# +# precedence +# Add another rule to the RFC 3484 precedence table. See section 2.1 +# and 10.3 in RFC 3484. The default is: +# +#precedence ::1/128 50 +#precedence ::/0 40 +#precedence 2002::/16 30 +#precedence ::/96 20 +#precedence ::ffff:0:0/96 10 +# +# For sites which prefer IPv4 connections change the last line to +# +#precedence ::ffff:0:0/96 100 + +# +# scopev4 +# Add another rule to the RFC 3484 scope table for IPv4 addresses. +# The definitions in RFC 3484 are equivalent to: +# +#scopev4 ::ffff:169.254.0.0/112 2 +#scopev4 ::ffff:127.0.0.0/104 2 +#scopev4 ::ffff:10.0.0.0/104 5 +#scopev4 ::ffff:172.16.0.0/108 5 +#scopev4 ::ffff:192.168.0.0/112 5 +#scopev4 ::ffff:0.0.0.0/96 14 +# +# For sites which use site-local IPv4 addresses behind NAT there is +# the problem that even if IPv4 addresses are preferred they do not +# have the same scope and are therefore not sorted first. To change +# this use only these rules: +# +#scopev4 ::ffff:169.254.0.0/112 2 +#scopev4 ::ffff:127.0.0.0/104 2 +#scopev4 ::ffff:0.0.0.0/96 14 +# +# For sites which use site-local IPv4 addresses behind NAT there is +# the problem that even if IPv4 addresses are preferred they do not +# have the same scope and are therefore not sorted first. To change +# this use only these rules: +# +scopev4 ::ffff:169.254.0.0/112 2 +scopev4 ::ffff:127.0.0.0/104 2 +scopev4 ::ffff:0.0.0.0/96 14 +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d73 9 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d59 1 +a59 3 +# By default the scope IDs described in section 3.2 in RFC 3484 are +# used. Changing these defaults should hardly ever be necessary. +# The defaults are equivalent to: +d67 9 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d59 3 +a61 1 +# The definitions in RFC 3484 are equivalent to: +a68 9 +# +# For sites which use site-local IPv4 addresses behind NAT there is +# the problem that even if IPv4 addresses are preferred they do not +# have the same scope and are therefore not sorted first. To change +# this use only these rules: +# +scopev4 ::ffff:169.254.0.0/112 2 +scopev4 ::ffff:127.0.0.0/104 2 +scopev4 ::ffff:0.0.0.0/96 14 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a72 9 +#scopev4 ::ffff:169.254.0.0/112 2 +#scopev4 ::ffff:127.0.0.0/104 2 +#scopev4 ::ffff:0.0.0.0/96 14 +# +# For sites which use site-local IPv4 addresses behind NAT there is +# the problem that even if IPv4 addresses are preferred they do not +# have the same scope and are therefore not sorted first. To change +# this use only these rules: +# +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d73 9 +@ diff --git a/config-archive/etc/hosts,v b/config-archive/etc/hosts,v new file mode 100644 index 0000000..9142aab --- /dev/null +++ b/config-archive/etc/hosts,v @@ -0,0 +1,69 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.07.07.29.30; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/hosts: Local Host Database +# +# This file describes a number of aliases-to-address mappings for the for +# local hosts that share this file. +# +# In the presence of the domain name service or NIS, this file may not be +# consulted at all; see /etc/host.conf for the resolution order. +# + +# IPv4 and IPv6 localhost aliases +127.0.0.1 localhost + +::1 localhost ip6-localhost ip6-loopback + +85.214.134.152 helga.brehm-online.com helga h1763652.stratoserver.net h1763652 +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +ff02::3 ip6-allhosts + +192.166.201.59 gw.berlin.strato.de +192.166.192.168 gw-rz.berlin.strato.de +192.166.201.222 sarkomand-201-222-strato-full.cronon.net + +2001:6f8:1c00:365::2 home.brehm-online.com + +# +# Imaginary network. +#10.0.0.2 myname +#10.0.0.3 myfriend +# +# According to RFC 1918, you can use the following IP networks for private +# nets which will never be connected to the Internet: +# +# 10.0.0.0 - 10.255.255.255 +# 172.16.0.0 - 172.31.255.255 +# 192.168.0.0 - 192.168.255.255 +# +# In case you want to be able to connect directly to the Internet (i.e. not +# behind a NAT, ADSL router, etc...), you need real official assigned +# numbers. Do not try to invent your own network numbers but instead get one +# from your network provider (if any) or from your regional registry (ARIN, +# APNIC, LACNIC, RIPE NCC, or AfriNIC.) +# +@ diff --git a/config-archive/etc/hosts.dist.new b/config-archive/etc/hosts.dist.new new file mode 100644 index 0000000..8a37ca5 --- /dev/null +++ b/config-archive/etc/hosts.dist.new @@ -0,0 +1,31 @@ +# /etc/hosts: Local Host Database +# +# This file describes a number of aliases-to-address mappings for the for +# local hosts that share this file. +# +# In the presence of the domain name service or NIS, this file may not be +# consulted at all; see /etc/host.conf for the resolution order. +# + +# IPv4 and IPv6 localhost aliases +127.0.0.1 localhost +::1 localhost + +# +# Imaginary network. +#10.0.0.2 myname +#10.0.0.3 myfriend +# +# According to RFC 1918, you can use the following IP networks for private +# nets which will never be connected to the Internet: +# +# 10.0.0.0 - 10.255.255.255 +# 172.16.0.0 - 172.31.255.255 +# 192.168.0.0 - 192.168.255.255 +# +# In case you want to be able to connect directly to the Internet (i.e. not +# behind a NAT, ADSL router, etc...), you need real official assigned +# numbers. Do not try to invent your own network numbers but instead get one +# from your network provider (if any) or from your regional registry (ARIN, +# APNIC, LACNIC, RIPE NCC, or AfriNIC.) +# diff --git a/config-archive/etc/init.d/sshd b/config-archive/etc/init.d/sshd new file mode 100755 index 0000000..2e0b442 --- /dev/null +++ b/config-archive/etc/init.d/sshd @@ -0,0 +1,81 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6,v 1.27 2009/08/12 08:09:52 idl0r Exp $ + +opts="${opts} reload checkconfig gen_keys" + +depend() { + use logger dns + need net +} + +SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh} +SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid} +SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd} + +checkconfig() { + if [ ! -d /var/empty ] ; then + mkdir -p /var/empty || return 1 + fi + + if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then + eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd" + eerror "There is a sample file in /usr/share/doc/openssh" + return 1 + fi + + gen_keys || return 1 + + "${SSHD_BINARY}" -t ${myopts} || return 1 +} + +gen_keys() { + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_key ] ; then + einfo "Generating Hostkey..." + /usr/bin/ssh-keygen -t rsa1 -f "${SSHD_CONFDIR}"/ssh_host_key -N '' || return 1 + fi + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_dsa_key ] ; then + einfo "Generating DSA-Hostkey..." + /usr/bin/ssh-keygen -d -f "${SSHD_CONFDIR}"/ssh_host_dsa_key -N '' || return 1 + fi + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_rsa_key ] ; then + einfo "Generating RSA-Hostkey..." + /usr/bin/ssh-keygen -t rsa -f "${SSHD_CONFDIR}"/ssh_host_rsa_key -N '' || return 1 + fi + return 0 +} + +start() { + local myopts="" + [ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \ + && myopts="${myopts} -o PidFile=${SSHD_PIDFILE}" + [ "${SSHD_CONFDIR}" != "/etc/ssh" ] \ + && myopts="${myopts} -f ${SSHD_CONFDIR}/sshd_config" + + checkconfig || return 1 + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" \ + -- ${myopts} ${SSHD_OPTS} + eend $? +} + +stop() { + if [ "${RC_CMD}" = "restart" ] ; then + checkconfig || return 1 + fi + + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" --quiet + eend $? +} + +reload() { + checkconfig || return 1 + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --stop --signal HUP --oknodo \ + --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}" + eend $? +} diff --git a/config-archive/etc/init.d/sshd.dist b/config-archive/etc/init.d/sshd.dist new file mode 100755 index 0000000..0afb948 --- /dev/null +++ b/config-archive/etc/init.d/sshd.dist @@ -0,0 +1,82 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.1,v 1.1 2010/10/11 22:50:07 flameeyes Exp $ + +opts="${opts} reload checkconfig gen_keys" + +depend() { + use logger dns + need net +} + +SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh} +SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid} +SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd} + +checkconfig() { + if [ ! -d /var/empty ] ; then + mkdir -p /var/empty || return 1 + fi + + if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then + eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd" + eerror "There is a sample file in /usr/share/doc/openssh" + return 1 + fi + + gen_keys || return 1 + + "${SSHD_BINARY}" -t ${myopts} || return 1 +} + +gen_keys() { + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_key ] && \ + egrep -q '^[ \t]*Protocol[ \t]+.*1' "${SSHD_CONFDIR}"/sshd_config ; then + einfo "Generating RSA1-Hostkey..." + /usr/bin/ssh-keygen -t rsa1 -f "${SSHD_CONFDIR}"/ssh_host_key -N '' || return 1 + fi + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_dsa_key ] ; then + einfo "Generating DSA-Hostkey..." + /usr/bin/ssh-keygen -d -f "${SSHD_CONFDIR}"/ssh_host_dsa_key -N '' || return 1 + fi + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_rsa_key ] ; then + einfo "Generating RSA-Hostkey..." + /usr/bin/ssh-keygen -t rsa -f "${SSHD_CONFDIR}"/ssh_host_rsa_key -N '' || return 1 + fi + return 0 +} + +start() { + local myopts="" + [ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \ + && myopts="${myopts} -o PidFile=${SSHD_PIDFILE}" + [ "${SSHD_CONFDIR}" != "/etc/ssh" ] \ + && myopts="${myopts} -f ${SSHD_CONFDIR}/sshd_config" + + checkconfig || return 1 + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" \ + -- ${myopts} ${SSHD_OPTS} + eend $? +} + +stop() { + if [ "${RC_CMD}" = "restart" ] ; then + checkconfig || return 1 + fi + + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" --quiet + eend $? +} + +reload() { + checkconfig || return 1 + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --stop --signal HUP --oknodo \ + --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}" + eend $? +} diff --git a/config-archive/etc/inittab,v b/config-archive/etc/inittab,v new file mode 100644 index 0000000..4efe453 --- /dev/null +++ b/config-archive/etc/inittab,v @@ -0,0 +1,85 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2011.09.08.21.18.38; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# /etc/inittab: This file describes how the INIT process should set up +# the system in a certain run-level. +# +# Author: Miquel van Smoorenburg, +# Modified by: Patrick J. Volkerding, +# Modified by: Daniel Robbins, +# Modified by: Martin Schlemmer, +# Modified by: Mike Frysinger, +# Modified by: Robin H. Johnson, +# +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.1 2010/01/08 16:55:07 williamh Exp $ + +# Default runlevel. +id:3:initdefault: + +# System initialization, mount local filesystems, etc. +si::sysinit:/sbin/rc sysinit + +# Further system initialization, brings up the boot runlevel. +rc::bootwait:/sbin/rc boot + +l0:0:wait:/sbin/rc shutdown +l0s:0:wait:/sbin/halt -dhp +l1:1:wait:/sbin/rc single +l2:2:wait:/sbin/rc nonetwork +l3:3:wait:/sbin/rc default +l4:4:wait:/sbin/rc default +l5:5:wait:/sbin/rc default +l6:6:wait:/sbin/rc reboot +l6r:6:wait:/sbin/reboot -dk +#z6:6:respawn:/sbin/sulogin + +# new-style single-user +su0:S:wait:/sbin/rc single +su1:S:wait:/sbin/sulogin + +# TERMINALS +c1:12345:respawn:/sbin/agetty 38400 tty1 linux +c2:2345:respawn:/sbin/agetty 38400 tty2 linux +c3:2345:respawn:/sbin/agetty 38400 tty3 linux +c4:2345:respawn:/sbin/agetty 38400 tty4 linux +c5:2345:respawn:/sbin/agetty 38400 tty5 linux +c6:2345:respawn:/sbin/agetty 38400 tty6 linux + +# SERIAL CONSOLES +#s0:12345:respawn:/sbin/agetty 9600 ttyS0 vt100 +#s1:12345:respawn:/sbin/agetty 9600 ttyS1 vt100 +s0:12345:respawn:/sbin/agetty -L ttyS0 57600 vt100 + +# What to do at the "Three Finger Salute". +ca:12345:ctrlaltdel:/sbin/shutdown -r now + +# Used by /etc/init.d/xdm to control DM startup. +# Read the comments in /etc/init.d/xdm for more +# info. Do NOT remove, as this will start nothing +# extra at boot if /etc/init.d/xdm is not added +# to the "default" runlevel. +x:a:once:/etc/X11/startDM.sh + +@ diff --git a/config-archive/etc/inittab.dist.new b/config-archive/etc/inittab.dist.new new file mode 100644 index 0000000..a6a04f3 --- /dev/null +++ b/config-archive/etc/inittab.dist.new @@ -0,0 +1,59 @@ +# +# /etc/inittab: This file describes how the INIT process should set up +# the system in a certain run-level. +# +# Author: Miquel van Smoorenburg, +# Modified by: Patrick J. Volkerding, +# Modified by: Daniel Robbins, +# Modified by: Martin Schlemmer, +# Modified by: Mike Frysinger, +# Modified by: Robin H. Johnson, +# +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sysvinit/files/inittab-2.87,v 1.1 2010/01/08 16:55:07 williamh Exp $ + +# Default runlevel. +id:3:initdefault: + +# System initialization, mount local filesystems, etc. +si::sysinit:/sbin/rc sysinit + +# Further system initialization, brings up the boot runlevel. +rc::bootwait:/sbin/rc boot + +l0:0:wait:/sbin/rc shutdown +l0s:0:wait:/sbin/halt -dhp +l1:1:wait:/sbin/rc single +l2:2:wait:/sbin/rc nonetwork +l3:3:wait:/sbin/rc default +l4:4:wait:/sbin/rc default +l5:5:wait:/sbin/rc default +l6:6:wait:/sbin/rc reboot +l6r:6:wait:/sbin/reboot -dk +#z6:6:respawn:/sbin/sulogin + +# new-style single-user +su0:S:wait:/sbin/rc single +su1:S:wait:/sbin/sulogin + +# TERMINALS +c1:12345:respawn:/sbin/agetty 38400 tty1 linux +c2:2345:respawn:/sbin/agetty 38400 tty2 linux +c3:2345:respawn:/sbin/agetty 38400 tty3 linux +c4:2345:respawn:/sbin/agetty 38400 tty4 linux +c5:2345:respawn:/sbin/agetty 38400 tty5 linux +c6:2345:respawn:/sbin/agetty 38400 tty6 linux + +# SERIAL CONSOLES +#s0:12345:respawn:/sbin/agetty 9600 ttyS0 vt100 +#s1:12345:respawn:/sbin/agetty 9600 ttyS1 vt100 + +# What to do at the "Three Finger Salute". +ca:12345:ctrlaltdel:/sbin/shutdown -r now + +# Used by /etc/init.d/xdm to control DM startup. +# Read the comments in /etc/init.d/xdm for more +# info. Do NOT remove, as this will start nothing +# extra at boot if /etc/init.d/xdm is not added +# to the "default" runlevel. +x:a:once:/etc/X11/startDM.sh + diff --git a/config-archive/etc/inputrc,v b/config-archive/etc/inputrc,v new file mode 100644 index 0000000..b9ef814 --- /dev/null +++ b/config-archive/etc/inputrc,v @@ -0,0 +1,136 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.11.19.09.22.18; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/inputrc: initialization file for readline +# +# For more information on how this file works, please see the +# INITIALIZATION FILE section of the readline(3) man page +# +# Quick dirty little note: +# To get the key sequence for binding, you can abuse bash. +# While running bash, hit CTRL+V, and then type the key sequence. +# So, typing 'ALT + left arrow' in Konsole gets you back: +# ^[[1;3D +# The readline entry to make this skip back a word will then be: +# "\e[1;3D" backward-word +# + +# do not bell on tab-completion +#set bell-style none + +set meta-flag on +set input-meta on +set convert-meta off +set output-meta on + +# Completed names which are symbolic links to +# directories have a slash appended. +set mark-symlinked-directories on + +$if mode=emacs + +# for linux console and RH/Debian xterm +# allow the use of the Home/End keys +"\e[1~": beginning-of-line +"\e[4~": end-of-line +# mappings for "page up" and "page down" to step to the beginning/end +# of the history +"\e[5~": history-search-backward +"\e[6~": history-search-forward +# allow the use of the Delete/Insert keys +"\e[3~": delete-char +"\e[2~": quoted-insert +# # mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving +"\e[5C": forward-word +"\e[5D": backward-word +"\e[1;5C": forward-word +"\e[1;5D": backward-word + +# gnome-terminal (escape + arrow key) +"\e[5C": forward-word +"\e[5D": backward-word +# gnome-terminal (control + arrow key) +"\e[1;5C": forward-word +"\e[1;5D": backward-word +# konsole / xterm / rxvt (escape + arrow key) +"\e\e[C": forward-word +"\e\e[D": backward-word +# konsole (alt + arrow key) +"\e[1;3C": forward-word +"\e[1;3D": backward-word +# konsole (control + arrow key) +"\e[1;3C": forward-word +"\e[1;3D": backward-word +# aterm / eterm (control + arrow key) +"\eOc": forward-word +"\eOd": backward-word + +$if term=rxvt +"\e[8~": end-of-line +$endif + +# for non RH/Debian xterm, can't hurt for RH/Debian xterm +"\eOH": beginning-of-line +"\eOF": end-of-line + +# for freebsd console +"\e[H": beginning-of-line +"\e[F": end-of-line +$endif + +# fix Home and End for German users +"\e[7~": beginning-of-line +"\e[8~": end-of-line +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d33 2 +a34 1 +# map "page up" and "page down" to search history based on current cmdline +d40 5 +d46 1 +a46 1 +# gnome / others (escape + arrow key) +d49 3 +d55 6 +a60 3 +# gnome / konsole / others (control + arrow key) +"\e[1;5C": forward-word +"\e[1;5D": backward-word +a64 4 +# konsole (alt + arrow key) +"\e[1;3C": forward-word +"\e[1;3D": backward-word + +@ diff --git a/config-archive/etc/krb5.conf.example,v b/config-archive/etc/krb5.conf.example,v new file mode 100644 index 0000000..7aa0f8e --- /dev/null +++ b/config-archive/etc/krb5.conf.example,v @@ -0,0 +1,75 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.28.21.17.24; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.28.21.17.28; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[libdefaults] + default_realm = ATHENA.MIT.EDU + krb4_config = /usr/kerberos/lib/krb.conf + krb4_realms = /usr/kerberos/lib/krb.realms + +[realms] + ATHENA.MIT.EDU = { + admin_server = KERBEROS.MIT.EDU + default_domain = MIT.EDU + v4_instance_convert = { + mit = mit.edu + lithium = lithium.lcs.mit.edu + } + } + ANDREW.CMU.EDU = { + admin_server = vice28.fs.andrew.cmu.edu + } +# use "kdc =" if realm admins haven't put SRV records into DNS + GNU.ORG = { + kdc = kerberos.gnu.org + kdc = kerberos-2.gnu.org + admin_server = kerberos.gnu.org + } + +[domain_realm] + .mit.edu = ATHENA.MIT.EDU + mit.edu = ATHENA.MIT.EDU + .media.mit.edu = MEDIA-LAB.MIT.EDU + media.mit.edu = MEDIA-LAB.MIT.EDU + .ucsc.edu = CATS.UCSC.EDU + +[logging] +# kdc = CONSOLE +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 2 +a6 1 +# use "kdc = ..." if realm admins haven't put SRV records into DNS +d18 6 +@ diff --git a/config-archive/etc/layman/layman.cfg,v b/config-archive/etc/layman/layman.cfg,v new file mode 100644 index 0000000..0eb4fb0 --- /dev/null +++ b/config-archive/etc/layman/layman.cfg,v @@ -0,0 +1,130 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.24.08.01.26; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[MAIN] + +#----------------------------------------------------------- +# Defines the directory where overlays should be installed + +storage : /var/lib/layman + +#----------------------------------------------------------- +# Remote overlay lists will be stored here +# layman will append _md5(url).xml to each filename + +cache : %(storage)s/cache + +#----------------------------------------------------------- +# The list of locally installed overlays + +local_list: %(storage)s/overlays.xml + +#----------------------------------------------------------- +# Path to the make.conf file that should be modified by +# layman + +make_conf : %(storage)s/make.conf + +#----------------------------------------------------------- +# URLs of the remote lists of overlays (one per line) or +# local overlay definitions +# +#overlays : http://www.gentoo.org/proj/en/overlays/layman-global.txt +# http://dev.gentoo.org/~wrobel/layman/global-overlays.xml +# http://mydomain.org/my-layman-list.xml +# file:///usr/portage/local/layman/my-list.xml + +overlays : http://www.gentoo.org/proj/en/overlays/layman-global.txt + +#----------------------------------------------------------- +# Proxy support +# +#proxy : http://[user:pass@@]www.my-proxy.org:3128 + +#----------------------------------------------------------- +# Strict checking of overlay definitions +# +# Set either to "yes" or "no". If "no" layman will issue +# warnings if an overlay definition is missing either +# description or contact information. +# +nocheck : yes + +#----------------------------------------------------------- +# Umask settings +# +# layman should usually work with a umask of 0022. You should +# only change this setting if you are absolutely certain that +# you know what you are doing. +# +#umask : 0022 + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d29 1 +a29 1 +#overlays : http://www.gentoo.org/proj/en/overlays/repositories.xml +d32 1 +a32 1 +# file:///var/lib/layman/my-list.xml +d34 1 +a34 1 +overlays : http://www.gentoo.org/proj/en/overlays/repositories.xml +a37 1 +# If unset, layman will use the http_proxy environment variable. +a58 22 +#----------------------------------------------------------- +# Command overrides +# +# You can have commands point to either a binary at a different +# location, e.g. +# +# /home/you/local/bin/git +# +# or just the command, e.g. +# +# git +# +# to use PATH-based resolution of the binary to call. +# +#bzr_command : /usr/bin/bzr +#cvs_command : /usr/bin/cvs +#darcs_command : /usr/bin/darcs +#git_command : /usr/bin/git +#mercurial_command : /usr/bin/hg +#rsync_command : /usr/bin/rsync +#svn_command : /usr/bin/svn +#tar_command : /bin/tar +@ diff --git a/config-archive/etc/locale.gen b/config-archive/etc/locale.gen new file mode 100644 index 0000000..52fa204 --- /dev/null +++ b/config-archive/etc/locale.gen @@ -0,0 +1,66 @@ +# /etc/locale.gen: list all of the locales you want to have on your system +# +# The format of each line: +# +# +# Where is a locale located in /usr/share/i18n/locales/ and +# where is a charmap located in /usr/share/i18n/charmaps/. +# +# All blank lines and lines starting with # are ignored. +# +# For the default list of supported combinations, see the file: +# /usr/share/i18n/SUPPORTED +# +# Whenever glibc is emerged, the locales listed here will be automatically +# rebuilt for you. After updating this file, you can simply run `locale-gen` +# yourself instead of re-emerging glibc. + +de_AT.UTF-8 UTF-8 +de_AT ISO-8859-1 +de_AT@euro ISO-8859-15 +de_BE.UTF-8 UTF-8 +de_BE ISO-8859-1 +de_BE@euro ISO-8859-15 +de_CH.UTF-8 UTF-8 +de_CH ISO-8859-1 +de_DE.UTF-8 UTF-8 +de_DE ISO-8859-1 +de_DE@euro ISO-8859-15 +de_LU.UTF-8 UTF-8 +de_LU ISO-8859-1 +de_LU@euro ISO-8859-15 +en_AG UTF-8 +en_AU.UTF-8 UTF-8 +en_AU ISO-8859-1 +en_BW.UTF-8 UTF-8 +en_BW ISO-8859-1 +en_CA.UTF-8 UTF-8 +en_CA ISO-8859-1 +en_DK.UTF-8 UTF-8 +en_DK ISO-8859-1 +en_GB.UTF-8 UTF-8 +en_GB ISO-8859-1 +en_HK.UTF-8 UTF-8 +en_HK ISO-8859-1 +en_IE.UTF-8 UTF-8 +en_IE ISO-8859-1 +en_IE@euro ISO-8859-15 +en_IN UTF-8 +en_NG UTF-8 +en_NZ.UTF-8 UTF-8 +en_NZ ISO-8859-1 +en_PH.UTF-8 UTF-8 +en_PH ISO-8859-1 +en_SG.UTF-8 UTF-8 +en_SG ISO-8859-1 +en_US.UTF-8 UTF-8 +en_US ISO-8859-1 +en_ZA.UTF-8 UTF-8 +en_ZA ISO-8859-1 +en_ZW.UTF-8 UTF-8 +en_ZW ISO-8859-1 +ru_RU.KOI8-R KOI8-R +ru_RU.UTF-8 UTF-8 +ru_RU ISO-8859-5 +ru_UA.UTF-8 UTF-8 +ru_UA KOI8-U diff --git a/config-archive/etc/locale.gen.dist.new b/config-archive/etc/locale.gen.dist.new new file mode 100644 index 0000000..09ee60e --- /dev/null +++ b/config-archive/etc/locale.gen.dist.new @@ -0,0 +1,31 @@ +# /etc/locale.gen: list all of the locales you want to have on your system +# +# The format of each line: +# +# +# Where is a locale located in /usr/share/i18n/locales/ and +# where is a charmap located in /usr/share/i18n/charmaps/. +# +# All blank lines and lines starting with # are ignored. +# +# For the default list of supported combinations, see the file: +# /usr/share/i18n/SUPPORTED +# +# Whenever glibc is emerged, the locales listed here will be automatically +# rebuilt for you. After updating this file, you can simply run `locale-gen` +# yourself instead of re-emerging glibc. + +#en_US ISO-8859-1 +#en_US.UTF-8 UTF-8 +#ja_JP.EUC-JP EUC-JP +#ja_JP.UTF-8 UTF-8 +#ja_JP EUC-JP +#en_HK ISO-8859-1 +#en_PH ISO-8859-1 +#de_DE ISO-8859-1 +#de_DE@euro ISO-8859-15 +#es_MX ISO-8859-1 +#fa_IR UTF-8 +#fr_FR ISO-8859-1 +#fr_FR@euro ISO-8859-15 +#it_IT ISO-8859-1 diff --git a/config-archive/etc/login.defs,v b/config-archive/etc/login.defs,v new file mode 100644 index 0000000..21e7daf --- /dev/null +++ b/config-archive/etc/login.defs,v @@ -0,0 +1,501 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.13.09.08.39; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.07.13.09.11.28; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# /etc/login.defs - Configuration control definitions for the shadow package. +# +# $Id: login.defs 1884 2008-03-08 16:05:30Z nekral-guest $ +# + +# +# Delay in seconds before being allowed another attempt after a login failure +# +FAIL_DELAY 3 + +# +# Enable logging and display of /var/log/faillog login failure info. +# +#FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable logging and display of /var/log/lastlog login time info. +# +#LASTLOG_ENAB yes + +# +# Enable checking and display of mailbox status upon login. +# +# Disable if the shell startup files already check for mail +# ("mailx -e" or equivalent). +# +#MAIL_CHECK_ENAB no + +# +# Enable additional checks upon password changes. +# +#OBSCURE_CHECKS_ENAB yes + +# +# Enable checking of time restrictions specified in /etc/porttime. +# +#PORTTIME_CHECKS_ENAB yes + +# +# Enable setting of ulimit, umask, and niceness from passwd gecos field. +# +#QUOTAS_ENAB yes + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +CONSOLE /etc/securetty +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, ":" delimited list of "message of the day" files to +# be displayed upon login. +# +#MOTD_FILE /etc/motd +#MOTD_FILE /etc/motd:/usr/lib/news/news-motd + +# +# If defined, this file will be output before each login prompt. +# +#ISSUE_FILE /etc/issue + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format. +# last, when invoked as lastb, will read /var/log/btmp, so... +# +#FTMP_FILE /var/log/btmp + +# +# If defined, name of file whose presence which will inhibit non-root +# logins. The contents of this file should be a message indicating +# why logins are inhibited. +# +#NOLOGINS_FILE /etc/nologin + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# *REQUIRED* +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define both, MAIL_DIR takes precedence. +# +MAIL_DIR /var/spool/mail +#MAIL_FILE .mail + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# If defined, either a TZ environment parameter spec or the +# fully-rooted pathname of a file containing such a spec. +# +#ENV_TZ TZ=CST6CDT +#ENV_TZ /etc/tzname + +# +# If defined, an HZ environment parameter spec. +# +# for Linux/x86 +#ENV_HZ HZ=100 +# For Linux/Alpha... +#ENV_HZ HZ=1024 + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin +ENV_PATH PATH=/bin:/usr/bin + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# ULIMIT Default "ulimit" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# The ULIMIT is used only if the system supports it. +# (now it works with setrlimit too; ulimit is in 512-byte units) +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 +#ULIMIT 2097152 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_MIN_LEN Minimum acceptable password length. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +#PASS_MIN_LEN 5 +PASS_WARN_AGE 7 + +# +# If "yes", the user must be listed as a member of the first gid 0 group +# in /etc/group (called "root" on most Linux systems) to be able to "su" +# to uid 0 accounts. If the group doesn't exist or is empty, no one +# will be able to "su" to uid 0. +# +#SU_WHEEL_ONLY yes + +# +# If compiled with cracklib support, where are the dictionaries +# +#CRACKLIB_DICTPATH /usr/lib64/cracklib_dict + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +SYS_UID_MIN 100 +SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +SYS_GID_MIN 100 +SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad +# +LOGIN_RETRIES 3 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Maximum number of attempts to change password if rejected (too easy) +# +#PASS_CHANGE_TRIES 5 + +# +# Warn about weak passwords (but still allow them) if you are root. +# +#PASS_ALWAYS_WARN yes + +# +# Number of significant characters in the password for crypt(). +# Default is 8, don't change unless your crypt() is better. +# Ignored if MD5_CRYPT_ENAB set to "yes". +# +#PASS_MAX_LEN 8 + +# +# Require password before chfn/chsh can make any changes. +# +#CHFN_AUTH yes + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Password prompt (%s will be replaced by user name). +# +# XXX - it doesn't work correctly yet, for now leave it commented out +# to use the default which is just "Password: ". +#LOGIN_STRING "%s's Password: " + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# Note: If you use PAM, it is recommended to use a value consistent with +# the PAM modules configuration. +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +MD5_CRYPT_ENAB yes + +# +# Only works if compiled with ENCRYPTMETHOD_SELECT defined: +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: If you use PAM, it is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If this file exists and is readable, login environment will be +# read from it. Every line should be in the form name=value. +# +#ENVIRON_FILE /etc/environment + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# Enable setting of the umask group bits to be the same as owner bits +# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is +# the same as gid, and username is the same as the primary group name. +# +# This also enables userdel to remove user groups if no members exist. +# +USERGROUPS_ENAB yes + +# +# If set to a non-nul number, the shadow utilities will make sure that +# groups never have more than this number of users on one line. +# This permit to support split groups (groups split into multiple lines, +# with the same group ID, to avoid limitation of the line length in the +# group file). +# +# 0 is the default value and disables this feature. +# +#MAX_MEMBERS_PER_GROUP 0 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d4 1 +a4 1 +# $Id: login.defs 3038 2009-07-23 20:41:35Z nekral-guest $ +a8 2 +# Note: When PAM is used, some modules may enfore a minimal delay (e.g. +# pam_unix enforces a 2s delay) +d15 1 +a15 1 +#FAILLOG_ENAB +d30 1 +a30 1 +#LASTLOG_ENAB +d38 1 +a38 1 +#MAIL_CHECK_ENAB +d43 1 +a43 1 +#OBSCURE_CHECKS_ENAB +d48 1 +a48 1 +#PORTTIME_CHECKS_ENAB +d53 1 +a53 1 +#QUOTAS_ENAB +d79 2 +a80 2 +#MOTD_FILE +#MOTD_FILE +d97 1 +a97 1 +#FTMP_FILE +d104 1 +a104 1 +#NOLOGINS_FILE +d142 1 +a142 1 +#ENV_HZ +d144 1 +a144 1 +#ENV_HZ +d172 1 +d183 1 +a185 8 +# Default initial "umask" value for non-PAM enabled systems. +# UMASK is also used by useradd and newusers to set the mode of new home +# directories. +# 022 is the default value, but 027, or even 077, could be considered +# better for privacy. There is no One True Answer here: each sysadmin +# must make up her mind. +UMASK 022 + +d196 1 +a196 1 +#PASS_MIN_LEN +d205 1 +a205 1 +#SU_WHEEL_ONLY +d210 1 +a210 1 +#CRACKLIB_DICTPATH +d218 1 +a218 1 +SYS_UID_MIN 101 +d227 1 +a227 1 +SYS_GID_MIN 101 +d233 1 +a233 1 +LOGIN_RETRIES 5 +d243 1 +a243 1 +#PASS_CHANGE_TRIES +d248 1 +a248 1 +#PASS_ALWAYS_WARN +d260 1 +a260 1 +#CHFN_AUTH +d290 1 +a290 1 +#MD5_CRYPT_ENAB no +d342 1 +a342 1 +#ENVIRON_FILE +a369 9 + +# +# If useradd should create home directories for users by default (non +# system users only) +# This option is overridden with the -M or -m flags on the useradd command +# line. +# +#CREATE_HOME yes + +@ diff --git a/config-archive/etc/logrotate.d/apache2,v b/config-archive/etc/logrotate.d/apache2,v new file mode 100644 index 0000000..818fbe8 --- /dev/null +++ b/config-archive/etc/logrotate.d/apache2,v @@ -0,0 +1,51 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.05.28.10.14.53; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Apache2 logrotate snipet for Gentoo Linux +# Contributes by Chuck Short +# +#/var/log/apache2/*log { +# missingok +# notifempty +# sharedscripts +# postrotate +# /etc/init.d/apache2 reload > /dev/null 2>&1 || true +# endscript +#} + +script apache2-reload + /etc/init.d/apache2 reload >/dev/null || true +endscript + +#rotate 10 +daily + +/var/log/apache2/*log { + size 4m + olddir /var/log/apache2/%Y-%m + postrotate apache2-reload +} + +# vim: ts=4 filetype=conf +@ diff --git a/config-archive/etc/logrotate.d/apache2.dist.new b/config-archive/etc/logrotate.d/apache2.dist.new new file mode 100644 index 0000000..9dd431c --- /dev/null +++ b/config-archive/etc/logrotate.d/apache2.dist.new @@ -0,0 +1,11 @@ +# Apache2 logrotate snipet for Gentoo Linux +# Contributes by Chuck Short +# +/var/log/apache2/*log { + missingok + notifempty + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null 2>&1 || true + endscript +} diff --git a/config-archive/etc/logrotate.d/clamav,v b/config-archive/etc/logrotate.d/clamav,v new file mode 100644 index 0000000..a300198 --- /dev/null +++ b/config-archive/etc/logrotate.d/clamav,v @@ -0,0 +1,46 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.06.09.10.37.04; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@/var/log/clamav/clamd.log { + missingok + weekly + size 1m + postrotate + /etc/init.d/clamd logfix + /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true + endscript +} + +/var/log/clamav/freshclam.log { + missingok + weekly + size 1m + postrotate + /etc/init.d/clamd logfix + /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true + endscript +} + +# vim: ts=4 filetype=conf +@ diff --git a/config-archive/etc/logrotate.d/clamav.dist.new b/config-archive/etc/logrotate.d/clamav.dist.new new file mode 100644 index 0000000..12c77e0 --- /dev/null +++ b/config-archive/etc/logrotate.d/clamav.dist.new @@ -0,0 +1,15 @@ +/var/log/clamav/clamd.log { + missingok + postrotate + /etc/init.d/clamd logfix + /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true + endscript +} + +/var/log/clamav/freshclam.log { + missingok + postrotate + /etc/init.d/clamd logfix + /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true + endscript +} diff --git a/config-archive/etc/logrotate.d/elog-save-summary,v b/config-archive/etc/logrotate.d/elog-save-summary,v new file mode 100644 index 0000000..f99210e --- /dev/null +++ b/config-archive/etc/logrotate.d/elog-save-summary,v @@ -0,0 +1,56 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.29.20.08.50; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.29.20.08.56; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id: elog-save-summary,v 1.2 2010/12/02 12:03:24 root Exp $ +# Rotate the log created by the save_summary elog module. + +/var/log/portage/elog/summary.log { + missingok + nocreate + delaycompress +} + +# vim: ts=4 filetype=conf +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# Copyright 1999-2011 Gentoo Foundation +d3 1 +a6 1 + #su portage portage +@ diff --git a/config-archive/etc/logrotate.d/ulogd,v b/config-archive/etc/logrotate.d/ulogd,v new file mode 100644 index 0000000..cf42b1a --- /dev/null +++ b/config-archive/etc/logrotate.d/ulogd,v @@ -0,0 +1,46 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.09.11.24.21; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap { +# missingok +# sharedscripts +# postrotate +# /bin/killall -HUP ulogd 2> /dev/null || true +# endscript +#} + +/var/log/ulogd/*.log { + daily + maxage 2y + rotate 999 + olddir /var/log/ulogd/%Y-%m + size 4M + sharedscripts + postrotate + #/etc/init.d/ulogd restart + /bin/killall -HUP ulogd 2> /dev/null || true + endscript +} + +# vim: ts=4 filetype=conf +@ diff --git a/config-archive/etc/logrotate.d/ulogd.dist.new b/config-archive/etc/logrotate.d/ulogd.dist.new new file mode 100644 index 0000000..b3fb6d1 --- /dev/null +++ b/config-archive/etc/logrotate.d/ulogd.dist.new @@ -0,0 +1,7 @@ +/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap { + missingok + sharedscripts + postrotate + /bin/killall -HUP ulogd 2> /dev/null || true + endscript +} diff --git a/config-archive/etc/lvm/lvm.conf,v b/config-archive/etc/lvm/lvm.conf,v new file mode 100644 index 0000000..d815b9a --- /dev/null +++ b/config-archive/etc/lvm/lvm.conf,v @@ -0,0 +1,655 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2010.09.08.19.40.05; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.05.10.15.50; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.09.08.19.40.05; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# This is an example configuration file for the LVM2 system. +# It contains the default settings that would be used if there was no +# /etc/lvm/lvm.conf file. +# +# Refer to 'man lvm.conf' for further information including the file layout. +# +# To put this file in a different directory and override /etc/lvm set +# the environment variable LVM_SYSTEM_DIR before running the tools. + + +# This section allows you to configure which block devices should +# be used by the LVM system. +devices { + + # Where do you want your volume groups to appear ? + dir = "/dev" + + # An array of directories that contain the device nodes you wish + # to use with LVM2. + scan = [ "/dev" ] + + # If several entries in the scanned directories correspond to the + # same block device and the tools need to display a name for device, + # all the pathnames are matched against each item in the following + # list of regular expressions in turn and the first match is used. + preferred_names = [ ] + + # Try to avoid using undescriptive /dev/dm-N names, if present. + # preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] + + # A filter that tells LVM2 to only use a restricted set of devices. + # The filter consists of an array of regular expressions. These + # expressions can be delimited by a character of your choice, and + # prefixed with either an 'a' (for accept) or 'r' (for reject). + # The first expression found to match a device name determines if + # the device will be accepted or rejected (ignored). Devices that + # don't match any patterns are accepted. + + # Be careful if there there are symbolic links or multiple filesystem + # entries for the same device as each name is checked separately against + # the list of patterns. The effect is that if any name matches any 'a' + # pattern, the device is accepted; otherwise if any name matches any 'r' + # pattern it is rejected; otherwise it is accepted. + + # Don't have more than one filter line active at once: only one gets used. + + # Run vgscan after you change this parameter to ensure that + # the cache file gets regenerated (see below). + # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. + + + # By default we accept every block device: + # Gentoo: we exclude /dev/nbd by default, because it makes a lot of kernel + # noise when you probed while not available. + filter = [ "r|/dev/nbd.*|", "a/.*/" ] + + # Exclude the cdrom drive + # filter = [ "r|/dev/cdrom|" ] + + # When testing I like to work with just loopback devices: + # filter = [ "a/loop/", "r/.*/" ] + + # Or maybe all loops and ide drives except hdc: + # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] + + # Use anchors if you want to be really specific + # filter = [ "a|^/dev/hda8$|", "r/.*/" ] + + # The results of the filtering are cached on disk to avoid + # rescanning dud devices (which can take a very long time). + # By default this cache is stored in the /etc/lvm/cache directory + # in a file called '.cache'. + # It is safe to delete the contents: the tools regenerate it. + # (The old setting 'cache' is still respected if neither of + # these new ones is present.) + cache_dir = "/etc/lvm/cache" + cache_file_prefix = "" + + # You can turn off writing this cache file by setting this to 0. + write_cache_state = 1 + + # Advanced settings. + + # List of pairs of additional acceptable block device types found + # in /proc/devices with maximum (non-zero) number of partitions. + # types = [ "fd", 16 ] + + # If sysfs is mounted (2.6 kernels) restrict device scanning to + # the block devices it believes are valid. + # 1 enables; 0 disables. + sysfs_scan = 1 + + # By default, LVM2 will ignore devices used as components of + # software RAID (md) devices by looking for md superblocks. + # 1 enables; 0 disables. + md_component_detection = 1 + + # By default, if a PV is placed directly upon an md device, LVM2 + # will align its data blocks with the md device's stripe-width. + # 1 enables; 0 disables. + md_chunk_alignment = 1 + + # By default, the start of a PV's data area will be a multiple of + # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. + # - minimum_io_size - the smallest request the device can perform + # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) + # - optimal_io_size - the device's preferred unit of receiving I/O + # (e.g. MD's stripe width) + # minimum_io_size is used if optimal_io_size is undefined (0). + # If md_chunk_alignment is enabled, that detects the optimal_io_size. + # This setting takes precedence over md_chunk_alignment. + # 1 enables; 0 disables. + data_alignment_detection = 1 + + # Alignment (in KB) of start of data area when creating a new PV. + # If a PV is placed directly upon an md device and md_chunk_alignment or + # data_alignment_detection is enabled this parameter is ignored. + # Set to 0 for the default alignment of 64KB or page size, if larger. + data_alignment = 0 + + # By default, the start of the PV's aligned data area will be shifted by + # the 'alignment_offset' exposed in sysfs. This offset is often 0 but + # may be non-zero; e.g.: certain 4KB sector drives that compensate for + # windows partitioning will have an alignment_offset of 3584 bytes + # (sector 7 is the lowest aligned logical block, the 4KB sectors start + # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). + # 1 enables; 0 disables. + data_alignment_offset_detection = 1 + + # If, while scanning the system for PVs, LVM2 encounters a device-mapper + # device that has its I/O suspended, it waits for it to become accessible. + # Set this to 1 to skip such devices. This should only be needed + # in recovery situations. + ignore_suspended_devices = 0 +} + +# This section that allows you to configure the nature of the +# information that LVM2 reports. +log { + + # Controls the messages sent to stdout or stderr. + # There are three levels of verbosity, 3 being the most verbose. + verbose = 0 + + # Should we send log messages through syslog? + # 1 is yes; 0 is no. + syslog = 1 + + # Should we log error and debug messages to a file? + # By default there is no log file. + #file = "/var/log/lvm2.log" + + # Should we overwrite the log file each time the program is run? + # By default we append. + overwrite = 0 + + # What level of log messages should we send to the log file and/or syslog? + # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. + # 7 is the most verbose (LOG_DEBUG). + level = 0 + + # Format of output messages + # Whether or not (1 or 0) to indent messages according to their severity + indent = 1 + + # Whether or not (1 or 0) to display the command name on each line output + command_names = 0 + + # A prefix to use before the message text (but after the command name, + # if selected). Default is two spaces, so you can see/grep the severity + # of each message. + prefix = " " + + # To make the messages look similar to the original LVM tools use: + # indent = 0 + # command_names = 1 + # prefix = " -- " + + # Set this if you want log messages during activation. + # Don't use this in low memory situations (can deadlock). + # activation = 0 +} + +# Configuration of metadata backups and archiving. In LVM2 when we +# talk about a 'backup' we mean making a copy of the metadata for the +# *current* system. The 'archive' contains old metadata configurations. +# Backups are stored in a human readeable text format. +backup { + + # Should we maintain a backup of the current metadata configuration ? + # Use 1 for Yes; 0 for No. + # Think very hard before turning this off! + backup = 1 + + # Where shall we keep it ? + # Remember to back up this directory regularly! + backup_dir = "/etc/lvm/backup" + + # Should we maintain an archive of old metadata configurations. + # Use 1 for Yes; 0 for No. + # On by default. Think very hard before turning this off. + archive = 1 + + # Where should archived files go ? + # Remember to back up this directory regularly! + archive_dir = "/etc/lvm/archive" + + # What is the minimum number of archive files you wish to keep ? + retain_min = 10 + + # What is the minimum time you wish to keep an archive file for ? + retain_days = 30 +} + +# Settings for the running LVM2 in shell (readline) mode. +shell { + + # Number of lines of history to store in ~/.lvm_history + history_size = 100 +} + + +# Miscellaneous global LVM2 settings +global { + + # The file creation mask for any files and directories created. + # Interpreted as octal if the first digit is zero. + umask = 077 + + # Allow other users to read the files + #umask = 022 + + # Enabling test mode means that no changes to the on disk metadata + # will be made. Equivalent to having the -t option on every + # command. Defaults to off. + test = 0 + + # Default value for --units argument + units = "h" + + # Since version 2.02.54, the tools distinguish between powers of + # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. + # KB, MB, GB). + # If you have scripts that depend on the old behaviour, set this to 0 + # temporarily until you update them. + si_unit_consistency = 1 + + # Whether or not to communicate with the kernel device-mapper. + # Set to 0 if you want to use the tools to manipulate LVM metadata + # without activating any logical volumes. + # If the device-mapper kernel driver is not present in your kernel + # setting this to 0 should suppress the error messages. + activation = 1 + + # If we can't communicate with device-mapper, should we try running + # the LVM1 tools? + # This option only applies to 2.4 kernels and is provided to help you + # switch between device-mapper kernels and LVM1 kernels. + # The LVM1 tools need to be installed with .lvm1 suffices + # e.g. vgscan.lvm1 and they will stop working after you start using + # the new lvm2 on-disk metadata format. + # The default value is set when the tools are built. + # fallback_to_lvm1 = 0 + # Gentoo: the LVM tools are a seperate package. + fallback_to_lvm1 = 0 + + # The default metadata format that commands should use - "lvm1" or "lvm2". + # The command line override is -M1 or -M2. + # Defaults to "lvm2". + # format = "lvm2" + + # Location of proc filesystem + proc = "/proc" + + # Type of locking to use. Defaults to local file-based locking (1). + # Turn locking off by setting to 0 (dangerous: risks metadata corruption + # if LVM2 commands get run concurrently). + # Type 2 uses the external shared library locking_library. + # Type 3 uses built-in clustered locking. + # Type 4 uses read-only locking which forbids any operations that might + # change metadata. + locking_type = 1 + + # Set to 0 to fail when a lock request cannot be satisfied immediately. + wait_for_locks = 1 + + # If using external locking (type 2) and initialisation fails, + # with this set to 1 an attempt will be made to use the built-in + # clustered locking. + # If you are using a customised locking_library you should set this to 0. + fallback_to_clustered_locking = 1 + + # If an attempt to initialise type 2 or type 3 locking failed, perhaps + # because cluster components such as clvmd are not running, with this set + # to 1 an attempt will be made to use local file-based locking (type 1). + # If this succeeds, only commands against local volume groups will proceed. + # Volume Groups marked as clustered will be ignored. + fallback_to_local_locking = 1 + + # Local non-LV directory that holds file-based locks while commands are + # in progress. A directory like /tmp that may get wiped on reboot is OK. + locking_dir = "/var/lock/lvm" + + # Whenever there are competing read-only and read-write access requests for + # a volume group's metadata, instead of always granting the read-only + # requests immediately, delay them to allow the read-write requests to be + # serviced. Without this setting, write access may be stalled by a high + # volume of read-only requests. + # NB. This option only affects locking_type = 1 viz. local file-based + # locking. + prioritise_write_locks = 1 + + # Other entries can go here to allow you to load shared libraries + # e.g. if support for LVM1 metadata was compiled as a shared library use + # format_libraries = "liblvm2format1.so" + # Full pathnames can be given. + + # Search this directory first for shared libraries. + # library_dir = "/lib" + + # The external locking library to load if locking_type is set to 2. + # locking_library = "liblvm2clusterlock.so" + + # Treat any internal errors as fatal errors, aborting the process that + # encountered the internal error. Please only enable for debugging. + abort_on_internal_errors = 0 +} + +activation { + # Set to 0 to disable udev synchronisation (if compiled into the binaries). + # Processes will not wait for notification from udev. + # They will continue irrespective of any possible udev processing + # in the background. You should only use this if udev is not running + # or has rules that ignore the devices LVM2 creates. + # The command line argument --nodevsync takes precedence over this setting. + # If set to 1 when udev is not running, and there are LVM2 processes + # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. + udev_sync = 1 + + # Set to 0 to disable the udev rules installed by LVM2 (if built with + # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks + # for active logical volumes directly itself. + # N.B. Manual intervention may be required if this setting is changed + # while any logical volumes are active. + udev_rules = 1 + + # How to fill in missing stripes if activating an incomplete volume. + # Using "error" will make inaccessible parts of the device return + # I/O errors on access. You can instead use a device path, in which + # case, that device will be used to in place of missing stripes. + # But note that using anything other than "error" with mirrored + # or snapshotted volumes is likely to result in data corruption. + missing_stripe_filler = "error" + + # How much stack (in KB) to reserve for use while devices suspended + reserved_stack = 256 + + # How much memory (in KB) to reserve for use while devices suspended + reserved_memory = 8192 + + # Nice value used while devices suspended + process_priority = -18 + + # If volume_list is defined, each LV is only activated if there is a + # match against the list. + # "vgname" and "vgname/lvname" are matched exactly. + # "@@tag" matches any tag set in the LV or VG. + # "@@*" matches if any tag defined on the host is also set in the LV or VG + # + # volume_list = [ "vg1", "vg2/lvol1", "@@tag1", "@@*" ] + + # Size (in KB) of each copy operation when mirroring + mirror_region_size = 512 + + # Setting to use when there is no readahead value stored in the metadata. + # + # "none" - Disable readahead. + # "auto" - Use default value chosen by kernel. + readahead = "auto" + + # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define + # how a device failure affecting a mirror is handled. + # A mirror is composed of mirror images (copies) and a log. + # A disk log ensures that a mirror does not need to be re-synced + # (all copies made the same) every time a machine reboots or crashes. + # + # In the event of a failure, the specified policy will be used to determine + # what happens. This applies to automatic repairs (when the mirror is being + # monitored by dmeventd) and to manual lvconvert --repair when + # --use-policies is given. + # + # "remove" - Simply remove the faulty device and run without it. If + # the log device fails, the mirror would convert to using + # an in-memory log. This means the mirror will not + # remember its sync status across crashes/reboots and + # the entire mirror will be re-synced. If a + # mirror image fails, the mirror will convert to a + # non-mirrored device if there is only one remaining good + # copy. + # + # "allocate" - Remove the faulty device and try to allocate space on + # a new device to be a replacement for the failed device. + # Using this policy for the log is fast and maintains the + # ability to remember sync state through crashes/reboots. + # Using this policy for a mirror device is slow, as it + # requires the mirror to resynchronize the devices, but it + # will preserve the mirror characteristic of the device. + # This policy acts like "remove" if no suitable device and + # space can be allocated for the replacement. + # + # "allocate_anywhere" - Not yet implemented. Useful to place the log device + # temporarily on same physical volume as one of the mirror + # images. This policy is not recommended for mirror devices + # since it would break the redundant nature of the mirror. This + # policy acts like "remove" if no suitable device and space can + # be allocated for the replacement. + + mirror_log_fault_policy = "allocate" + mirror_image_fault_policy = "remove" + + # While activating devices, I/O to devices being (re)configured is + # suspended, and as a precaution against deadlocks, LVM2 needs to pin + # any memory it is using so it is not paged out. Groups of pages that + # are known not to be accessed during activation need not be pinned + # into memory. Each string listed in this setting is compared against + # each line in /proc/self/maps, and the pages corresponding to any + # lines that match are not pinned. On some systems locale-archive was + # found to make up over 80% of the memory used by the process. + # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] + + # Set to 1 to revert to the default behaviour prior to version 2.02.62 + # which used mlockall() to pin the whole process's memory while activating + # devices. + use_mlockall = 0 + + # Monitoring is enabled by default when activating logical volumes. + # Set to 0 to disable monitoring or use the --ignoremonitoring option. + monitoring = 1 + + # When pvmove or lvconvert must wait for the kernel to finish + # synchronising or merging data, they check and report progress + # at intervals of this number of seconds. The default is 15 seconds. + # If this is set to 0 and there is only one thing to wait for, there + # are no progress reports, but the process is awoken immediately the + # operation is complete. + polling_interval = 15 +} + + +#################### +# Advanced section # +#################### + +# Metadata settings +# +metadata { + # Default number of copies of metadata to hold on each PV. 0, 1 or 2. + # You might want to override it from the command line with 0 + # when running pvcreate on new PVs which are to be added to large VGs. + # Gentoo: enable for data safety, but PV resize is then disabled. + #pvmetadatacopies = 2 + + # Approximate default size of on-disk metadata areas in sectors. + # You should increase this if you have large volume groups or + # you want to retain a large on-disk history of your metadata changes. + + # pvmetadatasize = 255 + + # List of directories holding live copies of text format metadata. + # These directories must not be on logical volumes! + # It's possible to use LVM2 with a couple of directories here, + # preferably on different (non-LV) filesystems, and with no other + # on-disk metadata (pvmetadatacopies = 0). Or this can be in + # addition to on-disk metadata areas. + # The feature was originally added to simplify testing and is not + # supported under low memory situations - the machine could lock up. + # + # Never edit any files in these directories by hand unless you + # you are absolutely sure you know what you are doing! Use + # the supplied toolset to make changes (e.g. vgcfgrestore). + + # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] +} + +# Event daemon +# +dmeventd { + # mirror_library is the library used when monitoring a mirror device. + # + # "libdevmapper-event-lvm2mirror.so" attempts to recover from + # failures. It removes failed devices from a volume group and + # reconfigures a mirror as necessary. If no mirror library is + # provided, mirrors are not monitored through dmeventd. + + mirror_library = "libdevmapper-event-lvm2mirror.so" + + # snapshot_library is the library used when monitoring a snapshot device. + # + # "libdevmapper-event-lvm2snapshot.so" monitors the filling of + # snapshots and emits a warning through syslog, when the use of + # snapshot exceedes 80%. The warning is repeated when 85%, 90% and + # 95% of the snapshot are filled. + + snapshot_library = "libdevmapper-event-lvm2snapshot.so" +} +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d323 4 +d330 1 +a330 1 + # Set to 0 to disable udev syncronisation (if compiled into the binaries). +d340 7 +d419 28 +a446 1 + mirror_device_fault_policy = "remove" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a322 4 + + # Treat any internal errors as fatal errors, aborting the process that + # encountered the internal error. Please only enable for debugging. + abort_on_internal_errors = 0 +d326 1 +a326 1 + # Set to 0 to disable udev synchronisation (if compiled into the binaries). +a335 7 + # Set to 0 to disable the udev rules installed by LVM2 (if built with + # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks + # for active logical volumes directly itself. + # N.B. Manual intervention may be required if this setting is changed + # while any logical volumes are active. + udev_rules = 1 + +d408 1 +a408 28 + mirror_image_fault_policy = "remove" + + # While activating devices, I/O to devices being (re)configured is + # suspended, and as a precaution against deadlocks, LVM2 needs to pin + # any memory it is using so it is not paged out. Groups of pages that + # are known not to be accessed during activation need not be pinned + # into memory. Each string listed in this setting is compared against + # each line in /proc/self/maps, and the pages corresponding to any + # lines that match are not pinned. On some systems locale-archive was + # found to make up over 80% of the memory used by the process. + # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] + + # Set to 1 to revert to the default behaviour prior to version 2.02.62 + # which used mlockall() to pin the whole process's memory while activating + # devices. + use_mlockall = 0 + + # Monitoring is enabled by default when activating logical volumes. + # Set to 0 to disable monitoring or use the --ignoremonitoring option. + monitoring = 1 + + # When pvmove or lvconvert must wait for the kernel to finish + # synchronising or merging data, they check and report progress + # at intervals of this number of seconds. The default is 15 seconds. + # If this is set to 0 and there is only one thing to wait for, there + # are no progress reports, but the process is awoken immediately the + # operation is complete. + polling_interval = 15 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d118 1 +a118 1 + # Set to 0 for the default alignment of 1MB or page size, if larger. +a134 3 + + # Allow use of pvcreate --uuid without requiring --restorefile. + require_restorefile_with_uuid = 1 +a462 13 + # Default number of copies of metadata to maintain for each VG. + # If set to a non-zero value, LVM automatically chooses which of + # the available metadata areas to use to achieve the requested + # number of copies of the VG metadata. If you set a value larger + # than the the total number of metadata areas available then + # metadata is stored in them all. + # The default value of 0 ("unmanaged") disables this automatic + # management and allows you to control which metadata areas + # are used at the individual PV level using 'pvchange + # --metadataignore y/n'. + + # vgmetadatacopies = 0 + +d500 3 +a502 3 + # snapshots and emits a warning through syslog when the use of + # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and + # 95% of the snapshot is filled. +a504 4 + + # Full path of the dmeventd binary. + # + # executable = "/sbin/dmeventd" +@ diff --git a/config-archive/etc/mail/spamassassin/local.cf,v b/config-archive/etc/mail/spamassassin/local.cf,v new file mode 100644 index 0000000..ee45313 --- /dev/null +++ b/config-archive/etc/mail/spamassassin/local.cf,v @@ -0,0 +1,122 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.13.20.54.24; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# Only a small subset of options are listed below +# +########################################################################### + +# Add *****SPAM***** to the Subject header of spam e-mails +# +# rewrite_header Subject *****SPAM***** + + +# Save spam messages as a message/rfc822 MIME attachment instead of +# modifying the original message (0: off, 2: use text/plain instead) +# +# report_safe 1 +report_safe 0 + +ok_locales en de + +# Set which networks or hosts are considered 'trusted' by your mail +# server (i.e. not spammers) +# +# trusted_networks 212.17.35. +trusted_networks 85.214.73.141 # Sarah +trusted_networks 85.214.134.152 # die eigene IP +trusted_networks 192.166.201.37 # post1.berlin.strato.de +trusted_networks 192.166.192.170 # post2.berlin.strato.de +trusted_networks 192.166.192.192 # post3.berlin.strato.de +trusted_networks 192.166.192.193 # post4.berlin.strato.de +trusted_networks 192.166.192.194 # post5.berlin.strato.de +trusted_networks 195.50.185.24 # sandrine.acwain.net + +internal_networks 85.214.134.152 # die eigene IP + + +# Set file-locking method (flock is not safe over NFS, but is faster) +# +# lock_method flock + + +# Set the threshold at which a message is considered spam (default: 5.0) +# +# required_score 5.0 +required_score 6.7 + + +# Use Bayesian classifier (default: 1) +# +# use_bayes 1 + + +# Bayesian classifier auto-learning (default: 1) +# +# bayes_auto_learn 1 + + +# Set headers which may provide inappropriate cues to the Bayesian +# classifier +# +# bayes_ignore_header X-Bogosity +# bayes_ignore_header X-Spam-Flag +# bayes_ignore_header X-Spam-Status + + +# Some shortcircuiting, if the plugin is enabled +# +ifplugin Mail::SpamAssassin::Plugin::Shortcircuit +# +# default: strongly-whitelisted mails are *really* whitelisted now, if the +# shortcircuiting plugin is active, causing early exit to save CPU load. +# Uncomment to turn this on +# +# shortcircuit USER_IN_WHITELIST on +# shortcircuit USER_IN_DEF_WHITELIST on +# shortcircuit USER_IN_ALL_SPAM_TO on +# shortcircuit SUBJECT_IN_WHITELIST on + +# the opposite; blacklisted mails can also save CPU +# +# shortcircuit USER_IN_BLACKLIST on +# shortcircuit USER_IN_BLACKLIST_TO on +# shortcircuit SUBJECT_IN_BLACKLIST on + +# if you have taken the time to correctly specify your "trusted_networks", +# this is another good way to save CPU +# +# shortcircuit ALL_TRUSTED on + +# and a well-trained bayes DB can save running rules, too +# +# shortcircuit BAYES_99 spam +# shortcircuit BAYES_00 ham + +endif # Mail::SpamAssassin::Plugin::Shortcircuit + +@ diff --git a/config-archive/etc/mail/spamassassin/local.cf.dist.new b/config-archive/etc/mail/spamassassin/local.cf.dist.new new file mode 100644 index 0000000..a4c26ac --- /dev/null +++ b/config-archive/etc/mail/spamassassin/local.cf.dist.new @@ -0,0 +1,85 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# Only a small subset of options are listed below +# +########################################################################### + +# Add *****SPAM***** to the Subject header of spam e-mails +# +# rewrite_header Subject *****SPAM***** + + +# Save spam messages as a message/rfc822 MIME attachment instead of +# modifying the original message (0: off, 2: use text/plain instead) +# +# report_safe 1 + + +# Set which networks or hosts are considered 'trusted' by your mail +# server (i.e. not spammers) +# +# trusted_networks 212.17.35. + + +# Set file-locking method (flock is not safe over NFS, but is faster) +# +# lock_method flock + + +# Set the threshold at which a message is considered spam (default: 5.0) +# +# required_score 5.0 + + +# Use Bayesian classifier (default: 1) +# +# use_bayes 1 + + +# Bayesian classifier auto-learning (default: 1) +# +# bayes_auto_learn 1 + + +# Set headers which may provide inappropriate cues to the Bayesian +# classifier +# +# bayes_ignore_header X-Bogosity +# bayes_ignore_header X-Spam-Flag +# bayes_ignore_header X-Spam-Status + + +# Some shortcircuiting, if the plugin is enabled +# +ifplugin Mail::SpamAssassin::Plugin::Shortcircuit +# +# default: strongly-whitelisted mails are *really* whitelisted now, if the +# shortcircuiting plugin is active, causing early exit to save CPU load. +# Uncomment to turn this on +# +# shortcircuit USER_IN_WHITELIST on +# shortcircuit USER_IN_DEF_WHITELIST on +# shortcircuit USER_IN_ALL_SPAM_TO on +# shortcircuit SUBJECT_IN_WHITELIST on + +# the opposite; blacklisted mails can also save CPU +# +# shortcircuit USER_IN_BLACKLIST on +# shortcircuit USER_IN_BLACKLIST_TO on +# shortcircuit SUBJECT_IN_BLACKLIST on + +# if you have taken the time to correctly specify your "trusted_networks", +# this is another good way to save CPU +# +# shortcircuit ALL_TRUSTED on + +# and a well-trained bayes DB can save running rules, too +# +# shortcircuit BAYES_99 spam +# shortcircuit BAYES_00 ham + +endif # Mail::SpamAssassin::Plugin::Shortcircuit + diff --git a/config-archive/etc/mail/spamassassin/v310.pre,v b/config-archive/etc/mail/spamassassin/v310.pre,v new file mode 100644 index 0000000..2bb5780 --- /dev/null +++ b/config-archive/etc/mail/spamassassin/v310.pre,v @@ -0,0 +1,102 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.13.20.54.24; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.1.0, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. +########################################################################### + +# DCC - perform DCC message checks. +# +# DCC is disabled here because it is not open source. See the DCC +# license for more details. +# +#loadplugin Mail::SpamAssassin::Plugin::DCC + +# Pyzor - perform Pyzor message checks. +# +loadplugin Mail::SpamAssassin::Plugin::Pyzor + +# Razor2 - perform Razor2 message checks. +# +loadplugin Mail::SpamAssassin::Plugin::Razor2 + +# SpamCop - perform SpamCop message reporting +# +loadplugin Mail::SpamAssassin::Plugin::SpamCop + +# AntiVirus - some simple anti-virus checks, this is not a replacement +# for an anti-virus filter like Clam AntiVirus +# +#loadplugin Mail::SpamAssassin::Plugin::AntiVirus + +# AWL - do auto-whitelist checks +# +loadplugin Mail::SpamAssassin::Plugin::AWL + +# AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning +# +loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold + +# TextCat - language guesser +# +#loadplugin Mail::SpamAssassin::Plugin::TextCat + +# AccessDB - lookup from-addresses in access database +# +#loadplugin Mail::SpamAssassin::Plugin::AccessDB + +# WhitelistSubject - Whitelist/Blacklist certain subject regular expressions +# +loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject + +########################################################################### +# experimental plugins + +# DomainKeys - perform DomainKeys verification +# +# This plugin has been removed as of v3.3.0. Use the DKIM plugin instead, +# which supports both Domain Keys and DKIM. + +# MIMEHeader - apply regexp rules against MIME headers in the message +# +loadplugin Mail::SpamAssassin::Plugin::MIMEHeader + +# ReplaceTags +# +loadplugin Mail::SpamAssassin::Plugin::ReplaceTags + +@ diff --git a/config-archive/etc/mail/spamassassin/v310.pre.dist.new b/config-archive/etc/mail/spamassassin/v310.pre.dist.new new file mode 100644 index 0000000..56e5b2f --- /dev/null +++ b/config-archive/etc/mail/spamassassin/v310.pre.dist.new @@ -0,0 +1,78 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.1.0, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. +########################################################################### + +# DCC - perform DCC message checks. +# +# DCC is disabled here because it is not open source. See the DCC +# license for more details. +# +#loadplugin Mail::SpamAssassin::Plugin::DCC + +# Pyzor - perform Pyzor message checks. +# +loadplugin Mail::SpamAssassin::Plugin::Pyzor + +# Razor2 - perform Razor2 message checks. +# +loadplugin Mail::SpamAssassin::Plugin::Razor2 + +# SpamCop - perform SpamCop message reporting +# +loadplugin Mail::SpamAssassin::Plugin::SpamCop + +# AntiVirus - some simple anti-virus checks, this is not a replacement +# for an anti-virus filter like Clam AntiVirus +# +#loadplugin Mail::SpamAssassin::Plugin::AntiVirus + +# AWL - do auto-whitelist checks +# +#loadplugin Mail::SpamAssassin::Plugin::AWL + +# AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning +# +loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold + +# TextCat - language guesser +# +#loadplugin Mail::SpamAssassin::Plugin::TextCat + +# AccessDB - lookup from-addresses in access database +# +#loadplugin Mail::SpamAssassin::Plugin::AccessDB + +# WhitelistSubject - Whitelist/Blacklist certain subject regular expressions +# +loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject + +########################################################################### +# experimental plugins + +# DomainKeys - perform DomainKeys verification +# +# This plugin has been removed as of v3.3.0. Use the DKIM plugin instead, +# which supports both Domain Keys and DKIM. + +# MIMEHeader - apply regexp rules against MIME headers in the message +# +loadplugin Mail::SpamAssassin::Plugin::MIMEHeader + +# ReplaceTags +# +loadplugin Mail::SpamAssassin::Plugin::ReplaceTags + diff --git a/config-archive/etc/mail/spamassassin/v312.pre,v b/config-archive/etc/mail/spamassassin/v312.pre,v new file mode 100644 index 0000000..d836afd --- /dev/null +++ b/config-archive/etc/mail/spamassassin/v312.pre,v @@ -0,0 +1,53 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.13.20.54.25; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.1.2, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. + +########################################################################### +# experimental plugins + +# DKIM - perform DKIM verification +# +# Mail::DKIM module required for use, see INSTALL for more information. +# +# Note that if C version 0.20 or later is installed, this +# renders the DomainKeys plugin redundant. +# +#loadplugin Mail::SpamAssassin::Plugin::DKIM + +@ diff --git a/config-archive/etc/mail/spamassassin/v312.pre.dist.new b/config-archive/etc/mail/spamassassin/v312.pre.dist.new new file mode 100644 index 0000000..cba5d7d --- /dev/null +++ b/config-archive/etc/mail/spamassassin/v312.pre.dist.new @@ -0,0 +1,29 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.1.2, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. + +########################################################################### +# experimental plugins + +# DKIM - perform DKIM verification +# +# Mail::DKIM module required for use, see INSTALL for more information. +# +# Note that if C version 0.20 or later is installed, this +# renders the DomainKeys plugin redundant. +# +loadplugin Mail::SpamAssassin::Plugin::DKIM + diff --git a/config-archive/etc/man.conf,v b/config-archive/etc/man.conf,v new file mode 100644 index 0000000..b7cba8a --- /dev/null +++ b/config-archive/etc/man.conf,v @@ -0,0 +1,286 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2010.11.30.22.11.02; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.10.04.20.57.59; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.37.04; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.09.10.37.39; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.10.04.20.57.59; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2010.11.30.22.11.02; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@# +# Generated automatically from man.conf.in by the +# configure script. +# +# man.conf from man-1.6f +# +# For more information about this file, see the man pages man(1) +# and man.conf(5). +# +# This file is read by man to configure the default manpath (also used +# when MANPATH contains an empty substring), to find out where the cat +# pages corresponding to given man pages should be stored, +# and to map each PATH element to a manpath element. +# It may also record the pathname of the man binary. [This is unused.] +# The format is: +# +# MANBIN pathname +# MANPATH manpath_element [corresponding_catdir] +# MANPATH_MAP path_element manpath_element +# +# If no catdir is given, it is assumed to be equal to the mandir +# (so that this dir has both man1 etc. and cat1 etc. subdirs). +# This is the traditional Unix setup. +# Certain versions of the FSSTND recommend putting formatted versions +# of /usr/.../man/manx/page.x into /var/catman/.../catx/page.x. +# The keyword FSSTND will cause this behaviour. +# Certain versions of the FHS recommend putting formatted versions of +# /usr/.../share/man/[locale/]manx/page.x into +# /var/cache/man/.../[locale/]catx/page.x. +# The keyword FHS will cause this behaviour (and overrides FSSTND). +# Explicitly given catdirs override. +# +# FSSTND +FHS +# +# This file is also read by man in order to find how to call nroff, less, etc., +# and to determine the correspondence between extensions and decompressors. +# +# MANBIN /usr/local/bin/man +# +# Every automatically generated MANPATH includes these fields +# +MANPATH /usr/share/man +MANPATH /usr/local/share/man +MANPATH /usr/X11R6/man +MANPATH /usr/local/man +MANPATH /usr/man +# +# Uncomment if you want to include one of these by default +# +# MANPATH /opt/*/man +# MANPATH /usr/lib/*/man +# MANPATH /usr/share/*/man +# MANPATH /usr/kerberos/man +# +# Set up PATH to MANPATH mapping +# +# If people ask for "man foo" and have "/dir/bin/foo" in their PATH +# and the docs are found in "/dir/man", then no mapping is required. +# +# The below mappings are superfluous when the right hand side is +# in the mandatory manpath already, but will keep man from statting +# lots of other nearby files and directories. +# +MANPATH_MAP /bin /usr/share/man +MANPATH_MAP /sbin /usr/share/man +MANPATH_MAP /usr/bin /usr/share/man +MANPATH_MAP /usr/sbin /usr/share/man +MANPATH_MAP /usr/local/bin /usr/local/share/man +MANPATH_MAP /usr/local/sbin /usr/local/share/man +MANPATH_MAP /usr/X11R6/bin /usr/X11R6/man +MANPATH_MAP /usr/bin/X11 /usr/X11R6/man +MANPATH_MAP /usr/bin/mh /usr/share/man +# +# NOAUTOPATH keeps man from automatically adding directories that look like +# manual page directories to the path. +# +#NOAUTOPATH +# +# NOCACHE keeps man from creating cache pages ("cat pages") +# (generally one enables/disable cat page creation by creating/deleting +# the directory they would live in - man never does mkdir) +# +#NOCACHE +# +# Useful paths - note that COL should not be defined when +# NROFF is defined as "groff -Tascii" or "groff -Tlatin1"; +# not only is it superfluous, but it actually damages the output. +# For use with utf-8, NROFF should be "nroff -mandoc" without -T option. +# (Maybe - but today I need -Tlatin1 to prevent double conversion to utf8.) +# +# If you have a new troff (version 1.18.1?) and its colored output +# causes problems, add the -c option to TROFF, NROFF, JNROFF. +# +TROFF /usr/bin/groff -Tps -mandoc +NROFF /usr/bin/nroff -mandoc +JNROFF /usr/bin/groff -Tnippon -mandocj +EQN /usr/bin/geqn -Tps +NEQN /usr/bin/geqn -Tlatin1 +JNEQN /usr/bin/geqn -Tnippon +TBL /usr/bin/gtbl +# COL /usr/bin/col +REFER /usr/bin/refer +PIC /usr/bin/pic +VGRIND +GRAP +PAGER /usr/bin/less -isR +BROWSER /usr/bin/less -isR +HTMLPAGER /bin/cat +CAT /bin/cat +# +# The command "man -a xyzzy" will show all man pages for xyzzy. +# When CMP is defined man will try to avoid showing the same +# text twice. (But compressed pages compare unequal.) +# +CMP /usr/bin/cmp -s +# +# Compress cat pages +# +COMPRESS /bin/bzip2 +COMPRESS_EXT .bz2 +# +# Default manual sections (and order) to search if -S is not specified +# and the MANSECT environment variable is not set. +# +MANSECT 1:1p:8:2:3:3p:4:5:6:7:9:0p:tcl:n:l:p:o:1x:2x:3x:4x:5x:6x:7x:8x +# +# Default options to use when man is invoked without options +# This is mainly for the benefit of those that think -a should be the default +# Note that some systems have /usr/man/allman, causing pages to be shown twice. +# +#MANDEFOPTIONS -a +# +# Decompress with given decompressor when input file has given extension +# The command given must act as a filter. +# +.gz /bin/gunzip -c +.bz2 /bin/bzip2 -c -d +.lzma /usr/bin/unlzma -c -d +.xz /usr/bin/unxz -c -d +.z +.Z /bin/zcat +.F +.Y +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d107 3 +a109 3 +PAGER /usr/bin/less -is +BROWSER /usr/bin/lynx +HTMLPAGER /usr/bin/lynx -dump +d120 2 +a121 2 +COMPRESS /usr/bin/lzma +COMPRESS_EXT .lzma +d140 1 +d143 1 +a143 1 +.F /usr/bin/fcat +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d108 2 +a109 2 +BROWSER /usr/bin/less -is +HTMLPAGER /bin/cat +d120 2 +a121 2 +COMPRESS /bin/bzip2 +COMPRESS_EXT .bz2 +d142 1 +a142 1 +.F +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d108 2 +a109 2 +BROWSER /usr/bin/lynx +HTMLPAGER /usr/bin/lynx -dump +d120 2 +a121 2 +COMPRESS /usr/bin/lzma +COMPRESS_EXT .lzma +d142 1 +a142 1 +.F /usr/bin/fcat +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d107 1 +a107 1 +PAGER /usr/bin/less -isR +d120 2 +a121 2 +COMPRESS /usr/bin/xz +COMPRESS_EXT .xz +a139 1 +.xz /usr/bin/unxz -c -d +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d108 2 +a109 2 +BROWSER /usr/bin/less -isR +HTMLPAGER /bin/cat +d143 1 +a143 1 +.F +@ diff --git a/config-archive/etc/mc/mc.ext,v b/config-archive/etc/mc/mc.ext,v new file mode 100644 index 0000000..c683269 --- /dev/null +++ b/config-archive/etc/mc/mc.ext,v @@ -0,0 +1,730 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.09.19.10.50; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.09.19.11.04; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Midnight Commander 3.0 extension file +# Warning: Structure of this file has changed completely with version 3.0 +# +# All lines starting with # or empty lines are thrown away. +# Lines starting in the first column should have following format: +# +# keyword/descNL, i.e. everything after keyword/ until new line is desc +# +# keyword can be: +# +# shell (desc is, when starting with a dot, any extension (no wildcars), +# i.e. matches all the files *desc . Example: .tar matches *.tar; +# if it doesn't start with a dot, it matches only a file of that name) +# +# regex (desc is an extended regular expression) +# Please note that we are using the GNU regex library and thus +# \| matches the literal | and | has special meaning (or) and +# () have special meaning and \( \) stand for literal ( ). +# +# type (file matches this if `file %f` matches regular expression desc +# (the filename: part from `file %f` is removed)) +# +# directory (matches any directory matching regular expression desc) +# +# include (matches an include directive) +# +# default (matches any file no matter what desc is) +# +# Other lines should start with a space or tab and should be in the format: +# +# keyword=commandNL (with no spaces around =), where keyword should be: +# +# Open (if the user presses Enter or doubleclicks it), +# +# View (F3), Edit (F4) +# +# Include is the keyword used to add any further entries from an include/ +# section +# +# command is any one-line shell command, with the following substitutions: +# +# %% -> % character +# %p -> name of the current file (without path, but pwd is its path) +# %f -> name of the current file. Unlike %p, if file is located on a +# non-local virtual filesystem, i.e. either tarfs, mcfs or ftpfs, +# then the file will be temporarily copied into a local directory +# and %f will be the full path to this local temporal file. +# If you don't want to get a local copy and want to get the +# virtual fs path (like /#ftp:ftp.cvut.cz/pub/hungry/xword), then +# use %d/%p instead of %f. +# %d -> name of the current directory (pwd, without trailing slash) +# %s -> "selected files", i.e. space separated list of tagged files if any +# or name of the current file +# %t -> list of tagged files +# %u -> list of tagged files (they'll be untaged after the command) +# +# (If these 6 letters are in uppercase, they refer to the other panel. +# But you shouldn't have to use it in this file.) +# +# +# %cd -> the rest is a path mc should change into (cd won't work, since it's +# a child process). %cd handles even vfs names. +# +# %view -> the command you type will be piped into mc's internal file viewer +# if you type only the %view and no command, viewer will load %f file +# instead (i.e. no piping, so it is different to %view cat %f) +# %view may be directly followed by {} with a list of any of +# ascii (Ascii mode), hex (Hex mode), nroff (color highlighting for +# text using backspace for bold and underscore) and unform +# (no highlighting for nroff sequences) separated by commas. +# +# %var -> You use it like this: %var{VAR:default}. This macro will expand +# to the value of the VAR variable in the environment if it's set +# otherwise the value in default will be used. This is similar to +# the Bourne shell ${VAR-default} construct. +# +# Rules are applied from top to bottom, thus the order is important. +# If some actions are missing, search continues as if this target didn't +# match (i.e. if a file matches the first and second entry and View action +# is missing in the first one, then on pressing F3 the View action from +# the second entry will be used. default should catch all the actions. +# +# Any new entries you develop for you are always welcome if they are +# useful on more than one system. You can send your modifications +# by e-mail to mc-devel@@gnome.org + + +### Changes ### +# +# Reorganization: 2000-05-01 Michal Svec + + +### TODO ### +# +# Postscript Open: ps2svga [gs -DEVICE=jpeg|zgv or something] +# Images asciiview +# +# All X Apps [Nothing/Warning] if no DISPLAY +# Not found [Default/Warning] +# Empty Output [Default/Warning] +# Edit: CopyOut+EDIT+CopyIn +# Security Check gzip/bzip EDIT (mktemp) +# +# Maybe: Open/XOpen/GOpen/KOpen/... for Console/X/GNOME/KDE/etc. + + +### Archives ### + +# .tgz, .tpz, .tar.gz, .tar.z, .tar.Z, .ipk +regex/\.t([gp]?z|ar\.g?[zZ])$|\.ipk$ + Open=%cd %p#utar + View=%view{ascii} gzip -dc %f 2>/dev/null | tar tvvf - + +regex/\.tar\.bz$ + # Open=%cd %p#utar + View=%view{ascii} bzip -dc %f 2>/dev/null | tar tvvf - + +regex/\.t(ar\.bz2|bz2?|b2)$ + Open=%cd %p#utar + View=%view{ascii} bzip2 -dc %f 2>/dev/null | tar tvvf - + +# .tar.lzma, .tlz +regex/\.t(ar\.lzma|lz)$ + Open=%cd %p#utar + View=%view{ascii} lzma -dc %f 2>/dev/null | tar tvvf - + +# .tar.xz, .txz +regex/\.t(ar\.xz|xz)$ + Open=%cd %p#utar + View=%view{ascii} xz -dc %f 2>/dev/null | tar tvvf - + +# .tar.F - used in QNX +regex/\.tar\.F$ + # Open=%cd %p#utar + View=%view{ascii} freeze -dc %f 2>/dev/null | tar tvvf - + +# .qpr/.qpk - QNX Neutrino package installer files +regex/\.(qp[rk])$ + Open=%cd %p#utar + View=%view{ascii} gzip -dc %f 2>/dev/null | tar tvvf - + +# tar +regex/\.(tar|TAR)$ + Open=%cd %p#utar + View=%view{ascii} tar tvvf - < %f + +# lha +type/^LHa\ .*archive + Open=%cd %p#ulha + View=%view{ascii} lha l %f + +# arj +regex/\.a(rj|[0-9][0-9])$ + Open=%cd %p#uarj + View=%view{ascii} unarj l %f + +# cab +regex/\.([cC][aA][bB])$ + Open=%cd %p#ucab + View=%view{ascii} cabextract -l %f + +# ha +regex/\.([Hh][Aa])$ + Open=%cd %p#uha + View=%view{ascii} ha lf %f + +# rar +regex/\.[rR]([aA][rR]|[0-9][0-9])$ + Open=%cd %p#urar + View=%view{ascii} rar v -c- %f + +# ALZip +regex/\.(alz|ALZ)$ + Open=%cd %p#ualz + View=%view{ascii} unalz -l %f + +# cpio +shell/.cpio.Z + Open=%cd %p#ucpio + View=%view{ascii} gzip -dc %f | cpio -itv 2>/dev/null + +shell/.cpio.gz + Open=%cd %p#ucpio + View=%view{ascii} gzip -dc %f | cpio -itv 2>/dev/null + +shell/.cpio + Open=%cd %p#ucpio + View=%view{ascii} cpio -itv < %f 2>/dev/null + +# ls-lR +regex/(^|\.)ls-?lR(\.gz|Z|bz2)$ + Open=%cd %p#lslR + +# patch +regex/\.(diff|patch)(\.bz2)$ + Open=%cd %p#patchfs + View=%view{ascii} bzip2 -dc %f 2>/dev/null + +regex/\.(diff|patch)(\.(gz|Z))$ + Open=%cd %p#patchfs + View=%view{ascii} gzip -dc %f 2>/dev/null + +regex/\.(diff|patch)$ + Open=%cd %p#patchfs + View=%view{ascii} /bin/cat %f 2>/dev/null + +# ar library +regex/\.s?a$ + Open=%cd %p#uar + #Open=%view{ascii} ar tv %f + View=%view{ascii} file %f && nm %f + +# trpm +regex/\.trpm$ + Open=%cd %p#trpm + View=%view{ascii} rpm -qivl --scripts `basename %p .trpm` + +# RPM packages (SuSE uses *.spm for source packages) +regex/\.(src\.rpm|spm)$ + Open=%cd %p#rpm + View=%view{ascii} if rpm --nosignature --version >/dev/null 2>&1; then RPM="rpm --nosignature" ; else RPM="rpm" ; fi ; $RPM -qivlp --scripts %f + +regex/\.rpm$ + Open=%cd %p#rpm + View=%view{ascii} if rpm --nosignature --version >/dev/null 2>&1; then RPM="rpm --nosignature" ; else RPM="rpm" ; fi ; $RPM -qivlp --scripts %f + +# deb +regex/\.u?deb$ + Open=%cd %p#deb + View=%view{ascii} dpkg-deb -I %f && echo && dpkg-deb -c %f + +# dpkg +shell/.debd + Open=%cd %p#debd + View=%view{ascii} dpkg -s `echo %p | sed 's/\([0-9a-z.-]*\).*/\1/'` +# apt +shell/.deba + Open=%cd %p#deba + View=%view{ascii} apt-cache show `echo %p | sed 's/\([0-9a-z.-]*\).*/\1/'` + +# ISO9660 +regex/\.iso$ + Open=%cd %p#iso9660 + View=%view{ascii} isoinfo -l -i %f + +# 7zip archives (they are not man pages) +regex/\.(7z|7Z)$ + Open=%cd %p#u7z + View=%view{ascii} 7za l %f 2>/dev/null + +# Mailboxes +type/^ASCII\ mail\ text + Open=%cd %p#mailfs + + +### Sources ### + +# C +shell/.c + Open=%var{EDITOR:vi} %f + +# Fortran +shell/.f + Open=%var{EDITOR:vi} %f + +# Header +regex/\.(h|hpp)$ + Open=%var{EDITOR:vi} %f + +# Object +type/^ELF + #Open=%var{PAGER:more} %f + View=%view{ascii} file %f && nm %f + +# Asm +shell/.s + Open=%var{EDITOR:vi} %f + +# C++ +regex/\.(C|cc|cpp)$ + Open=%var{EDITOR:vi} %f + + +### Documentation ### + +# Texinfo +regex/\.(te?xi|texinfo)$ + +# GNU Info page +type/^Info\ text + Open=info -f %f + +shell/.info + Open=info -f %f + +# Manual page +# Exception - .so libraries are not manual pages +regex/\.(so|so\.[0-9\.]*)$ + View=%view{ascii} file %f && nm %f + +regex/(([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])|\.man)$ + Open=case %d/%f in */log/*|*/logs/*) cat %f ;; *) { zsoelim %f 2>/dev/null || cat %f; } | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) cat %f ;; *) { zsoelim %f 2>/dev/null || cat %f; } | nroff -c -Tlatin1 -mandoc ;; esac + +# Perl pod page +shell/.pod + Open=pod2man %f | nroff -c -Tlatin1 -mandoc | %var{PAGER:more} + View=%view{ascii,nroff} pod2man %f | nroff -c -Tlatin1 -mandoc + +# Troff with me macros. +# Exception - "read.me" is not a nroff file. +shell/read.me + Open= + View= + +shell/.me + Open=nroff -c -Tlatin1 -me %f | %var{PAGER:more} + View=%view{ascii,nroff} nroff -c -Tlatin1 -me %f + +# Troff with ms macros. +shell/.ms + Open=nroff -c -Tlatin1 -ms %f | %var{PAGER:more} + View=%view{ascii,nroff} nroff -c -Tlatin1 -ms %f + +# Manual page - compressed +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.g?[Zz]$ + Open=case %d/%f in */log/*|*/logs/*) gzip -dc %f ;; *) gzip -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) gzip -dc %f ;; *) gzip -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.bz$ + Open=case %d/%f in */log/*|*/logs/*) bzip -dc %f ;; *) bzip -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) bzip -dc %f ;; *) bzip -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.bz2$ + Open=case %d/%f in */log/*|*/logs/*) bzip2 -dc %f ;; *) bzip2 -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) bzip2 -dc %f ;; *) bzip2 -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.lzma$ + Open=case %d/%f in */log/*|*/logs/*) lzma -dc %f ;; *) lzma -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) lzma -dc %f ;; *) lzma -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.xz$ + Open=case %d/%f in */log/*|*/logs/*) xz -dc %f ;; *) xz -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) xz -dc %f ;; *) xz -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +# CHM +regex/\.(chm|CHM)$ + Open=which kchmviewer > /dev/null 2>&1 && (kchmviewer %f &) || (xchm %f &) + +### Images ### + +type/^GIF + Include=image + +type/^JPEG + View=%view{ascii} identify %f; test -x /usr/bin/exif && echo && exif %f 2>/dev/null + Include=image + +type/^PC\ bitmap + Include=image + +type/^PNG + Include=image + +type/^TIFF + Include=image + +type/^PBM + Include=image + +type/^PGM + Include=image + +type/^PPM + Include=image + +type/^Netpbm + Include=image + +shell/.xcf + Open=(gimp %f &) + +shell/.xbm + Open=bitmap %f + +shell/.xpm + Include=image + View=sxpm %f + +shell/.ico + Include=image + +include/image + Open=if [ "$DISPLAY" = "" ]; then zgv %f; else (gqview %f &); fi + View=%view{ascii} identify %f + #View=%view{ascii} asciiview %f + + +### Sound files ### + +regex/\.([wW][aA][vV]|[sS][nN][dD]|[vV][oO][cC]|[aA][uU]|[sS][mM][pP]|[aA][iI][fF][fF]|[sS][nN][dD])$ + Open=if [ "$DISPLAY" = "" ]; then play %f; else (xmms %f >/dev/null 2>&1 &); fi + +regex/\.([mM][oO][dD]|[sS]3[mM]|[xX][mM]|[iI][tT]|[mM][tT][mM]|669|[sS][tT][mM]|[uU][lL][tT]|[fF][aA][rR])$ + Open=mikmod %f + #Open=tracker %f + +regex/\.([wW][aA][wW]22)$ + Open=vplay -s 22 %f + +regex/\.([mM][pP]3)$ + Open=if [ "$DISPLAY" = "" ]; then mpg123 %f; else (xmms %f >/dev/null 2>&1 &); fi + View=%view{ascii} mpg123 -vtn1 %f 2>&1 | sed -n '/^Title/,/^Comment/p;/^MPEG/,/^Audio/p' + +regex/\.([oO][gG][gG|aA|vV|xX])$ + Open=if [ "$DISPLAY" = "" ]; then ogg123 %f; else (xmms %f >/dev/null 2>&1 &); fi + View=%view{ascii} ogginfo %s + +regex/\.([sS][pP][xX]|[fF][lL][aA][cC])$ + Open=if [ "$DISPLAY" = "" ]; then play %f; else (xmms %f >/dev/null 2>&1 &); fi + +regex/\.([mM][iI][dD][iI]?|[rR][mM][iI][dD]?)$ + Open=timidity %f + +regex/\.([wW][mM][aA])$ + Open=mplayer -vo null %f + View=%view{ascii} mplayer -quiet -slave -frames 0 -vo null -ao null -identify %f 2>/dev/null | tail +13 || file %f + + +### Play lists ### + +regex/\.([mM]3[uU]|[pP][lL][sS])$ + Open=if [ -z "$DISPLAY" ]; then mplayer -vo null -playlist %f; else (xmms -p %f >/dev/null 2>&1 &); fi + + +### Video ### + +regex/\.([aA][vV][iI])$ + Include=video + +regex/\.([aA][sS][fFxX])$ + Include=video + +regex/\.([dD][iI][vV][xX])$ + Include=video + +regex/\.([mM][kK][vV])$ + Include=video + +regex/\.([mM][oO][vV]|[qQ][tT])$ + Include=video + +regex/\.([mM][pP]4|[mM][pP][eE]?[gG])$ + Include=video + +regex/\.([vV][oO][bB])$ + Include=video + +regex/\.([wW][mM][vV])$ + Include=video + +regex/\.([fF][lL][iIcCvV])$ + Include=video + +regex/\.([oO][gG][mM])$ + Include=video + +regex/\.([rR][aA]?[mM])$ + Open=(realplay %f >/dev/null 2>&1 &) + +include/video + Open=(mplayer %f >/dev/null 2>&1 &) + #Open=(gtv %f >/dev/null 2>&1 &) + #Open=(xanim %f >/dev/null 2>&1 &) + + +### Documents ### + +# Postscript +type/^PostScript + Open=(gv %f &) + View=%view{ascii} ps2ascii %f + +# PDF +type/^PDF + Open=(xpdf %f &) + #Open=(acroread %f &) + #Open=(ghostview %f &) + View=%view{ascii} pdftotext %f - + +# The following code very ugly and should not be taken as example. +# It should be cleaned up when the new format of mc.ext is developed. + +# html +regex/\.([hH][tT][mM][lL]?)$ + Open=(if test -n "" && test -n "$DISPLAY"; then ( file://%d/%p &) 1>&2; else links %f || lynx -force_html %f || ${PAGER:-more} %f; fi) 2>/dev/null + View=%view{ascii} links -dump %f 2>/dev/null || w3m -dump %f 2>/dev/null || lynx -dump -force_html %f + +# StarOffice 5.2 +shell/.sdw + Open=(ooffice %f &) + +# StarOffice 6 and OpenOffice.org formats +regex/\.(odt|ott|sxw|stw|ods|ots|sxc|stc|odp|otp|sxi|sti|odg|otg|sxd|std|odb|odf|sxm|odm|sxg)$ + Open=(ooffice %f &) + View=%view{ascii} odt2txt %f + +# AbiWord +shell/.abw + Open=(abiword %f &) + +# Microsoft Word Document +regex/\.([Dd][oO][cCtT]|[Ww][rR][iI])$ + Open=(abiword %f >/dev/null 2>&1 &) + View=%view{ascii} antiword -t %f || catdoc -w %f || word2x -f text %f - || strings %f +type/^Microsoft\ Word + Open=(abiword %f >/dev/null 2>&1 &) + View=%view{ascii} antiword -t %f || catdoc -w %f || word2x -f text %f - || strings %f + +# RTF document +regex/\.([rR][tT][fF])$ + Open=(abiword %f >/dev/null 2>&1 &) + +# Microsoft Excel Worksheet +regex/\.([xX][lL][sSwW])$ + Open=(gnumeric %f >/dev/null 2>&1 &) + View=%view{ascii} xls2csv %f || strings %f +type/^Microsoft\ Excel + Open=(gnumeric %f >/dev/null 2>&1 &) + View=%view{ascii} xls2csv %f || strings %f + +# Use OpenOffice.org to open any MS Office documents +type/^Microsoft\ Office\ Document + Open=(ooffice %f &) + +# Framemaker +type/^FrameMaker + Open=fmclient -f %f + +# DVI +regex/\.([dD][vV][iI])$ + Open=if [ x$DISPLAY = x ]; then dvisvga %f; else (xdvi %f &); fi + View=%view{ascii} dvi2tty %f + +# TeX +regex/\.([Tt][Ee][Xx])$ + Open=%var{EDITOR:vi} %f + +# DjVu +regex/\.(djvu|DJVU)$ + Open=djview %f & + +### Miscellaneous ### + +# Makefile +regex/[Mm]akefile$ + Open=make -f %f %{Enter parameters} + +# Imakefile +shell/Imakefile + Open=xmkmf -a + +# Makefile.PL (MakeMaker) +regex/^Makefile.(PL|pl)$ + Open=%var{PERL:perl} %f + +# dbf +regex/\.([dD][bB][fF])$ + Open=%view{ascii} dbview %f + View=%view{ascii} dbview -b %f + +# REXX script +regex/\.(rexx?|cmd)$ + Open=rexx %f %{Enter parameters};echo "Press ENTER";read y + +# Disk images for Commodore computers (VIC20, C64, C128) +regex/\.(d64|D64)$ + Open=%cd %p#uc1541 + View=%view{ascii} c1541 %f -list + Extract=c1541 %f -extract + +# Glade, a user interface designer for GTK+ and GNOME +regex/\.([Gg][Ll][Aa][Dd][Ee])$ + Open=if glade-3 --version >/dev/null 2>&1; then (glade-3 %f >/dev/null 2>&1 &); else (glade-2 %f >/dev/null 2>&1 &); fi + +# Gettext Catalogs +shell/.mo + View=%view{ascii} msgunfmt %f || cat %f + +# lyx +regex/\.(lyx|LYX)$ + Open=lyx %f + View=%view{ascii} lyxcat %f + +### Plain compressed files ### + +# ace +regex/\.(ace|ACE)$ + Open=%cd %p#uace + View=%view{ascii} unace l %f + Extract=unace x %f + +# arc +regex/\.(arc|ARC)$ + Open=%cd %p#uarc + View=%view{ascii} arc l %f + Extract=arc x %f '*' + Extract (with flags)=I=%{Enter any Arc flags:}; if test -n "$I"; then arc x $I %f; fi + +# zip +type/^([Zz][Ii][Pp])\ archive + Open=%cd %p#uzip + View=%view{ascii} unzip -v %f + +# zoo +regex/\.([Zz][Oo][Oo])$ + Open=%cd %p#uzoo + View=%view{ascii} zoo l %f + +# gzip +type/^gzip + Open=gzip -dc %f | %var{PAGER:more} + View=%view{ascii} gzip -dc %f 2>/dev/null + +regex/\.(gz|Z)?$ + View=%view{ascii} gzip -dc %f 2>/dev/null + +# bzip2 +type/^bzip2 + Open=bzip2 -dc %f | %var{PAGER:more} + View=%view{ascii} bzip2 -dc %f 2>/dev/null + +regex/\.bz2?$ + View=%view{ascii} bzip2 -dc %f 2>/dev/null + +# bzip +type/^bzip + Open=bzip -dc %f | %var{PAGER:more} + View=%view{ascii} bzip -dc %f 2>/dev/null + +# compress +type/^compress + Open=gzip -dc %f | %var{PAGER:more} + View=%view{ascii} gzip -dc %f 2>/dev/null + +# lzma +regex/\.lzma$ + Open=lzma -dc %f | %var{PAGER:more} + View=%view{ascii} lzma -dc %f 2>/dev/null + +# xz +regex/\.xz$ + Open=xz -dc %f | %var{PAGER:more} + View=%view{ascii} xz -dc %f 2>/dev/null + + +### Default ### + +# Default target for anything not described above +default/* + Open= + View= + + +### EOF ### +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d45 1 +a45 1 +# non-local virtual filesystem, i.e. either tarfs or ftpfs, +d84 2 +a85 2 +# useful on more than one system. You can post your modifications +# as tickets at www.midnight-commander.org +d211 1 +a211 1 + View=%view{ascii} file %f && nm -C %f +d242 1 +a242 1 +regex/\.([iI][sS][oO])$ +d270 5 +a282 8 +# .so libraries +regex/\.(so|so\.[0-9\.]*)$ + View=%view{ascii} file %f && nm -C -D %f + +# Object +type/^ELF + #Open=%var{PAGER:more} %f + View=%view{ascii} file %f && nm -C %f +d297 4 +d625 1 +a625 1 +regex/\.(gz|Z)$ +@ diff --git a/config-archive/etc/mc/mc.keymap,v b/config-archive/etc/mc/mc.keymap,v new file mode 100644 index 0000000..2aded36 --- /dev/null +++ b/config-archive/etc/mc/mc.keymap,v @@ -0,0 +1,555 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.09.19.10.50; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.09.19.11.14; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[editor] +EditXStore = ctrl-insert +EditXPaste = shift-insert +EditXCut = shift-delete + +EditDeleteLine = ctrl-y +EditDeleteToLineEnd = ctrl-k +EditDeleteToLineBegin = + +EditLeft = left +EditRight = right +EditUp = up +EditDown = down +EditEnter = enter +EditReturn = shift-enter +EditBackSpace = backspace +EditDelete = delete +EditPageUp = pgup +EditPageDown = pgdn +EditWordLeft = ctrl-left +EditWordRight = ctrl-right +EditHome = home +EditEnd = end +EditTab = tab +EditUndo = ctrl-u +EditBeginningOfText = ctrl-home; alt-lt +EditEndOfText = ctrl-end; alt-gt +EditScrollUp = ctrl-up +EditScrollDown = ctrl-down +EditBeginPage = ctrl-pgup +EditEndPage = ctrl-pgdn +EditDeleteWordLeft = alt-backspace +EditDeleteWordRight = alt-d +EditParagraphUp = +EditParagraphDown = +EditSave = f2 +EditLoad = +EditNew = ctrl-n +EditSaveas = f12 +EditMark = f3 +EditCopy = f5 +EditMove = f6 +EditRemove = f8 +EditMarkAll = +EditUnmark = +EditFind = f7 + +EditShiftBlockLeft = +EditShiftBlockRight = + +EditPageUpHighlight = shift-pgup +EditPageDownHighlight = shift-pgdn +EditLeftHighlight = shift-left +EditRightHighlight = shift-right +EditWordLeftHighlight = ctrl-shift-left +EditWordRightHighlight = ctrl-shift-right +EditUpHighlight = shift-up +EditDownHighlight = shift-down +EditHomeHighlight = shift-home +EditEndHighlight = shift-end +EditBeginningOfTextHighlight = ctrl-shift-home +EditEndOfTextHighlight = ctrl-shift-end +EditBeginPageHighlight = ctrl-shift-pgup +EditEndPageHighlight = ctrl-shift-pgdn +EditScrollUpHighlight = ctrl-shift-up +EditScrollDownHighlight = ctrl-shift-down +EditParagraphUpHighlight = +EditParagraphDownHighlight = + +EditPageUpAltHighlight = alt-pgup +EditPageDownAltHighlight = alt-pgdn +EditLeftAltHighlight = alt-left +EditRightAltHighlight = alt-right +EditWordLeftAltHighlight = ctrl-alt-left +EditWordRightAltHighlight = ctrl-alt-right +EditUpAltHighlight = alt-up +EditDownAltHighlight = alt-down +EditHomeAltHighlight = alt-home +EditEndAltHighlight = alt-end +EditBeginningOfTextAltHighlight = ctrl-alt-home +EditEndOfTextHighlight = ctrl-alt-end +EditBeginPageHighlight = ctrl-alt-pgup +EditEndPageAltHighlight = ctrl-alt-pgdn +EditScrollUpAltHighlight = +EditScrollDownAltHighlight = +EditParagraphUpAltHighlight = +EditParagraphDownAltHighlight = + +EditSaveBlock = ctrl-f +EditColumnMark = f13 +EditFindAgain = f17 +EditReplace = f4 +EditReplaceAgain = f14 +EditCompleteWord = alt-tab +EditDebugStart = +EditDebugStop = +EditDebugToggleBreak = +EditDebugClear = +EditDebugNext = +EditDebugStep = +EditDebugBackTrace = +EditDebugContinue = +EditDebugEnterCommand = +EditDebugUntilCurser = +EditInsertFile = f15 +EditQuit = f10 +EditToggleInsert = insert +EditHelp = f1 +EditDate = +EditRefresh = ctrl-l +EditGoto = alt-l +EditManPage = +EditSort = alt-t +EditMail = +EditCancel = +EditComplete = + +EditParagraphFormat = alt-p +EditUtil = +EditTypeLoadPython = +EditFindFile = +EditCtags = +EditMatchBracket = alt-b +EditTerminal = +EditTerminalApp = +EditExtCmd = alt-u +EditUserMenu = f11 +EditSaveDesktop = +EditNewWindow = +EditCycle = +EditMenu = f9 +EditSaveAndQuit = +EditRunAnother = +EditCheckSaveAndQuit = +EditMaximize = +EditToggleBookmark = alt-k +EditFlushBookmarks = alt-o +EditNextBookmark = alt-j +EditPrevBookmark = alt-i + +EditSelectionHistory = +EditShell = ctrl-o +EditInsertLiteral = ctrl-q + +EditBeginRecordMacro = +EditEndRecordMacro = +EditBeginOrEndMacro = ctrl-r +EditExecuteMacro = ctrl-a +EditDeleteMacro = + +EditToggleLineState = alt-n +EditToggleTabTWS = alt-underline +EditToggleSyntax = ctrl-s + +EditFindDefinition = alt-enter +EditLoadPrevFile = alt-minus +EditLoadNextFile = alt-plus + +SelectCodepage = alt-e + +[viewer] +ViewHelp = f1 +ViewToggleWrapMode = f2 +ViewQuit = f3; f10; q; esc; ctrl-g +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewContinueSearch = ctrl-r; ctrl-s; f17; n +ViewMoveToBol = ctrl-a +ViewMoveToEol = ctrl-e +ViewMoveLeft = h; left +ViewMoveRight = l; right +ViewMoveUp = k; y; insert; up +ViewMoveDown = j; e; delete; down; enter +ViewMovePgDn = f; space; pgdn +ViewMovePgUp = b; pgup +ViewMoveHalfPgDn = d +ViewMoveHalfPgUp = u +ViewGotoBookmark = m +ViewNewBookmark = r +ViewNextFile = ctrl-f +ViewPrevFile = ctrl-b +SelectCodepage = alt-e +ShowCommandLine = ctrl-o +ViewToggleRuler = alt-r + +[viewer:hex] +ViewHelp = f1 +ViewToggleHexEditMode = f2 +ViewQuit = f3; f10; q; esc; ctrl-g +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewHexEditSave = f6 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewToggleHexNavMode = tab +ViewMoveToBol = ctrl-a; home +ViewMoveToEol = ctrl-e; end +ViewMoveLeft = b; left +ViewMoveRight = f; right +ViewMoveUp = k; y; up +ViewMoveDown = j; delete; down + +[main] +CmdHelp = f1 +CmdUserMenu = f2 +CmdView = f3 +CmdViewFile = f13 +CmdEdit = f4 +CmdCopy = f5 +CmdRename = f6 +CmdMkdir = f7 +CmdDelete = f8 +CmdMenu = f9 +CmdQuit = f10 +CmdMenuLastSelected = f19 +CmdQuietQuit = f20 +CmdFind = alt-question +CmdQuickCd = alt-c +CmdQuickChdir = ctrl-backslash +CmdReread = ctrl-r +CmdSingleDirsize = ctrl-space +CmdSuspend = ctrl-z +CmdSwapPanel = ctrl-u +CmdHistory = alt-h +CmdToggleListing = alt-t +CmdToggleShowHidden = alt-dot +ShowCommandLine = ctrl-o +CmdCopyCurrentPathname = alt-a +CmdCopyOtherPathname = alt-shift-a +CmdFilteredView = alt-exclamation +CmdSelect = kpplus +CmdUnselect = kpminus +CmdReverseSelection = kpasterisk +ExtMap1 = ctrl-x + +[main:xmap] +CmdChmod = c +CmdChown = o +CmdCompareDirs = d +CmdEditSymlink = ctrl-s +CmdLink = l +CmdSymlink = s +CmdInfo = i +CmdQuickView = q +CmdExternalPanelize = exclamation +CmdReselectVfs = a +CmdJobs = j +CmdCopyCurrentPathname = p +CmdCopyOtherPathname = ctrl-p +CmdCopyCurrentTagged = t +CmdCopyOtherTagged = ctrl-t + +[panel] +PanelStartSearch = ctrl-s; alt-s +PanelMarkFile = insert; ctrl-t +PanelMoveDown = down; ctrl-n +PanelMoveUp = up; ctrl-p +PanelMoveLeft = left +PanelMoveRight = right +PanelPrevPage = pgup; alt-v +PanelNextPage = pgdn; ctrl-v +PanelDoEnter = enter +PanelChdirOtherPanel = alt-o +PanelChdirToReadlink = alt-l +PanelViewSimple = F13 +PanelEditNew = F14 +PanelCopyLocal = F15 +PanelRenameLocal = F16 +PanelDeleteLocal = F18 +PanelReverseSelection = alt-asterisk +PanelSelect = alt-plus +PanelUnselect = alt-minus +PanelCtrlNextPage = ctrl-pgdn +PanelCtrlPrevPage = ctrl-pgup +PanelDirectoryHistoryList = alt-shift-h +PanelDirectoryHistoryNext = alt-u +PanelDirectoryHistoryPrev = alt-y +PanelGotoBottomFile = alt-j +PanelGotoMiddleFile = alt-r +PanelSyncOtherPanel = alt-i +PanelGotoTopFile = alt-g +PanelSetPanelEncoding = alt-e +PanelMoveHome = alt-lt; home +PanelMoveEnd = alt-gt; end +PanelSelectSortOrder= +PanelToggleSortOrderPrev= +PanelToggleSortOrderNext= +PanelReverseSort= +PanelSortOrderByName= +PanelSortOrderByExt= +PanelSortOrderBySize= +PanelSortOrderByMTime= + +[panel:xmap] + +[input] +InputBol = ctrl-a; alt-lt; home +InputEol = ctrl-e; alt-gt; end +InputMoveLeft = left; alt-left +InputWordLeft = ctrl-left +InputBackwardChar = ctrl-b +InputBackwardWord = alt-b +InputMoveRight = right; alt-right +InputWordRight = ctrl-right +InputForwardChar = ctrl-f +InputForwardWord = alt-f +InputBackwardDelete = backspace +InputDeleteChar = delete +InputKillWord = alt-d +InputBackwardKillWord = alt-backspace +InputSetMark = +InputKillRegion = ctrl-w +InputXStore = alt-w +InputXPaste = +InputYank = ctrl-y +InputKillLine = ctrl-k +InputHistoryPrev = alt-p; ctrl-down +InputHistoryNext = alt-n; ctrl-up +InputHistoryShow = alt-h +InputComplete = alt-tab +InputClearLine = + +[tree] +TreeHelp = f1 +TreeForget = f3 +TreeToggleNav = f4 +TreeCopy = f5 +TreeMove = f6 +TreeMoveUp = up; ctrl-p +TreeMoveDown = down; ctrl-n +TreeMoveLeft = left +TreeMoveRight = right +TreeMoveHome = home; alt-lt +TreeMoveEnd = end; alt-gt +TreeMovePgUp = pgup; alt-v +TreeMovePgDn = pgdn; ctrl-v +TreeOpen = enter +TreeRescan = f2; ctrl-r +TreeStartSearch = ctrl-s; alt-s +TreeRemove = f8; delete + +[help] +HelpHelp = f1 +HelpIndex = f2; c +HelpBack = f3; left; l +HelpQuit = f10; esc; ctrl-g +HelpMoveUp = up +HelpMoveDown = down +HelpSelectLink = right; enter +HelpNextLink = tab +HelpPrevLink = alt-tab +HelpNextNode = n +HelpPrevNode = p +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d16 2 +a17 2 +EditBackSpace = backspace; ctrl-h +EditDelete = delete; ctrl-d +d20 2 +a21 2 +EditWordLeft = ctrl-left; ctrl-z +EditWordRight = ctrl-right; ctrl-x +a46 2 +EditMarkLine = +EditMarkWord = +d114 1 +a114 1 +EditMail = alt-m +a153 1 +EditToggleShowMargin = +d164 1 +a164 1 +ViewQuit = f3; f10; q; esc +d175 4 +a178 6 +ViewMoveLeft10 = ctrl-left +ViewMoveRight10 = ctrl-right +ViewMoveUp = k; y; insert; up; ctrl-p +ViewMoveDown = j; e; delete; down; enter; ctrl-n +ViewMovePgDn = f; space; pgdn; ctrl-v +ViewMovePgUp = b; pgup; alt-v; backspace +a180 2 +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +d192 1 +a192 1 +ViewQuit = f3; f10; q; esc +a205 4 +ViewMovePgDn = pgdn; ctrl-v +ViewMovePgUp = pgup; alt-v +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +a212 1 +CmdEditForceInternal = +a228 1 +CmdListing = +a230 1 +CmdTogglePanelsSplit = alt-comma +a237 1 +CmdDialogList = alt-prime +a246 1 +CmdRelativeSymlink = v +a255 1 +CmdDiffView = ctrl-d +a259 2 +PanelMarkFileUp = shift-up +PanelMarkFileDown = shift-down +d277 2 +a278 2 +PanelGotoChildDir = ctrl-pgdn +PanelGotoParentDir = ctrl-pgup +d287 2 +a288 2 +PanelMoveHome = alt-lt; home; a1 +PanelMoveEnd = alt-gt; end; c1 +d297 2 +a298 1 +PanelSmartGotoParentDir= +d301 2 +a302 2 +InputBol = ctrl-a; alt-lt; home; a1 +InputEol = ctrl-e; alt-gt; end; c1 +d311 2 +a312 2 +InputBackwardDelete = backspace; ctrl-h +InputDeleteChar = delete; ctrl-d +a316 1 +InputXCut = +a325 16 +InputLeftHighlight = shift-left +InputRightHighlight = shift-right +InputWordLeftHighlight = ctrl-shift-left +InputWordRightHighlight = ctrl-shift-right +InputBolHighlight = shift-home +InputEolHighlight = shift-end + +[listbox] +ListboxMoveUp = up; ctrl-p +ListboxMoveDown = down; ctrl-n +ListboxMoveHome = home; alt-lt; a1 +ListboxMoveEnd = end; alt-gt; c1 +ListboxMovePgUp = pgup; alt-v +ListboxMovePgDn = pgdn; ctrl-v +ListboxDeleteItem = delete; d +ListboxDeleteAll = shift-delete; shift-d +d337 2 +a338 2 +TreeMoveHome = home; alt-lt; a1 +TreeMoveEnd = end; alt-gt; c1 +d350 3 +a352 9 +HelpQuit = f10; esc +HelpMoveUp = up; ctrl-p +HelpMoveDown = down; ctrl-n +HelpMovePgDn = f; space; pgdn; ctrl-v +HelpMovePgUp = b; pgup; alt-v; backspace +HelpMoveHalfPgDn = d +HelpMoveHalfPgUp = u +HelpMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +HelpMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +a357 53 + +[dialog] +DialogOK = enter +DialogCancel = f10; esc; ctrl-g +DialogPrevItem = left; up +DialogNextItem = right; down +DialogHelp = f1 +DialogSuspend = ctrl-z +DialogRefresh = ctrl-l +CmdDialogList = alt-prime +CmdDialogNext = alt-rbrace +CmdDialogPrev = alt-lbrace + + +[diffviewer] +DiffDisplaySymbols = alt-s; s +DiffDisplayNumbers = alt-n; l +DiffFull = f +DiffEqual = equal +DiffSplitMore = gt +DiffSplitLess = lt +DiffSetTab2 = 2 +DiffSetTab3 = 3 +DiffSetTab4 = 4 +DiffSetTab8 = 8 +DiffSwapPanel = ctrl-u +DiffRedo = ctrl-r +DiffNextHunk = n; enter; space +DiffPrevHunk = p; backspace +DiffGoto = g; shift-g +DiffSave = f2 +DiffEditCurrent = f4 +DiffEditOther = f14 +DiffMergeCurrentHunk = f5 +DiffSearch = f7 +DiffContinueSearch = f17 +DiffOptions = f9 +DiffBOF = ctrl-home +DiffEOF = ctrl-end +DiffDown = down +DiffUp = up +DiffQuickLeft = ctrl-left +DiffQuickRight = ctrl-right +DiffLeft = left +DiffRight = right +DiffPageDown = pgdn +DiffPageUp = pgup +DiffHome = home +DiffEnd = end +DiffHelp = f1 +DiffQuit = f10; q; shift-q; esc +ShowCommandLine = ctrl-o +SelectCodepage = alt-e +@ diff --git a/config-archive/etc/mc/mc.keymap.default,v b/config-archive/etc/mc/mc.keymap.default,v new file mode 100644 index 0000000..1fff4bf --- /dev/null +++ b/config-archive/etc/mc/mc.keymap.default,v @@ -0,0 +1,555 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.09.19.10.51; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.09.19.11.21; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[editor] +EditXStore = ctrl-insert +EditXPaste = shift-insert +EditXCut = shift-delete + +EditDeleteLine = ctrl-y +EditDeleteToLineEnd = ctrl-k +EditDeleteToLineBegin = + +EditLeft = left +EditRight = right +EditUp = up +EditDown = down +EditEnter = enter +EditReturn = shift-enter +EditBackSpace = backspace +EditDelete = delete +EditPageUp = pgup +EditPageDown = pgdn +EditWordLeft = ctrl-left +EditWordRight = ctrl-right +EditHome = home +EditEnd = end +EditTab = tab +EditUndo = ctrl-u +EditBeginningOfText = ctrl-home; alt-lt +EditEndOfText = ctrl-end; alt-gt +EditScrollUp = ctrl-up +EditScrollDown = ctrl-down +EditBeginPage = ctrl-pgup +EditEndPage = ctrl-pgdn +EditDeleteWordLeft = alt-backspace +EditDeleteWordRight = alt-d +EditParagraphUp = +EditParagraphDown = +EditSave = f2 +EditLoad = +EditNew = ctrl-n +EditSaveas = f12 +EditMark = f3 +EditCopy = f5 +EditMove = f6 +EditRemove = f8 +EditMarkAll = +EditUnmark = +EditFind = f7 + +EditShiftBlockLeft = +EditShiftBlockRight = + +EditPageUpHighlight = shift-pgup +EditPageDownHighlight = shift-pgdn +EditLeftHighlight = shift-left +EditRightHighlight = shift-right +EditWordLeftHighlight = ctrl-shift-left +EditWordRightHighlight = ctrl-shift-right +EditUpHighlight = shift-up +EditDownHighlight = shift-down +EditHomeHighlight = shift-home +EditEndHighlight = shift-end +EditBeginningOfTextHighlight = ctrl-shift-home +EditEndOfTextHighlight = ctrl-shift-end +EditBeginPageHighlight = ctrl-shift-pgup +EditEndPageHighlight = ctrl-shift-pgdn +EditScrollUpHighlight = ctrl-shift-up +EditScrollDownHighlight = ctrl-shift-down +EditParagraphUpHighlight = +EditParagraphDownHighlight = + +EditPageUpAltHighlight = alt-pgup +EditPageDownAltHighlight = alt-pgdn +EditLeftAltHighlight = alt-left +EditRightAltHighlight = alt-right +EditWordLeftAltHighlight = ctrl-alt-left +EditWordRightAltHighlight = ctrl-alt-right +EditUpAltHighlight = alt-up +EditDownAltHighlight = alt-down +EditHomeAltHighlight = alt-home +EditEndAltHighlight = alt-end +EditBeginningOfTextAltHighlight = ctrl-alt-home +EditEndOfTextHighlight = ctrl-alt-end +EditBeginPageHighlight = ctrl-alt-pgup +EditEndPageAltHighlight = ctrl-alt-pgdn +EditScrollUpAltHighlight = +EditScrollDownAltHighlight = +EditParagraphUpAltHighlight = +EditParagraphDownAltHighlight = + +EditSaveBlock = ctrl-f +EditColumnMark = f13 +EditFindAgain = f17 +EditReplace = f4 +EditReplaceAgain = f14 +EditCompleteWord = alt-tab +EditDebugStart = +EditDebugStop = +EditDebugToggleBreak = +EditDebugClear = +EditDebugNext = +EditDebugStep = +EditDebugBackTrace = +EditDebugContinue = +EditDebugEnterCommand = +EditDebugUntilCurser = +EditInsertFile = f15 +EditQuit = f10 +EditToggleInsert = insert +EditHelp = f1 +EditDate = +EditRefresh = ctrl-l +EditGoto = alt-l +EditManPage = +EditSort = alt-t +EditMail = +EditCancel = +EditComplete = + +EditParagraphFormat = alt-p +EditUtil = +EditTypeLoadPython = +EditFindFile = +EditCtags = +EditMatchBracket = alt-b +EditTerminal = +EditTerminalApp = +EditExtCmd = alt-u +EditUserMenu = f11 +EditSaveDesktop = +EditNewWindow = +EditCycle = +EditMenu = f9 +EditSaveAndQuit = +EditRunAnother = +EditCheckSaveAndQuit = +EditMaximize = +EditToggleBookmark = alt-k +EditFlushBookmarks = alt-o +EditNextBookmark = alt-j +EditPrevBookmark = alt-i + +EditSelectionHistory = +EditShell = ctrl-o +EditInsertLiteral = ctrl-q + +EditBeginRecordMacro = +EditEndRecordMacro = +EditBeginOrEndMacro = ctrl-r +EditExecuteMacro = ctrl-a +EditDeleteMacro = + +EditToggleLineState = alt-n +EditToggleTabTWS = alt-underline +EditToggleSyntax = ctrl-s + +EditFindDefinition = alt-enter +EditLoadPrevFile = alt-minus +EditLoadNextFile = alt-plus + +SelectCodepage = alt-e + +[viewer] +ViewHelp = f1 +ViewToggleWrapMode = f2 +ViewQuit = f3; f10; q; esc; ctrl-g +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewContinueSearch = ctrl-r; ctrl-s; f17; n +ViewMoveToBol = ctrl-a +ViewMoveToEol = ctrl-e +ViewMoveLeft = h; left +ViewMoveRight = l; right +ViewMoveUp = k; y; insert; up +ViewMoveDown = j; e; delete; down; enter +ViewMovePgDn = f; space; pgdn +ViewMovePgUp = b; pgup +ViewMoveHalfPgDn = d +ViewMoveHalfPgUp = u +ViewGotoBookmark = m +ViewNewBookmark = r +ViewNextFile = ctrl-f +ViewPrevFile = ctrl-b +SelectCodepage = alt-e +ShowCommandLine = ctrl-o +ViewToggleRuler = alt-r + +[viewer:hex] +ViewHelp = f1 +ViewToggleHexEditMode = f2 +ViewQuit = f3; f10; q; esc; ctrl-g +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewHexEditSave = f6 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewToggleHexNavMode = tab +ViewMoveToBol = ctrl-a; home +ViewMoveToEol = ctrl-e; end +ViewMoveLeft = b; left +ViewMoveRight = f; right +ViewMoveUp = k; y; up +ViewMoveDown = j; delete; down + +[main] +CmdHelp = f1 +CmdUserMenu = f2 +CmdView = f3 +CmdViewFile = f13 +CmdEdit = f4 +CmdCopy = f5 +CmdRename = f6 +CmdMkdir = f7 +CmdDelete = f8 +CmdMenu = f9 +CmdQuit = f10 +CmdMenuLastSelected = f19 +CmdQuietQuit = f20 +CmdFind = alt-question +CmdQuickCd = alt-c +CmdQuickChdir = ctrl-backslash +CmdReread = ctrl-r +CmdSingleDirsize = ctrl-space +CmdSuspend = ctrl-z +CmdSwapPanel = ctrl-u +CmdHistory = alt-h +CmdToggleListing = alt-t +CmdToggleShowHidden = alt-dot +ShowCommandLine = ctrl-o +CmdCopyCurrentPathname = alt-a +CmdCopyOtherPathname = alt-shift-a +CmdFilteredView = alt-exclamation +CmdSelect = kpplus +CmdUnselect = kpminus +CmdReverseSelection = kpasterisk +ExtMap1 = ctrl-x + +[main:xmap] +CmdChmod = c +CmdChown = o +CmdCompareDirs = d +CmdEditSymlink = ctrl-s +CmdLink = l +CmdSymlink = s +CmdInfo = i +CmdQuickView = q +CmdExternalPanelize = exclamation +CmdReselectVfs = a +CmdJobs = j +CmdCopyCurrentPathname = p +CmdCopyOtherPathname = ctrl-p +CmdCopyCurrentTagged = t +CmdCopyOtherTagged = ctrl-t + +[panel] +PanelStartSearch = ctrl-s; alt-s +PanelMarkFile = insert; ctrl-t +PanelMoveDown = down; ctrl-n +PanelMoveUp = up; ctrl-p +PanelMoveLeft = left +PanelMoveRight = right +PanelPrevPage = pgup; alt-v +PanelNextPage = pgdn; ctrl-v +PanelDoEnter = enter +PanelChdirOtherPanel = alt-o +PanelChdirToReadlink = alt-l +PanelViewSimple = F13 +PanelEditNew = F14 +PanelCopyLocal = F15 +PanelRenameLocal = F16 +PanelDeleteLocal = F18 +PanelReverseSelection = alt-asterisk +PanelSelect = alt-plus +PanelUnselect = alt-minus +PanelCtrlNextPage = ctrl-pgdn +PanelCtrlPrevPage = ctrl-pgup +PanelDirectoryHistoryList = alt-shift-h +PanelDirectoryHistoryNext = alt-u +PanelDirectoryHistoryPrev = alt-y +PanelGotoBottomFile = alt-j +PanelGotoMiddleFile = alt-r +PanelSyncOtherPanel = alt-i +PanelGotoTopFile = alt-g +PanelSetPanelEncoding = alt-e +PanelMoveHome = alt-lt; home +PanelMoveEnd = alt-gt; end +PanelSelectSortOrder= +PanelToggleSortOrderPrev= +PanelToggleSortOrderNext= +PanelReverseSort= +PanelSortOrderByName= +PanelSortOrderByExt= +PanelSortOrderBySize= +PanelSortOrderByMTime= + +[panel:xmap] + +[input] +InputBol = ctrl-a; alt-lt; home +InputEol = ctrl-e; alt-gt; end +InputMoveLeft = left; alt-left +InputWordLeft = ctrl-left +InputBackwardChar = ctrl-b +InputBackwardWord = alt-b +InputMoveRight = right; alt-right +InputWordRight = ctrl-right +InputForwardChar = ctrl-f +InputForwardWord = alt-f +InputBackwardDelete = backspace +InputDeleteChar = delete +InputKillWord = alt-d +InputBackwardKillWord = alt-backspace +InputSetMark = +InputKillRegion = ctrl-w +InputXStore = alt-w +InputXPaste = +InputYank = ctrl-y +InputKillLine = ctrl-k +InputHistoryPrev = alt-p; ctrl-down +InputHistoryNext = alt-n; ctrl-up +InputHistoryShow = alt-h +InputComplete = alt-tab +InputClearLine = + +[tree] +TreeHelp = f1 +TreeForget = f3 +TreeToggleNav = f4 +TreeCopy = f5 +TreeMove = f6 +TreeMoveUp = up; ctrl-p +TreeMoveDown = down; ctrl-n +TreeMoveLeft = left +TreeMoveRight = right +TreeMoveHome = home; alt-lt +TreeMoveEnd = end; alt-gt +TreeMovePgUp = pgup; alt-v +TreeMovePgDn = pgdn; ctrl-v +TreeOpen = enter +TreeRescan = f2; ctrl-r +TreeStartSearch = ctrl-s; alt-s +TreeRemove = f8; delete + +[help] +HelpHelp = f1 +HelpIndex = f2; c +HelpBack = f3; left; l +HelpQuit = f10; esc; ctrl-g +HelpMoveUp = up +HelpMoveDown = down +HelpSelectLink = right; enter +HelpNextLink = tab +HelpPrevLink = alt-tab +HelpNextNode = n +HelpPrevNode = p +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d16 2 +a17 2 +EditBackSpace = backspace; ctrl-h +EditDelete = delete; ctrl-d +d20 2 +a21 2 +EditWordLeft = ctrl-left; ctrl-z +EditWordRight = ctrl-right; ctrl-x +a46 2 +EditMarkLine = +EditMarkWord = +d114 1 +a114 1 +EditMail = alt-m +a153 1 +EditToggleShowMargin = +d164 1 +a164 1 +ViewQuit = f3; f10; q; esc +d175 4 +a178 6 +ViewMoveLeft10 = ctrl-left +ViewMoveRight10 = ctrl-right +ViewMoveUp = k; y; insert; up; ctrl-p +ViewMoveDown = j; e; delete; down; enter; ctrl-n +ViewMovePgDn = f; space; pgdn; ctrl-v +ViewMovePgUp = b; pgup; alt-v; backspace +a180 2 +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +d192 1 +a192 1 +ViewQuit = f3; f10; q; esc +a205 4 +ViewMovePgDn = pgdn; ctrl-v +ViewMovePgUp = pgup; alt-v +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +a212 1 +CmdEditForceInternal = +a228 1 +CmdListing = +a230 1 +CmdTogglePanelsSplit = alt-comma +a237 1 +CmdDialogList = alt-prime +a246 1 +CmdRelativeSymlink = v +a255 1 +CmdDiffView = ctrl-d +a259 2 +PanelMarkFileUp = shift-up +PanelMarkFileDown = shift-down +d277 2 +a278 2 +PanelGotoChildDir = ctrl-pgdn +PanelGotoParentDir = ctrl-pgup +d287 2 +a288 2 +PanelMoveHome = alt-lt; home; a1 +PanelMoveEnd = alt-gt; end; c1 +d297 2 +a298 1 +PanelSmartGotoParentDir= +d301 2 +a302 2 +InputBol = ctrl-a; alt-lt; home; a1 +InputEol = ctrl-e; alt-gt; end; c1 +d311 2 +a312 2 +InputBackwardDelete = backspace; ctrl-h +InputDeleteChar = delete; ctrl-d +a316 1 +InputXCut = +a325 16 +InputLeftHighlight = shift-left +InputRightHighlight = shift-right +InputWordLeftHighlight = ctrl-shift-left +InputWordRightHighlight = ctrl-shift-right +InputBolHighlight = shift-home +InputEolHighlight = shift-end + +[listbox] +ListboxMoveUp = up; ctrl-p +ListboxMoveDown = down; ctrl-n +ListboxMoveHome = home; alt-lt; a1 +ListboxMoveEnd = end; alt-gt; c1 +ListboxMovePgUp = pgup; alt-v +ListboxMovePgDn = pgdn; ctrl-v +ListboxDeleteItem = delete; d +ListboxDeleteAll = shift-delete; shift-d +d337 2 +a338 2 +TreeMoveHome = home; alt-lt; a1 +TreeMoveEnd = end; alt-gt; c1 +d350 3 +a352 9 +HelpQuit = f10; esc +HelpMoveUp = up; ctrl-p +HelpMoveDown = down; ctrl-n +HelpMovePgDn = f; space; pgdn; ctrl-v +HelpMovePgUp = b; pgup; alt-v; backspace +HelpMoveHalfPgDn = d +HelpMoveHalfPgUp = u +HelpMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +HelpMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +a357 53 + +[dialog] +DialogOK = enter +DialogCancel = f10; esc; ctrl-g +DialogPrevItem = left; up +DialogNextItem = right; down +DialogHelp = f1 +DialogSuspend = ctrl-z +DialogRefresh = ctrl-l +CmdDialogList = alt-prime +CmdDialogNext = alt-rbrace +CmdDialogPrev = alt-lbrace + + +[diffviewer] +DiffDisplaySymbols = alt-s; s +DiffDisplayNumbers = alt-n; l +DiffFull = f +DiffEqual = equal +DiffSplitMore = gt +DiffSplitLess = lt +DiffSetTab2 = 2 +DiffSetTab3 = 3 +DiffSetTab4 = 4 +DiffSetTab8 = 8 +DiffSwapPanel = ctrl-u +DiffRedo = ctrl-r +DiffNextHunk = n; enter; space +DiffPrevHunk = p; backspace +DiffGoto = g; shift-g +DiffSave = f2 +DiffEditCurrent = f4 +DiffEditOther = f14 +DiffMergeCurrentHunk = f5 +DiffSearch = f7 +DiffContinueSearch = f17 +DiffOptions = f9 +DiffBOF = ctrl-home +DiffEOF = ctrl-end +DiffDown = down +DiffUp = up +DiffQuickLeft = ctrl-left +DiffQuickRight = ctrl-right +DiffLeft = left +DiffRight = right +DiffPageDown = pgdn +DiffPageUp = pgup +DiffHome = home +DiffEnd = end +DiffHelp = f1 +DiffQuit = f10; q; shift-q; esc +ShowCommandLine = ctrl-o +SelectCodepage = alt-e +@ diff --git a/config-archive/etc/mc/mc.keymap.emacs,v b/config-archive/etc/mc/mc.keymap.emacs,v new file mode 100644 index 0000000..22051e0 --- /dev/null +++ b/config-archive/etc/mc/mc.keymap.emacs,v @@ -0,0 +1,569 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.09.19.10.51; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.09.19.11.26; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[editor] +EditXStore = meta-w +EditXPaste = ctrl-y +EditXCut = ctrl-w + +EditDeleteLine = ctrl-y +EditDeleteToLineEnd = ctrl-k +EditDeleteToLineBegin = + +EditLeft = left +EditRight = right +EditUp = up +EditDown = down +EditEnter = enter +EditReturn = shift-enter +EditBackSpace = backspace +EditDelete = delete +EditPageUp = pgup +EditPageDown = pgdn +EditWordLeft = ctrl-left +EditWordRight = ctrl-right +EditHome = home +EditEnd = end +EditTab = tab +EditUndo = ctrl-u +EditBeginningOfText = ctrl-home; alt-lt +EditEndOfText = ctrl-end; alt-gt +EditScrollUp = ctrl-up +EditScrollDown = ctrl-down +EditBeginPage = ctrl-pgup +EditEndPage = ctrl-pgdn +EditDeleteWordLeft = alt-backspace +EditDeleteWordRight = alt-d +EditParagraphUp = +EditParagraphDown = +EditSave = f2 +EditLoad = +EditSaveas = f12 +EditMark = f3 +EditCopy = f5 +EditMove = f6 +EditRemove = f8 +EditMarkAll = +EditUnmark = +EditFind = f7 + +EditShiftBlockLeft = +EditShiftBlockRight = + +EditPageUpHighlight = shift-pgup +EditPageDownHighlight = shift-pgdn +EditLeftHighlight = shift-left +EditRightHighlight = shift-right +EditWordLeftHighlight = ctrl-shift-left +EditWordRightHighlight = ctrl-shift-right +EditUpHighlight = shift-up +EditDownHighlight = shift-down +EditHomeHighlight = shift-home +EditEndHighlight = shift-end +EditBeginningOfTextHighlight = ctrl-shift-home +EditEndOfTextHighlight = ctrl-shift-end +EditBeginPageHighlight = ctrl-shift-pgup +EditEndPageHighlight = ctrl-shift-pgdn +EditScrollUpHighlight = ctrl-shift-up +EditScrollDownHighlight = ctrl-shift-down +EditParagraphUpHighlight = +EditParagraphDownHighlight = + +EditPageUpAltHighlight = alt-pgup +EditPageDownAltHighlight = alt-pgdn +EditLeftAltHighlight = alt-left +EditRightAltHighlight = alt-right +EditWordLeftAltHighlight = ctrl-alt-left +EditWordRightAltHighlight = ctrl-alt-right +EditUpAltHighlight = alt-up +EditDownAltHighlight = alt-down +EditHomeAltHighlight = alt-home +EditEndAltHighlight = alt-end +EditBeginningOfTextAltHighlight = ctrl-alt-home +EditEndOfTextHighlight = ctrl-alt-end +EditBeginPageHighlight = ctrl-alt-pgup +EditEndPageAltHighlight = ctrl-alt-pgdn +EditScrollUpAltHighlight = +EditScrollDownAltHighlight = +EditParagraphUpAltHighlight = +EditParagraphDownAltHighlight = + +EditSaveBlock = +EditColumnMark = f13 +EditFindAgain = f17 +EditReplace = f4 +EditReplaceAgain = f14 +EditCompleteWord = alt-tab +EditDebugStart = +EditDebugStop = +EditDebugToggleBreak = +EditDebugClear = +EditDebugNext = +EditDebugStep = +EditDebugBackTrace = +EditDebugContinue = +EditDebugEnterCommand = +EditDebugUntilCurser = +EditInsertFile = f15 +EditQuit = f10 +EditToggleInsert = insert +EditHelp = f1 +EditDate = +EditRefresh = ctrl-l +EditGoto = alt-l +EditManPage = +EditSort = alt-t +EditMail = +EditCancel = +EditComplete = + +EditParagraphFormat = alt-p +EditUtil = +EditTypeLoadPython = +EditFindFile = +EditCtags = +EditMatchBracket = alt-b +EditTerminal = +EditTerminalApp = +EditExtCmd = alt-u +EditUserMenu = f11 +EditSaveDesktop = +EditNewWindow = +EditCycle = +EditMenu = f9 +EditSaveAndQuit = +EditRunAnother = +EditCheckSaveAndQuit = +EditMaximize = +EditToggleBookmark = +EditFlushBookmarks = +EditNextBookmark = +EditPrevBookmark = + +EditSelectionHistory = +EditShell = ctrl-o +EditInsertLiteral = ctrl-q + +EditBeginRecordMacro = +EditEndRecordMacro = +EditBeginOrEndMacro = ctrl-r +EditDeleteMacro = + +EditToggleLineState = alt-n +EditToggleTabTWS = alt-underline +EditToggleSyntax = ctrl-s + +EditFindDefinition = alt-enter +EditLoadPrevFile = alt-minus +EditLoadNextFile = alt-plus + +SelectCodepage = alt-e + +EditExtMode = ctrl-x + +[edit:xmap] +EditNew = k +EditExecuteMacro = e + +[viewer] +ViewHelp = f1 +ViewToggleWrapMode = f2 +ViewQuit = f3; f10; q; esc; ctrl-g +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewContinueSearch = ctrl-r; ctrl-s; f17; n +ViewMoveToBol = ctrl-a +ViewMoveToEol = ctrl-e +ViewMoveLeft = h; left +ViewMoveRight = l; right +ViewMoveUp = k; y; insert; up +ViewMoveDown = j; e; delete; down; enter +ViewMovePgDn = f; space; pgdn +ViewMovePgUp = b; pgup +ViewMoveHalfPgDn = d +ViewMoveHalfPgUp = u +ViewGotoBookmark = m +ViewNewBookmark = r +ViewNextFile = ctrl-f +ViewPrevFile = ctrl-b +SelectCodepage = alt-e +ShowCommandLine = ctrl-o +ViewToggleRuler = alt-r + +[viewer:hex] +ViewHelp = f1 +ViewToggleHexEditMode = f2 +ViewQuit = f3; f10; q; esc; ctrl-g +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewHexEditSave = f6 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewToggleHexNavMode = tab +ViewMoveToBol = ctrl-a; home +ViewMoveToEol = ctrl-e; end +ViewMoveLeft = b; left +ViewMoveRight = f; right +ViewMoveUp = k; y; up +ViewMoveDown = j; delete; down + +[main] +CmdHelp = f1 +CmdUserMenu = f2 +CmdView = f3 +CmdViewFile = f13 +CmdEdit = f4 +CmdCopy = f5 +CmdRename = f6 +CmdMkdir = f7 +CmdDelete = f8 +CmdMenu = f9 +CmdQuit = f10 +CmdMenuLastSelected = f19 +CmdQuietQuit = f20 +CmdFind = alt-question +CmdQuickCd = alt-c +CmdQuickChdir = ctrl-backslash +CmdReread = ctrl-r +CmdSingleDirsize = ctrl-space +CmdSuspend = ctrl-z +CmdSwapPanel = ctrl-u +CmdHistory = alt-h +CmdToggleListing = alt-t +CmdToggleShowHidden = alt-dot +ShowCommandLine = ctrl-o +CmdCopyCurrentPathname = alt-a +CmdCopyOtherPathname = alt-shift-a +CmdFilteredView = alt-exclamation +CmdSelect = kpplus +CmdUnselect = kpminus +CmdReverseSelection = kpasterisk +ExtMap1 = ctrl-x + +[main:xmap] +CmdChmod = c +CmdChown = o +CmdCompareDirs = d +CmdEditSymlink = ctrl-s +CmdLink = l +CmdSymlink = s +CmdInfo = i +CmdQuickView = q +CmdExternalPanelize = exclamation +CmdReselectVfs = a +CmdJobs = j +CmdCopyCurrentPathname = p +CmdCopyOtherPathname = ctrl-p +CmdCopyCurrentTagged = t +CmdCopyOtherTagged = ctrl-t + +[panel] +PanelStartSearch = ctrl-s; alt-s +PanelMarkFile = insert; ctrl-t +PanelMoveDown = down; ctrl-n +PanelMoveUp = up; ctrl-p +PanelMoveLeft = left +PanelMoveRight = right +PanelPrevPage = pgup; alt-v +PanelNextPage = pgdn; ctrl-v +PanelDoEnter = enter +PanelChdirOtherPanel = alt-o +PanelChdirToReadlink = alt-l +PanelViewSimple = F13 +PanelEditNew = F14 +PanelCopyLocal = F15 +PanelRenameLocal = F16 +PanelDeleteLocal = F18 +PanelReverseSelection = alt-asterisk +PanelSelect = alt-plus +PanelUnselect = alt-minus +PanelCtrlNextPage = ctrl-pgdn +PanelCtrlPrevPage = ctrl-pgup +PanelDirectoryHistoryList = alt-shift-h +PanelDirectoryHistoryNext = alt-u +PanelDirectoryHistoryPrev = alt-y +PanelGotoBottomFile = alt-j +PanelGotoMiddleFile = alt-r +PanelSyncOtherPanel = alt-i +PanelGotoTopFile = alt-g +PanelSetPanelEncoding = alt-e +PanelMoveHome = alt-lt; home +PanelMoveEnd = alt-gt; end +PanelSelectSortOrder= +PanelToggleSortOrderPrev= +PanelToggleSortOrderNext= +PanelReverseSort= +PanelSortOrderByName= +PanelSortOrderByExt= +PanelSortOrderBySize= +PanelSortOrderByMTime= + +[panel:xmap] + +[input] +InputBol = ctrl-a; alt-lt; home +InputEol = ctrl-e; alt-gt; end +InputMoveLeft = left; alt-left +InputWordLeft = ctrl-left +InputBackwardChar = ctrl-b +InputBackwardWord = alt-b +InputMoveRight = right; alt-right +InputWordRight = ctrl-right +InputForwardChar = ctrl-f +InputForwardWord = alt-f +InputBackwardDelete = backspace +InputDeleteChar = delete +InputKillWord = alt-d +InputBackwardKillWord = alt-backspace +InputSetMark = +InputKillRegion = ctrl-w +InputXStore = alt-w +InputXPaste = +InputYank = ctrl-y +InputKillLine = ctrl-k +InputHistoryPrev = alt-p; ctrl-down +InputHistoryNext = alt-n; ctrl-up +InputHistoryShow = alt-h +InputComplete = alt-tab +InputClearLine = + +[tree] +TreeHelp = f1 +TreeForget = f3 +TreeToggleNav = f4 +TreeCopy = f5 +TreeMove = f6 +TreeMoveUp = up; ctrl-p +TreeMoveDown = down; ctrl-n +TreeMoveLeft = left +TreeMoveRight = right +TreeMoveHome = home; alt-lt +TreeMoveEnd = end; alt-gt +TreeMovePgUp = pgup; alt-v +TreeMovePgDn = pgdn; ctrl-v +TreeOpen = enter +TreeRescan = f2; ctrl-r +TreeStartSearch = ctrl-s; alt-s +TreeRemove = f8; delete + +[help] +HelpHelp = f1 +HelpIndex = f2; c +HelpBack = f3; left; l +HelpQuit = f10; esc; ctrl-g +HelpMoveUp = up +HelpMoveDown = down +HelpSelectLink = right; enter +HelpNextLink = tab +HelpPrevLink = alt-tab +HelpNextNode = n +HelpPrevNode = p +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +EditXStore = alt-w +d10 4 +a13 4 +EditLeft = left; ctrl-b +EditRight = right; ctrl-f +EditUp = up; ctrl-p +EditDown = down; ctrl-n +d18 6 +a23 6 +EditPageUp = pgup; alt-v +EditPageDown = pgdn; ctrl-v +EditWordLeft = ctrl-left; alt-b +EditWordRight = ctrl-right; alt-f +EditHome = home; ctrl-a +EditEnd = end; ctrl-e +d39 1 +a39 1 +EditMark = f3; ctrl-at +d45 1 +a45 3 +EditFind = f7; ctrl-s +EditMarkLine = +EditMarkWord = +d122 1 +a122 1 +EditMatchBracket = +a151 1 +EditToggleShowMargin = +d168 1 +a168 1 +ViewQuit = f3; f10; q; esc +d179 4 +a182 6 +ViewMoveLeft10 = ctrl-left +ViewMoveRight10 = ctrl-right +ViewMoveUp = k; y; insert; up; ctrl-p +ViewMoveDown = j; e; delete; down; enter; ctrl-n +ViewMovePgDn = f; space; pgdn; ctrl-v +ViewMovePgUp = b; pgup; alt-v; backspace +a184 2 +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +d196 1 +a196 1 +ViewQuit = f3; f10; q; esc +a209 4 +ViewMovePgDn = pgdn; ctrl-v +ViewMovePgUp = pgup; alt-v +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +a216 1 +CmdEditForceInternal = +a232 1 +CmdListing = +a234 1 +CmdTogglePanelsSplit = alt-comma +a241 1 +CmdDialogList = alt-prime +a250 1 +CmdRelativeSymlink = v +a259 1 +CmdDiffView = ctrl-d +a263 2 +PanelMarkFileUp = shift-up +PanelMarkFileDown = shift-down +d281 2 +a282 2 +PanelGotoChildDir = ctrl-pgdn +PanelGotoParentDir = ctrl-pgup +d291 2 +a292 2 +PanelMoveHome = alt-lt; home; a1 +PanelMoveEnd = alt-gt; end; c1 +d301 2 +a302 1 +PanelSmartGotoParentDir= +d305 2 +a306 2 +InputBol = ctrl-a; alt-lt; home; a1 +InputEol = ctrl-e; alt-gt; end; c1 +a320 1 +InputXCut = +a329 16 +InputLeftHighlight = +InputRightHighlight = +InputWordLeftHighlight = +InputWordRightHighlight = +InputBolHighlight = +InputEolHighlight = + +[listbox] +ListboxMoveUp = up; ctrl-p +ListboxMoveDown = down; ctrl-n +ListboxMoveHome = home; alt-lt; a1 +ListboxMoveEnd = end; alt-gt; c1 +ListboxMovePgUp = pgup; alt-v +ListboxMovePgDn = pgdn; ctrl-v +ListboxDeleteItem = delete; d +ListboxDeleteAll = shift-delete; shift-d +d341 2 +a342 2 +TreeMoveHome = home; alt-lt; a1 +TreeMoveEnd = end; alt-gt; c1 +d354 3 +a356 9 +HelpQuit = f10; esc +HelpMoveUp = up; ctrl-p +HelpMoveDown = down; ctrl-n +HelpMovePgDn = f; space; pgdn; ctrl-v +HelpMovePgUp = b; pgup; alt-v; backspace +HelpMoveHalfPgDn = d +HelpMoveHalfPgUp = u +HelpMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +HelpMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +a361 53 + +[dialog] +DialogOK = enter +DialogCancel = f10; esc; ctrl-g +DialogPrevItem = left; up +DialogNextItem = right; down +DialogHelp = f1 +DialogSuspend = ctrl-z +DialogRefresh = ctrl-l +CmdDialogList = alt-prime +CmdDialogNext = alt-rbrace +CmdDialogPrev = alt-lbrace + + +[diffviewer] +DiffDisplaySymbols = alt-s; s +DiffDisplayNumbers = alt-n; l +DiffFull = f +DiffEqual = equal +DiffSplitMore = gt +DiffSplitLess = lt +DiffSetTab2 = 2 +DiffSetTab3 = 3 +DiffSetTab4 = 4 +DiffSetTab8 = 8 +DiffSwapPanel = ctrl-u +DiffRedo = ctrl-r +DiffNextHunk = n; enter; space +DiffPrevHunk = p; backspace +DiffGoto = g; shift-g +DiffSave = f2 +DiffEditCurrent = f4 +DiffEditOther = f14 +DiffMergeCurrentHunk = f5 +DiffSearch = f7 +DiffContinueSearch = f17 +DiffOptions = f9 +DiffBOF = ctrl-home +DiffEOF = ctrl-end +DiffDown = down +DiffUp = up +DiffQuickLeft = ctrl-left +DiffQuickRight = ctrl-right +DiffLeft = left +DiffRight = right +DiffPageDown = pgdn +DiffPageUp = pgup +DiffHome = home +DiffEnd = end +DiffHelp = f1 +DiffQuit = f10; q; shift-q; esc +ShowCommandLine = ctrl-o +SelectCodepage = alt-e +@ diff --git a/config-archive/etc/mdadm.conf,v b/config-archive/etc/mdadm.conf,v new file mode 100644 index 0000000..583d243 --- /dev/null +++ b/config-archive/etc/mdadm.conf,v @@ -0,0 +1,106 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.30.19.30.29; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.30.19.30.45; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# mdadm configuration file +# +# mdadm will function properly without the use of a configuration file, +# but this file is useful for keeping track of arrays and member disks. +# In general, a mdadm.conf file is created, and updated, after arrays +# are created. This is the opposite behavior of /etc/raidtab which is +# created prior to array construction. +# +# +# the config file takes two types of lines: +# +# DEVICE lines specify a list of devices of where to look for +# potential member disks +# +# ARRAY lines specify information about how to identify arrays so +# so that they can be activated +# +# You can have more than one device line and use wild cards. The first +# example includes SCSI the first partition of SCSI disks /dev/sdb, +# /dev/sdc, /dev/sdd, /dev/sdj, /dev/sdk, and /dev/sdl. The second +# line looks for array slices on IDE disks. +# +#DEVICE /dev/sd[bcdjkl]1 +#DEVICE /dev/hda1 /dev/hdb1 +# +# If you mount devfs on /dev, then a suitable way to list all devices is: +#DEVICE /dev/discs/*/* +# +# +# +# ARRAY lines specify an array to assemble and a method of identification. +# Arrays can currently be identified by using a UUID, superblock minor number, +# or a listing of devices. +# +# super-minor is usually the minor number of the metadevice +# UUID is the Universally Unique Identifier for the array +# Each can be obtained using +# +# mdadm -D +# +#ARRAY /dev/md0 UUID=3aaa0122:29827cfa:5331ad66:ca767371 +#ARRAY /dev/md1 super-minor=1 +#ARRAY /dev/md2 devices=/dev/hda1,/dev/hdb1 +# +# ARRAY lines can also specify a "spare-group" for each array. mdadm --monitor +# will then move a spare between arrays in a spare-group if one array has a failed +# drive but no spare +#ARRAY /dev/md4 uuid=b23f3c6d:aec43a9f:fd65db85:369432df spare-group=group1 +#ARRAY /dev/md5 uuid=19464854:03f71b1b:e0df2edd:246cc977 spare-group=group1 +# +# When used in --follow (aka --monitor) mode, mdadm needs a +# mail address and/or a program. This can be given with "mailaddr" +# and "program" lines to that monitoring can be started using +# mdadm --follow --scan & echo $! > /var/run/mdadm +# If the lines are not found, mdadm will exit quietly +#MAILADDR root@@mydomain.tld +MAILADDR frank@@brehm-online.com +#PROGRAM /usr/sbin/handle-mdadm-events +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a29 8 +# The AUTO line can control which arrays get assembled by auto-assembly, +# meaing either "mdadm -As" when there are no 'ARRAY' lines in this file, +# or "mdadm --incremental" when the array found is not listed in this file. +# By default, all arrays that are found are assembled. +# If you want to ignore all DDF arrays (maybe they are managed by dmraid), +# and only assemble 1.x arrays if which are marked for 'this' homehost, +# but assemble all others, then use +#AUTO -ddf homehost -1.x +all +d57 1 +@ diff --git a/config-archive/etc/mke2fs.conf,v b/config-archive/etc/mke2fs.conf,v new file mode 100644 index 0000000..1581dd2 --- /dev/null +++ b/config-archive/etc/mke2fs.conf,v @@ -0,0 +1,88 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.28.21.17.24; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.28.21.17.39; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[defaults] + base_features = sparse_super,filetype,resize_inode,dir_index,ext_attr + blocksize = 4096 + inode_size = 256 + inode_ratio = 16384 + +[fs_types] + ext3 = { + features = has_journal + } + ext4 = { + features = has_journal,extents,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize + inode_size = 256 + } + ext4dev = { + features = has_journal,extents,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize + inode_size = 256 + options = test_fs=1 + } + small = { + blocksize = 1024 + inode_size = 128 + inode_ratio = 4096 + } + floppy = { + blocksize = 1024 + inode_size = 128 + inode_ratio = 8192 + } + news = { + inode_ratio = 4096 + } + largefile = { + inode_ratio = 1048576 + blocksize = -1 + } + largefile4 = { + inode_ratio = 4194304 + blocksize = -1 + } + hurd = { + blocksize = 4096 + inode_size = 128 + } +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d12 1 +a12 1 + features = has_journal,extent,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize +d16 1 +a16 1 + features = has_journal,extent,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize +@ diff --git a/config-archive/etc/mlocate-cron.conf,v b/config-archive/etc/mlocate-cron.conf,v new file mode 100644 index 0000000..33e6ff8 --- /dev/null +++ b/config-archive/etc/mlocate-cron.conf,v @@ -0,0 +1,50 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.01.31.12.51.25; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.01.31.12.51.30; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# nice value to run at: see -n in nice(1) +NICE="10" + +# ionice class to run at: see -c in ionice(1) +# you have to install sys-apps/util-linux manually +IONICE_CLASS="2" + +# ionice priority to run at: see -n in ionice(1) +IONICE_PRIORITY="7" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +NICE="19" +@ diff --git a/config-archive/etc/modules.autoload.d/kernel-2.6 b/config-archive/etc/modules.autoload.d/kernel-2.6 new file mode 100644 index 0000000..b9e2261 --- /dev/null +++ b/config-archive/etc/modules.autoload.d/kernel-2.6 @@ -0,0 +1,12 @@ +# /etc/modules.autoload.d/kernel-2.6: kernel modules to load when system boots. +# +# Note that this file is for 2.6 kernels. +# +# Add the names of modules that you'd like to load when the system +# starts into this file, one per line. Comments begin with # and +# are ignored. Read man modules.autoload for additional details. + +# For example: +# aic7xxx + +ipv6 diff --git a/config-archive/etc/modules.autoload.d/kernel-2.6.dist.new b/config-archive/etc/modules.autoload.d/kernel-2.6.dist.new new file mode 100644 index 0000000..89edd3b --- /dev/null +++ b/config-archive/etc/modules.autoload.d/kernel-2.6.dist.new @@ -0,0 +1,10 @@ +# /etc/modules.autoload.d/kernel-2.6: kernel modules to load when system boots. +# +# Note that this file is for 2.6 kernels. +# +# Add the names of modules that you'd like to load when the system +# starts into this file, one per line. Comments begin with # and +# are ignored. Read man modules.autoload for additional details. + +# For example: +# aic7xxx diff --git a/config-archive/etc/mutt/Muttrc.dist,v b/config-archive/etc/mutt/Muttrc.dist,v new file mode 100644 index 0000000..a1f70e0 --- /dev/null +++ b/config-archive/etc/mutt/Muttrc.dist,v @@ -0,0 +1,5670 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.03.16.10.47.57; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.10.04.21.37.46; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.04.21.38.41; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.03.16.10.47.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# +# System configuration file for Mutt +# + +# Default list of header fields to weed when displaying. +# Ignore all lines by default... +ignore * + +# ... then allow these through. +unignore from: subject to cc date x-mailer x-url user-agent + +# Display the fields in this order +hdr_order date from to cc subject + +# imitate the old search-body function +macro index \eb "~b " "search in message bodies" + +# simulate the old url menu +macro index,pager,attach,compose \cb "\ + set my_pipe_decode=\$pipe_decode pipe_decode\ + urlview\ + set pipe_decode=\$my_pipe_decode; unset my_pipe_decode" \ +"call urlview to extract URLs out of a message" + +# Show documentation when pressing F1 +macro generic,pager " less /usr/share/doc/mutt-1.5.20-r18/manual.txt" "show Mutt documentation" + +# show the incoming mailboxes list (just like "mutt -y") and back when pressing "y" +macro index,pager y "?" "show incoming mailboxes list" +bind browser y exit + +# Use folders which match on \\.gz$ as gzipped folders: +# open-hook \\.gz$ "gzip -cd %f > %t" +# close-hook \\.gz$ "gzip -c %t > %f" +# append-hook \\.gz$ "gzip -c %t >> %f" + +# If Mutt is unable to determine your site's domain name correctly, you can +# set the default here. +# +# set hostname=cs.hmc.edu + +# If your sendmail supports the -B8BITMIME flag, enable the following +# +# set use_8bitmime + +# Use mime.types to look up handlers for application/octet-stream. Can +# be undone with unmime_lookup. +mime_lookup application/octet-stream + +## +## *** DEFAULT SETTINGS FOR THE ATTACHMENTS PATCH *** +## + +## +## Please see the manual (section "attachments") for detailed +## documentation of the "attachments" command. +## +## Removing a pattern from a list removes that pattern literally. It +## does not remove any type matching the pattern. +## +## attachments +A */.* +## attachments +A image/jpeg +## unattachments +A */.* +## +## This leaves "attached" image/jpeg files on the allowed attachments +## list. It does not remove all items, as you might expect, because the +## second */.* is not a matching expression at this time. +## +## Remember: "unattachments" only undoes what "attachments" has done! +## It does not trigger any matching on actual messages. + +## Qualify any MIME part with an "attachment" disposition, EXCEPT for +## text/x-vcard and application/pgp parts. (PGP parts are already known +## to mutt, and can be searched for with ~g, ~G, and ~k.) +## +## I've added x-pkcs7 to this, since it functions (for S/MIME) +## analogously to PGP signature attachments. S/MIME isn't supported +## in a stock mutt build, but we can still treat it specially here. +## +attachments +A */.* +attachments -A text/x-vcard application/pgp.* +attachments -A application/x-pkcs7-.* + +## Discount all MIME parts with an "inline" disposition, unless they're +## text/plain. (Why inline a text/plain part unless it's external to the +## message flow?) +## +attachments +I text/plain + +## These two lines make Mutt qualify MIME containers. (So, for example, +## a message/rfc822 forward will count as an attachment.) The first +## line is unnecessary if you already have "attach-allow */.*", of +## course. These are off by default! The MIME elements contained +## within a message/* or multipart/* are still examined, even if the +## containers themseves don't qualify. +## +#attachments +A message/.* multipart/.* +#attachments +I message/.* multipart/.* + +## You probably don't really care to know about deleted attachments. +attachments -A message/external-body +attachments -I message/external-body + +## +## More settings +## + + +# set abort_nosubject=ask-yes +# +# Name: abort_nosubject +# Type: quadoption +# Default: ask-yes +# +# +# If set to yes, when composing messages and no subject is given +# at the subject prompt, composition will be aborted. If set to +# no, composing messages with no subject given at the subject +# prompt will never be aborted. +# +# +# set abort_unmodified=yes +# +# Name: abort_unmodified +# Type: quadoption +# Default: yes +# +# +# If set to yes, composition will automatically abort after +# editing the message body if no changes are made to the file (this +# check only happens after the first edit of the file). When set +# to no, composition will never be aborted. +# +# +# set alias_file="~/.muttrc" +# +# Name: alias_file +# Type: path +# Default: "~/.muttrc" +# +# +# The default file in which to save aliases created by the +# function. Entries added to this file are +# encoded in the character set specified by $config_charset if it +# is set or the current character set otherwise. +# +# Note: Mutt will not automatically source this file; you must +# explicitly use the ``source'' command for it to be executed in case +# this option points to a dedicated alias file. +# +# The default for this option is the currently used muttrc file, or +# ``~/.muttrc'' if no user muttrc was found. +# +# +# set alias_format="%4n %2f %t %-10a %r" +# +# Name: alias_format +# Type: string +# Default: "%4n %2f %t %-10a %r" +# +# +# Specifies the format of the data displayed for the ``alias'' menu. The +# following printf(3)-style sequences are available: +# %a alias name +# %f flags - currently, a ``d'' for an alias marked for deletion +# %n index number +# %r address which alias expands to +# %t character which indicates if the alias is tagged for inclusion +# +# +# set allow_8bit=yes +# +# Name: allow_8bit +# Type: boolean +# Default: yes +# +# +# Controls whether 8-bit data is converted to 7-bit using either Quoted- +# Printable or Base64 encoding when sending mail. +# +# +# set allow_ansi=no +# +# Name: allow_ansi +# Type: boolean +# Default: no +# +# +# Controls whether ANSI color codes in messages (and color tags in +# rich text messages) are to be interpreted. +# Messages containing these codes are rare, but if this option is set, +# their text will be colored accordingly. Note that this may override +# your color choices, and even present a security problem, since a +# message could include a line like +# [-- PGP output follows ... +# +# and give it the same color as your attachment color (see also +# $crypt_timestamp). +# +# +# set arrow_cursor=no +# +# Name: arrow_cursor +# Type: boolean +# Default: no +# +# +# When set, an arrow (``->'') will be used to indicate the current entry +# in menus instead of highlighting the whole line. On slow network or modem +# links this will make response faster because there is less that has to +# be redrawn on the screen when moving to the next or previous entries +# in the menu. +# +# +# set ascii_chars=no +# +# Name: ascii_chars +# Type: boolean +# Default: no +# +# +# If set, Mutt will use plain ASCII characters when displaying thread +# and attachment trees, instead of the default ACS characters. +# +# +# set askbcc=no +# +# Name: askbcc +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for blind-carbon-copy (Bcc) recipients +# before editing an outgoing message. +# +# +# set askcc=no +# +# Name: askcc +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for carbon-copy (Cc) recipients before +# editing the body of an outgoing message. +# +# +# set ask_follow_up=no +# +# Name: ask_follow_up +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for follow-up groups before editing +# the body of an outgoing message. +# +# +# set ask_x_comment_to=no +# +# Name: ask_x_comment_to +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for x-comment-to field before editing +# the body of an outgoing message. +# +# +# set assumed_charset="" +# +# Name: assumed_charset +# Type: string +# Default: "" +# +# +# This variable is a colon-separated list of character encoding +# schemes for messages without character encoding indication. +# Header field values and message body content without character encoding +# indication would be assumed that they are written in one of this list. +# By default, all the header fields and message body without any charset +# indication are assumed to be in ``us-ascii''. +# +# For example, Japanese users might prefer this: +# set assumed_charset="iso-2022-jp:euc-jp:shift_jis:utf-8" +# +# However, only the first content is valid for the message body. +# +# +# set attach_charset="" +# +# Name: attach_charset +# Type: string +# Default: "" +# +# +# This variable is a colon-separated list of character encoding +# schemes for text file attachments. Mutt uses this setting to guess +# which encoding files being attached are encoded in to convert them to +# a proper character set given in $send_charset. +# +# If unset, the value of $charset will be used instead. +# For example, the following configuration would work for Japanese +# text handling: +# set attach_charset="iso-2022-jp:euc-jp:shift_jis:utf-8" +# +# Note: for Japanese users, ``iso-2022-*'' must be put at the head +# of the value as shown above if included. +# +# +# set attach_format="%u%D%I %t%4n %T%.40d%> [%.7m/%.10M, %.6e%?C?, %C?, %s] " +# +# Name: attach_format +# Type: string +# Default: "%u%D%I %t%4n %T%.40d%> [%.7m/%.10M, %.6e%?C?, %C?, %s] " +# +# +# This variable describes the format of the ``attachment'' menu. The +# following printf(3)-style sequences are understood: +# %C charset +# %c requires charset conversion (``n'' or ``c'') +# %D deleted flag +# %d description +# %e MIME content-transfer-encoding +# %f filename +# %I disposition (``I'' for inline, ``A'' for attachment) +# %m major MIME type +# %M MIME subtype +# %n attachment number +# %Q ``Q'', if MIME part qualifies for attachment counting +# %s size +# %t tagged flag +# %T graphic tree characters +# %u unlink (=to delete) flag +# %X number of qualifying MIME parts in this part and its children +# (please see the ``attachments'' section for possible speed effects) +# %>X right justify the rest of the string and pad with character ``X'' +# %|X pad to the end of the line with character ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# For an explanation of ``soft-fill'', see the $index_format documentation. +# +# +# set attach_sep="\n" +# +# Name: attach_sep +# Type: string +# Default: "\n" +# +# +# The separator to add between attachments when operating (saving, +# printing, piping, etc) on a list of tagged attachments. +# +# +# set attach_split=yes +# +# Name: attach_split +# Type: boolean +# Default: yes +# +# +# If this variable is unset, when operating (saving, printing, piping, +# etc) on a list of tagged attachments, Mutt will concatenate the +# attachments and will operate on them as a single attachment. The +# $attach_sep separator is added after each attachment. When set, +# Mutt will operate on the attachments one by one. +# +# +# set attribution="On %d, %n wrote:" +# +# Name: attribution +# Type: string +# Default: "On %d, %n wrote:" +# +# +# This is the string that will precede a message which has been included +# in a reply. For a full listing of defined printf(3)-like sequences see +# the section on $index_format. +# +# +# set auto_tag=no +# +# Name: auto_tag +# Type: boolean +# Default: no +# +# +# When set, functions in the index menu which affect a message +# will be applied to all tagged messages (if there are any). When +# unset, you must first use the function (bound to ``;'' +# by default) to make the next function apply to all tagged messages. +# +# +# set autoedit=no +# +# Name: autoedit +# Type: boolean +# Default: no +# +# +# When set along with $edit_headers, Mutt will skip the initial +# send-menu (prompting for subject and recipients) and allow you to +# immediately begin editing the body of your +# message. The send-menu may still be accessed once you have finished +# editing the body of your message. +# +# Note: when this option is set, you cannot use send-hooks that depend +# on the recipients when composing a new (non-reply) message, as the initial +# list of recipients is empty. +# +# Also see $fast_reply. +# +# +# set beep=yes +# +# Name: beep +# Type: boolean +# Default: yes +# +# +# When this variable is set, mutt will beep when an error occurs. +# +# +# set beep_new=no +# +# Name: beep_new +# Type: boolean +# Default: no +# +# +# When this variable is set, mutt will beep whenever it prints a message +# notifying you of new mail. This is independent of the setting of the +# $beep variable. +# +# +# set bounce=ask-yes +# +# Name: bounce +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether you will be asked to confirm bouncing messages. +# If set to yes you don't get asked if you want to bounce a +# message. Setting this variable to no is not generally useful, +# and thus not recommended, because you are unable to bounce messages. +# +# +# set bounce_delivered=yes +# +# Name: bounce_delivered +# Type: boolean +# Default: yes +# +# +# When this variable is set, mutt will include Delivered-To headers when +# bouncing messages. Postfix users may wish to unset this variable. +# +# +# set braille_friendly=no +# +# Name: braille_friendly +# Type: boolean +# Default: no +# +# +# When this variable is set, mutt will place the cursor at the beginning +# of the current line in menus, even when the $arrow_cursor variable +# is unset, making it easier for blind persons using Braille displays to +# follow these menus. The option is unset by default because many +# visual terminals don't permit making the cursor invisible. +# +# +# set catchup_newsgroup=ask-yes +# +# Name: catchup_newsgroup +# Type: quadoption +# Default: ask-yes +# +# +# If this variable is set, Mutt will mark all articles in newsgroup +# as read when you quit the newsgroup (catchup newsgroup). +# +# +# set certificate_file="~/.mutt_certificates" +# +# Name: certificate_file +# Type: path +# Default: "~/.mutt_certificates" +# +# +# This variable specifies the file where the certificates you trust +# are saved. When an unknown certificate is encountered, you are asked +# if you accept it or not. If you accept it, the certificate can also +# be saved in this file and further connections are automatically +# accepted. +# +# You can also manually add CA certificates in this file. Any server +# certificate that is signed with one of these CA certificates is +# also automatically accepted. +# +# Example: +# set certificate_file=~/.mutt/certificates +# +# +# set charset="" +# +# Name: charset +# Type: string +# Default: "" +# +# +# Character set your terminal uses to display and enter textual data. +# It is also the fallback for $send_charset. +# +# Upon startup Mutt tries to derive this value from environment variables +# such as $LC_CTYPE or $LANG. +# +# Note: It should only be set in case Mutt isn't abled to determine the +# character set used correctly. +# +# +# set check_mbox_size=no +# +# Name: check_mbox_size +# Type: boolean +# Default: no +# +# +# When this variable is set, mutt will use file size attribute instead of +# access time when checking for new mail in mbox and mmdf folders. +# +# This variable is unset by default and should only be enabled when +# new mail detection for these folder types is unreliable or doesn't work. +# +# Note that enabling this variable should happen before any ``mailboxes'' +# directives occur in configuration files regarding mbox or mmdf folders +# because mutt needs to determine the initial new mail status of such a +# mailbox by performing a fast mailbox scan when it is defined. +# Afterwards the new mail status is tracked by file size changes. +# +# +# set change_folder_next=no +# +# Name: change_folder_next +# Type: boolean +# Default: no +# +# +# When this variable is set, the change-folder command will start at the +# next folder after the current folder in your mailbox list instead of +# starting at the first folder. +# +# +# set check_new=yes +# +# Name: check_new +# Type: boolean +# Default: yes +# +# +# Note: this option only affects maildir and MH style +# mailboxes. +# +# When set, Mutt will check for new mail delivered while the +# mailbox is open. Especially with MH mailboxes, this operation can +# take quite some time since it involves scanning the directory and +# checking each file to see if it has already been looked at. If +# this variable is unset, no check for new mail is performed +# while the mailbox is open. +# +# +# set collapse_unread=yes +# +# Name: collapse_unread +# Type: boolean +# Default: yes +# +# +# When unset, Mutt will not collapse a thread if it contains any +# unread messages. +# +# +# set collapse_flagged=yes +# +# Name: collapse_flagged +# Type: boolean +# Default: yes +# +# +# When unset, Mutt will not collapse a thread if it contains any +# flagged messages. +# +# +# set compose_format="-- Mutt: Compose [Approx. msg size: %l Atts: %a]%>-" +# +# Name: compose_format +# Type: string +# Default: "-- Mutt: Compose [Approx. msg size: %l Atts: %a]%>-" +# +# +# Controls the format of the status line displayed in the ``compose'' +# menu. This string is similar to $status_format, but has its own +# set of printf(3)-like sequences: +# %a total number of attachments +# %h local hostname +# %l approximate size (in bytes) of the current message +# %v Mutt version string +# +# +# See the text describing the $status_format option for more +# information on how to set $compose_format. +# +# +# set config_charset="" +# +# Name: config_charset +# Type: string +# Default: "" +# +# +# When defined, Mutt will recode commands in rc files from this +# encoding to the current character set as specified by $charset +# and aliases written to $alias_file from the current character set. +# +# Please note that if setting $charset it must be done before +# setting $config_charset. +# +# Recoding should be avoided as it may render unconvertable +# characters as question marks which can lead to undesired +# side effects (for example in regular expressions). +# +# +# set confirmappend=yes +# +# Name: confirmappend +# Type: boolean +# Default: yes +# +# +# When set, Mutt will prompt for confirmation when appending messages to +# an existing mailbox. +# +# +# set confirmcreate=yes +# +# Name: confirmcreate +# Type: boolean +# Default: yes +# +# +# When set, Mutt will prompt for confirmation when saving messages to a +# mailbox which does not yet exist before creating it. +# +# +# set connect_timeout=30 +# +# Name: connect_timeout +# Type: number +# Default: 30 +# +# +# Causes Mutt to timeout a network connection (for IMAP, POP or SMTP) after this +# many seconds if the connection is not able to be established. A negative +# value causes Mutt to wait indefinitely for the connection attempt to succeed. +# +# +# set content_type="text/plain" +# +# Name: content_type +# Type: string +# Default: "text/plain" +# +# +# Sets the default Content-Type for the body of newly composed messages. +# +# +# set copy=yes +# +# Name: copy +# Type: quadoption +# Default: yes +# +# +# This variable controls whether or not copies of your outgoing messages +# will be saved for later references. Also see $record, +# $save_name, $force_name and ``fcc-hook''. +# +# +# set crypt_autoencrypt=no +# +# Name: crypt_autoencrypt +# Type: boolean +# Default: no +# +# +# Setting this variable will cause Mutt to always attempt to PGP +# encrypt outgoing messages. This is probably only useful in +# connection to the ``send-hook'' command. It can be overridden +# by use of the pgp menu, when encryption is not required or +# signing is requested as well. If $smime_is_default is set, +# then OpenSSL is used instead to create S/MIME messages and +# settings can be overridden by use of the smime menu instead. +# (Crypto only) +# +# +# set crypt_autopgp=yes +# +# Name: crypt_autopgp +# Type: boolean +# Default: yes +# +# +# This variable controls whether or not mutt may automatically enable +# PGP encryption/signing for messages. See also $crypt_autoencrypt, +# $crypt_replyencrypt, +# $crypt_autosign, $crypt_replysign and $smime_is_default. +# +# +# set crypt_autosign=no +# +# Name: crypt_autosign +# Type: boolean +# Default: no +# +# +# Setting this variable will cause Mutt to always attempt to +# cryptographically sign outgoing messages. This can be overridden +# by use of the pgp menu, when signing is not required or +# encryption is requested as well. If $smime_is_default is set, +# then OpenSSL is used instead to create S/MIME messages and settings can +# be overridden by use of the smime menu instead of the pgp menu. +# (Crypto only) +# +# +# set crypt_autosmime=yes +# +# Name: crypt_autosmime +# Type: boolean +# Default: yes +# +# +# This variable controls whether or not mutt may automatically enable +# S/MIME encryption/signing for messages. See also $crypt_autoencrypt, +# $crypt_replyencrypt, +# $crypt_autosign, $crypt_replysign and $smime_is_default. +# +# +# set crypt_replyencrypt=yes +# +# Name: crypt_replyencrypt +# Type: boolean +# Default: yes +# +# +# If set, automatically PGP or OpenSSL encrypt replies to messages which are +# encrypted. +# (Crypto only) +# +# +# set crypt_replysign=no +# +# Name: crypt_replysign +# Type: boolean +# Default: no +# +# +# If set, automatically PGP or OpenSSL sign replies to messages which are +# signed. +# +# Note: this does not work on messages that are encrypted +# and signed! +# (Crypto only) +# +# +# set crypt_replysignencrypted=no +# +# Name: crypt_replysignencrypted +# Type: boolean +# Default: no +# +# +# If set, automatically PGP or OpenSSL sign replies to messages +# which are encrypted. This makes sense in combination with +# $crypt_replyencrypt, because it allows you to sign all +# messages which are automatically encrypted. This works around +# the problem noted in $crypt_replysign, that mutt is not able +# to find out whether an encrypted message is also signed. +# (Crypto only) +# +# +# set crypt_timestamp=yes +# +# Name: crypt_timestamp +# Type: boolean +# Default: yes +# +# +# If set, mutt will include a time stamp in the lines surrounding +# PGP or S/MIME output, so spoofing such lines is more difficult. +# If you are using colors to mark these lines, and rely on these, +# you may unset this setting. +# (Crypto only) +# +# +# set crypt_use_gpgme=no +# +# Name: crypt_use_gpgme +# Type: boolean +# Default: no +# +# +# This variable controls the use of the GPGME-enabled crypto backends. +# If it is set and Mutt was built with gpgme support, the gpgme code for +# S/MIME and PGP will be used instead of the classic code. Note that +# you need to set this option in .muttrc; it won't have any effect when +# used interactively. +# +# +# set crypt_use_pka=no +# +# Name: crypt_use_pka +# Type: boolean +# Default: no +# +# +# Controls whether mutt uses PKA +# (see http://www.g10code.de/docs/pka-intro.de.pdf) during signature +# verification (only supported by the GPGME backend). +# +# +# set crypt_verify_sig=yes +# +# Name: crypt_verify_sig +# Type: quadoption +# Default: yes +# +# +# If ``yes'', always attempt to verify PGP or S/MIME signatures. +# If ``ask-*'', ask whether or not to verify the signature. +# If \Fi``no'', never attempt to verify cryptographic signatures. +# (Crypto only) +# +# +# set date_format="!%a, %b %d, %Y at %I:%M:%S%p %Z" +# +# Name: date_format +# Type: string +# Default: "!%a, %b %d, %Y at %I:%M:%S%p %Z" +# +# +# This variable controls the format of the date printed by the ``%d'' +# sequence in $index_format. This is passed to the strftime(3) +# function to process the date, see the man page for the proper syntax. +# +# Unless the first character in the string is a bang (``!''), the month +# and week day names are expanded according to the locale specified in +# the variable $locale. If the first character in the string is a +# bang, the bang is discarded, and the month and week day names in the +# rest of the string are expanded in the C locale (that is in US +# English). +# +# +# set default_hook="~f %s !~P | (~P ~C %s)" +# +# Name: default_hook +# Type: string +# Default: "~f %s !~P | (~P ~C %s)" +# +# +# This variable controls how ``message-hook'', ``reply-hook'', ``send-hook'', +# ``send2-hook'', ``save-hook'', and ``fcc-hook'' will +# be interpreted if they are specified with only a simple regexp, +# instead of a matching pattern. The hooks are expanded when they are +# declared, so a hook will be interpreted according to the value of this +# variable at the time the hook is declared. +# +# The default value matches +# if the message is either from a user matching the regular expression +# given, or if it is from you (if the from address matches +# ``alternates'') and is to or cc'ed to a user matching the given +# regular expression. +# +# +# set delete=ask-yes +# +# Name: delete +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not messages are really deleted when closing or +# synchronizing a mailbox. If set to yes, messages marked for +# deleting will automatically be purged without prompting. If set to +# no, messages marked for deletion will be kept in the mailbox. +# +# +# set delete_untag=yes +# +# Name: delete_untag +# Type: boolean +# Default: yes +# +# +# If this option is set, mutt will untag messages when marking them +# for deletion. This applies when you either explicitly delete a message, +# or when you save it to another folder. +# +# +# set digest_collapse=yes +# +# Name: digest_collapse +# Type: boolean +# Default: yes +# +# +# If this option is set, mutt's received-attachments menu will not show the subparts of +# individual messages in a multipart/digest. To see these subparts, press ``v'' on that menu. +# +# +# set display_filter="" +# +# Name: display_filter +# Type: path +# Default: "" +# +# +# When set, specifies a command used to filter messages. When a message +# is viewed it is passed as standard input to $display_filter, and the +# filtered message is read from the standard output. +# +# +# set dotlock_program="/usr/bin/mutt_dotlock" +# +# Name: dotlock_program +# Type: path +# Default: "/usr/bin/mutt_dotlock" +# +# +# Contains the path of the mutt_dotlock(8) binary to be used by +# mutt. +# +# +# set dsn_notify="" +# +# Name: dsn_notify +# Type: string +# Default: "" +# +# +# This variable sets the request for when notification is returned. The +# string consists of a comma separated list (no spaces!) of one or more +# of the following: never, to never request notification, +# failure, to request notification on transmission failure, +# delay, to be notified of message delays, success, to be +# notified of successful transmission. +# +# Example: +# set dsn_notify="failure,delay" +# +# Note: when using $sendmail for delivery, you should not enable +# this unless you are either using Sendmail 8.8.x or greater or a MTA +# providing a sendmail(1)-compatible interface supporting the -N option +# for DSN. For SMTP delivery, DSN support is autodetected so that it +# depends on the server whether DSN will be used or not. +# +# +# set dsn_return="" +# +# Name: dsn_return +# Type: string +# Default: "" +# +# +# This variable controls how much of your message is returned in DSN +# messages. It may be set to either hdrs to return just the +# message header, or full to return the full message. +# +# Example: +# set dsn_return=hdrs +# +# Note: when using $sendmail for delivery, you should not enable +# this unless you are either using Sendmail 8.8.x or greater or a MTA +# providing a sendmail(1)-compatible interface supporting the -R option +# for DSN. For SMTP delivery, DSN support is autodetected so that it +# depends on the server whether DSN will be used or not. +# +# +# set duplicate_threads=yes +# +# Name: duplicate_threads +# Type: boolean +# Default: yes +# +# +# This variable controls whether mutt, when $sort is set to threads, threads +# messages with the same Message-Id together. If it is set, it will indicate +# that it thinks they are duplicates of each other with an equals sign +# in the thread tree. +# +# +# set edit_headers=no +# +# Name: edit_headers +# Type: boolean +# Default: no +# +# +# This option allows you to edit the header of your outgoing messages +# along with the body of your message. +# +# Note that changes made to the References: and Date: headers are +# ignored for interoperability reasons. +# +# +# set editor="" +# +# Name: editor +# Type: path +# Default: "" +# +# +# This variable specifies which editor is used by mutt. +# It defaults to the value of the $VISUAL, or $EDITOR, environment +# variable, or to the string ``vi'' if neither of those are set. +# +# +# set encode_from=no +# +# Name: encode_from +# Type: boolean +# Default: no +# +# +# When set, mutt will quoted-printable encode messages when +# they contain the string ``From '' (note the trailing space) in the beginning of a line. +# This is useful to avoid the tampering certain mail delivery and transport +# agents tend to do with messages (in order to prevent tools from +# misinterpreting the line as a mbox message separator). +# +# +# set entropy_file="" +# +# Name: entropy_file +# Type: path +# Default: "" +# +# +# The file which includes random data that is used to initialize SSL +# library functions. +# +# +# set envelope_from_address="" +# +# Name: envelope_from_address +# Type: e-mail address +# Default: "" +# +# +# Manually sets the envelope sender for outgoing messages. +# This value is ignored if $use_envelope_from is unset. +# +# +# set escape="~" +# +# Name: escape +# Type: string +# Default: "~" +# +# +# Escape character to use for functions in the builtin editor. +# +# +# set fast_reply=no +# +# Name: fast_reply +# Type: boolean +# Default: no +# +# +# When set, the initial prompt for recipients and subject are skipped +# when replying to messages, and the initial prompt for subject is +# skipped when forwarding messages. +# +# Note: this variable has no effect when the $autoedit +# variable is set. +# +# +# set fcc_attach=yes +# +# Name: fcc_attach +# Type: quadoption +# Default: yes +# +# +# This variable controls whether or not attachments on outgoing messages +# are saved along with the main body of your message. +# +# +# set fcc_clear=no +# +# Name: fcc_clear +# Type: boolean +# Default: no +# +# +# When this variable is set, FCCs will be stored unencrypted and +# unsigned, even when the actual message is encrypted and/or +# signed. +# (PGP only) +# +# +# set folder="~/Mail" +# +# Name: folder +# Type: path +# Default: "~/Mail" +# +# +# Specifies the default location of your mailboxes. A ``+'' or ``='' at the +# beginning of a pathname will be expanded to the value of this +# variable. Note that if you change this variable (from the default) +# value you need to make sure that the assignment occurs before +# you use ``+'' or ``='' for any other variables since expansion takes place +# when handling the ``mailboxes'' command. +# +# +# set folder_format="%2C %t %N %F %2l %-8.8u %-8.8g %8s %d %f" +# +# Name: folder_format +# Type: string +# Default: "%2C %t %N %F %2l %-8.8u %-8.8g %8s %d %f" +# +# +# This variable allows you to customize the file browser display to your +# personal taste. This string is similar to $index_format, but has +# its own set of printf(3)-like sequences: +# %C current file number +# %d date/time folder was last modified +# %D date/time folder was last modified using $date_format. +# %f filename (``/'' is appended to directory names, +# ``@@'' to symbolic links and ``*'' to executable +# files) +# %F file permissions +# %g group name (or numeric gid, if missing) +# %l number of hard links +# %N N if folder has new mail, blank otherwise +# %s size in bytes +# %t ``*'' if the file is tagged, blank otherwise +# %u owner name (or numeric uid, if missing) +# %>X right justify the rest of the string and pad with character ``X'' +# %|X pad to the end of the line with character ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# For an explanation of ``soft-fill'', see the $index_format documentation. +# +# +# set followup_to=yes +# +# Name: followup_to +# Type: boolean +# Default: yes +# +# +# Controls whether or not the ``Mail-Followup-To:'' header field is +# generated when sending mail. When set, Mutt will generate this +# field when you are replying to a known mailing list, specified with +# the ``subscribe'' or ``lists'' commands. +# +# This field has two purposes. First, preventing you from +# receiving duplicate copies of replies to messages which you send +# to mailing lists, and second, ensuring that you do get a reply +# separately for any messages sent to known lists to which you are +# not subscribed. +# +# The header will contain only the list's address +# for subscribed lists, and both the list address and your own +# email address for unsubscribed lists. Without this header, a +# group reply to your message sent to a subscribed list will be +# sent to both the list and your address, resulting in two copies +# of the same email for you. +# +# +# set followup_to_poster=ask-yes +# +# Name: followup_to_poster +# Type: quadoption +# Default: ask-yes +# +# +# If this variable is set and the keyword "poster" is present in +# Followup-To header, follow-up to newsgroup function is not +# permitted. The message will be mailed to the submitter of the +# message via mail. +# +# +# set force_name=no +# +# Name: force_name +# Type: boolean +# Default: no +# +# +# This variable is similar to $save_name, except that Mutt will +# store a copy of your outgoing message by the username of the address +# you are sending to even if that mailbox does not exist. +# +# Also see the $record variable. +# +# +# set forward_decode=yes +# +# Name: forward_decode +# Type: boolean +# Default: yes +# +# +# Controls the decoding of complex MIME messages into text/plain when +# forwarding a message. The message header is also RFC2047 decoded. +# This variable is only used, if $mime_forward is unset, +# otherwise $mime_forward_decode is used instead. +# +# +# set forward_decrypt=yes +# +# Name: forward_decrypt +# Type: boolean +# Default: yes +# +# +# Controls the handling of encrypted messages when forwarding a message. +# When set, the outer layer of encryption is stripped off. This +# variable is only used if $mime_forward is set and +# $mime_forward_decode is unset. +# (PGP only) +# +# +# set forward_edit=yes +# +# Name: forward_edit +# Type: quadoption +# Default: yes +# +# +# This quadoption controls whether or not the user is automatically +# placed in the editor when forwarding messages. For those who always want +# to forward with no modification, use a setting of ``no''. +# +# +# set forward_format="[%a: %s]" +# +# Name: forward_format +# Type: string +# Default: "[%a: %s]" +# +# +# This variable controls the default subject when forwarding a message. +# It uses the same format sequences as the $index_format variable. +# +# +# set forward_quote=no +# +# Name: forward_quote +# Type: boolean +# Default: no +# +# +# When set, forwarded messages included in the main body of the +# message (when $mime_forward is unset) will be quoted using +# $indent_string. +# +# +# set from="" +# +# Name: from +# Type: e-mail address +# Default: "" +# +# +# When set, this variable contains a default from address. It +# can be overridden using ``my_hdr'' (including from a ``send-hook'') and +# $reverse_name. This variable is ignored if $use_from is unset. +# +# This setting defaults to the contents of the environment variable $EMAIL. +# +# +# set gecos_mask="^[^,]*" +# +# Name: gecos_mask +# Type: regular expression +# Default: "^[^,]*" +# +# +# A regular expression used by mutt to parse the GECOS field of a password +# entry when expanding the alias. The default value +# will return the string up to the first ``,'' encountered. +# If the GECOS field contains a string like ``lastname, firstname'' then you +# should set it to ``.*''. +# +# This can be useful if you see the following behavior: you address an e-mail +# to user ID ``stevef'' whose full name is ``Steve Franklin''. If mutt expands +# ``stevef'' to ``"Franklin" stevef@@foo.bar'' then you should set the $gecos_mask to +# a regular expression that will match the whole name so mutt will expand +# ``Franklin'' to ``Franklin, Steve''. +# +# +# set group_index_format="%4C %M%N %5s %-45.45f %d" +# +# Name: group_index_format +# Type: string +# Default: "%4C %M%N %5s %-45.45f %d" +# +# +# This variable allows you to customize the newsgroup browser display to +# your personal taste. This string is similar to ``index_format'', but +# has its own set of printf()-like sequences: +# +# %C current newsgroup number +# %d description of newsgroup (becomes from server) +# %f newsgroup name +# %M - if newsgroup not allowed for direct post (moderated for example) +# %N N if newsgroup is new, u if unsubscribed, blank otherwise +# %n number of new articles in newsgroup +# %s number of unread articles in newsgroup +# %>X right justify the rest of the string and pad with character "X" +# %|X pad to the end of the line with character "X" +# +# +# set hdrs=yes +# +# Name: hdrs +# Type: boolean +# Default: yes +# +# +# When unset, the header fields normally added by the ``my_hdr'' +# command are not created. This variable must be unset before +# composing a new message or replying in order to take effect. If set, +# the user defined header fields are added to every new message. +# +# +# set header=no +# +# Name: header +# Type: boolean +# Default: no +# +# +# When set, this variable causes Mutt to include the header +# of the message you are replying to into the edit buffer. +# The $weed setting applies. +# +# +# set header_cache="" +# +# Name: header_cache +# Type: path +# Default: "" +# +# +# This variable points to the header cache database. +# If pointing to a directory Mutt will contain a header cache +# database file per folder, if pointing to a file that file will +# be a single global header cache. By default it is unset so no header +# caching will be used. +# +# Header caching can greatly improve speed when opening POP, IMAP +# MH or Maildir folders, see ``caching'' for details. +# +# +# set header_cache_compress=yes +# +# Name: header_cache_compress +# Type: boolean +# Default: yes +# +# +# When mutt is compiled with qdbm or tokyocabinet as header cache backend, +# this option determines whether the database will be compressed. +# Compression results in database files roughly being one fifth +# of the usual diskspace, but the uncompression can result in a +# slower opening of cached folder(s) which in general is still +# much faster than opening non header cached folders. +# +# +# set header_cache_pagesize="16384" +# +# Name: header_cache_pagesize +# Type: string +# Default: "16384" +# +# +# When mutt is compiled with either gdbm or bdb4 as the header cache backend, +# this option changes the database page size. Too large or too small +# values can waste space, memory, or CPU time. The default should be more +# or less optimal for most use cases. +# +# +# set help=yes +# +# Name: help +# Type: boolean +# Default: yes +# +# +# When set, help lines describing the bindings for the major functions +# provided by each menu are displayed on the first line of the screen. +# +# Note: The binding will not be displayed correctly if the +# function is bound to a sequence rather than a single keystroke. Also, +# the help line may not be updated if a binding is changed while Mutt is +# running. Since this variable is primarily aimed at new users, neither +# of these should present a major problem. +# +# +# set hidden_host=no +# +# Name: hidden_host +# Type: boolean +# Default: no +# +# +# When set, mutt will skip the host name part of $hostname variable +# when adding the domain part to addresses. This variable does not +# affect the generation of Message-IDs, and it will not lead to the +# cut-off of first-level domains. +# +# +# set hide_limited=no +# +# Name: hide_limited +# Type: boolean +# Default: no +# +# +# When set, mutt will not show the presence of messages that are hidden +# by limiting, in the thread tree. +# +# +# set hide_missing=yes +# +# Name: hide_missing +# Type: boolean +# Default: yes +# +# +# When set, mutt will not show the presence of missing messages in the +# thread tree. +# +# +# set hide_thread_subject=yes +# +# Name: hide_thread_subject +# Type: boolean +# Default: yes +# +# +# When set, mutt will not show the subject of messages in the thread +# tree that have the same subject as their parent or closest previously +# displayed sibling. +# +# +# set hide_top_limited=no +# +# Name: hide_top_limited +# Type: boolean +# Default: no +# +# +# When set, mutt will not show the presence of messages that are hidden +# by limiting, at the top of threads in the thread tree. Note that when +# $hide_limited is set, this option will have no effect. +# +# +# set hide_top_missing=yes +# +# Name: hide_top_missing +# Type: boolean +# Default: yes +# +# +# When set, mutt will not show the presence of missing messages at the +# top of threads in the thread tree. Note that when $hide_missing is +# set, this option will have no effect. +# +# +# set history=10 +# +# Name: history +# Type: number +# Default: 10 +# +# +# This variable controls the size (in number of strings remembered) of +# the string history buffer per category. The buffer is cleared each time the +# variable is set. +# +# +# set history_file="~/.mutthistory" +# +# Name: history_file +# Type: path +# Default: "~/.mutthistory" +# +# +# The file in which Mutt will save its history. +# +# +# set honor_disposition=no +# +# Name: honor_disposition +# Type: boolean +# Default: no +# +# +# When set, Mutt will not display attachments with a +# disposition of ``attachment'' inline even if it could +# render the part to plain text. These MIME parts can only +# be viewed from the attachment menu. +# +# If unset, Mutt will render all MIME parts it can +# properly transform to plain text. +# +# +# set honor_followup_to=yes +# +# Name: honor_followup_to +# Type: quadoption +# Default: yes +# +# +# This variable controls whether or not a Mail-Followup-To header is +# honored when group-replying to a message. +# +# +# set hostname="" +# +# Name: hostname +# Type: string +# Default: "" +# +# +# Specifies the fully-qualified hostname of the system mutt is running on +# containing the host's name and the DNS domain it belongs to. It is used +# as the domain part (after ``@@'') for local email addresses as well as +# Message-Id headers. +# +# Its value is determined at startup as follows: If the node's name +# as returned by the uname(3) function contains the hostname and the +# domain, these are used to construct $hostname. If there is no +# domain part returned, Mutt will look for a ``domain'' or ``search'' +# line in /etc/resolv.conf to determine the domain. Optionally, Mutt +# can be compiled with a fixed domain name in which case a detected +# one is not used. +# +# Also see $use_domain and $hidden_host. +# +# +# set ignore_linear_white_space=no +# +# Name: ignore_linear_white_space +# Type: boolean +# Default: no +# +# +# This option replaces linear-white-space between encoded-word +# and text to a single space to prevent the display of MIME-encoded +# ``Subject:'' field from being divided into multiple lines. +# +# +# set ignore_list_reply_to=no +# +# Name: ignore_list_reply_to +# Type: boolean +# Default: no +# +# +# Affects the behaviour of the function when replying to +# messages from mailing lists (as defined by the ``subscribe'' or +# ``lists'' commands). When set, if the ``Reply-To:'' field is +# set to the same value as the ``To:'' field, Mutt assumes that the +# ``Reply-To:'' field was set by the mailing list to automate responses +# to the list, and will ignore this field. To direct a response to the +# mailing list when this option is set, use the +# function; will reply to both the sender and the +# list. +# +# +# set imap_authenticators="" +# +# Name: imap_authenticators +# Type: string +# Default: "" +# +# +# This is a colon-delimited list of authentication methods mutt may +# attempt to use to log in to an IMAP server, in the order mutt should +# try them. Authentication methods are either ``login'' or the right +# side of an IMAP ``AUTH=xxx'' capability string, eg ``digest-md5'', ``gssapi'' +# or ``cram-md5''. This option is case-insensitive. If it's +# unset (the default) mutt will try all available methods, +# in order from most-secure to least-secure. +# +# Example: +# set imap_authenticators="gssapi:cram-md5:login" +# +# Note: Mutt will only fall back to other authentication methods if +# the previous methods are unavailable. If a method is available but +# authentication fails, mutt will not connect to the IMAP server. +# +# +# set imap_check_subscribed=no +# +# Name: imap_check_subscribed +# Type: boolean +# Default: no +# +# +# When set, mutt will fetch the set of subscribed folders from +# your server on connection, and add them to the set of mailboxes +# it polls for new mail just as if you had issued individual ``mailboxes'' +# commands. +# +# +# set imap_delim_chars="/." +# +# Name: imap_delim_chars +# Type: string +# Default: "/." +# +# +# This contains the list of characters which you would like to treat +# as folder separators for displaying IMAP paths. In particular it +# helps in using the ``='' shortcut for your folder variable. +# +# +# set imap_headers="" +# +# Name: imap_headers +# Type: string +# Default: "" +# +# +# Mutt requests these header fields in addition to the default headers +# (``Date:'', ``From:'', ``Subject:'', ``To:'', ``Cc:'', ``Message-Id:'', +# ``References:'', ``Content-Type:'', ``Content-Description:'', ``In-Reply-To:'', +# ``Reply-To:'', ``Lines:'', ``List-Post:'', ``X-Label:'') from IMAP +# servers before displaying the index menu. You may want to add more +# headers for spam detection. +# +# Note: This is a space separated list, items should be uppercase +# and not contain the colon, e.g. ``X-BOGOSITY X-SPAM-STATUS'' for the +# ``X-Bogosity:'' and ``X-Spam-Status:'' header fields. +# +# +# set imap_idle=no +# +# Name: imap_idle +# Type: boolean +# Default: no +# +# +# When set, mutt will attempt to use the IMAP IDLE extension +# to check for new mail in the current mailbox. Some servers +# (dovecot was the inspiration for this option) react badly +# to mutt's implementation. If your connection seems to freeze +# up periodically, try unsetting this. +# +# +# set imap_keepalive=900 +# +# Name: imap_keepalive +# Type: number +# Default: 900 +# +# +# This variable specifies the maximum amount of time in seconds that mutt +# will wait before polling open IMAP connections, to prevent the server +# from closing them before mutt has finished with them. The default is +# well within the RFC-specified minimum amount of time (30 minutes) before +# a server is allowed to do this, but in practice the RFC does get +# violated every now and then. Reduce this number if you find yourself +# getting disconnected from your IMAP server due to inactivity. +# +# +# set imap_list_subscribed=no +# +# Name: imap_list_subscribed +# Type: boolean +# Default: no +# +# +# This variable configures whether IMAP folder browsing will look for +# only subscribed folders or all folders. This can be toggled in the +# IMAP browser with the function. +# +# +# set imap_login="" +# +# Name: imap_login +# Type: string +# Default: "" +# +# +# Your login name on the IMAP server. +# +# This variable defaults to the value of $imap_user. +# +# +# set imap_pass="" +# +# Name: imap_pass +# Type: string +# Default: "" +# +# +# Specifies the password for your IMAP account. If unset, Mutt will +# prompt you for your password when you invoke the function +# or try to open an IMAP folder. +# +# Warning: you should only use this option when you are on a +# fairly secure machine, because the superuser can read your muttrc even +# if you are the only one who can read the file. +# +# +# set imap_passive=yes +# +# Name: imap_passive +# Type: boolean +# Default: yes +# +# +# When set, mutt will not open new IMAP connections to check for new +# mail. Mutt will only check for new mail over existing IMAP +# connections. This is useful if you don't want to be prompted to +# user/password pairs on mutt invocation, or if opening the connection +# is slow. +# +# +# set imap_peek=yes +# +# Name: imap_peek +# Type: boolean +# Default: yes +# +# +# When set, mutt will avoid implicitly marking your mail as read whenever +# you fetch a message from the server. This is generally a good thing, +# but can make closing an IMAP folder somewhat slower. This option +# exists to appease speed freaks. +# +# +# set imap_pipeline_depth=15 +# +# Name: imap_pipeline_depth +# Type: number +# Default: 15 +# +# +# Controls the number of IMAP commands that may be queued up before they +# are sent to the server. A deeper pipeline reduces the amount of time +# mutt must wait for the server, and can make IMAP servers feel much +# more responsive. But not all servers correctly handle pipelined commands, +# so if you have problems you might want to try setting this variable to 0. +# +# Note: Changes to this variable have no effect on open connections. +# +# +# set imap_servernoise=yes +# +# Name: imap_servernoise +# Type: boolean +# Default: yes +# +# +# When set, mutt will display warning messages from the IMAP +# server as error messages. Since these messages are often +# harmless, or generated due to configuration problems on the +# server which are out of the users' hands, you may wish to suppress +# them at some point. +# +# +# set imap_user="" +# +# Name: imap_user +# Type: string +# Default: "" +# +# +# The name of the user whose mail you intend to access on the IMAP +# server. +# +# This variable defaults to your user name on the local machine. +# +# +# set implicit_autoview=no +# +# Name: implicit_autoview +# Type: boolean +# Default: no +# +# +# If set to ``yes'', mutt will look for a mailcap entry with the +# ``copiousoutput'' flag set for every MIME attachment it doesn't have +# an internal viewer defined for. If such an entry is found, mutt will +# use the viewer defined in that entry to convert the body part to text +# form. +# +# +# set include=ask-yes +# +# Name: include +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not a copy of the message(s) you are replying to +# is included in your reply. +# +# +# set include_onlyfirst=no +# +# Name: include_onlyfirst +# Type: boolean +# Default: no +# +# +# Controls whether or not Mutt includes only the first attachment +# of the message you are replying. +# +# +# set indent_string="> " +# +# Name: indent_string +# Type: string +# Default: "> " +# +# +# Specifies the string to prepend to each line of text quoted in a +# message to which you are replying. You are strongly encouraged not to +# change this value, as it tends to agitate the more fanatical netizens. +# +# The value of this option is ignored if $text_flowed is set, too because +# the quoting mechanism is strictly defined for format=flowed. +# +# This option is a format string, please see the description of +# $index_format for supported printf(3)-style sequences. +# +# +# set index_format="%4C %Z %{%b %d} %-15.15L (%?l?%4l&%4c?) %s" +# +# Name: index_format +# Type: string +# Default: "%4C %Z %{%b %d} %-15.15L (%?l?%4l&%4c?) %s" +# +# +# This variable allows you to customize the message index display to +# your personal taste. +# +# ``Format strings'' are similar to the strings used in the C +# function printf(3) to format output (see the man page for more details). +# The following sequences are defined in Mutt: +# %a address of the author +# %A reply-to address (if present; otherwise: address of author) +# %b filename of the original message folder (think mailbox) +# %B the list to which the letter was sent, or else the folder name (%b). +# %c number of characters (bytes) in the message +# %C current message number +# %d date and time of the message in the format specified by +# $date_format converted to sender's time zone +# %D date and time of the message in the format specified by +# $date_format converted to the local time zone +# %e current message number in thread +# %E number of messages in current thread +# %f sender (address + real name), either From: or Return-Path: +# %F author name, or recipient name if the message is from you +# %g newsgroup name (if compiled with nntp support) +# %H spam attribute(s) of this message +# %i message-id of the current message +# %l number of lines in the message (does not work with maildir, +# mh, and possibly IMAP folders) +# %L If an address in the ``To:'' or ``Cc:'' header field matches an address +# defined by the users ``subscribe'' command, this displays +# "To ", otherwise the same as %F. +# %m total number of message in the mailbox +# %M number of hidden messages if the thread is collapsed. +# %N message score +# %n author's real name (or address if missing) +# %O original save folder where mutt would formerly have +# stashed the message: list name or recipient name +# if not sent to a list +# %P progress indicator for the builtin pager (how much of the file has been displayed) +# %R `x-comment-to:' field (if present and compiled with nntp support) +# %s subject of the message +# %S status of the message (``N''/``D''/``d''/``!''/``r''/*) +# %t ``To:'' field (recipients) +# %T the appropriate character from the $to_chars string +# %u user (login) name of the author +# %v first name of the author, or the recipient if the message is from you +# %W name of organization of author (`organization:' field) +# %X number of attachments +# (please see the ``attachments'' section for possible speed effects) +# %y ``X-Label:'' field, if present +# %Y ``X-Label:'' field, if present, and (1) not at part of a thread tree, +# (2) at the top of a thread, or (3) ``X-Label:'' is different from +# preceding message's ``X-Label:''. +# %Z message status flags +# %{fmt} the date and time of the message is converted to sender's +# time zone, and ``fmt'' is expanded by the library function +# strftime(3); a leading bang disables locales +# %[fmt] the date and time of the message is converted to the local +# time zone, and ``fmt'' is expanded by the library function +# strftime(3); a leading bang disables locales +# %(fmt) the local date and time when the message was received. +# ``fmt'' is expanded by the library function strftime(3); +# a leading bang disables locales +# % the current local time. ``fmt'' is expanded by the library +# function strftime(3); a leading bang disables locales. +# %>X right justify the rest of the string and pad with character ``X'' +# %|X pad to the end of the line with character ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# ``Soft-fill'' deserves some explanation: Normal right-justification +# will print everything to the left of the ``%>'', displaying padding and +# whatever lies to the right only if there's room. By contrast, +# soft-fill gives priority to the right-hand side, guaranteeing space +# to display it and showing padding only if there's still room. If +# necessary, soft-fill will eat text leftwards to make room for +# rightward text. +# +# Note that these expandos are supported in +# ``save-hook'', ``fcc-hook'' and ``fcc-save-hook'', too. +# +# +# set inews="" +# +# Name: inews +# Type: path +# Default: "" +# +# +# If set, specifies the program and arguments used to deliver news posted +# by Mutt. Otherwise, mutt posts article using current connection to +# news server. The following printf-style sequence is understood: +# +# %s newsserver name +# +# Example: set inews="/usr/local/bin/inews -hS" +# +# +# set ispell="ispell" +# +# Name: ispell +# Type: path +# Default: "ispell" +# +# +# How to invoke ispell (GNU's spell-checking software). +# +# +# set keep_flagged=no +# +# Name: keep_flagged +# Type: boolean +# Default: no +# +# +# If set, read messages marked as flagged will not be moved +# from your spool mailbox to your $mbox mailbox, or as a result of +# a ``mbox-hook'' command. +# +# +# set locale="C" +# +# Name: locale +# Type: string +# Default: "C" +# +# +# The locale used by strftime(3) to format dates. Legal values are +# the strings your system accepts for the locale environment variable $LC_TIME. +# +# +# set mail_check=5 +# +# Name: mail_check +# Type: number +# Default: 5 +# +# +# This variable configures how often (in seconds) mutt should look for +# new mail. Also see the $timeout variable. +# +# +# set mailcap_path="" +# +# Name: mailcap_path +# Type: string +# Default: "" +# +# +# This variable specifies which files to consult when attempting to +# display MIME bodies not directly supported by Mutt. +# +# +# set mailcap_sanitize=yes +# +# Name: mailcap_sanitize +# Type: boolean +# Default: yes +# +# +# If set, mutt will restrict possible characters in mailcap % expandos +# to a well-defined set of safe characters. This is the safe setting, +# but we are not sure it doesn't break some more advanced MIME stuff. +# +# DON'T CHANGE THIS SETTING UNLESS YOU ARE REALLY SURE WHAT YOU ARE +# DOING! +# +# +# set maildir_header_cache_verify=yes +# +# Name: maildir_header_cache_verify +# Type: boolean +# Default: yes +# +# +# Check for Maildir unaware programs other than mutt having modified maildir +# files when the header cache is in use. This incurs one stat(2) per +# message every time the folder is opened (which can be very slow for NFS +# folders). +# +# +# set maildir_trash=no +# +# Name: maildir_trash +# Type: boolean +# Default: no +# +# +# If set, messages marked as deleted will be saved with the maildir +# trashed flag instead of unlinked. Note: this only applies +# to maildir-style mailboxes. Setting it will have no effect on other +# mailbox types. +# +# +# set mark_old=yes +# +# Name: mark_old +# Type: boolean +# Default: yes +# +# +# Controls whether or not mutt marks new unread +# messages as old if you exit a mailbox without reading them. +# With this option set, the next time you start mutt, the messages +# will show up with an ``O'' next to them in the index menu, +# indicating that they are old. +# +# +# set markers=yes +# +# Name: markers +# Type: boolean +# Default: yes +# +# +# Controls the display of wrapped lines in the internal pager. If set, a +# ``+'' marker is displayed at the beginning of wrapped lines. +# +# Also see the $smart_wrap variable. +# +# +# set mask="!^\\.[^.]" +# +# Name: mask +# Type: regular expression +# Default: "!^\\.[^.]" +# +# +# A regular expression used in the file browser, optionally preceded by +# the not operator ``!''. Only files whose names match this mask +# will be shown. The match is always case-sensitive. +# +# +# set mbox="~/mbox" +# +# Name: mbox +# Type: path +# Default: "~/mbox" +# +# +# This specifies the folder into which read mail in your $spoolfile +# folder will be appended. +# +# Also see the $move variable. +# +# +# set mbox_type=mbox +# +# Name: mbox_type +# Type: folder magic +# Default: mbox +# +# +# The default mailbox type used when creating new folders. May be any of +# ``mbox'', ``MMDF'', ``MH'' and ``Maildir''. This is overriden by the +# -m command-line option. +# +# +# set menu_context=0 +# +# Name: menu_context +# Type: number +# Default: 0 +# +# +# This variable controls the number of lines of context that are given +# when scrolling through menus. (Similar to $pager_context.) +# +# +# set menu_move_off=yes +# +# Name: menu_move_off +# Type: boolean +# Default: yes +# +# +# When unset, the bottom entry of menus will never scroll up past +# the bottom of the screen, unless there are less entries than lines. +# When set, the bottom entry may move off the bottom. +# +# +# set menu_scroll=no +# +# Name: menu_scroll +# Type: boolean +# Default: no +# +# +# When set, menus will be scrolled up or down one line when you +# attempt to move across a screen boundary. If unset, the screen +# is cleared and the next or previous page of the menu is displayed +# (useful for slow links to avoid many redraws). +# +# +# set message_cache_clean=no +# +# Name: message_cache_clean +# Type: boolean +# Default: no +# +# +# If set, mutt will clean out obsolete entries from the message cache when +# the mailbox is synchronized. You probably only want to set it +# every once in a while, since it can be a little slow +# (especially for large folders). +# +# +# set message_cachedir="" +# +# Name: message_cachedir +# Type: path +# Default: "" +# +# +# Set this to a directory and mutt will cache copies of messages from +# your IMAP and POP servers here. You are free to remove entries at any +# time. +# +# When setting this variable to a directory, mutt needs to fetch every +# remote message only once and can perform regular expression searches +# as fast as for local folders. +# +# Also see the $message_cache_clean variable. +# +# +# set message_format="%s" +# +# Name: message_format +# Type: string +# Default: "%s" +# +# +# This is the string displayed in the ``attachment'' menu for +# attachments of type message/rfc822. For a full listing of defined +# printf(3)-like sequences see the section on $index_format. +# +# +# set meta_key=no +# +# Name: meta_key +# Type: boolean +# Default: no +# +# +# If set, forces Mutt to interpret keystrokes with the high bit (bit 8) +# set as if the user had pressed the Esc key and whatever key remains +# after having the high bit removed. For example, if the key pressed +# has an ASCII value of 0xf8, then this is treated as if the user had +# pressed Esc then ``x''. This is because the result of removing the +# high bit from 0xf8 is 0x78, which is the ASCII character +# ``x''. +# +# +# set metoo=no +# +# Name: metoo +# Type: boolean +# Default: no +# +# +# If unset, Mutt will remove your address (see the ``alternates'' +# command) from the list of recipients when replying to a message. +# +# +# set mh_purge=no +# +# Name: mh_purge +# Type: boolean +# Default: no +# +# +# When unset, mutt will mimic mh's behaviour and rename deleted messages +# to , in mh folders instead of really deleting +# them. This leaves the message on disk but makes programs reading the folder +# ignore it. If the variable is set, the message files will simply be +# deleted. +# +# This option is similar to $maildir_trash for Maildir folders. +# +# +# set mh_seq_flagged="flagged" +# +# Name: mh_seq_flagged +# Type: string +# Default: "flagged" +# +# +# The name of the MH sequence used for flagged messages. +# +# +# set mh_seq_replied="replied" +# +# Name: mh_seq_replied +# Type: string +# Default: "replied" +# +# +# The name of the MH sequence used to tag replied messages. +# +# +# set mh_seq_unseen="unseen" +# +# Name: mh_seq_unseen +# Type: string +# Default: "unseen" +# +# +# The name of the MH sequence used for unseen messages. +# +# +# set mime_forward=no +# +# Name: mime_forward +# Type: quadoption +# Default: no +# +# +# When set, the message you are forwarding will be attached as a +# separate message/rfc822 MIME part instead of included in the main body of the +# message. This is useful for forwarding MIME messages so the receiver +# can properly view the message as it was delivered to you. If you like +# to switch between MIME and not MIME from mail to mail, set this +# variable to ``ask-no'' or ``ask-yes''. +# +# Also see $forward_decode and $mime_forward_decode. +# +# +# set mime_forward_decode=no +# +# Name: mime_forward_decode +# Type: boolean +# Default: no +# +# +# Controls the decoding of complex MIME messages into text/plain when +# forwarding a message while $mime_forward is set. Otherwise +# $forward_decode is used instead. +# +# +# set mime_forward_rest=yes +# +# Name: mime_forward_rest +# Type: quadoption +# Default: yes +# +# +# When forwarding multiple attachments of a MIME message from the attachment +# menu, attachments which cannot be decoded in a reasonable manner will +# be attached to the newly composed message if this option is set. +# +# +# set mime_subject=yes +# +# Name: mime_subject +# Type: boolean +# Default: yes +# +# +# If unset, 8-bit ``subject:'' line in article header will not be +# encoded according to RFC2047 to base64. This is useful when message +# is Usenet article, because MIME for news is nonstandard feature. +# +# +# set mix_entry_format="%4n %c %-16s %a" +# +# Name: mix_entry_format +# Type: string +# Default: "%4n %c %-16s %a" +# +# +# This variable describes the format of a remailer line on the mixmaster +# chain selection screen. The following printf(3)-like sequences are +# supported: +# %n The running number on the menu. +# %c Remailer capabilities. +# %s The remailer's short name. +# %a The remailer's e-mail address. +# +# +# set mixmaster="mixmaster" +# +# Name: mixmaster +# Type: path +# Default: "mixmaster" +# +# +# This variable contains the path to the Mixmaster binary on your +# system. It is used with various sets of parameters to gather the +# list of known remailers, and to finally send a message through the +# mixmaster chain. +# +# +# set move=no +# +# Name: move +# Type: quadoption +# Default: no +# +# +# Controls whether or not Mutt will move read messages +# from your spool mailbox to your $mbox mailbox, or as a result of +# a ``mbox-hook'' command. +# +# +# set narrow_tree=no +# +# Name: narrow_tree +# Type: boolean +# Default: no +# +# +# This variable, when set, makes the thread tree narrower, allowing +# deeper threads to fit on the screen. +# +# +# set net_inc=10 +# +# Name: net_inc +# Type: number +# Default: 10 +# +# +# Operations that expect to transfer a large amount of data over the +# network will update their progress every $net_inc kilobytes. +# If set to 0, no progress messages will be displayed. +# +# See also $read_inc, $write_inc and $net_inc. +# +# +# set news_cache_dir="~/.mutt" +# +# Name: news_cache_dir +# Type: path +# Default: "~/.mutt" +# +# +# This variable pointing to directory where Mutt will save cached news +# articles headers in. If unset, headers will not be saved at all +# and will be reloaded each time when you enter to newsgroup. +# +# +# set news_server="" +# +# Name: news_server +# Type: string +# Default: "" +# +# +# This variable specifies domain name or address of NNTP server. It +# defaults to the newsserver specified in the environment variable +# $NNTPSERVER or contained in the file /etc/nntpserver. You can also +# specify username and an alternative port for each newsserver, ie: +# +# [news[s]://][username[:password]@@]newsserver[:port] +# +# +# set newsrc="~/.newsrc" +# +# Name: newsrc +# Type: path +# Default: "~/.newsrc" +# +# +# The file, containing info about subscribed newsgroups - names and +# indexes of read articles. The following printf-style sequence +# is understood: +# +# %s newsserver name +# +# +# set nntp_context=1000 +# +# Name: nntp_context +# Type: number +# Default: 1000 +# +# +# This variable defines number of articles which will be in index when +# newsgroup entered. If active newsgroup have more articles than this +# number, oldest articles will be ignored. Also controls how many +# articles headers will be saved in cache when you quit newsgroup. +# +# +# set nntp_load_description=yes +# +# Name: nntp_load_description +# Type: boolean +# Default: yes +# +# +# This variable controls whether or not descriptions for each newsgroup +# must be loaded when newsgroup is added to list (first time list +# loading or new newsgroup adding). +# +# +# set nntp_user="" +# +# Name: nntp_user +# Type: string +# Default: "" +# +# +# Your login name on the NNTP server. If unset and NNTP server requires +# authentification, Mutt will prompt you for your account name when you +# connect to newsserver. +# +# +# set nntp_pass="" +# +# Name: nntp_pass +# Type: string +# Default: "" +# +# +# Your password for NNTP account. +# +# +# set nntp_poll=60 +# +# Name: nntp_poll +# Type: number +# Default: 60 +# +# +# The time in seconds until any operations on newsgroup except post new +# article will cause recheck for new news. If set to 0, Mutt will +# recheck newsgroup on each operation in index (stepping, read article, +# etc.). +# +# +# set nntp_reconnect=ask-yes +# +# Name: nntp_reconnect +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not Mutt will try to reconnect to newsserver when +# connection lost. +# +# +# set pager="builtin" +# +# Name: pager +# Type: path +# Default: "builtin" +# +# +# This variable specifies which pager you would like to use to view +# messages. The value ``builtin'' means to use the builtin pager, otherwise this +# variable should specify the pathname of the external pager you would +# like to use. +# +# Using an external pager may have some disadvantages: Additional +# keystrokes are necessary because you can't call mutt functions +# directly from the pager, and screen resizes cause lines longer than +# the screen width to be badly formatted in the help menu. +# +# +# set pager_context=0 +# +# Name: pager_context +# Type: number +# Default: 0 +# +# +# This variable controls the number of lines of context that are given +# when displaying the next or previous page in the internal pager. By +# default, Mutt will display the line after the last one on the screen +# at the top of the next page (0 lines of context). +# +# This variable also specifies the amount of context given for search +# results. If positive, this many lines will be given before a match, +# if 0, the match will be top-aligned. +# +# +# set pager_format="-%Z- %C/%m: %-20.20n %s%* -- (%P)" +# +# Name: pager_format +# Type: string +# Default: "-%Z- %C/%m: %-20.20n %s%* -- (%P)" +# +# +# This variable controls the format of the one-line message ``status'' +# displayed before each message in either the internal or an external +# pager. The valid sequences are listed in the $index_format +# section. +# +# +# set pager_index_lines=0 +# +# Name: pager_index_lines +# Type: number +# Default: 0 +# +# +# Determines the number of lines of a mini-index which is shown when in +# the pager. The current message, unless near the top or bottom of the +# folder, will be roughly one third of the way down this mini-index, +# giving the reader the context of a few messages before and after the +# message. This is useful, for example, to determine how many messages +# remain to be read in the current thread. One of the lines is reserved +# for the status bar from the index, so a setting of 6 +# will only show 5 lines of the actual index. A value of 0 results in +# no index being shown. If the number of messages in the current folder +# is less than $pager_index_lines, then the index will only use as +# many lines as it needs. +# +# +# set pager_stop=no +# +# Name: pager_stop +# Type: boolean +# Default: no +# +# +# When set, the internal-pager will not move to the next message +# when you are at the end of a message and invoke the +# function. +# +# +# set pgp_auto_decode=no +# +# Name: pgp_auto_decode +# Type: boolean +# Default: no +# +# +# If set, mutt will automatically attempt to decrypt traditional PGP +# messages whenever the user performs an operation which ordinarily would +# result in the contents of the message being operated on. For example, +# if the user displays a pgp-traditional message which has not been manually +# checked with the function, mutt will automatically +# check the message for traditional pgp. +# +# +# set pgp_autoinline=no +# +# Name: pgp_autoinline +# Type: boolean +# Default: no +# +# +# This option controls whether Mutt generates old-style inline +# (traditional) PGP encrypted or signed messages under certain +# circumstances. This can be overridden by use of the pgp menu, +# when inline is not required. +# +# Note that Mutt might automatically use PGP/MIME for messages +# which consist of more than a single MIME part. Mutt can be +# configured to ask before sending PGP/MIME messages when inline +# (traditional) would not work. +# +# Also see the $pgp_mime_auto variable. +# +# Also note that using the old-style PGP message format is strongly +# deprecated. +# (PGP only) +# +# +# set pgp_check_exit=yes +# +# Name: pgp_check_exit +# Type: boolean +# Default: yes +# +# +# If set, mutt will check the exit code of the PGP subprocess when +# signing or encrypting. A non-zero exit code means that the +# subprocess failed. +# (PGP only) +# +# +# set pgp_clearsign_command="" +# +# Name: pgp_clearsign_command +# Type: string +# Default: "" +# +# +# This format is used to create an old-style ``clearsigned'' PGP +# message. Note that the use of this format is strongly +# deprecated. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_decode_command="" +# +# Name: pgp_decode_command +# Type: string +# Default: "" +# +# +# This format strings specifies a command which is used to decode +# application/pgp attachments. +# +# The PGP command formats have their own set of printf(3)-like sequences: +# %p Expands to PGPPASSFD=0 when a pass phrase is needed, to an empty +# string otherwise. Note: This may be used with a %? construct. +# %f Expands to the name of a file containing a message. +# %s Expands to the name of a file containing the signature part +# of a multipart/signed attachment when verifying it. +# %a The value of $pgp_sign_as. +# %r One or more key IDs. +# +# +# For examples on how to configure these formats for the various versions +# of PGP which are floating around, see the pgp and gpg sample configuration files in +# the samples/ subdirectory which has been installed on your system +# alongside the documentation. +# (PGP only) +# +# +# set pgp_decrypt_command="" +# +# Name: pgp_decrypt_command +# Type: string +# Default: "" +# +# +# This command is used to decrypt a PGP encrypted message. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_encrypt_only_command="" +# +# Name: pgp_encrypt_only_command +# Type: string +# Default: "" +# +# +# This command is used to encrypt a body part without signing it. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_encrypt_sign_command="" +# +# Name: pgp_encrypt_sign_command +# Type: string +# Default: "" +# +# +# This command is used to both sign and encrypt a body part. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_entry_format="%4n %t%f %4l/0x%k %-4a %2c %u" +# +# Name: pgp_entry_format +# Type: string +# Default: "%4n %t%f %4l/0x%k %-4a %2c %u" +# +# +# This variable allows you to customize the PGP key selection menu to +# your personal taste. This string is similar to $index_format, but +# has its own set of printf(3)-like sequences: +# %n number +# %k key id +# %u user id +# %a algorithm +# %l key length +# %f flags +# %c capabilities +# %t trust/validity of the key-uid association +# %[] date of the key where is an strftime(3) expression +# +# +# (PGP only) +# +# +# set pgp_export_command="" +# +# Name: pgp_export_command +# Type: string +# Default: "" +# +# +# This command is used to export a public key from the user's +# key ring. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_getkeys_command="" +# +# Name: pgp_getkeys_command +# Type: string +# Default: "" +# +# +# This command is invoked whenever mutt will need public key information. +# Of the sequences supported by $pgp_decode_command, %r is the only +# printf(3)-like sequence used with this format. +# (PGP only) +# +# +# set pgp_good_sign="" +# +# Name: pgp_good_sign +# Type: regular expression +# Default: "" +# +# +# If you assign a text to this variable, then a PGP signature is only +# considered verified if the output from $pgp_verify_command contains +# the text. Use this variable if the exit code from the command is 0 +# even for bad signatures. +# (PGP only) +# +# +# set pgp_ignore_subkeys=yes +# +# Name: pgp_ignore_subkeys +# Type: boolean +# Default: yes +# +# +# Setting this variable will cause Mutt to ignore OpenPGP subkeys. Instead, +# the principal key will inherit the subkeys' capabilities. Unset this +# if you want to play interesting key selection games. +# (PGP only) +# +# +# set pgp_import_command="" +# +# Name: pgp_import_command +# Type: string +# Default: "" +# +# +# This command is used to import a key from a message into +# the user's public key ring. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_list_pubring_command="" +# +# Name: pgp_list_pubring_command +# Type: string +# Default: "" +# +# +# This command is used to list the public key ring's contents. The +# output format must be analogous to the one used by +# gpg --list-keys --with-colons. +# +# This format is also generated by the pgpring utility which comes +# with mutt. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_list_secring_command="" +# +# Name: pgp_list_secring_command +# Type: string +# Default: "" +# +# +# This command is used to list the secret key ring's contents. The +# output format must be analogous to the one used by: +# gpg --list-keys --with-colons. +# +# This format is also generated by the pgpring utility which comes +# with mutt. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_long_ids=no +# +# Name: pgp_long_ids +# Type: boolean +# Default: no +# +# +# If set, use 64 bit PGP key IDs, if unset use the normal 32 bit key IDs. +# (PGP only) +# +# +# set pgp_mime_auto=ask-yes +# +# Name: pgp_mime_auto +# Type: quadoption +# Default: ask-yes +# +# +# This option controls whether Mutt will prompt you for +# automatically sending a (signed/encrypted) message using +# PGP/MIME when inline (traditional) fails (for any reason). +# +# Also note that using the old-style PGP message format is strongly +# deprecated. +# (PGP only) +# +# +# set pgp_replyinline=no +# +# Name: pgp_replyinline +# Type: boolean +# Default: no +# +# +# Setting this variable will cause Mutt to always attempt to +# create an inline (traditional) message when replying to a +# message which is PGP encrypted/signed inline. This can be +# overridden by use of the pgp menu, when inline is not +# required. This option does not automatically detect if the +# (replied-to) message is inline; instead it relies on Mutt +# internals for previously checked/flagged messages. +# +# Note that Mutt might automatically use PGP/MIME for messages +# which consist of more than a single MIME part. Mutt can be +# configured to ask before sending PGP/MIME messages when inline +# (traditional) would not work. +# +# Also see the $pgp_mime_auto variable. +# +# Also note that using the old-style PGP message format is strongly +# deprecated. +# (PGP only) +# +# +# set pgp_retainable_sigs=no +# +# Name: pgp_retainable_sigs +# Type: boolean +# Default: no +# +# +# If set, signed and encrypted messages will consist of nested +# multipart/signed and multipart/encrypted body parts. +# +# This is useful for applications like encrypted and signed mailing +# lists, where the outer layer (multipart/encrypted) can be easily +# removed, while the inner multipart/signed part is retained. +# (PGP only) +# +# +# set pgp_show_unusable=yes +# +# Name: pgp_show_unusable +# Type: boolean +# Default: yes +# +# +# If set, mutt will display non-usable keys on the PGP key selection +# menu. This includes keys which have been revoked, have expired, or +# have been marked as ``disabled'' by the user. +# (PGP only) +# +# +# set pgp_sign_as="" +# +# Name: pgp_sign_as +# Type: string +# Default: "" +# +# +# If you have more than one key pair, this option allows you to specify +# which of your private keys to use. It is recommended that you use the +# keyid form to specify your key (e.g. 0x00112233). +# (PGP only) +# +# +# set pgp_sign_command="" +# +# Name: pgp_sign_command +# Type: string +# Default: "" +# +# +# This command is used to create the detached PGP signature for a +# multipart/signed PGP/MIME body part. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_sort_keys=address +# +# Name: pgp_sort_keys +# Type: sort order +# Default: address +# +# +# Specifies how the entries in the pgp menu are sorted. The +# following are legal values: +# address sort alphabetically by user id +# keyid sort alphabetically by key id +# date sort by key creation date +# trust sort by the trust of the key +# +# +# If you prefer reverse order of the above values, prefix it with +# ``reverse-''. +# (PGP only) +# +# +# set pgp_strict_enc=yes +# +# Name: pgp_strict_enc +# Type: boolean +# Default: yes +# +# +# If set, Mutt will automatically encode PGP/MIME signed messages as +# quoted-printable. Please note that unsetting this variable may +# lead to problems with non-verifyable PGP signatures, so only change +# this if you know what you are doing. +# (PGP only) +# +# +# set pgp_timeout=300 +# +# Name: pgp_timeout +# Type: number +# Default: 300 +# +# +# The number of seconds after which a cached passphrase will expire if +# not used. +# (PGP only) +# +# +# set sidebar_delim="|" +# +# Name: sidebar_delim +# Type: string +# Default: "|" +# +# +# This specifies the delimiter between the sidebar (if visible) and +# other screens. +# +# +# set sidebar_visible=no +# +# Name: sidebar_visible +# Type: boolean +# Default: no +# +# +# This specifies whether or not to show sidebar (left-side list of folders). +# +# +# set sidebar_sort=no +# +# Name: sidebar_sort +# Type: boolean +# Default: no +# +# +# This specifies whether or not to sort the sidebar alphabetically. +# +# +# set sidebar_width=0 +# +# Name: sidebar_width +# Type: number +# Default: 0 +# +# +# The width of the sidebar. +# +# +# set pgp_use_gpg_agent=no +# +# Name: pgp_use_gpg_agent +# Type: boolean +# Default: no +# +# +# If set, mutt will use a possibly-running gpg-agent(1) process. +# (PGP only) +# +# +# set pgp_verify_command="" +# +# Name: pgp_verify_command +# Type: string +# Default: "" +# +# +# This command is used to verify PGP signatures. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_verify_key_command="" +# +# Name: pgp_verify_key_command +# Type: string +# Default: "" +# +# +# This command is used to verify key information from the key selection +# menu. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pipe_decode=no +# +# Name: pipe_decode +# Type: boolean +# Default: no +# +# +# Used in connection with the command. When unset, +# Mutt will pipe the messages without any preprocessing. When set, Mutt +# will weed headers and will attempt to decode the messages +# first. +# +# +# set pipe_sep="\n" +# +# Name: pipe_sep +# Type: string +# Default: "\n" +# +# +# The separator to add between messages when piping a list of tagged +# messages to an external Unix command. +# +# +# set pipe_split=no +# +# Name: pipe_split +# Type: boolean +# Default: no +# +# +# Used in connection with the function following +# . If this variable is unset, when piping a list of +# tagged messages Mutt will concatenate the messages and will pipe them +# all concatenated. When set, Mutt will pipe the messages one by one. +# In both cases the messages are piped in the current sorted order, +# and the $pipe_sep separator is added after each message. +# +# +# set pop_auth_try_all=yes +# +# Name: pop_auth_try_all +# Type: boolean +# Default: yes +# +# +# If set, Mutt will try all available authentication methods. +# When unset, Mutt will only fall back to other authentication +# methods if the previous methods are unavailable. If a method is +# available but authentication fails, Mutt will not connect to the POP server. +# +# +# set pop_authenticators="" +# +# Name: pop_authenticators +# Type: string +# Default: "" +# +# +# This is a colon-delimited list of authentication methods mutt may +# attempt to use to log in to an POP server, in the order mutt should +# try them. Authentication methods are either ``user'', ``apop'' or any +# SASL mechanism, eg ``digest-md5'', ``gssapi'' or ``cram-md5''. +# This option is case-insensitive. If this option is unset +# (the default) mutt will try all available methods, in order from +# most-secure to least-secure. +# +# Example: +# set pop_authenticators="digest-md5:apop:user" +# +# +# set pop_checkinterval=60 +# +# Name: pop_checkinterval +# Type: number +# Default: 60 +# +# +# This variable configures how often (in seconds) mutt should look for +# new mail in the currently selected mailbox if it is a POP mailbox. +# +# +# set pop_delete=ask-no +# +# Name: pop_delete +# Type: quadoption +# Default: ask-no +# +# +# If set, Mutt will delete successfully downloaded messages from the POP +# server when using the function. When unset, Mutt will +# download messages but also leave them on the POP server. +# +# +# set pop_host="" +# +# Name: pop_host +# Type: string +# Default: "" +# +# +# The name of your POP server for the function. You +# can also specify an alternative port, username and password, ie: +# [pop[s]://][username[:password]@@]popserver[:port] +# +# where ``[...]'' denotes an optional part. +# +# +# set pop_last=no +# +# Name: pop_last +# Type: boolean +# Default: no +# +# +# If this variable is set, mutt will try to use the ``LAST'' POP command +# for retrieving only unread messages from the POP server when using +# the function. +# +# +# set pop_pass="" +# +# Name: pop_pass +# Type: string +# Default: "" +# +# +# Specifies the password for your POP account. If unset, Mutt will +# prompt you for your password when you open a POP mailbox. +# +# Warning: you should only use this option when you are on a +# fairly secure machine, because the superuser can read your muttrc +# even if you are the only one who can read the file. +# +# +# set pop_reconnect=ask-yes +# +# Name: pop_reconnect +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not Mutt will try to reconnect to the POP server if +# the connection is lost. +# +# +# set pop_user="" +# +# Name: pop_user +# Type: string +# Default: "" +# +# +# Your login name on the POP server. +# +# This variable defaults to your user name on the local machine. +# +# +# set post_indent_string="" +# +# Name: post_indent_string +# Type: string +# Default: "" +# +# +# Similar to the $attribution variable, Mutt will append this +# string after the inclusion of a message which is being replied to. +# +# +# set post_moderated=ask-yes +# +# Name: post_moderated +# Type: quadoption +# Default: ask-yes +# +# +# If set to yes, Mutt will post article to newsgroup that have +# not permissions to posting (e.g. moderated). Note: if newsserver +# does not support posting to that newsgroup or totally read-only, that +# posting will not have an effect. +# +# +# set postpone=ask-yes +# +# Name: postpone +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not messages are saved in the $postponed +# mailbox when you elect not to send immediately. +# +# Also see the $recall variable. +# +# +# set postponed="~/postponed" +# +# Name: postponed +# Type: path +# Default: "~/postponed" +# +# +# Mutt allows you to indefinitely ``postpone sending a message'' which +# you are editing. When you choose to postpone a message, Mutt saves it +# in the mailbox specified by this variable. +# +# Also see the $postpone variable. +# +# +# set preconnect="" +# +# Name: preconnect +# Type: string +# Default: "" +# +# +# If set, a shell command to be executed if mutt fails to establish +# a connection to the server. This is useful for setting up secure +# connections, e.g. with ssh(1). If the command returns a nonzero +# status, mutt gives up opening the server. Example: +# set preconnect="ssh -f -q -L 1234:mailhost.net:143 mailhost.net \ +# sleep 20 < /dev/null > /dev/null" +# +# Mailbox ``foo'' on ``mailhost.net'' can now be reached +# as ``{localhost:1234}foo''. +# +# Note: For this example to work, you must be able to log in to the +# remote machine without having to enter a password. +# +# +# set print=ask-no +# +# Name: print +# Type: quadoption +# Default: ask-no +# +# +# Controls whether or not Mutt really prints messages. +# This is set to ``ask-no'' by default, because some people +# accidentally hit ``p'' often. +# +# +# set print_command="lpr" +# +# Name: print_command +# Type: path +# Default: "lpr" +# +# +# This specifies the command pipe that should be used to print messages. +# +# +# set print_decode=yes +# +# Name: print_decode +# Type: boolean +# Default: yes +# +# +# Used in connection with the command. If this +# option is set, the message is decoded before it is passed to the +# external command specified by $print_command. If this option +# is unset, no processing will be applied to the message when +# printing it. The latter setting may be useful if you are using +# some advanced printer filter which is able to properly format +# e-mail messages for printing. +# +# +# set print_split=no +# +# Name: print_split +# Type: boolean +# Default: no +# +# +# Used in connection with the command. If this option +# is set, the command specified by $print_command is executed once for +# each message which is to be printed. If this option is unset, +# the command specified by $print_command is executed only once, and +# all the messages are concatenated, with a form feed as the message +# separator. +# +# Those who use the enscript(1) program's mail-printing mode will +# most likely want to set this option. +# +# +# set prompt_after=yes +# +# Name: prompt_after +# Type: boolean +# Default: yes +# +# +# If you use an external $pager, setting this variable will +# cause Mutt to prompt you for a command when the pager exits rather +# than returning to the index menu. If unset, Mutt will return to the +# index menu when the external pager exits. +# +# +# set query_command="" +# +# Name: query_command +# Type: path +# Default: "" +# +# +# This specifies the command that mutt will use to make external address +# queries. The string should contain a ``%s'', which will be substituted +# with the query string the user types. See ``query'' for more +# information. +# +# +# set query_format="%4c %t %-25.25a %-25.25n %?e?(%e)?" +# +# Name: query_format +# Type: string +# Default: "%4c %t %-25.25a %-25.25n %?e?(%e)?" +# +# +# This variable describes the format of the ``query'' menu. The +# following printf(3)-style sequences are understood: +# %a destination address +# %c current entry number +# %e extra information * +# %n destination name +# %t ``*'' if current entry is tagged, a space otherwise +# %>X right justify the rest of the string and pad with ``X'' +# %|X pad to the end of the line with ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# For an explanation of ``soft-fill'', see the $index_format documentation. +# +# * = can be optionally printed if nonzero, see the $status_format documentation. +# +# +# set quit=yes +# +# Name: quit +# Type: quadoption +# Default: yes +# +# +# This variable controls whether ``quit'' and ``exit'' actually quit +# from mutt. If this option is set, they do quit, if it is unset, they +# have no effect, and if it is set to ask-yes or ask-no, you are +# prompted for confirmation when you try to quit. +# +# +# set quote_empty=yes +# +# Name: quote_empty +# Type: boolean +# Default: yes +# +# +# Controls whether or not empty lines will be quoted using +# ``indent_string''. +# +# +# set quote_quoted=no +# +# Name: quote_quoted +# Type: boolean +# Default: no +# +# +# Controls how quoted lines will be quoted. If set, one quote +# character will be added to the end of existing prefix. Otherwise, +# quoted lines will be prepended by ``indent_string''. +# +# +# set quote_regexp="^([ \t]*[|>:}#])+" +# +# Name: quote_regexp +# Type: regular expression +# Default: "^([ \t]*[|>:}#])+" +# +# +# A regular expression used in the internal pager to determine quoted +# sections of text in the body of a message. Quoted text may be filtered +# out using the command, or colored according to the +# ``color quoted'' family of directives. +# +# Higher levels of quoting may be colored differently (``color quoted1'', +# ``color quoted2'', etc.). The quoting level is determined by removing +# the last character from the matched text and recursively reapplying +# the regular expression until it fails to produce a match. +# +# Match detection may be overridden by the $smileys regular expression. +# +# +# set read_inc=10 +# +# Name: read_inc +# Type: number +# Default: 10 +# +# +# If set to a value greater than 0, Mutt will display which message it +# is currently on when reading a mailbox or when performing search actions +# such as search and limit. The message is printed after +# this many messages have been read or searched (e.g., if set to 25, Mutt will +# print a message when it is at message 25, and then again when it gets +# to message 50). This variable is meant to indicate progress when +# reading or searching large mailboxes which may take some time. +# When set to 0, only a single message will appear before the reading +# the mailbox. +# +# Also see the $write_inc, $net_inc and $time_inc variables and the +# ``tuning'' section of the manual for performance considerations. +# +# +# set read_only=no +# +# Name: read_only +# Type: boolean +# Default: no +# +# +# If set, all folders are opened in read-only mode. +# +# +# set realname="" +# +# Name: realname +# Type: string +# Default: "" +# +# +# This variable specifies what ``real'' or ``personal'' name should be used +# when sending messages. +# +# By default, this is the GECOS field from /etc/passwd. Note that this +# variable will not be used when the user has set a real name +# in the $from variable. +# +# +# set recall=ask-yes +# +# Name: recall +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not Mutt recalls postponed messages +# when composing a new message. +# +# Setting this variable to is not generally useful, and thus not +# recommended. +# +# Also see $postponed variable. +# +# +# set record="~/sent" +# +# Name: record +# Type: path +# Default: "~/sent" +# +# +# This specifies the file into which your outgoing messages should be +# appended. (This is meant as the primary method for saving a copy of +# your messages, but another way to do this is using the ``my_hdr'' +# command to create a ``Bcc:'' field with your email address in it.) +# +# The value of $record is overridden by the $force_name and +# $save_name variables, and the ``fcc-hook'' command. +# +# +# set reply_regexp="^(re([\\[0-9\\]+])*|aw):[ \t]*" +# +# Name: reply_regexp +# Type: regular expression +# Default: "^(re([\\[0-9\\]+])*|aw):[ \t]*" +# +# +# A regular expression used to recognize reply messages when threading +# and replying. The default value corresponds to the English "Re:" and +# the German "Aw:". +# +# +# set reply_self=no +# +# Name: reply_self +# Type: boolean +# Default: no +# +# +# If unset and you are replying to a message sent by you, Mutt will +# assume that you want to reply to the recipients of that message rather +# than to yourself. +# +# Also see the ``alternates'' command. +# +# +# set reply_to=ask-yes +# +# Name: reply_to +# Type: quadoption +# Default: ask-yes +# +# +# If set, when replying to a message, Mutt will use the address listed +# in the Reply-to: header as the recipient of the reply. If unset, +# it will use the address in the From: header field instead. This +# option is useful for reading a mailing list that sets the Reply-To: +# header field to the list address and you want to send a private +# message to the author of a message. +# +# +# set resolve=yes +# +# Name: resolve +# Type: boolean +# Default: yes +# +# +# When set, the cursor will be automatically advanced to the next +# (possibly undeleted) message whenever a command that modifies the +# current message is executed. +# +# +# set reverse_alias=no +# +# Name: reverse_alias +# Type: boolean +# Default: no +# +# +# This variable controls whether or not Mutt will display the ``personal'' +# name from your aliases in the index menu if it finds an alias that +# matches the message's sender. For example, if you have the following +# alias: +# alias juser abd30425@@somewhere.net (Joe User) +# +# and then you receive mail which contains the following header: +# From: abd30425@@somewhere.net +# +# It would be displayed in the index menu as ``Joe User'' instead of +# ``abd30425@@somewhere.net.'' This is useful when the person's e-mail +# address is not human friendly. +# +# +# set reverse_name=no +# +# Name: reverse_name +# Type: boolean +# Default: no +# +# +# It may sometimes arrive that you receive mail to a certain machine, +# move the messages to another machine, and reply to some the messages +# from there. If this variable is set, the default From: line of +# the reply messages is built using the address where you received the +# messages you are replying to if that address matches your +# ``alternates''. If the variable is unset, or the address that would be +# used doesn't match your ``alternates'', the From: line will use +# your address on the current machine. +# +# Also see the ``alternates'' command. +# +# +# set reverse_realname=yes +# +# Name: reverse_realname +# Type: boolean +# Default: yes +# +# +# This variable fine-tunes the behaviour of the $reverse_name feature. +# When it is set, mutt will use the address from incoming messages as-is, +# possibly including eventual real names. When it is unset, mutt will +# override any such real names with the setting of the $realname variable. +# +# +# set rfc2047_parameters=no +# +# Name: rfc2047_parameters +# Type: boolean +# Default: no +# +# +# When this variable is set, Mutt will decode RFC2047-encoded MIME +# parameters. You want to set this variable when mutt suggests you +# to save attachments to files named like: +# =?iso-8859-1?Q?file=5F=E4=5F991116=2Ezip?= +# +# When this variable is set interactively, the change won't be +# active until you change folders. +# +# Note that this use of RFC2047's encoding is explicitly +# prohibited by the standard, but nevertheless encountered in the +# wild. +# +# Also note that setting this parameter will not have the effect +# that mutt generates this kind of encoding. Instead, mutt will +# unconditionally use the encoding specified in RFC2231. +# +# +# set save_address=no +# +# Name: save_address +# Type: boolean +# Default: no +# +# +# If set, mutt will take the sender's full address when choosing a +# default folder for saving a mail. If $save_name or $force_name +# is set too, the selection of the Fcc folder will be changed as well. +# +# +# set save_empty=yes +# +# Name: save_empty +# Type: boolean +# Default: yes +# +# +# When unset, mailboxes which contain no saved messages will be removed +# when closed (the exception is $spoolfile which is never removed). +# If set, mailboxes are never removed. +# +# Note: This only applies to mbox and MMDF folders, Mutt does not +# delete MH and Maildir directories. +# +# +# set save_history=0 +# +# Name: save_history +# Type: number +# Default: 0 +# +# +# This variable controls the size of the history (per category) saved in the +# $history_file file. +# +# +# set save_name=no +# +# Name: save_name +# Type: boolean +# Default: no +# +# +# This variable controls how copies of outgoing messages are saved. +# When set, a check is made to see if a mailbox specified by the +# recipient address exists (this is done by searching for a mailbox in +# the $folder directory with the username part of the +# recipient address). If the mailbox exists, the outgoing message will +# be saved to that mailbox, otherwise the message is saved to the +# $record mailbox. +# +# Also see the $force_name variable. +# +# +# set score=yes +# +# Name: score +# Type: boolean +# Default: yes +# +# +# When this variable is unset, scoring is turned off. This can +# be useful to selectively disable scoring for certain folders when the +# $score_threshold_delete variable and related are used. +# +# +# set score_threshold_delete=-1 +# +# Name: score_threshold_delete +# Type: number +# Default: -1 +# +# +# Messages which have been assigned a score equal to or lower than the value +# of this variable are automatically marked for deletion by mutt. Since +# mutt scores are always greater than or equal to zero, the default setting +# of this variable will never mark a message for deletion. +# +# +# set score_threshold_flag=9999 +# +# Name: score_threshold_flag +# Type: number +# Default: 9999 +# +# +# Messages which have been assigned a score greater than or equal to this +# variable's value are automatically marked "flagged". +# +# +# set score_threshold_read=-1 +# +# Name: score_threshold_read +# Type: number +# Default: -1 +# +# +# Messages which have been assigned a score equal to or lower than the value +# of this variable are automatically marked as read by mutt. Since +# mutt scores are always greater than or equal to zero, the default setting +# of this variable will never mark a message read. +# +# +# set search_context=0 +# +# Name: search_context +# Type: number +# Default: 0 +# +# +# For the pager, this variable specifies the number of lines shown +# before search results. By default, search results will be top-aligned. +# +# +# set send_charset="us-ascii:iso-8859-1:utf-8" +# +# Name: send_charset +# Type: string +# Default: "us-ascii:iso-8859-1:utf-8" +# +# +# A colon-delimited list of character sets for outgoing messages. Mutt will use the +# first character set into which the text can be converted exactly. +# If your $charset is not ``iso-8859-1'' and recipients may not +# understand ``UTF-8'', it is advisable to include in the list an +# appropriate widely used standard character set (such as +# ``iso-8859-2'', ``koi8-r'' or ``iso-2022-jp'') either instead of or after +# ``iso-8859-1''. +# +# In case the text cannot be converted into one of these exactly, +# mutt uses $charset as a fallback. +# +# +# set sendmail="/usr/sbin/sendmail -oem -oi" +# +# Name: sendmail +# Type: path +# Default: "/usr/sbin/sendmail -oem -oi" +# +# +# Specifies the program and arguments used to deliver mail sent by Mutt. +# Mutt expects that the specified program interprets additional +# arguments as recipient addresses. +# +# +# set sendmail_wait=0 +# +# Name: sendmail_wait +# Type: number +# Default: 0 +# +# +# Specifies the number of seconds to wait for the $sendmail process +# to finish before giving up and putting delivery in the background. +# +# Mutt interprets the value of this variable as follows: +# >0 number of seconds to wait for sendmail to finish before continuing +# 0 wait forever for sendmail to finish +# <0 always put sendmail in the background without waiting +# +# +# Note that if you specify a value other than 0, the output of the child +# process will be put in a temporary file. If there is some error, you +# will be informed as to where to find the output. +# +# +# set shell="" +# +# Name: shell +# Type: path +# Default: "" +# +# +# Command to use when spawning a subshell. By default, the user's login +# shell from /etc/passwd is used. +# +# +# set save_unsubscribed=no +# +# Name: save_unsubscribed +# Type: boolean +# Default: no +# +# +# When set, info about unsubscribed newsgroups will be saved into +# ``newsrc'' file and into cache. +# +# +# set show_new_news=yes +# +# Name: show_new_news +# Type: boolean +# Default: yes +# +# +# If set, newsserver will be asked for new newsgroups on entering +# the browser. Otherwise, it will be done only once for a newsserver. +# Also controls whether or not number of new articles of subscribed +# newsgroups will be then checked. +# +# +# set show_only_unread=no +# +# Name: show_only_unread +# Type: boolean +# Default: no +# +# +# If set, only subscribed newsgroups that contain unread articles +# will be displayed in browser. +# +# +# set sig_dashes=yes +# +# Name: sig_dashes +# Type: boolean +# Default: yes +# +# +# If set, a line containing ``-- '' (note the trailing space) will be inserted before your +# $signature. It is strongly recommended that you not unset +# this variable unless your signature contains just your name. The +# reason for this is because many software packages use ``-- \n'' to +# detect your signature. For example, Mutt has the ability to highlight +# the signature in a different color in the builtin pager. +# +# +# set sig_on_top=no +# +# Name: sig_on_top +# Type: boolean +# Default: no +# +# +# If set, the signature will be included before any quoted or forwarded +# text. It is strongly recommended that you do not set this variable +# unless you really know what you are doing, and are prepared to take +# some heat from netiquette guardians. +# +# +# set signature="~/.signature" +# +# Name: signature +# Type: path +# Default: "~/.signature" +# +# +# Specifies the filename of your signature, which is appended to all +# outgoing messages. If the filename ends with a pipe (``|''), it is +# assumed that filename is a shell command and input should be read from +# its standard output. +# +# +# set simple_search="~f %s | ~s %s" +# +# Name: simple_search +# Type: string +# Default: "~f %s | ~s %s" +# +# +# Specifies how Mutt should expand a simple search into a real search +# pattern. A simple search is one that does not contain any of the ``~'' pattern +# operators. See ``patterns'' for more information on search patterns. +# +# For example, if you simply type ``joe'' at a search or limit prompt, Mutt +# will automatically expand it to the value specified by this variable by +# replacing ``%s'' with the supplied string. +# For the default value, ``joe'' would be expanded to: ``~f joe | ~s joe''. +# +# +# set sleep_time=1 +# +# Name: sleep_time +# Type: number +# Default: 1 +# +# +# Specifies time, in seconds, to pause while displaying certain informational +# messages, while moving from folder to folder and after expunging +# messages from the current folder. The default is to pause one second, so +# a value of zero for this option suppresses the pause. +# +# +# set smart_wrap=yes +# +# Name: smart_wrap +# Type: boolean +# Default: yes +# +# +# Controls the display of lines longer than the screen width in the +# internal pager. If set, long lines are wrapped at a word boundary. If +# unset, lines are simply wrapped at the screen edge. Also see the +# $markers variable. +# +# +# set smileys="(>From )|(:[-^]?[][)(><}{|/DP])" +# +# Name: smileys +# Type: regular expression +# Default: "(>From )|(:[-^]?[][)(><}{|/DP])" +# +# +# The pager uses this variable to catch some common false +# positives of $quote_regexp, most notably smileys and not consider +# a line quoted text if it also matches $smileys. This mostly +# happens at the beginning of a line. +# +# +# set smime_ask_cert_label=yes +# +# Name: smime_ask_cert_label +# Type: boolean +# Default: yes +# +# +# This flag controls whether you want to be asked to enter a label +# for a certificate about to be added to the database or not. It is +# set by default. +# (S/MIME only) +# +# +# set smime_ca_location="" +# +# Name: smime_ca_location +# Type: path +# Default: "" +# +# +# This variable contains the name of either a directory, or a file which +# contains trusted certificates for use with OpenSSL. +# (S/MIME only) +# +# +# set smime_certificates="" +# +# Name: smime_certificates +# Type: path +# Default: "" +# +# +# Since for S/MIME there is no pubring/secring as with PGP, mutt has to handle +# storage and retrieval of keys by itself. This is very basic right +# now, and keys and certificates are stored in two different +# directories, both named as the hash-value retrieved from +# OpenSSL. There is an index file which contains mailbox-address +# keyid pairs, and which can be manually edited. This option points to +# the location of the certificates. +# (S/MIME only) +# +# +# set smime_decrypt_command="" +# +# Name: smime_decrypt_command +# Type: string +# Default: "" +# +# +# This format string specifies a command which is used to decrypt +# application/x-pkcs7-mime attachments. +# +# The OpenSSL command formats have their own set of printf(3)-like sequences +# similar to PGP's: +# %f Expands to the name of a file containing a message. +# %s Expands to the name of a file containing the signature part +# of a multipart/signed attachment when verifying it. +# %k The key-pair specified with $smime_default_key +# %c One or more certificate IDs. +# %a The algorithm used for encryption. +# %C CA location: Depending on whether $smime_ca_location +# points to a directory or file, this expands to +# ``-CApath $smime_ca_location'' or ``-CAfile $smime_ca_location''. +# +# +# For examples on how to configure these formats, see the smime.rc in +# the samples/ subdirectory which has been installed on your system +# alongside the documentation. +# (S/MIME only) +# +# +# set smime_decrypt_use_default_key=yes +# +# Name: smime_decrypt_use_default_key +# Type: boolean +# Default: yes +# +# +# If set (default) this tells mutt to use the default key for decryption. Otherwise, +# if managing multiple certificate-key-pairs, mutt will try to use the mailbox-address +# to determine the key to use. It will ask you to supply a key, if it can't find one. +# (S/MIME only) +# +# +# set smime_default_key="" +# +# Name: smime_default_key +# Type: string +# Default: "" +# +# +# This is the default key-pair to use for signing. This must be set to the +# keyid (the hash-value that OpenSSL generates) to work properly +# (S/MIME only) +# +# +# set smime_encrypt_command="" +# +# Name: smime_encrypt_command +# Type: string +# Default: "" +# +# +# This command is used to create encrypted S/MIME messages. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_encrypt_with="" +# +# Name: smime_encrypt_with +# Type: string +# Default: "" +# +# +# This sets the algorithm that should be used for encryption. +# Valid choices are ``des'', ``des3'', ``rc2-40'', ``rc2-64'', ``rc2-128''. +# If unset, ``3des'' (TripleDES) is used. +# (S/MIME only) +# +# +# set smime_get_cert_command="" +# +# Name: smime_get_cert_command +# Type: string +# Default: "" +# +# +# This command is used to extract X509 certificates from a PKCS7 structure. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_get_cert_email_command="" +# +# Name: smime_get_cert_email_command +# Type: string +# Default: "" +# +# +# This command is used to extract the mail address(es) used for storing +# X509 certificates, and for verification purposes (to check whether the +# certificate was issued for the sender's mailbox). +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_get_signer_cert_command="" +# +# Name: smime_get_signer_cert_command +# Type: string +# Default: "" +# +# +# This command is used to extract only the signers X509 certificate from a S/MIME +# signature, so that the certificate's owner may get compared to the +# email's ``From:'' field. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_import_cert_command="" +# +# Name: smime_import_cert_command +# Type: string +# Default: "" +# +# +# This command is used to import a certificate via smime_keys. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_is_default=no +# +# Name: smime_is_default +# Type: boolean +# Default: no +# +# +# The default behaviour of mutt is to use PGP on all auto-sign/encryption +# operations. To override and to use OpenSSL instead this must be set. +# However, this has no effect while replying, since mutt will automatically +# select the same application that was used to sign/encrypt the original +# message. (Note that this variable can be overridden by unsetting $crypt_autosmime.) +# (S/MIME only) +# +# +# set smime_keys="" +# +# Name: smime_keys +# Type: path +# Default: "" +# +# +# Since for S/MIME there is no pubring/secring as with PGP, mutt has to handle +# storage and retrieval of keys/certs by itself. This is very basic right now, +# and stores keys and certificates in two different directories, both +# named as the hash-value retrieved from OpenSSL. There is an index file +# which contains mailbox-address keyid pair, and which can be manually +# edited. This option points to the location of the private keys. +# (S/MIME only) +# +# +# set smime_pk7out_command="" +# +# Name: smime_pk7out_command +# Type: string +# Default: "" +# +# +# This command is used to extract PKCS7 structures of S/MIME signatures, +# in order to extract the public X509 certificate(s). +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_sign_command="" +# +# Name: smime_sign_command +# Type: string +# Default: "" +# +# +# This command is used to created S/MIME signatures of type +# multipart/signed, which can be read by all mail clients. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_sign_opaque_command="" +# +# Name: smime_sign_opaque_command +# Type: string +# Default: "" +# +# +# This command is used to created S/MIME signatures of type +# application/x-pkcs7-signature, which can only be handled by mail +# clients supporting the S/MIME extension. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_timeout=300 +# +# Name: smime_timeout +# Type: number +# Default: 300 +# +# +# The number of seconds after which a cached passphrase will expire if +# not used. +# (S/MIME only) +# +# +# set smime_verify_command="" +# +# Name: smime_verify_command +# Type: string +# Default: "" +# +# +# This command is used to verify S/MIME signatures of type multipart/signed. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_verify_opaque_command="" +# +# Name: smime_verify_opaque_command +# Type: string +# Default: "" +# +# +# This command is used to verify S/MIME signatures of type +# application/x-pkcs7-mime. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smtp_authenticators="" +# +# Name: smtp_authenticators +# Type: string +# Default: "" +# +# +# This is a colon-delimited list of authentication methods mutt may +# attempt to use to log in to an SMTP server, in the order mutt should +# try them. Authentication methods are any SASL mechanism, eg +# ``digest-md5'', ``gssapi'' or ``cram-md5''. +# This option is case-insensitive. If it is ``unset'' +# (the default) mutt will try all available methods, in order from +# most-secure to least-secure. +# +# Example: +# set smtp_authenticators="digest-md5:cram-md5" +# +# +# set smtp_pass="" +# +# Name: smtp_pass +# Type: string +# Default: "" +# +# +# Specifies the password for your SMTP account. If unset, Mutt will +# prompt you for your password when you first send mail via SMTP. +# See $smtp_url to configure mutt to send mail via SMTP. +# +# Warning: you should only use this option when you are on a +# fairly secure machine, because the superuser can read your muttrc even +# if you are the only one who can read the file. +# +# +# set smtp_url="" +# +# Name: smtp_url +# Type: string +# Default: "" +# +# +# Defines the SMTP smarthost where sent messages should relayed for +# delivery. This should take the form of an SMTP URL, eg: +# smtp[s]://[user[:pass]@@]host[:port]/ +# +# where ``[...]'' denotes an optional part. +# Setting this variable overrides the value of the $sendmail +# variable. +# +# +# set sort=date +# +# Name: sort +# Type: sort order +# Default: date +# +# +# Specifies how to sort messages in the ``index'' menu. Valid values +# are: +# - date or date-sent +# - date-received +# - from +# - mailbox-order (unsorted) +# - score +# - size +# - spam +# - subject +# - threads +# - to +# +# +# You may optionally use the ``reverse-'' prefix to specify reverse sorting +# order (example: ``set sort=reverse-date-sent''). +# +# +# set sort_alias=alias +# +# Name: sort_alias +# Type: sort order +# Default: alias +# +# +# Specifies how the entries in the ``alias'' menu are sorted. The +# following are legal values: +# - address (sort alphabetically by email address) +# - alias (sort alphabetically by alias name) +# - unsorted (leave in order specified in .muttrc) +# +# +# set sort_aux=date +# +# Name: sort_aux +# Type: sort order +# Default: date +# +# +# When sorting by threads, this variable controls how threads are sorted +# in relation to other threads, and how the branches of the thread trees +# are sorted. This can be set to any value that $sort can, except +# ``threads'' (in that case, mutt will just use ``date-sent''). You can also +# specify the ``last-'' prefix in addition to the ``reverse-'' prefix, but ``last-'' +# must come after ``reverse-''. The ``last-'' prefix causes messages to be +# sorted against its siblings by which has the last descendant, using +# the rest of $sort_aux as an ordering. For instance, +# set sort_aux=last-date-received +# +# would mean that if a new message is received in a +# thread, that thread becomes the last one displayed (or the first, if +# you have ``set sort=reverse-threads''.) +# +# Note: For reversed $sort +# order $sort_aux is reversed again (which is not the right thing to do, +# but kept to not break any existing configuration setting). +# +# +# set sort_browser=alpha +# +# Name: sort_browser +# Type: sort order +# Default: alpha +# +# +# Specifies how to sort entries in the file browser. By default, the +# entries are sorted alphabetically. Valid values: +# - alpha (alphabetically) +# - date +# - size +# - unsorted +# +# +# You may optionally use the ``reverse-'' prefix to specify reverse sorting +# order (example: ``set sort_browser=reverse-date''). +# +# +# set sort_re=yes +# +# Name: sort_re +# Type: boolean +# Default: yes +# +# +# This variable is only useful when sorting by threads with +# $strict_threads unset. In that case, it changes the heuristic +# mutt uses to thread messages by subject. With $sort_re set, mutt will +# only attach a message as the child of another message by subject if +# the subject of the child message starts with a substring matching the +# setting of $reply_regexp. With $sort_re unset, mutt will attach +# the message whether or not this is the case, as long as the +# non-$reply_regexp parts of both messages are identical. +# +# +# set spam_separator="," +# +# Name: spam_separator +# Type: string +# Default: "," +# +# +# This variable controls what happens when multiple spam headers +# are matched: if unset, each successive header will overwrite any +# previous matches value for the spam label. If set, each successive +# match will append to the previous, using this variable's value as a +# separator. +# +# +# set spoolfile="" +# +# Name: spoolfile +# Type: path +# Default: "" +# +# +# If your spool mailbox is in a non-default place where Mutt cannot find +# it, you can specify its location with this variable. Mutt will +# initially set this variable to the value of the environment +# variable $MAIL or $MAILDIR if either is defined. +# +# +# set ssl_ca_certificates_file="" +# +# Name: ssl_ca_certificates_file +# Type: path +# Default: "" +# +# +# This variable specifies a file containing trusted CA certificates. +# Any server certificate that is signed with one of these CA +# certificates is also automatically accepted. +# +# Example: +# set ssl_ca_certificates_file=/etc/ssl/certs/ca-certificates.crt +# +# +# set ssl_client_cert="" +# +# Name: ssl_client_cert +# Type: path +# Default: "" +# +# +# The file containing a client certificate and its associated private +# key. +# +# +# set ssl_force_tls=no +# +# Name: ssl_force_tls +# Type: boolean +# Default: no +# +# +# If this variable is set, Mutt will require that all connections +# to remote servers be encrypted. Furthermore it will attempt to +# negotiate TLS even if the server does not advertise the capability, +# since it would otherwise have to abort the connection anyway. This +# option supersedes $ssl_starttls. +# +# +# set ssl_min_dh_prime_bits=0 +# +# Name: ssl_min_dh_prime_bits +# Type: number +# Default: 0 +# +# +# This variable specifies the minimum acceptable prime size (in bits) +# for use in any Diffie-Hellman key exchange. A value of 0 will use +# the default from the GNUTLS library. +# +# +# set ssl_starttls=yes +# +# Name: ssl_starttls +# Type: quadoption +# Default: yes +# +# +# If set (the default), mutt will attempt to use STARTTLS on servers +# advertising the capability. When unset, mutt will not attempt to +# use STARTTLS regardless of the server's capabilities. +# +# +# set ssl_use_sslv2=no +# +# Name: ssl_use_sslv2 +# Type: boolean +# Default: no +# +# +# This variable specifies whether to attempt to use SSLv2 in the +# SSL authentication process. +# +# +# set ssl_use_sslv3=yes +# +# Name: ssl_use_sslv3 +# Type: boolean +# Default: yes +# +# +# This variable specifies whether to attempt to use SSLv3 in the +# SSL authentication process. +# +# +# set ssl_use_tlsv1=yes +# +# Name: ssl_use_tlsv1 +# Type: boolean +# Default: yes +# +# +# This variable specifies whether to attempt to use TLSv1 in the +# SSL authentication process. +# +# +# set ssl_usesystemcerts=yes +# +# Name: ssl_usesystemcerts +# Type: boolean +# Default: yes +# +# +# If set to yes, mutt will use CA certificates in the +# system-wide certificate store when checking if a server certificate +# is signed by a trusted CA. +# +# +# set ssl_verify_dates=yes +# +# Name: ssl_verify_dates +# Type: boolean +# Default: yes +# +# +# If set (the default), mutt will not automatically accept a server +# certificate that is either not yet valid or already expired. You should +# only unset this for particular known hosts, using the +# function. +# +# +# set ssl_verify_host=yes +# +# Name: ssl_verify_host +# Type: boolean +# Default: yes +# +# +# If set (the default), mutt will not automatically accept a server +# certificate whose host name does not match the host used in your folder +# URL. You should only unset this for particular known hosts, using +# the function. +# +# +# set status_chars="-*%A" +# +# Name: status_chars +# Type: string +# Default: "-*%A" +# +# +# Controls the characters used by the ``%r'' indicator in +# $status_format. The first character is used when the mailbox is +# unchanged. The second is used when the mailbox has been changed, and +# it needs to be resynchronized. The third is used if the mailbox is in +# read-only mode, or if the mailbox will not be written when exiting +# that mailbox (You can toggle whether to write changes to a mailbox +# with the operation, bound by default to ``%''). The fourth +# is used to indicate that the current folder has been opened in attach- +# message mode (Certain operations like composing a new mail, replying, +# forwarding, etc. are not permitted in this mode). +# +# +# set status_format="-%r-Mutt: %f [Msgs:%?M?%M/?%m%?n? New:%n?%?o? Old:%o?%?d? Del:%d?%?F? Flag:%F?%?t? Tag:%t?%?p? Post:%p?%?b? Inc:%b?%?l? %l?]---(%s/%S)-%>-(%P)---" +# +# Name: status_format +# Type: string +# Default: "-%r-Mutt: %f [Msgs:%?M?%M/?%m%?n? New:%n?%?o? Old:%o?%?d? Del:%d?%?F? Flag:%F?%?t? Tag:%t?%?p? Post:%p?%?b? Inc:%b?%?l? %l?]---(%s/%S)-%>-(%P)---" +# +# +# Controls the format of the status line displayed in the ``index'' +# menu. This string is similar to $index_format, but has its own +# set of printf(3)-like sequences: +# %b number of mailboxes with new mail * +# %d number of deleted messages * +# %f the full pathname of the current mailbox +# %F number of flagged messages * +# %h local hostname +# %l size (in bytes) of the current mailbox * +# %L size (in bytes) of the messages shown +# (i.e., which match the current limit) * +# %m the number of messages in the mailbox * +# %M the number of messages shown (i.e., which match the current limit) * +# %n number of new messages in the mailbox * +# %o number of old unread messages * +# %p number of postponed messages * +# %P percentage of the way through the index +# %r modified/read-only/won't-write/attach-message indicator, +# according to $status_chars +# %s current sorting mode ($sort) +# %S current aux sorting method ($sort_aux) +# %t number of tagged messages * +# %u number of unread messages * +# %v Mutt version string +# %V currently active limit pattern, if any * +# %>X right justify the rest of the string and pad with ``X'' +# %|X pad to the end of the line with ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# For an explanation of ``soft-fill'', see the $index_format documentation. +# +# * = can be optionally printed if nonzero +# +# Some of the above sequences can be used to optionally print a string +# if their value is nonzero. For example, you may only want to see the +# number of flagged messages if such messages exist, since zero is not +# particularly meaningful. To optionally print a string based upon one +# of the above sequences, the following construct is used: +# +# %??? +# +# where sequence_char is a character from the table above, and +# optional_string is the string you would like printed if +# sequence_char is nonzero. optional_string may contain +# other sequences as well as normal text, but you may not nest +# optional strings. +# +# Here is an example illustrating how to optionally print the number of +# new messages in a mailbox: +# +# %?n?%n new messages.? +# +# You can also switch between two strings using the following construct: +# +# %??&? +# +# If the value of sequence_char is non-zero, if_string will +# be expanded, otherwise else_string will be expanded. +# +# You can force the result of any printf(3)-like sequence to be lowercase +# by prefixing the sequence character with an underscore (``_'') sign. +# For example, if you want to display the local hostname in lowercase, +# you would use: ``%_h''. +# +# If you prefix the sequence character with a colon (``:'') character, mutt +# will replace any dots in the expansion by underscores. This might be helpful +# with IMAP folders that don't like dots in folder names. +# +# +# set status_on_top=no +# +# Name: status_on_top +# Type: boolean +# Default: no +# +# +# Setting this variable causes the ``status bar'' to be displayed on +# the first line of the screen rather than near the bottom. If $help +# is set, too it'll be placed at the bottom. +# +# +# set strict_threads=no +# +# Name: strict_threads +# Type: boolean +# Default: no +# +# +# If set, threading will only make use of the ``In-Reply-To'' and +# ``References:'' fields when you $sort by message threads. By +# default, messages with the same subject are grouped together in +# ``pseudo threads.''. This may not always be desirable, such as in a +# personal mailbox where you might have several unrelated messages with +# the subjects like ``hi'' which will get grouped together. See also +# $sort_re for a less drastic way of controlling this +# behaviour. +# +# +# set suspend=yes +# +# Name: suspend +# Type: boolean +# Default: yes +# +# +# When unset, mutt won't stop when the user presses the terminal's +# susp key, usually ``^Z''. This is useful if you run mutt +# inside an xterm using a command like ``xterm -e mutt''. +# +# +# set text_flowed=no +# +# Name: text_flowed +# Type: boolean +# Default: no +# +# +# When set, mutt will generate ``format=flowed'' bodies with a content type +# of ``text/plain; format=flowed''. +# This format is easier to handle for some mailing software, and generally +# just looks like ordinary text. To actually make use of this format's +# features, you'll need support in your editor. +# +# Note that $indent_string is ignored when this option is set. +# +# +# set thorough_search=no +# +# Name: thorough_search +# Type: boolean +# Default: no +# +# +# Affects the ~b and ~h search operations described in +# section ``patterns''. If set, the headers and body/attachments of +# messages to be searched are decoded before searching. If unset, +# messages are searched as they appear in the folder. +# +# Users searching attachments or for non-ASCII characters should set +# this value because decoding also includes MIME parsing/decoding and possible +# character set conversions. Otherwise mutt will attempt to match against the +# raw message received (for example quoted-printable encoded or with encoded +# headers) which may lead to incorrect search results. +# +# +# set thread_received=no +# +# Name: thread_received +# Type: boolean +# Default: no +# +# +# When set, mutt uses the date received rather than the date sent +# to thread messages by subject. +# +# +# set tilde=no +# +# Name: tilde +# Type: boolean +# Default: no +# +# +# When set, the internal-pager will pad blank lines to the bottom of the +# screen with a tilde (``~''). +# +# +# set time_inc=0 +# +# Name: time_inc +# Type: number +# Default: 0 +# +# +# Along with $read_inc, $write_inc, and $net_inc, this +# variable controls the frequency with which progress updates are +# displayed. It suppresses updates less than $time_inc milliseconds +# apart. This can improve throughput on systems with slow terminals, +# or when running mutt on a remote system. +# +# Also see the ``tuning'' section of the manual for performance considerations. +# +# +# set timeout=600 +# +# Name: timeout +# Type: number +# Default: 600 +# +# +# When Mutt is waiting for user input either idleing in menus or +# in an interactive prompt, Mutt would block until input is +# present. Depending on the context, this would prevent certain +# operations from working, like checking for new mail or keeping +# an IMAP connection alive. +# +# This variable controls how many seconds Mutt will at most wait +# until it aborts waiting for input, performs these operations and +# continues to wait for input. +# +# A value of zero or less will cause Mutt to never time out. +# +# +# set tmpdir="" +# +# Name: tmpdir +# Type: path +# Default: "" +# +# +# This variable allows you to specify where Mutt will place its +# temporary files needed for displaying and composing messages. If +# this variable is not set, the environment variable $TMPDIR is +# used. If $TMPDIR is not set then ``/tmp'' is used. +# +# +# set to_chars=" +TCFL" +# +# Name: to_chars +# Type: string +# Default: " +TCFL" +# +# +# Controls the character used to indicate mail addressed to you. The +# first character is the one used when the mail is not addressed to your +# address. The second is used when you are the only +# recipient of the message. The third is when your address +# appears in the ``To:'' header field, but you are not the only recipient of +# the message. The fourth character is used when your +# address is specified in the ``Cc:'' header field, but you are not the only +# recipient. The fifth character is used to indicate mail that was sent +# by you. The sixth character is used to indicate when a mail +# was sent to a mailing-list you subscribe to. +# +# +# set tunnel="" +# +# Name: tunnel +# Type: string +# Default: "" +# +# +# Setting this variable will cause mutt to open a pipe to a command +# instead of a raw socket. You may be able to use this to set up +# preauthenticated connections to your IMAP/POP3/SMTP server. Example: +# set tunnel="ssh -q mailhost.net /usr/local/libexec/imapd" +# +# Note: For this example to work you must be able to log in to the remote +# machine without having to enter a password. +# +# When set, Mutt uses the tunnel for all remote connections. +# Please see ``account-hook'' in the manual for how to use different +# tunnel commands per connection. +# +# +# set uncollapse_jump=no +# +# Name: uncollapse_jump +# Type: boolean +# Default: no +# +# +# When set, Mutt will jump to the next unread message, if any, +# when the current thread is uncollapsed. +# +# +# set use_8bitmime=no +# +# Name: use_8bitmime +# Type: boolean +# Default: no +# +# +# Warning: do not set this variable unless you are using a version +# of sendmail which supports the -B8BITMIME flag (such as sendmail +# 8.8.x) or you may not be able to send mail. +# +# When set, Mutt will invoke $sendmail with the -B8BITMIME +# flag when sending 8-bit messages to enable ESMTP negotiation. +# +# +# set use_domain=yes +# +# Name: use_domain +# Type: boolean +# Default: yes +# +# +# When set, Mutt will qualify all local addresses (ones without the +# ``@@host'' portion) with the value of $hostname. If unset, no +# addresses will be qualified. +# +# +# set use_envelope_from=no +# +# Name: use_envelope_from +# Type: boolean +# Default: no +# +# +# When set, mutt will set the envelope sender of the message. +# If $envelope_from_address is set, it will be used as the sender +# address. If unset, mutt will attempt to derive the sender from the +# ``From:'' header. +# +# Note that this information is passed to sendmail command using the +# -f command line switch. Therefore setting this option is not useful +# if the $sendmail variable already contains -f or if the +# executable pointed to by $sendmail doesn't support the -f switch. +# +# +# set use_from=yes +# +# Name: use_from +# Type: boolean +# Default: yes +# +# +# When set, Mutt will generate the ``From:'' header field when +# sending messages. If unset, no ``From:'' header field will be +# generated unless the user explicitly sets one using the ``my_hdr'' +# command. +# +# +# set use_idn=yes +# +# Name: use_idn +# Type: boolean +# Default: yes +# +# +# When set, Mutt will show you international domain names decoded. +# Note: You can use IDNs for addresses even if this is unset. +# This variable only affects decoding. +# +# +# set use_ipv6=yes +# +# Name: use_ipv6 +# Type: boolean +# Default: yes +# +# +# When set, Mutt will look for IPv6 addresses of hosts it tries to +# contact. If this option is unset, Mutt will restrict itself to IPv4 addresses. +# Normally, the default should work. +# +# +# set user_agent=yes +# +# Name: user_agent +# Type: boolean +# Default: yes +# +# +# When set, mutt will add a ``User-Agent:'' header to outgoing +# messages, indicating which version of mutt was used for composing +# them. +# +# +# set visual="" +# +# Name: visual +# Type: path +# Default: "" +# +# +# Specifies the visual editor to invoke when the ``~v'' command is +# given in the builtin editor. +# +# +# set wait_key=yes +# +# Name: wait_key +# Type: boolean +# Default: yes +# +# +# Controls whether Mutt will ask you to press a key after an external command +# has been invoked by these functions: , +# , , , +# and commands. +# +# It is also used when viewing attachments with ``auto_view'', provided +# that the corresponding mailcap entry has a needsterminal flag, +# and the external program is interactive. +# +# When set, Mutt will always ask for a key. When unset, Mutt will wait +# for a key only if the external command returned a non-zero status. +# +# +# set weed=yes +# +# Name: weed +# Type: boolean +# Default: yes +# +# +# When set, mutt will weed headers when displaying, forwarding, +# printing, or replying to messages. +# +# +# set wrap=0 +# +# Name: wrap +# Type: number +# Default: 0 +# +# +# When set to a positive value, mutt will wrap text at $wrap characters. +# When set to a negative value, mutt will wrap text so that there are $wrap +# characters of empty space on the right side of the terminal. +# +# +# set wrap_search=yes +# +# Name: wrap_search +# Type: boolean +# Default: yes +# +# +# Controls whether searches wrap around the end. +# +# When set, searches will wrap around the first (or last) item. When +# unset, incremental searches will not wrap. +# +# +# set wrapmargin=0 +# +# Name: wrapmargin +# Type: number +# Default: 0 +# +# +# (DEPRECATED) Equivalent to setting $wrap with a negative value. +# +# +# set write_bcc=yes +# +# Name: write_bcc +# Type: boolean +# Default: yes +# +# +# Controls whether mutt writes out the Bcc header when saving +# messages to FCC. Bcc headers will never be written to a message +# when sending it. +# +# +# set write_inc=10 +# +# Name: write_inc +# Type: number +# Default: 10 +# +# +# When writing a mailbox, a message will be printed every +# $write_inc messages to indicate progress. If set to 0, only a +# single message will be displayed before writing a mailbox. +# +# Also see the $read_inc, $net_inc and $time_inc variables and the +# ``tuning'' section of the manual for performance considerations. +# +# +# set x_comment_to=no +# +# Name: x_comment_to +# Type: boolean +# Default: no +# +# +# If set, Mutt will add ``X-Comment-To:'' field (that contains full +# name of original article author) to article that followuped to newsgroup. +# +# +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d26 1 +a26 1 +macro generic,pager " less /usr/share/doc/mutt-1.5.20-r10/manual.txt" "show Mutt documentation" +d32 5 +d248 22 +d475 11 +d544 12 +d585 11 +d1141 1 +d1186 13 +d1309 22 +d1879 1 +d1895 1 +d1902 1 +d1938 16 +d2307 12 +d2385 112 +d3253 13 +d3433 23 +d3863 35 +d5101 11 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d26 1 +a26 1 +macro generic,pager " less /usr/share/doc/mutt-1.5.20-r18/manual.txt" "show Mutt documentation" +a31 5 +# Use folders which match on \\.gz$ as gzipped folders: +# open-hook \\.gz$ "gzip -cd %f > %t" +# close-hook \\.gz$ "gzip -c %t > %f" +# append-hook \\.gz$ "gzip -c %t >> %f" + +a242 22 +# set ask_follow_up=no +# +# Name: ask_follow_up +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for follow-up groups before editing +# the body of an outgoing message. +# +# +# set ask_x_comment_to=no +# +# Name: ask_x_comment_to +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for x-comment-to field before editing +# the body of an outgoing message. +# +# +a447 11 +# set catchup_newsgroup=ask-yes +# +# Name: catchup_newsgroup +# Type: quadoption +# Default: ask-yes +# +# +# If this variable is set, Mutt will mark all articles in newsgroup +# as read when you quit the newsgroup (catchup newsgroup). +# +# +a505 12 +# set change_folder_next=no +# +# Name: change_folder_next +# Type: boolean +# Default: no +# +# +# When this variable is set, the change-folder command will start at the +# next folder after the current folder in your mailbox list instead of +# starting at the first folder. +# +# +a534 11 +# set collapse_flagged=yes +# +# Name: collapse_flagged +# Type: boolean +# Default: yes +# +# +# When unset, Mutt will not collapse a thread if it contains any +# flagged messages. +# +# +a1079 1 +# %D date/time folder was last modified using $date_format. +a1123 13 +# set followup_to_poster=ask-yes +# +# Name: followup_to_poster +# Type: quadoption +# Default: ask-yes +# +# +# If this variable is set and the keyword "poster" is present in +# Followup-To header, follow-up to newsgroup function is not +# permitted. The message will be mailed to the submitter of the +# message via mail. +# +# +a1233 22 +# set group_index_format="%4C %M%N %5s %-45.45f %d" +# +# Name: group_index_format +# Type: string +# Default: "%4C %M%N %5s %-45.45f %d" +# +# +# This variable allows you to customize the newsgroup browser display to +# your personal taste. This string is similar to ``index_format'', but +# has its own set of printf()-like sequences: +# +# %C current newsgroup number +# %d description of newsgroup (becomes from server) +# %f newsgroup name +# %M - if newsgroup not allowed for direct post (moderated for example) +# %N N if newsgroup is new, u if unsubscribed, blank otherwise +# %n number of new articles in newsgroup +# %s number of unread articles in newsgroup +# %>X right justify the rest of the string and pad with character "X" +# %|X pad to the end of the line with character "X" +# +# +a1781 1 +# %g newsgroup name (if compiled with nntp support) +a1796 1 +# %R `x-comment-to:' field (if present and compiled with nntp support) +a1802 1 +# %W name of organization of author (`organization:' field) +a1837 16 +# set inews="" +# +# Name: inews +# Type: path +# Default: "" +# +# +# If set, specifies the program and arguments used to deliver news posted +# by Mutt. Otherwise, mutt posts article using current connection to +# news server. The following printf-style sequence is understood: +# +# %s newsserver name +# +# Example: set inews="/usr/local/bin/inews -hS" +# +# +a2190 12 +# set mime_subject=yes +# +# Name: mime_subject +# Type: boolean +# Default: yes +# +# +# If unset, 8-bit ``subject:'' line in article header will not be +# encoded according to RFC2047 to base64. This is useful when message +# is Usenet article, because MIME for news is nonstandard feature. +# +# +a2256 112 +# set news_cache_dir="~/.mutt" +# +# Name: news_cache_dir +# Type: path +# Default: "~/.mutt" +# +# +# This variable pointing to directory where Mutt will save cached news +# articles headers in. If unset, headers will not be saved at all +# and will be reloaded each time when you enter to newsgroup. +# +# +# set news_server="" +# +# Name: news_server +# Type: string +# Default: "" +# +# +# This variable specifies domain name or address of NNTP server. It +# defaults to the newsserver specified in the environment variable +# $NNTPSERVER or contained in the file /etc/nntpserver. You can also +# specify username and an alternative port for each newsserver, ie: +# +# [news[s]://][username[:password]@@]newsserver[:port] +# +# +# set newsrc="~/.newsrc" +# +# Name: newsrc +# Type: path +# Default: "~/.newsrc" +# +# +# The file, containing info about subscribed newsgroups - names and +# indexes of read articles. The following printf-style sequence +# is understood: +# +# %s newsserver name +# +# +# set nntp_context=1000 +# +# Name: nntp_context +# Type: number +# Default: 1000 +# +# +# This variable defines number of articles which will be in index when +# newsgroup entered. If active newsgroup have more articles than this +# number, oldest articles will be ignored. Also controls how many +# articles headers will be saved in cache when you quit newsgroup. +# +# +# set nntp_load_description=yes +# +# Name: nntp_load_description +# Type: boolean +# Default: yes +# +# +# This variable controls whether or not descriptions for each newsgroup +# must be loaded when newsgroup is added to list (first time list +# loading or new newsgroup adding). +# +# +# set nntp_user="" +# +# Name: nntp_user +# Type: string +# Default: "" +# +# +# Your login name on the NNTP server. If unset and NNTP server requires +# authentification, Mutt will prompt you for your account name when you +# connect to newsserver. +# +# +# set nntp_pass="" +# +# Name: nntp_pass +# Type: string +# Default: "" +# +# +# Your password for NNTP account. +# +# +# set nntp_poll=60 +# +# Name: nntp_poll +# Type: number +# Default: 60 +# +# +# The time in seconds until any operations on newsgroup except post new +# article will cause recheck for new news. If set to 0, Mutt will +# recheck newsgroup on each operation in index (stepping, read article, +# etc.). +# +# +# set nntp_reconnect=ask-yes +# +# Name: nntp_reconnect +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not Mutt will try to reconnect to newsserver when +# connection lost. +# +# +a3012 13 +# set post_moderated=ask-yes +# +# Name: post_moderated +# Type: quadoption +# Default: ask-yes +# +# +# If set to yes, Mutt will post article to newsgroup that have +# not permissions to posting (e.g. moderated). Note: if newsserver +# does not support posting to that newsgroup or totally read-only, that +# posting will not have an effect. +# +# +a3179 23 +# set quote_empty=yes +# +# Name: quote_empty +# Type: boolean +# Default: yes +# +# +# Controls whether or not empty lines will be quoted using +# ``indent_string''. +# +# +# set quote_quoted=no +# +# Name: quote_quoted +# Type: boolean +# Default: no +# +# +# Controls how quoted lines will be quoted. If set, one quote +# character will be added to the end of existing prefix. Otherwise, +# quoted lines will be prepended by ``indent_string''. +# +# +a3586 35 +# set save_unsubscribed=no +# +# Name: save_unsubscribed +# Type: boolean +# Default: no +# +# +# When set, info about unsubscribed newsgroups will be saved into +# ``newsrc'' file and into cache. +# +# +# set show_new_news=yes +# +# Name: show_new_news +# Type: boolean +# Default: yes +# +# +# If set, newsserver will be asked for new newsgroups on entering +# the browser. Otherwise, it will be done only once for a newsserver. +# Also controls whether or not number of new articles of subscribed +# newsgroups will be then checked. +# +# +# set show_only_unread=no +# +# Name: show_only_unread +# Type: boolean +# Default: no +# +# +# If set, only subscribed newsgroups that contain unread articles +# will be displayed in browser. +# +# +a4789 11 +# set x_comment_to=no +# +# Name: x_comment_to +# Type: boolean +# Default: no +# +# +# If set, Mutt will add ``X-Comment-To:'' field (that contains full +# name of original article author) to article that followuped to newsgroup. +# +# +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d26 1 +a26 1 +macro generic,pager " less /usr/share/doc/mutt-1.5.21-r1/manual.txt" "show Mutt documentation" +d95 1 +a95 1 +## containers themselves don't qualify. +d520 1 +a520 1 +# Note: It should only be set in case Mutt isn't able to determine the +d842 1 +a842 1 +# If ``no'', never attempt to verify cryptographic signatures. +d965 1 +a965 1 +# for DSN. For SMTP delivery, DSN support is auto-detected so that it +d986 1 +a986 1 +# for DSN. For SMTP delivery, DSN support is auto-detected so that it +d1072 1 +a1072 1 +# Escape character to use for functions in the built-in editor. +d1383 1 +a1383 1 +# of the usual diskspace, but the decompression can result in a +d1580 1 +a1580 1 +# Affects the behavior of the function when replying to +d1601 1 +a1601 1 +# side of an IMAP ``AUTH=xxx'' capability string, e.g. ``digest-md5'', ``gssapi'' +d1894 2 +a1895 2 +# %P progress indicator for the built-in pager (how much of the file has been displayed) +# %R ``x-comment-to:'' field (if present and compiled with nntp support) +d1902 1 +a1902 1 +# %W name of organization of author (``organization:'' field) +a1997 16 +# set mail_check_recent=yes +# +# Name: mail_check_recent +# Type: boolean +# Default: yes +# +# +# When set, Mutt will only notify you about new mail that has been received +# since the last time you opened the mailbox. When unset, Mutt will notify you +# if any new mail exists in the mailbox, regardless of whether you have visited it +# recently. +# +# When $mark_old is set, Mutt does not consider the mailbox to contain new +# mail if only old messages exist. +# +# +d2110 1 +a2110 1 +# ``mbox'', ``MMDF'', ``MH'' and ``Maildir''. This is overridden by the +d2227 1 +a2227 1 +# When unset, mutt will mimic mh's behavior and rename deleted messages +d2505 1 +a2505 1 +# messages. The value ``builtin'' means to use the built-in pager, otherwise this +d3024 10 +d3146 1 +a3146 1 +# SASL mechanism, e.g. ``digest-md5'', ``gssapi'' or ``cram-md5''. +d3186 1 +a3186 1 +# can also specify an alternative port, username and password, i.e.: +d3390 4 +a3393 7 +# This specifies the command Mutt will use to make external address +# queries. The string may contain a ``%s'', which will be substituted +# with the query string the user types. Mutt will add quotes around the +# string substituted for ``%s'' automatically according to shell quoting +# rules, so you should avoid adding your own. If no ``%s'' is found in +# the string, Mutt will append the user's query to the end of the string. +# See ``query'' for more information. +d3654 1 +a3654 1 +# This variable fine-tunes the behavior of the $reverse_name feature. +d3910 1 +a3910 1 +# the signature in a different color in the built-in pager. +d4185 1 +a4185 1 +# The default behavior of mutt is to use PGP on all auto-sign/encryption +d4305 1 +a4305 1 +# try them. Authentication methods are any SASL mechanism, e.g. +d4339 2 +a4340 2 +# delivery. This should take the form of an SMTP URL, e.g.: +# smtp[s]://[user[:pass]@@]host[:port] +d4732 1 +a4732 1 +# behavior. +d4763 1 +a4763 1 +# set thorough_search=yes +d4767 1 +a4767 1 +# Default: yes +d4827 1 +a4827 1 +# When Mutt is waiting for user input either idling in menus or +d5005 1 +a5005 1 +# given in the built-in editor. +d5048 1 +a5048 18 +# characters of empty space on the right side of the terminal. Setting it +# to zero makes mutt wrap at the terminal width. +# +# +# set wrap_headers=78 +# +# Name: wrap_headers +# Type: number +# Default: 78 +# +# +# This option specifies the number of characters to use for wrapping +# an outgoing message's headers. Allowed values are between 78 and 998 +# inclusive. +# +# Note: This option usually shouldn't be changed. RFC5233 +# recommends a line length of 78 (the default), so please only change +# this setting when you know what you're doing. +@ diff --git a/config-archive/etc/mysql/my.cnf,v b/config-archive/etc/mysql/my.cnf,v new file mode 100644 index 0000000..af74611 --- /dev/null +++ b/config-archive/etc/mysql/my.cnf,v @@ -0,0 +1,184 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.01.06.12.02; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/mysql/my.cnf: The global mysql configuration file. +# $Header: /etc/mysql/my.cnf,v 1.4 2010/11/30 08:26:18 root Exp $ + +# The following options will be passed to all MySQL clients +[client] +#password = your_password +port = 3306 +socket = /var/run/mysqld/mysqld.sock + +[mysql] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 +prompt=MySQL \u@@\h:\d >\_ + +[mysqladmin] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlcheck] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqldump] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlimport] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlshow] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[myisamchk] +character-sets-dir=/usr/share/mysql/charsets + +[myisampack] +character-sets-dir=/usr/share/mysql/charsets + +# use [safe_mysqld] with mysql-3 +[mysqld_safe] +err-log = /var/log/mysql/mysql.err + +# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations +[mysqld] +character-set-server = utf8 +#default-character-set = utf8 +user = mysql +port = 3306 +socket = /var/run/mysqld/mysqld.sock +pid-file = /var/run/mysqld/mysqld.pid +log-error = /var/log/mysql/mysqld.err +basedir = /usr +datadir = /var/lib/mysql +skip-external-locking +key_buffer = 32M +max_allowed_packet = 4M +table_cache = 64 +sort_buffer_size = 2M +net_buffer_length = 8K +read_buffer_size = 2M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 32M +#language = /usr/share/mysql/english +language = /usr/share/mysql/german + +# security: +# using "localhost" in connects uses sockets by default +# skip-networking +#bind-address = 127.0.0.1 + +#log-bin = helga-mysql-bin +server-id = 2 + +#auto_increment_increment = 2 +#auto_increment_offset = 2 + +#master-host = sarah.brehm-online.com +#master-port = 3306 +#master-user = replication +#master-password = uhu +#master-connect-retry = 60 +#report-host = helga.brehm-online.com + +# point the following paths to different dedicated disks +tmpdir = /tmp/ +#log-update = /path-to-dedicated-directory/hostname + +# you need the debug USE flag enabled to use the following directives, +# if needed, uncomment them, start the server and issue +# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace +# this will show you *exactly* what's happening in your server ;) + +#log = /tmp/mysqld.sql +#gdb +#debug = d:t:i:o,/tmp/mysqld.trace +#one-thread + +# uncomment the following directives if you are using BDB tables +#bdb_cache_size = 4M +#bdb_max_lock = 10000 + +# the following is the InnoDB configuration +# if you wish to disable innodb instead +# uncomment just the next line +#skip-innodb +# +# the rest of the innodb config follows: +# don't eat too much memory, we're trying to be safe on 64Mb boxes +# you might want to bump this up a bit on boxes with more RAM +innodb_buffer_pool_size = 64M +# this is the default, increase it if you have lots of tables +innodb_additional_mem_pool_size = 4M +# +# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( +# and upstream wants things to be under /var/lib/mysql/, so that's the route +# we have to take for the moment +#innodb_data_home_dir = /var/lib/mysql/ +#innodb_log_arch_dir = /var/lib/mysql/ +#innodb_log_group_home_dir = /var/lib/mysql/ +# you may wish to change this size to be more suitable for your system +# the max is there to avoid run-away growth on your machine +innodb_data_file_path = ibdata1:10M:autoextend:max:128M +# we keep this at around 25% of of innodb_buffer_pool_size +# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) +innodb_log_file_size = 5M +# this is the default, increase it if you have very large transactions going on +innodb_log_buffer_size = 8M +# this is the default and won't hurt you +# you shouldn't need to tweak it +innodb_log_files_in_group=2 +# see the innodb config docs, the other options are not always safe +innodb_flush_log_at_trx_commit = 1 +innodb_lock_wait_timeout = 50 +innodb_file_per_table +sync_binlog = 1 + +[mysqldump] +quick +max_allowed_packet = 64M + +[mysql] +# uncomment the next directive if you are not familiar with SQL +#safe-updates + +[isamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[myisamchk] +key_buffer = 40M +sort_buffer_size = 40M +read_buffer = 4M +write_buffer = 4M + +[mysqlhotcopy] +interactive-timeout +@ diff --git a/config-archive/etc/mysql/my.cnf.dist.new b/config-archive/etc/mysql/my.cnf.dist.new new file mode 100644 index 0000000..458e10d --- /dev/null +++ b/config-archive/etc/mysql/my.cnf.dist.new @@ -0,0 +1,146 @@ +# /etc/mysql/my.cnf: The global mysql configuration file. +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.1,v 1.2 2010/03/24 18:26:09 robbat2 Exp $ + +# The following options will be passed to all MySQL clients +[client] +#password = your_password +port = 3306 +socket = /var/run/mysqld/mysqld.sock + +[mysql] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqladmin] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlcheck] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqldump] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlimport] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlshow] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[myisamchk] +character-sets-dir=/usr/share/mysql/charsets + +[myisampack] +character-sets-dir=/usr/share/mysql/charsets + +# use [safe_mysqld] with mysql-3 +[mysqld_safe] +err-log = /var/log/mysql/mysql.err + +# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations +[mysqld] +character-set-server = utf8 +user = mysql +port = 3306 +socket = /var/run/mysqld/mysqld.sock +pid-file = /var/run/mysqld/mysqld.pid +log-error = /var/log/mysql/mysqld.err +basedir = /usr +datadir = /var/lib/mysql +skip-external-locking +key_buffer = 16M +max_allowed_packet = 1M +table_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M +language = /usr/share/mysql/english + +# security: +# using "localhost" in connects uses sockets by default +# skip-networking +bind-address = 127.0.0.1 + +log-bin +server-id = 1 + +# point the following paths to different dedicated disks +tmpdir = /tmp/ +#log-update = /path-to-dedicated-directory/hostname + +# you need the debug USE flag enabled to use the following directives, +# if needed, uncomment them, start the server and issue +# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace +# this will show you *exactly* what's happening in your server ;) + +#log = /tmp/mysqld.sql +#gdb +#debug = d:t:i:o,/tmp/mysqld.trace +#one-thread + +# uncomment the following directives if you are using BDB tables +#bdb_cache_size = 4M +#bdb_max_lock = 10000 + +# the following is the InnoDB configuration +# if you wish to disable innodb instead +# uncomment just the next line +#skip-innodb +# +# the rest of the innodb config follows: +# don't eat too much memory, we're trying to be safe on 64Mb boxes +# you might want to bump this up a bit on boxes with more RAM +innodb_buffer_pool_size = 16M +# this is the default, increase it if you have lots of tables +innodb_additional_mem_pool_size = 2M +# +# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( +# and upstream wants things to be under /var/lib/mysql/, so that's the route +# we have to take for the moment +#innodb_data_home_dir = /var/lib/mysql/ +#innodb_log_arch_dir = /var/lib/mysql/ +#innodb_log_group_home_dir = /var/lib/mysql/ +# you may wish to change this size to be more suitable for your system +# the max is there to avoid run-away growth on your machine +innodb_data_file_path = ibdata1:10M:autoextend:max:128M +# we keep this at around 25% of of innodb_buffer_pool_size +# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) +innodb_log_file_size = 5M +# this is the default, increase it if you have very large transactions going on +innodb_log_buffer_size = 8M +# this is the default and won't hurt you +# you shouldn't need to tweak it +innodb_log_files_in_group=2 +# see the innodb config docs, the other options are not always safe +innodb_flush_log_at_trx_commit = 1 +innodb_lock_wait_timeout = 50 +innodb_file_per_table + +[mysqldump] +quick +max_allowed_packet = 16M + +[mysql] +# uncomment the next directive if you are not familiar with SQL +#safe-updates + +[isamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[myisamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[mysqlhotcopy] +interactive-timeout diff --git a/config-archive/etc/nagios/cgi.cfg,v b/config-archive/etc/nagios/cgi.cfg,v new file mode 100644 index 0000000..a3b4f18 --- /dev/null +++ b/config-archive/etc/nagios/cgi.cfg,v @@ -0,0 +1,463 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@################################################################# +# +# CGI.CFG - Sample CGI Configuration File for Nagios 3.2.3 +# +# Last Modified: 06-17-2009 +# +################################################################# + + +# MAIN CONFIGURATION FILE +# This tells the CGIs where to find your main configuration file. +# The CGIs will read the main and host config files for any other +# data they might need. + +main_config_file=/etc/nagios/nagios.cfg + + + +# PHYSICAL HTML PATH +# This is the path where the HTML files for Nagios reside. This +# value is used to locate the logo images needed by the statusmap +# and statuswrl CGIs. + +physical_html_path=/usr/share/nagios/htdocs + + + +# URL HTML PATH +# This is the path portion of the URL that corresponds to the +# physical location of the Nagios HTML files (as defined above). +# This value is used by the CGIs to locate the online documentation +# and graphics. If you access the Nagios pages with an URL like +# http://www.myhost.com/nagios, this value should be '/nagios' +# (without the quotes). + +url_html_path=/nagios + + + +# CONTEXT-SENSITIVE HELP +# This option determines whether or not a context-sensitive +# help icon will be displayed for most of the CGIs. +# Values: 0 = disables context-sensitive help +# 1 = enables context-sensitive help + +show_context_help=0 + + + +# PENDING STATES OPTION +# This option determines what states should be displayed in the web +# interface for hosts/services that have not yet been checked. +# Values: 0 = leave hosts/services that have not been check yet in their original state +# 1 = mark hosts/services that have not been checked yet as PENDING + +use_pending_states=1 + + + + +# AUTHENTICATION USAGE +# This option controls whether or not the CGIs will use any +# authentication when displaying host and service information, as +# well as committing commands to Nagios for processing. +# +# Read the HTML documentation to learn how the authorization works! +# +# NOTE: It is a really *bad* idea to disable authorization, unless +# you plan on removing the command CGI (cmd.cgi)! Failure to do +# so will leave you wide open to kiddies messing with Nagios and +# possibly hitting you with a denial of service attack by filling up +# your drive by continuously writing to your command file! +# +# Setting this value to 0 will cause the CGIs to *not* use +# authentication (bad idea), while any other value will make them +# use the authentication functions (the default). + +use_authentication=1 + + + + +# x509 CERT AUTHENTICATION +# When enabled, this option allows you to use x509 cert (SSL) +# authentication in the CGIs. This is an advanced option and should +# not be enabled unless you know what you're doing. + +use_ssl_authentication=0 + + + + +# DEFAULT USER +# Setting this variable will define a default user name that can +# access pages without authentication. This allows people within a +# secure domain (i.e., behind a firewall) to see the current status +# without authenticating. You may want to use this to avoid basic +# authentication if you are not using a secure server since basic +# authentication transmits passwords in the clear. +# +# Important: Do not define a default username unless you are +# running a secure web server and are sure that everyone who has +# access to the CGIs has been authenticated in some manner! If you +# define this variable, anyone who has not authenticated to the web +# server will inherit all rights you assign to this user! + +#default_user_name=guest + + + +# SYSTEM/PROCESS INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# have access to viewing the Nagios process information as +# provided by the Extended Information CGI (extinfo.cgi). By +# default, *no one* has access to this unless you choose to +# not use authorization. You may use an asterisk (*) to +# authorize any user who has authenticated to the web server. + +authorized_for_system_information=nagiosadmin + + + +# CONFIGURATION INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# can view ALL configuration information (hosts, commands, etc). +# By default, users can only view configuration information +# for the hosts and services they are contacts for. You may use +# an asterisk (*) to authorize any user who has authenticated +# to the web server. + +authorized_for_configuration_information=nagiosadmin + + + +# SYSTEM/PROCESS COMMAND ACCESS +# This option is a comma-delimited list of all usernames that +# can issue shutdown and restart commands to Nagios via the +# command CGI (cmd.cgi). Users in this list can also change +# the program mode to active or standby. By default, *no one* +# has access to this unless you choose to not use authorization. +# You may use an asterisk (*) to authorize any user who has +# authenticated to the web server. + +authorized_for_system_commands=nagiosadmin + + + +# GLOBAL HOST/SERVICE VIEW ACCESS +# These two options are comma-delimited lists of all usernames that +# can view information for all hosts and services that are being +# monitored. By default, users can only view information +# for hosts or services that they are contacts for (unless you +# you choose to not use authorization). You may use an asterisk (*) +# to authorize any user who has authenticated to the web server. + + +authorized_for_all_services=nagiosadmin +authorized_for_all_hosts=nagiosadmin + + + +# GLOBAL HOST/SERVICE COMMAND ACCESS +# These two options are comma-delimited lists of all usernames that +# can issue host or service related commands via the command +# CGI (cmd.cgi) for all hosts and services that are being monitored. +# By default, users can only issue commands for hosts or services +# that they are contacts for (unless you you choose to not use +# authorization). You may use an asterisk (*) to authorize any +# user who has authenticated to the web server. + +authorized_for_all_service_commands=nagiosadmin +authorized_for_all_host_commands=nagiosadmin + + + +# READ-ONLY USERS +# A comma-delimited list of usernames that have read-only rights in +# the CGIs. This will block any service or host commands normally shown +# on the extinfo CGI pages. It will also block comments from being shown +# to read-only users. + +#authorized_for_read_only=user1,user2 + + + + +# STATUSMAP BACKGROUND IMAGE +# This option allows you to specify an image to be used as a +# background in the statusmap CGI. It is assumed that the image +# resides in the HTML images path (i.e. /usr/local/nagios/share/images). +# This path is automatically determined by appending "/images" +# to the path specified by the 'physical_html_path' directive. +# Note: The image file may be in GIF, PNG, JPEG, or GD2 format. +# However, I recommend that you convert your image to GD2 format +# (uncompressed), as this will cause less CPU load when the CGI +# generates the image. + +#statusmap_background_image=smbackground.gd2 + + + + +# STATUSMAP TRANSPARENCY INDEX COLOR +# These options set the r,g,b values of the background color used the statusmap CGI, +# so normal browsers that can't show real png transparency set the desired color as +# a background color instead (to make it look pretty). +# Defaults to white: (R,G,B) = (255,255,255). + +#color_transparency_index_r=255 +#color_transparency_index_g=255 +#color_transparency_index_b=255 + + + + +# DEFAULT STATUSMAP LAYOUT METHOD +# This option allows you to specify the default layout method +# the statusmap CGI should use for drawing hosts. If you do +# not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 1 = Depth layers +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular +# 5 = Circular (Marked Up) + +default_statusmap_layout=5 + + + +# DEFAULT STATUSWRL LAYOUT METHOD +# This option allows you to specify the default layout method +# the statuswrl (VRML) CGI should use for drawing hosts. If you +# do not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular + +default_statuswrl_layout=4 + + + +# STATUSWRL INCLUDE +# This option allows you to include your own objects in the +# generated VRML world. It is assumed that the file +# resides in the HTML path (i.e. /usr/local/nagios/share). + +#statuswrl_include=myworld.wrl + + + +# PING SYNTAX +# This option determines what syntax should be used when +# attempting to ping a host from the WAP interface (using +# the statuswml CGI. You must include the full path to +# the ping binary, along with all required options. The +# $HOSTADDRESS$ macro is substituted with the address of +# the host before the command is executed. +# Please note that the syntax for the ping binary is +# notorious for being different on virtually ever *NIX +# OS and distribution, so you may have to tweak this to +# work on your system. + +ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ + + + +# REFRESH RATE +# This option allows you to specify the refresh rate in seconds +# of various CGIs (status, statusmap, extinfo, and outages). + +refresh_rate=90 + + + +# ESCAPE HTML TAGS +# This option determines whether HTML tags in host and service +# status output is escaped in the web interface. If enabled, +# your plugin output will not be able to contain clickable links. + +escape_html_tags=1 + + + + +# SOUND OPTIONS +# These options allow you to specify an optional audio file +# that should be played in your browser window when there are +# problems on the network. The audio files are used only in +# the status CGI. Only the sound for the most critical problem +# will be played. Order of importance (higher to lower) is as +# follows: unreachable hosts, down hosts, critical services, +# warning services, and unknown services. If there are no +# visible problems, the sound file optionally specified by +# 'normal_sound' variable will be played. +# +# +# = +# +# Note: All audio files must be placed in the /media subdirectory +# under the HTML path (i.e. /usr/local/nagios/share/media/). + +#host_unreachable_sound=hostdown.wav +#host_down_sound=hostdown.wav +#service_critical_sound=critical.wav +#service_warning_sound=warning.wav +#service_unknown_sound=warning.wav +#normal_sound=noproblem.wav + + + +# URL TARGET FRAMES +# These options determine the target frames in which notes and +# action URLs will open. + +action_url_target=_blank +notes_url_target=_blank + + + + +# LOCK AUTHOR NAMES OPTION +# This option determines whether users can change the author name +# when submitting comments, scheduling downtime. If disabled, the +# author names will be locked into their contact name, as defined in Nagios. +# Values: 0 = allow editing author names +# 1 = lock author names (disallow editing) + +lock_author_names=1 + + + + +# SPLUNK INTEGRATION OPTIONS +# These options allow you to enable integration with Splunk +# in the web interface. If enabled, you'll be presented with +# "Splunk It" links in various places in the CGIs (log file, +# alert history, host/service detail, etc). Useful if you're +# trying to research why a particular problem occurred. +# For more information on Splunk, visit http://www.splunk.com/ + +# This option determines whether the Splunk integration is enabled +# Values: 0 = disable Splunk integration +# 1 = enable Splunk integration + +#enable_splunk_integration=1 + + +# This option should be the URL used to access your instance of Splunk + +#splunk_url=http://127.0.0.1:8000/ + + + +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# CGI.CFG - Sample CGI Configuration File for Nagios 3.2.1 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# CGI.CFG - Sample CGI Configuration File for Nagios 3.2.0 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# CGI.CFG - Sample CGI Configuration File for Nagios 3.2.1 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# CGI.CFG - Sample CGI Configuration File for Nagios 3.2.3 +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# CGI.CFG - Sample CGI Configuration File for Nagios 3.3.1 +@ diff --git a/config-archive/etc/nagios/nagios.cfg,v b/config-archive/etc/nagios/nagios.cfg,v new file mode 100644 index 0000000..056ef09 --- /dev/null +++ b/config-archive/etc/nagios/nagios.cfg,v @@ -0,0 +1,1434 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@############################################################################## +# +# NAGIOS.CFG - Sample Main Config File for Nagios 3.2.3 +# +# Read the documentation for more information on this configuration +# file. I've provided some comments here, but things may not be so +# clear without further explanation. +# +# Last Modified: 12-14-2008 +# +############################################################################## + + +# LOG FILE +# This is the main log file where service and host events are logged +# for historical purposes. This should be the first option specified +# in the config file!!! + +log_file=/var/nagios/nagios.log + + + +# OBJECT CONFIGURATION FILE(S) +# These are the object configuration files in which you define hosts, +# host groups, contacts, contact groups, services, etc. +# You can split your object definitions across several config files +# if you wish (as shown below), or keep them all in a single config file. + +# You can specify individual object config files as shown below: +cfg_file=/etc/nagios/objects/commands.cfg +cfg_file=/etc/nagios/objects/contacts.cfg +cfg_file=/etc/nagios/objects/timeperiods.cfg +cfg_file=/etc/nagios/objects/templates.cfg + +# Definitions for monitoring the local (Linux) host +cfg_file=/etc/nagios/objects/localhost.cfg + +# Definitions for monitoring a Windows machine +#cfg_file=/etc/nagios/objects/windows.cfg + +# Definitions for monitoring a router/switch +#cfg_file=/etc/nagios/objects/switch.cfg + +# Definitions for monitoring a network printer +#cfg_file=/etc/nagios/objects/printer.cfg + + +# You can also tell Nagios to process all config files (with a .cfg +# extension) in a particular directory by using the cfg_dir +# directive as shown below: + +#cfg_dir=/etc/nagios/servers +#cfg_dir=/etc/nagios/printers +#cfg_dir=/etc/nagios/switches +#cfg_dir=/etc/nagios/routers + + + + +# OBJECT CACHE FILE +# This option determines where object definitions are cached when +# Nagios starts/restarts. The CGIs read object definitions from +# this cache file (rather than looking at the object config files +# directly) in order to prevent inconsistencies that can occur +# when the config files are modified after Nagios starts. + +object_cache_file=/var/nagios/objects.cache + + + +# PRE-CACHED OBJECT FILE +# This options determines the location of the precached object file. +# If you run Nagios with the -p command line option, it will preprocess +# your object configuration file(s) and write the cached config to this +# file. You can then start Nagios with the -u option to have it read +# object definitions from this precached file, rather than the standard +# object configuration files (see the cfg_file and cfg_dir options above). +# Using a precached object file can speed up the time needed to (re)start +# the Nagios process if you've got a large and/or complex configuration. +# Read the documentation section on optimizing Nagios to find our more +# about how this feature works. + +precached_object_file=/var/nagios/objects.precache + + + +# RESOURCE FILE +# This is an optional resource file that contains $USERx$ macro +# definitions. Multiple resource files can be specified by using +# multiple resource_file definitions. The CGIs will not attempt to +# read the contents of resource files, so information that is +# considered to be sensitive (usernames, passwords, etc) can be +# defined as macros in this file and restrictive permissions (600) +# can be placed on this file. + +resource_file=/etc/nagios/resource.cfg + + + +# STATUS FILE +# This is where the current status of all monitored services and +# hosts is stored. Its contents are read and processed by the CGIs. +# The contents of the status file are deleted every time Nagios +# restarts. + +status_file=/var/nagios/status.dat + + + +# STATUS FILE UPDATE INTERVAL +# This option determines the frequency (in seconds) that +# Nagios will periodically dump program, host, and +# service status data. + +status_update_interval=10 + + + +# NAGIOS USER +# This determines the effective user that Nagios should run as. +# You can either supply a username or a UID. + +nagios_user=nagios + + + +# NAGIOS GROUP +# This determines the effective group that Nagios should run as. +# You can either supply a group name or a GID. + +nagios_group=nagios + + + +# EXTERNAL COMMAND OPTION +# This option allows you to specify whether or not Nagios should check +# for external commands (in the command file defined below). By default +# Nagios will *not* check for external commands, just to be on the +# cautious side. If you want to be able to use the CGI command interface +# you will have to enable this. +# Values: 0 = disable commands, 1 = enable commands + +check_external_commands=1 + + + +# EXTERNAL COMMAND CHECK INTERVAL +# This is the interval at which Nagios should check for external commands. +# This value works of the interval_length you specify later. If you leave +# that at its default value of 60 (seconds), a value of 1 here will cause +# Nagios to check for external commands every minute. If you specify a +# number followed by an "s" (i.e. 15s), this will be interpreted to mean +# actual seconds rather than a multiple of the interval_length variable. +# Note: In addition to reading the external command file at regularly +# scheduled intervals, Nagios will also check for external commands after +# event handlers are executed. +# NOTE: Setting this value to -1 causes Nagios to check the external +# command file as often as possible. + +#command_check_interval=15s +command_check_interval=-1 + + + +# EXTERNAL COMMAND FILE +# This is the file that Nagios checks for external command requests. +# It is also where the command CGI will write commands that are submitted +# by users, so it must be writeable by the user that the web server +# is running as (usually 'nobody'). Permissions should be set at the +# directory level instead of on the file, as the file is deleted every +# time its contents are processed. + +command_file=/var/nagios/rw/nagios.cmd + + + +# EXTERNAL COMMAND BUFFER SLOTS +# This settings is used to tweak the number of items or "slots" that +# the Nagios daemon should allocate to the buffer that holds incoming +# external commands before they are processed. As external commands +# are processed by the daemon, they are removed from the buffer. + +external_command_buffer_slots=4096 + + + +# LOCK FILE +# This is the lockfile that Nagios will use to store its PID number +# in when it is running in daemon mode. + +lock_file=/var/nagios/nagios.lock + + + +# TEMP FILE +# This is a temporary file that is used as scratch space when Nagios +# updates the status log, cleans the comment file, etc. This file +# is created, used, and deleted throughout the time that Nagios is +# running. + +temp_file=/var/nagios/nagios.tmp + + + +# TEMP PATH +# This is path where Nagios can create temp files for service and +# host check results, etc. + +temp_path=/tmp + + + +# EVENT BROKER OPTIONS +# Controls what (if any) data gets sent to the event broker. +# Values: 0 = Broker nothing +# -1 = Broker everything +# = See documentation + +event_broker_options=-1 + + + +# EVENT BROKER MODULE(S) +# This directive is used to specify an event broker module that should +# by loaded by Nagios at startup. Use multiple directives if you want +# to load more than one module. Arguments that should be passed to +# the module at startup are seperated from the module path by a space. +# +#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +# WARNING !!! WARNING !!! WARNING !!! WARNING !!! WARNING !!! WARNING +#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +# +# Do NOT overwrite modules while they are being used by Nagios or Nagios +# will crash in a fiery display of SEGFAULT glory. This is a bug/limitation +# either in dlopen(), the kernel, and/or the filesystem. And maybe Nagios... +# +# The correct/safe way of updating a module is by using one of these methods: +# 1. Shutdown Nagios, replace the module file, restart Nagios +# 2. Delete the original module file, move the new module file into place, restart Nagios +# +# Example: +# +# broker_module= [moduleargs] + +#broker_module=/somewhere/module1.o +#broker_module=/somewhere/module2.o arg1 arg2=3 debug=0 + + + +# LOG ROTATION METHOD +# This is the log rotation method that Nagios should use to rotate +# the main log file. Values are as follows.. +# n = None - don't rotate the log +# h = Hourly rotation (top of the hour) +# d = Daily rotation (midnight every day) +# w = Weekly rotation (midnight on Saturday evening) +# m = Monthly rotation (midnight last day of month) + +log_rotation_method=d + + + +# LOG ARCHIVE PATH +# This is the directory where archived (rotated) log files should be +# placed (assuming you've chosen to do log rotation). + +log_archive_path=/var/nagios/archives + + + +# LOGGING OPTIONS +# If you want messages logged to the syslog facility, as well as the +# Nagios log file set this option to 1. If not, set it to 0. + +use_syslog=1 + + + +# NOTIFICATION LOGGING OPTION +# If you don't want notifications to be logged, set this value to 0. +# If notifications should be logged, set the value to 1. + +log_notifications=1 + + + +# SERVICE RETRY LOGGING OPTION +# If you don't want service check retries to be logged, set this value +# to 0. If retries should be logged, set the value to 1. + +log_service_retries=1 + + + +# HOST RETRY LOGGING OPTION +# If you don't want host check retries to be logged, set this value to +# 0. If retries should be logged, set the value to 1. + +log_host_retries=1 + + + +# EVENT HANDLER LOGGING OPTION +# If you don't want host and service event handlers to be logged, set +# this value to 0. If event handlers should be logged, set the value +# to 1. + +log_event_handlers=1 + + + +# INITIAL STATES LOGGING OPTION +# If you want Nagios to log all initial host and service states to +# the main log file (the first time the service or host is checked) +# you can enable this option by setting this value to 1. If you +# are not using an external application that does long term state +# statistics reporting, you do not need to enable this option. In +# this case, set the value to 0. + +log_initial_states=0 + + + +# EXTERNAL COMMANDS LOGGING OPTION +# If you don't want Nagios to log external commands, set this value +# to 0. If external commands should be logged, set this value to 1. +# Note: This option does not include logging of passive service +# checks - see the option below for controlling whether or not +# passive checks are logged. + +log_external_commands=1 + + + +# PASSIVE CHECKS LOGGING OPTION +# If you don't want Nagios to log passive host and service checks, set +# this value to 0. If passive checks should be logged, set +# this value to 1. + +log_passive_checks=1 + + + +# GLOBAL HOST AND SERVICE EVENT HANDLERS +# These options allow you to specify a host and service event handler +# command that is to be run for every host or service state change. +# The global event handler is executed immediately prior to the event +# handler that you have optionally specified in each host or +# service definition. The command argument is the short name of a +# command definition that you define in your host configuration file. +# Read the HTML docs for more information. + +#global_host_event_handler=somecommand +#global_service_event_handler=somecommand + + + +# SERVICE INTER-CHECK DELAY METHOD +# This is the method that Nagios should use when initially +# "spreading out" service checks when it starts monitoring. The +# default is to use smart delay calculation, which will try to +# space all service checks out evenly to minimize CPU load. +# Using the dumb setting will cause all checks to be scheduled +# at the same time (with no delay between them)! This is not a +# good thing for production, but is useful when testing the +# parallelization functionality. +# n = None - don't use any delay between checks +# d = Use a "dumb" delay of 1 second between checks +# s = Use "smart" inter-check delay calculation +# x.xx = Use an inter-check delay of x.xx seconds + +service_inter_check_delay_method=s + + + +# MAXIMUM SERVICE CHECK SPREAD +# This variable determines the timeframe (in minutes) from the +# program start time that an initial check of all services should +# be completed. Default is 30 minutes. + +max_service_check_spread=30 + + + +# SERVICE CHECK INTERLEAVE FACTOR +# This variable determines how service checks are interleaved. +# Interleaving the service checks allows for a more even +# distribution of service checks and reduced load on remote +# hosts. Setting this value to 1 is equivalent to how versions +# of Nagios previous to 0.0.5 did service checks. Set this +# value to s (smart) for automatic calculation of the interleave +# factor unless you have a specific reason to change it. +# s = Use "smart" interleave factor calculation +# x = Use an interleave factor of x, where x is a +# number greater than or equal to 1. + +service_interleave_factor=s + + + +# HOST INTER-CHECK DELAY METHOD +# This is the method that Nagios should use when initially +# "spreading out" host checks when it starts monitoring. The +# default is to use smart delay calculation, which will try to +# space all host checks out evenly to minimize CPU load. +# Using the dumb setting will cause all checks to be scheduled +# at the same time (with no delay between them)! +# n = None - don't use any delay between checks +# d = Use a "dumb" delay of 1 second between checks +# s = Use "smart" inter-check delay calculation +# x.xx = Use an inter-check delay of x.xx seconds + +host_inter_check_delay_method=s + + + +# MAXIMUM HOST CHECK SPREAD +# This variable determines the timeframe (in minutes) from the +# program start time that an initial check of all hosts should +# be completed. Default is 30 minutes. + +max_host_check_spread=30 + + + +# MAXIMUM CONCURRENT SERVICE CHECKS +# This option allows you to specify the maximum number of +# service checks that can be run in parallel at any given time. +# Specifying a value of 1 for this variable essentially prevents +# any service checks from being parallelized. A value of 0 +# will not restrict the number of concurrent checks that are +# being executed. + +max_concurrent_checks=0 + + + +# HOST AND SERVICE CHECK REAPER FREQUENCY +# This is the frequency (in seconds!) that Nagios will process +# the results of host and service checks. + +check_result_reaper_frequency=10 + + + + +# MAX CHECK RESULT REAPER TIME +# This is the max amount of time (in seconds) that a single +# check result reaper event will be allowed to run before +# returning control back to Nagios so it can perform other +# duties. + +max_check_result_reaper_time=30 + + + + +# CHECK RESULT PATH +# This is directory where Nagios stores the results of host and +# service checks that have not yet been processed. +# +# Note: Make sure that only one instance of Nagios has access +# to this directory! + +check_result_path=/var/nagios/spool/checkresults + + + + +# MAX CHECK RESULT FILE AGE +# This option determines the maximum age (in seconds) which check +# result files are considered to be valid. Files older than this +# threshold will be mercilessly deleted without further processing. + +max_check_result_file_age=3600 + + + + +# CACHED HOST CHECK HORIZON +# This option determines the maximum amount of time (in seconds) +# that the state of a previous host check is considered current. +# Cached host states (from host checks that were performed more +# recently that the timeframe specified by this value) can immensely +# improve performance in regards to the host check logic. +# Too high of a value for this option may result in inaccurate host +# states being used by Nagios, while a lower value may result in a +# performance hit for host checks. Use a value of 0 to disable host +# check caching. + +cached_host_check_horizon=15 + + + +# CACHED SERVICE CHECK HORIZON +# This option determines the maximum amount of time (in seconds) +# that the state of a previous service check is considered current. +# Cached service states (from service checks that were performed more +# recently that the timeframe specified by this value) can immensely +# improve performance in regards to predictive dependency checks. +# Use a value of 0 to disable service check caching. + +cached_service_check_horizon=15 + + + +# ENABLE PREDICTIVE HOST DEPENDENCY CHECKS +# This option determines whether or not Nagios will attempt to execute +# checks of hosts when it predicts that future dependency logic test +# may be needed. These predictive checks can help ensure that your +# host dependency logic works well. +# Values: +# 0 = Disable predictive checks +# 1 = Enable predictive checks (default) + +enable_predictive_host_dependency_checks=1 + + + +# ENABLE PREDICTIVE SERVICE DEPENDENCY CHECKS +# This option determines whether or not Nagios will attempt to execute +# checks of service when it predicts that future dependency logic test +# may be needed. These predictive checks can help ensure that your +# service dependency logic works well. +# Values: +# 0 = Disable predictive checks +# 1 = Enable predictive checks (default) + +enable_predictive_service_dependency_checks=1 + + + +# SOFT STATE DEPENDENCIES +# This option determines whether or not Nagios will use soft state +# information when checking host and service dependencies. Normally +# Nagios will only use the latest hard host or service state when +# checking dependencies. If you want it to use the latest state (regardless +# of whether its a soft or hard state type), enable this option. +# Values: +# 0 = Don't use soft state dependencies (default) +# 1 = Use soft state dependencies + +soft_state_dependencies=0 + + + +# TIME CHANGE ADJUSTMENT THRESHOLDS +# These options determine when Nagios will react to detected changes +# in system time (either forward or backwards). + +#time_change_threshold=900 + + + +# AUTO-RESCHEDULING OPTION +# This option determines whether or not Nagios will attempt to +# automatically reschedule active host and service checks to +# "smooth" them out over time. This can help balance the load on +# the monitoring server. +# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE +# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY + +auto_reschedule_checks=0 + + + +# AUTO-RESCHEDULING INTERVAL +# This option determines how often (in seconds) Nagios will +# attempt to automatically reschedule checks. This option only +# has an effect if the auto_reschedule_checks option is enabled. +# Default is 30 seconds. +# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE +# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY + +auto_rescheduling_interval=30 + + + +# AUTO-RESCHEDULING WINDOW +# This option determines the "window" of time (in seconds) that +# Nagios will look at when automatically rescheduling checks. +# Only host and service checks that occur in the next X seconds +# (determined by this variable) will be rescheduled. This option +# only has an effect if the auto_reschedule_checks option is +# enabled. Default is 180 seconds (3 minutes). +# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE +# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY + +auto_rescheduling_window=180 + + + +# SLEEP TIME +# This is the number of seconds to sleep between checking for system +# events and service checks that need to be run. + +sleep_time=0.25 + + + +# TIMEOUT VALUES +# These options control how much time Nagios will allow various +# types of commands to execute before killing them off. Options +# are available for controlling maximum time allotted for +# service checks, host checks, event handlers, notifications, the +# ocsp command, and performance data commands. All values are in +# seconds. + +service_check_timeout=60 +host_check_timeout=30 +event_handler_timeout=30 +notification_timeout=30 +ocsp_timeout=5 +perfdata_timeout=5 + + + +# RETAIN STATE INFORMATION +# This setting determines whether or not Nagios will save state +# information for services and hosts before it shuts down. Upon +# startup Nagios will reload all saved service and host state +# information before starting to monitor. This is useful for +# maintaining long-term data on state statistics, etc, but will +# slow Nagios down a bit when it (re)starts. Since its only +# a one-time penalty, I think its well worth the additional +# startup delay. + +retain_state_information=1 + + + +# STATE RETENTION FILE +# This is the file that Nagios should use to store host and +# service state information before it shuts down. The state +# information in this file is also read immediately prior to +# starting to monitor the network when Nagios is restarted. +# This file is used only if the retain_state_information +# variable is set to 1. + +state_retention_file=/var/nagios/retention.dat + + + +# RETENTION DATA UPDATE INTERVAL +# This setting determines how often (in minutes) that Nagios +# will automatically save retention data during normal operation. +# If you set this value to 0, Nagios will not save retention +# data at regular interval, but it will still save retention +# data before shutting down or restarting. If you have disabled +# state retention, this option has no effect. + +retention_update_interval=60 + + + +# USE RETAINED PROGRAM STATE +# This setting determines whether or not Nagios will set +# program status variables based on the values saved in the +# retention file. If you want to use retained program status +# information, set this value to 1. If not, set this value +# to 0. + +use_retained_program_state=1 + + + +# USE RETAINED SCHEDULING INFO +# This setting determines whether or not Nagios will retain +# the scheduling info (next check time) for hosts and services +# based on the values saved in the retention file. If you +# If you want to use retained scheduling info, set this +# value to 1. If not, set this value to 0. + +use_retained_scheduling_info=1 + + + +# RETAINED ATTRIBUTE MASKS (ADVANCED FEATURE) +# The following variables are used to specify specific host and +# service attributes that should *not* be retained by Nagios during +# program restarts. +# +# The values of the masks are bitwise ANDs of values specified +# by the "MODATTR_" definitions found in include/common.h. +# For example, if you do not want the current enabled/disabled state +# of flap detection and event handlers for hosts to be retained, you +# would use a value of 24 for the host attribute mask... +# MODATTR_EVENT_HANDLER_ENABLED (8) + MODATTR_FLAP_DETECTION_ENABLED (16) = 24 + +# This mask determines what host attributes are not retained +retained_host_attribute_mask=0 + +# This mask determines what service attributes are not retained +retained_service_attribute_mask=0 + +# These two masks determine what process attributes are not retained. +# There are two masks, because some process attributes have host and service +# options. For example, you can disable active host checks, but leave active +# service checks enabled. +retained_process_host_attribute_mask=0 +retained_process_service_attribute_mask=0 + +# These two masks determine what contact attributes are not retained. +# There are two masks, because some contact attributes have host and +# service options. For example, you can disable host notifications for +# a contact, but leave service notifications enabled for them. +retained_contact_host_attribute_mask=0 +retained_contact_service_attribute_mask=0 + + + +# INTERVAL LENGTH +# This is the seconds per unit interval as used in the +# host/contact/service configuration files. Setting this to 60 means +# that each interval is one minute long (60 seconds). Other settings +# have not been tested much, so your mileage is likely to vary... + +interval_length=60 + + + +# CHECK FOR UPDATES +# This option determines whether Nagios will automatically check to +# see if new updates (releases) are available. It is recommend that you +# enable this option to ensure that you stay on top of the latest critical +# patches to Nagios. Nagios is critical to you - make sure you keep it in +# good shape. Nagios will check once a day for new updates. Data collected +# by Nagios Enterprises from the update check is processed in accordance +# with our privacy policy - see http://api.nagios.org for details. + +check_for_updates=1 + + + +# BARE UPDATE CHECK +# This option deterines what data Nagios will send to api.nagios.org when +# it checks for updates. By default, Nagios will send information on the +# current version of Nagios you have installed, as well as an indicator as +# to whether this was a new installation or not. Nagios Enterprises uses +# this data to determine the number of users running specific version of +# Nagios. Enable this option if you do not want this information to be sent. + +bare_update_check=0 + + + +# AGGRESSIVE HOST CHECKING OPTION +# If you don't want to turn on aggressive host checking features, set +# this value to 0 (the default). Otherwise set this value to 1 to +# enable the aggressive check option. Read the docs for more info +# on what aggressive host check is or check out the source code in +# base/checks.c + +use_aggressive_host_checking=0 + + + +# SERVICE CHECK EXECUTION OPTION +# This determines whether or not Nagios will actively execute +# service checks when it initially starts. If this option is +# disabled, checks are not actively made, but Nagios can still +# receive and process passive check results that come in. Unless +# you're implementing redundant hosts or have a special need for +# disabling the execution of service checks, leave this enabled! +# Values: 1 = enable checks, 0 = disable checks + +execute_service_checks=1 + + + +# PASSIVE SERVICE CHECK ACCEPTANCE OPTION +# This determines whether or not Nagios will accept passive +# service checks results when it initially (re)starts. +# Values: 1 = accept passive checks, 0 = reject passive checks + +accept_passive_service_checks=1 + + + +# HOST CHECK EXECUTION OPTION +# This determines whether or not Nagios will actively execute +# host checks when it initially starts. If this option is +# disabled, checks are not actively made, but Nagios can still +# receive and process passive check results that come in. Unless +# you're implementing redundant hosts or have a special need for +# disabling the execution of host checks, leave this enabled! +# Values: 1 = enable checks, 0 = disable checks + +execute_host_checks=1 + + + +# PASSIVE HOST CHECK ACCEPTANCE OPTION +# This determines whether or not Nagios will accept passive +# host checks results when it initially (re)starts. +# Values: 1 = accept passive checks, 0 = reject passive checks + +accept_passive_host_checks=1 + + + +# NOTIFICATIONS OPTION +# This determines whether or not Nagios will sent out any host or +# service notifications when it is initially (re)started. +# Values: 1 = enable notifications, 0 = disable notifications + +enable_notifications=1 + + + +# EVENT HANDLER USE OPTION +# This determines whether or not Nagios will run any host or +# service event handlers when it is initially (re)started. Unless +# you're implementing redundant hosts, leave this option enabled. +# Values: 1 = enable event handlers, 0 = disable event handlers + +enable_event_handlers=1 + + + +# PROCESS PERFORMANCE DATA OPTION +# This determines whether or not Nagios will process performance +# data returned from service and host checks. If this option is +# enabled, host performance data will be processed using the +# host_perfdata_command (defined below) and service performance +# data will be processed using the service_perfdata_command (also +# defined below). Read the HTML docs for more information on +# performance data. +# Values: 1 = process performance data, 0 = do not process performance data + +process_performance_data=0 + + + +# HOST AND SERVICE PERFORMANCE DATA PROCESSING COMMANDS +# These commands are run after every host and service check is +# performed. These commands are executed only if the +# enable_performance_data option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on performance data. + +#host_perfdata_command=process-host-perfdata +#service_perfdata_command=process-service-perfdata + + + +# HOST AND SERVICE PERFORMANCE DATA FILES +# These files are used to store host and service performance data. +# Performance data is only written to these files if the +# enable_performance_data option (above) is set to 1. + +#host_perfdata_file=/tmp/host-perfdata +#service_perfdata_file=/tmp/service-perfdata + + + +# HOST AND SERVICE PERFORMANCE DATA FILE TEMPLATES +# These options determine what data is written (and how) to the +# performance data files. The templates may contain macros, special +# characters (\t for tab, \r for carriage return, \n for newline) +# and plain text. A newline is automatically added after each write +# to the performance data file. Some examples of what you can do are +# shown below. + +#host_perfdata_file_template=[HOSTPERFDATA]\t$TIMET$\t$HOSTNAME$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$ +#service_perfdata_file_template=[SERVICEPERFDATA]\t$TIMET$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$ + + + +# HOST AND SERVICE PERFORMANCE DATA FILE MODES +# This option determines whether or not the host and service +# performance data files are opened in write ("w") or append ("a") +# mode. If you want to use named pipes, you should use the special +# pipe ("p") mode which avoid blocking at startup, otherwise you will +# likely want the defult append ("a") mode. + +#host_perfdata_file_mode=a +#service_perfdata_file_mode=a + + + +# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING INTERVAL +# These options determine how often (in seconds) the host and service +# performance data files are processed using the commands defined +# below. A value of 0 indicates the files should not be periodically +# processed. + +#host_perfdata_file_processing_interval=0 +#service_perfdata_file_processing_interval=0 + + + +# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING COMMANDS +# These commands are used to periodically process the host and +# service performance data files. The interval at which the +# processing occurs is determined by the options above. + +#host_perfdata_file_processing_command=process-host-perfdata-file +#service_perfdata_file_processing_command=process-service-perfdata-file + + + +# OBSESS OVER SERVICE CHECKS OPTION +# This determines whether or not Nagios will obsess over service +# checks and run the ocsp_command defined below. Unless you're +# planning on implementing distributed monitoring, do not enable +# this option. Read the HTML docs for more information on +# implementing distributed monitoring. +# Values: 1 = obsess over services, 0 = do not obsess (default) + +obsess_over_services=0 + + + +# OBSESSIVE COMPULSIVE SERVICE PROCESSOR COMMAND +# This is the command that is run for every service check that is +# processed by Nagios. This command is executed only if the +# obsess_over_services option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on implementing distributed monitoring. + +#ocsp_command=somecommand + + + +# OBSESS OVER HOST CHECKS OPTION +# This determines whether or not Nagios will obsess over host +# checks and run the ochp_command defined below. Unless you're +# planning on implementing distributed monitoring, do not enable +# this option. Read the HTML docs for more information on +# implementing distributed monitoring. +# Values: 1 = obsess over hosts, 0 = do not obsess (default) + +obsess_over_hosts=0 + + + +# OBSESSIVE COMPULSIVE HOST PROCESSOR COMMAND +# This is the command that is run for every host check that is +# processed by Nagios. This command is executed only if the +# obsess_over_hosts option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on implementing distributed monitoring. + +#ochp_command=somecommand + + + +# TRANSLATE PASSIVE HOST CHECKS OPTION +# This determines whether or not Nagios will translate +# DOWN/UNREACHABLE passive host check results into their proper +# state for this instance of Nagios. This option is useful +# if you have distributed or failover monitoring setup. In +# these cases your other Nagios servers probably have a different +# "view" of the network, with regards to the parent/child relationship +# of hosts. If a distributed monitoring server thinks a host +# is DOWN, it may actually be UNREACHABLE from the point of +# this Nagios instance. Enabling this option will tell Nagios +# to translate any DOWN or UNREACHABLE host states it receives +# passively into the correct state from the view of this server. +# Values: 1 = perform translation, 0 = do not translate (default) + +translate_passive_host_checks=0 + + + +# PASSIVE HOST CHECKS ARE SOFT OPTION +# This determines whether or not Nagios will treat passive host +# checks as being HARD or SOFT. By default, a passive host check +# result will put a host into a HARD state type. This can be changed +# by enabling this option. +# Values: 0 = passive checks are HARD, 1 = passive checks are SOFT + +passive_host_checks_are_soft=0 + + + +# ORPHANED HOST/SERVICE CHECK OPTIONS +# These options determine whether or not Nagios will periodically +# check for orphaned host service checks. Since service checks are +# not rescheduled until the results of their previous execution +# instance are processed, there exists a possibility that some +# checks may never get rescheduled. A similar situation exists for +# host checks, although the exact scheduling details differ a bit +# from service checks. Orphaned checks seem to be a rare +# problem and should not happen under normal circumstances. +# If you have problems with service checks never getting +# rescheduled, make sure you have orphaned service checks enabled. +# Values: 1 = enable checks, 0 = disable checks + +check_for_orphaned_services=1 +check_for_orphaned_hosts=1 + + + +# SERVICE FRESHNESS CHECK OPTION +# This option determines whether or not Nagios will periodically +# check the "freshness" of service results. Enabling this option +# is useful for ensuring passive checks are received in a timely +# manner. +# Values: 1 = enabled freshness checking, 0 = disable freshness checking + +check_service_freshness=1 + + + +# SERVICE FRESHNESS CHECK INTERVAL +# This setting determines how often (in seconds) Nagios will +# check the "freshness" of service check results. If you have +# disabled service freshness checking, this option has no effect. + +service_freshness_check_interval=60 + + + +# HOST FRESHNESS CHECK OPTION +# This option determines whether or not Nagios will periodically +# check the "freshness" of host results. Enabling this option +# is useful for ensuring passive checks are received in a timely +# manner. +# Values: 1 = enabled freshness checking, 0 = disable freshness checking + +check_host_freshness=0 + + + +# HOST FRESHNESS CHECK INTERVAL +# This setting determines how often (in seconds) Nagios will +# check the "freshness" of host check results. If you have +# disabled host freshness checking, this option has no effect. + +host_freshness_check_interval=60 + + + + +# ADDITIONAL FRESHNESS THRESHOLD LATENCY +# This setting determines the number of seconds that Nagios +# will add to any host and service freshness thresholds that +# it calculates (those not explicitly specified by the user). + +additional_freshness_latency=15 + + + + +# FLAP DETECTION OPTION +# This option determines whether or not Nagios will try +# and detect hosts and services that are "flapping". +# Flapping occurs when a host or service changes between +# states too frequently. When Nagios detects that a +# host or service is flapping, it will temporarily suppress +# notifications for that host/service until it stops +# flapping. Flap detection is very experimental, so read +# the HTML documentation before enabling this feature! +# Values: 1 = enable flap detection +# 0 = disable flap detection (default) + +enable_flap_detection=1 + + + +# FLAP DETECTION THRESHOLDS FOR HOSTS AND SERVICES +# Read the HTML documentation on flap detection for +# an explanation of what this option does. This option +# has no effect if flap detection is disabled. + +low_service_flap_threshold=5.0 +high_service_flap_threshold=20.0 +low_host_flap_threshold=5.0 +high_host_flap_threshold=20.0 + + + +# DATE FORMAT OPTION +# This option determines how short dates are displayed. Valid options +# include: +# us (MM-DD-YYYY HH:MM:SS) +# euro (DD-MM-YYYY HH:MM:SS) +# iso8601 (YYYY-MM-DD HH:MM:SS) +# strict-iso8601 (YYYY-MM-DDTHH:MM:SS) +# + +date_format=us + + + + +# TIMEZONE OFFSET +# This option is used to override the default timezone that this +# instance of Nagios runs in. If not specified, Nagios will use +# the system configured timezone. +# +# NOTE: In order to display the correct timezone in the CGIs, you +# will also need to alter the Apache directives for the CGI path +# to include your timezone. Example: +# +# +# SetEnv TZ "Australia/Brisbane" +# ... +# + +#use_timezone=US/Mountain +#use_timezone=Australia/Brisbane + + + + +# P1.PL FILE LOCATION +# This value determines where the p1.pl perl script (used by the +# embedded Perl interpreter) is located. If you didn't compile +# Nagios with embedded Perl support, this option has no effect. + +p1_file=/usr/sbin/p1.pl + + + +# EMBEDDED PERL INTERPRETER OPTION +# This option determines whether or not the embedded Perl interpreter +# will be enabled during runtime. This option has no effect if Nagios +# has not been compiled with support for embedded Perl. +# Values: 0 = disable interpreter, 1 = enable interpreter + +enable_embedded_perl=1 + + + +# EMBEDDED PERL USAGE OPTION +# This option determines whether or not Nagios will process Perl plugins +# and scripts with the embedded Perl interpreter if the plugins/scripts +# do not explicitly indicate whether or not it is okay to do so. Read +# the HTML documentation on the embedded Perl interpreter for more +# information on how this option works. + +use_embedded_perl_implicitly=1 + + + +# ILLEGAL OBJECT NAME CHARACTERS +# This option allows you to specify illegal characters that cannot +# be used in host names, service descriptions, or names of other +# object types. + +illegal_object_name_chars=`~!$%^&*|'"<>?,()= + + + +# ILLEGAL MACRO OUTPUT CHARACTERS +# This option allows you to specify illegal characters that are +# stripped from macros before being used in notifications, event +# handlers, etc. This DOES NOT affect macros used in service or +# host check commands. +# The following macros are stripped of the characters you specify: +# $HOSTOUTPUT$ +# $HOSTPERFDATA$ +# $HOSTACKAUTHOR$ +# $HOSTACKCOMMENT$ +# $SERVICEOUTPUT$ +# $SERVICEPERFDATA$ +# $SERVICEACKAUTHOR$ +# $SERVICEACKCOMMENT$ + +illegal_macro_output_chars=`~$&|'"<> + + + +# REGULAR EXPRESSION MATCHING +# This option controls whether or not regular expression matching +# takes place in the object config files. Regular expression +# matching is used to match host, hostgroup, service, and service +# group names/descriptions in some fields of various object types. +# Values: 1 = enable regexp matching, 0 = disable regexp matching + +use_regexp_matching=0 + + + +# "TRUE" REGULAR EXPRESSION MATCHING +# This option controls whether or not "true" regular expression +# matching takes place in the object config files. This option +# only has an effect if regular expression matching is enabled +# (see above). If this option is DISABLED, regular expression +# matching only occurs if a string contains wildcard characters +# (* and ?). If the option is ENABLED, regexp matching occurs +# all the time (which can be annoying). +# Values: 1 = enable true matching, 0 = disable true matching + +use_true_regexp_matching=0 + + + +# ADMINISTRATOR EMAIL/PAGER ADDRESSES +# The email and pager address of a global administrator (likely you). +# Nagios never uses these values itself, but you can access them by +# using the $ADMINEMAIL$ and $ADMINPAGER$ macros in your notification +# commands. + +admin_email=nagios@@localhost +admin_pager=pagenagios@@localhost + + + +# DAEMON CORE DUMP OPTION +# This option determines whether or not Nagios is allowed to create +# a core dump when it runs as a daemon. Note that it is generally +# considered bad form to allow this, but it may be useful for +# debugging purposes. Enabling this option doesn't guarantee that +# a core file will be produced, but that's just life... +# Values: 1 - Allow core dumps +# 0 - Do not allow core dumps (default) + +daemon_dumps_core=0 + + + +# LARGE INSTALLATION TWEAKS OPTION +# This option determines whether or not Nagios will take some shortcuts +# which can save on memory and CPU usage in large Nagios installations. +# Read the documentation for more information on the benefits/tradeoffs +# of enabling this option. +# Values: 1 - Enabled tweaks +# 0 - Disable tweaks (default) + +use_large_installation_tweaks=0 + + + +# ENABLE ENVIRONMENT MACROS +# This option determines whether or not Nagios will make all standard +# macros available as environment variables when host/service checks +# and system commands (event handlers, notifications, etc.) are +# executed. Enabling this option can cause performance issues in +# large installations, as it will consume a bit more memory and (more +# importantly) consume more CPU. +# Values: 1 - Enable environment variable macros (default) +# 0 - Disable environment variable macros + +enable_environment_macros=1 + + + +# CHILD PROCESS MEMORY OPTION +# This option determines whether or not Nagios will free memory in +# child processes (processed used to execute system commands and host/ +# service checks). If you specify a value here, it will override +# program defaults. +# Value: 1 - Free memory in child processes +# 0 - Do not free memory in child processes + +#free_child_process_memory=1 + + + +# CHILD PROCESS FORKING BEHAVIOR +# This option determines how Nagios will fork child processes +# (used to execute system commands and host/service checks). Normally +# child processes are fork()ed twice, which provides a very high level +# of isolation from problems. Fork()ing once is probably enough and will +# save a great deal on CPU usage (in large installs), so you might +# want to consider using this. If you specify a value here, it will +# program defaults. +# Value: 1 - Child processes fork() twice +# 0 - Child processes fork() just once + +#child_processes_fork_twice=1 + + + +# DEBUG LEVEL +# This option determines how much (if any) debugging information will +# be written to the debug file. OR values together to log multiple +# types of information. +# Values: +# -1 = Everything +# 0 = Nothing +# 1 = Functions +# 2 = Configuration +# 4 = Process information +# 8 = Scheduled events +# 16 = Host/service checks +# 32 = Notifications +# 64 = Event broker +# 128 = External commands +# 256 = Commands +# 512 = Scheduled downtime +# 1024 = Comments +# 2048 = Macros + +debug_level=0 + + + +# DEBUG VERBOSITY +# This option determines how verbose the debug log out will be. +# Values: 0 = Brief output +# 1 = More detailed +# 2 = Very detailed + +debug_verbosity=1 + + + +# DEBUG FILE +# This option determines where Nagios should write debugging information. + +debug_file=/var/nagios/nagios.debug + + + +# MAX DEBUG FILE SIZE +# This option determines the maximum size (in bytes) of the debug file. If +# the file grows larger than this size, it will be renamed with a .old +# extension. If a file already exists with a .old extension it will +# automatically be deleted. This helps ensure your disk space usage doesn't +# get out of control when debugging Nagios. + +max_debug_file_size=1000000 + + +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# NAGIOS.CFG - Sample Main Config File for Nagios 3.2.1 +d637 1 +a637 1 +# This file is used only if the preserve_state_information +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# NAGIOS.CFG - Sample Main Config File for Nagios 3.2.0 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# NAGIOS.CFG - Sample Main Config File for Nagios 3.2.1 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# NAGIOS.CFG - Sample Main Config File for Nagios 3.2.3 +d637 1 +a637 1 +# This file is used only if the retain_state_information +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# NAGIOS.CFG - Sample Main Config File for Nagios 3.3.1 +@ diff --git a/config-archive/etc/nagios/objects/commands.cfg,v b/config-archive/etc/nagios/objects/commands.cfg,v new file mode 100644 index 0000000..96e99c8 --- /dev/null +++ b/config-archive/etc/nagios/objects/commands.cfg,v @@ -0,0 +1,352 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@############################################################################### +# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 3.2.3 +# +# Last Modified: 05-31-2007 +# +# NOTES: This config file provides you with some example command definitions +# that you can reference in host, service, and contact definitions. +# +# You don't need to keep commands in a separate file from your other +# object definitions. This has been done just to make things easier to +# understand. +# +############################################################################### + + +################################################################################ +# +# SAMPLE NOTIFICATION COMMANDS +# +# These are some example notification commands. They may or may not work on +# your system without modification. As an example, some systems will require +# you to use "/usr/bin/mailx" instead of "/usr/bin/mail" in the commands below. +# +################################################################################ + + +# 'notify-host-by-email' command definition +define command{ + command_name notify-host-by-email + command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$ + } + +# 'notify-service-by-email' command definition +define command{ + command_name notify-service-by-email + command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$ + } + + + + + +################################################################################ +# +# SAMPLE HOST CHECK COMMANDS +# +################################################################################ + + +# This command checks to see if a host is "alive" by pinging it +# The check must result in a 100% packet loss or 5 second (5000ms) round trip +# average time to produce a critical error. +# Note: Five ICMP echo packets are sent (determined by the '-p 5' argument) + +# 'check-host-alive' command definition +define command{ + command_name check-host-alive + command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5 + } + + + + +################################################################################ +# +# SAMPLE SERVICE CHECK COMMANDS +# +# These are some example service check commands. They may or may not work on +# your system, as they must be modified for your plugins. See the HTML +# documentation on the plugins for examples of how to configure command definitions. +# +# NOTE: The following 'check_local_...' functions are designed to monitor +# various metrics on the host that Nagios is running on (i.e. this one). +################################################################################ + +# 'check_local_disk' command definition +define command{ + command_name check_local_disk + command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ + } + + +# 'check_local_load' command definition +define command{ + command_name check_local_load + command_line $USER1$/check_load -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_procs' command definition +define command{ + command_name check_local_procs + command_line $USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ + } + + +# 'check_local_users' command definition +define command{ + command_name check_local_users + command_line $USER1$/check_users -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_swap' command definition +define command{ + command_name check_local_swap + command_line $USER1$/check_swap -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_mrtgtraf' command definition +define command{ + command_name check_local_mrtgtraf + command_line $USER1$/check_mrtgtraf -F $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$ -e $ARG5$ + } + + +################################################################################ +# NOTE: The following 'check_...' commands are used to monitor services on +# both local and remote hosts. +################################################################################ + +# 'check_ftp' command definition +define command{ + command_name check_ftp + command_line $USER1$/check_ftp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_hpjd' command definition +define command{ + command_name check_hpjd + command_line $USER1$/check_hpjd -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_snmp' command definition +define command{ + command_name check_snmp + command_line $USER1$/check_snmp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_http' command definition +define command{ + command_name check_http + command_line $USER1$/check_http -I $HOSTADDRESS$ $ARG1$ + } + + +# 'check_ssh' command definition +define command{ + command_name check_ssh + command_line $USER1$/check_ssh $ARG1$ $HOSTADDRESS$ + } + + +# 'check_dhcp' command definition +define command{ + command_name check_dhcp + command_line $USER1$/check_dhcp $ARG1$ + } + + +# 'check_ping' command definition +define command{ + command_name check_ping + command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5 + } + + +# 'check_pop' command definition +define command{ + command_name check_pop + command_line $USER1$/check_pop -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_imap' command definition +define command{ + command_name check_imap + command_line $USER1$/check_imap -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_smtp' command definition +define command{ + command_name check_smtp + command_line $USER1$/check_smtp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_tcp' command definition +define command{ + command_name check_tcp + command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$ + } + + +# 'check_udp' command definition +define command{ + command_name check_udp + command_line $USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$ + } + + +# 'check_nt' command definition +define command{ + command_name check_nt + command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -v $ARG1$ $ARG2$ + } + + + +################################################################################ +# +# SAMPLE PERFORMANCE DATA COMMANDS +# +# These are sample performance data commands that can be used to send performance +# data output to two text files (one for hosts, another for services). If you +# plan on simply writing performance data out to a file, consider using the +# host_perfdata_file and service_perfdata_file options in the main config file. +# +################################################################################ + + +# 'process-host-perfdata' command definition +define command{ + command_name process-host-perfdata + command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/nagios/host-perfdata.out + } + + +# 'process-service-perfdata' command definition +define command{ + command_name process-service-perfdata + command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/nagios/service-perfdata.out + } + + +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 3.2.1 +d36 1 +a36 1 + command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$ +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 3.2.0 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 3.2.1 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 3.2.3 +d36 1 +a36 1 + command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$ +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 3.3.1 +@ diff --git a/config-archive/etc/nagios/objects/timeperiods.cfg,v b/config-archive/etc/nagios/objects/timeperiods.cfg,v new file mode 100644 index 0000000..d9a1b83 --- /dev/null +++ b/config-archive/etc/nagios/objects/timeperiods.cfg,v @@ -0,0 +1,160 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2011.08.09.19.10.51; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.30.05.10.09; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@############################################################################### +# TIMEPERIODS.CFG - SAMPLE TIMEPERIOD DEFINITIONS +# +# Last Modified: 05-31-2007 +# +# NOTES: This config file provides you with some example timeperiod definitions +# that you can reference in host, service, contact, and dependency +# definitions. +# +# You don't need to keep timeperiods in a separate file from your other +# object definitions. This has been done just to make things easier to +# understand. +# +############################################################################### + + + +############################################################################### +############################################################################### +# +# TIME PERIODS +# +############################################################################### +############################################################################### + +# This defines a timeperiod where all times are valid for checks, +# notifications, etc. The classic "24x7" support nightmare. :-) +define timeperiod{ + timeperiod_name 24x7 + alias 24 Hours A Day, 7 Days A Week + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 + } + + +# 'workhours' timeperiod definition +define timeperiod{ + timeperiod_name workhours + alias Normal Work Hours + monday 09:00-17:00 + tuesday 09:00-17:00 + wednesday 09:00-17:00 + thursday 09:00-17:00 + friday 09:00-17:00 + } + + +# 'none' timeperiod definition +define timeperiod{ + timeperiod_name none + alias No Time Is A Good Time + } + +define timeperiod{ + timeperiod_name even_days + alias All even days in a month + 2007-01-01 - 2012-12-31 / 2 00:00-24:00 + tuesday 1 april - friday 2 may 00:00-24:00 + monday 3 - thursday 4 00:00-24:00 + february -1 00:00-24:00 + friday -2 00:00-24:00 + thursday -1 november 00:00-24:00 + monday 3 - thursday 4 00:00-24:00 + day 1 - 15 00:00-24:00 + day 20 - -1 00:00-24:00 + july 10 - 15 00:00-24:00 + april 10 - may 15 00:00-24:00 + tuesday 1 april - friday 2 may 00:00-24:00 + 2007-01-01 - 2008-02-01 / 3 00:00-24:00 + 2008-04-01 / 7 00:00-24:00 + monday 3 - thursday 4 / 2 00:00-24:00 + day 1 - 15 / 5 00:00-24:00 + july 10 - 15 / 2 00:00-24:00 + tuesday 1 april - friday 2 may / 6 00:00-24:00 +} + + +# Some U.S. holidays +# Note: The timeranges for each holiday are meant to *exclude* the holidays from being +# treated as a valid time for notifications, etc. You probably don't want your pager +# going off on New Year's. Although you're employer might... :-) +define timeperiod{ + name us-holidays + timeperiod_name us-holidays + alias U.S. Holidays + + january 1 00:00-00:00 ; New Years + monday -1 may 00:00-00:00 ; Memorial Day (last Monday in May) + july 4 00:00-00:00 ; Independence Day + monday 1 september 00:00-00:00 ; Labor Day (first Monday in September) + thursday -1 november 00:00-00:00 ; Thanksgiving (last Thursday in November) + december 25 00:00-00:00 ; Christmas + } + + +# This defines a modified "24x7" timeperiod that covers every day of the +# year, except for U.S. holidays (defined in the timeperiod above). +define timeperiod{ + timeperiod_name 24x7_sans_holidays + alias 24x7 Sans Holidays + + use us-holidays ; Get holiday exceptions from other timeperiod + + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 + } + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d59 23 +d96 1 +a96 1 + thursday 4 november 00:00-00:00 ; Thanksgiving (4th Thursday in November) +@ diff --git a/config-archive/etc/nagios/resource.cfg,v b/config-archive/etc/nagios/resource.cfg,v new file mode 100644 index 0000000..03a7c9e --- /dev/null +++ b/config-archive/etc/nagios/resource.cfg,v @@ -0,0 +1,140 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@########################################################################### +# +# RESOURCE.CFG - Sample Resource File for Nagios 3.2.3 +# +# Last Modified: 09-10-2003 +# +# You can define $USERx$ macros in this file, which can in turn be used +# in command definitions in your host config file(s). $USERx$ macros are +# useful for storing sensitive information such as usernames, passwords, +# etc. They are also handy for specifying the path to plugins and +# event handlers - if you decide to move the plugins or event handlers to +# a different directory in the future, you can just update one or two +# $USERx$ macros, instead of modifying a lot of command definitions. +# +# The CGIs will not attempt to read the contents of resource files, so +# you can set restrictive permissions (600 or 660) on them. +# +# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$) +# +# Resource files may also be used to store configuration directives for +# external data sources like MySQL... +# +########################################################################### + +# Sets $USER1$ to be the path to the plugins +$USER1$=/usr/lib64/nagios/plugins + +# Sets $USER2$ to be the path to event handlers +#$USER2$=/usr/lib64/nagios/plugins/eventhandlers + +# Store some usernames and passwords (hidden from the CGIs) +#$USER3$=someuser +#$USER4$=somepassword + +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# RESOURCE.CFG - Sample Resource File for Nagios 3.2.1 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# RESOURCE.CFG - Sample Resource File for Nagios 3.2.0 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# RESOURCE.CFG - Sample Resource File for Nagios 3.2.1 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# RESOURCE.CFG - Sample Resource File for Nagios 3.2.3 +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# RESOURCE.CFG - Sample Resource File for Nagios 3.3.1 +@ diff --git a/config-archive/etc/nail.rc,v b/config-archive/etc/nail.rc,v new file mode 100644 index 0000000..a4eabae --- /dev/null +++ b/config-archive/etc/nail.rc,v @@ -0,0 +1,167 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.28.21.17.24; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.28.21.18.02; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# This is the configuration file for Heirloom mailx (formerly +# known under the name "nail". +# See mailx(1) for further options. +# This file is not overwritten when 'make install' is run in +# the mailx build process again. + +# Sccsid @@(#)nail.rc 2.10 (gritter) 3/4/06 + +# Do not forward to mbox by default since this is likely to be +# irritating for most users today. +set hold + +# Append rather than prepend when writing to mbox automatically. +# This has no effect unless 'hold' is unset again. +set append + +# Ask for a message subject. +set ask + +# Assume a CRT-like terminal and invoke a pager. +set crt + +# Messages may be terminated by a dot. +set dot + +# Do not remove empty mail folders in the spool directory. +# This may be relevant for privacy since other users could +# otherwise create them with different permissions. +set keep + +# Do not remove empty private mail folders. +set emptybox + +# Quote the original message in replies by "> " as usual on the Internet. +set indentprefix="> " + +# Automatically quote the text of the message that is responded to. +set quote + +# Outgoing messages are sent in ISO-8859-1 if all their characters are +# representable in it, otherwise in UTF-8. +set sendcharsets=iso-8859-1,utf-8 + +# Display sender's real names in header summaries. +set showname + +# Display the recipients of messages sent by the user himself in +# header summaries. +set showto + +# Automatically check for new messages at each prompt, but avoid polling +# of IMAP servers or maildir folders. +set newmail=nopoll + +# If threaded mode is activated, automatically collapse thread. +set autocollapse + +# Hide some header fields which are uninteresting for most human readers. +ignore received in-reply-to message-id references +ignore mime-version content-transfer-encoding + +# Only include selected header fields when forwarding messages. +fwdretain subject date from to + +# Use the local sendmail (/usr/lib/sendmail) binary by default. +# (Uncomment the following line to use a SMTP server) +#set smtp=localhost +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 3 +a3 2 +# This is the configuration file for nail, a mail user agent. +# See nail(1) for further options. +d5 1 +a5 1 +# the nail build process again. +d7 1 +a7 1 +# Sccsid @@(#)nail.rc 2.9 (gritter) 1/15/05 +d42 1 +a42 2 +#set sendcharsets=iso-8859-1,utf-8 +set sendcharsets=utf-8 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 2 +a2 3 +# This is the configuration file for Heirloom mailx (formerly +# known under the name "nail". +# See mailx(1) for further options. +d4 1 +a4 1 +# the mailx build process again. +d6 1 +a6 1 +# Sccsid @@(#)nail.rc 2.10 (gritter) 3/4/06 +d41 2 +a42 1 +set sendcharsets=iso-8859-1,utf-8 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d65 1 +a65 1 +# Use the local sendmail (/usr/sbin/sendmail) binary by default. +a67 3 + +# Ask for CC: list too. +set askcc +@ diff --git a/config-archive/etc/networks,v b/config-archive/etc/networks,v new file mode 100644 index 0000000..c5a4d16 --- /dev/null +++ b/config-archive/etc/networks,v @@ -0,0 +1,51 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.07.07.29.30; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.30.13; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/networks +# +# This file describes a number of netname-to-adress +# mappings for the TCP/IP subsytem. It is mostly +# used at boot time, when no name servers are running. +# + +loopback 127.0.0.0 +link-local 169.254.0.0 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d8 2 +a9 2 +loopback 127.0.0.0 +link-local 169.254.0.0 +@ diff --git a/config-archive/etc/ntp.conf,v b/config-archive/etc/ntp.conf,v new file mode 100644 index 0000000..0819e6c --- /dev/null +++ b/config-archive/etc/ntp.conf,v @@ -0,0 +1,84 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.10.05.17.23.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# NOTES: +# DHCP clients can append or replace NTP configuration files. +# You should consult your DHCP client documentation about its +# default behaviour and how to change it. + +# Name of the servers ntpd should sync with +# Please respect the access policy as stated by the responsible person. +#server ntp.example.tld iburst + +# Common pool for random people +#server pool.ntp.org + +# Pools for Gentoo users +server 0.gentoo.pool.ntp.org +server 1.gentoo.pool.ntp.org +server 2.gentoo.pool.ntp.org +server 3.gentoo.pool.ntp.org + +## +# A list of available servers can be found here: +# http://www.pool.ntp.org/ +# http://www.pool.ntp.org/#use +# A good way to get servers for your machine is: +# netselect -s 3 pool.ntp.org +## + +# you should not need to modify the following paths +driftfile /var/lib/ntp/ntp.drift + +logfile /var/log/ntp + +statsdir /var/log/ntpstats/ +filegen loopstats file loopstats type day enable +filegen peerstats file peerstats type day enable +filegen clockstats file clockstats type day enable + +#server ntplocal.example.com prefer +#server timeserver.example.org + +# Warning: Using default NTP settings will leave your NTP +# server accessible to all hosts on the Internet. + +# If you want to deny all machines (including your own) +# from accessing the NTP server, uncomment: +#restrict default ignore + + +# To deny other machines from changing the +# configuration but allow localhost: +restrict default nomodify nopeer +restrict 127.0.0.1 + + +# To allow machines within your network to synchronize +# their clocks with your server, but ensure they are +# not allowed to configure the server or used as peers +# to synchronize against, uncomment this line. +# +#restrict 192.168.0.0 mask 255.255.255.0 nomodify nopeer notrap +@ diff --git a/config-archive/etc/ntp.conf.dist.new b/config-archive/etc/ntp.conf.dist.new new file mode 100644 index 0000000..e376fbe --- /dev/null +++ b/config-archive/etc/ntp.conf.dist.new @@ -0,0 +1,52 @@ +# NOTES: +# DHCP clients can append or replace NTP configuration files. +# You should consult your DHCP client documentation about its +# default behaviour and how to change it. + +# Name of the servers ntpd should sync with +# Please respect the access policy as stated by the responsible person. +#server ntp.example.tld iburst + +# Common pool for random people +#server pool.ntp.org + +# Pools for Gentoo users +server 0.gentoo.pool.ntp.org +server 1.gentoo.pool.ntp.org +server 2.gentoo.pool.ntp.org +server 3.gentoo.pool.ntp.org + +## +# A list of available servers can be found here: +# http://www.pool.ntp.org/ +# http://www.pool.ntp.org/#use +# A good way to get servers for your machine is: +# netselect -s 3 pool.ntp.org +## + +# you should not need to modify the following paths +driftfile /var/lib/ntp/ntp.drift + +#server ntplocal.example.com prefer +#server timeserver.example.org + +# Warning: Using default NTP settings will leave your NTP +# server accessible to all hosts on the Internet. + +# If you want to deny all machines (including your own) +# from accessing the NTP server, uncomment: +#restrict default ignore + + +# To deny other machines from changing the +# configuration but allow localhost: +restrict default nomodify nopeer +restrict 127.0.0.1 + + +# To allow machines within your network to synchronize +# their clocks with your server, but ensure they are +# not allowed to configure the server or used as peers +# to synchronize against, uncomment this line. +# +#restrict 192.168.0.0 mask 255.255.255.0 nomodify nopeer notrap diff --git a/config-archive/etc/openldap/ldap.conf,v b/config-archive/etc/openldap/ldap.conf,v new file mode 100644 index 0000000..ba840b0 --- /dev/null +++ b/config-archive/etc/openldap/ldap.conf,v @@ -0,0 +1,38 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.22.11.02; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# LDAP Defaults +# + +# See ldap.conf(5) for details +# This file should be world readable but not world writable. + +#BASE dc=example,dc=com +BASE dc=brehm-online,dc=com +#URI ldap://ldap.example.com ldap://ldap-master.example.com:666 + +SIZELIMIT 12 +TIMELIMIT 15 +DEREF never +@ diff --git a/config-archive/etc/openldap/ldap.conf.dist.new b/config-archive/etc/openldap/ldap.conf.dist.new new file mode 100644 index 0000000..a94cfaa --- /dev/null +++ b/config-archive/etc/openldap/ldap.conf.dist.new @@ -0,0 +1,13 @@ +# +# LDAP Defaults +# + +# See ldap.conf(5) for details +# This file should be world readable but not world writable. + +#BASE dc=example,dc=com +#URI ldap://ldap.example.com ldap://ldap-master.example.com:666 + +#SIZELIMIT 12 +#TIMELIMIT 15 +#DEREF never diff --git a/config-archive/etc/openldap/schema/README,v b/config-archive/etc/openldap/schema/README,v new file mode 100644 index 0000000..0d97f13 --- /dev/null +++ b/config-archive/etc/openldap/schema/README,v @@ -0,0 +1,163 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.08; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@This directory contains user application schema definitions for use +with slapd(8). + +File Description +---- ----------- +collective.schema Collective attributes (experimental) +corba.schema Corba Object +core.schema OpenLDAP "core" +cosine.schema COSINE Pilot +duaconf.schema Client Configuration (work in progress) +dyngroup.schema Dynamic Group (experimental) +inetorgperson.schema InetOrgPerson +java.schema Java Object +misc.schema Miscellaneous Schema (experimental) +nadf.schema North American Directory Forum (obsolete) +nis.schema Network Information Service (experimental) +openldap.schema OpenLDAP Project (FYI) +ppolicy.schema Password Policy Schema (work in progress) + +Additional "generally useful" schema definitions can be submitted +using the OpenLDAP Issue Tracking System . +Submissions should include a stable reference to a mature, open +technical specification (e.g., an RFC) for the schema. + +The core.ldif and openldap.ldif files are equivalent to their +corresponding .schema files. They have been provided as examples +for use with the dynamic configuration backend. These example files +are not actually necessary since slapd will automatically convert any +included *.schema files into LDIF when converting a slapd.conf file +to a configuration database, but they serve as a model of how to +convert schema files in general. + +--- + +This notice applies to all files in this directory. + +Copyright 1998-2010 The OpenLDAP Foundation, Redwood City, California, USA +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted only as authorized by the OpenLDAP +Public License. A copy of this license is available at +http://www.OpenLDAP.org/license.html or in file LICENSE in the +top-level directory of the distribution. + +--- + +This notice applies to all schema in this directory which are derived +from RFCs and other IETF documents. + +Portions Copyright 1991-2004, The Internet Society. All Rights Reserved. + +This document and translations of it may be copied and furnished +to others, and derivative works that comment on or otherwise explain +it or assist in its implementation may be prepared, copied, published +and distributed, in whole or in part, without restriction of any +kind, provided that the above copyright notice and this paragraph +are included on all such copies and derivative works. However, +this document itself may not be modified in any way, such as by +removing the copyright notice or references to the Internet Society +or other Internet organizations, except as needed for the purpose +of developing Internet standards in which case the procedures for +copyrights defined in the Internet Standards process must be +followed, or as required to translate it into languages other than +English. + +The limited permissions granted above are perpetual and will not +be revoked by the Internet Society or its successors or assigns. + +This document and the information contained herein is provided on +an "AS IS" basis and THE AUTHORS, THE INTERNET SOCIETY, AND THE +INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE +OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY +IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR +PURPOSE. + + +--- +$OpenLDAP: pkg/ldap/servers/slapd/schema/README,v 1.29.2.5 2010/04/13 20:23:47 kurt Exp $ +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d37 1 +a37 1 +Copyright 1998-2009 The OpenLDAP Foundation, Redwood City, California, USA +d80 1 +a80 1 +$OpenLDAP: pkg/ldap/servers/slapd/schema/README,v 1.29.2.4 2009/01/22 00:01:13 kurt Exp $ +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d37 1 +a37 1 +Copyright 1998-2010 The OpenLDAP Foundation, Redwood City, California, USA +d80 1 +a80 1 +$OpenLDAP: pkg/ldap/servers/slapd/schema/README,v 1.29.2.5 2010/04/13 20:23:47 kurt Exp $ +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d37 1 +a37 1 +Copyright 1998-2011 The OpenLDAP Foundation, Redwood City, California, USA +d80 1 +a80 1 +$OpenLDAP: pkg/ldap/servers/slapd/schema/README,v 1.29.2.6 2011/01/04 23:50:51 kurt Exp $ +@ diff --git a/config-archive/etc/openldap/schema/amavisd-new.schema,v b/config-archive/etc/openldap/schema/amavisd-new.schema,v new file mode 100644 index 0000000..d5e59be --- /dev/null +++ b/config-archive/etc/openldap/schema/amavisd-new.schema,v @@ -0,0 +1,975 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2011.09.08.21.18.38; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.09.08.21.22.18; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#-------------------------------------------------------------------------- +# LDAP Schema for amavisd-new Jacques Supcik, PhD +#----------------------------- IP-Plus Internet Services +# Release 1.2.2 Swisscom Enterprise Solutions Ltd +# 30 May 2004 3050 Bern - Switzerland +#-------------------------------------------------------------------------- +# Copyright (c) 2004 Jacques Supcik, Swisscom Enterprise Solutions Ltd. +# Permission is granted to copy, distribute and/or modify this document +# under the terms of the GNU Free Documentation License, Version 1.2 +# or any later version published by the Free Software Foundation; +# with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. +# A copy of the license is included in the section entitled "GNU +# Free Documentation License". +#-------------------------------------------------------------------------- +# Changes made to LDAP Schema to make it import and play nicely with +# Novell NDS - Michael Tracey, SONOPRESS USA, LLC April 07 2005 +# ( uncomment each dn:, changetype:, add:, add X-NDS-NAME attribute, replace +# "attributetype" by "attributetypes:" and "objectclasse" by "objectclasses:" +# (plural,colon), and unwrap each attributetypes: and objectclasses: ) +#-------------------------------------------------------------------------- +# 1.3.6.1.4.1.15312 Jozef Stefan Institute's OID +# 1.3.6.1.4.1.15312.2 amavisd-new +# 1.3.6.1.4.1.15312.2.2 amavisd-new LDAP Elements +# 1.3.6.1.4.1.15312.2.2.1 AttributeTypes +# 1.3.6.1.4.1.15312.2.2.2 ObjectClasses +# 1.3.6.1.4.1.15312.2.2.3 Syntax Definitions +#-------------------------------------------------------------------------- + +# Attribute Types +#----------------- + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.1 + NAME 'amavisVirusLover' + DESC 'Virus Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.2 + NAME 'amavisBannedFilesLover' + DESC 'Banned Files Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.3 + NAME 'amavisBypassVirusChecks' + DESC 'Bypass Virus Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.4 + NAME 'amavisBypassSpamChecks' + DESC 'Bypass Spam Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.5 + NAME 'amavisSpamTagLevel' + DESC 'Spam Tag Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.6 + NAME 'amavisSpamTag2Level' + DESC 'Spam Tag2 Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.7 + NAME 'amavisSpamKillLevel' + DESC 'Spam Kill Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.8 + NAME 'amavisSpamModifiesSubj' + DESC 'Modifies Subject on spam' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.9 + NAME 'amavisWhitelistSender' + DESC 'White List Sender' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.10 + NAME 'amavisBlacklistSender' + DESC 'Black List Sender' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.11 + NAME 'amavisSpamQuarantineTo' + DESC 'Spam Quarantine to' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.12 + NAME 'amavisSpamLover' + DESC 'Spam Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.13 + NAME 'amavisBadHeaderLover' + DESC 'Bad Header Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.14 + NAME 'amavisBypassBannedChecks' + DESC 'Bypass Banned Files Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.15 + NAME 'amavisBypassHeaderChecks' + DESC 'Bypass Header Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.16 + NAME 'amavisVirusQuarantineTo' + DESC 'Virus quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.17 + NAME 'amavisBannedQuarantineTo' + DESC 'Banned Files quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.18 + NAME 'amavisBadHeaderQuarantineTo' + DESC 'Bad Header quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.19 + NAME 'amavisLocal' + DESC 'Is user considered local' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.20 + NAME 'amavisMessageSizeLimit' + DESC 'Message size limit' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.21 + NAME 'amavisWarnVirusRecip' + DESC 'Notify virus recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.22 + NAME 'amavisWarnBannedRecip' + DESC 'Notify banned file recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.23 + NAME 'amavisWarnBadHeaderRecip' + DESC 'Notify bad header recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.24 + NAME 'amavisVirusAdmin' + DESC 'Virus admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.25 + NAME 'amavisNewVirusAdmin' + DESC 'New virus admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.26 + NAME 'amavisSpamAdmin' + DESC 'Spam admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.27 + NAME 'amavisBannedAdmin' + DESC 'Banned file admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.28 + NAME 'amavisBadHeaderAdmin' + DESC 'Bad header admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.29 + NAME 'amavisBannedRuleNames' + DESC 'Banned rule names' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.30 + NAME 'amavisSpamDsnCutoffLevel' + DESC 'Spam DSN Cutoff Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.31 + NAME 'amavisSpamQuarantineCutoffLevel' + DESC 'Spam Quarantine Cutoff Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.32 + NAME 'amavisSpamSubjectTag' + DESC 'Spam Subject Tag' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.33 + NAME 'amavisSpamSubjectTag2' + DESC 'Spam Subject Tag2' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.34 + NAME 'amavisArchiveQuarantineTo' + DESC 'Archive quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + + +# Classes +#--------- + +# amavisAccount +# This class is an auxiliary class, this mean that the class will be added +# to a structural class. Usually, the structural class is the class that +# represent the mail account itself (e.g. an inetOrgPerson) + +#dn: cn=schema +#changetype: modify +#add: objectclasses +objectclass ( 1.3.6.1.4.1.15312.2.2.2.1 + NAME 'amavisAccount' AUXILIARY + DESC 'Amavisd Account' + SUP top + MAY ( amavisVirusLover $ amavisBypassVirusChecks $ + amavisSpamLover $ amavisBypassSpamChecks $ + amavisBannedFilesLover $ amavisBypassBannedChecks $ + amavisBadHeaderLover $ amavisBypassHeaderChecks $ + amavisSpamTagLevel $ amavisSpamTag2Level $ amavisSpamKillLevel $ + amavisWhitelistSender $ amavisBlacklistSender $ + amavisSpamQuarantineTo $ amavisVirusQuarantineTo $ + amavisBannedQuarantineTo $ amavisBadHeaderQuarantineTo $ + amavisArchiveQuarantineTo $ + amavisSpamModifiesSubj $ amavisLocal $ amavisMessageSizeLimit $ + amavisWarnVirusRecip $ amavisWarnBannedRecip $ + amavisWarnBadHeaderRecip $ amavisVirusAdmin $ amavisNewVirusAdmin $ + amavisSpamAdmin $ amavisBannedAdmin $ amavisBadHeaderAdmin $ + amavisBannedRuleNames $ + amavisSpamDsnCutoffLevel $ amavisSpamQuarantineCutoffLevel $ + amavisSpamSubjectTag $ amavisSpamSubjectTag2 $ + cn $ description ) ) + +#-------------------------------------------------------------------------- +# +# GNU Free Documentation License +# Version 1.2, November 2002 +# +# +# Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. +# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# Everyone is permitted to copy and distribute verbatim copies +# of this license document, but changing it is not allowed. +# +# +# 0. PREAMBLE +# +# The purpose of this License is to make a manual, textbook, or other +# functional and useful document "free" in the sense of freedom: to +# assure everyone the effective freedom to copy and redistribute it, +# with or without modifying it, either commercially or noncommercially. +# Secondarily, this License preserves for the author and publisher a way +# to get credit for their work, while not being considered responsible +# for modifications made by others. +# +# This License is a kind of "copyleft", which means that derivative +# works of the document must themselves be free in the same sense. It +# complements the GNU General Public License, which is a copyleft +# license designed for free software. +# +# We have designed this License in order to use it for manuals for free +# software, because free software needs free documentation: a free +# program should come with manuals providing the same freedoms that the +# software does. But this License is not limited to software manuals; +# it can be used for any textual work, regardless of subject matter or +# whether it is published as a printed book. We recommend this License +# principally for works whose purpose is instruction or reference. +# +# +# 1. APPLICABILITY AND DEFINITIONS +# +# This License applies to any manual or other work, in any medium, that +# contains a notice placed by the copyright holder saying it can be +# distributed under the terms of this License. Such a notice grants a +# world-wide, royalty-free license, unlimited in duration, to use that +# work under the conditions stated herein. The "Document", below, +# refers to any such manual or work. Any member of the public is a +# licensee, and is addressed as "you". You accept the license if you +# copy, modify or distribute the work in a way requiring permission +# under copyright law. +# +# A "Modified Version" of the Document means any work containing the +# Document or a portion of it, either copied verbatim, or with +# modifications and/or translated into another language. +# +# A "Secondary Section" is a named appendix or a front-matter section of +# the Document that deals exclusively with the relationship of the +# publishers or authors of the Document to the Document's overall subject +# (or to related matters) and contains nothing that could fall directly +# within that overall subject. (Thus, if the Document is in part a +# textbook of mathematics, a Secondary Section may not explain any +# mathematics.) The relationship could be a matter of historical +# connection with the subject or with related matters, or of legal, +# commercial, philosophical, ethical or political position regarding +# them. +# +# The "Invariant Sections" are certain Secondary Sections whose titles +# are designated, as being those of Invariant Sections, in the notice +# that says that the Document is released under this License. If a +# section does not fit the above definition of Secondary then it is not +# allowed to be designated as Invariant. The Document may contain zero +# Invariant Sections. If the Document does not identify any Invariant +# Sections then there are none. +# +# The "Cover Texts" are certain short passages of text that are listed, +# as Front-Cover Texts or Back-Cover Texts, in the notice that says that +# the Document is released under this License. A Front-Cover Text may +# be at most 5 words, and a Back-Cover Text may be at most 25 words. +# +# A "Transparent" copy of the Document means a machine-readable copy, +# represented in a format whose specification is available to the +# general public, that is suitable for revising the document +# straightforwardly with generic text editors or (for images composed of +# pixels) generic paint programs or (for drawings) some widely available +# drawing editor, and that is suitable for input to text formatters or +# for automatic translation to a variety of formats suitable for input +# to text formatters. A copy made in an otherwise Transparent file +# format whose markup, or absence of markup, has been arranged to thwart +# or discourage subsequent modification by readers is not Transparent. +# An image format is not Transparent if used for any substantial amount +# of text. A copy that is not "Transparent" is called "Opaque". +# +# Examples of suitable formats for Transparent copies include plain +# ASCII without markup, Texinfo input format, LaTeX input format, SGML +# or XML using a publicly available DTD, and standard-conforming simple +# HTML, PostScript or PDF designed for human modification. Examples of +# transparent image formats include PNG, XCF and JPG. Opaque formats +# include proprietary formats that can be read and edited only by +# proprietary word processors, SGML or XML for which the DTD and/or +# processing tools are not generally available, and the +# machine-generated HTML, PostScript or PDF produced by some word +# processors for output purposes only. +# +# The "Title Page" means, for a printed book, the title page itself, +# plus such following pages as are needed to hold, legibly, the material +# this License requires to appear in the title page. For works in +# formats which do not have any title page as such, "Title Page" means +# the text near the most prominent appearance of the work's title, +# preceding the beginning of the body of the text. +# +# A section "Entitled XYZ" means a named subunit of the Document whose +# title either is precisely XYZ or contains XYZ in parentheses following +# text that translates XYZ in another language. (Here XYZ stands for a +# specific section name mentioned below, such as "Acknowledgements", +# "Dedications", "Endorsements", or "History".) To "Preserve the Title" +# of such a section when you modify the Document means that it remains a +# section "Entitled XYZ" according to this definition. +# +# The Document may include Warranty Disclaimers next to the notice which +# states that this License applies to the Document. These Warranty +# Disclaimers are considered to be included by reference in this +# License, but only as regards disclaiming warranties: any other +# implication that these Warranty Disclaimers may have is void and has +# no effect on the meaning of this License. +# +# +# 2. VERBATIM COPYING +# +# You may copy and distribute the Document in any medium, either +# commercially or noncommercially, provided that this License, the +# copyright notices, and the license notice saying this License applies +# to the Document are reproduced in all copies, and that you add no other +# conditions whatsoever to those of this License. You may not use +# technical measures to obstruct or control the reading or further +# copying of the copies you make or distribute. However, you may accept +# compensation in exchange for copies. If you distribute a large enough +# number of copies you must also follow the conditions in section 3. +# +# You may also lend copies, under the same conditions stated above, and +# you may publicly display copies. +# +# +# 3. COPYING IN QUANTITY +# +# If you publish printed copies (or copies in media that commonly have +# printed covers) of the Document, numbering more than 100, and the +# Document's license notice requires Cover Texts, you must enclose the +# copies in covers that carry, clearly and legibly, all these Cover +# Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on +# the back cover. Both covers must also clearly and legibly identify +# you as the publisher of these copies. The front cover must present +# the full title with all words of the title equally prominent and +# visible. You may add other material on the covers in addition. +# Copying with changes limited to the covers, as long as they preserve +# the title of the Document and satisfy these conditions, can be treated +# as verbatim copying in other respects. +# +# If the required texts for either cover are too voluminous to fit +# legibly, you should put the first ones listed (as many as fit +# reasonably) on the actual cover, and continue the rest onto adjacent +# pages. +# +# If you publish or distribute Opaque copies of the Document numbering +# more than 100, you must either include a machine-readable Transparent +# copy along with each Opaque copy, or state in or with each Opaque copy +# a computer-network location from which the general network-using +# public has access to download using public-standard network protocols +# a complete Transparent copy of the Document, free of added material. +# If you use the latter option, you must take reasonably prudent steps, +# when you begin distribution of Opaque copies in quantity, to ensure +# that this Transparent copy will remain thus accessible at the stated +# location until at least one year after the last time you distribute an +# Opaque copy (directly or through your agents or retailers) of that +# edition to the public. +# +# It is requested, but not required, that you contact the authors of the +# Document well before redistributing any large number of copies, to give +# them a chance to provide you with an updated version of the Document. +# +# +# 4. MODIFICATIONS +# +# You may copy and distribute a Modified Version of the Document under +# the conditions of sections 2 and 3 above, provided that you release +# the Modified Version under precisely this License, with the Modified +# Version filling the role of the Document, thus licensing distribution +# and modification of the Modified Version to whoever possesses a copy +# of it. In addition, you must do these things in the Modified Version: +# +# A. Use in the Title Page (and on the covers, if any) a title distinct +# from that of the Document, and from those of previous versions +# (which should, if there were any, be listed in the History section +# of the Document). You may use the same title as a previous version +# if the original publisher of that version gives permission. +# B. List on the Title Page, as authors, one or more persons or entities +# responsible for authorship of the modifications in the Modified +# Version, together with at least five of the principal authors of the +# Document (all of its principal authors, if it has fewer than five), +# unless they release you from this requirement. +# C. State on the Title page the name of the publisher of the +# Modified Version, as the publisher. +# D. Preserve all the copyright notices of the Document. +# E. Add an appropriate copyright notice for your modifications +# adjacent to the other copyright notices. +# F. Include, immediately after the copyright notices, a license notice +# giving the public permission to use the Modified Version under the +# terms of this License, in the form shown in the Addendum below. +# G. Preserve in that license notice the full lists of Invariant Sections +# and required Cover Texts given in the Document's license notice. +# H. Include an unaltered copy of this License. +# I. Preserve the section Entitled "History", Preserve its Title, and add +# to it an item stating at least the title, year, new authors, and +# publisher of the Modified Version as given on the Title Page. If +# there is no section Entitled "History" in the Document, create one +# stating the title, year, authors, and publisher of the Document as +# given on its Title Page, then add an item describing the Modified +# Version as stated in the previous sentence. +# J. Preserve the network location, if any, given in the Document for +# public access to a Transparent copy of the Document, and likewise +# the network locations given in the Document for previous versions +# it was based on. These may be placed in the "History" section. +# You may omit a network location for a work that was published at +# least four years before the Document itself, or if the original +# publisher of the version it refers to gives permission. +# K. For any section Entitled "Acknowledgements" or "Dedications", +# Preserve the Title of the section, and preserve in the section all +# the substance and tone of each of the contributor acknowledgements +# and/or dedications given therein. +# L. Preserve all the Invariant Sections of the Document, +# unaltered in their text and in their titles. Section numbers +# or the equivalent are not considered part of the section titles. +# M. Delete any section Entitled "Endorsements". Such a section +# may not be included in the Modified Version. +# N. Do not retitle any existing section to be Entitled "Endorsements" +# or to conflict in title with any Invariant Section. +# O. Preserve any Warranty Disclaimers. +# +# If the Modified Version includes new front-matter sections or +# appendices that qualify as Secondary Sections and contain no material +# copied from the Document, you may at your option designate some or all +# of these sections as invariant. To do this, add their titles to the +# list of Invariant Sections in the Modified Version's license notice. +# These titles must be distinct from any other section titles. +# +# You may add a section Entitled "Endorsements", provided it contains +# nothing but endorsements of your Modified Version by various +# parties--for example, statements of peer review or that the text has +# been approved by an organization as the authoritative definition of a +# standard. +# +# You may add a passage of up to five words as a Front-Cover Text, and a +# passage of up to 25 words as a Back-Cover Text, to the end of the list +# of Cover Texts in the Modified Version. Only one passage of +# Front-Cover Text and one of Back-Cover Text may be added by (or +# through arrangements made by) any one entity. If the Document already +# includes a cover text for the same cover, previously added by you or +# by arrangement made by the same entity you are acting on behalf of, +# you may not add another; but you may replace the old one, on explicit +# permission from the previous publisher that added the old one. +# +# The author(s) and publisher(s) of the Document do not by this License +# give permission to use their names for publicity for or to assert or +# imply endorsement of any Modified Version. +# +# +# 5. COMBINING DOCUMENTS +# +# You may combine the Document with other documents released under this +# License, under the terms defined in section 4 above for modified +# versions, provided that you include in the combination all of the +# Invariant Sections of all of the original documents, unmodified, and +# list them all as Invariant Sections of your combined work in its +# license notice, and that you preserve all their Warranty Disclaimers. +# +# The combined work need only contain one copy of this License, and +# multiple identical Invariant Sections may be replaced with a single +# copy. If there are multiple Invariant Sections with the same name but +# different contents, make the title of each such section unique by +# adding at the end of it, in parentheses, the name of the original +# author or publisher of that section if known, or else a unique number. +# Make the same adjustment to the section titles in the list of +# Invariant Sections in the license notice of the combined work. +# +# In the combination, you must combine any sections Entitled "History" +# in the various original documents, forming one section Entitled +# "History"; likewise combine any sections Entitled "Acknowledgements", +# and any sections Entitled "Dedications". You must delete all sections +# Entitled "Endorsements". +# +# +# 6. COLLECTIONS OF DOCUMENTS +# +# You may make a collection consisting of the Document and other documents +# released under this License, and replace the individual copies of this +# License in the various documents with a single copy that is included in +# the collection, provided that you follow the rules of this License for +# verbatim copying of each of the documents in all other respects. +# +# You may extract a single document from such a collection, and distribute +# it individually under this License, provided you insert a copy of this +# License into the extracted document, and follow this License in all +# other respects regarding verbatim copying of that document. +# +# +# 7. AGGREGATION WITH INDEPENDENT WORKS +# +# A compilation of the Document or its derivatives with other separate +# and independent documents or works, in or on a volume of a storage or +# distribution medium, is called an "aggregate" if the copyright +# resulting from the compilation is not used to limit the legal rights +# of the compilation's users beyond what the individual works permit. +# When the Document is included in an aggregate, this License does not +# apply to the other works in the aggregate which are not themselves +# derivative works of the Document. +# +# If the Cover Text requirement of section 3 is applicable to these +# copies of the Document, then if the Document is less than one half of +# the entire aggregate, the Document's Cover Texts may be placed on +# covers that bracket the Document within the aggregate, or the +# electronic equivalent of covers if the Document is in electronic form. +# Otherwise they must appear on printed covers that bracket the whole +# aggregate. +# +# +# 8. TRANSLATION +# +# Translation is considered a kind of modification, so you may +# distribute translations of the Document under the terms of section 4. +# Replacing Invariant Sections with translations requires special +# permission from their copyright holders, but you may include +# translations of some or all Invariant Sections in addition to the +# original versions of these Invariant Sections. You may include a +# translation of this License, and all the license notices in the +# Document, and any Warranty Disclaimers, provided that you also include +# the original English version of this License and the original versions +# of those notices and disclaimers. In case of a disagreement between +# the translation and the original version of this License or a notice +# or disclaimer, the original version will prevail. +# +# If a section in the Document is Entitled "Acknowledgements", +# "Dedications", or "History", the requirement (section 4) to Preserve +# its Title (section 1) will typically require changing the actual +# title. +# +# +# 9. TERMINATION +# +# You may not copy, modify, sublicense, or distribute the Document except +# as expressly provided for under this License. Any other attempt to +# copy, modify, sublicense or distribute the Document is void, and will +# automatically terminate your rights under this License. However, +# parties who have received copies, or rights, from you under this +# License will not have their licenses terminated so long as such +# parties remain in full compliance. +# +# +# 10. FUTURE REVISIONS OF THIS LICENSE +# +# The Free Software Foundation may publish new, revised versions +# of the GNU Free Documentation License from time to time. Such new +# versions will be similar in spirit to the present version, but may +# differ in detail to address new problems or concerns. See +# http://www.gnu.org/copyleft/. +# +# Each version of the License is given a distinguishing version number. +# If the Document specifies that a particular numbered version of this +# License "or any later version" applies to it, you have the option of +# following the terms and conditions either of that specified version or +# of any later version that has been published (not as a draft) by the +# Free Software Foundation. If the Document does not specify a version +# number of this License, you may choose any version ever published (not +# as a draft) by the Free Software Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d110 1 +a110 1 + DESC 'Modifies Subject on spam - no longer in use since 2.7.0' +a390 132 +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.35 + NAME 'amavisAddrExtensionVirus' + DESC 'Address Extension for Virus' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.36 + NAME 'amavisAddrExtensionSpam' + DESC 'Address Extension for Spam' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.37 + NAME 'amavisAddrExtensionBanned' + DESC 'Address Extension for Banned' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.38 + NAME 'amavisAddrExtensionBadHeader' + DESC 'Address Extension for Bad Header' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +# NEW since 2.7.0: + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.39 + NAME 'amavisSpamTag3Level' + DESC 'Spam Tag3 Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.40 + NAME 'amavisSpamSubjectTag3' + DESC 'Spam Subject Tag3' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.41 + NAME 'amavisUncheckedQuarantineTo' + DESC 'Virus quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.42 + NAME 'amavisCleanQuarantineTo' + DESC 'Clean quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.43 + NAME 'amavisUncheckedLover' + DESC 'Unchecked Files Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.44 + NAME 'amavisForwardMethod' + DESC 'Forward / next hop destination' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.45 + NAME 'amavisSaUserConf' + DESC 'SpamAssassin user preferences configuration filename' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.46 + NAME 'amavisSaUserName' + DESC 'SpamAssassin username (for Bayes and AWL lookups)' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +a422 6 + amavisAddrExtensionVirus $ amavisAddrExtensionSpam $ + amavisAddrExtensionBanned $ amavisAddrExtensionBadHeader $ + amavisSpamTag3Level $ amavisSpamSubjectTag3 $ + amavisUncheckedQuarantineTo $ amavisCleanQuarantineTo $ + amavisUncheckedLover $ amavisForwardMethod $ + amavisSaUserConf $ amavisSaUserName $ +@ diff --git a/config-archive/etc/openldap/schema/authldap.schema,v b/config-archive/etc/openldap/schema/authldap.schema,v new file mode 100644 index 0000000..220d1c6 --- /dev/null +++ b/config-archive/etc/openldap/schema/authldap.schema,v @@ -0,0 +1,125 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.10.05.17.23.58; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#$Id: authldap.schema,v 1.2 2010/05/10 15:34:23 root Exp $ +# +# OID prefix: 1.3.6.1.4.1.10018 +# +# Attributes: 1.3.6.1.4.1.10018.1.1 +# +# Depends on: nis.schema, which depends on cosine.schema + +attributetype ( 1.3.6.1.4.1.10018.1.1.1 NAME 'mailbox' + DESC 'The absolute path to the mailbox for a mail account in a non-default location' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.2 NAME 'quota' + DESC 'A string that represents the quota on a mailbox' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.3 NAME 'clearPassword' + DESC 'A separate text that stores the mail account password in clear text' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128}) + +attributetype ( 1.3.6.1.4.1.10018.1.1.4 NAME 'maildrop' + DESC 'RFC822 Mailbox - mail alias' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.5 NAME 'mailsource' + DESC 'Message source' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.6 NAME 'virtualdomain' + DESC 'A mail domain that is mapped to a single mail account' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.7 NAME 'virtualdomainuser' + DESC 'Mailbox that receives mail for a mail domain' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.8 NAME 'defaultdelivery' + DESC 'Default mail delivery instructions' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.9 NAME 'disableimap' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.10 NAME 'disablepop3' + DESC 'Set this attribute to 1 to disable POP3 access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.11 NAME 'disablewebmail' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.12 NAME 'sharedgroup' + DESC 'Virtual shared group' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.13 NAME 'disableshared' + DESC 'Set this attribute to 1 to disable shared mailbox usage' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#attributetype ( 1.3.6.1.4.1.10018.1.1.14 NAME 'mailhost' +# DESC 'Host to which incoming POP/IMAP connections should be proxied' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# +# Objects: 1.3.6.1.4.1.10018.1.2 +# + +objectclass ( 1.3.6.1.4.1.10018.1.2.1 NAME 'CourierMailAccount' SUP top AUXILIARY + DESC 'Mail account object as used by the Courier mail server' + MUST ( mail $ homeDirectory ) + MAY ( uidNumber $ gidNumber $ mailbox $ uid $ cn $ gecos $ description $ loginShell $ quota $ userPassword $ clearPassword $ defaultdelivery $ disableimap $ disablepop3 $ disablewebmail $ sharedgroup $ disableshared $ mailHost) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.2 NAME 'CourierMailAlias' SUP top AUXILIARY + DESC 'Mail aliasing/forwarding entry' + MUST ( mail $ maildrop ) + MAY ( mailsource $ description ) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.3 NAME 'CourierDomainAlias' SUP top AUXILIARY + DESC 'Domain mail aliasing/forwarding entry' + MUST ( virtualdomain $ virtualdomainuser ) + MAY ( mailsource $ description ) ) +@ diff --git a/config-archive/etc/openldap/schema/authldap.schema.dist.new b/config-archive/etc/openldap/schema/authldap.schema.dist.new new file mode 100644 index 0000000..802b18c --- /dev/null +++ b/config-archive/etc/openldap/schema/authldap.schema.dist.new @@ -0,0 +1,103 @@ +#$Id: authldap.schema,v 1.9 2009/12/18 04:24:20 mrsam Exp $ +# +# OID prefix: 1.3.6.1.4.1.10018 +# +# Attributes: 1.3.6.1.4.1.10018.1.1 +# +# Depends on: nis.schema, which depends on cosine.schema + +attributetype ( 1.3.6.1.4.1.10018.1.1.1 NAME 'mailbox' + DESC 'The absolute path to the mailbox for a mail account in a non-default location' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.2 NAME 'quota' + DESC 'A string that represents the quota on a mailbox' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.3 NAME 'clearPassword' + DESC 'A separate text that stores the mail account password in clear text' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.4 NAME 'maildrop' + DESC 'RFC822 Mailbox - mail alias' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.5 NAME 'mailsource' + DESC 'Message source' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.6 NAME 'virtualdomain' + DESC 'A mail domain that is mapped to a single mail account' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.7 NAME 'virtualdomainuser' + DESC 'Mailbox that receives mail for a mail domain' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.8 NAME 'defaultdelivery' + DESC 'Default mail delivery instructions' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.9 NAME 'disableimap' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.10 NAME 'disablepop3' + DESC 'Set this attribute to 1 to disable POP3 access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.11 NAME 'disablewebmail' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.12 NAME 'sharedgroup' + DESC 'Virtual shared group' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.13 NAME 'disableshared' + DESC 'Set this attribute to 1 to disable shared mailbox usage' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#attributetype ( 1.3.6.1.4.1.10018.1.1.14 NAME 'mailhost' +# DESC 'Host to which incoming POP/IMAP connections should be proxied' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) +# +# +# Objects: 1.3.6.1.4.1.10018.1.2 +# + +objectclass ( 1.3.6.1.4.1.10018.1.2.1 NAME 'CourierMailAccount' + DESC 'Mail account object as used by the Courier mail server' + SUP top AUXILIARY + MUST ( mail $ homeDirectory ) + MAY ( uidNumber $ gidNumber $ mailbox $ uid $ cn $ gecos $ description $ loginShell $ quota $ userPassword $ clearPassword $ defaultdelivery $ disableimap $ disablepop3 $ disablewebmail $ sharedgroup $ disableshared $ mailhost ) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.2 NAME 'CourierMailAlias' + DESC 'Mail aliasing/forwarding entry' + SUP top AUXILIARY + MUST ( mail $ maildrop ) + MAY ( mailsource $ description ) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.3 NAME 'CourierDomainAlias' + DESC 'Domain mail aliasing/forwarding entry' + SUP top AUXILIARY + MUST ( virtualdomain $ virtualdomainuser ) + MAY ( mailsource $ description ) ) diff --git a/config-archive/etc/openldap/schema/collective.schema,v b/config-archive/etc/openldap/schema/collective.schema,v new file mode 100644 index 0000000..9ff2688 --- /dev/null +++ b/config-archive/etc/openldap/schema/collective.schema,v @@ -0,0 +1,273 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# collective.schema -- Collective attribute schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.5 2010/04/13 20:23:47 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (2003). +## Please see full copyright statement below. + +# From RFC 3671 [portions trimmed]: +# Collective Attributes in LDAP + +#Abstract +# +# X.500 collective attributes allow common characteristics to be shared +# between collections of entries. This document summarizes the X.500 +# information model for collective attributes and describes use of +# collective attributes in LDAP (Lightweight Directory Access Protocol). +# This document provides schema definitions for collective attributes +# for use in LDAP. + +#3. Collective Attribute Types +# +# A userApplications attribute type can be defined to be COLLECTIVE +# [RFC2252]. This indicates that the same attribute values will appear +# in the entries of an entry collection subject to the use of the +# collectiveExclusions attribute and other administrative controls. +# +# Collective attribute types are commonly defined as subtypes of non- +# collective attribute types. By convention, collective attributes are +# named by prefixing the name of their non-collective supertype with +# "c-". For example, the collective telephone attribute is named +# c-TelephoneNumber after its non-collective supertype telephoneNumber. +# +# Non-collective attributes types SHALL NOT subtype collective +# attributes. +# +# Collective attributes SHALL NOT be SINGLE-VALUED. Collective +# attribute types SHALL NOT appear in the attribute types of an object +# class definition. +# +# Operational attributes SHALL NOT be defined to be collective. +# +# The remainder of section provides a summary of collective attributes +# derived from those defined in [X.520]. Implementations of this +# specification SHOULD support the following collective attributes and +# MAY support additional collective attributes. +# +# +#3.1. Collective Locality Name +# +# The c-l attribute type specifies a locality name for a collection of +# entries. +# +attributeType ( 2.5.4.7.1 NAME 'c-l' + SUP l COLLECTIVE ) +# +# +#3.2. Collective State or Province Name +# +# The c-st attribute type specifies a state or province name for a +# collection of entries. +# +attributeType ( 2.5.4.8.1 NAME 'c-st' + SUP st COLLECTIVE ) +# +# +#3.3. Collective Street Address +# +# The c-street attribute type specifies a street address for a +# collection of entries. +# +attributeType ( 2.5.4.9.1 NAME 'c-street' + SUP street COLLECTIVE ) +# +# +#3.4. Collective Organization Name +# +# The c-o attribute type specifies an organization name for a collection +# of entries. +# +attributeType ( 2.5.4.10.1 NAME 'c-o' + SUP o COLLECTIVE ) +# +# +#3.5. Collective Organizational Unit Name +# +# The c-ou attribute type specifies an organizational unit name for a +# collection of entries. +# +attributeType ( 2.5.4.11.1 NAME 'c-ou' + SUP ou COLLECTIVE ) +# +# +#3.6. Collective Postal Address +# +# The c-PostalAddress attribute type specifies a postal address for a +# collection of entries. +# +attributeType ( 2.5.4.16.1 NAME 'c-PostalAddress' + SUP postalAddress COLLECTIVE ) +# +# +#3.7. Collective Postal Code +# +# The c-PostalCode attribute type specifies a postal code for a +# collection of entries. +# +attributeType ( 2.5.4.17.1 NAME 'c-PostalCode' + SUP postalCode COLLECTIVE ) +# +# +#3.8. Collective Post Office Box +# +# The c-PostOfficeBox attribute type specifies a post office box for a +# collection of entries. +# +attributeType ( 2.5.4.18.1 NAME 'c-PostOfficeBox' + SUP postOfficeBox COLLECTIVE ) +# +# +#3.9. Collective Physical Delivery Office Name +# +# The c-PhysicalDeliveryOfficeName attribute type specifies a physical +# delivery office name for a collection of entries. +# +attributeType ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName' + SUP physicalDeliveryOfficeName COLLECTIVE ) +# +# +#3.10. Collective Telephone Number +# +# The c-TelephoneNumber attribute type specifies a telephone number for +# a collection of entries. +# +attributeType ( 2.5.4.20.1 NAME 'c-TelephoneNumber' + SUP telephoneNumber COLLECTIVE ) +# +# +#3.11. Collective Telex Number +# +# The c-TelexNumber attribute type specifies a telex number for a +# collection of entries. +# +attributeType ( 2.5.4.21.1 NAME 'c-TelexNumber' + SUP telexNumber COLLECTIVE ) +# +# +#3.13. Collective Facsimile Telephone Number +# +# The c-FacsimileTelephoneNumber attribute type specifies a facsimile +# telephone number for a collection of entries. +# +attributeType ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber' + SUP facsimileTelephoneNumber COLLECTIVE ) +# +# +#3.14. Collective International ISDN Number +# +# The c-InternationalISDNNumber attribute type specifies an +# international ISDN number for a collection of entries. +# +attributeType ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber' + SUP internationalISDNNumber COLLECTIVE ) + +# Full Copyright +# +# Copyright (C) The Internet Society (2003). All Rights Reserved. +# +# This document and translations of it may be copied and furnished +# to others, and derivative works that comment on or otherwise explain +# it or assist in its implmentation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph +# are included on all such copies and derivative works. However, +# this document itself may not be modified in any way, such as by +# removing the copyright notice or references to the Internet Society +# or other Internet organizations, except as needed for the purpose +# of developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be followed, +# or as required to translate it into languages other than English. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.4 2009/01/22 00:01:13 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.5 2010/04/13 20:23:47 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.6 2011/01/04 23:50:51 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/corba.schema,v b/config-archive/etc/openldap/schema/corba.schema,v new file mode 100644 index 0000000..a252afe --- /dev/null +++ b/config-archive/etc/openldap/schema/corba.schema,v @@ -0,0 +1,325 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# corba.schema -- Corba Object Schema +# depends upon core.schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.5 2010/04/13 20:23:47 kurt Exp $ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.5 2010/04/13 20:23:47 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1999). +## Please see full copyright statement below. + + +# Network Working Group V. Ryan +# Request for Comments: 2714 R. Lee +# Category: Informational S. Seligman +# Sun Microsystems, Inc. +# October 1999 +# +# +# Schema for Representing CORBA Object References in an LDAP Directory +# +# Status of this Memo +# +# This memo provides information for the Internet community. It does +# not specify an Internet standard of any kind. Distribution of this +# memo is unlimited. +# +# Copyright Notice +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# Abstract +# +# CORBA [CORBA] is the Common Object Request Broker Architecture +# defined by the Object Management Group. This document defines the +# schema for representing CORBA object references in an LDAP directory +# [LDAPv3]. +# +# [trimmed] + +# 3. Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# corbaIor +# corbaRepositoryId +# +# 3.1 corbaIor +# +# This attribute stores the string representation of the interoperable +# object reference (IOR) for a CORBA object. An IOR is an opaque handle +# for the object which contains the information necessary to locate the +# object, even if the object is in another ORB. +# +# This attribute's syntax is 'IA5 String' and its case is +# insignificant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.14 +# NAME 'corbaIor' +# DESC 'Stringified interoperable object reference of a CORBA object' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.14 + NAME 'corbaIor' + DESC 'Stringified interoperable object reference of a CORBA object' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +# 3.2 corbaRepositoryId +# +# Each CORBA interface has a unique "repository id" (also called "type +# id") that identifies the interface. A CORBA object has one or more +# repository ids, one for each interface that it implements. +# +# The format of a repository id can be any string, but the OMG +# specifies four standard formats: +# +# a. IDL-style +# +# IDL:Prefix/ModuleName/InterfaceName:VersionNumber +# +# For example, the repository id for the "NamingContext" in OMG's COS +# Naming module is: "IDL:omg.org/CosNaming/NamingContext:1.0". +# +# b. RMI-style +# +# RMI:ClassName:HashCode[:SUID] +# +# This format is used by RMI-IIOP remote objects [RMI-IIOP]. +# "ClassName" is the fully qualified name of the class (for example, +# "java.lang.String"). "HashCode" is the object's hash code (that is, +# that obtained by invoking the "hashCode()" method). "SUID" is the +# "stream unique identifier", which is a 64-bit number that uniquely +# identifies the serialization version of the class; SUID is optional +# in the repository id. +# +# c. DCE-style +# +# DCE:UUID +# +# This format is used for DCE/CORBA interoperability [CORBA-DCE]. +# "UUID" represents a DCE UUID. +# +# d. "local" +# +# This format is defined by the local Object Request Broker (ORB). +# +# The corbaRepositoryId attribute is a multivalued attribute; each +# value records a single repository id of an interface implemented by +# the CORBA object. This attribute need not contain a complete list of +# the interfaces implemented by the CORBA object. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. The values of this attribute are encoded using UTF-8. +# Some values may require translation from their native representation +# in order to be correctly encoded using UTF-8. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.15 +# NAME 'corbaRepositoryId' +# DESC 'Repository ids of interfaces implemented by a CORBA object' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.15 + NAME 'corbaRepositoryId' + DESC 'Repository ids of interfaces implemented by a CORBA object' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 4. Object Class Definitions +# +# The following object classes are defined in this document: +# +# corbaContainer +# corbaObject +# corbaObjectReference +# +# 4.1 corbaContainer +# +# This structural object class represents a container for a CORBA +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.10 +# NAME 'corbaContainer' +# DESC 'Container for a CORBA object' +# SUP top +# STRUCTURAL +# MUST ( cn ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.10 + NAME 'corbaContainer' + DESC 'Container for a CORBA object' + SUP top + STRUCTURAL + MUST cn ) + +# 4.2 corbaObject +# +# This abstract object class is the root class for representing a CORBA +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.9 +# NAME 'corbaObject' +# DESC 'CORBA object representation' +# SUP top +# ABSTRACT +# MAY ( corbaRepositoryId $ description ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.9 + NAME 'corbaObject' + DESC 'CORBA object representation' + SUP top + ABSTRACT + MAY ( corbaRepositoryId $ description ) ) + +# 4.3 corbaObjectReference +# +# This auxiliary object class represents a CORBA object reference. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.11 +# NAME 'corbaObjectReference' +# DESC 'CORBA interoperable object reference' +# SUP corbaObject +# AUXILIARY +# MUST ( corbaIor ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.11 + NAME 'corbaObjectReference' + DESC 'CORBA interoperable object reference' + SUP corbaObject + AUXILIARY + MUST corbaIor ) + +# 10. Full Copyright Statement +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# This document and translations of it may be copied and furnished to +# others, and derivative works that comment on or otherwise explain it +# or assist in its implementation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph are +# included on all such copies and derivative works. However, this +# document itself may not be modified in any way, such as by removing +# the copyright notice or references to the Internet Society or other +# Internet organizations, except as needed for the purpose of +# developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be +# followed, or as required to translate it into languages other than +# English. +# +# The limited permissions granted above are perpetual and will not be +# revoked by the Internet Society or its successors or assigns. +# +# This document and the information contained herein is provided on an +# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d3 2 +a4 2 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.4 2009/01/22 00:01:13 kurt Exp $ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.4 2009/01/22 00:01:13 kurt Exp $ +d7 1 +a7 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 2 +a4 2 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.5 2010/04/13 20:23:47 kurt Exp $ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.5 2010/04/13 20:23:47 kurt Exp $ +d7 1 +a7 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d3 2 +a4 2 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.6 2011/01/04 23:50:51 kurt Exp $ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.6 2011/01/04 23:50:51 kurt Exp $ +d7 1 +a7 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/core.ldif,v b/config-archive/etc/openldap/schema/core.ldif,v new file mode 100644 index 0000000..b8286be --- /dev/null +++ b/config-archive/etc/openldap/schema/core.ldif,v @@ -0,0 +1,674 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# OpenLDAP Core schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.ldif,v 1.2.2.7 2010/04/13 20:23:47 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2003). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +# +# +# +# Includes LDAPv3 schema items from: +# RFC 2252/2256 (LDAPv3) +# +# Select standard track schema items: +# RFC 1274 (uid/dc) +# RFC 2079 (URI) +# RFC 2247 (dc/dcObject) +# RFC 2587 (PKI) +# RFC 2589 (Dynamic Directory Services) +# +# Select informational schema items: +# RFC 2377 (uidObject) +# +# +# Standard attribute types from RFC 2256 +# +dn: cn=core,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: core +# +# system schema +#olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' +# DESC 'RFC2256: object classes of the entity' +# EQUALITY objectIdentifierMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) +# DESC 'RFC2256: name of aliased object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) +# +olcAttributeTypes: ( 2.5.4.2 NAME 'knowledgeInformation' + DESC 'RFC2256: knowledge information' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) +# DESC 'RFC2256: common name(s) for which the entity is known by' +# SUP name ) +# +olcAttributeTypes: ( 2.5.4.4 NAME ( 'sn' 'surname' ) + DESC 'RFC2256: last (family) name(s) for which the entity is known by' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.5 NAME 'serialNumber' + DESC 'RFC2256: serial number of the entity' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) +# +# RFC 4519 definition ('countryName' in X.500 and RFC2256) +olcAttributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' ) + DESC 'RFC4519: two-letter ISO-3166 country code' + SUP name + SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 + SINGLE-VALUE ) +# +olcAttributeTypes: ( 2.5.4.7 NAME ( 'l' 'localityName' ) + DESC 'RFC2256: locality which this object resides in' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) + DESC 'RFC2256: state or province which this object resides in' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) + DESC 'RFC2256: street address of this object' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +# +olcAttributeTypes: ( 2.5.4.10 NAME ( 'o' 'organizationName' ) + DESC 'RFC2256: organization this object belongs to' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) + DESC 'RFC2256: organizational unit this object belongs to' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.12 NAME 'title' + DESC 'RFC2256: title associated with the entity' + SUP name ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.13 NAME 'description' +# DESC 'RFC2256: descriptive information' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) +# +# Deprecated by enhancedSearchGuide +olcAttributeTypes: ( 2.5.4.14 NAME 'searchGuide' + DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) +# +olcAttributeTypes: ( 2.5.4.15 NAME 'businessCategory' + DESC 'RFC2256: business category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +# +olcAttributeTypes: ( 2.5.4.16 NAME 'postalAddress' + DESC 'RFC2256: postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) +# +olcAttributeTypes: ( 2.5.4.17 NAME 'postalCode' + DESC 'RFC2256: postal code' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) +# +olcAttributeTypes: ( 2.5.4.18 NAME 'postOfficeBox' + DESC 'RFC2256: Post Office Box' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) +# +olcAttributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' + DESC 'RFC2256: Physical Delivery Office Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +# +olcAttributeTypes: ( 2.5.4.20 NAME 'telephoneNumber' + DESC 'RFC2256: Telephone Number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) +# +olcAttributeTypes: ( 2.5.4.21 NAME 'telexNumber' + DESC 'RFC2256: Telex Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) +# +olcAttributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier' + DESC 'RFC2256: Teletex Terminal Identifier' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) +# +olcAttributeTypes: ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) + DESC 'RFC2256: Facsimile (Fax) Telephone Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) +# +olcAttributeTypes: ( 2.5.4.24 NAME 'x121Address' + DESC 'RFC2256: X.121 Address' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) +# +olcAttributeTypes: ( 2.5.4.25 NAME 'internationaliSDNNumber' + DESC 'RFC2256: international ISDN number' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) +# +olcAttributeTypes: ( 2.5.4.26 NAME 'registeredAddress' + DESC 'RFC2256: registered postal address' + SUP postalAddress + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) +# +olcAttributeTypes: ( 2.5.4.27 NAME 'destinationIndicator' + DESC 'RFC2256: destination indicator' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) +# +olcAttributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod' + DESC 'RFC2256: preferred delivery method' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 + SINGLE-VALUE ) +# +olcAttributeTypes: ( 2.5.4.29 NAME 'presentationAddress' + DESC 'RFC2256: presentation address' + EQUALITY presentationAddressMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 + SINGLE-VALUE ) +# +olcAttributeTypes: ( 2.5.4.30 NAME 'supportedApplicationContext' + DESC 'RFC2256: supported application context' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) +# +olcAttributeTypes: ( 2.5.4.31 NAME 'member' + DESC 'RFC2256: member of a group' + SUP distinguishedName ) +# +olcAttributeTypes: ( 2.5.4.32 NAME 'owner' + DESC 'RFC2256: owner (of the object)' + SUP distinguishedName ) +# +olcAttributeTypes: ( 2.5.4.33 NAME 'roleOccupant' + DESC 'RFC2256: occupant of role' + SUP distinguishedName ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' +# DESC 'RFC2256: DN of related object' +# SUP distinguishedName ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword' +# DESC 'RFC2256/2307: password of user' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) +# +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +olcAttributeTypes: ( 2.5.4.36 NAME 'userCertificate' + DESC 'RFC2256: X.509 user certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) +# +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +olcAttributeTypes: ( 2.5.4.37 NAME 'cACertificate' + DESC 'RFC2256: X.509 CA certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) +# +# Must be transferred using ;binary +olcAttributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList' + DESC 'RFC2256: X.509 authority revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) +# +# Must be transferred using ;binary +olcAttributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList' + DESC 'RFC2256: X.509 certificate revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) +# +# Must be stored and requested in the binary form +olcAttributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair' + DESC 'RFC2256: X.509 cross certificate pair, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) +# +# 2.5.4.41 is defined above as it's used for subtyping +#olcAttributeTypes: ( 2.5.4.41 NAME 'name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) +# +olcAttributeTypes: ( 2.5.4.42 NAME ( 'givenName' 'gn' ) + DESC 'RFC2256: first name(s) for which the entity is known by' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.43 NAME 'initials' + DESC 'RFC2256: initials of some or all of names, but not the surname(s).' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.44 NAME 'generationQualifier' + DESC 'RFC2256: name qualifier indicating a generation' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.45 NAME 'x500UniqueIdentifier' + DESC 'RFC2256: X.500 unique identifier' + EQUALITY bitStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) +# +olcAttributeTypes: ( 2.5.4.46 NAME 'dnQualifier' + DESC 'RFC2256: DN qualifier' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreOrderingMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) +# +olcAttributeTypes: ( 2.5.4.47 NAME 'enhancedSearchGuide' + DESC 'RFC2256: enhanced search guide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) +# +olcAttributeTypes: ( 2.5.4.48 NAME 'protocolInformation' + DESC 'RFC2256: protocol information' + EQUALITY protocolInformationMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) +# +# 2.5.4.49 is defined above as it's used for subtyping +#olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +# +olcAttributeTypes: ( 2.5.4.50 NAME 'uniqueMember' + DESC 'RFC2256: unique member of a group' + EQUALITY uniqueMemberMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) +# +olcAttributeTypes: ( 2.5.4.51 NAME 'houseIdentifier' + DESC 'RFC2256: house identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) +# +# Must be transferred using ;binary +olcAttributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms' + DESC 'RFC2256: supported algorithms' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) +# +# Must be transferred using ;binary +olcAttributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList' + DESC 'RFC2256: delta revocation list; use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) +# +olcAttributeTypes: ( 2.5.4.54 NAME 'dmdName' + DESC 'RFC2256: name of DMD' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.65 NAME 'pseudonym' + DESC 'X.520(4th): pseudonym for the object' + SUP name ) +# +# Standard object classes from RFC2256 +# +# system schema +#olcObjectClasses: ( 2.5.6.1 NAME 'alias' +# DESC 'RFC2256: an alias' +# SUP top STRUCTURAL +# MUST aliasedObjectName ) +# +olcObjectClasses: ( 2.5.6.2 NAME 'country' + DESC 'RFC2256: a country' + SUP top STRUCTURAL + MUST c + MAY ( searchGuide $ description ) ) +# +olcObjectClasses: ( 2.5.6.3 NAME 'locality' + DESC 'RFC2256: a locality' + SUP top STRUCTURAL + MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.4 NAME 'organization' + DESC 'RFC2256: an organization' + SUP top STRUCTURAL + MUST o + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.5 NAME 'organizationalUnit' + DESC 'RFC2256: an organizational unit' + SUP top STRUCTURAL + MUST ou + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.6 NAME 'person' + DESC 'RFC2256: a person' + SUP top STRUCTURAL + MUST ( sn $ cn ) + MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) +# +olcObjectClasses: ( 2.5.6.7 NAME 'organizationalPerson' + DESC 'RFC2256: an organizational person' + SUP person STRUCTURAL + MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) +# +olcObjectClasses: ( 2.5.6.8 NAME 'organizationalRole' + DESC 'RFC2256: an organizational role' + SUP top STRUCTURAL + MUST cn + MAY ( x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.9 NAME 'groupOfNames' + DESC 'RFC2256: a group of names (DNs)' + SUP top STRUCTURAL + MUST ( member $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) +# +olcObjectClasses: ( 2.5.6.10 NAME 'residentialPerson' + DESC 'RFC2256: an residential person' + SUP person STRUCTURAL + MUST l + MAY ( businessCategory $ x121Address $ registeredAddress $ + destinationIndicator $ preferredDeliveryMethod $ telexNumber $ + teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l ) ) +# +olcObjectClasses: ( 2.5.6.11 NAME 'applicationProcess' + DESC 'RFC2256: an application process' + SUP top STRUCTURAL + MUST cn + MAY ( seeAlso $ ou $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.12 NAME 'applicationEntity' + DESC 'RFC2256: an application entity' + SUP top STRUCTURAL + MUST ( presentationAddress $ cn ) + MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ + description ) ) +# +olcObjectClasses: ( 2.5.6.13 NAME 'dSA' + DESC 'RFC2256: a directory system agent (a server)' + SUP applicationEntity STRUCTURAL + MAY knowledgeInformation ) +# +olcObjectClasses: ( 2.5.6.14 NAME 'device' + DESC 'RFC2256: a device' + SUP top STRUCTURAL + MUST cn + MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser' + DESC 'RFC2256: a strong authentication user' + SUP top AUXILIARY + MUST userCertificate ) +# +olcObjectClasses: ( 2.5.6.16 NAME 'certificationAuthority' + DESC 'RFC2256: a certificate authority' + SUP top AUXILIARY + MUST ( authorityRevocationList $ certificateRevocationList $ + cACertificate ) MAY crossCertificatePair ) +# +olcObjectClasses: ( 2.5.6.17 NAME 'groupOfUniqueNames' + DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' + SUP top STRUCTURAL + MUST ( uniqueMember $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) +# +olcObjectClasses: ( 2.5.6.18 NAME 'userSecurityInformation' + DESC 'RFC2256: a user security information' + SUP top AUXILIARY + MAY ( supportedAlgorithms ) ) +# +olcObjectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2' + SUP certificationAuthority + AUXILIARY MAY ( deltaRevocationList ) ) +# +olcObjectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( certificateRevocationList $ authorityRevocationList $ + deltaRevocationList ) ) +# +olcObjectClasses: ( 2.5.6.20 NAME 'dmd' + SUP top STRUCTURAL + MUST ( dmdName ) + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + street $ postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l $ description ) ) +# +# +# Object Classes from RFC 2587 +# +olcObjectClasses: ( 2.5.6.21 NAME 'pkiUser' + DESC 'RFC2587: a PKI user' + SUP top AUXILIARY + MAY userCertificate ) +# +olcObjectClasses: ( 2.5.6.22 NAME 'pkiCA' + DESC 'RFC2587: PKI certificate authority' + SUP top AUXILIARY + MAY ( authorityRevocationList $ certificateRevocationList $ + cACertificate $ crossCertificatePair ) ) +# +olcObjectClasses: ( 2.5.6.23 NAME 'deltaCRL' + DESC 'RFC2587: PKI user' + SUP top AUXILIARY + MAY deltaRevocationList ) +# +# +# Standard Track URI label schema from RFC 2079 +# system schema +#olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' +# DESC 'RFC2079: Uniform Resource Identifier with optional label' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +# +olcObjectClasses: ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' + DESC 'RFC2079: object that contains the URI attribute type' + MAY ( labeledURI ) + SUP top AUXILIARY ) +# +# +# Derived from RFC 1274, but with new "short names" +# +#olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 +# NAME ( 'uid' 'userid' ) +# DESC 'RFC1274: user identifier' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +# +olcAttributeTypes: ( 0.9.2342.19200300.100.1.3 + NAME ( 'mail' 'rfc822Mailbox' ) + DESC 'RFC1274: RFC822 Mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) +# +olcObjectClasses: ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' + DESC 'RFC1274: simple security object' + SUP top AUXILIARY + MUST userPassword ) +# +# RFC 1274 + RFC 2247 +olcAttributeTypes: ( 0.9.2342.19200300.100.1.25 + NAME ( 'dc' 'domainComponent' ) + DESC 'RFC1274/2247: domain component' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +# +# RFC 2247 +olcObjectClasses: ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' + DESC 'RFC2247: domain component object' + SUP top AUXILIARY MUST dc ) +# +# RFC 2377 +olcObjectClasses: ( 1.3.6.1.1.3.1 NAME 'uidObject' + DESC 'RFC2377: uid object' + SUP top AUXILIARY MUST uid ) +# +# From COSINE Pilot +olcAttributeTypes: ( 0.9.2342.19200300.100.1.37 + NAME 'associatedDomain' + DESC 'RFC1274: domain associated with object' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +# +# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema) +olcAttributeTypes: ( 1.2.840.113549.1.9.1 + NAME ( 'email' 'emailAddress' 'pkcs9email' ) + DESC 'RFC3280: legacy attribute for email addresses in DNs' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) +# +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.ldif,v 1.2.2.6 2009/01/22 00:01:13 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.ldif,v 1.2.2.7 2010/04/13 20:23:47 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.ldif,v 1.2.2.8 2011/01/04 23:50:51 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/core.schema,v b/config-archive/etc/openldap/schema/core.schema,v new file mode 100644 index 0000000..7a1884c --- /dev/null +++ b/config-archive/etc/openldap/schema/core.schema,v @@ -0,0 +1,693 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# OpenLDAP Core schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.8 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2006). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +# +# +# Includes LDAPv3 schema items from: +# RFC 2252/2256 (LDAPv3) +# +# Select standard track schema items: +# RFC 1274 (uid/dc) +# RFC 2079 (URI) +# RFC 2247 (dc/dcObject) +# RFC 2587 (PKI) +# RFC 2589 (Dynamic Directory Services) +# RFC 4524 (associatedDomain) +# +# Select informational schema items: +# RFC 2377 (uidObject) + +# +# Standard attribute types from RFC 2256 +# + +# system schema +#attributetype ( 2.5.4.0 NAME 'objectClass' +# DESC 'RFC2256: object classes of the entity' +# EQUALITY objectIdentifierMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +# system schema +#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) +# DESC 'RFC2256: name of aliased object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) + +attributetype ( 2.5.4.2 NAME 'knowledgeInformation' + DESC 'RFC2256: knowledge information' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +# system schema +#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) +# DESC 'RFC2256: common name(s) for which the entity is known by' +# SUP name ) + +attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) + DESC 'RFC2256: last (family) name(s) for which the entity is known by' + SUP name ) + +attributetype ( 2.5.4.5 NAME 'serialNumber' + DESC 'RFC2256: serial number of the entity' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) + +# RFC 4519 definition ('countryName' in X.500 and RFC2256) +attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) + DESC 'RFC4519: two-letter ISO-3166 country code' + SUP name + SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 + SINGLE-VALUE ) + +#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# DESC 'RFC2256: ISO-3166 country 2-letter code' +# SUP name SINGLE-VALUE ) + +attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) + DESC 'RFC2256: locality which this object resides in' + SUP name ) + +attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) + DESC 'RFC2256: state or province which this object resides in' + SUP name ) + +attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) + DESC 'RFC2256: street address of this object' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) + DESC 'RFC2256: organization this object belongs to' + SUP name ) + +attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) + DESC 'RFC2256: organizational unit this object belongs to' + SUP name ) + +attributetype ( 2.5.4.12 NAME 'title' + DESC 'RFC2256: title associated with the entity' + SUP name ) + +# system schema +#attributetype ( 2.5.4.13 NAME 'description' +# DESC 'RFC2256: descriptive information' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) + +# Deprecated by enhancedSearchGuide +attributetype ( 2.5.4.14 NAME 'searchGuide' + DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) + +attributetype ( 2.5.4.15 NAME 'businessCategory' + DESC 'RFC2256: business category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.16 NAME 'postalAddress' + DESC 'RFC2256: postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 2.5.4.17 NAME 'postalCode' + DESC 'RFC2256: postal code' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 2.5.4.18 NAME 'postOfficeBox' + DESC 'RFC2256: Post Office Box' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' + DESC 'RFC2256: Physical Delivery Office Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.20 NAME 'telephoneNumber' + DESC 'RFC2256: Telephone Number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) + +attributetype ( 2.5.4.21 NAME 'telexNumber' + DESC 'RFC2256: Telex Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) + +attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' + DESC 'RFC2256: Teletex Terminal Identifier' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) + +attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) + DESC 'RFC2256: Facsimile (Fax) Telephone Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + +attributetype ( 2.5.4.24 NAME 'x121Address' + DESC 'RFC2256: X.121 Address' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) + +attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' + DESC 'RFC2256: international ISDN number' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) + +attributetype ( 2.5.4.26 NAME 'registeredAddress' + DESC 'RFC2256: registered postal address' + SUP postalAddress + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 2.5.4.27 NAME 'destinationIndicator' + DESC 'RFC2256: destination indicator' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) + +attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' + DESC 'RFC2256: preferred delivery method' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 + SINGLE-VALUE ) + +attributetype ( 2.5.4.29 NAME 'presentationAddress' + DESC 'RFC2256: presentation address' + EQUALITY presentationAddressMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 + SINGLE-VALUE ) + +attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' + DESC 'RFC2256: supported application context' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +attributetype ( 2.5.4.31 NAME 'member' + DESC 'RFC2256: member of a group' + SUP distinguishedName ) + +attributetype ( 2.5.4.32 NAME 'owner' + DESC 'RFC2256: owner (of the object)' + SUP distinguishedName ) + +attributetype ( 2.5.4.33 NAME 'roleOccupant' + DESC 'RFC2256: occupant of role' + SUP distinguishedName ) + +# system schema +#attributetype ( 2.5.4.34 NAME 'seeAlso' +# DESC 'RFC2256: DN of related object' +# SUP distinguishedName ) + +# system schema +#attributetype ( 2.5.4.35 NAME 'userPassword' +# DESC 'RFC2256/2307: password of user' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) + +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +attributetype ( 2.5.4.36 NAME 'userCertificate' + DESC 'RFC2256: X.509 user certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +attributetype ( 2.5.4.37 NAME 'cACertificate' + DESC 'RFC2256: X.509 CA certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.38 NAME 'authorityRevocationList' + DESC 'RFC2256: X.509 authority revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.39 NAME 'certificateRevocationList' + DESC 'RFC2256: X.509 certificate revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +# Must be stored and requested in the binary form +attributetype ( 2.5.4.40 NAME 'crossCertificatePair' + DESC 'RFC2256: X.509 cross certificate pair, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) + +# system schema +#attributetype ( 2.5.4.41 NAME 'name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) + DESC 'RFC2256: first name(s) for which the entity is known by' + SUP name ) + +attributetype ( 2.5.4.43 NAME 'initials' + DESC 'RFC2256: initials of some or all of names, but not the surname(s).' + SUP name ) + +attributetype ( 2.5.4.44 NAME 'generationQualifier' + DESC 'RFC2256: name qualifier indicating a generation' + SUP name ) + +attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' + DESC 'RFC2256: X.500 unique identifier' + EQUALITY bitStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) + +attributetype ( 2.5.4.46 NAME 'dnQualifier' + DESC 'RFC2256: DN qualifier' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreOrderingMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) + +attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' + DESC 'RFC2256: enhanced search guide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) + +attributetype ( 2.5.4.48 NAME 'protocolInformation' + DESC 'RFC2256: protocol information' + EQUALITY protocolInformationMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) + +# system schema +#attributetype ( 2.5.4.49 NAME 'distinguishedName' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.5.4.50 NAME 'uniqueMember' + DESC 'RFC2256: unique member of a group' + EQUALITY uniqueMemberMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) + +attributetype ( 2.5.4.51 NAME 'houseIdentifier' + DESC 'RFC2256: house identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' + DESC 'RFC2256: supported algorithms' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.53 NAME 'deltaRevocationList' + DESC 'RFC2256: delta revocation list; use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +attributetype ( 2.5.4.54 NAME 'dmdName' + DESC 'RFC2256: name of DMD' + SUP name ) + +attributetype ( 2.5.4.65 NAME 'pseudonym' + DESC 'X.520(4th): pseudonym for the object' + SUP name ) + +# Standard object classes from RFC2256 + +# system schema +#objectclass ( 2.5.6.0 NAME 'top' +# DESC 'RFC2256: top of the superclass chain' +# ABSTRACT +# MUST objectClass ) + +# system schema +#objectclass ( 2.5.6.1 NAME 'alias' +# DESC 'RFC2256: an alias' +# SUP top STRUCTURAL +# MUST aliasedObjectName ) + +objectclass ( 2.5.6.2 NAME 'country' + DESC 'RFC2256: a country' + SUP top STRUCTURAL + MUST c + MAY ( searchGuide $ description ) ) + +objectclass ( 2.5.6.3 NAME 'locality' + DESC 'RFC2256: a locality' + SUP top STRUCTURAL + MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) + +objectclass ( 2.5.6.4 NAME 'organization' + DESC 'RFC2256: an organization' + SUP top STRUCTURAL + MUST o + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) + +objectclass ( 2.5.6.5 NAME 'organizationalUnit' + DESC 'RFC2256: an organizational unit' + SUP top STRUCTURAL + MUST ou + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) + +objectclass ( 2.5.6.6 NAME 'person' + DESC 'RFC2256: a person' + SUP top STRUCTURAL + MUST ( sn $ cn ) + MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) + +objectclass ( 2.5.6.7 NAME 'organizationalPerson' + DESC 'RFC2256: an organizational person' + SUP person STRUCTURAL + MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) + +objectclass ( 2.5.6.8 NAME 'organizationalRole' + DESC 'RFC2256: an organizational role' + SUP top STRUCTURAL + MUST cn + MAY ( x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) + +objectclass ( 2.5.6.9 NAME 'groupOfNames' + DESC 'RFC2256: a group of names (DNs)' + SUP top STRUCTURAL + MUST ( member $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) + +objectclass ( 2.5.6.10 NAME 'residentialPerson' + DESC 'RFC2256: an residential person' + SUP person STRUCTURAL + MUST l + MAY ( businessCategory $ x121Address $ registeredAddress $ + destinationIndicator $ preferredDeliveryMethod $ telexNumber $ + teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l ) ) + +objectclass ( 2.5.6.11 NAME 'applicationProcess' + DESC 'RFC2256: an application process' + SUP top STRUCTURAL + MUST cn + MAY ( seeAlso $ ou $ l $ description ) ) + +objectclass ( 2.5.6.12 NAME 'applicationEntity' + DESC 'RFC2256: an application entity' + SUP top STRUCTURAL + MUST ( presentationAddress $ cn ) + MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ + description ) ) + +objectclass ( 2.5.6.13 NAME 'dSA' + DESC 'RFC2256: a directory system agent (a server)' + SUP applicationEntity STRUCTURAL + MAY knowledgeInformation ) + +objectclass ( 2.5.6.14 NAME 'device' + DESC 'RFC2256: a device' + SUP top STRUCTURAL + MUST cn + MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) + +objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' + DESC 'RFC2256: a strong authentication user' + SUP top AUXILIARY + MUST userCertificate ) + +objectclass ( 2.5.6.16 NAME 'certificationAuthority' + DESC 'RFC2256: a certificate authority' + SUP top AUXILIARY + MUST ( authorityRevocationList $ certificateRevocationList $ + cACertificate ) MAY crossCertificatePair ) + +objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' + DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' + SUP top STRUCTURAL + MUST ( uniqueMember $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) + +objectclass ( 2.5.6.18 NAME 'userSecurityInformation' + DESC 'RFC2256: a user security information' + SUP top AUXILIARY + MAY ( supportedAlgorithms ) ) + +objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' + SUP certificationAuthority + AUXILIARY MAY ( deltaRevocationList ) ) + +objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( certificateRevocationList $ authorityRevocationList $ + deltaRevocationList ) ) + +objectclass ( 2.5.6.20 NAME 'dmd' + SUP top STRUCTURAL + MUST ( dmdName ) + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + street $ postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l $ description ) ) + +# +# Object Classes from RFC 2587 +# +objectclass ( 2.5.6.21 NAME 'pkiUser' + DESC 'RFC2587: a PKI user' + SUP top AUXILIARY + MAY userCertificate ) + +objectclass ( 2.5.6.22 NAME 'pkiCA' + DESC 'RFC2587: PKI certificate authority' + SUP top AUXILIARY + MAY ( authorityRevocationList $ certificateRevocationList $ + cACertificate $ crossCertificatePair ) ) + +objectclass ( 2.5.6.23 NAME 'deltaCRL' + DESC 'RFC2587: PKI user' + SUP top AUXILIARY + MAY deltaRevocationList ) + +# +# Standard Track URI label schema from RFC 2079 +# system schema +#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' +# DESC 'RFC2079: Uniform Resource Identifier with optional label' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' + DESC 'RFC2079: object that contains the URI attribute type' + SUP top AUXILIARY + MAY ( labeledURI ) ) + +# +# Derived from RFC 1274, but with new "short names" +# +#attributetype ( 0.9.2342.19200300.100.1.1 +# NAME ( 'uid' 'userid' ) +# DESC 'RFC1274: user identifier' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +attributetype ( 0.9.2342.19200300.100.1.3 + NAME ( 'mail' 'rfc822Mailbox' ) + DESC 'RFC1274: RFC822 Mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' + DESC 'RFC1274: simple security object' + SUP top AUXILIARY + MUST userPassword ) + +# RFC 1274 + RFC 2247 +attributetype ( 0.9.2342.19200300.100.1.25 + NAME ( 'dc' 'domainComponent' ) + DESC 'RFC1274/2247: domain component' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# RFC 2247 +objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' + DESC 'RFC2247: domain component object' + SUP top AUXILIARY MUST dc ) + +# RFC 2377 +objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' + DESC 'RFC2377: uid object' + SUP top AUXILIARY MUST uid ) + +# RFC 4524 +# The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181] +# host names [RFC1123] that are associated with an object. That is, +# values of this attribute should conform to the following ABNF: +# +# domain = root / label *( DOT label ) +# root = SPACE +# label = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ] +# LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z" +# SPACE = %x20 ; space (" ") +# HYPHEN = %x2D ; hyphen ("-") +# DOT = %x2E ; period (".") +attributetype ( 0.9.2342.19200300.100.1.37 + NAME 'associatedDomain' + DESC 'RFC1274: domain associated with object' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema) +attributetype ( 1.2.840.113549.1.9.1 + NAME ( 'email' 'emailAddress' 'pkcs9email' ) + DESC 'RFC3280: legacy attribute for email addresses in DNs' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.7 2009/01/22 00:01:13 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.8 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.9 2011/01/04 23:50:51 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/cosine.ldif,v b/config-archive/etc/openldap/schema/cosine.ldif,v new file mode 100644 index 0000000..1575181 --- /dev/null +++ b/config-archive/etc/openldap/schema/cosine.ldif,v @@ -0,0 +1,283 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# RFC1274: Cosine and Internet X.500 schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.ldif,v 1.1.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# RFC1274: Cosine and Internet X.500 schema +# +# This file contains LDAPv3 schema derived from X.500 COSINE "pilot" +# schema. As this schema was defined for X.500(89), some +# oddities were introduced in the mapping to LDAPv3. The +# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt +# (a work in progress) +# +# Note: It seems that the pilot schema evolved beyond what was +# described in RFC1274. However, this document attempts to describes +# RFC1274 as published. +# +# Depends on core.ldif +# +# This file was automatically generated from cosine.schema; see that +# file for complete background. +# +dn: cn=cosine,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: cosine +olcAttributeTypes: ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' + EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1. + 1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'RFC1274: g + eneral information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDri + nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR caseIgno + reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'RFC1 + 274: room number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S + YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'RFC1274: + photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'RFC12 + 74: category of user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat + ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'RFC1274: h + ost computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTA + X 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'RFC127 + 4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115 + .121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' D + ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch SUBSTR + caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC ' + RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstri + ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' DES + C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSu + bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DESC + 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch SYNTAX 1 + .3.6.1.4.1.1466.115.121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' DE + SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch SUBSTR c + aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone' 'homeTe + lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY telephoneNumb + erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121 + .1.50 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'RFC + 1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.146 + 6.115.121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' SYNTAX + 1.3.6.1.4.1.1466.115.121.1.39 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY ca + seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' EQUALITY c + aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' EQUALITY c + aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' EQUALITY c + aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' EQUALITY + caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' EQUALIT + Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC + 'RFC1274: DN of entry associated with domain' EQUALITY distinguishedNameMatc + h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' D + ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIg + noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DESC + 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstring + sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileTel + ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY telephoneNum + berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 + 1.1.50 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTelep + honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY telephoneNumber + Match SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 + .50 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCount + ryName' ) DESC 'RFC1274: friendly country name' EQUALITY caseIgnoreMatch SUBS + TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' DE + SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.14 + 66.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus + ' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR caseI + gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC ' + RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5Subst + ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption + ' DESC 'RFC1274: mail preference option' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC ' + RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstrin + gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC 'RF + C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' + DESC 'RFC1274: Single Level Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SIN + GLE-VALUE ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQualit + y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 13 SINGLE-VALUE ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQualit + y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 13 SINGLE-VALUE ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' D + ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 23 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC 'R + FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466 + .115.121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'RFC1274 + : audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' D + ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR caseIgno + reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' 'newPilo + tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $ rfc822 + Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber $ hom + ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $ busine + ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ pagerTelep + honeNumber $ organizationalStatus $ mailPreferenceOption $ personalSignature + ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top STRUCT + URAL MUST userid MAY ( description $ seeAlso $ localityName $ organizationNam + e $ organizationalUnitName $ host ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top STRUC + TURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso $ loca + lityName $ organizationName $ organizationalUnitName $ documentTitle $ docume + ntVersion $ documentAuthor $ documentLocation $ documentPublisher ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURA + L MUST commonName MAY ( roomNumber $ description $ seeAlso $ telephoneNumber + ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top + STRUCTURAL MUST commonName MAY ( description $ seeAlso $ telephonenumber $ l + ocalityName $ organizationName $ organizationalUnitName ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCT + URAL MUST domainComponent MAY ( associatedName $ organizationName $ descripti + on $ businessCategory $ seeAlso $ searchGuide $ userPassword $ localityName $ + stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $ postalAdd + ress $ postalCode $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber + $ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ tel + exNumber $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress + $ x121Address ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP d + omain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $ telepho + neNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOffi + ceBox $ streetAddress $ facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ preferredDelivery + Method $ destinationIndicator $ registeredAddress $ x121Address ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP domain + STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAME + Record ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' D + ESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST associat + edDomain ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP c + ountry STRUCTURAL MUST friendlyCountryName ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' SU + P ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa STR + UCTURAL MAY dSAQuality ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' + SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $ subtreeMaximu + mQuality ) ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.ldif,v 1.1.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.ldif,v 1.1.2.5 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.ldif,v 1.1.2.6 2011/01/04 23:50:51 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/cosine.schema,v b/config-archive/etc/openldap/schema/cosine.schema,v new file mode 100644 index 0000000..c778801 --- /dev/null +++ b/config-archive/etc/openldap/schema/cosine.schema,v @@ -0,0 +1,2654 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# RFC1274: Cosine and Internet X.500 schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# RFC1274: Cosine and Internet X.500 schema +# +# This file contains LDAPv3 schema derived from X.500 COSINE "pilot" +# schema. As this schema was defined for X.500(89), some +# oddities were introduced in the mapping to LDAPv3. The +# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt +# (a work in progress) +# +# Note: It seems that the pilot schema evolved beyond what was +# described in RFC1274. However, this document attempts to describes +# RFC1274 as published. +# +# Depends on core.schema + + +# Network Working Group P. Barker +# Request for Comments: 1274 S. Kille +# University College London +# November 1991 +# +# The COSINE and Internet X.500 Schema +# +# [trimmed] +# +# Abstract +# +# This document suggests an X.500 Directory Schema, or Naming +# Architecture, for use in the COSINE and Internet X.500 pilots. The +# schema is independent of any specific implementation. As well as +# indicating support for the standard object classes and attributes, a +# large number of generally useful object classes and attributes are +# also defined. An appendix to this document includes a machine +# processable version of the schema. +# +# [trimmed] + +# 7. Object Identifiers +# +# Some additional object identifiers are defined for this schema. +# These are also reproduced in Appendix C. +# +# data OBJECT IDENTIFIER ::= {ccitt 9} +# pss OBJECT IDENTIFIER ::= {data 2342} +# ucl OBJECT IDENTIFIER ::= {pss 19200300} +# pilot OBJECT IDENTIFIER ::= {ucl 100} +# +# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1} +# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3} +# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4} +# pilotGroups OBJECT IDENTIFIER ::= {pilot 10} +# +# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4} +# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::= +# {pilotAttributeSyntax 5} +# +# 8. Object Classes +# [relocated after 9] + +# +# 9. Attribute Types +# +# 9.1. X.500 standard attribute types +# +# A number of generally useful attribute types are defined in X.520, +# and these are supported. Refer to that document for descriptions of +# the suggested usage of these attribute types. The ASN.1 for these +# attribute types is reproduced for completeness in Appendix C. +# +# 9.2. X.400 standard attribute types +# +# The standard X.400 attribute types are supported. See X.402 for full +# details. The ASN.1 for these attribute types is reproduced in +# Appendix C. +# +# 9.3. COSINE/Internet attribute types +# +# This section describes all the attribute types defined for use in the +# COSINE and Internet pilots. Descriptions are given as to the +# suggested usage of these attribute types. The ASN.1 for these +# attribute types is reproduced in Appendix C. +# +# 9.3.1. Userid +# +# The Userid attribute type specifies a computer system login name. +# +# userid ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-identifier)) +# ::= {pilotAttributeType 1} +# +#(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) +## EQUALITY caseIgnoreMatch +## SUBSTR caseIgnoreSubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.2. Text Encoded O/R Address +# +# The Text Encoded O/R Address attribute type specifies a text encoding +# of an X.400 O/R address, as specified in RFC 987. The use of this +# attribute is deprecated as the attribute is intended for interim use +# only. This attribute will be the first candidate for the attribute +# expiry mechanisms! +# +# textEncodedORAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-text-encoded-or-address)) +# ::= {pilotAttributeType 2} +# +attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.3. RFC 822 Mailbox +# +# The RFC822 Mailbox attribute type specifies an electronic mailbox +# attribute following the syntax specified in RFC 822. Note that this +# attribute should not be used for greybook or other non-Internet order +# mailboxes. +# +# rfc822Mailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-rfc822-mailbox)) +# ::= {pilotAttributeType 3} +# +#(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) +## EQUALITY caseIgnoreIA5Match +## SUBSTR caseIgnoreIA5SubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# 9.3.4. Information +# +# The Information attribute type specifies any general information +# pertinent to an object. It is recommended that specific usage of +# this attribute type is avoided, and that specific requirements are +# met by other (possibly additional) attribute types. +# +# info ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-information)) +# ::= {pilotAttributeType 4} +# +attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' + DESC 'RFC1274: general information' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) + + +# 9.3.5. Favourite Drink +# +# The Favourite Drink attribute type specifies the favourite drink of +# an object (or person). +# +# favouriteDrink ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-favourite-drink)) +# ::= {pilotAttributeType 5} +# +attributetype ( 0.9.2342.19200300.100.1.5 + NAME ( 'drink' 'favouriteDrink' ) + DESC 'RFC1274: favorite drink' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.6. Room Number +# +# The Room Number attribute type specifies the room number of an +# object. Note that the commonName attribute should be used for naming +# room objects. +# +# roomNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-room-number)) +# ::= {pilotAttributeType 6} +# +attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' + DESC 'RFC1274: room number' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.7. Photo +# +# The Photo attribute type specifies a "photograph" for an object. +# This should be encoded in G3 fax as explained in recommendation T.4, +# with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as +# defined in X.420. +# +# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules +# information-objects } +# +# photo ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-photo)) +# ::= {pilotAttributeType 7} +# +attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' + DESC 'RFC1274: photo (G3 fax)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) + +# 9.3.8. User Class +# +# The User Class attribute type specifies a category of computer user. +# The semantics placed on this attribute are for local interpretation. +# Examples of current usage od this attribute in academia are +# undergraduate student, researcher, lecturer, etc. Note that the +# organizationalStatus attribute may now often be preferred as it makes +# no distinction between computer users and others. +# +# userClass ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-class)) +# ::= {pilotAttributeType 8} +# +attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' + DESC 'RFC1274: category of user' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.9. Host +# +# The Host attribute type specifies a host computer. +# +# host ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-host)) +# ::= {pilotAttributeType 9} +# +attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' + DESC 'RFC1274: host computer' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.10. Manager +# +# The Manager attribute type specifies the manager of an object +# represented by an entry. +# +# manager ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 10} +# +attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' + DESC 'RFC1274: DN of manager' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.11. Document Identifier +# +# The Document Identifier attribute type specifies a unique identifier +# for a document. +# +# documentIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-identifier)) +# ::= {pilotAttributeType 11} +# +attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' + DESC 'RFC1274: unique identifier of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.12. Document Title +# +# The Document Title attribute type specifies the title of a document. +# +# documentTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-title)) +# ::= {pilotAttributeType 12} +# +attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' + DESC 'RFC1274: title of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.13. Document Version +# +# The Document Version attribute type specifies the version number of a +# document. +# +# documentVersion ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-version)) +# ::= {pilotAttributeType 13} +# +attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' + DESC 'RFC1274: version of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.14. Document Author +# +# The Document Author attribute type specifies the distinguished name +# of the author of a document. +# +# documentAuthor ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 14} +# +attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' + DESC 'RFC1274: DN of author of document' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.15. Document Location +# +# The Document Location attribute type specifies the location of the +# document original. +# +# documentLocation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-location)) +# ::= {pilotAttributeType 15} +# +attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' + DESC 'RFC1274: location of document original' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.16. Home Telephone Number +# +# The Home Telephone Number attribute type specifies a home telephone +# number associated with a person. Attribute values should follow the +# agreed format for international telephone numbers: i.e., "+44 71 123 +# 4567". +# +# homeTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 20} +# +attributetype ( 0.9.2342.19200300.100.1.20 + NAME ( 'homePhone' 'homeTelephoneNumber' ) + DESC 'RFC1274: home telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.17. Secretary +# +# The Secretary attribute type specifies the secretary of a person. +# The attribute value for Secretary is a distinguished name. +# +# secretary ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 21} +# +attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' + DESC 'RFC1274: DN of secretary' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.18. Other Mailbox +# +# The Other Mailbox attribute type specifies values for electronic +# mailbox types other than X.400 and rfc822. +# +# otherMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# SEQUENCE { +# mailboxType PrintableString, -- e.g. Telemail +# mailbox IA5String -- e.g. X378:Joe +# } +# ::= {pilotAttributeType 22} +# +attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ) + +# 9.3.19. Last Modified Time +# +# The Last Modified Time attribute type specifies the last time, in UTC +# time, that an entry was modified. Ideally, this attribute should be +# maintained by the DSA. +# +# lastModifiedTime ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# uTCTimeSyntax +# ::= {pilotAttributeType 23} +# +## Deprecated in favor of modifyTimeStamp +#attributetype ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime' +# DESC 'RFC1274: time of last modify, replaced by modifyTimestamp' +# OBSOLETE +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 +# USAGE directoryOperation ) + +# 9.3.20. Last Modified By +# +# The Last Modified By attribute specifies the distinguished name of +# the last user to modify the associated entry. Ideally, this +# attribute should be maintained by the DSA. +# +# lastModifiedBy ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 24} +# +## Deprecated in favor of modifiersName +#attributetype ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy' +# DESC 'RFC1274: last modifier, replaced by modifiersName' +# OBSOLETE +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 +# USAGE directoryOperation ) + +# 9.3.21. Domain Component +# +# The Domain Component attribute type specifies a DNS/NRS domain. For +# example, "uk" or "ac". +# +# domainComponent ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# SINGLE VALUE +# ::= {pilotAttributeType 25} +# +##(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) +## EQUALITY caseIgnoreIA5Match +## SUBSTR caseIgnoreIA5SubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# 9.3.22. DNS ARecord +# +# The A Record attribute type specifies a type A (Address) DNS resource +# record [6] [7]. +# +# aRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 26} +# +## incorrect syntax? +attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +## missing from RFC1274 +## incorrect syntax? +attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.23. MX Record +# +# The MX Record attribute type specifies a type MX (Mail Exchange) DNS +# resource record [6] [7]. +# +# mXRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 28} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.24. NS Record +# +# The NS Record attribute type specifies an NS (Name Server) DNS +# resource record [6] [7]. +# +# nSRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 29} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.25. SOA Record +# +# The SOA Record attribute type specifies a type SOA (Start of +# Authority) DNS resorce record [6] [7]. +# +# sOARecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 30} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.26. CNAME Record +# +# The CNAME Record attribute type specifies a type CNAME (Canonical +# Name) DNS resource record [6] [7]. +# +# cNAMERecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# iA5StringSyntax +# ::= {pilotAttributeType 31} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.27. Associated Domain +# +# The Associated Domain attribute type specifies a DNS or NRS domain +# which is associated with an object in the DIT. For example, the entry +# in the DIT with a distinguished name "C=GB, O=University College +# London" would have an associated domain of "UCL.AC.UK. Note that all +# domains should be represented in rfc822 order. See [3] for more +# details of usage of this attribute. +# +# associatedDomain ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# ::= {pilotAttributeType 37} +# +#attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' +# EQUALITY caseIgnoreIA5Match +# SUBSTR caseIgnoreIA5SubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.28. Associated Name +# +# The Associated Name attribute type specifies an entry in the +# organisational DIT associated with a DNS/NRS domain. See [3] for +# more details of usage of this attribute. +# +# associatedName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 38} +# +attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' + DESC 'RFC1274: DN of entry associated with domain' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.29. Home postal address +# +# The Home postal address attribute type specifies a home postal +# address for an object. This should be limited to up to 6 lines of 30 +# characters each. +# +# homePostalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# postalAddress +# MATCHES FOR EQUALITY +# ::= {pilotAttributeType 39} +# +attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' + DESC 'RFC1274: home postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +# 9.3.30. Personal Title +# +# The Personal Title attribute type specifies a personal title for a +# person. Examples of personal titles are "Ms", "Dr", "Prof" and "Rev". +# +# personalTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-personal-title)) +# ::= {pilotAttributeType 40} +# +attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' + DESC 'RFC1274: personal title' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.31. Mobile Telephone Number +# +# The Mobile Telephone Number attribute type specifies a mobile +# telephone number associated with a person. Attribute values should +# follow the agreed format for international telephone numbers: i.e., +# "+44 71 123 4567". +# +# mobileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 41} +# +attributetype ( 0.9.2342.19200300.100.1.41 + NAME ( 'mobile' 'mobileTelephoneNumber' ) + DESC 'RFC1274: mobile telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.32. Pager Telephone Number +# +# The Pager Telephone Number attribute type specifies a pager telephone +# number for an object. Attribute values should follow the agreed +# format for international telephone numbers: i.e., "+44 71 123 4567". +# +# pagerTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 42} +# +attributetype ( 0.9.2342.19200300.100.1.42 + NAME ( 'pager' 'pagerTelephoneNumber' ) + DESC 'RFC1274: pager telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.33. Friendly Country Name +# +# The Friendly Country Name attribute type specifies names of countries +# in human readable format. The standard attribute country name must +# be one of the two-letter codes defined in ISO 3166. +# +# friendlyCountryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# ::= {pilotAttributeType 43} +# +attributetype ( 0.9.2342.19200300.100.1.43 + NAME ( 'co' 'friendlyCountryName' ) + DESC 'RFC1274: friendly country name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 9.3.34. Unique Identifier +# +# The Unique Identifier attribute type specifies a "unique identifier" +# for an object represented in the Directory. The domain within which +# the identifier is unique, and the exact semantics of the identifier, +# are for local definition. For a person, this might be an +# institution-wide payroll number. For an organisational unit, it +# might be a department code. +# +# uniqueIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-unique-identifier)) +# ::= {pilotAttributeType 44} +# +attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' + DESC 'RFC1274: unique identifer' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.35. Organisational Status +# +# The Organisational Status attribute type specifies a category by +# which a person is often referred to in an organisation. Examples of +# usage in academia might include undergraduate student, researcher, +# lecturer, etc. +# +# A Directory administrator should probably consider carefully the +# distinctions between this and the title and userClass attributes. +# +# organizationalStatus ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-organizational-status)) +# ::= {pilotAttributeType 45} +# +attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' + DESC 'RFC1274: organizational status' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.36. Janet Mailbox +# +# The Janet Mailbox attribute type specifies an electronic mailbox +# attribute following the syntax specified in the Grey Book of the +# Coloured Book series. This attribute is intended for the convenience +# of U.K users unfamiliar with rfc822 and little-endian mail addresses. +# Entries using this attribute MUST also include an rfc822Mailbox +# attribute. +# +# janetMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-janet-mailbox)) +# ::= {pilotAttributeType 46} +# +attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' + DESC 'RFC1274: Janet mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# 9.3.37. Mail Preference Option +# +# An attribute to allow users to indicate a preference for inclusion of +# their names on mailing lists (electronic or physical). The absence +# of such an attribute should be interpreted as if the attribute was +# present with value "no-list-inclusion". This attribute should be +# interpreted by anyone using the directory to derive mailing lists, +# and its value respected. +# +# mailPreferenceOption ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX ENUMERATED { +# no-list-inclusion(0), +# any-list-inclusion(1), -- may be added to any lists +# professional-list-inclusion(2) +# -- may be added to lists +# -- which the list provider +# -- views as related to the +# -- users professional inter- +# -- ests, perhaps evaluated +# -- from the business of the +# -- organisation or keywords +# -- in the entry. +# } +# ::= {pilotAttributeType 47} +# +attributetype ( 0.9.2342.19200300.100.1.47 + NAME 'mailPreferenceOption' + DESC 'RFC1274: mail preference option' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +# 9.3.38. Building Name +# +# The Building Name attribute type specifies the name of the building +# where an organisation or organisational unit is based. +# +# buildingName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-building-name)) +# ::= {pilotAttributeType 48} +# +attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' + DESC 'RFC1274: name of building' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.39. DSA Quality +# +# The DSA Quality attribute type specifies the purported quality of a +# DSA. It allows a DSA manager to indicate the expected level of +# availability of the DSA. See [8] for details of the syntax. +# +# dSAQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 49} +# +attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' + DESC 'RFC1274: DSA Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) + +# 9.3.40. Single Level Quality +# +# The Single Level Quality attribute type specifies the purported data +# quality at the level immediately below in the DIT. See [8] for +# details of the syntax. +# +# singleLevelQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 50} +# +attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' + DESC 'RFC1274: Single Level Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.41. Subtree Minimum Quality +# +# The Subtree Minimum Quality attribute type specifies the purported +# minimum data quality for a DIT subtree. See [8] for more discussion +# and details of the syntax. +# +# subtreeMinimumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 51} +# +attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality' + DESC 'RFC1274: Subtree Mininum Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.42. Subtree Maximum Quality +# +# The Subtree Maximum Quality attribute type specifies the purported +# maximum data quality for a DIT subtree. See [8] for more discussion +# and details of the syntax. +# +# subtreeMaximumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 52} +# +attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality' + DESC 'RFC1274: Subtree Maximun Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.43. Personal Signature +# +# The Personal Signature attribute type allows for a representation of +# a person's signature. This should be encoded in G3 fax as explained +# in recommendation T.4, with an ASN.1 wrapper to make it compatible +# with an X.400 BodyPart as defined in X.420. +# +# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules +# information-objects } +# +# personalSignature ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-personal-signature)) +# ::= {pilotAttributeType 53} +# +attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' + DESC 'RFC1274: Personal Signature (G3 fax)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 ) + +# 9.3.44. DIT Redirect +# +# The DIT Redirect attribute type is used to indicate that the object +# described by one entry now has a newer entry in the DIT. The entry +# containing the redirection attribute should be expired after a +# suitable grace period. This attribute may be used when an individual +# changes his/her place of work, and thus acquires a new organisational +# DN. +# +# dITRedirect ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 54} +# +attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' + DESC 'RFC1274: DIT Redirect' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.45. Audio +# +# The Audio attribute type allows the storing of sounds in the +# Directory. The attribute uses a u-law encoded sound file as used by +# the "play" utility on a Sun 4. This is an interim format. +# +# audio ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# Audio +# (SIZE (1 .. ub-audio)) +# ::= {pilotAttributeType 55} +# +attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' + DESC 'RFC1274: audio (u-law)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) + +# 9.3.46. Publisher of Document +# +# +# The Publisher of Document attribute is the person and/or organization +# that published a document. +# +# documentPublisher ATTRIBUTE +# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax +# ::= {pilotAttributeType 56} +# +attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' + DESC 'RFC1274: publisher of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 9.4. Generally useful syntaxes +# +# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# iA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# -- Syntaxes to support the DNS attributes +# +# DNSRecordSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY +# +# +# NRSInformationSyntax ATTRIBUTE-SYNTAX +# NRSInformation +# MATCHES FOR EQUALITY +# +# +# NRSInformation ::= SET { +# [0] Context, +# [1] Address-space-id, +# routes [2] SEQUENCE OF SEQUENCE { +# Route-cost, +# Addressing-info } +# } +# +# +# 9.5. Upper bounds on length of attribute values +# +# +# ub-document-identifier INTEGER ::= 256 +# +# ub-document-location INTEGER ::= 256 +# +# ub-document-title INTEGER ::= 256 +# +# ub-document-version INTEGER ::= 256 +# +# ub-favourite-drink INTEGER ::= 256 +# +# ub-host INTEGER ::= 256 +# +# ub-information INTEGER ::= 2048 +# +# ub-unique-identifier INTEGER ::= 256 +# +# ub-personal-title INTEGER ::= 256 +# +# ub-photo INTEGER ::= 250000 +# +# ub-rfc822-mailbox INTEGER ::= 256 +# +# ub-room-number INTEGER ::= 256 +# +# ub-text-or-address INTEGER ::= 256 +# +# ub-user-class INTEGER ::= 256 +# +# ub-user-identifier INTEGER ::= 256 +# +# ub-organizational-status INTEGER ::= 256 +# +# ub-janet-mailbox INTEGER ::= 256 +# +# ub-building-name INTEGER ::= 256 +# +# ub-personal-signature ::= 50000 +# +# ub-audio INTEGER ::= 250000 +# + +# [back to 8] +# 8. Object Classes +# +# 8.1. X.500 standard object classes +# +# A number of generally useful object classes are defined in X.521, and +# these are supported. Refer to that document for descriptions of the +# suggested usage of these object classes. The ASN.1 for these object +# classes is reproduced for completeness in Appendix C. +# +# 8.2. X.400 standard object classes +# +# A number of object classes defined in X.400 are supported. Refer to +# X.402 for descriptions of the usage of these object classes. The +# ASN.1 for these object classes is reproduced for completeness in +# Appendix C. +# +# 8.3. COSINE/Internet object classes +# +# This section attempts to fuse together the object classes designed +# for use in the COSINE and Internet pilot activities. Descriptions +# are given of the suggested usage of these object classes. The ASN.1 +# for these object classes is also reproduced in Appendix C. +# +# 8.3.1. Pilot Object +# +# The PilotObject object class is used as a sub-class to allow some +# common, useful attributes to be assigned to entries of all other +# object classes. +# +# pilotObject OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# info, +# photo, +# manager, +# uniqueIdentifier, +# lastModifiedTime, +# lastModifiedBy, +# dITRedirect, +# audio} +# ::= {pilotObjectClass 3} +# +#objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' +# DESC 'RFC1274: pilot object' +# SUP top AUXILIARY +# MAY ( info $ photo $ manager $ uniqueIdentifier $ +# lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio ) +# ) + +# 8.3.2. Pilot Person +# +# The PilotPerson object class is used as a sub-class of person, to +# allow the use of a number of additional attributes to be assigned to +# entries of object class person. +# +# pilotPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# userid, +# textEncodedORAddress, +# rfc822Mailbox, +# favouriteDrink, +# roomNumber, +# userClass, +# homeTelephoneNumber, +# homePostalAddress, +# secretary, +# personalTitle, +# preferredDeliveryMethod, +# businessCategory, +# janetMailbox, +# otherMailbox, +# mobileTelephoneNumber, +# pagerTelephoneNumber, +# organizationalStatus, +# mailPreferenceOption, +# personalSignature} +# ::= {pilotObjectClass 4} +# +objectclass ( 0.9.2342.19200300.100.4.4 + NAME ( 'pilotPerson' 'newPilotPerson' ) + SUP person STRUCTURAL + MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $ + favouriteDrink $ roomNumber $ userClass $ + homeTelephoneNumber $ homePostalAddress $ secretary $ + personalTitle $ preferredDeliveryMethod $ businessCategory $ + janetMailbox $ otherMailbox $ mobileTelephoneNumber $ + pagerTelephoneNumber $ organizationalStatus $ + mailPreferenceOption $ personalSignature ) + ) + +# 8.3.3. Account +# +# The Account object class is used to define entries representing +# computer accounts. The userid attribute should be used for naming +# entries of this object class. +# +# account OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userid} +# MAY CONTAIN { +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# host} +# ::= {pilotObjectClass 5} +# +objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' + SUP top STRUCTURAL + MUST userid + MAY ( description $ seeAlso $ localityName $ + organizationName $ organizationalUnitName $ host ) + ) + +# 8.3.4. Document +# +# The Document object class is used to define entries which represent +# documents. +# +# document OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# documentIdentifier} +# MAY CONTAIN { +# commonName, +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# documentTitle, +# documentVersion, +# documentAuthor, +# documentLocation, +# documentPublisher} +# ::= {pilotObjectClass 6} +# +objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' + SUP top STRUCTURAL + MUST documentIdentifier + MAY ( commonName $ description $ seeAlso $ localityName $ + organizationName $ organizationalUnitName $ + documentTitle $ documentVersion $ documentAuthor $ + documentLocation $ documentPublisher ) + ) + +# 8.3.5. Room +# +# The Room object class is used to define entries representing rooms. +# The commonName attribute should be used for naming pentries of this +# object class. +# +# room OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# roomNumber, +# description, +# seeAlso, +# telephoneNumber} +# ::= {pilotObjectClass 7} +# +objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' + SUP top STRUCTURAL + MUST commonName + MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) + ) + +# 8.3.6. Document Series +# +# The Document Series object class is used to define an entry which +# represents a series of documents (e.g., The Request For Comments +# papers). +# +# documentSeries OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# localityName, +# organizationName, +# organizationalUnitName} +# ::= {pilotObjectClass 9} +# +objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' + SUP top STRUCTURAL + MUST commonName + MAY ( description $ seeAlso $ telephonenumber $ + localityName $ organizationName $ organizationalUnitName ) + ) + +# 8.3.7. Domain +# +# The Domain object class is used to define entries which represent DNS +# or NRS domains. The domainComponent attribute should be used for +# naming entries of this object class. The usage of this object class +# is described in more detail in [3]. +# +# domain OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# domainComponent} +# MAY CONTAIN { +# associatedName, +# organizationName, +# organizationalAttributeSet} +# ::= {pilotObjectClass 13} +# +objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' + SUP top STRUCTURAL + MUST domainComponent + MAY ( associatedName $ organizationName $ description $ + businessCategory $ seeAlso $ searchGuide $ userPassword $ + localityName $ stateOrProvinceName $ streetAddress $ + physicalDeliveryOfficeName $ postalAddress $ postalCode $ + postOfficeBox $ streetAddress $ + facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ + preferredDeliveryMethod $ destinationIndicator $ + registeredAddress $ x121Address ) + ) + +# 8.3.8. RFC822 Local Part +# +# The RFC822 Local Part object class is used to define entries which +# represent the local part of RFC822 mail addresses. This treats this +# part of an RFC822 address as a domain. The usage of this object +# class is described in more detail in [3]. +# +# rFC822localPart OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# commonName, +# surname, +# description, +# seeAlso, +# telephoneNumber, +# postalAttributeSet, +# telecommunicationAttributeSet} +# ::= {pilotObjectClass 14} +# +objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' + SUP domain STRUCTURAL + MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $ + physicalDeliveryOfficeName $ postalAddress $ postalCode $ + postOfficeBox $ streetAddress $ + facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ + telexNumber $ preferredDeliveryMethod $ destinationIndicator $ + registeredAddress $ x121Address ) + ) + +# 8.3.9. DNS Domain +# +# The DNS Domain (Domain NameServer) object class is used to define +# entries for DNS domains. The usage of this object class is described +# in more detail in [3]. +# +# dNSDomain OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# ARecord, +# MDRecord, +# MXRecord, +# NSRecord, +# SOARecord, +# CNAMERecord} +# ::= {pilotObjectClass 15} +# +objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' + SUP domain STRUCTURAL + MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ + SOARecord $ CNAMERecord ) + ) + +# 8.3.10. Domain Related Object +# +# The Domain Related Object object class is used to define entries +# which represent DNS/NRS domains which are "equivalent" to an X.500 +# domain: e.g., an organisation or organisational unit. The usage of +# this object class is described in more detail in [3]. +# +# domainRelatedObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# associatedDomain} +# ::= {pilotObjectClass 17} +# +objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' + DESC 'RFC1274: an object related to an domain' + SUP top AUXILIARY + MUST associatedDomain ) + +# 8.3.11. Friendly Country +# +# The Friendly Country object class is used to define country entries +# in the DIT. The object class is used to allow friendlier naming of +# countries than that allowed by the object class country. The naming +# attribute of object class country, countryName, has to be a 2 letter +# string defined in ISO 3166. +# +# friendlyCountry OBJECT-CLASS +# SUBCLASS OF country +# MUST CONTAIN { +# friendlyCountryName} +# ::= {pilotObjectClass 18} +# +objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' + SUP country STRUCTURAL + MUST friendlyCountryName ) + +# 8.3.12. Simple Security Object +# +# The Simple Security Object object class is used to allow an entry to +# have a userPassword attribute when an entry's principal object +# classes do not allow userPassword as an attribute type. +# +# simpleSecurityObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userPassword } +# ::= {pilotObjectClass 19} +# +## (in core.schema) +## objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' +## SUP top AUXILIARY +## MUST userPassword ) + +# 8.3.13. Pilot Organization +# +# The PilotOrganization object class is used as a sub-class of +# organization and organizationalUnit to allow a number of additional +# attributes to be assigned to entries of object classes organization +# and organizationalUnit. +# +# pilotOrganization OBJECT-CLASS +# SUBCLASS OF organization, organizationalUnit +# MAY CONTAIN { +# buildingName} +# ::= {pilotObjectClass 20} +# +objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' + SUP ( organization $ organizationalUnit ) STRUCTURAL + MAY buildingName ) + +# 8.3.14. Pilot DSA +# +# The PilotDSA object class is used as a sub-class of the dsa object +# class to allow additional attributes to be assigned to entries for +# DSAs. +# +# pilotDSA OBJECT-CLASS +# SUBCLASS OF dsa +# MUST CONTAIN { +# dSAQuality} +# ::= {pilotObjectClass 21} +# +objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' + SUP dsa STRUCTURAL + MAY dSAQuality ) + +# 8.3.15. Quality Labelled Data +# +# The Quality Labelled Data object class is used to allow the +# assignment of the data quality attributes to subtrees in the DIT. +# +# See [8] for more details. +# +# qualityLabelledData OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# dSAQuality} +# MAY CONTAIN { +# subtreeMinimumQuality, +# subtreeMaximumQuality} +# ::= {pilotObjectClass 22} +objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' + SUP top AUXILIARY + MUST dsaQuality + MAY ( subtreeMinimumQuality $ subtreeMaximumQuality ) + ) + + +# References +# +# [1] CCITT/ISO, "X.500, The Directory - overview of concepts, +# models and services, CCITT /ISO IS 9594. +# +# [2] Kille, S., "The THORN and RARE X.500 Naming Architecture, in +# University College London, Department of Computer Science +# Research Note 89/48, May 1989. +# +# [3] Kille, S., "X.500 and Domains", RFC 1279, University College +# London, November 1991. +# +# [4] Rose, M., "PSI/NYSERNet White Pages Pilot Project: Status +# Report", Technical Report 90-09-10-1, published by NYSERNet +# Inc, 1990. +# +# [5] Craigie, J., "UK Academic Community Directory Service Pilot +# Project, pp. 305-310 in Computer Networks and ISDN Systems +# 17 (1989), published by North Holland. +# +# [6] Mockapetris, P., "Domain Names - Concepts and Facilities", +# RFC 1034, USC/Information Sciences Institute, November 1987. +# +# [7] Mockapetris, P., "Domain Names - Implementation and +# Specification, RFC 1035, USC/Information Sciences Institute, +# November 1987. +# +# [8] Kille, S., "Handling QOS (Quality of service) in the +# Directory," publication in process, March 1991. +# +# +# APPENDIX C - Summary of all Object Classes and Attribute Types +# +# -- Some Important Object Identifiers +# +# data OBJECT IDENTIFIER ::= {ccitt 9} +# pss OBJECT IDENTIFIER ::= {data 2342} +# ucl OBJECT IDENTIFIER ::= {pss 19200300} +# pilot OBJECT IDENTIFIER ::= {ucl 100} +# +# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1} +# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3} +# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4} +# pilotGroups OBJECT IDENTIFIER ::= {pilot 10} +# +# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4} +# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::= +# {pilotAttributeSyntax 5} +# +# -- Standard Object Classes +# +# top OBJECT-CLASS +# MUST CONTAIN { +# objectClass} +# ::= {objectClass 0} +# +# +# alias OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# aliasedObjectName} +# ::= {objectClass 1} +# +# +# country OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# countryName} +# MAY CONTAIN { +# description, +# searchGuide} +# ::= {objectClass 2} +# +# +# locality OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# description, +# localityName, +# stateOrProvinceName, +# searchGuide, +# seeAlso, +# streetAddress} +# ::= {objectClass 3} +# +# +# organization OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# organizationName} +# MAY CONTAIN { +# organizationalAttributeSet} +# ::= {objectClass 4} +# +# +# organizationalUnit OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# organizationalUnitName} +# MAY CONTAIN { +# organizationalAttributeSet} +# ::= {objectClass 5} +# +# +# person OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# surname} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# userPassword} +# ::= {objectClass 6} +# +# +# organizationalPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# localeAttributeSet, +# organizationalUnitName, +# postalAttributeSet, +# telecommunicationAttributeSet, +# title} +# ::= {objectClass 7} +# +# +# organizationalRole OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localeAttributeSet, +# organizationalUnitName, +# postalAttributeSet, +# preferredDeliveryMethod, +# roleOccupant, +# seeAlso, +# telecommunicationAttributeSet} +# ::= {objectClass 8} +# +# +# groupOfNames OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# member} +# MAY CONTAIN { +# description, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# businessCategory} +# ::= {objectClass 9} +# +# +# residentialPerson OBJECT-CLASS +# SUBCLASS OF person +# MUST CONTAIN { +# localityName} +# MAY CONTAIN { +# localeAttributeSet, +# postalAttributeSet, +# preferredDeliveryMethod, +# telecommunicationAttributeSet, +# businessCategory} +# ::= {objectClass 10} +# +# +# applicationProcess OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localityName, +# organizationalUnitName, +# seeAlso} +# ::= {objectClass 11} +# +# +# applicationEntity OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# presentationAddress} +# MAY CONTAIN { +# description, +# localityName, +# organizationName, +# organizationalUnitName, +# seeAlso, +# supportedApplicationContext} +# ::= {objectClass 12} +# +# +# dSA OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# knowledgeInformation} +# ::= {objectClass 13} +# +# +# device OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localityName, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# serialNumber} +# ::= {objectClass 14} +# +# +# strongAuthenticationUser OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userCertificate} +# ::= {objectClass 15} +# +# +# certificationAuthority OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# cACertificate, +# certificateRevocationList, +# authorityRevocationList} +# MAY CONTAIN { +# crossCertificatePair} +# ::= {objectClass 16} +# +# -- Standard MHS Object Classes +# +# mhsDistributionList OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# mhsDLSubmitPermissions, +# mhsORAddresses} +# MAY CONTAIN { +# description, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# mhsDeliverableContentTypes, +# mhsdeliverableEits, +# mhsDLMembers, +# mhsPreferredDeliveryMethods} +# ::= {mhsObjectClass 0} +# +# +# mhsMessageStore OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# description, +# owner, +# mhsSupportedOptionalAttributes, +# mhsSupportedAutomaticActions, +# mhsSupportedContentTypes} +# ::= {mhsObjectClass 1} +# +# +# mhsMessageTransferAgent OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# description, +# owner, +# mhsDeliverableContentLength} +# ::= {mhsObjectClass 2} +# +# +# mhsOrganizationalUser OBJECT-CLASS +# SUBCLASS OF organizationalPerson +# MUST CONTAIN { +# mhsORAddresses} +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsMessageStoreName, +# mhsPreferredDeliveryMethods } +# ::= {mhsObjectClass 3} +# +# +# mhsResidentialUser OBJECT-CLASS +# SUBCLASS OF residentialPerson +# MUST CONTAIN { +# mhsORAddresses} +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsMessageStoreName, +# mhsPreferredDeliveryMethods } +# ::= {mhsObjectClass 4} +# +# +# mhsUserAgent OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsORAddresses, +# owner} +# ::= {mhsObjectClass 5} +# +# +# +# +# -- Pilot Object Classes +# +# pilotObject OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# info, +# photo, +# manager, +# uniqueIdentifier, +# lastModifiedTime, +# lastModifiedBy, +# dITRedirect, +# audio} +# ::= {pilotObjectClass 3} +# pilotPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# userid, +# textEncodedORAddress, +# rfc822Mailbox, +# favouriteDrink, +# roomNumber, +# userClass, +# homeTelephoneNumber, +# homePostalAddress, +# secretary, +# personalTitle, +# preferredDeliveryMethod, +# businessCategory, +# janetMailbox, +# otherMailbox, +# mobileTelephoneNumber, +# pagerTelephoneNumber, +# organizationalStatus, +# mailPreferenceOption, +# personalSignature} +# ::= {pilotObjectClass 4} +# +# +# account OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userid} +# MAY CONTAIN { +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# host} +# ::= {pilotObjectClass 5} +# +# +# document OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# documentIdentifier} +# MAY CONTAIN { +# commonName, +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# documentTitle, +# documentVersion, +# documentAuthor, +# documentLocation, +# documentPublisher} +# ::= {pilotObjectClass 6} +# +# +# room OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# roomNumber, +# description, +# seeAlso, +# telephoneNumber} +# ::= {pilotObjectClass 7} +# +# +# documentSeries OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# localityName, +# organizationName, +# organizationalUnitName} +# ::= {pilotObjectClass 9} +# +# +# domain OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# domainComponent} +# MAY CONTAIN { +# associatedName, +# organizationName, +# organizationalAttributeSet} +# ::= {pilotObjectClass 13} +# +# +# rFC822localPart OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# commonName, +# surname, +# description, +# seeAlso, +# telephoneNumber, +# postalAttributeSet, +# telecommunicationAttributeSet} +# ::= {pilotObjectClass 14} +# +# +# dNSDomain OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# ARecord, +# MDRecord, +# MXRecord, +# NSRecord, +# SOARecord, +# CNAMERecord} +# ::= {pilotObjectClass 15} +# +# +# domainRelatedObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# associatedDomain} +# ::= {pilotObjectClass 17} +# +# +# friendlyCountry OBJECT-CLASS +# SUBCLASS OF country +# MUST CONTAIN { +# friendlyCountryName} +# ::= {pilotObjectClass 18} +# +# +# simpleSecurityObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userPassword } +# ::= {pilotObjectClass 19} +# +# +# pilotOrganization OBJECT-CLASS +# SUBCLASS OF organization, organizationalUnit +# MAY CONTAIN { +# buildingName} +# ::= {pilotObjectClass 20} +# +# +# pilotDSA OBJECT-CLASS +# SUBCLASS OF dsa +# MUST CONTAIN { +# dSAQuality} +# ::= {pilotObjectClass 21} +# +# +# qualityLabelledData OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# dSAQuality} +# MAY CONTAIN { +# subtreeMinimumQuality, +# subtreeMaximumQuality} +# ::= {pilotObjectClass 22} +# +# +# +# +# -- Standard Attribute Types +# +# objectClass ObjectClass +# ::= {attributeType 0} +# +# +# aliasedObjectName AliasedObjectName +# ::= {attributeType 1} +# +# +# knowledgeInformation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreString +# ::= {attributeType 2} +# +# +# commonName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-common-name)) +# ::= {attributeType 3} +# +# +# surname ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-surname)) +# ::= {attributeType 4} +# +# +# serialNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX printableStringSyntax +# (SIZE (1..ub-serial-number)) +# ::= {attributeType 5} +# +# +# countryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PrintableString +# (SIZE (1..ub-country-code)) +# SINGLE VALUE +# ::= {attributeType 6} +# +# +# localityName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-locality-name)) +# ::= {attributeType 7} +# +# +# stateOrProvinceName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-state-name)) +# ::= {attributeType 8} +# +# +# streetAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-street-address)) +# ::= {attributeType 9} +# +# +# organizationName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-organization-name)) +# ::= {attributeType 10} +# +# +# organizationalUnitName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-organizational-unit-name)) +# ::= {attributeType 11} +# +# +# title ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-title)) +# ::= {attributeType 12} +# +# +# description ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-description)) +# ::= {attributeType 13} +# +# +# searchGuide ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX Guide +# ::= {attributeType 14} +# +# +# businessCategory ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-business-category)) +# ::= {attributeType 15} +# +# +# postalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PostalAddress +# MATCHES FOR EQUALITY +# ::= {attributeType 16} +# +# +# postalCode ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-postal-code)) +# ::= {attributeType 17} +# +# +# postOfficeBox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-post-office-box)) +# ::= {attributeType 18} +# +# +# physicalDeliveryOfficeName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-physical-office-name)) +# ::= {attributeType 19} +# +# +# telephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX telephoneNumberSyntax +# (SIZE (1..ub-telephone-number)) +# ::= {attributeType 20} +# +# +# telexNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX TelexNumber +# (SIZE (1..ub-telex)) +# ::= {attributeType 21} +# +# +# teletexTerminalIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX TeletexTerminalIdentifier +# (SIZE (1..ub-teletex-terminal-id)) +# ::= {attributeType 22} +# +# +# facsimileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX FacsimileTelephoneNumber +# ::= {attributeType 23} +# +# +# x121Address ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX NumericString +# (SIZE (1..ub-x121-address)) +# ::= {attributeType 24} +# +# +# internationaliSDNNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX NumericString +# (SIZE (1..ub-isdn-address)) +# ::= {attributeType 25} +# +# +# registeredAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PostalAddress +# ::= {attributeType 26} +# +# +# destinationIndicator ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PrintableString +# (SIZE (1..ub-destination-indicator)) +# MATCHES FOR EQUALITY SUBSTRINGS +# ::= {attributeType 27} +# +# +# preferredDeliveryMethod ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX deliveryMethod +# ::= {attributeType 28} +# +# +# presentationAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PresentationAddress +# MATCHES FOR EQUALITY +# ::= {attributeType 29} +# +# +# supportedApplicationContext ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX objectIdentifierSyntax +# ::= {attributeType 30} +# +# +# member ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 31} +# +# +# owner ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 32} +# +# +# roleOccupant ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 33} +# +# +# seeAlso ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 34} +# +# +# userPassword ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX Userpassword +# ::= {attributeType 35} +# +# +# userCertificate ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX UserCertificate +# ::= {attributeType 36} +# +# +# cACertificate ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX cACertificate +# ::= {attributeType 37} +# +# +# authorityRevocationList ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX AuthorityRevocationList +# ::= {attributeType 38} +# +# +# certificateRevocationList ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX CertificateRevocationList +# ::= {attributeType 39} +# +# +# crossCertificatePair ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX CrossCertificatePair +# ::= {attributeType 40} +# +# +# +# +# -- Standard MHS Attribute Types +# +# mhsDeliverableContentLength ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX integer +# ::= {mhsAttributeType 0} +# +# +# mhsDeliverableContentTypes ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 1} +# +# +# mhsDeliverableEits ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 2} +# +# +# mhsDLMembers ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oRName +# ::= {mhsAttributeType 3} +# +# +# mhsDLSubmitPermissions ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX dLSubmitPermission +# ::= {mhsAttributeType 4} +# +# +# mhsMessageStoreName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX dN +# ::= {mhsAttributeType 5} +# +# +# mhsORAddresses ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oRAddress +# ::= {mhsAttributeType 6} +# +# +# mhsPreferredDeliveryMethods ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX deliveryMethod +# ::= {mhsAttributeType 7} +# +# +# mhsSupportedAutomaticActions ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 8} +# +# +# mhsSupportedContentTypes ATTRIBUTE +# +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 9} +# +# +# mhsSupportedOptionalAttributes ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 10} +# +# +# +# +# -- Pilot Attribute Types +# +# userid ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-identifier)) +# ::= {pilotAttributeType 1} +# +# +# textEncodedORAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-text-encoded-or-address)) +# ::= {pilotAttributeType 2} +# +# +# rfc822Mailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-rfc822-mailbox)) +# ::= {pilotAttributeType 3} +# +# +# info ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-information)) +# ::= {pilotAttributeType 4} +# +# +# favouriteDrink ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-favourite-drink)) +# ::= {pilotAttributeType 5} +# +# +# roomNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-room-number)) +# ::= {pilotAttributeType 6} +# +# +# photo ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-photo)) +# ::= {pilotAttributeType 7} +# +# +# userClass ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-class)) +# ::= {pilotAttributeType 8} +# +# +# host ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-host)) +# ::= {pilotAttributeType 9} +# +# +# manager ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 10} +# +# +# documentIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-identifier)) +# ::= {pilotAttributeType 11} +# +# +# documentTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-title)) +# ::= {pilotAttributeType 12} +# +# +# documentVersion ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-version)) +# ::= {pilotAttributeType 13} +# +# +# documentAuthor ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 14} +# +# +# documentLocation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-location)) +# ::= {pilotAttributeType 15} +# +# +# homeTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 20} +# +# +# secretary ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 21} +# +# +# otherMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# SEQUENCE { +# mailboxType PrintableString, -- e.g. Telemail +# mailbox IA5String -- e.g. X378:Joe +# } +# ::= {pilotAttributeType 22} +# +# +# lastModifiedTime ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# uTCTimeSyntax +# ::= {pilotAttributeType 23} +# +# +# lastModifiedBy ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 24} +# +# +# domainComponent ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# SINGLE VALUE +# ::= {pilotAttributeType 25} +# +# +# aRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 26} +# +# +# mXRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 28} +# +# +# nSRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 29} +# +# sOARecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 30} +# +# +# cNAMERecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# iA5StringSyntax +# ::= {pilotAttributeType 31} +# +# +# associatedDomain ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# ::= {pilotAttributeType 37} +# +# +# associatedName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 38} +# +# +# homePostalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# postalAddress +# MATCHES FOR EQUALITY +# ::= {pilotAttributeType 39} +# +# +# personalTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-personal-title)) +# ::= {pilotAttributeType 40} +# +# +# mobileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 41} +# +# +# pagerTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 42} +# +# +# friendlyCountryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# ::= {pilotAttributeType 43} +# +# +# uniqueIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-unique-identifier)) +# ::= {pilotAttributeType 44} +# +# +# organizationalStatus ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-organizational-status)) +# ::= {pilotAttributeType 45} +# +# +# janetMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-janet-mailbox)) +# ::= {pilotAttributeType 46} +# +# +# mailPreferenceOption ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX ENUMERATED { +# no-list-inclusion(0), +# any-list-inclusion(1), -- may be added to any lists +# professional-list-inclusion(2) +# -- may be added to lists +# -- which the list provider +# -- views as related to the +# -- users professional inter- +# -- ests, perhaps evaluated +# -- from the business of the +# -- organisation or keywords +# -- in the entry. +# } +# ::= {pilotAttributeType 47} +# +# +# buildingName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-building-name)) +# ::= {pilotAttributeType 48} +# +# +# dSAQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 49} +# +# +# singleLevelQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# +# +# subtreeMinimumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 51} +# +# +# subtreeMaximumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 52} +# +# +# personalSignature ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-personal-signature)) +# ::= {pilotAttributeType 53} +# +# +# dITRedirect ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 54} +# +# +# audio ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# Audio +# (SIZE (1 .. ub-audio)) +# ::= {pilotAttributeType 55} +# +# documentPublisher ATTRIBUTE +# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax +# ::= {pilotAttributeType 56} +# +# +# +# -- Generally useful syntaxes +# +# +# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# iA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# -- Syntaxes to support the DNS attributes +# +# DNSRecordSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY +# +# +# NRSInformationSyntax ATTRIBUTE-SYNTAX +# NRSInformation +# MATCHES FOR EQUALITY +# +# +# NRSInformation ::= SET { +# [0] Context, +# [1] Address-space-id, +# routes [2] SEQUENCE OF SEQUENCE { +# Route-cost, +# Addressing-info } +# } +# +# +# -- Upper bounds on length of attribute values +# +# +# ub-document-identifier INTEGER ::= 256 +# +# ub-document-location INTEGER ::= 256 +# +# ub-document-title INTEGER ::= 256 +# +# ub-document-version INTEGER ::= 256 +# +# ub-favourite-drink INTEGER ::= 256 +# +# ub-host INTEGER ::= 256 +# +# ub-information INTEGER ::= 2048 +# +# ub-unique-identifier INTEGER ::= 256 +# +# ub-personal-title INTEGER ::= 256 +# +# ub-photo INTEGER ::= 250000 +# +# ub-rfc822-mailbox INTEGER ::= 256 +# +# ub-room-number INTEGER ::= 256 +# +# ub-text-or-address INTEGER ::= 256 +# +# ub-user-class INTEGER ::= 256 +# +# ub-user-identifier INTEGER ::= 256 +# +# ub-organizational-status INTEGER ::= 256 +# +# ub-janet-mailbox INTEGER ::= 256 +# +# ub-building-name INTEGER ::= 256 +# +# ub-personal-signature ::= 50000 +# +# ub-audio INTEGER ::= 250000 +# +# [remainder of memo trimmed] + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.5 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.6 2011/01/04 23:50:51 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/duaconf.schema,v b/config-archive/etc/openldap/schema/duaconf.schema,v new file mode 100644 index 0000000..9dde6c6 --- /dev/null +++ b/config-archive/etc/openldap/schema/duaconf.schema,v @@ -0,0 +1,344 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/duaconf.schema,v 1.5.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# DUA schema from draft-joslin-config-schema (a work in progress) + +# Contents of this file are subject to change (including deletion) +# without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +## Notes: +## - The matching rule for attributes followReferrals and dereferenceAliases +## has been changed to booleanMatch since their syntax is boolean +## - There was a typo in the name of the dereferenceAliases attributeType +## in the DUAConfigProfile objectClass definition +## - Credit goes to the original Authors + +# +# Application Working Group M. Ansari +# INTERNET-DRAFT Sun Microsystems, Inc. +# Expires Febuary 2003 L. Howard +# PADL Software Pty. Ltd. +# B. Joslin [ed.] +# Hewlett-Packard Company +# +# September 15th, 2003 +# Intended Category: Informational +# +# +# A Configuration Schema for LDAP Based +# Directory User Agents +# +# +#Status of this Memo +# +# This memo provides information for the Internet community. This +# memo does not specify an Internet standard of any kind. Distribu- +# tion of this memo is unlimited. +# +# This document is an Internet-Draft and is in full conformance with +# all provisions of Section 10 of RFC2026. +# +# This document is an Internet-Draft. Internet-Drafts are working +# documents of the Internet Engineering Task Force (IETF), its areas, +# and its working groups. Note that other groups may also distribute +# working documents as Internet-Drafts. +# +# Internet-Drafts are draft documents valid for a maximum of six +# months. Internet-Drafts may be updated, replaced, or made obsolete +# by other documents at any time. It is not appropriate to use +# Internet-Drafts as reference material or to cite them other than as +# a "working draft" or "work in progress". +# +# To learn the current status of any Internet-Draft, please check the +# 1id-abstracts.txt listing contained in the Internet-Drafts Shadow +# Directories on ds.internic.net (US East Coast), nic.nordu.net +# (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific +# Rim). +# +# Distribution of this document is unlimited. +# +# +# Abstract +# +# This document describes a mechanism for global configuration of +# similar directory user agents. This document defines a schema for +# configuration of these DUAs that may be discovered using the Light- +# weight Directory Access Protocol in RFC 2251[17]. A set of attri- +# bute types and an objectclass are proposed, along with specific +# guidelines for interpreting them. A significant feature of the +# global configuration policy for DUAs is a mechanism that allows +# DUAs to re-configure their schema to that of the end user's +# environment. This configuration is achieved through attribute and +# objectclass mapping. This document is intended to be a skeleton +# for future documents that describe configuration of specific DUA +# services. +# +# +# [trimmed] +# +# +# 2. General Issues +# +# The schema defined by this document is defined under the "DUA Con- +# figuration Schema." This schema is derived from the OID: iso (1) +# org (3) dod (6) internet (1) private (4) enterprises (1) Hewlett- +# Packard Company (11) directory (1) LDAP-UX Integration Project (3) +# DUA Configuration Schema (1). This OID is represented in this +# document by the keystring "DUAConfSchemaOID" +# (1.3.6.1.4.1.11.1.3.1). +objectidentifier DUAConfSchemaOID 1.3.6.1.4.1.11.1.3.1 +# +# 2.2 Attributes +# +# The attributes and classes defined in this document are summarized +# below. +# +# The following attributes are defined in this document: +# +# preferredServerList +# defaultServerList +# defaultSearchBase +# defaultSearchScope +# authenticationMethod +# credentialLevel +# serviceSearchDescriptor +# +# +# +# Joslin [Page 3] +# Internet-Draft DUA Configuration Schema October 2002 +# +# +# serviceCredentialLevel +# serviceAuthenticationMethod +# attributeMap +# objectclassMap +# searchTimeLimit +# bindTimeLimit +# followReferrals +# dereferenceAliases +# profileTTL +# +# 2.3 Object Classes +# +# The following object class is defined in this document: +# +# DUAConfigProfile +# +# +attributeType ( DUAConfSchemaOID:1.0 NAME 'defaultServerList' + DESC 'Default LDAP server host address used by a DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.1 NAME 'defaultSearchBase' + DESC 'Default LDAP base DN used by a DUA' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.2 NAME 'preferredServerList' + DESC 'Preferred LDAP server host addresses to be used by a + DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.3 NAME 'searchTimeLimit' + DESC 'Maximum time in seconds a DUA should allow for a + search to complete' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.4 NAME 'bindTimeLimit' + DESC 'Maximum time in seconds a DUA should allow for the + bind operation to complete' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.5 NAME 'followReferrals' + DESC 'Tells DUA if it should follow referrals + returned by a DSA search result' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.16 NAME 'dereferenceAliases' + DESC 'Tells DUA if it should dereference aliases' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.6 NAME 'authenticationMethod' + DESC 'A keystring which identifies the type of + authentication method used to contact the DSA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.7 NAME 'profileTTL' + DESC 'Time to live, in seconds, before a client DUA + should re-read this configuration profile' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.14 NAME 'serviceSearchDescriptor' + DESC 'LDAP search descriptor list used by a DUA' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributeType ( DUAConfSchemaOID:1.9 NAME 'attributeMap' + DESC 'Attribute mappings used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.10 NAME 'credentialLevel' + DESC 'Identifies type of credentials a DUA should + use when binding to the LDAP server' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.11 NAME 'objectclassMap' + DESC 'Objectclass mappings used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.12 NAME 'defaultSearchScope' + DESC 'Default search scope used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.13 NAME 'serviceCredentialLevel' + DESC 'Identifies type of credentials a DUA + should use when binding to the LDAP server for a + specific service' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.15 NAME 'serviceAuthenticationMethod' + DESC 'Authentication method used by a service of the DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +# +# 4. Class Definition +# +# The objectclass below is constructed from the attributes defined in +# 3, with the exception of the cn attribute, which is defined in RFC +# 2256 [8]. cn is used to represent the name of the DUA configura- +# tion profile. +# +objectClass ( DUAConfSchemaOID:2.5 NAME 'DUAConfigProfile' + SUP top STRUCTURAL + DESC 'Abstraction of a base configuration for a DUA' + MUST ( cn ) + MAY ( defaultServerList $ preferredServerList $ + defaultSearchBase $ defaultSearchScope $ + searchTimeLimit $ bindTimeLimit $ + credentialLevel $ authenticationMethod $ + followReferrals $ dereferenceAliases $ + serviceSearchDescriptor $ serviceCredentialLevel $ + serviceAuthenticationMethod $ objectclassMap $ + attributeMap $ profileTTL ) ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/duaconf.schema,v 1.5.2.4 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/duaconf.schema,v 1.5.2.5 2010/04/13 20:23:48 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/duaconf.schema,v 1.5.2.6 2011/01/04 23:50:51 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/dyngroup.schema,v b/config-archive/etc/openldap/schema/dyngroup.schema,v new file mode 100644 index 0000000..e4280d6 --- /dev/null +++ b/config-archive/etc/openldap/schema/dyngroup.schema,v @@ -0,0 +1,174 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# dyngroup.schema -- Dynamic Group schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.6 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Dynamic Group schema (experimental), as defined by Netscape. See +# http://www.redhat.com/docs/manuals/ent-server/pdf/esadmin611.pdf +# page 70 for details on how these groups were used. +# +# A description of the objectclass definition is available here: +# http://www.redhat.com/docs/manuals/dir-server/schema/7.1/oc_dir.html#1303745 +# +# depends upon: +# core.schema +# +# These definitions are considered experimental due to the lack of +# a formal specification (e.g., RFC). +# +# NOT RECOMMENDED FOR PRODUCTION USE! USE WITH CAUTION! +# +# The Netscape documentation describes this as an auxiliary objectclass +# but their implementations have always defined it as a structural class. +# The sloppiness here is because Netscape-derived servers don't actually +# implement the X.500 data model, and they don't honor the distinction +# between structural and auxiliary classes. This fact is noted here: +# http://forum.java.sun.com/thread.jspa?threadID=5016864&messageID=9034636 +# +# In accordance with other existing implementations, we define it as a +# structural class. +# +# Our definition of memberURL also does not match theirs but again +# their published definition and what works in practice do not agree. +# In other words, the Netscape definitions are broken and interoperability +# is not guaranteed. +# +# Also see the new DynGroup proposed spec at +# http://tools.ietf.org/html/draft-haripriya-dynamicgroup-02 + +objectIdentifier NetscapeRoot 2.16.840.1.113730 + +objectIdentifier NetscapeLDAP NetscapeRoot:3 +objectIdentifier NetscapeLDAPattributeType NetscapeLDAP:1 +objectIdentifier NetscapeLDAPobjectClass NetscapeLDAP:2 + +objectIdentifier OpenLDAPExp11 1.3.6.1.4.1.4203.666.11 +objectIdentifier DynGroupBase OpenLDAPExp11:8 +objectIdentifier DynGroupAttr DynGroupBase:1 +objectIdentifier DynGroupOC DynGroupBase:2 + +attributetype ( NetscapeLDAPattributeType:198 + NAME 'memberURL' + DESC 'Identifies an URL associated with each member of a group. Any type of labeled URL can be used.' + SUP labeledURI ) + +attributetype ( DynGroupAttr:1 + NAME 'dgIdentity' + DESC 'Identity to use when processing the memberURL' + SUP distinguishedName SINGLE-VALUE ) + +attributeType ( DynGroupAttr:2 + NAME 'dgAuthz' + DESC 'Optional authorization rules that determine who is allowed to assume the dgIdentity' + EQUALITY authzMatch + SYNTAX 1.3.6.1.4.1.4203.666.2.7 + X-ORDERED 'VALUES' ) + +objectClass ( NetscapeLDAPobjectClass:33 + NAME 'groupOfURLs' + SUP top STRUCTURAL + MUST cn + MAY ( memberURL $ businessCategory $ description $ o $ ou $ + owner $ seeAlso ) ) + +# The Haripriya dyngroup schema still needs a lot of work. +# We're just adding support for the dgIdentity attribute for now... +objectClass ( DynGroupOC:1 + NAME 'dgIdentityAux' + SUP top AUXILIARY + MAY ( dgIdentity $ dgAuthz ) ) + + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.5 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.6 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.7 2011/01/04 23:50:51 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/inetorgperson.ldif,v b/config-archive/etc/openldap/schema/inetorgperson.ldif,v new file mode 100644 index 0000000..b44c214 --- /dev/null +++ b/config-archive/etc/openldap/schema/inetorgperson.ldif,v @@ -0,0 +1,152 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# InetOrgPerson (RFC2798) +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.ldif,v 1.1.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# InetOrgPerson (RFC2798) +# +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079] +# (core.ldif) +# +# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] +# (core.ldif) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.ldif) +# +# This file was automatically generated from inetorgperson.schema; see +# that file for complete references. +# +dn: cn=inetorgperson,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: inetorgperson +olcAttributeTypes: ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'RFC279 + 8: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR cas + eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC ' + RFC2798: identifies a department within an organization' EQUALITY caseIgnoreM + atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'RFC + 2798: preferred name to be used when displaying entries' EQUALITY caseIgnoreM + atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SI + NGLE-VALUE ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'RF + C2798: numerically identifies an employee within an organization' EQUALITY ca + seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 + 1.1.15 SINGLE-VALUE ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'RFC2 + 798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgn + oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'RFC2 + 798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC + 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIg + noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 15 SINGLE-VALUE ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' D + ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.14 + 66.115.121.1.5 ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'RFC2 + 798: personal identity information, a PKCS #12 PFX' SYNTAX 1.3.6.1.4.1.1466.1 + 15.121.1.5 ) +olcObjectClasses: ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RFC2 + 798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY + ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ em + ployeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ ini + tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo + $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ pre + ferredLanguage $ userSMIMECertificate $ userPKCS12 ) ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.ldif,v 1.1.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.ldif,v 1.1.2.5 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.ldif,v 1.1.2.6 2011/01/04 23:50:52 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/inetorgperson.schema,v b/config-archive/etc/openldap/schema/inetorgperson.schema,v new file mode 100644 index 0000000..bedda1b --- /dev/null +++ b/config-archive/etc/openldap/schema/inetorgperson.schema,v @@ -0,0 +1,238 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# inetorgperson.schema -- InetOrgPerson (RFC2798) +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.18.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# InetOrgPerson (RFC2798) +# +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079] +# (core.schema) +# +# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] +# (core.schema) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) + +# carLicense +# This multivalued field is used to record the values of the license or +# registration plate associated with an individual. +attributetype ( 2.16.840.1.113730.3.1.1 + NAME 'carLicense' + DESC 'RFC2798: vehicle license or registration plate' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# departmentNumber +# Code for department to which a person belongs. This can also be +# strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123). +attributetype ( 2.16.840.1.113730.3.1.2 + NAME 'departmentNumber' + DESC 'RFC2798: identifies a department within an organization' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# displayName +# When displaying an entry, especially within a one-line summary list, it +# is useful to be able to identify a name to be used. Since other attri- +# bute types such as 'cn' are multivalued, an additional attribute type is +# needed. Display name is defined for this purpose. +attributetype ( 2.16.840.1.113730.3.1.241 + NAME 'displayName' + DESC 'RFC2798: preferred name to be used when displaying entries' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# employeeNumber +# Numeric or alphanumeric identifier assigned to a person, typically based +# on order of hire or association with an organization. Single valued. +attributetype ( 2.16.840.1.113730.3.1.3 + NAME 'employeeNumber' + DESC 'RFC2798: numerically identifies an employee within an organization' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# employeeType +# Used to identify the employer to employee relationship. Typical values +# used will be "Contractor", "Employee", "Intern", "Temp", "External", and +# "Unknown" but any value may be used. +attributetype ( 2.16.840.1.113730.3.1.4 + NAME 'employeeType' + DESC 'RFC2798: type of employment for a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# jpegPhoto +# Used to store one or more images of a person using the JPEG File +# Interchange Format [JFIF]. +# Note that the jpegPhoto attribute type was defined for use in the +# Internet X.500 pilots but no referencable definition for it could be +# located. +attributetype ( 0.9.2342.19200300.100.1.60 + NAME 'jpegPhoto' + DESC 'RFC2798: a JPEG image' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) + +# preferredLanguage +# Used to indicate an individual's preferred written or spoken +# language. This is useful for international correspondence or human- +# computer interaction. Values for this attribute type MUST conform to +# the definition of the Accept-Language header field defined in +# [RFC2068] with one exception: the sequence "Accept-Language" ":" +# should be omitted. This is a single valued attribute type. +attributetype ( 2.16.840.1.113730.3.1.39 + NAME 'preferredLanguage' + DESC 'RFC2798: preferred written or spoken language for a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# userSMIMECertificate +# A PKCS#7 [RFC2315] SignedData, where the content that is signed is +# ignored by consumers of userSMIMECertificate values. It is +# recommended that values have a `contentType' of data with an absent +# `content' field. Values of this attribute contain a person's entire +# certificate chain and an smimeCapabilities field [RFC2633] that at a +# minimum describes their SMIME algorithm capabilities. Values for +# this attribute are to be stored and requested in binary form, as +# 'userSMIMECertificate;binary'. If available, this attribute is +# preferred over the userCertificate attribute for S/MIME applications. +## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary +attributetype ( 2.16.840.1.113730.3.1.40 + NAME 'userSMIMECertificate' + DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) + +# userPKCS12 +# PKCS #12 [PKCS12] provides a format for exchange of personal identity +# information. When such information is stored in a directory service, +# the userPKCS12 attribute should be used. This attribute is to be stored +# and requested in binary form, as 'userPKCS12;binary'. The attribute +# values are PFX PDUs stored as binary data. +## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary +attributetype ( 2.16.840.1.113730.3.1.216 + NAME 'userPKCS12' + DESC 'RFC2798: personal identity information, a PKCS #12 PFX' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) + + +# inetOrgPerson +# The inetOrgPerson represents people who are associated with an +# organization in some way. It is a structural class and is derived +# from the organizationalPerson which is defined in X.521 [X521]. +objectclass ( 2.16.840.1.113730.3.2.2 + NAME 'inetOrgPerson' + DESC 'RFC2798: Internet Organizational Person' + SUP organizationalPerson + STRUCTURAL + MAY ( + audio $ businessCategory $ carLicense $ departmentNumber $ + displayName $ employeeNumber $ employeeType $ givenName $ + homePhone $ homePostalAddress $ initials $ jpegPhoto $ + labeledURI $ mail $ manager $ mobile $ o $ pager $ + photo $ roomNumber $ secretary $ uid $ userCertificate $ + x500uniqueIdentifier $ preferredLanguage $ + userSMIMECertificate $ userPKCS12 ) + ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.18.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.18.2.5 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.18.2.6 2011/01/04 23:50:52 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/java.schema,v b/config-archive/etc/openldap/schema/java.schema,v new file mode 100644 index 0000000..a1def23 --- /dev/null +++ b/config-archive/etc/openldap/schema/java.schema,v @@ -0,0 +1,486 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# java.schema -- Java Object Schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Java Object Schema (defined in RFC 2713) +# depends upon core.schema +# + +# Network Working Group V. Ryan +# Request for Comments: 2713 S. Seligman +# Category: Informational R. Lee +# Sun Microsystems, Inc. +# October 1999 +# +# +# Schema for Representing Java(tm) Objects in an LDAP Directory +# +# Status of this Memo +# +# This memo provides information for the Internet community. It does +# not specify an Internet standard of any kind. Distribution of this +# memo is unlimited. +# +# Copyright Notice +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# Abstract +# +# This document defines the schema for representing Java(tm) objects in +# an LDAP directory [LDAPv3]. It defines schema elements to represent +# a Java serialized object [Serial], a Java marshalled object [RMI], a +# Java remote object [RMI], and a JNDI reference [JNDI]. +# + +# [trimmed] + +# 3 Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# javaClassName +# javaClassNames +# javaCodebase +# javaSerializedData +# javaFactory +# javaReferenceAddress +# javaDoc +# +# 3.1 javaClassName +# +# This attribute stores the fully qualified name of the Java object's +# "distinguished" class or interface (for example, "java.lang.String"). +# It is a single-valued attribute. This attribute's syntax is ' +# Directory String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.6 +# NAME 'javaClassName' +# DESC 'Fully qualified name of distinguished Java class or +# interface' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.6 + NAME 'javaClassName' + DESC 'Fully qualified name of distinguished Java class or interface' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# 3.2 javaCodebase +# +# This attribute stores the Java class definition's locations. It +# specifies the locations from which to load the class definition for +# the class specified by the javaClassName attribute. Each value of +# the attribute contains an ordered list of URLs, separated by spaces. +# For example, a value of "url1 url2 url3" means that the three +# (possibly interdependent) URLs (url1, url2, and url3) form the +# codebase for loading in the Java class definition. +# +# If the javaCodebase attribute contains more than one value, each +# value is an independent codebase. That is, there is no relationship +# between the URLs in one value and those in another; each value can be +# viewed as an alternate source for loading the Java class definition. +# See [Java] for information regarding class loading. +# +# This attribute's syntax is 'IA5 String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.7 +# NAME 'javaCodebase' +# DESC 'URL(s) specifying the location of class definition' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.7 + NAME 'javaCodebase' + DESC 'URL(s) specifying the location of class definition' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 3.3 javaClassNames +# +# This attribute stores the Java object's fully qualified class or +# interface names (for example, "java.lang.String"). It is a +# multivalued attribute. When more than one value is present, each is +# the name of a class or interface, or ancestor class or interface, of +# this object. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.13 +# NAME 'javaClassNames' +# DESC 'Fully qualified Java class or interface name' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.13 + NAME 'javaClassNames' + DESC 'Fully qualified Java class or interface name' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 3.4 javaSerializedData +# +# This attribute stores the serialized form of a Java object. The +# serialized form is described in [Serial]. +# +# This attribute's syntax is 'Octet String'. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.8 +# NAME 'javaSerializedData +# DESC 'Serialized form of a Java object' +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.8 + NAME 'javaSerializedData' + DESC 'Serialized form of a Java object' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 + SINGLE-VALUE ) + +# 3.5 javaFactory +# +# This attribute stores the fully qualified class name of the object +# factory (for example, "com.wiz.jndi.WizObjectFactory") that can be +# used to create an instance of the object identified by the +# javaClassName attribute. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.10 +# NAME 'javaFactory' +# DESC 'Fully qualified Java class name of a JNDI object factory' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.10 + NAME 'javaFactory' + DESC 'Fully qualified Java class name of a JNDI object factory' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# 3.6 javaReferenceAddress +# +# This attribute represents the sequence of addresses of a JNDI +# reference. Each of its values represents one address, a Java object +# of type javax.naming.RefAddr. Its value is a concatenation of the +# address type and address contents, preceded by a sequence number (the +# order of addresses in a JNDI reference is significant). For example: +# +# #0#TypeA#ValA +# #1#TypeB#ValB +# #2#TypeC##rO0ABXNyABpq... +# +# In more detail, the value is encoded as follows: +# +# The delimiter is the first character of the value. For readability +# the character '#' is recommended when it is not otherwise used +# anywhere in the value, but any character may be used subject to +# restrictions given below. +# +# The first delimiter is followed by the sequence number. The sequence +# number of an address is its position in the JNDI reference, with the +# first address being numbered 0. It is represented by its shortest +# string form, in decimal notation. +# +# The sequence number is followed by a delimiter, then by the address +# type, and then by another delimiter. If the address is of Java class +# javax.naming.StringRefAddr, then this delimiter is followed by the +# value of the address contents (which is a string). Otherwise, this +# delimiter is followed immediately by another delimiter, and then by +# the Base64 encoding of the serialized form of the entire address. +# +# The delimiter may be any character other than a digit or a character +# contained in the address type. In addition, if the address contents +# is a string, the delimiter may not be the first character of that +# string. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. It can contain multiple values. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.11 +# NAME 'javaReferenceAddress' +# DESC 'Addresses associated with a JNDI Reference' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.11 + NAME 'javaReferenceAddress' + DESC 'Addresses associated with a JNDI Reference' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 3.7 javaDoc +# +# This attribute stores a pointer to the Java documentation for the +# class. It's value is a URL. For example, the following URL points to +# the specification of the java.lang.String class: +# http://java.sun.com/products/jdk/1.2/docs/api/java/lang/String.html +# +# This attribute's syntax is 'IA5 String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.12 +# NAME 'javaDoc' +# DESC 'The Java documentation for the class' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.12 + NAME 'javaDoc' + DESC 'The Java documentation for the class' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 4 Object Class Definitions +# +# The following object classes are defined in this document: +# +# javaContainer +# javaObject +# javaSerializedObject +# javaMarshalledObject +# javaNamingReference +# +# 4.1 javaContainer +# +# This structural object class represents a container for a Java +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.1 +# NAME 'javaContainer' +# DESC 'Container for a Java object' +# SUP top +# STRUCTURAL +# MUST ( cn ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1 + NAME 'javaContainer' + DESC 'Container for a Java object' + SUP top + STRUCTURAL + MUST cn ) + +# 4.2 javaObject +# +# This abstract object class represents a Java object. A javaObject +# cannot exist in the directory; only auxiliary or structural +# subclasses of it can exist in the directory. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.4 +# NAME 'javaObject' +# DESC 'Java object representation' +# SUP top +# ABSTRACT +# MUST ( javaClassName ) +# MAY ( javaClassNames $ +# javaCodebase $ +# javaDoc $ +# description ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.4 + NAME 'javaObject' + DESC 'Java object representation' + SUP top + ABSTRACT + MUST javaClassName + MAY ( javaClassNames $ javaCodebase $ + javaDoc $ description ) ) + +# 4.3 javaSerializedObject +# +# This auxiliary object class represents a Java serialized object. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.5 +# NAME 'javaSerializedObject' +# DESC 'Java serialized object' +# SUP javaObject +# AUXILIARY +# MUST ( javaSerializedData ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.5 + NAME 'javaSerializedObject' + DESC 'Java serialized object' + SUP javaObject + AUXILIARY + MUST javaSerializedData ) + +# 4.4 javaMarshalledObject +# +# This auxiliary object class represents a Java marshalled object. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.8 +# NAME 'javaMarshalledObject' +# DESC 'Java marshalled object' +# SUP javaObject +# AUXILIARY +# MUST ( javaSerializedData ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.8 + NAME 'javaMarshalledObject' + DESC 'Java marshalled object' + SUP javaObject + AUXILIARY + MUST javaSerializedData ) + +# 4.5 javaNamingReference +# +# This auxiliary object class represents a JNDI reference. It must be +# mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.7 +# NAME 'javaNamingReference' +# DESC 'JNDI reference' +# SUP javaObject +# AUXILIARY +# MAY ( javaReferenceAddress $ +# javaFactory ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.7 + NAME 'javaNamingReference' + DESC 'JNDI reference' + SUP javaObject + AUXILIARY + MAY ( javaReferenceAddress $ javaFactory ) ) + +# Full Copyright Statement +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# This document and translations of it may be copied and furnished to +# others, and derivative works that comment on or otherwise explain it +# or assist in its implementation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph are +# included on all such copies and derivative works. However, this +# document itself may not be modified in any way, such as by removing +# the copyright notice or references to the Internet Society or other +# Internet organizations, except as needed for the purpose of +# developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be +# followed, or as required to translate it into languages other than +# English. +# +# The limited permissions granted above are perpetual and will not be +# revoked by the Internet Society or its successors or assigns. +# +# This document and the information contained herein is provided on an +# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.5 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.6 2011/01/04 23:50:52 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/kerberos.schema,v b/config-archive/etc/openldap/schema/kerberos.schema,v new file mode 100644 index 0000000..edfbbf5 --- /dev/null +++ b/config-archive/etc/openldap/schema/kerberos.schema,v @@ -0,0 +1,720 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.09.19.10.51; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.09.19.12.11; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Novell Kerberos Schema Definitions +# Novell Inc. +# 1800 South Novell Place +# Provo, UT 84606 +# +# VeRsIoN=1.0 +# CoPyRiGhT=(c) Copyright 2006, Novell, Inc. All rights reserved +# +# OIDs: +# joint-iso-ccitt(2) +# country(16) +# us(840) +# organization(1) +# Novell(113719) +# applications(1) +# kerberos(301) +# Kerberos Attribute Type(4) attr# version# +# specific attribute definitions +# Kerberos Attribute Syntax(5) +# specific syntax definitions +# Kerberos Object Class(6) class# version# +# specific class definitions +# +# iso(1) +# member-body(2) +# United States(840) +# mit (113554) +# infosys(1) +# ldap(4) +# attributeTypes(1) +# Kerberos(6) + +######################################################################## + + +######################################################################## +# Attribute Type Definitions # +######################################################################## + +##### This is the principal name in the RFC 1964 specified format + +attributetype ( 2.16.840.1.113719.1.301.4.1.1 + NAME 'krbPrincipalName' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + +##### If there are multiple krbPrincipalName values for an entry, this +##### is the canonical principal name in the RFC 1964 specified +##### format. (If this attribute does not exist, then all +##### krbPrincipalName values are treated as canonical.) + +attributetype ( 1.2.840.113554.1.4.1.6.1 + NAME 'krbCanonicalName' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE) + +##### This specifies the type of the principal, the types could be any of +##### the types mentioned in section 6.2 of RFC 4120 + +attributetype ( 2.16.840.1.113719.1.301.4.3.1 + NAME 'krbPrincipalType' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### This flag is used to find whether directory User Password has to be used +##### as kerberos password. +##### TRUE, if User Password is to be used as the kerberos password. +##### FALSE, if User Password and the kerberos password are different. + +attributetype ( 2.16.840.1.113719.1.301.4.5.1 + NAME 'krbUPEnabled' + DESC 'Boolean' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE) + + +##### The time at which the principal expires + +attributetype ( 2.16.840.1.113719.1.301.4.6.1 + NAME 'krbPrincipalExpiration' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### The krbTicketFlags attribute holds information about the kerberos flags for a principal +##### The values (0x00000001 - 0x00800000) are reserved for standards and +##### values (0x01000000 - 0x80000000) can be used for proprietary extensions. +##### The flags and values as per RFC 4120 and MIT implementation are, +##### DISALLOW_POSTDATED 0x00000001 +##### DISALLOW_FORWARDABLE 0x00000002 +##### DISALLOW_TGT_BASED 0x00000004 +##### DISALLOW_RENEWABLE 0x00000008 +##### DISALLOW_PROXIABLE 0x00000010 +##### DISALLOW_DUP_SKEY 0x00000020 +##### DISALLOW_ALL_TIX 0x00000040 +##### REQUIRES_PRE_AUTH 0x00000080 +##### REQUIRES_HW_AUTH 0x00000100 +##### REQUIRES_PWCHANGE 0x00000200 +##### DISALLOW_SVR 0x00001000 +##### PWCHANGE_SERVICE 0x00002000 + + +attributetype ( 2.16.840.1.113719.1.301.4.8.1 + NAME 'krbTicketFlags' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### The maximum ticket lifetime for a principal in seconds + +attributetype ( 2.16.840.1.113719.1.301.4.9.1 + NAME 'krbMaxTicketLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Maximum renewable lifetime for a principal's ticket in seconds + +attributetype ( 2.16.840.1.113719.1.301.4.10.1 + NAME 'krbMaxRenewableAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Forward reference to the Realm object. +##### (FDN of the krbRealmContainer object). +##### Example: cn=ACME.COM, cn=Kerberos, cn=Security + +attributetype ( 2.16.840.1.113719.1.301.4.14.1 + NAME 'krbRealmReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### List of LDAP servers that kerberos servers can contact. +##### The attribute holds data in the ldap uri format, +##### Examples: acme.com#636, 164.164.164.164#1636, ldaps://acme.com:636 +##### +##### The values of this attribute need to be updated, when +##### the LDAP servers listed here are renamed, moved or deleted. + +attributetype ( 2.16.840.1.113719.1.301.4.15.1 + NAME 'krbLdapServers' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### A set of forward references to the KDC Service objects. +##### (FDNs of the krbKdcService objects). +##### Example: cn=kdc - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.17.1 + NAME 'krbKdcServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### A set of forward references to the Password Service objects. +##### (FDNs of the krbPwdService objects). +##### Example: cn=kpasswdd - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.18.1 + NAME 'krbPwdServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute holds the Host Name or the ip address, +##### transport protocol and ports of the kerberos service host +##### The format is host_name-or-ip_address#protocol#port +##### Protocol can be 0 or 1. 0 is for UDP. 1 is for TCP. + +attributetype ( 2.16.840.1.113719.1.301.4.24.1 + NAME 'krbHostServer' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + + +##### This attribute holds the scope for searching the principals +##### under krbSubTree attribute of krbRealmContainer +##### The value can either be 1 (ONE) or 2 (SUB_TREE). + +attributetype ( 2.16.840.1.113719.1.301.4.25.1 + NAME 'krbSearchScope' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### FDNs pointing to Kerberos principals + +attributetype ( 2.16.840.1.113719.1.301.4.26.1 + NAME 'krbPrincipalReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute specifies which attribute of the user objects +##### be used as the principal name component for Kerberos. +##### The allowed values are cn, sn, uid, givenname, fullname. + +attributetype ( 2.16.840.1.113719.1.301.4.28.1 + NAME 'krbPrincNamingAttr' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE) + + +##### A set of forward references to the Administration Service objects. +##### (FDNs of the krbAdmService objects). +##### Example: cn=kadmindd - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.29.1 + NAME 'krbAdmServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### Maximum lifetime of a principal's password + +attributetype ( 2.16.840.1.113719.1.301.4.30.1 + NAME 'krbMaxPwdLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum lifetime of a principal's password + +attributetype ( 2.16.840.1.113719.1.301.4.31.1 + NAME 'krbMinPwdLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum number of character clases allowed in a password + +attributetype ( 2.16.840.1.113719.1.301.4.32.1 + NAME 'krbPwdMinDiffChars' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum length of the password + +attributetype ( 2.16.840.1.113719.1.301.4.33.1 + NAME 'krbPwdMinLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Number of previous versions of passwords that are stored + +attributetype ( 2.16.840.1.113719.1.301.4.34.1 + NAME 'krbPwdHistoryLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Number of consecutive pre-authentication failures before lockout + +attributetype ( 1.3.6.1.4.1.5322.21.2.1 + NAME 'krbPwdMaxFailure' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Period after which bad preauthentication count will be reset + +attributetype ( 1.3.6.1.4.1.5322.21.2.2 + NAME 'krbPwdFailureCountInterval' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Period in which lockout is enforced + +attributetype ( 1.3.6.1.4.1.5322.21.2.3 + NAME 'krbPwdLockoutDuration' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### FDN pointing to a Kerberos Password Policy object + +attributetype ( 2.16.840.1.113719.1.301.4.36.1 + NAME 'krbPwdPolicyReference' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE) + + +##### The time at which the principal's password expires + +attributetype ( 2.16.840.1.113719.1.301.4.37.1 + NAME 'krbPasswordExpiration' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### This attribute holds the principal's key (krbPrincipalKey) that is encrypted with +##### the master key (krbMKey). +##### The attribute is ASN.1 encoded. +##### +##### The format of the value for this attribute is explained below, +##### KrbKeySet ::= SEQUENCE { +##### attribute-major-vno [0] UInt16, +##### attribute-minor-vno [1] UInt16, +##### kvno [2] UInt32, +##### mkvno [3] UInt32 OPTIONAL, +##### keys [4] SEQUENCE OF KrbKey, +##### ... +##### } +##### +##### KrbKey ::= SEQUENCE { +##### salt [0] KrbSalt OPTIONAL, +##### key [1] EncryptionKey, +##### s2kparams [2] OCTET STRING OPTIONAL, +##### ... +##### } +##### +##### KrbSalt ::= SEQUENCE { +##### type [0] Int32, +##### salt [1] OCTET STRING OPTIONAL +##### } +##### +##### EncryptionKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + +attributetype ( 2.16.840.1.113719.1.301.4.39.1 + NAME 'krbPrincipalKey' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### FDN pointing to a Kerberos Ticket Policy object. + +attributetype ( 2.16.840.1.113719.1.301.4.40.1 + NAME 'krbTicketPolicyReference' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE) + + +##### Forward reference to an entry that starts sub-trees +##### where principals and other kerberos objects in the realm are configured. +##### Example: ou=acme, ou=pq, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.41.1 + NAME 'krbSubTrees' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### Holds the default encryption/salt type combinations of principals for +##### the Realm. Stores in the form of key:salt strings. This will be +##### subset of the supported encryption/salt types. +##### Example: des-cbc-crc:normal + +attributetype ( 2.16.840.1.113719.1.301.4.42.1 + NAME 'krbDefaultEncSaltTypes' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### Holds the supported encryption/salt type combinations of principals for +##### the Realm. Stores in the form of key:salt strings. +##### The supported encryption types are mentioned in RFC 3961 +##### The supported salt types are, +##### NORMAL +##### V4 +##### NOREALM +##### ONLYREALM +##### SPECIAL +##### AFS3 +##### Example: des-cbc-crc:normal + +attributetype ( 2.16.840.1.113719.1.301.4.43.1 + NAME 'krbSupportedEncSaltTypes' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### This attribute holds the principal's old keys (krbPwdHistory) that is encrypted with +##### the kadmin/history key. +##### The attribute is ASN.1 encoded. +##### +##### The format of the value for this attribute is explained below, +##### KrbKeySet ::= SEQUENCE { +##### attribute-major-vno [0] UInt16, +##### attribute-minor-vno [1] UInt16, +##### kvno [2] UInt32, +##### mkvno [3] UInt32 OPTIONAL -- actually kadmin/history key, +##### keys [4] SEQUENCE OF KrbKey, +##### ... +##### } +##### +##### KrbKey ::= SEQUENCE { +##### salt [0] KrbSalt OPTIONAL, +##### key [1] EncryptionKey, +##### s2kparams [2] OCTET STRING OPTIONAL, +##### ... +##### } +##### +##### KrbSalt ::= SEQUENCE { +##### type [0] Int32, +##### salt [1] OCTET STRING OPTIONAL +##### } +##### +##### EncryptionKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + +attributetype ( 2.16.840.1.113719.1.301.4.44.1 + NAME 'krbPwdHistory' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### The time at which the principal's password last password change happened. + +attributetype ( 2.16.840.1.113719.1.301.4.45.1 + NAME 'krbLastPwdChange' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### This attribute holds the kerberos master key. +##### This can be used to encrypt principal keys. +##### This attribute has to be secured in directory. +##### +##### This attribute is ASN.1 encoded. +##### The format of the value for this attribute is explained below, +##### KrbMKey ::= SEQUENCE { +##### kvno [0] UInt32, +##### key [1] MasterKey +##### } +##### +##### MasterKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + + +attributetype ( 2.16.840.1.113719.1.301.4.46.1 + NAME 'krbMKey' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### This stores the alternate principal names for the principal in the RFC 1964 specified format + +attributetype ( 2.16.840.1.113719.1.301.4.47.1 + NAME 'krbPrincipalAliases' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + + +##### The time at which the principal's last successful authentication happened. + +attributetype ( 2.16.840.1.113719.1.301.4.48.1 + NAME 'krbLastSuccessfulAuth' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### The time at which the principal's last failed authentication happened. + +attributetype ( 2.16.840.1.113719.1.301.4.49.1 + NAME 'krbLastFailedAuth' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### This attribute stores the number of failed authentication attempts +##### happened for the principal since the last successful authentication. + +attributetype ( 2.16.840.1.113719.1.301.4.50.1 + NAME 'krbLoginFailedCount' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + + +##### This attribute holds the application specific data. + +attributetype ( 2.16.840.1.113719.1.301.4.51.1 + NAME 'krbExtraData' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### This attributes holds references to the set of directory objects. +##### This stores the DNs of the directory objects to which the +##### principal object belongs to. + +attributetype ( 2.16.840.1.113719.1.301.4.52.1 + NAME 'krbObjectReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute holds references to a Container object where +##### the additional principal objects and stand alone principal +##### objects (krbPrincipal) can be created. + +attributetype ( 2.16.840.1.113719.1.301.4.53.1 + NAME 'krbPrincContainerRef' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + +##### A list of services to which a service principal can delegate. +attributetype ( 1.3.6.1.4.1.5322.21.2.4 + NAME 'krbAllowedToDelegateTo' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + +######################################################################## +######################################################################## +# Object Class Definitions # +######################################################################## + +#### This is a kerberos container for all the realms in a tree. + +objectclass ( 2.16.840.1.113719.1.301.6.1.1 + NAME 'krbContainer' + SUP top + STRUCTURAL + MUST ( cn ) ) + + +##### The krbRealmContainer is created per realm and holds realm specific data. + +objectclass ( 2.16.840.1.113719.1.301.6.2.1 + NAME 'krbRealmContainer' + SUP top + STRUCTURAL + MUST ( cn ) + MAY ( krbMKey $ krbUPEnabled $ krbSubTrees $ krbSearchScope $ krbLdapServers $ krbSupportedEncSaltTypes $ krbDefaultEncSaltTypes $ krbTicketPolicyReference $ krbKdcServers $ krbPwdServers $ krbAdmServers $ krbPrincNamingAttr $ krbPwdPolicyReference $ krbPrincContainerRef ) ) + + +##### An instance of a class derived from krbService is created per +##### kerberos authentication or administration server in an realm and holds +##### references to the realm objects. These references is used to further read +##### realm specific data to service AS/TGS requests. Additionally this object +##### contains some server specific data like pathnames and ports that the +##### server uses. This is the identity the kerberos server logs in with. A key +##### pair for the same is created and the kerberos server logs in with the same. +##### +##### krbKdcService, krbAdmService and krbPwdService derive from this class. + +objectclass ( 2.16.840.1.113719.1.301.6.3.1 + NAME 'krbService' + SUP top + ABSTRACT + MUST ( cn ) + MAY ( krbHostServer $ krbRealmReferences ) ) + + +##### Representative object for the KDC server to bind into a LDAP directory +##### and have a connection to access Kerberos data with the required +##### access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.4.1 + NAME 'krbKdcService' + SUP krbService + STRUCTURAL ) + + +##### Representative object for the Kerberos Password server to bind into a LDAP directory +##### and have a connection to access Kerberos data with the required +##### access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.5.1 + NAME 'krbPwdService' + SUP krbService + STRUCTURAL ) + + +###### The principal data auxiliary class. Holds principal information +###### and is used to store principal information for Person, Service objects. + +objectclass ( 2.16.840.1.113719.1.301.6.8.1 + NAME 'krbPrincipalAux' + SUP top + AUXILIARY + MAY ( krbPrincipalName $ krbCanonicalName $ krbUPEnabled $ krbPrincipalKey $ krbTicketPolicyReference $ krbPrincipalExpiration $ krbPasswordExpiration $ krbPwdPolicyReference $ krbPrincipalType $ krbPwdHistory $ krbLastPwdChange $ krbPrincipalAliases $ krbLastSuccessfulAuth $ krbLastFailedAuth $ krbLoginFailedCount $ krbExtraData $ krbAllowedToDelegateTo ) ) + + +###### This class is used to create additional principals and stand alone principals. + +objectclass ( 2.16.840.1.113719.1.301.6.9.1 + NAME 'krbPrincipal' + SUP top + MUST ( krbPrincipalName ) + MAY ( krbObjectReferences ) ) + + +###### The principal references auxiliary class. Holds all principals referred +###### from a service + +objectclass ( 2.16.840.1.113719.1.301.6.11.1 + NAME 'krbPrincRefAux' + SUP top + AUXILIARY + MAY krbPrincipalReferences ) + + +##### Representative object for the Kerberos Administration server to bind into a LDAP directory +##### and have a connection Id to access Kerberos data with the required access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.13.1 + NAME 'krbAdmService' + SUP krbService + STRUCTURAL ) + + +##### The krbPwdPolicy object is a template password policy that +##### can be applied to principals when they are created. +##### These policy attributes will be in effect, when the Kerberos +##### passwords are different from users' passwords (UP). + +objectclass ( 2.16.840.1.113719.1.301.6.14.1 + NAME 'krbPwdPolicy' + SUP top + MUST ( cn ) + MAY ( krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration ) ) + + +##### The krbTicketPolicyAux holds Kerberos ticket policy attributes. +##### This class can be attached to a principal object or realm object. + +objectclass ( 2.16.840.1.113719.1.301.6.16.1 + NAME 'krbTicketPolicyAux' + SUP top + AUXILIARY + MAY ( krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge ) ) + + +##### The krbTicketPolicy object is an effective ticket policy that is associated with a realm or a principal + +objectclass ( 2.16.840.1.113719.1.301.6.17.1 + NAME 'krbTicketPolicy' + SUP top + MUST ( cn ) ) + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a447 7 +##### The time at which the principal was last administratively unlocked. + +attributetype ( 1.3.6.1.4.1.5322.21.2.5 + NAME 'krbLastAdminUnlock' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) +d612 1 +a612 1 + MAY ( krbPrincipalName $ krbCanonicalName $ krbUPEnabled $ krbPrincipalKey $ krbTicketPolicyReference $ krbPrincipalExpiration $ krbPasswordExpiration $ krbPwdPolicyReference $ krbPrincipalType $ krbPwdHistory $ krbLastPwdChange $ krbLastAdminUnlock $ krbPrincipalAliases $ krbLastSuccessfulAuth $ krbLastFailedAuth $ krbLoginFailedCount $ krbExtraData $ krbAllowedToDelegateTo ) ) +@ diff --git a/config-archive/etc/openldap/schema/misc.schema,v b/config-archive/etc/openldap/schema/misc.schema,v new file mode 100644 index 0000000..54c9094 --- /dev/null +++ b/config-archive/etc/openldap/schema/misc.schema,v @@ -0,0 +1,158 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# misc.schema -- assorted schema definitions +# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.30.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Assorted definitions from several sources, including +# ''works in progress''. Contents of this file are +# subject to change (including deletion) without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +#----------------------------------------------------------- +# draft-lachman-laser-ldap-mail-routing-02.txt !!!EXPIRED!!! +# (a work in progress) +# +attributetype ( 2.16.840.1.113730.3.1.13 + NAME 'mailLocalAddress' + DESC 'RFC822 email address of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 2.16.840.1.113730.3.1.18 + NAME 'mailHost' + DESC 'FQDN of the SMTP/MTA of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113730.3.1.47 + NAME 'mailRoutingAddress' + DESC 'RFC822 routing address of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +# I-D leaves this OID TBD. +# iPlanet uses 2.16.840.1.113.730.3.2.147 but that is an +# improperly delegated OID. A typo is likely. +objectclass ( 2.16.840.1.113730.3.2.147 + NAME 'inetLocalMailRecipient' + DESC 'Internet local mail recipient' + SUP top AUXILIARY + MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) ) + +#----------------------------------------------------------- +# draft-srivastava-ldap-mail-00.txt !!!EXPIRED!!! +# (a work in progress) +# +attributetype ( 1.3.6.1.4.1.42.2.27.2.1.15 + NAME 'rfc822MailMember' + DESC 'rfc822 mail address of group member(s)' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#----------------------------------------------------------- +# !!!no I-D!!! +# (a work in progress) +# +objectclass ( 1.3.6.1.4.1.42.2.27.1.2.5 + NAME 'nisMailAlias' + DESC 'NIS mail alias' + SUP top STRUCTURAL + MUST cn + MAY rfc822MailMember ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.30.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.30.2.5 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.30.2.6 2011/01/04 23:50:52 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/nis.ldif,v b/config-archive/etc/openldap/schema/nis.ldif,v new file mode 100644 index 0000000..9ae3c4b --- /dev/null +++ b/config-archive/etc/openldap/schema/nis.ldif,v @@ -0,0 +1,203 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# NIS (RFC2307) +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.ldif,v 1.1.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Definitions from RFC2307 (Experimental) +# An Approach for Using LDAP as a Network Information Service +# +# Depends upon core.ldif and cosine.ldif +# +# This file was automatically generated from nis.schema; see that file +# for complete references. +# +dn: cn=nis,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: nis +olcAttributeTypes: ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; th + e common name' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatc + h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolut + e path to the home directory' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1 + 466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to th + e login shell' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.2 + 6 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY integ + erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY integerM + atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY integer + Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY integerM + atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY integerMat + ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactI + A5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 26 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY ca + seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.11 + 5.121.1.26 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgr + oup triple' SYNTAX 1.3.6.1.1.1.0.0 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY intege + rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP name ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY int + egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY integer + Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP address + ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP netw + ork' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SI + NGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP netm + ask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SI + NGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC address' + EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.bootp + aramd parameter' SYNTAX 1.3.6.1.1.1.0.1 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image nam + e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY caseExac + tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121. + 1.26{1024} SINGLE-VALUE ) +olcObjectClasses: ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'Abstraction o + f an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNu + mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ + description ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC 'Additional a + ttributes for shadow passwords' SUP top AUXILIARY MUST uid MAY ( userPassword + $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive + $ shadowExpire $ shadowFlag $ description ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC 'Abstraction of + a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY ( userPas + sword $ memberUid $ description ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC 'Abstraction an I + nternet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort $ ipSe + rviceProtocol ) MAY description ) +olcObjectClasses: ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC 'Abstraction of + an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $ description + ) MAY description ) +olcObjectClasses: ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction of an O + NC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $ description ) M + AY description ) +olcObjectClasses: ( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction of a ho + st, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l $ desc + ription $ manager ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC 'Abstraction of a + n IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY ( ipNetmas + kNumber $ l $ description $ manager ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC 'Abstraction of + a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $ memberNisNe + tgroup $ description ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic abstracti + on of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description ) +olcObjectClasses: ( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC 'An entry in a + NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY descri + ption ) +olcObjectClasses: ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A device w + ith a MAC address' SUP top AUXILIARY MAY macAddress ) +olcObjectClasses: ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A device + with boot parameters' SUP top AUXILIARY MAY ( bootFile $ bootParameter ) ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.ldif,v 1.1.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.ldif,v 1.1.2.5 2010/04/13 20:23:48 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.ldif,v 1.1.2.6 2011/01/04 23:50:52 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/nis.schema,v b/config-archive/etc/openldap/schema/nis.schema,v new file mode 100644 index 0000000..7edf977 --- /dev/null +++ b/config-archive/etc/openldap/schema/nis.schema,v @@ -0,0 +1,320 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,v 1.15.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# Definitions from RFC2307 (Experimental) +# An Approach for Using LDAP as a Network Information Service + +# Depends upon core.schema and cosine.schema + +# Note: The definitions in RFC2307 are given in syntaxes closely related +# to those in RFC2252, however, some liberties are taken that are not +# supported by RFC2252. This file has been written following RFC2252 +# strictly. + +# OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1). +# i.e. nisSchema in RFC2307 is 1.3.6.1.1.1 +# +# Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined) +# validaters for these syntaxes are incomplete, they only +# implement printable string validation (which is good as the +# common use of these syntaxes violates the specification). +# Attribute types are under 1.3.6.1.1.1.1 +# Object classes are under 1.3.6.1.1.1.2 + +# Attribute Type Definitions + +# builtin +#attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' +# DESC 'An integer uniquely identifying a user in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# builtin +#attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' +# DESC 'An integer uniquely identifying a group in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' + DESC 'The GECOS field; the common name' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' + DESC 'The absolute path to the home directory' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' + DESC 'The path to the login shell' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' + DESC 'Netgroup triple' + SYNTAX 1.3.6.1.1.1.0.0 ) + +attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' + SUP name ) + +attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' + DESC 'IP address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' + DESC 'IP network' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' + DESC 'IP netmask' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' + DESC 'MAC address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' + DESC 'rpc.bootparamd parameter' + SYNTAX 1.3.6.1.1.1.0.1 ) + +attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' + DESC 'Boot image name' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' + SUP name ) + +attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE ) + +# Object Class Definitions + +objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' + DESC 'Abstraction of an account with POSIX attributes' + SUP top AUXILIARY + MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) + MAY ( userPassword $ loginShell $ gecos $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' + DESC 'Additional attributes for shadow passwords' + SUP top AUXILIARY + MUST uid + MAY ( userPassword $ shadowLastChange $ shadowMin $ + shadowMax $ shadowWarning $ shadowInactive $ + shadowExpire $ shadowFlag $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' + DESC 'Abstraction of a group of accounts' + SUP top STRUCTURAL + MUST ( cn $ gidNumber ) + MAY ( userPassword $ memberUid $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' + DESC 'Abstraction an Internet Protocol service' + SUP top STRUCTURAL + MUST ( cn $ ipServicePort $ ipServiceProtocol ) + MAY ( description ) ) + +objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' + DESC 'Abstraction of an IP protocol' + SUP top STRUCTURAL + MUST ( cn $ ipProtocolNumber $ description ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' + DESC 'Abstraction of an ONC/RPC binding' + SUP top STRUCTURAL + MUST ( cn $ oncRpcNumber $ description ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' + DESC 'Abstraction of a host, an IP device' + SUP top AUXILIARY + MUST ( cn $ ipHostNumber ) + MAY ( l $ description $ manager ) ) + +objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' + DESC 'Abstraction of an IP network' + SUP top STRUCTURAL + MUST ( cn $ ipNetworkNumber ) + MAY ( ipNetmaskNumber $ l $ description $ manager ) ) + +objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' + DESC 'Abstraction of a netgroup' + SUP top STRUCTURAL + MUST cn + MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' + DESC 'A generic abstraction of a NIS map' + SUP top STRUCTURAL + MUST nisMapName + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' + DESC 'An entry in a NIS map' + SUP top STRUCTURAL + MUST ( cn $ nisMapEntry $ nisMapName ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' + DESC 'A device with a MAC address' + SUP top AUXILIARY + MAY macAddress ) + +objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' + DESC 'A device with boot parameters' + SUP top AUXILIARY + MAY ( bootFile $ bootParameter ) ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,v 1.15.2.4 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,v 1.15.2.5 2010/04/13 20:23:48 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,v 1.15.2.6 2011/01/04 23:50:52 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/openldap.ldif,v b/config-archive/etc/openldap/schema/openldap.ldif,v new file mode 100644 index 0000000..8628e0e --- /dev/null +++ b/config-archive/etc/openldap/schema/openldap.ldif,v @@ -0,0 +1,171 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.ldif,v 1.2.2.6 2010/04/13 20:23:49 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# +# OpenLDAP Project's directory schema items +# +# depends upon: +# core.schema +# cosine.schema +# inetorgperson.schema +# +# These are provided for informational purposes only. +# +# This openldap.ldif file is provided as a demonstration of how to +# convert a *.schema file into *.ldif format. The key points: +# In LDIF, a blank line terminates an entry. Blank lines in a *.schema +# file should be replaced with a single '#' to turn them into +# comments, or they should just be removed. +# In addition to the actual schema directives, the file needs a small +# header to make it a valid LDAP entry. This header must provide the +# dn of the entry, the objectClass, and the cn, as shown here: +# +dn: cn=openldap,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: openldap +# +# The schema directives need to be changed to LDAP Attributes. +# First a basic string substitution can be done on each of the keywords: +# objectIdentifier -> olcObjectIdentifier: +# objectClass -> olcObjectClasses: +# attributeType -> olcAttributeTypes: +# Then leading whitespace must be fixed. The slapd.conf format allows +# tabs or spaces to denote line continuation, while LDIF only allows +# the space character. +# Also slapd.conf preserves the continuation character, while LDIF strips +# it out. So a single TAB/SPACE in slapd.conf must be replaced with +# two SPACEs in LDIF, otherwise the continued text may get joined as +# a single word. +# The directives must be listed in a proper sequence: +# All olcObjectIdentifiers must be first, so they may be referenced by +# any following definitions. +# All olcAttributeTypes must be next, so they may be referenced by any +# following objectClass definitions. +# All olcObjectClasses must be after the olcAttributeTypes. +# And of course, any superior must occur before anything that inherits +# from it. +# +olcObjectIdentifier: OpenLDAProot 1.3.6.1.4.1.4203 +# +olcObjectIdentifier: OpenLDAP OpenLDAProot:1 +olcObjectIdentifier: OpenLDAPattributeType OpenLDAP:3 +olcObjectIdentifier: OpenLDAPobjectClass OpenLDAP:4 +# +olcObjectClasses: ( OpenLDAPobjectClass:3 + NAME 'OpenLDAPorg' + DESC 'OpenLDAP Organizational Object' + SUP organization + MAY ( buildingName $ displayName $ labeledURI ) ) +# +olcObjectClasses: ( OpenLDAPobjectClass:4 + NAME 'OpenLDAPou' + DESC 'OpenLDAP Organizational Unit Object' + SUP organizationalUnit + MAY ( buildingName $ displayName $ labeledURI $ o ) ) +# +olcObjectClasses: ( OpenLDAPobjectClass:5 + NAME 'OpenLDAPperson' + DESC 'OpenLDAP Person' + SUP ( pilotPerson $ inetOrgPerson ) + MUST ( uid $ cn ) + MAY ( givenName $ labeledURI $ o ) ) +# +olcObjectClasses: ( OpenLDAPobjectClass:6 + NAME 'OpenLDAPdisplayableObject' + DESC 'OpenLDAP Displayable Object' + AUXILIARY + MAY displayName ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.ldif,v 1.2.2.5 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.ldif,v 1.2.2.6 2010/04/13 20:23:49 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.ldif,v 1.2.2.7 2011/01/04 23:50:52 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/openldap.schema,v b/config-archive/etc/openldap/schema/openldap.schema,v new file mode 100644 index 0000000..5fc6147 --- /dev/null +++ b/config-archive/etc/openldap/schema/openldap.schema,v @@ -0,0 +1,137 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.schema,v 1.24.2.6 2010/04/13 20:23:49 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# +# OpenLDAP Project's directory schema items +# +# depends upon: +# core.schema +# cosine.schema +# inetorgperson.schema +# +# These are provided for informational purposes only. + +objectIdentifier OpenLDAProot 1.3.6.1.4.1.4203 + +objectIdentifier OpenLDAP OpenLDAProot:1 +objectIdentifier OpenLDAPattributeType OpenLDAP:3 +objectIdentifier OpenLDAPobjectClass OpenLDAP:4 + +objectClass ( OpenLDAPobjectClass:3 + NAME 'OpenLDAPorg' + DESC 'OpenLDAP Organizational Object' + SUP organization + MAY ( buildingName $ displayName $ labeledURI ) ) + +objectClass ( OpenLDAPobjectClass:4 + NAME 'OpenLDAPou' + DESC 'OpenLDAP Organizational Unit Object' + SUP organizationalUnit + MAY ( buildingName $ displayName $ labeledURI $ o ) ) + +objectClass ( OpenLDAPobjectClass:5 + NAME 'OpenLDAPperson' + DESC 'OpenLDAP Person' + SUP ( pilotPerson $ inetOrgPerson ) + MUST ( uid $ cn ) + MAY ( givenName $ labeledURI $ o ) ) + +objectClass ( OpenLDAPobjectClass:6 + NAME 'OpenLDAPdisplayableObject' + DESC 'OpenLDAP Displayable Object' + AUXILIARY + MAY displayName ) +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.schema,v 1.24.2.5 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.schema,v 1.24.2.6 2010/04/13 20:23:49 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.schema,v 1.24.2.7 2011/01/04 23:50:52 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/pmi.schema,v b/config-archive/etc/openldap/schema/pmi.schema,v new file mode 100644 index 0000000..b855d7b --- /dev/null +++ b/config-archive/etc/openldap/schema/pmi.schema,v @@ -0,0 +1,547 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# OpenLDAP X.509 PMI schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/pmi.schema,v 1.1.2.3 2010/04/13 20:23:49 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2006). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +# +# +# Includes LDAPv3 schema items from: +# ITU X.509 (08/2005) +# +## X.509 (08/2005) pp. 120-121 +## +## -- object identifier assignments -- +## -- object classes -- +## id-oc-pmiUser OBJECT IDENTIFIER ::= {id-oc 24} +## id-oc-pmiAA OBJECT IDENTIFIER ::= {id-oc 25} +## id-oc-pmiSOA OBJECT IDENTIFIER ::= {id-oc 26} +## id-oc-attCertCRLDistributionPts OBJECT IDENTIFIER ::= {id-oc 27} +## id-oc-privilegePolicy OBJECT IDENTIFIER ::= {id-oc 32} +## id-oc-pmiDelegationPath OBJECT IDENTIFIER ::= {id-oc 33} +## id-oc-protectedPrivilegePolicy OBJECT IDENTIFIER ::= {id-oc 34} +## -- directory attributes -- +## id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} +## id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} +## id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61} +## id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62} +## id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63} +## id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71} +## id-at-role OBJECT IDENTIFIER ::= {id-at 72} +## id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73} +## id-at-protPrivPolicy OBJECT IDENTIFIER ::= {id-at 74} +## id-at-xMLPrivilegeInfo OBJECT IDENTIFIER ::= {id-at 75} +## id-at-xMLPprotPrivPolicy OBJECT IDENTIFIER ::= {id-at 76} +## -- attribute certificate extensions -- +## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} +## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} +## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} +## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} +## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} +## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} +## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} +## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} +## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} +## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} +## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} +## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} +## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} +## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} +## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} +## -- PMI matching rules -- +## id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} +## id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45} +## id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46} +## id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53} +## id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54} +## id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55} +## id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56} +## id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57} +## id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58} +## id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59} +## id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61} +## id-mr-sOAIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 66} +## id-mr-indirectIssuerMatch OBJECT IDENTIFIER ::= {id-mr 67} +## +## +## X.509 (08/2005) pp. 71, 86-89 +## +## 14.4.1 Role attribute +## role ATTRIBUTE ::= { +## WITH SYNTAX RoleSyntax +## ID id-at-role } +## RoleSyntax ::= SEQUENCE { +## roleAuthority [0] GeneralNames OPTIONAL, +## roleName [1] GeneralName } +## +## 14.5 XML privilege information attribute +## xmlPrivilegeInfo ATTRIBUTE ::= { +## WITH SYNTAX UTF8String -- contains XML-encoded privilege information +## ID id-at-xMLPrivilegeInfo } +## +## 17.1 PMI directory object classes +## +## 17.1.1 PMI user object class +## pmiUser OBJECT-CLASS ::= { +## -- a PMI user (i.e., a "holder") +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {attributeCertificateAttribute} +## ID id-oc-pmiUser } +## +## 17.1.2 PMI AA object class +## pmiAA OBJECT-CLASS ::= { +## -- a PMI AA +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {aACertificate | +## attributeCertificateRevocationList | +## attributeAuthorityRevocationList} +## ID id-oc-pmiAA } +## +## 17.1.3 PMI SOA object class +## pmiSOA OBJECT-CLASS ::= { -- a PMI Source of Authority +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {attributeCertificateRevocationList | +## attributeAuthorityRevocationList | +## attributeDescriptorCertificate} +## ID id-oc-pmiSOA } +## +## 17.1.4 Attribute certificate CRL distribution point object class +## attCertCRLDistributionPt OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN { attributeCertificateRevocationList | +## attributeAuthorityRevocationList } +## ID id-oc-attCertCRLDistributionPts } +## +## 17.1.5 PMI delegation path +## pmiDelegationPath OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN { delegationPath } +## ID id-oc-pmiDelegationPath } +## +## 17.1.6 Privilege policy object class +## privilegePolicy OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {privPolicy } +## ID id-oc-privilegePolicy } +## +## 17.1.7 Protected privilege policy object class +## protectedPrivilegePolicy OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {protPrivPolicy } +## ID id-oc-protectedPrivilegePolicy } +## +## 17.2 PMI Directory attributes +## +## 17.2.1 Attribute certificate attribute +## attributeCertificateAttribute ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-attributeCertificate } +## +## 17.2.2 AA certificate attribute +## aACertificate ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-aACertificate } +## +## 17.2.3 Attribute descriptor certificate attribute +## attributeDescriptorCertificate ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-attributeDescriptorCertificate } +## +## 17.2.4 Attribute certificate revocation list attribute +## attributeCertificateRevocationList ATTRIBUTE ::= { +## WITH SYNTAX CertificateList +## EQUALITY MATCHING RULE certificateListExactMatch +## ID id-at-attributeCertificateRevocationList} +## +## 17.2.5 AA certificate revocation list attribute +## attributeAuthorityRevocationList ATTRIBUTE ::= { +## WITH SYNTAX CertificateList +## EQUALITY MATCHING RULE certificateListExactMatch +## ID id-at-attributeAuthorityRevocationList } +## +## 17.2.6 Delegation path attribute +## delegationPath ATTRIBUTE ::= { +## WITH SYNTAX AttCertPath +## ID id-at-delegationPath } +## AttCertPath ::= SEQUENCE OF AttributeCertificate +## +## 17.2.7 Privilege policy attribute +## privPolicy ATTRIBUTE ::= { +## WITH SYNTAX PolicySyntax +## ID id-at-privPolicy } +## +## 17.2.8 Protected privilege policy attribute +## protPrivPolicy ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-protPrivPolicy } +## +## 17.2.9 XML Protected privilege policy attribute +## xmlPrivPolicy ATTRIBUTE ::= { +## WITH SYNTAX UTF8String -- contains XML-encoded privilege policy information +## ID id-at-xMLPprotPrivPolicy } +## + +## -- object identifier assignments -- +## -- object classes -- +objectidentifier id-oc-pmiUser 2.5.6.24 +objectidentifier id-oc-pmiAA 2.5.6.25 +objectidentifier id-oc-pmiSOA 2.5.6.26 +objectidentifier id-oc-attCertCRLDistributionPts 2.5.6.27 +objectidentifier id-oc-privilegePolicy 2.5.6.32 +objectidentifier id-oc-pmiDelegationPath 2.5.6.33 +objectidentifier id-oc-protectedPrivilegePolicy 2.5.6.34 +## -- directory attributes -- +objectidentifier id-at-attributeCertificate 2.5.4.58 +objectidentifier id-at-attributeCertificateRevocationList 2.5.4.59 +objectidentifier id-at-aACertificate 2.5.4.61 +objectidentifier id-at-attributeDescriptorCertificate 2.5.4.62 +objectidentifier id-at-attributeAuthorityRevocationList 2.5.4.63 +objectidentifier id-at-privPolicy 2.5.4.71 +objectidentifier id-at-role 2.5.4.72 +objectidentifier id-at-delegationPath 2.5.4.73 +objectidentifier id-at-protPrivPolicy 2.5.4.74 +objectidentifier id-at-xMLPrivilegeInfo 2.5.4.75 +objectidentifier id-at-xMLPprotPrivPolicy 2.5.4.76 +## -- attribute certificate extensions -- +## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} +## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} +## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} +## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} +## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} +## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} +## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} +## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} +## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} +## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} +## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} +## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} +## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} +## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} +## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} +## -- PMI matching rules -- +objectidentifier id-mr 2.5.13 +objectidentifier id-mr-attributeCertificateMatch id-mr:42 +objectidentifier id-mr-attributeCertificateExactMatch id-mr:45 +objectidentifier id-mr-holderIssuerMatch id-mr:46 +objectidentifier id-mr-authAttIdMatch id-mr:53 +objectidentifier id-mr-roleSpecCertIdMatch id-mr:54 +objectidentifier id-mr-basicAttConstraintsMatch id-mr:55 +objectidentifier id-mr-delegatedNameConstraintsMatch id-mr:56 +objectidentifier id-mr-timeSpecMatch id-mr:57 +objectidentifier id-mr-attDescriptorMatch id-mr:58 +objectidentifier id-mr-acceptableCertPoliciesMatch id-mr:59 +objectidentifier id-mr-delegationPathMatch id-mr:61 +objectidentifier id-mr-sOAIdentifierMatch id-mr:66 +objectidentifier id-mr-indirectIssuerMatch id-mr:67 +## -- syntaxes -- +## NOTE: 1.3.6.1.4.1.4203.666.11.10 is the oid arc assigned by OpenLDAP +## to this work in progress +objectidentifier AttributeCertificate 1.3.6.1.4.1.4203.666.11.10.2.1 +objectidentifier CertificateList 1.3.6.1.4.1.1466.115.121.1.9 +objectidentifier AttCertPath 1.3.6.1.4.1.4203.666.11.10.2.4 +objectidentifier PolicySyntax 1.3.6.1.4.1.4203.666.11.10.2.5 +objectidentifier RoleSyntax 1.3.6.1.4.1.4203.666.11.10.2.6 +# NOTE: OIDs from (expired) +#objectidentifier AttributeCertificate 1.2.826.0.1.3344810.7.5 +#objectidentifier AttCertPath 1.2.826.0.1.3344810.7.10 +#objectidentifier PolicySyntax 1.2.826.0.1.3344810.7.17 +#objectidentifier RoleSyntax 1.2.826.0.1.3344810.7.13 +## +## Substitute syntaxes +## +## AttCertPath +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.4 + NAME 'AttCertPath' + DESC 'X.509 PMI attribute cartificate path: SEQUENCE OF AttributeCertificate' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## PolicySyntax +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.5 + NAME 'PolicySyntax' + DESC 'X.509 PMI policy syntax' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## RoleSyntax +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.6 + NAME 'RoleSyntax' + DESC 'X.509 PMI role syntax' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## X.509 (08/2005) pp. 71, 86-89 +## +## 14.4.1 Role attribute +attributeType ( id-at-role + NAME 'role' + DESC 'X.509 Role attribute, use ;binary' + SYNTAX RoleSyntax ) +## +## 14.5 XML privilege information attribute +## -- contains XML-encoded privilege information +attributeType ( id-at-xMLPrivilegeInfo + NAME 'xmlPrivilegeInfo' + DESC 'X.509 XML privilege information attribute' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +## +## 17.2 PMI Directory attributes +## +## 17.2.1 Attribute certificate attribute +attributeType ( id-at-attributeCertificate + NAME 'attributeCertificateAttribute' + DESC 'X.509 Attribute certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.2 AA certificate attribute +attributeType ( id-at-aACertificate + NAME 'aACertificate' + DESC 'X.509 AA certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.3 Attribute descriptor certificate attribute +attributeType ( id-at-attributeDescriptorCertificate + NAME 'attributeDescriptorCertificate' + DESC 'X.509 Attribute descriptor certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.4 Attribute certificate revocation list attribute +attributeType ( id-at-attributeCertificateRevocationList + NAME 'attributeCertificateRevocationList' + DESC 'X.509 Attribute certificate revocation list attribute, use ;binary' + SYNTAX CertificateList + X-EQUALITY 'certificateListExactMatch, not implemented yet' ) +## +## 17.2.5 AA certificate revocation list attribute +attributeType ( id-at-attributeAuthorityRevocationList + NAME 'attributeAuthorityRevocationList' + DESC 'X.509 AA certificate revocation list attribute, use ;binary' + SYNTAX CertificateList + X-EQUALITY 'certificateListExactMatch, not implemented yet' ) +## +## 17.2.6 Delegation path attribute +attributeType ( id-at-delegationPath + NAME 'delegationPath' + DESC 'X.509 Delegation path attribute, use ;binary' + SYNTAX AttCertPath ) +## AttCertPath ::= SEQUENCE OF AttributeCertificate +## +## 17.2.7 Privilege policy attribute +attributeType ( id-at-privPolicy + NAME 'privPolicy' + DESC 'X.509 Privilege policy attribute, use ;binary' + SYNTAX PolicySyntax ) +## +## 17.2.8 Protected privilege policy attribute +attributeType ( id-at-protPrivPolicy + NAME 'protPrivPolicy' + DESC 'X.509 Protected privilege policy attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.9 XML Protected privilege policy attribute +## -- contains XML-encoded privilege policy information +attributeType ( id-at-xMLPprotPrivPolicy + NAME 'xmlPrivPolicy' + DESC 'X.509 XML Protected privilege policy attribute' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +## +## 17.1 PMI directory object classes +## +## 17.1.1 PMI user object class +## -- a PMI user (i.e., a "holder") +objectClass ( id-oc-pmiUser + NAME 'pmiUser' + DESC 'X.509 PMI user object class' + SUP top + AUXILIARY + MAY ( attributeCertificateAttribute ) ) +## +## 17.1.2 PMI AA object class +## -- a PMI AA +objectClass ( id-oc-pmiAA + NAME 'pmiAA' + DESC 'X.509 PMI AA object class' + SUP top + AUXILIARY + MAY ( aACertificate $ + attributeCertificateRevocationList $ + attributeAuthorityRevocationList + ) ) +## +## 17.1.3 PMI SOA object class +## -- a PMI Source of Authority +objectClass ( id-oc-pmiSOA + NAME 'pmiSOA' + DESC 'X.509 PMI SOA object class' + SUP top + AUXILIARY + MAY ( attributeCertificateRevocationList $ + attributeAuthorityRevocationList $ + attributeDescriptorCertificate + ) ) +## +## 17.1.4 Attribute certificate CRL distribution point object class +objectClass ( id-oc-attCertCRLDistributionPts + NAME 'attCertCRLDistributionPt' + DESC 'X.509 Attribute certificate CRL distribution point object class' + SUP top + AUXILIARY + MAY ( attributeCertificateRevocationList $ + attributeAuthorityRevocationList + ) ) +## +## 17.1.5 PMI delegation path +objectClass ( id-oc-pmiDelegationPath + NAME 'pmiDelegationPath' + DESC 'X.509 PMI delegation path' + SUP top + AUXILIARY + MAY ( delegationPath ) ) +## +## 17.1.6 Privilege policy object class +objectClass ( id-oc-privilegePolicy + NAME 'privilegePolicy' + DESC 'X.509 Privilege policy object class' + SUP top + AUXILIARY + MAY ( privPolicy ) ) +## +## 17.1.7 Protected privilege policy object class +objectClass ( id-oc-protectedPrivilegePolicy + NAME 'protectedPrivilegePolicy' + DESC 'X.509 Protected privilege policy object class' + SUP top + AUXILIARY + MAY ( protPrivPolicy ) ) + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/pmi.schema,v 1.1.2.2 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/pmi.schema,v 1.1.2.3 2010/04/13 20:23:49 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/pmi.schema,v 1.1.2.4 2011/01/04 23:50:52 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/schema/ppolicy.schema,v b/config-archive/etc/openldap/schema/ppolicy.schema,v new file mode 100644 index 0000000..8c63f68 --- /dev/null +++ b/config-archive/etc/openldap/schema/ppolicy.schema,v @@ -0,0 +1,614 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.19.52.01; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.5 2010/04/13 20:23:49 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 2004-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (2004). +## Please see full copyright statement below. + +# Definitions from Draft behera-ldap-password-policy-07 (a work in progress) +# Password Policy for LDAP Directories +# With extensions from Hewlett-Packard: +# pwdCheckModule etc. + +# Contents of this file are subject to change (including deletion) +# without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +#Network Working Group J. Sermersheim +#Internet-Draft Novell, Inc +#Expires: April 24, 2005 L. Poitou +# Sun Microsystems +# October 24, 2004 +# +# +# Password Policy for LDAP Directories +# draft-behera-ldap-password-policy-08.txt +# +#Status of this Memo +# +# This document is an Internet-Draft and is subject to all provisions +# of section 3 of RFC 3667. By submitting this Internet-Draft, each +# author represents that any applicable patent or other IPR claims of +# which he or she is aware have been or will be disclosed, and any of +# which he or she become aware will be disclosed, in accordance with +# RFC 3668. +# +# Internet-Drafts are working documents of the Internet Engineering +# Task Force (IETF), its areas, and its working groups. Note that +# other groups may also distribute working documents as +# Internet-Drafts. +# +# Internet-Drafts are draft documents valid for a maximum of six months +# and may be updated, replaced, or obsoleted by other documents at any +# time. It is inappropriate to use Internet-Drafts as reference +# material or to cite them other than as "work in progress." +# +# The list of current Internet-Drafts can be accessed at +# http://www.ietf.org/ietf/1id-abstracts.txt. +# +# The list of Internet-Draft Shadow Directories can be accessed at +# http://www.ietf.org/shadow.html. +# +# This Internet-Draft will expire on April 24, 2005. +# +#Copyright Notice +# +# Copyright (C) The Internet Society (2004). +# +#Abstract +# +# Password policy as described in this document is a set of rules that +# controls how passwords are used and administered in Lightweight +# Directory Access Protocol (LDAP) based directories. In order to +# improve the security of LDAP directories and make it difficult for +# password cracking programs to break into directories, it is desirable +# to enforce a set of rules on password usage. These rules are made to +# +# [trimmed] +# +#5. Schema used for Password Policy +# +# The schema elements defined here fall into two general categories. A +# password policy object class is defined which contains a set of +# administrative password policy attributes, and a set of operational +# attributes are defined that hold general password policy state +# information for each user. +# +#5.2 Attribute Types used in the pwdPolicy ObjectClass +# +# Following are the attribute types used by the pwdPolicy object class. +# +#5.2.1 pwdAttribute +# +# This holds the name of the attribute to which the password policy is +# applied. For example, the password policy may be applied to the +# userPassword attribute. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.1 + NAME 'pwdAttribute' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +#5.2.2 pwdMinAge +# +# This attribute holds the number of seconds that must elapse between +# modifications to the password. If this attribute is not present, 0 +# seconds is assumed. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.2 + NAME 'pwdMinAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.3 pwdMaxAge +# +# This attribute holds the number of seconds after which a modified +# password will expire. +# +# If this attribute is not present, or if the value is 0 the password +# does not expire. If not 0, the value must be greater than or equal +# to the value of the pwdMinAge. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.3 + NAME 'pwdMaxAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.4 pwdInHistory +# +# This attribute specifies the maximum number of used passwords stored +# in the pwdHistory attribute. +# +# If this attribute is not present, or if the value is 0, used +# passwords are not stored in the pwdHistory attribute and thus may be +# reused. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.4 + NAME 'pwdInHistory' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.5 pwdCheckQuality +# +# {TODO: Consider changing the syntax to OID. Each OID will list a +# quality rule (like min len, # of special characters, etc). These +# rules can be specified outsid ethis document.} +# +# {TODO: Note that even though this is meant to be a check that happens +# during password modification, it may also be allowed to happen during +# authN. This is useful for situations where the password is encrypted +# when modified, but decrypted when used to authN.} +# +# This attribute indicates how the password quality will be verified +# while being modified or added. If this attribute is not present, or +# if the value is '0', quality checking will not be enforced. A value +# of '1' indicates that the server will check the quality, and if the +# server is unable to check it (due to a hashed password or other +# reasons) it will be accepted. A value of '2' indicates that the +# server will check the quality, and if the server is unable to verify +# it, it will return an error refusing the password. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.5 + NAME 'pwdCheckQuality' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.6 pwdMinLength +# +# When quality checking is enabled, this attribute holds the minimum +# number of characters that must be used in a password. If this +# attribute is not present, no minimum password length will be +# enforced. If the server is unable to check the length (due to a +# hashed password or otherwise), the server will, depending on the +# value of the pwdCheckQuality attribute, either accept the password +# without checking it ('0' or '1') or refuse it ('2'). + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.6 + NAME 'pwdMinLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.7 pwdExpireWarning +# +# This attribute specifies the maximum number of seconds before a +# password is due to expire that expiration warning messages will be +# returned to an authenticating user. +# +# If this attribute is not present, or if the value is 0 no warnings +# will be returned. If not 0, the value must be smaller than the value +# of the pwdMaxAge attribute. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.7 + NAME 'pwdExpireWarning' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.8 pwdGraceAuthNLimit +# +# This attribute specifies the number of times an expired password can +# be used to authenticate. If this attribute is not present or if the +# value is 0, authentication will fail. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.8 + NAME 'pwdGraceAuthNLimit' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.9 pwdLockout +# +# This attribute indicates, when its value is "TRUE", that the password +# may not be used to authenticate after a specified number of +# consecutive failed bind attempts. The maximum number of consecutive +# failed bind attempts is specified in pwdMaxFailure. +# +# If this attribute is not present, or if the value is "FALSE", the +# password may be used to authenticate when the number of failed bind +# attempts has been reached. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.9 + NAME 'pwdLockout' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.10 pwdLockoutDuration +# +# This attribute holds the number of seconds that the password cannot +# be used to authenticate due to too many failed bind attempts. If +# this attribute is not present, or if the value is 0 the password +# cannot be used to authenticate until reset by a password +# administrator. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.10 + NAME 'pwdLockoutDuration' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.11 pwdMaxFailure +# +# This attribute specifies the number of consecutive failed bind +# attempts after which the password may not be used to authenticate. +# If this attribute is not present, or if the value is 0, this policy +# is not checked, and the value of pwdLockout will be ignored. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.11 + NAME 'pwdMaxFailure' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.12 pwdFailureCountInterval +# +# This attribute holds the number of seconds after which the password +# failures are purged from the failure counter, even though no +# successful authentication occurred. +# +# If this attribute is not present, or if its value is 0, the failure +# counter is only reset by a successful authentication. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.12 + NAME 'pwdFailureCountInterval' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.13 pwdMustChange +# +# This attribute specifies with a value of "TRUE" that users must +# change their passwords when they first bind to the directory after a +# password is set or reset by a password administrator. If this +# attribute is not present, or if the value is "FALSE", users are not +# required to change their password upon binding after the password +# administrator sets or resets the password. This attribute is not set +# due to any actions specified by this document, it is typically set by +# a password administrator after resetting a user's password. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.13 + NAME 'pwdMustChange' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.14 pwdAllowUserChange +# +# This attribute indicates whether users can change their own +# passwords, although the change operation is still subject to access +# control. If this attribute is not present, a value of "TRUE" is +# assumed. This attribute is intended to be used in the absense of an +# access control mechanism. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.14 + NAME 'pwdAllowUserChange' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.15 pwdSafeModify +# +# This attribute specifies whether or not the existing password must be +# sent along with the new password when being changed. If this +# attribute is not present, a "FALSE" value is assumed. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.15 + NAME 'pwdSafeModify' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +# HP extensions +# +# pwdCheckModule +# +# This attribute names a user-defined loadable module that provides +# a check_password() function. If pwdCheckQuality is set to '1' or '2' +# this function will be called after all of the internal password +# quality checks have been passed. The function has this prototype: +# +# int check_password( char *password, char **errormessage, void *arg ) +# +# The function should return LDAP_SUCCESS for a valid password. + +attributetype ( 1.3.6.1.4.1.4754.1.99.1 + NAME 'pwdCheckModule' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + DESC 'Loadable module that instantiates "check_password() function' + SINGLE-VALUE ) + +objectclass ( 1.3.6.1.4.1.4754.2.99.1 + NAME 'pwdPolicyChecker' + SUP top + AUXILIARY + MAY ( pwdCheckModule ) ) + +#5.1 The pwdPolicy Object Class +# +# This object class contains the attributes defining a password policy +# in effect for a set of users. Section 10 describes the +# administration of this object, and the relationship between it and +# particular objects. +# +objectclass ( 1.3.6.1.4.1.42.2.27.8.2.1 + NAME 'pwdPolicy' + SUP top + AUXILIARY + MUST ( pwdAttribute ) + MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ + pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout + $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ + pwdMustChange $ pwdAllowUserChange $ pwdSafeModify ) ) + +#5.3 Attribute Types for Password Policy State Information +# +# Password policy state information must be maintained for each user. +# The information is located in each user entry as a set of operational +# attributes. These operational attributes are: pwdChangedTime, +# pwdAccountLockedTime, pwdFailureTime, pwdHistory, pwdGraceUseTime, +# pwdReset, pwdPolicySubEntry. +# +#5.3.1 Password Policy State Attribute Option +# +# Since the password policy could apply to several attributes used to +# store passwords, each of the above operational attributes must have +# an option to specify which pwdAttribute it applies to. The password +# policy option is defined as the following: +# +# pwd- +# +# where passwordAttribute a string following the OID syntax +# (1.3.6.1.4.1.1466.115.121.1.38). The attribute type descriptor +# (short name) MUST be used. +# +# For example, if the pwdPolicy object has for pwdAttribute +# "userPassword" then the pwdChangedTime operational attribute, in a +# user entry, will be: +# +# pwdChangedTime;pwd-userPassword: 20000103121520Z +# +# This attribute option follows sub-typing semantics. If a client +# requests a password policy state attribute to be returned in a search +# operation, and does not specify an option, all subtypes of that +# policy state attribute are returned. +# +#5.3.2 pwdChangedTime +# +# This attribute specifies the last time the entry's password was +# changed. This is used by the password expiration policy. If this +# attribute does not exist, the password will never expire. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.16 +# NAME 'pwdChangedTime' +# DESC 'The time the password was last changed' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.3 pwdAccountLockedTime +# +# This attribute holds the time that the user's account was locked. A +# locked account means that the password may no longer be used to +# authenticate. A 000001010000Z value means that the account has been +# locked permanently, and that only a password administrator can unlock +# the account. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.17 +# NAME 'pwdAccountLockedTime' +# DESC 'The time an user account was locked' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.4 pwdFailureTime +# +# This attribute holds the timestamps of the consecutive authentication +# failures. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.19 +# NAME 'pwdFailureTime' +# DESC 'The timestamps of the last consecutive authentication +# failures' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# USAGE directoryOperation ) +# +#5.3.5 pwdHistory +# +# This attribute holds a history of previously used passwords. Values +# of this attribute are transmitted in string format as given by the +# following ABNF: +# +# pwdHistory = time "#" syntaxOID "#" length "#" data +# +# time = +# +# syntaxOID = numericoid ; the string representation of the +# ; dotted-decimal OID that defines the +# ; syntax used to store the password. +# ; numericoid is described in 4.1 +# ; of [RFC2252]. +# +# length = numericstring ; the number of octets in data. +# ; numericstring is described in 4.1 +# ; of [RFC2252]. +# +# data = . +# +# This format allows the server to store, and transmit a history of +# passwords that have been used. In order for equality matching to +# function properly, the time field needs to adhere to a consistent +# format. For this purpose, the time field MUST be in GMT format. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.20 +# NAME 'pwdHistory' +# DESC 'The history of user s passwords' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 +# USAGE directoryOperation ) +# +#5.3.6 pwdGraceUseTime +# +# This attribute holds the timestamps of grace authentications after a +# password has expired. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.21 +# NAME 'pwdGraceUseTime' +# DESC 'The timestamps of the grace authentication after the +# password has expired' +# EQUALITY generalizedTimeMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# +#5.3.7 pwdReset +# +# This attribute holds a flag to indicate (when TRUE) that the password +# has been updated by the password administrator and must be changed by +# the user on first authentication. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.22 +# NAME 'pwdReset' +# DESC 'The indication that the password has been reset' +# EQUALITY booleanMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.8 pwdPolicySubentry +# +# This attribute points to the pwdPolicy subentry in effect for this +# object. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.23 +# NAME 'pwdPolicySubentry' +# DESC 'The pwdPolicy subentry in effect for this object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +# +#Disclaimer of Validity +# +# This document and the information contained herein are provided on an +# "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS +# OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET +# ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, +# INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE +# INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED +# WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +# +# +#Copyright Statement +# +# Copyright (C) The Internet Society (2004). This document is subject +# to the rights, licenses and restrictions contained in BCP 78, and +# except as set forth therein, the authors retain all their rights. + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.4 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 2004-2009 The OpenLDAP Foundation. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.5 2010/04/13 20:23:49 kurt Exp $ +d4 1 +a4 1 +## Copyright 2004-2010 The OpenLDAP Foundation. +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.6 2011/01/04 23:50:52 kurt Exp $ +d4 1 +a4 1 +## Copyright 2004-2011 The OpenLDAP Foundation. +@ diff --git a/config-archive/etc/openldap/slapd.conf,v b/config-archive/etc/openldap/slapd.conf,v new file mode 100644 index 0000000..9257bd1 --- /dev/null +++ b/config-archive/etc/openldap/slapd.conf,v @@ -0,0 +1,164 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2010.11.30.22.11.02; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# +include /etc/openldap/schema/core.schema +include /etc/openldap/schema/cosine.schema +include /etc/openldap/schema/inetorgperson.schema +include /etc/openldap/schema/extension.schema +#include /etc/openldap/schema/mozilla.schema +include /etc/openldap/schema/mozillaorg.schema +include /etc/openldap/schema/ppolicy.schema +include /etc/openldap/schema/nis.schema +include /etc/openldap/schema/samba.schema +include /etc/openldap/schema/misc.schema +include /etc/openldap/schema/evolutionperson.schema +include /etc/openldap/schema/authldap.schema + +# Define global ACLs to disable default read access. + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. +#referral ldap://root.openldap.org + +pidfile /var/run/openldap/slapd.pid +argsfile /var/run/openldap/slapd.args + +loglevel config ACL stats stats2 + +TLSCertificateKeyFile /etc/openldap/ssl/ldap.pem +TLSCertificateFile /etc/openldap/ssl/ldap.pem + +# Load dynamic backend modules: +# modulepath /usr/lib64/openldap/openldap +# moduleload back_sql.so +# moduleload back_sock.so +# moduleload back_shell.so +# moduleload back_relay.so +# moduleload back_perl.so +# moduleload back_passwd.so +# moduleload back_null.so +# moduleload back_monitor.so +# moduleload back_meta.so +# moduleload back_ldap.so +# moduleload back_dnssrv.so + +# Sample security restrictions +# Require integrity protection (prevent hijacking) +# Require 112-bit (3DES or better) encryption for updates +# Require 63-bit encryption for simple bind +# security ssf=1 update_ssf=112 simple_bind=64 + +# Sample access control policy: +# Root DSE: allow anyone to read it +# Subschema (sub)entry DSE: allow anyone to read it +# Other DSEs: +# Allow self write access +# Allow authenticated users read access +# Allow anonymous users to authenticate +# Directives needed to implement policy: +# access to dn.base="" by * read +# access to dn.base="cn=Subschema" by * read +# access to * +# by self write +# by users read +# by anonymous auth +# +# if no access controls are present, the default policy +# allows anyone and everyone to read anything but restricts +# updates to rootdn. (e.g., "access to * by * read") +# +# rootdn can always read and write EVERYTHING! +access to * + by dn="cn=frank, dc=brehm-online, dc=com" write + by anonymous read + by users write + +####################################################################### +# BDB database definitions +####################################################################### + +database hdb +suffix "dc=brehm-online, dc=com" +# +checkpoint 32 30 +rootdn "cn=frank, dc=brehm-online, dc=com" +# Cleartext passwords, especially for the rootdn, should +# be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. +rootpw {SSHA}9cKLW4uzCU0YDM7zCkfsBH9XfXG2YCMR +# The database directory MUST exist prior to running slapd AND +# should only be accessible by the slapd and slap tools. +# Mode 700 recommended. +directory /var/lib/openldap-data +# Indices to maintain +index objectClass eq +index mail,cn,givenName,sn sub +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d6 11 +d27 5 +d34 1 +d72 4 +d82 1 +a82 1 +suffix "dc=my-domain,dc=com" +d85 1 +a85 1 +rootdn "cn=Manager,dc=my-domain,dc=com" +d89 1 +a89 1 +rootpw secret +d96 1 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a17 1 +# moduleload back_sql.so +@ diff --git a/config-archive/etc/openldap/slapd.conf.default,v b/config-archive/etc/openldap/slapd.conf.default,v new file mode 100644 index 0000000..9211ca8 --- /dev/null +++ b/config-archive/etc/openldap/slapd.conf.default,v @@ -0,0 +1,115 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# +include /etc/openldap/schema/core.schema + +# Define global ACLs to disable default read access. + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. +#referral ldap://root.openldap.org + +pidfile /var/run/openldap/slapd.pid +argsfile /var/run/openldap/slapd.args + +# Load dynamic backend modules: +# modulepath /usr/lib64/openldap/openldap +# moduleload back_sock.so +# moduleload back_shell.so +# moduleload back_relay.so +# moduleload back_perl.so +# moduleload back_passwd.so +# moduleload back_null.so +# moduleload back_monitor.so +# moduleload back_meta.so +# moduleload back_ldap.so +# moduleload back_dnssrv.so + +# Sample security restrictions +# Require integrity protection (prevent hijacking) +# Require 112-bit (3DES or better) encryption for updates +# Require 63-bit encryption for simple bind +# security ssf=1 update_ssf=112 simple_bind=64 + +# Sample access control policy: +# Root DSE: allow anyone to read it +# Subschema (sub)entry DSE: allow anyone to read it +# Other DSEs: +# Allow self write access +# Allow authenticated users read access +# Allow anonymous users to authenticate +# Directives needed to implement policy: +# access to dn.base="" by * read +# access to dn.base="cn=Subschema" by * read +# access to * +# by self write +# by users read +# by anonymous auth +# +# if no access controls are present, the default policy +# allows anyone and everyone to read anything but restricts +# updates to rootdn. (e.g., "access to * by * read") +# +# rootdn can always read and write EVERYTHING! + +####################################################################### +# BDB database definitions +####################################################################### + +database hdb +suffix "dc=my-domain,dc=com" +# +checkpoint 32 30 +rootdn "cn=Manager,dc=my-domain,dc=com" +# Cleartext passwords, especially for the rootdn, should +# be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. +rootpw secret +# The database directory MUST exist prior to running slapd AND +# should only be accessible by the slapd and slap tools. +# Mode 700 recommended. +directory /var/lib/openldap-data +# Indices to maintain +index objectClass eq +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a17 1 +# moduleload back_sql.so +@ diff --git a/config-archive/etc/openldap/slapd.conf.dist b/config-archive/etc/openldap/slapd.conf.dist new file mode 100644 index 0000000..ea9e489 --- /dev/null +++ b/config-archive/etc/openldap/slapd.conf.dist @@ -0,0 +1,75 @@ +# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# +include /etc/openldap/schema/core.schema + +# Define global ACLs to disable default read access. + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. +#referral ldap://root.openldap.org + +pidfile /var/run/openldap/slapd.pid +argsfile /var/run/openldap/slapd.args + +# Load dynamic backend modules: +# modulepath /usr/lib64/openldap/openldap +# moduleload back_sql.so +# moduleload back_sock.so +# moduleload back_shell.so +# moduleload back_relay.so +# moduleload back_perl.so +# moduleload back_passwd.so +# moduleload back_null.so +# moduleload back_monitor.so +# moduleload back_meta.so +# moduleload back_ldap.so +# moduleload back_dnssrv.so + +# Sample security restrictions +# Require integrity protection (prevent hijacking) +# Require 112-bit (3DES or better) encryption for updates +# Require 63-bit encryption for simple bind +# security ssf=1 update_ssf=112 simple_bind=64 + +# Sample access control policy: +# Root DSE: allow anyone to read it +# Subschema (sub)entry DSE: allow anyone to read it +# Other DSEs: +# Allow self write access +# Allow authenticated users read access +# Allow anonymous users to authenticate +# Directives needed to implement policy: +# access to dn.base="" by * read +# access to dn.base="cn=Subschema" by * read +# access to * +# by self write +# by users read +# by anonymous auth +# +# if no access controls are present, the default policy +# allows anyone and everyone to read anything but restricts +# updates to rootdn. (e.g., "access to * by * read") +# +# rootdn can always read and write EVERYTHING! + +####################################################################### +# BDB database definitions +####################################################################### + +database hdb +suffix "dc=my-domain,dc=com" +# +checkpoint 32 30 +rootdn "cn=Manager,dc=my-domain,dc=com" +# Cleartext passwords, especially for the rootdn, should +# be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. +rootpw secret +# The database directory MUST exist prior to running slapd AND +# should only be accessible by the slapd and slap tools. +# Mode 700 recommended. +directory /var/lib/openldap-data +# Indices to maintain +index objectClass eq diff --git a/config-archive/etc/openldap/slapd.conf.dist.new b/config-archive/etc/openldap/slapd.conf.dist.new new file mode 100644 index 0000000..ea9e489 --- /dev/null +++ b/config-archive/etc/openldap/slapd.conf.dist.new @@ -0,0 +1,75 @@ +# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# +include /etc/openldap/schema/core.schema + +# Define global ACLs to disable default read access. + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. +#referral ldap://root.openldap.org + +pidfile /var/run/openldap/slapd.pid +argsfile /var/run/openldap/slapd.args + +# Load dynamic backend modules: +# modulepath /usr/lib64/openldap/openldap +# moduleload back_sql.so +# moduleload back_sock.so +# moduleload back_shell.so +# moduleload back_relay.so +# moduleload back_perl.so +# moduleload back_passwd.so +# moduleload back_null.so +# moduleload back_monitor.so +# moduleload back_meta.so +# moduleload back_ldap.so +# moduleload back_dnssrv.so + +# Sample security restrictions +# Require integrity protection (prevent hijacking) +# Require 112-bit (3DES or better) encryption for updates +# Require 63-bit encryption for simple bind +# security ssf=1 update_ssf=112 simple_bind=64 + +# Sample access control policy: +# Root DSE: allow anyone to read it +# Subschema (sub)entry DSE: allow anyone to read it +# Other DSEs: +# Allow self write access +# Allow authenticated users read access +# Allow anonymous users to authenticate +# Directives needed to implement policy: +# access to dn.base="" by * read +# access to dn.base="cn=Subschema" by * read +# access to * +# by self write +# by users read +# by anonymous auth +# +# if no access controls are present, the default policy +# allows anyone and everyone to read anything but restricts +# updates to rootdn. (e.g., "access to * by * read") +# +# rootdn can always read and write EVERYTHING! + +####################################################################### +# BDB database definitions +####################################################################### + +database hdb +suffix "dc=my-domain,dc=com" +# +checkpoint 32 30 +rootdn "cn=Manager,dc=my-domain,dc=com" +# Cleartext passwords, especially for the rootdn, should +# be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. +rootpw secret +# The database directory MUST exist prior to running slapd AND +# should only be accessible by the slapd and slap tools. +# Mode 700 recommended. +directory /var/lib/openldap-data +# Indices to maintain +index objectClass eq diff --git a/config-archive/etc/pam.d/chgpasswd,v b/config-archive/etc/pam.d/chgpasswd,v new file mode 100644 index 0000000..999a132 --- /dev/null +++ b/config-archive/etc/pam.d/chgpasswd,v @@ -0,0 +1,52 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.10.04.21.35.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.04.21.38.44; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#%PAM-1.0 +auth sufficient pam_rootok.so +account required pam_permit.so +password include system-auth +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 3 +a4 7 + +auth sufficient pam_rootok.so +auth include system-auth + +account include system-auth + +password include system-auth +@ diff --git a/config-archive/etc/pam.d/chpasswd,v b/config-archive/etc/pam.d/chpasswd,v new file mode 100644 index 0000000..72e1d4b --- /dev/null +++ b/config-archive/etc/pam.d/chpasswd,v @@ -0,0 +1,60 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.10.04.21.35.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.04.21.38.45; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +#%PAM-1.0 +d3 2 +a4 2 +auth sufficient pam_rootok.so +auth include system-auth +d6 1 +a6 1 +account include system-auth +d8 1 +a8 1 +password include system-auth +@ diff --git a/config-archive/etc/pam.d/login,v b/config-archive/etc/pam.d/login,v new file mode 100644 index 0000000..bae35ff --- /dev/null +++ b/config-archive/etc/pam.d/login,v @@ -0,0 +1,67 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.30.19.30.29; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.30.19.31.22; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#%PAM-1.0 + +auth required pam_securetty.so +auth required pam_tally.so file=/var/log/faillog onerr=succeed +auth required pam_shells.so +auth required pam_nologin.so +auth include system-auth + +account required pam_access.so +account include system-auth +account required pam_tally.so file=/var/log/faillog onerr=succeed + +password include system-auth + +session required pam_env.so +session optional pam_lastlog.so +session optional pam_motd.so motd=/etc/motd +session optional pam_mail.so + +session include system-auth + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 2 +d4 17 +a20 1 +auth include system-local-login +a21 3 +account include system-local-login +password include system-local-login +session include system-local-login +@ diff --git a/config-archive/etc/pam.d/passwd,v b/config-archive/etc/pam.d/passwd,v new file mode 100644 index 0000000..a49decf --- /dev/null +++ b/config-archive/etc/pam.d/passwd,v @@ -0,0 +1,50 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.10.04.21.35.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.04.21.38.46; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#%PAM-1.0 + +auth include system-auth +account include system-auth +password include system-auth +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a2 1 +auth sufficient pam_rootok.so +a3 1 + +a4 1 + +@ diff --git a/config-archive/etc/pam.d/start-stop-daemon,v b/config-archive/etc/pam.d/start-stop-daemon,v new file mode 100644 index 0000000..f2719fb --- /dev/null +++ b/config-archive/etc/pam.d/start-stop-daemon,v @@ -0,0 +1,48 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.12.08.22.41.52; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.12.08.22.43.28; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#%PAM-1.0 + +auth required pam_permit.so +account required pam_permit.so +password required pam_deny.so +session optional pam_limits.so +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 6 +a6 2 +account required pam_permit.so +session include system-services +@ diff --git a/config-archive/etc/pam.d/su,v b/config-archive/etc/pam.d/su,v new file mode 100644 index 0000000..b25320f --- /dev/null +++ b/config-archive/etc/pam.d/su,v @@ -0,0 +1,57 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.17.17.05; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#%PAM-1.0 + +auth sufficient pam_rootok.so +auth sufficient pam_listfile.so item=ruser file=/etc/security/users.allow sense=allow onerr=fail + +# If you want to restrict users begin allowed to su even more, +# create /etc/security/suauth.allow (or to that matter) that is only +# writable by root, and add users that are allowed to su to that +# file, one per line. +#auth required pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow + +# Uncomment this to allow users in the wheel group to su without +# entering a passwd. +#auth sufficient pam_wheel.so use_uid trust + +# Alternatively to above, you can implement a list of users that do +# not need to supply a passwd with a list. +#auth sufficient pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass + +# Comment this to allow any user, even those not in the 'wheel' +# group to su +auth required pam_wheel.so use_uid + +auth include system-auth + +account include system-auth + +password include system-auth + +session include system-auth +session required pam_env.so +session optional pam_xauth.so + +@ diff --git a/config-archive/etc/pam.d/su.dist.new b/config-archive/etc/pam.d/su.dist.new new file mode 100644 index 0000000..d15c7ed --- /dev/null +++ b/config-archive/etc/pam.d/su.dist.new @@ -0,0 +1,32 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so + +# If you want to restrict users begin allowed to su even more, +# create /etc/security/suauth.allow (or to that matter) that is only +# writable by root, and add users that are allowed to su to that +# file, one per line. +#auth required pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow + +# Uncomment this to allow users in the wheel group to su without +# entering a passwd. +#auth sufficient pam_wheel.so use_uid trust + +# Alternatively to above, you can implement a list of users that do +# not need to supply a passwd with a list. +#auth sufficient pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass + +# Comment this to allow any user, even those not in the 'wheel' +# group to su +auth required pam_wheel.so use_uid + +auth include system-auth + +account include system-auth + +password include system-auth + +session include system-auth +session required pam_env.so +session optional pam_xauth.so + diff --git a/config-archive/etc/pam.d/sudo,v b/config-archive/etc/pam.d/sudo,v new file mode 100644 index 0000000..76e12b2 --- /dev/null +++ b/config-archive/etc/pam.d/sudo,v @@ -0,0 +1,46 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.09.08.20.36.51; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.20.37.46; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# File autogenerated by pamd_mimic in pam eclass + + +auth include system-auth +account include system-auth +password include system-auth +session include system-auth +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d6 1 +@ diff --git a/config-archive/etc/pam.d/system-auth,v b/config-archive/etc/pam.d/system-auth,v new file mode 100644 index 0000000..63d4571 --- /dev/null +++ b/config-archive/etc/pam.d/system-auth,v @@ -0,0 +1,99 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2010.11.19.09.21.53; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.26.04.52.14; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.11.19.09.21.53; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@auth required pam_env.so +auth sufficient pam_ssh.so +auth required pam_unix.so try_first_pass likeauth nullok + +account required pam_unix.so + +password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 +password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow +session optional pam_ssh.so +session required pam_limits.so +session required pam_env.so +session required pam_unix.so +session optional pam_permit.so +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +d9 1 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a1 1 +auth sufficient pam_ssh.so +a7 1 +session optional pam_ssh.so +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a2 1 +auth [success=1 default=ignore] pam_krb5.so ignore_root try_first_pass +a3 1 +auth optional pam_permit.so +a4 1 +account [success=1 default=ignore] pam_krb5.so ignore_root try_first_pass +a5 1 +account optional pam_permit.so +a7 1 +password [success=1 default=ignore] pam_krb5.so ignore_root try_first_pass +a8 2 +password optional pam_permit.so + +a11 1 +session [success=1 default=ignore] pam_krb5.so ignore_root try_first_pass +@ diff --git a/config-archive/etc/pam.d/system-login,v b/config-archive/etc/pam.d/system-login,v new file mode 100644 index 0000000..6b6386f --- /dev/null +++ b/config-archive/etc/pam.d/system-login,v @@ -0,0 +1,64 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.11.19.09.23.41; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@auth required pam_tally.so onerr=succeed +auth required pam_shells.so +auth required pam_nologin.so +auth include system-auth + +account required pam_access.so +account required pam_nologin.so +account include system-auth +account required pam_tally.so onerr=succeed + +password include system-auth + +session required pam_env.so +session optional pam_lastlog.so +session include system-auth +session optional pam_motd.so motd=/etc/motd +session optional pam_mail.so + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +auth required pam_tally2.so onerr=succeed +d9 1 +a9 1 +account required pam_tally2.so onerr=succeed +a12 1 +session optional pam_loginuid.so +@ diff --git a/config-archive/etc/pam.d/system-services,v b/config-archive/etc/pam.d/system-services,v new file mode 100644 index 0000000..22711a7 --- /dev/null +++ b/config-archive/etc/pam.d/system-services,v @@ -0,0 +1,48 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.11.19.09.23.51; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@auth sufficient pam_permit.so +account include system-auth +session required pam_limits.so +session required pam_env.so +session required pam_unix.so +session optional pam_permit.so +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a2 1 +session optional pam_loginuid.so +a4 1 +session [success=1 default=ignore] pam_krb5.so ignore_root try_first_pass +@ diff --git a/config-archive/etc/php/apache2-php5.3/php.ini,v b/config-archive/etc/php/apache2-php5.3/php.ini,v new file mode 100644 index 0000000..3a2461f --- /dev/null +++ b/config-archive/etc/php/apache2-php5.3/php.ini,v @@ -0,0 +1,1969 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.12.03; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +;output_buffering = 4096 +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +;display_errors = On +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +;enable_dl = Off +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" +from="frank@@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/var/lib/php/session" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d262 2 +a263 1 +output_buffering = 4096 +d321 1 +a321 1 +serialize_precision = 17 +d532 2 +a533 1 +display_errors = On +d626 1 +a626 1 +;error_prepend_string = "" +d632 1 +a632 1 +;error_append_string = "" +d817 2 +a818 1 +enable_dl = Off +d903 1 +a978 3 + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +a979 1 + +d1222 1 +a1222 1 +mysql.default_host = +d1273 1 +a1273 1 +mysqli.default_host = +d1471 1 +a1471 1 +session.save_path = "/tmp" +d1489 1 +a1489 1 +session.name = PHPSESSID +@ diff --git a/config-archive/etc/php/apache2-php5/ext/suhosin.ini,v b/config-archive/etc/php/apache2-php5/ext/suhosin.ini,v new file mode 100644 index 0000000..1af7afe --- /dev/null +++ b/config-archive/etc/php/apache2-php5/ext/suhosin.ini,v @@ -0,0 +1,486 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.05.08.51.50; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.07.05.08.52.11; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@extension = suhosin.so + +; ----------------------------------------------------------------------------- +; This file was taken from Mandriva Linux with their permission +; ----------------------------------------------------------------------------- + +[suhosin] + +; ----------------------------------------------------------------------------- +; Logging Options + +; Defines what classes of security alerts are logged to the syslog daemon. +; Logging of errors of the class S_MEMORY are always logged to syslog, no +; matter what this configuration says, because a corrupted heap could mean that +; the other logging options will malfunction during the logging process. +;suhosin.log.syslog = + +; Defines the syslog facility that is used when ALERTs are logged to syslog. +;suhosin.log.syslog.facility = + +; Defines the syslog priority that is used when ALERTs are logged to syslog. +;suhosin.log.syslog.priority = + +; Defines what classes of security alerts are logged through the SAPI error log. +;suhosin.log.sapi = + +; Defines what classes of security alerts are logged through the external +; logging. +;suhosin.log.script = + +; Defines what classes of security alerts are logged through the defined PHP +; script. +;suhosin.log.phpscript = 0 + +; Defines the full path to a external logging script. The script is called with +; 2 parameters. The first one is the alert class in string notation and the +; second parameter is the log message. This can be used for example to mail +; failing MySQL queries to your email address, because on a production system +; these things should never happen. +;suhosin.log.script.name = + +; Defines the full path to a PHP logging script. The script is called with 2 +; variables registered in the current scope: SUHOSIN_ERRORCLASS and +; SUHOSIN_ERROR. The first one is the alert class and the second variable is +; the log message. This can be used for example to mail attempted remote URL +; include attacks to your email address. +;suhosin.log.phpscript.name = + +; Undocumented +;suhosin.log.phpscript.is_safe = Off + +; When the Hardening-Patch logs an error the log message also contains the IP +; of the attacker. Usually this IP is retrieved from the REMOTE_ADDR SAPI +; environment variable. With this switch it is possible to change this behavior +; to read the IP from the X-Forwarded-For HTTP header. This is f.e. necessary +; when your PHP server runs behind a reverse proxy. +;suhosin.log.use-x-forwarded-for = Off + +; ----------------------------------------------------------------------------- +; Executor Options + +; Defines the maximum stack depth allowed by the executor before it stops the +; script. Without this function an endless recursion in a PHP script could +; crash the PHP executor or trigger the configured memory_limit. A value of +; "0" disables this feature. +;suhosin.executor.max_depth = 0 + +; Defines how many "../" an include filename needs to contain to be considered +; an attack and stopped. A value of "2" will block "../../etc/passwd", while a +; value of "3" will allow it. Most PHP applications should work flawlessly with +; values "4" or "5". A value of "0" disables this feature. +;suhosin.executor.include.max_traversal = 0 + +; Comma separated whitelist of URL schemes that are allowed to be included from +; include or require statements. Additionally to URL schemes it is possible to +; specify the beginning of allowed URLs. (f.e.: php://stdin) If no whitelist is +; specified, then the blacklist is evaluated. +;suhosin.executor.include.whitelist = + +; Comma separated blacklist of URL schemes that are not allowed to be included +; from include or require statements. Additionally to URL schemes it is +; possible to specify the beginning of allowed URLs. (f.e.: php://stdin) If no +; blacklist and no whitelist is specified all URL schemes are forbidden. +;suhosin.executor.include.blacklist = + +; Defines if PHP is allows to run code from files that are writable by the +; current process. If a file is created or modified by a PHP process, there +; is a potential danger of code injection. Only turn this on if you are sure +; that your application does not require writable PHP files. +;suhosin.executor.include.allow_writable_files = On + +; Comma separated whitelist of functions that are allowed to be called. If the +; whitelist is empty the blacklist is evaluated, otherwise calling a function +; not in the whitelist will terminate the script and get logged. +;suhosin.executor.func.whitelist = + +; Comma separated blacklist of functions that are not allowed to be called. If +; no whitelist is given, calling a function within the blacklist will terminate +; the script and get logged. +;suhosin.executor.func.blacklist = + +; Comma separated whitelist of functions that are allowed to be called from +; within eval(). If the whitelist is empty the blacklist is evaluated, +; otherwise calling a function not in the whitelist will terminate the script +; and get logged. +;suhosin.executor.eval.whitelist = + +; Comma separated blacklist of functions that are not allowed to be called from +; within eval(). If no whitelist is given, calling a function within the +; blacklist will terminate the script and get logged. +;suhosin.executor.eval.blacklist = + +; eval() is a very dangerous statement and therefore you might want to disable +; it completely. Deactivating it will however break lots of scripts. Because +; every violation is logged, this allows finding all places where eval() is +; used. +;suhosin.executor.disable_eval = Off + +; The /e modifier inside preg_replace() allows code execution. Often it is the +; cause for remote code execution exploits. It is wise to deactivate this +; feature and test where in the application it is used. The developer using the +; /e modifier should be made aware that he should use preg_replace_callback() +; instead. +;suhosin.executor.disable_emodifier = Off + +; This flag reactivates symlink() when open_basedir is used, which is disabled +; by default in Suhosin >= 0.9.6. Allowing symlink() while open_basedir is used +; is actually a security risk. +;suhosin.executor.allow_symlink = Off + +; ----------------------------------------------------------------------------- +; Misc Options + +; If you fear that Suhosin breaks your application, you can activate Suhosin's +; simulation mode with this flag. When Suhosin runs in simulation mode, +; violations are logged as usual, but nothing is blocked or removed from the +; request. (Transparent Encryptions are NOT deactivated in simulation mode.) +;suhosin.simulation = Off + +; APC 3.0.12(p1/p2) uses reserved resources without requesting a resource slot +; first. It always uses resource slot 0. If Suhosin got this slot assigned APC +; will overwrite the information Suhosin stores in this slot. When this flag is +; set Suhosin will request 2 Slots and use the second one. This allows working +; correctly with these buggy APC versions. +;suhosin.apc_bug_workaround = Off + +; When a SQL Query fails scripts often spit out a bunch of useful information +; for possible attackers. When this configuration directive is turned on, the +; script will silently terminate, after the problem has been logged. (This is +; not yet supported) +;suhosin.sql.bailout_on_error = Off + +; This is an experimental feature for shared environments. With this +; configuration option it is possible to specify a prefix that is automatically +; prepended to the database username, whenever a database connection is made. +; (Unless the username starts with the prefix) +;suhosin.sql.user_prefix = + +; This is an experimental feature for shared environments. With this +; configuration option it is possible to specify a postfix that is +; automatically appended to the database username, whenever a database +; connection is made. (Unless the username end with the postfix) +; +; With this feature it is possible for shared hosters to disallow customers to +; connect with the usernames of other customers. This feature is experimental, +; because support for PDO and PostgreSQL are not yet implemented. +;suhosin.sql.user_postfix = + +; This directive controls if multiple headers are allowed or not in a header() +; call. By default the Hardening-Patch forbids this. (HTTP headers spanning +; multiple lines are still allowed). +;suhosin.multiheader = Off + +; This directive controls if the mail() header protection is activated or not +; and to what degree it is activated. The appended table lists the possible +; activation levels. +suhosin.mail.protect = 1 + +; As long scripts are not running within safe_mode they are free to change the +; memory_limit to whatever value they want. Suhosin changes this fact and +; disallows setting the memory_limit to a value greater than the one the script +; started with, when this option is left at 0. A value greater than 0 means +; that Suhosin will disallows scripts setting the memory_limit to a value above +; this configured hard limit. This is for example usefull if you want to run +; the script normaly with a limit of 16M but image processing scripts may raise +; it to 20M. +;suhosin.memory_limit = 0 + +; ----------------------------------------------------------------------------- +; Transparent Encryption Options + +; Flag that decides if the transparent session encryption is activated or not. +;suhosin.session.encrypt = On + +; Session data can be encrypted transparently. The encryption key used consists +; of this user defined string (which can be altered by a script via ini_set()) +; and optionally the User-Agent, the Document-Root and 0-4 Octects of the +; REMOTE_ADDR. +;suhosin.session.cryptkey = + +; Flag that decides if the transparent session encryption key depends on the +; User-Agent field. (When activated this feature transparently adds a little +; bit protection against session fixation/hijacking attacks) +;suhosin.session.cryptua = On + +; Flag that decides if the transparent session encryption key depends on the +; Documentroot field. +;suhosin.session.cryptdocroot = On + +; Number of octets (0-4) from the REMOTE_ADDR that the transparent session +; encryption key depends on. Keep in mind that this should not be used on sites +; that have visitors from big ISPs, because their IP address often changes +; during a session. But this feature might be interesting for admin interfaces +; or intranets. When used wisely this is a transparent protection against +; session hijacking/fixation. +;suhosin.session.cryptraddr = 0 + +; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the +; session. The difference to suhosin.session.cryptaddr is, that the IP is not +; part of the encryption key, so that the same session can be used for +; different areas with different protection levels on the site. +;suhosin.session.checkraddr = 0 + +; Flag that decides if the transparent cookie encryption is activated or not. +;suhosin.cookie.encrypt = 0 + +; Cookies can be encrypted transparently. The encryption key used consists of +; this user defined string and optionally the User-Agent, the Document-Root and +; 0-4 Octects of the REMOTE_ADDR. +;suhosin.cookie.cryptkey = + +; Flag that decides if the transparent session encryption key depends on the +; User-Agent field. (When activated this feature transparently adds a little +; bit protection against session fixation/hijacking attacks (if only session +; cookies are allowed)) +;suhosin.cookie.cryptua = On + +; Flag that decides if the transparent cookie encryption key depends on the +; Documentroot field. +;suhosin.cookie.cryptdocroot = On + +; Number of octets (0-4) from the REMOTE_ADDR that the transparent cookie +; encryption key depends on. Keep in mind that this should not be used on sites +; that have visitors from big ISPs, because their IP address often changes +; during a session. But this feature might be interesting for admin interfaces +; or intranets. When used wisely this is a transparent protection against +; session hijacking/fixation. +;suhosin.cookie.cryptraddr = 0 + +; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the +; cookie. The difference to suhosin.cookie.cryptaddr is, that the IP is not +; part of the encryption key, so that the same cookie can be used for different +; areas with different protection levels on the site. +;suhosin.cookie.checkraddr = 0 + +; In case not all cookies are supposed to get encrypted this is a comma +; separated list of cookie names that should get encrypted. All other cookies +; will not get touched. +;suhosin.cookie.cryptlist = + +; In case some cookies should not be crypted this is a comma separated list of +; cookies that do not get encrypted. All other cookies will be encrypted. +;suhosin.cookie.plainlist = + +; ----------------------------------------------------------------------------- +; Filtering Options + +; Defines the reaction of Suhosin on a filter violation. +;suhosin.filter.action = + +; Defines the maximum depth an array variable may have, when registered through +; the COOKIE. +;suhosin.cookie.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; the COOKIE. +;suhosin.cookie.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the COOKIE. For array variables this is the name in front of the indices. +;suhosin.cookie.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; the COOKIE. For array variables this includes all indices. +;suhosin.cookie.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the +; COOKIE. +;suhosin.cookie.max_value_length = 10000 + +; Defines the maximum number of variables that may be registered through the +; COOKIE. +;suhosin.cookie.max_vars = 100 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.cookie.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; the URL +;suhosin.get.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; the URL +;suhosin.get.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the URL. For array variables this is the name in front of the indices. +;suhosin.get.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; the URL. For array variables this includes all indices. +;suhosin.get.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the URL. +;suhosin.get.max_value_length = 512 + +; Defines the maximum number of variables that may be registered through the +; URL. +;suhosin.get.max_vars = 100 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.get.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; a POST request. +;suhosin.post.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; a POST request. +;suhosin.post.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; a POST request. For array variables this is the name in front of the indices. +;suhosin.post.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; a POST request. For array variables this includes all indices. +;suhosin.post.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through a POST +; request. +;suhosin.post.max_value_length = 1000000 + +; Defines the maximum number of variables that may be registered through a POST +; request. +;suhosin.post.max_vars = 1000 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.post.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; GET , POST or COOKIE. This setting is also an upper limit for the separate +; GET, POST, COOKIE configuration directives. +;suhosin.request.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; GET, POST or COOKIE. This setting is also an upper limit for the separate +; GET, POST, COOKIE configuration directives. +;suhosin.request.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the COOKIE, the URL or through a POST request. This is the complete name +; string, including all indicies. This setting is also an upper limit for the +; separate GET, POST, COOKIE configuration directives. +;suhosin.request.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the +; COOKIE, the URL or through a POST request. This setting is also an upper +; limit for the variable origin specific configuration directives. +;suhosin.request.max_value_length = 1000000 + +; Defines the maximum number of variables that may be registered through the +; COOKIE, the URL or through a POST request. This setting is also an upper +; limit for the variable origin specific configuration directives. +;suhosin.request.max_vars = 1000 + +; Defines the maximum name length (excluding possible array indicies) of +; variables that may be registered through the COOKIE, the URL or through a +; POST request. This setting is also an upper limit for the variable origin +; specific configuration directives. +;suhosin.request.max_varname_length = 64 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.request.disallow_nul = 1 + +; When set to On the dangerous characters <>"'` are urlencoded when found +; not encoded in the server variables REQUEST_URI and QUERY_STRING. This +; will protect against some XSS vulnerabilities. +;suhosin.server.encode = 1 + +; When set to On the dangerous characters <>"'` are replaced with ? in +; the server variables PHP_SELF, PATH_TRANSLATED and PATH_INFO. This will +; protect against some XSS vulnerabilities. +;suhosin.server.strip = 1 + +; Defines the maximum number of files that may be uploaded with one request. +;suhosin.upload.max_uploads = 25 + +; When set to On it is not possible to upload ELF executables. +;suhosin.upload.disallow_elf = 1 + +; When set to On it is not possible to upload binary files. +;suhosin.upload.disallow_binary = 0 + +; When set to On binary content is removed from the uploaded files. +;suhosin.upload.remove_binary = 0 + +; This defines the full path to a verification script for uploaded files. The +; script gets the temporary filename supplied and has to decide if the upload +; is allowed. A possible application for this is to scan uploaded files for +; viruses. The called script has to write a 1 as first line to standard output +; to allow the upload. Any other value or no output at all will result in the +; file being deleted. +;suhosin.upload.verification_script = + +; Specifies the maximum length of the session identifier that is allowed. When +; a longer session identifier is passed a new session identifier will be +; created. This feature is important to fight bufferoverflows in 3rd party +; session handlers. +;suhosin.session.max_id_length = 128 + +; Undocumented: Controls if suhosin coredumps when the optional suhosin patch +; detects a bufferoverflow, memory corruption or double free. This is only +; for debugging purposes and should not be activated. +;suhosin.coredump = Off + +; Undocumented: Controls if the encryption keys specified by the configuration +; are shown in the phpinfo() output or if they are hidden from it +;suhosin.protectkey = 1 + +; Controls if suhosin loads in stealth mode when it is not the only +; zend_extension (Required for full compatibility with certain encoders +; that consider open source untrusted. e.g. ionCube, Zend) +;suhosin.stealth = 1 + +; Controls if suhosin's ini directives are changeable per directory +; because the admin might want to allow some features to be controlable +; by .htaccess and some not. For example the logging capabilities can +; break safemode and open_basedir restrictions when .htaccess support is +; allowed and the admin forgot to fix their values in httpd.conf +; An empty value or a 0 will result in all directives not allowed in +; .htaccess. The string "legcprsum" will allow logging, execution, get, +; post, cookie, request, sql, upload, misc features in .htaccess +;suhosin.perdir = "0" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d137 1 +a137 2 +; request. (Transparent features are NOT deactivated in simulation mode.) +; (since v0.9.30 affects (dis)allowed functions) +@ diff --git a/config-archive/etc/php/apache2-php5/php.ini,v b/config-archive/etc/php/apache2-php5/php.ini,v new file mode 100644 index 0000000..f78ceb5 --- /dev/null +++ b/config-archive/etc/php/apache2-php5/php.ini,v @@ -0,0 +1,1342 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.08.19.20.46.20; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.19.20.48.00; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;; +; WARNING ; +;;;;;;;;;;; +; This is the default settings file for new PHP installations. +; By default, PHP installs itself with a configuration suitable for +; development purposes, and *NOT* for production purposes. +; For several security-oriented considerations that should be taken +; before going online with your site, please consult php.ini-recommended +; and http://php.net/manual/en/security.php. + + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; This file controls many aspects of PHP's behavior. In order for PHP to +; read it, it must be named 'php.ini'. PHP looks for it in the current +; working directory, in the path designated by the environment variable +; PHPRC, and in the path that was defined in compile time (in that order). +; Under Windows, the compile-time path is the Windows directory. The +; path in which the php.ini file is looked for can be overridden using +; the -c argument in command line mode. +; +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. +; +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). +; +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT +; +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. +; +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: +; +; foo = ; sets foo to an empty string +; foo = none ; sets foo to an empty string +; foo = "none" ; sets foo to the string 'none' +; +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. +; +; +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; All the values in the php.ini-dist file correspond to the builtin +; defaults (that is, if no php.ini is used, or if you delete these lines, +; the builtin defaults will be identical). + + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +engine = On + +; Enable compatibility mode with Zend Engine 1 (PHP 4.x) +zend.ze1_compatibility_mode = Off + +; Allow the tags are recognized. +; NOTE: Using short tags should be avoided when developing applications or +; libraries that are meant for redistribution, or deployment on PHP +; servers which are not under your control, because short tags may not +; be supported on the target server. For portable, redistributable code, +; be sure not to use short tags. +short_open_tag = On + +; Allow ASP-style <% %> tags. +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +precision = 12 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +y2k_compliance = On + +; Output buffering allows you to send header lines (including cookies) even +; after you send body content, at the price of slowing PHP's output layer a +; bit. You can enable output buffering during runtime by calling the output +; buffering functions. You can also enable output buffering for all files by +; setting this directive to On. If you wish to limit the size of the buffer +; to a certain size - you can use a maximum number of bytes instead of 'On', as +; a value for this directive (e.g., output_buffering=4096). +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +zlib.output_compression = Off +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. +; A warning appears if the specified function is not defined, or if the +; function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func= + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; Whether to enable the ability to force arguments to be passed by reference +; at function call time. This method is deprecated and is likely to be +; unsupported in future versions of PHP/Zend. The encouraged method of +; specifying which arguments should be passed by reference is in the function +; declaration. You're encouraged to try and turn this option Off and make +; sure your scripts work properly with it in order to ensure they will work +; with future versions of the language (you will receive a warning each time +; you use this feature, and the argument will be passed by value instead of by +; reference). +allow_call_time_pass_reference = On + +; +; Safe Mode +; +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long request, which may end up +; being interrupted by the user or a browser timing out. +; ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; realpath_cache_size=16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; realpath_cache_ttl=120 + +; +; Misc +; +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +expose_php = On + + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +max_execution_time = 30 ; Maximum execution time of each script, in seconds +max_input_time = 60 ; Maximum amount of time each script may spend parsing request data +;max_input_nesting_level = 64 ; Maximum input variable nesting level +memory_limit = 128M ; Maximum amount of memory a script may consume (128MB) + + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; error_reporting is a bit-field. Or each number up to get desired error +; reporting level +; E_ALL - All errors and warnings (doesn't include E_STRICT) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; +; Examples: +; +; - Show all errors, except for notices and coding standards warnings +; +;error_reporting = E_ALL & ~E_NOTICE +; +; - Show all errors, except for notices +; +;error_reporting = E_ALL & ~E_NOTICE | E_STRICT +; +; - Show only errors +; +;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR +; +; - Show all errors except for notices and coding standards warnings +; +error_reporting = E_ALL & ~E_NOTICE + +; Print out errors (as a part of the output). For production web sites, +; you're strongly encouraged to turn this feature off, and use error logging +; instead (see below). Keeping display_errors enabled on a production web site +; may reveal security information to end users, such as file paths on your Web +; server, your database schema or other information. +; +; possible values for display_errors: +; +; Off - Do not display any errors +; stderr - Display errors to STDERR (affects only CGI/CLI binaries!) +; +;display_errors = "stderr" +; +; stdout (On) - Display errors to STDOUT +; +display_errors = On + +; Even when display_errors is on, errors that occur during PHP's startup +; sequence are not displayed. It's strongly recommended to keep +; display_startup_errors off, except for when debugging. +display_startup_errors = Off + +; Log errors into a log file (server-specific log, stderr, or error_log (below)) +; As stated above, you're strongly advised to use error logging in place of +; error displaying on production web sites. +log_errors = Off + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +report_memleaks = On + +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +;xmlrpc_errors = 0 +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; Disable the inclusion of HTML tags in error messages. +; Note: Never use this feature for production boxes. +;html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://www.php.net/docs.php +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. +; Note: Never use this feature for production boxes. +;docref_root = "/phpmanual/" +;docref_ext = .html + +; String to output before an error message. +;error_prepend_string = "" + +; String to output after an error message. +;error_append_string = "" + +; Log errors to specified file. +;error_log = filename + +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; +; +; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 + +; The separator used in PHP generated URLs to separate arguments. +; Default is "&". +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; Default is "&". +; NOTE: Every character in this directive is considered as separator! +;arg_separator.input = ";&" + +; This directive describes the order in which PHP registers GET, POST, Cookie, +; Environment and Built-in variables (G, P, C, E & S respectively, often +; referred to as EGPCS or GPC). Registration is done from left to right, newer +; values override older values. +variables_order = "EGPCS" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. This makes most sense when coupled with track_vars - in which +; case you can access all of the GPC variables through the $HTTP_*_VARS[], +; variables. +; +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +register_globals = Off + +; Whether or not to register the old-style input arrays, HTTP_GET_VARS +; and friends. If you're not using them, it's recommended to turn them off, +; for performance reasons. +register_long_arrays = On + +; This directive tells PHP whether to declare the argv&argc variables (that +; would contain the GET information). If you don't use these variables, you +; should turn it off for increased performance. +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +post_max_size = 8M + +; Magic quotes +; + +; Magic quotes for incoming GET/POST/Cookie data. +magic_quotes_gpc = On + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +magic_quotes_sybase = Off + +; Automatically add files before or after any PHP document. +auto_prepend_file = +auto_append_file = + +; As of 4.0b4, PHP always outputs a character encoding by default in +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +default_mimetype = "text/html" +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. +;always_populate_raw_post_data = On + + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +user_dir = + +; Directory in which the loadable extensions (modules) reside. +extension_dir = /usr/lib64/php5/lib/php/extensions/no-debug-non-zts-20060613 + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. +; cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; cgi.fix_pathinfo=0 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection +; fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +;cgi.rfc2616_headers = 0 + + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +upload_max_filesize = 2M + + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +allow_url_include = Off + +; Define the anonymous ftp password (your email address) +;from="john@@doe.com" + +; Define the User-Agent string +; user_agent="PHP" + +; Default timeout for socket based streams (seconds) +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; auto_detect_line_endings = Off + + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; +; +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; Note that it should be the name of the module only; no directory information +; needs to go here. Specify the location of the extension with the +; extension_dir directive above. + + +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. + +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_dbase.dll +;extension=php_exif.dll +;extension=php_fdf.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_ifx.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_mcrypt.dll +;extension=php_mhash.dll +;extension=php_mime_magic.dll +;extension=php_ming.dll +;extension=php_msql.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll +;extension=php_openssl.dll +;extension=php_pdo.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_oci8.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +;date.timezone = + +;date.default_latitude = 31.7667 +;date.default_longitude = 35.2333 + +;date.sunrise_zenith = 90.583333 +;date.sunset_zenith = 90.583333 + +[filter] +;filter.default = unsafe_raw +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[sqlite] +;sqlite.assoc_case = 0 + +[Pcre] +;PCRE library backtracking limit. +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +;pcre.recursion_limit=100000 + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +define_syslog_variables = Off + +[mail function] +; For Win32 only. +SMTP = localhost +smtp_port = 25 + +; For Win32 only. +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +[SQL] +sql.safe_mode = Off + +[ODBC] +;odbc.default_db = Not yet implemented +;odbc.default_user = Not yet implemented +;odbc.default_pw = Not yet implemented + +; Allow or prevent persistent links. +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of uodbc.defaultlrl and uodbc.defaultbinmode +odbc.defaultbinmode = 1 + +[MySQL] +; Allow or prevent persistent links. +mysql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of links. -1 means no limit. +mysqli.max_links = -1 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mSQL] +; Allow or prevent persistent links. +msql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +msql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +msql.max_links = -1 + +[OCI8] +; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA) +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +;oci8.ping_interval = 60 + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +;oci8.default_prefetch = 10 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +pgsql.log_notice = 0 + +[Sybase] +; Allow or prevent persistent links. +sybase.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybase.max_links = -1 + +;sybase.interface_file = "/usr/sybase/interfaces" + +; Minimum error severity to display. +sybase.min_error_severity = 10 + +; Minimum message severity to display. +sybase.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +; If on, this will cause PHP to automatically assign types to results according +; to their Sybase type, instead of treating them all as strings. This +; compatibility mode will probably not stay around forever, so try applying +; whatever necessary changes to your code, and turn it off. +sybase.compatability_mode = Off + +[Sybase-CT] +; Allow or prevent persistent links. +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybct.max_links = -1 + +; Minimum server message severity to display. +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +sybct.min_client_severity = 10 + +[bcmath] +; Number of decimal digits for all bcmath functions. +bcmath.scale = 0 + +[browscap] +;browscap = extra/browscap.ini + +[Informix] +; Default host for ifx_connect() (doesn't apply in safe mode). +ifx.default_host = + +; Default user for ifx_connect() (doesn't apply in safe mode). +ifx.default_user = + +; Default password for ifx_connect() (doesn't apply in safe mode). +ifx.default_password = + +; Allow or prevent persistent links. +ifx.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +ifx.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ifx.max_links = -1 + +; If on, select statements return the contents of a text blob instead of its id. +ifx.textasvarchar = 0 + +; If on, select statements return the contents of a byte blob instead of its id. +ifx.byteasvarchar = 0 + +; Trailing blanks are stripped from fixed-length char columns. May help the +; life of Informix SE users. +ifx.charasvarchar = 0 + +; If on, the contents of text and byte blobs are dumped to a file instead of +; keeping them in memory. +ifx.blobinfile = 0 + +; NULL's are returned as empty strings, unless this is set to 1. In that case, +; NULL's are returned as string 'NULL'. +ifx.nullformat = 0 + +[Session] +; Handler used to store/retrieve data. +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; As of PHP 4.0.1, you can define the path as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +;session.save_path = "/tmp" + +; Whether to use cookies. +session.use_cookies = 1 + +;session.cookie_secure = + +; This option enables administrators to make their users invulnerable to +; attacks which involve passing session ids in URLs; defaults to 0. +; session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +session.name = PHPSESSID + +; Initialize session on request startup. +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +session.cookie_path = / + +; The domain for which the cookie is valid. +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +session.serialize_handler = php + +; Define the probability that the 'garbage collection' process is started +; on every session initialization. +; The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts +; on each request. + +session.gc_probability = 1 +session.gc_divisor = 100 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, albeit register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. + +session.bug_compat_42 = 1 +session.bug_compat_warn = 1 + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +session.referer_check = + +; How many bytes to read from the file. +session.entropy_length = 0 + +; Specified here to create the session id. +session.entropy_file = + +;session.entropy_length = 16 + +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +session.cache_limiter = nocache + +; Document expires after n minutes. +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +session.use_trans_sid = 0 + +; Select a hash function +; 0: MD5 (128 bits) +; 1: SHA-1 (160 bits) +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; +; 4 bits: 0-9, a-f +; 5 bits: 0-9, a-v +; 6 bits: 0-9, a-z, A-Z, "-", "," +session.hash_bits_per_character = 4 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +;assert.active = On + +; Issue a PHP warning for each failed assertion. +;assert.warning = On + +; Don't bail out by default. +;assert.bail = Off + +; User-function to be called if an assertion fails. +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +;com.typelib_file = +; allow Distributed-COM calls +;com.allow_dcom = true +; autoregister constants of a components typlib on com_load() +;com.autoregister_typelib = true +; register constants casesensitive +;com.autoregister_casesensitive = false +; show warnings on duplicate constant registrations +;com.autoregister_verbose = true + +[mbstring] +; language for internal character representation. +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +;mbstring.func_overload = 0 + +[FrontBase] +;fbsql.allow_persistent = On +;fbsql.autocommit = On +;fbsql.show_timestamp_decimals = Off +;fbsql.default_database = +;fbsql.default_database_password = +;fbsql.default_host = +;fbsql.default_password = +;fbsql.default_user = "_SYSTEM" +;fbsql.generate_warnings = Off +;fbsql.max_connections = 128 +;fbsql.max_links = 128 +;fbsql.max_persistent = -1 +;fbsql.max_results = 128 + +[gd] +; Tell the jpeg decode to libjpeg warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +;exif.encode_unicode = ISO-8859-15 +;exif.decode_unicode_motorola = UCS-2BE +;exif.decode_unicode_intel = UCS-2LE +;exif.encode_jis = +;exif.decode_jis_motorola = JIS +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +soap.wsdl_cache_enabled=1 +; Sets the directory name where SOAP extension will put cache files. +soap.wsdl_cache_dir="/tmp" +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +soap.wsdl_cache_ttl=86400 + +; Local Variables: +; tab-width: 4 +; End: + +; MySQL extensions default connection charset settings +;mysql.connect_charset = utf8 +;mysqli.connect_charset = utf8 +;pdo_mysql.connect_charset = utf8 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d248 1 +a248 1 +expose_php = Off +d491 1 +a491 1 +extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 +d563 1 +a563 1 +allow_url_fopen = On +d995 1 +a995 1 +session.save_path = "/tmp" +d1287 5 +@ diff --git a/config-archive/etc/php/cgi-php5.3/php.ini,v b/config-archive/etc/php/cgi-php5.3/php.ini,v new file mode 100644 index 0000000..e07193f --- /dev/null +++ b/config-archive/etc/php/cgi-php5.3/php.ini,v @@ -0,0 +1,1943 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.12.15; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d320 1 +a320 1 +serialize_precision = 17 +d624 1 +a624 1 +;error_prepend_string = "" +d630 1 +a630 1 +;error_append_string = "" +a974 3 + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +a975 1 + +@ diff --git a/config-archive/etc/php/cgi-php5/ext/suhosin.ini,v b/config-archive/etc/php/cgi-php5/ext/suhosin.ini,v new file mode 100644 index 0000000..ae0df4c --- /dev/null +++ b/config-archive/etc/php/cgi-php5/ext/suhosin.ini,v @@ -0,0 +1,486 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.05.08.51.50; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.07.05.08.52.13; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@extension = suhosin.so + +; ----------------------------------------------------------------------------- +; This file was taken from Mandriva Linux with their permission +; ----------------------------------------------------------------------------- + +[suhosin] + +; ----------------------------------------------------------------------------- +; Logging Options + +; Defines what classes of security alerts are logged to the syslog daemon. +; Logging of errors of the class S_MEMORY are always logged to syslog, no +; matter what this configuration says, because a corrupted heap could mean that +; the other logging options will malfunction during the logging process. +;suhosin.log.syslog = + +; Defines the syslog facility that is used when ALERTs are logged to syslog. +;suhosin.log.syslog.facility = + +; Defines the syslog priority that is used when ALERTs are logged to syslog. +;suhosin.log.syslog.priority = + +; Defines what classes of security alerts are logged through the SAPI error log. +;suhosin.log.sapi = + +; Defines what classes of security alerts are logged through the external +; logging. +;suhosin.log.script = + +; Defines what classes of security alerts are logged through the defined PHP +; script. +;suhosin.log.phpscript = 0 + +; Defines the full path to a external logging script. The script is called with +; 2 parameters. The first one is the alert class in string notation and the +; second parameter is the log message. This can be used for example to mail +; failing MySQL queries to your email address, because on a production system +; these things should never happen. +;suhosin.log.script.name = + +; Defines the full path to a PHP logging script. The script is called with 2 +; variables registered in the current scope: SUHOSIN_ERRORCLASS and +; SUHOSIN_ERROR. The first one is the alert class and the second variable is +; the log message. This can be used for example to mail attempted remote URL +; include attacks to your email address. +;suhosin.log.phpscript.name = + +; Undocumented +;suhosin.log.phpscript.is_safe = Off + +; When the Hardening-Patch logs an error the log message also contains the IP +; of the attacker. Usually this IP is retrieved from the REMOTE_ADDR SAPI +; environment variable. With this switch it is possible to change this behavior +; to read the IP from the X-Forwarded-For HTTP header. This is f.e. necessary +; when your PHP server runs behind a reverse proxy. +;suhosin.log.use-x-forwarded-for = Off + +; ----------------------------------------------------------------------------- +; Executor Options + +; Defines the maximum stack depth allowed by the executor before it stops the +; script. Without this function an endless recursion in a PHP script could +; crash the PHP executor or trigger the configured memory_limit. A value of +; "0" disables this feature. +;suhosin.executor.max_depth = 0 + +; Defines how many "../" an include filename needs to contain to be considered +; an attack and stopped. A value of "2" will block "../../etc/passwd", while a +; value of "3" will allow it. Most PHP applications should work flawlessly with +; values "4" or "5". A value of "0" disables this feature. +;suhosin.executor.include.max_traversal = 0 + +; Comma separated whitelist of URL schemes that are allowed to be included from +; include or require statements. Additionally to URL schemes it is possible to +; specify the beginning of allowed URLs. (f.e.: php://stdin) If no whitelist is +; specified, then the blacklist is evaluated. +;suhosin.executor.include.whitelist = + +; Comma separated blacklist of URL schemes that are not allowed to be included +; from include or require statements. Additionally to URL schemes it is +; possible to specify the beginning of allowed URLs. (f.e.: php://stdin) If no +; blacklist and no whitelist is specified all URL schemes are forbidden. +;suhosin.executor.include.blacklist = + +; Defines if PHP is allows to run code from files that are writable by the +; current process. If a file is created or modified by a PHP process, there +; is a potential danger of code injection. Only turn this on if you are sure +; that your application does not require writable PHP files. +;suhosin.executor.include.allow_writable_files = On + +; Comma separated whitelist of functions that are allowed to be called. If the +; whitelist is empty the blacklist is evaluated, otherwise calling a function +; not in the whitelist will terminate the script and get logged. +;suhosin.executor.func.whitelist = + +; Comma separated blacklist of functions that are not allowed to be called. If +; no whitelist is given, calling a function within the blacklist will terminate +; the script and get logged. +;suhosin.executor.func.blacklist = + +; Comma separated whitelist of functions that are allowed to be called from +; within eval(). If the whitelist is empty the blacklist is evaluated, +; otherwise calling a function not in the whitelist will terminate the script +; and get logged. +;suhosin.executor.eval.whitelist = + +; Comma separated blacklist of functions that are not allowed to be called from +; within eval(). If no whitelist is given, calling a function within the +; blacklist will terminate the script and get logged. +;suhosin.executor.eval.blacklist = + +; eval() is a very dangerous statement and therefore you might want to disable +; it completely. Deactivating it will however break lots of scripts. Because +; every violation is logged, this allows finding all places where eval() is +; used. +;suhosin.executor.disable_eval = Off + +; The /e modifier inside preg_replace() allows code execution. Often it is the +; cause for remote code execution exploits. It is wise to deactivate this +; feature and test where in the application it is used. The developer using the +; /e modifier should be made aware that he should use preg_replace_callback() +; instead. +;suhosin.executor.disable_emodifier = Off + +; This flag reactivates symlink() when open_basedir is used, which is disabled +; by default in Suhosin >= 0.9.6. Allowing symlink() while open_basedir is used +; is actually a security risk. +;suhosin.executor.allow_symlink = Off + +; ----------------------------------------------------------------------------- +; Misc Options + +; If you fear that Suhosin breaks your application, you can activate Suhosin's +; simulation mode with this flag. When Suhosin runs in simulation mode, +; violations are logged as usual, but nothing is blocked or removed from the +; request. (Transparent Encryptions are NOT deactivated in simulation mode.) +;suhosin.simulation = Off + +; APC 3.0.12(p1/p2) uses reserved resources without requesting a resource slot +; first. It always uses resource slot 0. If Suhosin got this slot assigned APC +; will overwrite the information Suhosin stores in this slot. When this flag is +; set Suhosin will request 2 Slots and use the second one. This allows working +; correctly with these buggy APC versions. +;suhosin.apc_bug_workaround = Off + +; When a SQL Query fails scripts often spit out a bunch of useful information +; for possible attackers. When this configuration directive is turned on, the +; script will silently terminate, after the problem has been logged. (This is +; not yet supported) +;suhosin.sql.bailout_on_error = Off + +; This is an experimental feature for shared environments. With this +; configuration option it is possible to specify a prefix that is automatically +; prepended to the database username, whenever a database connection is made. +; (Unless the username starts with the prefix) +;suhosin.sql.user_prefix = + +; This is an experimental feature for shared environments. With this +; configuration option it is possible to specify a postfix that is +; automatically appended to the database username, whenever a database +; connection is made. (Unless the username end with the postfix) +; +; With this feature it is possible for shared hosters to disallow customers to +; connect with the usernames of other customers. This feature is experimental, +; because support for PDO and PostgreSQL are not yet implemented. +;suhosin.sql.user_postfix = + +; This directive controls if multiple headers are allowed or not in a header() +; call. By default the Hardening-Patch forbids this. (HTTP headers spanning +; multiple lines are still allowed). +;suhosin.multiheader = Off + +; This directive controls if the mail() header protection is activated or not +; and to what degree it is activated. The appended table lists the possible +; activation levels. +suhosin.mail.protect = 1 + +; As long scripts are not running within safe_mode they are free to change the +; memory_limit to whatever value they want. Suhosin changes this fact and +; disallows setting the memory_limit to a value greater than the one the script +; started with, when this option is left at 0. A value greater than 0 means +; that Suhosin will disallows scripts setting the memory_limit to a value above +; this configured hard limit. This is for example usefull if you want to run +; the script normaly with a limit of 16M but image processing scripts may raise +; it to 20M. +;suhosin.memory_limit = 0 + +; ----------------------------------------------------------------------------- +; Transparent Encryption Options + +; Flag that decides if the transparent session encryption is activated or not. +;suhosin.session.encrypt = On + +; Session data can be encrypted transparently. The encryption key used consists +; of this user defined string (which can be altered by a script via ini_set()) +; and optionally the User-Agent, the Document-Root and 0-4 Octects of the +; REMOTE_ADDR. +;suhosin.session.cryptkey = + +; Flag that decides if the transparent session encryption key depends on the +; User-Agent field. (When activated this feature transparently adds a little +; bit protection against session fixation/hijacking attacks) +;suhosin.session.cryptua = On + +; Flag that decides if the transparent session encryption key depends on the +; Documentroot field. +;suhosin.session.cryptdocroot = On + +; Number of octets (0-4) from the REMOTE_ADDR that the transparent session +; encryption key depends on. Keep in mind that this should not be used on sites +; that have visitors from big ISPs, because their IP address often changes +; during a session. But this feature might be interesting for admin interfaces +; or intranets. When used wisely this is a transparent protection against +; session hijacking/fixation. +;suhosin.session.cryptraddr = 0 + +; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the +; session. The difference to suhosin.session.cryptaddr is, that the IP is not +; part of the encryption key, so that the same session can be used for +; different areas with different protection levels on the site. +;suhosin.session.checkraddr = 0 + +; Flag that decides if the transparent cookie encryption is activated or not. +;suhosin.cookie.encrypt = 0 + +; Cookies can be encrypted transparently. The encryption key used consists of +; this user defined string and optionally the User-Agent, the Document-Root and +; 0-4 Octects of the REMOTE_ADDR. +;suhosin.cookie.cryptkey = + +; Flag that decides if the transparent session encryption key depends on the +; User-Agent field. (When activated this feature transparently adds a little +; bit protection against session fixation/hijacking attacks (if only session +; cookies are allowed)) +;suhosin.cookie.cryptua = On + +; Flag that decides if the transparent cookie encryption key depends on the +; Documentroot field. +;suhosin.cookie.cryptdocroot = On + +; Number of octets (0-4) from the REMOTE_ADDR that the transparent cookie +; encryption key depends on. Keep in mind that this should not be used on sites +; that have visitors from big ISPs, because their IP address often changes +; during a session. But this feature might be interesting for admin interfaces +; or intranets. When used wisely this is a transparent protection against +; session hijacking/fixation. +;suhosin.cookie.cryptraddr = 0 + +; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the +; cookie. The difference to suhosin.cookie.cryptaddr is, that the IP is not +; part of the encryption key, so that the same cookie can be used for different +; areas with different protection levels on the site. +;suhosin.cookie.checkraddr = 0 + +; In case not all cookies are supposed to get encrypted this is a comma +; separated list of cookie names that should get encrypted. All other cookies +; will not get touched. +;suhosin.cookie.cryptlist = + +; In case some cookies should not be crypted this is a comma separated list of +; cookies that do not get encrypted. All other cookies will be encrypted. +;suhosin.cookie.plainlist = + +; ----------------------------------------------------------------------------- +; Filtering Options + +; Defines the reaction of Suhosin on a filter violation. +;suhosin.filter.action = + +; Defines the maximum depth an array variable may have, when registered through +; the COOKIE. +;suhosin.cookie.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; the COOKIE. +;suhosin.cookie.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the COOKIE. For array variables this is the name in front of the indices. +;suhosin.cookie.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; the COOKIE. For array variables this includes all indices. +;suhosin.cookie.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the +; COOKIE. +;suhosin.cookie.max_value_length = 10000 + +; Defines the maximum number of variables that may be registered through the +; COOKIE. +;suhosin.cookie.max_vars = 100 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.cookie.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; the URL +;suhosin.get.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; the URL +;suhosin.get.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the URL. For array variables this is the name in front of the indices. +;suhosin.get.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; the URL. For array variables this includes all indices. +;suhosin.get.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the URL. +;suhosin.get.max_value_length = 512 + +; Defines the maximum number of variables that may be registered through the +; URL. +;suhosin.get.max_vars = 100 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.get.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; a POST request. +;suhosin.post.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; a POST request. +;suhosin.post.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; a POST request. For array variables this is the name in front of the indices. +;suhosin.post.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; a POST request. For array variables this includes all indices. +;suhosin.post.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through a POST +; request. +;suhosin.post.max_value_length = 1000000 + +; Defines the maximum number of variables that may be registered through a POST +; request. +;suhosin.post.max_vars = 1000 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.post.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; GET , POST or COOKIE. This setting is also an upper limit for the separate +; GET, POST, COOKIE configuration directives. +;suhosin.request.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; GET, POST or COOKIE. This setting is also an upper limit for the separate +; GET, POST, COOKIE configuration directives. +;suhosin.request.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the COOKIE, the URL or through a POST request. This is the complete name +; string, including all indicies. This setting is also an upper limit for the +; separate GET, POST, COOKIE configuration directives. +;suhosin.request.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the +; COOKIE, the URL or through a POST request. This setting is also an upper +; limit for the variable origin specific configuration directives. +;suhosin.request.max_value_length = 1000000 + +; Defines the maximum number of variables that may be registered through the +; COOKIE, the URL or through a POST request. This setting is also an upper +; limit for the variable origin specific configuration directives. +;suhosin.request.max_vars = 1000 + +; Defines the maximum name length (excluding possible array indicies) of +; variables that may be registered through the COOKIE, the URL or through a +; POST request. This setting is also an upper limit for the variable origin +; specific configuration directives. +;suhosin.request.max_varname_length = 64 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.request.disallow_nul = 1 + +; When set to On the dangerous characters <>"'` are urlencoded when found +; not encoded in the server variables REQUEST_URI and QUERY_STRING. This +; will protect against some XSS vulnerabilities. +;suhosin.server.encode = 1 + +; When set to On the dangerous characters <>"'` are replaced with ? in +; the server variables PHP_SELF, PATH_TRANSLATED and PATH_INFO. This will +; protect against some XSS vulnerabilities. +;suhosin.server.strip = 1 + +; Defines the maximum number of files that may be uploaded with one request. +;suhosin.upload.max_uploads = 25 + +; When set to On it is not possible to upload ELF executables. +;suhosin.upload.disallow_elf = 1 + +; When set to On it is not possible to upload binary files. +;suhosin.upload.disallow_binary = 0 + +; When set to On binary content is removed from the uploaded files. +;suhosin.upload.remove_binary = 0 + +; This defines the full path to a verification script for uploaded files. The +; script gets the temporary filename supplied and has to decide if the upload +; is allowed. A possible application for this is to scan uploaded files for +; viruses. The called script has to write a 1 as first line to standard output +; to allow the upload. Any other value or no output at all will result in the +; file being deleted. +;suhosin.upload.verification_script = + +; Specifies the maximum length of the session identifier that is allowed. When +; a longer session identifier is passed a new session identifier will be +; created. This feature is important to fight bufferoverflows in 3rd party +; session handlers. +;suhosin.session.max_id_length = 128 + +; Undocumented: Controls if suhosin coredumps when the optional suhosin patch +; detects a bufferoverflow, memory corruption or double free. This is only +; for debugging purposes and should not be activated. +;suhosin.coredump = Off + +; Undocumented: Controls if the encryption keys specified by the configuration +; are shown in the phpinfo() output or if they are hidden from it +;suhosin.protectkey = 1 + +; Controls if suhosin loads in stealth mode when it is not the only +; zend_extension (Required for full compatibility with certain encoders +; that consider open source untrusted. e.g. ionCube, Zend) +;suhosin.stealth = 1 + +; Controls if suhosin's ini directives are changeable per directory +; because the admin might want to allow some features to be controlable +; by .htaccess and some not. For example the logging capabilities can +; break safemode and open_basedir restrictions when .htaccess support is +; allowed and the admin forgot to fix their values in httpd.conf +; An empty value or a 0 will result in all directives not allowed in +; .htaccess. The string "legcprsum" will allow logging, execution, get, +; post, cookie, request, sql, upload, misc features in .htaccess +;suhosin.perdir = "0" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d137 1 +a137 2 +; request. (Transparent features are NOT deactivated in simulation mode.) +; (since v0.9.30 affects (dis)allowed functions) +@ diff --git a/config-archive/etc/php/cgi-php5/php.ini,v b/config-archive/etc/php/cgi-php5/php.ini,v new file mode 100644 index 0000000..41e9756 --- /dev/null +++ b/config-archive/etc/php/cgi-php5/php.ini,v @@ -0,0 +1,2693 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2010.10.30.19.30.29; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.19.20.46.20; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.19.20.48.28; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.10.30.19.31.35; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;; +; WARNING ; +;;;;;;;;;;; +; This is the default settings file for new PHP installations. +; By default, PHP installs itself with a configuration suitable for +; development purposes, and *NOT* for production purposes. +; For several security-oriented considerations that should be taken +; before going online with your site, please consult php.ini-recommended +; and http://php.net/manual/en/security.php. + + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; This file controls many aspects of PHP's behavior. In order for PHP to +; read it, it must be named 'php.ini'. PHP looks for it in the current +; working directory, in the path designated by the environment variable +; PHPRC, and in the path that was defined in compile time (in that order). +; Under Windows, the compile-time path is the Windows directory. The +; path in which the php.ini file is looked for can be overridden using +; the -c argument in command line mode. +; +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. +; +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). +; +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT +; +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. +; +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: +; +; foo = ; sets foo to an empty string +; foo = none ; sets foo to an empty string +; foo = "none" ; sets foo to the string 'none' +; +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. +; +; +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; All the values in the php.ini-dist file correspond to the builtin +; defaults (that is, if no php.ini is used, or if you delete these lines, +; the builtin defaults will be identical). + + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +engine = On + +; Enable compatibility mode with Zend Engine 1 (PHP 4.x) +zend.ze1_compatibility_mode = Off + +; Allow the tags are recognized. +; NOTE: Using short tags should be avoided when developing applications or +; libraries that are meant for redistribution, or deployment on PHP +; servers which are not under your control, because short tags may not +; be supported on the target server. For portable, redistributable code, +; be sure not to use short tags. +short_open_tag = On + +; Allow ASP-style <% %> tags. +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +precision = 12 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +y2k_compliance = On + +; Output buffering allows you to send header lines (including cookies) even +; after you send body content, at the price of slowing PHP's output layer a +; bit. You can enable output buffering during runtime by calling the output +; buffering functions. You can also enable output buffering for all files by +; setting this directive to On. If you wish to limit the size of the buffer +; to a certain size - you can use a maximum number of bytes instead of 'On', as +; a value for this directive (e.g., output_buffering=4096). +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +zlib.output_compression = Off +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. +; A warning appears if the specified function is not defined, or if the +; function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func= + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; Whether to enable the ability to force arguments to be passed by reference +; at function call time. This method is deprecated and is likely to be +; unsupported in future versions of PHP/Zend. The encouraged method of +; specifying which arguments should be passed by reference is in the function +; declaration. You're encouraged to try and turn this option Off and make +; sure your scripts work properly with it in order to ensure they will work +; with future versions of the language (you will receive a warning each time +; you use this feature, and the argument will be passed by value instead of by +; reference). +allow_call_time_pass_reference = On + +; +; Safe Mode +; +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long request, which may end up +; being interrupted by the user or a browser timing out. +; ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; realpath_cache_size=16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; realpath_cache_ttl=120 + +; +; Misc +; +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +expose_php = On + + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +max_execution_time = 30 ; Maximum execution time of each script, in seconds +max_input_time = 60 ; Maximum amount of time each script may spend parsing request data +;max_input_nesting_level = 64 ; Maximum input variable nesting level +memory_limit = 128M ; Maximum amount of memory a script may consume (128MB) + + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; error_reporting is a bit-field. Or each number up to get desired error +; reporting level +; E_ALL - All errors and warnings (doesn't include E_STRICT) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; +; Examples: +; +; - Show all errors, except for notices and coding standards warnings +; +;error_reporting = E_ALL & ~E_NOTICE +; +; - Show all errors, except for notices +; +;error_reporting = E_ALL & ~E_NOTICE | E_STRICT +; +; - Show only errors +; +;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR +; +; - Show all errors except for notices and coding standards warnings +; +error_reporting = E_ALL & ~E_NOTICE + +; Print out errors (as a part of the output). For production web sites, +; you're strongly encouraged to turn this feature off, and use error logging +; instead (see below). Keeping display_errors enabled on a production web site +; may reveal security information to end users, such as file paths on your Web +; server, your database schema or other information. +; +; possible values for display_errors: +; +; Off - Do not display any errors +; stderr - Display errors to STDERR (affects only CGI/CLI binaries!) +; +;display_errors = "stderr" +; +; stdout (On) - Display errors to STDOUT +; +display_errors = On + +; Even when display_errors is on, errors that occur during PHP's startup +; sequence are not displayed. It's strongly recommended to keep +; display_startup_errors off, except for when debugging. +display_startup_errors = Off + +; Log errors into a log file (server-specific log, stderr, or error_log (below)) +; As stated above, you're strongly advised to use error logging in place of +; error displaying on production web sites. +log_errors = Off + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +report_memleaks = On + +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +;xmlrpc_errors = 0 +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; Disable the inclusion of HTML tags in error messages. +; Note: Never use this feature for production boxes. +;html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://www.php.net/docs.php +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. +; Note: Never use this feature for production boxes. +;docref_root = "/phpmanual/" +;docref_ext = .html + +; String to output before an error message. +;error_prepend_string = "" + +; String to output after an error message. +;error_append_string = "" + +; Log errors to specified file. +;error_log = filename + +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; +; +; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 + +; The separator used in PHP generated URLs to separate arguments. +; Default is "&". +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; Default is "&". +; NOTE: Every character in this directive is considered as separator! +;arg_separator.input = ";&" + +; This directive describes the order in which PHP registers GET, POST, Cookie, +; Environment and Built-in variables (G, P, C, E & S respectively, often +; referred to as EGPCS or GPC). Registration is done from left to right, newer +; values override older values. +variables_order = "EGPCS" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. This makes most sense when coupled with track_vars - in which +; case you can access all of the GPC variables through the $HTTP_*_VARS[], +; variables. +; +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +register_globals = Off + +; Whether or not to register the old-style input arrays, HTTP_GET_VARS +; and friends. If you're not using them, it's recommended to turn them off, +; for performance reasons. +register_long_arrays = On + +; This directive tells PHP whether to declare the argv&argc variables (that +; would contain the GET information). If you don't use these variables, you +; should turn it off for increased performance. +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +post_max_size = 8M + +; Magic quotes +; + +; Magic quotes for incoming GET/POST/Cookie data. +magic_quotes_gpc = On + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +magic_quotes_sybase = Off + +; Automatically add files before or after any PHP document. +auto_prepend_file = +auto_append_file = + +; As of 4.0b4, PHP always outputs a character encoding by default in +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +default_mimetype = "text/html" +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. +;always_populate_raw_post_data = On + + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +user_dir = + +; Directory in which the loadable extensions (modules) reside. +extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. +; cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; cgi.fix_pathinfo=0 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection +; fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +;cgi.rfc2616_headers = 0 + + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +upload_max_filesize = 2M + + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +allow_url_include = Off + +; Define the anonymous ftp password (your email address) +;from="john@@doe.com" + +; Define the User-Agent string +; user_agent="PHP" + +; Default timeout for socket based streams (seconds) +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; auto_detect_line_endings = Off + + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; +; +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; Note that it should be the name of the module only; no directory information +; needs to go here. Specify the location of the extension with the +; extension_dir directive above. + + +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. + +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_dbase.dll +;extension=php_exif.dll +;extension=php_fdf.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_ifx.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_mcrypt.dll +;extension=php_mhash.dll +;extension=php_mime_magic.dll +;extension=php_ming.dll +;extension=php_msql.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll +;extension=php_openssl.dll +;extension=php_pdo.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_oci8.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +;date.timezone = + +;date.default_latitude = 31.7667 +;date.default_longitude = 35.2333 + +;date.sunrise_zenith = 90.583333 +;date.sunset_zenith = 90.583333 + +[filter] +;filter.default = unsafe_raw +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[sqlite] +;sqlite.assoc_case = 0 + +[Pcre] +;PCRE library backtracking limit. +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +;pcre.recursion_limit=100000 + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +define_syslog_variables = Off + +[mail function] +; For Win32 only. +SMTP = localhost +smtp_port = 25 + +; For Win32 only. +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +[SQL] +sql.safe_mode = Off + +[ODBC] +;odbc.default_db = Not yet implemented +;odbc.default_user = Not yet implemented +;odbc.default_pw = Not yet implemented + +; Allow or prevent persistent links. +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of uodbc.defaultlrl and uodbc.defaultbinmode +odbc.defaultbinmode = 1 + +[MySQL] +; Allow or prevent persistent links. +mysql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of links. -1 means no limit. +mysqli.max_links = -1 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mSQL] +; Allow or prevent persistent links. +msql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +msql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +msql.max_links = -1 + +[OCI8] +; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA) +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +;oci8.ping_interval = 60 + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +;oci8.default_prefetch = 10 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +pgsql.log_notice = 0 + +[Sybase] +; Allow or prevent persistent links. +sybase.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybase.max_links = -1 + +;sybase.interface_file = "/usr/sybase/interfaces" + +; Minimum error severity to display. +sybase.min_error_severity = 10 + +; Minimum message severity to display. +sybase.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +; If on, this will cause PHP to automatically assign types to results according +; to their Sybase type, instead of treating them all as strings. This +; compatibility mode will probably not stay around forever, so try applying +; whatever necessary changes to your code, and turn it off. +sybase.compatability_mode = Off + +[Sybase-CT] +; Allow or prevent persistent links. +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybct.max_links = -1 + +; Minimum server message severity to display. +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +sybct.min_client_severity = 10 + +[bcmath] +; Number of decimal digits for all bcmath functions. +bcmath.scale = 0 + +[browscap] +;browscap = extra/browscap.ini + +[Informix] +; Default host for ifx_connect() (doesn't apply in safe mode). +ifx.default_host = + +; Default user for ifx_connect() (doesn't apply in safe mode). +ifx.default_user = + +; Default password for ifx_connect() (doesn't apply in safe mode). +ifx.default_password = + +; Allow or prevent persistent links. +ifx.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +ifx.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ifx.max_links = -1 + +; If on, select statements return the contents of a text blob instead of its id. +ifx.textasvarchar = 0 + +; If on, select statements return the contents of a byte blob instead of its id. +ifx.byteasvarchar = 0 + +; Trailing blanks are stripped from fixed-length char columns. May help the +; life of Informix SE users. +ifx.charasvarchar = 0 + +; If on, the contents of text and byte blobs are dumped to a file instead of +; keeping them in memory. +ifx.blobinfile = 0 + +; NULL's are returned as empty strings, unless this is set to 1. In that case, +; NULL's are returned as string 'NULL'. +ifx.nullformat = 0 + +[Session] +; Handler used to store/retrieve data. +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; As of PHP 4.0.1, you can define the path as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +session.save_path = "/tmp" + +; Whether to use cookies. +session.use_cookies = 1 + +;session.cookie_secure = + +; This option enables administrators to make their users invulnerable to +; attacks which involve passing session ids in URLs; defaults to 0. +; session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +session.name = PHPSESSID + +; Initialize session on request startup. +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +session.cookie_path = / + +; The domain for which the cookie is valid. +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +session.serialize_handler = php + +; Define the probability that the 'garbage collection' process is started +; on every session initialization. +; The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts +; on each request. + +session.gc_probability = 1 +session.gc_divisor = 100 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, albeit register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. + +session.bug_compat_42 = 1 +session.bug_compat_warn = 1 + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +session.referer_check = + +; How many bytes to read from the file. +session.entropy_length = 0 + +; Specified here to create the session id. +session.entropy_file = + +;session.entropy_length = 16 + +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +session.cache_limiter = nocache + +; Document expires after n minutes. +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +session.use_trans_sid = 0 + +; Select a hash function +; 0: MD5 (128 bits) +; 1: SHA-1 (160 bits) +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; +; 4 bits: 0-9, a-f +; 5 bits: 0-9, a-v +; 6 bits: 0-9, a-z, A-Z, "-", "," +session.hash_bits_per_character = 4 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +;assert.active = On + +; Issue a PHP warning for each failed assertion. +;assert.warning = On + +; Don't bail out by default. +;assert.bail = Off + +; User-function to be called if an assertion fails. +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +;com.typelib_file = +; allow Distributed-COM calls +;com.allow_dcom = true +; autoregister constants of a components typlib on com_load() +;com.autoregister_typelib = true +; register constants casesensitive +;com.autoregister_casesensitive = false +; show warnings on duplicate constant registrations +;com.autoregister_verbose = true + +[mbstring] +; language for internal character representation. +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +;mbstring.func_overload = 0 + +[FrontBase] +;fbsql.allow_persistent = On +;fbsql.autocommit = On +;fbsql.show_timestamp_decimals = Off +;fbsql.default_database = +;fbsql.default_database_password = +;fbsql.default_host = +;fbsql.default_password = +;fbsql.default_user = "_SYSTEM" +;fbsql.generate_warnings = Off +;fbsql.max_connections = 128 +;fbsql.max_links = 128 +;fbsql.max_persistent = -1 +;fbsql.max_results = 128 + +[gd] +; Tell the jpeg decode to libjpeg warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +;exif.encode_unicode = ISO-8859-15 +;exif.decode_unicode_motorola = UCS-2BE +;exif.decode_unicode_intel = UCS-2LE +;exif.encode_jis = +;exif.decode_jis_motorola = JIS +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +soap.wsdl_cache_enabled=1 +; Sets the directory name where SOAP extension will put cache files. +soap.wsdl_cache_dir="/tmp" +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +soap.wsdl_cache_ttl=86400 + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d491 1 +a491 1 +extension_dir = /usr/lib64/php5/lib/php/extensions/no-debug-non-zts-20060613 +d995 1 +a995 1 +;session.save_path = "/tmp" +a1286 5 + +; MySQL extensions default connection charset settings +;mysql.connect_charset = utf8 +;mysqli.connect_charset = utf8 +;pdo_mysql.connect_charset = utf8 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d248 1 +a248 1 +expose_php = Off +d491 1 +a491 1 +extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 +d563 1 +a563 1 +allow_url_fopen = On +d995 1 +a995 1 +session.save_path = "/tmp" +d1287 5 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d3 11 +d17 8 +a24 16 +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +d29 1 +a29 10 + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +d33 1 +a33 4 +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +d36 2 +a37 3 +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +d39 5 +a43 6 +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +d46 1 +a46 1 + +d49 1 +a49 1 + +d51 3 +a53 3 +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +d57 2 +a58 1 + +d62 3 +a64 13 +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. +a65 119 +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 +a71 1 +; http://php.net/engine +d74 10 +a83 13 +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off +a85 1 +; http://php.net/asp-tags +d89 1 +a89 2 +; http://php.net/precision +precision = 14 +a91 1 +; http://php.net/y2k-compliance +d94 8 +a101 23 +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 +d108 3 +a110 3 +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +d112 1 +a112 1 +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +d114 1 +a114 2 +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +d121 3 +a123 3 +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +d125 1 +a125 2 +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +a126 2 + +; http://php.net/zlib.output-compression-level +a131 1 +; http://php.net/zlib.output-handler +a138 2 +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +d143 3 +a145 2 +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +d148 1 +a148 1 +unserialize_callback_func = +d155 10 +a164 13 +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off +d166 1 +d168 1 +a168 1 +; http://php.net/safe-mode +a173 1 +; http://php.net/safe-mode-gid +a179 1 +; http://php.net/safe-mode-include-dir +a183 1 +; http://php.net/safe-mode-exec-dir +d191 1 +d193 1 +a193 2 +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +a198 1 +; http://php.net/safe-mode-protected-env-vars +a204 1 +; http://php.net/open-basedir +a209 1 +; http://php.net/disable-functions +a214 1 +; http://php.net/disable-classes +a218 1 +; http://php.net/syntax-highlighting +d227 3 +a229 5 +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On +d234 1 +a234 2 +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k +d239 1 +a239 6 +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; +d241 3 +a247 1 +; http://php.net/expose-php +d250 1 +d255 5 +a259 22 +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M +d265 3 +a267 17 +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +d288 39 +a326 41 +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +d329 4 +a332 9 +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On +a335 1 +; http://php.net/log-errors-max-len +a339 1 +; http://php.net/ignore-repeated-errors +a344 1 +; http://php.net/ignore-repeated-source +a349 1 +; http://php.net/report-memleaks +a351 1 +; This setting is on by default. +d354 1 +a354 7 +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +a357 1 +; http://php.net/xmlrpc-errors +a358 1 + +d362 3 +a364 10 +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off +d368 1 +a368 1 +; You can download a copy of the PHP manual from http://php.net/docs +d371 1 +a371 1 +; the dot. PHP's default behavior is to leave these settings empty. +a372 2 +; http://php.net/docref-root +; Examples +a373 2 + +; http://php.net/docref-ext +d376 1 +a376 4 +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +d379 1 +a379 4 +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +d382 3 +a384 5 +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +d388 1 +d392 2 +d396 1 +a396 3 +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +d400 1 +a400 1 +; PHP's default setting is "&". +a401 2 +; http://php.net/arg-separator.input +; Example: +d404 5 +a408 26 +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" +d412 4 +a415 1 +; with user data. +a418 1 +; http://php.net/register-globals +d421 9 +a429 24 +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off +a435 1 +; http://php.net/auto-globals-jit +a438 1 +; http://php.net/post-max-size +d441 5 +a445 15 +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off +a447 1 +; http://php.net/magic-quotes-runtime +a450 1 +; http://php.net/magic-quotes-sybase +d453 1 +a453 2 +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +a454 3 + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +d457 1 +a457 1 +; By default, PHP will output a character encoding using +a461 1 +; http://php.net/default-mimetype +a462 3 + +; PHP's default character set is set to empty. +; http://php.net/default-charset +d465 1 +a465 3 +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +d468 1 +a477 3 +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path +a483 1 +; http://php.net/doc-root +a487 1 +; http://php.net/user-dir +d491 1 +a491 4 +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" +d496 1 +a496 2 +; http://php.net/enable-dl +enable_dl = Off +d502 1 +a502 2 +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 +d505 2 +a506 2 +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 +d512 1 +a512 2 +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; +d517 1 +a517 1 +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +d520 1 +a520 2 +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 +d527 1 +a527 2 +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; +d529 2 +a530 3 +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 +a536 1 +; http://php.net/cgi.rfc2616-headers +d539 1 +a544 1 +; http://php.net/file-uploads +a548 1 +; http://php.net/upload-tmp-dir +a551 1 +; http://php.net/upload-max-filesize +d554 1 +d563 1 +a563 2 +; http://php.net/allow-url-fopen +allow_url_fopen = Off +a565 1 +; http://php.net/allow-url-include +d568 1 +a568 3 +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +d571 2 +a572 3 +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" +a574 1 +; http://php.net/default-socket-timeout +d582 2 +a583 2 +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off +d588 1 +a588 1 + +d602 5 +a606 7 +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +d612 1 +a612 1 +; +d616 1 +d618 1 +a618 1 +;extension=php_fileinfo.dll +d622 1 +a622 1 +;extension=php_intl.dll +d627 3 +d631 1 +d635 1 +a635 2 +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +d637 1 +d642 1 +a646 1 +;extension=php_phar.dll +a652 1 +;extension=php_sqlite3.dll +a664 1 +; http://php.net/date.timezone +a666 1 +; http://php.net/date.default-latitude +a667 2 + +; http://php.net/date.default-longitude +a669 1 +; http://php.net/date.sunrise-zenith +a670 2 + +; http://php.net/date.sunset-zenith +a673 1 +; http://php.net/filter.default +a674 2 + +; http://php.net/filter.default-flags +a681 7 +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +a682 1 +; http://php.net/sqlite.assoc-case +a684 3 +[sqlite3] +;sqlite3.extension_dir = + +a686 1 +; http://php.net/pcre.backtrack-limit +d689 3 +a691 3 +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +a692 1 +; http://php.net/pcre.recursion-limit +a694 26 +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +a698 1 +; http://php.net/define-syslog-variables +a702 1 +; http://php.net/smtp +a703 1 +; http://php.net/smtp-port +a706 1 +; http://php.net/sendmail-from +a709 1 +; http://php.net/sendmail-path +a716 6 +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +a717 1 +; http://php.net/sql.safe-mode +a720 1 +; http://php.net/odbc.default-db +a721 2 + +; http://php.net/odbc.default-user +a722 2 + +; http://php.net/odbc.default-pw +a724 4 +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +a725 1 +; http://php.net/odbc.allow-persistent +a728 1 +; http://php.net/odbc.check-persistent +a731 1 +; http://php.net/odbc.max-persistent +a734 1 +; http://php.net/odbc.max-links +a738 1 +; http://php.net/odbc.defaultlrl +d743 1 +a743 2 +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +a745 33 +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +a746 4 +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +a747 1 +; http://php.net/mysql.allow-persistent +a749 4 +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +a750 1 +; http://php.net/mysql.max-persistent +a753 1 +; http://php.net/mysql.max-links +a759 1 +; http://php.net/mysql.default-port +a763 1 +; http://php.net/mysql.default-socket +a766 1 +; http://php.net/mysql.default-host +a769 1 +; http://php.net/mysql.default-user +a776 1 +; http://php.net/mysql.default-password +a779 1 +; http://php.net/mysql.connect-timeout +a783 1 +; http://php.net/mysql.trace-mode +a787 12 +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +a788 1 +; http://php.net/mysqli.max-links +a790 4 +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +a794 1 +; http://php.net/mysqli.default-port +a798 1 +; http://php.net/mysqli.default-socket +a801 1 +; http://php.net/mysqli.default-host +a804 1 +; http://php.net/mysqli.default-user +a811 1 +; http://php.net/mysqli.default-pw +d817 9 +a825 19 +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 +d828 1 +a828 4 + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +a832 1 +; http://php.net/oci8.max-persistent +a837 1 +; http://php.net/oci8.persistent-timeout +a843 1 +; http://php.net/oci8.ping-interval +a845 13 +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +a847 1 +; http://php.net/oci8.statement-cache-size +d852 1 +a852 2 +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 +a855 1 +; http://php.net/oci8.old-oci-close-semantics +a859 1 +; http://php.net/pgsql.allow-persistent +a863 1 +; http://php.net/pgsql.auto-reset-persistent +a866 1 +; http://php.net/pgsql.max-persistent +a869 1 +; http://php.net/pgsql.max-links +a873 1 +; http://php.net/pgsql.ignore-notice +a877 1 +; http://php.net/pgsql.log-notice +d880 25 +a906 1 +; http://php.net/sybct.allow-persistent +a909 1 +; http://php.net/sybct.max-persistent +a912 1 +; http://php.net/sybct.max-links +a915 1 +; http://php.net/sybct.min-server-severity +a918 1 +; http://php.net/sybct.min-client-severity +a920 18 +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +a922 1 +; http://php.net/bcmath.scale +a925 1 +; http://php.net/browscap +d928 37 +a966 1 +; http://php.net/session.save-handler +d973 1 +a973 1 +; The path can be defined as: +a994 1 +; http://php.net/session.save-path +a997 1 +; http://php.net/session.use-cookies +d1000 1 +a1000 2 +; http://php.net/session.cookie-secure +;session.cookie_secure = +d1002 3 +a1004 6 +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 +a1006 1 +; http://php.net/session.name +a1009 1 +; http://php.net/session.auto-start +a1012 1 +; http://php.net/session.cookie-lifetime +a1015 1 +; http://php.net/session.cookie-path +a1018 1 +; http://php.net/session.cookie-domain +d1022 1 +a1022 2 +; http://php.net/session.cookie-httponly +session.cookie_httponly = +a1024 1 +; http://php.net/session.serialize-handler +d1027 6 +a1032 10 +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +d1034 1 +a1034 14 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 +a1037 1 +; http://php.net/session.gc-maxlifetime +d1049 1 +a1049 1 +; to initialize a session variable in the global scope, even when register_globals +d1052 4 +a1055 20 +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off +a1059 1 +; http://php.net/session.referer-check +a1062 1 +; http://php.net/session.entropy-length +d1066 4 +a1069 4 +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +a1073 1 +; http://php.net/session.cache-limiter +a1076 1 +; http://php.net/session.cache-expire +a1087 1 +; http://php.net/session.use-trans-sid +d1090 3 +a1092 8 +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +d1097 5 +a1101 9 +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 +d1108 1 +a1108 5 +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" +d1157 1 +a1157 1 +; Specify client character set. +a1163 1 +; http://php.net/assert.active +a1166 1 +; http://php.net/assert.warning +a1169 1 +; http://php.net/assert.bail +a1172 1 +; http://php.net/assert.callback +a1176 1 +; http://php.net/assert.quiet-eval +a1180 1 +; http://php.net/com.typelib-file +a1181 1 + +a1182 1 +; http://php.net/com.allow-dcom +a1183 1 + +a1184 1 +; http://php.net/com.autoregister-typelib +a1185 1 + +a1186 1 +; http://php.net/com.autoregister-casesensitive +a1187 1 + +a1188 1 +; http://php.net/com.autoregister-verbose +a1190 4 +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +a1192 1 +; http://php.net/mbstring.language +a1197 1 +; http://php.net/mbstring.internal-encoding +a1200 1 +; http://php.net/mbstring.http-input +a1204 1 +; http://php.net/mbstring.http-output +a1211 1 +; http://php.net/mbstring.encoding-translation +a1215 1 +; http://php.net/mbstring.detect-order +a1219 1 +; http://php.net/mbstring.substitute-character +a1229 1 +; http://php.net/mbstring.func-overload +d1232 14 +a1245 11 +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= +d1248 1 +a1248 1 +; Tell the jpeg decode to ignore warnings and try to create +a1250 1 +; http://php.net/gd.jpeg-ignore-warning +a1258 1 +; http://php.net/exif.encode-unicode +a1259 2 + +; http://php.net/exif.decode-unicode-motorola +a1260 2 + +; http://php.net/exif.decode-unicode-intel +a1261 2 + +; http://php.net/exif.encode-jis +a1262 2 + +; http://php.net/exif.decode-jis-motorola +a1263 2 + +; http://php.net/exif.decode-jis-intel +a1267 1 +; http://php.net/tidy.default-config +a1272 1 +; http://php.net/tidy.clean-output +a1276 1 +; http://php.net/soap.wsdl-cache-enabled +a1277 1 + +a1278 1 +; http://php.net/soap.wsdl-cache-dir +d1280 1 +a1280 2 + +; (time to live) Sets the number of second while cached file will be used +a1281 1 +; http://php.net/soap.wsdl-cache-ttl +a1283 25 +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +@ diff --git a/config-archive/etc/php/cli-php5.3/php.ini,v b/config-archive/etc/php/cli-php5.3/php.ini,v new file mode 100644 index 0000000..2c926ae --- /dev/null +++ b/config-archive/etc/php/cli-php5.3/php.ini,v @@ -0,0 +1,1980 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.13.14; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +;error_reporting = E_ALL | E_STRICT +error_reporting = E_ALL + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +;log_errors = On +log_errors = stderr + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = On + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" +from="frank@@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d262 1 +a262 1 +output_buffering = 4096 +d320 1 +a320 1 +serialize_precision = 17 +d431 1 +a431 1 +expose_php = Off +d514 2 +a515 1 +error_reporting = E_ALL | E_STRICT +d532 1 +a532 1 +display_errors = On +d553 2 +a554 1 +log_errors = On +d626 1 +a626 1 +;error_prepend_string = "" +d632 1 +a632 1 +;error_append_string = "" +d703 1 +a703 1 +register_long_arrays = Off +d718 1 +a718 1 +register_argc_argv = Off +d817 1 +a817 1 +enable_dl = Off +d902 1 +a977 3 + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +a978 1 + +d1221 1 +a1221 1 +mysql.default_host = +d1272 1 +a1272 1 +mysqli.default_host = +d1488 1 +a1488 1 +session.name = PHPSESSID +@ diff --git a/config-archive/etc/php/cli-php5/ext/suhosin.ini,v b/config-archive/etc/php/cli-php5/ext/suhosin.ini,v new file mode 100644 index 0000000..aaab223 --- /dev/null +++ b/config-archive/etc/php/cli-php5/ext/suhosin.ini,v @@ -0,0 +1,486 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.05.08.51.50; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.07.05.08.52.14; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@extension = suhosin.so + +; ----------------------------------------------------------------------------- +; This file was taken from Mandriva Linux with their permission +; ----------------------------------------------------------------------------- + +[suhosin] + +; ----------------------------------------------------------------------------- +; Logging Options + +; Defines what classes of security alerts are logged to the syslog daemon. +; Logging of errors of the class S_MEMORY are always logged to syslog, no +; matter what this configuration says, because a corrupted heap could mean that +; the other logging options will malfunction during the logging process. +;suhosin.log.syslog = + +; Defines the syslog facility that is used when ALERTs are logged to syslog. +;suhosin.log.syslog.facility = + +; Defines the syslog priority that is used when ALERTs are logged to syslog. +;suhosin.log.syslog.priority = + +; Defines what classes of security alerts are logged through the SAPI error log. +;suhosin.log.sapi = + +; Defines what classes of security alerts are logged through the external +; logging. +;suhosin.log.script = + +; Defines what classes of security alerts are logged through the defined PHP +; script. +;suhosin.log.phpscript = 0 + +; Defines the full path to a external logging script. The script is called with +; 2 parameters. The first one is the alert class in string notation and the +; second parameter is the log message. This can be used for example to mail +; failing MySQL queries to your email address, because on a production system +; these things should never happen. +;suhosin.log.script.name = + +; Defines the full path to a PHP logging script. The script is called with 2 +; variables registered in the current scope: SUHOSIN_ERRORCLASS and +; SUHOSIN_ERROR. The first one is the alert class and the second variable is +; the log message. This can be used for example to mail attempted remote URL +; include attacks to your email address. +;suhosin.log.phpscript.name = + +; Undocumented +;suhosin.log.phpscript.is_safe = Off + +; When the Hardening-Patch logs an error the log message also contains the IP +; of the attacker. Usually this IP is retrieved from the REMOTE_ADDR SAPI +; environment variable. With this switch it is possible to change this behavior +; to read the IP from the X-Forwarded-For HTTP header. This is f.e. necessary +; when your PHP server runs behind a reverse proxy. +;suhosin.log.use-x-forwarded-for = Off + +; ----------------------------------------------------------------------------- +; Executor Options + +; Defines the maximum stack depth allowed by the executor before it stops the +; script. Without this function an endless recursion in a PHP script could +; crash the PHP executor or trigger the configured memory_limit. A value of +; "0" disables this feature. +;suhosin.executor.max_depth = 0 + +; Defines how many "../" an include filename needs to contain to be considered +; an attack and stopped. A value of "2" will block "../../etc/passwd", while a +; value of "3" will allow it. Most PHP applications should work flawlessly with +; values "4" or "5". A value of "0" disables this feature. +;suhosin.executor.include.max_traversal = 0 + +; Comma separated whitelist of URL schemes that are allowed to be included from +; include or require statements. Additionally to URL schemes it is possible to +; specify the beginning of allowed URLs. (f.e.: php://stdin) If no whitelist is +; specified, then the blacklist is evaluated. +;suhosin.executor.include.whitelist = + +; Comma separated blacklist of URL schemes that are not allowed to be included +; from include or require statements. Additionally to URL schemes it is +; possible to specify the beginning of allowed URLs. (f.e.: php://stdin) If no +; blacklist and no whitelist is specified all URL schemes are forbidden. +;suhosin.executor.include.blacklist = + +; Defines if PHP is allows to run code from files that are writable by the +; current process. If a file is created or modified by a PHP process, there +; is a potential danger of code injection. Only turn this on if you are sure +; that your application does not require writable PHP files. +;suhosin.executor.include.allow_writable_files = On + +; Comma separated whitelist of functions that are allowed to be called. If the +; whitelist is empty the blacklist is evaluated, otherwise calling a function +; not in the whitelist will terminate the script and get logged. +;suhosin.executor.func.whitelist = + +; Comma separated blacklist of functions that are not allowed to be called. If +; no whitelist is given, calling a function within the blacklist will terminate +; the script and get logged. +;suhosin.executor.func.blacklist = + +; Comma separated whitelist of functions that are allowed to be called from +; within eval(). If the whitelist is empty the blacklist is evaluated, +; otherwise calling a function not in the whitelist will terminate the script +; and get logged. +;suhosin.executor.eval.whitelist = + +; Comma separated blacklist of functions that are not allowed to be called from +; within eval(). If no whitelist is given, calling a function within the +; blacklist will terminate the script and get logged. +;suhosin.executor.eval.blacklist = + +; eval() is a very dangerous statement and therefore you might want to disable +; it completely. Deactivating it will however break lots of scripts. Because +; every violation is logged, this allows finding all places where eval() is +; used. +;suhosin.executor.disable_eval = Off + +; The /e modifier inside preg_replace() allows code execution. Often it is the +; cause for remote code execution exploits. It is wise to deactivate this +; feature and test where in the application it is used. The developer using the +; /e modifier should be made aware that he should use preg_replace_callback() +; instead. +;suhosin.executor.disable_emodifier = Off + +; This flag reactivates symlink() when open_basedir is used, which is disabled +; by default in Suhosin >= 0.9.6. Allowing symlink() while open_basedir is used +; is actually a security risk. +;suhosin.executor.allow_symlink = Off + +; ----------------------------------------------------------------------------- +; Misc Options + +; If you fear that Suhosin breaks your application, you can activate Suhosin's +; simulation mode with this flag. When Suhosin runs in simulation mode, +; violations are logged as usual, but nothing is blocked or removed from the +; request. (Transparent Encryptions are NOT deactivated in simulation mode.) +;suhosin.simulation = Off + +; APC 3.0.12(p1/p2) uses reserved resources without requesting a resource slot +; first. It always uses resource slot 0. If Suhosin got this slot assigned APC +; will overwrite the information Suhosin stores in this slot. When this flag is +; set Suhosin will request 2 Slots and use the second one. This allows working +; correctly with these buggy APC versions. +;suhosin.apc_bug_workaround = Off + +; When a SQL Query fails scripts often spit out a bunch of useful information +; for possible attackers. When this configuration directive is turned on, the +; script will silently terminate, after the problem has been logged. (This is +; not yet supported) +;suhosin.sql.bailout_on_error = Off + +; This is an experimental feature for shared environments. With this +; configuration option it is possible to specify a prefix that is automatically +; prepended to the database username, whenever a database connection is made. +; (Unless the username starts with the prefix) +;suhosin.sql.user_prefix = + +; This is an experimental feature for shared environments. With this +; configuration option it is possible to specify a postfix that is +; automatically appended to the database username, whenever a database +; connection is made. (Unless the username end with the postfix) +; +; With this feature it is possible for shared hosters to disallow customers to +; connect with the usernames of other customers. This feature is experimental, +; because support for PDO and PostgreSQL are not yet implemented. +;suhosin.sql.user_postfix = + +; This directive controls if multiple headers are allowed or not in a header() +; call. By default the Hardening-Patch forbids this. (HTTP headers spanning +; multiple lines are still allowed). +;suhosin.multiheader = Off + +; This directive controls if the mail() header protection is activated or not +; and to what degree it is activated. The appended table lists the possible +; activation levels. +suhosin.mail.protect = 1 + +; As long scripts are not running within safe_mode they are free to change the +; memory_limit to whatever value they want. Suhosin changes this fact and +; disallows setting the memory_limit to a value greater than the one the script +; started with, when this option is left at 0. A value greater than 0 means +; that Suhosin will disallows scripts setting the memory_limit to a value above +; this configured hard limit. This is for example usefull if you want to run +; the script normaly with a limit of 16M but image processing scripts may raise +; it to 20M. +;suhosin.memory_limit = 0 + +; ----------------------------------------------------------------------------- +; Transparent Encryption Options + +; Flag that decides if the transparent session encryption is activated or not. +;suhosin.session.encrypt = On + +; Session data can be encrypted transparently. The encryption key used consists +; of this user defined string (which can be altered by a script via ini_set()) +; and optionally the User-Agent, the Document-Root and 0-4 Octects of the +; REMOTE_ADDR. +;suhosin.session.cryptkey = + +; Flag that decides if the transparent session encryption key depends on the +; User-Agent field. (When activated this feature transparently adds a little +; bit protection against session fixation/hijacking attacks) +;suhosin.session.cryptua = On + +; Flag that decides if the transparent session encryption key depends on the +; Documentroot field. +;suhosin.session.cryptdocroot = On + +; Number of octets (0-4) from the REMOTE_ADDR that the transparent session +; encryption key depends on. Keep in mind that this should not be used on sites +; that have visitors from big ISPs, because their IP address often changes +; during a session. But this feature might be interesting for admin interfaces +; or intranets. When used wisely this is a transparent protection against +; session hijacking/fixation. +;suhosin.session.cryptraddr = 0 + +; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the +; session. The difference to suhosin.session.cryptaddr is, that the IP is not +; part of the encryption key, so that the same session can be used for +; different areas with different protection levels on the site. +;suhosin.session.checkraddr = 0 + +; Flag that decides if the transparent cookie encryption is activated or not. +;suhosin.cookie.encrypt = 0 + +; Cookies can be encrypted transparently. The encryption key used consists of +; this user defined string and optionally the User-Agent, the Document-Root and +; 0-4 Octects of the REMOTE_ADDR. +;suhosin.cookie.cryptkey = + +; Flag that decides if the transparent session encryption key depends on the +; User-Agent field. (When activated this feature transparently adds a little +; bit protection against session fixation/hijacking attacks (if only session +; cookies are allowed)) +;suhosin.cookie.cryptua = On + +; Flag that decides if the transparent cookie encryption key depends on the +; Documentroot field. +;suhosin.cookie.cryptdocroot = On + +; Number of octets (0-4) from the REMOTE_ADDR that the transparent cookie +; encryption key depends on. Keep in mind that this should not be used on sites +; that have visitors from big ISPs, because their IP address often changes +; during a session. But this feature might be interesting for admin interfaces +; or intranets. When used wisely this is a transparent protection against +; session hijacking/fixation. +;suhosin.cookie.cryptraddr = 0 + +; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the +; cookie. The difference to suhosin.cookie.cryptaddr is, that the IP is not +; part of the encryption key, so that the same cookie can be used for different +; areas with different protection levels on the site. +;suhosin.cookie.checkraddr = 0 + +; In case not all cookies are supposed to get encrypted this is a comma +; separated list of cookie names that should get encrypted. All other cookies +; will not get touched. +;suhosin.cookie.cryptlist = + +; In case some cookies should not be crypted this is a comma separated list of +; cookies that do not get encrypted. All other cookies will be encrypted. +;suhosin.cookie.plainlist = + +; ----------------------------------------------------------------------------- +; Filtering Options + +; Defines the reaction of Suhosin on a filter violation. +;suhosin.filter.action = + +; Defines the maximum depth an array variable may have, when registered through +; the COOKIE. +;suhosin.cookie.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; the COOKIE. +;suhosin.cookie.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the COOKIE. For array variables this is the name in front of the indices. +;suhosin.cookie.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; the COOKIE. For array variables this includes all indices. +;suhosin.cookie.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the +; COOKIE. +;suhosin.cookie.max_value_length = 10000 + +; Defines the maximum number of variables that may be registered through the +; COOKIE. +;suhosin.cookie.max_vars = 100 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.cookie.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; the URL +;suhosin.get.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; the URL +;suhosin.get.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the URL. For array variables this is the name in front of the indices. +;suhosin.get.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; the URL. For array variables this includes all indices. +;suhosin.get.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the URL. +;suhosin.get.max_value_length = 512 + +; Defines the maximum number of variables that may be registered through the +; URL. +;suhosin.get.max_vars = 100 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.get.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; a POST request. +;suhosin.post.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; a POST request. +;suhosin.post.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; a POST request. For array variables this is the name in front of the indices. +;suhosin.post.max_name_length = 64 + +; Defines the maximum length of the total variable name when registered through +; a POST request. For array variables this includes all indices. +;suhosin.post.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through a POST +; request. +;suhosin.post.max_value_length = 1000000 + +; Defines the maximum number of variables that may be registered through a POST +; request. +;suhosin.post.max_vars = 1000 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.post.disallow_nul = 1 + +; Defines the maximum depth an array variable may have, when registered through +; GET , POST or COOKIE. This setting is also an upper limit for the separate +; GET, POST, COOKIE configuration directives. +;suhosin.request.max_array_depth = 50 + +; Defines the maximum length of array indices for variables registered through +; GET, POST or COOKIE. This setting is also an upper limit for the separate +; GET, POST, COOKIE configuration directives. +;suhosin.request.max_array_index_length = 64 + +; Defines the maximum length of variable names for variables registered through +; the COOKIE, the URL or through a POST request. This is the complete name +; string, including all indicies. This setting is also an upper limit for the +; separate GET, POST, COOKIE configuration directives. +;suhosin.request.max_totalname_length = 256 + +; Defines the maximum length of a variable that is registered through the +; COOKIE, the URL or through a POST request. This setting is also an upper +; limit for the variable origin specific configuration directives. +;suhosin.request.max_value_length = 1000000 + +; Defines the maximum number of variables that may be registered through the +; COOKIE, the URL or through a POST request. This setting is also an upper +; limit for the variable origin specific configuration directives. +;suhosin.request.max_vars = 1000 + +; Defines the maximum name length (excluding possible array indicies) of +; variables that may be registered through the COOKIE, the URL or through a +; POST request. This setting is also an upper limit for the variable origin +; specific configuration directives. +;suhosin.request.max_varname_length = 64 + +; When set to On ASCIIZ chars are not allowed in variables. +;suhosin.request.disallow_nul = 1 + +; When set to On the dangerous characters <>"'` are urlencoded when found +; not encoded in the server variables REQUEST_URI and QUERY_STRING. This +; will protect against some XSS vulnerabilities. +;suhosin.server.encode = 1 + +; When set to On the dangerous characters <>"'` are replaced with ? in +; the server variables PHP_SELF, PATH_TRANSLATED and PATH_INFO. This will +; protect against some XSS vulnerabilities. +;suhosin.server.strip = 1 + +; Defines the maximum number of files that may be uploaded with one request. +;suhosin.upload.max_uploads = 25 + +; When set to On it is not possible to upload ELF executables. +;suhosin.upload.disallow_elf = 1 + +; When set to On it is not possible to upload binary files. +;suhosin.upload.disallow_binary = 0 + +; When set to On binary content is removed from the uploaded files. +;suhosin.upload.remove_binary = 0 + +; This defines the full path to a verification script for uploaded files. The +; script gets the temporary filename supplied and has to decide if the upload +; is allowed. A possible application for this is to scan uploaded files for +; viruses. The called script has to write a 1 as first line to standard output +; to allow the upload. Any other value or no output at all will result in the +; file being deleted. +;suhosin.upload.verification_script = + +; Specifies the maximum length of the session identifier that is allowed. When +; a longer session identifier is passed a new session identifier will be +; created. This feature is important to fight bufferoverflows in 3rd party +; session handlers. +;suhosin.session.max_id_length = 128 + +; Undocumented: Controls if suhosin coredumps when the optional suhosin patch +; detects a bufferoverflow, memory corruption or double free. This is only +; for debugging purposes and should not be activated. +;suhosin.coredump = Off + +; Undocumented: Controls if the encryption keys specified by the configuration +; are shown in the phpinfo() output or if they are hidden from it +;suhosin.protectkey = 1 + +; Controls if suhosin loads in stealth mode when it is not the only +; zend_extension (Required for full compatibility with certain encoders +; that consider open source untrusted. e.g. ionCube, Zend) +;suhosin.stealth = 1 + +; Controls if suhosin's ini directives are changeable per directory +; because the admin might want to allow some features to be controlable +; by .htaccess and some not. For example the logging capabilities can +; break safemode and open_basedir restrictions when .htaccess support is +; allowed and the admin forgot to fix their values in httpd.conf +; An empty value or a 0 will result in all directives not allowed in +; .htaccess. The string "legcprsum" will allow logging, execution, get, +; post, cookie, request, sql, upload, misc features in .htaccess +;suhosin.perdir = "0" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d137 1 +a137 2 +; request. (Transparent features are NOT deactivated in simulation mode.) +; (since v0.9.30 affects (dis)allowed functions) +@ diff --git a/config-archive/etc/php/cli-php5/php.ini,v b/config-archive/etc/php/cli-php5/php.ini,v new file mode 100644 index 0000000..efaee7c --- /dev/null +++ b/config-archive/etc/php/cli-php5/php.ini,v @@ -0,0 +1,1339 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.08.19.20.46.20; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.19.20.48.50; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;; +; WARNING ; +;;;;;;;;;;; +; This is the default settings file for new PHP installations. +; By default, PHP installs itself with a configuration suitable for +; development purposes, and *NOT* for production purposes. +; For several security-oriented considerations that should be taken +; before going online with your site, please consult php.ini-recommended +; and http://php.net/manual/en/security.php. + + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; This file controls many aspects of PHP's behavior. In order for PHP to +; read it, it must be named 'php.ini'. PHP looks for it in the current +; working directory, in the path designated by the environment variable +; PHPRC, and in the path that was defined in compile time (in that order). +; Under Windows, the compile-time path is the Windows directory. The +; path in which the php.ini file is looked for can be overridden using +; the -c argument in command line mode. +; +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. +; +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). +; +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT +; +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. +; +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: +; +; foo = ; sets foo to an empty string +; foo = none ; sets foo to an empty string +; foo = "none" ; sets foo to the string 'none' +; +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. +; +; +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; All the values in the php.ini-dist file correspond to the builtin +; defaults (that is, if no php.ini is used, or if you delete these lines, +; the builtin defaults will be identical). + + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +engine = On + +; Enable compatibility mode with Zend Engine 1 (PHP 4.x) +zend.ze1_compatibility_mode = Off + +; Allow the tags are recognized. +; NOTE: Using short tags should be avoided when developing applications or +; libraries that are meant for redistribution, or deployment on PHP +; servers which are not under your control, because short tags may not +; be supported on the target server. For portable, redistributable code, +; be sure not to use short tags. +short_open_tag = On + +; Allow ASP-style <% %> tags. +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +precision = 12 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +y2k_compliance = On + +; Output buffering allows you to send header lines (including cookies) even +; after you send body content, at the price of slowing PHP's output layer a +; bit. You can enable output buffering during runtime by calling the output +; buffering functions. You can also enable output buffering for all files by +; setting this directive to On. If you wish to limit the size of the buffer +; to a certain size - you can use a maximum number of bytes instead of 'On', as +; a value for this directive (e.g., output_buffering=4096). +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +zlib.output_compression = Off +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. +; A warning appears if the specified function is not defined, or if the +; function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func= + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; Whether to enable the ability to force arguments to be passed by reference +; at function call time. This method is deprecated and is likely to be +; unsupported in future versions of PHP/Zend. The encouraged method of +; specifying which arguments should be passed by reference is in the function +; declaration. You're encouraged to try and turn this option Off and make +; sure your scripts work properly with it in order to ensure they will work +; with future versions of the language (you will receive a warning each time +; you use this feature, and the argument will be passed by value instead of by +; reference). +allow_call_time_pass_reference = On + +; +; Safe Mode +; +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long request, which may end up +; being interrupted by the user or a browser timing out. +; ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; realpath_cache_size=16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; realpath_cache_ttl=120 + +; +; Misc +; +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +expose_php = On + + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +max_execution_time = 30 ; Maximum execution time of each script, in seconds +max_input_time = 60 ; Maximum amount of time each script may spend parsing request data +;max_input_nesting_level = 64 ; Maximum input variable nesting level +memory_limit = 128M ; Maximum amount of memory a script may consume (128MB) + + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; error_reporting is a bit-field. Or each number up to get desired error +; reporting level +; E_ALL - All errors and warnings (doesn't include E_STRICT) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; +; Examples: +; +; - Show all errors, except for notices and coding standards warnings +; +;error_reporting = E_ALL & ~E_NOTICE +; +; - Show all errors, except for notices +; +;error_reporting = E_ALL & ~E_NOTICE | E_STRICT +; +; - Show only errors +; +;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR +; +; - Show all errors except for notices and coding standards warnings +; +error_reporting = E_ALL & ~E_NOTICE + +; Print out errors (as a part of the output). For production web sites, +; you're strongly encouraged to turn this feature off, and use error logging +; instead (see below). Keeping display_errors enabled on a production web site +; may reveal security information to end users, such as file paths on your Web +; server, your database schema or other information. +; +; possible values for display_errors: +; +; Off - Do not display any errors +; stderr - Display errors to STDERR (affects only CGI/CLI binaries!) +; +;display_errors = "stderr" +; +; stdout (On) - Display errors to STDOUT +; +display_errors = On + +; Even when display_errors is on, errors that occur during PHP's startup +; sequence are not displayed. It's strongly recommended to keep +; display_startup_errors off, except for when debugging. +display_startup_errors = Off + +; Log errors into a log file (server-specific log, stderr, or error_log (below)) +; As stated above, you're strongly advised to use error logging in place of +; error displaying on production web sites. +log_errors = Off + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +report_memleaks = On + +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +;xmlrpc_errors = 0 +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; Disable the inclusion of HTML tags in error messages. +; Note: Never use this feature for production boxes. +;html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://www.php.net/docs.php +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. +; Note: Never use this feature for production boxes. +;docref_root = "/phpmanual/" +;docref_ext = .html + +; String to output before an error message. +;error_prepend_string = "" + +; String to output after an error message. +;error_append_string = "" + +; Log errors to specified file. +;error_log = filename + +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; +; +; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 + +; The separator used in PHP generated URLs to separate arguments. +; Default is "&". +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; Default is "&". +; NOTE: Every character in this directive is considered as separator! +;arg_separator.input = ";&" + +; This directive describes the order in which PHP registers GET, POST, Cookie, +; Environment and Built-in variables (G, P, C, E & S respectively, often +; referred to as EGPCS or GPC). Registration is done from left to right, newer +; values override older values. +variables_order = "EGPCS" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. This makes most sense when coupled with track_vars - in which +; case you can access all of the GPC variables through the $HTTP_*_VARS[], +; variables. +; +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +register_globals = Off + +; Whether or not to register the old-style input arrays, HTTP_GET_VARS +; and friends. If you're not using them, it's recommended to turn them off, +; for performance reasons. +register_long_arrays = On + +; This directive tells PHP whether to declare the argv&argc variables (that +; would contain the GET information). If you don't use these variables, you +; should turn it off for increased performance. +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +post_max_size = 8M + +; Magic quotes +; + +; Magic quotes for incoming GET/POST/Cookie data. +magic_quotes_gpc = On + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +magic_quotes_sybase = Off + +; Automatically add files before or after any PHP document. +auto_prepend_file = +auto_append_file = + +; As of 4.0b4, PHP always outputs a character encoding by default in +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +default_mimetype = "text/html" +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. +;always_populate_raw_post_data = On + + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +user_dir = + +; Directory in which the loadable extensions (modules) reside. +extension_dir = /usr/lib64/php5/lib/php/extensions/no-debug-non-zts-20060613 + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. +; cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; cgi.fix_pathinfo=0 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection +; fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +;cgi.rfc2616_headers = 0 + + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +upload_max_filesize = 2M + + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +allow_url_include = Off + +; Define the anonymous ftp password (your email address) +;from="john@@doe.com" + +; Define the User-Agent string +; user_agent="PHP" + +; Default timeout for socket based streams (seconds) +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; auto_detect_line_endings = Off + + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; +; +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; Note that it should be the name of the module only; no directory information +; needs to go here. Specify the location of the extension with the +; extension_dir directive above. + + +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. + +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_dbase.dll +;extension=php_exif.dll +;extension=php_fdf.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_ifx.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_mcrypt.dll +;extension=php_mhash.dll +;extension=php_mime_magic.dll +;extension=php_ming.dll +;extension=php_msql.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll +;extension=php_openssl.dll +;extension=php_pdo.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_oci8.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +;date.timezone = + +;date.default_latitude = 31.7667 +;date.default_longitude = 35.2333 + +;date.sunrise_zenith = 90.583333 +;date.sunset_zenith = 90.583333 + +[filter] +;filter.default = unsafe_raw +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[sqlite] +;sqlite.assoc_case = 0 + +[Pcre] +;PCRE library backtracking limit. +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +;pcre.recursion_limit=100000 + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +define_syslog_variables = Off + +[mail function] +; For Win32 only. +SMTP = localhost +smtp_port = 25 + +; For Win32 only. +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +[SQL] +sql.safe_mode = Off + +[ODBC] +;odbc.default_db = Not yet implemented +;odbc.default_user = Not yet implemented +;odbc.default_pw = Not yet implemented + +; Allow or prevent persistent links. +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of uodbc.defaultlrl and uodbc.defaultbinmode +odbc.defaultbinmode = 1 + +[MySQL] +; Allow or prevent persistent links. +mysql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of links. -1 means no limit. +mysqli.max_links = -1 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mSQL] +; Allow or prevent persistent links. +msql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +msql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +msql.max_links = -1 + +[OCI8] +; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA) +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +;oci8.ping_interval = 60 + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +;oci8.default_prefetch = 10 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +pgsql.log_notice = 0 + +[Sybase] +; Allow or prevent persistent links. +sybase.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybase.max_links = -1 + +;sybase.interface_file = "/usr/sybase/interfaces" + +; Minimum error severity to display. +sybase.min_error_severity = 10 + +; Minimum message severity to display. +sybase.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +; If on, this will cause PHP to automatically assign types to results according +; to their Sybase type, instead of treating them all as strings. This +; compatibility mode will probably not stay around forever, so try applying +; whatever necessary changes to your code, and turn it off. +sybase.compatability_mode = Off + +[Sybase-CT] +; Allow or prevent persistent links. +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybct.max_links = -1 + +; Minimum server message severity to display. +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +sybct.min_client_severity = 10 + +[bcmath] +; Number of decimal digits for all bcmath functions. +bcmath.scale = 0 + +[browscap] +;browscap = extra/browscap.ini + +[Informix] +; Default host for ifx_connect() (doesn't apply in safe mode). +ifx.default_host = + +; Default user for ifx_connect() (doesn't apply in safe mode). +ifx.default_user = + +; Default password for ifx_connect() (doesn't apply in safe mode). +ifx.default_password = + +; Allow or prevent persistent links. +ifx.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +ifx.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ifx.max_links = -1 + +; If on, select statements return the contents of a text blob instead of its id. +ifx.textasvarchar = 0 + +; If on, select statements return the contents of a byte blob instead of its id. +ifx.byteasvarchar = 0 + +; Trailing blanks are stripped from fixed-length char columns. May help the +; life of Informix SE users. +ifx.charasvarchar = 0 + +; If on, the contents of text and byte blobs are dumped to a file instead of +; keeping them in memory. +ifx.blobinfile = 0 + +; NULL's are returned as empty strings, unless this is set to 1. In that case, +; NULL's are returned as string 'NULL'. +ifx.nullformat = 0 + +[Session] +; Handler used to store/retrieve data. +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; As of PHP 4.0.1, you can define the path as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +session.save_path = "/tmp" + +; Whether to use cookies. +session.use_cookies = 1 + +;session.cookie_secure = + +; This option enables administrators to make their users invulnerable to +; attacks which involve passing session ids in URLs; defaults to 0. +; session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +session.name = PHPSESSID + +; Initialize session on request startup. +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +session.cookie_path = / + +; The domain for which the cookie is valid. +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +session.serialize_handler = php + +; Define the probability that the 'garbage collection' process is started +; on every session initialization. +; The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts +; on each request. + +session.gc_probability = 1 +session.gc_divisor = 100 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, albeit register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. + +session.bug_compat_42 = 1 +session.bug_compat_warn = 1 + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +session.referer_check = + +; How many bytes to read from the file. +session.entropy_length = 0 + +; Specified here to create the session id. +session.entropy_file = + +;session.entropy_length = 16 + +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +session.cache_limiter = nocache + +; Document expires after n minutes. +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +session.use_trans_sid = 0 + +; Select a hash function +; 0: MD5 (128 bits) +; 1: SHA-1 (160 bits) +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; +; 4 bits: 0-9, a-f +; 5 bits: 0-9, a-v +; 6 bits: 0-9, a-z, A-Z, "-", "," +session.hash_bits_per_character = 4 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +;assert.active = On + +; Issue a PHP warning for each failed assertion. +;assert.warning = On + +; Don't bail out by default. +;assert.bail = Off + +; User-function to be called if an assertion fails. +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +;com.typelib_file = +; allow Distributed-COM calls +;com.allow_dcom = true +; autoregister constants of a components typlib on com_load() +;com.autoregister_typelib = true +; register constants casesensitive +;com.autoregister_casesensitive = false +; show warnings on duplicate constant registrations +;com.autoregister_verbose = true + +[mbstring] +; language for internal character representation. +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +;mbstring.func_overload = 0 + +[FrontBase] +;fbsql.allow_persistent = On +;fbsql.autocommit = On +;fbsql.show_timestamp_decimals = Off +;fbsql.default_database = +;fbsql.default_database_password = +;fbsql.default_host = +;fbsql.default_password = +;fbsql.default_user = "_SYSTEM" +;fbsql.generate_warnings = Off +;fbsql.max_connections = 128 +;fbsql.max_links = 128 +;fbsql.max_persistent = -1 +;fbsql.max_results = 128 + +[gd] +; Tell the jpeg decode to libjpeg warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +;exif.encode_unicode = ISO-8859-15 +;exif.decode_unicode_motorola = UCS-2BE +;exif.decode_unicode_intel = UCS-2LE +;exif.encode_jis = +;exif.decode_jis_motorola = JIS +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +soap.wsdl_cache_enabled=1 +; Sets the directory name where SOAP extension will put cache files. +soap.wsdl_cache_dir="/tmp" +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +soap.wsdl_cache_ttl=86400 + +; Local Variables: +; tab-width: 4 +; End: + +; MySQL extensions default connection charset settings +;mysql.connect_charset = utf8 +;mysqli.connect_charset = utf8 +;pdo_mysql.connect_charset = utf8 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d248 1 +a248 1 +expose_php = Off +d491 1 +a491 1 +extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 +d563 1 +a563 1 +allow_url_fopen = On +d1287 5 +@ diff --git a/config-archive/etc/php/embed-php5.3/php.ini,v b/config-archive/etc/php/embed-php5.3/php.ini,v new file mode 100644 index 0000000..ba680c6 --- /dev/null +++ b/config-archive/etc/php/embed-php5.3/php.ini,v @@ -0,0 +1,1943 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.13.18; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d320 1 +a320 1 +serialize_precision = 17 +d624 1 +a624 1 +;error_prepend_string = "" +d630 1 +a630 1 +;error_append_string = "" +a974 3 + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +a975 1 + +@ diff --git a/config-archive/etc/php/embed-php5/php.ini,v b/config-archive/etc/php/embed-php5/php.ini,v new file mode 100644 index 0000000..898c28f --- /dev/null +++ b/config-archive/etc/php/embed-php5/php.ini,v @@ -0,0 +1,2641 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.30.19.30.30; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.30.19.31.39; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;; +; WARNING ; +;;;;;;;;;;; +; This is the default settings file for new PHP installations. +; By default, PHP installs itself with a configuration suitable for +; development purposes, and *NOT* for production purposes. +; For several security-oriented considerations that should be taken +; before going online with your site, please consult php.ini-recommended +; and http://php.net/manual/en/security.php. + + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; This file controls many aspects of PHP's behavior. In order for PHP to +; read it, it must be named 'php.ini'. PHP looks for it in the current +; working directory, in the path designated by the environment variable +; PHPRC, and in the path that was defined in compile time (in that order). +; Under Windows, the compile-time path is the Windows directory. The +; path in which the php.ini file is looked for can be overridden using +; the -c argument in command line mode. +; +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. +; +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). +; +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT +; +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. +; +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: +; +; foo = ; sets foo to an empty string +; foo = none ; sets foo to an empty string +; foo = "none" ; sets foo to the string 'none' +; +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. +; +; +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; All the values in the php.ini-dist file correspond to the builtin +; defaults (that is, if no php.ini is used, or if you delete these lines, +; the builtin defaults will be identical). + + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +engine = On + +; Enable compatibility mode with Zend Engine 1 (PHP 4.x) +zend.ze1_compatibility_mode = Off + +; Allow the tags are recognized. +; NOTE: Using short tags should be avoided when developing applications or +; libraries that are meant for redistribution, or deployment on PHP +; servers which are not under your control, because short tags may not +; be supported on the target server. For portable, redistributable code, +; be sure not to use short tags. +short_open_tag = On + +; Allow ASP-style <% %> tags. +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +precision = 12 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +y2k_compliance = On + +; Output buffering allows you to send header lines (including cookies) even +; after you send body content, at the price of slowing PHP's output layer a +; bit. You can enable output buffering during runtime by calling the output +; buffering functions. You can also enable output buffering for all files by +; setting this directive to On. If you wish to limit the size of the buffer +; to a certain size - you can use a maximum number of bytes instead of 'On', as +; a value for this directive (e.g., output_buffering=4096). +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +zlib.output_compression = Off +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. +; A warning appears if the specified function is not defined, or if the +; function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func= + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; Whether to enable the ability to force arguments to be passed by reference +; at function call time. This method is deprecated and is likely to be +; unsupported in future versions of PHP/Zend. The encouraged method of +; specifying which arguments should be passed by reference is in the function +; declaration. You're encouraged to try and turn this option Off and make +; sure your scripts work properly with it in order to ensure they will work +; with future versions of the language (you will receive a warning each time +; you use this feature, and the argument will be passed by value instead of by +; reference). +allow_call_time_pass_reference = On + +; +; Safe Mode +; +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long request, which may end up +; being interrupted by the user or a browser timing out. +; ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; realpath_cache_size=16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; realpath_cache_ttl=120 + +; +; Misc +; +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +expose_php = Off + + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +max_execution_time = 30 ; Maximum execution time of each script, in seconds +max_input_time = 60 ; Maximum amount of time each script may spend parsing request data +;max_input_nesting_level = 64 ; Maximum input variable nesting level +memory_limit = 128M ; Maximum amount of memory a script may consume (128MB) + + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; error_reporting is a bit-field. Or each number up to get desired error +; reporting level +; E_ALL - All errors and warnings (doesn't include E_STRICT) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; +; Examples: +; +; - Show all errors, except for notices and coding standards warnings +; +;error_reporting = E_ALL & ~E_NOTICE +; +; - Show all errors, except for notices +; +;error_reporting = E_ALL & ~E_NOTICE | E_STRICT +; +; - Show only errors +; +;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR +; +; - Show all errors except for notices and coding standards warnings +; +error_reporting = E_ALL & ~E_NOTICE + +; Print out errors (as a part of the output). For production web sites, +; you're strongly encouraged to turn this feature off, and use error logging +; instead (see below). Keeping display_errors enabled on a production web site +; may reveal security information to end users, such as file paths on your Web +; server, your database schema or other information. +; +; possible values for display_errors: +; +; Off - Do not display any errors +; stderr - Display errors to STDERR (affects only CGI/CLI binaries!) +; +;display_errors = "stderr" +; +; stdout (On) - Display errors to STDOUT +; +display_errors = On + +; Even when display_errors is on, errors that occur during PHP's startup +; sequence are not displayed. It's strongly recommended to keep +; display_startup_errors off, except for when debugging. +display_startup_errors = Off + +; Log errors into a log file (server-specific log, stderr, or error_log (below)) +; As stated above, you're strongly advised to use error logging in place of +; error displaying on production web sites. +log_errors = Off + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +report_memleaks = On + +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +;xmlrpc_errors = 0 +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; Disable the inclusion of HTML tags in error messages. +; Note: Never use this feature for production boxes. +;html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://www.php.net/docs.php +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. +; Note: Never use this feature for production boxes. +;docref_root = "/phpmanual/" +;docref_ext = .html + +; String to output before an error message. +;error_prepend_string = "" + +; String to output after an error message. +;error_append_string = "" + +; Log errors to specified file. +;error_log = filename + +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; +; +; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 + +; The separator used in PHP generated URLs to separate arguments. +; Default is "&". +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; Default is "&". +; NOTE: Every character in this directive is considered as separator! +;arg_separator.input = ";&" + +; This directive describes the order in which PHP registers GET, POST, Cookie, +; Environment and Built-in variables (G, P, C, E & S respectively, often +; referred to as EGPCS or GPC). Registration is done from left to right, newer +; values override older values. +variables_order = "EGPCS" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. This makes most sense when coupled with track_vars - in which +; case you can access all of the GPC variables through the $HTTP_*_VARS[], +; variables. +; +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +register_globals = Off + +; Whether or not to register the old-style input arrays, HTTP_GET_VARS +; and friends. If you're not using them, it's recommended to turn them off, +; for performance reasons. +register_long_arrays = On + +; This directive tells PHP whether to declare the argv&argc variables (that +; would contain the GET information). If you don't use these variables, you +; should turn it off for increased performance. +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +post_max_size = 8M + +; Magic quotes +; + +; Magic quotes for incoming GET/POST/Cookie data. +magic_quotes_gpc = On + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +magic_quotes_sybase = Off + +; Automatically add files before or after any PHP document. +auto_prepend_file = +auto_append_file = + +; As of 4.0b4, PHP always outputs a character encoding by default in +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +default_mimetype = "text/html" +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. +;always_populate_raw_post_data = On + + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +user_dir = + +; Directory in which the loadable extensions (modules) reside. +extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. +; cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; cgi.fix_pathinfo=0 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection +; fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +;cgi.rfc2616_headers = 0 + + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +upload_max_filesize = 2M + + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +allow_url_include = Off + +; Define the anonymous ftp password (your email address) +;from="john@@doe.com" + +; Define the User-Agent string +; user_agent="PHP" + +; Default timeout for socket based streams (seconds) +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; auto_detect_line_endings = Off + + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; +; +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; Note that it should be the name of the module only; no directory information +; needs to go here. Specify the location of the extension with the +; extension_dir directive above. + + +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. + +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_dbase.dll +;extension=php_exif.dll +;extension=php_fdf.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_ifx.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_mcrypt.dll +;extension=php_mhash.dll +;extension=php_mime_magic.dll +;extension=php_ming.dll +;extension=php_msql.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll +;extension=php_openssl.dll +;extension=php_pdo.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_oci8.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +;date.timezone = + +;date.default_latitude = 31.7667 +;date.default_longitude = 35.2333 + +;date.sunrise_zenith = 90.583333 +;date.sunset_zenith = 90.583333 + +[filter] +;filter.default = unsafe_raw +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[sqlite] +;sqlite.assoc_case = 0 + +[Pcre] +;PCRE library backtracking limit. +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +;pcre.recursion_limit=100000 + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +define_syslog_variables = Off + +[mail function] +; For Win32 only. +SMTP = localhost +smtp_port = 25 + +; For Win32 only. +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +[SQL] +sql.safe_mode = Off + +[ODBC] +;odbc.default_db = Not yet implemented +;odbc.default_user = Not yet implemented +;odbc.default_pw = Not yet implemented + +; Allow or prevent persistent links. +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of uodbc.defaultlrl and uodbc.defaultbinmode +odbc.defaultbinmode = 1 + +[MySQL] +; Allow or prevent persistent links. +mysql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of links. -1 means no limit. +mysqli.max_links = -1 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mSQL] +; Allow or prevent persistent links. +msql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +msql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +msql.max_links = -1 + +[OCI8] +; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA) +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +;oci8.ping_interval = 60 + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +;oci8.default_prefetch = 10 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +pgsql.log_notice = 0 + +[Sybase] +; Allow or prevent persistent links. +sybase.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybase.max_links = -1 + +;sybase.interface_file = "/usr/sybase/interfaces" + +; Minimum error severity to display. +sybase.min_error_severity = 10 + +; Minimum message severity to display. +sybase.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +; If on, this will cause PHP to automatically assign types to results according +; to their Sybase type, instead of treating them all as strings. This +; compatibility mode will probably not stay around forever, so try applying +; whatever necessary changes to your code, and turn it off. +sybase.compatability_mode = Off + +[Sybase-CT] +; Allow or prevent persistent links. +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybct.max_links = -1 + +; Minimum server message severity to display. +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +sybct.min_client_severity = 10 + +[bcmath] +; Number of decimal digits for all bcmath functions. +bcmath.scale = 0 + +[browscap] +;browscap = extra/browscap.ini + +[Informix] +; Default host for ifx_connect() (doesn't apply in safe mode). +ifx.default_host = + +; Default user for ifx_connect() (doesn't apply in safe mode). +ifx.default_user = + +; Default password for ifx_connect() (doesn't apply in safe mode). +ifx.default_password = + +; Allow or prevent persistent links. +ifx.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +ifx.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ifx.max_links = -1 + +; If on, select statements return the contents of a text blob instead of its id. +ifx.textasvarchar = 0 + +; If on, select statements return the contents of a byte blob instead of its id. +ifx.byteasvarchar = 0 + +; Trailing blanks are stripped from fixed-length char columns. May help the +; life of Informix SE users. +ifx.charasvarchar = 0 + +; If on, the contents of text and byte blobs are dumped to a file instead of +; keeping them in memory. +ifx.blobinfile = 0 + +; NULL's are returned as empty strings, unless this is set to 1. In that case, +; NULL's are returned as string 'NULL'. +ifx.nullformat = 0 + +[Session] +; Handler used to store/retrieve data. +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; As of PHP 4.0.1, you can define the path as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +session.save_path = "/tmp" + +; Whether to use cookies. +session.use_cookies = 1 + +;session.cookie_secure = + +; This option enables administrators to make their users invulnerable to +; attacks which involve passing session ids in URLs; defaults to 0. +; session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +session.name = PHPSESSID + +; Initialize session on request startup. +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +session.cookie_path = / + +; The domain for which the cookie is valid. +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +session.serialize_handler = php + +; Define the probability that the 'garbage collection' process is started +; on every session initialization. +; The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts +; on each request. + +session.gc_probability = 1 +session.gc_divisor = 100 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, albeit register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. + +session.bug_compat_42 = 1 +session.bug_compat_warn = 1 + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +session.referer_check = + +; How many bytes to read from the file. +session.entropy_length = 0 + +; Specified here to create the session id. +session.entropy_file = + +;session.entropy_length = 16 + +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +session.cache_limiter = nocache + +; Document expires after n minutes. +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +session.use_trans_sid = 0 + +; Select a hash function +; 0: MD5 (128 bits) +; 1: SHA-1 (160 bits) +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; +; 4 bits: 0-9, a-f +; 5 bits: 0-9, a-v +; 6 bits: 0-9, a-z, A-Z, "-", "," +session.hash_bits_per_character = 4 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +;assert.active = On + +; Issue a PHP warning for each failed assertion. +;assert.warning = On + +; Don't bail out by default. +;assert.bail = Off + +; User-function to be called if an assertion fails. +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +;com.typelib_file = +; allow Distributed-COM calls +;com.allow_dcom = true +; autoregister constants of a components typlib on com_load() +;com.autoregister_typelib = true +; register constants casesensitive +;com.autoregister_casesensitive = false +; show warnings on duplicate constant registrations +;com.autoregister_verbose = true + +[mbstring] +; language for internal character representation. +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +;mbstring.func_overload = 0 + +[FrontBase] +;fbsql.allow_persistent = On +;fbsql.autocommit = On +;fbsql.show_timestamp_decimals = Off +;fbsql.default_database = +;fbsql.default_database_password = +;fbsql.default_host = +;fbsql.default_password = +;fbsql.default_user = "_SYSTEM" +;fbsql.generate_warnings = Off +;fbsql.max_connections = 128 +;fbsql.max_links = 128 +;fbsql.max_persistent = -1 +;fbsql.max_results = 128 + +[gd] +; Tell the jpeg decode to libjpeg warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +;exif.encode_unicode = ISO-8859-15 +;exif.decode_unicode_motorola = UCS-2BE +;exif.decode_unicode_intel = UCS-2LE +;exif.encode_jis = +;exif.decode_jis_motorola = JIS +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +soap.wsdl_cache_enabled=1 +; Sets the directory name where SOAP extension will put cache files. +soap.wsdl_cache_dir="/tmp" +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +soap.wsdl_cache_ttl=86400 + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 11 +d17 8 +a24 16 +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +d29 1 +a29 10 + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +d33 1 +a33 4 +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +d36 2 +a37 3 +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +d39 5 +a43 6 +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +d46 1 +a46 1 + +d49 1 +a49 1 + +d51 3 +a53 3 +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +d57 2 +a58 1 + +d62 3 +a64 13 +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. +a65 119 +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 +a71 1 +; http://php.net/engine +d74 10 +a83 13 +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off +a85 1 +; http://php.net/asp-tags +d89 1 +a89 2 +; http://php.net/precision +precision = 14 +a91 1 +; http://php.net/y2k-compliance +d94 8 +a101 23 +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 +d108 3 +a110 3 +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +d112 1 +a112 1 +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +d114 1 +a114 2 +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +d121 3 +a123 3 +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +d125 1 +a125 2 +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +a126 2 + +; http://php.net/zlib.output-compression-level +a131 1 +; http://php.net/zlib.output-handler +a138 2 +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +d143 3 +a145 2 +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +d148 1 +a148 1 +unserialize_callback_func = +d155 10 +a164 13 +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off +d166 1 +d168 1 +a168 1 +; http://php.net/safe-mode +a173 1 +; http://php.net/safe-mode-gid +a179 1 +; http://php.net/safe-mode-include-dir +a183 1 +; http://php.net/safe-mode-exec-dir +d191 1 +d193 1 +a193 2 +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +a198 1 +; http://php.net/safe-mode-protected-env-vars +a204 1 +; http://php.net/open-basedir +a209 1 +; http://php.net/disable-functions +a214 1 +; http://php.net/disable-classes +a218 1 +; http://php.net/syntax-highlighting +d227 3 +a229 5 +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On +d234 1 +a234 2 +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k +d239 1 +a239 6 +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; +d241 3 +a247 1 +; http://php.net/expose-php +d250 1 +d255 5 +a259 22 +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M +d265 3 +a267 17 +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +d288 39 +a326 41 +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +d329 4 +a332 9 +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On +a335 1 +; http://php.net/log-errors-max-len +a339 1 +; http://php.net/ignore-repeated-errors +a344 1 +; http://php.net/ignore-repeated-source +a349 1 +; http://php.net/report-memleaks +a351 1 +; This setting is on by default. +d354 1 +a354 7 +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +a357 1 +; http://php.net/xmlrpc-errors +a358 1 + +d362 3 +a364 10 +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off +d368 1 +a368 1 +; You can download a copy of the PHP manual from http://php.net/docs +d371 1 +a371 1 +; the dot. PHP's default behavior is to leave these settings empty. +a372 2 +; http://php.net/docref-root +; Examples +a373 2 + +; http://php.net/docref-ext +d376 1 +a376 4 +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +d379 1 +a379 4 +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +d382 3 +a384 5 +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +d388 1 +d392 2 +d396 1 +a396 3 +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +d400 1 +a400 1 +; PHP's default setting is "&". +a401 2 +; http://php.net/arg-separator.input +; Example: +d404 5 +a408 26 +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" +d412 4 +a415 1 +; with user data. +a418 1 +; http://php.net/register-globals +d421 9 +a429 24 +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off +a435 1 +; http://php.net/auto-globals-jit +a438 1 +; http://php.net/post-max-size +d441 5 +a445 15 +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off +a447 1 +; http://php.net/magic-quotes-runtime +a450 1 +; http://php.net/magic-quotes-sybase +d453 1 +a453 2 +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +a454 3 + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +d457 1 +a457 1 +; By default, PHP will output a character encoding using +a461 1 +; http://php.net/default-mimetype +a462 3 + +; PHP's default character set is set to empty. +; http://php.net/default-charset +d465 1 +a465 3 +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +d468 1 +a477 3 +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path +a483 1 +; http://php.net/doc-root +a487 1 +; http://php.net/user-dir +d491 1 +a491 4 +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" +d496 1 +a496 2 +; http://php.net/enable-dl +enable_dl = Off +d502 1 +a502 2 +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 +d505 2 +a506 2 +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 +d512 1 +a512 2 +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; +d517 1 +a517 1 +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +d520 1 +a520 2 +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 +d527 1 +a527 2 +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; +d529 2 +a530 3 +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 +a536 1 +; http://php.net/cgi.rfc2616-headers +d539 1 +a544 1 +; http://php.net/file-uploads +a548 1 +; http://php.net/upload-tmp-dir +a551 1 +; http://php.net/upload-max-filesize +d554 1 +d563 1 +a563 2 +; http://php.net/allow-url-fopen +allow_url_fopen = Off +a565 1 +; http://php.net/allow-url-include +d568 1 +a568 3 +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +d571 2 +a572 3 +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" +a574 1 +; http://php.net/default-socket-timeout +d582 2 +a583 2 +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off +d588 1 +a588 1 + +d602 5 +a606 7 +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +d612 1 +a612 1 +; +d616 1 +d618 1 +a618 1 +;extension=php_fileinfo.dll +d622 1 +a622 1 +;extension=php_intl.dll +d627 3 +d631 1 +d635 1 +a635 2 +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +d637 1 +d642 1 +a646 1 +;extension=php_phar.dll +a652 1 +;extension=php_sqlite3.dll +a664 1 +; http://php.net/date.timezone +a666 1 +; http://php.net/date.default-latitude +a667 2 + +; http://php.net/date.default-longitude +a669 1 +; http://php.net/date.sunrise-zenith +a670 2 + +; http://php.net/date.sunset-zenith +a673 1 +; http://php.net/filter.default +a674 2 + +; http://php.net/filter.default-flags +a681 7 +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +a682 1 +; http://php.net/sqlite.assoc-case +a684 3 +[sqlite3] +;sqlite3.extension_dir = + +a686 1 +; http://php.net/pcre.backtrack-limit +d689 3 +a691 3 +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +a692 1 +; http://php.net/pcre.recursion-limit +a694 26 +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +a698 1 +; http://php.net/define-syslog-variables +a702 1 +; http://php.net/smtp +a703 1 +; http://php.net/smtp-port +a706 1 +; http://php.net/sendmail-from +a709 1 +; http://php.net/sendmail-path +a716 6 +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +a717 1 +; http://php.net/sql.safe-mode +a720 1 +; http://php.net/odbc.default-db +a721 2 + +; http://php.net/odbc.default-user +a722 2 + +; http://php.net/odbc.default-pw +a724 4 +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +a725 1 +; http://php.net/odbc.allow-persistent +a728 1 +; http://php.net/odbc.check-persistent +a731 1 +; http://php.net/odbc.max-persistent +a734 1 +; http://php.net/odbc.max-links +a738 1 +; http://php.net/odbc.defaultlrl +d743 1 +a743 2 +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +a745 33 +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +a746 4 +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +a747 1 +; http://php.net/mysql.allow-persistent +a749 4 +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +a750 1 +; http://php.net/mysql.max-persistent +a753 1 +; http://php.net/mysql.max-links +a759 1 +; http://php.net/mysql.default-port +a763 1 +; http://php.net/mysql.default-socket +a766 1 +; http://php.net/mysql.default-host +a769 1 +; http://php.net/mysql.default-user +a776 1 +; http://php.net/mysql.default-password +a779 1 +; http://php.net/mysql.connect-timeout +a783 1 +; http://php.net/mysql.trace-mode +a787 12 +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +a788 1 +; http://php.net/mysqli.max-links +a790 4 +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +a794 1 +; http://php.net/mysqli.default-port +a798 1 +; http://php.net/mysqli.default-socket +a801 1 +; http://php.net/mysqli.default-host +a804 1 +; http://php.net/mysqli.default-user +a811 1 +; http://php.net/mysqli.default-pw +d817 9 +a825 19 +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 +d828 1 +a828 4 + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +a832 1 +; http://php.net/oci8.max-persistent +a837 1 +; http://php.net/oci8.persistent-timeout +a843 1 +; http://php.net/oci8.ping-interval +a845 13 +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +a847 1 +; http://php.net/oci8.statement-cache-size +d852 1 +a852 2 +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 +a855 1 +; http://php.net/oci8.old-oci-close-semantics +a859 1 +; http://php.net/pgsql.allow-persistent +a863 1 +; http://php.net/pgsql.auto-reset-persistent +a866 1 +; http://php.net/pgsql.max-persistent +a869 1 +; http://php.net/pgsql.max-links +a873 1 +; http://php.net/pgsql.ignore-notice +a877 1 +; http://php.net/pgsql.log-notice +d880 25 +a906 1 +; http://php.net/sybct.allow-persistent +a909 1 +; http://php.net/sybct.max-persistent +a912 1 +; http://php.net/sybct.max-links +a915 1 +; http://php.net/sybct.min-server-severity +a918 1 +; http://php.net/sybct.min-client-severity +a920 18 +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +a922 1 +; http://php.net/bcmath.scale +a925 1 +; http://php.net/browscap +d928 37 +a966 1 +; http://php.net/session.save-handler +d973 1 +a973 1 +; The path can be defined as: +a994 1 +; http://php.net/session.save-path +a997 1 +; http://php.net/session.use-cookies +d1000 1 +a1000 2 +; http://php.net/session.cookie-secure +;session.cookie_secure = +d1002 3 +a1004 6 +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 +a1006 1 +; http://php.net/session.name +a1009 1 +; http://php.net/session.auto-start +a1012 1 +; http://php.net/session.cookie-lifetime +a1015 1 +; http://php.net/session.cookie-path +a1018 1 +; http://php.net/session.cookie-domain +d1022 1 +a1022 2 +; http://php.net/session.cookie-httponly +session.cookie_httponly = +a1024 1 +; http://php.net/session.serialize-handler +d1027 6 +a1032 10 +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +d1034 1 +a1034 14 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 +a1037 1 +; http://php.net/session.gc-maxlifetime +d1049 1 +a1049 1 +; to initialize a session variable in the global scope, even when register_globals +d1052 4 +a1055 20 +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off +a1059 1 +; http://php.net/session.referer-check +a1062 1 +; http://php.net/session.entropy-length +d1066 4 +a1069 4 +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +a1073 1 +; http://php.net/session.cache-limiter +a1076 1 +; http://php.net/session.cache-expire +a1087 1 +; http://php.net/session.use-trans-sid +d1090 3 +a1092 8 +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +d1097 5 +a1101 9 +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 +d1108 1 +a1108 5 +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" +d1157 1 +a1157 1 +; Specify client character set. +a1163 1 +; http://php.net/assert.active +a1166 1 +; http://php.net/assert.warning +a1169 1 +; http://php.net/assert.bail +a1172 1 +; http://php.net/assert.callback +a1176 1 +; http://php.net/assert.quiet-eval +a1180 1 +; http://php.net/com.typelib-file +a1181 1 + +a1182 1 +; http://php.net/com.allow-dcom +a1183 1 + +a1184 1 +; http://php.net/com.autoregister-typelib +a1185 1 + +a1186 1 +; http://php.net/com.autoregister-casesensitive +a1187 1 + +a1188 1 +; http://php.net/com.autoregister-verbose +a1190 4 +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +a1192 1 +; http://php.net/mbstring.language +a1197 1 +; http://php.net/mbstring.internal-encoding +a1200 1 +; http://php.net/mbstring.http-input +a1204 1 +; http://php.net/mbstring.http-output +a1211 1 +; http://php.net/mbstring.encoding-translation +a1215 1 +; http://php.net/mbstring.detect-order +a1219 1 +; http://php.net/mbstring.substitute-character +a1229 1 +; http://php.net/mbstring.func-overload +d1232 14 +a1245 11 +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= +d1248 1 +a1248 1 +; Tell the jpeg decode to ignore warnings and try to create +a1250 1 +; http://php.net/gd.jpeg-ignore-warning +a1258 1 +; http://php.net/exif.encode-unicode +a1259 2 + +; http://php.net/exif.decode-unicode-motorola +a1260 2 + +; http://php.net/exif.decode-unicode-intel +a1261 2 + +; http://php.net/exif.encode-jis +a1262 2 + +; http://php.net/exif.decode-jis-motorola +a1263 2 + +; http://php.net/exif.decode-jis-intel +a1267 1 +; http://php.net/tidy.default-config +a1272 1 +; http://php.net/tidy.clean-output +a1276 1 +; http://php.net/soap.wsdl-cache-enabled +a1277 1 + +a1278 1 +; http://php.net/soap.wsdl-cache-dir +d1280 1 +a1280 2 + +; (time to live) Sets the number of second while cached file will be used +a1281 1 +; http://php.net/soap.wsdl-cache-ttl +a1283 25 +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +@ diff --git a/config-archive/etc/php/fpm-php5.3/php-fpm.conf,v b/config-archive/etc/php/fpm-php5.3/php-fpm.conf,v new file mode 100644 index 0000000..674a17c --- /dev/null +++ b/config-archive/etc/php/fpm-php5.3/php-fpm.conf,v @@ -0,0 +1,354 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.30.05.08.59; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.30.05.10.33; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; + +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr/lib/php5.3). This prefix can be dynamicaly changed by using the +; '-p' argument from the command line. + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p arguement) +; - /usr/lib/php5.3 otherwise +;include=/etc/php/fpm-php5.3/fpm.d/*.conf + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /var/lib +; Default Value: none +; Note: The Gentoo init script expects the pid path +; to be set to /var/run/php-fpm.pid +pid = /var/run/php-fpm.pid + +; Error log file +; Note: the default prefix is /var/lib +; Default Value: log/php-fpm.log +error_log = /var/log/php-fpm.log + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Start a new pool named 'www'. +; the variable $pool can we used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr/lib/php5.3) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. A value of '-1' means unlimited. +; Default Value: 128 (-1 on FreeBSD and OpenBSD) +;listen.backlog = -1 + +; List of ipv4 addresses of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0666 +;listen.owner = nobody +;listen.group = nobody +;listen.mode = 0666 + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = nobody +group = nobody + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives: +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes to be created when pm is set to 'dynamic'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. +; Note: Used when pm is set to either 'static' or 'dynamic' +; Note: This value is mandatory. +pm.max_children = 50 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +;pm.start_servers = 20 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 5 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 35 + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. By default, the status page shows the following +; information: +; accepted conn - the number of request accepted by the pool; +; pool - the name of the pool; +; process manager - static or dynamic; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes. +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic') +; The values of 'idle processes', 'active processes' and 'total processes' are +; updated each second. The value of 'accepted conn' is updated in real time. +; Example output: +; accepted conn: 12073 +; pool: www +; process manager: static +; idle processes: 35 +; active processes: 65 +; total processes: 100 +; max children reached: 1 +; By default the status page output is formatted as text/plain. Passing either +; 'html' or 'json' as a query string will return the corresponding output +; syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = /var/log/php-fpm-$pool.log.slow + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/lib/php5.3) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d25 3 +a27 4 +; Warning: pid file is overriden by the Gentoo init script. +; FPM will refuse to start if you uncomment this settingi and make use of the +; init script. +; pid = /var/run/php-fpm.pid +@ diff --git a/config-archive/etc/php/fpm-php5.3/php.ini,v b/config-archive/etc/php/fpm-php5.3/php.ini,v new file mode 100644 index 0000000..d2ed825 --- /dev/null +++ b/config-archive/etc/php/fpm-php5.3/php.ini,v @@ -0,0 +1,1943 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.05.03.05.05.33; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.13.22; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d320 1 +a320 1 +serialize_precision = 17 +d624 1 +a624 1 +;error_prepend_string = "" +d630 1 +a630 1 +;error_append_string = "" +a974 3 + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +a975 1 + +@ diff --git a/config-archive/etc/portage/bin/post_sync,v b/config-archive/etc/portage/bin/post_sync,v new file mode 100755 index 0000000..eba4917 --- /dev/null +++ b/config-archive/etc/portage/bin/post_sync,v @@ -0,0 +1,60 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.09.10.37.04; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.09.10.37.57; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#!/bin/sh +# Copyright 2006-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +if [ -d /etc/portage/postsync.d/ ]; then + for f in /etc/portage/postsync.d/* ; do + if [ -x ${f} ] ; then + ${f} + fi + done +else + : +fi +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# Copyright 2006-2009 Gentoo Foundation +d5 9 +a13 4 +for f in /etc/portage/postsync.d/* ; do + [ -x "${f}" ] && "${f}" +done +: +@ diff --git a/config-archive/etc/portage/package.use,v b/config-archive/etc/portage/package.use,v new file mode 100644 index 0000000..7100251 --- /dev/null +++ b/config-archive/etc/portage/package.use,v @@ -0,0 +1,183 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.23.11.12.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.23.11.12.42; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ +# +# $Header: /etc/portage/package.use,v 1.1 2010/05/25 22:07:53 root Exp $ +# + +app-admin/sysstat cron +app-admin/syslog-ng spoof-source sql +app-admin/webalizer geoip + +app-antivirus/clamav clamdtop + +app-arch/cabextract extra-tools + +app-crypt/gnupg idea + +app-editors/vim cscope vim-with-x + +app-misc/mc 7zip chdir slang +app-misc/screen multiuser + +app-portage/eix optimization strong-optimization tools + +app-shells/bash plugins + +dev-db/mysql extraengine pbxt +dev-db/sqlite extensions fts3 soundex +dev-db/unixODBC odbcmanual + +# dev-libs/apr -doc +# dev-libs/apr-util -doc + +dev-java/blackdown-jdk -doc +dev-java/sun-jdk jce + +dev-lang/perl perlsuid +dev-lang/php bcmath calendar cgi cli ctype curlwrappers dbase exif filter flatfile -gd gd-external hash iconv imap inifile json ldap-sasl mhash mysqli pcntl pdo-external posix -recode sharedext sharedmem simplexml sockets spl suhosin sysvipc -threads tidy tokenizer wddx xmlreader xmlwriter -xpm yaz zip + +dev-perl/Catalyst-Model-DBIC-Schema caching catalyst_helper replication +dev-perl/JSON-Any json-syck json-xs +dev-perl/Task-Moose cli async declare instancetype logging other strict traits types utilroles utils + +dev-php/PEAR-MDB2 mysqli + +dev-libs/cyrus-sasl authdaemond -java +dev-libs/libgcrypt idea +dev-libs/libusb -doc +dev-libs/yaz icu + +dev-perl/GD animgif +dev-perl/PDL badval +dev-perl/Catalyst-Action-REST php xml config-general data-taxi freezethaw json + +dev-python/pycairo -doc +dev-python/pygobject libffi + +dev-ruby/rubygems server + +dev-scheme/guile discouraged networking regex + +dev-util/subversion extras + +dev-util/strace aio +dev-util/subversion extras + +dev-vcs/git -subversion + +games-misc/fortune-mod offensive +games-misc/fortune-mod-kernelcookies offensive + +mail-client/mutt gpgme nntp sidebar smime +mail-client/nail net + +mail-filter/amavisd-new courier + +mail-mta/postfix vda + +media-gfx/album ffmpeg +media-gfx/exiv2 contrib xmp +media-gfx/imagemagick autotrace fftw mpeg raw +media-gfx/ufraw contrast exif -gtk hotpixels lensfun timezone + +media-libs/freetype kpathsea utils +media-libs/gd -fontconfig +media-libs/giflib rle +media-libs/openjpeg tools +media-libs/libtheora encode + +media-video/ffmpeg aac amr dirac gsm hardcoded-tables -pic schroedinger speex v4l2 vhook + +net-analyzer/nagios-nrpe command-args +net-analyzer/nagios-plugins nagios-dns nagios-ntp nagios-ping nagios-ssh +net-analyzer/net-snmp diskio elf extensible lm_sensors mfd-rewrites sendmail smux +net-analyzer/wireshark adns gcrypt profile smi + +net-dns/bind dlz -odbc +net-dns/libidn -java + +net-firewall/iptables extensions + +sys-fs/quota rpc +net-fs/samba oav quotas syslog + +# net-ftp/proftpd authfile ifsession rewrite shaper sitemisc softquota vroot +net-ftp/proftpd authfile ifsession rewrite sitemisc softquota vroot + +net-libs/libssh2 gcrypt + +net-mail/courier-imap -gnutls + +net-misc/curl libssh2 +net-misc/iputils -doc +net-misc/openssh X509 + +net-nds/openldap experimental overlays + +net-print/cups dbus + +sci-mathematics/pari -doc + +sys-apps/pciutils network-cron +sys-apps/portage epydoc +sys-apps/usbutils network-cron +sys-apps/util-linux slang loop-aes + +sys-auth/pambase ssh +sys-auth/pam_mysql openssl + +sys-devel/gcc gcj libffi mudflap objc objc-gc objc++ + +sys-kernel/gentoo-sources -doc +sys-kernel/vanilla-sources -doc + +sys-libs/pam audit + +www-client/elinks -samba + +www-servers/apache sni suexec -threads + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d60 1 +a60 1 +dev-vcs/subversion extras +d63 1 +a63 1 +dev-vcs/subversion extras +@ diff --git a/config-archive/etc/portage/postsync.d/q-reinitialize,v b/config-archive/etc/portage/postsync.d/q-reinitialize,v new file mode 100644 index 0000000..3f7f8a5 --- /dev/null +++ b/config-archive/etc/portage/postsync.d/q-reinitialize,v @@ -0,0 +1,44 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.09.10.37.05; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.09.10.37.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@[ -x /usr/bin/q ] && /usr/bin/q -qr +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 3 +#!/bin/sh +[ -x /usr/bin/q ] && /usr/bin/q -r ${PORTAGE_QUIET:+-q} +: +@ diff --git a/config-archive/etc/postfix/main.cf,v b/config-archive/etc/postfix/main.cf,v new file mode 100644 index 0000000..a409a05 --- /dev/null +++ b/config-archive/etc/postfix/main.cf,v @@ -0,0 +1,1092 @@ +head 1.8; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.8 +date 2011.08.29.21.57.45; author root; state Exp; +branches; +next 1.7; + +1.7 +date 2011.08.09.19.10.51; author root; state Exp; +branches; +next 1.6; + +1.6 +date 2011.06.07.07.29.31; author root; state Exp; +branches; +next 1.5; + +1.5 +date 2011.05.03.05.05.33; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2011.03.16.10.47.58; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2011.01.31.12.51.25; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.11.19.09.54.59; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.24.08.02.16; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.11.19.09.55.03; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.01.31.12.52.26; author root; state Exp; +branches; +next 1.1.1.4; + +1.1.1.4 +date 2011.03.16.10.48.03; author root; state Exp; +branches; +next 1.1.1.5; + +1.1.1.5 +date 2011.05.03.05.13.27; author root; state Exp; +branches; +next 1.1.1.6; + +1.1.1.6 +date 2011.06.07.07.39.45; author root; state Exp; +branches; +next 1.1.1.7; + +1.1.1.7 +date 2011.08.09.19.12.14; author root; state Exp; +branches; +next 1.1.1.8; + +1.1.1.8 +date 2011.08.29.21.57.51; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.8 +log +@dispatch-conf update. +@ +text +@# vim: noai: filetype=pfmain ts=4 sw=4 + +# Global Postfix configuration file. This file lists only a subset +# of all parameters. For the syntax, and for a complete parameter +# list, see the postconf(5) manual page (command: "man 5 postconf"). +# +# For common configuration examples, see BASIC_CONFIGURATION_README +# and STANDARD_CONFIGURATION_README. To find these documents, use +# the command "postconf html_directory readme_directory", or go to +# http://www.postfix.org/. +# +# For best results, change no more than 2-3 parameters at a time, +# and test if Postfix still works after every change. + +# SOFT BOUNCE +# +# The soft_bounce parameter provides a limited safety net for +# testing. When soft_bounce is enabled, mail will remain queued that +# would otherwise bounce. This parameter disables locally-generated +# bounces, and prevents the SMTP server from rejecting mail permanently +# (by changing 5xx replies into 4xx replies). However, soft_bounce +# is no cure for address rewriting mistakes or mail routing mistakes. +# +#soft_bounce = no + +# LOCAL PATHNAME INFORMATION +# +# The queue_directory specifies the location of the Postfix queue. +# This is also the root directory of Postfix daemons that run chrooted. +# See the files in examples/chroot-setup for setting up Postfix chroot +# environments on different UNIX systems. +# +queue_directory = /var/spool/postfix + +# The command_directory parameter specifies the location of all +# postXXX commands. +# +command_directory = /usr/sbin + +# The daemon_directory parameter specifies the location of all Postfix +# daemon programs (i.e. programs listed in the master.cf file). This +# directory must be owned by root. +# +daemon_directory = //usr/lib64/postfix + +# The data_directory parameter specifies the location of Postfix-writable +# data files (caches, random numbers). This directory must be owned +# by the mail_owner account (see below). +# +data_directory = /var/lib/postfix + +# QUEUE AND PROCESS OWNERSHIP +# +# The mail_owner parameter specifies the owner of the Postfix queue +# and of most Postfix daemon processes. Specify the name of a user +# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS +# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In +# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED +# USER. +# +mail_owner = postfix + +# The default_privs parameter specifies the default rights used by +# the local delivery agent for delivery to external file or command. +# These rights are used in the absence of a recipient user context. +# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. +# +#default_privs = nobody + +# INTERNET HOST AND DOMAIN NAMES +# +# The myhostname parameter specifies the internet hostname of this +# mail system. The default is to use the fully-qualified domain name +# from gethostname(). $myhostname is used as a default value for many +# other configuration parameters. +# +#myhostname = host.domain.tld +#myhostname = virtual.domain.tld + +# The mydomain parameter specifies the local internet domain name. +# The default is to use $myhostname minus the first component. +# $mydomain is used as a default value for many other configuration +# parameters. +# +#mydomain = domain.tld + +# SENDING MAIL +# +# The myorigin parameter specifies the domain that locally-posted +# mail appears to come from. The default is to append $myhostname, +# which is fine for small sites. If you run a domain with multiple +# machines, you should (1) change this to $mydomain and (2) set up +# a domain-wide alias database that aliases each user to +# user@@that.users.mailhost. +# +# For the sake of consistency between sender and recipient addresses, +# myorigin also specifies the default domain name that is appended +# to recipient addresses that have no @@domain part. +# +#myorigin = $myhostname +#myorigin = $mydomain + +# RECEIVING MAIL + +# The inet_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on. By default, +# the software claims all active interfaces on the machine. The +# parameter also controls delivery of mail to user@@[ip.address]. +# +# See also the proxy_interfaces parameter, for network addresses that +# are forwarded to us via a proxy or network address translator. +# +# Note: you need to stop/start Postfix when this parameter changes. +# +#inet_interfaces = all +#inet_interfaces = $myhostname +#inet_interfaces = $myhostname, localhost + +# The proxy_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on by way of a +# proxy or network address translation unit. This setting extends +# the address list specified with the inet_interfaces parameter. +# +# You must specify your proxy/NAT addresses when your system is a +# backup MX host for other domains, otherwise mail delivery loops +# will happen when the primary MX host is down. +# +#proxy_interfaces = +#proxy_interfaces = 1.2.3.4 + +# The mydestination parameter specifies the list of domains that this +# machine considers itself the final destination for. +# +# These domains are routed to the delivery agent specified with the +# local_transport parameter setting. By default, that is the UNIX +# compatible delivery agent that lookups all recipients in /etc/passwd +# and /etc/aliases or their equivalent. +# +# The default is $myhostname + localhost.$mydomain. On a mail domain +# gateway, you should also include $mydomain. +# +# Do not specify the names of virtual domains - those domains are +# specified elsewhere (see VIRTUAL_README). +# +# Do not specify the names of domains that this machine is backup MX +# host for. Specify those names via the relay_domains settings for +# the SMTP server, or use permit_mx_backup if you are lazy (see +# STANDARD_CONFIGURATION_README). +# +# The local machine is always the final destination for mail addressed +# to user@@[the.net.work.address] of an interface that the mail system +# receives mail on (see the inet_interfaces parameter). +# +# Specify a list of host or domain names, /file/name or type:table +# patterns, separated by commas and/or whitespace. A /file/name +# pattern is replaced by its contents; a type:table is matched when +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. +# +# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". +# +#mydestination = $myhostname, localhost.$mydomain, localhost +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, +# mail.$mydomain, www.$mydomain, ftp.$mydomain + +# REJECTING MAIL FOR UNKNOWN LOCAL USERS +# +# The local_recipient_maps parameter specifies optional lookup tables +# with all names or addresses of users that are local with respect +# to $mydestination, $inet_interfaces or $proxy_interfaces. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown local users. This parameter is defined by default. +# +# To turn off local recipient checking in the SMTP server, specify +# local_recipient_maps = (i.e. empty). +# +# The default setting assumes that you use the default Postfix local +# delivery agent for local delivery. You need to update the +# local_recipient_maps setting if: +# +# - You define $mydestination domain recipients in files other than +# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. +# For example, you define $mydestination domain recipients in +# the $virtual_mailbox_maps files. +# +# - You redefine the local delivery agent in master.cf. +# +# - You redefine the "local_transport" setting in main.cf. +# +# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" +# feature of the Postfix local delivery agent (see local(8)). +# +# Details are described in the LOCAL_RECIPIENT_README file. +# +# Beware: if the Postfix SMTP server runs chrooted, you probably have +# to access the passwd file via the proxymap service, in order to +# overcome chroot restrictions. The alternative, having a copy of +# the system passwd file in the chroot jail is just not practical. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify a bare username, an @@domain.tld +# wild-card, or specify a user@@domain.tld address. +# +#local_recipient_maps = unix:passwd.byname $alias_maps +#local_recipient_maps = proxy:unix:passwd.byname $alias_maps +#local_recipient_maps = + +# The unknown_local_recipient_reject_code specifies the SMTP server +# response code when a recipient domain matches $mydestination or +# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty +# and the recipient address or address local-part is not found. +# +# The default setting is 550 (reject mail) but it is safer to start +# with 450 (try again later) until you are certain that your +# local_recipient_maps settings are OK. +# +unknown_local_recipient_reject_code = 550 + +# TRUST AND RELAY CONTROL + +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in postconf(5). +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# On Linux, this does works correctly only with interfaces specified +# with the "ifconfig" command. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +#mynetworks_style = class +#mynetworks_style = subnet +#mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. Specify type:table for table-based lookups +# (the value on the table right-hand side is not used). +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks +#mynetworks = hash:/etc/postfix/network_table + +# The relay_domains parameter restricts what destinations this system will +# relay mail to. See the smtpd_recipient_restrictions description in +# postconf(5) for detailed information. +# +# By default, Postfix relays mail +# - from "trusted" clients (IP address matches $mynetworks) to any destination, +# - from "untrusted" clients to destinations that match $relay_domains or +# subdomains thereof, except addresses with sender-specified routing. +# The default relay_domains value is $mydestination. +# +# In addition to the above, the Postfix SMTP server by default accepts mail +# that Postfix is final destination for: +# - destinations that match $inet_interfaces or $proxy_interfaces, +# - destinations that match $mydestination +# - destinations that match $virtual_alias_domains, +# - destinations that match $virtual_mailbox_domains. +# These destinations do not need to be listed in $relay_domains. +# +# Specify a list of hosts or domains, /file/name patterns or type:name +# lookup tables, separated by commas and/or whitespace. Continue +# long lines by starting the next line with whitespace. A file name +# is replaced by its contents; a type:name table is matched when a +# (parent) domain appears as lookup key. +# +# NOTE: Postfix will not automatically forward mail for domains that +# list this system as their primary or backup MX host. See the +# permit_mx_backup restriction description in postconf(5). +# +#relay_domains = $mydestination + +# INTERNET OR INTRANET + +# The relayhost parameter specifies the default host to send mail to +# when no entry is matched in the optional transport(5) table. When +# no relayhost is given, mail is routed directly to the destination. +# +# On an intranet, specify the organizational domain name. If your +# internal DNS uses no MX records, specify the name of the intranet +# gateway host instead. +# +# In the case of SMTP, specify a domain, host, host:port, [host]:port, +# [address] or [address]:port; the form [host] turns off MX lookups. +# +# If you're connected via UUCP, see also the default_transport parameter. +# +#relayhost = $mydomain +#relayhost = [gateway.my.domain] +#relayhost = [mailserver.isp.tld] +#relayhost = uucphost +#relayhost = [an.ip.add.ress] + +# REJECTING UNKNOWN RELAY USERS +# +# The relay_recipient_maps parameter specifies optional lookup tables +# with all addresses in the domains that match $relay_domains. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown relay users. This feature is off by default. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify an @@domain.tld wild-card, or specify +# a user@@domain.tld address. +# +#relay_recipient_maps = hash:/etc/postfix/relay_recipients + +# INPUT RATE CONTROL +# +# The in_flow_delay configuration parameter implements mail input +# flow control. This feature is turned on by default, although it +# still needs further development (it's disabled on SCO UNIX due +# to an SCO bug). +# +# A Postfix process will pause for $in_flow_delay seconds before +# accepting a new message, when the message arrival rate exceeds the +# message delivery rate. With the default 100 SMTP server process +# limit, this limits the mail inflow to 100 messages a second more +# than the number of messages delivered per second. +# +# Specify 0 to disable the feature. Valid delays are 0..10. +# +#in_flow_delay = 1s + +# ADDRESS REWRITING +# +# The ADDRESS_REWRITING_README document gives information about +# address masquerading or other forms of address rewriting including +# username->Firstname.Lastname mapping. + +# ADDRESS REDIRECTION (VIRTUAL DOMAIN) +# +# The VIRTUAL_README document gives information about the many forms +# of domain hosting that Postfix supports. + +# "USER HAS MOVED" BOUNCE MESSAGES +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# TRANSPORT MAP +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# ALIAS DATABASE +# +# The alias_maps parameter specifies the list of alias databases used +# by the local delivery agent. The default list is system dependent. +# +# On systems with NIS, the default is to search the local alias +# database, then the NIS alias database. See aliases(5) for syntax +# details. +# +# If you change the alias database, run "postalias /etc/aliases" (or +# wherever your system stores the mail alias file), or simply run +# "newaliases" to build the necessary DBM or DB file. +# +# It will take a minute or so before changes become visible. Use +# "postfix reload" to eliminate the delay. +# +#alias_maps = dbm:/etc/aliases +#alias_maps = hash:/etc/aliases +#alias_maps = hash:/etc/aliases, nis:mail.aliases +#alias_maps = netinfo:/aliases + +# The alias_database parameter specifies the alias database(s) that +# are built with "newaliases" or "sendmail -bi". This is a separate +# configuration parameter, because alias_maps (see above) may specify +# tables that are not necessarily all under control by Postfix. +# +#alias_database = dbm:/etc/aliases +#alias_database = dbm:/etc/mail/aliases +#alias_database = hash:/etc/aliases +#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases + +# ADDRESS EXTENSIONS (e.g., user+foo) +# +# The recipient_delimiter parameter specifies the separator between +# user names and address extensions (user+foo). See canonical(5), +# local(8), relocated(5) and virtual(5) for the effects this has on +# aliases, canonical, virtual, relocated and .forward file lookups. +# Basically, the software tries user+foo and .forward+foo before +# trying user and .forward. +# +#recipient_delimiter = + + +# DELIVERY TO MAILBOX +# +# The home_mailbox parameter specifies the optional pathname of a +# mailbox file relative to a user's home directory. The default +# mailbox file is /var/spool/mail/user or /var/mail/user. Specify +# "Maildir/" for qmail-style delivery (the / is required). +# +#home_mailbox = Mailbox +#home_mailbox = Maildir/ + +# The mail_spool_directory parameter specifies the directory where +# UNIX-style mailboxes are kept. The default setting depends on the +# system type. +# +#mail_spool_directory = /var/mail +#mail_spool_directory = /var/spool/mail + +# The mailbox_command parameter specifies the optional external +# command to use instead of mailbox delivery. The command is run as +# the recipient with proper HOME, SHELL and LOGNAME environment settings. +# Exception: delivery for root is done as $default_user. +# +# Other environment variables of interest: USER (recipient username), +# EXTENSION (address extension), DOMAIN (domain part of address), +# and LOCAL (the address localpart). +# +# Unlike other Postfix configuration parameters, the mailbox_command +# parameter is not subjected to $parameter substitutions. This is to +# make it easier to specify shell syntax (see example below). +# +# Avoid shell meta characters because they will force Postfix to run +# an expensive shell process. Procmail alone is expensive enough. +# +# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN +# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. +# +#mailbox_command = /some/where/procmail +#mailbox_command = /some/where/procmail -a "$EXTENSION" + +# The mailbox_transport specifies the optional transport in master.cf +# to use after processing aliases and .forward files. This parameter +# has precedence over the mailbox_command, fallback_transport and +# luser_relay parameters. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#mailbox_transport = lmtp:unix:/file/name +#mailbox_transport = cyrus + +# The fallback_transport specifies the optional transport in master.cf +# to use for recipients that are not found in the UNIX passwd database. +# This parameter has precedence over the luser_relay parameter. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#fallback_transport = lmtp:unix:/file/name +#fallback_transport = cyrus +#fallback_transport = + +# The luser_relay parameter specifies an optional destination address +# for unknown recipients. By default, mail for unknown@@$mydestination, +# unknown@@[$inet_interfaces] or unknown@@[$proxy_interfaces] is returned +# as undeliverable. +# +# The following expansions are done on luser_relay: $user (recipient +# username), $shell (recipient shell), $home (recipient home directory), +# $recipient (full recipient address), $extension (recipient address +# extension), $domain (recipient domain), $local (entire recipient +# localpart), $recipient_delimiter. Specify ${name?value} or +# ${name:value} to expand value only when $name does (does not) exist. +# +# luser_relay works only for the default Postfix local delivery agent. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must specify "local_recipient_maps =" (i.e. empty) in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#luser_relay = $user@@other.host +#luser_relay = $local@@other.host +#luser_relay = admin+$local + +# JUNK MAIL CONTROLS +# +# The controls listed here are only a very small subset. The file +# SMTPD_ACCESS_README provides an overview. + +# The header_checks parameter specifies an optional table with patterns +# that each logical message header is matched against, including +# headers that span multiple physical lines. +# +# By default, these patterns also apply to MIME headers and to the +# headers of attached messages. With older Postfix versions, MIME and +# attached message headers were treated as body text. +# +# For details, see "man header_checks". +# +#header_checks = regexp:/etc/postfix/header_checks + +# FAST ETRN SERVICE +# +# Postfix maintains per-destination logfiles with information about +# deferred mail, so that mail can be flushed quickly with the SMTP +# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". +# See the ETRN_README document for a detailed description. +# +# The fast_flush_domains parameter controls what destinations are +# eligible for this service. By default, they are all domains that +# this server is willing to relay mail to. +# +#fast_flush_domains = $relay_domains + +# SHOW SOFTWARE VERSION OR NOT +# +# The smtpd_banner parameter specifies the text that follows the 220 +# code in the SMTP server's greeting banner. Some people like to see +# the mail version advertised. By default, Postfix shows no version. +# +# You MUST specify $myhostname at the start of the text. That is an +# RFC requirement. Postfix itself does not care. +# +#smtpd_banner = $myhostname ESMTP $mail_name +#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) + +# PARALLEL DELIVERY TO THE SAME DESTINATION +# +# How many parallel deliveries to the same user or domain? With local +# delivery, it does not make sense to do massively parallel delivery +# to the same user, because mailbox updates must happen sequentially, +# and expensive pipelines in .forward files can cause disasters when +# too many are run at the same time. With SMTP deliveries, 10 +# simultaneous connections to the same domain could be sufficient to +# raise eyebrows. +# +# Each message delivery transport has its XXX_destination_concurrency_limit +# parameter. The default is $default_destination_concurrency_limit for +# most delivery transports. For the local delivery agent the default is 2. + +#local_destination_concurrency_limit = 2 +#default_destination_concurrency_limit = 20 + +# DEBUGGING CONTROL +# +# The debug_peer_level parameter specifies the increment in verbose +# logging level when an SMTP client or server host name or address +# matches a pattern in the debug_peer_list parameter. +# +debug_peer_level = 2 + +# The debug_peer_list parameter specifies an optional list of domain +# or network patterns, /file/name patterns or type:name tables. When +# an SMTP client or server host name or address matches a pattern, +# increase the verbose logging level by the amount specified in the +# debug_peer_level parameter. +# +#debug_peer_list = 127.0.0.1 +#debug_peer_list = some.domain + +# The debugger_command specifies the external command that is executed +# when a Postfix daemon program is run with the -D option. +# +# Use "command .. & sleep 5" so that the debugger can attach before +# the process marches on. If you use an X-based debugger, be sure to +# set up your XAUTHORITY environment variable before starting Postfix. +# +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + +# If you can't use X, use this to capture the call stack when a +# daemon crashes. The result is in a file in the configuration +# directory, and is named after the process name and the process ID. +# +# debugger_command = +# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; +# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 +# >$config_directory/$process_name.$process_id.log & sleep 5 +# +# Another possibility is to run gdb under a detached screen session. +# To attach to the screen sesssion, su root and run "screen -r +# " where uniquely matches one of the detached +# sessions (from "screen -list"). +# +# debugger_command = +# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen +# -dmS $process_name gdb $daemon_directory/$process_name +# $process_id & sleep 1 + +# INSTALL-TIME CONFIGURATION INFORMATION +# +# The following parameters are used when installing a new Postfix version. +# +# sendmail_path: The full pathname of the Postfix sendmail command. +# This is the Sendmail-compatible mail posting interface. +# +sendmail_path = /usr/sbin/sendmail + +# newaliases_path: The full pathname of the Postfix newaliases command. +# This is the Sendmail-compatible command to build alias databases. +# +newaliases_path = /usr/bin/newaliases + +# mailq_path: The full pathname of the Postfix mailq command. This +# is the Sendmail-compatible mail queue listing command. +# +mailq_path = /usr/bin/mailq + +# setgid_group: The group for mail submission and queue management +# commands. This must be a group name with a numerical group ID that +# is not shared with other accounts, not even with the Postfix account. +# +setgid_group = postdrop + +# html_directory: The location of the Postfix HTML documentation. +# +html_directory = /usr/share/doc/postfix-2.8.3-r2/html + +# manpage_directory: The location of the Postfix on-line manual pages. +# +manpage_directory = /usr/share/man + +# sample_directory: The location of the Postfix sample configuration files. +# This parameter is obsolete as of Postfix 2.1. +# +sample_directory = /etc/postfix + +# readme_directory: The location of the Postfix README files. +# +readme_directory = /usr/share/doc/postfix-2.8.3-r2/readme +home_mailbox = .maildir/ +#alias_maps = mysql:/etc/postfix/mysql-aliases.cf +alias_maps = hash:/etc/postfix/maps/aliases +anvil_status_update_time = 3600s +body_checks = pcre:/etc/postfix/maps/body_checks +bounce_template_file = /etc/postfix/bounce-templates/bounce.de-DE.cf +broken_sasl_auth_clients = yes +#canonical_maps = mysql:/etc/postfix/mysql-canonical.cf +canonical_maps = hash:/etc/postfix/maps/canonical +cyrus_sasl_config_path = /etc/sasl2 +default_destination_concurrency_limit = 5 +header_checks = pcre:/etc/postfix/maps/header_checks +inet_protocols = all +local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname +mail_spool_directory = /var/spool/mail +mailbox_size_limit = 512000000 +message_size_limit = 51200000 +#mydestination = $myhostname, $mydomain, mysql:/etc/postfix/mysql-mydomains.cf +mydestination = $myhostname, $mydomain, hash:/etc/postfix/maps/mydomains +mydomain = brehm-online.com +myhostname = helga.brehm-online.com +mynetworks = 127.0.0.0/8 85.214.134.152/32 [::1]/128 [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]/128 +mynetworks_style = host +myorigin = $mydomain +#recipient_bcc_maps = mysql:/etc/postfix/mysql-recipient_bcc.cf +recipient_bcc_maps = hash:/etc/postfix/maps/recipient_bcc +#relay_clientcerts = hash:/etc/postfix/relay_clientcerts +relay_clientcerts = hash:/etc/postfix/maps/relay_clientcerts +#relay_domains = mysql:/etc/postfix/mysql-relay-domains.cf +relay_domains = hash:/etc/postfix/maps/relay_domains +#relocated_maps = mysql:/etc/postfix/mysql-relocated.cf +relocated_maps = hash:/etc/postfix/maps/relocated +#sender_bcc_maps = mysql:/etc/postfix/mysql-sender_bcc.cf +sender_bcc_maps = hash:/etc/postfix/maps/sender_bcc +smtp_generic_maps = hash:/etc/postfix/maps/generic +smtp_tls_CAfile = /etc/ssl/CA-Brehm/cacert.pem +smtp_tls_cert_file = /etc/postfix/postfix.pem +smtp_tls_enforce_peername = no +smtp_use_tls = yes +smtpd_banner = $myhostname ESMTP Frank Brehms Mail Service $mail_name ($mail_version) + +smtpd_recipient_restrictions = + check_client_access cidr:/etc/postfix/maps/access_client, + check_recipient_access hash:/etc/postfix/maps/access_recipient, + check_helo_access hash:/etc/postfix/maps/access_helo, + check_sender_access hash:/etc/postfix/maps/access_sender, + reject_non_fqdn_recipient, + reject_unknown_recipient_domain, + reject_non_fqdn_sender, + reject_unknown_sender_domain, + reject_invalid_helo_hostname, + permit_mynetworks, + permit_sasl_authenticated, + permit_tls_clientcerts, + reject_rbl_client zen.spamhaus.org, + reject_rbl_client ix.dnsbl.manitu.net, + check_policy_service unix:private/postgrey, + check_policy_service inet:127.0.0.1:12525, + reject_unverified_recipient, + permit_mx_backup, + reject_unauth_destination, + permit + +smtpd_sasl_auth_enable = yes +smtpd_tls_CAfile = $smtp_tls_CAfile +smtpd_tls_cert_file = $smtp_tls_cert_file +smtpd_tls_key_file = $smtp_tls_cert_file +smtpd_tls_loglevel = 1 +smtpd_tls_received_header = yes +smtpd_use_tls = yes +transport_maps = hash:/etc/postfix/maps/transport +#virtual_alias_domains = mysql:/etc/postfix/mysql-virtual-alias-domains.cf +virtual_alias_domains = hash:/etc/postfix/maps/virtual_alias_domains +#virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf +virtual_alias_maps = hash:/etc/postfix/maps/virtual_alias_maps +virtual_gid_maps = static:1023 +virtual_mailbox_base = / +#virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf +virtual_mailbox_domains = hash:/etc/postfix/maps/virtual_mailbox_domains +virtual_mailbox_limit = 512000000 +#virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf +virtual_mailbox_maps = hash:/etc/postfix/maps/virtual_mailbox_maps +virtual_uid_maps = static:1023 +@ + + +1.7 +log +@dispatch-conf update. +@ +text +@d640 1 +a640 1 +html_directory = /usr/share/doc/postfix-2.7.4/html +d653 1 +a653 1 +readme_directory = /usr/share/doc/postfix-2.7.4/readme +@ + + +1.6 +log +@dispatch-conf update. +@ +text +@d640 1 +a640 1 +html_directory = /usr/share/doc/postfix-2.7.3-r1/html +d653 1 +a653 1 +readme_directory = /usr/share/doc/postfix-2.7.3-r1/readme +@ + + +1.5 +log +@dispatch-conf update. +@ +text +@d640 1 +a640 1 +html_directory = /usr/share/doc/postfix-2.7.3/html +d653 1 +a653 1 +readme_directory = /usr/share/doc/postfix-2.7.3/readme +@ + + +1.4 +log +@dispatch-conf update. +@ +text +@d640 1 +a640 1 +html_directory = /usr/share/doc/postfix-2.7.2/html +d653 1 +a653 1 +readme_directory = /usr/share/doc/postfix-2.7.2/readme +d655 2 +a656 1 +alias_maps = mysql:/etc/postfix/mysql-aliases.cf +d658 1 +a658 1 +body_checks = pcre:/etc/postfix/body_checks +d661 2 +a662 1 +canonical_maps = mysql:/etc/postfix/mysql-canonical.cf +d665 1 +a665 1 +header_checks = pcre:/etc/postfix/header_checks +d671 2 +a672 1 +mydestination = $myhostname, $mydomain, mysql:/etc/postfix/mysql-mydomains.cf +d678 11 +a688 6 +recipient_bcc_maps = mysql:/etc/postfix/mysql-recipient_bcc.cf +relay_clientcerts = hash:/etc/postfix/relay_clientcerts +relay_domains = mysql:/etc/postfix/mysql-relay-domains.cf +relocated_maps = mysql:/etc/postfix/mysql-relocated.cf +sender_bcc_maps = mysql:/etc/postfix/mysql-sender_bcc.cf +smtp_generic_maps = hash:/etc/postfix/generic +d696 4 +a699 4 + check_client_access cidr:/etc/postfix/access_client, + check_recipient_access hash:/etc/postfix/access_recipient, + check_helo_access hash:/etc/postfix/access_helo, + check_sender_access hash:/etc/postfix/access_sender, +d724 5 +a728 3 +transport_maps = hash:/etc/postfix/transport +virtual_alias_domains = mysql:/etc/postfix/mysql-virtual-alias-domains.cf +virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf +d731 2 +a732 1 +virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf +d734 2 +a735 1 +virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@d640 1 +a640 1 +html_directory = /usr/share/doc/postfix-2.7.1/html +d653 1 +a653 1 +readme_directory = /usr/share/doc/postfix-2.7.1/readme +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d640 1 +a640 1 +html_directory = /usr/share/doc/postfix-2.6.6/html +d653 1 +a653 1 +readme_directory = /usr/share/doc/postfix-2.6.6/readme +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d640 1 +a640 1 +html_directory = /usr/share/doc/postfix-2.6.5/html +d653 1 +a653 1 +readme_directory = /usr/share/doc/postfix-2.6.5/readme +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 2 +d44 1 +a44 1 +daemon_directory = /usr/lib64/postfix +d640 1 +a640 1 +html_directory = /usr/share/doc/postfix-2.6.6/html +d653 1 +a653 1 +readme_directory = /usr/share/doc/postfix-2.6.6/readme +d655 70 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d638 1 +a638 1 +html_directory = /usr/share/doc/postfix-2.7.1/html +d651 1 +a651 1 +readme_directory = /usr/share/doc/postfix-2.7.1/readme +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d638 1 +a638 1 +html_directory = /usr/share/doc/postfix-2.7.2/html +d651 1 +a651 1 +readme_directory = /usr/share/doc/postfix-2.7.2/readme +@ + + +1.1.1.4 +log +@dispatch-conf update. +@ +text +@d638 1 +a638 1 +html_directory = /usr/share/doc/postfix-2.7.3/html +d651 1 +a651 1 +readme_directory = /usr/share/doc/postfix-2.7.3/readme +@ + + +1.1.1.5 +log +@dispatch-conf update. +@ +text +@d638 1 +a638 1 +html_directory = /usr/share/doc/postfix-2.7.3-r1/html +d651 1 +a651 1 +readme_directory = /usr/share/doc/postfix-2.7.3-r1/readme +@ + + +1.1.1.6 +log +@dispatch-conf update. +@ +text +@d638 1 +a638 1 +html_directory = /usr/share/doc/postfix-2.7.4/html +d651 1 +a651 1 +readme_directory = /usr/share/doc/postfix-2.7.4/readme +@ + + +1.1.1.7 +log +@dispatch-conf update. +@ +text +@d638 1 +a638 1 +html_directory = /usr/share/doc/postfix-2.8.3-r2/html +d651 1 +a651 1 +readme_directory = /usr/share/doc/postfix-2.8.3-r2/readme +@ + + +1.1.1.8 +log +@dispatch-conf update. +@ +text +@d638 1 +a638 1 +html_directory = /usr/share/doc/postfix-2.8.4/html +d651 1 +a651 1 +readme_directory = /usr/share/doc/postfix-2.8.4/readme +@ diff --git a/config-archive/etc/postfix/master.cf,v b/config-archive/etc/postfix/master.cf,v new file mode 100644 index 0000000..190b54e --- /dev/null +++ b/config-archive/etc/postfix/master.cf,v @@ -0,0 +1,235 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.01.31.12.59.03; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.09.19.13.50; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# +# Postfix master process configuration file. For details on the format +# of the file, see the master(5) manual page (command: "man 5 master"). +# +# Do not forget to execute "postfix reload" after editing this file. +# +# ========================================================================== +# service type private unpriv chroot wakeup maxproc command + args +# (yes) (yes) (yes) (never) (100) +# ========================================================================== +smtp inet n - n - - smtpd + -o content_filter= + -o smtpd_proxy_filter=localhost:10024 +#submission inet n - n - - smtpd +# -o smtpd_tls_security_level=encrypt +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +#smtps inet n - n - - smtpd +# -o smtpd_tls_wrappermode=yes +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +smtps inet n - n - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o content_filter= + -o smtpd_proxy_filter=localhost:10024 +localhost:10025 inet n - n - - smtpd + -o content_filter= + -o smtpd_proxy_filter= + -o smtpd_authorized_xforward_hosts=127.0.0.0/8 + -o smtpd_client_restictions= + -o smtpd_helo_restictions= + -o smtpd_sender_restrictions= + -o smtpd_recipient_restrictions=permit_mynetworks,reject + -o smtpd_data_restrictions= + -o mynetworks=127.0.0.0/8 + -o receive_override_options=no_unknown_recipient_checks +#628 inet n - n - - qmqpd +pickup fifo n - n 60 1 pickup +# -o content_filter=smtp:[localhost]:10024 +cleanup unix n - n - 0 cleanup +qmgr fifo n - n 300 1 qmgr +#qmgr fifo n - n 300 1 oqmgr +tlsmgr unix - - n 1000? 1 tlsmgr +rewrite unix - - n - - trivial-rewrite +bounce unix - - n - 0 bounce +defer unix - - n - 0 bounce +trace unix - - n - 0 bounce +verify unix - - n - 1 verify +flush unix n - n 1000? 0 flush +proxymap unix - - n - - proxymap +proxywrite unix - - n - 1 proxymap +smtp unix - - n - - smtp +# When relaying mail as backup MX, disable fallback_relay to avoid MX loops +relay unix - - n - - smtp + -o smtp_fallback_relay= +# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 +showq unix n - n - - showq +error unix - - n - - error +retry unix - - n - - error +discard unix - - n - - discard +local unix - n n - - local +virtual unix - n n - - virtual +lmtp unix - - n - - lmtp +anvil unix - - n - 1 anvil +scache unix - - n - 1 scache +# +# ==================================================================== +# Interfaces to non-Postfix software. Be sure to examine the manual +# pages of the non-Postfix software to find out what options it wants. +# +# Many of the following services use the Postfix pipe(8) delivery +# agent. See the pipe(8) man page for information about ${recipient} +# and other message envelope options. +# ==================================================================== +# +# maildrop. See the Postfix MAILDROP_README file for details. +# Also specify in main.cf: maildrop_destination_recipient_limit=1 +# +#maildrop unix - n n - - pipe +# flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} +# +# ==================================================================== +# +# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +# +# Specify in cyrus.conf: +# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +# +# Specify in main.cf one or more of the following: +# mailbox_transport = lmtp:inet:localhost +# virtual_transport = lmtp:inet:localhost +# +# ==================================================================== +# +# Cyrus 2.1.5 (Amos Gouaux) +# Also specify in main.cf: cyrus_destination_recipient_limit=1 +# +#cyrus unix - n n - - pipe +# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +# +# ==================================================================== +# +# Old example of delivery via Cyrus. +# +#old-cyrus unix - n n - - pipe +# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +# +# ==================================================================== +# +# See the Postfix UUCP_README file for configuration details. +# +#uucp unix - n n - - pipe +# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +# +# ==================================================================== +# +# Other external delivery methods. +# +#ifmail unix - n n - - pipe +# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +# +#bsmtp unix - n n - - pipe +# flags=Fq. user=bsmtp argv=/usr/sbin/bsmtp -f $sender $nexthop $recipient +# +#scalemail-backend unix - n n - 2 pipe +# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store +# ${nexthop} ${user} ${extension} +# +#mailman unix - n n - - pipe +# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py +# ${nexthop} ${user} +# +# Greylisting +# ==================================================================== +policy unix - n n - - spawn + user=nobody argv=/usr/bin/perl -T /etc/postfix/greylist/greylist.pl +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d87 1 +a87 1 +# The Cyrus deliver program has changed incompatibly, multiple times. +d89 6 +a94 2 +#old-cyrus unix - n n - - pipe +# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +d106 7 +a135 5 +# Spam-Assassin +# ==================================================================== +#spamfilter unix - n n - - pipe +# flags=Rq user=spamfilter argv=/usr/scripts/spamfilter -f ${sender} -- ${recipient} +# +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d12 2 +a13 4 +#smtp inet n - n - 1 postscreen +#smtpd pass - - n - - smtpd +#dnsblog unix - - n - 0 dnsblog +#tlsproxy unix - - n - 0 tlsproxy +d24 17 +a40 1 +#628 inet n - n - - qmqpd +d42 1 +d87 1 +a87 1 +# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +d89 2 +a90 6 +# Specify in cyrus.conf: +# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +# +# Specify in main.cf one or more of the following: +# mailbox_transport = lmtp:inet:localhost +# virtual_transport = lmtp:inet:localhost +a101 7 +# Old example of delivery via Cyrus. +# +#old-cyrus unix - n n - - pipe +# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +# +# ==================================================================== +# +d124 10 +@ diff --git a/config-archive/etc/postfix/postgrey_whitelist_clients,v b/config-archive/etc/postfix/postgrey_whitelist_clients,v new file mode 100644 index 0000000..4425f90 --- /dev/null +++ b/config-archive/etc/postfix/postgrey_whitelist_clients,v @@ -0,0 +1,264 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.12.08.22.41.52; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.12.08.22.43.42; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# postgrey whitelist for mail client hostnames +# -------------------------------------------- +# put this file in /etc/postfix or specify its path +# with --whitelist-clients=xxx + +# greylisting.org: Southwest Airlines (unique sender, no retry) +southwest.com +# greylisting.org: isp.belgacom.be (wierd retry pattern) +isp.belgacom.be +# greylisting.org: Ameritrade (no retry) +ameritradeinfo.com +# greylisting.org: Amazon.com (unique sender with letters) +amazon.com +# 2004-05-20: Linux kernel mailing-list (unique sender with letters) +vger.kernel.org +# 2004-06-02: karger.ch, no retry +karger.ch +# 2004-06-02: lilys.ch, (slow: 4 hours) +server-x001.hostpoint.ch +# 2004-06-09: roche.com (no retry) +gw.bas.roche.com +# 2004-06-09: newsletter (no retry) +mail.hhlaw.com +# 2004-06-09: no retry (reported by Ralph Hildebrandt) +prd051.appliedbiosystems.com +# 2004-06-17: swissre.com (no retry) +swissre.com +# 2004-06-17: dowjones.com newsletter (unique sender with letters) +returns.dowjones.com +# 2004-06-18: switch.ch (works but personnel is confused by the error) +domin.switch.ch +# 2004-06-23: accor-hotels.com (slow: 6 hours) +accor-hotels.com +# 2004-06-29: rr.com (no retry, reported by Duncan Hill) +/^ms-smtp.*\.rr\.com$/ +# 2004-06-29: cox.net (no retry, reported by Duncan Hill) +/^lake.*mta.*\.cox\.net$/ +# 2004-06-29: motorola.com (no retry) +mot.com +# 2004-07-01: nic.fr (address verification, reported by Arnaud Launay) +nic.fr +# 2004-07-01: verizon.net (address verification, reported by Bill Moran and Eric, adapted by Adam C. Mathews) +/^s[cv]\d+pub\.verizon\.net$/ +# 2004-07-02: cs.columbia.edu (no retry) +cs.columbia.edu +# 2004-07-02: papersinvited.com (no retry) +66.216.126.174 +# 2004-07-02: telekom.de (slow: 6 hours) +/^mail\d+\.telekom\.de$/ +# 2004-07-04: tiscali.dk (slow: 12 hours, reported by Klaus Alexander Seistrup) +/^smtp\d+\.tiscali\.dk$/ +# 2004-07-04: freshmeat.net (address verification) +freshmeat.net +# 2004-07-11: zd-swx.com (unique sender with letters, reported by Bill Landry) +zd-swx.com +# 2004-07-11: lockergnome.wc09.net (unique sender with letters, reported by Bill Landry) +lockergnome.wc09.net +# 2004-07-19: mxlogic.net (no retry, reported by Eric) +p01m168.mxlogic.net +p02m169.mxlogic.net +# 2004-09-08: intel.com (pool on different subnets) +/^fmr\d+\.intel\.com$/ +# 2004-09-17: cox-internet.com (no retry, reported by Rod Roark) +/^fe\d+\.cox-internet\.com$/ +# 2004-10-11: logismata.ch (no retry) +logismata.ch +# 2004-11-25: brief.cw.reum.de (no retry, reported by Manuel Oetiker) +brief.cw.reum.de +# 2004-12-03: ingeno.ch (no retry) +qmail.ingeno.ch +# 2004-12-06: rein.ch (no retry) +mail1.thurweb.ch +# 2005-01-26: tu-ilmenau.de (no retry) +piggy.rz.tu-ilmenau.de +# 2005-04-06: polymed.ch (no retry) +mail.polymed.ch +# 2005-06-08: hu-berlin.de (slow: 6 hours, reported by Joachim Schoenberg) +rz.hu-berlin.de +# 2005-06-17: gmail.com (big pool, reported by Beat Mueller) +proxy.gmail.com +# 2005-06-23: cacert.org (address verification, reported by Martin Lohmeier) +cacert.org +# 2005-07-27: polytech.univ-mrs.fr (no retry, reported by Giovanni Mandorino) +polytech.univ-mrs.fr +# 2005-08-05: gnu.org (address verification, reported by Martin Lohmeier) +gnu.org +# 2005-08-17: ciphirelabs.com (needs fast responses, reported by Sven Mueller) +cs.ciphire.net +# 2005-11-11: lufthansa (no retry, reported by Peter Bieringer) +/^gateway\d+\.np4\.de$/ +# 2005-11-23: arcor-online.net (slow: 12 hours, reported by Bernd Zeimetz) +/^mail-in-\d+\.arcor-online\.net$/ +# 2005-12-29: netsolmail.com (no retry, reported by Gareth Greenaway) +netsolmail.com +# mail.likopris.si (no retry, reported by Vito Robar) +193.77.153.67 +# jcsw.nato.int (several servers, no retry, reported by Vito Robar) +195.235.39 +# tesla.vtszg.hr (no retry, reported by Vito Robar) +tesla.vtszg.hr +# mailgw*.iai.co.il (pool of several servers, reported by Vito Robar) +/^mailgw.*\.iai\.co\.il$/ +# gw.stud-serv-mb.si (no retry, reported by Vito Robar) +gw.stud-serv-mb.si +# mail.commandtech.com (no retry, reported by Vito Robar) +216.238.112.99 +# duropack.co.at (no retry, reported by Vito Robar) +193.81.20.195 +# mail.esimit-tech.si (no retry, reported by Vito Robar) +193.77.126.208 +# mail.resotel.be (ocasionally no retry, reported by Vito Robar) +80.200.249.216 +# mail2.alliancefr.be (ocasionally no retry, reported by Vito Robar) +mail2.alliancefr.be +# webserver.turboinstitut.si (no retry, reported by Vito Robar) +webserver.turboinstitut.si +# mil.be (pool of different servers, reported by Vito Robar) +193.191.218.141 +193.191.218.142 +193.191.218.143 +194.7.234.141 +194.7.234.142 +194.7.234.143 +# mail*.usafisnews.org (no retry, reported by Vito Robar) +/^mail\d+\.usafisnews\.org$/ +# odk.fdv.uni-lj.si (no retry, reported by Vito Robar) +/^odk.fdv.uni-lj.si$/ +# rak-gentoo-1.nameserver.de (no retry, reported by Vito Robar) +rak-gentoo-1.nameserver.de +# dars.si (ocasionally no retry, reported by Vito Robar) +mx.dars.si +# cosis.si (no retry, reported by Vito Robar) +213.143.66.210 +# mta?.siol.net (sometimes no or slow retry; they use intermail, reported by Vito Robar) +/^mta[12].siol.net$/ +# pim-N-N.quickinspirationsmail.com (unique sender, reported by Vito Robar) +/^pim-\d+-\d+\.quickinspirationsmail\.com$/ +# flymonarch (no retry, reported by Marko Djukic) +flymonarch.com +# wxs.nl (no retry, reported by Johannes Fehr) +/^p?smtp.*\.wxs\.nl$/ +# ibm.com (big pool, reported by Casey Peel) +ibm.com +# messagelabs.com (big pool, reported by John Tobin) +/^mail\d+\.messagelabs\.com$/ +# ptb.de (slow, reported by Joachim Schoenberg) +berlin.ptb.de +# registrarmail.net (unique sender names, reported by Simon Waters) +registrarmail.net +# google.com (big pool, reported by Matthias Dyer) +/^.*-out-.*\.google\.com$/ +# orange.fr (big pool, reported by Loïc Le Loarer) +/^smtp\d+\.orange\.fr$/ +# citigroup.com (slow retry, reported by Michael Monnerie) +/^smtp\d+.citigroup.com$/ +# cruisingclub.ch (no retry) +mail.ccs-cruising.ch +# digg.com (no retry, Debian #406774) +diggstage01.digg.com +# liberal.ca (retries only during 270 seconds, Debian #406774) +smtp.liberal.ca +# pi.ws (pool + long retry, Debian #409851) +/^mail[12]\.pi\.ws$/ +# rambler.ru (big pool, reported by Michael Monnerie) +rambler.ru +# free.fr (big pool, reported by Denis Sacchet) +/^smtp[0-9]+-g[0-9]+\.free\.fr$/ +/^postfix[0-9]+-g[0-9]+\.free\.fr$/ +# thehartford.com (pool + long retry, reported by Jacob Leifman) +/^netmail\d+\.thehartford\.com$/ +# abb.com (only one retry, reported by Roman Plessl) +/^nse\d+\.abb\.com$/ +# 2007-07-27: sourceforge.net (sender verification) +lists.sourceforge.net +# 2007-08-06: polytec.de (no retry, reported by Patrick McLean) +polytec.de +# 2007-09-06: qualiflow.com (no retry, reported by Alex Beckert) +/^mail\d+\.msg\.oleane\.net$/ +# 2007-09-07: nrl.navy.mil (no retry, reported by Axel Beckert) +nrl.navy.mil +# 2007-10-18: aliplast.com (long retry, reported by Johannes Feigl) +mail.aliplast.com +# 2007-10-18: inode.at (long retry, reported by Johannes Feigl) +/^mx\d+\..*\.inode\.at$/ +# 2008-02-01: bol.com (no retry, reported by Frank Breedijk) +/^.*?.server.arvato-systems.de$/ +# 2008-06-05: registeredsite.com (no retry, reported by Fred Kilbourn) +/^(?:mail|fallback-mx)\d+.atl.registeredsite.com$/ +# 2008-07-17: mahidol.ac.th (no retry, reported by Alex Beckert) +saturn.mahidol.ac.th +# 2008-07-18: ebay.com (big pool, reported by Peter Samuelson) +ebay.com +# 2008-07-22: yahoo.com (big pool, reported by Juan Alonso) +yahoo.com +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a4 2 +# +# postgrey version: 1.34, build date: 2011-05-04 +d150 2 +a151 2 +# google.com (big pool, reported by Matthias Dyer, Martin Toft) +google.com +a194 24 +# 2008-11-07: facebook (no retry, reported by Tim Freeman) +/^outmail\d+\.sctm\.tfbnw\.net$/ +# 2009-02-10: server14.cyon.ch (long retry, reported by Alex Beckert) +server14.cyon.ch +# 2009-08-19: 126.com (big pool) +/^m\d+-\d+\.126\.com$/ +# 2010-01-08: tifr.res.in (no retry, reported by Alex Beckert) +home.theory.tifr.res.in +# 2010-01-08: 1blu.de (long retry, reported by Alex Beckert) +ms4-1.1blu.de +# 2010-03-17: chello.at (big pool, reported by Jan-willem van Eys) +/^viefep\d+-int\.chello\.at$/ +# 2010-05-31: nic.nu (long retry, reported by Ivan Sie) +mx.nic.nu +# 2010-06-10: Microsoft servers (long/no retry, reported by Roy McMorran) +bigfish.com +frontbridge.com +microsoft.com +# 2010-06-18: Google/Postini (big pool, reported by Warren Trakman) +postini.com +# 2011-02-04: evanzo-server.de (no retry, reported by Andre Hoepner) +/^mx.*\.evanzo-server\.de$/ +# 2011-05-02: upcmail.net (big pool, reported by Michael Monnerie) +upcmail.net +@ diff --git a/config-archive/etc/postfix/saslpass,v b/config-archive/etc/postfix/saslpass,v new file mode 100644 index 0000000..00353c0 --- /dev/null +++ b/config-archive/etc/postfix/saslpass,v @@ -0,0 +1,44 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.01.31.12.51.25; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.01.31.12.51.25; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# $Header: /etc/postfix/.rcs/saslpass,v 1.1 2010/11/19 09:36:57 root Exp $ +# +# remotehost user:password +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.pass,v 1.2 2004/07/18 03:26:56 dragonheart Exp $ +@ diff --git a/config-archive/etc/procmailrc,v b/config-archive/etc/procmailrc,v new file mode 100644 index 0000000..2310c29 --- /dev/null +++ b/config-archive/etc/procmailrc,v @@ -0,0 +1,26 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Use maildir-style mailbox in user's home directory +DEFAULT=$HOME/.maildir/ +@ diff --git a/config-archive/etc/procmailrc.dist.new b/config-archive/etc/procmailrc.dist.new new file mode 100644 index 0000000..4ff2b81 --- /dev/null +++ b/config-archive/etc/procmailrc.dist.new @@ -0,0 +1,2 @@ +# Use mbox-style mailbox in /var/spool/mail +DEFAULT=/var/spool/mail/$LOGNAME diff --git a/config-archive/etc/profile,v b/config-archive/etc/profile,v new file mode 100644 index 0000000..d71a36f --- /dev/null +++ b/config-archive/etc/profile,v @@ -0,0 +1,116 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.07.07.29.30; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.30.46; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/profile: login shell setup +# +# That this file is used by any Bourne-shell derivative to setup the +# environment for login shells. +# + +# Load environment settings from profile.env, which is created by +# env-update from the files in /etc/env.d +if [ -e /etc/profile.env ] ; then + . /etc/profile.env +fi + +# 077 would be more secure, but 022 is generally quite realistic +umask 022 + +# Set up PATH depending on whether we're root or a normal user. +# There's no real reason to exclude sbin paths from the normal user, +# but it can make tab-completion easier when they aren't in the +# user's PATH to pollute the executable namespace. +# +# It is intentional in the following line to use || instead of -o. +# This way the evaluation can be short-circuited and calling whoami is +# avoided. +if [ "$EUID" = "0" ] || [ "$USER" = "root" ] ; then + PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${ROOTPATH}" +else + PATH="/usr/local/bin:/usr/bin:/bin:${PATH}" +fi +export PATH +unset ROOTPATH + +# Extract the value of EDITOR +[ -z "$EDITOR" ] && EDITOR="`. /etc/rc.conf 2>/dev/null; echo $EDITOR`" +[ -z "$EDITOR" ] && EDITOR="/bin/nano" +export EDITOR + +if [ -n "${BASH_VERSION}" ] ; then + # Newer bash ebuilds include /etc/bash/bashrc which will setup PS1 + # including color. We leave out color here because not all + # terminals support it. + if [ -f /etc/bash/bashrc ] ; then + # Bash login shells run only /etc/profile + # Bash non-login shells run only /etc/bash/bashrc + # Since we want to run /etc/bash/bashrc regardless, we source it + # from here. It is unfortunate that there is no way to do + # this *after* the user's .bash_profile runs (without putting + # it in the user's dot-files), but it shouldn't make any + # difference. + . /etc/bash/bashrc + else + PS1='\u@@\h \w \$ ' + fi +else + # Setup a bland default prompt. Since this prompt should be useable + # on color and non-color terminals, as well as shells that don't + # understand sequences such as \h, don't put anything special in it. + PS1="`whoami`@@`uname -n | cut -f1 -d.` \$ " +fi + +for sh in /etc/profile.d/*.sh ; do + if [ -r "$sh" ] ; then + . "$sh" + fi +done +unset sh +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a12 5 +# You should override these in your ~/.bashrc (or equivalent) for per-user +# settings. For system defaults, you can add a new file in /etc/profile.d/. +export EDITOR=${EDITOR:-/bin/nano} +export PAGER=${PAGER:-/usr/bin/less} + +d32 5 +d57 1 +a57 1 + PS1="${USER:-$(type whoami >/dev/null && whoami)}@@$(type uname >/dev/null && uname -n) \$ " +d61 3 +a63 1 + [ -r "$sh" ] && . "$sh" +@ diff --git a/config-archive/etc/profile.d/bash-completion.sh,v b/config-archive/etc/profile.d/bash-completion.sh,v new file mode 100644 index 0000000..55abcfa --- /dev/null +++ b/config-archive/etc/profile.d/bash-completion.sh,v @@ -0,0 +1,100 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.08.24.05.26.15; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.24.05.26.42; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later +# $Header: /var/cvsroot/gentoo-x86/app-shells/bash-completion/files/bash-completion.sh,v 1.8 2010/01/11 17:39:57 darkside Exp $ + +# Check for interactive bash and that we haven't already been sourced. +[ -z "$BASH_VERSION" -o -z "$PS1" -o -n "$BASH_COMPLETION" ] && return + +# Check for recent enough version of bash. +bash=${BASH_VERSION%.*}; bmajor=${bash%.*}; bminor=${bash#*.} +if [ $bmajor -eq 2 -a $bminor '>' 04 ] || [ $bmajor -gt 2 ]; then + _load_completions() { + declare f x loaded_pre=false + for f; do + if [[ -f $f ]]; then + # Prevent loading base twice, initially and via glob + if $loaded_pre && [[ $f == */base ]]; then + continue + fi + + # Some modules, including base, depend on the definitions + # in .pre. See the ebuild for how this is created. + if ! $loaded_pre; then + if [[ ${BASH_COMPLETION-unset} == unset ]]; then + BASH_COMPLETION="/usr/share/bash-completion/base" + fi + source "/usr/share/bash-completion/.pre" + loaded_pre=true + fi + + source "$f" + fi + done + + # Clean up + $loaded_pre && source "/usr/share/bash-completion/.post" + unset -f _load_completions # not designed to be called more than once + } + + # 1. Load base, if eselected. This was previously known as + # /etc/bash_completion + # 2. Load completion modules, maintained via eselect bashcomp --global + # 3. Load user completion modules, maintained via eselect bashcomp + # 4. Load user completion file last, overrides modules at user discretion + # This order is subject to change once upstream decides on something. + _load_completions \ + "/etc/bash_completion.d/base" \ + ~/.bash_completion.d/base \ + "/etc/bash_completion.d/"* \ + ~/.bash_completion.d/* \ + ~/.bash_completion +fi + +unset bash bminor bmajor +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 1 +# $Header: /var/cvsroot/gentoo-x86/app-shells/bash-completion/files/bash-completion.sh-gentoo-1.2,v 1.1 2010/07/02 15:07:33 darkside Exp $ +d10 1 +a10 1 +if [ $bmajor -gt 3 ] || [ $bmajor -eq 3 -a $bminor -ge 2 ]; then +d52 2 +a53 1 +unset bash bmajor bminor +@ diff --git a/config-archive/etc/proftpd/proftpd.conf.sample,v b/config-archive/etc/proftpd/proftpd.conf.sample,v new file mode 100644 index 0000000..63e9b3b --- /dev/null +++ b/config-archive/etc/proftpd/proftpd.conf.sample,v @@ -0,0 +1,161 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.08.24.05.26.15; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.24.05.26.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# This is a basic ProFTPD configuration file (rename it to +# 'proftpd.conf' for actual use. It establishes a single server +# and a single anonymous login. It assumes that you have a user/group +# "proftpd" and "ftp" for normal operation and anon. + +ServerName "ProFTPD Default Installation" +ServerType standalone +DefaultServer on +RequireValidShell off +AuthPAM off +AuthPAMConfig ftp + +# Port 21 is the standard FTP port. +Port 21 + +# Don't use IPv6 support by default. +UseIPv6 off + +# Umask 022 is a good standard umask to prevent new dirs and files +# from being group and world writable. +Umask 022 + +# To prevent DoS attacks, set the maximum number of child processes +# to 30. If you need to allow more than 30 concurrent connections +# at once, simply increase this value. Note that this ONLY works +# in standalone mode, in inetd mode you should use an inetd server +# that allows you to limit maximum number of processes per service +# (such as xinetd). +MaxInstances 30 + +# Set the user and group under which the server will run. +User proftpd +Group proftpd + +# To cause every FTP user to be "jailed" (chrooted) into their home +# directory, uncomment this line. +#DefaultRoot ~ + +# Normally, we want files to be overwriteable. +AllowOverwrite on + +# Bar use of SITE CHMOD by default + + DenyAll + + +# A basic anonymous configuration, no upload directories. If you do not +# want anonymous users, simply delete this entire section. + + User ftp + Group ftp + + # We want clients to be able to login with "anonymous" as well as "ftp" + UserAlias anonymous ftp + + # Limit the maximum number of anonymous logins + MaxClients 10 + + # We want 'welcome.msg' displayed at login, and '.message' displayed + # in each newly chdired directory. + DisplayLogin welcome.msg + DisplayChdir .message + + # Limit WRITE everywhere in the anonymous chroot + + DenyAll + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 37 +a37 25 +# This is a sample ProFTPD configuration file for Gentoo Linux (rename +# it to 'proftpd.conf' for actual use). It establishes a single server +# and a single anonymous login. + +ServerName "ProFTPD Default Server" +ServerType standalone +DefaultServer on +RequireValidShell off +AuthPAM off +AuthPAMConfig ftp + +# Listen on the standard FTP port 21. +Port 21 + +# New directories and files should not be group or world writable. +Umask 022 + +# To prevent DoS attacks set the maximum number of child processes +# to 30. If you need to allow more than 30 concurrent connections +# at once simply increase this value. +MaxInstances 30 + +# The server will run under ftp/ftp. +User ftp +Group ftp +d39 2 +a40 2 +# Every FTP sessions is "jailed" into the user's home directory. +DefaultRoot ~ +d42 1 +a42 4 +# Generally files are overwritable. +AllowOverwrite on + +# Disallow the use of the SITE CHMOD command. +d47 2 +a48 1 +# A basic anonymous FTP account without an upload directory. +d50 5 +a54 2 + User ftp + Group ftp +d56 2 +a57 2 + # Clients can login with the username "anonymous" and "ftp". + UserAlias anonymous ftp +d59 4 +a62 2 + # Limit the maximum number of parallel anonymous logins to 10. + MaxClients 10 +d64 1 +a64 1 + # Prohibit the WRITE command for the anonymous users. +@ diff --git a/config-archive/etc/protocols,v b/config-archive/etc/protocols,v new file mode 100644 index 0000000..b0f23e8 --- /dev/null +++ b/config-archive/etc/protocols,v @@ -0,0 +1,253 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.06.07.07.29.30; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.11.19.09.22.20; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.06.07.07.29.30; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@# /etc/protocols +# +# Internet (IP) protocols definition file +# +# See protocols(5) for more info +# See also http://www.iana.org/assignments/protocol-numbers +# + +ip 0 IP # internet protocol, pseudo protocol number +icmp 1 ICMP # internet control message protocol +igmp 2 IGMP # internet group management protocol +ggp 3 GGP # gateway-gateway protocol +ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'') +st 5 ST # ST datagram mode +tcp 6 TCP # transmission control protocol +cbt 7 CBT # CBT, Tony Ballardie +egp 8 EGP # exterior gateway protocol +igp 9 IGP # any private interior gateway (Cisco: for IGRP) +bbn-rcc 10 BBN-RCC-MON # BBN RCC Monitoring +nvp 11 NVP-II # Network Voice Protocol +pup 12 PUP # PARC universal packet protocol +argus 13 ARGUS # ARGUS +emcon 14 EMCON # EMCON +xnet 15 XNET # Cross Net Debugger +chaos 16 CHAOS # Chaos +udp 17 UDP # user datagram protocol +mux 18 MUX # Multiplexing protocol +dcn 19 DCN-MEAS # DCN Measurement Subsystems +hmp 20 HMP # host monitoring protocol +prm 21 PRM # packet radio measurement protocol +xns-idp 22 XNS-IDP # Xerox NS IDP +trunk-1 23 TRUNK-1 # Trunk-1 +trunk-2 24 TRUNK-2 # Trunk-2 +leaf-1 25 LEAF-1 # Leaf-1 +leaf-2 26 LEAF-2 # Leaf-2 +rdp 27 RDP # "reliable datagram" protocol +irtp 28 IRTP # Internet Reliable Transaction Protocol +iso-tp4 29 ISO-TP4 # ISO Transport Protocol class 4 +netblt 30 NETBLT # Bulk Data Transfer Protocol +mfe-nsp 31 MFE-NSP # MFE Network Services Protocol +merit-inp 32 MERIT-INP # MERIT Internodal Protocol +sep 33 SEP # Sequential Exchange Protocol +3pc 34 3PC # Third Party Connect Protocol +idpr 35 IDPR # Inter-Domain Policy Routing Protocol +xtp 36 XTP # Xpress Tranfer Protocol +ddp 37 DDP # Datagram Delivery Protocol +idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport +tp++ 39 TP++ # TP++ Transport Protocol +il 40 IL # IL Transport Protocol +ipv6 41 IPv6 # IPv6 +sdrp 42 SDRP # Source Demand Routing Protocol +ipv6-route 43 IPv6-Route # Routing Header for IPv6 +ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6 +idrp 45 IDRP # Inter-Domain Routing Protocol +rsvp 46 RSVP # Reservation Protocol +gre 47 GRE # General Routing Encapsulation +mhrp 48 MHRP # Mobile Host Routing Protocol +bna 49 BNA # BNA +esp 50 ESP # encapsulating security payload +ah 51 AH # authentication header +i-nlsp 52 I-NLSP # Integrated Net Layer Security TUBA +swipe 53 SWIPE # IP with Encryption +narp 54 NARP # NBMA Address Resolution Protocol +mobile 55 MOBILE # IP Mobility +tlsp 56 TLSP # Transport Layer Security Protocol +skip 57 SKIP # SKIP +ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6 +ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6 +ipv6-opts 60 IPv6-Opts # Destination Options for IPv6 +# 61 # any host internal protocol +cftp 62 CFTP # CFTP +# 63 # any local network +sat-expak 64 SAT-EXPAK # SATNET and Backroom EXPAK +kryptolan 65 KRYPTOLAN # Kryptolan +rvd 66 RVD # MIT Remote Virtual Disk Protocol +ippc 67 IPPC # Internet Pluribus Packet Core +# 68 # any distributed filesystem +sat-mon 69 SAT-MON # SATNET Monitoring +visa 70 VISA # VISA Protocol +ipcv 71 IPCV # Internet Packet Core Utility +cpnx 72 CPNX # Computer Protocol Network Executive +cphb 73 CPHB # Computer Protocol Heart Beat +wsn 74 WSN # Wang Span Network +pvp 75 PVP # Packet Video Protocol +br-sat-mon 76 BR-SAT-MON # Backroom SATNET Monitoring +sun-nd 77 SUN-ND # SUN ND PROTOCOL-Temporary +wb-mon 78 WB-MON # WIDEBAND Monitoring +wb-expak 79 WB-EXPAK # WIDEBAND EXPAK +iso-ip 80 ISO-IP # ISO Internet Protocol +vmtp 81 VMTP # Versatile Message Transport +secure-vmtp 82 SECURE-VMTP # SECURE-VMTP +vines 83 VINES # VINES +ttp 84 TTP # TTP +nsfnet-igp 85 NSFNET-IGP # NSFNET-IGP +dgp 86 DGP # Dissimilar Gateway Protocol +tcf 87 TCF # TCF +eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco) +ospf 89 OSPFIGP # Open Shortest Path First IGP +sprite-rpc 90 Sprite-RPC # Sprite RPC Protocol +larp 91 LARP # Locus Address Resolution Protocol +mtp 92 MTP # Multicast Transport Protocol +ax.25 93 AX.25 # AX.25 Frames +ipip 94 IPIP # IP-within-IP Encapsulation Protocol +micp 95 MICP # Mobile Internetworking Control Pro. +scc-sp 96 SCC-SP # Semaphore Communications Sec. Pro. +etherip 97 ETHERIP # Ethernet-within-IP Encapsulation +encap 98 ENCAP # Yet Another IP encapsulation +# 99 # any private encryption scheme +gmtp 100 GMTP # GMTP +ifmp 101 IFMP # Ipsilon Flow Management Protocol +pnni 102 PNNI # PNNI over IP +pim 103 PIM # Protocol Independent Multicast +aris 104 ARIS # ARIS +scps 105 SCPS # SCPS +qnx 106 QNX # QNX +a/n 107 A/N # Active Networks +ipcomp 108 IPComp # IP Payload Compression Protocol +snp 109 SNP # Sitara Networks Protocol +compaq-peer 110 Compaq-Peer # Compaq Peer Protocol +ipx-in-ip 111 IPX-in-IP # IPX in IP +carp 112 CARP vrrp # Common Address Redundancy Protocol +pgm 113 PGM # PGM Reliable Transport Protocol +# 114 # any 0-hop protocol +l2tp 115 L2TP # Layer Two Tunneling Protocol +ddx 116 DDX # D-II Data Exchange +iatp 117 IATP # Interactive Agent Transfer Protocol +stp 118 STP # Schedule Transfer Protocol +srp 119 SRP # SpectraLink Radio Protocol +uti 120 UTI # UTI +smp 121 SMP # Simple Message Protocol +sm 122 SM # SM +ptp 123 PTP # Performance Transparency Protocol +isis 124 ISIS # ISIS over IPv4 +fire 125 FIRE +crtp 126 CRTP # Combat Radio Transport Protocol +crudp 127 CRUDP # Combat Radio User Datagram +sscopmce 128 SSCOPMCE +iplt 129 IPLT +sps 130 SPS # Secure Packet Shield +pipe 131 PIPE # Private IP Encapsulation within IP +sctp 132 SCTP # Stream Control Transmission Protocol +fc 133 FC # Fibre Channel +# 134-254 # Unassigned +pfsync 240 PFSYNC # PF Synchronization +# 255 # Reserved +divert 258 DIVERT # Divert pseudo-protocol [non IANA] +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d127 1 +a127 1 +st 118 ST # Schedule Transfer +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d127 1 +a127 1 +stp 118 STP # Schedule Transfer Protocol +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a9 1 +hopopt 0 HOPOPT # hop-by-hop options for ipv6 +d38 1 +a38 1 +iso-tp4 29 ISO-TP4 # ISO Transport Protocol Class 4 +d42 1 +a42 1 +dccp 33 DCCP # Datagram Congestion Control Protocol [RFC4340] +d47 1 +a47 1 +idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport Proto +d52 2 +a53 2 +ipv6-route 43 IPv6-Route # Routing Header for IPv6 +ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6 +d57 1 +a57 1 +dsr 48 DSR # Dynamic Source Routing Protocol +d67 3 +a69 3 +ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6 +ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6 +ipv6-opts 60 IPv6-Opts # Destination Options for IPv6 +d143 1 +a143 8 +rsvp-e2e-ignore 134 RSVP-E2E-IGNORE # RFC3175 +# 134 # Unassigned +udplite 136 UDPLite # RFC3828 +mpls-in-ip 137 MPLS-in-IP # RFC4023 +manet 138 manet # MANET Protocols +hip 139 HIP # Host Identity Protocol +shim6 140 Shim6 # Shim6 Protocol +# 141-252 # Unassigned [IANA] +a144 2 +# 253 # Use for experimentation and testing +# 254 # Use for experimentation and testing +@ diff --git a/config-archive/etc/rc.conf,v b/config-archive/etc/rc.conf,v new file mode 100644 index 0000000..c8b28fd --- /dev/null +++ b/config-archive/etc/rc.conf,v @@ -0,0 +1,471 @@ +head 1.4; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.4 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2011.07.12.17.18.42; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.06.07.07.29.30; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.19.09.21.53; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.11.19.09.22.36; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.06.07.07.32.05; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.07.12.17.18.42; author root; state Exp; +branches; +next 1.1.1.4; + +1.1.1.4 +date 2011.12.08.22.41.52; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.4 +log +@dispatch-conf update. +@ +text +@# Global OpenRC configuration settings + +# Set to "YES" if you want the rc system to try and start services +# in parallel for a slight speed improvement. When running in parallel we +# prefix the service output with its name as the output will get +# jumbled up. +# WARNING: whilst we have improved parallel, it can still potentially lock +# the boot process. Don't file bugs about this unless you can supply +# patches that fix it without breaking other things! +#rc_parallel="NO" + +# Set rc_interactive to "YES" and you'll be able to press the I key during +# boot so you can choose to start specific services. Set to "NO" to disable +# this feature. This feature is automatically disabled if rc_parallel is +# set to YES. +#rc_interactive="YES" + +# If we need to drop to a shell, you can specify it here. +# If not specified we use $SHELL, otherwise the one specified in /etc/passwd, +# otherwise /bin/sh +# Linux users could specify /sbin/sulogin +rc_shell=/sbin/sulogin + +# Do we allow any started service in the runlevel to satisfy the dependency +# or do we want all of them regardless of state? For example, if net.eth0 +# and net.eth1 are in the default runlevel then with rc_depend_strict="NO" +# both will be started, but services that depend on 'net' will work if either +# one comes up. With rc_depend_strict="YES" we would require them both to +# come up. +#rc_depend_strict="YES" + +# rc_hotplug is a list of services that we allow to be hotplugged. +# By default we do not allow hotplugging. +# A hotplugged service is one started by a dynamic dev manager when a matching +# hardware device is found. +# This service is intrinsically included in the boot runlevel. +# To disable services, prefix with a ! +# Example - rc_hotplug="net.wlan !net.*" +# This allows net.wlan and any service not matching net.* to be plugged. +# Example - rc_hotplug="*" +# This allows all services to be hotplugged +#rc_hotplug="*" + +# rc_logger launches a logging daemon to log the entire rc process to +# /var/log/rc.log +# NOTE: Linux systems require the devfs service to be started before +# logging can take place and as such cannot log the sysinit runlevel. +#rc_logger="YES" + +# By default we filter the environment for our running scripts. To allow other +# variables through, add them here. Use a * to allow all variables through. +#rc_env_allow="VAR1 VAR2" + +# By default we assume that all daemons will start correctly. +# However, some do not - a classic example is that they fork and return 0 AND +# then child barfs on a configuration error. Or the daemon has a bug and the +# child crashes. You can set the number of milliseconds start-stop-daemon +# waits to check that the daemon is still running after starting here. +# The default is 0 - no checking. +#rc_start_wait=100 + +# rc_nostop is a list of services which will not stop when changing runlevels. +# This still allows the service itself to be stopped when called directly. +#rc_nostop="" + +# rc will attempt to start crashed services by default. +# However, it will not stop them by default as that could bring down other +# critical services. +#rc_crashed_stop=NO +#rc_crashed_start=YES + +############################################################################## +# MISC CONFIGURATION VARIABLES +# There variables are shared between many init scripts + +# Set unicode to YES to turn on unicode support for keyboards and screens. +unicode="YES" + +# Below is the default list of network fstypes. +# +# afs cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs +# nfs nfs4 ocfs2 shfs smbfs +# +# If you would like to add to this list, you can do so by adding your +# own fstypes to the following variable. +#extra_net_fs_list="" + +############################################################################## +# SERVICE CONFIGURATION VARIABLES +# These variables are documented here, but should be configured in +# /etc/conf.d/foo for service foo and NOT enabled here unless you +# really want them to work on a global basis. + +# Some daemons are started and stopped via start-stop-daemon. +# We can set some things on a per service basis, like the nicelevel. +#export SSD_NICELEVEL="-19" + +# Pass ulimit parameters +#rc_ulimit="-u 30" + +# It's possible to define extra dependencies for services like so +#rc_config="/etc/foo" +#rc_need="openvpn" +#rc_use="net.eth0" +#rc_after="clock" +#rc_before="local" +#rc_provide="!net" + +# You can also enable the above commands here for each service. Below is an +# example for service foo. +#rc_foo_config="/etc/foo" +#rc_foo_need="openvpn" +#rc_foo_after="clock" + +# You can also remove dependencies. +# This is mainly used for saying which servies do NOT provide net. +#rc_net_tap0_provide="!net" + +############################################################################## +# LINUX SPECIFIC OPTIONS + +# This is the subsystem type. Valid options on Linux: +# "" - nothing special +# "lxc" - Linux Containers +# "openvz" - Linux OpenVZ +# "prefix" - Prefix +# "uml" - Usermode Linux +# "vserver" - Linux vserver +# "xen0" - Xen0 Domain +# "xenU" - XenU Domain +# If this is commented out, automatic detection will be attempted. +# Note that autodetection will not work in a prefix environment or in a +# linux container. +# +# This should be set to the value representing the environment this file is +# PRESENTLY in, not the virtualization the environment is capable of. +#rc_sys="" + +# This is the number of tty's used in most of the rc-scripts (like +# consolefont, numlock, etc ...) +rc_tty_number=12 + +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@d119 3 +a137 3 + +############################################################################## +# LINUX SPECIFIC OPTIONS +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# /etc/rc.conf: Global startup script configuration settings +d3 139 +a141 3 +# UNICODE specifies whether you want to have UNICODE support in the console. +# If you set to yes, please make sure to set a UNICODE aware CONSOLEFONT and +# KEYMAP in the /etc/conf.d/consolefont and /etc/conf.d/keymaps config files. +a142 12 +UNICODE="yes" + +# Set EDITOR to your preferred editor. +# You may use something other than what is listed here. + +#EDITOR="/bin/nano" +EDITOR="/usr/bin/vim" +#EDITOR="/usr/bin/emacs" + +# DISPLAYMANAGER has moved to /etc/conf.d/xdm + +# XSESSION has moved to /etc/env.d/90xsession +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d18 1 +a18 22 +# XSESSION is a new variable to control what window manager to start +# default with X if run with xdm, startx or xinit. The default behavior +# is to look in /etc/X11/Sessions/ and run the script in matching the +# value that XSESSION is set to. The support scripts are smart enough to +# look in all bin directories if it cant find a match in /etc/X11/Sessions/, +# so setting it to "enlightenment" can also work. This is basically used +# as a way for the system admin to configure a default system wide WM, +# allthough it will work if the user export XSESSION in his .bash_profile, etc. +# +# NOTE: 1) this behaviour is overridden when a ~/.xinitrc exists, and startx +# is called. +# 2) even if ~/.xsession exists, if XSESSION can be resolved, it will +# be executed rather than ~/.xsession, else KDM breaks ... +# +# Defaults depending on what you install currently include: +# +# Gnome - will start gnome-session +# kde- - will start startkde (look in /etc/X11/Sessions/) +# Xfce4 - will start a XFCE4 session +# Xsession - will start a terminal and a few other nice apps + +#XSESSION="Gnome" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d12 2 +a13 2 +EDITOR="/bin/nano" +#EDITOR="/usr/bin/vim" +d18 22 +a39 1 +# XSESSION has moved to /etc/env.d/90xsession +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# Global OpenRC configuration settings +d3 3 +a5 139 +# Set to "YES" if you want the rc system to try and start services +# in parallel for a slight speed improvement. When running in parallel we +# prefix the service output with its name as the output will get +# jumbled up. +# WARNING: whilst we have improved parallel, it can still potentially lock +# the boot process. Don't file bugs about this unless you can supply +# patches that fix it without breaking other things! +#rc_parallel="NO" + +# Set rc_interactive to "YES" and you'll be able to press the I key during +# boot so you can choose to start specific services. Set to "NO" to disable +# this feature. This feature is automatically disabled if rc_parallel is +# set to YES. +#rc_interactive="YES" + +# If we need to drop to a shell, you can specify it here. +# If not specified we use $SHELL, otherwise the one specified in /etc/passwd, +# otherwise /bin/sh +# Linux users could specify /sbin/sulogin +rc_shell=/sbin/sulogin + +# Do we allow any started service in the runlevel to satisfy the dependency +# or do we want all of them regardless of state? For example, if net.eth0 +# and net.eth1 are in the default runlevel then with rc_depend_strict="NO" +# both will be started, but services that depend on 'net' will work if either +# one comes up. With rc_depend_strict="YES" we would require them both to +# come up. +#rc_depend_strict="YES" + +# rc_hotplug is a list of services that we allow to be hotplugged. +# By default we do not allow hotplugging. +# A hotplugged service is one started by a dynamic dev manager when a matching +# hardware device is found. +# This service is intrinsically included in the boot runlevel. +# To disable services, prefix with a ! +# Example - rc_hotplug="net.wlan !net.*" +# This allows net.wlan and any service not matching net.* to be plugged. +# Example - rc_hotplug="*" +# This allows all services to be hotplugged +#rc_hotplug="*" + +# rc_logger launches a logging daemon to log the entire rc process to +# /var/log/rc.log +# NOTE: Linux systems require the devfs service to be started before +# logging can take place and as such cannot log the sysinit runlevel. +#rc_logger="YES" + +# By default we filter the environment for our running scripts. To allow other +# variables through, add them here. Use a * to allow all variables through. +#rc_env_allow="VAR1 VAR2" + +# By default we assume that all daemons will start correctly. +# However, some do not - a classic example is that they fork and return 0 AND +# then child barfs on a configuration error. Or the daemon has a bug and the +# child crashes. You can set the number of milliseconds start-stop-daemon +# waits to check that the daemon is still running after starting here. +# The default is 0 - no checking. +#rc_start_wait=100 + +# rc_nostop is a list of services which will not stop when changing runlevels. +# This still allows the service itself to be stopped when called directly. +#rc_nostop="" + +# rc will attempt to start crashed services by default. +# However, it will not stop them by default as that could bring down other +# critical services. +#rc_crashed_stop=NO +#rc_crashed_start=YES + +############################################################################## +# MISC CONFIGURATION VARIABLES +# There variables are shared between many init scripts + +# Set unicode to YES to turn on unicode support for keyboards and screens. +unicode="YES" + +# Below is the default list of network fstypes. +# +# afs cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs +# nfs nfs4 ocfs2 shfs smbfs +# +# If you would like to add to this list, you can do so by adding your +# own fstypes to the following variable. +#extra_net_fs_list="" + +############################################################################## +# SERVICE CONFIGURATION VARIABLES +# These variables are documented here, but should be configured in +# /etc/conf.d/foo for service foo and NOT enabled here unless you +# really want them to work on a global basis. + +# Some daemons are started and stopped via start-stop-daemon. +# We can set some things on a per service basis, like the nicelevel. +#export SSD_NICELEVEL="-19" + +# Pass ulimit parameters +#rc_ulimit="-u 30" + +# It's possible to define extra dependencies for services like so +#rc_config="/etc/foo" +#rc_need="openvpn" +#rc_use="net.eth0" +#rc_after="clock" +#rc_before="local" +#rc_provide="!net" + +# You can also enable the above commands here for each service. Below is an +# example for service foo. +#rc_foo_config="/etc/foo" +#rc_foo_need="openvpn" +#rc_foo_after="clock" + +# You can also remove dependencies. +# This is mainly used for saying which servies do NOT provide net. +#rc_net_tap0_provide="!net" + +# This is the subsystem type. Valid options on Linux: +# "" - nothing special +# "lxc" - Linux Containers +# "openvz" - Linux OpenVZ +# "prefix" - Prefix +# "uml" - Usermode Linux +# "vserver" - Linux vserver +# "xen0" - Xen0 Domain +# "xenU" - XenU Domain +# If this is commented out, automatic detection will be attempted. +# Note that autodetection will not work in a prefix environment or in a +# linux container. +# +# This should be set to the value representing the environment this file is +# PRESENTLY in, not the virtualization the environment is capable of. +#rc_sys="" + +############################################################################## +# LINUX SPECIFIC OPTIONS + +# This is the number of tty's used in most of the rc-scripts (like +# consolefont, numlock, etc ...) +rc_tty_number=12 +d7 12 +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@a118 3 +############################################################################## +# LINUX SPECIFIC OPTIONS + +d135 3 +@ + + +1.1.1.4 +log +@dispatch-conf update. +@ +text +@a49 4 +# Through rc_log_path you can specify a custom log file. +# The default value is: /var/log/rc.log +#rc_log_path="/var/log/rc.log" + +@ diff --git a/config-archive/etc/samba/lmhosts,v b/config-archive/etc/samba/lmhosts,v new file mode 100644 index 0000000..99ced64 --- /dev/null +++ b/config-archive/etc/samba/lmhosts,v @@ -0,0 +1,43 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.30.05.08.59; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.4/lmhosts,v 1.1 2010/02/26 20:11:18 patrick Exp $ +127.0.0.1 localhost +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/lmhosts,v 1.1 2010/03/01 16:19:54 patrick Exp $ +@ diff --git a/config-archive/etc/samba/smb.conf.default,v b/config-archive/etc/samba/smb.conf.default,v new file mode 100644 index 0000000..e1808b4 --- /dev/null +++ b/config-archive/etc/samba/smb.conf.default,v @@ -0,0 +1,315 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.30.05.08.59; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# For a step to step guide on installing, configuring and using samba, +# read the Samba-HOWTO-Collection. This may be obtained from: +# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf +# +# Many working examples of smb.conf files can be found in the +# Samba-Guide which is generated daily and can be downloaded from: +# http://www.samba.org/samba/docs/Samba-Guide.pdf +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. +# +#======================= Global Settings ===================================== +[global] + +# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH + workgroup = MYGROUP + +# server string is the equivalent of the NT Description field + server string = Samba Server + +# Security mode. Defines in which mode Samba will operate. Possible +# values are share, user, server, domain and ads. Most people will want +# user level security. See the Samba-HOWTO-Collection for details. + security = user + +# This option is important for security. It allows you to restrict +# connections to machines which are on your local network. The +# following example restricts access to two C class networks and +# the "loopback" interface. For more examples of the syntax see +# the smb.conf man page +; hosts allow = 192.168.1. 192.168.2. 127. + +# If you want to automatically load your printer list rather +# than setting them up individually then you'll need this + load printers = yes + +# you may wish to override the location of the printcap file +; printcap name = /etc/printcap + +# on SystemV system setting printcap name to lpstat should allow +# you to automatically obtain a printer list from the SystemV spool +# system +; printcap name = lpstat + +# It should not be necessary to specify the print system type unless +# it is non-standard. Currently supported print systems include: +# bsd, cups, sysv, plp, lprng, aix, hpux, qnx +; printing = cups + +# Uncomment this if you want a guest account, you must add this to /etc/passwd +# otherwise the user "nobody" is used +; guest account = pcguest + +# this tells Samba to use a separate log file for each machine +# that connects + log file = /var/log/samba/log.%m + +# Put a capping on the size of the log files (in Kb). + max log size = 50 + +# Use password server option only with security = server +# The argument list may include: +# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] +# or to auto-locate the domain controller/s +# password server = * +; password server = + +# Use the realm option only with security = ads +# Specifies the Active Directory realm the host is part of +; realm = MY_REALM + +# Backend to store user information in. New installations should +# use either tdbsam or ldapsam. smbpasswd is available for backwards +# compatibility. tdbsam requires no further configuration. +; passdb backend = tdbsam + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting. +# Note: Consider carefully the location in the configuration file of +# this line. The included file is read at that point. +; include = /etc/samba/smb.conf.%m + +# Configure Samba to use multiple interfaces +# If you have multiple network interfaces then you must list them +# here. See the man page for details. +; interfaces = 192.168.12.2/24 192.168.13.2/24 + +# Browser Control Options: +# set local master to no if you don't want Samba to become a master +# browser on your network. Otherwise the normal election rules apply +; local master = no + +# OS Level determines the precedence of this server in master browser +# elections. The default value should be reasonable +; os level = 33 + +# Domain Master specifies Samba to be the Domain Master Browser. This +# allows Samba to collate browse lists between subnets. Don't use this +# if you already have a Windows NT domain controller doing this job +; domain master = yes + +# Preferred Master causes Samba to force a local browser election on startup +# and gives it a slightly higher chance of winning the election +; preferred master = yes + +# Enable this if you want Samba to be a domain logon server for +# Windows95 workstations. +; domain logons = yes + +# if you enable domain logons then you may want a per-machine or +# per user logon script +# run a specific logon batch file per workstation (machine) +; logon script = %m.bat +# run a specific logon batch file per username +; logon script = %U.bat + +# Where to store roving profiles (only for Win95 and WinNT) +# %L substitutes for this servers netbios name, %U is username +# You must uncomment the [Profiles] share below +; logon path = \\%L\Profiles\%U + +# Windows Internet Name Serving Support Section: +# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server +; wins support = yes + +# WINS Server - Tells the NMBD components of Samba to be a WINS Client +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both +; wins server = w.x.y.z + +# WINS Proxy - Tells Samba to answer name resolution queries on +# behalf of a non WINS capable client, for this to work there must be +# at least one WINS Server on the network. The default is NO. +; wins proxy = yes + +# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names +# via DNS nslookups. The default is NO. + dns proxy = no + +# These scripts are used on a domain controller or stand-alone +# machine to add or delete corresponding unix accounts +; add user script = /usr/sbin/useradd %u +; add group script = /usr/sbin/groupadd %g +; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u +; delete user script = /usr/sbin/userdel %u +; delete user from group script = /usr/sbin/deluser %u %g +; delete group script = /usr/sbin/groupdel %g + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = no + writable = yes + +# Un-comment the following and create the netlogon directory for Domain Logons +; [netlogon] +; comment = Network Logon Service +; path = /var/lib/samba/netlogon +; guest ok = yes +; writable = no +; share modes = no + + +# Un-comment the following to provide a specific roving profile share +# the default is to use the user's home directory +;[Profiles] +; path = /var/lib/samba/profiles +; browseable = no +; guest ok = yes + + +# NOTE: If you have a BSD-style print system there is no need to +# specifically define each individual printer +[printers] + comment = All Printers + path = /var/spool/samba + browseable = no +# Set public = yes to allow user 'guest account' to print + guest ok = no + writable = no + printable = yes + +# This one is useful for people to share files +;[tmp] +; comment = Temporary file space +; path = /tmp +; read only = no +; public = yes + +# A publicly accessible directory, but read only, except for people in +# the "staff" group +;[public] +; comment = Public Stuff +; path = /home/samba +; public = yes +; writable = yes +; printable = no +; write list = @@staff + +# Other examples. +# +# A private printer, usable only by fred. Spool data will be placed in fred's +# home directory. Note that fred must have write access to the spool directory, +# wherever it is. +;[fredsprn] +; comment = Fred's Printer +; valid users = fred +; path = /homes/fred +; printer = freds_printer +; public = no +; writable = no +; printable = yes + +# A private directory, usable only by fred. Note that fred requires write +# access to the directory. +;[fredsdir] +; comment = Fred's Service +; path = /usr/somewhere/private +; valid users = fred +; public = no +; writable = yes +; printable = no + +# a service which has a different directory for each machine that connects +# this allows you to tailor configurations to incoming machines. You could +# also use the %U option to tailor it by user name. +# The %m gets replaced with the machine name that is connecting. +;[pchome] +; comment = PC Directories +; path = /usr/pc/%m +; public = no +; writable = yes + +# A publicly accessible directory, read/write to all users. Note that all files +# created in the directory by users will be owned by the default user, so +# any user with access can delete any other user's files. Obviously this +# directory must be writable by the default user. Another user could of course +# be specified, in which case all files would be owned by that user instead. +;[public] +; path = /usr/somewhere/else/public +; public = yes +; only guest = yes +; writable = yes +; printable = no + +# The following two entries demonstrate how to share a directory so that two +# users can place files there that will be owned by the specific users. In this +# setup, the directory should be writable by both users and should have the +# sticky bit set on it to prevent abuse. Obviously this could be extended to +# as many users as required. +;[myshare] +; comment = Mary's and Fred's stuff +; path = /usr/somewhere/shared +; valid users = mary fred +; public = no +; writable = yes +; printable = no +; create mask = 0765 + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d84 1 +a84 4 +# compatibility. tdbsam requires no further configuration. If you're +# migrating from < samba 3.4, you'll have to convert your old user +# passwords to the new backend with the command: +# pdbedit -i smbpasswd:/var/lib/samba/private/smbpasswd -e +@ diff --git a/config-archive/etc/samba/smbusers,v b/config-archive/etc/samba/smbusers,v new file mode 100644 index 0000000..f3ef8a8 --- /dev/null +++ b/config-archive/etc/samba/smbusers,v @@ -0,0 +1,48 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.30.05.08.59; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.30.05.08.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.4/smbusers,v 1.1 2010/02/26 20:11:18 patrick Exp $ + +# Syntax: +# Unix_name = SMB_name1 SMB_name2 ... + +root = Administrator admin +nobody = guest pcguest smbguest +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/smbusers,v 1.1 2010/03/01 16:19:54 patrick Exp $ +@ diff --git a/config-archive/etc/sasl2/smtpd.conf,v b/config-archive/etc/sasl2/smtpd.conf,v new file mode 100644 index 0000000..96fd4f7 --- /dev/null +++ b/config-archive/etc/sasl2/smtpd.conf,v @@ -0,0 +1,99 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.06.07.07.29.31; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.01.31.12.51.25; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.24.07.59.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.06.24.08.04.04; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.06.07.07.41.13; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@# $Header: /etc/sasl2/.rcs/smtpd.conf,v 1.3 2011/01/31 13:00:22 root Exp $ +#pwcheck_method:pam +pwcheck_method: saslauthd +mech_list: plain login +log_level: 3 +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 2 +# $Original-Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $ +# $Header: /etc/sasl2/.rcs/smtpd.conf,v 1.2 2010/06/24 08:03:50 root Exp $ +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 2 +a2 1 +# $Header: /etc/sasl2/smtpd.conf,v 1.1 2010/05/26 13:02:47 root Exp $ +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 5 +a5 2 +# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $ +pwcheck_method:pam +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 2 +a2 3 +# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.3 2011/05/09 12:36:20 eras Exp $ +pwcheck_method:saslauthd +mech_list: PLAIN +@ diff --git a/config-archive/etc/screenrc,v b/config-archive/etc/screenrc,v new file mode 100644 index 0000000..2922c9a --- /dev/null +++ b/config-archive/etc/screenrc,v @@ -0,0 +1,406 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.11.30.18.48.59; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.05.47; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# +# /etc/screenrc +# +# This is the system wide screenrc. +# +# You can use this file to change the default behavior of screen system wide +# or copy it to ~/.screenrc and use it as a starting point for your own +# settings. +# +# Commands in this file are used to set options, bind screen functions to +# keys, redefine terminal capabilities, and to automatically establish one or +# more windows at the beginning of your screen session. +# +# This is not a comprehensive list of options, look at the screen manual for +# details on everything that you can put in this file. +# +# + +# ============================================================================== +# SCREEN SETTINGS +# ============================================================================== + +# ESCAPE - the COMMAND CHARACTER +# =============================================================== +# escape ^aa # default +# escape ^pp # suggested binding for emacs users + + +# PASSWORD +# =============================================================== +# This commands sets the *internal* password for the screen session. +# WARNING!! If this is set then a "lock" command will only let you in to the +# session after you enter the user's account password and then *also* +# the internal password for that session. This gives additional safety but, +# if you forget the internal password then you cannot resume your session. +# Use :password to generate a password +# password ODSJQf.4IJN7E # "1234" + + +# VARIABLES +# =============================================================== +# No annoying audible bell, using "visual bell" +# vbell on # default: off +# vbell_msg " -- Bell,Bell!! -- " # default: "Wuff,Wuff!!" + +# Automatically detach on hangup. + autodetach on # default: on + +# Don't display the copyright page + startup_message off # default: on + +# Uses nethack-style messages +# nethack on # default: off + +# Affects the copying of text regions + crlf off # default: off + +# Enable/disable multiuser mode. Standard screen operation is singleuser. +# In multiuser mode the commands acladd, aclchg, aclgrp and acldel can be used +# to enable (and disable) other user accessing this screen session. +# Requires suid-root. + multiuser off + +# Change default scrollback value for new windows + defscrollback 5000 # default: 100 + +# Define the time that all windows monitored for silence should +# wait before displaying a message. Default 30 seconds. + silencewait 15 # default: 30 + +# bufferfile: The file to use for commands +# "readbuf" ('<') and "writebuf" ('>'): + bufferfile $HOME/.screen_exchange +# +# hardcopydir: The directory which contains all hardcopies. +# hardcopydir ~/.hardcopy +# hardcopydir ~/.screen +# +# shell: Default process started in screen's windows. +# Makes it possible to use a different shell inside screen +# than is set as the default login shell. +# If begins with a '-' character, the shell will be started as a login shell. +# shell zsh +# shell bash +# shell ksh + shell -$SHELL + +# shellaka '> |tcsh' +# shelltitle '$ |bash' + +# emulate .logout message + pow_detach_msg "Screen session of \$LOGNAME \$:cr:\$:nl:ended." + +# caption always " %w --- %c:%s" +# caption always "%3n %t%? @@%u%?%? [%h]%?%=%c" + caption always " %{gw}$LOGNAME@@%H | %{bw}%c%{-} | %{kw}%-Lw%{rw}%50>%{rW}%n%f* %t %{kw}%+LW%<" + +# advertise hardstatus support to $TERMCAP +# termcapinfo * '' 'hs:ts=\E_:fs=\E\\:ds=\E_\E\\' + +# set every new windows hardstatus line to somenthing descriptive +# defhstatus "screen: ^En (^Et)" + +# don't kill window after the process died +# zombie "^[" + +# ignore displays that block on output +defnonblock on + +# XTERM TWEAKS +# =============================================================== + +# xterm understands both im/ic and doesn't have a status line. +# Note: Do not specify im and ic in the real termcap/info file as +# some programs (e.g. vi) will not work anymore. + termcap xterm hs@@:cs=\E[%i%d;%dr:im=\E[4h:ei=\E[4l + terminfo xterm hs@@:cs=\E[%i%p1%d;%p2%dr:im=\E[4h:ei=\E[4l + +# 80/132 column switching must be enabled for ^AW to work +# change init sequence to not switch width + termcapinfo xterm Z0=\E[?3h:Z1=\E[?3l:is=\E[r\E[m\E[2J\E[H\E[?7h\E[?1;4;6l + +# Make the output buffer large for (fast) xterms. +# termcapinfo xterm* OL=10000 + termcapinfo xterm* OL=100 + +# tell screen that xterm can switch to dark background and has function +# keys. + termcapinfo xterm 'VR=\E[?5h:VN=\E[?5l' + termcapinfo xterm 'k1=\E[11~:k2=\E[12~:k3=\E[13~:k4=\E[14~' + termcapinfo xterm 'kh=\EOH:kI=\E[2~:kD=\E[3~:kH=\EOF:kP=\E[5~:kN=\E[6~' + +# special xterm hardstatus: use the window title. + termcapinfo xterm 'hs:ts=\E]2;:fs=\007:ds=\E]2;screen\007' + +#terminfo xterm 'vb=\E[?5h$<200/>\E[?5l' + termcapinfo xterm 'vi=\E[?25l:ve=\E[34h\E[?25h:vs=\E[34l' + +# emulate part of the 'K' charset + termcapinfo xterm 'XC=K%,%\E(B,[\304,\\\\\326,]\334,{\344,|\366,}\374,~\337' + +# xterm-52 tweaks: +# - uses background color for delete operations + termcapinfo xterm* be + +# Do not use xterm's alternative window buffer, it breaks scrollback (see bug #61195) + termcapinfo xterm|xterms|xs ti@@:te=\E[2J + +# WYSE TERMINALS +# =============================================================== + +#wyse-75-42 must have flow control (xo = "terminal uses xon/xoff") +#essential to have it here, as this is a slow terminal. + termcapinfo wy75-42 xo:hs@@ + +# New termcap sequences for cursor application mode. + termcapinfo wy* CS=\E[?1h:CE=\E[?1l:vi=\E[?25l:ve=\E[?25h:VR=\E[?5h:VN=\E[?5l:cb=\E[1K:CD=\E[1J + + +# OTHER TERMINALS +# =============================================================== + +# make hp700 termcap/info better + termcapinfo hp700 'Z0=\E[?3h:Z1=\E[?3l:hs:ts=\E[62"p\E[0$~\E[2$~\E[1$}:fs=\E[0}\E[61"p:ds=\E[62"p\E[1$~\E[61"p:ic@@' + +# Extend the vt100 desciption by some sequences. + termcap vt100* ms:AL=\E[%dL:DL=\E[%dM:UP=\E[%dA:DO=\E[%dB:LE=\E[%dD:RI=\E[%dC + terminfo vt100* ms:AL=\E[%p1%dL:DL=\E[%p1%dM:UP=\E[%p1%dA:DO=\E[%p1%dB:LE=\E[%p1%dD:RI=\E[%p1%dC + termcapinfo linux C8 +# old rxvt versions also need this +# termcapinfo rxvt C8 + + +# KEYBINDINGS +# ============================================================== +# The "bind" command assign keys to (internal) commands +# SCREEN checks all the keys you type; you type the key +# which is known as the "command character" then SCREEN +# eats this key, too, and checks whether this key is +# "bound" to a command. If so then SCREEN will execute it. +# +# The command "bind" allows you to chose which keys +# will be assigned to the commands. +# +# Some commands are bound to several keys - +# usually to both some letter and its corresponding +# control key combination, eg the command +# "(create) screen" is bound to both 'c' and '^C'. +# +# The following list shows the default bindings: +# +# break ^B b +# clear C +# colon : +# copy ^[ [ +# detach ^D d +# digraph ^V +# displays * +# dumptermcap . +# fit F +# flow ^F f +# focus ^I +# hardcopy h +# help ? +# history { } +# info i +# kill K k +# lastmsg ^M m +# license , +# log H +# login L +# meta x +# monitor M +# next ^@@ ^N sp n +# number N +# only Q +# other ^X +# pow_break B +# pow_detach D +# prev ^H ^P p ^? +# quit \ +# readbuf < +# redisplay ^L l +# remove X +# removebuf = +# reset Z +# screen ^C c +# select " ' +# silence _ +# split S +# suspend ^Z z +# time ^T t +# title A +# vbell ^G +# version v +# width W +# windows ^W w +# wrap ^R r +# writebuf > +# xoff ^S s +# xon ^Q q +# ^] paste . +# - select - +# 0 select 0 +# 1 select 1 +# 2 select 2 +# 3 select 3 +# 4 select 4 +# 5 select 5 +# 6 select 6 +# 7 select 7 +# 8 select 8 +# 9 select 9 +# I login on +# O login off +# ] paste . +# + +# And here are the default bind commands if you need them: +# +# bind A title +# bind C clear +# bind D pow_detach +# bind F fit +# bind H log +# bind I login on +# bind K kill +# bind L login +# bind M monitor +# bind N number +# bind O login off +# bind Q only +# bind S split +# bind W width +# bind X remove +# bind Z reset + +# Let's remove some dangerous key bindings ... + bind k + bind ^k +# bind . dumptermcap # default + bind . +# bind ^\ quit # default + bind ^\ +# bind \\ quit # default + bind \\ +# bind ^h ??? # default + bind ^h +# bind h hardcopy # default + bind h + +# ... and make them better. + bind 'K' kill + bind 'I' login on + bind 'O' login off + bind '}' history + +# Yet another hack: +# Prepend/append register [/] to the paste if ^a^] is pressed. +# This lets me have autoindent mode in vi. + register [ "\033:se noai\015a" + register ] "\033:se ai\015a" + bind ^] paste [.] + + +# hardstatus alwaysignore +# hardstatus alwayslastline "%Lw" + +# Resize the current region. The space will be removed from or added to +# the region below or if there's not enough space from the region above. + bind = resize = + bind + resize +3 + bind - resize -3 +# bind _ resize max +# +# attrcolor u "-u b" +# attrcolor b "R" + +# STARTUP SCREENS +# =============================================================== +# Defines the time screen delays a new message when one message +# is currently displayed. The default is 1 second. +# msgminwait 2 + +# Time a message is displayed if screen is not disturbed by +# other activity. The dafault is 5 seconds: +# msgwait 2 + +# Briefly show the version number of this starting +# screen session - but only for *one* second: +# msgwait 1 +# version + +# Welcome the user: +# echo "welcome :-)" +# echo "I love you today." + +# Uncomment one/some following lines to automatically let +# SCREEN start some programs in the given window numbers: +# screen -t MAIL 0 mutt +# screen -t EDIT 1 vim +# screen -t GOOGLE 2 links http://www.google.com +# screen -t NEWS 3 slrn +# screen -t WWW 4 links http://www.math.fu-berlin.de/~guckes/ +# screen 5 +# screen 6 + +# Set the environment variable var to value string. If only var is specified, +# you'll be prompted to enter a value. If no parameters are specified, +# you'll be prompted for both variable and value. The environment is +# inherited by all subsequently forked shells. +# setenv PROMPT_COMMAND 'echo -n -e "\033k\033\134"' + +# Don't you want to start programs which need a DISPLAY ? +# setenv DISPLAY '' +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# Copyright 1999-2011 Gentoo Foundation +d28 1 +a28 1 +# escape ^^^^ # suggested binding (Control-^) for Emacs users +d67 1 +a67 1 + defscrollback 1000 # default: 100 +d98 1 +@ diff --git a/config-archive/etc/security/capability.conf,v b/config-archive/etc/security/capability.conf,v new file mode 100644 index 0000000..25435a8 --- /dev/null +++ b/config-archive/etc/security/capability.conf,v @@ -0,0 +1,96 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.11.11.06.22.13; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.11.11.06.22.13; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# /etc/security/capability.conf +# +# this is a sample capability file (to be used in conjunction with +# the pam_cap.so module) +# +# In order to use this module, it must have been linked with libcap +# and thus you'll know about Linux's capability support. +# [If you don't know about libcap, the sources for it are here: +# +# http://linux.kernel.org/pub/linux/libs/security/linux-privs/ +# +# .] +# +# Here are some sample lines (remove the preceding '#' if you want to +# use them + +## user 'morgan' gets the CAP_SETFCAP inheritable capability +##cap_setfcap morgan + +## user 'luser' inherits the CAP_DAC_OVERRIDE capability +#cap_dac_override luser + +## 'everyone else' gets no inheritable capabilities +none * + +## if there is no '*' entry, all users not explicitly mentioned will +## get all available capabilities. This is a permissive default, and +## probably not what you want... +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d18 2 +a19 2 +## user 'morgan' gets the CAP_SETFCAP inheritable capability (commented out!) +#cap_setfcap morgan +d21 1 +a21 1 +## user 'luser' inherits the CAP_DAC_OVERRIDE capability (commented out!) +d24 1 +a24 1 +## 'everyone else' gets no inheritable capabilities (restrictive config) +d29 1 +a29 17 +## possibly not what you want... On first reading, you might think this +## is a security problem waiting to happen, but it defaults to not being +## so in this sample file! Further, by 'get', we mean 'get in their inheritable +## set'. That is, if you look at a random process, even one run by root, +## you will see it has no inheritable capabilities (by default): +## +## $ /sbin/capsh --decode=$(grep CapInh /proc/1/status|awk '{print $2}') +## 0000000000000000= +## +## The pam_cap module simply alters the value of this capability +## set. Including the 'none *' forces use of this module with an +## unspecified user to have their inheritable set forced to zero. +## +## Omitting the line will cause the inheritable set to be unmodified +## from what the parent process had (which is generally 0 unless the +## invoking user was bestowed with some inheritable capabilities by a +## previous invocation). +@ diff --git a/config-archive/etc/security/group.conf,v b/config-archive/etc/security/group.conf,v new file mode 100644 index 0000000..771989e --- /dev/null +++ b/config-archive/etc/security/group.conf,v @@ -0,0 +1,148 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.19.08.09.10; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.19.08.09.11; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# This is the configuration file for the pam_group module. +# + +# +# *** Please note that giving group membership on a session basis is +# *** NOT inherently secure. If a user can create an executable that +# *** is setgid a group that they are infrequently given membership +# *** of, they can basically obtain group membership any time they +# *** like. Example: games are allowed between the hours of 6pm and 6am +# *** user joe logs in at 7pm writes a small C-program toplay.c that +# *** invokes their favorite shell, compiles it and does +# *** "chgrp play toplay; chmod g+s toplay". They are basically able +# *** to play games any time... You have been warned. AGM +# + +# +# The syntax of the lines is as follows: +# +# services;ttys;users;times;groups +# +# white space is ignored and lines maybe extended with '\\n' (escaped +# newlines). From reading these comments, it is clear that +# text following a '#' is ignored to the end of the line. +# +# the combination of individual users/terminals etc is a logic list +# namely individual tokens that are optionally prefixed with '!' (logical +# not) and separated with '&' (logical and) and '|' (logical or). +# +# services +# is a logic list of PAM service names that the rule applies to. +# +# ttys +# is a logic list of terminal names that this rule applies to. +# +# users +# is a logic list of users or a netgroup of users to whom this +# rule applies. +# +# NB. For these items the simple wildcard '*' may be used only once. +# With netgroups no wildcards or logic operators are allowed. +# +# times +# It is used to indicate "when" these groups are to be given to the +# user. The format here is a logic list of day/time-range +# entries the days are specified by a sequence of two character +# entries, MoTuSa for example is Monday Tuesday and Saturday. Note +# that repeated days are unset MoMo = no day, and MoWk = all weekdays +# bar Monday. The two character combinations accepted are +# +# Mo Tu We Th Fr Sa Su Wk Wd Al +# +# the last two being week-end days and all 7 days of the week +# respectively. As a final example, AlFr means all days except Friday. +# +# Each day/time-range can be prefixed with a '!' to indicate "anything +# but" +# +# The time-range part is two 24-hour times HHMM separated by a hyphen +# indicating the start and finish time (if the finish time is smaller +# than the start time it is deemed to apply on the following day). +# +# groups +# The (comma or space separated) list of groups that the user +# inherits membership of. These groups are added if the previous +# fields are satisfied by the user's request +# +# For a rule to be active, ALL of service+ttys+users must be satisfied +# by the applying process. +# + +# +# Note, to get this to work as it is currently typed you need +# +# 1. to run an application as root +# 2. add the following groups to the /etc/group file: +# floppy, play, sound +# + +# +# Here is a simple example: running 'xsh' on tty* (any ttyXXX device), +# the user 'us' is given access to the floppy (through membership of +# the floppy group) +# + +#xsh;tty*&!ttyp*;us;Al0000-2400;floppy + +# +# another example: running 'xsh' on tty* (any ttyXXX device), +# the user 'sword' is given access to games (through membership of +# the sound and play group) after work hours. +# + +#xsh; tty* ;sword;!Wk0900-1800;sound, play +#xsh; tty* ;*;Al0900-1800;floppy + +# +# End of group.conf file +# +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# This is the configuration file for the pam_group module. +a97 7 +# yet another example: any member of the group 'admin' running +# 'xsh' on tty*, is granted access (at any time) to the group 'plugdev' +# + +#xsh; tty* ;%admin;Al0000-2400;plugdev + +# +@ diff --git a/config-archive/etc/security/namespace.init,v b/config-archive/etc/security/namespace.init,v new file mode 100755 index 0000000..3e72463 --- /dev/null +++ b/config-archive/etc/security/namespace.init,v @@ -0,0 +1,66 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.08.05.10.15.27; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.05.10.15.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@#!/bin/sh -p +# It receives polydir path as $1, the instance path as $2, +# a flag whether the instance dir was newly created (0 - no, 1 - yes) in $3, +# and user name in $4. +# +# The following section will copy the contents of /etc/skel if this is a +# newly created home directory. +if [ "$3" = 1 ]; then + # This line will fix the labeling on all newly created directories + [ -x /sbin/restorecon ] && /sbin/restorecon "$1" + user="$4" + passwd=$(getent passwd "$user") + homedir=$(echo "$passwd" | cut -f6 -d":") + if [ "$1" = "$homedir" ]; then + gid=$(echo "$passwd" | cut -f4 -d":") + cp -rT /etc/skel "$homedir" + chown -R "$user":"$gid" "$homedir" + mode=$(awk '/^UMASK/{gsub("#.*$", "", $2); printf "%o", and(0777,compl(strtonum("0" $2))); exit}' /etc/login.defs) + chmod ${mode:-700} "$homedir" + [ -x /sbin/restorecon ] && /sbin/restorecon -R "$homedir" + fi +fi + +exit 0 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d18 1 +a18 2 + mask=$(awk '/^UMASK/{gsub("#.*$", "", $2); print $2; exit}' /etc/login.defs) + mode=$(printf "%o" $((0777 & ~$mask))) +@ diff --git a/config-archive/etc/sensors3.conf,v b/config-archive/etc/sensors3.conf,v new file mode 100644 index 0000000..b4ad1f9 --- /dev/null +++ b/config-archive/etc/sensors3.conf,v @@ -0,0 +1,478 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.07.06.31.14; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.12.07.06.31.29; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# libsensors configuration file +# ----------------------------- +# +# This default configuration file only includes statements which do not +# differ from one mainboard to the next. Only label, compute and set +# statements for internal voltage and temperature sensors are included. +# +# In general, local changes should not be added to this file, but rather +# placed in custom configuration files located in /etc/sensors.d. This +# approach makes further updates much easier. +# +# Such custom configuration files for specific mainboards can be found at +# http://www.lm-sensors.org/wiki/Configurations + +chip "lm78-*" "lm79-*" "lm80-*" + + label temp1 "M/B Temp" + + +chip "w83792d-*" + + label in0 "VcoreA" + label in1 "VcoreB" + label in6 "+5V" + label in7 "5VSB" + label in8 "Vbat" + + set in6_min 5.0 * 0.90 + set in6_max 5.0 * 1.10 + set in7_min 5.0 * 0.90 + set in7_max 5.0 * 1.10 + set in8_min 3.0 * 0.90 + set in8_max 3.0 * 1.10 + + +chip "w83793-*" + + label in0 "VcoreA" + label in1 "VcoreB" + label in7 "+5V" + label in8 "5VSB" + label in9 "Vbat" + + set in7_min 5.0 * 0.90 + set in7_max 5.0 * 1.10 + set in8_min 5.0 * 0.90 + set in8_max 5.0 * 1.10 + set in9_min 3.0 * 0.90 + set in9_max 3.0 * 1.10 + + +chip "via686a-*" + + label in0 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + + +chip "adm1025-*" "ne1619-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + label in5 "VCC" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 +# Depending on how your chip is hardwired, you may or may not have +# +12V readings. +# set in4_min 12.0 * 0.90 +# set in4_max 12.0 * 1.10 + + label temp1 "CPU Temp" + label temp2 "M/B Temp" + + +chip "lm87-*" "adm1024-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + + label temp1 "M/B Temp" + label temp2 "CPU Temp" + + +chip "it87-*" "it8712-*" "it8716-*" "it8718-*" "it8720-*" + + label in8 "Vbat" + + +chip "fscpos-*" "fscher-*" +#FSC "Hermes" + + label in0 "+12V" + label in1 "+5V" + label in2 "Vbat" + + label temp1 "CPU Temp" + label temp2 "M/B Temp" + label temp3 "Aux Temp" + + +chip "fscscy-*" +#FSC "Scylla" + + label in0 "+12V" + label in1 "+5V" + label in2 "+3.3V" + + label temp1 "CPU0 Temp" + label temp2 "CPU1 Temp" + label temp3 "M/B Temp" + label temp4 "Aux Temp" + + +chip "fschds-*" +# Fujitsu Technology Solutions, "Hades"-Chip + +# Temperatures + label temp1 "CPU Temp" + label temp2 "Super I/O Temp" + label temp3 "System Temp" + +# Fans + label fan1 "PSU Fan" + label fan2 "CPU Fan" + label fan3 "System FAN2" + label fan4 "System FAN3" + label fan5 "System FAN4" + +# Voltages + label in0 "+12V" + label in1 "+5V" + label in2 "Vbat" + +chip "fscsyl-*" +# Fujitsu Technology Solutions, "Syleus"-Chip + +# Temperatures + label temp1 "CPU Temp" + label temp4 "Super I/O Temp" + label temp5 "Northbridge Temp" + +# Fans + label fan1 "CPU Fan" + label fan2 "System FAN2" + label fan3 "System FAN3" + label fan4 "System FAN4" + label fan7 "PSU Fan" + +# Voltages + label in0 "+12V" + label in1 "+5V" + label in2 "Vbat" + label in3 "+3.3V" + label in5 "+3.3V-Aux" + +chip "vt1211-*" + + label in5 "+3.3V" + + label temp2 "SIO Temp" + + +chip "vt8231-*" + + label in5 "+3.3V" + + +chip "smsc47m192-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + label in5 "VCC" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + + label temp1 "SIO Temp" + + +chip "lm85-*" "lm85b-*" "lm85c-*" "adm1027-*" "adt7463-*" "adt7468-*" "emc6d100-*" "emc6d102-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 +# Depending on how your chip is hardwired, you may or may not have +# +12V readings. +# set in4_min 12.0 * 0.90 +# set in4_max 12.0 * 1.10 + + label temp2 "M/B Temp" + + +chip "pc87365-*" "pc87366-*" + +# Voltage inputs + + label in7 "3VSB" + label in8 "VDD" + label in9 "Vbat" + label in10 "AVDD" + + compute in7 @@*2, @@/2 + compute in8 @@*2, @@/2 + compute in10 @@*2, @@/2 + +# These are the operating conditions as recommended by National +# Semiconductor + set in7_min 3.0 + set in7_max 3.6 + set in8_min 3.0 + set in8_max 3.6 + set in10_min 3.0 + set in10_max 3.6 +# Depending on the hardware setup, the battery voltage may or may not +# be monitored. +# set in9_min 2.4 +# set in9_max 3.6 + + label temp3 "SIO Temp" + + set temp3_min 0 + set temp3_max 70 + set temp3_crit 85 + + +chip "adm1030-*" "adm1031-*" + + label temp1 "M/B Temp" + + +chip "w83627ehf-*" "w83627dhg-*" + + label in0 "Vcore" + label in2 "AVCC" + label in3 "VCC" + label in7 "3VSB" + label in8 "Vbat" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 3.3 * 0.90 + set in3_max 3.3 * 1.10 + set in7_min 3.3 * 0.90 + set in7_max 3.3 * 1.10 + set in8_min 3.0 * 0.90 + set in8_max 3.0 * 1.10 + + +chip "f71805f-*" + + label in0 "+3.3V" + + set in0_min 3.3 * 0.90 + set in0_max 3.3 * 1.10 + + +chip "f71872f-*" + + label in0 "+3.3V" + label in9 "Vbat" + label in10 "3VSB" + + set in0_min 3.3 * 0.90 + set in0_max 3.3 * 1.10 + set in9_min 3.0 * 0.90 + set in9_max 3.0 * 1.10 + set in10_min 3.3 * 0.90 + set in10_max 3.3 * 1.10 + + +chip "k8temp-*" + + label temp1 "Core0 Temp" + label temp2 "Core0 Temp" + label temp3 "Core1 Temp" + label temp4 "Core1 Temp" + + +chip "dme1737-*" + + label in0 "5VSB" + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + label in5 "3VSB" + label in6 "Vbat" + + label temp2 "SIO Temp" + + set in0_min 5.0 * 0.90 + set in0_max 5.0 * 1.10 + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + set in6_min 3.0 * 0.90 + set in6_max 3.0 * 1.10 + + +chip "sch311x-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + label in5 "3VSB" + label in6 "Vbat" + + label temp2 "SIO Temp" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + set in6_min 3.0 * 0.90 + set in6_max 3.0 * 1.10 + + +chip "sch5027-*" + + label in0 "5VSB" + label in1 "Vcore" + label in2 "+3.3V" + label in5 "3VSB" + label in6 "Vbat" + + label temp2 "SIO Temp" + + set in0_min 5.0 * 0.90 + set in0_max 5.0 * 1.10 + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + set in6_min 3.0 * 0.90 + set in6_max 3.0 * 1.10 + + +chip "f71882fg-*" + + label in0 "+3.3V" + label in7 "3VSB" + label in8 "Vbat" + + compute in0 @@*2, @@/2 + compute in7 @@*2, @@/2 + compute in8 @@*2, @@/2 + + +chip "f8000-*" + + label in0 "+3.3V" + label in1 "3VSB" + label in2 "Vbat" + + compute in0 @@*2, @@/2 + compute in1 @@*2, @@/2 + compute in2 @@*2, @@/2 + + +chip "adt7473-*" "adt7475-*" + + label in2 "+3.3V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + + label temp2 "Board Temp" + + +chip "adt7476-*" "adt7490-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 +# Depending on how your ADT7476 is hardwired, you may or may not have +# +12V readings. +# set in4_min 12.0 * 0.90 +# set in4_max 12.0 * 1.10 + + label temp2 "M/B Temp" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d269 1 +a269 1 +chip "w83627ehf-*" "w83627dhg-*" "w83667hg-*" +d273 1 +a273 1 + label in3 "+3.3V" +@ diff --git a/config-archive/etc/services,v b/config-archive/etc/services,v new file mode 100644 index 0000000..fc6ddb9 --- /dev/null +++ b/config-archive/etc/services,v @@ -0,0 +1,1223 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.07.07.29.30; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.32.12; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/services +# +# Network services, Internet style +# +# Note that it is presently the policy of IANA to assign a single well-known +# port number for both TCP and UDP; hence, most entries here have two entries +# even if the protocol doesn't support UDP operations. +# +# Some References: +# http://www.iana.org/assignments/port-numbers +# http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/services +# +# Each line describes one service, and is of the form: +# service-name port/protocol [aliases ...] [# comment] +# +# See services(5) for more info. +# + +# +# IANA Assignments [Well Known Ports] +# The Well Known Ports are assigned by the IANA and on most systems can +# only be used by system (or root) processes or by programs executed by +# privileged users. +# The range for assigned ports managed by the IANA is 0-1023. +# +tcpmux 1/tcp # TCP port service multiplexer +tcpmux 1/udp +compressnet 2/tcp # Management Utility +compressnet 2/udp +compressnet 3/tcp # Compression Process +compressnet 3/udp +rje 5/tcp # Remote Job Entry +rje 5/udp +echo 7/tcp # Echo +echo 7/udp +discard 9/tcp sink null # Discard +discard 9/udp sink null +systat 11/tcp users # Active Users +systat 11/udp users +daytime 13/tcp # Daytime (RFC 867) +daytime 13/udp +#netstat 15/tcp # (was once asssigned, no more) +qotd 17/tcp quote # Quote of the Day +qotd 17/udp quote +msp 18/tcp # Message Send Protocol +msp 18/udp +chargen 19/tcp ttytst source # Character Generator +chargen 19/udp ttytst source +ftp-data 20/tcp # File Transfer [Default Data] +ftp-data 20/udp +ftp 21/tcp # File Transfer [Control] +ftp 21/udp fsp fspd +ssh 22/tcp # SSH Remote Login Protocol +ssh 22/udp +telnet 23/tcp # Telnet +telnet 23/udp +# private 24/tcp # any private mail system +# private 24/udp +smtp 25/tcp mail # Simple Mail Transfer +smtp 25/udp +nsw-fe 27/tcp # NSW User System FE +nsw-fe 27/udp +msg-icp 29/tcp # MSG ICP +msg-icp 29/udp +msg-auth 31/tcp # MSG Authentication +msg-auth 31/udp +dsp 33/tcp # Display Support Protocol +dsp 33/udp +# private 35/tcp # any private printer server +# private 35/udp +time 37/tcp timserver +time 37/udp timserver +rap 38/tcp # Route Access Protocol +rap 38/udp +rlp 39/tcp resource # Resource Location Protocol +rlp 39/udp resource +graphics 41/tcp # Graphics +graphics 41/udp +nameserver 42/tcp name # Host Name Server +nameserver 42/udp name +nicname 43/tcp whois # Who Is +nicname 43/udp whois +mpm-flags 44/tcp # MPM FLAGS Protocol +mpm-flags 44/udp +mpm 45/tcp # Message Processing Module [recv] +mpm 45/udp +mpm-snd 46/tcp # MPM [default send] +mpm-snd 46/udp +ni-ftp 47/tcp # NI FTP +ni-ftp 47/udp +auditd 48/tcp # Digital Audit Daemon +auditd 48/udp +tacacs 49/tcp # Login Host Protocol (TACACS) +tacacs 49/udp +re-mail-ck 50/tcp # Remote Mail Checking Protocol +re-mail-ck 50/udp +domain 53/tcp # Domain Name Server +domain 53/udp +xns-ch 54/tcp # XNS Clearinghouse +xns-ch 54/udp +isi-gl 55/tcp # ISI Graphics Language +isi-gl 55/udp +xns-auth 56/tcp # XNS Authentication +xns-auth 56/udp +# private 57/tcp # any private terminal access +# private 57/udp +xns-mail 58/tcp # XNS Mail +xns-mail 58/udp +# private 59/tcp # any private file service +# private 59/udp +ni-mail 61/tcp # NI MAIL +ni-mail 61/udp +acas 62/tcp # ACA Services +acas 62/udp +whois++ 63/tcp # whois++ +whois++ 63/udp +covia 64/tcp # Communications Integrator (CI) +covia 64/udp +tacacs-ds 65/tcp # TACACS-Database Service +tacacs-ds 65/udp +sql*net 66/tcp # Oracle SQL*NET +sql*net 66/udp +bootps 67/tcp # Bootstrap Protocol Server (BOOTP) +bootps 67/udp +bootpc 68/tcp # Bootstrap Protocol Client (BOOTP) +bootpc 68/udp +tftp 69/tcp # Trivial File Transfer +tftp 69/udp +gopher 70/tcp # Gopher +gopher 70/udp +netrjs-1 71/tcp # Remote Job Service +netrjs-1 71/udp +netrjs-2 72/tcp +netrjs-2 72/udp +netrjs-3 73/tcp +netrjs-3 73/udp +netrjs-4 74/tcp +netrjs-4 74/udp +# private 75/tcp # any private dial out service +# private 75/udp +deos 76/tcp # Distributed External Object Store +deos 76/udp +# private 77/tcp # any private RJE service +# private 77/udp +vettcp 78/tcp # vettcp +vettcp 78/udp +finger 79/tcp # Finger +finger 79/udp +http 80/tcp www www-http # World Wide Web HTTP +http 80/udp www www-http +hosts2-ns 81/tcp # HOSTS2 Name Server +hosts2-ns 81/udp +xfer 82/tcp # XFER Utility +xfer 82/udp +mit-ml-dev 83/tcp # MIT ML Device +mit-ml-dev 83/udp +ctf 84/tcp # Common Trace Facility +ctf 84/udp +mit-ml-dev 85/tcp # MIT ML Device +mit-ml-dev 85/udp +mfcobol 86/tcp # Micro Focus Cobol +mfcobol 86/udp +# private 87/tcp # any private terminal link +# private 87/udp +kerberos 88/tcp kerberos5 krb5 # Kerberos +kerberos 88/udp kerberos5 krb5 +su-mit-tg 89/tcp # SU/MIT Telnet Gateway +su-mit-tg 89/udp +dnsix 90/tcp # DNSIX Securit Attribute Token Map +dnsix 90/udp +mit-dov 91/tcp # MIT Dover Spooler +mit-dov 91/udp +npp 92/tcp # Network Printing Protocol +npp 92/udp +dcp 93/tcp # Device Control Protocol +dcp 93/udp +objcall 94/tcp # Tivoli Object Dispatcher +objcall 94/udp +supdup 95/tcp # SUPDUP +supdup 95/udp +dixie 96/tcp # DIXIE Protocol Specification +dixie 96/udp +swift-rvf 97/tcp # Swift Remote Virtural File Protocol +swift-rvf 97/udp +tacnews 98/tcp linuxconf # TAC News +tacnews 98/udp +metagram 99/tcp # Metagram Relay +metagram 99/udp +#newacct 100/tcp # [unauthorized use] +hostname 101/tcp hostnames # NIC Host Name Server +hostname 101/udp hostnames +iso-tsap 102/tcp tsap # ISO-TSAP Class 0 +iso-tsap 102/udp tsap +gppitnp 103/tcp # Genesis Point-to-Point Trans Net +gppitnp 103/udp +acr-nema 104/tcp # ACR-NEMA Digital Imag. & Comm. 300 +acr-nema 104/udp +cso 105/tcp csnet-ns cso-ns # CCSO name server protocol +cso 105/udp csnet-ns cso-ns +3com-tsmux 106/tcp poppassd # 3COM-TSMUX +3com-tsmux 106/udp poppassd # Eudora: Unauthorized use by insecure poppassd protocol +rtelnet 107/tcp # Remote Telnet Service +rtelnet 107/udp +snagas 108/tcp # SNA Gateway Access Server +snagas 108/udp +pop2 109/tcp pop-2 postoffice# Post Office Protocol - Version 2 +pop2 109/udp pop-2 +pop3 110/tcp pop-3 # Post Office Protocol - Version 3 +pop3 110/udp pop-3 +sunrpc 111/tcp portmapper rpcbind # SUN Remote Procedure Call +sunrpc 111/udp portmapper rpcbind +mcidas 112/tcp # McIDAS Data Transmission Protocol +mcidas 112/udp +auth 113/tcp authentication tap ident # Authentication Service +auth 113/udp +sftp 115/tcp # Simple File Transfer Protocol +sftp 115/udp +ansanotify 116/tcp # ANSA REX Notify +ansanotify 116/udp +uucp-path 117/tcp # UUCP Path Service +uucp-path 117/udp +sqlserv 118/tcp # SQL Services +sqlserv 118/udp +nntp 119/tcp readnews untp # Network News Transfer Protocol +nntp 119/udp readnews untp +cfdptkt 120/tcp # CFDPTKT +cfdptkt 120/udp +erpc 121/tcp # Encore Expedited Remote Pro.Call +erpc 121/udp +smakynet 122/tcp # SMAKYNET +smakynet 122/udp +ntp 123/tcp # Network Time Protocol +ntp 123/udp +ansatrader 124/tcp # ANSA REX Trader +ansatrader 124/udp +locus-map 125/tcp # Locus PC-Interface Net Map Ser +locus-map 125/udp +nxedit 126/tcp unitary # NXEdit +nxedit 126/udp unitary # Unisys Unitary Login +locus-con 127/tcp # Locus PC-Interface Conn Server +locus-con 127/udp +gss-xlicen 128/tcp # GSS X License Verification +gss-xlicen 128/udp +pwdgen 129/tcp # Password Generator Protocol +pwdgen 129/udp +cisco-fna 130/tcp # cisco FNATIVE +cisco-fna 130/udp +cisco-tna 131/tcp # cisco TNATIVE +cisco-tna 131/udp +cisco-sys 132/tcp # cisco SYSMAINT +cisco-sys 132/udp +statsrv 133/tcp # Statistics Service +statsrv 133/udp +ingres-net 134/tcp # INGRES-NET Service +ingres-net 134/udp +epmap 135/tcp loc-srv # DCE endpoint resolution +epmap 135/udp loc-srv +profile 136/tcp # PROFILE Naming System +profile 136/udp +netbios-ns 137/tcp # NETBIOS Name Service +netbios-ns 137/udp +netbios-dgm 138/tcp # NETBIOS Datagram Service +netbios-dgm 138/udp +netbios-ssn 139/tcp # NETBIOS Session Service +netbios-ssn 139/udp +emfis-data 140/tcp # EMFIS Data Service +emfis-data 140/udp +emfis-cntl 141/tcp # EMFIS Control Service +emfis-cntl 141/udp +imap 143/tcp imap2 # Internet Message Access Protocol +imap 143/udp imap2 +uma 144/tcp # Universal Management Architecture +uma 144/udp +uaac 145/tcp # UAAC Protocol +uaac 145/udp +iso-tp0 146/tcp # ISO-TP0 +iso-tp0 146/udp +iso-ip 147/tcp # ISO-IP +iso-ip 147/udp +jargon 148/tcp # Jargon +jargon 148/udp +aed-512 149/tcp # AED 512 Emulation Service +aed-512 149/udp +sql-net 150/tcp # SQL-NET +sql-net 150/udp +hems 151/tcp # HEMS +hems 151/udp +bftp 152/tcp # Background File Transfer Program +bftp 152/udp +sgmp 153/tcp # SGMP +sgmp 153/udp +netsc-prod 154/tcp # NETSC +netsc-prod 154/udp +netsc-dev 155/tcp +netsc-dev 155/udp +sqlsrv 156/tcp # SQL Service +sqlsrv 156/udp +knet-cmp 157/tcp # KNET/VM Command/Message Protocol +knet-cmp 157/udp +pcmail-srv 158/tcp # PCMail Server +pcmail-srv 158/udp +nss-routing 159/tcp # NSS-Routing +nss-routing 159/udp +sgmp-traps 160/tcp # SGMP-TRAPS +sgmp-traps 160/udp +snmp 161/tcp # Simple Net Mgmt Proto +snmp 161/udp +snmptrap 162/tcp snmp-trap # Traps for SNMP +snmptrap 162/udp snmp-trap +cmip-man 163/tcp # CMIP/TCP Manager +cmip-man 163/udp +cmip-agent 164/tcp # CMIP/TCP Agent +cmip-agent 164/udp +xns-courier 165/tcp # Xerox +xns-courier 165/udp +s-net 166/tcp # Sirius Systems +s-net 166/udp +namp 167/tcp # NAMP +namp 167/udp +rsvd 168/tcp # RSVD +rsvd 168/udp +send 169/tcp # SEND +send 169/udp +print-srv 170/tcp # Network PostScript +print-srv 170/udp +multiplex 171/tcp # Network Innovations Multiplex +multiplex 171/udp +cl/1 172/tcp # Network Innovations CL/1 +cl/1 172/udp +xyplex-mux 173/tcp # Xyplex +xyplex-mux 173/udp +mailq 174/tcp # Mailer transport queue for Zmailer +mailq 174/udp +vmnet 175/tcp # VMNET +vmnet 175/udp +genrad-mux 176/tcp # GENRAD-MUX +genrad-mux 176/udp +xdmcp 177/tcp # X Display Manager Control Protocol +xdmcp 177/udp +nextstep 178/tcp NeXTStep NextStep# NextStep Window Server +nextstep 178/udp NeXTStep NextStep +bgp 179/tcp # Border Gateway Protocol +bgp 179/udp +ris 180/tcp # Intergraph +ris 180/udp +unify 181/tcp # Unify +unify 181/udp +audit 182/tcp # Unisys Audit SITP +audit 182/udp +ocbinder 183/tcp # OCBinder +ocbinder 183/udp +ocserver 184/tcp # OCServer +ocserver 184/udp +remote-kis 185/tcp # Remote-KIS +remote-kis 185/udp +kis 186/tcp # KIS Protocol +kis 186/udp +aci 187/tcp # Application Communication Interface +aci 187/udp +mumps 188/tcp # Plus Five's MUMPS +mumps 188/udp +qft 189/tcp # Queued File Transport +qft 189/udp +gacp 190/tcp # Gateway Access Control Protocol +gacp 190/udp +prospero 191/tcp # Prospero Directory Service +prospero 191/udp +osu-nms 192/tcp # OSU Network Monitoring System +osu-nms 192/udp +srmp 193/tcp # Spider Remote Monitoring Protocol +srmp 193/udp +irc 194/tcp # Internet Relay Chat Protocol +irc 194/udp +dn6-nlm-aud 195/tcp # DNSIX Network Level Module Audit +dn6-nlm-aud 195/udp +dn6-smm-red 196/tcp # DNSIX Session Mgt Module Audit Redir +dn6-smm-red 196/udp +dls 197/tcp # Directory Location Service +dls 197/udp +dls-mon 198/tcp # Directory Location Service Monitor +dls-mon 198/udp +smux 199/tcp # SNMP Unix Multiplexer +smux 199/udp +src 200/tcp # IBM System Resource Controller +src 200/udp +at-rtmp 201/tcp # AppleTalk Routing Maintenance +at-rtmp 201/udp +at-nbp 202/tcp # AppleTalk Name Binding +at-nbp 202/udp +at-echo 204/tcp # AppleTalk Echo +at-echo 204/udp +at-zis 206/tcp # AppleTalk Zone Information +at-zis 206/udp +qmtp 209/tcp # The Quick Mail Transfer Protocol +qmtp 209/udp +z39.50 210/tcp wais z3950 # ANSI Z39.50 +z39.50 210/udp wais z3950 +914c/g 211/tcp # Texas Instruments 914C/G Terminal +914c/g 211/udp +anet 212/tcp # ATEXSSTR +anet 212/udp +ipx 213/tcp # IPX +ipx 213/udp +imap3 220/tcp # Interactive Mail Access +imap3 220/udp +link 245/tcp # ttylink +link 245/udp +pawserv 345/tcp # Perf Analysis Workbench +pawserv 345/udp +zserv 346/tcp # Zebra server +zserv 346/udp +fatserv 347/tcp # Fatmen Server +fatserv 347/udp +scoi2odialog 360/tcp # scoi2odialog +scoi2odialog 360/udp +semantix 361/tcp # Semantix +semantix 361/udp +srssend 362/tcp # SRS Send +srssend 362/udp +rsvp_tunnel 363/tcp # RSVP Tunnel +rsvp_tunnel 363/udp +aurora-cmgr 364/tcp # Aurora CMGR +aurora-cmgr 364/udp +dtk 365/tcp # Deception Tool Kit +dtk 365/udp +odmr 366/tcp # ODMR +odmr 366/udp +rpc2portmap 369/tcp # Coda portmapper +rpc2portmap 369/udp +codaauth2 370/tcp # Coda authentication server +codaauth2 370/udp +clearcase 371/tcp # Clearcase +clearcase 371/udp +ulistproc 372/tcp ulistserv # UNIX Listserv +ulistproc 372/udp ulistserv +ldap 389/tcp # Lightweight Directory Access Protocol +ldap 389/udp +imsp 406/tcp # Interactive Mail Support Protocol +imsp 406/udp +svrloc 427/tcp # Server Location +svrloc 427/udp +mobileip-agent 434/tcp # MobileIP-Agent +mobileip-agent 434/udp +mobilip-mn 435/tcp # MobilIP-MN +mobilip-mn 435/udp +https 443/tcp # MCom +https 443/udp +snpp 444/tcp # Simple Network Paging Protocol +snpp 444/udp +microsoft-ds 445/tcp Microsoft-DS +microsoft-ds 445/udp Microsoft-DS +kpasswd 464/tcp kpwd # Kerberos "passwd" +kpasswd 464/udp kpwd +urd 465/tcp smtps ssmtp # URL Rendesvous Directory for SSM / smtp protocol over TLS/SSL +igmpv3lite 465/udp smtps ssmtp # IGMP over UDP for SSM +photuris 468/tcp +photuris 468/udp +rcp 469/tcp # Radio Control Protocol +rcp 469/udp +saft 487/tcp # Simple Asynchronous File Transfer +saft 487/udp +gss-http 488/tcp +gss-http 488/udp +pim-rp-disc 496/tcp +pim-rp-disc 496/udp +isakmp 500/tcp # IPsec - Internet Security Association and Key Management Protocol +isakmp 500/udp +exec 512/tcp # remote process execution +comsat 512/udp biff # notify users of new mail received +login 513/tcp # remote login a la telnet +who 513/udp whod # who's logged in to machines +shell 514/tcp cmd # no passwords used +syslog 514/udp +printer 515/tcp spooler # line printer spooler +printer 515/udp spooler +videotex 516/tcp +videotex 516/udp +talk 517/tcp # like tenex link +talk 517/udp +ntalk 518/tcp +ntalk 518/udp +utime 519/tcp unixtime +utime 519/udp unixtime +efs 520/tcp # extended file name server +router 520/udp route routed # local routing process +ripng 521/tcp +ripng 521/udp +ulp 522/tcp +ulp 522/udp +ibm-db2 523/tcp +ibm-db2 523/udp +ncp 524/tcp +ncp 524/udp +timed 525/tcp timeserver +timed 525/udp timeserver +tempo 526/tcp newdate +tempo 526/udp newdate +courier 530/tcp rpc +courier 530/udp rpc +conference 531/tcp chat +conference 531/udp chat +netnews 532/tcp readnews +netnews 532/udp readnews +netwall 533/tcp # -for emergency broadcasts +netwall 533/udp +mm-admin 534/tcp # MegaMedia Admin +mm-admin 534/udp +iiop 535/tcp +iiop 535/udp +opalis-rdv 536/tcp +opalis-rdv 536/udp +nmsp 537/tcp # Networked Media Streaming Protocol +nmsp 537/udp +gdomap 538/tcp # GNUstep distributed objects +gdomap 538/udp +uucp 540/tcp uucpd # uucp daemon +uucp 540/udp uucpd +klogin 543/tcp # Kerberized `rlogin' (v5) +klogin 543/udp +kshell 544/tcp krcmd # Kerberized `rsh' (v5) +kshell 544/udp krcmd +appleqtcsrvr 545/tcp +appleqtcsrvr 545/udp +dhcpv6-client 546/tcp # DHCPv6 Client +dhcpv6-client 546/udp +dhcpv6-server 547/tcp # DHCPv6 Server +dhcpv6-server 547/udp +afpovertcp 548/tcp # AFP over TCP +afpovertcp 548/udp +rtsp 554/tcp # Real Time Stream Control Protocol +rtsp 554/udp +dsf 555/tcp +dsf 555/udp +remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem +remotefs 556/udp rfs_server rfs +nntps 563/tcp snntp # NNTP over SSL +nntps 563/udp snntp +9pfs 564/tcp # plan 9 file service +9pfs 564/udp +whoami 565/tcp +whoami 565/udp +submission 587/tcp # mail message submission +submission 587/udp +http-alt 591/tcp # FileMaker, Inc. - HTTP Alternate +http-alt 591/udp +nqs 607/tcp # Network Queuing system +nqs 607/udp +npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS +npmp-local 610/udp dqs313_qmaster +npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS +npmp-gui 611/udp dqs313_execd +hmmp-ind 612/tcp dqs313_intercell# HMMP Indication / DQS +hmmp-ind 612/udp dqs313_intercell +cryptoadmin 624/tcp # Crypto Admin +cryptoadmin 624/udp +dec_dlm 625/tcp # DEC DLM +dec_dlm 625/udp +asia 626/tcp +asia 626/udp +passgo-tivoli 627/tcp # PassGo Tivoli +passgo-tivoli 627/udp +qmqp 628/tcp # Qmail QMQP +qmqp 628/udp +3com-amp3 629/tcp +3com-amp3 629/udp +rda 630/tcp +rda 630/udp +ipp 631/tcp # Internet Printing Protocol +ipp 631/udp +ldaps 636/tcp # LDAP over SSL +ldaps 636/udp +tinc 655/tcp # TINC control port +tinc 655/udp +acap 674/tcp # Application Configuration Access Protocol +acap 674/udp +asipregistry 687/tcp +asipregistry 687/udp +realm-rusd 688/tcp # ApplianceWare managment protocol +realm-rusd 688/udp +nmap 689/tcp # Opensource Network Mapper +nmap 689/udp +ha-cluster 694/tcp # Heartbeat HA-cluster +ha-cluster 694/udp +epp 700/tcp # Extensible Provisioning Protocol +epp 700/udp +iris-beep 702/tcp # IRIS over BEEP +iris-beep 702/udp +silc 706/tcp # SILC +silc 706/udp +kerberos-adm 749/tcp # Kerberos `kadmin' (v5) +kerberos-adm 749/udp +kerberos-iv 750/tcp kerberos4 kdc # Kerberos (server) +kerberos-iv 750/udp kerberos4 kdc +pump 751/tcp kerberos_master +pump 751/udp kerberos_master # Kerberos authentication +qrh 752/tcp passwd_server +qrh 752/udp passwd_server # Kerberos passwd server +rrh 753/tcp +rrh 753/udp +tell 754/tcp send krb_prop krb5_prop # Kerberos slave propagation +tell 754/udp send +nlogin 758/tcp +nlogin 758/udp +con 759/tcp +con 759/udp +ns 760/tcp krbupdate kreg # Kerberos registration +ns 760/udp +webster 765/tcp # Network dictionary +webster 765/udp +phonebook 767/tcp # Network phonebook +phonebook 767/udp +rsync 873/tcp # rsync +rsync 873/udp +ftps-data 989/tcp # ftp protocol, data, over TLS/SSL +ftps-data 989/udp +ftps 990/tcp # ftp protocol, control, over TLS/SSL +ftps 990/udp +nas 991/tcp # Netnews Administration System +nas 991/udp +telnets 992/tcp # telnet protocol over TLS/SSL +telnets 992/udp +imaps 993/tcp # imap4 protocol over TLS/SSL +imaps 993/udp +ircs 994/tcp # irc protocol over TLS/SSL +ircs 994/udp +pop3s 995/tcp # pop3 protocol over TLS/SSL +pop3s 995/udp + +# +# IANA Assignments [Registered Ports] +# +# The Registered Ports are listed by the IANA and on most systems can be +# used by ordinary user processes or programs executed by ordinary +# users. +# Ports are used in the TCP [RFC793] to name the ends of logical +# connections which carry long term conversations. For the purpose of +# providing services to unknown callers, a service contact port is +# defined. This list specifies the port used by the server process as +# its contact port. +# The IANA registers uses of these ports as a convenience to the +# community. +# To the extent possible, these same port assignments are used with the +# UDP [RFC768]. +# The Registered Ports are in the range 1024-49151. +# +imgames 1077/tcp +imgames 1077/udp +socks 1080/tcp # socks proxy server +socks 1080/udp +rmiregistry 1099/tcp # Java RMI Registry +rmiregistry 1099/udp +bnetgame 1119/tcp # Battle.net Chat/Game Protocol +bnetgame 1119/udp +bnetfile 1120/tcp # Battle.net File Transfer Protocol +bnetfile 1120/udp +hpvmmcontrol 1124/tcp # HP VMM Control +hpvmmcontrol 1124/udp +hpvmmagent 1125/tcp # HP VMM Agent +hpvmmagent 1125/udp +hpvmmdata 1126/tcp # HP VMM Agent +hpvmmdata 1126/udp +resacommunity 1154/tcp # Community Service +resacommunity 1154/udp +3comnetman 1181/tcp # 3Com Net Management +3comnetman 1181/udp +mysql-cluster 1186/tcp # MySQL Cluster Manager +mysql-cluster 1186/udp +alias 1187/tcp # Alias Service +alias 1187/udp +openvpn 1194/tcp # OpenVPN +openvpn 1194/udp +kazaa 1214/tcp # KAZAA +kazaa 1214/udp +bvcontrol 1236/tcp rmtcfg # Gracilis Packeten remote config server +bvcontrol 1236/udp rmtcfg +nessus 1241/tcp # Nessus vulnerability assessment scanner +nessus 1241/udp +h323hostcallsc 1300/tcp # H323 Host Call Secure +h323hostcallsc 1300/udp +lotusnote 1352/tcp # Lotus Note +lotusnote 1352/udp +ms-sql-s 1433/tcp # Microsoft-SQL-Server +ms-sql-s 1433/udp +ms-sql-m 1434/tcp # Microsoft-SQL-Monitor +ms-sql-m 1434/udp +ica 1494/tcp # Citrix ICA Client +ica 1494/udp +wins 1512/tcp # Microsoft's Windows Internet Name Service +wins 1512/udp +ingreslock 1524/tcp +ingreslock 1524/udp +prospero-np 1525/tcp # Prospero non-privileged +prospero-np 1525/udp +datametrics 1645/tcp old-radius # datametrics / old radius entry +datametrics 1645/udp old-radius +sa-msg-port 1646/tcp old-radacct # sa-msg-port / old radacct entry +sa-msg-port 1646/udp old-radacct +rsap 1647/tcp +rsap 1647/udp +concurrent-lm 1648/tcp +concurrent-lm 1648/udp +kermit 1649/tcp +kermit 1649/udp +l2tp 1701/tcp +l2tp 1701/udp +h323gatedisc 1718/tcp +h323gatedisc 1718/udp +h323gatestat 1719/tcp +h323gatestat 1719/udp +h323hostcall 1720/tcp +h323hostcall 1720/udp +iberiagames 1726/tcp +iberiagames 1726/udp +gamegen1 1738/tcp +gamegen1 1738/udp +tftp-mcast 1758/tcp +tftp-mcast 1758/udp +hello 1789/tcp +hello 1789/udp +radius 1812/tcp # Radius +radius 1812/udp +radius-acct 1813/tcp radacct # Radius Accounting +radius-acct 1813/udp radacct +mtp 1911/tcp # Starlight Networks Multimedia Transport Protocol +mtp 1911/udp +egs 1926/tcp # Evolution Game Server +egs 1926/udp +unix-status 1957/tcp # remstats unix-status server +unix-status 1957/udp +hsrp 1985/tcp # Hot Standby Router Protocol +hsrp 1985/udp +licensedaemon 1986/tcp # cisco license management +licensedaemon 1986/udp +tr-rsrb-p1 1987/tcp # cisco RSRB Priority 1 port +tr-rsrb-p1 1987/udp +tr-rsrb-p2 1988/tcp # cisco RSRB Priority 2 port +tr-rsrb-p2 1988/udp +tr-rsrb-p3 1989/tcp # cisco RSRB Priority 3 port +tr-rsrb-p3 1989/udp +stun-p1 1990/tcp # cisco STUN Priority 1 port +stun-p1 1990/udp +stun-p2 1991/tcp # cisco STUN Priority 2 port +stun-p2 1991/udp +stun-p3 1992/tcp # cisco STUN Priority 3 port +stun-p3 1992/udp +snmp-tcp-port 1994/tcp # cisco SNMP TCP port +snmp-tcp-port 1994/udp +stun-port 1995/tcp # cisco serial tunnel port +stun-port 1995/udp +perf-port 1996/tcp # cisco Remote SRB port +perf-port 1996/udp +gdp-port 1997/tcp # cisco Gateway Discovery Protocol +gdp-port 1997/udp +x25-svc-port 1998/tcp # cisco X.25 service (XOT) +x25-svc-port 1998/udp +tcp-id-port 1999/tcp # cisco identification port +tcp-id-port 1999/udp +cisco-sccp 2000/tcp sieve # Cisco SCCP +cisco-sccp 2000/udp sieve +nfs 2049/tcp # Network File System +nfs 2049/udp +radsec 2083/tcp # Secure Radius Service +radsec 2083/udp +gnunet 2086/tcp # GNUnet +gnunet 2086/udp +rtcm-sc104 2101/tcp # RTCM SC-104 +rtcm-sc104 2101/udp +zephyr-srv 2102/tcp # Zephyr server +zephyr-srv 2102/udp +zephyr-clt 2103/tcp # Zephyr serv-hm connection +zephyr-clt 2103/udp +zephyr-hm 2104/tcp # Zephyr hostmanager +zephyr-hm 2104/udp +eyetv 2170/tcp # EyeTV Server Port +eyetv 2170/udp +msfw-storage 2171/tcp # MS Firewall Storage +msfw-storage 2171/udp +msfw-s-storage 2172/tcp # MS Firewall SecureStorage +msfw-s-storage 2172/udp +msfw-replica 2173/tcp # MS Firewall Replication +msfw-replica 2173/udp +msfw-array 2174/tcp # MS Firewall Intra Array +msfw-array 2174/udp +airsync 2175/tcp # Microsoft Desktop AirSync Protocol +airsync 2175/udp +rapi 2176/tcp # Microsoft ActiveSync Remote API +rapi 2176/udp +qwave 2177/tcp # qWAVE Bandwidth Estimate +qwave 2177/udp +tivoconnect 2190/tcp # TiVoConnect Beacon +tivoconnect 2190/udp +tvbus 2191/tcp # TvBus Messaging +tvbus 2191/udp +mysql-im 2273/tcp # MySQL Instance Manager +mysql-im 2273/udp +dict-lookup 2289/tcp # Lookup dict server +dict-lookup 2289/udp +redstorm_join 2346/tcp # Game Connection Port +redstorm_join 2346/udp +redstorm_find 2347/tcp # Game Announcement and Location +redstorm_find 2347/udp +redstorm_info 2348/tcp # Information to query for game status +redstorm_info 2348/udp +cvspserver 2401/tcp # CVS client/server operations +cvspserver 2401/udp +venus 2430/tcp # codacon port +venus 2430/udp +venus-se 2431/tcp # tcp side effects +venus-se 2431/udp +codasrv 2432/tcp # not used +codasrv 2432/udp +codasrv-se 2433/tcp # tcp side effects +codasrv-se 2433/udp +netadmin 2450/tcp +netadmin 2450/udp +netchat 2451/tcp +netchat 2451/udp +snifferclient 2452/tcp +snifferclient 2452/udp +ppcontrol 2505/tcp # PowerPlay Control +ppcontrol 2505/udp +lstp 2559/tcp # +lstp 2559/udp +mon 2583/tcp +mon 2583/udp +hpstgmgr 2600/tcp zebrasrv +hpstgmgr 2600/udp zebrasrv +discp-client 2601/tcp zebra # discp client +discp-client 2601/udp zebra +discp-server 2602/tcp ripd # discp server +discp-server 2602/udp ripd +servicemeter 2603/tcp ripngd # Service Meter +servicemeter 2603/udp ripngd +nsc-ccs 2604/tcp ospfd # NSC CCS +nsc-ccs 2604/udp ospfd +nsc-posa 2605/tcp bgpd # NSC POSA +nsc-posa 2605/udp bgpd +netmon 2606/tcp ospf6d # Dell Netmon +netmon 2606/udp ospf6d +connection 2607/tcp # Dell Connection +connection 2607/udp +wag-service 2608/tcp # Wag Service +wag-service 2608/udp +dict 2628/tcp # Dictionary server +dict 2628/udp +exce 2769/tcp # eXcE +exce 2769/udp +dvr-esm 2804/tcp # March Networks Digital Video Recorders and Enterprise Service Manager products +dvr-esm 2804/udp +corbaloc 2809/tcp # CORBA LOC +corbaloc 2809/udp +ndtp 2882/tcp # Network Dictionary Transfer Protocol +ndtp 2882/udp +gamelobby 2914/tcp # Game Lobby +gamelobby 2914/udp +gds_db 3050/tcp # InterBase server +gds_db 3050/udp +xbox 3074/tcp # Xbox game port +xbox 3074/udp +icpv2 3130/tcp icp # Internet Cache Protocol (Squid) +icpv2 3130/udp icp +nm-game-admin 3148/tcp # NetMike Game Administrator +nm-game-admin 3148/udp +nm-game-server 3149/tcp # NetMike Game Server +nm-game-server 3149/udp +mysql 3306/tcp # MySQL +mysql 3306/udp +sftu 3326/tcp +sftu 3326/udp +trnsprntproxy 3346/tcp # Transparent Proxy +trnsprntproxy 3346/udp +ms-wbt-server 3389/tcp rdp # MS WBT Server +ms-wbt-server 3389/udp rdp # Microsoft Remote Desktop Protocol +prsvp 3455/tcp # RSVP Port +prsvp 3455/udp +nut 3493/tcp # Network UPS Tools +nut 3493/udp +ironstorm 3504/tcp # IronStorm game server +ironstorm 3504/udp +cctv-port 3559/tcp # CCTV control port +cctv-port 3559/udp +iw-mmogame 3596/tcp # Illusion Wireless MMOG +iw-mmogame 3596/udp +distcc 3632/tcp # Distributed Compiler +distcc 3632/udp +daap 3689/tcp # Digital Audio Access Protocol +daap 3689/udp +svn 3690/tcp # Subversion +svn 3690/udp +blizwow 3724/tcp # World of Warcraft +blizwow 3724/udp +netboot-pxe 3928/tcp pxe # PXE NetBoot Manager +netboot-pxe 3928/udp pxe +smauth-port 3929/tcp # AMS Port +smauth-port 3929/udp +treehopper 3959/tcp # Tree Hopper Networking +treehopper 3959/udp +cobraclient 3970/tcp # Cobra Client +cobraclient 3970/udp +cobraserver 3971/tcp # Cobra Server +cobraserver 3971/udp +pxc-spvr-ft 4002/tcp pxc-spvr-ft +pxc-spvr-ft 4002/udp pxc-spvr-ft +pxc-splr-ft 4003/tcp pxc-splr-ft rquotad +pxc-splr-ft 4003/udp pxc-splr-ft rquotad +pxc-roid 4004/tcp pxc-roid +pxc-roid 4004/udp pxc-roid +pxc-pin 4005/tcp pxc-pin +pxc-pin 4005/udp pxc-pin +pxc-spvr 4006/tcp pxc-spvr +pxc-spvr 4006/udp pxc-spvr +pxc-splr 4007/tcp pxc-splr +pxc-splr 4007/udp pxc-splr +xgrid 4111/tcp # Mac OS X Server Xgrid +xgrid 4111/udp +bzr 4155/tcp # Bazaar Version Control System +bzr 4155/udp # Bazaar version control system +rwhois 4321/tcp # Remote Who Is +rwhois 4321/udp +epmd 4369/tcp # Erlang Port Mapper Daemon +epmd 4369/udp +krb524 4444/tcp +krb524 4444/udp +ipsec-nat-t 4500/tcp # IPsec NAT-Traversal +ipsec-nat-t 4500/udp +hylafax 4559/tcp # HylaFAX client-server protocol (new) +hylafax 4559/udp +piranha1 4600/tcp +piranha1 4600/udp +playsta2-app 4658/tcp # PlayStation2 App Port +playsta2-app 4658/udp +playsta2-lob 4659/tcp # PlayStation2 Lobby Port +playsta2-lob 4659/udp +snap 4752/tcp # Simple Network Audio Protocol +snap 4752/udp +radmin-port 4899/tcp # RAdmin Port +radmin-port 4899/udp +rfe 5002/tcp # Radio Free Ethernet +rfe 5002/udp +ita-agent 5051/tcp # ITA Agent +ita-agent 5051/udp +sdl-ets 5081/tcp # SDL - Ent Trans Server +sdl-ets 5081/udp +bzflag 5154/tcp # BZFlag game server +bzflag 5154/udp +aol 5190/tcp # America-Online +aol 5190/udp +xmpp-client 5222/tcp # XMPP Client Connection +xmpp-client 5222/udp +caevms 5251/tcp # CA eTrust VM Service +caevms 5251/udp +xmpp-server 5269/tcp # XMPP Server Connection +xmpp-server 5269/udp +cfengine 5308/tcp # CFengine +cfengine 5308/udp +nat-pmp 5351/tcp # NAT Port Mapping Protocol +nat-pmp 5351/udp +dns-llq 5352/tcp # DNS Long-Lived Queries +dns-llq 5352/udp +mdns 5353/tcp # Multicast DNS +mdns 5353/udp +mdnsresponder 5354/tcp noclog # Multicast DNS Responder IPC +mdnsresponder 5354/udp noclog # noclogd with TCP (nocol) +llmnr 5355/tcp hostmon # Link-Local Multicast Name Resolution +llmnr 5355/udp hostmon # hostmon uses TCP (nocol) +dj-ice 5419/tcp +dj-ice 5419/udp +beyond-remote 5424/tcp # Beyond Remote +beyond-remote 5424/udp +br-channel 5425/tcp # Beyond Remote Command Channel +br-channel 5425/udp +postgresql 5432/tcp # POSTGRES +postgresql 5432/udp +sgi-eventmond 5553/tcp # SGI Eventmond Port +sgi-eventmond 5553/udp +sgi-esphttp 5554/tcp # SGI ESP HTTP +sgi-esphttp 5554/udp +cvsup 5999/tcp # CVSup +cvsup 5999/udp +x11 6000/tcp # X Window System +x11 6000/udp +kftp-data 6620/tcp # Kerberos V5 FTP Data +kftp-data 6620/udp +kftp 6621/tcp # Kerberos V5 FTP Control +kftp 6621/udp +ktelnet 6623/tcp # Kerberos V5 Telnet +ktelnet 6623/udp +gnutella-svc 6346/tcp +gnutella-svc 6346/udp +gnutella-rtr 6347/tcp +gnutella-rtr 6347/udp +sane-port 6566/tcp # SANE Network Scanner Control Port +sane-port 6566/udp +parsec-game 6582/tcp # Parsec Gameserver +parsec-game 6582/udp +afs3-fileserver 7000/tcp bbs # file server itself +afs3-fileserver 7000/udp bbs +afs3-callback 7001/tcp # callbacks to cache managers +afs3-callback 7001/udp +afs3-prserver 7002/tcp # users & groups database +afs3-prserver 7002/udp +afs3-vlserver 7003/tcp # volume location database +afs3-vlserver 7003/udp +afs3-kaserver 7004/tcp # AFS/Kerberos authentication +afs3-kaserver 7004/udp +afs3-volser 7005/tcp # volume managment server +afs3-volser 7005/udp +afs3-errors 7006/tcp # error interpretation service +afs3-errors 7006/udp +afs3-bos 7007/tcp # basic overseer process +afs3-bos 7007/udp +afs3-update 7008/tcp # server-to-server updater +afs3-update 7008/udp +afs3-rmtsys 7009/tcp # remote cache manager service +afs3-rmtsys 7009/udp +font-service 7100/tcp xfs # X Font Service +font-service 7100/udp xfs +sncp 7560/tcp # Sniffer Command Protocol +sncp 7560/udp +soap-http 7627/tcp # SOAP Service Port +soap-http 7627/udp +http-alt 8008/tcp # HTTP Alternate +http-alt 8008/udp +http-alt 8080/tcp webcache # HTTP Alternate +http-alt 8080/udp webcache # WWW caching service +sunproxyadmin 8081/tcp tproxy # Sun Proxy Admin Service +sunproxyadmin 8081/udp tproxy # Transparent Proxy +pichat 9009/tcp # Pichat Server +pichat 9009/udp +bacula-dir 9101/tcp # Bacula Director +bacula-dir 9101/udp +bacula-fd 9102/tcp # Bacula File Daemon +bacula-fd 9102/udp +bacula-sd 9103/tcp # Bacula Storage Daemon +bacula-sd 9103/udp +dddp 9131/tcp # Dynamic Device Discovery +dddp 9131/udp +wap-wsp 9200/tcp # WAP connectionless session service +wap-wsp 9200/udp +wap-wsp-wtp 9201/tcp # WAP session service +wap-wsp-wtp 9201/udp +wap-wsp-s 9202/tcp # WAP secure connectionless session service +wap-wsp-s 9202/udp +wap-wsp-wtp-s 9203/tcp # WAP secure session service +wap-wsp-wtp-s 9203/udp +wap-vcard 9204/tcp # WAP vCard +wap-vcard 9204/udp +wap-vcal 9205/tcp # WAP vCal +wap-vcal 9205/udp +wap-vcard-s 9206/tcp # WAP vCard Secure +wap-vcard-s 9206/udp +wap-vcal-s 9207/tcp # WAP vCal Secure +wap-vcal-s 9207/udp +git 9418/tcp # git pack transfer service +git 9418/udp +cba8 9593/tcp # LANDesk Management Agent +cba8 9593/udp +davsrc 9800/tcp # WebDav Source Port +davsrc 9800/udp +sd 9876/tcp # Session Director +sd 9876/udp +cyborg-systems 9888/tcp # CYBORG Systems +cyborg-systems 9888/udp +monkeycom 9898/tcp # MonkeyCom +monkeycom 9898/udp +sctp-tunneling 9899/tcp # SCTP TUNNELING +sctp-tunneling 9899/udp +domaintime 9909/tcp # domaintime +domaintime 9909/udp +amanda 10080/tcp # amanda backup services +amanda 10080/udp +vce 11111/tcp # Viral Computing Environment (VCE) +vce 11111/udp +smsqp 11201/tcp # Alamin SMS gateway +smsqp 11201/udp +hkp 11371/tcp # OpenPGP HTTP Keyserver +hkp 11371/udp +h323callsigalt 11720/tcp # h323 Call Signal Alternate +h323callsigalt 11720/udp +rets-ssl 12109/tcp # RETS over SSL +rets-ssl 12109/udp +cawas 12168/tcp # CA Web Access Service +cawas 12168/udp +bprd 13720/tcp # BPRD Protocol (VERITAS NetBackup) +bprd 13720/udp +bpdbm 13721/tcp # BPDBM Protocol (VERITAS NetBackup) +bpdbm 13721/udp +bpjava-msvc 13722/tcp # BP Java MSVC Protocol +bpjava-msvc 13722/udp +vnetd 13724/tcp # Veritas Network Utility +vnetd 13724/udp +bpcd 13782/tcp # VERITAS NetBackup +bpcd 13782/udp +vopied 13783/tcp # VOPIED Protocol +vopied 13783/udp +xpilot 15345/tcp # XPilot Contact Port +xpilot 15345/udp +wnn6 22273/tcp # wnn6 +wnn6 22273/udp +binkp 24554/tcp # Bink fidonet protocol +binkp 24554/udp +quake 26000/tcp # Quake @@!# +quake 26000/udp +wnn6-ds 26208/tcp +wnn6-ds 26208/udp +tetrinet 31457/tcp # TetriNET Protocol +tetrinet 31457/udp +gamesmith-port 31765/tcp # GameSmith Port +gamesmith-port 31765/udp +traceroute 33434/tcp # traceroute use +traceroute 33434/udp +candp 42508/tcp # Computer Associates network discovery protocol +candp 42508/udp +candrp 42509/tcp # CA discovery response +candrp 42509/udp +caerpc 42510/tcp # CA eTrust RPC +caerpc 42510/udp + +#========================================================================= +# The remaining port numbers are not as allocated by IANA. + +# Kerberos (Project Athena/MIT) services +# Note that these are for Kerberos v4, and are unofficial +kpop 1109/tcp # Pop with Kerberos +knetd 2053/tcp # Kerberos de-multiplexor +eklogin 2105/tcp # Kerberos encrypted rlogin + +# CVSup support http://www.cvsup.org/ +supfilesrv 871/tcp # SUP server +supfiledbg 1127/tcp # SUP debugging + +# Datagram Delivery Protocol services +rtmp 1/ddp # Routing Table Maintenance Protocol +nbp 2/ddp # Name Binding Protocol +echo 4/ddp # AppleTalk Echo Protocol +zip 6/ddp # Zone Information Protocol + +# Many services now accepted as 'standard' +swat 901/tcp # Samba configuration tool +rndc 953/tcp # rndc control sockets (BIND 9) +rndc 953/udp +skkserv 1178/tcp # SKK Japanese input method +xtel 1313/tcp # french minitel +support 1529/tcp # GNATS +cfinger 2003/tcp lmtp # GNU Finger +ninstall 2150/tcp # ninstall service +ninstall 2150/udp +afbackup 2988/tcp # Afbackup system +afbackup 2988/udp +fax 4557/tcp # FAX transmission service (old) +rplay 5555/tcp # RPlay audio service +rplay 5555/udp +canna 5680/tcp # Canna (Japanese Input) +x11-ssh 6010/tcp x11-ssh-offset +x11-ssh 6010/udp x11-ssh-offset +ircd 6667/tcp # Internet Relay Chat +ircd 6667/udp +jetdirect 9100/tcp # HP JetDirect card +jetdirect 9100/udp +mandelspawn 9359/udp mandelbrot # network mandelbrot +kamanda 10081/tcp # amanda backup services (Kerberos) +kamanda 10081/udp +amandaidx 10082/tcp # amanda backup services +amidxtape 10083/tcp # amanda backup services +isdnlog 20011/tcp # isdn logging system +isdnlog 20011/udp +vboxd 20012/tcp # voice box system +vboxd 20012/udp +wnn4_Cn 22289/tcp wnn6_Cn # Wnn (Chinese input) +wnn4_Kr 22305/tcp wnn6_Kr # Wnn (Korean input) +wnn4_Tw 22321/tcp wnn6_Tw # Wnn (Taiwanse input) +asp 27374/tcp # Address Search Protocol +asp 27374/udp +tfido 60177/tcp # Ifmail +tfido 60177/udp +fido 60179/tcp # Ifmail +fido 60179/udp + +# Local services + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@a1059 4 +sqlexec 9088/tcp # IBM Informix SQL Interface +sqlexec 9088/udp +sqlexec-ssl 9089/tcp # IBM Informix SQL Interface - Encrypted +sqlexec-ssl 9089/udp +@ diff --git a/config-archive/etc/skel/.bash_logout b/config-archive/etc/skel/.bash_logout new file mode 100644 index 0000000..62581c4 --- /dev/null +++ b/config-archive/etc/skel/.bash_logout @@ -0,0 +1,6 @@ +# /etc/skel/.bash_logout + +# This file is sourced when a login shell terminates. + +# Clear the screen for security's sake. +#clear diff --git a/config-archive/etc/skel/.bash_logout.dist.new b/config-archive/etc/skel/.bash_logout.dist.new new file mode 100644 index 0000000..44b6f79 --- /dev/null +++ b/config-archive/etc/skel/.bash_logout.dist.new @@ -0,0 +1,6 @@ +# /etc/skel/.bash_logout + +# This file is sourced when a login shell terminates. + +# Clear the screen for security's sake. +clear diff --git a/config-archive/etc/smartd.conf,v b/config-archive/etc/smartd.conf,v new file mode 100644 index 0000000..5f8b003 --- /dev/null +++ b/config-archive/etc/smartd.conf,v @@ -0,0 +1,194 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.10.30.19.30.29; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.01.31.12.51.48; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# Sample configuration file for smartd. See man smartd.conf. + +# Home page is: http://smartmontools.sourceforge.net + +# $Id: smartd.conf,v 1.45 2006/11/12 23:39:04 dpgilbert Exp $ + +# smartd will re-read the configuration file if it receives a HUP +# signal + +# The file gives a list of devices to monitor using smartd, with one +# device per line. Text after a hash (#) is ignored, and you may use +# spaces and tabs for white space. You may use '\' to continue lines. + +# You can usually identify which hard disks are on your system by +# looking in /proc/ide and in /proc/scsi. + +# The word DEVICESCAN will cause any remaining lines in this +# configuration file to be ignored: it tells smartd to scan for all +# ATA and SCSI devices. DEVICESCAN may be followed by any of the +# Directives listed below, which will be applied to all devices that +# are found. Most users should comment out DEVICESCAN and explicitly +# list the devices that they wish to monitor. +DEVICESCAN + +# Alternative setting to ignore temperature and power-on hours reports +# in syslog. +#DEVICESCAN -I 194 -I 231 -I 9 + +# Alternative setting to report more useful raw temperature in syslog. +#DEVICESCAN -R 194 -R 231 -I 9 + +# Alternative setting to report raw temperature changes >= 5 Celsius +# and min/max temperatures. +#DEVICESCAN -I 194 -I 231 -I 9 -W 5 + +# First (primary) ATA/IDE hard disk. Monitor all attributes, enable +# automatic online data collection, automatic Attribute autosave, and +# start a short self-test every day between 2-3am, and a long self test +# Saturdays between 3-4am. +#/dev/hda -a -o on -S on -s (S/../.././02|L/../../6/03) +/dev/sda -a -m frank@@brehm-online.com -M daily -M test -s (S/../.././01|L/../../6/03) +/dev/sdb -a -m frank@@brehm-online.com -M daily -M test -s (S/../.././01|L/../../6/03) + +# Monitor SMART status, ATA Error Log, Self-test log, and track +# changes in all attributes except for attribute 194 +#/dev/hdb -H -l error -l selftest -t -I 194 + +# Monitor all attributes except normalized Temperature (usually 194), +# but track Temperature changes >= 4 Celsius, report Temperatures +# >= 45 Celsius and changes in Raw value of Reallocated_Sector_Ct (5). +# Send mail on SMART failures or when Temperature is >= 55 Celsius. +#/dev/hdc -a -I 194 -W 4,45,55 -R 5 -m admin@@example.com + +# An ATA disk may appear as a SCSI device to the OS. If a SCSI to +# ATA Translation (SAT) layer is between the OS and the device then +# this can be flagged with the '-d sat' option. This situation may +# become common with SATA disks in SAS and FC environments. +# /dev/sda -a -d sat + +# A very silent check. Only report SMART health status if it fails +# But send an email in this case +#/dev/hdc -H -C 0 -U 0 -m admin@@example.com + +# First two SCSI disks. This will monitor everything that smartd can +# monitor. Start extended self-tests Wednesdays between 6-7pm and +# Sundays between 1-2 am +#/dev/sda -d scsi -s L/../../3/18 +#/dev/sdb -d scsi -s L/../../7/01 + +# Monitor 4 ATA disks connected to a 3ware 6/7/8000 controller which uses +# the 3w-xxxx driver. Start long self-tests Sundays between 1-2, 2-3, 3-4, +# and 4-5 am. +# NOTE: starting with the Linux 2.6 kernel series, the /dev/sdX interface +# is DEPRECATED. Use the /dev/tweN character device interface instead. +# For example /dev/twe0, /dev/twe1, and so on. +#/dev/sdc -d 3ware,0 -a -s L/../../7/01 +#/dev/sdc -d 3ware,1 -a -s L/../../7/02 +#/dev/sdc -d 3ware,2 -a -s L/../../7/03 +#/dev/sdc -d 3ware,3 -a -s L/../../7/04 + +# Monitor 2 ATA disks connected to a 3ware 9000 controller which uses +# the 3w-9xxx driver (Linux, FreeBSD). Start long self-tests Tuesdays +# between 1-2 and 3-4 am. +#/dev/twa0 -d 3ware,0 -a -s L/../../2/01 +#/dev/twa0 -d 3ware,1 -a -s L/../../2/03 + +# Same as above for Windows. Option '-d 3ware,N' is not necessary, +# disk (port) number is specified in device name. +# NOTE: On Windows, DEVICESCAN works also for 3ware controllers. +#/dev/hdc,0 -a -s L/../../2/01 +#/dev/hdc,1 -a -s L/../../2/03 + +# Monitor 3 ATA disks directly connected to a HighPoint RocketRAID. Start long +# self-tests Sundays between 1-2, 2-3, and 3-4 am. +#/dev/sdd -d hpt,1/1 -a -s L/../../7/01 +#/dev/sdd -d hpt,1/2 -a -s L/../../7/02 +#/dev/sdd -d hpt,1/3 -a -s L/../../7/03 + +# Monitor 2 ATA disks connected to the same PMPort which connected to the +# HighPoint RocketRAID. Start long self-tests Tuesdays between 1-2 and 3-4 am +#/dev/sdd -d hpt,1/4/1 -a -s L/../../2/01 +#/dev/sdd -d hpt,1/4/2 -a -s L/../../2/03 + +# HERE IS A LIST OF DIRECTIVES FOR THIS CONFIGURATION FILE. +# PLEASE SEE THE smartd.conf MAN PAGE FOR DETAILS +# +# -d TYPE Set the device type: ata, scsi, marvell, removable, 3ware,N, hpt,L/M/N +# -T TYPE set the tolerance to one of: normal, permissive +# -o VAL Enable/disable automatic offline tests (on/off) +# -S VAL Enable/disable attribute autosave (on/off) +# -n MODE No check. MODE is one of: never, sleep, standby, idle +# -H Monitor SMART Health Status, report if failed +# -l TYPE Monitor SMART log. Type is one of: error, selftest +# -f Monitor for failure of any 'Usage' Attributes +# -m ADD Send warning email to ADD for -H, -l error, -l selftest, and -f +# -M TYPE Modify email warning behavior (see man page) +# -s REGE Start self-test when type/date matches regular expression (see man page) +# -p Report changes in 'Prefailure' Normalized Attributes +# -u Report changes in 'Usage' Normalized Attributes +# -t Equivalent to -p and -u Directives +# -r ID Also report Raw values of Attribute ID with -p, -u or -t +# -R ID Track changes in Attribute ID Raw value with -p, -u or -t +# -i ID Ignore Attribute ID for -f Directive +# -I ID Ignore Attribute ID for -p, -u or -t Directive +# -C ID Report if Current Pending Sector count non-zero +# -U ID Report if Offline Uncorrectable count non-zero +# -W D,I,C Monitor Temperature D)ifference, I)nformal limit, C)ritical limit +# -v N,ST Modifies labeling of Attribute N (see man page) +# -a Default: equivalent to -H -f -t -l error -l selftest -C 197 -U 198 +# -F TYPE Use firmware bug workaround. Type is one of: none, samsung +# -P TYPE Drive-specific presets: use, ignore, show, showall +# # Comment: text after a hash sign is ignored +# \ Line continuation character +# Attribute ID is a decimal integer 1 <= ID <= 255 +# except for -C and -U, where ID = 0 turns them off. +# All but -d, -m and -M Directives are only implemented for ATA devices +# +# If the test string DEVICESCAN is the first uncommented text +# then smartd will scan for devices /dev/hd[a-l] and /dev/sd[a-z] +# DEVICESCAN may be followed by any desired Directives. +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d5 1 +a5 1 +# $Id: smartd.conf 3128 2010-07-27 13:08:31Z chrfranke $ +d41 2 +d81 2 +a82 2 +# Monitor 2 ATA disks connected to a 3ware 9000 controller which +# uses the 3w-9xxx driver (Linux, FreeBSD). Start long self-tests Tuesdays +a86 6 +# Monitor 2 SATA (not SAS) disks connected to a 3ware 9000 controller which +# uses the 3w-sas driver (Linux, FreeBSD). Start long self-tests Tuesdays +# between 1-2 and 3-4 am. +#/dev/twl0 -d 3ware,0 -a -s L/../../2/01 +#/dev/twa0 -d 3ware,1 -a -s L/../../2/03 + +@ diff --git a/config-archive/etc/ssh/ssh_config,v b/config-archive/etc/ssh/ssh_config,v new file mode 100644 index 0000000..9421477 --- /dev/null +++ b/config-archive/etc/ssh/ssh_config,v @@ -0,0 +1,164 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2010.11.30.22.11.02; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.09.08.20.36.51; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.09.08.20.36.51; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@# $OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $ + +# This is the ssh client system-wide configuration file. See +# ssh_config(5) for more information. This file provides defaults for +# users, and the values can be changed in per-user configuration files +# or on the command line. + +# Configuration data is parsed as follows: +# 1. command line options +# 2. user-specific file +# 3. system-wide file +# Any configuration value is only changed the first time it is set. +# Thus, host-specific definitions should be at the beginning of the +# configuration file, and defaults at the end. + +# Site-wide defaults for some commonly used options. For a comprehensive +# list of available options, their meanings and defaults, please see the +# ssh_config(5) man page. + +# Host * +# ForwardAgent no + ForwardAgent yes +# ForwardX11 no +# RhostsRSAAuthentication no +# RSAAuthentication yes +# PasswordAuthentication yes +# HostbasedAuthentication no +# GSSAPIAuthentication no +# GSSAPIDelegateCredentials no +# BatchMode no +# CheckHostIP yes +# AddressFamily any +# ConnectTimeout 0 +# StrictHostKeyChecking ask +# IdentityFile ~/.ssh/identity +# IdentityFile ~/.ssh/id_rsa +# IdentityFile ~/.ssh/id_dsa +# Port 22 +# Protocol 2,1 +# Cipher 3des +# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc +# MACs hmac-md5,hmac-sha1,umac-64@@openssh.com,hmac-ripemd160 +# EscapeChar ~ +# Tunnel no +# TunnelDevice any:any +# PermitLocalCommand no +# VisualHostKey no +# ProxyCommand ssh -q -W %h:%p gateway.example.com +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenBSD$ +a43 11 +# AllowedCertPurpose sslserver +# MandatoryCRL no +# CACertificateFile /etc/ssh/ca/ca-bundle.crt +# CACertificatePath /etc/ssh/ca/crt +# CARevocationFile /etc/ssh/ca/ca-bundle.crl +# CARevocationPath /etc/ssh/ca/crl +# UserCACertificateFile ~/.ssh/ca-bundle.crt +# UserCACertificatePath ~/.ssh/crt +# UserCARevocationFile ~/.ssh/ca-bundle.crl +# UserCARevocationPath ~/.ssh/crl +# VAType none +d48 1 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $ +d22 1 +d44 11 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenBSD$ +a42 11 +# AllowedCertPurpose sslserver +# MandatoryCRL no +# CACertificateFile /etc/ssh/ca/ca-bundle.crt +# CACertificatePath /etc/ssh/ca/crt +# CARevocationFile /etc/ssh/ca/ca-bundle.crl +# CARevocationPath /etc/ssh/ca/crl +# UserCACertificateFile ~/.ssh/ca-bundle.crt +# UserCACertificatePath ~/.ssh/crt +# UserCARevocationFile ~/.ssh/ca-bundle.crl +# UserCARevocationPath ~/.ssh/crl +# VAType none +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@a57 1 +# ProxyCommand ssh -q -W %h:%p gateway.example.com +@ diff --git a/config-archive/etc/ssh/sshd_config,v b/config-archive/etc/ssh/sshd_config,v new file mode 100644 index 0000000..a58c897 --- /dev/null +++ b/config-archive/etc/ssh/sshd_config,v @@ -0,0 +1,485 @@ +head 1.4; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.4 +date 2011.02.26.23.29.20; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.11.30.22.11.02; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.09.08.20.36.51; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.05.26.04.51.11; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2010.09.08.20.37.52; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.02.26.23.35.37; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.4 +log +@dispatch-conf update. +@ +text +@# $OpenBSD$ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options change a +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +# The default requires explicit activation of protocol 1 +#Protocol 2 + +# HostKey for protocol version 1 +#HostKey /etc/ssh/ssh_host_key +# HostKeys for protocol version 2 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key + +# "key type names" for X.509 certificates with RSA key +# Note first defined is used in signature operations! +#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5 +#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1 + +# "key type names" for X.509 certificates with DSA key +# Note first defined is used in signature operations! +#X509KeyAlgorithm x509v3-sign-dss,dss-asn1 +#X509KeyAlgorithm x509v3-sign-dss,dss-raw + +# The intended use for the X509 client certificate. Without this option +# no chain verification will be done. Currently accepted uses are case +# insensitive: +# - "sslclient", "SSL client", "SSL_client" or "client" +# - "any", "Any Purpose", "Any_Purpose" or "AnyPurpose" +# - "skip" or ""(empty): don`t check purpose. +#AllowedCertPurpose sslclient + +# Specifies whether self-issued(self-signed) X.509 certificate can be +# allowed only by entry in AutorizedKeysFile that contain matching +# public key or certificate blob. +#KeyAllowSelfIssued no + +# Specifies whether CRL must present in store for all certificates in +# certificate chain with atribute "cRLDistributionPoints" +#MandatoryCRL no + +# A file with multiple certificates of certificate signers +# in PEM format concatenated together. +#CACertificateFile /etc/ssh/ca/ca-bundle.crt + +# A directory with certificates of certificate signers. +# The certificates should have name of the form: [HASH].[NUMBER] +# or have symbolic links to them of this form. +#CACertificatePath /etc/ssh/ca/crt + +# A file with multiple CRL of certificate signers +# in PEM format concatenated together. +#CARevocationFile /etc/ssh/ca/ca-bundle.crl + +# A directory with CRL of certificate signers. +# The CRL should have name of the form: [HASH].r[NUMBER] +# or have symbolic links to them of this form. +#CARevocationPath /etc/ssh/ca/crl + +# LDAP protocol version. +# Example: +# CAldapVersion 2 + +# Note because of OpenSSH options parser limitation +# use %3D instead of = ! +# LDAP initialization may require URL to be escaped, i.e. +# use %2C instead of ,(comma). Escaped URL don't depend from +# LDAP initialization method. +# Example: +# CAldapURL ldap://localhost:389/dc%3Dexample%2Cdc%3Dcom + +# SSH can use "Online Certificate Status Protocol"(OCSP) +# to validate certificate. Set VAType to +# - none : do not use OCSP to validate certificates; +# - ocspcert: validate only certificates that specify `OCSP +# Service Locator' URL; +# - ocspspec: use specified in the configuration 'OCSP Responder' +# to validate all certificates. +#VAType none + +# Lifetime and size of ephemeral version 1 server key +#KeyRegenerationInterval 1h +#ServerKeyBits 1024 + +# Logging +# obsoletes QuietMode and FascistLogging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin yes +PermitRootLogin no +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#RSAAuthentication yes +#PubkeyAuthentication yes +#AuthorizedKeysFile .ssh/authorized_keys + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#RhostsRSAAuthentication no +# similar for protocol version 2 +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +PasswordAuthentication no +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +PrintMotd no +PrintLastLog no +#TCPKeepAlive yes +#UseLogin no +#UsePrivilegeSeparation yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS yes +#PidFile /var/run/sshd.pid +#MaxStartups 10 +#PermitTunnel no +#ChrootDirectory none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/lib64/misc/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# ForceCommand cvs server +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenBSD: sshd_config,v 1.81 2009/10/08 14:03:41 markus Exp $ +d27 66 +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenBSD$ +d18 2 +a19 4 +# Disable legacy (protocol version 1) support in the server for new +# installations. In future the default will change to require explicit +# activation of protocol 1 +Protocol 2 +a26 66 +# "key type names" for X.509 certificates with RSA key +# Note first defined is used in signature operations! +#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5 +#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1 + +# "key type names" for X.509 certificates with DSA key +# Note first defined is used in signature operations! +#X509KeyAlgorithm x509v3-sign-dss,dss-asn1 +#X509KeyAlgorithm x509v3-sign-dss,dss-raw + +# The intended use for the X509 client certificate. Without this option +# no chain verification will be done. Currently accepted uses are case +# insensitive: +# - "sslclient", "SSL client", "SSL_client" or "client" +# - "any", "Any Purpose", "Any_Purpose" or "AnyPurpose" +# - "skip" or ""(empty): don`t check purpose. +#AllowedCertPurpose sslclient + +# Specifies whether self-issued(self-signed) X.509 certificate can be +# allowed only by entry in AutorizedKeysFile that contain matching +# public key or certificate blob. +#KeyAllowSelfIssued no + +# Specifies whether CRL must present in store for all certificates in +# certificate chain with atribute "cRLDistributionPoints" +#MandatoryCRL no + +# A file with multiple certificates of certificate signers +# in PEM format concatenated together. +#CACertificateFile /etc/ssh/ca/ca-bundle.crt + +# A directory with certificates of certificate signers. +# The certificates should have name of the form: [HASH].[NUMBER] +# or have symbolic links to them of this form. +#CACertificatePath /etc/ssh/ca/crt + +# A file with multiple CRL of certificate signers +# in PEM format concatenated together. +#CARevocationFile /etc/ssh/ca/ca-bundle.crl + +# A directory with CRL of certificate signers. +# The CRL should have name of the form: [HASH].r[NUMBER] +# or have symbolic links to them of this form. +#CARevocationPath /etc/ssh/ca/crl + +# LDAP protocol version. +# Example: +# CAldapVersion 2 + +# Note because of OpenSSH options parser limitation +# use %3D instead of = ! +# LDAP initialization may require URL to be escaped, i.e. +# use %2C instead of ,(comma). Escaped URL don't depend from +# LDAP initialization method. +# Example: +# CAldapURL ldap://localhost:389/dc%3Dexample%2Cdc%3Dcom + +# SSH can use "Online Certificate Status Protocol"(OCSP) +# to validate certificate. Set VAType to +# - none : do not use OCSP to validate certificates; +# - ocspcert: validate only certificates that specify `OCSP +# Service Locator' URL; +# - ocspspec: use specified in the configuration 'OCSP Responder' +# to validate all certificates. +#VAType none + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ +d29 66 +d108 1 +d133 1 +d160 1 +a180 15 +# here are the new patched ldap related tokens +# entries in your LDAP must have posixAccount & ldapPublicKey objectclass +#UseLPK yes +#LpkLdapConf /etc/ldap.conf +#LpkServers ldap://10.1.7.1/ ldap://10.1.7.2/ +#LpkUserDN ou=users,dc=phear,dc=org +#LpkGroupDN ou=groups,dc=phear,dc=org +#LpkBindDN cn=Manager,dc=phear,dc=org +#LpkBindPw secret +#LpkServerGroup mail +#LpkFilter (hostAccess=master.phear.org) +#LpkForceTLS no +#LpkSearchTimelimit 3 +#LpkBindTimelimit 3 + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# $OpenBSD$ +a28 66 +# "key type names" for X.509 certificates with RSA key +# Note first defined is used in signature operations! +#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5 +#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1 + +# "key type names" for X.509 certificates with DSA key +# Note first defined is used in signature operations! +#X509KeyAlgorithm x509v3-sign-dss,dss-asn1 +#X509KeyAlgorithm x509v3-sign-dss,dss-raw + +# The intended use for the X509 client certificate. Without this option +# no chain verification will be done. Currently accepted uses are case +# insensitive: +# - "sslclient", "SSL client", "SSL_client" or "client" +# - "any", "Any Purpose", "Any_Purpose" or "AnyPurpose" +# - "skip" or ""(empty): don`t check purpose. +#AllowedCertPurpose sslclient + +# Specifies whether self-issued(self-signed) X.509 certificate can be +# allowed only by entry in AutorizedKeysFile that contain matching +# public key or certificate blob. +#KeyAllowSelfIssued no + +# Specifies whether CRL must present in store for all certificates in +# certificate chain with atribute "cRLDistributionPoints" +#MandatoryCRL no + +# A file with multiple certificates of certificate signers +# in PEM format concatenated together. +#CACertificateFile /etc/ssh/ca/ca-bundle.crt + +# A directory with certificates of certificate signers. +# The certificates should have name of the form: [HASH].[NUMBER] +# or have symbolic links to them of this form. +#CACertificatePath /etc/ssh/ca/crt + +# A file with multiple CRL of certificate signers +# in PEM format concatenated together. +#CARevocationFile /etc/ssh/ca/ca-bundle.crl + +# A directory with CRL of certificate signers. +# The CRL should have name of the form: [HASH].r[NUMBER] +# or have symbolic links to them of this form. +#CARevocationPath /etc/ssh/ca/crl + +# LDAP protocol version. +# Example: +# CAldapVersion 2 + +# Note because of OpenSSH options parser limitation +# use %3D instead of = ! +# LDAP initialization may require URL to be escaped, i.e. +# use %2C instead of ,(comma). Escaped URL don't depend from +# LDAP initialization method. +# Example: +# CAldapURL ldap://localhost:389/dc%3Dexample%2Cdc%3Dcom + +# SSH can use "Online Certificate Status Protocol"(OCSP) +# to validate certificate. Set VAType to +# - none : do not use OCSP to validate certificates; +# - ocspcert: validate only certificates that specify `OCSP +# Service Locator' URL; +# - ocspspec: use specified in the configuration 'OCSP Responder' +# to validate all certificates. +#VAType none + +d112 15 +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d18 4 +a21 2 +# The default requires explicit activation of protocol 1 +#Protocol 2 +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@a25 1 +#HostKey /etc/ssh/ssh_host_ecdsa_key +a178 14 +# the following are HPN related configuration options +# tcp receive buffer polling. disable in non autotuning kernels +#TcpRcvBufPoll yes + +# allow the use of the none cipher +#NoneEnabled no + +# disable hpn performance boosts. +#HPNDisabled no + +# buffer size for hpn to non-hpn connections +#HPNBufferSize 2048 + + +@ diff --git a/config-archive/etc/ssl/openssl.cnf,v b/config-archive/etc/ssl/openssl.cnf,v new file mode 100644 index 0000000..21a579b --- /dev/null +++ b/config-archive/etc/ssl/openssl.cnf,v @@ -0,0 +1,338 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.1 +date 2010.10.04.20.57.59; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# +# OpenSSL example configuration file. +# This is mostly being used for generation of certificate requests. +# + +# This definition stops the following lines choking if HOME isn't +# defined. +HOME = . +RANDFILE = $ENV::HOME/.rnd + +# Extra OBJECT IDENTIFIER info: +#oid_file = $ENV::HOME/.oid +oid_section = new_oids + +# To use this configuration file with the "-extfile" option of the +# "openssl x509" utility, name here the section containing the +# X.509v3 extensions to use: +# extensions = +# (Alternatively, use a configuration file that has only +# X.509v3 extensions in its main [= default] section.) + +[ new_oids ] + +# We can add new OIDs in here for use by 'ca' and 'req'. +# Add a simple OID like this: +# testoid1=1.2.3.4 +# Or use config file substitution like this: +# testoid2=${testoid1}.5.6 + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = /etc/ssl/CA-Brehm # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several ctificates with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem # The private key +RANDFILE = $dir/private/.rand # private random number file + +x509_extensions = usr_cert # The extentions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 1875 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = sha1 # which md to use. +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 2048 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extentions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString. +# utf8only: only UTF8Strings. +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings +# so use this option with caution! +string_mask = nombstr + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = DE +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Berlin + +localityName = Locality Name (eg, city) + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Internet Widgits Pty Ltd + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +#organizationalUnitName_default = + +commonName = Common Name (eg, YOUR name) +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +[ v3_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +[ v3_ca ] + + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer:always + +# This is what PKIX recommends but some broken software chokes on critical +# extensions. +#basicConstraints = critical,CA:true +# So we do this instead. +basicConstraints = CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +# keyUsage = cRLSign, keyCertSign + +# Some might want this also +# nsCertType = sslCA, emailCA + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer:always + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo +@ diff --git a/config-archive/etc/ssl/openssl.cnf.dist.new b/config-archive/etc/ssl/openssl.cnf.dist.new new file mode 100644 index 0000000..9d2cd5b --- /dev/null +++ b/config-archive/etc/ssl/openssl.cnf.dist.new @@ -0,0 +1,350 @@ +# +# OpenSSL example configuration file. +# This is mostly being used for generation of certificate requests. +# + +# This definition stops the following lines choking if HOME isn't +# defined. +HOME = . +RANDFILE = $ENV::HOME/.rnd + +# Extra OBJECT IDENTIFIER info: +#oid_file = $ENV::HOME/.oid +oid_section = new_oids + +# To use this configuration file with the "-extfile" option of the +# "openssl x509" utility, name here the section containing the +# X.509v3 extensions to use: +# extensions = +# (Alternatively, use a configuration file that has only +# X.509v3 extensions in its main [= default] section.) + +[ new_oids ] + +# We can add new OIDs in here for use by 'ca', 'req' and 'ts'. +# Add a simple OID like this: +# testoid1=1.2.3.4 +# Or use config file substitution like this: +# testoid2=${testoid1}.5.6 + +# Policies used by the TSA examples. +tsa_policy1 = 1.2.3.4.1 +tsa_policy2 = 1.2.3.4.5.6 +tsa_policy3 = 1.2.3.4.5.7 + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several ctificates with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem# The private key +RANDFILE = $dir/private/.rand # private random number file + +x509_extensions = usr_cert # The extentions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = default # use public key default MD +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 1024 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extentions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString (PKIX recommendation before 2004) +# utf8only: only UTF8Strings (PKIX recommendation after 2004). +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings. +string_mask = utf8only + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Some-State + +localityName = Locality Name (eg, city) + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Internet Widgits Pty Ltd + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +#organizationalUnitName_default = + +commonName = Common Name (eg, YOUR name) +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This is required for TSA certificates. +# extendedKeyUsage = critical,timeStamping + +[ v3_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +[ v3_ca ] + + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer + +# This is what PKIX recommends but some broken software chokes on critical +# extensions. +#basicConstraints = critical,CA:true +# So we do this instead. +basicConstraints = CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +# keyUsage = cRLSign, keyCertSign + +# Some might want this also +# nsCertType = sslCA, emailCA + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo + +#################################################################### +[ tsa ] + +default_tsa = tsa_config1 # the default TSA section + +[ tsa_config1 ] + +# These are used by the TSA reply generation only. +dir = ./demoCA # TSA root directory +serial = $dir/tsaserial # The current serial number (mandatory) +crypto_device = builtin # OpenSSL engine to use for signing +signer_cert = $dir/tsacert.pem # The TSA signing certificate + # (optional) +certs = $dir/cacert.pem # Certificate chain to include in reply + # (optional) +signer_key = $dir/private/tsakey.pem # The TSA private key (optional) + +default_policy = tsa_policy1 # Policy if request did not specify it + # (optional) +other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) +digests = md5, sha1 # Acceptable message digests (mandatory) +accuracy = secs:1, millisecs:500, microsecs:100 # (optional) +clock_precision_digits = 0 # number of digits after dot. (optional) +ordering = yes # Is ordering defined for timestamps? + # (optional, default: no) +tsa_name = yes # Must the TSA name be included in the reply? + # (optional, default: no) +ess_cert_id_chain = no # Must the ESS cert id chain be included? + # (optional, default: no) diff --git a/config-archive/etc/sudoers,v b/config-archive/etc/sudoers,v new file mode 100644 index 0000000..77a3aa5 --- /dev/null +++ b/config-archive/etc/sudoers,v @@ -0,0 +1,267 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2010.11.30.22.41.08; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.09.08.20.36.51; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.09.08.20.37.24; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@## sudoers file. +## +## This file MUST be edited with the 'visudo' command as root. +## Failure to use 'visudo' may result in syntax or file permission errors +## that prevent sudo from running. +## +## See the sudoers man page for the details on how to write a sudoers file. +## + +## +## Host alias specification +## +## Groups of machines. These may include host names (optionally with wildcards), +## IP addresses, network numbers or netgroups. +# Host_Alias WEBSERVERS = www1, www2, www3 + +## +## User alias specification +## +## Groups of users. These may consist of user names, uids, Unix groups, +## or netgroups. +# User_Alias ADMINS = millert, dowdy, mikef + +## +## Cmnd alias specification +## +## Groups of commands. Often used to group related commands together. +# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \ +# /usr/bin/pkill, /usr/bin/top + +## +## Defaults specification +## +## You may wish to keep some of the following environment variables +## when running commands via sudo. +## +## Locale settings +# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" +## +## Run X applications through sudo; HOME is used to find the +## .Xauthority file. Note that other programs use HOME to find +## configuration files and this may lead to privilege escalation! +# Defaults env_keep += "HOME" +## +## X11 resource path settings +# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" +## +## Desktop path settings +# Defaults env_keep += "QTDIR KDEDIR" +## +## Allow sudo-run commands to inherit the callers' ConsoleKit session +# Defaults env_keep += "XDG_SESSION_COOKIE" +## +## Uncomment to enable special input methods. Care should be taken as +## this may allow users to subvert the command being run via sudo. +# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" +## +## Uncomment to enable logging of a command's output, except for +## sudoreplay and reboot. Use sudoreplay to play back logged sessions. +# Defaults log_output +# Defaults!/usr/bin/sudoreplay !log_output +# Defaults!/usr/local/bin/sudoreplay !log_output +# Defaults!/sbin/reboot !log_output + +## +## Runas alias specification +## + +## +## User privilege specification +## +root ALL=(ALL) NOPASSWD: ALL + +## Uncomment to allow members of group wheel to execute any command +%wheel ALL=(ALL) ALL + +## Same thing without a password +# %wheel ALL=(ALL) NOPASSWD: ALL + +## Uncomment to allow members of group sudo to execute any command +# %sudo ALL=(ALL) ALL + +## Uncomment to allow any user to run sudo if they know the password +## of the user they are running the command as (root by default). +# Defaults targetpw # Ask for the password of the target user +# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw' + +## Read drop-in files from /etc/sudoers.d +## (the '#' here does not indicate a comment) +#includedir /etc/sudoers.d +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 90 +a90 31 +# sudoers file. +# +# This file MUST be edited with the 'visudo' command as root. +# Failure to use 'visudo' may result in syntax or file permission errors +# that prevent sudo from running. +# +# See the sudoers man page for the details on how to write a sudoers file. +# + +# Host alias specification + +# User alias specification + +# Cmnd alias specification + +# Defaults specification + +# Runas alias specification + +# User privilege specification +root ALL=(ALL) ALL + +# Uncomment to allow people in group wheel to run all commands +# %wheel ALL=(ALL) ALL + +# Same thing without a password +# %wheel ALL=(ALL) NOPASSWD: ALL + +# Samples +# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom +# %users localhost=/sbin/shutdown -h now +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 31 +a31 90 +## sudoers file. +## +## This file MUST be edited with the 'visudo' command as root. +## Failure to use 'visudo' may result in syntax or file permission errors +## that prevent sudo from running. +## +## See the sudoers man page for the details on how to write a sudoers file. +## + +## +## Host alias specification +## +## Groups of machines. These may include host names (optionally with wildcards), +## IP addresses, network numbers or netgroups. +# Host_Alias WEBSERVERS = www1, www2, www3 + +## +## User alias specification +## +## Groups of users. These may consist of user names, uids, Unix groups, +## or netgroups. +# User_Alias ADMINS = millert, dowdy, mikef + +## +## Cmnd alias specification +## +## Groups of commands. Often used to group related commands together. +# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \ +# /usr/bin/pkill, /usr/bin/top + +## +## Defaults specification +## +## You may wish to keep some of the following environment variables +## when running commands via sudo. +## +## Locale settings +# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" +## +## Run X applications through sudo; HOME is used to find the +## .Xauthority file. Note that other programs use HOME to find +## configuration files and this may lead to privilege escalation! +# Defaults env_keep += "HOME" +## +## X11 resource path settings +# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" +## +## Desktop path settings +# Defaults env_keep += "QTDIR KDEDIR" +## +## Allow sudo-run commands to inherit the callers' ConsoleKit session +# Defaults env_keep += "XDG_SESSION_COOKIE" +## +## Uncomment to enable special input methods. Care should be taken as +## this may allow users to subvert the command being run via sudo. +# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" +## +## Uncomment to enable logging of a command's output, except for +## sudoreplay and reboot. Use sudoreplay to play back logged sessions. +# Defaults log_output +# Defaults!/usr/bin/sudoreplay !log_output +# Defaults!/usr/local/bin/sudoreplay !log_output +# Defaults!/sbin/reboot !log_output + +## +## Runas alias specification +## + +## +## User privilege specification +## +root ALL=(ALL) ALL + +## Uncomment to allow members of group wheel to execute any command +# %wheel ALL=(ALL) ALL + +## Same thing without a password +# %wheel ALL=(ALL) NOPASSWD: ALL + +## Uncomment to allow members of group sudo to execute any command +# %sudo ALL=(ALL) ALL + +## Uncomment to allow any user to run sudo if they know the password +## of the user they are running the command as (root by default). +# Defaults targetpw # Ask for the password of the target user +# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw' + +## Read drop-in files from /etc/sudoers.d +## (the '#' here does not indicate a comment) +#includedir /etc/sudoers.d +@ diff --git a/config-archive/etc/sudoers.dist b/config-archive/etc/sudoers.dist new file mode 100644 index 0000000..0d7760b --- /dev/null +++ b/config-archive/etc/sudoers.dist @@ -0,0 +1,90 @@ +## sudoers file. +## +## This file MUST be edited with the 'visudo' command as root. +## Failure to use 'visudo' may result in syntax or file permission errors +## that prevent sudo from running. +## +## See the sudoers man page for the details on how to write a sudoers file. +## + +## +## Host alias specification +## +## Groups of machines. These may include host names (optionally with wildcards), +## IP addresses, network numbers or netgroups. +# Host_Alias WEBSERVERS = www1, www2, www3 + +## +## User alias specification +## +## Groups of users. These may consist of user names, uids, Unix groups, +## or netgroups. +# User_Alias ADMINS = millert, dowdy, mikef + +## +## Cmnd alias specification +## +## Groups of commands. Often used to group related commands together. +# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \ +# /usr/bin/pkill, /usr/bin/top + +## +## Defaults specification +## +## You may wish to keep some of the following environment variables +## when running commands via sudo. +## +## Locale settings +# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" +## +## Run X applications through sudo; HOME is used to find the +## .Xauthority file. Note that other programs use HOME to find +## configuration files and this may lead to privilege escalation! +# Defaults env_keep += "HOME" +## +## X11 resource path settings +# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" +## +## Desktop path settings +# Defaults env_keep += "QTDIR KDEDIR" +## +## Allow sudo-run commands to inherit the callers' ConsoleKit session +# Defaults env_keep += "XDG_SESSION_COOKIE" +## +## Uncomment to enable special input methods. Care should be taken as +## this may allow users to subvert the command being run via sudo. +# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" +## +## Uncomment to enable logging of a command's output, except for +## sudoreplay and reboot. Use sudoreplay to play back logged sessions. +# Defaults log_output +# Defaults!/usr/bin/sudoreplay !log_output +# Defaults!/usr/local/bin/sudoreplay !log_output +# Defaults!/sbin/reboot !log_output + +## +## Runas alias specification +## + +## +## User privilege specification +## +root ALL=(ALL) ALL + +## Uncomment to allow members of group wheel to execute any command +# %wheel ALL=(ALL) ALL + +## Same thing without a password +# %wheel ALL=(ALL) NOPASSWD: ALL + +## Uncomment to allow members of group sudo to execute any command +# %sudo ALL=(ALL) ALL + +## Uncomment to allow any user to run sudo if they know the password +## of the user they are running the command as (root by default). +# Defaults targetpw # Ask for the password of the target user +# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw' + +## Read drop-in files from /etc/sudoers.d +## (the '#' here does not indicate a comment) +#includedir /etc/sudoers.d diff --git a/config-archive/etc/sudoers.dist.new b/config-archive/etc/sudoers.dist.new new file mode 100644 index 0000000..0d7760b --- /dev/null +++ b/config-archive/etc/sudoers.dist.new @@ -0,0 +1,90 @@ +## sudoers file. +## +## This file MUST be edited with the 'visudo' command as root. +## Failure to use 'visudo' may result in syntax or file permission errors +## that prevent sudo from running. +## +## See the sudoers man page for the details on how to write a sudoers file. +## + +## +## Host alias specification +## +## Groups of machines. These may include host names (optionally with wildcards), +## IP addresses, network numbers or netgroups. +# Host_Alias WEBSERVERS = www1, www2, www3 + +## +## User alias specification +## +## Groups of users. These may consist of user names, uids, Unix groups, +## or netgroups. +# User_Alias ADMINS = millert, dowdy, mikef + +## +## Cmnd alias specification +## +## Groups of commands. Often used to group related commands together. +# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \ +# /usr/bin/pkill, /usr/bin/top + +## +## Defaults specification +## +## You may wish to keep some of the following environment variables +## when running commands via sudo. +## +## Locale settings +# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" +## +## Run X applications through sudo; HOME is used to find the +## .Xauthority file. Note that other programs use HOME to find +## configuration files and this may lead to privilege escalation! +# Defaults env_keep += "HOME" +## +## X11 resource path settings +# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" +## +## Desktop path settings +# Defaults env_keep += "QTDIR KDEDIR" +## +## Allow sudo-run commands to inherit the callers' ConsoleKit session +# Defaults env_keep += "XDG_SESSION_COOKIE" +## +## Uncomment to enable special input methods. Care should be taken as +## this may allow users to subvert the command being run via sudo. +# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" +## +## Uncomment to enable logging of a command's output, except for +## sudoreplay and reboot. Use sudoreplay to play back logged sessions. +# Defaults log_output +# Defaults!/usr/bin/sudoreplay !log_output +# Defaults!/usr/local/bin/sudoreplay !log_output +# Defaults!/sbin/reboot !log_output + +## +## Runas alias specification +## + +## +## User privilege specification +## +root ALL=(ALL) ALL + +## Uncomment to allow members of group wheel to execute any command +# %wheel ALL=(ALL) ALL + +## Same thing without a password +# %wheel ALL=(ALL) NOPASSWD: ALL + +## Uncomment to allow members of group sudo to execute any command +# %sudo ALL=(ALL) ALL + +## Uncomment to allow any user to run sudo if they know the password +## of the user they are running the command as (root by default). +# Defaults targetpw # Ask for the password of the target user +# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw' + +## Read drop-in files from /etc/sudoers.d +## (the '#' here does not indicate a comment) +#includedir /etc/sudoers.d diff --git a/config-archive/etc/sysctl.conf,v b/config-archive/etc/sysctl.conf,v new file mode 100644 index 0000000..4bda203 --- /dev/null +++ b/config-archive/etc/sysctl.conf,v @@ -0,0 +1,95 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.06.07.07.29.30; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.06.07.07.32.55; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/sysctl.conf +# +# For more information on how this file works, please see +# the manpages sysctl(8) and sysctl.conf(5). +# +# In order for this file to work properly, you must first +# enable 'Sysctl support' in the kernel. +# +# Look in /proc/sys/ for all the things you can setup. +# + +# Disables packet forwarding +#net.ipv4.ip_forward = 0 +# Disables IP dynaddr +#net.ipv4.ip_dynaddr = 0 +# Disable ECN +#net.ipv4.tcp_ecn = 0 +# Enables source route verification +net.ipv4.conf.default.rp_filter = 1 +# Enable reverse path +net.ipv4.conf.all.rp_filter = 1 + +# Enable SYN cookies (yum!) +# http://cr.yp.to/syncookies.html +#net.ipv4.tcp_syncookies = 1 + +# Disable source route +#net.ipv4.conf.all.accept_source_route = 0 +#net.ipv4.conf.default.accept_source_route = 0 + +# Disable redirects +#net.ipv4.conf.all.accept_redirects = 0 +#net.ipv4.conf.default.accept_redirects = 0 + +# Disable secure redirects +#net.ipv4.conf.all.secure_redirects = 0 +#net.ipv4.conf.default.secure_redirects = 0 + +# Ignore ICMP broadcasts +#net.ipv4.icmp_echo_ignore_broadcasts = 1 + +# Disables the magic-sysrq key +#kernel.sysrq = 0 +# When the kernel panics, automatically reboot in 3 seconds +#kernel.panic = 3 +# Allow for more PIDs (cool factor!); may break some programs +#kernel.pid_max = 999999 + +# You should compile nfsd into the kernel or add it +# to modules.autoload for this to work properly +# TCP Port for lock manager +#fs.nfs.nlm_tcpport = 0 +# UDP Port for lock manager +#fs.nfs.nlm_udpport = 0 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d13 1 +a13 1 +net.ipv4.ip_forward = 0 +@ diff --git a/config-archive/etc/syslog-ng/syslog-ng.conf,v b/config-archive/etc/syslog-ng/syslog-ng.conf,v new file mode 100644 index 0000000..ae5ad15 --- /dev/null +++ b/config-archive/etc/syslog-ng/syslog-ng.conf,v @@ -0,0 +1,107 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.2 +date 2011.06.22.12.00.57; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.30.17.17.05; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@@@version: 3.0 +# $Header: /etc/syslog-ng/.rcs/syslog-ng.conf,v 1.1 2010/11/29 20:09:47 root Exp $ +# +# Syslog-ng default configuration file for Gentoo Linux + +options { + chain_hostnames(no); + flush_lines(0); + + # The default action of syslog-ng is to log a STATS line + # to the file every 10 minutes. That's pretty ugly after a while. + # Change it to every 12 hours so you get a nice daily update of + # how many messages syslog-ng missed (0). + stats_freq(43200); + perm(0640); +}; + +source src { + unix-stream("/dev/log" max-connections(256)); + internal(); + file("/proc/kmsg"); +}; + +destination d_messages { file("/var/log/syslog.d/$FACILITY"); }; +destination d_msg { file("/var/log/messages"); }; +destination d_debug { file("/var/log/debug.log"); }; +destination d_mail { file("/var/log/mail/$PROGRAM" create_dirs(yes)); }; + + +# By default messages are logged to tty12... +destination d_console_all { file("/dev/tty12"); }; +# ...if you intend to use /dev/console for programs like xconsole +# you can comment out the destination line above that references /dev/tty12 +# and uncomment the line below. +#destination console_all { file("/dev/console"); }; + +#destination d_sql { +# sql( type(mysql) +# host("localhost") username("syslog") password("Jafohn7a") +# database("syslog") +# table( "messages_${R_YEAR}_${R_MONTH}" ) +# columns( "datetime DATETIME", "facility VARCHAR(12)", "level VARCHAR(12)", +# "host VARCHAR(32)", "program VARCHAR(250)", "pid VARCHAR(8)", "message TEXT" ) +# values( "${R_YEAR}-${R_MONTH}-${R_DAY} ${R_HOUR}:${R_MIN}:${R_SEC}", "$FACILITY", "$LEVEL", +# "$HOST", "$PROGRAM", "$PID", "$MSGONLY" ) +# indexes( "datetime", "facility", "level", "host", "program" ) +# ); +#}; + +#log { source(src); destination(messages); }; +#log { source(src); destination(d_console_all); }; + +filter f_console { level( warn..emerg ); }; +filter f_messages { level(info..emerg) + and not facility(auth, authpriv, mail, news); }; +filter f_nocron { not ( facility(cron) and level(info) ); }; +filter f_mail { facility(mail); }; + + +log { source(src); destination(d_messages); }; +#log { source(src); destination(d_sql); }; +#log { source(src); destination(d_debug); }; +log { source(src); filter(f_console); destination(d_console_all); }; +log { source(src); filter(f_messages); destination(d_msg); }; +log { source(src); filter(f_mail); destination(d_mail); }; + +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.3,v 1.1 2010/04/06 02:11:35 mr_bones_ Exp $ +@ diff --git a/config-archive/etc/syslog-ng/syslog-ng.conf.dist.new b/config-archive/etc/syslog-ng/syslog-ng.conf.dist.new new file mode 100644 index 0000000..2589f2f --- /dev/null +++ b/config-archive/etc/syslog-ng/syslog-ng.conf.dist.new @@ -0,0 +1,37 @@ +@version: 3.2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.3.2,v 1.1 2011/01/18 17:44:14 mr_bones_ Exp $ +# +# Syslog-ng default configuration file for Gentoo Linux + +options { + chain_hostnames(no); + + # The default action of syslog-ng is to log a STATS line + # to the file every 10 minutes. That's pretty ugly after a while. + # Change it to every 12 hours so you get a nice daily update of + # how many messages syslog-ng missed (0). + stats_freq(43200); + # The default action of syslog-ng is to log a MARK line + # to the file every 20 minutes. That's seems high for most + # people so turn it down to once an hour. Set it to zero + # if you don't want the functionality at all. + mark_freq(3600); +}; + +source src { + unix-stream("/dev/log" max-connections(256)); + internal(); + file("/proc/kmsg"); +}; + +destination messages { file("/var/log/messages"); }; + +# By default messages are logged to tty12... +destination console_all { file("/dev/tty12"); }; +# ...if you intend to use /dev/console for programs like xconsole +# you can comment out the destination line above that references /dev/tty12 +# and uncomment the line below. +#destination console_all { file("/dev/console"); }; + +log { source(src); destination(messages); }; +log { source(src); destination(console_all); }; diff --git a/config-archive/etc/sysstat,v b/config-archive/etc/sysstat,v new file mode 100644 index 0000000..472d9ac --- /dev/null +++ b/config-archive/etc/sysstat,v @@ -0,0 +1,126 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2011.10.04.05.17.38; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2011.08.09.19.10.50; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2011.05.03.05.05.32; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.05.03.05.05.57; author root; state Exp; +branches; +next 1.1.1.2; + +1.1.1.2 +date 2011.08.09.19.10.50; author root; state Exp; +branches; +next 1.1.1.3; + +1.1.1.3 +date 2011.10.04.05.17.39; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@# sysstat-10.0.1 configuration file. + +# How long to keep log files (in days). +# If value is greater than 28, then log files are kept in +# multiple directories, one for each month. +HISTORY=7 + +# Compress (using gzip or bzip2) sa and sar files older than (in days): +COMPRESSAFTER=10 + +# Parameters for the system activity data collector (see sadc manual page) +# which are used for the generation of log files. +SADC_OPTIONS="" + +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# sysstat-10.0.0 configuration file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# sysstat-9.0.6.1 configuration file. +d10 4 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# sysstat-10.0.0 configuration file. +a10 4 +# Parameters for the system activity data collector (see sadc manual page) +# which are used for the generation of log files. +SADC_OPTIONS="" + +@ + + +1.1.1.2 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# sysstat-10.0.1 configuration file. +@ + + +1.1.1.3 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +# sysstat-10.0.2 configuration file. +@ diff --git a/config-archive/etc/texmf/texdoc.d/texdoc.cnf,v b/config-archive/etc/texmf/texdoc.d/texdoc.cnf,v new file mode 100644 index 0000000..de19ef9 --- /dev/null +++ b/config-archive/etc/texmf/texdoc.d/texdoc.cnf,v @@ -0,0 +1,866 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.30.05.08.59; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.30.05.10.50; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# texdoc.cnf +# +# Do not edit this file! Use one of the following files for you settings: +# TEXMFHOME/texdoc/texdoc-.cnf +# TEXMFHOME/texdoc/texdoc.cnf +# TEXMFLOCAL/texdoc/texdoc-.cnf +# TEXMFLOCAL/texdoc/texdoc.cnf +# where stands for your achitecture (eg, win32, i386-linux, +# powerpc-darwin). You can get this list with variables expanded by typing +# texdoc -f +# Those are read by texdoc in this order, and former values +# override later ones. +# +# In those files, you can set your preferred viewer for various formats, +# some nice names (alias) for specific documentation, and your preferred default +# values of texdoc's configuration settings. +# +# Everything after a # on a line is ignored. +# Spaces at the beginning/end of a line, as well as empty lines, are ignored. +# +# For more details, see the texdoc manual (try `texdoc texdoc'). + +### Viewer settings ### + +# Defaults are directly in texdoc.tlu. Here are some examples. +# %s stands for the filename. +# +# viewer_pdf = xpdf # works +# viewer_pdf = xpdf %s & # works even better + +### Other settings ### + +# Here are the defaults settings as they are in texdoc.tlu +# recalled here as example and reference +# +# mode = view +# interact_switch = true +# alias_switch = true # but false if mode is 'regex' +# ext_list = pdf, html, txt, ps , # note the empty string at end +# noise_level = 3 + +### Aliases ### + +## Essential documentation + +alias live = texlive-en +alias texlive = texlive-en +alias texdoc = texdoc/texdoc # avoid the man page to be displayed first + +## various stuff + +# a few useful general documents +alias mathmode = Mathmode +alias visualfaq = visualFAQ +alias symbols = symbols-a4 +alias faq-en = newfaq + +# various lshort translations (keep the obvious ones for the tests) +alias lshort = lshort-english/lshort # original +alias lshort-bg = lshort-bg # bulgarian +alias lshort-zh = lshort-zh-cn # chinese +alias lshort-nl = lshort-nl-1.3 # dutch +alias lshort-en = -english/lshort # english (original) +alias lshort-fi = lyhyt2e # finnish +alias lshort-fr = flshort-3.20 # french +alias lshort-de = l2kurz # german +alias lshort-it = itlshort # italian +alias lshort-ja = jlshort # japanese +alias lshort-mn = bogino.pdf # mongolian +alias lshort-pl = polish/lshort2e # polish +alias lshort-pt = ptlshort # portuguese +alias lshort-ru = lshortru # russian +alias lshort-sk = slshorte # slovak +alias lshort-sl = lshort-slovenian # slovenian +alias lshort-es = -spanish/lshort # spanish +alias lshort-th = lsh132 # thai +alias lshort-tr = lshort-tr # turkish +alias lshort-uk = lshort-ukr # ukrainian (package ukr, booh) +alias lshort-vi = lshort-vi # vietnamese + + +# *TeX engines reference manuals, man pages and related +alias etex-ref = etex_man +alias pdftex-ref = pdftex-a +alias luatex-ref = luatexref-t +alias etex-man = man1/etex +alias pdftex-man = man1/pdftex. +#alias luatex-man = man1/luatex #??? +alias luatex-pkg = oberdiek/luatex.pdf + +# ams +alias amsmath = amsldoc +alias amscls = instr-l +alias amsart = instr-l +alias amsproc = instr-l +alias amsbook = instr-l +alias amsthm = amsthdoc +alias amsfonts = amsfndoc +alias amsrefs = amsrdoc +# +alias amsmath-dev = amsmath +alias amscls-dev = amsclass +alias amsart-dev = amsclass +alias amsproc-dev = amsclass +alias amsbook-dev = amsclass + +# koma-script +alias koma-script = scrguien +alias koma = scrguien +alias scrartcl = scrguien +alias scrreprt = scrguien +alias scrbook = scrguien +alias typearea = scrguien +# +alias koma-script-de = scrguide +alias koma-de = scrguide +alias scrartcl-de = scrguide +alias scrreprt-de = scrguide +alias scrbook-de = scrguide +alias typearea-de = scrguide + +# tugboat package and classes +alias tugboat = ltubguid +alias tugboat-plain = tubguide +alias ltugboat = ltubguid +alias ltugproc = ltubguid + +# misc +alias fontinst = fontinstallationguide +alias psfrag = pfgguide +alias bibtex = btxdoc +alias IEEEtran = IEEEtran_HOWTO +alias shortvrb = base/doc. +alias metapost = mpman +alias iso = isoman +alias pstricks = pstricks-doc + +## a few easy patterns + +# egrep 'manual\.pdf\>' docfiles.list +alias cjhebrew = cjhebrew/manual +alias geomsty = geomsty/manual +alias elpres = elpres-manual +alias interactiveworkbook = interactiveworkbookmanual +alias msc = msc/manual +alias pdfslide = pdfslide/manual +alias pdftricks = pdftricks/manual +alias pst-qtree = pst-qtree-manual +alias sciposter = scipostermanual +alias sectionbox = sectionboxmanual +alias t-angles = t-manual +alias texmate = texmate2manual +alias tree-dvips = tree-manual +alias lingmacros = lingmacros-manual +alias velthuis = velthuis/manual +alias wallpaper = wallpapermanual + +# egrep 'user\.pdf\>' docfiles.list +alias cweb-latex = cweb-user +alias footnpag = footnpag-user +alias seminar = sem-user +alias rcs = rcs-user + +# egrep 'doc\.pdf\>' docfiles.list +alias testflow = testflow_doc +alias arev = arevdoc +alias barcode = eandoc.pdf +alias barr = diaxydoc.pdf +alias clock = clockdoc +alias doublestroke = dsdoc.pdf +alias enctex = encdoc-e +alias enctex-cz = encdoc +alias ethiop = ethiodoc +alias exam = examdoc +alias fax = faxdoc +alias sig = sigdoc +alias fge = fge-doc +alias figbib = figbib_doc +alias greektex = greektexdoc +alias gu = gudoc +alias hitec = hitec_doc +alias hyplain = hydoc.pdf +alias jurabib = jbendoc +alias jurabib-de = jbgerdoc +alias juramisc = jmgerdoc +alias mathdesign = mathdesign-doc +alias linguex = linguex-doc +alias marvosym = marvodoc +alias mciteplus = mciteplus_doc +alias musixtex = generic/musixtex/musixdoc.pdf +alias mwcls = mwclsdoc +alias ofs = ofsdoc-e +alias ofs-cz = ofsdoc-e +alias petiteannonce = petiteannonce.doc.pdf +alias petri-nets = pndoc +alias pgf-soroban = pgf-soroban-doc +alias pinlabel = pinlabdoc +alias prosper = prosper-doc +alias pst-3dplot = pst-3dplot-doc +alias pst-asr = pst-asr-doc +alias pst-bar = pst-bar-doc +alias pst-barcode = pst-barcode-doc +alias pst-circ = pst-circ-doc +alias pst-coil = pst-coil-doc +alias pst-coxcoor = pst-coxcoor_doc +alias pst-coxeterp = pst-coxeterp_doc +alias pst-eps = pst-eps-doc +alias pst-fractal = pst-fractal-doc +alias pst-fun = pst-fun-doc +alias pst-func = pst-func-doc +alias pst-geo = pst-map3d-doc +alias pst-grad = pst-grad-doc +alias pst-jtree = pst-jtree-doc +alias pst-light3d = pst-light3d-doc +alias pst-math = pst-math-doc +alias pst-optexp = pst-optexp-doc +alias pst-optic = pst-optic-doc +alias pst-osci = pst-osci-doc +alias pst-pad = pst-pad-doc +alias pst-solides3d = pst-solides3d-doc +alias pst-soroban = pst-soroban-doc +alias pst-stru = pst-stru-doc +alias pst-text = pst-text-doc +alias pst-uml = pst-uml-doc +alias pst-vue3d = pst-vue3d-doc +alias pstricks-add = pstricks-add-doc +alias pxfonts = pxfontsdocA4 +alias rotpages = rotpages-doc +alias sanskrit = sktdoc +alias sdrt = sdrt-doc +alias synproof = synproof-doc +alias talk = talkdoc +alias teubner = teubner-doc +alias tikz-inet = tikz-inet-doc +alias toptesi = toptesi-doc +alias txfonts = txfontsdocA4 +alias uebungsblatt = uebungsblatt-doc +alias upmethodology = upmethodology-doc +alias wasy = wasydoc +alias xyling = xyli-doc + +## aliases basically borrowed from texdoctk.dat with some adaptations + +alias texguide = usrguide +alias lehman = fontinstallationguide +alias uktugfaq = newfaq +alias ttf = ttf-tetex +alias datenumber = datenumber/doc. +alias datenumber-de = datenumber/docgerman +alias index = ind +alias genfont1 = fntguide +alias psnfss = psnfss2e +alias plnfss = plnfss.txt +alias AMSfonts = amsfndoc +alias astro = astrosym.txt +alias belleek = belleek/README +alias braille = braille/summary +alias brushscr = brushscr/AAA_readme +alias ocherokee = cherokee +alias cmsuper = cm-super/README +alias euro = eurosamp +alias fourier = fourier-doc-en +alias lmfonts = lm-info +alias skt = sktdoc +alias type1cm = type1cm.txt +alias t1enc1 = fontsmpl +alias yfonts = yfonts/readme +alias mfpic1 = mfpguide +alias china2e = chinadoc +alias dutch = rapdoc +alias montex = mlsquick +alias MeX = base/mex.html +alias gentlpl = gentl-pl +alias lshortpl = lshort-polish/lshort2e +alias akademia = tex-virtual-academy-pl/index.html +alias cyrillic = cyrillic/00readme.txt +alias otibet = otibet/unidoc +alias vntex = vntex.txt +alias UserGroups = usergrps.html +alias memoir = memman +alias geometry = geometry/manual +alias layouts = layman +alias texsis = texsis/base/README +alias startex = startex/base/guide +alias overpic = opic-rel +alias apmgraph = pmgraph +alias graphics = graphics/grfguide +alias metapost0 = metapost/base/mpintro +alias metapost1 = metapost/base/mpman +alias metapost2 = metapost/base/mpgraph +alias metaobj = momanual +alias pgf = pgfmanual +alias treetex = tree_doc +alias PSfrag = pfgguide +alias rst = rst-package +alias xypic1 = xyguide +alias xypic2 = xyrefer +alias pbdiagram = pb-manual +alias expressg = expeg +alias bardiag = bardiag.ps +alias texpower = texpower/manual +alias prosper1 = prosper-tour +alias beamer = beameruserguide +alias ifmslide = ifmman +alias arydshln = arydshln-man +alias easytable = easy/doc.dvi/doctable +alias multirow = multirow/README +alias titletoc = titlesec +alias custom-bib = custom-bib/makebst +alias ascelike = ascexmpl +alias easybib = easy/doc.dvi/docbib +alias natbib2 = natnotes +alias adrconv = adrguide +alias AMSlatex = amsldoc +alias amslatex2 = technote +alias easyvector = easy/doc.dvi/docvector +alias tangles = t-angles/t-manual +alias mathenv = mdwtab +alias easyeqn = easy/doc.dvi/doceqn +alias easymat = easy/doc.dvi/docmat +alias easybmat = easy/doc.dvi/docbmat +alias nath = nathguide +alias gauss = gauss-doc +alias gnlogic = gn-logic14 +alias footnote1 = mdwtools/footnote +alias footnote2 = yafoot/yafoot-man +alias umoline = umoline-man +alias labels1 = envlab/elguide +alias ticket = ticket/manual +alias newvbtm = newvbtm-man +alias lineno = ulineno +alias akletter = akletter/lettereng +alias isorot = isorot/rotman +alias MLTeX = mltex/mltex.txt +alias ecards = eCardsman +alias flcards = flashcards +alias tex4ht = tex4ht/mn.html +alias ppower4 = ppower4/report +alias pdfscreen = pdfscreen/manual-print +alias latex3 = ltx3info +alias latex3p = expl3/expl3 +alias cjk = CJK +alias xmltex = xmltex/base/manual.html +alias jadetex = jadetex/base/releasenotes +alias musixlyr = mxlyrdoc +alias musictex = musicdoc +alias acmtrans = acmtr2e +alias aastex = aastex/aasguide +alias ieee = IEEEtran_HOWTO +alias ieeepes = ieeepes_doc +alias nrc = nrc/userguide +alias kluwer = kluwer/usrman +alias smflatex = smflatex/e-doc +alias spie = spie/article +alias psgo = psgo/README +alias skak = skak/skakdoc.ps +alias cv = curve/curve +alias preprint = preprint/00readme.txt +alias sffms = sffms_manual +alias siunits = SIunits + +## packages from ctan/macros/latex/contrib/misc +# hope they all contain comments... +# anyway, this is quite bad and should be changed some day + +alias 2in1 = 2in1.sty +alias 3parttable = 3parttable.sty +alias a4wide = a4wide.sty +alias a5comb = a5comb.sty +alias acromake = acromake.sty +alias advdate = advdate.sty +alias anonchap = anonchap.sty +alias askinclude = askinclude.sty +alias authoraftertitle = authoraftertitle.sty +alias bibcheck = bibcheck.sty +alias block = block.sty +alias bold-extra = bold-extra.sty +alias boxedminipage = boxedminipage.sty +alias braket = braket.sty +alias breakcites = breakcites.sty +alias cancel = cancel.sty +alias captdef = captdef.sty +alias capt-of = capt-of.sty +alias cases = cases.sty +alias changepage = changepage.sty +alias chbibref = chbibref.sty +alias chngcntr = chngcntr.sty +alias circle = circle.sty +alias concrete = concrete.sty +alias dblfloatfix = dblfloatfix.sty +alias endnotes = endnotes.sty +alias excludeonly = excludeonly.sty +alias fn2end = fn2end.sty +alias fncylab = fncylab.sty +alias fnpara = fnpara.sty +alias framed = framed.sty +alias ftcap = ftcap.sty +alias fwlw = fwlw.sty +alias hypernat = hypernat.sty +alias ifmtarg = ifmtarg.sty +alias import = import.sty +alias isonums = isonums.sty +alias kix = kix.sty +alias linsys = linsys.sty +alias listing = listing.sty +alias magaz = magaz.sty +alias midpage = midpage.sty +alias mitpress = mitpress.sty +alias morefloats = morefloats.sty +alias needspace = needspace.sty +alias nextpage = nextpage.sty +alias nolbreaks = nolbreaks.sty +alias notoccite = notoccite.sty +alias optional = optional.sty +alias oubraces = oubraces.sty +alias parskip = parskip.sty +alias path = path.sty +alias printlen = printlen.sty +alias relsize = relsize.sty +alias romanneg = romanneg.sty +alias sansmath = sansmath.sty +alias secdot = secdot.sty +alias section = section.sty +alias selectp = selectp.sty +alias sepnum = sepnum.sty +alias shadow = shadow.sty +alias showtags = showtags.sty +alias sphack = sphack.sty +alias statex2 = statex2.sty +alias statex = statex.sty +alias subfigmat = subfigmat.sty +alias tabls = tabls.sty +alias texilikecover = texilikecover.sty +alias threeparttable = threeparttable.sty +alias thrmappendix = thrmappendix.sty +alias titleref = titleref.sty +alias topcapt = topcapt.sty +alias truncate = truncate.sty +alias ulem = ulem.sty +alias underscore = underscore.sty +alias url = url.sty +alias varwidth = varwidth.sty +alias verbasef = verbasef.sty +alias verbdef = verbdef.sty +alias version = version.sty +alias vertbars = vertbars.sty +alias vrbexin = vrbexin.sty +alias vruler = vruler.sty + +# vim: ts=8 noexpandtab: +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 10 +a12 1 +# DO NOT edit this file! +d14 1 +a14 10 +# For your personal or local setting, if you are a normal user, run 'texdoc -f' +# and use the file indicated by a star. You may need to create it. DO NOT copy +# the present file, please create a new one (you may want to copy/paste/edit +# portions of the present file however, or just read it for inspiration). +# +# For system-wide configuration or other uses, you may want to use the other +# files listed, see the manual (texdoc texdoc) for details. The files are read +# in the order they are printed. If a value is set multiple times, first wins. +# +# In those files, you can set your preferred viewer for various formats, +d18 1 +a18 1 +# Everything after a # on a line is ignored. +d25 5 +a29 37 +# Defaults depend on what is available on you system, as well as you desktop +# environment. Here are a few examples. +# +# %s is optional and stands for the filename. +# +# viewer_pdf = xpdf # works +# viewer_pdf = xpdf %s & # works even better + +# If you want to enable support for zipped documentation (see below), +# you may want to adapt viewer_* so that it starts a subshell: +# +# viewer_pdf = (xpdf %s) & +# +# Otherwise, the & will have no effect since the viewing command is followed by +# some cleanup-commands for temporary files. For the same reason, %s must be the +# last thing on your command line: (xpdf %s -option) will not work. +# +# WARNING: for zip support your viewer needs to be blocking, i.e. it must not +# return immediately: otherwise the temporary file will be deleted too early. + +### Zipped documentation support ### + +# WARNING: support for zipped documents works only on Unix. Make sure that the +# values of the associated options are adapted to your system. Read the above +# warning concerning viewers. + +# Built-in defaults (for reference): +# +# zipext_list = # (empty list) +# rm_file = rm -f +# rm_dir = rmdir +# +# For each "ext" in zipext_list, you must define a "unzip_ext" unzipper. +# The unzipped data must be printed on stdout. Example: +# +# zipext_list = gz +# unzip_gz = gzip -d -c +d33 2 +a34 1 +# Built-in defaults (for reference): +a36 1 +# +d38 3 +a40 80 +# machine_switch = false +# +# verbosity_level = 2 # Print: 0 nothing, 1 errors, 2 warnings, 3: infos +# debug_list = # the empty list +# +# ext_list = pdf, html, txt, ps, dvi, # Note: empty string at end +# badext_list = txt, # Note: empty string at end +# basename_list = readme +# badbasename_list = readme + +## Known suffixes for documentation +suffix_list = doc, -doc, _doc, .doc, /doc, manual, /manual, -manual, userguide, /user_guide, -guide, -user, -man, notes + +### Score ### + +# Only results with positive scores are displayed (unless mode is 'showall'). +# Results with score <= -100 are never displayed. +# +# You can adjust the score of results containing a pattern with adjscore, +# either globally or only for specific keywords + +# Makefile's are never documentation, just as documents in src or source subdir +# -1000 should be enough to kill them +adjscore /Makefile = -1000 +adjscore /src/ = -1000 +adjscore /source/ = -1000 + +# licence files aren't very likely to contain relevant documentation, but it +# feels wrong to totally kill them... +adjscore copying = -10 +adjscore license = -10 +adjscore gpl = -10 + +# tex-virtual-academy provides a lot of fake matches +adjscore /tex-virtual-academy-pl/ = -50 + +# test and example files are not likely the best documentation +adjscore test = -3 +adjscore example = -3 +adjscore sample = -3 + +# readme's usually deserve a negative score because they have a bad extension, +# but they're still slightly better than other results with negative scores... +adjscore readme = 0.1 + +# Uncomment this to make the man pages have a greater priority +#adjscore .man1. = 5 +#adjscore .man5. = 5 + +# 'texdoc' may look like "tex's documentation" but it isn't... +adjscore(tex) texdoc = -10 +adjscore(tex) tex-gyre = -10 +adjscore(tex) tex-ps = -10 + +# avoid too many results to be shown for 'latex' +# package names +adjscore(latex) guide-to-latex = -10 # only usefull with the book +adjscore(latex) latex-web-companion = -10 +adjscore(latex) tufte-latex = -10 +adjscore(latex) cweb-latex = -10 +adjscore(latex) duerer-latex = -10 +adjscore(latex) cjw-latex = -10 +adjscore(latex) ocr-latex = -10 +# file names +adjscore(latex) Content_LaTeX_Package_Demo = -10 +adjscore(latex) example_latex = -10 +adjscore(latex) test_latex = -10 + +# beamer +adjscore(beamer) beamer-tut-pt = -10 +adjscore(beamer) beamer-tut-pt/tutorialbeamer = +10 +adjscore(beamer) presentations = -10 +adjscore(beamer) beamer-FUBerlin = -3 + +# context +adjscore(context) circuitikz = -10 + +# it is also possible to set the score directly in alias directives +# eg, fontinstallationguide is related to fontinst: +alias(0.1) fontinst = fontinstallationguide +d48 1 +a48 1 +alias latex = latex-doc-ptr +d53 3 +a56 2 +alias faq = newfaq +adjscore(symbols) /staves/ = -5 +d58 23 +a80 7 +# various lshort translations +adjscore(lshort) /lshort-english/ = +3 # original +alias lshort-de = l2kurz # german +alias lshort-pl = lshort-polish/lshort2e # polish +alias lshort-pt = ptlshort # portuguese +alias lshort-sk = slshorte # slovak +alias lshort-es = lshort-spanish/lshort # spanish +a82 1 +alias e-tex-ref = etex_man +d86 3 +a88 4 +alias etex-man = etex.man1 +alias pdftex-man = pdftex.man1 +#alias xetex-man = xetex.man1 # should exist... +alias luatex-man = luatex.man1 +d91 1 +a91 58 +# by default, = -ref (duplicated: no alias cascading) +alias e-tex = etex_man +alias etex = etex_man +alias xetex = XeTeX-reference +alias luatex = luatexref-t + +# latex/basic classes +alias article = classes +alias report = classes +alias book = classes +#alias ltxguide = ??? +#alias minimal = ??? +adjscore(minimal) europecv = -1000 # false positive + +# latex/basic packages, grouped by dtx +alias bezier = latex209 +alias fleqn = latex209 +alias leqno = latex209 +alias openbib = latex209 +alias t1enc = latex209 +alias fix-cm = fixltx2e +alias flafter = source2e +alias tracefnt = source2e +alias fontenc = source2e +alias textcomp = source2e +alias(20) fontenc = encguide +alias(20) textcomp = encguide +alias makeidx = makeindx +alias showidx = makeindx +alias letter = base/letter +alias slides = base/slides +alias shortvrb = base/doc +alias doc = base/doc +# TODO: try to avoid the huge amount of false positives for `doc' itself. + +# latex's required graphics bundle +alias graphics = grfguide +alias graphicx = grfguide +alias color = grfguide +alias epsfig = grfguide + +# latex's required psnfss2e bundle +alias mathpazo = psnfss2e +alias mathptmx = psnfss2e +alias helvet = psnfss2e +alias avant = psnfss2e +alias courier = psnfss2e +alias chancery = psnfss2e +alias bookman = psnfss2e +alias newcent = psnfss2e +alias charter = psnfss2e +alias times = psnfss2e +alias palatino = psnfss2e +alias mathptm = psnfss2e +alias mathpple = psnfss2e +alias utopia = psnfss2e + +# ams +d93 4 +a99 1 +alias amslatex2 = technote +d114 1 +d124 3 +a126 4 + +# caption +alias caption = caption-eng +alias caption-dev = caption.pdf +d129 2 +a130 2 +alias hyperref = hyperref/manual.pdf +alias hyperref-dev = hyperref.pdf +d132 2 +a134 2 +alias(5) metapost = mpintro +alias(5) metapost = mpgraph +a136 16 +alias xstring-fr = xstring_doc_fr +alias isomath = isomath.sty.pdf +alias elsarticle = elsdoc +alias afoot = arabtex-doc +alias vntex = vntex # umbrella document (manual comes first due to catalogue) +alias asymptote = asymptote # not mentioned in the catalogue currently +alias nonfloat = nonfloat-en +alias nonfloat-de = nonfloat +alias subdocs = bezos +alias dotlessi = bezos +alias checkend = bezos +alias arabicfont = bezos +alias cm-super = cm-super/README +alias cmsuper = cm-super/README +alias(5) cmsuper = cm-super/FAQ +alias cyrillic = cyrillic/00readme.txt +d138 1 +a138 1 +## a few easy patterns +d140 11 +a150 1 +# egrep 'manual\.pdf\>' +d152 1 +d154 3 +d158 1 +a158 1 +# egrep 'user\.pdf\>' +d160 7 +a166 2 + +# egrep 'doc\.pdf\>' +d168 4 +d173 11 +d185 7 +d193 18 +a210 1 +alias ofs-cz = ofsdoc +d212 29 +a240 4 +alias german = gerdoc +alias ngerman = gerdoc +alias pst-eucl = pst-eucl/euclide_english +alias pst-eucl-fr = pst-eucl/euclide +d247 2 +d251 1 +d253 8 +d262 1 +d264 6 +d272 5 +a276 1 +alias(60) akademia = tex-virtual-academy-pl/index.html +d278 6 +d285 1 +d287 6 +a292 1 +alias tikz = pgfmanual +d294 4 +a297 1 +alias(5) xypic = xyrefer +d300 5 +d306 6 +d313 4 +d319 5 +d325 6 +a330 1 +alias labels(1) = envlab/elguide +d333 3 +a335 1 +alias mltex = mltex/mltex.txt +d339 1 +d341 5 +d347 5 +d353 4 +d359 2 +a360 1 +alias onrannual = onrannual/README +d362 87 +a448 1 +## packages from ctan/macros/latex/contrib/misc or with doc in .sty only +d450 1 +a450 50 +# the score used is 4.1 because: +# - it is less than 4.5, the default score of foobar/foobar.pdf for name foobar +# - it is greater than the worse false positive here (.../VERSION for version) +# +# Anyway, this is a hopefully a temporary measure, since work is going on to +# produce suitable documentation for all these packages (thanks to Philipp +# Stephani and Robin Fairbairns mostly). + +alias(4.1) 3parttable = 3parttable.sty +alias(4.1) bibcheck = bibcheck.sty +alias(4.1) concrete = concrete.sty +alias(4.1) linsys = linsys.sty +alias(4.1) mitpress = mitpress.sty +alias(4.1) morefloats = morefloats.sty +alias(4.1) nextpage = nextpage.sty +alias(4.1) parskip = parskip.sty +alias(4.1) path = path.sty +alias(4.1) printlen = printlen.sty +alias(4.1) relsize = relsize.sty +alias(4.1) romanneg = romanneg.sty +alias(4.1) secdot = secdot.sty +alias(4.1) section = section.sty +alias(4.1) selectp = selectp.sty +alias(4.1) sepnum = sepnum.sty +alias(4.1) shadow = shadow.sty +alias(4.1) showtags = showtags.sty +alias(4.1) sphack = sphack.sty +alias(4.1) statex2 = statex2.sty +alias(4.1) statex = statex.sty +alias(4.1) subfigmat = subfigmat.sty +alias(4.1) texilikecover = texilikecover.sty +alias(4.1) thrmappendix = thrmappendix.sty +alias(4.1) topcapt = topcapt.sty +alias(4.1) varwidth = varwidth.sty +alias(4.1) verbasef = verbasef.sty +alias(4.1) version = version.sty +alias(4.1) vertbars = vertbars.sty +alias(4.1) vrbexin = vrbexin.sty +alias(4.1) wrapfig = wrapfig.sty +alias(0) theoremref = theoremref.sty +alias(0) shadethm = shadethm.sty + +# The next line has no effect when this file is installed as the last +# configuration file (default) but is useful when you install it as the "tricky" +# configuration file (usually TEXMFHOME/texdoc/texdoc-dist.cnf) whose mere +# existence is a hack to make it easier to run the the development version, see +# . +# +# It is strongly recommended NOT to use it in any other circumstance. +lastfile_switch = true +@ diff --git a/config-archive/etc/texmf/texmf.d/00header.cnf,v b/config-archive/etc/texmf/texmf.d/00header.cnf,v new file mode 100644 index 0000000..b408bf5 --- /dev/null +++ b/config-archive/etc/texmf/texmf.d/00header.cnf,v @@ -0,0 +1,93 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.29.21.27.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.29.21.27.08; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@% original texmf.cnf -- runtime path configuration file for kpathsea. +% Public domain. +% +% What follows is a super-summary of what this .cnf file can +% contain. Please read the Kpathsea manual for more information. +% +% Any identifier (sticking to A-Za-z_ for names is safest) can be assigned. +% The `=' (and surrounding spaces) is optional. +% $foo (or ${foo}) in a value expands to the envvar or cnf value of foo. +% +% Earlier entries (in the same or another file) override later ones, and +% an environment variable foo overrides any texmf.cnf definition of foo. +% +% All definitions are read before anything is expanded, so you can use +% variables before they are defined. +% +% If a variable assignment is qualified with `.PROGRAM', it is ignored +% unless the current executable (last filename component of argv[0]) is +% named PROGRAM. This foo.PROGRAM construct is not recognized on the +% right-hand side. For environment variables, use FOO_PROGRAM. +% +% Which file formats use which paths for searches is described in the +% various programs' and the kpathsea documentation. +% +% // means to search subdirectories (recursively). +% A leading !! means to look only in the ls-R db, never on the disk. +% In this file, either ; or : can be used to separate path components. +% A leading/trailing/doubled path separator in the paths will be +% expanded into the compile-time default. Probably not what you want. +% +% You can use brace notation, for example: /usr/local/{mytex,othertex} +% expands to /usr/local/mytex:/usr/local/othertex. Instead of the comma +% you can use the path separator: /usr/local/{mytex:othertex} also expands +% to /usr/local/mytex:/usr/local/othertex. + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 1 +a3 7 +% +% If you modify this original file, YOUR CHANGES WILL BE LOST when it is +% updated. Instead, put your changes -- and only your changes, not an +% entire copy of the full texmf.cnf! -- in ../../texmf.cnf. That is, if +% this file is installed in /some/path/to/texlive/2011/texmf/web2c/texmf.cnf, +% add your custom settings to /some/path/to/texlive/2011/texmf.cnf. +% +a9 1 +% Long lines can be continued with a \. +d23 1 +a23 1 +% various programs' and the Kpathsea documentation (http://tug.org/kpathsea). +d31 4 +a34 3 +% Brace notation is supported, for example: /usr/local/{mytex,othertex} +% expands to /usr/local/mytex:/usr/local/othertex. We make extensive +% use of this. +@ diff --git a/config-archive/etc/texmf/texmf.d/05searchpaths.cnf,v b/config-archive/etc/texmf/texmf.d/05searchpaths.cnf,v new file mode 100644 index 0000000..7711f24 --- /dev/null +++ b/config-archive/etc/texmf/texmf.d/05searchpaths.cnf,v @@ -0,0 +1,235 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.29.21.27.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.29.21.27.14; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@% Part 1: Search paths and directories. + +% You can set an environment variable to override TEXMF if you're testing +% a new TeX tree, without changing anything else. +% +% You may wish to use one of the $SELFAUTO... variables here so TeX will +% find where to look dynamically. See the manual and the definition +% below of TEXMFCNF. + +% The tree containing the runtime files closely related to the specific +% program version used: +TEXMFMAIN = $SELFAUTODIR/share/texmf + +% The main distribution tree: +TEXMFDIST = $SELFAUTODIR/share/texmf-dist + +% The Gentoo site tree +TEXMFSITE = $SELFAUTODIR/share/texmf-site + +% Our documentation-only tree, arranged by language: +TEXMFDOC = $SELFAUTODIR/share/texmf-doc + +% A place for local additions to a "standard" texmf tree. +% This tree is not used for local configuration maintained by +% texconfig, it uses TEXMFCONFIG below. +TEXMFLOCAL = $SELFAUTODIR/local/share/texmf + +% TEXMFSYSVAR, where texconfig-sys stores variable runtime data. +% With teTeX-3.0 or later, this must be set. +% For sharing this tree with $TEXMFMAIN: +% TEXMFSYSVAR = $TEXMFMAIN +% For using a separate tree: +% TEXMFSYSVAR = $SELFAUTOPARENT/texmf-var +% On Gentoo you should not modify this value, the different +% ebuilds will install their format files there. +% If you do modify it, you'll have to face the consequences of having format +% files out of control of the package manager. +TEXMFSYSVAR = $SELFAUTOPARENT/var/lib/texmf + +% TEXMFSYSCONFIG, where texconfig-sys stores configuration data. +% With teTeX-3.0 or later, this must be set. +% For sharing this tree with $TEXMFMAIN: +% TEXMFSYSCONFIG = $TEXMFMAIN +% For using a separate tree: +% TEXMFSYSCONFIG = $SELFAUTOPARENT/texmf-config +TEXMFSYSCONFIG = $SELFAUTOPARENT/etc/texmf + +% User texmf trees are allowed as follows. +% This used to be HOMETEXMF. +TEXMFHOME = ~/texmf + +% TEXMFVAR, where texconfig stores variable runtime data. +% With teTeX-3.0 or later, this must be set. +% For sharing this tree with $TEXMFMAIN: +% TEXMFVAR = $TEXMFMAIN +% For using a separate tree: +% TEXMFVAR = ~/.texmf-var # teTeX 3.0 default +TEXMFVAR = ~/.texlive2008/texmf-var + +% TEXMFCONFIG, where texconfig stores configuration data. +% With teTeX-3.0 or later, this must be set. +% For sharing this tree with $TEXMFMAIN: +% TEXMFCONFIG = $TEXMFMAIN +% For using a separate tree: +% TEXMFCONFIG = ~/.texmf-config # teTeX 3.0 default +% For using a separate tree: +% TEXMFCONFIG = $SELFAUTOPARENT/texmf-config +TEXMFCONFIG = ~/.texlive2008/texmf-config + +% Now, list all the texmf trees. If you have multiple trees you can +% use shell brace notation, like this: +% TEXMF = {$TEXMFHOME,!!$TEXMFLOCAL,!!$TEXMFMAIN} +% The braces are necessary. +% +% For texconfig to work properly, TEXMFCONFIG and TEXMFVAR should be named +% explicitly and before all other trees. +% +% TEXMFLOCAL follows TEXMFMAIN (and precedes TEXMFDIST) because the only +% files in TEXMFMAIN are tightly coupled with the particular version of +% the distribution, such as format files. Overriding them would be more +% likely to cause trouble than help. On the other hand, all the +% standard packages and fonts are in TEXMFDIST, and locally-installed +% versions should take precedence over those (although it is generally a +% source of confusion to have different versions of a package installed, +% whatever the trees, so try to avoid it). +TEXMF = {$TEXMFCONFIG,$TEXMFVAR,$TEXMFHOME,!!$TEXMFSYSCONFIG,!!$TEXMFSYSVAR,!!$TEXMFMAIN,!!$TEXMFLOCAL,!!$TEXMFSITE,!!$TEXMFDIST} + +% The system trees. These are the trees that are shared by all the users. +% If a tree appears in this list, the mktex* scripts will use +% VARTEXFONTS for generated files, if the original tree isn't writable; +% otherwise the current working directory is used. +SYSTEXMF = $TEXMFSYSVAR;$TEXMFMAIN;$TEXMFLOCAL;$TEXMFSITE;$TEXMFDIST + +% We use GLOBALVARTEXFONTS in order to always be able to search in the global +% font cache even if VARTEXFONTS is overridden. +GLOBALVARTEXFONTS = $SELFAUTOPARENT/var/cache/fonts + +% Where generated fonts may be written. This tree is used when the sources +% were found in a system tree and either that tree wasn't writable, or the +% varfonts feature was enabled in MT_FEATURES in mktex.cnf. +VARTEXFONTS = $GLOBALVARTEXFONTS + +% Where to look for ls-R files. There need not be an ls-R in the +% directories in this path, but if there is one, Kpathsea will use it. +% By default, this is only the !! elements of TEXMF, plus texmf-doc, so +% that mktexlsr does not create ls-R files in the non-!! elements -- +% because if an ls-R is present, it will be used, and the disk will not +% be searched. This is arguably a bug in kpathsea, but we will not +% think about it now. +% +TEXMFDBS = {!!$TEXMFSYSCONFIG,!!$TEXMFSYSVAR,!!$TEXMFMAIN,!!$TEXMFLOCAL,!!$TEXMFSITE,!!$TEXMFDIST,!!$TEXMFDOC} + +% On some systems, there will be a system tree which contains all the font +% files that may be created as well as the formats. For example +% TEXMFVAR = /var/lib/texmf +% is used on many Linux systems. In this case, set VARTEXFONTS like this +% VARTEXFONTS = $TEXMFVAR/fonts +% and do not mention it in TEXMFDBS (but _do_ mention TEXMFVAR). +% +% Remove $VARTEXFONTS from TEXMFDBS if the VARTEXFONTS directory is below +% one of the TEXMF directories (avoids overlapping ls-R files). + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 2 +a4 2 +% This is the parent directory of our several trees, i.e., +% /usr/local/texlive/YYYY in the original TeX Live distribution. +d6 7 +a12 9 +% All trees must be organized according to the TeX Directory Structure +% (http://tug.org/tds), or files may not be found. +% +% Redistributors will probably want $SELFAUTODIR/share, i.e., /usr/share. +TEXMFROOT = $SELFAUTODIR/share + +% The tree containing runtime files related to the specific +% distribution and version. +TEXMFMAIN = $TEXMFROOT/texmf +d14 2 +a15 2 +% The main tree of packages, distribution-agnostic: +TEXMFDIST = $TEXMFROOT/texmf-dist +d18 1 +a18 1 +TEXMFSITE = $TEXMFROOT/texmf-site +d20 2 +a21 2 +% Local additions to the distribution trees. +TEXMFLOCAL = $TEXMFROOT/../local/share/texmf +d23 15 +a37 1 +% TEXMFSYSVAR, where *-sys store cached runtime data. +d40 6 +a45 1 +% TEXMFSYSCONFIG, where *-sys store configuration data. +d48 2 +a49 4 +% Per-user texmf tree(s) -- organized per the TDS, as usual. To define +% more than one per-user tree, set this to a list of directories in +% braces, as described above. (This used to be HOMETEXMF.) ~ expands +% to %USERPROFILE% on Windows, $HOME otherwise. +d52 22 +a73 7 +% TEXMFVAR, where texconfig/updmap/fmtutil store cached runtime data. +TEXMFVAR = ~/.texlive/texmf-var + +% TEXMFCONFIG, where texconfig/updmap/fmtutil store configuration data. +TEXMFCONFIG = ~/.texlive/texmf-config + +% List all the texmf trees. +d78 1 +a78 1 +% TEXMFLOCAL follows TEXMFMAIN (and precedes TEXMFDIST) because the +d80 6 +a85 6 +% the distribution, such as configuration files. Overriding them would +% be more likely to cause trouble than help. On the other hand, the +% bulk of packages and fonts are in TEXMFDIST, and locally-installed +% versions should take precedence over those -- although it is generally +% a source of confusion to have different versions of a package +% installed, whatever the trees, so try to avoid it. +d88 1 +a88 9 +% Where to look for ls-R files. There need not be an ls-R in the +% directories in this path, but if there is one, Kpathsea will use it. +% By default, this is only the !! elements of TEXMF, so that mktexlsr +% does not create ls-R files in the non-!! elements -- because if an +% ls-R is present, it will be used, and the disk will not be searched. +% This is arguably a bug in kpathsea. +TEXMFDBS = {!!$TEXMFSYSCONFIG,!!$TEXMFSYSVAR,!!$TEXMFMAIN,!!$TEXMFLOCAL,!!$TEXMFSITE,!!$TEXMFDIST} + +% The system trees. These are the trees that are shared by all users. +d103 10 +d116 2 +a117 2 +% is used in many distros. In this case, set VARTEXFONTS like this +%VARTEXFONTS = $TEXMFVAR/fonts +@ diff --git a/config-archive/etc/texmf/texmf.d/10standardpaths.cnf,v b/config-archive/etc/texmf/texmf.d/10standardpaths.cnf,v new file mode 100644 index 0000000..336ed3f --- /dev/null +++ b/config-archive/etc/texmf/texmf.d/10standardpaths.cnf,v @@ -0,0 +1,494 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.29.21.27.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.29.21.27.21; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Usually you will not need to edit any of the other variables in part 1. % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +% WEB2C is for Web2C specific files. The current directory may not be +% a good place to look for them. +WEB2C = $TEXMF/web2c + +% TEXINPUTS is for TeX input files -- i.e., anything to be found by \input +% or \openin, including .sty, .eps, etc. + +% Plain TeX. Have the command tex check all directories as a last +% resort, we may have plain-compatible stuff anywhere. +TEXINPUTS.tex = .;$TEXMF/tex/{plain,generic,}// + +% Other plain-based formats. +TEXINPUTS.amstex = .;$TEXMF/tex/{amstex,plain,generic,}// +TEXINPUTS.csplain = .;$TEXMF/tex/{csplain,plain,generic,}// +TEXINPUTS.eplain = .;$TEXMF/tex/{eplain,plain,generic,}// +TEXINPUTS.ftex = .;$TEXMF/tex/{formate,plain,generic,}// +TEXINPUTS.jadetex = .;$TEXMF/tex/{jadetex,plain,generic,}// +TEXINPUTS.mex = .;$TEXMF/tex/{mex,plain,generic,}// +TEXINPUTS.texinfo = .;$TEXMF/tex/{texinfo,plain,generic,}// +TEXINPUTS.xetex = .;$TEXMF/tex/{xetex,plain,generic,}// + +% LaTeX 2e specific macros are stored in latex/, macros that can only be +% used with 2.09 in latex209/. In addition, we look in the directory +% latex209, useful for macros that were written for 2.09 and do not +% mention 2e at all, but can be used with 2e. +TEXINPUTS.cslatex = .;$TEXMF/tex/{cslatex,csplain,latex,generic,}// +TEXINPUTS.latex = .;$TEXMF/tex/{latex,generic,}// +TEXINPUTS.olatex = .;$TEXMF/tex/{latex,generic,}// +TEXINPUTS.latex209 = .;$TEXMF/tex/{latex209,generic,latex,}// +TEXINPUTS.xelatex = .;$TEXMF/tex/{xelatex,latex,generic,}// + +% Fontinst needs to read afm files. +TEXINPUTS.fontinst = .;$TEXMF/{tex,fonts/afm}// + +% MLTeX. +TEXINPUTS.frlatex = .;$TEXMF/tex/{french,latex,generic,}// +TEXINPUTS.frtex = .;$TEXMF/tex/{french,plain,generic,}// +TEXINPUTS.mllatex = .;$TEXMF/tex/{latex,generic,}// +TEXINPUTS.mltex = .;$TEXMF/tex/{plain,generic,}// + +% e-TeX. This form of the input paths is borrowed from teTeX. A certain +% variant of TDS is assumed here, unaffected by the build variables. +TEXINPUTS.elatex = .;$TEXMF/tex/{latex,generic,}// +TEXINPUTS.etex = .;$TEXMF/tex/{plain,generic,}// + +% pdfTeX. This form of the input paths is borrowed from teTeX. A certain +% variant of TDS is assumed here, unaffected by the build variables. +TEXINPUTS.pdfcslatex = .;$TEXMF/tex/{cslatex,csplain,latex,generic,}// +TEXINPUTS.pdfcsplain = .;$TEXMF/tex/{csplain,plain,generic,}// +TEXINPUTS.pdfjadetex = .;$TEXMF/tex/{jadetex,plain,generic,}// +TEXINPUTS.pdflatex = .;$TEXMF/tex/{latex,generic,}// +TEXINPUTS.pdfmex = .;$TEXMF/tex/{mex,plain,generic,}// +TEXINPUTS.utf8mex = .;$TEXMF/tex/{mex,plain,generic,}// +TEXINPUTS.pdftex = .;$TEXMF/tex/{plain,generic,}// +TEXINPUTS.pdftexinfo = .;$TEXMF/tex/{texinfo,plain,generic,}// +TEXINPUTS.pdfamstex = .;$TEXMF/tex/{amstex,plain,generic,}// + +% pdfeTeX. +TEXINPUTS.pdfelatex = .;$TEXMF/tex/{latex,generic,}// +TEXINPUTS.pdfetex = .;$TEXMF/tex/{plain,generic,}// + +% pdfxTeX. +TEXINPUTS.pdfxlatex = .;$TEXMF/tex/{latex,generic,}// +TEXINPUTS.pdfxtex = .;$TEXMF/tex/{plain,generic,}// + +% XeTeX +TEXINPUTS.xelatex = .;$TEXMF/tex/{xelatex,latex,generic,}// +TEXINPUTS.xeplain = .;$TEXMF/tex/{xeplain,eplain,plain,generic,}// +TEXINPUTS.xetex = .;$TEXMF/tex/{xetex,plain,generic,}// + +% Omega / Aleph +TEXINPUTS.lamed = .;$TEXMF/tex/{lamed,lambda,latex,generic,}// +TEXINPUTS.lambda = .;$TEXMF/tex/{lambda,latex,generic,}// +TEXINPUTS.omega = .;$TEXMF/tex/{plain,generic,}// +TEXINPUTS.aleph = .;$TEXMF/tex/{plain,generic,}// + +% ConTeXt +TEXINPUTS.context = .;$TEXMF/tex/{context,plain,generic,}// + +% odd formats needing their own paths +TEXINPUTS.lamstex = .;$TEXMF/tex/{lamstex,plain,generic,}// +TEXINPUTS.lollipop = .;$TEXMF/tex/{lollipop,plain,generic,}// + +% Earlier entries override later ones, so put this last. +TEXINPUTS = .;$TEXMF/tex/{$progname,generic,}// + +% extra format definitions for TeX Live + +TEXINPUTS.elambda = .;$TEXMF/tex/{lambda,latex,generic,}// +TEXINPUTS.eomega = .;$TEXMF/tex/{plain,generic,}// +TEXINPUTS.pdfxmex = .;$TEXMF/tex/{mex,plain,generic,}// +TEXINPUTS.frpdflatex = .;$TEXMF/tex/{french,latex,generic,}// +TEXINPUTS.frpdftex = .;$TEXMF/tex/{french,plain,generic,}// +TEXINPUTS.xmltex = .;$TEXMF/tex/{xmltex,latex,generic,}// +TEXINPUTS.pdfxmltex = .;$TEXMF/tex/{xmltex,latex,generic,}// + +TTF2TFMINPUTS = .;$TEXMF/ttf2pk// + +% Metafont, MetaPost inputs. +MFINPUTS = .;$TEXMF/metafont//;{$TEXMF/fonts,$GLOBALVARTEXFONTS,$VARTEXFONTS}/source// +MPINPUTS = .;$TEXMF/metapost// + +% The following are not needed any more here. +% Moved to texdoc.cnf (and hard-coded default), see the texdoc manual. +% See texdoc's source too if you need to allow compressed documentation. +% TEXDOCSSUFFIX = ;.pdf;.ps;.dvi;.html;.txt;.tex +% TEXDOCSCOMPRESS = ;.gz;.bz2;.zip;.Z +% TEXDOCEXT = {$TEXDOCSSUFFIX}{$TEXDOCSCOMPRESS} + +% Dump files (fmt/base/mem) for vir{tex,mf,mp} to read. +% We want to find the engine-specific file, e.g., cont-en.fmt can +% exist under both pdftex/ and xetex/. But just in case some formats +% end up without an engine directory, look directly in web2c/ too. +% We repeat the same definition three times because of the way fmtutil +% is implemented; if we use ${TEXFORMATS}, the mpost/mf/etc. formats +% will not be found. +TEXFORMATS = .;$TEXMF/web2c{/$engine,} +MFBASES = .;$TEXMF/web2c{/$engine,} +MPMEMS = .;$TEXMF/web2c{/$engine,} +% +% As of 2008, pool files don't exist any more (the strings are compiled +% into the binaries), but just in case something expects to find these +% settings: +TEXPOOL = .;$TEXMF/web2c +MFPOOL = ${TEXPOOL} +MPPOOL = ${TEXPOOL} + +% support the original xdvi. Must come before the generic settings. +PKFONTS.XDvi = .;$TEXMF/%s;{$GLOBALVARTEXFONTS,$VARTEXFONTS}/pk/{%m,modeless}// +VFFONTS.XDvi = .;$TEXMF/%s +PSHEADERS.XDvi = .;$TEXMF/%q{dvips,fonts/type1}// +TEXPICTS.XDvi = .;$TEXMF/%q{dvips,tex}// + +% Device-independent font metric files. +VFFONTS = .;$TEXMF/fonts/vf// +TFMFONTS = .;{$TEXMF/fonts,$GLOBALVARTEXFONTS,$VARTEXFONTS}/tfm// + +% The $MAKETEX_MODE below means the drivers will not use a cx font when +% the mode is ricoh. If no mode is explicitly specified, kpse_prog_init +% sets MAKETEX_MODE to /, so all subdirectories are searched. See the manual. +% The modeless part guarantees that bitmaps for PostScript fonts are found. +PKFONTS = .;{$TEXMF/fonts,$GLOBALVARTEXFONTS,$VARTEXFONTS}/pk/{$MAKETEX_MODE,modeless}// + +% Similarly for the GF format, which only remains in existence because +% Metafont outputs it (and MF isn't going to change). +GFFONTS = .;$TEXMF/fonts/gf/$MAKETEX_MODE// + +% A backup for PKFONTS and GFFONTS. Not used for anything. +GLYPHFONTS = .;$TEXMF/fonts + +% A place to puth everything that doesn't fit the other font categories. +MISCFONTS = .;$TEXMF/fonts/misc// + +% font name map files. This isn't just fonts/map// because ConTeXt +% wants support for having files with the same name in the different +% subdirs. Maybe if the programs ever get unified to accepting the same +% map file syntax the definition can be simplified again. +TEXFONTMAPS = .;$TEXMF/fonts/map/{$progname,pdftex,dvips,}// + +% BibTeX bibliographies and style files. +BIBINPUTS = .;$TEXMF/bibtex/bib// +BSTINPUTS = .;$TEXMF/bibtex/{bst,csf}// +% For bibtex8. Do we really need to repeat the BIBINPUTS setting? +BIBINPUTS.bibtex8 = .;$TEXMF/bibtex/{bib,}// +BSTINPUTS.bibtex8 = .;$TEXMF/bibtex/{bst,csf,}// + +% MFT style files. +MFTINPUTS = .;$TEXMF/mft// + +% PostScript headers and prologues (.pro); unfortunately, some programs +% also use this for acessing font files (enc, type1, truetype) +TEXPSHEADERS = .;$TEXMF/{dvips,fonts/{enc,type1,type42,type3}}// +TEXPSHEADERS.gsftopk = .;$TEXMF/{dvips,fonts/{enc,type1,type42,type3,truetype}}// + +% OSFONTDIR is to provide a convenient hook for allowing TeX to find +% fonts installed on the system (outside of TeX). An empty default +% value would add "//" to the search paths, so we give it a dummy value. +OSFONTDIR = /please/set/osfontdir/in/the/environment + +% PostScript Type 1 outline fonts. +T1FONTS = .;$TEXMF/fonts/type1//;$OSFONTDIR// + +% PostScript AFM metric files. +AFMFONTS = .;$TEXMF/fonts/afm//;$OSFONTDIR// + +% TrueType outline fonts. +TTFONTS = .;$TEXMF/fonts/truetype//;$OSFONTDIR// + +% Opentype outline fonts. +OPENTYPEFONTS = .;$TEXMF/fonts/opentype//;$OSFONTDIR// + +% Type 42 outline fonts. +T42FONTS = .;$TEXMF/fonts/type42// + +% Ligature definition files. +LIGFONTS = .;$TEXMF/fonts/lig// + +% Dvips' config.* files (this name should not start with `TEX'!). +TEXCONFIG = $TEXMF/dvips// + +% Makeindex style (.ist) files. +INDEXSTYLE = .;$TEXMF/makeindex// + +% Font encoding files (.enc). +ENCFONTS = .;$TEXMF/fonts/enc// + +% CMap files. +CMAPFONTS = .;$TEXMF/fonts/cmap// + +% Subfont definition files. +SFDFONTS = .;$TEXMF/fonts/sfd// + +% OpenType outline fonts. +OPENTYPEFONTS = .;$TEXMF/fonts/opentype// + +% pdftex config files: +PDFTEXCONFIG = .;$TEXMF/pdftex/{$progname,}// + +% Used by DMP (ditroff-to-mpx), called by makempx -troff. +TRFONTS = /usr{/local,}/share/groff/{current/font,site-font}/devps +MPSUPPORT = .;$TEXMF/metapost/support + +% For xdvi to find mime.types and .mailcap, if they do not exist in +% ~. These are single directories, not paths. +% (But the default mime.types, at least, may well suffice.) +MIMELIBDIR = $SELFAUTOPARENT/etc +MAILCAPLIBDIR = $SELFAUTOPARENT/etc + +% Default settings for fontconfig library, used by Win32 versions of +% xetex/xdvipdfmx (note that fontconfig on Linux/Unix-like systems +% will ignore settings in this file) +FONTCONFIG_FILE=fonts.conf +FONTCONFIG_PATH=$TEXMFSYSVAR/fonts/conf +FC_CACHEDIR=$TEXMFSYSVAR/fonts/cache + +% TeX documentation and source files, for use with kpsewhich. +% TeX Live has a separate hierarchy with just documentation, texmf-doc, +% in addition to the doc files in the other hierarchies. +TEXMFDOCDIR = !!$TEXMFDOC/doc +TEXDOCS = .;$TEXMF/doc//;$TEXMFDOCDIR// +TEXSOURCES = .;$TEXMF/source// + +% Web and CWeb input paths. +WEBINPUTS = .;$TEXMF/web// +CWEBINPUTS = .;$TEXMF/cweb// + +% Omega-related fonts and other files. +OFMFONTS = .;{$TEXMF/fonts,$GLOBALVARTEXFONTS,$VARTEXFONTS}/{ofm,tfm}// +OPLFONTS = .;{$TEXMF/fonts,$GLOBALVARTEXFONTS,$VARTEXFONTS}/opl// +OVFFONTS = .;{$TEXMF/fonts,$GLOBALVARTEXFONTS,$VARTEXFONTS}/{ovf,vf}// +OVPFONTS = .;{$TEXMF/fonts,$GLOBALVARTEXFONTS,$VARTEXFONTS}/ovp// +OTPINPUTS = .;$TEXMF/omega/otp// +OCPINPUTS = .;$TEXMF/omega/ocp// + +% Some additional input variables for several programs. If you add +% a program that uses the `other text files' or `other binary files' +% search formats, you'll want to add their variables here as well. +T4HTINPUTS = .;$TEXMF/tex4ht// + +%% t4ht utility, sharing files with TeX4ht +TEX4HTFONTSET=alias,iso8859,unicode +TEX4HTINPUTS = .;$TEXMF/tex4ht/base//;$TEXMF/tex4ht/ht-fonts/{$TEX4HTFONTSET}// + +% Find scripts that are distributed/installed in the texmf tree. + +% Lua needs to look in TEXINPUTS for lua scripts distributed with packages. +LUAINPUTS = .;$TEXMF/scripts/{$progname,$engine,}/lua//;$TEXINPUTS + +% Architecture independent executables. +TEXMFSCRIPTS = $TEXMF/scripts/{$engine,$progname,}// + +% Other languages. +JAVAINPUTS = .;$TEXMF/scripts/{$progname,$engine,}/java// +PERLINPUTS = .;$TEXMF/scripts/{$progname,$engine,}/perl// +PYTHONINPUTS = .;$TEXMF/scripts/{$progname,$engine,}/python// +RUBYINPUTS = .;$TEXMF/scripts/{$progname,$engine,}/ruby// + + +%% The mktex* scripts rely on KPSE_DOT. Do not set it in the environment. +% KPSE_DOT = . + +% This definition isn't used from this .cnf file itself (that would be +% paradoxical), but the compile-time default in paths.h is built from it. +% The SELFAUTO* variables are set automatically from the location of +% argv[0], in kpse_set_program_name. +% +% This main texmf.cnf file is installed, for a release YYYY, in a +% directory such as /usr/local/texlive/YYYY/texmf/web2c/texmf.cnf. +% Since this file is subject to future updates, the TeX Live installer +% or human administrator may also create a file +% /usr/local/texlive/YYYY/texmf.cnf; any settings in this latter file +% will take precedence over the distributed one under texmf/web2c. +% +% For security reasons, it is better not to include . in this path. +% +TEXMFCNF = $SELFAUTODIR{,/local}/share/texmf/web2c + +# kpathsea 3.5.3 and later sets these at runtime. To avoid empty +# expansions from binaries linked against an earlier version of the +# library, we set $progname and $engine to something non-empty: +progname = unsetprogname +engine = unsetengine + + + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +% Usually you will not need to edit any of the following variables. +d10 1 +a10 2 +% or \openin, including .sty, .eps, etc. We specify paths for all known +% formats, past or present. Not all of them are built these days. +a15 3 +% Fontinst needs to read afm files. +TEXINPUTS.fontinst = .;$TEXMF/{tex,fonts/afm}// + +d21 1 +d24 1 +d32 1 +d34 4 +a37 1 +TEXINPUTS.olatex = .;$TEXMF/tex/{latex,generic,}// +d45 2 +a46 1 +% e-TeX. +d50 2 +a51 1 +% pdfTeX. +d54 1 +a67 1 +TEXINPUTS.pdfxmex = .;$TEXMF/tex/{mex,plain,generic,}// +d70 3 +a72 9 +% LuaTeX. +TEXINPUTS.lualatex = .;$TEXMF/tex/{lualatex,latex,luatex,generic,}// +TEXINPUTS.luatex = .;$TEXMF/tex/{luatex,plain,generic,}// +TEXINPUTS.dvilualatex = .;$TEXMF/tex/{lualatex,latex,luatex,generic,}// +TEXINPUTS.dviluatex = .;$TEXMF/tex/{luatex,plain,generic,}// + +% XeTeX. +TEXINPUTS.xelatex = .;$TEXMF/tex/{xelatex,latex,xetex,generic,}// +TEXINPUTS.xeplain = .;$TEXMF/tex/{xeplain,eplain,plain,xetex,generic,}// +d75 2 +a76 4 +% Omega / Aleph. +TEXINPUTS.aleph = .;$TEXMF/tex/{plain,generic,}// +TEXINPUTS.elambda = .;$TEXMF/tex/{lambda,latex,generic,}// +TEXINPUTS.eomega = .;$TEXMF/tex/{plain,generic,}// +a77 1 +TEXINPUTS.lamed = .;$TEXMF/tex/{lamed,lambda,latex,generic,}// +d79 1 +d81 2 +a82 3 +% p(La)TeX. +TEXINPUTS.ptex = .;$TEXMF/tex/{ptex,ptexgeneric,plain,generic,}// +TEXINPUTS.platex = .;$TEXMF/tex/{platex,ptexgeneric,latex,generic,}// +d84 3 +a86 2 +% epTeX. +TEXINPUTS.eptex = .;$TEXMF/tex/{ptex,ptexgeneric,plain,generic,}// +d88 2 +a89 3 +% pBibTeX bibliographies and style files. +BIBINPUTS.pbibtex = .;$TEXMF/{pbibtex,bibtex}/bib// +BSTINPUTS.pbibtex = .;$TEXMF/{pbibtex,bibtex}/bst// +d91 1 +a91 2 +% ConTeXt. +TEXINPUTS.context = .;$TEXMF/tex/{context,plain,generic}// +d93 5 +a97 5 +% jadetex. +TEXINPUTS.jadetex = .;$TEXMF/tex/{jadetex,latex,generic,}// +TEXINPUTS.pdfjadetex = .;$TEXMF/tex/{jadetex,latex,generic,}// + +% XMLTeX. +a100 10 +% Miscellany, no longer built. +TEXINPUTS.lamstex = .;$TEXMF/tex/{lamstex,plain,generic,}// +TEXINPUTS.lollipop = .;$TEXMF/tex/{lollipop,plain,generic,}// +TEXINPUTS.frpdflatex = .;$TEXMF/tex/{french,latex,generic,}// +TEXINPUTS.frpdftex = .;$TEXMF/tex/{french,plain,generic,}// + +% Earlier entries override later ones, so put this generic one last. +TEXINPUTS = .;$TEXMF/tex/{$progname,generic,}// + +% ttf2tfm. +d107 7 +d126 2 +a127 1 +% into the binaries), but just in case something expects to find these: +d164 1 +a164 1 +% BibTeX bibliographies and style files. bibtex8 also uses these. +d167 3 +a169 4 + +% MlBibTeX. +MLBIBINPUTS = .;$TEXMF/bibtex/bib/{mlbib,}// +MLBSTINPUTS = .;$TEXMF/bibtex/{mlbst,bst}// +d191 1 +a191 1 +TTFONTS = .;$TEXMF/fonts/{truetype,opentype}//;$OSFONTDIR// +d193 2 +a194 2 +% OpenType outline fonts. +OPENTYPEFONTS = .;$TEXMF/fonts/{opentype,truetype}//;$OSFONTDIR// +d217 2 +a218 5 +% OpenType feature files (.fea). +FONTFEATURES=.;$TEXMF/fonts/fea// + +% .cid and .cidmap +FONTCIDMAPS=.;$TEXMF/fonts/cid// +d224 1 +a224 1 +TRFONTS = $SELFAUTODIR{/local,}/share/groff/{current/font,site-font}/devps +d233 3 +a235 2 +% Default settings for fontconfig library, used by Windows versions of +% xetex/xdvipdfmx. On Unixish systems, fontconfig ignores this. +d240 5 +a244 2 +% TeX documentation and source files, for use with texdoc and kpsewhich. +TEXDOCS = $TEXMF/doc// +a267 8 +% TeXworks editor configuration and settings +TW_LIBPATH = $TEXMFCONFIG/texworks +TW_INIPATH = $TW_LIBPATH + +% For security, do not look in . for dvipdfmx.cfg, since the D option +% would allow command execution. +DVIPDFMXINPUTS = $TEXMF/dvipdfmx + +d271 1 +a271 4 +LUAINPUTS = .;$TEXMF/scripts/{$progname,$engine,}/{lua,}//;$TEXINPUTS + +% Lua needs to look for binary lua libraries distributed with packages. +CLUAINPUTS = .;$SELFAUTOLOC/lib/{$progname,$engine,}/lua// +d274 1 +a274 1 +TEXMFSCRIPTS = $TEXMF/scripts/{$progname,$engine,}// +d300 1 +a300 1 +TEXMFCNF = {$SELFAUTOLOC,$SELFAUTODIR,$SELFAUTOPARENT}{,{/share,}/texmf{-local,}/web2c} +d302 3 +a304 3 +% kpathsea 3.5.3 and later sets these at runtime. To avoid empty +% expansions from binaries linked against an earlier version of the +% library, we set $progname and $engine to something non-empty: +@ diff --git a/config-archive/etc/texmf/texmf.d/15options.cnf,v b/config-archive/etc/texmf/texmf.d/15options.cnf,v new file mode 100644 index 0000000..225df7b --- /dev/null +++ b/config-archive/etc/texmf/texmf.d/15options.cnf,v @@ -0,0 +1,226 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.29.21.27.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.29.21.27.26; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@% Part 2: Options. + +% If this is true, `tex a.b' will look first for a.b.tex (within each +% path element), and then for a.b, i.e., we try standard extensions +% first. If this is false, we first look for a.b and then a.b.tex, +% first. If this is false, we first look for a.b and then a.b.tex, +% i.e., we try the name as-is first. +% +% Both names are always tried; the difference is the order in which they +% are tried. The setting applies to all searches, not just .tex. +% +% This setting only affects names being looked up which *already* have +% an extension. A name without an extension (e.g., `tex story') will +% always have an extension added first. +% +% The default is true, because we already avoid adding the standard +% extension(s) in most common cases. E.g., babel.sty will only look for +% babel.sty, not babel.sty.tex, regardless of this setting. +try_std_extension_first = t + +% Enable system commands via \write18{...}? Obviously insecure, despite +% being so useful. +shell_escape = f + +% Allow TeX \openin, \openout, or \input on filenames starting with `.' +% (e.g., .rhosts) or outside the current tree (e.g., /etc/passwd)? +% a (any) : any file can be opened. +% r (restricted) : disallow opening "dotfiles". +% p (paranoid) : as `r' and disallow going to parent directories, and +% restrict absolute paths to be under $TEXMFOUTPUT. +openout_any = p +openin_any = a + +% Write .log/.dvi/etc. files here, if the current directory is unwritable. +% TEXMFOUTPUT = /tmp + +% If a dynamic file creation fails, log the command to this file, in +% either the current directory or TEXMFOUTPUT. Set to the +% empty string or 0 to avoid logging. +MISSFONT_LOG = missfont.log + +% Set to a colon-separated list of words specifying warnings to suppress. +% To suppress everything, use TEX_HUSH = all; this is currently equivalent to +% TEX_HUSH = checksum:lostchar:readable:special +% To suppress nothing, use TEX_HUSH = none or do not set the variable at all. +TEX_HUSH = none + +% Allow TeX, MF, and MP to parse the first line of an input file for +% the %&format construct. +parse_first_line = t + +% But don't parse the first line if invoked as "tex", since we want that +% to remain Knuth-compatible. The src_specials and +% file_line_error_style settings, as well as the options -enctex, +% -mltex, -8bit, etc., also affect this, but they are all off by default. +parse_first_line.tex = f + +% Control file:line:error style messages. +file_line_error_style = f + +% Enable the mktex... scripts by default? These must be set to 0 or 1. +% Particular programs can and do override these settings, for example +% dvips's -M option. Your first chance to specify whether the scripts +% are invoked by default is at configure time. +% +% These values are ignored if the script names are changed; e.g., if you +% set DVIPSMAKEPK to `foo', what counts is the value of the environment +% variable/config value `FOO', not the `MKTEXPK' value. +% +% MKTEXTEX = 0 +% MKTEXPK = 0 +% MKTEXMF = 0 +% MKTEXTFM = 0 +% MKTEXFMT = 0 +% MKOCP = 0 +% MKOFM = 0 + +% What MetaPost runs to make MPX files. This is passed an option -troff +% if MP is in troff mode. Set to `0' to disable this feature. +MPXCOMMAND = makempx + +% Used by makempx to run TeX. We use "etex" because MetaPost is +% expecting DVI, and not "tex" because we want first line parsing. +TEX = etex + +% These variables specify the external program called for the +% interactive `e' option. %d is replaced by the line number and %s by +% the current filename. The default is specified at compile-time, and +% we let that stay in place since different platforms like different values. +%TEXEDIT = vi +%d "%s" +%MFEDIT = ${TEXEDIT} +%MPEDIT = ${TEXEDIT} + + +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d3 5 +a7 4 +% If this option is set to true, `tex a.b' will look first for a.b.tex +% (within each path element), and then for a.b, i.e., we try standard +% extensions first. If this is false, we first look for a.b and then +% a.b.tex, i.e., we try the name as-is first. +d17 1 +a17 1 +% extension(s) in the usual cases. E.g., babel.sty will only look for +d21 3 +a23 45 +% Enable system commands via \write18{...}. When enabled fully (set to +% t), obviously insecure. When enabled partially (set to p), only the +% commands listed in shell_escape_commands are allowed. Although this +% is not fully secure either, it is much better, and so useful that we +% enable it for everything but bare tex. +shell_escape = p + +% No spaces in this command list. +% +% The programs listed here are as safe as any we know: they either do +% not write any output files, respect openout_any, or have hard-coded +% restrictions similar or higher to openout_any=p. They also have no +% features to invoke arbitrary other programs, and no known exploitable +% bugs. All to the best of our knowledge. They also have practical use +% for being called from TeX. +% +shell_escape_commands = \ +bibtex,bibtex8,\ +kpsewhich,\ +makeindex,\ +repstopdf,\ + +% we'd like to allow: +% dvips - but external commands can be executed, need at least -R1. +% epspdf, ps2pdf, pstopdf - need to respect openout_any, +% and gs -dSAFER must be used and check for shell injection with filenames. +% (img)convert (ImageMagick) - delegates.mgk possible misconfig, besides, +% without Unix convert it hardly seems worth it, and Windows convert +% is something completely different that destroys filesystems, so skip. +% pygmentize - but is the filter feature insecure? +% ps4pdf - but it calls an unrestricted latex. +% rpdfcrop - maybe ok, but let's get experience with repstopdf first. +% texindy,xindy - but is the module feature insecure? +% ulqda - but requires optional SHA1.pm, so why bother. +% tex, latex, etc. - need to forbid --shell-escape, and inherit openout_any. + +% plain TeX should remain unenhanced. +shell_escape.tex = f +shell_escape.initex = f + +% This is used by the Windows script wrapper for restricting searching +% for the purportedly safe shell_escape_commands above to system +% directories. +TEXMF_RESTRICTED_SCRIPTS = \ + {!!$TEXMFMAIN,!!$TEXMFLOCAL,!!$TEXMFDIST}/scripts/{$progname,$engine,}// +d35 1 +a35 1 +%TEXMFOUTPUT = /tmp +d48 1 +a48 1 +% Allow TeX, and MF to parse the first line of an input file for +a56 1 +parse_first_line.initex = f +d70 11 +a80 7 +%MKTEXTEX = 0 +%MKTEXPK = 0 +%MKTEXMF = 0 +%MKTEXTFM = 0 +%MKTEXFMT = 0 +%MKOCP = 0 +%MKOFM = 0 +d90 1 +a90 2 +%TEXEDIT = vi +%d '%s' % default for Unix +%TEXEDIT = texworks --position=+%d "%s" % default for Windows +a92 16 + +% The default `codepage and sort order' file for BibTeX8, when none is +% given as command line option or environment variable. +BIBTEX_CSFILE = 88591lat.csf + +% This variable is specific to Windows. It must be set to 0 or 1. The +% default is 0. Setting it to 1 tells the Windows script wrappers to +% use an already installed Perl interpreter if one is found on the +% search path, in preference to the Perl shipped with TeX Live. Thus, +% it may be useful if you both (a) installed a full Perl distribution +% for general use, and (b) need to run Perl programs from TL that use +% additional modules we don't provide. The TL Perl does provide all the +% standard Perl modules. +% +%TEXLIVE_WINDOWS_TRY_EXTERNAL_PERL = 0 + +@ diff --git a/config-archive/etc/texmf/texmf.d/20sizes.cnf,v b/config-archive/etc/texmf/texmf.d/20sizes.cnf,v new file mode 100644 index 0000000..855c2f8 --- /dev/null +++ b/config-archive/etc/texmf/texmf.d/20sizes.cnf,v @@ -0,0 +1,180 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.08.29.21.27.01; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.08.29.21.27.30; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@% Part 3: Array and other sizes for TeX (and Metafont and MetaPost). +% +% If you want to change some of these sizes only for a certain TeX +% variant, the usual dot notation works, e.g., +% main_memory.hugetex = 20000000 +% +% If a change here appears to be ignored, try redumping the format file. + +% Memory. Must be less than 8,000,000 total. +% +% main_memory is relevant only to initex, extra_mem_* only to non-ini. +% Thus, have to redump the .fmt file after changing main_memory; to add +% to existing fmt files, increase extra_mem_*. (To get an idea of how +% much, try \tracingstats=2 in your TeX source file; +% web2c/tests/memtest.tex might also be interesting.) +% +% To increase space for boxes (as might be needed by, e.g., PiCTeX), +% increase extra_mem_bot. +% +% For some xy-pic samples, you may need as much as 700000 words of memory. +% For the vast majority of documents, 60000 or less will do. +% +main_memory = 3000000 % words of inimemory available; also applies to inimf&mp +extra_mem_top = 0 % extra high memory for chars, tokens, etc. +extra_mem_bot = 0 % extra low memory for boxes, glue, breakpoints, etc. + +% ConTeXt needs lots of memory. +extra_mem_top.context = 2000000 +extra_mem_bot.context = 4000000 + +% Words of font info for TeX (total size of all TFM files, approximately). +% Must be >= 20000 and <= 4000000 (without tex.ch changes). +font_mem_size = 3000000 + +% Total number of fonts. Must be >= 50 and <= 5000 (without tex.ch changes). +font_max = 5000 + +% Extra space for the hash table of control sequences (which allows 10K +% names as distributed). +hash_extra = 50000 + +% Max number of characters in all strings, including all error messages, +% help texts, font names, control sequences. These values apply to TeX and MP. +pool_size = 1250000 +% Minimum pool space after TeX/MP's own strings; must be at least +% 25000 less than pool_size, but doesn't need to be nearly that large. +string_vacancies = 90000 +% Maximum number of strings. +max_strings = 500000 +% min pool space left after loading .fmt +pool_free = 47500 + +% Buffer size. TeX uses the buffer to contain input lines, but macro +% expansion works by writing material into the buffer and reparsing the +% line. As a consequence, certain constructs require the buffer to be +% very large, even though most documents can be handled with a small value. +buf_size = 200000 + +% Hyphenation trie. The maximum possible is 4194303 (ssup_trie_size in +% the sources), but we don't need that much. The value here suffices +% for all known free hyphenation patterns to be loaded simultaneously +% (as TeX Live does). +% +trie_size = 600000 + +hyph_size = 8191 % prime number of hyphenation exceptions, >610, <32767. + % http://primes.utm.edu/curios/page.php/8191.html +nest_size = 500 % simultaneous semantic levels (e.g., groups) +max_in_open = 15 % simultaneous input files and error insertions +param_size = 10000 % simultaneous macro parameters +save_size = 50000 % for saving values outside current group +stack_size = 5000 % simultaneous input sources + +% These are Omega-specific. +ocp_buf_size = 500000 % character buffers for ocp filters. +ocp_stack_size = 10000 % stacks for ocp computations. +ocp_list_size = 1000 % control for multiple ocps. + +% Parameter specific to MetaPost. +% Maximum number of knots between breakpoints of a path. +% Set to 2000 by default. +% path_size.mpost = 10000 + +% These work best if they are the same as the I/O buffer size, but it +% doesn't matter much. Must be a multiple of 8. +dvi_buf_size = 16384 % TeX +gf_buf_size = 16384 % MF + +% It's probably inadvisable to change these. At any rate, we must have: +% 45 < error_line < 255; +% 30 < half_error_line < error_line - 15; +% 60 <= max_print_line; +% These apply to TeX, Metafont, and MetaPost. +error_line = 79 +half_error_line = 50 +max_print_line = 79 +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d1 1 +a1 1 +% Part 3: Array and other sizes for TeX (and Metafont). +d32 1 +a32 1 +% Must be >= 20000 and <= 147483647 (without tex.ch changes). +d35 2 +a36 2 +% Total number of fonts. Must be >= 50 and <= 9000 (without tex.ch changes). +font_max = 9000 +d38 3 +a40 2 +% Extra space for the hash table of control sequences. +hash_extra = 200000 +d43 3 +a45 3 +% help texts, font names, control sequences. These values apply to TeX. +pool_size = 3250000 +% Minimum pool space after TeX's own strings; must be at least +d64 1 +a64 1 +trie_size = 1000000 +d69 2 +a70 3 +max_in_open = 15 % simultaneous input files and error insertions, + % also applies to MetaPost +param_size = 10000 % simultaneous macro parameters, also applies to MP +d79 5 +a96 17 + +% Metafont only. +screen_width.mf = 1664 +screen_depth.mf = 1200 + +% BibTeX only (max_strings also determines hash_size and hash_prime). +ent_str_size = 250 +glob_str_size = 5000 +max_strings.bibtex = 35307 +max_strings.bibtex8 = 35307 +max_strings.bibtexu = 35307 +max_strings.pbibtex = 35307 + +% GFtype only. +line_length.gftype = 500 +max_rows.gftype = 8191 +max_cols.gftype = 8191 +@ diff --git a/config-archive/etc/ulogd.conf,v b/config-archive/etc/ulogd.conf,v new file mode 100644 index 0000000..8f7edbd --- /dev/null +++ b/config-archive/etc/ulogd.conf,v @@ -0,0 +1,348 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; +expand @o@; + + +1.3 +date 2010.11.30.17.17.05; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.10.12.07.43.04; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.11.24.21; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.10.12.07.47.20; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.3 +log +@dispatch-conf update. +@ +text +@# Example configuration for ulogd +# $Id$ +# Adapted to Debian by Achilleas Kotsis + +[global] +###################################################################### +# GLOBAL OPTIONS +###################################################################### + + +# logfile for status messages +logfile="/var/log/ulogd/daemon.log" + +# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) +loglevel=3 + +###################################################################### +# PLUGIN OPTIONS +###################################################################### + +# We have to configure and load all the plugins we want to use + +# general rules: +# 1. load the plugins _first_ from the global section +# 2. options for each plugin in seperate section below + + +plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so" +plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" +plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so" +plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so" +plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so" +plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so" +#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so" +plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so" +#plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so" +#plugin="/usr/lib64/ulogd/ulogd_output_XML.so" +#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so" +#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so" +#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so" +#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so" +plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" + +# this is a stack for logging packet send by system via LOGEMU +stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for packet-based logging via LOGEMU +stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for ULOG packet-based logging via LOGEMU +stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for packet-based logging via LOGEMU with filtering on MARK +#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for flow-based logging via LOGEMU +#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU + +# this is a stack for flow-based logging via OPRINT +#stack=ct1:NFCT,op1:OPRINT + +# this is a stack for flow-based logging via XML +#stack=ct1:NFCT,xml1:XML + +# this is a stack for logging in XML +#stack=log1:NFLOG,xml1:XML + +# this is a stack for NFLOG packet-based logging to PCAP +#stack=log2:NFLOG,base1:BASE,pcap1:PCAP + +# this is a stack for logging packet to MySQL +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL + +# this is a stack for logging packet to PGsql after a collect via NFLOG +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL + +# this is a stack for logging packets to syslog after a collect via NFLOG +#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG + +# this is a stack for flow-based logging to MySQL +#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL + +# this is a stack for flow-based logging to PGSQL +#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL + +# this is a stack for flow-based logging to PGSQL without local hash +#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL + + +# this is a stack for flow-based logging in NACCT compatible format +#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT + +[ct1] +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +#netlink_resync_timeout=60 # seconds to wait to perform resynchronization +#pollinterval=10 # use poll-based logging instead of event-driven + +[ct2] +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +hash_enable=0 + +# Logging of system packet through NFLOG +[log1] +# netlink multicast group (the same as the iptables --nflog-group param) +# Group O is used by the kernel to log connection tracking invalid message +group=0 +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +# set number of packet to queue inside kernel +#netlink_qthreshold=1 +# set the delay before flushing packet in the queue inside kernel (in 10ms) +#netlink_qtimeout=100 + +# packet logging through NFLOG for group 1 +[log2] +# netlink multicast group (the same as the iptables --nflog-group param) +group=1 # Group has to be different from the one use in log1 +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +# If your kernel is older than 2.6.29 and if a NFLOG input plugin with +# group 0 is not used by any stack, you need to have at least one NFLOG +# input plugin with bind set to 1. If you don't do that you may not +# receive any message from the kernel. +#bind=1 + +# packet logging through NFLOG for group 2, numeric_label is +# set to 1 +[log3] +# netlink multicast group (the same as the iptables --nflog-group param) +group=2 # Group has to be different from the one use in log1/log2 +numeric_label=1 # you can label the log info based on the packet verdict +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +#bind=1 + +[ulog1] +# netlink multicast group (the same as the iptables --ulog-nlgroup param) +nlgroup=1 +#numeric_label=0 # optional argument + +[emu1] +file="/var/log/ulogd/syslogemu.log" +sync=1 + +[op1] +file="/var/log/ulogd/oprint.log" +#file="/var/log/ulogd_oprint.log" +sync=1 + +[xml1] +directory="/var/log/ulogd/" +sync=1 + +[pcap1] +sync=1 + +[mysql1] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_PACKET_FULL" + +[mysql2] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_CT" + +[pgsql1] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_PACKET_FULL" + +[pgsql2] +db="nulog" +host="localhost" +user="nupik" +table="ulog2_ct" +pass="changeme" +procedure="INSERT_CT" + +[pgsql3] +db="nulog" +host="localhost" +user="nupik" +table="ulog2_ct" +pass="changeme" +procedure="INSERT_OR_REPLACE_CT" + +[dbi1] +db="ulog2" +dbtype="pgsql" +host="localhost" +user="ulog2" +table="ulog" +pass="ulog2" +procedure="INSERT_PACKET_FULL" + +[sys2] +facility=LOG_LOCAL2 + +[nacct1] +sync = 1 + +[mark1] +mark = 1 +@ + + +1.2 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $Id: ulogd.conf,v 1.2 2010/05/27 09:10:01 root Exp $ +d40 1 +d67 6 +d101 2 +d118 2 +a119 2 +# set the delay before flushing packet in the queue inside kernel (in ms) +#netlink_qtimeout=1000 +d154 5 +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $Id: ulogd.conf,v 1.1 2010/05/26 09:20:32 root Exp $ +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $Id$ +d12 1 +a12 1 +logfile="/var/log/ulogd.log" +d15 1 +a15 1 +loglevel=1 +d29 1 +a29 1 +#plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" +d39 1 +a39 2 +plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so" +plugin="/usr/lib64/ulogd/ulogd_output_XML.so" +d49 1 +a49 1 +#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU +d52 1 +a52 1 +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU +d55 1 +a55 1 +#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU +a65 6 +# this is a stack for flow-based logging via XML +#stack=ct1:NFCT,xml1:XML + +# this is a stack for logging in XML +#stack=log1:NFLOG,xml1:XML + +a93 2 +#netlink_resync_timeout=60 # seconds to wait to perform resynchronization +#pollinterval=10 # use poll-based logging instead of event-driven +d109 2 +a110 2 +# set the delay before flushing packet in the queue inside kernel (in 10ms) +#netlink_qtimeout=100 +d140 1 +a140 1 +file="/var/log/ulogd_syslogemu.log" +d144 1 +a144 5 +file="/var/log/ulogd_oprint.log" +sync=1 + +[xml1] +directory="/var/log/" +@ diff --git a/config-archive/etc/ulogd.conf.dist b/config-archive/etc/ulogd.conf.dist new file mode 100644 index 0000000..bd72e6b --- /dev/null +++ b/config-archive/etc/ulogd.conf.dist @@ -0,0 +1,219 @@ +# Example configuration for ulogd +# $Id$ +# Adapted to Debian by Achilleas Kotsis + +[global] +###################################################################### +# GLOBAL OPTIONS +###################################################################### + + +# logfile for status messages +logfile="/var/log/ulogd.log" + +# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) +loglevel=1 + +###################################################################### +# PLUGIN OPTIONS +###################################################################### + +# We have to configure and load all the plugins we want to use + +# general rules: +# 1. load the plugins _first_ from the global section +# 2. options for each plugin in seperate section below + + +plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so" +#plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" +plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so" +plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so" +plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so" +plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so" +#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so" +plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so" +plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so" +plugin="/usr/lib64/ulogd/ulogd_output_XML.so" +#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so" +#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so" +#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so" +#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so" +plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" + +# this is a stack for logging packet send by system via LOGEMU +#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for packet-based logging via LOGEMU +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for ULOG packet-based logging via LOGEMU +#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for packet-based logging via LOGEMU with filtering on MARK +#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for flow-based logging via LOGEMU +#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU + +# this is a stack for flow-based logging via OPRINT +#stack=ct1:NFCT,op1:OPRINT + +# this is a stack for flow-based logging via XML +#stack=ct1:NFCT,xml1:XML + +# this is a stack for logging in XML +#stack=log1:NFLOG,xml1:XML + +# this is a stack for NFLOG packet-based logging to PCAP +#stack=log2:NFLOG,base1:BASE,pcap1:PCAP + +# this is a stack for logging packet to MySQL +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL + +# this is a stack for logging packet to PGsql after a collect via NFLOG +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL + +# this is a stack for logging packets to syslog after a collect via NFLOG +#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG + +# this is a stack for flow-based logging to MySQL +#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL + +# this is a stack for flow-based logging to PGSQL +#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL + +# this is a stack for flow-based logging to PGSQL without local hash +#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL + + +# this is a stack for flow-based logging in NACCT compatible format +#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT + +[ct1] +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +#netlink_resync_timeout=60 # seconds to wait to perform resynchronization +#pollinterval=10 # use poll-based logging instead of event-driven + +[ct2] +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +hash_enable=0 + +# Logging of system packet through NFLOG +[log1] +# netlink multicast group (the same as the iptables --nflog-group param) +# Group O is used by the kernel to log connection tracking invalid message +group=0 +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +# set number of packet to queue inside kernel +#netlink_qthreshold=1 +# set the delay before flushing packet in the queue inside kernel (in 10ms) +#netlink_qtimeout=100 + +# packet logging through NFLOG for group 1 +[log2] +# netlink multicast group (the same as the iptables --nflog-group param) +group=1 # Group has to be different from the one use in log1 +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +# If your kernel is older than 2.6.29 and if a NFLOG input plugin with +# group 0 is not used by any stack, you need to have at least one NFLOG +# input plugin with bind set to 1. If you don't do that you may not +# receive any message from the kernel. +#bind=1 + +# packet logging through NFLOG for group 2, numeric_label is +# set to 1 +[log3] +# netlink multicast group (the same as the iptables --nflog-group param) +group=2 # Group has to be different from the one use in log1/log2 +numeric_label=1 # you can label the log info based on the packet verdict +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +#bind=1 + +[ulog1] +# netlink multicast group (the same as the iptables --ulog-nlgroup param) +nlgroup=1 +#numeric_label=0 # optional argument + +[emu1] +file="/var/log/ulogd_syslogemu.log" +sync=1 + +[op1] +file="/var/log/ulogd_oprint.log" +sync=1 + +[xml1] +directory="/var/log/" +sync=1 + +[pcap1] +sync=1 + +[mysql1] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_PACKET_FULL" + +[mysql2] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_CT" + +[pgsql1] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_PACKET_FULL" + +[pgsql2] +db="nulog" +host="localhost" +user="nupik" +table="ulog2_ct" +pass="changeme" +procedure="INSERT_CT" + +[pgsql3] +db="nulog" +host="localhost" +user="nupik" +table="ulog2_ct" +pass="changeme" +procedure="INSERT_OR_REPLACE_CT" + +[dbi1] +db="ulog2" +dbtype="pgsql" +host="localhost" +user="ulog2" +table="ulog" +pass="ulog2" +procedure="INSERT_PACKET_FULL" + +[sys2] +facility=LOG_LOCAL2 + +[nacct1] +sync = 1 + +[mark1] +mark = 1 diff --git a/config-archive/etc/ulogd.conf.dist.new b/config-archive/etc/ulogd.conf.dist.new new file mode 100644 index 0000000..bd72e6b --- /dev/null +++ b/config-archive/etc/ulogd.conf.dist.new @@ -0,0 +1,219 @@ +# Example configuration for ulogd +# $Id$ +# Adapted to Debian by Achilleas Kotsis + +[global] +###################################################################### +# GLOBAL OPTIONS +###################################################################### + + +# logfile for status messages +logfile="/var/log/ulogd.log" + +# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) +loglevel=1 + +###################################################################### +# PLUGIN OPTIONS +###################################################################### + +# We have to configure and load all the plugins we want to use + +# general rules: +# 1. load the plugins _first_ from the global section +# 2. options for each plugin in seperate section below + + +plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so" +#plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" +plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so" +plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so" +plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so" +plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so" +plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so" +#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so" +plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so" +plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so" +plugin="/usr/lib64/ulogd/ulogd_output_XML.so" +#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so" +#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so" +#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so" +#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so" +#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so" +plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" + +# this is a stack for logging packet send by system via LOGEMU +#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for packet-based logging via LOGEMU +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for ULOG packet-based logging via LOGEMU +#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for packet-based logging via LOGEMU with filtering on MARK +#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU + +# this is a stack for flow-based logging via LOGEMU +#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU + +# this is a stack for flow-based logging via OPRINT +#stack=ct1:NFCT,op1:OPRINT + +# this is a stack for flow-based logging via XML +#stack=ct1:NFCT,xml1:XML + +# this is a stack for logging in XML +#stack=log1:NFLOG,xml1:XML + +# this is a stack for NFLOG packet-based logging to PCAP +#stack=log2:NFLOG,base1:BASE,pcap1:PCAP + +# this is a stack for logging packet to MySQL +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL + +# this is a stack for logging packet to PGsql after a collect via NFLOG +#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL + +# this is a stack for logging packets to syslog after a collect via NFLOG +#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG + +# this is a stack for flow-based logging to MySQL +#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL + +# this is a stack for flow-based logging to PGSQL +#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL + +# this is a stack for flow-based logging to PGSQL without local hash +#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL + + +# this is a stack for flow-based logging in NACCT compatible format +#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT + +[ct1] +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +#netlink_resync_timeout=60 # seconds to wait to perform resynchronization +#pollinterval=10 # use poll-based logging instead of event-driven + +[ct2] +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +hash_enable=0 + +# Logging of system packet through NFLOG +[log1] +# netlink multicast group (the same as the iptables --nflog-group param) +# Group O is used by the kernel to log connection tracking invalid message +group=0 +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +# set number of packet to queue inside kernel +#netlink_qthreshold=1 +# set the delay before flushing packet in the queue inside kernel (in 10ms) +#netlink_qtimeout=100 + +# packet logging through NFLOG for group 1 +[log2] +# netlink multicast group (the same as the iptables --nflog-group param) +group=1 # Group has to be different from the one use in log1 +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +# If your kernel is older than 2.6.29 and if a NFLOG input plugin with +# group 0 is not used by any stack, you need to have at least one NFLOG +# input plugin with bind set to 1. If you don't do that you may not +# receive any message from the kernel. +#bind=1 + +# packet logging through NFLOG for group 2, numeric_label is +# set to 1 +[log3] +# netlink multicast group (the same as the iptables --nflog-group param) +group=2 # Group has to be different from the one use in log1/log2 +numeric_label=1 # you can label the log info based on the packet verdict +#netlink_socket_buffer_size=217088 +#netlink_socket_buffer_maxsize=1085440 +#bind=1 + +[ulog1] +# netlink multicast group (the same as the iptables --ulog-nlgroup param) +nlgroup=1 +#numeric_label=0 # optional argument + +[emu1] +file="/var/log/ulogd_syslogemu.log" +sync=1 + +[op1] +file="/var/log/ulogd_oprint.log" +sync=1 + +[xml1] +directory="/var/log/" +sync=1 + +[pcap1] +sync=1 + +[mysql1] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_PACKET_FULL" + +[mysql2] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_CT" + +[pgsql1] +db="nulog" +host="localhost" +user="nupik" +table="ulog" +pass="changeme" +procedure="INSERT_PACKET_FULL" + +[pgsql2] +db="nulog" +host="localhost" +user="nupik" +table="ulog2_ct" +pass="changeme" +procedure="INSERT_CT" + +[pgsql3] +db="nulog" +host="localhost" +user="nupik" +table="ulog2_ct" +pass="changeme" +procedure="INSERT_OR_REPLACE_CT" + +[dbi1] +db="ulog2" +dbtype="pgsql" +host="localhost" +user="ulog2" +table="ulog" +pass="ulog2" +procedure="INSERT_PACKET_FULL" + +[sys2] +facility=LOG_LOCAL2 + +[nacct1] +sync = 1 + +[mark1] +mark = 1 diff --git a/config-archive/etc/updatedb.conf,v b/config-archive/etc/updatedb.conf,v new file mode 100644 index 0000000..e4299e9 --- /dev/null +++ b/config-archive/etc/updatedb.conf,v @@ -0,0 +1,67 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.01.31.12.51.25; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2011.01.31.12.52.21; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@# /etc/updatedb.conf: config file for slocate +# $Id: updatedb.conf,v 1.4 2010/11/21 14:57:13 fauli Exp $ + +# This file sets variables that are used by updatedb. +# For more info, see the updatedb.conf(5) manpage. + +# Filesystems that are pruned from updatedb database +PRUNEFS="afs auto autofs cifs devfs devpts eventpollfs futexfs gfs hostfs hugetlbfs iso9660 mqueue ncpfs nfs NFS nfs4 nfsd nnpfs ocfs ocfs2 pipefs proc ramfs rpc_pipefs selinuxfs sfs shfs smbfs sockfs spufs subfs supermount sysfs tmpfs udf usbfs vperfctrfs" + +# Paths which are pruned from updatedb database +PRUNEPATHS="/tmp /var/tmp /root/.ccache" + +# Skip bind mounts. +PRUNE_BIND_MOUNTS="no" +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d2 1 +a2 1 +# $Id: updatedb.conf,v 1.5 2011/01/24 12:39:33 scarabeus Exp $ +d8 1 +a8 1 +PRUNEFS="afs anon_inodefs auto autofs bdev binfmt binfmt_misc cgroup cifs coda configfs cramfs cpuset debugfs devpts devtmps devfs devpts ecryptfs eventpollfs exofs futexfs ftpfs fuse fusectl gfs gfs2 hostfs hugetlbfs inotifyfs iso9660 jffs2 lustre misc mqueue ncpfs nfs NFS nfs4 nfsd nnpfs ocfs ocfs2 pipefs proc ramfs rpc_pipefs securityfs selinuxfs sfs shfs smbfs sockfs spufs sshfs subfs supermount sysfs tmpfs ubifs udf usbfs vboxsf vperfctrfs" +d11 1 +a11 4 +PRUNEPATHS="/tmp /var/tmp /var/cache /var/lock /var/run /var/spool" + +# Folder names that are pruned from updatedb database +PRUNENAMES=".git .hg .svn CVS" +d14 1 +a14 1 +PRUNE_BIND_MOUNTS="yes" +@ diff --git a/config-archive/var/www/bautagebuch/htdocs/wp-config.php,v b/config-archive/var/www/bautagebuch/htdocs/wp-config.php,v new file mode 100644 index 0000000..2a5868c --- /dev/null +++ b/config-archive/var/www/bautagebuch/htdocs/wp-config.php,v @@ -0,0 +1,100 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.07.05.09.21.15; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@custom variable to do so. + * For example, the default for defining the language in config_default.php + * + * $this->default->appearance['language'] = array( + * 'desc'=>'Language', + * 'default'=>'auto'); + * + * to override this, use $config->custom->appearance['language'] = 'en_EN'; + * + * This file is also used to configure your LDAP server connections. + * + * You must specify at least one LDAP server there. You may add + * as many as you like. You can also specify your language, and + * many other options. + * + * NOTE: Commented out values in this file prefixed by //, represent the + * defaults that have been defined in config_default.php. + * Commented out values prefixed by #, dont reflect their default value, you can + * check config_default.php if you want to see what the default is. + * + * DONT change config_default.php, you changes will be lost by the next release + * of PLA. Instead change this file - as it will NOT be replaced by a new + * version of phpLDAPadmin. + */ + +/*********************************************/ +/* Useful important configuration overrides */ +/*********************************************/ + +/* If you are asked to put PLA in debug mode, this is how you do it: */ +# $config->custom->debug['level'] = 255; +# $config->custom->debug['syslog'] = true; +# $config->custom->debug['file'] = '/tmp/pla_debug.log'; + +/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this + to a big random string. */ +// $config->custom->session['blowfish'] = null; + +/* The language setting. If you set this to 'auto', phpLDAPadmin will attempt + to determine your language automatically. Otherwise, available lanaguages + are: 'ct', 'de', 'en', 'es', 'fr', 'it', 'nl', and 'ru' + Localization is not complete yet, but most strings have been translated. + Please help by writing language files. See lang/en.php for an example. */ +// $config->custom->appearance['language'] = 'auto'; + +/* The temporary storage directory where we will put jpegPhoto data + This directory must be readable and writable by your web server. */ +// $config->custom->jpeg['tmpdir'] = '/tmp'; // Example for Unix systems +# $config->custom->jpeg['tmpdir'] = 'c:\\temp'; // Example for Windows systems + +/* Set this to (bool)true if you do NOT want a random salt used when + calling crypt(). Instead, use the first two letters of the user's + password. This is insecure but unfortunately needed for some older + environments. */ +# $config->custom->password['no_random_crypt_salt'] = true; + +/* PHP script timeout control. If php runs longer than this many seconds then + PHP will stop with an Maximum Execution time error. Increase this value from + the default if queries to your LDAP server are slow. The default is either + 30 seconds or the setting of max_exection_time if this is null. */ +// $config->custom->session['timelimit'] = 30; + +/* Our local timezone + This is to make sure that when we ask the system for the current time, we + get the right local time. If this is not set, all time() calculations will + assume UTC if you have not set PHP date.timezone. */ +// $config->custom->appearance['timezone'] = null; +# $config->custom->appearance['timezone'] = 'Australia/Melbourne'; + +/*********************************************/ +/* Commands */ +/*********************************************/ + +/* Command availability ; if you don't authorize a command the command + links will not be shown and the command action will not be permitted. + For better security, set also ACL in your ldap directory. */ +/* +$config->custom->commands['cmd'] = array( + 'entry_internal_attributes_show' => true, + 'entry_refresh' => true, + 'oslinks' => true, + 'switch_template' => true +); + +$config->custom->commands['script'] = array( + 'add_attr_form' => true, + 'add_oclass_form' => true, + 'add_value_form' => true, + 'collapse' => true, + 'compare' => true, + 'compare_form' => true, + 'copy' => true, + 'copy_form' => true, + 'create' => true, + 'create_confirm' => true, + 'delete' => true, + 'delete_attr' => true, + 'delete_form' => true, + 'draw_tree_node' => true, + 'expand' => true, + 'export' => true, + 'export_form' => true, + 'import' => true, + 'import_form' => true, + 'login' => true, + 'logout' => true, + 'login_form' => true, + 'mass_delete' => true, + 'mass_edit' => true, + 'mass_update' => true, + 'modify_member_form' => true, + 'monitor' => true, + 'purge_cache' => true, + 'query_engine' => true, + 'rename' => true, + 'rename_form' => true, + 'rdelete' => true, + 'refresh' => true, + 'schema' => true, + 'server_info' => true, + 'show_cache' => true, + 'template_engine' => true, + 'update_confirm' => true, + 'update' => true +); +*/ + +/*********************************************/ +/* Appearance */ +/*********************************************/ + +/* If you want to choose the appearance of the tree, specify a class name which + inherits from the Tree class. */ +// $config->custom->appearance['tree'] = 'AJAXTree'; +# $config->custom->appearance['tree'] = 'HTMLTree'; + +/* Just show your custom templates. */ +// $config->custom->appearance['custom_templates_only'] = false; + +/* Disable the default template. */ +// $config->custom->appearance['disable_default_template'] = false; + +/* Hide the warnings for invalid objectClasses/attributes in templates. */ +// $config->custom->appearance['hide_template_warning'] = false; + +/* Configure what objects are shown in left hand tree */ +// $config->custom->appearance['tree_filter'] = '(objectclass=*)'; + +/* The height and width of the tree. If these values are not set, then + no tree scroll bars are provided. */ +// $config->custom->appearance['tree_height'] = null; +# $config->custom->appearance['tree_height'] = 600; +// $config->custom->appearance['tree_width'] = null; +# $config->custom->appearance['tree_width'] = 250; + +/*********************************************/ +/* User-friendly attribute translation */ +/*********************************************/ + +/* Use this array to map attribute names to user friendly names. For example, if + you don't want to see "facsimileTelephoneNumber" but rather "Fax". */ +// $config->custom->appearance['friendly_attrs'] = array(); +$config->custom->appearance['friendly_attrs'] = array( + 'facsimileTelephoneNumber' => 'Fax', + 'gid' => 'Group', + 'mail' => 'Email', + 'telephoneNumber' => 'Telephone', + 'uid' => 'User Name', + 'userPassword' => 'Password' +); + +/*********************************************/ +/* Hidden attributes */ +/*********************************************/ + +/* You may want to hide certain attributes from being edited. If you want to + hide attributes from the user, you should use your LDAP servers ACLs. + NOTE: The user must be able to read the hide_attrs_exempt entry to be + excluded. */ +// $config->custom->appearance['hide_attrs'] = array(); +# $config->custom->appearance['hide_attrs'] = array('objectClass'); + +/* Members of this list will be exempt from the hidden attributes.*/ +// $config->custom->appearance['hide_attrs_exempt'] = null; +# $config->custom->appearance['hide_attrs_exempt'] = 'cn=PLA UnHide,ou=Groups,c=AU'; + +/*********************************************/ +/* Read-only attributes */ +/*********************************************/ + +/* You may want to phpLDAPadmin to display certain attributes as read only, + meaning that users will not be presented a form for modifying those + attributes, and they will not be allowed to be modified on the "back-end" + either. You may configure this list here: + NOTE: The user must be able to read the readonly_attrs_exempt entry to be + excluded. */ +// $config->custom->appearance['readonly_attrs'] = array(); + +/* Members of this list will be exempt from the readonly attributes.*/ +// $config->custom->appearance['readonly_attrs_exempt'] = null; +# $config->custom->appearance['readonly_attrs_exempt'] = 'cn=PLA ReadWrite,ou=Groups,c=AU'; + +/*********************************************/ +/* Group attributes */ +/*********************************************/ + +/* Add "modify group members" link to the attribute. */ +// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid'); + +/* Configure filter for member search. This only applies to "modify group members" feature */ +// $config->custom->modify_member['filter'] = '(objectclass=Person)'; + +/* Attribute that is added to the group member attribute. */ +// $config->custom->modify_member['attr'] = 'dn'; + +/* For Posix attributes */ +// $config->custom->modify_member['posixattr'] = 'uid'; +// $config->custom->modify_member['posixfilter'] = '(uid=*)'; +// $config->custom->modify_member['posixgroupattr'] = 'memberUid'; + +/*********************************************/ +/* Support for attrs display order */ +/*********************************************/ + +/* Use this array if you want to have your attributes displayed in a specific + order. You can use default attribute names or their fridenly names. + For example, "sn" will be displayed right after "givenName". All the other + attributes that are not specified in this array will be displayed after in + alphabetical order. */ +// $config->custom->appearance['attr_display_order'] = array(); +# $config->custom->appearance['attr_display_order'] = array( +# 'givenName', +# 'sn', +# 'cn', +# 'displayName', +# 'uid', +# 'uidNumber', +# 'gidNumber', +# 'homeDirectory', +# 'mail', +# 'userPassword' +# ); + +/*********************************************/ +/* Define your LDAP servers in this section */ +/*********************************************/ + +$servers = new Datastore(); + +/* $servers->NewServer('ldap_pla') must be called before each new LDAP server + declaration. */ +$servers->newServer('ldap_pla'); + +/* A convenient name that will appear in the tree viewer and throughout + phpLDAPadmin to identify this LDAP server to users. */ +$servers->setValue('server','name','My LDAP Server'); + +/* Examples: + 'ldap.example.com', + 'ldaps://ldap.example.com/', + 'ldapi://%2fusr%local%2fvar%2frun%2fldapi' + (Unix socket at /usr/local/var/run/ldap) */ +// $servers->setValue('server','host','127.0.0.1'); + +/* The port your LDAP server listens on (no quotes). 389 is standard. */ +// $servers->setValue('server','port',389); + +/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin + auto-detect it for you. */ +// $servers->setValue('server','base',array('')); + +/* Four options for auth_type: + 1. 'cookie': you will login via a web form, and a client-side cookie will + store your login dn and password. + 2. 'session': same as cookie but your login dn and password are stored on the + web server in a persistent session variable. + 3. 'http': same as session but your login dn and password are retrieved via + HTTP authentication. + 4. 'config': specify your login dn and password here in this config file. No + login will be required to use phpLDAPadmin for this server. + + Choose wisely to protect your authentication information appropriately for + your situation. If you choose 'cookie', your cookie contents will be + encrypted using blowfish and the secret your specify above as + session['blowfish']. */ +// $servers->setValue('login','auth_type','session'); + +/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or + 'cookie' or 'session' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS BLANK. If + you specify a login_attr in conjunction with a cookie or session auth_type, + then you can also specify the bind_id/bind_pass here for searching the + directory for users (ie, if your LDAP server does not allow anonymous binds. */ +// $servers->setValue('login','bind_id',''); +# $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com'); + +/* Your LDAP password. If you specified an empty bind_id above, this MUST also + be blank. */ +// $servers->setValue('login','bind_pass',''); +# $servers->setValue('login','bind_pass','secret'); + +/* Use TLS (Transport Layer Security) to connect to the LDAP server. */ +// $servers->setValue('server','tls',false); + +/************************************ + * SASL Authentication * + ************************************/ + +/* Enable SASL authentication LDAP SASL authentication requires PHP 5.x + configured with --with-ldap-sasl=DIR. If this option is disabled (ie, set to + false), then all other sasl options are ignored. */ +// $servers->setValue('server','sasl_auth',false); + +/* SASL auth mechanism */ +// $servers->setValue('server','sasl_mech','PLAIN'); + +/* SASL authentication realm name */ +// $servers->setValue('server','sasl_realm',''); +# $servers->setValue('server','sasl_realm','example.com'); + +/* SASL authorization ID name + If this option is undefined, authorization id will be computed from bind DN, + using sasl_authz_id_regex and sasl_authz_id_replacement. */ +// $servers->setValue('server','sasl_authz_id', null); + +/* SASL authorization id regex and replacement + When sasl_authz_id property is not set (default), phpLDAPAdmin will try to + figure out authorization id by itself from bind distinguished name (DN). + + This procedure is done by calling preg_replace() php function in the + following way: + + $authz_id = preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement, + $bind_dn); + + For info about pcre regexes, see: + - pcre(3), perlre(3) + - http://www.php.net/preg_replace */ +// $servers->setValue('server','sasl_authz_id_regex',null); +// $servers->setValue('server','sasl_authz_id_replacement',null); +# $servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i'); +# $servers->setValue('server','sasl_authz_id_replacement','$1'); + +/* SASL auth security props. + See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */ +// $servers->setValue('server','sasl_props',null); + +/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5, + blowfish, crypt or leave blank for now default algorithm. */ +// $servers->setValue('appearance','password_hash','md5'); + +/* If you specified 'cookie' or 'session' as the auth_type above, you can + optionally specify here an attribute to use when logging in. If you enter + 'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith) + and log in as that user. + Leave blank or specify 'dn' to use full DN for logging in. Note also that if + your LDAP server requires you to login to perform searches, you can enter the + DN to use when searching in 'bind_id' and 'bind_pass' above. +// $servers->setValue('login','attr','dn'); + +/* Base DNs to used for logins. If this value is not set, then the LDAP server + Base DNs are used. */ +// $servers->setValue('login','base',array()); + +/* If 'login,attr' is used above such that phpLDAPadmin will search for your DN + at login, you may restrict the search to a specific objectClasses. EG, set this + to array('posixAccount') or array('inetOrgPerson',..), depending upon your + setup. */ +// $servers->setValue('login','class',array()); + +/* If you specified something different from 'dn', for example 'uid', as the + login_attr above, you can optionally specify here to fall back to + authentication with dn. + This is useful, when users should be able to log in with their uid, but + the ldap administrator wants to log in with his root-dn, that does not + necessarily have the uid attribute. + When using this feature, login_class is ignored. */ +// $servers->setValue('login','fallback_dn',false); + +/* Specify true If you want phpLDAPadmin to not display or permit any + modification to the LDAP server. */ +// $servers->setValue('server','read_only',false); + +/* Specify false if you do not want phpLDAPadmin to draw the 'Create new' links + in the tree viewer. */ +// $servers->setValue('appearance','show_create',true); + +/* This feature allows phpLDAPadmin to automatically determine the next + available uidNumber for a new entry. */ +// $servers->setValue('auto_number','enable',true); + +/* The mechanism to use when finding the next available uidNumber. Two possible + values: 'uidpool' or 'search'. + The 'uidpool' mechanism uses an existing uidPool entry in your LDAP server to + blindly lookup the next available uidNumber. The 'search' mechanism searches + for entries with a uidNumber value and finds the first available uidNumber + (slower). */ +// $servers->setValue('auto_number','mechanism','search'); + +/* The DN of the search base when the 'search' mechanism is used above. */ +# $servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com'); + +/* The minimum number to use when searching for the next available number + (only when 'search' is used for auto_number */ +// $servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500)); + +/* If you set this, then phpldapadmin will bind to LDAP with this user ID when + searching for the uidnumber. The idea is, this user id would have full + (readonly) access to uidnumber in your ldap directory (the logged in user + may not), so that you can be guaranteed to get a unique uidnumber for your + directory. */ +// $servers->setValue('auto_number','dn',null); + +/* The password for the dn above. */ +// $servers->setValue('auto_number','pass',null); + +/* Enable anonymous bind login. */ +// $servers->setValue('login','anon_bind',true); + +/* Use customized page with prefix when available. */ +# $servers->setValue('custom','pages_prefix','custom_'); + +/* If you set this, then only these DNs are allowed to log in. This array can + contain individual users, groups or ldap search filter(s). Keep in mind that + the user has not authenticated yet, so this will be an anonymous search to + the LDAP server, so make your ACLs allow these searches to return results! */ +# $servers->setValue('login','allowed_dns',array( +# 'uid=stran,ou=People,dc=example,dc=com', +# '(&(gidNumber=811)(objectClass=groupOfNames))', +# '(|(uidNumber=200)(uidNumber=201))', +# 'cn=callcenter,ou=Group,dc=example,dc=com')); + +/* Set this if you dont want this LDAP server to show in the tree */ +// $servers->setValue('server','visible',true); + +/* This is the time out value in minutes for the server. After as many minutes + of inactivity you will be automatically logged out. If not set, the default + value will be ( session_cache_expire()-1 ) */ +# $servers->setValue('login','timeout',30); + +/* Set this if you want phpldapadmin to perform rename operation on entry which + has children. Certain servers are known to allow it, certain are not */ +// $servers->setValue('server','branch_rename',false); + +/* If you set this, then phpldapadmin will show these attributes as + internal attributes, even if they are not defined in your schema. */ +// $servers->setValue('server','custom_sys_attrs',array('')); +# $servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime')); + +/* If you set this, then phpldapadmin will show these attributes on + objects, even if they are not defined in your schema. */ +// $servers->setValue('server','custom_attrs',array('')); +# $servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock')); + +/* These attributes will be forced to MAY attributes and become option in the + templates. If they are not defined in the templates, then they wont appear + as per normal template processing. You may want to do this becuase your LDAP + server may automatically calculate a default value. + In Fedora Directory Server using the DNA Plugin one could ignore uidNumber, + gidNumber and sambaSID. */ +// $servers->setValue('force_may','attrs',array('')); +# $servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID')); + +/*********************************************/ +/* Unique attributes */ +/*********************************************/ + +/* You may want phpLDAPadmin to enforce some attributes to have unique values + (ie: not belong to other entries in your tree. This (together with + 'unique','dn' and 'unique','pass' option will not let updates to + occur with other attributes have the same value. */ +# $servers->setValue('unique','attrs',array('mail','uid','uidNumber')); + +/* If you set this, then phpldapadmin will bind to LDAP with this user ID when + searching for attribute uniqueness. The idea is, this user id would have full + (readonly) access to your ldap directory (the logged in user may not), so + that you can be guaranteed to get a unique uidnumber for your directory. */ +// $servers->setValue('unique','dn',null); + +/* The password for the dn above. */ +// $servers->setValue('unique','pass',null); + +/************************************************************************** + * If you want to configure additional LDAP servers, do so below. * + * Remove the commented lines and use this section as a template for all * + * your other LDAP servers. * + **************************************************************************/ + +/* +$servers->newServer('ldap_pla'); +$servers->setValue('server','name','LDAP Server'); +$servers->setValue('server','host','127.0.0.1'); +$servers->setValue('server','port',389); +$servers->setValue('server','base',array('')); +$servers->setValue('login','auth_type','cookie'); +$servers->setValue('login','bind_id',''); +$servers->setValue('login','bind_pass',''); +$servers->setValue('server','tls',false); + +# SASL auth +$servers->setValue('server','sasl_auth',true); +$servers->setValue('server','sasl_mech','PLAIN'); +$servers->setValue('server','sasl_realm','EXAMPLE.COM'); +$servers->setValue('server','sasl_authz_id',null); +$servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i'); +$servers->setValue('server','sasl_authz_id_replacement','$1'); +$servers->setValue('server','sasl_props',null); + +$servers->setValue('appearance','password_hash','md5'); +$servers->setValue('login','attr','dn'); +$servers->setValue('login','fallback_dn',false); +$servers->setValue('login','class',null); +$servers->setValue('server','read_only',false); +$servers->setValue('appearance','show_create',true); + +$servers->setValue('auto_number','enable',true); +$servers->setValue('auto_number','mechanism','search'); +$servers->setValue('auto_number','search_base',null); +$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500)); +$servers->setValue('auto_number','dn',null); +$servers->setValue('auto_number','pass',null); + +$servers->setValue('login','anon_bind',true); +$servers->setValue('custom','pages_prefix','custom_'); +$servers->setValue('unique','attrs',array('mail','uid','uidNumber')); +$servers->setValue('unique','dn',null); +$servers->setValue('unique','pass',null); + +$servers->setValue('server','visible',true); +$servers->setValue('login','timeout',30); +$servers->setValue('server','branch_rename',false); +$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime')); +$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock')); +$servers->setValue('force_may','attrs',array('uidNumber','gidNumber','sambaSID')); +*/ +?> +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@@ diff --git a/config-archive/var/www/myadmin/htdocs/libraries/config.default.php,v b/config-archive/var/www/myadmin/htdocs/libraries/config.default.php,v new file mode 100644 index 0000000..72bd0a2 --- /dev/null +++ b/config-archive/var/www/myadmin/htdocs/libraries/config.default.php,v @@ -0,0 +1,3086 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.08.24.05.32.30; author root; state Exp; +branches + 1.1.1.1; +next ; + +1.1.1.1 +date 2010.08.24.05.32.40; author root; state Exp; +branches; +next ; + + +desc +@Archived config file. +@ + + +1.1 +log +@dispatch-conf update. +@ +text +@ + * N N OOO !! DDDD OOO N N OOO TTTTT EEEE DDDD I TTTTT !! + * NN N O O !! D D O O NN N O O T E D D I T !! + * N N N O O !! D D O O N N N O O T EEEE D D I T !! + * N NN O O D D O O N NN O O T E D D I T + * N N OOO !! DDDD OOO N N OOO T EEEE DDDD I T !! + * + * + * DO NOT EDIT THIS FILE, EDIT config.inc.php INSTEAD !!! + * + * phpMyAdmin default configuration, you can copy values from here to your + * config.inc.php + * + * All directives are explained in Documentation.html + * + * @@version $Id$ + * @@package phpMyAdmin + */ + +/** + * Your phpMyAdmin URL. + * + * Complete the variable below with the full URL ie + * http://www.your_web.net/path_to_your_phpMyAdmin_directory/ + * + * It must contain characters that are valid for a URL, and the path is + * case sensitive on some Web servers, for example Unix-based servers. + * + * In most cases you can leave this variable empty, as the correct value + * will be detected automatically. However, we recommend that you do + * test to see that the auto-detection code works in your system. A good + * test is to browse a table, then edit a row and save it. There will be + * an error message if phpMyAdmin cannot auto-detect the correct value. + * + * @@global string $cfg['PmaAbsoluteUri'] + */ +$cfg['PmaAbsoluteUri'] = 'http://myadmin//'; + +/** + * Disable the default warning that is displayed on the DB Details Structure page if + * any of the required Tables for the relation features could not be found + * + * @@global boolean $cfg['PmaNoRelation_DisableWarning'] + */ +$cfg['PmaNoRelation_DisableWarning'] = false; + +/** + * Disable the default warning that is displayed if Suhosin is detected + * + * @@global boolean $cfg['SuhosinDisableWarning'] + */ +$cfg['SuhosinDisableWarning'] = false; + +/** + * Disable the default warning that is displayed if mcrypt is missing for + * cookie authentication. + * + * @@global boolean $cfg['McryptDisableWarning'] + */ +$cfg['McryptDisableWarning'] = false; + +/** + * Allows phpMyAdmin to be included from a document located on + * another domain; setting this to true is a potential security hole + * + * @@global boolean $cfg['AllowThirdPartyFraming'] + */ +$cfg['AllowThirdPartyFraming'] = false; + +/** + * The 'cookie' auth_type uses blowfish algorithm to encrypt the password. If + * at least one server configuration uses 'cookie' auth_type, enter here a + * pass phrase that will be used by blowfish. The maximum length seems to be 46 + * characters. + * + * @@global string $cfg['blowfish_secret'] + */ +$cfg['blowfish_secret'] = ''; + + +/******************************************************************************* + * Server(s) configuration + * + * The $cfg['Servers'] array starts with $cfg['Servers'][1]. Do not use + * $cfg['Servers'][0]. You can disable a server configuration entry by setting host + * to ''. If you want more than one server, just copy following section + * (including $i incrementation) several times. There is no need to define + * full server array, just define values you need to change. + * + * @@global array $cfg['Servers'] + */ +$cfg['Servers'] = array(); + +$i = 1; + +/** + * MySQL hostname or IP address + * + * @@global string $cfg['Servers'][$i]['host'] + */ +$cfg['Servers'][$i]['host'] = 'localhost'; + +/** + * MySQL port - leave blank for default port + * + * @@global string $cfg['Servers'][$i]['port'] + */ +$cfg['Servers'][$i]['port'] = ''; + +/** + * Path to the socket - leave blank for default socket + * + * @@global string $cfg['Servers'][$i]['socket'] + */ +$cfg['Servers'][$i]['socket'] = ''; + +/** + * Use SSL for connecting to MySQL server? + * + * @@global boolean $cfg['Servers'][$i]['ssl'] + */ +$cfg['Servers'][$i]['ssl'] = false; + +/** + * How to connect to MySQL server ('tcp' or 'socket') + * + * @@global string $cfg['Servers'][$i]['connect_type'] + */ +$cfg['Servers'][$i]['connect_type'] = 'tcp'; + +/** + * The PHP MySQL extension to use ('mysql' or 'mysqli') + * + * @@global string $cfg['Servers'][$i]['extension'] + */ +$cfg['Servers'][$i]['extension'] = 'mysql'; + +/* rajk - added for blobstreaming */ +$cfg['Servers'][$i]['bs_garbage_threshold'] = ''; +$cfg['Servers'][$i]['bs_repository_threshold'] = ''; +$cfg['Servers'][$i]['bs_temp_blob_timeout'] = ''; +$cfg['Servers'][$i]['bs_temp_log_threshold'] = ''; + +/** + * Use compressed protocol for the MySQL connection (requires PHP >= 4.3.0) + * + * @@global boolean $cfg['Servers'][$i]['compress'] + */ +$cfg['Servers'][$i]['compress'] = false; + +/** + * MySQL control user settings (this user must have read-only + * access to the "mysql/user" and "mysql/db" tables). The controluser is also + * used for all relational features (pmadb) + * + * @@global string $cfg['Servers'][$i]['controluser'] + */ +$cfg['Servers'][$i]['controluser'] = ''; + +/** + * MySQL control user settings (this user must have read-only + * access to the "mysql/user" and "mysql/db" tables). The controluser is also + * used for all relational features (pmadb) + * + * @@global string $cfg['Servers'][$i]['controlpass'] + */ +$cfg['Servers'][$i]['controlpass'] = ''; + +/** + * Authentication method (valid choices: config, http, signon or cookie) + * + * @@global string $cfg['Servers'][$i]['auth_type'] + */ +$cfg['Servers'][$i]['auth_type'] = 'cookie'; + +/** + * File containing Swekey ids and login names (see /contrib); + * leave empty to deactivate Swekey hardware authentication + * + * @@global string $cfg['Servers'][$i]['auth_swekey_config'] + */ +$cfg['Servers'][$i]['auth_swekey_config'] = ''; + +/** + * MySQL user + * + * @@global string $cfg['Servers'][$i]['user'] + */ +$cfg['Servers'][$i]['user'] = 'root'; + +/** + * MySQL password (only needed with 'config' auth_type) + * + * @@global string $cfg['Servers'][$i]['password'] + */ +$cfg['Servers'][$i]['password'] = ''; + +/** + * Session to use for 'signon' authentication method + * + * @@global string $cfg['Servers'][$i]['SignonSession'] + */ +$cfg['Servers'][$i]['SignonSession'] = ''; + +/** + * URL where to redirect user to login for 'signon' authentication method + * + * @@global string $cfg['Servers'][$i]['SignonURL'] + */ +$cfg['Servers'][$i]['SignonURL'] = ''; + +/** + * URL where to redirect user after logout + * + * @@global string $cfg['Servers'][$i]['LogoutURL'] + */ +$cfg['Servers'][$i]['LogoutURL'] = ''; + +/** + * Whether to try to connect without password + * + * @@global boolean $cfg['Servers'][$i]['nopassword'] + */ +$cfg['Servers'][$i]['nopassword'] = false; + +/** + * If set to a db-name, only this db is displayed in left frame + * It may also be an array of db-names, where sorting order is relevant. + * + * @@global string $cfg['Servers'][$i]['only_db'] + */ +$cfg['Servers'][$i]['only_db'] = ''; + +/** + * Database name to be hidden from listings + * + * @@global string $cfg['Servers'][$i]['hide_db'] + */ +$cfg['Servers'][$i]['hide_db'] = ''; + +/** + * Verbose name for this host - leave blank to show the hostname + * (for HTTP authentication, all non-US-ASCII characters will be stripped) + * + * @@global string $cfg['Servers'][$i]['verbose'] + */ +$cfg['Servers'][$i]['verbose'] = ''; + +/** + * Database used for Relation, Bookmark and PDF Features + * (see scripts/create_tables.sql) + * - leave blank for no support + * SUGGESTED: 'phpmyadmin' + * + * @@global string $cfg['Servers'][$i]['pmadb'] + */ +$cfg['Servers'][$i]['pmadb'] = ''; + +/** + * Bookmark table + * - leave blank for no bookmark support + * SUGGESTED: 'pma_bookmark' + * + * @@global string $cfg['Servers'][$i]['bookmarktable'] + */ +$cfg['Servers'][$i]['bookmarktable'] = ''; + +/** + * table to describe the relation between links (see doc) + * - leave blank for no relation-links support + * SUGGESTED: 'pma_relation' + * + * @@global string $cfg['Servers'][$i]['relation'] + */ +$cfg['Servers'][$i]['relation'] = ''; + +/** + * table to describe the display fields + * - leave blank for no display fields support + * SUGGESTED: 'pma_table_info' + * + * @@global string $cfg['Servers'][$i]['table_info'] + */ +$cfg['Servers'][$i]['table_info'] = ''; + +/** + * table to describe the tables position for the PDF schema + * - leave blank for no PDF schema support + * SUGGESTED: 'pma_table_coords' + * + * @@global string $cfg['Servers'][$i]['table_coords'] + */ +$cfg['Servers'][$i]['table_coords'] = ''; + +/** + * table to describe pages of relationpdf + * - leave blank if you don't want to use this + * SUGGESTED: 'pma_pdf_pages' + * + * @@global string $cfg['Servers'][$i]['pdf_pages'] + */ +$cfg['Servers'][$i]['pdf_pages'] = ''; + +/** + * table to store column information + * - leave blank for no column comments/mime types + * SUGGESTED: 'pma_column_info' + * + * @@global string $cfg['Servers'][$i]['column_info'] + */ +$cfg['Servers'][$i]['column_info'] = ''; + +/** + * table to store SQL history + * - leave blank for no SQL query history + * SUGGESTED: 'pma_history' + * + * @@global string $cfg['Servers'][$i]['history'] + */ +$cfg['Servers'][$i]['history'] = ''; + +/** + * table to store the coordinates for Designer + * - leave blank for no Designer feature + * SUGGESTED: 'pma_designer_coords' + * + * @@global string $cfg['Servers'][$i]['designer_coords'] + */ +$cfg['Servers'][$i]['designer_coords'] = ''; + +/** + * table to store SQL tracking + * - leave blank for no SQL tracking + * SUGGESTED: 'pma_tracking' + * + * @@global string $cfg['Servers'][$i]['tracking'] + */ +$cfg['Servers'][$i]['tracking'] = ''; + +/** + * set to false if you know that your pma_* tables are up to date. + * This prevents compatibility checks and thereby increases performance. + * + * @@global boolean $cfg['Servers'][$i]['verbose_check'] + */ +$cfg['Servers'][$i]['verbose_check'] = true; + +/** + * whether to allow root login + * + * @@global boolean $cfg['Servers'][$i]['AllowRoot'] + */ +$cfg['Servers'][$i]['AllowRoot'] = true; + +/** + * whether to allow login of any user without a password + * + * @@global boolean $cfg['Servers'][$i]['AllowNoPassword'] + */ +$cfg['Servers'][$i]['AllowNoPassword'] = false; + +/** + * Host authentication order, leave blank to not use + * + * @@global string $cfg['Servers'][$i]['AllowDeny']['order'] + */ +$cfg['Servers'][$i]['AllowDeny']['order'] = ''; + +/** + * Host authentication rules, leave blank for defaults + * + * @@global array $cfg['Servers'][$i]['AllowDeny']['rules'] + */ +$cfg['Servers'][$i]['AllowDeny']['rules'] = array(); + +/** + * Disable use of INFORMATION_SCHEMA + * + * @@see http://sf.net/support/tracker.php?aid=1849494 + * @@see http://bugs.mysql.com/19588 + * @@global boolean $cfg['Servers'][$i]['DisableIS'] + */ +$cfg['Servers'][$i]['DisableIS'] = true; + +/** + * SQL command to fetch available databases + * + * by default most user will be fine with SHOW DATABASES, + * for servers with a huge amount of databases it is possible to + * define a command which executes faster but with less information + * + * especially when accessing database servers from ISPs changing this command + * can result in a great speed improvement + * + * false will disable fetching databases from the server, only databases in + * $cfg['Servers'][$i]['only_db'] will be displayed + * + * #user# will be replaced by current user + * + * examples: + * 'SHOW DATABASES' + * "SHOW DATABASES LIKE '#user#\_%'" + * 'SELECT DISTINCT TABLE_SCHEMA FROM information_schema.SCHEMA_PRIVILEGES' + * 'SELECT SCHEMA_NAME FROM information_schema.SCHEMATA' + * false + * + * @@global array $cfg['Servers'][$i]['ShowDatabasesCommand'] + */ +$cfg['Servers'][$i]['ShowDatabasesCommand'] = 'SHOW DATABASES'; + +/** + * Whether to count tables when showing database list + * + * @@global array $cfg['Servers'][$i]['CountTables'] + */ +$cfg['Servers'][$i]['CountTables'] = true; + +/** + * Whether the tracking mechanism creates versions for tables and views automatically. + * + * @@global bool $cfg['Servers'][$i]['tracking_version_auto_create'] + */ + +$cfg['Servers'][$i]['tracking_version_auto_create'] = false; + +/** + * Defines the list of statements the auto-creation uses for new versions. + * + * @@global string $cfg['Servers'][$i]['tracking_default_statements'] + */ + +$cfg['Servers'][$i]['tracking_default_statements'] = 'CREATE TABLE,ALTER TABLE,DROP TABLE,RENAME TABLE,' . + 'CREATE INDEX,DROP INDEX,' . + 'INSERT,UPDATE,DELETE,TRUNCATE,REPLACE,' . + 'CREATE VIEW,ALTER VIEW,DROP VIEW,' . + 'CREATE DATABASE,ALTER DATABASE,DROP DATABASE'; + +/** + * Whether a DROP VIEW IF EXISTS statement will be added as first line to the log when creating a view. + * + * @@global bool $cfg['Servers'][$i]['tracking_add_drop_view'] + */ + +$cfg['Servers'][$i]['tracking_add_drop_view'] = true; + +/** + * Whether a DROP TABLE IF EXISTS statement will be added as first line to the log when creating a table. + * + * @@global bool $cfg['Servers'][$i]['tracking_add_drop_table'] + */ + +$cfg['Servers'][$i]['tracking_add_drop_table'] = true; + +/** + * Whether a DROP DATABASE IF EXISTS statement will be added as first line to the log when creating a database. + * + * @@global bool $cfg['Servers'][$i]['tracking_add_drop_database'] + */ + +$cfg['Servers'][$i]['tracking_add_drop_database'] = true; + +/** + * Whether a DROP DATABASE IF EXISTS statement will be added as first line to the log when creating a database. + * + * @@global bool $cfg['Servers'][$i]['tracking_version_drop_database'] + */ + +$cfg['Servers'][$i]['tracking_version_drop_database'] = true; + +/** + * Default server (0 = no default server) + * + * If you have more than one server configured, you can set $cfg['ServerDefault'] + * to any one of them to auto-connect to that server when phpMyAdmin is started, + * or set it to 0 to be given a list of servers without logging in + * If you have only one server configured, $cfg['ServerDefault'] *MUST* be + * set to that server. + * + * @@global integer $cfg['ServerDefault'] + */ +$cfg['ServerDefault'] = 1; + +/* + * Other core phpMyAdmin settings + */ +/** + * maximum number of db's displayed in left frame and database list + * + * @@global integer $cfg['MaxDbList'] + */ +$cfg['MaxDbList'] = 100; + +/** + * maximum number of tables displayed in table list + * + * @@global integer $cfg['MaxTableList'] + */ +$cfg['MaxTableList'] = 250; + +/** + * maximum number of characters when a SQL query is displayed + * + * @@global integer $cfg['MaxCharactersInDisplayedSQL'] + */ +$cfg['MaxCharactersInDisplayedSQL'] = 1000; + +/** + * use GZIP output buffering if possible (true|false|'auto') + * + * @@global string $cfg['OBGzip'] + */ +$cfg['OBGzip'] = 'auto'; + +/** + * use persistent connections to MySQL database + * + * @@global boolean $cfg['PersistentConnections'] + */ +$cfg['PersistentConnections'] = false; + +/** + * whether to force using HTTPS + * + * @@global boolean $cfg['ForceSSL'] + */ +$cfg['ForceSSL'] = false; + +/** + * maximum execution time in seconds (0 for no limit) + * + * @@global integer $cfg['ExecTimeLimit'] + */ +$cfg['ExecTimeLimit'] = 300; + +/** + * maximum allocated bytes (0 for no limit) + * + * @@global integer $cfg['MemoryLimit'] + */ +$cfg['MemoryLimit'] = 0; + +/** + * mark used tables, make possible to show locked tables (since MySQL 3.23.30) + * + * @@global boolean $cfg['SkipLockedTables'] + */ +$cfg['SkipLockedTables'] = false; + +/** + * show SQL queries as run + * + * @@global boolean $cfg['ShowSQL'] + */ +$cfg['ShowSQL'] = true; + +/** + * show a 'Drop database' link to normal users + * + * @@global boolean $cfg['AllowUserDropDatabase'] + */ +$cfg['AllowUserDropDatabase'] = false; + +/** + * confirm 'DROP TABLE' & 'DROP DATABASE' + * + * @@global boolean $cfg['Confirm'] + */ +$cfg['Confirm'] = true; + +/** + * recall previous login in cookie authentication mode or not + * + * @@global boolean $cfg['LoginCookieRecall'] + */ +$cfg['LoginCookieRecall'] = true; + +/** + * validity of cookie login (in seconds) + * + * @@global integer $cfg['LoginCookieValidity'] + */ +$cfg['LoginCookieValidity'] = 1440; + +/** + * how long login cookie should be stored (in seconds) + * + * @@global integer $cfg['LoginCookieStore'] + */ +$cfg['LoginCookieStore'] = 0; + +/** + * whether to delete all login cookies on logout + * + * @@global boolean $cfg['LoginCookieDeleteAll'] + */ +$cfg['LoginCookieDeleteAll'] = true; + +/** + * whether to enable the "database search" feature or not + * + * @@global boolean $cfg['UseDbSearch'] + */ +$cfg['UseDbSearch'] = true; + +/** + * if set to true, PMA continues computing multiple-statement queries + * even if one of the queries failed + * + * @@global boolean $cfg['IgnoreMultiSubmitErrors'] + */ +$cfg['IgnoreMultiSubmitErrors'] = false; + +/** + * if set to true, PMA will show the affected rows of EACH statement on + * multiple-statement queries. See the libraries/import.php file for + * hard coded defaults on how many queries a statement may contain! + * + * @@global boolean $cfg['VerboseMultiSubmit'] + */ +$cfg['VerboseMultiSubmit'] = true; + +/** + * allow login to any user entered server in cookie based authentication + * + * @@global boolean $cfg['AllowArbitraryServer'] + */ +$cfg['AllowArbitraryServer'] = false; + + +/******************************************************************************* + * Error handler configuration + * + * this configures phpMyAdmin's own error handler, it is used to avoid information + * disclosure, gather errors for logging, reporting and displaying + * + * @@global array $cfg['Error_Handler'] + */ +$cfg['Error_Handler'] = array(); + +/** + * whether to display errors or not + * + * this does not affect errors of type E_USER_* + * + * @@global boolean $cfg['Error_Handler']['display'] + */ +$cfg['Error_Handler']['display'] = false; + +/** + * (NOT IMPLEMENTED YET) + * where to log errors, false or empty to disable + * + * + * // EXAMPLE log to std PHP error log + * $cfg['Error_Handler']['log'] = array(0); + * // EXAMPLE mail errors + * $cfg['Error_Handler']['log'] = array(1, 'admin@@example.org'); + * // EXAMPLE append to specific file + * $cfg['Error_Handler']['log'] = array(3, '/var/log/phpmyadmin_error.log'); + * + * + * @@see http://php.net/error_log + * @@global string $cfg['Error_Handler']['log'] + */ +//$cfg['Error_Handler']['log'] = false; + +/** + * gather all errors in session to be displayed on a error reporting page + * for viewing and/or sending to phpMyAdmin developer team + * + * @@global boolean $cfg['Error_Handler']['gather'] + */ +$cfg['Error_Handler']['gather'] = false; + + +/******************************************************************************* + * Left frame setup + */ + +/** + * use a select-based menu and display only the current tables in the left frame. + * + * @@global boolean $cfg['LeftFrameLight'] + */ +$cfg['LeftFrameLight'] = true; + +/** + * turn the select-based light menu into a tree + * + * @@global boolean $cfg['LeftFrameDBTree'] + */ +$cfg['LeftFrameDBTree'] = true; + +/** + * the separator to sub-tree the select-based light menu tree + * + * @@global string $cfg['LeftFrameDBSeparator'] + */ +$cfg['LeftFrameDBSeparator'] = '_'; + +/** + * Which string will be used to generate table prefixes + * to split/nest tables into multiple categories + * + * @@global string $cfg['LeftFrameTableSeparator'] + */ +$cfg['LeftFrameTableSeparator']= '__'; + +/** + * How many sublevels should be displayed when splitting up tables by the above Separator + * + * @@global integer $cfg['LeftFrameTableLevel'] + */ +$cfg['LeftFrameTableLevel'] = 1; + +/** + * display table comment as tooltip in left frame + * + * @@global boolean $cfg['ShowTooltip'] + */ +$cfg['ShowTooltip'] = true; + +/** + * if ShowToolTip is enabled, this defines that table/db comments + * + * @@global boolean $cfg['ShowTooltipAliasDB'] + */ +$cfg['ShowTooltipAliasDB'] = false; + +/** + * are shown (in the left menu and db_structure) instead of table/db names. + * Setting ShowTooltipAliasTB to 'nested' will only use the Aliases for nested + * descriptors, not the table itself. + * + * @@global boolean $cfg['ShowTooltipAliasTB'] + */ +$cfg['ShowTooltipAliasTB'] = false; + +/** + * display logo at top of left frame + * + * @@global boolean $cfg['LeftDisplayLogo'] + */ +$cfg['LeftDisplayLogo'] = true; + +/** + * where should logo link point to (can also contain an external URL) + * + * @@global string $cfg['LeftLogoLink'] + */ +$cfg['LeftLogoLink'] = 'main.php'; + +/** + * whether to open the linked page in the main window ('main') or + * in a new window ('new') + * + * @@global string $cfg['LeftLogoLinkWindow'] + */ +$cfg['LeftLogoLinkWindow'] = 'main'; + +/** + * display server choice at top of left frame + * + * @@global boolean $cfg['LeftDisplayServers'] + */ +$cfg['LeftDisplayServers'] = false; + +/** + * server choice as links + * + * @@global boolean $cfg['DisplayServersList'] + */ +$cfg['DisplayServersList'] = false; + +/** + * database choice in light as links + * + * @@global boolean $cfg['DisplayDatabasesList'] + */ +$cfg['DisplayDatabasesList'] = 'auto'; + +/** + * target of the navigation panel quick access icon + * + * Possible values: + * 'tbl_structure.php' = fields list + * 'tbl_sql.php' = SQL form + * 'tbl_select.php' = search page + * 'tbl_change.php' = insert row page + * 'sql.php' = browse page + * + * @@global string $cfg['LeftDefaultTabTable'] + */ +$cfg['LeftDefaultTabTable'] = 'tbl_structure.php'; + + +/******************************************************************************* + * In the main frame, at startup... + */ + +/** + * allow to display statistics and space usage in the pages about database + * details and table properties + * + * @@global boolean $cfg['ShowStats'] + */ +$cfg['ShowStats'] = true; + +/** + * show PHP info link + * + * @@global boolean $cfg['ShowPhpInfo'] + */ +$cfg['ShowPhpInfo'] = false; + +/** + * show MySQL server and web server information + * + * @@global boolean $cfg['ShowServerInfo'] + */ +$cfg['ShowServerInfo'] = true; + +/** + * show change password link + * + * @@global boolean $cfg['ShowChgPassword'] + */ +$cfg['ShowChgPassword'] = true; + +/** + * show create database form + * + * @@global boolean $cfg['ShowCreateDb'] + */ +$cfg['ShowCreateDb'] = true; + +/** + * suggest a new DB name if possible (false = keep empty) + * + * @@global boolean $cfg['SuggestDBName'] + */ +$cfg['SuggestDBName'] = true; + + +/******************************************************************************* + * In browse mode... + */ + +/** + * Use icons instead of text for the navigation bar buttons + * and on right panel top menu (server db table) (true|false|'both') + * + * @@global string $cfg['NavigationBarIconic'] + */ +$cfg['NavigationBarIconic'] = true; + +/** + * allows to display all the rows + * + * @@global boolean $cfg['ShowAll'] + */ +$cfg['ShowAll'] = false; + +/** + * maximum number of rows to display + * + * @@global integer $cfg['MaxRows'] + */ +$cfg['MaxRows'] = 30; + +/** + * default for 'ORDER BY' clause (valid values are 'ASC', 'DESC' or 'SMART' -ie + * descending order for fields of type TIME, DATE, DATETIME & TIMESTAMP, + * ascending order else-) + * + * @@global string $cfg['Order'] + */ +$cfg['Order'] = 'ASC'; + +/** + * default for 'Show binary contents as HEX' + * + * @@global string $cfg['DisplayBinaryAsHex'] + */ +$cfg['DisplayBinaryAsHex'] = true; + + +/******************************************************************************* + * In edit mode... + */ + +/** + * disallow editing of binary fields + * valid values are: + * false allow editing + * 'blob' allow editing except for BLOB fields + * 'all' disallow editing + * + * @@global string $cfg['ProtectBinary'] + */ +$cfg['ProtectBinary'] = 'blob'; + +/** + * Display the function fields in edit/insert mode + * + * @@global boolean $cfg['ShowFunctionFields'] + */ +$cfg['ShowFunctionFields'] = true; + +/** + * Which editor should be used for CHAR/VARCHAR fields: + * input - allows limiting of input length + * textarea - allows newlines in fields + * + * @@global string $cfg['CharEditing'] + */ +$cfg['CharEditing'] = 'input'; + +/** + * How many rows can be inserted at one time + * + * @@global integer $cfg['InsertRows'] + */ +$cfg['InsertRows'] = 2; + +/** + * Sort order for items in a foreign-key drop-down list. + * 'content' is the referenced data, 'id' is the key value. + * + * @@global array $cfg['ForeignKeyDropdownOrder'] + */ +$cfg['ForeignKeyDropdownOrder'] = array('content-id', 'id-content'); + +/** + * A drop-down list will be used if fewer items are present + * + * @@global integer $cfg['ForeignKeyMaxLimit'] + */ +$cfg['ForeignKeyMaxLimit'] = 100; + + +/******************************************************************************* + * For the export features... + */ + +/** + * Allow for the use of zip compression (requires zip support to be enabled) + * + * @@global boolean $cfg['ZipDump'] + */ +$cfg['ZipDump'] = true; + +/** + * Allow for the use of gzip compression (requires zlib) + * + * @@global boolean $cfg['GZipDump'] + */ +$cfg['GZipDump'] = true; + +/** + * Allow for the use of bzip2 compression (requires bz2 extension) + * + * @@global boolean $cfg['BZipDump'] + */ +$cfg['BZipDump'] = true; + +/** + * Will compress gzip/bzip2 exports on the fly without the need for much memory. + * If you encounter problems with created gzip/bzip2 files disable this feature. + * + * @@global boolean $cfg['CompressOnFly'] + */ +$cfg['CompressOnFly'] = true; + + +/******************************************************************************* + * Tabs display settings + */ + +/** + * use graphically less intense menu tabs + * + * @@global boolean $cfg['LightTabs'] + */ +$cfg['LightTabs'] = false; + +/** + * Use icons instead of text for the table display of a database (true|false|'both') + * + * @@global boolean $cfg['PropertiesIconic'] + */ +$cfg['PropertiesIconic'] = true; + +/** + * How many columns should be used for table display of a database? + * (a value larger than 1 results in some information being hidden) + * + * @@global integer $cfg['PropertiesNumColumns'] + */ +$cfg['PropertiesNumColumns'] = 1; + +/** + * Possible values: + * 'main.php' = the welcome page + * (recommended for multiuser setups) + * 'server_databases.php' = list of databases + * 'server_status.php' = runtime information + * 'server_variables.php' = MySQL server variables + * 'server_privileges.php' = user management + * 'server_processlist.php' = process list + * + * @@global string $cfg['DefaultTabServer'] + */ +$cfg['DefaultTabServer'] = 'main.php'; + +/** + * Possible values: + * 'db_structure.php' = tables list + * 'db_sql.php' = SQL form + * 'db_search.php' = search query + * 'db_operations.php' = operations on database + * + * @@global string $cfg['DefaultTabDatabase'] + */ +$cfg['DefaultTabDatabase'] = 'db_structure.php'; + +/** + * Possible values: + * 'tbl_structure.php' = fields list + * 'tbl_sql.php' = SQL form + * 'tbl_select.php' = search page + * 'tbl_change.php' = insert row page + * 'sql.php' = browse page + * + * @@global string $cfg['DefaultTabTable'] + */ +$cfg['DefaultTabTable'] = 'sql.php'; + +/** + * Mapping between script filenames and translation keys + * + * Lookup can be performed by PMA_getTitleForTarget() + * + * @@global string $cfg['DefaultTabTranslationMapping'] + */ +$cfg['DefaultTabTranslationMapping'] = array( + + // Values for $cfg['DefaultTabTable'] + 'tbl_structure.php' => 'strStructure', + 'tbl_sql.php' => 'strSQL', + 'tbl_select.php' => 'strSearch', + 'tbl_change.php' => 'strInsert', + 'sql.php' => 'strBrowse', + + // Values for $cfg['DefaultTabDatabase'] + 'db_structure.php' => 'strStructure', + 'db_sql.php' => 'strSQL', + 'db_search.php' => 'strSearch', + 'db_operations.php' => 'strOperations', +); + +/******************************************************************************* + * Export defaults + */ +$cfg['Export'] = array(); + +/** + * codegen/csv/excel/htmlexcel/htmlword/latex/ods/odt/pdf/sql/texytext/xls/xml/yaml + * + * @@global string $cfg['Export']['format'] + */ +$cfg['Export']['format'] = 'sql'; + +/** + * none/zip/gzip/bzip2 + * + * @@global string $cfg['Export']['compression'] + */ +$cfg['Export']['compression'] = 'none'; + +/** + * + * + * @@global boolean $cfg['Export']['asfile'] + */ +$cfg['Export']['asfile'] = true; + +/** + * + * + * @@global string $cfg['Export']['charset'] + */ +$cfg['Export']['charset'] = ''; + +/** + * + * + * @@global boolean $cfg['Export']['onserver'] + */ +$cfg['Export']['onserver'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['onserver_overwrite'] + */ +$cfg['Export']['onserver_overwrite'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['remember_file_template'] + */ +$cfg['Export']['remember_file_template'] = true; + +/** + * + * + * @@global string $cfg['Export']['file_template_table'] + */ +$cfg['Export']['file_template_table'] = '__TABLE__'; + +/** + * + * + * @@global string $cfg['Export']['file_template_database'] + */ +$cfg['Export']['file_template_database'] = '__DB__'; + +/** + * + * + * @@global string $cfg['Export']['file_template_server'] + */ +$cfg['Export']['file_template_server'] = '__SERVER__'; + +/** + * + * + * @@global boolean $cfg['Export']['ods_columns'] + */ +$cfg['Export']['ods_columns'] = false; + +/** + * + * + * @@global string $cfg['Export']['ods_null'] + */ +$cfg['Export']['ods_null'] = 'NULL'; + +/** + * + * + * @@global boolean $cfg['Export']['odt_structure'] + */ +$cfg['Export']['odt_structure'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['odt_data'] + */ +$cfg['Export']['odt_data'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['odt_columns'] + */ +$cfg['Export']['odt_columns'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['odt_relation'] + */ +$cfg['Export']['odt_relation'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['odt_comments'] + */ +$cfg['Export']['odt_comments'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['odt_mime'] + */ +$cfg['Export']['odt_mime'] = true; + +/** + * + * + * @@global string $cfg['Export']['odt_null'] + */ +$cfg['Export']['odt_null'] = 'NULL'; + +/** + * + * + * @@global boolean $cfg['Export']['htmlword_structure'] + */ +$cfg['Export']['htmlword_structure'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['htmlword_data'] + */ +$cfg['Export']['htmlword_data'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['htmlword_columns'] + */ +$cfg['Export']['htmlword_columns'] = false; + +/** + * + * + * @@global string $cfg['Export']['htmlword_null'] + */ +$cfg['Export']['htmlword_null'] = 'NULL'; + +/** + * + * + * @@global boolean $cfg['Export']['texytext_structure'] + */ +$cfg['Export']['texytext_structure'] = TRUE; + +/** + * + * + * @@global boolean $cfg['Export']['texytext_data'] + */ +$cfg['Export']['texytext_data'] = TRUE; + +/** + * + * + * @@global boolean $cfg['Export']['texytext_columns'] + */ +$cfg['Export']['texytext_columns'] = FALSE; + +/** + * + * + * @@global string $cfg['Export']['texytext_null'] + */ +$cfg['Export']['texytext_null'] = 'NULL'; + +/** + * + * + * @@global boolean $cfg['Export']['xls_columns'] + */ +$cfg['Export']['xls_columns'] = false; + +/** + * + * + * @@global string $cfg['Export']['xls_null'] + */ +$cfg['Export']['xls_null'] = 'NULL'; + +/** + * + * + * @@global boolean $cfg['Export']['xlsx_columns'] + */ +$cfg['Export']['xlsx_columns'] = false; + +/** + * + * + * @@global string $cfg['Export']['xlsx_null'] + */ +$cfg['Export']['xlsx_null'] = 'NULL'; + +/** + * + * + * @@global boolean $cfg['Export']['csv_columns'] + */ +$cfg['Export']['csv_columns'] = false; + +/** + * + * + * @@global string $cfg['Export']['csv_null'] + */ +$cfg['Export']['csv_null'] = 'NULL'; + +/** + * + * + * @@global string $cfg['Export']['csv_separator'] + */ +$cfg['Export']['csv_separator'] = ';'; + +/** + * + * + * @@global string $cfg['Export']['csv_enclosed'] + */ +$cfg['Export']['csv_enclosed'] = '"'; + +/** + * + * + * @@global string $cfg['Export']['csv_escaped'] + */ +$cfg['Export']['csv_escaped'] = '\\'; + +/** + * + * + * @@global string $cfg['Export']['csv_terminated'] + */ +$cfg['Export']['csv_terminated'] = 'AUTO'; + +/** + * + * + * @@global boolean $cfg['Export']['excel_columns'] + */ +$cfg['Export']['excel_columns'] = false; + +/** + * + * + * @@global string $cfg['Export']['excel_null'] + */ +$cfg['Export']['excel_null'] = 'NULL'; + +/** + * win/mac + * + * @@global string $cfg['Export']['excel_edition'] + */ +$cfg['Export']['excel_edition'] = 'win'; + +/** + * + * + * @@global boolean $cfg['Export']['latex_structure'] + */ +$cfg['Export']['latex_structure'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['latex_data'] + */ +$cfg['Export']['latex_data'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['latex_columns'] + */ +$cfg['Export']['latex_columns'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['latex_relation'] + */ +$cfg['Export']['latex_relation'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['latex_comments'] + */ +$cfg['Export']['latex_comments'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['latex_mime'] + */ +$cfg['Export']['latex_mime'] = true; + +/** + * + * + * @@global string $cfg['Export']['latex_null'] + */ +$cfg['Export']['latex_null'] = '\textit{NULL}'; + +/** + * + * + * @@global boolean $cfg['Export']['latex_caption'] + */ +$cfg['Export']['latex_caption'] = true; + +/** + * + * + * @@global string $cfg['Export']['latex_structure_caption'] + */ +$cfg['Export']['latex_structure_caption'] = 'strLatexStructure'; + +/** + * + * + * @@global string $cfg['Export']['latex_structure_continued_caption'] + */ +$cfg['Export']['latex_structure_continued_caption'] = 'strLatexStructure strLatexContinued'; + +/** + * + * + * @@global string $cfg['Export']['latex_data_caption'] + */ +$cfg['Export']['latex_data_caption'] = 'strLatexContent'; + +/** + * + * + * @@global string $cfg['Export']['latex_data_continued_caption'] + */ +$cfg['Export']['latex_data_continued_caption'] = 'strLatexContent strLatexContinued'; + +/** + * + * + * @@global string $cfg['Export']['latex_data_label'] + */ +$cfg['Export']['latex_data_label'] = 'tab:__TABLE__-data'; + +/** + * + * + * @@global string $cfg['Export']['latex_structure_label'] + */ +$cfg['Export']['latex_structure_label'] = 'tab:__TABLE__-structure'; + +/** + * + * + * @@global boolean $cfg['Export']['sql_structure'] + */ +$cfg['Export']['sql_structure'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['sql_data'] + */ +$cfg['Export']['sql_data'] = true; + +/** + * + * + * @@global string $cfg['Export']['sql_compatibility'] + */ +$cfg['Export']['sql_compatibility'] = 'NONE'; + +/** + * Whether to include comments in SQL export. + * + * @@global string $cfg['Export']['sql_include_comments'] + */ +$cfg['Export']['sql_include_comments'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['sql_disable_fk'] + */ +$cfg['Export']['sql_disable_fk'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_use_transaction'] + */ +$cfg['Export']['sql_use_transaction'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_drop_database'] + */ +$cfg['Export']['sql_drop_database'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_drop_table'] + */ +$cfg['Export']['sql_drop_table'] = false; + +/** + * + * + * true by default for correct behavior when dealing with exporting + * of VIEWs and the stand-in table + * @@global boolean $cfg['Export']['sql_if_not_exists'] + */ +$cfg['Export']['sql_if_not_exists'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['sql_procedure_function'] + */ +$cfg['Export']['sql_procedure_function'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_auto_increment'] + */ +$cfg['Export']['sql_auto_increment'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['sql_backquotes'] + */ +$cfg['Export']['sql_backquotes'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['sql_dates'] + */ +$cfg['Export']['sql_dates'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_relation'] + */ +$cfg['Export']['sql_relation'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_columns'] + */ +$cfg['Export']['sql_columns'] = true; + +/** + * + * + * @@global boolean $cfg['Export']['sql_delayed'] + */ +$cfg['Export']['sql_delayed'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_ignore'] + */ +$cfg['Export']['sql_ignore'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_hex_for_blob'] + */ +$cfg['Export']['sql_hex_for_blob'] = true; + +/** + * insert/update/replace + * + * @@global string $cfg['Export']['sql_type'] + */ +$cfg['Export']['sql_type'] = 'insert'; + +/** + * + * + * @@global boolean $cfg['Export']['sql_extended'] + */ +$cfg['Export']['sql_extended'] = true; + +/** + * + * + * @@global integer $cfg['Export']['sql_max_query_size'] + */ +$cfg['Export']['sql_max_query_size'] = 50000; + +/** + * + * + * @@global boolean $cfg['Export']['sql_comments'] + */ +$cfg['Export']['sql_comments'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['sql_mime'] + */ +$cfg['Export']['sql_mime'] = false; + +/** + * \n is replaced by new line + * + * @@global string $cfg['Export']['sql_header_comment'] + */ +$cfg['Export']['sql_header_comment'] = ''; + +/** + * + * + * @@global boolean $cfg['Export']['pdf_structure'] + */ +$cfg['Export']['pdf_structure'] = false; + +/** + * + * + * @@global boolean $cfg['Export']['pdf_data'] + */ +$cfg['Export']['pdf_data'] = true; + +/** + * + * + * @@global string $cfg['Export']['pdf_report_title'] + */ +$cfg['Export']['pdf_report_title'] = ''; + +/** + * Export schema for each structure + * + * @@global string $cfg['Export']['xml_export_struc'] + */ +$cfg['Export']['xml_export_struc'] = true; + +/** + * Export functions + * + * @@global string $cfg['Export']['xml_export_functions'] + */ +$cfg['Export']['xml_export_functions'] = true; + +/** + * Export procedures + * + * @@global string $cfg['Export']['xml_export_procedures'] + */ +$cfg['Export']['xml_export_procedures'] = true; + +/** + * Export schema for each table + * + * @@global string $cfg['Export']['xml_export_tables'] + */ +$cfg['Export']['xml_export_tables'] = true; + +/** + * Export triggers + * + * @@global string $cfg['Export']['xml_export_triggers'] + */ +$cfg['Export']['xml_export_triggers'] = true; + +/** + * Export views + * + * @@global string $cfg['Export']['xml_export_views'] + */ +$cfg['Export']['xml_export_views'] = true; + +/** + * Export contents data + * + * @@global string $cfg['Export']['xml_export_contents'] + */ +$cfg['Export']['xml_export_contents'] = true; + + +/******************************************************************************* + * Import defaults + */ +$cfg['Import'] = array(); + +/** + * + * + * @@global string $cfg['Import']['format'] + */ +$cfg['Import']['format'] = 'sql'; + +/** + * Default charset for import. + * + * @@global string $cfg['Import']['charset'] + */ +$cfg['Import']['charset'] = ''; + +/** + * + * + * @@global boolean $cfg['Import']['allow_interrupt'] + */ +$cfg['Import']['allow_interrupt'] = true; + +/** + * + * + * @@global integer $cfg['Import']['skip_queries'] + */ +$cfg['Import']['skip_queries'] = '0'; + +/** + * + * + * @@global string $cfg['Import']['sql_compatibility'] + */ +$cfg['Import']['sql_compatibility'] = 'NONE'; + +/** + * + * + * @@global string $cfg['Import']['sql_no_auto_value_on_zero'] + */ +$cfg['Import']['sql_no_auto_value_on_zero'] = true; + +/** + * + * + * @@global boolean $cfg['Import']['csv_replace'] + */ +$cfg['Import']['csv_replace'] = false; + +/** + * + * + * @@global string $cfg['Import']['csv_terminated'] + */ +$cfg['Import']['csv_terminated'] = ';'; + +/** + * + * + * @@global string $cfg['Import']['csv_enclosed'] + */ +$cfg['Import']['csv_enclosed'] = '"'; + +/** + * + * + * @@global string $cfg['Import']['csv_escaped'] + */ +$cfg['Import']['csv_escaped'] = '\\'; + +/** + * + * + * @@global string $cfg['Import']['csv_new_line'] + */ +$cfg['Import']['csv_new_line'] = 'auto'; + +/** + * + * + * @@global string $cfg['Import']['csv_columns'] + */ +$cfg['Import']['csv_columns'] = ''; + +/** + * + * + * @@global string $cfg['Import']['csv_col_names'] + */ +$cfg['Import']['csv_col_names'] = false; + +/** + * + * + * @@global boolean $cfg['Import']['ldi_replace'] + */ +$cfg['Import']['ldi_replace'] = false; + +/** + * + * + * @@global string $cfg['Import']['ldi_terminated'] + */ +$cfg['Import']['ldi_terminated'] = ';'; + +/** + * + * + * @@global string $cfg['Import']['ldi_enclosed'] + */ +$cfg['Import']['ldi_enclosed'] = '"'; + +/** + * + * + * @@global string $cfg['Import']['ldi_escaped'] + */ +$cfg['Import']['ldi_escaped'] = '\\'; + +/** + * + * + * @@global string $cfg['Import']['ldi_new_line'] + */ +$cfg['Import']['ldi_new_line'] = 'auto'; + +/** + * + * + * @@global string $cfg['Import']['ldi_columns'] + */ +$cfg['Import']['ldi_columns'] = ''; + +/** + * 'auto' for auto-detection, true or false for forcing + * + * @@global string $cfg['Import']['ldi_local_option'] + */ +$cfg['Import']['ldi_local_option'] = 'auto'; + +/** + * + * + * @@global string $cfg['Import']['ods_col_names'] + */ +$cfg['Import']['ods_col_names'] = false; + +/** + * + * + * @@global string $cfg['Import']['ods_empty_rows'] + */ +$cfg['Import']['ods_empty_rows'] = true; + +/** + * + * + * @@global string $cfg['Import']['ods_recognize_percentages'] + */ +$cfg['Import']['ods_recognize_percentages'] = true; + +/** + * + * + * @@global string $cfg['Import']['ods_recognize_currency'] + */ +$cfg['Import']['ods_recognize_currency'] = true; + +/** + * + * + * @@global string $cfg['Import']['xml_col_names'] + */ +$cfg['Import']['xls_col_names'] = false; + +/** + * + * + * @@global string $cfg['Import']['xml_empty_rows'] + */ +$cfg['Import']['xls_empty_rows'] = true; + +/** + * Link to the official MySQL documentation. + * Be sure to include no trailing slash on the path. + * See http://dev.mysql.com/doc/ for more information + * about MySQL manuals and their types. + * + * @@global string $cfg['MySQLManualBase'] + */ +$cfg['MySQLManualBase'] = 'http://dev.mysql.com/doc/refman'; + +/** + * Type of MySQL documentation: + * viewable - "viewable online", current one used on MySQL website + * searchable - "Searchable, with user comments" + * chapters - "HTML, one page per chapter" + * chapters_old - "HTML, one page per chapter", format used prior to MySQL 5.0 release + * big - "HTML, all on one page" + * old - old style used in phpMyAdmin 2.3.0 and sooner + * none - do not show documentation links + * + * @@global string $cfg['MySQLManualType'] + */ +$cfg['MySQLManualType'] = 'viewable'; + + +/******************************************************************************* + * PDF options + */ + +/** + * + * + * @@global array $cfg['PDFPageSizes'] + */ +$cfg['PDFPageSizes'] = array('A3', 'A4', 'A5', 'letter', 'legal'); + +/** + * + * + * @@global string $cfg['PDFDefaultPageSize'] + */ +$cfg['PDFDefaultPageSize'] = 'A4'; + + +/******************************************************************************* + * Language and character set conversion settings + */ + +/** + * Default language to use, if not browser-defined or user-defined + * + * @@global string $cfg['DefaultLang'] + */ +$cfg['DefaultLang'] = 'en-utf-8'; + +/** + * Default connection collation + * + * @@global string $cfg['DefaultConnectionCollation'] + */ +$cfg['DefaultConnectionCollation'] = 'utf8_general_ci'; + +/** + * Force: always use this language - must be defined in + * libraries/select_lang.lib.php + * $cfg['Lang'] = 'en-utf-8'; + * + * Regular expression to limit listed languages, e.g. '^(cs|en)' for Czech and + * English only + * + * @@global string $cfg['FilterLanguages'] + */ +$cfg['FilterLanguages'] = ''; + +/** + * Default character set to use for recoding of MySQL queries, does not take + * any effect when character sets recoding is switched off by + * $cfg['AllowAnywhereRecoding'] or in language file + * (see $cfg['AvailableCharsets'] to possible choices, you can add your own) + * + * @@global string $cfg['DefaultCharset'] + */ +$cfg['DefaultCharset'] = 'utf-8'; + +/** + * Allow character set recoding of MySQL queries, must be also enabled in language + * file to make harder using other language files than Unicode. + * Default value is false to avoid problems on servers without the iconv + * extension + * + * @@global boolean $cfg['AllowAnywhereRecoding'] + */ +$cfg['AllowAnywhereRecoding'] = false; + +/** + * You can select here which functions will be used for character set conversion. + * Possible values are: + * auto - automatically use available one (first is tested iconv, then + * recode) + * iconv - use iconv or libiconv functions + * recode - use recode_string function + * + * @@global string $cfg['RecodingEngine'] + */ +$cfg['RecodingEngine'] = 'auto'; + +/** + * Specify some parameters for iconv used in character set conversion. See iconv + * documentation for details: + * http://www.gnu.org/software/libiconv/documentation/libiconv/iconv_open.3.html + * + * @@global string $cfg['IconvExtraParams'] + */ +$cfg['IconvExtraParams'] = '//TRANSLIT'; + +/** + * Available character sets for MySQL conversion. currently contains all which could + * be found in lang/* files and few more. + * Character sets will be shown in same order as here listed, so if you frequently + * use some of these move them to the top. + * + * @@global array $cfg['AvailableCharsets'] + */ +$cfg['AvailableCharsets'] = array( + 'iso-8859-1', + 'iso-8859-2', + 'iso-8859-3', + 'iso-8859-4', + 'iso-8859-5', + 'iso-8859-6', + 'iso-8859-7', + 'iso-8859-8', + 'iso-8859-9', + 'iso-8859-10', + 'iso-8859-11', + 'iso-8859-12', + 'iso-8859-13', + 'iso-8859-14', + 'iso-8859-15', + 'windows-1250', + 'windows-1251', + 'windows-1252', + 'windows-1256', + 'windows-1257', + 'koi8-r', + 'big5', + 'gb2312', + 'utf-16', + 'utf-8', + 'utf-7', + 'x-user-defined', + 'euc-jp', + 'ks_c_5601-1987', + 'tis-620', + 'SHIFT_JIS' +); + + +/******************************************************************************* + * Customization & design + * + * The graphical settings are now located in themes/theme-name/layout.inc.php + */ + +/** + * enable the left panel pointer + * (used when LeftFrameLight is false) + * see also LeftPointerColor + * in layout.inc.php + * + * @@global boolean $cfg['LeftPointerEnable'] + */ +$cfg['LeftPointerEnable'] = true; + +/** + * enable the browse pointer + * see also BrowsePointerColor + * in layout.inc.php + * + * @@global boolean $cfg['BrowsePointerEnable'] + */ +$cfg['BrowsePointerEnable'] = true; + +/** + * enable the browse marker + * see also BrowseMarkerColor + * in layout.inc.php + * + * @@global boolean $cfg['BrowseMarkerEnable'] + */ +$cfg['BrowseMarkerEnable'] = true; + +/** + * textarea size (columns) in edit mode + * (this value will be emphasized (*2) for SQL + * query textareas and (*1.25) for query window) + * + * @@global integer $cfg['TextareaCols'] + */ +$cfg['TextareaCols'] = 40; + +/** + * textarea size (rows) in edit mode + * + * @@global integer $cfg['TextareaRows'] + */ +$cfg['TextareaRows'] = 15; + +/** + * double size of textarea size for LONGTEXT fields + * + * @@global boolean $cfg['LongtextDoubleTextarea'] + */ +$cfg['LongtextDoubleTextarea'] = true; + +/** + * auto-select when clicking in the textarea of the query-box + * + * @@global boolean $cfg['TextareaAutoSelect'] + */ +$cfg['TextareaAutoSelect'] = false; + +/** + * textarea size (columns) for CHAR/VARCHAR + * + * @@global integer $cfg['CharTextareaCols'] + */ +$cfg['CharTextareaCols'] = 40; + +/** + * textarea size (rows) for CHAR/VARCHAR + * + * @@global integer $cfg['CharTextareaRows'] + */ +$cfg['CharTextareaRows'] = 2; + +/** + * Enable Ctrl+Arrows moving between fields when editing? + * + * @@global boolean $cfg['CtrlArrowsMoving'] + */ +$cfg['CtrlArrowsMoving'] = true; + +/** + * Max field data length in browse mode for all non-numeric fields + * + * @@global integer $cfg['LimitChars'] + */ +$cfg['LimitChars'] = 50; + +/** + * show edit/delete links on left side of browse + * (or at the top with vertical browse) + * + * @@global boolean $cfg['ModifyDeleteAtLeft'] + */ +$cfg['ModifyDeleteAtLeft'] = true; + +/** + * show edit/delete links on right side of browse + * (or at the bottom with vertical browse) + * + * @@global boolean $cfg['ModifyDeleteAtRight'] + */ +$cfg['ModifyDeleteAtRight'] = false; + +/** + * default display direction (horizontal|vertical|horizontalflipped) + * + * @@global string $cfg['DefaultDisplay'] + */ +$cfg['DefaultDisplay'] = 'horizontal'; + +/** + * default display direction for altering/creating columns (tbl_properties) + * (horizontal|vertical|) + * number indicates maximal number for which vertical model is used + * + * @@global integer $cfg['DefaultPropDisplay'] + */ +$cfg['DefaultPropDisplay'] = 3; + +/** + * table-header rotation via faking or CSS? (css|fake) + * NOTE: CSS only works in IE browsers! + * + * @@global string $cfg['HeaderFlipType'] + */ +$cfg['HeaderFlipType'] = 'css'; + +/** + * shows stored relation-comments in 'browse' mode. + * + * @@global boolean $cfg['ShowBrowseComments'] + */ +$cfg['ShowBrowseComments'] = true; + +/** + * shows stored relation-comments in 'table property' mode. + * + * @@global boolean $cfg['ShowPropertyComments'] + */ +$cfg['ShowPropertyComments']= true; + +/** + * repeat header names every X cells? (0 = deactivate) + * + * @@global integer $cfg['RepeatCells'] + */ +$cfg['RepeatCells'] = 100; + +/** + * Set to true if Edit link should open the query to edit in the query window + * (assuming JavaScript is enabled), and to false if we should edit in the right panel + * + * @@global boolean $cfg['EditInWindow'] + */ +$cfg['EditInWindow'] = true; + +/** + * Width of Query window + * + * @@global integer $cfg['QueryWindowWidth'] + */ +$cfg['QueryWindowWidth'] = 550; + +/** + * Height of Query window + * + * @@global integer $cfg['QueryWindowHeight'] + */ +$cfg['QueryWindowHeight'] = 310; + +/** + * Set to true if you want DB-based query history.If false, this utilizes + * JS-routines to display query history (lost by window close) + * + * @@global boolean $cfg['QueryHistoryDB'] + */ +$cfg['QueryHistoryDB'] = false; + +/** + * which tab to display in the querywindow on startup + * (sql|files|history|full) + * + * @@global string $cfg['QueryWindowDefTab'] + */ +$cfg['QueryWindowDefTab'] = 'sql'; + +/** + * When using DB-based query history, how many entries should be kept? + * + * @@global integer $cfg['QueryHistoryMax'] + */ +$cfg['QueryHistoryMax'] = 25; + +/** + * Use MIME-Types (stored in column comments table) for + * + * @@global boolean $cfg['BrowseMIME'] + */ +$cfg['BrowseMIME'] = true; + +/** + * When approximate count < this, PMA will get exact count for table rows. + * + * @@global integer $cfg['MaxExactCount'] + */ +$cfg['MaxExactCount'] = 20000; + +/** + * Zero means that no row count is done for views; see the doc + * + * @@global integer $cfg['MaxExactCountViews'] + */ +$cfg['MaxExactCountViews'] = 0; + +/** + * Utilize DHTML/JS capabilities to allow WYSIWYG editing of + * the PDF page editor. Requires an IE6/Gecko based browser. + * + * @@global boolean $cfg['WYSIWYG-PDF'] + */ +$cfg['WYSIWYG-PDF'] = true; + +/** + * Sort table and database in natural order + * + * @@global boolean $cfg['NaturalOrder'] + */ +$cfg['NaturalOrder'] = true; + +/** + * Initial state for sliders + * (open | closed) + * + * @@global string $cfg['InitialSlidersState'] + */ +$cfg['InitialSlidersState'] = 'closed'; + + + +//----------------------------------------------------------------------------- +// custom-setup by mkkeck: 2004-05-04 +// some specials for new icons and scrolling +/** + * @@todo 2004-05-08 rabus: We need to rearrange these variables. + */ + + +/******************************************************************************* + * Window title settings + */ + +/** + * title of browser window when a table is selected + * + * @@global string $cfg['TitleTable'] + */ +$cfg['TitleTable'] = '@@HTTP_HOST@@ / @@VSERVER@@ / @@DATABASE@@ / @@TABLE@@ | @@PHPMYADMIN@@'; + +/** + * title of browser window when a database is selected + * + * @@global string $cfg['TitleDatabase'] + */ +$cfg['TitleDatabase'] = '@@HTTP_HOST@@ / @@VSERVER@@ / @@DATABASE@@ | @@PHPMYADMIN@@'; + +/** + * title of browser window when a server is selected + * + * @@global string $cfg['TitleServer'] + */ +$cfg['TitleServer'] = '@@HTTP_HOST@@ / @@VSERVER@@ | @@PHPMYADMIN@@'; + +/** + * title of browser window when nothing is selected + * @@global string $cfg['TitleDefault'] + */ +$cfg['TitleDefault'] = '@@HTTP_HOST@@ | @@PHPMYADMIN@@'; + +/** + * show some icons for warning, error and information messages (true|false)? + * + * @@global boolean $cfg['ErrorIconic'] + */ +$cfg['ErrorIconic'] = true; + +/** + * show icons in list on main page and on menu tabs (true|false)? + * + * @@global boolean $cfg['MainPageIconic'] + */ +$cfg['MainPageIconic'] = true; + +/** + * show help button instead of strDocu (true|false)? + * + * @@global boolean $cfg['ReplaceHelpImg'] + */ +$cfg['ReplaceHelpImg'] = true; + + +/******************************************************************************* + * theme manager + */ + +/** + * using themes manager please set up here the path to 'themes' else leave empty + * + * @@global string $cfg['ThemePath'] + */ +$cfg['ThemePath'] = './themes'; + +/** + * if you want to use selectable themes and if ThemesPath not empty + * set it to true, else set it to false (default is false); + * + * @@global boolean $cfg['ThemeManager'] + */ +$cfg['ThemeManager'] = true; + +/** + * set up default theme, if ThemePath not empty you can set up here an valid + * path to themes or 'original' for the original pma-theme + * + * @@global string $cfg['ThemeDefault'] + */ +$cfg['ThemeDefault'] = 'original'; + +/** + * allow different theme for each configured server + * + * @@global boolean $cfg['ThemePerServer'] + */ +$cfg['ThemePerServer'] = false; + + +/******************************************************************************* + * + */ + +/** + * Default queries + * %d will be replaced by the database name. + * %t will be replaced by the table name. + * %f will be replaced by a list of field names. + * (%t and %f only applies to DefaultQueryTable) + * + * @@global string $cfg['DefaultQueryTable'] + */ +$cfg['DefaultQueryTable'] = 'SELECT * FROM %t WHERE 1'; + +/** + * Default queries + * %d will be replaced by the database name. + * %t will be replaced by the table name. + * %f will be replaced by a list of field names. + * (%t and %f only applies to DefaultQueryTable) + * + * @@global string $cfg['DefaultQueryDatabase'] + */ +$cfg['DefaultQueryDatabase'] = ''; + + +/******************************************************************************* + * SQL Query box settings + * These are the links display in all of the SQL Query boxes + * + * @@global array $cfg['SQLQuery'] + */ +$cfg['SQLQuery'] = array(); + +/** + * Edit link to change a query + * + * @@global boolean $cfg['SQLQuery']['Edit'] + */ +$cfg['SQLQuery']['Edit'] = true; + +/** + * EXPLAIN on SELECT queries + * + * @@global boolean $cfg['SQLQuery']['Explain'] + */ +$cfg['SQLQuery']['Explain'] = true; + +/** + * Wrap a query in PHP + * + * @@global boolean $cfg['SQLQuery']['ShowAsPHP'] + */ +$cfg['SQLQuery']['ShowAsPHP'] = true; + +/** + * Validate a query (see $cfg['SQLValidator'] as well) + * + * @@global boolean $cfg['SQLQuery']['Validate'] + */ +$cfg['SQLQuery']['Validate'] = false; + +/** + * Refresh the results page + * + * @@global boolean $cfg['SQLQuery']['Refresh'] + */ +$cfg['SQLQuery']['Refresh'] = true; + + +/******************************************************************************* + * Web server upload/save/import directories + */ + +/** + * Directory for uploaded files that can be executed by phpMyAdmin. + * For example './upload'. Leave empty for no upload directory support. + * Use %u for username inclusion. + * + * @@global string $cfg['UploadDir'] + */ +$cfg['UploadDir'] = ''; + +/** + * Directory where phpMyAdmin can save exported data on server. + * For example './save'. Leave empty for no save directory support. + * Use %u for username inclusion. + * + * @@global string $cfg['SaveDir'] + */ +$cfg['SaveDir'] = ''; + +/** + * Directory where phpMyAdmin can save temporary files. + * This is needed for MS Excel export, see documentation how to enable that. + * + * @@global string $cfg['TempDir'] + */ +$cfg['TempDir'] = ''; + + +/** + * Misc. settings + */ + +/** + * Is GD >= 2 available? Set to yes/no/auto. 'auto' does auto-detection, + * which is the only safe way to determine GD version. + * + * @@global string $cfg['GD2Available'] + */ +$cfg['GD2Available'] = 'auto'; + +/** + * Lists proxy IP and HTTP header combinations which are trusted for IP allow/deny + * + * @@global array $cfg['TrustedProxies'] + */ +$cfg['TrustedProxies'] = array(); + +/** + * We normally check the permissions on the configuration file to ensure + * it's not world writable. However, phpMyAdmin could be installed on + * a NTFS filesystem mounted on a non-Windows server, in which case the + * permissions seems wrong but in fact cannot be detected. In this case + * a sysadmin would set the following to false. + */ +$cfg['CheckConfigurationPermissions'] = true; + +/** + * Limit for length of URL in links. When length would be above this limit, it + * is replaced by form with button. + * This is required as some web servers (IIS) have problems with long URLs. + */ +$cfg['LinkLengthLimit'] = 1000; + +/******************************************************************************* + * SQL Parser Settings + * + * @@global array $cfg['SQP'] + */ +$cfg['SQP'] = array(); + +/** + * Pretty-printing style to use on queries (html, text, none) + * + * @@global string $cfg['SQP']['fmtType'] + */ +$cfg['SQP']['fmtType'] = 'html'; + +/** + * Amount to indent each level (floats are valid) + * + * @@global integer $cfg['SQP']['fmtInd'] + */ +$cfg['SQP']['fmtInd'] = '1'; + +/** + * Units for indenting each level (CSS Types - {em, px, pt}) + * + * @@global string $cfg['SQP']['fmtIndUnit'] + */ +$cfg['SQP']['fmtIndUnit'] = 'em'; + + +/******************************************************************************* + * If you wish to use the SQL Validator service, you should be aware of the + * following: + * All SQL statements are stored anonymously for statistical purposes. + * Mimer SQL Validator, Copyright 2002 Upright Database Technology. + * All rights reserved. + * + * @@global array $cfg['SQLValidator'] + */ +$cfg['SQLValidator'] = array(); + +/** + * Make the SQL Validator available + * + * @@global boolean $cfg['SQLValidator']['use'] + */ +$cfg['SQLValidator']['use'] = false; + +/** + * If you have a custom username, specify it here (defaults to anonymous) + * + * @@global string $cfg['SQLValidator']['username'] + */ +$cfg['SQLValidator']['username'] = ''; + +/** + * Password for username + * + * @@global string $cfg['SQLValidator']['password'] + */ +$cfg['SQLValidator']['password'] = ''; + + +/******************************************************************************* + * Developers ONLY! + * + * @@global array $cfg['DBG'] + */ +$cfg['DBG'] = array(); + +/** + * Output executed queries and their execution times + * + * @@global boolean $cfg['DBG']['sql'] + */ +$cfg['DBG']['sql'] = false; + +/** + * Make the DBG stuff available + * To use the following, please install the DBG extension from http://dd.cron.ru/dbg/ + * + * @@global boolean $cfg['DBG']['php'] + */ +$cfg['DBG']['php'] = false; + +/** + * Produce profiling results of PHP + * + * @@global boolean $cfg['DBG']['profile']['enable'] + */ +$cfg['DBG']['profile']['enable'] = false; + +/** + * Threshold of long running code to display + * Anything below the threshold is not displayed + * + * @@global float $cfg['DBG']['profile']['threshold'] + */ +$cfg['DBG']['profile']['threshold'] = 0.5; + + +/******************************************************************************* + * MySQL settings + */ + +/** + * Column types; + * VARCHAR, TINYINT, TEXT and DATE are listed first, based on estimated popularity + * + * @@global array $cfg['ColumnTypes'] + */ +$cfg['ColumnTypes'] = array( + // most used + 'INT', + 'VARCHAR', + 'TEXT', + 'DATE', + + // numeric + 'NUMERIC' => array( + 'TINYINT', + 'SMALLINT', + 'MEDIUMINT', + 'INT', + 'BIGINT', + '-', + 'DECIMAL', + 'FLOAT', + 'DOUBLE', + 'REAL', + '-', + 'BIT', + 'BOOLEAN', + 'SERIAL', + ), + + + // Date/Time + 'DATE and TIME' => array( + 'DATE', + 'DATETIME', + 'TIMESTAMP', + 'TIME', + 'YEAR', + ), + + // Text + 'STRING' => array( + 'CHAR', + 'VARCHAR', + '-', + 'TINYTEXT', + 'TEXT', + 'MEDIUMTEXT', + 'LONGTEXT', + '-', + 'BINARY', + 'VARBINARY', + '-', + 'TINYBLOB', + 'MEDIUMBLOB', + 'BLOB', + 'LONGBLOB', + '-', + 'ENUM', + 'SET', + ), + + 'SPATIAL' => array( + 'GEOMETRY', + 'POINT', + 'LINESTRING', + 'POLYGON', + 'MULTIPOINT', + 'MULTILINESTRING', + 'MULTIPOLYGON', + 'GEOMETRYCOLLECTION', + ), +); + +/** + * Attributes + * + * @@global array $cfg['AttributeTypes'] + */ +$cfg['AttributeTypes'] = array( + '', + 'BINARY', + 'UNSIGNED', + 'UNSIGNED ZEROFILL', + 'on update CURRENT_TIMESTAMP', +); + + +if ($cfg['ShowFunctionFields']) { + /** + * Available functions + * + * @@global array $cfg['Functions'] + */ + $cfg['Functions'] = array( + 'ABS', + 'ACOS', + 'ASCII', + 'ASIN', + 'ATAN', + 'BIN', + 'BIT_COUNT', + 'BIT_LENGTH', + 'CEILING', + 'CHAR', + 'CHAR_LENGTH', + 'COMPRESS', + 'COS', + 'COT', + 'CRC32', + 'CURDATE', + 'CURRENT_USER', + 'CURTIME', + 'DATE', + 'DAYNAME', + 'DEGREES', + 'DES_DECRYPT', + 'DES_ENCRYPT', + 'ENCRYPT', + 'EXP', + 'FLOOR', + 'FROM_DAYS', + 'FROM_UNIXTIME', + 'HEX', + 'INET_ATON', + 'INET_NTOA', + 'LENGTH', + 'LN', + 'LOG', + 'LOG10', + 'LOG2', + 'LOWER', + 'MD5', + 'NOW', + 'OCT', + 'OLD_PASSWORD', + 'ORD', + 'PASSWORD', + 'RADIANS', + 'RAND', + 'REVERSE', + 'ROUND', + 'SEC_TO_TIME', + 'SHA1', + 'SOUNDEX', + 'SPACE', + 'SQRT', + 'STDDEV_POP', + 'STDDEV_SAMP', + 'TAN', + 'TIMESTAMP', + 'TIME_TO_SEC', + 'UNCOMPRESS', + 'UNHEX', + 'UNIX_TIMESTAMP', + 'UPPER', + 'USER', + 'UTC_DATE', + 'UTC_TIME', + 'UTC_TIMESTAMP', + 'UUID', + 'VAR_POP', + 'VAR_SAMP', + 'YEAR', + ); + + /** + * Which column types will be mapped to which Group? + * + * @@global array $cfg['RestrictColumnTypes'] + */ + $cfg['RestrictColumnTypes'] = array( + 'TINYINT' => 'FUNC_NUMBER', + 'SMALLINT' => 'FUNC_NUMBER', + 'MEDIUMINT' => 'FUNC_NUMBER', + 'INT' => 'FUNC_NUMBER', + 'BIGINT' => 'FUNC_NUMBER', + 'DECIMAL' => 'FUNC_NUMBER', + 'FLOAT' => 'FUNC_NUMBER', + 'DOUBLE' => 'FUNC_NUMBER', + 'REAL' => 'FUNC_NUMBER', + 'BIT' => 'FUNC_NUMBER', + 'BOOLEAN' => 'FUNC_NUMBER', + 'SERIAL' => 'FUNC_NUMBER', + + 'DATE' => 'FUNC_DATE', + 'DATETIME' => 'FUNC_DATE', + 'TIMESTAMP' => 'FUNC_DATE', + 'TIME' => 'FUNC_DATE', + 'YEAR' => 'FUNC_DATE', + + 'CHAR' => 'FUNC_CHAR', + 'VARCHAR' => 'FUNC_CHAR', + 'TINYTEXT' => 'FUNC_CHAR', + 'TEXT' => 'FUNC_CHAR', + 'MEDIUMTEXT' => 'FUNC_CHAR', + 'LONGTEXT' => 'FUNC_CHAR', + 'BINARY' => 'FUNC_CHAR', + 'VARBINARY' => 'FUNC_CHAR', + 'TINYBLOB' => 'FUNC_CHAR', + 'MEDIUMBLOB' => 'FUNC_CHAR', + 'BLOB' => 'FUNC_CHAR', + 'LONGBLOB' => 'FUNC_CHAR', + 'ENUM' => '', + 'SET' => '', + + 'GEOMETRY' => 'FUNC_SPATIAL', + 'POINT' => 'FUNC_SPATIAL', + 'LINESTRING' => 'FUNC_SPATIAL', + 'POLYGON' => 'FUNC_SPATIAL', + 'MULTIPOINT' => 'FUNC_SPATIAL', + 'MULTILINESTRING' => 'FUNC_SPATIAL', + 'MULTIPOLYGON' => 'FUNC_SPATIAL', + 'GEOMETRYCOLLECTION' => 'FUNC_SPATIAL', + + ); + + /** + * Map above defined groups to any function + * + * @@global array $cfg['RestrictFunctions'] + */ + $cfg['RestrictFunctions'] = array( + 'FUNC_CHAR' => array( + 'BIN', + 'CHAR', + 'CURRENT_USER', + 'COMPRESS', + 'DAYNAME', + 'DES_DECRYPT', + 'DES_ENCRYPT', + 'ENCRYPT', + 'HEX', + 'INET_NTOA', + 'LOWER', + 'MD5', + 'OLD_PASSWORD', + 'PASSWORD', + 'REVERSE', + 'SHA1', + 'SOUNDEX', + 'SPACE', + 'UNCOMPRESS', + 'UNHEX', + 'UPPER', + 'USER', + 'UUID', + ), + + 'FUNC_DATE' => array( + 'CURDATE', + 'CURTIME', + 'DATE', + 'FROM_DAYS', + 'FROM_UNIXTIME', + 'NOW', + 'SEC_TO_TIME', + 'TIMESTAMP', + 'UTC_DATE', + 'UTC_TIME', + 'UTC_TIMESTAMP', + 'YEAR', + ), + + 'FUNC_NUMBER' => array( + 'ABS', + 'ACOS', + 'ASCII', + 'ASIN', + 'ATAN', + 'BIT_LENGTH', + 'BIT_COUNT', + 'CEILING', + 'CHAR_LENGTH', + 'COS', + 'COT', + 'CRC32', + 'DEGREES', + 'EXP', + 'FLOOR', + 'INET_ATON', + 'LENGTH', + 'LN', + 'LOG', + 'LOG2', + 'LOG10', + 'OCT', + 'ORD', + 'RADIANS', + 'RAND', + 'ROUND', + 'SQRT', + 'STDDEV_POP', + 'STDDEV_SAMP', + 'TAN', + 'TIME_TO_SEC', + 'UNIX_TIMESTAMP', + 'VAR_POP', + 'VAR_SAMP', + ), + + 'FUNC_SPATIAL' => array( + 'GeomFromText', + 'GeomFromWKB', + + 'GeomCollFromText', + 'LineFromText', + 'MLineFromText', + 'PointFromText', + 'MPointFromText', + 'PolyFromText', + 'MPolyFromText', + + 'GeomCollFromWKB', + 'LineFromWKB', + 'MLineFromWKB', + 'PointFromWKB', + 'MPointFromWKB', + 'PolyFromWKB', + 'MPolyFromWKB', + ), + ); + + /** + * Default functions for above defined groups + * + * @@global array $cfg['DefaultFunctions'] + */ + $cfg['DefaultFunctions'] = array( + 'FUNC_CHAR' => '', + 'FUNC_DATE' => '', + 'FUNC_NUMBER' => '', + 'first_timestamp' => 'NOW', + 'pk_char36' => 'UUID', + ); + + +} // end if + +/** + * Search operators + * + * @@global array $cfg['NumOperators'] + */ +$cfg['NumOperators'] = array( + '=', + '>', + '>=', + '<', + '<=', + '!=', + 'LIKE', + 'NOT LIKE', +); + +/** + * Search operators + * + * @@global array $cfg['TextOperators'] + */ +$cfg['TextOperators'] = array( + 'LIKE', + 'LIKE %...%', + 'NOT LIKE', + '=', + '!=', + 'REGEXP', + 'NOT REGEXP', + "= ''", + "!= ''" +); + +/** + * Search operators + * + * @@global array $cfg['EnumOperators'] + */ +$cfg['EnumOperators'] = array( + '=', + '!=', +); + +/** + * Search operators + * + * @@global array $cfg['SetOperators'] + */ +$cfg['SetOperators'] = array( + 'IN', + 'NOT IN', +); + +/** + * Search operators + * + * @@global array $cfg['NullOperators'] + */ +$cfg['NullOperators'] = array( + 'IS NULL', + 'IS NOT NULL', +); + +/** + * Search operators + * + * @@global array $cfg['UnaryOperators'] + */ +$cfg['UnaryOperators'] = array( + 'IS NULL' => 1, + 'IS NOT NULL' => 1, + "= ''" => 1, + "!= ''" => 1 +); + +?> +@ + + +1.1.1.1 +log +@dispatch-conf update. +@ +text +@d40 1 +a40 1 +$cfg['PmaAbsoluteUri'] = ''; +d539 1 +a539 3 + * maximum allocated bytes ('0' for no limit) + * this is a string because '16M' is a valid value; we must put here + * a string as the default value so that /setup accepts strings +d541 1 +a541 1 + * @@global string $cfg['MemoryLimit'] +d543 1 +a543 1 +$cfg['MemoryLimit'] = '0'; +d581 1 +a581 2 + * validity of cookie login (in seconds; 1440 matches php.ini's + * session.gc_maxlifetime) +@ diff --git a/courier-imap/.orig/imapd b/courier-imap/.orig/imapd new file mode 100644 index 0000000..8f8a010 --- /dev/null +++ b/courier-imap/.orig/imapd @@ -0,0 +1,429 @@ +##VERSION: $Id: imapd.dist.in,v 1.41 2008/06/21 16:01:23 mrsam Exp $ +# +# imapd created from imapd.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used with the couriertcpd server. +# A lot of the stuff here is documented in the manual page for couriertcpd. +# +# NOTE - do not use \ to split long variable contents on multiple lines. +# This will break the default imapd.rc script, which parses this file. +# +##NAME: ADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# ADDRESS=127.0.0.1 + +ADDRESS=0 + +##NAME: PORT:1 +# +# Port numbers that connections are accepted on. The default is 143, +# the standard IMAP port. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possible to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The previous ADDRESS setting is a default for ports that do not have +# a specified IP address. + +PORT=143 + +##NAME: AUTHSERVICE:0 +# +# It's possible to authenticate using a different 'service' parameter +# depending on the connection's port. This only works with authentication +# modules that use the 'service' parameter, such as PAM. Example: +# +# AUTHSERVICE143=imap +# AUTHSERVICE993=imaps + +##NAME: MAXDAEMONS:0 +# +# Maximum number of IMAP servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:0 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=4 + +##NAME: PIDFILE:0 +# +# File where couriertcpd will save its process ID +# + +PIDFILE=/var/run/imapd.pid + +##NAME: TCPDOPTS:0 +# +# Miscellaneous couriertcpd options that shouldn't be changed. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=imapd" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@example.com" + +##NAME: IMAP_CAPABILITY:1 +# +# IMAP_CAPABILITY specifies what most of the response should be to the +# CAPABILITY command. +# +# If you have properly configured Courier to use CRAM-MD5, CRAM-SHA1, or +# CRAM-SHA256 authentication (see INSTALL), set IMAP_CAPABILITY as follows: +# +# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" +# + +IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE" + +##NAME: KEYWORDS_CAPABILITY:0 +# +# IMAP_KEYWORDS=1 enables custom IMAP keywords. Set this option to 0 to +# disable custom keywords. +# +# IMAP_KEYWORDS=2 also enables custom IMAP keywords, but uses a slower +# algorithm. Use this setting if keyword-related problems occur when +# multiple IMAP clients are updating keywords on the same message. + +IMAP_KEYWORDS=1 + +##NAME: ACL_CAPABILITY:0 +# +# IMAP_ACL=1 enables IMAP ACL extension. Set this option to 0 to +# disable ACL capabilities announce. + +IMAP_ACL=1 + +##NAME: SMAP1_CAPABILITY:0 +# +# EXPERIMENTAL +# +# To enable the experimental "Simple Mail Access Protocol" extensions, +# uncomment the following setting. +# +# SMAP_CAPABILITY=SMAP1 + +##NAME: IMAP_CAPABILITY_ORIG:2 +# +# For use by webadmin + +IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" + +##NAME: IMAP_PROXY:0 +# +# Enable proxying. See README.proxy + +IMAP_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. +# +# PROXY_HOSTNAME= + +##NAME: IMAP_PROXY_FOREIGN:0 +# +# Proxying to non-Courier servers. Re-sends the CAPABILITY command after +# logging in to the remote server. May not work with all IMAP clients. + +IMAP_PROXY_FOREIGN=0 + +##NAME: IMAP_IDLE_TIMEOUT:0 +# +# This setting controls how often +# the server polls for changes to the folder, in IDLE mode (in seconds). + +IMAP_IDLE_TIMEOUT=60 + +##NAME: IMAP_MAILBOX_SANITY_CHECK:0 +# +# Sanity check -- make sure home directory and maildir's ownership matches +# the IMAP server's effective uid and gid + +IMAP_MAILBOX_SANITY_CHECK=1 + +##NAME: IMAP_CAPABILITY_TLS:0 +# +# The following setting will advertise SASL PLAIN authentication after +# STARTTLS is established. If you want to allow SASL PLAIN authentication +# with or without TLS then just comment this out, and add AUTH=PLAIN to +# IMAP_CAPABILITY + +IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN" + +##NAME: IMAP_TLS_ORIG:0 +# +# For use by webadmin + +IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN" + +##NAME: IMAP_DISABLETHREADSORT:0 +# +# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands - +# server side sorting and threading. +# +# Those capabilities will still be advertised, but the server will reject +# them. Set this option if you want to disable all the extra load from +# server-side threading and sorting. Not advertising those capabilities +# will simply result in the clients reading the entire folder, and sorting +# it on the client side. That will still put some load on the server. +# advertising these capabilities, but rejecting the commands, will stop this +# silliness. +# + +IMAP_DISABLETHREADSORT=0 + +##NAME: IMAP_CHECK_ALL_FOLDERS:0 +# +# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new +# mail in every folder. Not all IMAP clients use the IMAP's new mail +# indicator, but some do. Normally new mail is checked only in INBOX, +# because it is a comparatively time consuming operation, and it would be +# a complete waste of time unless mail filters are used to deliver +# mail directly to folders. +# +# When IMAP clients are used which support new mail indication, and when +# mail filters are used to sort incoming mail into folders, setting +# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new +# mail in folders. Note that this will result in slightly more load on the +# server. +# + +IMAP_CHECK_ALL_FOLDERS=0 + +##NAME: IMAP_OBSOLETE_CLIENT:0 +# +# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \\NoInferiors to mean +# what \\HasNoChildren really means. + +IMAP_OBSOLETE_CLIENT=0 + +##NAME: IMAP_UMASK:0 +# +# IMAP_UMASK sets the umask of the server process. The value of IMAP_UMASK is +# simply passed to the "umask" command. The default value is 022. +# +# This feature is mostly useful for shared folders, where the file permissions +# of the messages may be important. + +IMAP_UMASK=022 + +##NAME: IMAP_ULIMITD:0 +# +# IMAP_ULIMITD sets the maximum size of the data segment of the server +# process. The value of IMAP_ULIMITD is simply passed to the "ulimit -d" +# command (or ulimit -v). The argument to ulimi sets the upper limit on the +# size of the data segment of the server process, in kilobytes. The default +# value of 65536 sets a very generous limit of 64 megabytes, which should +# be more than plenty for anyone. +# +# This feature is used as an additional safety check that should stop +# any potential denial-of-service attacks that exploit any kind of +# a memory leak to exhaust all the available memory on the server. +# It is theoretically possible that obscenely huge folders will also +# result in the server running out of memory when doing server-side +# sorting (by my calculations you have to have at least 100,000 messages +# in a single folder, for that to happen). + +IMAP_ULIMITD=65536 + +##NAME: IMAP_USELOCKS:0 +# +# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent +# multiple access to the same folder. This incurs slight additional +# overhead. Concurrent multiple access will still work without this setting, +# however occasionally a minor race condition may result in an IMAP client +# downloading the same message twice, or a keyword update will fail. +# +# IMAP_USELOCKS=1 is strongly recommended when shared folders are used. + +IMAP_USELOCKS=1 + +##NAME: IMAP_SHAREDINDEXFILE:0 +# +# The index of all accessible folders. Do not change this setting unless +# you know what you're doing. See README.sharedfolders for additional +# information. + +IMAP_SHAREDINDEXFILE=/etc/courier-imap/shared/index + +##NAME: IMAP_ENHANCEDIDLE:0 +# +# If Courier was compiled with the File Alteration Monitor, setting +# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple +# clients may open the same folder concurrently, and receive updates to +# folder contents in realtime. See the imapd(8) man page for additional +# information. +# +# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included +# in the IMAP_CAPABILITY list. +# + +IMAP_ENHANCEDIDLE=0 + +##NAME: IMAP_TRASHFOLDERNAME:0 +# +# The name of the magic trash Folder. For MSOE compatibility, +# you can set IMAP_TRASHFOLDERNAME="Deleted Items". +# +# IMPORTANT: If you change this, you must also change IMAP_EMPTYTRASH + +IMAP_TRASHFOLDERNAME=Trash + +##NAME: IMAP_EMPTYTRASH:0 +# +# The following setting is optional, and causes messages from the given +# folder to be automatically deleted after the given number of days. +# IMAP_EMPTYTRASH is a comma-separated list of folder:days. The default +# setting, below, purges 7 day old messages from the Trash folder. +# Another useful setting would be: +# +# IMAP_EMPTYTRASH=Trash:7,Sent:30 +# +# This would also delete messages from the Sent folder (presumably copies +# of sent mail) after 30 days. This is a global setting that is applied to +# every mail account, and is probably useful in a controlled, corporate +# environment. +# +# Important: the purging is controlled by CTIME, not MTIME (the file time +# as shown by ls). It is perfectly ordinary to see stuff in Trash that's +# a year old. That's the file modification time, MTIME, that's displayed. +# This is generally when the message was originally delivered to this +# mailbox. Purging is controlled by a different timestamp, CTIME, which is +# changed when the file is moved to the Trash folder (and at other times too). +# +# You might want to disable this setting in certain situations - it results +# in a stat() of every file in each folder, at login and logout. +# + +IMAP_EMPTYTRASH=Trash:7 + +##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0 +# +# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash. This +# effectively allows an undo of message deletion by fishing the deleted +# mail from trash. Trash can be manually expunged as usually, and mail +# will get automatically expunged from Trash according to IMAP_EMPTYTRASH. +# +# NOTE: shared folders are still expunged as usual. Shared folders are +# not affected. +# + +IMAP_MOVE_EXPUNGE_TO_TRASH=0 + + +##NAME: OUTBOX:0 +# +# The next set of options deal with the "Outbox" enhancement. +# Uncomment the following setting to create a special folder, named +# INBOX.Outbox +# +# OUTBOX=.Outbox + +##NAME: SENDMAIL:0 +# +# If OUTBOX is defined, mail can be sent via the IMAP connection by copying +# a message to the INBOX.Outbox folder. For all practical matters, +# INBOX.Outbox looks and behaves just like any other IMAP folder. If this +# folder doesn't exist it must be created by the IMAP mail client, just +# like any other IMAP folder. The kicker: any message copied or moved to +# this folder is will be E-mailed by the Courier-IMAP server, by running +# the SENDMAIL program. Therefore, messages copied or moved to this +# folder must be well-formed RFC-2822 messages, with the recipient list +# specified in the To:, Cc:, and Bcc: headers. Courier-IMAP relies on +# SENDMAIL to read the recipient list from these headers (and delete the Bcc: +# header) by running the command "$SENDMAIL -oi -t -f $SENDER", with the +# message piped on standard input. $SENDER will be the return address +# of the message, which is set by the authentication module. +# +# DO NOT MODIFY SENDMAIL, below, unless you know what you're doing. +# + +SENDMAIL=/usr/sbin/sendmail + +##NAME: HEADERFROM:0 +# +# For administrative and oversight purposes, the return address, $SENDER +# will also be saved in the X-IMAP-Sender mail header. This header gets +# added to the sent E-mail (but it doesn't get saved in the copy of the +# message that's saved in the folder) +# +# WARNING - By enabling OUTBOX above, *every* IMAP mail client will receive +# the magic OUTBOX treatment. Therefore advance LARTing is in order for +# _all_ of your lusers, until every one of them is aware of this. Otherwise if +# OUTBOX is left at its default setting - a folder name that might be used +# accidentally - some people may be in for a rude surprise. You can redefine +# the name of the magic folder by changing OUTBOX, above. You should do that +# and pick a less-obvious name. Perhaps brand it with your organizational +# name ( OUTBOX=.WidgetsAndSonsOutbox ) + +HEADERFROM=X-IMAP-Sender + +##NAME: OUTBOX_MULTIPLE_SEND:0 +# +# Remove the following comment to allow a COPY of more than one message to +# the Outbox, at a time. +# +# OUTBOX_MULTIPLE_SEND=1 + +##NAME: IMAPDSTART:0 +# +# IMAPDSTART is not used directly. Rather, this is a convenient flag to +# be read by your system startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/imapd +# +# case x$IMAPDSTART in +# x[yY]*) +# /usr/lib64/courier-imap/imapd.rc start +# ;; +# esac +# +# The default setting is going to be NO, so you'll have to manually flip +# it to yes. + +IMAPDSTART=NO + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= diff --git a/courier-imap/.orig/imapd-ssl b/courier-imap/.orig/imapd-ssl new file mode 100644 index 0000000..ee723ac --- /dev/null +++ b/courier-imap/.orig/imapd-ssl @@ -0,0 +1,336 @@ +##VERSION: $Id: imapd-ssl.dist.in,v 1.21 2008/07/12 20:17:24 mrsam Exp $ +# +# imapd-ssl created from imapd-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL IMAP connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL IMAP +# connections, you will start two instances of couriertcpd, one on the +# IMAP port 143, and another one on the IMAP-SSL port 993. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:1 +# +# Options in the imapd-ssl configuration file AUGMENT the options in the +# imapd configuration file. First the imapd configuration file is read, +# then the imapd-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 993. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=993 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# +# That's the SSL IMAP port we'll listen on. +# Feel free to redefine MAXDAEMONS, TCPDOPTS, and MAXPERIP. + +SSLPIDFILE=/var/run/imapd-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=imapd-ssl" + +##NAME: IMAPDSSLSTART:0 +# +# Different pid files, so that both instances of couriertcpd can coexist +# happily. +# +# You can also redefine IMAP_CAPABILITY, although I can't +# think of why you'd want to do that. +# +# +# Ok, the following settings are new to imapd-ssl: +# +# Whether or not to start IMAP over SSL on simap port: + +IMAPDSSLSTART=NO + +##NAME: IMAPDSTARTTLS:0 +# +# Whether or not to implement IMAP STARTTLS extension instead: + +IMAPDSTARTTLS=YES + +##NAME: IMAP_TLS_REQUIRED:1 +# +# Set IMAP_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED IMAP capability, until STARTTLS +# is issued). + +IMAP_TLS_REQUIRED=0 + + +######################################################################### +# +# The following variables configure IMAP over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. +# +##NAME: COURIERTLS:0 +# + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the IMAP STARTTLS +# extension, as opposed to IMAP over SSL on port 993. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/imapd.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for IMAP clients +# that open multiple SSL sessions to the server. TLS_CACHEFILE will be +# automatically created, TLS_CACHESIZE bytes long, and used as a cache +# buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir diff --git a/courier-imap/.orig/imapd.cnf b/courier-imap/.orig/imapd.cnf new file mode 100644 index 0000000..c7c1f61 --- /dev/null +++ b/courier-imap/.orig/imapd.cnf @@ -0,0 +1,22 @@ + +RANDFILE = /usr/share/imapd.rand + +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +C=US +ST=NY +L=New York +O=Courier Mail Server +OU=Automatically-generated IMAP SSL key +CN=localhost +emailAddress=postmaster@example.com + + +[ cert_type ] +nsCertType = server diff --git a/courier-imap/.orig/pop3d b/courier-imap/.orig/pop3d new file mode 100644 index 0000000..8dd8bd1 --- /dev/null +++ b/courier-imap/.orig/pop3d @@ -0,0 +1,155 @@ +##VERSION: $Id: pop3d.dist.in,v 1.16 2005/07/05 12:42:51 mrsam Exp $ +# +# pop3d created from pop3d.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Courier POP3 daemon configuration +# +##NAME: PIDFILE:0 +# + +PIDFILE=/var/run/pop3d.pid + +##NAME: MAXDAEMONS:0 +# +# Maximum number of POP3 servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:4 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=4 + +##NAME: POP3AUTH:1 +# +# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH +# variable: +# +# POP3AUTH="LOGIN" +# +# If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH +# to something like this: +# +# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" + +POP3AUTH="" + +##NAME: POP3AUTH_ORIG:1 +# +# For use by webadmin + +POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" + +##NAME: POP3AUTH_TLS:1 +# +# To also advertise SASL PLAIN if SSL is enabled, uncomment the +# POP3AUTH_TLS environment variable: +# +# POP3AUTH_TLS="LOGIN PLAIN" + +POP3AUTH_TLS="" + +##NAME: POP3AUTH_TLS_ORIG:0 +# +# For use by webadmin + +POP3AUTH_TLS_ORIG="LOGIN PLAIN" + +##NAME: POP3_PROXY:0 +# +# Enable proxying. See README.proxy + +POP3_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. + +# PROXY_HOSTNAME= + +##NAME: PORT:1 +# +# Port to listen on for connections. The default is port 110. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The ADDRESS setting is a default for ports that do not have a specified +# IP address. + +PORT=110 + +##NAME: ADDRESS:0 +# +# IP address to listen on. 0 means all IP addresses. + +ADDRESS=0 + +##NAME: TCPDOPTS:0 +# +# Other couriertcpd(1) options. The following defaults should be fine. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=pop3d" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@example.com" + +##NAME: POP3DSTART:0 +# +# POP3DSTART is not referenced anywhere in the standard Courier programs +# or scripts. Rather, this is a convenient flag to be read by your system +# startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/pop3d +# case x$POP3DSTART in +# x[yY]*) +# /usr/lib64/courier-imap/pop3d.rc start +# ;; +# esac +# +# The default setting is going to be NO, until Courier is shipped by default +# with enough platforms so that people get annoyed with having to flip it to +# YES every time. + +POP3DSTART=NO + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= diff --git a/courier-imap/.orig/pop3d-ssl b/courier-imap/.orig/pop3d-ssl new file mode 100644 index 0000000..56f55d2 --- /dev/null +++ b/courier-imap/.orig/pop3d-ssl @@ -0,0 +1,322 @@ +##VERSION: $Id: pop3d-ssl.dist.in,v 1.22 2008/07/12 20:17:25 mrsam Exp $ +# +# pop3d-ssl created from pop3d-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000-2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL POP3 connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL POP3 +# connections, you will start two instances of couriertcpd, one on the +# POP3 port 110, and another one on the POP3-SSL port 995. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:0 +# +# Options in the pop3d-ssl configuration file AUGMENT the options in the +# pop3d configuration file. First the pop3d configuration file is read, +# then the pop3d-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 995. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=995 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# + +SSLPIDFILE=/var/run/pop3d-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=pop3d-ssl" + +##NAME: POP3DSSLSTART:0 +# +# Whether or not to start POP3 over SSL on spop3 port: + +POP3DSSLSTART=NO + +##NAME: POP3_STARTTLS:0 +# +# Whether or not to implement the POP3 STLS extension: + +POP3_STARTTLS=YES + +##NAME: POP3_TLS_REQUIRED:1 +# +# Set POP3_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED POP3 capability, until STARTTLS +# is issued). + +POP3_TLS_REQUIRED=0 + +##NAME: COURIERTLS:0 +# +# The following variables configure POP3 over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the POP3 STARTTLS +# extension, as opposed to POP3 over SSL on port 995. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL + +TLS_STARTTLS_PROTOCOL=TLS1 + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/pop3d.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for long-running +# POP3 clients. TLS_CACHEFILE will be automatically created, TLS_CACHESIZE +# bytes long, and used as a cache buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir diff --git a/courier-imap/.orig/pop3d.cnf b/courier-imap/.orig/pop3d.cnf new file mode 100644 index 0000000..f5ee623 --- /dev/null +++ b/courier-imap/.orig/pop3d.cnf @@ -0,0 +1,22 @@ + +RANDFILE = /usr/share/pop3d.rand + +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +C=US +ST=NY +L=New York +O=Courier Mail Server +OU=Automatically-generated POP3 SSL key +CN=localhost +emailAddress=postmaster@example.com + + +[ cert_type ] +nsCertType = server diff --git a/courier-imap/.rcs/imapd,v b/courier-imap/.rcs/imapd,v new file mode 100644 index 0000000..842eeed --- /dev/null +++ b/courier-imap/.rcs/imapd,v @@ -0,0 +1,469 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.10.05.17.24.49; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2009.11.09.22.10.31; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@##VERSION: $Id: imapd.dist.in,v 1.41 2008/06/21 16:01:23 mrsam Exp $ +# +# imapd created from imapd.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used with the couriertcpd server. +# A lot of the stuff here is documented in the manual page for couriertcpd. +# +# NOTE - do not use \ to split long variable contents on multiple lines. +# This will break the default imapd.rc script, which parses this file. +# +##NAME: ADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# ADDRESS=127.0.0.1 + +ADDRESS=0 + +##NAME: PORT:1 +# +# Port numbers that connections are accepted on. The default is 143, +# the standard IMAP port. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possible to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The previous ADDRESS setting is a default for ports that do not have +# a specified IP address. + +PORT=143 + +##NAME: AUTHSERVICE:0 +# +# It's possible to authenticate using a different 'service' parameter +# depending on the connection's port. This only works with authentication +# modules that use the 'service' parameter, such as PAM. Example: +# +# AUTHSERVICE143=imap +# AUTHSERVICE993=imaps + +##NAME: MAXDAEMONS:0 +# +# Maximum number of IMAP servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:0 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=10 + +##NAME: PIDFILE:0 +# +# File where couriertcpd will save its process ID +# + +PIDFILE=/var/run/imapd.pid + +##NAME: TCPDOPTS:0 +# +# Miscellaneous couriertcpd options that shouldn't be changed. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=imapd" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@@example.com" + +##NAME: IMAP_CAPABILITY:1 +# +# IMAP_CAPABILITY specifies what most of the response should be to the +# CAPABILITY command. +# +# If you have properly configured Courier to use CRAM-MD5, CRAM-SHA1, or +# CRAM-SHA256 authentication (see INSTALL), set IMAP_CAPABILITY as follows: +# +# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" +# + +IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE" + +##NAME: KEYWORDS_CAPABILITY:0 +# +# IMAP_KEYWORDS=1 enables custom IMAP keywords. Set this option to 0 to +# disable custom keywords. +# +# IMAP_KEYWORDS=2 also enables custom IMAP keywords, but uses a slower +# algorithm. Use this setting if keyword-related problems occur when +# multiple IMAP clients are updating keywords on the same message. + +IMAP_KEYWORDS=1 + +##NAME: ACL_CAPABILITY:0 +# +# IMAP_ACL=1 enables IMAP ACL extension. Set this option to 0 to +# disable ACL capabilities announce. + +IMAP_ACL=1 + +##NAME: SMAP1_CAPABILITY:0 +# +# EXPERIMENTAL +# +# To enable the experimental "Simple Mail Access Protocol" extensions, +# uncomment the following setting. +# +# SMAP_CAPABILITY=SMAP1 + +##NAME: IMAP_CAPABILITY_ORIG:2 +# +# For use by webadmin + +IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" + +##NAME: IMAP_PROXY:0 +# +# Enable proxying. See README.proxy + +IMAP_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. +# +# PROXY_HOSTNAME= + +##NAME: IMAP_PROXY_FOREIGN:0 +# +# Proxying to non-Courier servers. Re-sends the CAPABILITY command after +# logging in to the remote server. May not work with all IMAP clients. + +IMAP_PROXY_FOREIGN=0 + +##NAME: IMAP_IDLE_TIMEOUT:0 +# +# This setting controls how often +# the server polls for changes to the folder, in IDLE mode (in seconds). + +IMAP_IDLE_TIMEOUT=60 + +##NAME: IMAP_MAILBOX_SANITY_CHECK:0 +# +# Sanity check -- make sure home directory and maildir's ownership matches +# the IMAP server's effective uid and gid + +IMAP_MAILBOX_SANITY_CHECK=1 + +##NAME: IMAP_CAPABILITY_TLS:0 +# +# The following setting will advertise SASL PLAIN authentication after +# STARTTLS is established. If you want to allow SASL PLAIN authentication +# with or without TLS then just comment this out, and add AUTH=PLAIN to +# IMAP_CAPABILITY + +IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN" + +##NAME: IMAP_TLS_ORIG:0 +# +# For use by webadmin + +IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN" + +##NAME: IMAP_DISABLETHREADSORT:0 +# +# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands - +# server side sorting and threading. +# +# Those capabilities will still be advertised, but the server will reject +# them. Set this option if you want to disable all the extra load from +# server-side threading and sorting. Not advertising those capabilities +# will simply result in the clients reading the entire folder, and sorting +# it on the client side. That will still put some load on the server. +# advertising these capabilities, but rejecting the commands, will stop this +# silliness. +# + +IMAP_DISABLETHREADSORT=0 + +##NAME: IMAP_CHECK_ALL_FOLDERS:0 +# +# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new +# mail in every folder. Not all IMAP clients use the IMAP's new mail +# indicator, but some do. Normally new mail is checked only in INBOX, +# because it is a comparatively time consuming operation, and it would be +# a complete waste of time unless mail filters are used to deliver +# mail directly to folders. +# +# When IMAP clients are used which support new mail indication, and when +# mail filters are used to sort incoming mail into folders, setting +# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new +# mail in folders. Note that this will result in slightly more load on the +# server. +# + +IMAP_CHECK_ALL_FOLDERS=0 + +##NAME: IMAP_OBSOLETE_CLIENT:0 +# +# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \\NoInferiors to mean +# what \\HasNoChildren really means. + +IMAP_OBSOLETE_CLIENT=0 + +##NAME: IMAP_UMASK:0 +# +# IMAP_UMASK sets the umask of the server process. The value of IMAP_UMASK is +# simply passed to the "umask" command. The default value is 022. +# +# This feature is mostly useful for shared folders, where the file permissions +# of the messages may be important. + +IMAP_UMASK=022 + +##NAME: IMAP_ULIMITD:0 +# +# IMAP_ULIMITD sets the maximum size of the data segment of the server +# process. The value of IMAP_ULIMITD is simply passed to the "ulimit -d" +# command (or ulimit -v). The argument to ulimi sets the upper limit on the +# size of the data segment of the server process, in kilobytes. The default +# value of 65536 sets a very generous limit of 64 megabytes, which should +# be more than plenty for anyone. +# +# This feature is used as an additional safety check that should stop +# any potential denial-of-service attacks that exploit any kind of +# a memory leak to exhaust all the available memory on the server. +# It is theoretically possible that obscenely huge folders will also +# result in the server running out of memory when doing server-side +# sorting (by my calculations you have to have at least 100,000 messages +# in a single folder, for that to happen). + +IMAP_ULIMITD=65536 + +##NAME: IMAP_USELOCKS:0 +# +# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent +# multiple access to the same folder. This incurs slight additional +# overhead. Concurrent multiple access will still work without this setting, +# however occasionally a minor race condition may result in an IMAP client +# downloading the same message twice, or a keyword update will fail. +# +# IMAP_USELOCKS=1 is strongly recommended when shared folders are used. + +IMAP_USELOCKS=1 + +##NAME: IMAP_SHAREDINDEXFILE:0 +# +# The index of all accessible folders. Do not change this setting unless +# you know what you're doing. See README.sharedfolders for additional +# information. + +IMAP_SHAREDINDEXFILE=/etc/courier-imap/shared/index + +##NAME: IMAP_ENHANCEDIDLE:0 +# +# If Courier was compiled with the File Alteration Monitor, setting +# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple +# clients may open the same folder concurrently, and receive updates to +# folder contents in realtime. See the imapd(8) man page for additional +# information. +# +# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included +# in the IMAP_CAPABILITY list. +# + +IMAP_ENHANCEDIDLE=0 + +##NAME: IMAP_TRASHFOLDERNAME:0 +# +# The name of the magic trash Folder. For MSOE compatibility, +# you can set IMAP_TRASHFOLDERNAME="Deleted Items". +# +# IMPORTANT: If you change this, you must also change IMAP_EMPTYTRASH + +IMAP_TRASHFOLDERNAME=Trash + +##NAME: IMAP_EMPTYTRASH:0 +# +# The following setting is optional, and causes messages from the given +# folder to be automatically deleted after the given number of days. +# IMAP_EMPTYTRASH is a comma-separated list of folder:days. The default +# setting, below, purges 7 day old messages from the Trash folder. +# Another useful setting would be: +# +# IMAP_EMPTYTRASH=Trash:7,Sent:30 +# +# This would also delete messages from the Sent folder (presumably copies +# of sent mail) after 30 days. This is a global setting that is applied to +# every mail account, and is probably useful in a controlled, corporate +# environment. +# +# Important: the purging is controlled by CTIME, not MTIME (the file time +# as shown by ls). It is perfectly ordinary to see stuff in Trash that's +# a year old. That's the file modification time, MTIME, that's displayed. +# This is generally when the message was originally delivered to this +# mailbox. Purging is controlled by a different timestamp, CTIME, which is +# changed when the file is moved to the Trash folder (and at other times too). +# +# You might want to disable this setting in certain situations - it results +# in a stat() of every file in each folder, at login and logout. +# + +IMAP_EMPTYTRASH=Trash:7 + +##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0 +# +# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash. This +# effectively allows an undo of message deletion by fishing the deleted +# mail from trash. Trash can be manually expunged as usually, and mail +# will get automatically expunged from Trash according to IMAP_EMPTYTRASH. +# +# NOTE: shared folders are still expunged as usual. Shared folders are +# not affected. +# + +IMAP_MOVE_EXPUNGE_TO_TRASH=0 + + +##NAME: OUTBOX:0 +# +# The next set of options deal with the "Outbox" enhancement. +# Uncomment the following setting to create a special folder, named +# INBOX.Outbox +# +# OUTBOX=.Outbox + +##NAME: SENDMAIL:0 +# +# If OUTBOX is defined, mail can be sent via the IMAP connection by copying +# a message to the INBOX.Outbox folder. For all practical matters, +# INBOX.Outbox looks and behaves just like any other IMAP folder. If this +# folder doesn't exist it must be created by the IMAP mail client, just +# like any other IMAP folder. The kicker: any message copied or moved to +# this folder is will be E-mailed by the Courier-IMAP server, by running +# the SENDMAIL program. Therefore, messages copied or moved to this +# folder must be well-formed RFC-2822 messages, with the recipient list +# specified in the To:, Cc:, and Bcc: headers. Courier-IMAP relies on +# SENDMAIL to read the recipient list from these headers (and delete the Bcc: +# header) by running the command "$SENDMAIL -oi -t -f $SENDER", with the +# message piped on standard input. $SENDER will be the return address +# of the message, which is set by the authentication module. +# +# DO NOT MODIFY SENDMAIL, below, unless you know what you're doing. +# + +SENDMAIL=/usr/sbin/sendmail + +##NAME: HEADERFROM:0 +# +# For administrative and oversight purposes, the return address, $SENDER +# will also be saved in the X-IMAP-Sender mail header. This header gets +# added to the sent E-mail (but it doesn't get saved in the copy of the +# message that's saved in the folder) +# +# WARNING - By enabling OUTBOX above, *every* IMAP mail client will receive +# the magic OUTBOX treatment. Therefore advance LARTing is in order for +# _all_ of your lusers, until every one of them is aware of this. Otherwise if +# OUTBOX is left at its default setting - a folder name that might be used +# accidentally - some people may be in for a rude surprise. You can redefine +# the name of the magic folder by changing OUTBOX, above. You should do that +# and pick a less-obvious name. Perhaps brand it with your organizational +# name ( OUTBOX=.WidgetsAndSonsOutbox ) + +HEADERFROM=X-IMAP-Sender + +##NAME: OUTBOX_MULTIPLE_SEND:0 +# +# Remove the following comment to allow a COPY of more than one message to +# the Outbox, at a time. +# +# OUTBOX_MULTIPLE_SEND=1 + +##NAME: IMAPDSTART:0 +# +# IMAPDSTART is not used directly. Rather, this is a convenient flag to +# be read by your system startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/imapd +# +# case x$IMAPDSTART in +# x[yY]*) +# /usr/lib64/courier-imap/imapd.rc start +# ;; +# esac +# +# The default setting is going to be NO, so you'll have to manually flip +# it to yes. + +IMAPDSTART=YES + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= +@ + + +1.1 +log +@Initial revision +@ +text +@d407 1 +a407 1 +# /usr/lib/courier-imap/imapd.rc start +@ diff --git a/courier-imap/.rcs/imapd-ssl,v b/courier-imap/.rcs/imapd-ssl,v new file mode 100644 index 0000000..ef9dbe4 --- /dev/null +++ b/courier-imap/.rcs/imapd-ssl,v @@ -0,0 +1,397 @@ +head 1.3; +access; +symbols; +locks; strict; +comment @# @; + + +1.3 +date 2010.10.05.17.35.41; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.10.05.05.56.31; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2009.11.12.16.09.36; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.3 +log +@Checked in. +@ +text +@##VERSION: $Id: imapd-ssl,v 1.2 2010/10/05 05:56:31 root Exp $ +# +# imapd-ssl created from imapd-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL IMAP connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL IMAP +# connections, you will start two instances of couriertcpd, one on the +# IMAP port 143, and another one on the IMAP-SSL port 993. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:1 +# +# Options in the imapd-ssl configuration file AUGMENT the options in the +# imapd configuration file. First the imapd configuration file is read, +# then the imapd-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 993. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=993 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# +# That's the SSL IMAP port we'll listen on. +# Feel free to redefine MAXDAEMONS, TCPDOPTS, and MAXPERIP. + +SSLPIDFILE=/var/run/imapd-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=imapd-ssl" + +##NAME: IMAPDSSLSTART:0 +# +# Different pid files, so that both instances of couriertcpd can coexist +# happily. +# +# You can also redefine IMAP_CAPABILITY, although I can't +# think of why you'd want to do that. +# +# +# Ok, the following settings are new to imapd-ssl: +# +# Whether or not to start IMAP over SSL on simap port: + +IMAPDSSLSTART=NO + +##NAME: IMAPDSTARTTLS:0 +# +# Whether or not to implement IMAP STARTTLS extension instead: + +IMAPDSTARTTLS=YES + +##NAME: IMAP_TLS_REQUIRED:1 +# +# Set IMAP_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED IMAP capability, until STARTTLS +# is issued). + +IMAP_TLS_REQUIRED=0 + + +######################################################################### +# +# The following variables configure IMAP over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. +# +##NAME: COURIERTLS:0 +# + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) +TLS_PROTOCOL="SSL3" + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the IMAP STARTTLS +# extension, as opposed to IMAP over SSL on port 993. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL +TLS_STARTTLS_PROTOCOL=TLS1 + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/imapd.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for IMAP clients +# that open multiple SSL sessions to the server. TLS_CACHEFILE will be +# automatically created, TLS_CACHESIZE bytes long, and used as a cache +# buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +@ + + +1.2 +log +@Checked in. +@ +text +@d1 1 +a1 1 +##VERSION: $Id: imapd-ssl.dist.in,v 1.21 2008/07/12 20:17:24 mrsam Exp $ +d134 1 +d142 1 +@ + + +1.1 +log +@Initial revision +@ +text +@a133 1 +TLS_PROTOCOL="SSL3" +a140 1 +TLS_STARTTLS_PROTOCOL=TLS1 +@ diff --git a/courier-imap/.rcs/imapd.cnf,v b/courier-imap/.rcs/imapd.cnf,v new file mode 100644 index 0000000..722ca2d --- /dev/null +++ b/courier-imap/.rcs/imapd.cnf,v @@ -0,0 +1,46 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2009.11.12.16.55.53; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +RANDFILE = /usr/share/imapd.rand + +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +C=US +ST=NY +L=New York +O=Courier Mail Server +OU=Automatically-generated IMAP SSL key +CN=localhost +emailAddress=postmaster@@example.com + + +[ cert_type ] +nsCertType = server +@ diff --git a/courier-imap/.rcs/pop3d,v b/courier-imap/.rcs/pop3d,v new file mode 100644 index 0000000..27ffdb2 --- /dev/null +++ b/courier-imap/.rcs/pop3d,v @@ -0,0 +1,195 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.10.05.05.56.31; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2009.11.12.16.55.53; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@##VERSION: $Id: pop3d.dist.in,v 1.16 2005/07/05 12:42:51 mrsam Exp $ +# +# pop3d created from pop3d.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Courier POP3 daemon configuration +# +##NAME: PIDFILE:0 +# + +PIDFILE=/var/run/pop3d.pid + +##NAME: MAXDAEMONS:0 +# +# Maximum number of POP3 servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:4 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=4 + +##NAME: POP3AUTH:1 +# +# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH +# variable: +# +# POP3AUTH="LOGIN" +# +# If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH +# to something like this: +# +# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" + +POP3AUTH="" + +##NAME: POP3AUTH_ORIG:1 +# +# For use by webadmin + +POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" + +##NAME: POP3AUTH_TLS:1 +# +# To also advertise SASL PLAIN if SSL is enabled, uncomment the +# POP3AUTH_TLS environment variable: +# +# POP3AUTH_TLS="LOGIN PLAIN" + +POP3AUTH_TLS="" + +##NAME: POP3AUTH_TLS_ORIG:0 +# +# For use by webadmin + +POP3AUTH_TLS_ORIG="LOGIN PLAIN" + +##NAME: POP3_PROXY:0 +# +# Enable proxying. See README.proxy + +POP3_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. + +# PROXY_HOSTNAME= + +##NAME: PORT:1 +# +# Port to listen on for connections. The default is port 110. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The ADDRESS setting is a default for ports that do not have a specified +# IP address. + +PORT=110 + +##NAME: ADDRESS:0 +# +# IP address to listen on. 0 means all IP addresses. + +ADDRESS=0 + +##NAME: TCPDOPTS:0 +# +# Other couriertcpd(1) options. The following defaults should be fine. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=pop3d" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@@example.com" + +##NAME: POP3DSTART:0 +# +# POP3DSTART is not referenced anywhere in the standard Courier programs +# or scripts. Rather, this is a convenient flag to be read by your system +# startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/pop3d +# case x$POP3DSTART in +# x[yY]*) +# /usr/lib64/courier-imap/pop3d.rc start +# ;; +# esac +# +# The default setting is going to be NO, until Courier is shipped by default +# with enough platforms so that people get annoyed with having to flip it to +# YES every time. + +POP3DSTART=NO + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= +@ + + +1.1 +log +@Initial revision +@ +text +@d132 1 +a132 1 +# /usr/lib/courier-imap/pop3d.rc start +@ diff --git a/courier-imap/.rcs/pop3d-ssl,v b/courier-imap/.rcs/pop3d-ssl,v new file mode 100644 index 0000000..0d4225d --- /dev/null +++ b/courier-imap/.rcs/pop3d-ssl,v @@ -0,0 +1,346 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2009.11.12.16.55.53; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@##VERSION: $Id: pop3d-ssl.dist.in,v 1.22 2008/07/12 20:17:25 mrsam Exp $ +# +# pop3d-ssl created from pop3d-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000-2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL POP3 connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL POP3 +# connections, you will start two instances of couriertcpd, one on the +# POP3 port 110, and another one on the POP3-SSL port 995. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:0 +# +# Options in the pop3d-ssl configuration file AUGMENT the options in the +# pop3d configuration file. First the pop3d configuration file is read, +# then the pop3d-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 995. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=995 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# + +SSLPIDFILE=/var/run/pop3d-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=pop3d-ssl" + +##NAME: POP3DSSLSTART:0 +# +# Whether or not to start POP3 over SSL on spop3 port: + +POP3DSSLSTART=NO + +##NAME: POP3_STARTTLS:0 +# +# Whether or not to implement the POP3 STLS extension: + +POP3_STARTTLS=YES + +##NAME: POP3_TLS_REQUIRED:1 +# +# Set POP3_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED POP3 capability, until STARTTLS +# is issued). + +POP3_TLS_REQUIRED=0 + +##NAME: COURIERTLS:0 +# +# The following variables configure POP3 over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the POP3 STARTTLS +# extension, as opposed to POP3 over SSL on port 995. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL + +TLS_STARTTLS_PROTOCOL=TLS1 + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/pop3d.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for long-running +# POP3 clients. TLS_CACHEFILE will be automatically created, TLS_CACHESIZE +# bytes long, and used as a cache buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +@ diff --git a/courier-imap/.rcs/pop3d.cnf,v b/courier-imap/.rcs/pop3d.cnf,v new file mode 100644 index 0000000..bf2ebbd --- /dev/null +++ b/courier-imap/.rcs/pop3d.cnf,v @@ -0,0 +1,46 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2009.11.12.16.55.53; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@ +RANDFILE = /usr/share/pop3d.rand + +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +C=US +ST=NY +L=New York +O=Courier Mail Server +OU=Automatically-generated POP3 SSL key +CN=localhost +emailAddress=postmaster@@example.com + + +[ cert_type ] +nsCertType = server +@ diff --git a/courier-imap/.rcs/quotawarnmsg,v b/courier-imap/.rcs/quotawarnmsg,v new file mode 100644 index 0000000..2a20032 --- /dev/null +++ b/courier-imap/.rcs/quotawarnmsg,v @@ -0,0 +1,39 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2006.12.08.22.07.15; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@From: Mail Delivery System +Reply-To: frank@@brehm-online.com +To: Valued Customer:; +Subject: Mail quota warning +Mime-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Transfer-Encoding: 7bit + + +Ihr Postfach auf dem Server ist zu mehr als 90% gefuellt. Loeschen Sie bitte +einige Nachrichten aus Ihrem Postfach, damit Sie weiterhin Mails empfangen koennen. + +Your mailbox on the server is now more than 90% full. So that you can continue +to receive mail you need to remove some messages from your mailbox. + +@ diff --git a/courier-imap/imapd b/courier-imap/imapd new file mode 100644 index 0000000..3c6c141 --- /dev/null +++ b/courier-imap/imapd @@ -0,0 +1,429 @@ +##VERSION: $Id: imapd,v 1.2 2010/10/05 17:24:49 root Exp $ +# +# imapd created from imapd.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used with the couriertcpd server. +# A lot of the stuff here is documented in the manual page for couriertcpd. +# +# NOTE - do not use \ to split long variable contents on multiple lines. +# This will break the default imapd.rc script, which parses this file. +# +##NAME: ADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# ADDRESS=127.0.0.1 + +ADDRESS=0 + +##NAME: PORT:1 +# +# Port numbers that connections are accepted on. The default is 143, +# the standard IMAP port. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possible to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The previous ADDRESS setting is a default for ports that do not have +# a specified IP address. + +PORT=143 + +##NAME: AUTHSERVICE:0 +# +# It's possible to authenticate using a different 'service' parameter +# depending on the connection's port. This only works with authentication +# modules that use the 'service' parameter, such as PAM. Example: +# +# AUTHSERVICE143=imap +# AUTHSERVICE993=imaps + +##NAME: MAXDAEMONS:0 +# +# Maximum number of IMAP servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:0 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=10 + +##NAME: PIDFILE:0 +# +# File where couriertcpd will save its process ID +# + +PIDFILE=/var/run/imapd.pid + +##NAME: TCPDOPTS:0 +# +# Miscellaneous couriertcpd options that shouldn't be changed. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=imapd" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@example.com" + +##NAME: IMAP_CAPABILITY:1 +# +# IMAP_CAPABILITY specifies what most of the response should be to the +# CAPABILITY command. +# +# If you have properly configured Courier to use CRAM-MD5, CRAM-SHA1, or +# CRAM-SHA256 authentication (see INSTALL), set IMAP_CAPABILITY as follows: +# +# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" +# + +IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE" + +##NAME: KEYWORDS_CAPABILITY:0 +# +# IMAP_KEYWORDS=1 enables custom IMAP keywords. Set this option to 0 to +# disable custom keywords. +# +# IMAP_KEYWORDS=2 also enables custom IMAP keywords, but uses a slower +# algorithm. Use this setting if keyword-related problems occur when +# multiple IMAP clients are updating keywords on the same message. + +IMAP_KEYWORDS=1 + +##NAME: ACL_CAPABILITY:0 +# +# IMAP_ACL=1 enables IMAP ACL extension. Set this option to 0 to +# disable ACL capabilities announce. + +IMAP_ACL=1 + +##NAME: SMAP1_CAPABILITY:0 +# +# EXPERIMENTAL +# +# To enable the experimental "Simple Mail Access Protocol" extensions, +# uncomment the following setting. +# +# SMAP_CAPABILITY=SMAP1 + +##NAME: IMAP_CAPABILITY_ORIG:2 +# +# For use by webadmin + +IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" + +##NAME: IMAP_PROXY:0 +# +# Enable proxying. See README.proxy + +IMAP_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. +# +# PROXY_HOSTNAME= + +##NAME: IMAP_PROXY_FOREIGN:0 +# +# Proxying to non-Courier servers. Re-sends the CAPABILITY command after +# logging in to the remote server. May not work with all IMAP clients. + +IMAP_PROXY_FOREIGN=0 + +##NAME: IMAP_IDLE_TIMEOUT:0 +# +# This setting controls how often +# the server polls for changes to the folder, in IDLE mode (in seconds). + +IMAP_IDLE_TIMEOUT=60 + +##NAME: IMAP_MAILBOX_SANITY_CHECK:0 +# +# Sanity check -- make sure home directory and maildir's ownership matches +# the IMAP server's effective uid and gid + +IMAP_MAILBOX_SANITY_CHECK=1 + +##NAME: IMAP_CAPABILITY_TLS:0 +# +# The following setting will advertise SASL PLAIN authentication after +# STARTTLS is established. If you want to allow SASL PLAIN authentication +# with or without TLS then just comment this out, and add AUTH=PLAIN to +# IMAP_CAPABILITY + +IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN" + +##NAME: IMAP_TLS_ORIG:0 +# +# For use by webadmin + +IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN" + +##NAME: IMAP_DISABLETHREADSORT:0 +# +# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands - +# server side sorting and threading. +# +# Those capabilities will still be advertised, but the server will reject +# them. Set this option if you want to disable all the extra load from +# server-side threading and sorting. Not advertising those capabilities +# will simply result in the clients reading the entire folder, and sorting +# it on the client side. That will still put some load on the server. +# advertising these capabilities, but rejecting the commands, will stop this +# silliness. +# + +IMAP_DISABLETHREADSORT=0 + +##NAME: IMAP_CHECK_ALL_FOLDERS:0 +# +# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new +# mail in every folder. Not all IMAP clients use the IMAP's new mail +# indicator, but some do. Normally new mail is checked only in INBOX, +# because it is a comparatively time consuming operation, and it would be +# a complete waste of time unless mail filters are used to deliver +# mail directly to folders. +# +# When IMAP clients are used which support new mail indication, and when +# mail filters are used to sort incoming mail into folders, setting +# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new +# mail in folders. Note that this will result in slightly more load on the +# server. +# + +IMAP_CHECK_ALL_FOLDERS=0 + +##NAME: IMAP_OBSOLETE_CLIENT:0 +# +# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \\NoInferiors to mean +# what \\HasNoChildren really means. + +IMAP_OBSOLETE_CLIENT=0 + +##NAME: IMAP_UMASK:0 +# +# IMAP_UMASK sets the umask of the server process. The value of IMAP_UMASK is +# simply passed to the "umask" command. The default value is 022. +# +# This feature is mostly useful for shared folders, where the file permissions +# of the messages may be important. + +IMAP_UMASK=022 + +##NAME: IMAP_ULIMITD:0 +# +# IMAP_ULIMITD sets the maximum size of the data segment of the server +# process. The value of IMAP_ULIMITD is simply passed to the "ulimit -d" +# command (or ulimit -v). The argument to ulimi sets the upper limit on the +# size of the data segment of the server process, in kilobytes. The default +# value of 65536 sets a very generous limit of 64 megabytes, which should +# be more than plenty for anyone. +# +# This feature is used as an additional safety check that should stop +# any potential denial-of-service attacks that exploit any kind of +# a memory leak to exhaust all the available memory on the server. +# It is theoretically possible that obscenely huge folders will also +# result in the server running out of memory when doing server-side +# sorting (by my calculations you have to have at least 100,000 messages +# in a single folder, for that to happen). + +IMAP_ULIMITD=65536 + +##NAME: IMAP_USELOCKS:0 +# +# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent +# multiple access to the same folder. This incurs slight additional +# overhead. Concurrent multiple access will still work without this setting, +# however occasionally a minor race condition may result in an IMAP client +# downloading the same message twice, or a keyword update will fail. +# +# IMAP_USELOCKS=1 is strongly recommended when shared folders are used. + +IMAP_USELOCKS=1 + +##NAME: IMAP_SHAREDINDEXFILE:0 +# +# The index of all accessible folders. Do not change this setting unless +# you know what you're doing. See README.sharedfolders for additional +# information. + +IMAP_SHAREDINDEXFILE=/etc/courier-imap/shared/index + +##NAME: IMAP_ENHANCEDIDLE:0 +# +# If Courier was compiled with the File Alteration Monitor, setting +# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple +# clients may open the same folder concurrently, and receive updates to +# folder contents in realtime. See the imapd(8) man page for additional +# information. +# +# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included +# in the IMAP_CAPABILITY list. +# + +IMAP_ENHANCEDIDLE=0 + +##NAME: IMAP_TRASHFOLDERNAME:0 +# +# The name of the magic trash Folder. For MSOE compatibility, +# you can set IMAP_TRASHFOLDERNAME="Deleted Items". +# +# IMPORTANT: If you change this, you must also change IMAP_EMPTYTRASH + +IMAP_TRASHFOLDERNAME=Trash + +##NAME: IMAP_EMPTYTRASH:0 +# +# The following setting is optional, and causes messages from the given +# folder to be automatically deleted after the given number of days. +# IMAP_EMPTYTRASH is a comma-separated list of folder:days. The default +# setting, below, purges 7 day old messages from the Trash folder. +# Another useful setting would be: +# +# IMAP_EMPTYTRASH=Trash:7,Sent:30 +# +# This would also delete messages from the Sent folder (presumably copies +# of sent mail) after 30 days. This is a global setting that is applied to +# every mail account, and is probably useful in a controlled, corporate +# environment. +# +# Important: the purging is controlled by CTIME, not MTIME (the file time +# as shown by ls). It is perfectly ordinary to see stuff in Trash that's +# a year old. That's the file modification time, MTIME, that's displayed. +# This is generally when the message was originally delivered to this +# mailbox. Purging is controlled by a different timestamp, CTIME, which is +# changed when the file is moved to the Trash folder (and at other times too). +# +# You might want to disable this setting in certain situations - it results +# in a stat() of every file in each folder, at login and logout. +# + +IMAP_EMPTYTRASH=Trash:7 + +##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0 +# +# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash. This +# effectively allows an undo of message deletion by fishing the deleted +# mail from trash. Trash can be manually expunged as usually, and mail +# will get automatically expunged from Trash according to IMAP_EMPTYTRASH. +# +# NOTE: shared folders are still expunged as usual. Shared folders are +# not affected. +# + +IMAP_MOVE_EXPUNGE_TO_TRASH=0 + + +##NAME: OUTBOX:0 +# +# The next set of options deal with the "Outbox" enhancement. +# Uncomment the following setting to create a special folder, named +# INBOX.Outbox +# +# OUTBOX=.Outbox + +##NAME: SENDMAIL:0 +# +# If OUTBOX is defined, mail can be sent via the IMAP connection by copying +# a message to the INBOX.Outbox folder. For all practical matters, +# INBOX.Outbox looks and behaves just like any other IMAP folder. If this +# folder doesn't exist it must be created by the IMAP mail client, just +# like any other IMAP folder. The kicker: any message copied or moved to +# this folder is will be E-mailed by the Courier-IMAP server, by running +# the SENDMAIL program. Therefore, messages copied or moved to this +# folder must be well-formed RFC-2822 messages, with the recipient list +# specified in the To:, Cc:, and Bcc: headers. Courier-IMAP relies on +# SENDMAIL to read the recipient list from these headers (and delete the Bcc: +# header) by running the command "$SENDMAIL -oi -t -f $SENDER", with the +# message piped on standard input. $SENDER will be the return address +# of the message, which is set by the authentication module. +# +# DO NOT MODIFY SENDMAIL, below, unless you know what you're doing. +# + +SENDMAIL=/usr/sbin/sendmail + +##NAME: HEADERFROM:0 +# +# For administrative and oversight purposes, the return address, $SENDER +# will also be saved in the X-IMAP-Sender mail header. This header gets +# added to the sent E-mail (but it doesn't get saved in the copy of the +# message that's saved in the folder) +# +# WARNING - By enabling OUTBOX above, *every* IMAP mail client will receive +# the magic OUTBOX treatment. Therefore advance LARTing is in order for +# _all_ of your lusers, until every one of them is aware of this. Otherwise if +# OUTBOX is left at its default setting - a folder name that might be used +# accidentally - some people may be in for a rude surprise. You can redefine +# the name of the magic folder by changing OUTBOX, above. You should do that +# and pick a less-obvious name. Perhaps brand it with your organizational +# name ( OUTBOX=.WidgetsAndSonsOutbox ) + +HEADERFROM=X-IMAP-Sender + +##NAME: OUTBOX_MULTIPLE_SEND:0 +# +# Remove the following comment to allow a COPY of more than one message to +# the Outbox, at a time. +# +# OUTBOX_MULTIPLE_SEND=1 + +##NAME: IMAPDSTART:0 +# +# IMAPDSTART is not used directly. Rather, this is a convenient flag to +# be read by your system startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/imapd +# +# case x$IMAPDSTART in +# x[yY]*) +# /usr/lib64/courier-imap/imapd.rc start +# ;; +# esac +# +# The default setting is going to be NO, so you'll have to manually flip +# it to yes. + +IMAPDSTART=YES + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= diff --git a/courier-imap/imapd-ssl b/courier-imap/imapd-ssl new file mode 100644 index 0000000..92d6619 --- /dev/null +++ b/courier-imap/imapd-ssl @@ -0,0 +1,338 @@ +##VERSION: $Id: imapd-ssl,v 1.3 2010/10/05 17:35:41 root Exp $ +# +# imapd-ssl created from imapd-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL IMAP connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL IMAP +# connections, you will start two instances of couriertcpd, one on the +# IMAP port 143, and another one on the IMAP-SSL port 993. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:1 +# +# Options in the imapd-ssl configuration file AUGMENT the options in the +# imapd configuration file. First the imapd configuration file is read, +# then the imapd-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 993. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=993 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# +# That's the SSL IMAP port we'll listen on. +# Feel free to redefine MAXDAEMONS, TCPDOPTS, and MAXPERIP. + +SSLPIDFILE=/var/run/imapd-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=imapd-ssl" + +##NAME: IMAPDSSLSTART:0 +# +# Different pid files, so that both instances of couriertcpd can coexist +# happily. +# +# You can also redefine IMAP_CAPABILITY, although I can't +# think of why you'd want to do that. +# +# +# Ok, the following settings are new to imapd-ssl: +# +# Whether or not to start IMAP over SSL on simap port: + +IMAPDSSLSTART=NO + +##NAME: IMAPDSTARTTLS:0 +# +# Whether or not to implement IMAP STARTTLS extension instead: + +IMAPDSTARTTLS=YES + +##NAME: IMAP_TLS_REQUIRED:1 +# +# Set IMAP_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED IMAP capability, until STARTTLS +# is issued). + +IMAP_TLS_REQUIRED=0 + + +######################################################################### +# +# The following variables configure IMAP over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. +# +##NAME: COURIERTLS:0 +# + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) +TLS_PROTOCOL="SSL3" + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the IMAP STARTTLS +# extension, as opposed to IMAP over SSL on port 993. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL +TLS_STARTTLS_PROTOCOL=TLS1 + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/imapd.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for IMAP clients +# that open multiple SSL sessions to the server. TLS_CACHEFILE will be +# automatically created, TLS_CACHESIZE bytes long, and used as a cache +# buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir diff --git a/courier-imap/imapd.cnf b/courier-imap/imapd.cnf new file mode 100644 index 0000000..c7c1f61 --- /dev/null +++ b/courier-imap/imapd.cnf @@ -0,0 +1,22 @@ + +RANDFILE = /usr/share/imapd.rand + +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +C=US +ST=NY +L=New York +O=Courier Mail Server +OU=Automatically-generated IMAP SSL key +CN=localhost +emailAddress=postmaster@example.com + + +[ cert_type ] +nsCertType = server diff --git a/courier-imap/imapd.pem b/courier-imap/imapd.pem new file mode 100644 index 0000000..076042e --- /dev/null +++ b/courier-imap/imapd.pem @@ -0,0 +1,38 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQC1qOWbPkrY1egkrFuPopaBG3+IFWUuwh9pXu6NpvNnEfuv6WBg +vctKRzYPwtFnCS/5l8UWjKmLI7QEJTfAt7y7+W0A2+YvORT8DU3x3NfppF2NOGRi +jIr3np6nJk7ALdjZQ69qyplXluv0NANNfQLXYJ4MViuKTpNNkP5Kw/uZGwIDAQAB +AoGAEA39PNskgkVlXthcvzT/WCm1+7DoYFmHrShWrO40VMeiFsnpWqNrdAUXIg11 +tEV7l/Nx16xWz5U4M6WWZ9HVPCGL/k6hCuJYuV0jhWOBsTX5bIFEIaEKIHlTlgE8 +4jMM/oh4sY9QoQUuSR51LDt2FHz+h2e04XSY9LTAEY0jIgECQQDepX5Hk6Qr6t6D +ZBHloid5UPVqdvyBw7C1Y8FyfNH0E1UGsTcFQHqSHyt1rqsgWOSUzkGoDvMIqi6x +EZtR+LpjAkEA0N+Pi91wB1j6oK5cHn/N2fXag6UjVqJvxmYQoJk0PVfVUpihvMOi +ENpLt1WTe618j5Fdf5oQfVFfVGYKy53H6QJBAIcxsJtf8FlmldTsx91LeHK3ET6j +n7JgFIYgW8/cMVTnBEM7CrDatVLTMH2WIX1T3QDquX2GDlddl1qX2VuOEAcCQQCO +vnnnZ+nL269MaFxkK4uOzUoMdar05gXlXJM4bfsZgRE0ZUMDMd9sDQN5w24LM8DQ +jNONBMkIG7g+gY4XITkhAkBCuzBIWAr781FMsf6u5IKqY6Q2x/RM7ob8E67UBdhG +C7J+p7S4zb+A7Uuyo3ibkR79bp53bt7qJl6Mpfo+EJOS +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIC/TCCAmagAwIBAgIJANY8AlrGDSx9MA0GCSqGSIb3DQEBBQUAMIG0MQswCQYD +VQQGEwJERTEOMAwGA1UECBMFQnJlaG0xDjAMBgNVBAcTBUJyZWhtMQ4wDAYDVQQK +EwVCcmVobTEpMCcGA1UECxMgQ291cmllciBNYWlsIFNlcnZlciBJTUFQIFNTTCBr +ZXkxHjAcBgNVBAMTFW1haWwuYnJlaG0tb25saW5lLmNvbTEqMCgGCSqGSIb3DQEJ +ARYbcG9zdG1hc3RlckBicmVobS1vbmxpbmUuY29tMB4XDTA2MTIwODIyNDMxOFoX +DTEyMDEyNjIyNDMxOFowgbQxCzAJBgNVBAYTAkRFMQ4wDAYDVQQIEwVCcmVobTEO +MAwGA1UEBxMFQnJlaG0xDjAMBgNVBAoTBUJyZWhtMSkwJwYDVQQLEyBDb3VyaWVy +IE1haWwgU2VydmVyIElNQVAgU1NMIGtleTEeMBwGA1UEAxMVbWFpbC5icmVobS1v +bmxpbmUuY29tMSowKAYJKoZIhvcNAQkBFhtwb3N0bWFzdGVyQGJyZWhtLW9ubGlu +ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALWo5Zs+StjV6CSsW4+i +loEbf4gVZS7CH2le7o2m82cR+6/pYGC9y0pHNg/C0WcJL/mXxRaMqYsjtAQlN8C3 +vLv5bQDb5i85FPwNTfHc1+mkXY04ZGKMiveenqcmTsAt2NlDr2rKmVeW6/Q0A019 +AtdgngxWK4pOk02Q/krD+5kbAgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIGQDAN +BgkqhkiG9w0BAQUFAAOBgQAJcVq4xxeH1d86DoedzsqMZyT90Y5piL4NarwQekg8 +jP0+HytRdujAJB4ahKkixsUcrFIeO3ct5ZXervdwvLK5GCcnwu3Lxa33UF7HhpOA +5+6bQXl4qh9+sL9UoxoRf2aMObVUsb0vEe7KTUViJ8rA7nI4Iny0icBJYKqvsxeH +5Q== +-----END CERTIFICATE----- +-----BEGIN DH PARAMETERS----- +MEYCQQCd+yD50BV7puqCKcLdensocjp8erVRJ7A5DmjUOicA2Xij9QcHfq7bvN6S +yg50QJ8JcJVV+dyKaEm1zRyRitLzAgEC +-----END DH PARAMETERS----- diff --git a/courier-imap/pop3d b/courier-imap/pop3d new file mode 100644 index 0000000..b84b05a --- /dev/null +++ b/courier-imap/pop3d @@ -0,0 +1,155 @@ +##VERSION: $Id: pop3d,v 1.2 2010/10/05 05:56:31 root Exp $ +# +# pop3d created from pop3d.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Courier POP3 daemon configuration +# +##NAME: PIDFILE:0 +# + +PIDFILE=/var/run/pop3d.pid + +##NAME: MAXDAEMONS:0 +# +# Maximum number of POP3 servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:4 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=4 + +##NAME: POP3AUTH:1 +# +# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH +# variable: +# +# POP3AUTH="LOGIN" +# +# If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH +# to something like this: +# +# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" + +POP3AUTH="" + +##NAME: POP3AUTH_ORIG:1 +# +# For use by webadmin + +POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" + +##NAME: POP3AUTH_TLS:1 +# +# To also advertise SASL PLAIN if SSL is enabled, uncomment the +# POP3AUTH_TLS environment variable: +# +# POP3AUTH_TLS="LOGIN PLAIN" + +POP3AUTH_TLS="" + +##NAME: POP3AUTH_TLS_ORIG:0 +# +# For use by webadmin + +POP3AUTH_TLS_ORIG="LOGIN PLAIN" + +##NAME: POP3_PROXY:0 +# +# Enable proxying. See README.proxy + +POP3_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. + +# PROXY_HOSTNAME= + +##NAME: PORT:1 +# +# Port to listen on for connections. The default is port 110. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The ADDRESS setting is a default for ports that do not have a specified +# IP address. + +PORT=110 + +##NAME: ADDRESS:0 +# +# IP address to listen on. 0 means all IP addresses. + +ADDRESS=0 + +##NAME: TCPDOPTS:0 +# +# Other couriertcpd(1) options. The following defaults should be fine. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=pop3d" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@example.com" + +##NAME: POP3DSTART:0 +# +# POP3DSTART is not referenced anywhere in the standard Courier programs +# or scripts. Rather, this is a convenient flag to be read by your system +# startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/pop3d +# case x$POP3DSTART in +# x[yY]*) +# /usr/lib64/courier-imap/pop3d.rc start +# ;; +# esac +# +# The default setting is going to be NO, until Courier is shipped by default +# with enough platforms so that people get annoyed with having to flip it to +# YES every time. + +POP3DSTART=NO + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= diff --git a/courier-imap/pop3d-ssl b/courier-imap/pop3d-ssl new file mode 100644 index 0000000..06a747f --- /dev/null +++ b/courier-imap/pop3d-ssl @@ -0,0 +1,322 @@ +##VERSION: $Id: pop3d-ssl,v 1.1 2009/11/12 16:55:53 root Exp $ +# +# pop3d-ssl created from pop3d-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000-2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL POP3 connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL POP3 +# connections, you will start two instances of couriertcpd, one on the +# POP3 port 110, and another one on the POP3-SSL port 995. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:0 +# +# Options in the pop3d-ssl configuration file AUGMENT the options in the +# pop3d configuration file. First the pop3d configuration file is read, +# then the pop3d-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 995. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=995 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# + +SSLPIDFILE=/var/run/pop3d-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=pop3d-ssl" + +##NAME: POP3DSSLSTART:0 +# +# Whether or not to start POP3 over SSL on spop3 port: + +POP3DSSLSTART=NO + +##NAME: POP3_STARTTLS:0 +# +# Whether or not to implement the POP3 STLS extension: + +POP3_STARTTLS=YES + +##NAME: POP3_TLS_REQUIRED:1 +# +# Set POP3_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED POP3 capability, until STARTTLS +# is issued). + +POP3_TLS_REQUIRED=0 + +##NAME: COURIERTLS:0 +# +# The following variables configure POP3 over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the POP3 STARTTLS +# extension, as opposed to POP3 over SSL on port 995. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL + +TLS_STARTTLS_PROTOCOL=TLS1 + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/pop3d.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for long-running +# POP3 clients. TLS_CACHEFILE will be automatically created, TLS_CACHESIZE +# bytes long, and used as a cache buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir diff --git a/courier-imap/pop3d.cnf b/courier-imap/pop3d.cnf new file mode 100644 index 0000000..f5ee623 --- /dev/null +++ b/courier-imap/pop3d.cnf @@ -0,0 +1,22 @@ + +RANDFILE = /usr/share/pop3d.rand + +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +C=US +ST=NY +L=New York +O=Courier Mail Server +OU=Automatically-generated POP3 SSL key +CN=localhost +emailAddress=postmaster@example.com + + +[ cert_type ] +nsCertType = server diff --git a/courier-imap/pop3d.pem b/courier-imap/pop3d.pem new file mode 100644 index 0000000..bf5575c --- /dev/null +++ b/courier-imap/pop3d.pem @@ -0,0 +1,38 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQDeQ2lyjAA32nPw9bGNQ6cJDbgpJVTPircwIjwthdDomVOn6uEZ +s31kUeTHcV1UFYqKQbur7zeW0fl5AHV8fhTWIODuNGUduzgrkl/NMy753s3YJcro +8A4T6JlXz9rHGS0P1rWt/ZJX3zty3gwNZdDLI4tw5ThPkRDGmxYe4tUCMQIDAQAB +AoGBAIQYgIUpm7+WP64H99xDRvTkiH07yKoIgVNEJYvQqhZzefqkZ+BEgtOqsFOw +lo0wuEPvSUCoTdt/M8uscCbrMCnviwxU/DRTEIdHdhpSKK0mJoLoZBM4Ds9/kWv2 +ObkM9injHM814alaeeb9Es8vCH0AlfgZ1UWy1jV840InA3GhAkEA84xxxGygCSix +sYh/1lU6RKgIHlMhVG/2ecjS6TbhtRy4gIzBgobvRgO7Oq788FJ9W0Gl8BpXGJ9H +E4LfJL4/XQJBAOmgYu+NljdEUSRONr0DZYN85ERB39iz2L9ZJucnqrhQz+UHZtfr ++9k5z5hcyVu+joBnme1/P0GCwWfJGPMeZOUCQQDCV6fQ3f02Ucq5p/qaxZehgZQ4 +3o0SG+XKeH4Uqz6gjzKLIcaoqZP1grS8tzYPb0OotlH7rokhlLfa0evOHiHhAkAo +6ODqOczYGKpsxRVou7OG9tOx8CcWd0e5Gg9p4tROOjhtToJ/xN7xBuKHN5g67H9f +lMSrheC5w//CAMDRsbzRAkBPZjC3hnI4k2+ThAe1S9NQVpoYbyUu5qzxr3iqNvxJ +77xF+LcDPgVPCl6wwy+/oKl4SPSKLgWmRCVY1jzmLaVq +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIC/TCCAmagAwIBAgIJANqm0jsS+ZuZMA0GCSqGSIb3DQEBBQUAMIG0MQswCQYD +VQQGEwJERTEOMAwGA1UECBMFQnJlaG0xDjAMBgNVBAcTBUJyZWhtMQ4wDAYDVQQK +EwVCcmVobTEpMCcGA1UECxMgQ291cmllciBNYWlsIFNlcnZlciBJTUFQIFNTTCBr +ZXkxHjAcBgNVBAMTFW1haWwuYnJlaG0tb25saW5lLmNvbTEqMCgGCSqGSIb3DQEJ +ARYbcG9zdG1hc3RlckBicmVobS1vbmxpbmUuY29tMB4XDTA2MTIwODIyNDMyMFoX +DTEyMDEyNjIyNDMyMFowgbQxCzAJBgNVBAYTAkRFMQ4wDAYDVQQIEwVCcmVobTEO +MAwGA1UEBxMFQnJlaG0xDjAMBgNVBAoTBUJyZWhtMSkwJwYDVQQLEyBDb3VyaWVy +IE1haWwgU2VydmVyIElNQVAgU1NMIGtleTEeMBwGA1UEAxMVbWFpbC5icmVobS1v +bmxpbmUuY29tMSowKAYJKoZIhvcNAQkBFhtwb3N0bWFzdGVyQGJyZWhtLW9ubGlu +ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN5DaXKMADfac/D1sY1D +pwkNuCklVM+KtzAiPC2F0OiZU6fq4RmzfWRR5MdxXVQViopBu6vvN5bR+XkAdXx+ +FNYg4O40ZR27OCuSX80zLvnezdglyujwDhPomVfP2scZLQ/Wta39klffO3LeDA1l +0Msji3DlOE+REMabFh7i1QIxAgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIGQDAN +BgkqhkiG9w0BAQUFAAOBgQADISOUsK2dtfAD/Go6fGxCA91/SL1FxpkxfWSA9oG0 +9GBZRlEjrbXA5Gn8DijbZ91CArjAEJlYrNPihSD5qzFgbsbD99HDV7js3HW1TODA +QVcrEwQGsYUQyA0UOF0AByx3CuppglkayBNBFxoDYUHfK9SavdMLnUuo68Skd+9g +tA== +-----END CERTIFICATE----- +-----BEGIN DH PARAMETERS----- +MEYCQQChYtoCiG16r+tbnSsmbpI+AMuNv4rmN/hkoTWvAMdmy3OcWIkBuhepTkZA +yF1zxkBIH3wW6w40eqNW0W0j0uxzAgEC +-----END DH PARAMETERS----- diff --git a/courier-imap/quotawarnmsg b/courier-imap/quotawarnmsg new file mode 100644 index 0000000..1746374 --- /dev/null +++ b/courier-imap/quotawarnmsg @@ -0,0 +1,15 @@ +From: Mail Delivery System +Reply-To: frank@brehm-online.com +To: Valued Customer:; +Subject: Mail quota warning +Mime-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Transfer-Encoding: 7bit + + +Ihr Postfach auf dem Server ist zu mehr als 90% gefuellt. Loeschen Sie bitte +einige Nachrichten aus Ihrem Postfach, damit Sie weiterhin Mails empfangen koennen. + +Your mailbox on the server is now more than 90% full. So that you can continue +to receive mail you need to remove some messages from your mailbox. + diff --git a/courier-imap/quotawarnmsg.example b/courier-imap/quotawarnmsg.example new file mode 100644 index 0000000..54fad32 --- /dev/null +++ b/courier-imap/quotawarnmsg.example @@ -0,0 +1,13 @@ +X-Comment: Rename/Copy this file to quotawarnmsg, and make appropriate changes +X-Comment: See deliverquota man page for more information +From: Mail Delivery System +Reply-To: support@example.com +To: Valued Customer:; +Subject: Mail quota warning +Mime-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Transfer-Encoding: 7bit + +Your mailbox on the server is now more than 90% full. So that you can continue +to receive mail you need to remove some messages from your mailbox. + diff --git a/courier/authlib/.rcs/authdaemonrc,v b/courier/authlib/.rcs/authdaemonrc,v new file mode 100644 index 0000000..ae2b7c5 --- /dev/null +++ b/courier/authlib/.rcs/authdaemonrc,v @@ -0,0 +1,127 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.22.01.39; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $ +# +# Copyright 2000-2005 Double Precision, Inc. See COPYING for +# distribution information. +# +# authdaemonrc created from authdaemonrc.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# This file configures authdaemond, the resident authentication daemon. +# +# Comments in this file are ignored. Although this file is intended to +# be sourced as a shell script, authdaemond parses it manually, so +# the acceptable syntax is a bit limited. Multiline variable contents, +# with the \ continuation character, are not allowed. Everything must +# fit on one line. Do not use any additional whitespace for indentation, +# or anything else. + +##NAME: authmodulelist:2 +# +# The authentication modules that are linked into authdaemond. The +# default list is installed. You may selectively disable modules simply +# by removing them from the following list. The available modules you +# can use are: authuserdb authpam authshadow authldap authmysql authcustom authpipe + +authmodulelist="authmysql " + +##NAME: authmodulelistorig:3 +# +# This setting is used by Courier's webadmin module, and should be left +# alone + +authmodulelistorig="authuserdb authpam authshadow authldap authmysql authcustom authpipe" + +##NAME: daemons:0 +# +# The number of daemon processes that are started. authdaemon is typically +# installed where authentication modules are relatively expensive: such +# as authldap, or authmysql, so it's better to have a number of them running. +# PLEASE NOTE: Some platforms may experience a problem if there's more than +# one daemon. Specifically, SystemV derived platforms that use TLI with +# socket emulation. I'm suspicious of TLI's ability to handle multiple +# processes accepting connections on the same filesystem domain socket. +# +# You may need to increase daemons if as your system load increases. Symptoms +# include sporadic authentication failures. If you start getting +# authentication failures, increase daemons. However, the default of 5 +# SHOULD be sufficient. Bumping up daemon count is only a short-term +# solution. The permanent solution is to add more resources: RAM, faster +# disks, faster CPUs... + +daemons=5 + +##NAME: authdaemonvar:2 +# +# authdaemonvar is here, but is not used directly by authdaemond. It's +# used by various configuration and build scripts, so don't touch it! + +authdaemonvar=/var/lib/courier/authdaemon + +##NAME: DEBUG_LOGIN:0 +# +# Dump additional diagnostics to syslog +# +# DEBUG_LOGIN=0 - turn off debugging +# DEBUG_LOGIN=1 - turn on debugging +# DEBUG_LOGIN=2 - turn on debugging + log passwords too +# +# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog. +# +# Note that most information is sent to syslog at level 'debug', so +# you may need to modify your /etc/syslog.conf to be able to see it. + +DEBUG_LOGIN=0 + +##NAME: DEFAULTOPTIONS:0 +# +# A comma-separated list of option=value pairs. Each option is applied +# to an account if the account does not have its own specific value for +# that option. So for example, you can set +# DEFAULTOPTIONS="disablewebmail=1,disableimap=1" +# and then enable webmail and/or imap on individual accounts by setting +# disablewebmail=0 and/or disableimap=0 on the account. + +DEFAULTOPTIONS="" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options, e.g. to set syslog facility +# + +LOGGEROPTS="" + +##NAME: LDAP_TLS_OPTIONS:0 +# +# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'. +# Examples: +# +#LDAPTLS_CACERT=/path/to/cacert.pem +#LDAPTLS_REQCERT=demand +#LDAPTLS_CERT=/path/to/clientcert.pem +#LDAPTLS_KEY=/path/to/clientkey.pem +@ diff --git a/courier/authlib/.rcs/authldaprc,v b/courier/authlib/.rcs/authldaprc,v new file mode 100644 index 0000000..52cae5d --- /dev/null +++ b/courier/authlib/.rcs/authldaprc,v @@ -0,0 +1,297 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.22.01.39; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@##VERSION: $Id: authldaprc,v 1.25 2005/10/05 00:07:32 mrsam Exp $ +# +# Copyright 2000-2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authldaprc created from authldaprc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the LDAP admin password! +# +# This configuration file specifies LDAP authentication parameters +# +# The format of this file must be as follows: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. No trailing spaces. +# +# Here are the fields: + +##NAME: LOCATION:1 +# +# Location of your LDAP server(s). If you have multiple LDAP servers, +# you can list them separated by commas and spaces, and they will be tried in +# turn. + +LDAP_URI ldaps://ldap.example.com, ldaps://backup.example.com + +##NAME: LDAP_PROTOCOL_VERSION:0 +# +# Which version of LDAP protocol to use + +LDAP_PROTOCOL_VERSION 3 + +##NAME: LDAP_BASEDN:0 +# +# Look for authentication here: + +LDAP_BASEDN o=example, c=com + +##NAME: LDAP_BINDDN:0 +# +# You may or may not need to specify the following. Because you've got +# a password here, authldaprc should not be world-readable!!! + +LDAP_BINDDN cn=administrator, o=example, c=com +LDAP_BINDPW toto + +##NAME: LDAP_TIMEOUT:0 +# +# Timeout for LDAP search and connection + +LDAP_TIMEOUT 5 + +##NAME: LDAP_AUTHBIND:0 +# +# Define this to have the ldap server authenticate passwords. If LDAP_AUTHBIND +# the password is validated by rebinding with the supplied userid and password. +# If rebind succeeds, this is considered to be an authenticated request. This +# does not support CRAM-MD5 authentication, which requires clearPassword. +# Additionally, if LDAP_AUTHBIND is 1 then password changes are done under +# the credentials of the user themselves, not LDAP_BINDDN/BINDPW +# +# LDAP_AUTHBIND 1 + +##NAME: LDAP_MAIL:0 +# +# Here's the field on which we query + +LDAP_MAIL mail + +##NAME: LDAP_FILTER:0 +# +# This LDAP filter will be ANDed with the query for the field defined above +# in LDAP_MAIL. So if you are querying for mail, and you have LDAP_FILTER +# defined to be "(objectClass=CourierMailAccount)" the query that is performed +# will be "(&(objectClass=CourierMailAccount)(mail=))" +# +# LDAP_FILTER (objectClass=CourierMailAccount) + +##NAME: LDAP_DOMAIN:0 +# +# The following default domain will be appended, if not explicitly specified. +# +# LDAP_DOMAIN example.com + +##NAME: LDAP_GLOB_IDS:0 +# +# The following two variables can be used to set everybody's uid and gid. +# This is convenient if your LDAP specifies a bunch of virtual mail accounts +# The values can be usernames or userids: +# +# LDAP_GLOB_UID vmail +# LDAP_GLOB_GID vmail + +##NAME: LDAP_HOMEDIR:0 +# +# We will retrieve the following attributes +# +# The HOMEDIR attribute MUST exist, and we MUST be able to chdir to it + +LDAP_HOMEDIR homeDirectory + +##NAME: LDAP_MAILROOT:0 +# +# If homeDirectory is not an absolute path, define the root of the +# relative paths in LDAP_MAILROOT +# +# LDAP_MAILROOT /var/mail + + +##NAME: LDAP_MAILDIR:0 +# +# The MAILDIR attribute is OPTIONAL, and specifies the location of the +# mail directory. If not specified, ./Maildir will be used + +LDAP_MAILDIR mailbox + +##NAME: LDAP_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional attribute specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd + +LDAP_DEFAULTDELIVERY defaultDelivery + +##NAME: LDAP_MAILDIRQUOTA:0 +# +# The following variable, if defined, specifies the field containing the +# maildir quota, see README.maildirquota for more information +# +# LDAP_MAILDIRQUOTA quota + + +##NAME: LDAP_FULLNAME:0 +# +# FULLNAME is optional, specifies the user's full name + +LDAP_FULLNAME cn + +##NAME: LDAP_PW:0 +# +# CLEARPW is the clear text password. CRYPT is the crypted password. +# ONE OF THESE TWO ATTRIBUTES IS REQUIRED. If CLEARPW is provided, and +# libhmac.a is available, CRAM authentication will be possible! + +LDAP_CLEARPW clearPassword +LDAP_CRYPTPW userPassword + +##NAME: LDAP_IDS:0 +# +# Uncomment the following, and modify as appropriate, if your LDAP database +# stores individual userids and groupids. Otherwise, you must uncomment +# LDAP_GLOB_UID and LDAP_GLOB_GID above. LDAP_GLOB_UID and LDAP_GLOB_GID +# specify a uid/gid for everyone. Otherwise, LDAP_UID and LDAP_GID must +# be defined as attributes for everyone. +# +# LDAP_UID uidNumber +# LDAP_GID gidNumber + + +##NAME: LDAP_AUXOPTIONS:0 +# +# Auxiliary options. The LDAP_AUXOPTIONS setting should contain a list of +# comma-separated "ATTRIBUTE=NAME" pairs. These names are additional +# attributes that define various per-account "options", as given in +# INSTALL's description of the OPTIONS setting. +# +# Each ATTRIBUTE specifies an LDAP attribute name. If it is present, +# the attribute value gets placed in the OPTIONS variable, with the name +# NAME. For example: +# +# LDAP_AUXOPTIONS shared=sharedgroup,disableimap=disableimap +# +# Then, if an LDAP record contains the following attributes: +# +# shared: domain1 +# disableimap: 0 +# +# Then authldap will initialize OPTIONS to "sharedgroup=domain1,disableimap=0" +# +# NOTE: ** no spaces in this setting **, the above example has exactly +# one tab character after LDAP_AUXOPTIONS + + +##NAME: LDAP_ENUMERATE_FILTER:0 +# +# {EXPERIMENTAL} +# Optional custom filter used when enumerating accounts for authenumerate, +# in order to compile a list of accounts for shared folders. If present, +# this filter will be used instead of LDAP_FILTER. +# +# LDAP_ENUMERATE_FILTER (&(objectClass=CourierMailAccount)(!(disableshared=1))) + + +##NAME: LDAP_DEREF:0 +# +# Determines how aliases are handled during a search. This option is available +# only with OpenLDAP 2.0 +# +# LDAP_DEREF can be one of the following values: +# never, searching, finding, always. If not specified, aliases are +# never dereferenced. + +LDAP_DEREF never + +##NAME: LDAP_TLS:0 +# +# Set LDAP_TLS to 1 to use the Start TLS extension (RFC 2830). This is +# when the server accepts a normal LDAP connection on port 389 which +# the client then requests 'upgrading' to TLS, and is equivalent to the +# -ZZ flag to ldapsearch. If you are using an ldaps:// URI then do not +# set this option. +# +# For additional LDAP-related options, see the authdaemonrc config file. + +LDAP_TLS 0 + +##NAME: LDAP_EMAILMAP:0 +# +# The following optional settings, if enabled, result in an extra LDAP +# lookup to first locate a handle for an E-mail address, then a second lookup +# on that handle to get the actual authentication record. You'll need +# to uncomment these settings to enable an email handle lookup. +# +# The E-mail address must be of the form user@@realm, and this is plugged +# into the following search string. "@@user@@" and "@@realm@@" are placeholders +# for the user and the realm portions of the login ID. +# +# LDAP_EMAILMAP (&(userid=@@user@@)(realm=@@realm@@)) + +##NAME: LDAP_EMAILMAP_BASEDN:0 +# +# Specify the basedn for the email lookup. The default is LDAP_BASEDN. +# +# LDAP_EMAILMAP_BASEDN o=emailmap, c=com + + +##NAME: LDAP_EMAILMAP_ATTRIBUTE:0 +# +# The attribute which holds the handle. The contents of this attribute +# are then plugged into the regular authentication lookup, and you must set +# LDAP_EMAILMAP_MAIL to the name of this attribute in the authentication +# records (which may be the same as LDAP_MAIL). +# You MUST also leave LDAP_DOMAIN undefined. This enables authenticating +# by handles only. +# +# Here's an example: +# +# dn: userid=john, realm=example.com, o=emailmap, c=com # LDAP_EMAILMAP_BASEDN +# userid: john # LDAP_EMAILMAP search +# realm: example.com # LDAP_EMAILMAP search +# handle: cc223344 # LDAP_EMAILMAP_ATTRIBUTE +# +# +# dn: controlHandle=cc223344, o=example, c=com # LDAP_BASEDN +# controlHandle: cc223344 # LDAP_EMAILMAP_MAIL set to "controlHandle" +# uid: ... +# gid: ... +# [ etc... ] +# +# LDAP_EMAILMAP_ATTRIBUTE handle + +##NAME: LDAP_EMAILMAP_MAIL:0 +# +# After reading LDAP_EMAIL_ATTRIBUTE, the second query will go against +# LDAP_BASEDN, but will key against LDAP_EMAILMAP_MAIL instead of LDAP_MAIL. +# +# LDAP_EMAILMAP_MAIL mail +@ diff --git a/courier/authlib/.rcs/authmysqlrc,v b/courier/authlib/.rcs/authmysqlrc,v new file mode 100644 index 0000000..f6c6979 --- /dev/null +++ b/courier/authlib/.rcs/authmysqlrc,v @@ -0,0 +1,312 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.22.01.39; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@##VERSION: $Id: authmysqlrc,v 1.20 2007/10/07 02:50:45 mrsam Exp $ +# +# Copyright 2000-2007 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authmysqlrc created from authmysqlrc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the MySQL admin password! +# +# Each line in this file must follow the following format: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. Trailing spaces are prohibited. + + +##NAME: LOCATION:0 +# +# The server name, userid, and password used to log in. + +MYSQL_SERVER mysql.example.com +MYSQL_USERNAME admin +MYSQL_PASSWORD admin + +##NAME: SSLINFO:0 +# +# The SSL information. +# +# To use SSL-encrypted connections, define the following variables (available +# in MySQL 4.0, or higher): +# +# +# MYSQL_SSL_KEY /path/to/file +# MYSQL_SSL_CERT /path/to/file +# MYSQL_SSL_CACERT /path/to/file +# MYSQL_SSL_CAPATH /path/to/file +# MYSQL_SSL_CIPHERS ALL:!DES + +##NAME: MYSQL_SOCKET:0 +# +# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the +# filesystem pipe used for the connection +# +# MYSQL_SOCKET /var/mysql/mysql.sock + +##NAME: MYSQL_PORT:0 +# +# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to +# connect to. + +MYSQL_PORT 0 + +##NAME: MYSQL_OPT:0 +# +# Leave MYSQL_OPT as 0, unless you know what you're doing. + +MYSQL_OPT 0 + +##NAME: MYSQL_DATABASE:0 +# +# The name of the MySQL database we will open: + +MYSQL_DATABASE mysql + +#NAME: MYSQL_CHARACTER_SET:0 +# +# This is optional. MYSQL_CHARACTER_SET installs a character set. This option +# can be used with MySQL version 4.1 or later. MySQL supports 70+ collations +# for 30+ character sets. See MySQL documentations for more detalis. +# +# MYSQL_CHARACTER_SET latin1 + +##NAME: MYSQL_USER_TABLE:0 +# +# The name of the table containing your user data. See README.authmysqlrc +# for the required fields in this table. + +MYSQL_USER_TABLE passwd + +##NAME: MYSQL_CRYPT_PWFIELD:0 +# +# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both +# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext +# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow +# CRAM-MD5 authentication to be implemented. + +MYSQL_CRYPT_PWFIELD crypt + +##NAME: MYSQL_CLEAR_PWFIELD:0 +# +# +# MYSQL_CLEAR_PWFIELD clear + +##NAME: MYSQL_DEFAULT_DOMAIN:0 +# +# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', +# we will look up 'user@@DEFAULT_DOMAIN' instead. +# +# +# DEFAULT_DOMAIN example.com + +##NAME: MYSQL_UID_FIELD:0 +# +# Other fields in the mysql table: +# +# MYSQL_UID_FIELD - contains the numerical userid of the account +# +MYSQL_UID_FIELD uid + +##NAME: MYSQL_GID_FIELD:0 +# +# Numerical groupid of the account + +MYSQL_GID_FIELD gid + +##NAME: MYSQL_LOGIN_FIELD:0 +# +# The login id, default is id. Basically the query is: +# +# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid' +# + +MYSQL_LOGIN_FIELD id + +##NAME: MYSQL_HOME_FIELD:0 +# + +MYSQL_HOME_FIELD home + +##NAME: MYSQL_NAME_FIELD:0 +# +# The user's name (optional) + +MYSQL_NAME_FIELD name + +##NAME: MYSQL_MAILDIR_FIELD:0 +# +# This is an optional field, and can be used to specify an arbitrary +# location of the maildir for the account, which normally defaults to +# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD). +# +# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this +# out. +# +# MYSQL_MAILDIR_FIELD maildir + +##NAME: MYSQL_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional field specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd +# +# MYSQL_DEFAULTDELIVERY defaultdelivery + +##NAME: MYSQL_QUOTA_FIELD:0 +# +# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally +# specify a maildir quota. See README.maildirquota for more information +# +# MYSQL_QUOTA_FIELD quota + +##NAME: MYSQL_AUXOPTIONS:0 +# +# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that +# contains a single string consisting of comma-separated "ATTRIBUTE=NAME" +# pairs. These names are additional attributes that define various per-account +# "options", as given in INSTALL's description of the "Account OPTIONS" +# setting. +# +# MYSQL_AUXOPTIONS_FIELD auxoptions +# +# You might want to try something like this, if you'd like to use a bunch +# of individual fields, instead of a single text blob: +# +# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) +# +# This will let you define fields called "disableimap", etc, with the end result +# being something that the OPTIONS parser understands. + + +##NAME: MYSQL_WHERE_CLAUSE:0 +# +# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary +# fixed string that is appended to the WHERE clause of our query +# +# MYSQL_WHERE_CLAUSE server='mailhost.example.com' + +##NAME: MYSQL_SELECT_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do a SELECT operation on database, which should return fields +# in order specified bellow: +# +# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options +# +# The username field should include the domain (see example below). +# +# Enabling this option causes ignorance of any other field-related +# options, excluding default domain. +# +# There are two variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. These variables are: +# $(local_part), $(domain), $(service) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# +# $(service) will expand out to the service being authenticated: imap, imaps, +# pop3 or pop3s. Courier mail server only: service will also expand out to +# "courier", when searching for local mail account's location. In this case, +# if the "maildir" field is not empty it will be used in place of +# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing +# authenticated ESMTP. +# +# This example is a little bit modified adaptation of vmail-sql +# database scheme: +# +# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@@', popbox.domain_name), \ +# CONCAT('{MD5}', popbox.password_hash), \ +# popbox.clearpw, \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# domain.quota, \ +# '', \ +# CONCAT("disableimap=",disableimap,",disablepop3=", \ +# disablepop3,",disablewebmail=",disablewebmail, \ +# ",sharedgroup=",sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: MYSQL_ENUMERATE_CLAUSE:1 +# +# {EXPERIMENTAL} +# Optional custom SQL query used to enumerate accounts for authenumerate, +# in order to compile a list of accounts for shared folders. The query +# should return the following fields: name, uid, gid, homedir, maildir, options +# +# Example: +# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@@', popbox.domain_name), \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# CONCAT('sharedgroup=', sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + + +##NAME: MYSQL_CHPASS_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do an UPDATE operation on database. In other words, it is +# used, when changing password. +# +# There are four variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. There variables are: +# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# $(newpass) contains plain password +# $(newpass_crypt) contains its crypted form +# +# MYSQL_CHPASS_CLAUSE UPDATE popbox \ +# SET clearpw='$(newpass)', \ +# password_hash='$(newpass_crypt)' \ +# WHERE local_part='$(local_part)' \ +# AND domain_name='$(domain)' +# +@ diff --git a/courier/authlib/authdaemonrc b/courier/authlib/authdaemonrc new file mode 100644 index 0000000..ec9be6b --- /dev/null +++ b/courier/authlib/authdaemonrc @@ -0,0 +1,105 @@ +##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $ +# +# Copyright 2000-2005 Double Precision, Inc. See COPYING for +# distribution information. +# +# authdaemonrc created from authdaemonrc.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# This file configures authdaemond, the resident authentication daemon. +# +# Comments in this file are ignored. Although this file is intended to +# be sourced as a shell script, authdaemond parses it manually, so +# the acceptable syntax is a bit limited. Multiline variable contents, +# with the \ continuation character, are not allowed. Everything must +# fit on one line. Do not use any additional whitespace for indentation, +# or anything else. + +##NAME: authmodulelist:2 +# +# The authentication modules that are linked into authdaemond. The +# default list is installed. You may selectively disable modules simply +# by removing them from the following list. The available modules you +# can use are: authuserdb authpam authshadow authldap authmysql authcustom authpipe + +#authmodulelist="authmysql authldap authpam authuserdb authshadow authcustom authpipe" +#authmodulelist="authpam authuserdb authshadow authcustom authpipe" +authmodulelist="authmysql authpam" + +##NAME: authmodulelistorig:3 +# +# This setting is used by Courier's webadmin module, and should be left +# alone + +authmodulelistorig="authuserdb authpam authshadow authldap authmysql authcustom authpipe" + +##NAME: daemons:0 +# +# The number of daemon processes that are started. authdaemon is typically +# installed where authentication modules are relatively expensive: such +# as authldap, or authmysql, so it's better to have a number of them running. +# PLEASE NOTE: Some platforms may experience a problem if there's more than +# one daemon. Specifically, SystemV derived platforms that use TLI with +# socket emulation. I'm suspicious of TLI's ability to handle multiple +# processes accepting connections on the same filesystem domain socket. +# +# You may need to increase daemons if as your system load increases. Symptoms +# include sporadic authentication failures. If you start getting +# authentication failures, increase daemons. However, the default of 5 +# SHOULD be sufficient. Bumping up daemon count is only a short-term +# solution. The permanent solution is to add more resources: RAM, faster +# disks, faster CPUs... + +daemons=5 + +##NAME: authdaemonvar:2 +# +# authdaemonvar is here, but is not used directly by authdaemond. It's +# used by various configuration and build scripts, so don't touch it! + +authdaemonvar=/var/lib/courier/authdaemon + +##NAME: DEBUG_LOGIN:0 +# +# Dump additional diagnostics to syslog +# +# DEBUG_LOGIN=0 - turn off debugging +# DEBUG_LOGIN=1 - turn on debugging +# DEBUG_LOGIN=2 - turn on debugging + log passwords too +# +# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog. +# +# Note that most information is sent to syslog at level 'debug', so +# you may need to modify your /etc/syslog.conf to be able to see it. + +DEBUG_LOGIN=0 + +##NAME: DEFAULTOPTIONS:0 +# +# A comma-separated list of option=value pairs. Each option is applied +# to an account if the account does not have its own specific value for +# that option. So for example, you can set +# DEFAULTOPTIONS="disablewebmail=1,disableimap=1" +# and then enable webmail and/or imap on individual accounts by setting +# disablewebmail=0 and/or disableimap=0 on the account. + +DEFAULTOPTIONS="" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options, e.g. to set syslog facility +# + +LOGGEROPTS="" + +##NAME: LDAP_TLS_OPTIONS:0 +# +# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'. +# Examples: +# +#LDAPTLS_CACERT=/path/to/cacert.pem +#LDAPTLS_REQCERT=demand +#LDAPTLS_CERT=/path/to/clientcert.pem +#LDAPTLS_KEY=/path/to/clientkey.pem diff --git a/courier/authlib/authdaemonrc.dist b/courier/authlib/authdaemonrc.dist new file mode 100644 index 0000000..63cc6b1 --- /dev/null +++ b/courier/authlib/authdaemonrc.dist @@ -0,0 +1,103 @@ +##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $ +# +# Copyright 2000-2005 Double Precision, Inc. See COPYING for +# distribution information. +# +# authdaemonrc created from authdaemonrc.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# This file configures authdaemond, the resident authentication daemon. +# +# Comments in this file are ignored. Although this file is intended to +# be sourced as a shell script, authdaemond parses it manually, so +# the acceptable syntax is a bit limited. Multiline variable contents, +# with the \ continuation character, are not allowed. Everything must +# fit on one line. Do not use any additional whitespace for indentation, +# or anything else. + +##NAME: authmodulelist:2 +# +# The authentication modules that are linked into authdaemond. The +# default list is installed. You may selectively disable modules simply +# by removing them from the following list. The available modules you +# can use are: authuserdb authpam authshadow authldap authmysql authcustom authpipe + +authmodulelist="authuserdb authpam authshadow authldap authmysql authcustom authpipe" + +##NAME: authmodulelistorig:3 +# +# This setting is used by Courier's webadmin module, and should be left +# alone + +authmodulelistorig="authuserdb authpam authshadow authldap authmysql authcustom authpipe" + +##NAME: daemons:0 +# +# The number of daemon processes that are started. authdaemon is typically +# installed where authentication modules are relatively expensive: such +# as authldap, or authmysql, so it's better to have a number of them running. +# PLEASE NOTE: Some platforms may experience a problem if there's more than +# one daemon. Specifically, SystemV derived platforms that use TLI with +# socket emulation. I'm suspicious of TLI's ability to handle multiple +# processes accepting connections on the same filesystem domain socket. +# +# You may need to increase daemons if as your system load increases. Symptoms +# include sporadic authentication failures. If you start getting +# authentication failures, increase daemons. However, the default of 5 +# SHOULD be sufficient. Bumping up daemon count is only a short-term +# solution. The permanent solution is to add more resources: RAM, faster +# disks, faster CPUs... + +daemons=5 + +##NAME: authdaemonvar:2 +# +# authdaemonvar is here, but is not used directly by authdaemond. It's +# used by various configuration and build scripts, so don't touch it! + +authdaemonvar=/var/lib/courier/authdaemon + +##NAME: DEBUG_LOGIN:0 +# +# Dump additional diagnostics to syslog +# +# DEBUG_LOGIN=0 - turn off debugging +# DEBUG_LOGIN=1 - turn on debugging +# DEBUG_LOGIN=2 - turn on debugging + log passwords too +# +# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog. +# +# Note that most information is sent to syslog at level 'debug', so +# you may need to modify your /etc/syslog.conf to be able to see it. + +DEBUG_LOGIN=0 + +##NAME: DEFAULTOPTIONS:0 +# +# A comma-separated list of option=value pairs. Each option is applied +# to an account if the account does not have its own specific value for +# that option. So for example, you can set +# DEFAULTOPTIONS="disablewebmail=1,disableimap=1" +# and then enable webmail and/or imap on individual accounts by setting +# disablewebmail=0 and/or disableimap=0 on the account. + +DEFAULTOPTIONS="" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options, e.g. to set syslog facility +# + +LOGGEROPTS="" + +##NAME: LDAP_TLS_OPTIONS:0 +# +# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'. +# Examples: +# +#LDAPTLS_CACERT=/path/to/cacert.pem +#LDAPTLS_REQCERT=demand +#LDAPTLS_CERT=/path/to/clientcert.pem +#LDAPTLS_KEY=/path/to/clientkey.pem diff --git a/courier/authlib/authldaprc b/courier/authlib/authldaprc new file mode 100644 index 0000000..79bfa94 --- /dev/null +++ b/courier/authlib/authldaprc @@ -0,0 +1,273 @@ +##VERSION: $Id: authldaprc,v 1.25 2005/10/05 00:07:32 mrsam Exp $ +# +# Copyright 2000-2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authldaprc created from authldaprc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the LDAP admin password! +# +# This configuration file specifies LDAP authentication parameters +# +# The format of this file must be as follows: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. No trailing spaces. +# +# Here are the fields: + +##NAME: LOCATION:1 +# +# Location of your LDAP server(s). If you have multiple LDAP servers, +# you can list them separated by commas and spaces, and they will be tried in +# turn. + +LDAP_URI ldaps://ldap.example.com, ldaps://backup.example.com + +##NAME: LDAP_PROTOCOL_VERSION:0 +# +# Which version of LDAP protocol to use + +LDAP_PROTOCOL_VERSION 3 + +##NAME: LDAP_BASEDN:0 +# +# Look for authentication here: + +LDAP_BASEDN o=example, c=com + +##NAME: LDAP_BINDDN:0 +# +# You may or may not need to specify the following. Because you've got +# a password here, authldaprc should not be world-readable!!! + +LDAP_BINDDN cn=administrator, o=example, c=com +LDAP_BINDPW toto + +##NAME: LDAP_TIMEOUT:0 +# +# Timeout for LDAP search and connection + +LDAP_TIMEOUT 5 + +##NAME: LDAP_AUTHBIND:0 +# +# Define this to have the ldap server authenticate passwords. If LDAP_AUTHBIND +# the password is validated by rebinding with the supplied userid and password. +# If rebind succeeds, this is considered to be an authenticated request. This +# does not support CRAM-MD5 authentication, which requires clearPassword. +# Additionally, if LDAP_AUTHBIND is 1 then password changes are done under +# the credentials of the user themselves, not LDAP_BINDDN/BINDPW +# +# LDAP_AUTHBIND 1 + +##NAME: LDAP_MAIL:0 +# +# Here's the field on which we query + +LDAP_MAIL mail + +##NAME: LDAP_FILTER:0 +# +# This LDAP filter will be ANDed with the query for the field defined above +# in LDAP_MAIL. So if you are querying for mail, and you have LDAP_FILTER +# defined to be "(objectClass=CourierMailAccount)" the query that is performed +# will be "(&(objectClass=CourierMailAccount)(mail=))" +# +# LDAP_FILTER (objectClass=CourierMailAccount) + +##NAME: LDAP_DOMAIN:0 +# +# The following default domain will be appended, if not explicitly specified. +# +# LDAP_DOMAIN example.com + +##NAME: LDAP_GLOB_IDS:0 +# +# The following two variables can be used to set everybody's uid and gid. +# This is convenient if your LDAP specifies a bunch of virtual mail accounts +# The values can be usernames or userids: +# +# LDAP_GLOB_UID vmail +# LDAP_GLOB_GID vmail + +##NAME: LDAP_HOMEDIR:0 +# +# We will retrieve the following attributes +# +# The HOMEDIR attribute MUST exist, and we MUST be able to chdir to it + +LDAP_HOMEDIR homeDirectory + +##NAME: LDAP_MAILROOT:0 +# +# If homeDirectory is not an absolute path, define the root of the +# relative paths in LDAP_MAILROOT +# +# LDAP_MAILROOT /var/mail + + +##NAME: LDAP_MAILDIR:0 +# +# The MAILDIR attribute is OPTIONAL, and specifies the location of the +# mail directory. If not specified, ./Maildir will be used + +LDAP_MAILDIR mailbox + +##NAME: LDAP_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional attribute specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd + +LDAP_DEFAULTDELIVERY defaultDelivery + +##NAME: LDAP_MAILDIRQUOTA:0 +# +# The following variable, if defined, specifies the field containing the +# maildir quota, see README.maildirquota for more information +# +# LDAP_MAILDIRQUOTA quota + + +##NAME: LDAP_FULLNAME:0 +# +# FULLNAME is optional, specifies the user's full name + +LDAP_FULLNAME cn + +##NAME: LDAP_PW:0 +# +# CLEARPW is the clear text password. CRYPT is the crypted password. +# ONE OF THESE TWO ATTRIBUTES IS REQUIRED. If CLEARPW is provided, and +# libhmac.a is available, CRAM authentication will be possible! + +LDAP_CLEARPW clearPassword +LDAP_CRYPTPW userPassword + +##NAME: LDAP_IDS:0 +# +# Uncomment the following, and modify as appropriate, if your LDAP database +# stores individual userids and groupids. Otherwise, you must uncomment +# LDAP_GLOB_UID and LDAP_GLOB_GID above. LDAP_GLOB_UID and LDAP_GLOB_GID +# specify a uid/gid for everyone. Otherwise, LDAP_UID and LDAP_GID must +# be defined as attributes for everyone. +# +# LDAP_UID uidNumber +# LDAP_GID gidNumber + + +##NAME: LDAP_AUXOPTIONS:0 +# +# Auxiliary options. The LDAP_AUXOPTIONS setting should contain a list of +# comma-separated "ATTRIBUTE=NAME" pairs. These names are additional +# attributes that define various per-account "options", as given in +# INSTALL's description of the OPTIONS setting. +# +# Each ATTRIBUTE specifies an LDAP attribute name. If it is present, +# the attribute value gets placed in the OPTIONS variable, with the name +# NAME. For example: +# +# LDAP_AUXOPTIONS shared=sharedgroup,disableimap=disableimap +# +# Then, if an LDAP record contains the following attributes: +# +# shared: domain1 +# disableimap: 0 +# +# Then authldap will initialize OPTIONS to "sharedgroup=domain1,disableimap=0" +# +# NOTE: ** no spaces in this setting **, the above example has exactly +# one tab character after LDAP_AUXOPTIONS + + +##NAME: LDAP_ENUMERATE_FILTER:0 +# +# {EXPERIMENTAL} +# Optional custom filter used when enumerating accounts for authenumerate, +# in order to compile a list of accounts for shared folders. If present, +# this filter will be used instead of LDAP_FILTER. +# +# LDAP_ENUMERATE_FILTER (&(objectClass=CourierMailAccount)(!(disableshared=1))) + + +##NAME: LDAP_DEREF:0 +# +# Determines how aliases are handled during a search. This option is available +# only with OpenLDAP 2.0 +# +# LDAP_DEREF can be one of the following values: +# never, searching, finding, always. If not specified, aliases are +# never dereferenced. + +LDAP_DEREF never + +##NAME: LDAP_TLS:0 +# +# Set LDAP_TLS to 1 to use the Start TLS extension (RFC 2830). This is +# when the server accepts a normal LDAP connection on port 389 which +# the client then requests 'upgrading' to TLS, and is equivalent to the +# -ZZ flag to ldapsearch. If you are using an ldaps:// URI then do not +# set this option. +# +# For additional LDAP-related options, see the authdaemonrc config file. + +LDAP_TLS 0 + +##NAME: LDAP_EMAILMAP:0 +# +# The following optional settings, if enabled, result in an extra LDAP +# lookup to first locate a handle for an E-mail address, then a second lookup +# on that handle to get the actual authentication record. You'll need +# to uncomment these settings to enable an email handle lookup. +# +# The E-mail address must be of the form user@realm, and this is plugged +# into the following search string. "@user@" and "@realm@" are placeholders +# for the user and the realm portions of the login ID. +# +# LDAP_EMAILMAP (&(userid=@user@)(realm=@realm@)) + +##NAME: LDAP_EMAILMAP_BASEDN:0 +# +# Specify the basedn for the email lookup. The default is LDAP_BASEDN. +# +# LDAP_EMAILMAP_BASEDN o=emailmap, c=com + + +##NAME: LDAP_EMAILMAP_ATTRIBUTE:0 +# +# The attribute which holds the handle. The contents of this attribute +# are then plugged into the regular authentication lookup, and you must set +# LDAP_EMAILMAP_MAIL to the name of this attribute in the authentication +# records (which may be the same as LDAP_MAIL). +# You MUST also leave LDAP_DOMAIN undefined. This enables authenticating +# by handles only. +# +# Here's an example: +# +# dn: userid=john, realm=example.com, o=emailmap, c=com # LDAP_EMAILMAP_BASEDN +# userid: john # LDAP_EMAILMAP search +# realm: example.com # LDAP_EMAILMAP search +# handle: cc223344 # LDAP_EMAILMAP_ATTRIBUTE +# +# +# dn: controlHandle=cc223344, o=example, c=com # LDAP_BASEDN +# controlHandle: cc223344 # LDAP_EMAILMAP_MAIL set to "controlHandle" +# uid: ... +# gid: ... +# [ etc... ] +# +# LDAP_EMAILMAP_ATTRIBUTE handle + +##NAME: LDAP_EMAILMAP_MAIL:0 +# +# After reading LDAP_EMAIL_ATTRIBUTE, the second query will go against +# LDAP_BASEDN, but will key against LDAP_EMAILMAP_MAIL instead of LDAP_MAIL. +# +# LDAP_EMAILMAP_MAIL mail diff --git a/courier/authlib/authldaprc.dist b/courier/authlib/authldaprc.dist new file mode 100644 index 0000000..79bfa94 --- /dev/null +++ b/courier/authlib/authldaprc.dist @@ -0,0 +1,273 @@ +##VERSION: $Id: authldaprc,v 1.25 2005/10/05 00:07:32 mrsam Exp $ +# +# Copyright 2000-2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authldaprc created from authldaprc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the LDAP admin password! +# +# This configuration file specifies LDAP authentication parameters +# +# The format of this file must be as follows: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. No trailing spaces. +# +# Here are the fields: + +##NAME: LOCATION:1 +# +# Location of your LDAP server(s). If you have multiple LDAP servers, +# you can list them separated by commas and spaces, and they will be tried in +# turn. + +LDAP_URI ldaps://ldap.example.com, ldaps://backup.example.com + +##NAME: LDAP_PROTOCOL_VERSION:0 +# +# Which version of LDAP protocol to use + +LDAP_PROTOCOL_VERSION 3 + +##NAME: LDAP_BASEDN:0 +# +# Look for authentication here: + +LDAP_BASEDN o=example, c=com + +##NAME: LDAP_BINDDN:0 +# +# You may or may not need to specify the following. Because you've got +# a password here, authldaprc should not be world-readable!!! + +LDAP_BINDDN cn=administrator, o=example, c=com +LDAP_BINDPW toto + +##NAME: LDAP_TIMEOUT:0 +# +# Timeout for LDAP search and connection + +LDAP_TIMEOUT 5 + +##NAME: LDAP_AUTHBIND:0 +# +# Define this to have the ldap server authenticate passwords. If LDAP_AUTHBIND +# the password is validated by rebinding with the supplied userid and password. +# If rebind succeeds, this is considered to be an authenticated request. This +# does not support CRAM-MD5 authentication, which requires clearPassword. +# Additionally, if LDAP_AUTHBIND is 1 then password changes are done under +# the credentials of the user themselves, not LDAP_BINDDN/BINDPW +# +# LDAP_AUTHBIND 1 + +##NAME: LDAP_MAIL:0 +# +# Here's the field on which we query + +LDAP_MAIL mail + +##NAME: LDAP_FILTER:0 +# +# This LDAP filter will be ANDed with the query for the field defined above +# in LDAP_MAIL. So if you are querying for mail, and you have LDAP_FILTER +# defined to be "(objectClass=CourierMailAccount)" the query that is performed +# will be "(&(objectClass=CourierMailAccount)(mail=))" +# +# LDAP_FILTER (objectClass=CourierMailAccount) + +##NAME: LDAP_DOMAIN:0 +# +# The following default domain will be appended, if not explicitly specified. +# +# LDAP_DOMAIN example.com + +##NAME: LDAP_GLOB_IDS:0 +# +# The following two variables can be used to set everybody's uid and gid. +# This is convenient if your LDAP specifies a bunch of virtual mail accounts +# The values can be usernames or userids: +# +# LDAP_GLOB_UID vmail +# LDAP_GLOB_GID vmail + +##NAME: LDAP_HOMEDIR:0 +# +# We will retrieve the following attributes +# +# The HOMEDIR attribute MUST exist, and we MUST be able to chdir to it + +LDAP_HOMEDIR homeDirectory + +##NAME: LDAP_MAILROOT:0 +# +# If homeDirectory is not an absolute path, define the root of the +# relative paths in LDAP_MAILROOT +# +# LDAP_MAILROOT /var/mail + + +##NAME: LDAP_MAILDIR:0 +# +# The MAILDIR attribute is OPTIONAL, and specifies the location of the +# mail directory. If not specified, ./Maildir will be used + +LDAP_MAILDIR mailbox + +##NAME: LDAP_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional attribute specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd + +LDAP_DEFAULTDELIVERY defaultDelivery + +##NAME: LDAP_MAILDIRQUOTA:0 +# +# The following variable, if defined, specifies the field containing the +# maildir quota, see README.maildirquota for more information +# +# LDAP_MAILDIRQUOTA quota + + +##NAME: LDAP_FULLNAME:0 +# +# FULLNAME is optional, specifies the user's full name + +LDAP_FULLNAME cn + +##NAME: LDAP_PW:0 +# +# CLEARPW is the clear text password. CRYPT is the crypted password. +# ONE OF THESE TWO ATTRIBUTES IS REQUIRED. If CLEARPW is provided, and +# libhmac.a is available, CRAM authentication will be possible! + +LDAP_CLEARPW clearPassword +LDAP_CRYPTPW userPassword + +##NAME: LDAP_IDS:0 +# +# Uncomment the following, and modify as appropriate, if your LDAP database +# stores individual userids and groupids. Otherwise, you must uncomment +# LDAP_GLOB_UID and LDAP_GLOB_GID above. LDAP_GLOB_UID and LDAP_GLOB_GID +# specify a uid/gid for everyone. Otherwise, LDAP_UID and LDAP_GID must +# be defined as attributes for everyone. +# +# LDAP_UID uidNumber +# LDAP_GID gidNumber + + +##NAME: LDAP_AUXOPTIONS:0 +# +# Auxiliary options. The LDAP_AUXOPTIONS setting should contain a list of +# comma-separated "ATTRIBUTE=NAME" pairs. These names are additional +# attributes that define various per-account "options", as given in +# INSTALL's description of the OPTIONS setting. +# +# Each ATTRIBUTE specifies an LDAP attribute name. If it is present, +# the attribute value gets placed in the OPTIONS variable, with the name +# NAME. For example: +# +# LDAP_AUXOPTIONS shared=sharedgroup,disableimap=disableimap +# +# Then, if an LDAP record contains the following attributes: +# +# shared: domain1 +# disableimap: 0 +# +# Then authldap will initialize OPTIONS to "sharedgroup=domain1,disableimap=0" +# +# NOTE: ** no spaces in this setting **, the above example has exactly +# one tab character after LDAP_AUXOPTIONS + + +##NAME: LDAP_ENUMERATE_FILTER:0 +# +# {EXPERIMENTAL} +# Optional custom filter used when enumerating accounts for authenumerate, +# in order to compile a list of accounts for shared folders. If present, +# this filter will be used instead of LDAP_FILTER. +# +# LDAP_ENUMERATE_FILTER (&(objectClass=CourierMailAccount)(!(disableshared=1))) + + +##NAME: LDAP_DEREF:0 +# +# Determines how aliases are handled during a search. This option is available +# only with OpenLDAP 2.0 +# +# LDAP_DEREF can be one of the following values: +# never, searching, finding, always. If not specified, aliases are +# never dereferenced. + +LDAP_DEREF never + +##NAME: LDAP_TLS:0 +# +# Set LDAP_TLS to 1 to use the Start TLS extension (RFC 2830). This is +# when the server accepts a normal LDAP connection on port 389 which +# the client then requests 'upgrading' to TLS, and is equivalent to the +# -ZZ flag to ldapsearch. If you are using an ldaps:// URI then do not +# set this option. +# +# For additional LDAP-related options, see the authdaemonrc config file. + +LDAP_TLS 0 + +##NAME: LDAP_EMAILMAP:0 +# +# The following optional settings, if enabled, result in an extra LDAP +# lookup to first locate a handle for an E-mail address, then a second lookup +# on that handle to get the actual authentication record. You'll need +# to uncomment these settings to enable an email handle lookup. +# +# The E-mail address must be of the form user@realm, and this is plugged +# into the following search string. "@user@" and "@realm@" are placeholders +# for the user and the realm portions of the login ID. +# +# LDAP_EMAILMAP (&(userid=@user@)(realm=@realm@)) + +##NAME: LDAP_EMAILMAP_BASEDN:0 +# +# Specify the basedn for the email lookup. The default is LDAP_BASEDN. +# +# LDAP_EMAILMAP_BASEDN o=emailmap, c=com + + +##NAME: LDAP_EMAILMAP_ATTRIBUTE:0 +# +# The attribute which holds the handle. The contents of this attribute +# are then plugged into the regular authentication lookup, and you must set +# LDAP_EMAILMAP_MAIL to the name of this attribute in the authentication +# records (which may be the same as LDAP_MAIL). +# You MUST also leave LDAP_DOMAIN undefined. This enables authenticating +# by handles only. +# +# Here's an example: +# +# dn: userid=john, realm=example.com, o=emailmap, c=com # LDAP_EMAILMAP_BASEDN +# userid: john # LDAP_EMAILMAP search +# realm: example.com # LDAP_EMAILMAP search +# handle: cc223344 # LDAP_EMAILMAP_ATTRIBUTE +# +# +# dn: controlHandle=cc223344, o=example, c=com # LDAP_BASEDN +# controlHandle: cc223344 # LDAP_EMAILMAP_MAIL set to "controlHandle" +# uid: ... +# gid: ... +# [ etc... ] +# +# LDAP_EMAILMAP_ATTRIBUTE handle + +##NAME: LDAP_EMAILMAP_MAIL:0 +# +# After reading LDAP_EMAIL_ATTRIBUTE, the second query will go against +# LDAP_BASEDN, but will key against LDAP_EMAILMAP_MAIL instead of LDAP_MAIL. +# +# LDAP_EMAILMAP_MAIL mail diff --git a/courier/authlib/authmysqlrc b/courier/authlib/authmysqlrc new file mode 100644 index 0000000..eba3f98 --- /dev/null +++ b/courier/authlib/authmysqlrc @@ -0,0 +1,297 @@ +##VERSION: $Id: authmysqlrc,v 1.20 2007/10/07 02:50:45 mrsam Exp $ +# +# Copyright 2000-2007 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authmysqlrc created from authmysqlrc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the MySQL admin password! +# +# Each line in this file must follow the following format: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. Trailing spaces are prohibited. + + +##NAME: LOCATION:0 +# +# The server name, userid, and password used to log in. +# +#MYSQL_SERVER mysql.example.com +#MYSQL_USERNAME admin +#MYSQL_PASSWORD admin +# + +MYSQL_SERVER localhost +MYSQL_USERNAME vmail +MYSQL_PASSWORD Pee5au0T + +##NAME: SSLINFO:0 +# +# The SSL information. +# +# To use SSL-encrypted connections, define the following variables (available +# in MySQL 4.0, or higher): +# +# +# MYSQL_SSL_KEY /path/to/file +# MYSQL_SSL_CERT /path/to/file +# MYSQL_SSL_CACERT /path/to/file +# MYSQL_SSL_CAPATH /path/to/file +# MYSQL_SSL_CIPHERS ALL:!DES + +##NAME: MYSQL_SOCKET:0 +# +# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the +# filesystem pipe used for the connection +# +MYSQL_SOCKET /var/run/mysqld/mysqld.sock + +##NAME: MYSQL_PORT:0 +# +# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to +# connect to. + +MYSQL_PORT 0 + +##NAME: MYSQL_OPT:0 +# +# Leave MYSQL_OPT as 0, unless you know what you're doing. + +MYSQL_OPT 0 + +##NAME: MYSQL_DATABASE:0 +# +# The name of the MySQL database we will open: + +MYSQL_DATABASE vmail + +#NAME: MYSQL_CHARACTER_SET:0 +# +# This is optional. MYSQL_CHARACTER_SET installs a character set. This option +# can be used with MySQL version 4.1 or later. MySQL supports 70+ collations +# for 30+ character sets. See MySQL documentations for more detalis. +# +# MYSQL_CHARACTER_SET latin1 + +##NAME: MYSQL_USER_TABLE:0 +# +# The name of the table containing your user data. See README.authmysqlrc +# for the required fields in this table. + +MYSQL_USER_TABLE users + +##NAME: MYSQL_CRYPT_PWFIELD:0 +# +# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both +# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext +# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow +# CRAM-MD5 authentication to be implemented. + +#MYSQL_CRYPT_PWFIELD crypt + +##NAME: MYSQL_CLEAR_PWFIELD:0 +# +# +MYSQL_CLEAR_PWFIELD clear + +##NAME: MYSQL_DEFAULT_DOMAIN:0 +# +# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', +# we will look up 'user@DEFAULT_DOMAIN' instead. +# +# +# DEFAULT_DOMAIN example.com + +##NAME: MYSQL_UID_FIELD:0 +# +# Other fields in the mysql table: +# +# MYSQL_UID_FIELD - contains the numerical userid of the account +# +MYSQL_UID_FIELD uid + +##NAME: MYSQL_GID_FIELD:0 +# +# Numerical groupid of the account + +MYSQL_GID_FIELD gid + +##NAME: MYSQL_LOGIN_FIELD:0 +# +# The login id, default is id. Basically the query is: +# +# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid' +# + +MYSQL_LOGIN_FIELD email + +##NAME: MYSQL_HOME_FIELD:0 +# + +MYSQL_HOME_FIELD homedir + +##NAME: MYSQL_NAME_FIELD:0 +# +# The user's name (optional) + +MYSQL_NAME_FIELD name + +##NAME: MYSQL_MAILDIR_FIELD:0 +# +# This is an optional field, and can be used to specify an arbitrary +# location of the maildir for the account, which normally defaults to +# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD). +# +# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this +# out. +# +MYSQL_MAILDIR_FIELD maildir + +##NAME: MYSQL_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional field specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd +# +# MYSQL_DEFAULTDELIVERY defaultdelivery + +##NAME: MYSQL_QUOTA_FIELD:0 +# +# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally +# specify a maildir quota. See README.maildirquota for more information +# +MYSQL_QUOTA_FIELD quota + +##NAME: MYSQL_AUXOPTIONS:0 +# +# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that +# contains a single string consisting of comma-separated "ATTRIBUTE=NAME" +# pairs. These names are additional attributes that define various per-account +# "options", as given in INSTALL's description of the "Account OPTIONS" +# setting. +# +# MYSQL_AUXOPTIONS_FIELD auxoptions +# +# You might want to try something like this, if you'd like to use a bunch +# of individual fields, instead of a single text blob: +# +# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) +# +# This will let you define fields called "disableimap", etc, with the end result +# being something that the OPTIONS parser understands. + + +##NAME: MYSQL_WHERE_CLAUSE:0 +# +# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary +# fixed string that is appended to the WHERE clause of our query +# +MYSQL_WHERE_CLAUSE enabled='y' + +##NAME: MYSQL_SELECT_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do a SELECT operation on database, which should return fields +# in order specified bellow: +# +# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options +# +# The username field should include the domain (see example below). +# +# Enabling this option causes ignorance of any other field-related +# options, excluding default domain. +# +# There are two variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. These variables are: +# $(local_part), $(domain), $(service) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# +# $(service) will expand out to the service being authenticated: imap, imaps, +# pop3 or pop3s. Courier mail server only: service will also expand out to +# "courier", when searching for local mail account's location. In this case, +# if the "maildir" field is not empty it will be used in place of +# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing +# authenticated ESMTP. +# +# This example is a little bit modified adaptation of vmail-sql +# database scheme: +# +# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \ +# CONCAT('{MD5}', popbox.password_hash), \ +# popbox.clearpw, \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# domain.quota, \ +# '', \ +# CONCAT("disableimap=",disableimap,",disablepop3=", \ +# disablepop3,",disablewebmail=",disablewebmail, \ +# ",sharedgroup=",sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: MYSQL_ENUMERATE_CLAUSE:1 +# +# {EXPERIMENTAL} +# Optional custom SQL query used to enumerate accounts for authenumerate, +# in order to compile a list of accounts for shared folders. The query +# should return the following fields: name, uid, gid, homedir, maildir, options +# +# Example: +# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# CONCAT('sharedgroup=', sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + + +##NAME: MYSQL_CHPASS_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do an UPDATE operation on database. In other words, it is +# used, when changing password. +# +# There are four variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. There variables are: +# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# $(newpass) contains plain password +# $(newpass_crypt) contains its crypted form +# +# MYSQL_CHPASS_CLAUSE UPDATE popbox \ +# SET clearpw='$(newpass)', \ +# password_hash='$(newpass_crypt)' \ +# WHERE local_part='$(local_part)' \ +# AND domain_name='$(domain)' +# + +MYSQL_CHPASS_CLAUSE UPDATE users \ + SET clear='$(newpass)' \ + WHERE email='$(local_part)@$(domain)' diff --git a/courier/authlib/authmysqlrc.dist b/courier/authlib/authmysqlrc.dist new file mode 100644 index 0000000..dd645e1 --- /dev/null +++ b/courier/authlib/authmysqlrc.dist @@ -0,0 +1,288 @@ +##VERSION: $Id: authmysqlrc,v 1.20 2007/10/07 02:50:45 mrsam Exp $ +# +# Copyright 2000-2007 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authmysqlrc created from authmysqlrc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the MySQL admin password! +# +# Each line in this file must follow the following format: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. Trailing spaces are prohibited. + + +##NAME: LOCATION:0 +# +# The server name, userid, and password used to log in. + +MYSQL_SERVER mysql.example.com +MYSQL_USERNAME admin +MYSQL_PASSWORD admin + +##NAME: SSLINFO:0 +# +# The SSL information. +# +# To use SSL-encrypted connections, define the following variables (available +# in MySQL 4.0, or higher): +# +# +# MYSQL_SSL_KEY /path/to/file +# MYSQL_SSL_CERT /path/to/file +# MYSQL_SSL_CACERT /path/to/file +# MYSQL_SSL_CAPATH /path/to/file +# MYSQL_SSL_CIPHERS ALL:!DES + +##NAME: MYSQL_SOCKET:0 +# +# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the +# filesystem pipe used for the connection +# +# MYSQL_SOCKET /var/mysql/mysql.sock + +##NAME: MYSQL_PORT:0 +# +# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to +# connect to. + +MYSQL_PORT 0 + +##NAME: MYSQL_OPT:0 +# +# Leave MYSQL_OPT as 0, unless you know what you're doing. + +MYSQL_OPT 0 + +##NAME: MYSQL_DATABASE:0 +# +# The name of the MySQL database we will open: + +MYSQL_DATABASE mysql + +#NAME: MYSQL_CHARACTER_SET:0 +# +# This is optional. MYSQL_CHARACTER_SET installs a character set. This option +# can be used with MySQL version 4.1 or later. MySQL supports 70+ collations +# for 30+ character sets. See MySQL documentations for more detalis. +# +# MYSQL_CHARACTER_SET latin1 + +##NAME: MYSQL_USER_TABLE:0 +# +# The name of the table containing your user data. See README.authmysqlrc +# for the required fields in this table. + +MYSQL_USER_TABLE passwd + +##NAME: MYSQL_CRYPT_PWFIELD:0 +# +# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both +# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext +# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow +# CRAM-MD5 authentication to be implemented. + +MYSQL_CRYPT_PWFIELD crypt + +##NAME: MYSQL_CLEAR_PWFIELD:0 +# +# +# MYSQL_CLEAR_PWFIELD clear + +##NAME: MYSQL_DEFAULT_DOMAIN:0 +# +# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', +# we will look up 'user@DEFAULT_DOMAIN' instead. +# +# +# DEFAULT_DOMAIN example.com + +##NAME: MYSQL_UID_FIELD:0 +# +# Other fields in the mysql table: +# +# MYSQL_UID_FIELD - contains the numerical userid of the account +# +MYSQL_UID_FIELD uid + +##NAME: MYSQL_GID_FIELD:0 +# +# Numerical groupid of the account + +MYSQL_GID_FIELD gid + +##NAME: MYSQL_LOGIN_FIELD:0 +# +# The login id, default is id. Basically the query is: +# +# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid' +# + +MYSQL_LOGIN_FIELD id + +##NAME: MYSQL_HOME_FIELD:0 +# + +MYSQL_HOME_FIELD home + +##NAME: MYSQL_NAME_FIELD:0 +# +# The user's name (optional) + +MYSQL_NAME_FIELD name + +##NAME: MYSQL_MAILDIR_FIELD:0 +# +# This is an optional field, and can be used to specify an arbitrary +# location of the maildir for the account, which normally defaults to +# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD). +# +# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this +# out. +# +# MYSQL_MAILDIR_FIELD maildir + +##NAME: MYSQL_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional field specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd +# +# MYSQL_DEFAULTDELIVERY defaultdelivery + +##NAME: MYSQL_QUOTA_FIELD:0 +# +# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally +# specify a maildir quota. See README.maildirquota for more information +# +# MYSQL_QUOTA_FIELD quota + +##NAME: MYSQL_AUXOPTIONS:0 +# +# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that +# contains a single string consisting of comma-separated "ATTRIBUTE=NAME" +# pairs. These names are additional attributes that define various per-account +# "options", as given in INSTALL's description of the "Account OPTIONS" +# setting. +# +# MYSQL_AUXOPTIONS_FIELD auxoptions +# +# You might want to try something like this, if you'd like to use a bunch +# of individual fields, instead of a single text blob: +# +# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) +# +# This will let you define fields called "disableimap", etc, with the end result +# being something that the OPTIONS parser understands. + + +##NAME: MYSQL_WHERE_CLAUSE:0 +# +# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary +# fixed string that is appended to the WHERE clause of our query +# +# MYSQL_WHERE_CLAUSE server='mailhost.example.com' + +##NAME: MYSQL_SELECT_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do a SELECT operation on database, which should return fields +# in order specified bellow: +# +# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options +# +# The username field should include the domain (see example below). +# +# Enabling this option causes ignorance of any other field-related +# options, excluding default domain. +# +# There are two variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. These variables are: +# $(local_part), $(domain), $(service) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# +# $(service) will expand out to the service being authenticated: imap, imaps, +# pop3 or pop3s. Courier mail server only: service will also expand out to +# "courier", when searching for local mail account's location. In this case, +# if the "maildir" field is not empty it will be used in place of +# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing +# authenticated ESMTP. +# +# This example is a little bit modified adaptation of vmail-sql +# database scheme: +# +# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \ +# CONCAT('{MD5}', popbox.password_hash), \ +# popbox.clearpw, \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# domain.quota, \ +# '', \ +# CONCAT("disableimap=",disableimap,",disablepop3=", \ +# disablepop3,",disablewebmail=",disablewebmail, \ +# ",sharedgroup=",sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: MYSQL_ENUMERATE_CLAUSE:1 +# +# {EXPERIMENTAL} +# Optional custom SQL query used to enumerate accounts for authenumerate, +# in order to compile a list of accounts for shared folders. The query +# should return the following fields: name, uid, gid, homedir, maildir, options +# +# Example: +# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \ +# domain.uid, \ +# domain.gid, \ +# CONCAT(domain.path, '/', popbox.mbox_name), \ +# '', \ +# CONCAT('sharedgroup=', sharedgroup) \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + + +##NAME: MYSQL_CHPASS_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do an UPDATE operation on database. In other words, it is +# used, when changing password. +# +# There are four variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. There variables are: +# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# $(newpass) contains plain password +# $(newpass_crypt) contains its crypted form +# +# MYSQL_CHPASS_CLAUSE UPDATE popbox \ +# SET clearpw='$(newpass)', \ +# password_hash='$(newpass_crypt)' \ +# WHERE local_part='$(local_part)' \ +# AND domain_name='$(domain)' +# diff --git a/cron.daily/.rcs/logrotate,v b/cron.daily/.rcs/logrotate,v new file mode 100755 index 0000000..3aa4d30 --- /dev/null +++ b/cron.daily/.rcs/logrotate,v @@ -0,0 +1,33 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.12.02.12.05.17; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@#!/bin/sh + +#test -x /usr/sbin/logrotate || exit 0 +#/usr/sbin/logrotate /etc/logrotate.conf + +if [ -x /usr/scripts/logrotate.pl ] ; then + /usr/scripts/logrotate.pl >> /var/log/logrotate.log +fi + +@ diff --git a/cron.daily/get-checks-from-postfixbuch b/cron.daily/get-checks-from-postfixbuch new file mode 100755 index 0000000..b353a95 --- /dev/null +++ b/cron.daily/get-checks-from-postfixbuch @@ -0,0 +1,6 @@ +#!/bin/sh + +if [ -x /etc/postfix/get-checks-from-postfixbuch.sh ] ; then + /etc/postfix/get-checks-from-postfixbuch.sh >> /var/log/get-checks-from-postfixbuch.log +fi + diff --git a/cron.daily/logrotate b/cron.daily/logrotate new file mode 100755 index 0000000..f8f2da5 --- /dev/null +++ b/cron.daily/logrotate @@ -0,0 +1,9 @@ +#!/bin/sh + +#test -x /usr/sbin/logrotate || exit 0 +#/usr/sbin/logrotate /etc/logrotate.conf + +if [ -x /usr/scripts/logrotate.pl ] ; then + /usr/scripts/logrotate.pl >> /var/log/logrotate.log +fi + diff --git a/cron.daily/makewhatis b/cron.daily/makewhatis new file mode 100755 index 0000000..bef5ea6 --- /dev/null +++ b/cron.daily/makewhatis @@ -0,0 +1,5 @@ +#!/bin/sh +# this is part of the man package +# it updates the search database for manpages + +exec nice makewhatis -u diff --git a/cron.daily/mlocate b/cron.daily/mlocate new file mode 100755 index 0000000..51cb504 --- /dev/null +++ b/cron.daily/mlocate @@ -0,0 +1,48 @@ +#! /bin/sh +set -e + +# check if we run on battery and if so then don't run +if which on_ac_power >/dev/null 2>&1; then + ON_BATTERY=0 + on_ac_power >/dev/null 2>&1 || ON_BATTERY=$? + if [ "${ON_BATTERY}" -eq 1 ]; then + exit 0 + fi +fi + +# check if we are already running (lockfile) +LOCKFILE="/var/lock/mlocate.daily.lock" +if [ -e "${LOCKFILE}" ]; then + echo >&2 "Warning: \"${LOCKFILE}\" already present, not running updatedb." + exit 1 +fi +touch "${LOCKFILE}" +# trap the lockfile only if we really run the updatedb +trap "rm -f ${LOCKFILE}" EXIT + +# source the user specified variables +if [ -f /etc/mlocate-cron.conf ]; then + . /etc/mlocate-cron.conf +fi + +# check the config file +NODEVS="" +if [ ! -f /etc/updatedb.conf ]; then + NODEVS=$(< /proc/filesystems awk '$1 == "nodev" && $2 != "rootfs" { print $2 }') +fi + +# alter the priority of the updatedb process +if [ -x /usr/bin/renice ]; then + /usr/bin/renice +${NICE:-19} -p $$ > /dev/null 2>&1 +fi +if [ -x /usr/bin/ionice ] && /usr/bin/ionice -c3 true 2>/dev/null; then + /usr/bin/ionice -c${IONICE_CLASS:-2} -n${IONICE_PRIORITY:-7} -p $$ > /dev/null 2>&1 +fi + +# run the updatedb if possible +if [ -x /usr/bin/updatedb ]; then + /usr/bin/updatedb -f "${NODEVS}" +else + echo >&2 "Warning: \"/usr/bin/updatedb\" is not executable, unable to run updatedb." + exit 0 +fi diff --git a/cron.daily/rkhunter b/cron.daily/rkhunter new file mode 100755 index 0000000..67a4755 --- /dev/null +++ b/cron.daily/rkhunter @@ -0,0 +1,134 @@ +#!/bin/bash +# $Header: /var/cvsroot/gentoo-x86/app-forensics/rkhunter/files/rkhunter-1.3.cron,v 1.2 2009/12/19 19:21:00 williamh Exp $ +# original author: Aaron Walker + +########################## Begin Configuration ############################### + +# Default options - more options may be added depending on the +# configuration variables you set below +# --cronjob implies -c, --nocolor, --sk +RKHUNTER_OPTS="--cronjob --summary" + +# Set this to 'yes' to enable ; this script does nothing otherwise +ENABLE=no + +# Automatically update rkhunter's dat files prior to running? +UPDATE=no + +# Set this to 'yes' if you wish the output to be mailed to you +SEND_EMAIL=no + +# NOTE: the following EMAIL_* variables are only relevant if you set the +# SEND_EMAIL variable to 'yes' +EMAIL_SUBJECT="${HOSTNAME}: rkhunter output" +EMAIL_RECIPIENT=root +EMAIL_CMD="|mail -s \"${EMAIL_SUBJECT}\" ${EMAIL_RECIPIENT}" + +# Log rkhunter output? +LOG=no + +# The default log location is /var/log/rkhunter.log. Set this variable if +# you'd like to use an alternate location. +#LOGFILE="" + +# By default, the log file created by rkhunter is world-readable (0644). If +# you'd like to modify the permissions afterwards, set this variable. The +# value of this variable, must be a valid chmod argument such as '0600' or +# 'u+rw,go-rwx'. See the chmod(1) manual page for more information. +#LOGFILE_PERMS="0600" + +# By default, rkhunter overwrites the previous log. Set this variable +# to 'yes' if you'd like the log output appended to the logfile, instead +# of overwriting it. +SAVE_OLD_LOGS=no + +# Set to 1 to recieve only warnings & errors +# Set to 2 to recieve ALL rkhunter output +# Set to 3 to recieve rkhunter report +VERBOSITY=3 + +########################### End Configuration ################################ + +# exit immediately, unless enabled +[[ "${ENABLE}" == "yes" ]] || exit 0 + +# debug mode? (mainly for my benefit) +if [[ -n "${1}" ]] && [[ ${1} = "-d" ]] ; then + set -o verbose -o xtrace +fi + +[[ -z "${LOGFILE}" ]] && LOGFILE="/var/log/rkhunter.log" + +# moved this out of config section since it'll +# probably never need to be changed +RKHUNTER_EXEC="/usr/sbin/rkhunter" + +# sanity check +if [[ ! -x "${RKHUNTER_EXEC}" ]] ; then + echo "${RKHUNTER_EXEC} does not exist or is not executable!" + exit 1 +fi + +# we create a few tmp files, so let's at least make +# them readable/writable by root only +umask 0077 + +# all output goes to this temp file +_tmpout=$(mktemp /tmp/rkhunter.cron.XXXXXX) +exec > ${_tmpout} 2>&1 + +# update data files +if [[ "${UPDATE}" == "yes" ]] ; then + # save the output of --update in a tmp file so that it can be mailed + # along with the scan output; otherwise the user will get 2 mails + ${RKHUNTER_EXEC} --nocolor --update +fi + +# formulate options string according to user configuration +[[ "${LOG}" == "yes" ]] && \ + RKHUNTER_OPTS="${RKHUNTER_OPTS} --createlogfile ${LOGFILE}" + +case "${VERBOSITY}" in + # warnings and errors only + 1) RKHUNTER_OPTS="${RKHUNTER_OPTS} --quiet" ;; + # default rkhunter output (no extra options) +# 2) ;; + # default to option 3 + *) ;; +esac + +# save old log +if [[ "${LOG}" == "yes" && "${SAVE_OLD_LOGS}" == "yes" ]] ; then + if [[ -e "${LOGFILE}" ]] ; then + _tmpfile=$(mktemp ${LOGFILE}.XXXXXX) + mv -f ${LOGFILE} ${_tmpfile} + echo -e "--\nrkhunter.cron commencing at: $(date)\n--" >> ${_tmpfile} + fi +fi + +# finally, run rkhunter +CMD="${RKHUNTER_EXEC} ${RKHUNTER_OPTS}" +eval ${CMD} +RV=$? + +# email output? +if [[ "${SEND_EMAIL}" == "yes" ]] ; then + CMD="cat ${_tmpout} ${EMAIL_CMD}" + eval ${CMD} +fi + +# remove temp file +[[ -n "${_tmpout}" ]] && rm -f ${_tmpout} + +[[ "${LOG}" != "yes" ]] && exit ${RV} + +# from this point on, we can assume logging is enabled + +# append new log to old log and restore +if [[ -n "${_tmpfile}" ]] ; then + cat ${LOGFILE} >> ${_tmpfile} + mv ${_tmpfile} ${LOGFILE} +fi + +chmod ${LOGFILE_PERMS:-0644} ${LOGFILE} +exit ${RV} diff --git a/cron.daily/run_reoback.sh b/cron.daily/run_reoback.sh new file mode 100755 index 0000000..8a297df --- /dev/null +++ b/cron.daily/run_reoback.sh @@ -0,0 +1,42 @@ +#!/bin/sh +############################################################################ +# REOBack - run_reoback.sh +# $Id: run_reoback.sh,v 1.4 2002/03/23 14:45:42 techno91 Exp $ +############################################################################ +# +# REOBack Simple Backup Solution +# http://sourceforge.net/projects/reoback/ +# +# Copyright (c) 2001 Randy Oyarzabal (techno91@users.sourceforge.net) +# +# Other developers and contributors: +# Richard Griswold +# Nate Steffenhagen (frankspikoli@users.sourceforge.net) +# +# This script is provided to conveniently run REOBack with one command +# or for use in a "crontab" when scheduling nightly backups. +# +# If you want to schedule this to run nightly via a cron job, do the +# following: +# +# 1. Edit your crontab by typing "crontab -e" (read the cron docs for +# for detailed instructions. +# +# 2. Add the following line if you want to run the backups every +# 1:45 AM. Change the time and path where necesary. +# 45 1 * * * root /usr/reoback/run_reoback.sh +# +# 3. Make sure the path definitions below are correct. +# +# 4. That's it! + +# Location of the configuration file. +config=/etc/reoback/settings.conf + +# Change to reflect where REOBack is installed +reoback=/usr/sbin/reoback.pl + +# Do not modify this line. +$reoback $config + + diff --git a/cron.daily/sysstat b/cron.daily/sysstat new file mode 100755 index 0000000..11211b5 --- /dev/null +++ b/cron.daily/sysstat @@ -0,0 +1,5 @@ +#!/bin/sh +# Generate a daily summary of process accounting. Since this will probably +# get kicked off in the morning, it would probably be better to run against +# the previous days data. +/usr/lib64/sa/sa2 -A & diff --git a/cron.hourly/sysstat b/cron.hourly/sysstat new file mode 100755 index 0000000..05e6d71 --- /dev/null +++ b/cron.hourly/sysstat @@ -0,0 +1,3 @@ +#!/bin/sh +# Run system activity accounting tool every 10 minutes +/usr/lib64/sa/sa1 600 6 & diff --git a/cron.monthly/update-pciids b/cron.monthly/update-pciids new file mode 100755 index 0000000..4c69423 --- /dev/null +++ b/cron.monthly/update-pciids @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/sbin/update-pciids -q diff --git a/cups/client.conf b/cups/client.conf new file mode 100644 index 0000000..d6d639e --- /dev/null +++ b/cups/client.conf @@ -0,0 +1 @@ +ServerName /var/run/cups/cups.sock diff --git a/cups/cupsd.conf b/cups/cupsd.conf new file mode 100644 index 0000000..4b078f5 --- /dev/null +++ b/cups/cupsd.conf @@ -0,0 +1,125 @@ +# +# "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $" +# +# Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a +# complete description of this file. +# + +# Log general information in error_log - change "warn" to "debug" +# for troubleshooting... +LogLevel warn + +# Administrator user group... +SystemGroup lpadmin + + +# Only listen for connections from the local machine. +Listen localhost:631 +Listen /var/run/cups/cups.sock + +# Show shared printers on the local network. +Browsing On +BrowseOrder allow,deny +BrowseAllow all +BrowseLocalProtocols CUPS + +# Default authentication type, when authentication is required... +DefaultAuthType Basic + +# Restrict access to the server... + + Order allow,deny + + +# Restrict access to the admin pages... + + Order allow,deny + + +# Restrict access to configuration files... + + AuthType Default + Require user @SYSTEM + Order allow,deny + + +# Set the default printer/job policies... + + # Job-related operations must be done by the owner or an administrator... + + Order deny,allow + + + + Require user @OWNER @SYSTEM + Order deny,allow + + + # All administration operations require an administrator to authenticate... + + AuthType Default + Require user @SYSTEM + Order deny,allow + + + # All printer operations require a printer operator to authenticate... + + AuthType Default + Require user @SYSTEM + Order deny,allow + + + # Only the owner or an administrator can cancel or authenticate a job... + + Require user @OWNER @SYSTEM + Order deny,allow + + + + Order deny,allow + + + +# Set the authenticated printer/job policies... + + # Job-related operations must be done by the owner or an administrator... + + AuthType Default + Order deny,allow + + + + AuthType Default + Require user @OWNER @SYSTEM + Order deny,allow + + + # All administration operations require an administrator to authenticate... + + AuthType Default + Require user @SYSTEM + Order deny,allow + + + # All printer operations require a printer operator to authenticate... + + AuthType Default + Require user @SYSTEM + Order deny,allow + + + # Only the owner or an administrator can cancel or authenticate a job... + + AuthType Default + Require user @OWNER @SYSTEM + Order deny,allow + + + + Order deny,allow + + + +# +# End of "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $". +# diff --git a/cups/cupsd.conf.default b/cups/cupsd.conf.default new file mode 100644 index 0000000..4b078f5 --- /dev/null +++ b/cups/cupsd.conf.default @@ -0,0 +1,125 @@ +# +# "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $" +# +# Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a +# complete description of this file. +# + +# Log general information in error_log - change "warn" to "debug" +# for troubleshooting... +LogLevel warn + +# Administrator user group... +SystemGroup lpadmin + + +# Only listen for connections from the local machine. +Listen localhost:631 +Listen /var/run/cups/cups.sock + +# Show shared printers on the local network. +Browsing On +BrowseOrder allow,deny +BrowseAllow all +BrowseLocalProtocols CUPS + +# Default authentication type, when authentication is required... +DefaultAuthType Basic + +# Restrict access to the server... + + Order allow,deny + + +# Restrict access to the admin pages... + + Order allow,deny + + +# Restrict access to configuration files... + + AuthType Default + Require user @SYSTEM + Order allow,deny + + +# Set the default printer/job policies... + + # Job-related operations must be done by the owner or an administrator... + + Order deny,allow + + + + Require user @OWNER @SYSTEM + Order deny,allow + + + # All administration operations require an administrator to authenticate... + + AuthType Default + Require user @SYSTEM + Order deny,allow + + + # All printer operations require a printer operator to authenticate... + + AuthType Default + Require user @SYSTEM + Order deny,allow + + + # Only the owner or an administrator can cancel or authenticate a job... + + Require user @OWNER @SYSTEM + Order deny,allow + + + + Order deny,allow + + + +# Set the authenticated printer/job policies... + + # Job-related operations must be done by the owner or an administrator... + + AuthType Default + Order deny,allow + + + + AuthType Default + Require user @OWNER @SYSTEM + Order deny,allow + + + # All administration operations require an administrator to authenticate... + + AuthType Default + Require user @SYSTEM + Order deny,allow + + + # All printer operations require a printer operator to authenticate... + + AuthType Default + Require user @SYSTEM + Order deny,allow + + + # Only the owner or an administrator can cancel or authenticate a job... + + AuthType Default + Require user @OWNER @SYSTEM + Order deny,allow + + + + Order deny,allow + + + +# +# End of "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $". +# diff --git a/cups/snmp.conf b/cups/snmp.conf new file mode 100644 index 0000000..cf954df --- /dev/null +++ b/cups/snmp.conf @@ -0,0 +1,13 @@ +# +# "$Id$" +# +# Sample SNMP configuration file for CUPS. See "man cups-snmp.conf" for a +# complete description of this file. +# + +Address @LOCAL +Community public + +# +# End of "$Id$". +# diff --git a/dbus-1/session.conf b/dbus-1/session.conf new file mode 100644 index 0000000..dde5ef6 --- /dev/null +++ b/dbus-1/session.conf @@ -0,0 +1,63 @@ + + + + + + session + + + + + unix:tmpdir=/tmp + + + + + + + + + + + + + + session.d + + + session-local.conf + + contexts/dbus_contexts + + + + + 1000000000 + 250000000 + 1000000000 + 250000000 + 1000000000 + 4096 + 120000 + 240000 + 100000 + 10000 + 100000 + 10000 + 50000 + 50000 + 50000 + + diff --git a/dbus-1/system.conf b/dbus-1/system.conf new file mode 100644 index 0000000..cb5d15f --- /dev/null +++ b/dbus-1/system.conf @@ -0,0 +1,83 @@ + + + + + + + + + system + + + messagebus + + + + + + + + + /usr/libexec/dbus-daemon-launch-helper + + + /var/run/dbus.pid + + + + + + EXTERNAL + + + unix:path=/var/run/dbus/system_bus_socket + + + + + + + + + + + + + + + + + + + + + + + + + + + + system.d + + + system-local.conf + + contexts/dbus_contexts + + diff --git a/dbus-1/system.d/cups.conf b/dbus-1/system.d/cups.conf new file mode 100644 index 0000000..537ac77 --- /dev/null +++ b/dbus-1/system.d/cups.conf @@ -0,0 +1,13 @@ + + + + + + + + + + + + diff --git a/default/useradd b/default/useradd new file mode 100644 index 0000000..ae81dbb --- /dev/null +++ b/default/useradd @@ -0,0 +1,7 @@ +# useradd defaults file +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel diff --git a/eclean/distfiles.exclude b/eclean/distfiles.exclude new file mode 100644 index 0000000..a31be55 --- /dev/null +++ b/eclean/distfiles.exclude @@ -0,0 +1,5 @@ +# /etc/eclean/distfiles.exclude +# In this file you can list some categories or cat/pkg-name for which you want +# to protect distfiles from "ecleaning". You can also name some specific files. +# See `man eclean` for syntax details. +metadata.dtd diff --git a/eclean/packages.exclude b/eclean/packages.exclude new file mode 100644 index 0000000..8277155 --- /dev/null +++ b/eclean/packages.exclude @@ -0,0 +1,4 @@ +# /etc/eclean/packages.exclude +# In this file you can list some categories or cat/pkg-name for which you want +# to protect binary packages from "ecleaning". +# See `man eclean` for syntax details. diff --git a/elinks/elinks.conf b/elinks/elinks.conf new file mode 100644 index 0000000..2901ef5 --- /dev/null +++ b/elinks/elinks.conf @@ -0,0 +1,565 @@ +## This is ELinks configuration file. You can edit it manually, +## if you wish so; this file is edited by ELinks when you save +## options through UI, however only option values will be altered +## and missing options will be added at the end of file; if option +## is not written in this file, but in some file included from it, +## it is NOT counted as missing. Note that all your formatting, +## own comments and so on will be kept as-is. + + + ## config.saving_style_w [0|1] + # This is internal option used when displaying a warning about + # obsolete config.saving_style. You shouldn't touch it. + set config.saving_style_w = 1 + + ## terminal.linux.transparency [0|1] + set terminal.linux.transparency = 1 + ## terminal.linux.colors [0|1] + set terminal.linux.colors = 1 + ## terminal.linux.block_cursor [0|1] + set terminal.linux.block_cursor = 0 + ## terminal.linux.restrict_852 [0|1] + set terminal.linux.restrict_852 = 0 + ## terminal.linux.utf_8_io [0|1] + set terminal.linux.utf_8_io = 0 + ## terminal.linux.m11_hack [0|1] + set terminal.linux.m11_hack = 1 + ## terminal.linux.type + set terminal.linux.type = 2 + + ## terminal.vt100.transparency [0|1] + set terminal.vt100.transparency = 1 + ## terminal.vt100.colors [0|1] + set terminal.vt100.colors = 1 + ## terminal.vt100.block_cursor [0|1] + set terminal.vt100.block_cursor = 0 + ## terminal.vt100.restrict_852 [0|1] + set terminal.vt100.restrict_852 = 0 + ## terminal.vt100.utf_8_io [0|1] + set terminal.vt100.utf_8_io = 0 + ## terminal.vt100.m11_hack [0|1] + set terminal.vt100.m11_hack = 0 + ## terminal.vt100.type + set terminal.vt100.type = 1 + + ## terminal.vt110.transparency [0|1] + set terminal.vt110.transparency = 1 + ## terminal.vt110.colors [0|1] + set terminal.vt110.colors = 1 + ## terminal.vt110.block_cursor [0|1] + set terminal.vt110.block_cursor = 0 + ## terminal.vt110.restrict_852 [0|1] + set terminal.vt110.restrict_852 = 0 + ## terminal.vt110.utf_8_io [0|1] + set terminal.vt110.utf_8_io = 0 + ## terminal.vt110.m11_hack [0|1] + set terminal.vt110.m11_hack = 0 + ## terminal.vt110.type + set terminal.vt110.type = 1 + + ## terminal.xterm.transparency [0|1] + set terminal.xterm.transparency = 1 + ## terminal.xterm.colors [0|1] + set terminal.xterm.colors = 1 + ## terminal.xterm.block_cursor [0|1] + set terminal.xterm.block_cursor = 0 + ## terminal.xterm.restrict_852 [0|1] + set terminal.xterm.restrict_852 = 0 + ## terminal.xterm.utf_8_io [0|1] + set terminal.xterm.utf_8_io = 0 + ## terminal.xterm.m11_hack [0|1] + set terminal.xterm.m11_hack = 0 + ## terminal.xterm.type + set terminal.xterm.type = 1 + + ## terminal.xterm-color.transparency [0|1] + set terminal.xterm-color.transparency = 1 + ## terminal.xterm-color.colors [0|1] + set terminal.xterm-color.colors = 1 + ## terminal.xterm-color.block_cursor [0|1] + set terminal.xterm-color.block_cursor = 0 + ## terminal.xterm-color.restrict_852 [0|1] + set terminal.xterm-color.restrict_852 = 0 + ## terminal.xterm-color.utf_8_io [0|1] + set terminal.xterm-color.utf_8_io = 0 + ## terminal.xterm-color.m11_hack [0|1] + set terminal.xterm-color.m11_hack = 0 + ## terminal.xterm-color.type + set terminal.xterm-color.type = 1 + + ## terminal.screen.transparency [0|1] + set terminal.screen.transparency = 1 + ## terminal.screen.colors [0|1] + set terminal.screen.colors = 1 + ## terminal.screen.block_cursor [0|1] + set terminal.screen.block_cursor = 0 + ## terminal.screen.restrict_852 [0|1] + set terminal.screen.restrict_852 = 0 + ## terminal.screen.utf_8_io [0|1] + set terminal.screen.utf_8_io = 0 + ## terminal.screen.m11_hack [0|1] + set terminal.screen.m11_hack = 0 + ## terminal.screen.type + set terminal.screen.type = 1 + + + + ## connection.async_dns [0|1] + # Use asynchronous DNS resolver? + set connection.async_dns = 1 + + ## connection.max_connections + # Maximum number of concurrent connections. + set connection.max_connections = 10 + + ## connection.max_connections_to_host + # Maximum number of concurrent connections to a given host. + set connection.max_connections_to_host = 5 + + ## connection.retries + # Number of tries to establish a connection. + set connection.retries = 3 + + ## connection.receive_timeout + # Receive timeout (in seconds). + set connection.receive_timeout = 120 + + ## connection.unrestartable_receive_timeout + # Timeout for non-restartable connections (in seconds). + set connection.unrestartable_receive_timeout = 600 + + + + ## cookies.accept_policy + # Cookies accepting policy: + # 0 is accept no cookies + # 1 is ask for confirmation before accepting cookie (UNIMPLEMENTED) + # 2 is accept all cookies + set cookies.accept_policy = 2 + + ## cookies.paranoid_security [0|1] + # When enabled, we'll require three dots in cookies domain for all + # non-international domains (instead of just two dots). Please see + # code (cookies.c:check_domain_security()) for explanation. + set cookies.paranoid_security = 0 + + ## cookies.save [0|1] + # Load/save cookies from/to disk? + set cookies.save = 1 + + ## cookies.resave [0|1] + # Save cookies after each change in cookies list? No effect when + # cookies_save is off. + set cookies.resave = 1 + + + + ## document.browse.accesskey.auto_follow [0|1] + # Automatically follow a link or submit a form if appropriate + # accesskey is pressed - this is the standard behaviour, but it's + # considered dangerous. + set document.browse.accesskey.auto_follow = 0 + + ## document.browse.accesskey.priority + # Priority of 'accesskey' HTML attribute: + # 0 is first try all normal bindings; if it fails, check accesskey + # 1 is first try only frame bindings; if it fails, check accesskey + # 2 is first check accesskey (this can be dangerous) + set document.browse.accesskey.priority = 1 + + ## document.browse.forms.auto_submit [0|1] + # Automagically submit a form when enter is pressed with a text + # field selected. + set document.browse.forms.auto_submit = 1 + + ## document.browse.forms.confirm_submit [0|1] + # Ask for confirmation when submitting a form. + set document.browse.forms.confirm_submit = 1 + + ## document.browse.images.display_style + # Display style for image tags when displayed: + # 0 means always display IMG + # 1 means always display filename + # 2 means display alt/title attribute if possible, IMG if not + # 3 means display alt/title attribute if possible, filename if not + set document.browse.images.display_style = 2 + + ## document.browse.images.show_as_links [0|1] + # Display links to images. + set document.browse.images.show_as_links = 1 + + ## document.browse.links.color_dirs [0|1] + # Highlight links to directories in FTP and local directory listing. + set document.browse.links.color_dirs = 1 + + ## document.browse.links.numbering [0|1] + # Display numbers next to the links. + set document.browse.links.numbering = 0 + + ## document.browse.links.number_keys_select_link + # Number keys select links rather than specify command prefixes. This + # is a tristate: + # 0 never + # 1 if document.browse.links.numbering = 1 + # 2 always + set document.browse.links.number_keys_select_link = 1 + + ## document.browse.links.wraparound [0|1] + # When pressing 'down' on the last link, jump at the first one, and + # vice versa. + set document.browse.links.wraparound = 0 + + + + ## document.browse.margin_width + # Horizontal text margin. + set document.browse.margin_width = 3 + + ## document.browse.scrolling.margin + # Size of the virtual margin - when you click inside of that margin, + # document scrolls in that direction. + set document.browse.scrolling.margin = 3 + + ## document.browse.table_move_order [0|1] + # Move by columns in table, instead of rows. + set document.browse.table_move_order = 0 + + ## document.cache.cache_redirects [0|1] + # Cache even redirects sent by server (usually thru HTTP by a 302 + # HTTP code and a Location header). This was the original behaviour + # for a quite some time, but it causes problems in a situation very + # common to various web login systems - frequently, when accessing + # certain location, they will redirect you to a login page if they + # don't receive an auth cookie, the login page then gives you the + # cookie and redirects you back to the original page, but there you + # have already cached redirect back to the login page! If this + # option has value of 0, this malfunction is fixed, but occassionally + # you may get superfluous (depends on how you take it ;-) requests to + # the server. If this option has value of 1, experienced users can + # still workaround it by clever combination of usage of reload, + # jumping around in session history and hitting ctrl+enter. + # Note that this option is checked when retrieving the information + # from cache, not when saving it to cache - thus if you will enable + # it, even previous redirects will be taken from cache instead of + # asking the server. + set document.cache.cache_redirects = 0 + + ## document.cache.ignore_cache_control [0|1] + # Ignore Cache-Control and Pragma server headers. + # When set, the document is cached even with 'Cache-Control: no-cache'. + set document.cache.ignore_cache_control = 1 + + ## document.cache.format.size + # Number of cached formatted pages. + set document.cache.format.size = 5 + + ## document.cache.memory.size + # Memory cache size (in kilobytes). + set document.cache.memory.size = 1M + + + + ## document.codepage.force_assumed [0|1] + # Ignore charset info sent by server. + set document.codepage.force_assumed = 0 + + + + ## document.colors.text + # Default text color. + set document.colors.text = "#bfbfbf" + + ## document.colors.background + # Default background color. + set document.colors.background = "black" + + ## document.colors.link + # Default link color. + set document.colors.link = "blue" + + ## document.colors.vlink + # Default visited link color. + set document.colors.vlink = "yellow" + + ## document.colors.dirs + # Default directory color. + # See document.browse.links.color_dirs option. + set document.colors.dirs = "yellow" + + ## document.colors.allow_dark_on_black [0|1] + # Allow dark colors on black background. + set document.colors.allow_dark_on_black = 0 + + ## document.colors.use_document_colors [0|1] + # Use colors specified in document. + set document.colors.use_document_colors = 1 + + + + ## mime.default_type + # Document MIME-type to assume by default (when we are unable to + # guess it properly from known information about the document). + set mime.default_type = "text/plain" + + ## document.download.directory + # Default download directory. + set document.download.directory = "./" + + ## document.download.set_original_time [0|1] + # Set the timestamp of each downloaded file to the timestamp + # stored on the server. + set document.download.set_original_time = 1 + + ## document.download.overwrite + # Prevent overwriting the local files: + # 0 is files will silently be overwritten. + # 1 is add a suffix .{number} (for example '.1') to the name. + # 2 is ask the user. + set document.download.overwrite = 2 + + ## document.download.notify_bell + # Audio notification when download is completed: + # 0 is never. + # 1 is when background notification is active. + # 2 is always + set document.download.notify_bell = 1 + + + + + + ## document.dump.width + # Width of screen in characters when dumping a HTML document. + set document.dump.width = 80 + + + + + ## document.history.global.enable [0|1] + # Enable global history ("history of all pages visited"). + set document.history.global.enable = 1 + + ## document.history.global.max_items + # Maximum number of entries in the global history. + set document.history.global.max_items = 1k + + ## document.history.global.display_type + # What to display in global history dialog: + # 0 is URLs + # 1 is page titles + set document.history.global.display_type = 1 + + ## document.history.keep_unhistory [0|1] + # Keep unhistory ("forward history")? + set document.history.keep_unhistory = 1 + + + + + ## document.html.display_frames [0|1] + # Display frames. + set document.html.display_frames = 1 + + ## document.html.display_tables [0|1] + # Display tables. + set document.html.display_tables = 1 + + ## document.html.display_subs [0|1] + # Display subscripts (as [thing]). + set document.html.display_subs = 1 + + ## document.html.display_sups [0|1] + # Display superscripts (as ^thing). + set document.html.display_sups = 1 + + + + + ## mime.extension.gif + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.gif = "image/gif" + + ## mime.extension.jpg + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.jpg = "image/jpeg" + + ## mime.extension.jpeg + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.jpeg = "image/jpeg" + + ## mime.extension.png + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.png = "image/png" + + ## mime.extension.txt + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.txt = "text/plain" + + ## mime.extension.htm + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.htm = "text/html" + + ## mime.extension.html + # MIME-type matching this file extension ('*' is used here in place + # of '.'). + set mime.extension.html = "text/html" + + + + + ## protocol.http.bugs.allow_blacklist [0|1] + # Allow blacklisting of buggy servers. + set protocol.http.bugs.allow_blacklist = 1 + + ## protocol.http.bugs.broken_302_redirect [0|1] + # Broken 302 redirect (violates RFC but compatible with Netscape). + # This is a problem for a lot of web discussion boards and the like.If they will do strange things to you, try to play with this. + set protocol.http.bugs.broken_302_redirect = 1 + + ## protocol.http.bugs.post_no_keepalive [0|1] + # Disable keepalive connection after POST request. + set protocol.http.bugs.post_no_keepalive = 0 + + ## protocol.http.bugs.http10 [0|1] + # Use HTTP/1.0 protocol instead of HTTP/1.1. + set protocol.http.bugs.http10 = 0 + + ## protocol.http.proxy.host + # Host and port-number (host:port) of the HTTP proxy, or blank. + # If it's blank, HTTP_PROXY environment variable is checked as well. + set protocol.http.proxy.host = "" + + ## protocol.http.proxy.user + # Proxy authentication username. + set protocol.http.proxy.user = "" + + ## protocol.http.proxy.passwd + # Proxy authentication password. + set protocol.http.proxy.passwd = "" + + ## protocol.http.referer.policy + # Mode of sending HTTP referer: + # 0 is send no referer + # 1 is send current URL as referer + # 2 is send fixed fake referer + # 3 is send previous URL as referer (correct, but insecure) + # + set protocol.http.referer.policy = 1 + + ## protocol.http.referer.fake + # Fake referer to be sent when policy is 2. + set protocol.http.referer.fake = "" + + ## protocol.http.accept_language + # Send Accept-Language header. + set protocol.http.accept_language = "" + + ## protocol.http.accept_ui_language [0|1] + # Request localised versions of documents from web-servers (using the + # Accept-Language header) using the language you have configured for + # ELinks' user-interface. Note that some see this as a potential security + # risk because it tells web-masters about your preference in language. + set protocol.http.accept_ui_language = 0 + + ## protocol.http.user_agent + # Change the User Agent ID. That means identification string, which + # is sent to HTTP server when a document is requested. + # %v in the string means ELinks version + # %s in the string means system identification + # %t in the string means size of the terminal + # Use " " if you don't want any User-Agent header to be sent at all. + set protocol.http.user_agent = "ELinks (%v; %s; %t)" + + ## protocol.http.trace [0|1] + # If active, all HTTP requests are sent with TRACE as their method + # rather than GET or POST. This is useful for debugging of both ELinks + # and various server-side scripts --- the server only returns the client's + # request back to the client verbatim. Note that this type of request may + # not be enabled on all servers. + set protocol.http.trace = 0 + + + + + ## protocol.ftp.proxy.host + # Host and port-number (host:port) of the FTP proxy, or blank. + # If it's blank, FTP_PROXY environment variable is checked as well. + set protocol.ftp.proxy.host = "" + + ## protocol.ftp.anon_passwd + # FTP anonymous password to be sent. + set protocol.ftp.anon_passwd = "elinksUSER@gentoo.org" + + ## protocol.ftp.use_pasv [0|1] + # Use PASV instead of PORT (passive vs active mode, IPv4 only). + set protocol.ftp.use_pasv = 1 + + ## protocol.ftp.use_epsv [0|1] + # Use EPSV instead of EPRT (passive vs active mode, IPv6 only). +# set protocol.ftp.use_epsv = 0 + + ## protocol.file.allow_special_files [0|1] + # Allow reading from non-regular files? (DANGEROUS - reading + # /dev/urandom or /dev/zero can ruin your day!) + set protocol.file.allow_special_files = 0 + + ## protocol.file.try_encoding_extensions [0|1] + # When set, if we can't open a file named 'filename', we'll try + # to open 'filename' + some encoding extensions (ie. + # 'filename.gz'); it depends on the supported encodings. + set protocol.file.try_encoding_extensions = 1 + + + + + ## protocol.user.mailto.unix + set protocol.user.mailto.unix = "mutt %h -s \"%s\"" + ## protocol.user.mailto.unix-xwin + set protocol.user.mailto.unix-xwin = "mutt %h -s \"%s\"" + ## protocol.user.telnet.unix + set protocol.user.telnet.unix = "telnet %h %p" + ## protocol.user.telnet.unix-xwin + set protocol.user.telnet.unix-xwin = "telnet %h %p" + ## protocol.user.tn3270.unix + set protocol.user.tn3270.unix = "tn3270 %h %p" + ## protocol.user.tn3270.unix-xwin + set protocol.user.tn3270.unix-xwin = "tn3270 %h %p" + ## protocol.user.gopher.unix + set protocol.user.gopher.unix = "lynx %u" + ## protocol.user.gopher.unix-xwin + set protocol.user.gopher.unix-xwin = "lynx %u" + ## protocol.user.news.unix + set protocol.user.news.unix = "lynx %u" + ## protocol.user.news.unix-xwin + set protocol.user.news.unix-xwin = "lynx %u" + ## ui.show_status_bar [0|1] + # Show status bar on the screen. + set ui.show_status_bar = 1 + + ## ui.show_title_bar [0|1] + # Show title bar on the screen. + set ui.show_title_bar = 1 + + ## ui.startup_goto_dialog [0|1] + # Pop up goto dialog on startup when there's no homepage set. + set ui.startup_goto_dialog = 1 + + ## ui.window_title [0|1] + # Whether ELinks window title should be touched when ELinks is + # run in a windowing environment. + set ui.window_title = 1 + +## secure_file_saving [0|1] +# First write data to 'file.tmp', then rename to 'file' upon +# successfully finishing this. Note that this relates only to +# config files, not downloaded files. You may want to disable +# it, if you want some config file with some exotic permissions. +# Secure file saving is automagically disabled if file is symlink. +set secure_file_saving = 1 + diff --git a/elinks/keybind-full.sample b/elinks/keybind-full.sample new file mode 100644 index 0000000..50924e6 --- /dev/null +++ b/elinks/keybind-full.sample @@ -0,0 +1,181 @@ +# Template for a elinks.conf file +# +# This file was contributed by David Mediavilla +# . Note that it's not up-to-date now, as +# some more keyboard actions were added in ELinks. So, if you don't see your +# faviourite action here, don't panic yet and try to look it up in +# src/config/kbdbind.c. +# +#### +# +# Simple HOWTO for keybinding by Peter Wang: +# +# Create a `elinks.conf' file wherever your `elinks.conf' usually goes. +# +# Binding is done with a statement like so: +# +# bind "KEYMAP" "KEYSTROKE" = "ACTION" +# +# where: +# +# - keymap is "main" or "edit" +# +# - keystroke is a case sensitive key, which you can prefix with +# "Ctrl-" or "Alt-" +# +# DME: I read that with Ctrl- the key must be uppercase +# +# - action is one of the things you find in `kbdbind.c' (`parse_act' +# function). You'll need to grep around the source to see what +# each one does, or guess, or ask. +# +#### +# +# List of possible actions from Links 0.96 / kbdbind.c +# +# add-bookmark +# auto-complete +# back +# backspace +# bookmark-manager +# copy-clipboard +# cut-clipboard +# delete +# document-info +# down +# download +# end +# enter +# file-menu +# find-next +# find-next-back +# goto-url +# goto-url-current +# goto-url-current-link +# header-info +# home +# kill-to-bol +# kill-to-eol +# left +# menu +# next-frame +# open-new-window +# open-link-in-new-window +# page-down +# page-up +# paste-clipboard +# previous-frame +# quit +# reload +# right +# scroll-down +# scroll-left +# scroll-right +# scroll-up +# search +# search-back +# toggle-display-images +# toggle-display-tables +# toggle-html-plain +# up +# view-image +# zoom-frame + +# The available keys are: +# 0-9, A-Z, Enter, Backspace, Tab, Escape, Left, Right, Up, Down, +# Insert, Delete, Home, End, PageUp, PageDown, F1-F12 + +# Default main keymap from Links 0.96 +# +#bind "main" "PageDown" = "page-down" +#bind "main" " " = "page-down" +# +# DME: I understand this as space bar but I don't know how +# to symbolize spacebar in elinks.conf +# +#bind "main" "Ctrl-F" = "page-down" +#bind "main" "PageUp" = "page-up" +#bind "main" "b" = "page-up" +#bind "main" "B" = "page-up" +#bind "main" "Ctrl-B" = "page-up" +#bind "main" "Down" = "down" +#bind "main" "Up" = "up" +#bind "main" "Ctrl-Insert" = "copy-clipboard" +#bind "main" "Ctrl-C" = "copy-clipboard" +#bind "main" "Insert" = "scroll-up" +#bind "main" "Ctrl-P" = "scroll-up" +#bind "main" "Delete" = "scroll-down" +#bind "main" "Ctrl-N" = "scroll-down" +#bind "main" "[" = "scroll-left" +#bind "main" "]" = "scroll-right" +#bind "main" "Home" = "home" +#bind "main" "Ctrl+A" = "home" +#bind "main" "End" = "end" +#bind "main" "Ctrl-E" = "end" +#bind "main" "Right" = "enter" +#bind "main" "Enter" = "enter" +#bind "main" "Left" = "back" +#bind "main" "d" = "download" +#bind "main" "D" = "download" +#bind "main" "/" = "search" +#bind "main" "?" = "search-back" +#bind "main" "n" = "find-next" +#bind "main" "N" = "find-next-back" +#bind "main" "f" = "zoom-frame" +#bind "main" "F" = "zoom-frame" +#bind "main" "Ctrl-R" = "reload" +#bind "main" "g" = "goto-url" +#bind "main" "G" = "goto-url-current" +#bind "main" "a" = "add-bookmark" +#bind "main" "A" = "add-bookmark" +#bind "main" "s" = "bookmark-manager" +#bind "main" "S" = "bookmark-manager" +#bind "main" "q" = "quit" +#bind "main" "Q" = "really-quit" +#bind "main" "=" = "document-info" +#bind "main" "|" = "header-info" +#bind "main" "\" = "toggle-html-plain" +#bind "main" "*" = "toggle-display-images" +#bind "main" "Tab" = "next-frame" +#bind "main" "Esc" = "menu" +#bind "main" "F9" = "menu" +#bind "main" "F10" = "file-menu" + +# Default edit keymap from Links 0.96 +# +#bind "edit" "Left" = "left" +#bind "edit" "Right" = "right" +#bind "edit" "home" = "home" +#bind "edit" "Ctrl-A" = "home" +#bind "edit" "Up" = "Up" +#bind "edit" "Down" = "down" +#bind "edit" "End" = "end" +#bind "edit" "Ctrl-E" = "end" +#bind "edit" "Ctrl-Insert" = "copy-clipboard" +#bind "edit" "Ctrl-B" = "copy-clipboard" +#bind "edit" "Ctrl-X" = "cut-clipboard" +#bind "edit" "Ctrl-V" = "paste-clipboard" +#bind "edit" "Enter" = "enter" +#bind "edit" "Backspace" = "backspace" +#bind "edit" "Ctrl-H" = "backspace" +#bind "edit" "Delete" = "delete" +#bind "edit" "Ctrl-D" = "delete" +#bind "edit" "Ctrl-U" = "kill-to-bol" +#bind "edit" "Ctrl-K" = "kill-to-eol" +#bind "edit" "Ctrl-W" = "auto-complete" + +# Default menu keymap from Links 0.96 +# +#bind "menu" "Left" = "left" +#bind "menu" "Right" = "right" +#bind "menu" "Home" = "home" +#bind "menu" "Ctrl-A" = "home" +#bind "menu" "Up" = "up" +#bind "menu" "Down" = "down" +#bind "menu" "End" = "end" +#bind "menu" "Ctrl-E" = "end" +#bind "menu" "Enter" = "enter" +#bind "menu" "PageDown" = "page-down" +#bind "menu" "Ctrl-F" = "page-down" +#bind "menu" "PageUp" = "page-up" +#bind "menu" "Ctrl-B" = "page-up" diff --git a/elinks/keybind.conf.sample b/elinks/keybind.conf.sample new file mode 100644 index 0000000..3dded9c --- /dev/null +++ b/elinks/keybind.conf.sample @@ -0,0 +1,34 @@ +# Example keybinding + +# Copy this file to ~/.elinks/ and use include "keybind.conf" in +# "elinks.conf" to include it. + +# vi-like navigation keys +bind "main" "j" = "down" +bind "main" "k" = "up" +bind "main" "h" = "back" +bind "main" "l" = "enter" +bind "main" "g" = "home" +bind "main" "G" = "end" + +# Keys close to the above +bind "main" "i" = "scroll-up" +bind "main" "m" = "scroll-down" +bind "main" "o" = "goto-url" +bind "main" "O" = "goto-url-current" + +# Netscape-like, just for the hell of it +bind "main" "Alt-o" = "goto-url" + +# Emacs-like paging keys +# Ctrl prefixed keys must be capital :-( +bind "main" "Alt-v" = "page-up" +bind "main" "Ctrl-V" = "page-down" + +# Emacs-like editing keys +bind "edit" "Ctrl-B" = "left" +bind "edit" "Ctrl-F" = "right" + +# Analogous to goto_line_cmd in my Jed and Emacs setups +bind "main" "Alt-g" = "goto-url" +bind "main" "Alt-G" = "goto-url-current" diff --git a/env.d/00basic b/env.d/00basic new file mode 100644 index 0000000..8e2d1bd --- /dev/null +++ b/env.d/00basic @@ -0,0 +1,9 @@ +# /etc/env.d/00basic +# Do not edit this file + +PATH="/opt/bin" +ROOTPATH="/opt/bin" +LDPATH="/usr/local/lib" +MANPATH="/usr/local/share/man:/usr/share/man" +INFOPATH="/usr/share/info" +CONFIG_PROTECT_MASK="/etc/gentoo-release" diff --git a/env.d/00glibc b/env.d/00glibc new file mode 100644 index 0000000..1171153 --- /dev/null +++ b/env.d/00glibc @@ -0,0 +1 @@ +LDPATH="include ld.so.conf.d/*.conf" diff --git a/env.d/04multilib b/env.d/04multilib new file mode 100644 index 0000000..169df42 --- /dev/null +++ b/env.d/04multilib @@ -0,0 +1 @@ +LDPATH="/lib64:/usr/lib64:/usr/local/lib64:/lib32:/usr/lib32:/usr/local/lib32:/lib:/usr/lib:/usr/local/lib" diff --git a/env.d/05binutils b/env.d/05binutils new file mode 100644 index 0000000..a49460d --- /dev/null +++ b/env.d/05binutils @@ -0,0 +1,2 @@ +MANPATH=/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/man +INFOPATH=/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/info diff --git a/env.d/05gcc-x86_64-pc-linux-gnu b/env.d/05gcc-x86_64-pc-linux-gnu new file mode 100644 index 0000000..ff3514a --- /dev/null +++ b/env.d/05gcc-x86_64-pc-linux-gnu @@ -0,0 +1,6 @@ +MANPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/man" +INFOPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/info" +LDPATH="/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3:/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3/32" +PATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3" +ROOTPATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3" +GCC_SPECS="" diff --git a/env.d/09sandbox b/env.d/09sandbox new file mode 100644 index 0000000..9181eb0 --- /dev/null +++ b/env.d/09sandbox @@ -0,0 +1 @@ +CONFIG_PROTECT_MASK="/etc/sandbox.d" diff --git a/env.d/10bind b/env.d/10bind new file mode 100644 index 0000000..13c7910 --- /dev/null +++ b/env.d/10bind @@ -0,0 +1 @@ +CONFIG_PROTECT="/var/bind" diff --git a/env.d/20java-config b/env.d/20java-config new file mode 100644 index 0000000..d435733 --- /dev/null +++ b/env.d/20java-config @@ -0,0 +1,2 @@ +MANPATH=/etc/java-config/system-vm/man/ +CONFIG_PROTECT_MASK="/etc/env.d/java/" diff --git a/env.d/20php5.3 b/env.d/20php5.3 new file mode 100644 index 0000000..838fa66 --- /dev/null +++ b/env.d/20php5.3 @@ -0,0 +1,2 @@ +MANPATH="/usr/lib64/php5.3/man/" +CONFIG_PROTECT_MASK="/etc/php/cli-php5.3/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/apache2-php5.3/ext-active/" diff --git a/env.d/30gnupg b/env.d/30gnupg new file mode 100644 index 0000000..2f8f3ac --- /dev/null +++ b/env.d/30gnupg @@ -0,0 +1 @@ +CONFIG_PROTECT=/usr/share/gnupg/qualified.txt diff --git a/env.d/30xdg-data-local b/env.d/30xdg-data-local new file mode 100644 index 0000000..0246859 --- /dev/null +++ b/env.d/30xdg-data-local @@ -0,0 +1,2 @@ +XDG_DATA_DIRS="/usr/local/share" +COLON_SEPARATED="XDG_DATA_DIRS XDG_CONFIG_DIRS" diff --git a/env.d/37fontconfig b/env.d/37fontconfig new file mode 100644 index 0000000..c52433b --- /dev/null +++ b/env.d/37fontconfig @@ -0,0 +1 @@ +CONFIG_PROTECT_MASK="/etc/fonts/fonts.conf" diff --git a/env.d/50gtk2 b/env.d/50gtk2 new file mode 100644 index 0000000..078151c --- /dev/null +++ b/env.d/50gtk2 @@ -0,0 +1 @@ +GDK_USE_XFT=1 diff --git a/env.d/50guile b/env.d/50guile new file mode 100644 index 0000000..615ed56 --- /dev/null +++ b/env.d/50guile @@ -0,0 +1 @@ +GUILE_LOAD_PATH="/usr/share/guile/1.8" diff --git a/env.d/50ncurses b/env.d/50ncurses new file mode 100644 index 0000000..495f2cc --- /dev/null +++ b/env.d/50ncurses @@ -0,0 +1 @@ +CONFIG_PROTECT_MASK="/etc/terminfo" diff --git a/env.d/60python-docs-2.7 b/env.d/60python-docs-2.7 new file mode 100644 index 0000000..22c1170 --- /dev/null +++ b/env.d/60python-docs-2.7 @@ -0,0 +1 @@ +PYTHONDOCS_2_7="/usr/share/doc/python-docs-2.7.1/html/library" diff --git a/env.d/60python-docs-3.1 b/env.d/60python-docs-3.1 new file mode 100644 index 0000000..7c9d023 --- /dev/null +++ b/env.d/60python-docs-3.1 @@ -0,0 +1 @@ +PYTHONDOCS_3_1="/usr/share/doc/python-docs-3.1.3/html/library" diff --git a/env.d/65python-docs b/env.d/65python-docs new file mode 100644 index 0000000..86a7a54 --- /dev/null +++ b/env.d/65python-docs @@ -0,0 +1 @@ +PYTHONDOCS="/usr/share/doc/python-docs-2.7.1/html/library" diff --git a/env.d/70less b/env.d/70less new file mode 100644 index 0000000..b737af9 --- /dev/null +++ b/env.d/70less @@ -0,0 +1,2 @@ +LESSOPEN="|lesspipe %s" +LESS="-R -M --shift 5" diff --git a/env.d/80mercurial b/env.d/80mercurial new file mode 100644 index 0000000..ba43ed7 --- /dev/null +++ b/env.d/80mercurial @@ -0,0 +1 @@ +HG="/usr/bin/hg" diff --git a/env.d/80subversion-extras b/env.d/80subversion-extras new file mode 100644 index 0000000..6532a71 --- /dev/null +++ b/env.d/80subversion-extras @@ -0,0 +1,2 @@ +PATH="/usr/lib64/subversion/bin" +ROOTPATH="/usr/lib64/subversion/bin" diff --git a/env.d/90xdg-data-base b/env.d/90xdg-data-base new file mode 100644 index 0000000..8055468 --- /dev/null +++ b/env.d/90xdg-data-base @@ -0,0 +1,2 @@ +XDG_DATA_DIRS="/usr/share" +XDG_CONFIG_DIRS="/etc/xdg" diff --git a/env.d/98ca-certificates b/env.d/98ca-certificates new file mode 100644 index 0000000..55e9fad --- /dev/null +++ b/env.d/98ca-certificates @@ -0,0 +1 @@ +CONFIG_PROTECT_MASK="/etc/ca-certificates.conf" diff --git a/env.d/98texlive b/env.d/98texlive new file mode 100644 index 0000000..96b5d4b --- /dev/null +++ b/env.d/98texlive @@ -0,0 +1 @@ +CONFIG_PROTECT_MASK="/etc/texmf/web2c /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d" diff --git a/env.d/99editor b/env.d/99editor new file mode 100644 index 0000000..8ef3d46 --- /dev/null +++ b/env.d/99editor @@ -0,0 +1,2 @@ +EDITOR=/usr/bin/vim +PAGER=/usr/bin/less diff --git a/env.d/99gentoolkit-env b/env.d/99gentoolkit-env new file mode 100644 index 0000000..3933874 --- /dev/null +++ b/env.d/99gentoolkit-env @@ -0,0 +1 @@ +CONFIG_PROTECT_MASK="/etc/revdep-rebuild" diff --git a/env.d/binutils/config-x86_64-pc-linux-gnu b/env.d/binutils/config-x86_64-pc-linux-gnu new file mode 100644 index 0000000..d427274 --- /dev/null +++ b/env.d/binutils/config-x86_64-pc-linux-gnu @@ -0,0 +1 @@ +CURRENT=2.21.1 diff --git a/env.d/binutils/x86_64-pc-linux-gnu-2.21.1 b/env.d/binutils/x86_64-pc-linux-gnu-2.21.1 new file mode 100644 index 0000000..11bfdd7 --- /dev/null +++ b/env.d/binutils/x86_64-pc-linux-gnu-2.21.1 @@ -0,0 +1,4 @@ +TARGET="x86_64-pc-linux-gnu" +VER="2.21.1" +LIBPATH="/usr/lib64/binutils/x86_64-pc-linux-gnu/2.21.1" +FAKE_TARGETS="x86_64-pc-linux-gnu" diff --git a/env.d/gcc/.NATIVE b/env.d/gcc/.NATIVE new file mode 120000 index 0000000..70a1f7d --- /dev/null +++ b/env.d/gcc/.NATIVE @@ -0,0 +1 @@ +x86_64-pc-linux-gnu-4.5.3 \ No newline at end of file diff --git a/env.d/gcc/config-x86_64-pc-linux-gnu b/env.d/gcc/config-x86_64-pc-linux-gnu new file mode 100644 index 0000000..499ad91 --- /dev/null +++ b/env.d/gcc/config-x86_64-pc-linux-gnu @@ -0,0 +1 @@ +CURRENT=x86_64-pc-linux-gnu-4.5.3 diff --git a/env.d/gcc/x86_64-pc-linux-gnu-4.5.3 b/env.d/gcc/x86_64-pc-linux-gnu-4.5.3 new file mode 100644 index 0000000..22910cf --- /dev/null +++ b/env.d/gcc/x86_64-pc-linux-gnu-4.5.3 @@ -0,0 +1,5 @@ +LDPATH="/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3:/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3/32" +MANPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/man" +INFOPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/info" +STDCXX_INCDIR="g++-v4" +GCC_PATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3" diff --git a/env.d/python/config b/env.d/python/config new file mode 100644 index 0000000..8e61d50 --- /dev/null +++ b/env.d/python/config @@ -0,0 +1 @@ +python2.7 diff --git a/eselect/boost/active b/eselect/boost/active new file mode 120000 index 0000000..12dff27 --- /dev/null +++ b/eselect/boost/active @@ -0,0 +1 @@ +//usr/share/boost-eselect/profiles/1.46/default \ No newline at end of file diff --git a/fonts/conf.avail/10-autohint.conf b/fonts/conf.avail/10-autohint.conf new file mode 100644 index 0000000..c597bf4 --- /dev/null +++ b/fonts/conf.avail/10-autohint.conf @@ -0,0 +1,8 @@ + + + + + + true + + diff --git a/fonts/conf.avail/10-no-sub-pixel.conf b/fonts/conf.avail/10-no-sub-pixel.conf new file mode 100644 index 0000000..87ada4e --- /dev/null +++ b/fonts/conf.avail/10-no-sub-pixel.conf @@ -0,0 +1,8 @@ + + + + + + none + + diff --git a/fonts/conf.avail/10-sub-pixel-bgr.conf b/fonts/conf.avail/10-sub-pixel-bgr.conf new file mode 100644 index 0000000..e1f64fd --- /dev/null +++ b/fonts/conf.avail/10-sub-pixel-bgr.conf @@ -0,0 +1,8 @@ + + + + + + bgr + + diff --git a/fonts/conf.avail/10-sub-pixel-rgb.conf b/fonts/conf.avail/10-sub-pixel-rgb.conf new file mode 100644 index 0000000..2b49fe3 --- /dev/null +++ b/fonts/conf.avail/10-sub-pixel-rgb.conf @@ -0,0 +1,8 @@ + + + + + + rgb + + diff --git a/fonts/conf.avail/10-sub-pixel-vbgr.conf b/fonts/conf.avail/10-sub-pixel-vbgr.conf new file mode 100644 index 0000000..5947650 --- /dev/null +++ b/fonts/conf.avail/10-sub-pixel-vbgr.conf @@ -0,0 +1,8 @@ + + + + + + vbgr + + diff --git a/fonts/conf.avail/10-sub-pixel-vrgb.conf b/fonts/conf.avail/10-sub-pixel-vrgb.conf new file mode 100644 index 0000000..84481bd --- /dev/null +++ b/fonts/conf.avail/10-sub-pixel-vrgb.conf @@ -0,0 +1,8 @@ + + + + + + vrgb + + diff --git a/fonts/conf.avail/10-unhinted.conf b/fonts/conf.avail/10-unhinted.conf new file mode 100644 index 0000000..025ae2a --- /dev/null +++ b/fonts/conf.avail/10-unhinted.conf @@ -0,0 +1,8 @@ + + + + + + false + + diff --git a/fonts/conf.avail/20-fix-globaladvance.conf b/fonts/conf.avail/20-fix-globaladvance.conf new file mode 100644 index 0000000..2a9c063 --- /dev/null +++ b/fonts/conf.avail/20-fix-globaladvance.conf @@ -0,0 +1,28 @@ + + + + + + GulimChe + false + + + + DotumChe + false + + + + BatangChe + false + + + + GungsuhChe + false + + diff --git a/fonts/conf.avail/20-unhint-small-vera.conf b/fonts/conf.avail/20-unhint-small-vera.conf new file mode 100644 index 0000000..c4ebee9 --- /dev/null +++ b/fonts/conf.avail/20-unhint-small-vera.conf @@ -0,0 +1,48 @@ + + + + + + + + Bitstream Vera Sans + + + 7.5 + + + false + + + + + + Bitstream Vera Serif + + + 7.5 + + + false + + + + + + Bitstream Vera Sans Mono + + + 7.5 + + + false + + + + diff --git a/fonts/conf.avail/25-unhint-nonlatin.conf b/fonts/conf.avail/25-unhint-nonlatin.conf new file mode 100644 index 0000000..ffb70c6 --- /dev/null +++ b/fonts/conf.avail/25-unhint-nonlatin.conf @@ -0,0 +1,128 @@ + + + + + + + + + Kochi Mincho + + + false + + + + + Kochi Gothic + + + false + + + + + Sazanami Mincho + + + false + + + + + Sazanami Gothic + + + false + + + + + Baekmuk Batang + + + false + + + + + Baekmuk Dotum + + + false + + + + + Baekmuk Gulim + + + false + + + + + Baekmuk Headline + + + false + + + + + AR PL Mingti2L Big5 + + + false + + + + + AR PL ShanHeiSun Uni + + + false + + + + + AR PL KaitiM Big5 + + + false + + + + + AR PL ZenKai Uni + + + false + + + + + AR PL SungtiL GB + + + false + + + + + AR PL KaitiM GB + + + false + + + + + ZYSong18030 + + + false + + + + diff --git a/fonts/conf.avail/30-metric-aliases.conf b/fonts/conf.avail/30-metric-aliases.conf new file mode 100644 index 0000000..702a495 --- /dev/null +++ b/fonts/conf.avail/30-metric-aliases.conf @@ -0,0 +1,211 @@ + + + + + + + + + + + Nimbus Sans L + + Helvetica + + + + + Nimbus Roman No9 L + + Times + + + + + Nimbus Mono L + + Courier + + + + + + + Liberation Sans + Albany + Albany AMT + + Arial + + + + + Liberation Serif + Thorndale + Thorndale AMT + + Times New Roman + + + + + Liberation Mono + Cumberland + Cumberland AMT + + Courier New + + + + + + + + + + + Helvetica + + Arial + + + + + Times + + Times New Roman + + + + + Courier + + Courier New + + + + + + + Arial + + Helvetica + + + + + Times New Roman + + Times + + + + + Courier New + + Courier + + + + + + + + + + + Helvetica + + Nimbus Sans L + + + + + Times + + Nimbus Roman No9 L + + + + + Courier + + Nimbus Mono L + + + + + + + Arial + + Liberation Sans + Albany + Albany AMT + + + + + Times New Roman + + Liberation Serif + Thorndale + Thorndale AMT + + + + + Courier New + + Liberation Mono + Cumberland + Cumberland AMT + + + + + diff --git a/fonts/conf.avail/30-urw-aliases.conf b/fonts/conf.avail/30-urw-aliases.conf new file mode 100644 index 0000000..8d2b04b --- /dev/null +++ b/fonts/conf.avail/30-urw-aliases.conf @@ -0,0 +1,44 @@ + + + + + + Avant Garde + URW Gothic L + + + Bookman + URW Bookman L + + + New Century Schoolbook + Century Schoolbook L + + + Palatino + URW Palladio L + + + Zapf Chancery + URW Chancery L + + + Zapf Dingbats + Dingbats + + + ZapfDingbats + Dingbats + + + + Symbol + + + Standard Symbols L + + + diff --git a/fonts/conf.avail/40-nonlatin.conf b/fonts/conf.avail/40-nonlatin.conf new file mode 100644 index 0000000..a875db0 --- /dev/null +++ b/fonts/conf.avail/40-nonlatin.conf @@ -0,0 +1,90 @@ + + + + + + + + Nazli + Lotoos + Mitra + Ferdosi + Badr + Zar + Titr + Jadid + Kochi Mincho + AR PL SungtiL GB + AR PL Mingti2L Big5 + ï¼­ï¼³ 明朝 + UnBatang + Baekmuk Batang + MgOpen Canonica + Sazanami Mincho + AR PL ZenKai Uni + ZYSong18030 + FreeSerif + serif + + + + Arshia + Elham + Farnaz + Nasim + Sina + Roya + Koodak + Terafik + Kochi Gothic + AR PL KaitiM GB + AR PL KaitiM Big5 + ï¼­ï¼³ ゴシック + UnDotum + Baekmuk Dotum + SimSun + MgOpen Modata + Sazanami Gothic + AR PL ShanHeiSun Uni + ZYSong18030 + FreeSans + sans-serif + + + + NSimSun + ZYSong18030 + FreeMono + monospace + + + + + Homa + Kamran + Fantezi + Tabassom + fantasy + + + + + IranNastaliq + Nafees Nastaleeq + cursive + + + diff --git a/fonts/conf.avail/45-latin.conf b/fonts/conf.avail/45-latin.conf new file mode 100644 index 0000000..7e41264 --- /dev/null +++ b/fonts/conf.avail/45-latin.conf @@ -0,0 +1,77 @@ + + + + + + + + Bitstream Vera Serif + DejaVu Serif + Liberation Serif + Times New Roman + Times + Nimbus Roman No9 L + Luxi Serif + Thorndale AMT + Thorndale + serif + + + + Bitstream Vera Sans + DejaVu Sans + Liberation Sans + Arial + Helvetica + Verdana + Albany AMT + Albany + Nimbus Sans L + Luxi Sans + sans-serif + + + + Bitstream Vera Sans Mono + DejaVu Sans Mono + Liberation Mono + Inconsolata + Courier New + Courier + Andale Mono + Luxi Mono + Cumberland AMT + Cumberland + Nimbus Mono L + monospace + + + + Impact + Copperplate Gothic Std + Cooper Std + Bauhaus Std + fantasy + + + + ITC Zapf Chancery Std + Zapfino + Comic Sans MS + cursive + + + diff --git a/fonts/conf.avail/49-sansserif.conf b/fonts/conf.avail/49-sansserif.conf new file mode 100644 index 0000000..c6209a7 --- /dev/null +++ b/fonts/conf.avail/49-sansserif.conf @@ -0,0 +1,21 @@ + + + + + + + sans-serif + + + serif + + + monospace + + + sans-serif + + + diff --git a/fonts/conf.avail/50-user.conf b/fonts/conf.avail/50-user.conf new file mode 100644 index 0000000..3f89012 --- /dev/null +++ b/fonts/conf.avail/50-user.conf @@ -0,0 +1,7 @@ + + + + + ~/.fonts.conf.d + ~/.fonts.conf + diff --git a/fonts/conf.avail/51-local.conf b/fonts/conf.avail/51-local.conf new file mode 100644 index 0000000..ca9fbe1 --- /dev/null +++ b/fonts/conf.avail/51-local.conf @@ -0,0 +1,6 @@ + + + + + local.conf + diff --git a/fonts/conf.avail/60-latin.conf b/fonts/conf.avail/60-latin.conf new file mode 100644 index 0000000..dc1205f --- /dev/null +++ b/fonts/conf.avail/60-latin.conf @@ -0,0 +1,70 @@ + + + + + serif + + DejaVu Serif + Bitstream Vera Serif + Times New Roman + Thorndale AMT + Luxi Serif + Nimbus Roman No9 L + Times + + + + sans-serif + + DejaVu Sans + Bitstream Vera Sans + Luxi Sans + Nimbus Sans L + Arial + Albany AMT + Helvetica + Verdana + Lucida Sans Unicode + BPG Glaho International + Tahoma + + + + monospace + + DejaVu Sans Mono + Bitstream Vera Sans Mono + Inconsolata + Luxi Mono + Nimbus Mono L + Andale Mono + Courier New + Cumberland AMT + Courier + + + + + fantasy + + Impact + Copperplate Gothic Std + Cooper Std + Bauhaus Std + + + + + cursive + + ITC Zapf Chancery Std + Zapfino + Comic Sans MS + + + + diff --git a/fonts/conf.avail/65-fonts-persian.conf b/fonts/conf.avail/65-fonts-persian.conf new file mode 100644 index 0000000..0033675 --- /dev/null +++ b/fonts/conf.avail/65-fonts-persian.conf @@ -0,0 +1,419 @@ + + + + + + + + + + + Nesf + Nesf2 + + + Nesf2 + Persian_sansserif_default + + + + + + Nazanin + Nazli + + + Lotus + Lotoos + + + Yaqut + Yaghoot + + + Yaghut + Yaghoot + + + Traffic + Terafik + + + Ferdowsi + Ferdosi + + + Fantezy + Fantezi + + + + + + + + Jadid + Persian_title + + + Titr + Persian_title + + + + + Kamran + + Persian_fantasy + Homa + + + + Homa + + Persian_fantasy + Kamran + + + + Fantezi + Persian_fantasy + + + Tabassom + Persian_fantasy + + + + + Arshia + Persian_square + + + Nasim + Persian_square + + + Elham + + Persian_square + Farnaz + + + + Farnaz + + Persian_square + Elham + + + + Sina + Persian_square + + + + + + + Persian_title + + Titr + Jadid + Persian_serif + + + + + + Persian_fantasy + + Homa + Kamran + Fantezi + Tabassom + Persian_square + + + + + + Persian_square + + Arshia + Elham + Farnaz + Nasim + Sina + Persian_serif + + + + + + + + Elham + + + farsiweb + + + + + + Homa + + + farsiweb + + + + + + Koodak + + + farsiweb + + + + + + Nazli + + + farsiweb + + + + + + Roya + + + farsiweb + + + + + + Terafik + + + farsiweb + + + + + + Titr + + + farsiweb + + + + + + + + + + TURNED-OFF + + + farsiweb + + + + roman + + + + roman + + + + + matrix + 1-0.2 + 01 + + + + + + oblique + + + + + + + + + farsiweb + + + false + + + false + + + false + + + + + + + + + serif + + Nazli + Lotoos + Mitra + Ferdosi + Badr + Zar + + + + + + sans-serif + + Roya + Koodak + Terafik + + + + + + monospace + + + Terafik + + + + + + fantasy + + Homa + Kamran + Fantezi + Tabassom + + + + + + cursive + + IranNastaliq + Nafees Nastaleeq + + + + + + + + + serif + + + 200 + + + 24 + + + Titr + + + + + + + sans-serif + + + 200 + + + 24 + + + Titr + + + + + + + Persian_sansserif_default + + + 200 + + + 24 + + + Titr + + + + + + + + + Persian_sansserif_default + + + Roya + + + + diff --git a/fonts/conf.avail/65-khmer.conf b/fonts/conf.avail/65-khmer.conf new file mode 100644 index 0000000..f9d06f2 --- /dev/null +++ b/fonts/conf.avail/65-khmer.conf @@ -0,0 +1,16 @@ + + + + + serif + + Khmer OS" + + + + sans-serif + + Khmer OS" + + + diff --git a/fonts/conf.avail/65-nonlatin.conf b/fonts/conf.avail/65-nonlatin.conf new file mode 100644 index 0000000..53ac064 --- /dev/null +++ b/fonts/conf.avail/65-nonlatin.conf @@ -0,0 +1,195 @@ + + + + + serif + + Artsounk + BPG UTF8 M + Kinnari + Norasi + Frank Ruehl + Dror + JG LaoTimes + Saysettha Unicode + Pigiarniq + B Davat + B Compset + Kacst-Qr + Urdu Nastaliq Unicode + Raghindi + Mukti Narrow + malayalam + Sampige + padmaa + Hapax Berbère + MS Gothic + UmePlus P Gothic + SimSun + PMingLiu + WenQuanYi Zen Hei + WenQuanYi Bitmap Song + AR PL ShanHeiSun Uni + AR PL New Sung + ZYSong18030 + HanyiSong + MgOpen Canonica + Sazanami Mincho + IPAMonaMincho + IPAMincho + Kochi Mincho + AR PL SungtiL GB + AR PL Mingti2L Big5 + AR PL Zenkai Uni + ï¼­ï¼³ 明朝 + ZYSong18030 + UnBatang + Baekmuk Batang + KacstQura + Frank Ruehl CLM + Lohit Bengali + Lohit Gujarati + Lohit Hindi + Lohit Marathi + Lohit Maithili + Lohit Kashmiri + Lohit Konkani + Lohit Nepali + Lohit Sindhi + Lohit Punjabi + Lohit Tamil + Meera + Lohit Malayalam + Lohit Kannada + Lohit Telugu + Lohit Oriya + LKLUG + + + + sans-serif + + Nachlieli + Lucida Sans Unicode + Yudit Unicode + Kerkis + ArmNet Helvetica + Artsounk + BPG UTF8 M + Waree + Loma + Garuda + Umpush + Saysettha Unicode + JG Lao Old Arial + GF Zemen Unicode + Pigiarniq + B Davat + B Compset + Kacst-Qr + Urdu Nastaliq Unicode + Raghindi + Mukti Narrow + malayalam + Sampige + padmaa + Hapax Berbère + MS Gothic + UmePlus P Gothic + + SimSun + PMingLiu + WenQuanYi Zen Hei + WenQuanYi Bitmap Song + AR PL ShanHeiSun Uni + AR PL New Sung + MgOpen Modata + VL Gothic + IPAMonaGothic + IPAGothic + Sazanami Gothic + Kochi Gothic + AR PL KaitiM GB + AR PL KaitiM Big5 + AR PL ShanHeiSun Uni + AR PL SungtiL GB + AR PL Mingti2L Big5 + ï¼­ï¼³ ゴシック + ZYSong18030 + TSCu_Paranar + UnDotum + Baekmuk Dotum + Baekmuk Gulim + KacstQura + Lohit Bengali + Lohit Gujarati + Lohit Hindi + Lohit Marathi + Lohit Maithili + Lohit Kashmiri + Lohit Konkani + Lohit Nepali + Lohit Sindhi + Lohit Punjabi + Lohit Tamil + Meera + Lohit Malayalam + Lohit Kannada + Lohit Telugu + Lohit Oriya + LKLUG + + + + monospace + + Miriam Mono + VL Gothic + IPAMonaGothic + IPAGothic + Sazanami Gothic + Kochi Gothic + AR PL KaitiM GB + MS Gothic + UmePlus Gothic + NSimSun + MingLiu + AR PL ShanHeiSun Uni + AR PL New Sung Mono + HanyiSong + AR PL SungtiL GB + AR PL Mingti2L Big5 + ZYSong18030 + UnBatang + UnDotum + Baekmuk Batang + Baekmuk Dotum + Baekmuk Gulim + TlwgTypo + TlwgTypist + TlwgTypewriter + TlwgMono + Hasida + Mitra Mono + GF Zemen Unicode + Hapax Berbère + Lohit Bengali + Lohit Gujarati + Lohit Hindi + Lohit Marathi + Lohit Maithili + Lohit Kashmiri + Lohit Konkani + Lohit Nepali + Lohit Sindhi + Lohit Punjabi + Lohit Tamil + Meera + Lohit Malayalam + Lohit Kannada + Lohit Telugu + Lohit Oriya + LKLUG + + + diff --git a/fonts/conf.avail/69-unifont.conf b/fonts/conf.avail/69-unifont.conf new file mode 100644 index 0000000..177dec5 --- /dev/null +++ b/fonts/conf.avail/69-unifont.conf @@ -0,0 +1,28 @@ + + + + + serif + + FreeSerif + Code2000 + Code2001 + + + + sans-serif + + FreeSans + Arial Unicode MS + Arial Unicode + Code2000 + Code2001 + + + + monospace + + FreeMono + + + diff --git a/fonts/conf.avail/70-no-bitmaps.conf b/fonts/conf.avail/70-no-bitmaps.conf new file mode 100644 index 0000000..6b506e8 --- /dev/null +++ b/fonts/conf.avail/70-no-bitmaps.conf @@ -0,0 +1,12 @@ + + + + + + + + false + + + + diff --git a/fonts/conf.avail/70-yes-bitmaps.conf b/fonts/conf.avail/70-yes-bitmaps.conf new file mode 100644 index 0000000..c153aeb --- /dev/null +++ b/fonts/conf.avail/70-yes-bitmaps.conf @@ -0,0 +1,12 @@ + + + + + + + + false + + + + diff --git a/fonts/conf.avail/80-delicious.conf b/fonts/conf.avail/80-delicious.conf new file mode 100644 index 0000000..728f50c --- /dev/null +++ b/fonts/conf.avail/80-delicious.conf @@ -0,0 +1,19 @@ + + + + + + + + + Delicious + + + Heavy + + + heavy + + + + diff --git a/fonts/conf.avail/90-synthetic.conf b/fonts/conf.avail/90-synthetic.conf new file mode 100644 index 0000000..b8d1e85 --- /dev/null +++ b/fonts/conf.avail/90-synthetic.conf @@ -0,0 +1,64 @@ + + + + + + + + + roman + + + + roman + + + + + matrix + 10.2 + 01 + + + + + + oblique + + + + false + + + + + + + + + medium + + + + medium + + + + true + + + + bold + + + diff --git a/fonts/conf.d/20-fix-globaladvance.conf b/fonts/conf.d/20-fix-globaladvance.conf new file mode 120000 index 0000000..8fec131 --- /dev/null +++ b/fonts/conf.d/20-fix-globaladvance.conf @@ -0,0 +1 @@ +../conf.avail/20-fix-globaladvance.conf \ No newline at end of file diff --git a/fonts/conf.d/20-unhint-small-vera.conf b/fonts/conf.d/20-unhint-small-vera.conf new file mode 120000 index 0000000..56c5b8f --- /dev/null +++ b/fonts/conf.d/20-unhint-small-vera.conf @@ -0,0 +1 @@ +../conf.avail/20-unhint-small-vera.conf \ No newline at end of file diff --git a/fonts/conf.d/30-metric-aliases.conf b/fonts/conf.d/30-metric-aliases.conf new file mode 120000 index 0000000..6809157 --- /dev/null +++ b/fonts/conf.d/30-metric-aliases.conf @@ -0,0 +1 @@ +../conf.avail/30-metric-aliases.conf \ No newline at end of file diff --git a/fonts/conf.d/30-urw-aliases.conf b/fonts/conf.d/30-urw-aliases.conf new file mode 120000 index 0000000..227e03d --- /dev/null +++ b/fonts/conf.d/30-urw-aliases.conf @@ -0,0 +1 @@ +../conf.avail/30-urw-aliases.conf \ No newline at end of file diff --git a/fonts/conf.d/40-nonlatin.conf b/fonts/conf.d/40-nonlatin.conf new file mode 120000 index 0000000..efb8230 --- /dev/null +++ b/fonts/conf.d/40-nonlatin.conf @@ -0,0 +1 @@ +../conf.avail/40-nonlatin.conf \ No newline at end of file diff --git a/fonts/conf.d/45-latin.conf b/fonts/conf.d/45-latin.conf new file mode 120000 index 0000000..c400905 --- /dev/null +++ b/fonts/conf.d/45-latin.conf @@ -0,0 +1 @@ +../conf.avail/45-latin.conf \ No newline at end of file diff --git a/fonts/conf.d/49-sansserif.conf b/fonts/conf.d/49-sansserif.conf new file mode 120000 index 0000000..0262faa --- /dev/null +++ b/fonts/conf.d/49-sansserif.conf @@ -0,0 +1 @@ +../conf.avail/49-sansserif.conf \ No newline at end of file diff --git a/fonts/conf.d/50-user.conf b/fonts/conf.d/50-user.conf new file mode 120000 index 0000000..967e33e --- /dev/null +++ b/fonts/conf.d/50-user.conf @@ -0,0 +1 @@ +../conf.avail/50-user.conf \ No newline at end of file diff --git a/fonts/conf.d/51-local.conf b/fonts/conf.d/51-local.conf new file mode 120000 index 0000000..58fc313 --- /dev/null +++ b/fonts/conf.d/51-local.conf @@ -0,0 +1 @@ +../conf.avail/51-local.conf \ No newline at end of file diff --git a/fonts/conf.d/60-latin.conf b/fonts/conf.d/60-latin.conf new file mode 120000 index 0000000..4827df3 --- /dev/null +++ b/fonts/conf.d/60-latin.conf @@ -0,0 +1 @@ +../conf.avail/60-latin.conf \ No newline at end of file diff --git a/fonts/conf.d/65-fonts-persian.conf b/fonts/conf.d/65-fonts-persian.conf new file mode 120000 index 0000000..7f72bfe --- /dev/null +++ b/fonts/conf.d/65-fonts-persian.conf @@ -0,0 +1 @@ +../conf.avail/65-fonts-persian.conf \ No newline at end of file diff --git a/fonts/conf.d/65-nonlatin.conf b/fonts/conf.d/65-nonlatin.conf new file mode 120000 index 0000000..d99e17a --- /dev/null +++ b/fonts/conf.d/65-nonlatin.conf @@ -0,0 +1 @@ +../conf.avail/65-nonlatin.conf \ No newline at end of file diff --git a/fonts/conf.d/69-unifont.conf b/fonts/conf.d/69-unifont.conf new file mode 120000 index 0000000..7ba1b65 --- /dev/null +++ b/fonts/conf.d/69-unifont.conf @@ -0,0 +1 @@ +../conf.avail/69-unifont.conf \ No newline at end of file diff --git a/fonts/conf.d/80-delicious.conf b/fonts/conf.d/80-delicious.conf new file mode 120000 index 0000000..22d6770 --- /dev/null +++ b/fonts/conf.d/80-delicious.conf @@ -0,0 +1 @@ +../conf.avail/80-delicious.conf \ No newline at end of file diff --git a/fonts/conf.d/90-synthetic.conf b/fonts/conf.d/90-synthetic.conf new file mode 120000 index 0000000..a25f312 --- /dev/null +++ b/fonts/conf.d/90-synthetic.conf @@ -0,0 +1 @@ +../conf.avail/90-synthetic.conf \ No newline at end of file diff --git a/fonts/conf.d/README b/fonts/conf.d/README new file mode 100644 index 0000000..c2fb52c --- /dev/null +++ b/fonts/conf.d/README @@ -0,0 +1,23 @@ +conf.d/README + +Each file in this directory is a fontconfig configuration file. Fontconfig +scans this directory, loading all files of the form [0-9][0-9]*.conf. +These files are normally installed in ../conf.avail and then symlinked here, +allowing them to be easily installed and then enabled/disabled by adjusting +the symlinks. + +The files are loaded in numeric order, the structure of the configuration +has led to the following conventions in usage: + + Files begining with: Contain: + + 00 through 09 Font directories + 10 through 19 system rendering defaults (AA, etc) + 20 through 29 font rendering options + 30 through 39 family substitution + 40 through 49 generic identification, map family->generic + 50 through 59 alternate config file loading + 60 through 69 generic aliases, map generic->family + 70 through 79 select font (adjust which fonts are available) + 80 through 89 match target="scan" (modify scanned patterns) + 90 through 99 font synthesis diff --git a/fonts/fonts.conf b/fonts/fonts.conf new file mode 100644 index 0000000..059259a --- /dev/null +++ b/fonts/fonts.conf @@ -0,0 +1,151 @@ + + + + + + + + + + /usr/share/fonts + /usr/local/share/fonts + ~/.fonts + + + + + mono + + + monospace + + + + + + + sans serif + + + sans-serif + + + + + + + sans + + + sans-serif + + + + + conf.d + + + + /var/cache/fontconfig + ~/.fontconfig + + + + + 0x0020 + 0x00A0 + 0x00AD + 0x034F + 0x0600 + 0x0601 + 0x0602 + 0x0603 + 0x06DD + 0x070F + 0x115F + 0x1160 + 0x1680 + 0x17B4 + 0x17B5 + 0x180E + 0x2000 + 0x2001 + 0x2002 + 0x2003 + 0x2004 + 0x2005 + 0x2006 + 0x2007 + 0x2008 + 0x2009 + 0x200A + 0x200B + 0x200C + 0x200D + 0x200E + 0x200F + 0x2028 + 0x2029 + 0x202A + 0x202B + 0x202C + 0x202D + 0x202E + 0x202F + 0x205F + 0x2060 + 0x2061 + 0x2062 + 0x2063 + 0x206A + 0x206B + 0x206C + 0x206D + 0x206E + 0x206F + 0x2800 + 0x3000 + 0x3164 + 0xFEFF + 0xFFA0 + 0xFFF9 + 0xFFFA + 0xFFFB + + + + 30 + + + + diff --git a/fonts/fonts.dtd b/fonts/fonts.dtd new file mode 100644 index 0000000..cbdfdab --- /dev/null +++ b/fonts/fonts.dtd @@ -0,0 +1,224 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/gpm/gpm-root.conf b/gpm/gpm-root.conf new file mode 100644 index 0000000..ab9f16c --- /dev/null +++ b/gpm/gpm-root.conf @@ -0,0 +1,85 @@ +# sample configuration file for gpm-root +# edit it to please your taste.... + +button 1 { + name "ttys" + + "" f.nop + "login on a new tty" f.mktty + "" f.nop + "tty 1" f.jptty "1" + "tty 2" f.jptty "2" + "tty 3" f.jptty "3" + "tty 4" f.jptty "4" + "" f.nop + "tty 5" f.jptty "5" + "tty 6" f.jptty "6" + "tty 7" f.jptty "7" + "tty 8" f.jptty "8" + "" f.nop + "more of them..." { + + "tty 9" f.jptty "9" + "tty 10" f.jptty "10" + "tty 11" f.jptty "11" + "tty 12" f.jptty "12" + "" f.nop + "tty 13" f.jptty "13" + "tty 14" f.jptty "14" + "tty 15" f.jptty "15" + "tty 16" f.jptty "16" + "" f.nop + "more of them..." { + "tty 17" f.jptty "17" + } + } + +} + +button 2 { + name "system status" + foreground red + background black + border yellow + head bright yellow + + "" f.nop + "%b %d %Y" f.time + "%H:%M" f.time + "" f.nop + "load: " f.load + "free:" f.free + "" f.nop + "report disk usage to ~/du" f.bgcmd "du ~ | sort -rn > ~/du" + "print mail headers to tty" f.bgcmd + "grep '^From ' /var/spool/mail/$USER | tail" +} + +button 3 { + name "far ttys" + + foreground black + background red + border bright yellow + head bright yellow + + "tty 9" f.jptty "9" + "tty 10" f.jptty "10" + "tty 11" f.jptty "11" + "tty 12" f.jptty "12" + "" f.nop + + "tty 13" f.jptty "13" + "tty 14" f.jptty "14" + "tty 15" f.jptty "15" + "tty 16" f.jptty "16" + "" f.nop + +# I use this to halt and reboot the system, but it isn't wise to put it +# in widely accessible boxes. +# +# "----" f.nop +# "" f.nop +# "halt" f.bgcmd "/sbin/shutdown -h now" +# "reboot" f.bgcmd "/sbin/shutdown -r now" +} diff --git a/gpm/gpm-syn.conf b/gpm/gpm-syn.conf new file mode 100644 index 0000000..bba0ffe --- /dev/null +++ b/gpm/gpm-syn.conf @@ -0,0 +1,49 @@ +/* enabling configuration parameters */ +[edge_motion_enabled] TRUE +[edge_motion_speed_enabled] TRUE +[corner_taps_enabled] TRUE +[tap_gesture_enabled] TRUE +[pressure_speed_enabled] TRUE +[tossing_enabled] TRUE +[does_toss_use_static_speed] TRUE +/* pressure induced speed related configuration parameters */ +[low_pressure] 60 +[speed_up_pressure] 60 +[pressure_factor] 0.10 +[standard_speed_factor] 0.10 +/* toss/catch related parameters */ +[min_toss_time] 100 +[max_toss_time] 300 +[prevent_toss_time] 300 +[min_toss_dist] 2 +[static_toss_speed] 70 +[toss_speed_factor] 0.5 +/* edge motion related configuration parameters */ +[edge_speed] 20 +/* corner tap actions */ +[upper_left_action] 0 (none) +[upper_right_action] 2 (middle) +[lower_left_action] 0 (none) +[lower_right_action] 3 (right) +/* wmode parameters */ +[wmode_enabled] TRUE +[drag_lock_enabled] FALSE +[finger_threshold] 30 +[tap_lower_limit] 5 +[tap_upper_limit] 200 +[tap_range] 100 +[tap_interval] 200 +[pads_tap_interval] 8 +[multiple_tap_delay] 30 +[palm_detect_enabled] TRUE +[palm_detect_level] 12 +[multi_finger_tap_enable] TRUE +[multi_finger_stop_enabled] TRUE +[multi_finger_stop_delay] 8 + /* Additional options */ +[touch_pad_enabled] TRUE +[stick_enabled] TRUE +[scrolling_enabled] TRUE +[scrolling_edge] 2 +[auto_scrolling_enabled] TRUE + diff --git a/gpm/gpm-twiddler.conf b/gpm/gpm-twiddler.conf new file mode 100644 index 0000000..85d0d40 --- /dev/null +++ b/gpm/gpm-twiddler.conf @@ -0,0 +1,258 @@ +# +# This is the configuration file for the twiddler keyboard as used under +# the gpm mouse server +# +# Empty lines and comments are ignored, other lines must follow either +# of the following conventions: +# chord = value (e.g. "L000 = a") +# mod chord = value (e.g. "Shift L000 = a") +# +# The "mod" is one of "Shift" "Numeric" "Function" "Control" "Ctrl" "Alt", +# or any abbreviation of those (case independent) +# The special case "Ctrl+Shift" (or "Shift+Ctrl") is supported, but note +# that it can't be abbreviated like C+S or anything like that. +# +# The "chord" value is one of the usual specifications, uppercase only +# +# Value can be a single byte (also as escape sequence), a string with +# double quotes (with escape sequences) or a special name (one of those +# appearing as "string" in dumpkeys, and Up Down Left Right). +# In addition, the strings "Console" and "Exec" are supported. See the +# sample case below. +# +# Escape sequences are \n \r \e \t \a \b, octal ("\243") or hex ("\xff") +# numbers. Any other char is returned unchanged, like \" or \\. + +######## Lowercase +R000 = a +0R00 = b +00R0 = c +000R = d +M000 = e +0M00 = f +00M0 = g +000M = h +LR00 = i +L0R0 = j +L00R = k +LM00 = l +L0M0 = m +L00M = n +LL00 = o +L0L0 = p +L00L = q +MR00 = r +M0R0 = s +M00R = t +MM00 = u +M0M0 = v +M00M = w +ML00 = x +M0L0 = y +M00L = z + +############## Uppercase +Shift R000 = A +Shift 0R00 = B +Shift 00R0 = C +Shift 000R = D +Shift M000 = E +Shift 0M00 = F +Shift 00M0 = G +Shift 000M = H +Shift LR00 = I +Shift L0R0 = J +Shift L00R = K +Shift LM00 = L +Shift L0M0 = M +Shift L00M = N +Shift LL00 = O +Shift L0L0 = P +Shift L00L = Q +Shift MR00 = R +Shift M0R0 = S +Shift M00R = T +Shift MM00 = U +Shift M0M0 = V +Shift M00M = W +Shift ML00 = X +Shift M0L0 = Y +Shift M00L = Z + +######## Control +Ctrl R000 = \x01 +Ctrl 0R00 = \x02 +Ctrl 00R0 = \x03 +Ctrl 000R = \x04 +Ctrl M000 = \x05 +Ctrl 0M00 = \x06 +Ctrl 00M0 = \x07 +Ctrl 000M = \x08 +Ctrl LR00 = \x09 +Ctrl L0R0 = \x0a +Ctrl L00R = \x0b +Ctrl LM00 = \x0c +Ctrl L0M0 = \x0d +Ctrl L00M = \x0e +Ctrl LL00 = \x0f +Ctrl L0L0 = \x10 +Ctrl L00L = \x11 +Ctrl MR00 = \x12 +Ctrl M0R0 = \x13 +Ctrl M00R = \x14 +Ctrl MM00 = \x15 +Ctrl M0M0 = \x16 +Ctrl M00M = \x17 +Ctrl ML00 = \x18 +Ctrl M0L0 = \x19 +Ctrl M00L = \x1a + +######## Meta (Alt) +Meta R000 = "\ea" +Meta 0R00 = "\eb" +Meta 00R0 = "\ec" +Meta 000R = "\ed" +Meta M000 = "\ee" +Meta 0M00 = "\ef" +Meta 00M0 = "\eg" +Meta 000M = "\eh" +Meta LR00 = "\ei" +Meta L0R0 = "\ej" +Meta L00R = "\ek" +Meta LM00 = "\el" +Meta L0M0 = "\em" +Meta L00M = "\en" +Meta LL00 = "\eo" +Meta L0L0 = "\ep" +Meta L00L = "\eq" +Meta MR00 = "\er" +Meta M0R0 = "\es" +Meta M00R = "\et" +Meta MM00 = "\eu" +Meta M0M0 = "\ev" +Meta M00M = "\ew" +Meta ML00 = "\ex" +Meta M0L0 = "\ey" +Meta M00L = "\ez" + +##### 1b is escape, etc... + + RRR0 = \x1b + +############### Numbers and symbols (ascii 0x20 to 0x40) + L000 = " " + R0L0 = ! + R0M0 = " + 0M0L = # + 0LR0 = $ + 00RM = % + 0L0L = & + RM00 = ' + 0LL0 = ( + 0RL0 = ) + 00LM = * + 00ML = + + R0R0 = , + R00L = - + RR00 = . + MMM0 = / +Num 0L00 = 0 +Num R000 = 1 +Num 0R00 = 2 +Num 00R0 = 3 +Num 000R = 4 +Num M000 = 5 +Num 0M00 = 6 +Num 00M0 = 7 +Num 000M = 8 +Num L000 = 9 + 00RL = : + R00R = ; +Num M00L = < + 00MR = = +Num R0R0 = > + RL00 = ? + 00LR = @ + +############## Other symbols (ascii 0x5b to 0x60 and 0x7b to 0x7f) + +Num RM00 = [ + LLL0 = \ +Num R00M = ] +Num LM00 = ^ + 0R0L = _ +Num R0L0 = ` + +Num R00L = { +Num LLR0 = | +Num LL0R = } +Num LLM0 = ~ + 0L00 = \x7f + 00L0 = \x08 + +############## In addition to ascii, here are the special keys + +# return, tab +000L = \x0a +MM0M = \x09 + +# arrows +0MR0 = Up +0ML0 = Down +0MM0 = Left +0M0M = Right + +# pageup/down +00RR = Prior +00LL = Next + +############## Functions +Fun R000 = F1 +Fun 0R00 = F2 +Fun 00R0 = F3 +Fun 000R = F4 +Fun M000 = F5 +Fun 0M00 = F6 +Fun 00M0 = F7 +Fun 000M = F8 +Fun L000 = F9 +Fun 0L00 = F10 +Fun 00L0 = F11 +Fun 000L = F12 + + +############## Console switching +Ctrl+Shift R000 = Console 1 +Ctrl+Shift 0R00 = Console 2 +Ctrl+Shift 00R0 = Console 3 +Ctrl+Shift 000R = Console 4 +Ctrl+Shift M000 = Console 5 +Ctrl+Shift 0M00 = Console 6 +Ctrl+Shift 00M0 = Console 7 +Ctrl+Shift 000M = Console 8 +Ctrl+Shift L000 = Console 9 +Ctrl+Shift 0L00 = Console 10 +Ctrl+Shift 00L0 = Console 11 +Ctrl+Shift 000L = Console 12 + +############## Executing commands (be careful: this is root) +# This is just an example: t for "time" and s for "space" +# The empty line is used to align text on console border + +F M00R = Exec echo > /dev/tty0; date > /dev/tty0 +F M0R0 = Exec echo > /dev/tty0; df > /dev/tty0 + +# you can put shutdown, reboot or anything here. + +############## Macros + +0RR0 = "the" +0RM0 = "of" +0R0R = "to" +0M0R = "ed" +R00M = "and" +0R0M = "in" +0L0M = "ion" +00MM = "ing" + +############## Add accented letters here below.... diff --git a/gtk-2.0/gtkrc b/gtk-2.0/gtkrc new file mode 100644 index 0000000..6161739 --- /dev/null +++ b/gtk-2.0/gtkrc @@ -0,0 +1 @@ +gtk-fallback-icon-theme = "gnome" diff --git a/gtk-2.0/im-multipress.conf b/gtk-2.0/im-multipress.conf new file mode 100644 index 0000000..d6c8129 --- /dev/null +++ b/gtk-2.0/im-multipress.conf @@ -0,0 +1,22 @@ +# Example configuration file for the GTK+ Multipress Input Method +# Authored by Openismus GmbH, 2009. +# +# This file follows the GKeyFile format. On the left of the equal sign goes +# the key that you press repeatedly to iterate through the text items listed +# on the right-hand side. The list items are separated by semicolons ";" and +# consist of one or more characters each. The backslash "\" is used to escape +# characters; for instance "\;" for a literal semicolon. +# +# The example configuration below imitates the behavior of a standard mobile +# phone by a major manufacturer, with German language setting. +[keys] +KP_1 = .;,;?;!;';";1;-;(;);@;/;:;_ +KP_2 = a;b;c;2;ä;à;á;ã;â;Ã¥;æ;ç +KP_3 = d;e;f;3;è;é;ë;ê;ð +KP_4 = g;h;i;4;ì;í;î;ï +KP_5 = j;k;l;5;£ +KP_6 = m;n;o;6;ö;ò;ó;ô;õ;ø;ñ +KP_7 = p;q;r;s;7;ß;$ +KP_8 = t;u;v;8;ü;ù;ú;û +KP_9 = w;x;y;z;9;ý;þ +KP_0 = \s;0 diff --git a/gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules b/gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules new file mode 100644 index 0000000..65bcc53 --- /dev/null +++ b/gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules @@ -0,0 +1,39 @@ +# GTK+ Input Method Modules file +# Automatically generated file, do not edit +# Created by gtk-query-immodules-2.0 from gtk+-2.24.5 +# +# ModulesPath = /root/.gtk-2.0/2.10.0/x86_64-pc-linux-gnu/immodules:/root/.gtk-2.0/2.10.0/immodules:/root/.gtk-2.0/x86_64-pc-linux-gnu/immodules:/root/.gtk-2.0/immodules:/usr/lib64/gtk-2.0/2.10.0/x86_64-pc-linux-gnu/immodules:/usr/lib64/gtk-2.0/2.10.0/immodules:/usr/lib64/gtk-2.0/x86_64-pc-linux-gnu/immodules:/usr/lib64/gtk-2.0/immodules +# +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-ipa.so" +"ipa" "IPA" "gtk20" "/usr/share/locale" "" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-inuktitut.so" +"inuktitut" "Inuktitut (Transliterated)" "gtk20" "/usr/share/locale" "iu" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-cyrillic-translit.so" +"cyrillic_translit" "Cyrillic (Transliterated)" "gtk20" "/usr/share/locale" "" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-am-et.so" +"am_et" "Amharic (EZ+)" "gtk20" "/usr/share/locale" "am" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-viqr.so" +"viqr" "Vietnamese (VIQR)" "gtk20" "/usr/share/locale" "vi" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-xim.so" +"xim" "X Input Method" "gtk20" "/usr/share/locale" "ko:ja:th:zh" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-multipress.so" +"multipress" "Multipress" "gtk20" "" "" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-cedilla.so" +"cedilla" "Cedilla" "gtk20" "/usr/share/locale" "az:ca:co:fr:gv:oc:pt:sq:tr:wa" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-thai.so" +"thai" "Thai-Lao" "gtk20" "/usr/share/locale" "lo:th" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-ti-et.so" +"ti_et" "Tigrigna-Ethiopian (EZ+)" "gtk20" "/usr/share/locale" "ti" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-ti-er.so" +"ti_er" "Tigrigna-Eritrean (EZ+)" "gtk20" "/usr/share/locale" "ti" + diff --git a/init.d/.rcs/books-prod-fcgi,v b/init.d/.rcs/books-prod-fcgi,v new file mode 100755 index 0000000..90cf0f6 --- /dev/null +++ b/init.d/.rcs/books-prod-fcgi,v @@ -0,0 +1,78 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.07.20.20.05; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6,v 1.27 2009/08/12 08:09:52 idl0r Exp $ + +depend() { + use logger dns + need net +} + +DAEMON_USER="frank" +DAEMON_GROUP="users" +PID_DIR="/var/run/frank" + +# Pid file to use (needs to be absolute path). +DAEMON_PIDFILE="${PID_DIR}/books-prod.pid" + +# Working directory (needs to be absolute path). +DAEMON_DIR="/var/www/books" + +# Path to the binary (needs to be absolute path). +DAEMON_BINARY="${DAEMON_DIR}/script/frbr_books_fastcgi.pl" + +# Path to the socket for Apache mod_fastcgi +DAEMON_SOCKET="/tmp/frbr_books_app.sock" + +# Count of daemon processes +DAEMON_COUNT=2 + +start() { + + if [ ! -d "${PID_DIR}" ] ; then + mkdir -p "${PID_DIR}" + fi + chown "${DAEMON_USER}":"${DAEMON_GROUP}" "${PID_DIR}" + + local myopts="-l ${DAEMON_SOCKET} -n ${DAEMON_COUNT} -d -p ${DAEMON_PIDFILE}" + + ebegin "Starting ${SVCNAME}" +# start-stop-daemon --start --exec "${DAEMON_BINARY}" \ +# --chuid "${DAEMON_USER}":${DAEMON_GROUP} \ +# --pidfile "${DAEMON_PIDFILE}" \ +# -- ${myopts} + su - "${DAEMON_USER}" -c "cd ${DAEMON_DIR} && ${DAEMON_BINARY} ${myopts}" + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --exec "${DAEMON_BINARY}" \ + --pidfile "${DAEMON_PIDFILE}" --quiet + eend $? +} + +@ diff --git a/init.d/amavisd b/init.d/amavisd new file mode 100755 index 0000000..f1ced77 --- /dev/null +++ b/init.d/amavisd @@ -0,0 +1,71 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-filter/amavisd-new/files/amavisd.initd,v 1.2 2010/12/07 10:34:32 eras Exp $ + +opts="${opts} reload debug debug_sa" + +prog="/usr/sbin/amavisd" +progname="amavisd-new" +conffile="/etc/amavisd.conf" + +depend() { + need net + use logger antivirus snmpd + before mta +} + +checkconfig() { + local piddir pidfile + if [ -r "${conffile}" ] ; then + pidfile=$(grep -m1 ^[^#].*pid_file "${conffile}"|sed -e 's/.*"\(.*\)".*/\1/') + piddir=${pidfile%/*} + if [ ! -d "${piddir:-/var/amavis}" ] ; then + checkpath -q -d -o root:amavis -m 0770 "${piddir}" || return 1 + fi + else + eerror "Missing conf file." + return 1 + fi +} + +start() { + ebegin "Starting ${progname}" + checkconfig || return 1 + "${prog}" start + eend $? +} + +stop() { + ebegin "Stopping ${progname}" + "${prog}" stop 2>/dev/null + eend $? +} + +reload() { + ebegin "Reloading ${progname}" + "${prog}" reload 2>/dev/null + eend $? +} + +restart() { + ebegin "Restarting ${progname}" + svc_stop + sleep 3 + svc_start + eend $? +} + +debug() { + ebegin "Starting ${progname} in debug mode" + checkconfig || return 1 + "${prog}" debug + eend $? +} + +debug_sa() { + ebegin "Starting ${progname} in debug-sa mode" + checkconfig || return 1 + "${prog}" debug-sa + eend $? +} diff --git a/init.d/apache2 b/init.d/apache2 new file mode 100755 index 0000000..6d22ce8 --- /dev/null +++ b/init.d/apache2 @@ -0,0 +1,182 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +extra_commands="configtest modules virtualhosts" +extra_started_commands="configdump fullstatus graceful gracefulstop reload" + +description_configdump="Dumps the configuration of the runing apache server. Requires server-info to be enabled and www-client/lynx." +description_configtest="Run syntax tests for configuration files." +description_fullstatus="Gives the full status of the server. Requires lynx and server-status to be enabled." +description_graceful="A graceful restart advises the children to exit after the current request and reloads the configuration." +description_gracefulstop="A graceful stop advises the children to exit after the current request and stops the server." +description_modules="Dump a list of loaded Static and Shared Modules." +description_reload="Kills all children and reloads the configuration." +description_virtualhosts="Show the settings as parsed from the config file (currently only shows the virtualhost settings)." +description_stop="Kills all children and stops the server." + +depend() { + need net + use mysql dns logger netmount postgresql + after sshd +} + +configtest() { + ebegin "Checking ${SVCNAME} configuration" + checkconfig + eend $? +} + +checkconfd() { + if [ ! -f /etc/init.d/sysfs ]; then + eerror "This init script works only with openrc (baselayout-2)." + eerror "If you still need baselayout-1.x, please, use" + eerror "apache2.initd-baselayout-1 from /usr/share/doc/apache2-*/" + fi + + PIDFILE="${PIDFILE:-/var/run/apache2.pid}" + TIMEOUT=${TIMEOUT:-15} + + SERVERROOT="${SERVERROOT:-/usr/lib64/apache2}" + if [ ! -d ${SERVERROOT} ]; then + eerror "SERVERROOT does not exist: ${SERVERROOT}" + return 1 + fi + + CONFIGFILE="${CONFIGFILE:-/etc/apache2/httpd.conf}" + [ "${CONFIGFILE#/}" = "${CONFIGFILE}" ] && CONFIGFILE="${SERVERROOT}/${CONFIGFILE}" + if [ ! -r "${CONFIGFILE}" ]; then + eerror "Unable to read configuration file: ${CONFIGFILE}" + return 1 + fi + + APACHE2_OPTS="${APACHE2_OPTS} -d ${SERVERROOT}" + APACHE2_OPTS="${APACHE2_OPTS} -f ${CONFIGFILE}" + [ -n "${STARTUPERRORLOG}" ] && APACHE2_OPTS="${APACHE2_OPTS} -E ${STARTUPERRORLOG}" + + APACHE2="/usr/sbin/apache2" +} + +checkconfig() { + checkconfd || return 1 + + ${APACHE2} ${APACHE2_OPTS} -t 1>/dev/null 2>&1 + ret=$? + if [ $ret -ne 0 ]; then + eerror "${SVCNAME} has detected an error in your setup:" + ${APACHE2} ${APACHE2_OPTS} -t + fi + + return $ret +} + +start() { + checkconfig || return 1 + + ebegin "Starting ${SVCNAME}" + # Use start stop daemon to apply system limits #347301 + start-stop-daemon --start -- ${APACHE2} ${APACHE2_OPTS} -k start + + i=0 + while [ ! -e "${PIDFILE}" ] && [ $i -lt ${TIMEOUT} ]; do + sleep 1 && i=$(expr $i + 1) + done + + eend $(test $i -lt ${TIMEOUT}) +} + +stop() { + if [ "${RC_CMD}" = "restart" ]; then + checkconfig || return 1 + else + checkconfd || return 1 + fi + + PID=$(cat "${PIDFILE}" 2>/dev/null) + if [ -z "${PID}" ]; then + einfo "${SVCNAME} not running (no pid file)" + return 0 + fi + + ebegin "Stopping ${SVCNAME}" + ${APACHE2} ${APACHE2_OPTS} -k stop + + i=0 + while ( ! test -f "${PIDFILE}" && pgrep -P ${PID} apache2 >/dev/null ) \ + && [ $i -lt ${TIMEOUT} ]; do + sleep 1 && i=$(expr $i + 1) + done + + eend $(test $i -lt ${TIMEOUT}) +} + +reload() { + RELOAD_TYPE="${RELOAD_TYPE:-graceful}" + + checkconfig || return 1 + + if [ "${RELOAD_TYPE}" = "restart" ]; then + ebegin "Restarting ${SVCNAME}" + ${APACHE2} ${APACHE2_OPTS} -k restart + eend $? + elif [ "${RELOAD_TYPE}" = "graceful" ]; then + ebegin "Gracefully restarting ${SVCNAME}" + ${APACHE2} ${APACHE2_OPTS} -k graceful + eend $? + else + eerror "${RELOAD_TYPE} is not a valid RELOAD_TYPE. Please edit /etc/conf.d/${SVCNAME}" + fi +} + +graceful() { + checkconfig || return 1 + ebegin "Gracefully restarting ${SVCNAME}" + ${APACHE2} ${APACHE2_OPTS} -k graceful + eend $? +} + +gracefulstop() { + checkconfig || return 1 + ebegin "Gracefully stopping ${SVCNAME}" + ${APACHE2} ${APACHE2_OPTS} -k graceful-stop + eend $? +} + +modules() { + checkconfig || return 1 + ${APACHE2} ${APACHE2_OPTS} -M 2>&1 +} + +fullstatus() { + LYNX="${LYNX:-lynx -dump}" + STATUSURL="${STATUSURL:-http://localhost/server-status}" + + if ! type -p $(set -- ${LYNX}; echo $1) 2>&1 >/dev/null; then + eerror "lynx not found! you need to emerge www-client/lynx" + else + ${LYNX} ${STATUSURL} + fi +} + +virtualhosts() { + checkconfig || return 1 + ${APACHE2} ${APACHE2_OPTS} -S +} + +configdump() { + LYNX="${LYNX:-lynx -dump}" + INFOURL="${INFOURL:-http://localhost/server-info}" + + checkconfd || return 1 + + if ! type -p $(set -- ${LYNX}; echo $1) 2>&1 >/dev/null; then + eerror "lynx not found! you need to emerge www-client/lynx" + else + echo "${APACHE2} started with '${APACHE2_OPTS}'" + for i in config server list; do + ${LYNX} "${INFOURL}/?${i}" | sed '/Apache Server Information/d;/^[[:space:]]\+[_]\+$/Q' + done + fi +} + +# vim: ts=4 filetype=gentoo-init-d diff --git a/init.d/atd b/init.d/atd new file mode 100755 index 0000000..da022b0 --- /dev/null +++ b/init.d/atd @@ -0,0 +1,21 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/at/files/atd.rc6,v 1.1 2005/03/03 17:40:23 ciaranm Exp $ + +depend() { + need clock logger +} + +start() { + ebegin "Starting atd" + start-stop-daemon --start --quiet --pidfile /var/run/atd.pid \ + --startas /usr/sbin/atd + eend $? +} + +stop() { + ebegin "Shutting down atd" + start-stop-daemon --stop --quiet --pidfile /var/run/atd.pid + eend $? +} diff --git a/init.d/auditd b/init.d/auditd new file mode 100755 index 0000000..862a6be --- /dev/null +++ b/init.d/auditd @@ -0,0 +1,58 @@ +#!/sbin/runscript +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-init.d-1.2.3,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ + +start_auditd() { + ebegin "Starting auditd" + start-stop-daemon \ + --start --quiet --pidfile /var/run/auditd.pid \ + --exec /sbin/auditd -- ${EXTRAOPTIONS} + local ret=$? + eend $ret + return $ret +} + +stop_auditd() { + ebegin "Stopping auditd" + start-stop-daemon \ + --stop --quiet --pidfile /var/run/auditd.pid + local ret=$? + eend $ret + return $ret +} + + +loadfile() { + local rules="$1" + if [ -n "${rules}" -a -f "${rules}" ]; then + einfo "Loading audit rules from ${rules}" + /sbin/auditctl -R "${rules}" 1>/dev/null + return $? + else + return 0 + fi +} + +start() { + start_auditd + local ret=$? + if [ $ret -eq 0 ]; then + loadfile "${RULEFILE_STARTUP}" + fi + return $ret +} + +stop() { + loadfile "${RULEFILE_STOP_PRE}" + stop_auditd + local ret=$? + loadfile "${RULEFILE_STOP_POST}" + return $ret +} + +# This is a special case, we do not want to touch the rules at all +restart() { + stop_auditd + start_auditd +} diff --git a/init.d/autofs b/init.d/autofs new file mode 100755 index 0000000..bd3f14f --- /dev/null +++ b/init.d/autofs @@ -0,0 +1,70 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-fs/autofs/files/autofs5.initd,v 1.3 2011/10/05 14:27:26 pva Exp $ + +DAEMON=/usr/sbin/automount +PIDFILE=/var/run/autofs.pid +DEVICE=autofs + +depend() { + need localmount + use ypbind nfs slapd portmap net +} + +extra_started_commands="reload" + +start() { + ebegin "Starting automounter" + + # Ensure autofs support is loaded + grep -q autofs /proc/filesystems || modprobe -q autofs4 + if [ $? -ne 0 ]; then + eend 1 "No autofs support available in kernel" + return 1 + fi + + # Check misc device + if [ -n "${USE_MISC_DEVICE}" -a "${USE_MISC_DEVICE}" = "yes" ]; then + sleep 1 + if [ -e "/proc/misc" ]; then + MINOR=$(awk "/${DEVICE}/ {print \$1}" /proc/misc) + if [ -n "${MINOR}" -a ! -c "/dev/${DEVICE}" ]; then + mknod -m 0600 "/dev/${DEVICE}" c 10 ${MINOR} + if [ $? -ne 0 ]; then + eend 1 "Could not create '/dev/${DEVICE}'" + return 1 + fi + fi + fi + if [ -x /sbin/restorecon -a -c "/dev/${DEVICE}" ]; then + /sbin/restorecon "/dev/${DEVICE}" + if [ $? -ne 0 ]; then + eend 1 "Failed to execute '/sbin/restorecon \"/dev/${DEVICE}\"'" + return 1 + fi + fi + else + [ -c "/dev/${DEVICE}" ] && rm -rf "/dev/${DEVICE}" + fi + + start-stop-daemon --start --exec ${DAEMON} -- -p ${PIDFILE} ${OPTIONS} + + eend $? +} + +stop() { + ebegin "Stopping automounter" + start-stop-daemon --stop --quiet -R TERM/45 -p ${PIDFILE} + eend $? +} + +reload() { + ebegin "Reloading automounter" + if [ ! -r "${PIDFILE}" ]; then + eend 1 "automount not running" + else + kill -HUP $(cat "${PIDFILE}") 2> /dev/null + eend $? + fi +} diff --git a/init.d/books-prod-fcgi b/init.d/books-prod-fcgi new file mode 100755 index 0000000..e67b6ee --- /dev/null +++ b/init.d/books-prod-fcgi @@ -0,0 +1,54 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /etc/init.d/.rcs/books-prod-fcgi,v 1.1 2010/06/07 20:20:05 root Exp $ + +depend() { + use logger dns + need net +} + +DAEMON_USER="frank" +DAEMON_GROUP="users" +PID_DIR="/var/run/frank" + +# Pid file to use (needs to be absolute path). +DAEMON_PIDFILE="${PID_DIR}/books-prod.pid" + +# Working directory (needs to be absolute path). +DAEMON_DIR="/var/www/books" + +# Path to the binary (needs to be absolute path). +DAEMON_BINARY="${DAEMON_DIR}/script/frbr_books_fastcgi.pl" + +# Path to the socket for Apache mod_fastcgi +DAEMON_SOCKET="/tmp/frbr_books_app.sock" + +# Count of daemon processes +DAEMON_COUNT=2 + +start() { + + if [ ! -d "${PID_DIR}" ] ; then + mkdir -p "${PID_DIR}" + fi + chown "${DAEMON_USER}":"${DAEMON_GROUP}" "${PID_DIR}" + + local myopts="-l ${DAEMON_SOCKET} -n ${DAEMON_COUNT} -d -p ${DAEMON_PIDFILE}" + + ebegin "Starting ${SVCNAME}" +# start-stop-daemon --start --exec "${DAEMON_BINARY}" \ +# --chuid "${DAEMON_USER}":${DAEMON_GROUP} \ +# --pidfile "${DAEMON_PIDFILE}" \ +# -- ${myopts} + su - "${DAEMON_USER}" -c "cd ${DAEMON_DIR} && ${DAEMON_BINARY} ${myopts}" + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --exec "${DAEMON_BINARY}" \ + --pidfile "${DAEMON_PIDFILE}" --quiet + eend $? +} + diff --git a/init.d/bootmisc b/init.d/bootmisc new file mode 100755 index 0000000..35af097 --- /dev/null +++ b/init.d/bootmisc @@ -0,0 +1,171 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +depend() +{ + need localmount + before logger + after clock sysctl + keyword -prefix -timeout +} + +dir_writeable() +{ + mkdir "$1"/.test.$$ 2>/dev/null && rmdir "$1"/.test.$$ +} + +: ${wipe_tmp:=${WIPE_TMP:-yes}} +: ${log_dmesg:=${LOG_DMESG:-yes}} + +cleanup_tmp_dir() +{ + local dir="$1" + + if ! [ -d "$dir" ]; then + mkdir -p "$dir" || return $? + fi + dir_writeable "$dir" || return 1 + chmod a+rwt "$dir" 2> /dev/null + cd "$dir" || return 1 + if yesno $wipe_tmp; then + ebegin "Wiping $dir directory" + + # Faster than raw find + if ! rm -rf -- [^ajlq\.]* 2>/dev/null ; then + # Blah, too many files + find . -maxdepth 1 -name '[^ajlq\.]*' -exec rm -rf -- {} + + fi + + # pam_mktemp creates a .private directory within which + # each user gets a private directory with immutable + # bit set; remove the immutable bit before trying to + # remove it. + [ -d /tmp/.private ] && chattr -R -a /tmp/.private 2> /dev/null + + # Prune the paths that are left + find . -maxdepth 1 \ + ! -name . \ + ! -name lost+found \ + ! -name quota.user \ + ! -name aquota.user \ + ! -name quota.group \ + ! -name aquota.group \ + ! -name journal \ + -exec rm -rf -- {} + + eend 0 + else + ebegin "Cleaning $dir directory" + rm -rf -- .X*-lock esrv* kio* \ + jpsock.* .fam* .esd* \ + orbit-* ssh-* ksocket-* \ + .*-unix + eend 0 + fi +} + +mkutmp() +{ + : >"$1" + # Not all systems have the utmp group + chgrp utmp "$1" 2>/dev/null + chmod 0664 "$1" +} + +start() +{ + # Remove any added console dirs + rm -rf "$RC_LIBEXECDIR"/console/* + + local logw=false runw=false extra= + # Ensure that our basic dirs exist + [ "$RC_UNAME" = Linux ] && extra=/var/lib/misc # Satisfy Linux FHS + for x in /var/log /var/run /tmp $extra; do + if ! [ -d $x ]; then + if ! mkdir -p $x; then + eend 1 "failed to create needed directory $x" + return 1 + fi + fi + done + + if dir_writeable /var/run; then + ebegin "Creating user login records" + local xtra= + [ "$RC_UNAME" = NetBSD ] && xtra=x + for x in "" $xtra; do + mkutmp /var/run/utmp$x + done + [ -e /var/log/wtmp ] || mkutmp /var/log/wtmp + eend 0 + + ebegin "Cleaning /var/run" + for x in $(find /var/run ! -type d ! -name utmp \ + ! -name random-seed ! -name dev.db \ + ! -name ld-elf.so.hints ! -name ld.so.hints); + do + # Clean stale sockets + if [ -S "$x" ]; then + if type fuser >/dev/null 2>&1; then + fuser "$x" >/dev/null 2>&1 || rm -- "$x" + else + rm -- "$x" + fi + fi + [ ! -f "$x" ] && continue + # Do not remove pidfiles of already running daemons + case "$x" in + *.pid) + start-stop-daemon --test --quiet \ + --stop --pidfile "$x" && continue + ;; + esac + rm -f -- "$x" + done + eend 0 + fi + + # Clean up /tmp directories + local tmp= + for tmp in ${clean_tmp_dirs:-${wipe_tmp_dirs-/tmp}}; do + cleanup_tmp_dir "$tmp" + done + + if dir_writeable /tmp; then + # Make sure our X11 stuff have the correct permissions + # Omit the chown as bootmisc is run before network is up + # and users may be using lame LDAP auth #139411 + rm -rf /tmp/.ICE-unix /tmp/.X11-unix + mkdir -p /tmp/.ICE-unix /tmp/.X11-unix + chmod 1777 /tmp/.ICE-unix /tmp/.X11-unix + if [ -x /sbin/restorecon ]; then + restorecon /tmp/.ICE-unix /tmp/.X11-unix + fi + fi + + if yesno $log_dmesg; then + if $logw || dir_writeable /var/log; then + # Create an 'after-boot' dmesg log + if [ "$RC_SYS" != VSERVER -a "$RC_SYS" != OPENVZ ]; then + dmesg > /var/log/dmesg + chmod 640 /var/log/dmesg + fi + fi + fi + + [ -w /etc/nologin ] && rm -f /etc/nologin + return 0 +} + +stop() +{ + # Write a halt record if we're shutting down + if [ "$RC_RUNLEVEL" = shutdown ]; then + [ "$RC_UNAME" = Linux ] && halt -w + if [ "$RC_SYS" = OPENVZ ]; then + yesno $RC_REBOOT && printf "" >/reboot + fi + fi + + return 0 +} diff --git a/init.d/clamd b/init.d/clamd new file mode 100755 index 0000000..62fd053 --- /dev/null +++ b/init.d/clamd @@ -0,0 +1,102 @@ +#!/sbin/runscript +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-antivirus/clamav/files/clamd.rc,v 1.17 2009/06/21 09:46:12 dertobi123 Exp $ + +opts="logfix" + +depend() { + use net + provide antivirus +} + +start() { + local clamd_socket=`awk '$1 == "LocalSocket" { print $2 }' /etc/clamd.conf` + + logfix + + if [ "${START_CLAMD}" = "yes" ]; then + if [ -S "${clamd_socket:-/tmp/clamd}" ]; then + rm -f ${clamd_socket:-/tmp/clamd} + fi + ebegin "Starting clamd" + start-stop-daemon --start --quiet \ + --nicelevel ${CLAMD_NICELEVEL:-0} \ + --exec /usr/sbin/clamd + eend $? "Failed to start clamd" + fi + + if [ "${START_FRESHCLAM}" = "yes" ]; then + ebegin "Starting freshclam" + start-stop-daemon --start --quiet \ + --nicelevel ${FRESHCLAM_NICELEVEL:-0} \ + --exec /usr/bin/freshclam -- -d + retcode=$? + if [ ${retcode} = 1 ]; then + eend 0 + einfo "Virus databases are already up to date." + else + eend ${retcode} "Failed to start freshclam" + fi + fi + + if [ "${START_MILTER}" = "yes" ]; then + if [ -z "${MILTER_CONF_FILE}" ]; then + MILTER_CONF_FILE="/etc/clamav-milter.conf" + fi + + ebegin "Starting clamav-milter" + start-stop-daemon --start --quiet \ + --nicelevel ${MILTER_NICELEVEL:-0} \ + --exec /usr/sbin/clamav-milter -- -c ${MILTER_CONF_FILE} + eend $? "Failed to start clamav-milter" + fi +} + +stop() { + if [ "${START_CLAMD}" = "yes" ]; then + ebegin "Stopping clamd" + start-stop-daemon --stop --quiet --name clamd + eend $? "Failed to stop clamd" + fi + if [ "${START_FRESHCLAM}" = "yes" ]; then + ebegin "Stopping freshclam" + start-stop-daemon --stop --quiet --name freshclam + eend $? "Failed to stop freshclam" + fi + if [ "${START_MILTER}" = "yes" ]; then + ebegin "Stopping clamav-milter" + start-stop-daemon --stop --quiet --name clamav-milter + eend $? "Failed to stop clamav-milter" + fi +} + +logfix() { + if [ "${START_CLAMD}" = "yes" ]; then + # fix clamd log permissions + # (might be clobbered by logrotate or something) + local logfile=`awk '$1 == "LogFile" { print $2 }' /etc/clamd.conf` + local clamav_user=`awk '$1 == "User" { print $2 }' /etc/clamd.conf` + if [ -n "${logfile}" ] && [ -n "${clamav_user}" ]; then + if [ ! -f "${logfile}" ]; then + touch ${logfile} + fi + chown ${clamav_user} ${logfile} + chmod 640 ${logfile} + fi + fi + + if [ "${START_FRESHCLAM}" = "yes" ]; then + # fix freshclam log permissions + # (might be clobbered by logrotate or something) + logfile=`awk '$1 == "UpdateLogFile" { print $2 }' /etc/freshclam.conf` + local freshclam_user=`awk '$1 == "DatabaseOwner" { print $2 }' /etc/freshclam.conf` + if [ -n "${logfile}" -a -n "${clamav_user}" ]; then + if [ ! -f "${logfile}" ]; then + touch ${logfile} + fi + chown ${freshclam_user} ${logfile} + chmod 640 ${logfile} + fi + fi +} diff --git a/init.d/consolefont b/init.d/consolefont new file mode 100755 index 0000000..ca9ee31 --- /dev/null +++ b/init.d/consolefont @@ -0,0 +1,67 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Sets a font for the consoles." + +depend() +{ + need localmount termencoding + after hotplug bootmisc + keyword -openvz -prefix -uml -vserver -xenu -lxc +} + +start() +{ + ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}} + consolefont=${consolefont:-${CONSOLEFONT}} + unicodemap=${unicodemap:-${UNICODEMAP}} + consoletranslation=${consoletranslation:-${CONSOLETRANSLATION}} + + if [ -z "$consolefont" ]; then + ebegin "Using the default console font" + eend 0 + return 0 + fi + + if [ "$ttyn" = 0 ]; then + ebegin "Skipping font setup (rc_tty_number == 0)" + eend 0 + return 0 + fi + + local x= param= sf_param= retval=0 ttydev=/dev/tty + + # Get additional parameters + if [ -n "$consoletranslation" ]; then + param="$param -m $consoletranslation" + fi + if [ -n "${unicodemap}" ]; then + param="$param -u $unicodemap" + fi + + # Set the console font + ebegin "Setting console font [$consolefont]" + [ -d /dev/vc ] && ttydev=/dev/vc/ + x=1 + while [ $x -le $ttyn ]; do + if ! setfont $consolefont $param -C $ttydev$x >/dev/null; then + retval=1 + break + fi + x=$(($x + 1)) + done + eend $retval + + # Store the last font so we can use it ASAP on boot + if [ $retval -eq 0 -a -w "$RC_LIBEXECDIR" ]; then + mkdir -p "$RC_LIBEXECDIR"/console + for font in /usr/share/consolefonts/"$consolefont".*; do + : + done + cp "$font" "$RC_LIBEXECDIR"/console + echo "${font##*/}" >"$RC_LIBEXECDIR"/console/font + fi + + return $retval +} diff --git a/init.d/courier-authlib b/init.d/courier-authlib new file mode 100755 index 0000000..10bb8b6 --- /dev/null +++ b/init.d/courier-authlib @@ -0,0 +1,41 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-libs/courier-authlib/files/courier-authlib-r1,v 1.1 2010/10/10 18:35:37 hanno Exp $ + +depend() { + need net + provide authdaemond +} + +checkconfig() { + if [ ! -e /etc/courier/authlib/authdaemonrc ] ; then + eerror "You need an /etc/courier/authlib/authdaemonrc file to run authdaemon" + return 1 + fi +} + +setauth() { + . /etc/courier/authlib/authdaemonrc + AUTHLIB="/usr/lib/courier/courier-authlib" + AUTHDAEMOND="authdaemond" + pidfile="/var/run/authdaemon.pid" + logger="/usr/sbin/courierlogger" + export DEBUG_LOGIN DEFAULTOPTIONS LOGGEROPTS +} + +start() { + checkconfig || return 1 + setauth + ebegin "Starting courier-authlib: ${AUTHDAEMOND}" + start-stop-daemon --quiet --start --pidfile "${pidfile}" --exec \ + /usr/bin/env ${logger} -- ${LOGGEROPTS} -pid="${pidfile}" -start "${AUTHLIB}/${AUTHDAEMOND}" + eend $? +} + +stop() { + setauth + ebegin "Stopping courier-authlib: ${AUTHDAEMOND}" + start-stop-daemon --quiet --stop --pidfile "${pidfile}" + eend $? +} diff --git a/init.d/courier-imapd b/init.d/courier-imapd new file mode 100755 index 0000000..424961b --- /dev/null +++ b/init.d/courier-imapd @@ -0,0 +1,36 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-mail/courier-imap/files/courier-imap-4.0.6-r1-courier-imapd.rc6,v 1.2 2007/04/07 01:08:00 chtekk Exp $ + +depend() { + need net courier-authlib + use famd +} + +source /etc/courier-imap/imapd + +checkconfig() { + if [[ ! -e /etc/courier-imap/imapd ]] ; then + eerror "You need an /etc/courier-imap/imapd file to run courier-imapd" + return 1 + fi + source /etc/courier-imap/imapd || { + eerror "There are syntax errors in /etc/courier-imap/imapd" + eerror "Please correct them before trying to start courier-imapd" + return 2 + } +} + +start() { + checkconfig || return 1 + ebegin "Starting courier-imapd" + /usr/bin/env - /usr/lib64/courier-imap/gentoo-imapd.rc --pid=${PIDFILE} + eend $? +} + +stop() { + ebegin "Stopping courier-imapd" + start-stop-daemon --quiet --stop --pid=${PIDFILE} + eend $? +} diff --git a/init.d/courier-imapd-ssl b/init.d/courier-imapd-ssl new file mode 100755 index 0000000..9455463 --- /dev/null +++ b/init.d/courier-imapd-ssl @@ -0,0 +1,41 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-mail/courier-imap/files/courier-imap-4.0.6-r1-courier-imapd-ssl.rc6,v 1.2 2007/04/07 01:08:00 chtekk Exp $ + +depend() { + need net courier-authlib + use famd +} + +source /etc/courier-imap/imapd-ssl + +checkconfig() { + if [[ ! -e /etc/courier-imap/imapd-ssl ]] ; then + eerror "You need an /etc/courier-imap/imapd-ssl file to run courier-imapd-ssl" + return 1 + fi + source /etc/courier-imap/imapd-ssl || { + eerror "There are syntax errors in /etc/courier-imap/imapd-ssl" + eerror "Please correct them before trying to start courier-imapd-ssl" + return 3 + } + if [[ ! -e "${TLS_CERTFILE}" ]] ; then + eerror "You need to create a SSL certificate to use IMAP over SSL" + eerror "Edit /etc/courier-imap/imapd.cnf, then run: mkimapdcert" + return 2 + fi +} + +start() { + checkconfig || return 1 + ebegin "Starting courier-imapd over SSL" + /usr/bin/env - /usr/lib64/courier-imap/gentoo-imapd-ssl.rc --pid=${SSLPIDFILE} + eend $? +} + +stop() { + ebegin "Stopping courier-imapd over SSL" + start-stop-daemon --quiet --stop --pid=${SSLPIDFILE} + eend $? +} diff --git a/init.d/courier-pop3d b/init.d/courier-pop3d new file mode 100755 index 0000000..821f4a5 --- /dev/null +++ b/init.d/courier-pop3d @@ -0,0 +1,36 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-mail/courier-imap/files/courier-imap-4.0.6-r1-courier-pop3d.rc6,v 1.2 2007/04/07 01:08:00 chtekk Exp $ + +depend() { + need net courier-authlib + use famd +} + +source /etc/courier-imap/pop3d + +checkconfig() { + if [[ ! -e /etc/courier-imap/pop3d ]] ; then + eerror "You need an /etc/courier-imap/pop3d file to run courier-pop3d" + return 1 + fi + source /etc/courier-imap/pop3d || { + eerror "There are syntax errors in /etc/courier-imap/pop3d" + eerror "Please correct them before trying to start courier-pop3d" + return 2 + } +} + +start() { + checkconfig || return 1 + ebegin "Starting courier-pop3d" + /usr/bin/env - /usr/lib64/courier-imap/gentoo-pop3d.rc --pidfile ${PIDFILE} + eend $? +} + +stop() { + ebegin "Stopping courier-pop3d" + start-stop-daemon --quiet --stop --pidfile ${PIDFILE} + eend $? +} diff --git a/init.d/courier-pop3d-ssl b/init.d/courier-pop3d-ssl new file mode 100755 index 0000000..53703af --- /dev/null +++ b/init.d/courier-pop3d-ssl @@ -0,0 +1,41 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-mail/courier-imap/files/courier-imap-4.0.6-r1-courier-pop3d-ssl.rc6,v 1.2 2007/04/07 01:08:00 chtekk Exp $ + +depend() { + need net courier-authlib + use famd +} + +source /etc/courier-imap/pop3d-ssl + +checkconfig() { + if [[ ! -e /etc/courier-imap/pop3d-ssl ]] ; then + eerror "You need an /etc/courier-imap/pop3d-ssl file to run courier-pop3d-ssl" + return 1 + fi + source /etc/courier-imap/pop3d-ssl || { + eerror "There are syntax errors in /etc/courier-imap/pop3d-ssl" + eerror "Please correct them before trying to start courier-pop3d-ssl" + return 3 + } + if [[ ! -e "${TLS_CERTFILE}" ]] ; then + eerror "You need to create a SSL certificate to use POP3 over SSL" + eerror "Edit /etc/courier-imap/pop3d.cnf, then run: mkpop3dcert" + return 2 + fi +} + +start() { + checkconfig || return 1 + ebegin "Starting courier-pop3d over SSL" + /usr/bin/env - /usr/lib64/courier-imap/gentoo-pop3d-ssl.rc --pidfile ${SSLPIDFILE} + eend $? +} + +stop() { + ebegin "Stopping courier-pop3d over SSL" + start-stop-daemon --quiet --stop --pidfile ${SSLPIDFILE} + eend $? +} diff --git a/init.d/crypto-loop b/init.d/crypto-loop new file mode 100755 index 0000000..853bae2 --- /dev/null +++ b/init.d/crypto-loop @@ -0,0 +1,70 @@ +#!/sbin/runscript +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/util-linux/files/crypto-loop.initd,v 1.4 2008/10/26 03:16:48 vapier Exp $ + +depend() { + if [ -x /etc/init.d/root ]; then + need root + else + need checkroot + fi + need modules + before localmount +} + +start() { + local status="0" + + ebegin "Starting crypto loop devices" + + if [ -e /etc/conf.d/crypto-loop ] ; then + egrep "^loop" /etc/conf.d/crypto-loop | \ + while read loopline ; do + eval ${loopline} + + local configured=$(awk -v MOUNT="${device}" \ + '($2 == MOUNT) { print "yes" }' /proc/mounts) + + if [ "${configured}" != "yes" ] ; then + einfo " Loop ${loop} on device ${device} (cipher ${cipher}, key size ${keysize}): " + + if [ -n "${hash}" ] ; then + /usr/sbin/hashalot -n ${keysize} ${hash} /dev/null) ; do + losetup ${loop} > /dev/null 2>&1 + if [ $? -eq 0 ] ; then + ( umount ${loop} || swapoff "${loop}" ) >/dev/null 2>&1 + if ! /sbin/losetup -d ${loop} > /dev/null 2>&1; then + ewarn "Failure deconfiguring ${loop}." + status=1 + fi + fi + done + ewend ${status} +} + + +# vim:ts=4 diff --git a/init.d/cupsd b/init.d/cupsd new file mode 100755 index 0000000..f59e27b --- /dev/null +++ b/init.d/cupsd @@ -0,0 +1,20 @@ +#!/sbin/runscript + +depend() { + use net + need dbus + before nfs + after logger +} + +start() { + ebegin "Starting cupsd" + start-stop-daemon --start --quiet --exec /usr/sbin/cupsd + eend $? +} + +stop() { + ebegin "Stopping cupsd" + start-stop-daemon --stop --quiet --exec /usr/sbin/cupsd + eend $? +} diff --git a/init.d/dbus b/init.d/dbus new file mode 100755 index 0000000..502f40f --- /dev/null +++ b/init.d/dbus @@ -0,0 +1,51 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later +# $Header: /var/cvsroot/gentoo-x86/sys-apps/dbus/files/dbus.init-1.0,v 1.5 2011/09/23 12:45:03 polynomial-c Exp $ + +extra_started_commands="reload" + +depend() { + need localmount + after bootmisc +} + +start() { + ebegin "Starting D-BUS system messagebus" + + /usr/bin/dbus-uuidgen --ensure + + # We need to test if /var/run/dbus exists, since script will fail if it does not + [ ! -e /var/run/dbus ] && mkdir /var/run/dbus + + start-stop-daemon --start --pidfile /var/run/dbus.pid --exec /usr/bin/dbus-daemon -- --system + eend $? +} + +stop() { + local retval + + ebegin "Stopping D-BUS system messagebus" + + start-stop-daemon --stop --pidfile /var/run/dbus.pid + retval=$? + + eend ${retval} + + [ -S /var/run/dbus/system_bus_socket ] && rm -f /var/run/dbus/system_bus_socket + + return ${retval} +} + +reload() { + local retval + + ebegin "Reloading D-BUS messagebus config" + + /usr/bin/dbus-send --print-reply --system --type=method_call \ + --dest=org.freedesktop.DBus \ + / org.freedesktop.DBus.ReloadConfig > /dev/null + retval=$? + eend ${retval} + return ${retval} +} diff --git a/init.d/devfs b/init.d/devfs new file mode 100755 index 0000000..5f5fb31 --- /dev/null +++ b/init.d/devfs @@ -0,0 +1,36 @@ +#!/sbin/runscript +# Copyright (c) 2007-2008 Roy Marples +# Released under the 2-clause BSD license. + +description="Mount system critical filesystems in /dev." + +depend() { + use dev + keyword -prefix -vserver +} + +start() { + # Mount required stuff as user may not have then in /etc/fstab + for x in \ + "devpts /dev/pts 0755 ,gid=5,mode=0620 devpts" \ + "tmpfs /dev/shm 1777 ,nodev shm" \ + ; do + set -- $x + grep -Eq "[[:space:]]+$1$" /proc/filesystems || continue + mountinfo -q $2 && continue + + if [ ! -d $2 ]; then + mkdir -m $3 -p $2 >/dev/null 2>&1 || \ + ewarn "Could not create $2!" + fi + + if [ -d $2 ]; then + ebegin "Mounting $2" + if ! fstabinfo --mount $2; then + mount -n -t $1 -o noexec,nosuid$4 $5 $2 + fi + eend $? + fi + done + return 0 +} diff --git a/init.d/device-mapper b/init.d/device-mapper new file mode 100755 index 0000000..0b62d66 --- /dev/null +++ b/init.d/device-mapper @@ -0,0 +1,30 @@ +#!/sbin/runscript +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/lvm2/files/device-mapper.rc-2.02.67-r1,v 1.1 2010/06/09 22:41:45 robbat2 Exp $ + +depend() { + # necessary for services when using baselayout-2 + # but conflict for baselayout-1 + if [ -e /etc/init.d/root ] ; then + before checkfs fsck + after modules + fi + # As of .67-r1, we call ALL lvm start/stop scripts with --sysinit, that + # means dmeventd is NOT notified, as it cannot be safely running + before dmeventd +} + +start() { + if [ ! -e /etc/init.d/root ] ; then + eerror "The ${SVCNAME} init script is written for baselayout-2" + eerror "Please do not use it with baselayout-1" + return 1 + fi + + local f=/lib64/rcscripts/addons/dm-start.sh + if [ -r "$f" ]; then + ( . "$f" ) + fi +} + diff --git a/init.d/dhcpcd b/init.d/dhcpcd new file mode 100755 index 0000000..5d350c0 --- /dev/null +++ b/init.d/dhcpcd @@ -0,0 +1,27 @@ +#!/sbin/runscript +# Copyright 1999-2011 Roy Marples +# All rights reserved. Released under the 2-clause BSD license. + +command=/sbin/dhcpcd +pidfile=/var/run/dhcpcd.pid +command_args=-q +name="DHCP Client Daemon" + +depend() +{ + if [ "${RC_VERSION:-0}" != "0" ]; then + provide net + need localmount + use logger network + after bootmisc modules + before dns + fi +} + +if [ "${RC_VERSION:-0}" = "0" ]; then + start() + { + eerror "This script cannot be used for baselayout-1." + return 1 + } +fi diff --git a/init.d/dmesg b/init.d/dmesg new file mode 100755 index 0000000..d120383 --- /dev/null +++ b/init.d/dmesg @@ -0,0 +1,18 @@ +#!/sbin/runscript +# Copyright (c) 2007-2008 Roy Marples +# Released under the 2-clause BSD license. + +description="Set the dmesg level for a cleaner boot" + +depend() +{ + before dev modules + keyword -vserver +} + +start() +{ + if [ -n "$dmesg_level" ]; then + dmesg -n$dmesg_level + fi +} diff --git a/init.d/dmeventd b/init.d/dmeventd new file mode 100755 index 0000000..1b8ebe6 --- /dev/null +++ b/init.d/dmeventd @@ -0,0 +1,23 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/lvm2/files/dmeventd.initd-2.02.67-r1,v 1.1 2010/06/09 22:41:45 robbat2 Exp $ + +depend() { + # As of .67-r1, we call ALL lvm start/stop scripts with --sysinit, that + # means dmeventd is NOT notified, as it cannot be safely running + after lvm device-mapper +} + +start() { + ebegin "Starting dmeventd" + start-stop-daemon --start --exec /sbin/dmeventd --pidfile /var/run/dmeventd.pid + eend $? +} + +stop() { + ebegin "Stopping dmeventd" + start-stop-daemon --stop --exec /sbin/dmeventd --pidfile /var/run/dmeventd.pid + eend $? +} + diff --git a/init.d/fancontrol b/init.d/fancontrol new file mode 100755 index 0000000..fb163ab --- /dev/null +++ b/init.d/fancontrol @@ -0,0 +1,33 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/lm_sensors/files/fancontrol-init.d,v 1.1 2007/05/17 07:31:41 phreak Exp $ + +CONFIG=/etc/fancontrol +PID=/var/run/fancontrol.pid + +depend() { + after lm_sensors +} + +checkconfig() { + if [ ! -f ${CONFIG} ]; then + eerror "Configuration file ${CONFIG} not found" + return 1 + fi +} + +start() { + checkconfig || return 1 + + ebegin "Starting fancontrol" + start-stop-daemon --start --quiet --background --pidfile ${PID} \ + --exec /usr/sbin/fancontrol -- ${CONFIG} + eend ${?} +} + +stop() { + ebegin "Stopping fancontrol" + start-stop-daemon --stop --pidfile ${PID} + eend ${?} +} diff --git a/init.d/fsck b/init.d/fsck new file mode 100755 index 0000000..3960553 --- /dev/null +++ b/init.d/fsck @@ -0,0 +1,109 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Check and repair filesystems according to /etc/fstab" +_IFS=" +" + +depend() +{ + use dev clock modules + keyword -jail -openvz -prefix -timeout -vserver -lxc +} + +_abort() { + rc-abort + return 1 +} + +# We should only reboot when first booting +_reboot() { + if [ "$RC_RUNLEVEL" = "$RC_BOOTLEVEL" ]; then + reboot "$@" + _abort || return 1 + fi +} + +_forcefsck() +{ + [ -e /forcefsck ] || get_bootparam forcefsck +} + +start() +{ + local fsck_opts= p= check_extra= + + if [ -e /fastboot ]; then + ewarn "Skipping fsck due to /fastboot" + return 0 + fi + if _forcefsck; then + fsck_opts="$fsck_opts -f" + check_extra="(check forced)" + elif ! yesno ${fsck_on_battery:-YES} && ! on_ac_power; then + ewarn "Skipping fsck due to not being on AC power" + return 0 + fi + + if [ -n "$fsck_passno" ]; then + check_extra="[passno $fsck_passno] $check_extra" + fi + ebegin "Checking local filesystems $check_extra" + for p in $fsck_passno; do + local IFS="$_IFS" + case "$p" in + [0-9]*) p="=$p";; + esac + set -- "$@" $(fstabinfo --passno "$p") + unset IFS + done + + if [ "$RC_UNAME" = Linux ]; then + fsck_opts="$fsck_opts -C0 -T" + if [ -z "$fsck_passno" ]; then + fsck_args=${fsck_args--A -p} + if echo 2>/dev/null >/.test.$$; then + rm -f /.test.$$ + fsck_opts="$fsck_opts -R" + fi + fi + fi + + trap : INT QUIT + fsck ${fsck_args--p} $fsck_opts "$@" + case $? in + 0) eend 0; return 0;; + 1) ewend 1 "Filesystems repaired"; return 0;; + 2|3) if [ "$RC_UNAME" = Linux ]; then + ewend 1 "Filesystems repaired, but reboot needed" + _reboot -f + else + ewend 1 "Filesystems still have errors;" \ + "manual fsck required" + _abort + fi;; + 4) if [ "$RC_UNAME" = Linux ]; then + ewend 1 "Fileystem errors left uncorrected, aborting" + _abort + else + ewend 1 "Filesystems repaired, but reboot needed" + _reboot + fi;; + 8) ewend 1 "Operational error"; return 0;; + 12) ewend 1 "fsck interupted";; + *) eend 2 "Filesystems couldn't be fixed";; + esac + _abort || return 1 +} + +stop() +{ + # Fake function so we always shutdown correctly. + _abort() { return 0; } + _reboot() { return 0; } + _forcefsck() { return 1; } + + yesno $fsck_shutdown && start + return 0 +} diff --git a/init.d/functions.sh b/init.d/functions.sh new file mode 120000 index 0000000..7d400a6 --- /dev/null +++ b/init.d/functions.sh @@ -0,0 +1 @@ +/lib64/rc/sh/functions.sh \ No newline at end of file diff --git a/init.d/git-daemon b/init.d/git-daemon new file mode 100755 index 0000000..c6ee19f --- /dev/null +++ b/init.d/git-daemon @@ -0,0 +1,30 @@ +#!/sbin/runscript +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-vcs/git/files/git-daemon.initd,v 1.1 2010/03/17 15:13:27 sping Exp $ + +PIDFILE=/var/run/git-daemon.pid + +depend() { + need net + use logger +} + +start() { + [ -e /lib/librc.so ] || BL1_COMPAT="--name git-daemon" + ebegin "Starting git-daemon" + start-stop-daemon --start --quiet --background \ + --pidfile ${PIDFILE} ${BL1_COMPAT} \ + --exec /usr/bin/git -- daemon \ + --pid-file=${PIDFILE} \ + --user=${GIT_USER} --group=${GIT_GROUP} \ + ${GITDAEMON_OPTS} + eend $? +} + +stop() { + ebegin "Stopping git-daemon" + start-stop-daemon --stop --quiet \ + --pidfile ${PIDFILE} + eend $? +} diff --git a/init.d/gpm b/init.d/gpm new file mode 100755 index 0000000..4792620 --- /dev/null +++ b/init.d/gpm @@ -0,0 +1,38 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/gpm/files/gpm.rc6,v 1.12 2004/07/15 01:02:02 agriffis Exp $ + +#NB: Config is in /etc/conf.d/gpm + +depend() { + need localmount + use hotplug logger +} + +checkconfig() { + if [ -z "$MOUSEDEV" ] || [ -z "$MOUSE" ] ; then + eerror "You need to setup MOUSEDEV and MOUSE in /etc/conf.d/gpm first" + return 1 + fi +} + +start() { + checkconfig || return 1 + + local params="" + [ -n "$RESPONSIVENESS" ] && params="$params -r $RESPONSIVENESS" + [ -n "$REPEAT_TYPE" ] && params="$params -R$REPEAT_TYPE" + [ -n "$APPEND" ] && params="$params $APPEND " + + ebegin "Starting gpm" + start-stop-daemon --start --quiet --exec /usr/sbin/gpm \ + -- -m ${MOUSEDEV} -t ${MOUSE} ${params} + eend ${?} +} + +stop() { + ebegin "Stopping gpm" + start-stop-daemon --stop --quiet --pidfile /var/run/gpm.pid + eend ${?} +} diff --git a/init.d/hostname b/init.d/hostname new file mode 100755 index 0000000..9bd2c7d --- /dev/null +++ b/init.d/hostname @@ -0,0 +1,17 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Sets the hostname of the machine." + +depend() { + keyword -prefix -lxc +} + +start() +{ + hostname=${hostname-${HOSTNAME-localhost}} + ebegin "Setting hostname to $hostname" + hostname "$hostname" + eend $? "Failed to set the hostname" +} diff --git a/init.d/hwclock b/init.d/hwclock new file mode 100755 index 0000000..20a9859 --- /dev/null +++ b/init.d/hwclock @@ -0,0 +1,146 @@ +#!/sbin/runscript +# Copyright (c) 2007-2008 Roy Marples +# Released under the 2-clause BSD license. + +extra_commands="save show" + +description="Sets the local clock to UTC or Local Time." +description_save="Saves the current time in the BIOS." +description_show="Displays the current time in the BIOS." + +: ${clock_adjfile:=${CLOCK_ADJFILE}} +: ${clock_args:=${CLOCK_OPTS}} +: ${clock_systohc:=${CLOCK_SYSTOHC}} +: ${clock:=${CLOCK:-UTC}} +if [ "$clock" = "UTC" ]; then + utc="UTC" + utc_cmd="--utc" +else + utc="Local Time" + utc_cmd="--localtime" +fi + +depend() +{ + provide clock + if yesno $clock_adjfile; then + use root + else + before * + fi + keyword -openvz -prefix -uml -vserver -xenu -lxc +} + +setupopts() +{ + case "$(uname -m)" in + s390*) + utc="s390" + ;; + *) + if [ -e /proc/devices ] && \ + grep -q " cobd$" /proc/devices + then + utc="coLinux" + fi + ;; + esac + + case "$utc" in + UTC|Local" "Time);; + *) unset utc_cmd;; + esac +} + +# hwclock doesn't always return non zero on error +_hwclock() +{ + local err="$(hwclock "$@" 2>&1 >/dev/null)" + + [ -z "$err" ] && return 0 + echo "${err}" >&2 + return 1 +} + +start() +{ + local retval=0 errstr="" + setupopts + + if [ -z "$utc_cmd" ]; then + ewarn "Not setting clock for $utc system" + return 0 + fi + + ebegin "Setting system clock using the hardware clock [$utc]" + if [ -e /proc/modules ]; then + local rtc= + for rtc in /dev/rtc /dev/rtc[0-9]*; do + [ -e "$rtc" ] && break + done + if [ ! -e "${rtc}" ]; then + modprobe -q rtc-cmos || modprobe -q rtc || modprobe -q genrtc + fi + fi + + if [ -e /etc/adjtime ] && yesno $clock_adjfile; then + _hwclock --adjust $utc_cmd + retval=$(($retval + $?)) + fi + + # If setting UTC, don't bother to run hwclock when first booting + # as that's the default + if [ "$PREVLEVEL" != N -o \ + "$utc_cmd" != --utc -o \ + -n "$clock_args" ]; + then + if yesno $clock_hctosys; then + _hwclock --hctosys $utc_cmd $clock_args + else + _hwclock --systz $utc_cmd $clock_args + fi + retval=$(($retval + $?)) + fi + + eend $retval "Failed to set the system clock" + + return 0 +} + +stop() +{ + # Don't tweak the hardware clock on LiveCD halt. + [ -n "$CDBOOT" ] && return 0 + yesno $clock_systohc || return 0 + + local retval=0 errstr="" + setupopts + + [ -z "$utc_cmd" ] && return 0 + + ebegin "Setting hardware clock using the system clock" "[$utc]" + + if ! yesno $clock_adjfile; then + # Some implementations don't handle adjustments + if LC_ALL=C hwclock --help 2>&1 | grep -q "\-\-noadjfile"; then + utc_cmd="$utc_cmd --noadjfile" + fi + fi + + _hwclock --systohc $utc_cmd $clock_args + retval=$? + + eend $retval "Failed to sync clocks" +} + +save() +{ + clock_systohc=yes + stop +} + +show() +{ + setupopts + hwclock --show "$utc_cmd" $clock_args +} diff --git a/init.d/ip6tables b/init.d/ip6tables new file mode 100755 index 0000000..16b53ef --- /dev/null +++ b/init.d/ip6tables @@ -0,0 +1,116 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.4.11.init,v 1.1 2011/06/16 12:53:26 pva Exp $ + +opts="save reload panic" + +iptables_name=${SVCNAME} +if [ "${iptables_name}" != "iptables" -a "${iptables_name}" != "ip6tables" ] ; then + iptables_name="iptables" +fi + +iptables_bin="/sbin/${iptables_name}" +case ${iptables_name} in + iptables) iptables_proc="/proc/net/ip_tables_names" + iptables_save=${IPTABLES_SAVE};; + ip6tables) iptables_proc="/proc/net/ip6_tables_names" + iptables_save=${IP6TABLES_SAVE};; +esac + +depend() { + before net + use logger +} + +set_table_policy() { + local chains table=$1 policy=$2 + case ${table} in + nat) chains="PREROUTING POSTROUTING OUTPUT";; + mangle) chains="PREROUTING INPUT FORWARD OUTPUT POSTROUTING";; + filter) chains="INPUT FORWARD OUTPUT";; + *) chains="";; + esac + local chain + for chain in ${chains} ; do + ${iptables_bin} -t ${table} -P ${chain} ${policy} + done +} + +checkkernel() { + if [ ! -e ${iptables_proc} ] ; then + eerror "Your kernel lacks ${iptables_name} support, please load" + eerror "appropriate modules and try again." + return 1 + fi + return 0 +} +checkconfig() { + if [ ! -f ${iptables_save} ] ; then + eerror "Not starting ${iptables_name}. First create some rules then run:" + eerror "/etc/init.d/${iptables_name} save" + return 1 + fi + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Loading ${iptables_name} state and starting firewall" + ${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}" + eend $? +} + +stop() { + if [ "${SAVE_ON_STOP}" = "yes" ] ; then + save || return 1 + fi + checkkernel || return 1 + ebegin "Stopping firewall" + local a + for a in $(cat ${iptables_proc}) ; do + set_table_policy $a ACCEPT + + ${iptables_bin} -F -t $a + ${iptables_bin} -X -t $a + done + eend $? +} + +reload() { + checkkernel || return 1 + ebegin "Flushing firewall" + local a + for a in $(cat ${iptables_proc}) ; do + ${iptables_bin} -F -t $a + ${iptables_bin} -X -t $a + done + eend $? + + start +} + +save() { + ebegin "Saving ${iptables_name} state" + touch "${iptables_save}" + chmod 0600 "${iptables_save}" + ${iptables_bin}-save ${SAVE_RESTORE_OPTIONS} > "${iptables_save}" + eend $? +} + +panic() { + checkkernel || return 1 + if service_started ${iptables_name}; then + rc-service ${iptables_name} stop + fi + + local a + ebegin "Dropping all packets" + for a in $(cat ${iptables_proc}) ; do + ${iptables_bin} -F -t $a + ${iptables_bin} -X -t $a + + set_table_policy $a DROP + done + eend $? +} diff --git a/init.d/iperf b/init.d/iperf new file mode 100755 index 0000000..968257c --- /dev/null +++ b/init.d/iperf @@ -0,0 +1,21 @@ +#!/sbin/runscript +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/iperf/files/iperf.initd,v 1.2 2005/01/23 10:52:13 ka0ttic Exp $ + +depend() { + need net +} + +start() { + ebegin "Starting iperf server" + start-stop-daemon --start --quiet \ + --exec /usr/bin/iperf -- -s -D ${IPERF_OPTS} &>/dev/null + eend $? +} + +stop() { + ebegin "Shutting down iperf server" + start-stop-daemon --stop --quiet --exec /usr/bin/iperf + eend $? +} diff --git a/init.d/iptables b/init.d/iptables new file mode 100755 index 0000000..16b53ef --- /dev/null +++ b/init.d/iptables @@ -0,0 +1,116 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.4.11.init,v 1.1 2011/06/16 12:53:26 pva Exp $ + +opts="save reload panic" + +iptables_name=${SVCNAME} +if [ "${iptables_name}" != "iptables" -a "${iptables_name}" != "ip6tables" ] ; then + iptables_name="iptables" +fi + +iptables_bin="/sbin/${iptables_name}" +case ${iptables_name} in + iptables) iptables_proc="/proc/net/ip_tables_names" + iptables_save=${IPTABLES_SAVE};; + ip6tables) iptables_proc="/proc/net/ip6_tables_names" + iptables_save=${IP6TABLES_SAVE};; +esac + +depend() { + before net + use logger +} + +set_table_policy() { + local chains table=$1 policy=$2 + case ${table} in + nat) chains="PREROUTING POSTROUTING OUTPUT";; + mangle) chains="PREROUTING INPUT FORWARD OUTPUT POSTROUTING";; + filter) chains="INPUT FORWARD OUTPUT";; + *) chains="";; + esac + local chain + for chain in ${chains} ; do + ${iptables_bin} -t ${table} -P ${chain} ${policy} + done +} + +checkkernel() { + if [ ! -e ${iptables_proc} ] ; then + eerror "Your kernel lacks ${iptables_name} support, please load" + eerror "appropriate modules and try again." + return 1 + fi + return 0 +} +checkconfig() { + if [ ! -f ${iptables_save} ] ; then + eerror "Not starting ${iptables_name}. First create some rules then run:" + eerror "/etc/init.d/${iptables_name} save" + return 1 + fi + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Loading ${iptables_name} state and starting firewall" + ${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}" + eend $? +} + +stop() { + if [ "${SAVE_ON_STOP}" = "yes" ] ; then + save || return 1 + fi + checkkernel || return 1 + ebegin "Stopping firewall" + local a + for a in $(cat ${iptables_proc}) ; do + set_table_policy $a ACCEPT + + ${iptables_bin} -F -t $a + ${iptables_bin} -X -t $a + done + eend $? +} + +reload() { + checkkernel || return 1 + ebegin "Flushing firewall" + local a + for a in $(cat ${iptables_proc}) ; do + ${iptables_bin} -F -t $a + ${iptables_bin} -X -t $a + done + eend $? + + start +} + +save() { + ebegin "Saving ${iptables_name} state" + touch "${iptables_save}" + chmod 0600 "${iptables_save}" + ${iptables_bin}-save ${SAVE_RESTORE_OPTIONS} > "${iptables_save}" + eend $? +} + +panic() { + checkkernel || return 1 + if service_started ${iptables_name}; then + rc-service ${iptables_name} stop + fi + + local a + ebegin "Dropping all packets" + for a in $(cat ${iptables_proc}) ; do + ${iptables_bin} -F -t $a + ${iptables_bin} -X -t $a + + set_table_policy $a DROP + done + eend $? +} diff --git a/init.d/keymaps b/init.d/keymaps new file mode 100755 index 0000000..8ab72fd --- /dev/null +++ b/init.d/keymaps @@ -0,0 +1,70 @@ +#!/sbin/runscript +# Copyright (c) 2007-2008 Roy Marples +# Released under the 2-clause BSD license. + +description="Applies a keymap for the consoles." + +depend() +{ + need localmount termencoding + after bootmisc + keyword -openvz -prefix -uml -vserver -xenu -lxc +} + +start() +{ + ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}} + : ${unicode:=$UNICODE} + : ${keymap:=$KEYMAP} + : ${extended_keymaps:=$EXTENDED_KEYMAPS} + : ${windowkeys:=$SET_WINDOWSKEYS} + : ${fix_euro:=$FIX_EURO} + : ${dumpkeys_charset:=${DUMPKEYS_CHARSET}} + + if [ -z "$keymap" ]; then + eerror "You need to setup keymap in /etc/conf.d/keymaps first" + return 1 + fi + + local ttydev=/dev/tty n= + [ -d /dev/vc ] && ttydev=/dev/vc/ + + # Force linux keycodes for PPC. + if [ -f /proc/sys/dev/mac_hid/keyboard_sends_linux_keycodes ]; then + echo 1 > /proc/sys/dev/mac_hid/keyboard_sends_linux_keycodes + fi + + local wkeys= kmode="-a" msg="ASCII" + if yesno $unicode; then + kmode="-u" + msg="UTF-8" + fi + yesno $windowkeys && wkeys="windowkeys" + + # Set terminal encoding to either ASCII or UNICODE. + # See utf-8(7) for more information. + ebegin "Setting keyboard mode [$msg]" + n=1 + while [ $n -le $ttyn ]; do + kbd_mode $kmode -C $ttydev$n + n=$(($n + 1)) + done + eend 0 + + ebegin "Loading key mappings [$keymap]" + loadkeys -q $wkeys $keymap $extended_keymaps + eend $? "Error loading key mappings" || return $? + + if yesno $fix_euro; then + ebegin "Fixing font for euro symbol" + # Fix some fonts displaying the Euro, #173528. + echo "altgr keycode 18 = U+20AC" | loadkeys -q + eend $? + fi + + # Save the keymapping for use immediately at boot + if [ -w "$RC_LIBEXECDIR" ]; then + mkdir -p "$RC_LIBEXECDIR"/console + dumpkeys >"$RC_LIBEXECDIR"/console/keymap + fi +} diff --git a/init.d/killprocs b/init.d/killprocs new file mode 100755 index 0000000..5552b97 --- /dev/null +++ b/init.d/killprocs @@ -0,0 +1,22 @@ +#!/sbin/runscript +# Copyright (c) 2007-2008 Roy Marples +# Released under the 2-clause BSD license. + +description="Kill all processes so we can unmount disks cleanly." + +depend() +{ + keyword -prefix +} + +start() +{ + ebegin "Terminating remaining processes" + killall5 -15 ${killall5_opts} + sleep 1 + eend 0 + ebegin "Killing remaining processes" + killall5 -9 ${killall5_opts} + sleep 1 + eend 0 +} diff --git a/init.d/lm_sensors b/init.d/lm_sensors new file mode 100755 index 0000000..18fb353 --- /dev/null +++ b/init.d/lm_sensors @@ -0,0 +1,105 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/lm_sensors/files/lm_sensors-3-init.d,v 1.1 2008/03/17 07:59:28 dberkholz Exp $ + +checkconfig() { + if [ ! -f /etc/conf.d/lm_sensors ]; then + eerror "/etc/conf.d/lm_sensors does not exist, try running sensors-detect" + return 1 + fi + + if [ "${LOADMODULES}" = "yes" -a -f /proc/modules ]; then + if [ -z "${MODULE_0}" ]; then + eerror "MODULE_0 is not set in /etc/conf.d/lm_sensors, try running sensors-detect" + return 1 + fi + fi +} + +start() { + checkconfig || return 1 + + if [ "${LOADMODULES}" = "yes" -a -f /proc/modules ]; then + einfo "Loading lm_sensors modules..." + + mount | grep sysfs >/dev/null 2>&1 + if [ ${?} = 0 ]; then + if ! ( [ -e /sys/i2c ] || [ -e /sys/bus/i2c ] ); then + ebegin " Loading i2c-core" + modprobe i2c-core >/dev/null 2>&1 + if [ ${?} != 0 ]; then + eerror " Could not load i2c-core!" + eend 1 + fi + ( [ -e /sys/i2c ] || [ -e /sys/bus/i2c ] ) || return 1 + eend 0 + fi + elif ! [ -e /proc/sys/dev/sensors ]; then + ebegin " Loading i2c-proc" + modprobe i2c-proc >/dev/null 2>&1 + if [ ${?} != 0 ]; then + eerror " Could not load i2c-proc!" + eend 1 + fi + [ -e /proc/sys/dev/sensors ] || return 1 + eend 0 + fi + + i=0 + while true; do + module=`eval echo '$'MODULE_${i}` + module_args=`eval echo '$'MODULE_${i}_ARGS` + if [ -z "${module}" ]; then + break + fi + ebegin " Loading ${module}" + modprobe ${module} ${module_args} >/dev/null 2>&1 + eend $? + i=$(($i+1)) + done + fi + + if [ "${INITSENSORS}" = "yes" ]; then + if ! [ -f /etc/sensors3.conf ]; then + eerror "/etc/sensors3.conf does not exist!" + return 1 + fi + + ebegin "Initializing sensors" + /usr/bin/sensors -s >/dev/null 2>&1 + eend ${?} + fi +} + +stop() { + checkconfig || return 1 + + if [ "${LOADMODULES}" = "yes" -a -f /proc/modules ]; then + einfo "Unloading lm_sensors modules..." + + # find the highest possible MODULE_ number + i=0 + while true; do + module=`eval echo '$'MODULE_${i}` + if [ -z "${module}" ] ; then + break + fi + i=$(($i+1)) + done + + while [ ${i} -gt 0 ]; do + i=$(($i-1)) + module=`eval echo '$'MODULE_${i}` + ebegin " Unloading ${module}" + rmmod ${module} >/dev/null 2>&1 + eend $? + done + + if [ -e /proc/sys/dev/sensors ] ; then + ebegin " Unloading i2c-proc" + rmmod i2c-proc >/dev/null 2>&1 + eend $? + fi + fi +} diff --git a/init.d/local b/init.d/local new file mode 100755 index 0000000..6e4ddbf --- /dev/null +++ b/init.d/local @@ -0,0 +1,51 @@ +#!/sbin/runscript +# Copyright (c) 2007-2008 Roy Marples +# Released under the 2-clause BSD license. + +description="Executes user programs in /etc/local.d" + +depend() +{ + after * + keyword -timeout +} + +start() +{ + einfo "Starting local" + + local file + for file in /etc/local.d/*.start ; do + [ -x "$file" ] && "$file" + done + + if type local_start >/dev/null 2>&1; then + ewarn "/etc/conf.d/local should be removed." + ewarn "Please move the code from the local_start function" + ewarn "to scripts with an .start extension" + ewarn "in /etc/local.d" + local_start + fi + + eend 0 +} + +stop() +{ + einfo "Stopping local" + + local file + for file in /etc/local.d/*.stop; do + [ -x "$file" ] && "$file" + done + + if type local_start >/dev/null 2>&1; then + ewarn "/etc/conf.d/local should be removed." + ewarn "Please move the code from the local_stop function" + ewarn "to scripts with an .stop extension" + ewarn "in /etc/local.d" + local_stop + fi + + eend 0 +} diff --git a/init.d/localmount b/init.d/localmount new file mode 100755 index 0000000..459a376 --- /dev/null +++ b/init.d/localmount @@ -0,0 +1,80 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Mounts disks and swap according to /etc/fstab." + +depend() +{ + need fsck + use lvm modules mtab + after lvm modules + keyword -jail -openvz -prefix -vserver -lxc +} + +start() +{ + # Mount local filesystems in /etc/fstab. + local types="noproc" x= no_netdev= + for x in $net_fs_list $extra_net_fs_list; do + types="${types},${x}" + done + + if [ "$RC_UNAME" = Linux ]; then + no_netdev="-O no_netdev" + fi + ebegin "Mounting local filesystems" + mount -at "$types" $no_netdev + eend $? "Some local filesystem failed to mount" + + # Always return 0 - some local mounts may not be critical for boot + return 0 +} + +stop() +{ + # We never unmount / or /dev or $RC_SVCDIR + + # Bug 381783 + local rc_svcdir=$(echo $RC_SVCDIR | sed 's:/lib\(32\|64\)\?/:/lib(32|64)?/:g') + + local x= no_umounts_r="/|/dev|/dev/.*|${rc_svcdir}" + no_umounts_r="${no_umounts_r}|/bin|/sbin|/lib(32|64)?|/libexec" + # RC_NO_UMOUNTS is an env var that can be set by plugins + local IFS="$IFS:" + for x in $no_umounts $RC_NO_UMOUNTS; do + no_umounts_r="$no_umounts_r|$x" + done + + if [ "$RC_UNAME" = Linux ]; then + no_umounts_r="$no_umounts_r|/proc|/proc/.*|/run|/sys|/sys/.*" + fi + no_umounts_r="^($no_umounts_r)$" + + # Flush all pending disk writes now + sync; sync + + . "$RC_LIBEXECDIR"/sh/rc-mount.sh + + # Umount loop devices + einfo "Unmounting loop devices" + eindent + do_unmount "umount -d" --skip-point-regex "$no_umounts_r" \ + --node-regex "^/dev/loop" + eoutdent + + # Now everything else, except network filesystems as the + # network should be down by this point. + einfo "Unmounting filesystems" + eindent + local fs= + for x in $net_fs_list $extra_net_fs_list; do + fs="$fs${fs:+|}$x" + done + [ -n "$fs" ] && fs="^($fs)$" + do_unmount umount --skip-point-regex "$no_umounts_r" \ + "${fs:+--skip-fstype-regex}" $fs --nonetdev + eoutdent + + return 0 +} diff --git a/init.d/lvm b/init.d/lvm new file mode 100755 index 0000000..d840e7b --- /dev/null +++ b/init.d/lvm @@ -0,0 +1,39 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/lvm2/files/lvm.rc-2.02.67-r1,v 1.1 2010/06/09 22:41:45 robbat2 Exp $ + +depend() { + if [ -f /etc/init.d/sysfs ]; then + # on baselayout-1 this causes + # dependency-cycles with checkroot (before *) + before checkfs fsck + after modules device-mapper + fi + # As of .67-r1, we call ALL lvm start/stop scripts with --sysinit, that + # means dmeventd is NOT notified, as it cannot be safely running + before dmeventd +} + +run_addon() { + local f=/lib64/rcscripts/addons/$1.sh + if [ -r "$f" ]; then + ( . "$f" ) + fi +} + +start() { + if [ ! -f /etc/init.d/sysfs ]; then + eerror "The $SVCNAME init-script is written for baselayout-2!" + eerror "Please do not use it with baselayout-1!". + return 1 + fi + + run_addon lvm-start +} + +stop() { + run_addon lvm-stop +} + +# vim:ts=4 diff --git a/init.d/lvm-monitoring b/init.d/lvm-monitoring new file mode 100755 index 0000000..0b67f33 --- /dev/null +++ b/init.d/lvm-monitoring @@ -0,0 +1,46 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/lvm2/files/lvm-monitoring.initd-2.02.67-r2,v 1.3 2010/08/20 19:18:29 robbat2 Exp $ + +# This script is based on upstream file +# LVM2.2.02.67/scripts/lvm2_monitoring_init_red_hat.in + +depend() { + # As of .67-r1, we call ALL lvm start/stop scripts with --sysinit, that + # means dmeventd is NOT notified, as it cannot be safely running + need lvm dmeventd +} + +VGCHANGE=/sbin/vgchange +VGS=/sbin/vgs + +start() { + ret=0 + # TODO do we want to separate out already active groups only? + VGSLIST=`$VGS --noheadings -o name 2> /dev/null` + for vg in $VGSLIST + do + ebegin "Starting LVM monitoring for VG $vg:" + $VGCHANGE --monitor y --poll y $vg + ret2=$? + eend $ret2 + [ $ret2 -ne 0 ] && ret=$ret2 + done + return $ret +} + +stop() { + ret=0 + # TODO do we want to separate out already active groups only? + VGSLIST=`$VGS --noheadings -o name 2> /dev/null` + for vg in $VGSLIST + do + ebegin "Stopping LVM monitoring for VG $vg:" + $VGCHANGE --monitor n $vg + ret2=$? + eend $ret2 + [ $ret2 -ne 0 ] && ret=$ret2 + done + return $ret +} diff --git a/init.d/mdadm b/init.d/mdadm new file mode 100755 index 0000000..c30004d --- /dev/null +++ b/init.d/mdadm @@ -0,0 +1,26 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/mdadm/files/mdadm.rc,v 1.2 2006/04/25 05:41:51 vapier Exp $ + +depend() { + use logger dns net +} + +start() { + ebegin "Starting mdadm monitor" + mdadm --monitor --scan \ + --daemonise \ + --pid-file /var/run/mdadm.pid \ + ${MDADM_OPTS} + eend $? +} + +stop() { + local ret + ebegin "Stopping mdadm monitor" + start-stop-daemon --stop --pidfile /var/run/mdadm.pid + ret=$? + rm -f /var/run/mdadm.pid + eend ${ret} +} diff --git a/init.d/mdev b/init.d/mdev new file mode 100755 index 0000000..5470404 --- /dev/null +++ b/init.d/mdev @@ -0,0 +1,9 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/busybox/files/mdev.rc,v 1.1 2010/08/15 03:55:29 vapier Exp $ + +start() +{ + . /lib/rcscripts/addons/mdev-start.sh +} diff --git a/init.d/mdraid b/init.d/mdraid new file mode 100755 index 0000000..1a566cf --- /dev/null +++ b/init.d/mdraid @@ -0,0 +1,40 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/mdadm/files/mdraid.rc-3.1.1,v 1.1 2010/01/24 22:20:57 robbat2 Exp $ + +depend() { + if [ ! -e /sbin/functions.sh ] ; then + # on baselayout-1 this could cause + # dependency-cycles with checkroot (before *) + before checkfs fsck + after modules + fi +} + +run_addon() { + local f=/lib64/rcscripts/addons/$1.sh + if [ -r "$f" ]; then + ( . "$f" ) + fi +} +start_addon() { + run_addon "$1"-start +} +stop_addon() { + run_addon "$1"-stop +} + +start() { + if [ -e /sbin/functions.sh ] ; then + eerror "The ${SVCNAME} init script is written for baselayout-2" + eerror "Please do not use it with baselayout-1" + return 1 + fi + + start_addon raid +} + +stop() { + stop_addon raid +} diff --git a/init.d/mit-krb5kadmind b/init.d/mit-krb5kadmind new file mode 100755 index 0000000..cb14afa --- /dev/null +++ b/init.d/mit-krb5kadmind @@ -0,0 +1,31 @@ +#!/sbin/runscript + +#--------------------------------------------------------------------------- +# This script starts/stops the MIT Kerberos 5 Admin daemon +#--------------------------------------------------------------------------- + +daemon="MIT Kerberos 5 Admin daemon" +exec="/usr/sbin/kadmind" + +opts="start stop restart" + +depend() { + need net mit-krb5kdc +} + +start() { + ebegin "Starting $daemon" + start-stop-daemon --start --quiet --exec ${exec} 1>&2 + eend $? "Error starting $daemon" +} + +stop() { + ebegin "Stopping $daemon" + start-stop-daemon --stop --quiet --oknodo --exec ${exec} 1>&2 + eend $? "Error stopping $daemon" +} + +restart() { + svc_stop + svc_start +} diff --git a/init.d/mit-krb5kdc b/init.d/mit-krb5kdc new file mode 100755 index 0000000..3162004 --- /dev/null +++ b/init.d/mit-krb5kdc @@ -0,0 +1,31 @@ +#!/sbin/runscript + +#--------------------------------------------------------------------------- +# This script starts/stops the MIT Kerberos 5 KDC +#--------------------------------------------------------------------------- + +daemon="MIT Kerberos 5 KDC" +exec="/usr/sbin/krb5kdc" + +opts="start stop restart" + +depend() { + need net +} + +start() { + ebegin "Starting $daemon" + start-stop-daemon --start --quiet --exec ${exec} 1>&2 + eend $? "Error starting $daemon" +} + +stop() { + ebegin "Stopping $daemon" + start-stop-daemon --stop --quiet --oknodo --exec ${exec} 1>&2 + eend $? "Error stopping $daemon" +} + +restart() { + svc_stop + svc_start +} diff --git a/init.d/mit-krb5kpropd b/init.d/mit-krb5kpropd new file mode 100755 index 0000000..432484d --- /dev/null +++ b/init.d/mit-krb5kpropd @@ -0,0 +1,27 @@ +#!/sbin/runscript + +#--------------------------------------------------------------------------- +# This script starts/stops the MIT Kerberos 5 kpropd +#--------------------------------------------------------------------------- + +daemon="MIT Kerberos 5 kpropd" +exec="/usr/sbin/kpropd" + +opts="start stop restart" + +depend() { + need net + use mit-krb5kdc mit-krb5kadmind +} + +start() { + ebegin "Starting $daemon" + start-stop-daemon --start --quiet --exec ${exec} -- -S 1>&2 + eend $? "Error starting $daemon" +} + +stop() { + ebegin "Stopping $daemon" + start-stop-daemon --stop --quiet --oknodo --exec ${exec} 1>&2 + eend $? "Error stopping $daemon" +} diff --git a/init.d/modules b/init.d/modules new file mode 100755 index 0000000..3fa5867 --- /dev/null +++ b/init.d/modules @@ -0,0 +1,63 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Loads a user defined list of kernel modules." + +depend() +{ + use isapnp + keyword -openvz -prefix -vserver -lxc +} + +start() +{ + # Should not fail if kernel do not have module + # support compiled in ... + [ ! -f /proc/modules ] && return 0 + + local KV x y kv_variant_list + KV=$(uname -r) + # full $KV + kv_variant_list="${KV}" + # remove any KV_EXTRA options to just get the full version + x=${KV%%-*} + # now slowly strip them + while [ -n "$x" ] && [ "$x" != "$y" ]; do + kv_variant_list="${kv_variant_list} $x" + y=$x + x=${x%.*} + done + + local list= x= xx= y= args= mpargs= cnt=0 a= + for x in $kv_variant_list ; do + eval list=\$modules_$(shell_var "$x") + [ -n "$list" ] && break + done + [ -z "$list" ] && list=$modules + + for x in $list; do + a=${x#*:} + if [ "$a" = "$x" ]; then + unset mpargs + ebegin "Loading module $x" + else + x=${x%%:*} + mpargs="-o $a" + ebegin "Loading module $x as $a" + fi + aa=$(shell_var "$a") + xx=$(shell_var "$x") + for y in $kv_variant_list ; do + eval args=\$module_${aa}_args_$(shell_var "$y") + [ -n "${args}" ] && break + eval args=\$module_${xx}_args_$(shell_var "$y") + [ -n "${args}" ] && break + done + [ -z "$args" ] && eval args=\$module_${aa}_args + [ -z "$args" ] && eval args=\$module_${xx}_args + eval modprobe -q "$mpargs" "$x" "$args" + eend $? "Failed to load $x" && cnt=$(($cnt + 1)) + done + einfo "Autoloaded $cnt module(s)" +} diff --git a/init.d/mount-ro b/init.d/mount-ro new file mode 100755 index 0000000..3ee45c8 --- /dev/null +++ b/init.d/mount-ro @@ -0,0 +1,44 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Re-mount filesytems read-only for a clean reboot." + +depend() +{ + need killprocs savecache + keyword -prefix -openvz -vserver -lxc +} + +start() +{ + # Flush all pending disk writes now + sync; sync + + ebegin "Remounting remaining filesystems read-only" + # We need the do_unmount function + . "$RC_LIBEXECDIR"/sh/rc-mount.sh + eindent + + # Bug 381783 + local rc_svcdir=$(echo $RC_SVCDIR | sed 's:/lib\(32\|64\)\?/:/lib(32|64)?/:g') + + local m="/dev|/dev/.*|/proc|/proc.*|/sys|/sys/.*|${rc_svcdir}" x= fs= + m="$m|/bin|/sbin|/lib(32|64)?|/libexec" + # RC_NO_UMOUNTS is an env var that can be set by plugins + local IFS="$IFS:" + for x in $no_umounts $RC_NO_UMOUNTS; do + m="$m|$x" + done + m="^($m)$" + fs= + for x in $net_fs_list $extra_net_fs_list; do + fs="$fs${fs:+|}$x" + done + [ -n "$fs" ] && fs="^($fs)$" + do_unmount "umount -r" \ + --skip-point-regex "$m" \ + "${fs:+--skip-fstype-regex}" $fs --nonetdev + eoutdent + eend $? +} diff --git a/init.d/mtab b/init.d/mtab new file mode 100755 index 0000000..f47cdd5 --- /dev/null +++ b/init.d/mtab @@ -0,0 +1,36 @@ +#!/sbin/runscript +# Copyright (c) 2007-2008 Roy Marples +# Released under the 2-clause BSD license. + +description="Update /etc/mtab to match what the kernel knows about" + +depend() +{ + need root + keyword -prefix +} + +start() +{ + if [ -L /etc/mtab ] + then + einfo "Skipping mtab update (mtab is a symbolic link)" + return 0 + fi + + ebegin "Updating /etc/mtab" + if ! echo 2>/dev/null >/etc/mtab; then + ewend 1 "/etc/mtab is not updateable" + return 0 + fi + + # With / as tmpfs we cannot umount -at tmpfs in localmount as that + # makes / readonly and dismounts all tmpfs even if in use which is + # not good. Luckily, umount uses /etc/mtab instead of /proc/mounts + # which allows this hack to work. + grep -v "^[^ ]* / tmpfs " /proc/mounts > /etc/mtab + + # Remove stale backups + rm -f /etc/mtab~ /etc/mtab~~ + eend 0 +} diff --git a/init.d/mysql b/init.d/mysql new file mode 100755 index 0000000..e67c2ca --- /dev/null +++ b/init.d/mysql @@ -0,0 +1,358 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql-init-scripts/files/mysql.rc6,v 1.2 2007/03/04 15:47:03 vivo Exp $ + +# external binaries used: which, sed, tac + +# int in_list(char * elem, char * list) +function in_list() { + local elem=${1:-"none"} + local list=${2:-","} + + [[ "${list}" == "${list/,${elem},/}" ]] \ + && return 1 \ + || return 0 +} + +function wdebug() { + if [[ "${DEBUG}" -ge "${1}" ]] ; then + shift + echo "dbg: ${@}" + fi +} + +depend() { + use dns net localmount netmount nfsmount +} + +do_escape() { + # Ihatethisreallyverymuch + #echo "$1" | sed -e "s|'| |" -e "s|=|='|" -e "s|$|'|" + echo "$1" +} + +# int get_slot_config(srv_slot=0, srv_num) +get_slot_config() { + wdebug 4 ">>> get_slot_config()" + + local srv srv_slot srv_num + srv_slot="${1:-"0"}" + srv_num="${2}" + MY_SUFFIX="-${srv_slot}" + # srv=array(0 => [srv_slot], 1 => [srv_num] ) + srv=( ${srv_slot} ${srv_num} ) + + local tmp_eval="mysql_slot_${srv_slot}${srv_num:+"_"}${srv_num}[@]" + local conf_d_parameters="${!tmp_eval}" + if [[ "${srv_slot}" == "0" ]] ; then + MY_SUFFIX='' + # try some other default for the default server + [[ -z "${conf_d_parameters[@]}" ]] && conf_d_parameters=${mysql_slot[@]} + fi + [[ -z "${conf_d_parameters[@]}" ]] && conf_d_parameters=( ) + basedir="" datadir="" pidfile="" socket="" + CHROOT="" NICE="" STARTUPTIMEOUT=5 STOPTIMEOUT=120 + + wdebug 3 "srv ${srv[@]}" + wdebug 3 "srv_slot ${srv_slot}" + wdebug 3 "srv_num ${srv_num}" + wdebug 3 "tmp_eval ${tmp_eval}" + wdebug 3 "conf_d_parameters ${conf_d_parameters[@]}" + wdebug 3 "MY_SUFFIX ${MY_SUFFIX}" + + local tmp_eval="mysql_slot_${srv_slot}${srv_num:+"_"}${srv_num}[@]" + local conf_d_parameters="${!tmp_eval}" + # collations need to be defined *after* the character sets, + # so we will duplicate them + local collations="" + [[ ${conf_d_parameters[*]} == '()' ]] && conf_d_parameters='' + + MY_CNF="/etc/mysql${MY_SUFFIX}/my.cnf" + # summa of unmanaged parameters + # some parameters may be present multiple times + unmanagedparams="" + + # grab the parameters from conf.d/mysql definition + for my_default in ${conf_d_parameters[*]} ; do + case "${my_default}" in + nice=*) + NICE="${my_default#nice=}" + nice -n $NICE ls /tmp &>/dev/null || NICE="" + ;; + mycnf=*) MY_CNF="${my_default#mycnf=}" ;; + startup_timeout=*) + STARTUPTIMEOUT="${my_default#startup_timeout=}" ;; + basedir=*) basedir="${my_default#basedir=}" ;; + datadir=*) datadir="${my_default#datadir=}" ;; + pid-file=*) pidfile="${my_default#pid-file=}" ;; + socket=*) socket="${my_default#socket=}" ;; + *collation*=) + collations="${collations} --$( do_escape "${my_default}" )" + ;; + *=*) + # list of parameters we already have + # prepend "--" because my_print_defaults do it + unmanagedparams="${unmanagedparams} --$( do_escape "${my_default}" )" + ;; + *) + unmanagedparams="${unmanagedparams} --${my_default}" + ;; + esac + done + + if [[ ! -r "${MY_CNF}" ]] ; then + ewarn "Cannot access ${MY_CNF} !" + MY_CNF="" + my_defaults="" + else + local my_print_defaults="$(which my_print_defaults${MY_SUFFIX} 2>/dev/null)" + if [[ ! -x "${my_print_defaults}" ]] ; then + eerror "my_print_defaults NOT found or not executable" + my_defaults="" + else + my_defaults=$( ${my_print_defaults} \ + --loose-verbose \ + --config-file="${MY_CNF}" \ + mysqld server ) + fi + fi + + # grab needed parameters from my.cnf, don't override the ones from + # conf.d/mysql + for my_default in ${my_defaults} ; do + case "${my_default}" in + --basedir=*) + [[ -z "${basedir}" ]] && basedir="${my_default#--basedir=}" ;; + --datadir=*) + [[ -z "${datadir}" ]] && datadir="${my_default#--datadir=}" ;; + --pid-file=*) + [[ -z "${pidfile}" ]] && pidfile="${my_default#--pid-file=}" ;; + --socket=*) + [[ -z "${socket}" ]] && socket="${my_default#--socket=}" ;; + --*collation*=) + # the order is inversed because we want the conf.d ones overriden + collations="$( do_escape "${my_default}" ) ${collations}" + ;; + esac + done + + # some parameters + basedir="${basedir:-"/usr"}" + datadir="${datadir:-"/var/lib/mysql${MY_SUFFIX}"}" + pidfile="${pidfile:-"/var/run/mysqld/mysqld${MY_SUFFIX}.pid"}" + socket="${socket:-"/var/run/mysqld/mysqld${MY_SUFFIX}.sock"}" + unmanagedparams="${unmanagedparams} ${collations}" + + wdebug 3 "chroot dir => ${CHROOT}" + wdebug 3 "niceness => ${NICE}" + wdebug 3 "basedir => ${basedir}" + wdebug 3 "datadir => ${datadir}" + wdebug 3 "pidfile => ${pidfile}" + wdebug 3 "socket => ${socket}" + wdebug 3 "Unamanged => ${unmanagedparams}" + + # extension for sleep tenth of seconds, not very portable so check it before + if sleep 0.01 ; then + STARTUPTIMEOUT=$(( STARTUPTIMEOUT * 10 )) + STOPTIMEOUT=$(( STOPTIMEOUT * 10 )) + TIMEUNIT=0.1 + else + TIMEUNIT=1 + fi + + # push these out to the script + export MY_SUFFIX NICE MY_CNF pidfile datadir basedir socket CHROOT + export unmanagedparams STARTUPTIMEOUT STOPTIMEOUT TIMEUNIT + wdebug 4 "<<< get_slot_config() ok" + return 0 +} + +checkconfig() { + wdebug 4 ">>> checkconfig(\"${1}\")" + local datadir="${1}" pidfile="${2}" socket="${3}" + + if [[ -n "${NOCHECK}" ]] ; then + rm -f "${pidfile}" "${socket}" + return 0 + fi + + if [[ ! -d "${datadir}" ]] ; then + eerror "MySQL datadir is empty or invalid" + eerror "Please check your my.cnf : ${MY_CNF}" + wdebug 4 "<<< checkconfig() KO" + return 1 + fi + + if [[ ! -d "${datadir}/mysql" ]] ; then + eerror "You don't appear to have the mysql database installed yet." + eerror "Please run /usr/bin/mysql_install_db to have this done..." + wdebug 4 "<<< checkconfig() KO" + return 1 + fi + + if [[ -f "${pidfile}" ]] ; then + kill -15 $(< ${pidfile}) 2>/dev/null + if [[ $? -eq 0 ]] ; then + # the process exist, we have a problem + eerror "\"${pidfile}\" is still present and the process is running." + eerror "Please stop it \"kill $(< ${pidfile})\" maybe ?" + wdebug 4 "<<< checkconfig() KO" + return 1 + else + rm -f "${pidfile}" + fi + fi + + if [[ -S "${socket}" ]] ; then + ewarn "Strange, the socket file already exist in \"${socket}\"" + ewarn "it will be removed now and re-created by the MySQL server" + ewarn "BUT please make your checks." + rm -f "${socket}" + fi + + wdebug 4 "<<< checkconfig() ok" + return 0 +} + +start() { + wdebug 4 ">>> start()" + + MYSQL_GLOB_PID_FILE=${MYSQL_GLOB_PID_FILE:-"/var/run/svc-started-${SVCNAME/mysql/mysqld}"} + # servers are defined in /etc/conf.d/mysql + local serverlist=${!mysql_slot_*} + # provide default for empty conf.d/mysql + if [[ -z "${serverlist}" ]] ; then + serverlist=0 + export mysql_slot_0=( ) + fi + local retstatus timeout + local globretstatus=1 + local srv_slot srv_num + # server MUST NOT share same location for these + local pidfilelist=',' datadirlist=',' socketlist=',' + local ssd_thing=1 + local mysqld_thing tmpnice + + ebegin "Starting ${myservice}" + # try to start each server + for srv in ${serverlist[*]} ; do + + srv_slot="${srv#mysql_slot_}" + if [[ "${srv_slot}" == "${srv_slot#*_}" ]] ; then + srv_num='' + else + srv_num="${srv_slot#*_}" + fi + srv_slot="${srv_slot%%_*}" + + retstatus=0 + get_slot_config "${srv_slot}" "${srv_num}" || retstatus=1 + + # checks + if ! checkconfig "${datadir}" "${pidfile}" "${socket}" ; then + retstatus=2 ; continue + fi + if in_list "${pidfile}" "${pidfilelist}" ; then + eerror "Sorry, won't start with same pid-file: ${pidfile}" + retstatus=3 ; continue + fi + if in_list "${datadir}" "${datadirlist}" ; then + eerror "Sorry, won't start with same datadir: ${datadir}" + retstatus=4 ; continue + fi + if in_list "${socket}" "${socketlist}" ; then + eerror "Sorry, won't start with same socket: ${socket}" + retstatus=5 ; continue + fi + + einfo "Starting ${myservice} (${MY_CNF})" + + mysqld_thing="${MY_CNF:+"--defaults-file="}${MY_CNF}" + mysqld_thing="${mysqld_thing} ${unmanagedparams}" + mysqld_thing="${mysqld_thing} --basedir=${basedir}" + mysqld_thing="${mysqld_thing} --datadir=${datadir}" + mysqld_thing="${mysqld_thing} --pid-file=${pidfile}" + mysqld_thing="${mysqld_thing} --socket=${socket}" + + wdebug 2 "starting mysqld with: ${mysqld_thing}" + + if [[ ${ssd_thing} -eq 1 ]] ; then + tmpnice="${NICE:+"--nicelevel "}${NICE}" + start-stop-daemon --quiet ${DEBUG/*/"--verbose"} --start \ + --background ${tmpnice} --pidfile ${pidfile} \ + --exec ${basedir}/sbin/mysqld${MY_SUFFIX} -- ${mysqld_thing} \ + && sleep ${TIMEUNIT} + retstatus=$? + else + tmpnice="${NICE:+"nice -n "}${NICE}" + ${tmpnice} ${basedir}/sbin/mysqld${MY_SUFFIX} ${mysqld_thing} & + retstatus=0 + fi + + # only the first run is done by start-stop-daemon + ssd_thing="" + + # wait for socket creation + wdebug 1 + while ! [[ -S "${socket}" || "${STARTUPTIMEOUT}" -lt 1 || "${retstatus}" -ne 0 ]] ; do + STARTUPTIMEOUT=$(( STARTUPTIMEOUT - 1 )) + [[ ${DEBUG} -ge 1 ]] && echo -n "${STARTUPTIMEOUT}," + sleep ${TIMEUNIT} + done + wdebug 1 "" + if [[ ! -S "${socket}" ]] ; then + eerror "MySQL${MY_SUFFIX} NOT started (${retstatus})" + retstatus=1 + else + globretstatus=0 + pidfilelist="${pidfilelist}${pidfile}," + datadirlist="${datadirlist}${datadir}," + socketlist="${socketlist}${socket}," + echo "${srv_slot}${srv_num:+"_"}${srv_num}=${pidfile}" >> "${MYSQL_GLOB_PID_FILE}" + fi + done + # successfull if at least one mysqld started + wdebug 4 "<<< start()" + eend $globretstatus +} + +stop() { + get_slot_config &> /dev/null + MYSQL_GLOB_PID_FILE=${MYSQL_GLOB_PID_FILE:-"/var/run/svc-started-${SVCNAME/mysql/mysqld}"} + local runwhat pidfile shutdown_elem + local PID cnt timeout=${STOPTIMEOUT:-"120"} + local retstatus=0 + local shutdown_list="$(< "${MYSQL_GLOB_PID_FILE}" )" + + ebegin "Stopping ${myservice}" + wdebug 5 "MYSQL_GLOB_PID_FILE: ${MYSQL_GLOB_PID_FILE}" + wdebug 5 "shutdown_list: ${shutdown_list}" + for shutdown_elem in ${shutdown_list} ; do + runwhat=${shutdown_elem%%=*} + pidfile=${shutdown_elem#*=} + timeout=${STOPTIMEOUT:-"120"} + PID=$(< "${pidfile}" ) + wdebug 3 "runwhat ${runwhat}" + wdebug 3 "pidfile ${pidfile}" + wdebug 3 "timeout ${timeout}" + wdebug 3 "PID ${PID}" + + einfo "Stopping mysqld (${runwhat})" + + start-stop-daemon --quiet ${DEBUG/*/"--verbose"} --stop --pidfile "${pidfile}" & + wdebug 1 "" + while [[ -n "$PID" ]] \ + && $( ps -Ao pid | grep -q "^ *$PID$" ) \ + && [[ "${timeout}" -ge 1 ]] + do + timeout=$(($timeout - 1)) + [[ ${DEBUG} -ge 1 ]] && echo -n "$(( $STOPTIMEOUT - $timeout ))," + sleep ${TIMEUNIT} + done + [[ "${timeout}" -lt 1 ]] && retstatus=1 + done + sleep ${TIMEUNIT} + [[ "$retstatus" -eq 0 ]] && rm -f "$MYSQL_GLOB_PID_FILE" + eend ${retstatus} +} diff --git a/init.d/mysqlmanager b/init.d/mysqlmanager new file mode 100755 index 0000000..dd8b703 --- /dev/null +++ b/init.d/mysqlmanager @@ -0,0 +1,230 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql-init-scripts/files/mysqlmanager.rc6,v 1.1 2007/01/12 16:54:20 chtekk Exp $ + +# external binaries used: which, sed, tac + +depend() { + use dns net localmount netmount nfsmount + #provide mysql +} + +# int in_list(char * elem, char * list) +function in_list() { + local elem=${1:-"none"} + local list=${2:-","} + + [[ "${list}" == "${list/,${elem},/}" ]] \ + && return 1 \ + || return 0 +} + +do_escape() { + # Ihatethisreallyverymuch + #echo "$1" | sed -e "s|'| |" -e "s|=|='|" -e "s|$|'|" + echo "$1" +} + +# int get_slot_config(srv_slot=0, srv_num) +get_slot_config() { + [[ ${DEBUG} -ge 4 ]] && einfo ">>> get_slot_config(\"${1}\", \"${2}\")" + + srv_slot="${1:-"0"}" + srv_num="${2}" + MY_SUFFIX="-${srv_slot}" + [[ "${MY_SUFFIX}" == '-0' ]] && MY_SUFFIX='' + + basedir="" pidfile="" socket="" + + local tmp_eval="mysqlmanager_slot_${srv_slot}${srv_num:+"_"}${srv_num}[@]" + local conf_d_parameters="${!tmp_eval}" + [[ ${conf_d_parameters[*]} == '()' ]] && conf_d_parameters='' + + MY_CNF="/etc/mysql${MY_SUFFIX}/my.cnf" + # summa of unmanaged parameters + # some parameters may be present multiple times + unmanagedparams="" + + # grab the parameters from conf.d/mysql definition + for my_default in ${conf_d_parameters[*]} ; do + case "${my_default}" in + mycnf=*) MY_CNF="${my_default#mycnf=}" ;; + basedir=*) basedir="${my_default#basedir=}" ;; + pid-file=*) pidfile="${my_default#pid-file=}" ;; + socket=*) socket="${my_default#socket=}" ;; + *=*) + # list of parameters we already have + # prepend "--" because my_print_defaults do it + unmanagedparams="${unmanagedparams} --$( do_escape "${my_default}" )" + ;; + *) + unmanagedparams="${unmanagedparams} --${my_default}" + ;; + esac + done + + if [[ ! -r "${MY_CNF}" ]] ; then + ewarn "Cannot access ${MY_CNF} !" + MY_CNF="" + my_defaults="" + else + local my_print_defaults="$(which my_print_defaults${MY_SUFFIX} 2>/dev/null)" + if [[ ! -x "${my_print_defaults}" ]] ; then + eerror "my_print_defaults NOT found or not executable" + my_defaults="" + else + my_defaults=$( ${my_print_defaults} \ + --loose-verbose \ + --config-file="${MY_CNF}" \ + manager ) + fi + fi + + # grab needed parameters from my.cnf, don't override the ones from + # conf.d/mysql + for my_default in ${my_defaults} ; do + case "${my_default}" in + --pid-file=*) + [[ -z "${pidfile}" ]] && pidfile="${my_default#--pid-file=}" ;; + --socket=*) + [[ -z "${socket}" ]] && socket="${my_default#--socket=}" ;; + esac + done + + # still empty, I'm in doubt if assign a default or break, will see + basedir="${basedir:-"/usr"}" + pidfile="${pidfile:-"/var/run/mysqld/mysqlmanager${MY_SUFFIX}.pid"}" + socket="${socket:-"/var/run/mysqld/mysqlmanager${MY_SUFFIX}.sock"}" + + if [[ ${DEBUG} -ge 3 ]] ; then + einfo "basedir => ${basedir}" + einfo "pidfile => ${pidfile}" + einfo "socket => ${socket}" + einfo "Unamanged => ${unmanagedparams}" + fi + + # push these out to the script + export MY_SUFFIX MY_CNF pidfile basedir socket + export unmanagedparams + [[ ${DEBUG} -ge 4 ]] && einfo "<<< get_slot_config() ok" + return 0 +} + +start() { + [[ ${DEBUG} -ge 4 ]] && einfo ">>> start()" + MYSQL_GLOB_PID_FILE=${MYSQL_GLOB_PID_FILE:-"/var/run/svc-started-${SVCNAME}"} + # servers are defined in /etc/conf.d/mysql + local serverlist=${!mysqlmanager_slot_*} + # provide default for empty conf.d/mysql + if [[ -z "${serverlist}" ]] ; then + serverlist=0 + export mysqlmanager_slot_0=() + fi + local retstatus timeout + local globretstatus=1 + local srv_slot srv_num + # server MUST NOT share same location for these + local pidfilelist=',' socketlist=',' + + # additional security + rm -f "${MYSQL_GLOB_PID_FILE}" ; touch "${MYSQL_GLOB_PID_FILE}" + if [[ $? -ne 0 ]] ; then + eerror "cannot create MYSQL_GLOB_PID_FILE: ${MYSQL_GLOB_PID_FILE}" + [[ ${DEBUG} -ge 4 ]] && einfo "<<< start() KO" + return 1 + fi + + ebegin + # try to start each server + for srv in ${serverlist[*]} ; do + einfo "working on ${srv}" + + srv_slot="${srv#mysqlmanager_slot_}" + if [[ "${srv_slot}" == "${srv_slot#*_}" ]] ; then + srv_num='' + else + srv_num="${srv_slot#*_}" + fi + srv_slot="${srv_slot%%_*}" + + retstatus=0 + get_slot_config "${srv_slot}" "${srv_num}" || retstatus=1 + + # timeout (seconds) before declaring the startup failed + + # pre_run checks + if [[ "$retstatus" -eq 0 ]] ; then + if in_list "${pidfile}" "${pidfilelist}" ; then + retstatus=3 + eerror "Sorry, won't start with same pid-file: ${pidfile}" + fi + if in_list "${socket}" "${socketlist}" ; then + retstatus=5 + eerror "Sorry, won't start with same socket: ${socket}" + fi + fi + + if [[ $retstatus -eq 0 ]] ; then + # additional security + rm -f ${pidfile} ${socket} + einfo "Starting mysqlmanager${MY_SUFFIX:+"_"}${srv_slot}${srv_num:+"_"}${srv_num} (${MY_CNF})" + + [[ ${DEBUG} -ge 2 ]] && echo "starting mysqlmanager with: "${basedir}/sbin/mysqlmanager${MY_SUFFIX} ${unmanagedparams} --pid-file=${pidfile} --socket=${socket} + + start-stop-daemon --quiet --start --background \ + --pidfile "${pidfile}" \ + --exec ${basedir}/sbin/mysqlmanager${MY_SUFFIX} \ + -- \ + ${MY_CNF:+"--defaults-file="}${MY_CNF} \ + ${unmanagedparams} \ + --pid-file=${pidfile} \ + --socket=${socket} + + retstatus=$? + + if [[ "${retstatus}" -eq 0 ]] ; then + pidfilelist="${pidfilelist}${pidfile}," + socketlist="${socketlist}${socket}," + globretstatus=0 + echo "${srv_slot}${srv_num:+"_"}${srv_num}=${pidfile}" >> "${MYSQL_GLOB_PID_FILE}" + fi + fi + done + # successfull if at least one mysqlmanager started + [[ ${DEBUG} -ge 4 ]] && einfo "<<< start()" + eend $globretstatus +} + +stop () { + MYSQL_GLOB_PID_FILE=${MYSQL_GLOB_PID_FILE:-"/var/run/svc-started-${SVCNAME}"} + local runwhat pidfile shutdown_elem + local PID cnt timeout + local retstatus=0 + local shutdown_list="$(< "${MYSQL_GLOB_PID_FILE}" )" + + # shutdown in reverse order + ebegin + for shutdown_elem in $shutdown_list; do + runwhat=${shutdown_elem%%=*} + pidfile=${shutdown_elem#*=} + timeout=${STOPTIMEOUT:-"10"} + + einfo "Stopping mysqlmanager (${runwhat})" + + PID=$(cat "${pidfile}" 2>/dev/null) + start-stop-daemon --stop --quiet --pidfile="${pidfile}" + [[ ${DEBUG} -ge 1 ]] && echo "" + while [[ -n "$PID" && $( kill -0 $PID 2>/dev/null ) && "${timeout}" -ge 1 ]] ; do + timeout=$(($timeout - 1)) + [[ ${DEBUG} -ge 1 ]] && echo -n $(( $STOPTIMEOUT - $timeout )) + sleep 1 + done + if [[ "${timeout}" -lt 1 ]] ; then + retstatus=$(( $retstatus + 1 )) + fi + done + + [[ "$retstatus" -eq 0 ]] && rm -f "$MYSQL_GLOB_PID_FILE" + eend $retstatus +} diff --git a/init.d/nagios b/init.d/nagios new file mode 100755 index 0000000..83b9332 --- /dev/null +++ b/init.d/nagios @@ -0,0 +1,57 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-core/files/nagios3,v 1.1 2008/04/27 18:41:25 dertobi123 Exp $ + +opts="${opts} reload checkconfig" + +depend() { + need net + use dns logger firewall + after mysql postgresql +} + +reload() +{ + checkconfig || return 1 + ebegin "Reloading configuration" + killall -HUP nagios &>/dev/null + eend $? +} + +checkconfig() { + # Silent Check + /usr/sbin/nagios -v /etc/nagios/nagios.cfg &>/dev/null && return 0 + + # Now we know there's problem - run again and display errors + /usr/sbin/nagios -v /etc/nagios/nagios.cfg + eend $? "Configuration Error. Please fix your configfile" +} + +start() { + checkconfig || return 1 + ebegin "Starting nagios" + touch /var/nagios/nagios.log /var/nagios/status.sav + chown nagios:nagios /var/nagios/nagios.log /var/nagios/status.sav + rm -f /var/nagios/rw/nagios.cmd + start-stop-daemon --quiet --start --startas /usr/sbin/nagios \ + -e HOME="/var/nagios/home" --pidfile /var/nagios/nagios.lock \ + -- -d /etc/nagios/nagios.cfg + eend $? +} + +stop() { + ebegin "Stopping nagios" + start-stop-daemon --quiet --stop --pidfile /var/nagios/nagios.lock + rm -f /var/nagios/status.log /var/nagios/nagios.tmp /var/nagios/nagios.lock /var/nagios/rw/nagios.cmd + eend $? +} + +svc_restart() { + checkconfig || return 1 + ebegin "Restarting nagios" + svc_stop + svc_start + eend $? +} + diff --git a/init.d/named b/init.d/named new file mode 100755 index 0000000..8432ff0 --- /dev/null +++ b/init.d/named @@ -0,0 +1,250 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r11,v 1.3 2011/09/14 15:48:50 idl0r Exp $ + +extra_commands="checkconfig checkzones" +extra_started_commands="reload" + +depend() { + need net + use logger + provide dns +} + +NAMED_CONF=${CHROOT}/etc/bind/named.conf + +OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0} +MOUNT_CHECK_TIMEOUT=${MOUNT_CHECK_TIMEOUT:-60} + +_mount() { + local from + local to + local opts + local ret=0 + + if [ "${#}" -lt 3 ]; then + eerror "_mount(): to few arguments" + return 1 + fi + + from=$1 + to=$2 + shift 2 + + opts="${*}" + shift $# + + if [ -z "$(awk "\$2 == \"${to}\" { print \$2 }" /proc/mounts)" ]; then + einfo "mounting ${from} to ${to}" + mount ${from} ${to} ${opts} + ret=$? + + eend $ret + return $ret + fi + + return 0 +} + +_umount() { + local dir=$1 + local ret=0 + + if [ -n "$(awk "\$2 == \"${dir}\" { print \$2 }" /proc/mounts)" ]; then + ebegin "umounting ${dir}" + umount ${dir} + ret=$? + + eend $ret + return $ret + fi + + return 0 +} + +_get_pidfile() { + # as suggested in bug #107724, bug 335398#c17 + [ -n "${PIDFILE}" ] || PIDFILE=${CHROOT}$(\ + /usr/sbin/named-checkconf -p ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF#${CHROOT}} | grep 'pid-file' | cut -d\" -f2) + [ -z "${PIDFILE}" ] && PIDFILE=${CHROOT}/var/run/named/named.pid +} + +check_chroot() { + if [ -n "${CHROOT}" ]; then + [ ! -d "${CHROOT}" ] && return 1 + [ ! -d "${CHROOT}/dev" ] || [ ! -d "${CHROOT}/etc" ] || [ ! -d "${CHROOT}/var" ] && return 1 + [ ! -d "${CHROOT}/var/run" ] || [ ! -d "${CHROOT}/var/log" ] && return 1 + [ ! -d "${CHROOT}/etc/bind" ] || [ ! -d "${CHROOT}/var/bind" ] && return 1 + [ ! -d "${CHROOT}/var/log/named" ] && return 1 + [ ! -c "${CHROOT}/dev/null" ] || [ ! -c "${CHROOT}/dev/zero" ] && return 1 + [ ! -c "${CHROOT}/dev/random" ] && [ ! -c "${CHROOT}/dev/urandom" ] && return 1 + [ "${CHROOT_GEOIP:-0}" -eq 1 ] && [ ! -d "${CHROOT}/usr/share/GeoIP" ] && return 1 + if [ ${OPENSSL_LIBGOST:-0} -eq 1 ]; then + if [ -d "/usr/lib64" ]; then + [ ! -d "${CHROOT}/usr/lib64/engines" ] && return 1 + elif [ -d "/usr/lib" ]; then + [ ! -d "${CHROOT}/usr/lib/engines" ] && return 1 + fi + fi + fi + + return 0 +} + +checkconfig() { + ebegin "Checking named configuration" + + if [ ! -f "${NAMED_CONF}" ] ; then + eerror "No ${NAMED_CONF} file exists!" + return 1 + fi + + /usr/sbin/named-checkconf ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF#${CHROOT}} || { + eerror "named-checkconf failed! Please fix your config first." + return 1 + } + + eend 0 + return 0 +} + +checkzones() { + ebegin "Checking named configuration and zones" + /usr/sbin/named-checkconf -z -j ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF#${CHROOT}} + eend $? +} + +start() { + local piddir + + ebegin "Starting ${CHROOT:+chrooted }named" + + if [ -n "${CHROOT}" ]; then + if [ ${CHROOT_NOCHECK:-0} -eq 0 ]; then + check_chroot || { + eend 1 + eerror "Your chroot dir ${CHROOT} is inconsistent, please run 'emerge --config net-dns/bind' first" + return 1 + } + fi + + if [ ${OPENSSL_LIBGOST:-0} -eq 1 ]; then + if [ ! -e /usr/lib/engines/libgost.so ]; then + eend 1 + eerror "Couldn't find /usr/lib/engines/libgost.so but bind has been built with openssl and libgost support" + return 1 + fi + cp -Lp /usr/lib/engines/libgost.so "${CHROOT}/usr/lib/engines/libgost.so" || { + eend 1 + eerror "Couldn't copy /usr/lib/engines/libgost.so into '${CHROOT}/usr/lib/engines/'" + return 1 + } + fi + cp -Lp /etc/localtime "${CHROOT}/etc/localtime" + + if [ "${CHROOT_NOMOUNT:-0}" -eq 0 ]; then + einfo "Mounting chroot dirs" + _mount /etc/bind ${CHROOT}/etc/bind -o bind + _mount /var/bind ${CHROOT}/var/bind -o bind + _mount /var/log/named ${CHROOT}/var/log/named -o bind + if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then + _mount /usr/share/GeoIP ${CHROOT}/usr/share/GeoIP -o bind + fi + fi + fi + + checkconfig || { eend 1; return 1; } + + # create piddir (usually /var/run/named) if necessary, bug 334535 + _get_pidfile + piddir="${PIDFILE%/*}" + if [ ! -d "${piddir}" ]; then + checkpath -q -d -o root:named -m 0770 "${piddir}" || { + eend 1 + return 1 + } + fi + + # In case someone have $CPU set in /etc/conf.d/named + if [ -n "${CPU}" ] && [ "${CPU}" -gt 0 ]; then + CPU="-n ${CPU}" + fi + + start-stop-daemon --start --pidfile ${PIDFILE} \ + --nicelevel ${NAMED_NICELEVEL:-0} \ + --exec /usr/sbin/named \ + -- -u named ${CPU} ${OPTIONS} ${CHROOT:+-t} ${CHROOT} + eend $? +} + +stop() { + local reported=0 + + ebegin "Stopping ${CHROOT:+chrooted }named" + + # Workaround for now, until openrc's restart has been fixed. + # openrc doesn't care about a restart() function in init scripts. + if [ "${RC_CMD}" = "restart" ]; then + if [ -n "${CHROOT}" -a ${CHROOT_NOCHECK:-0} -eq 0 ]; then + check_chroot || { + eend 1 + eerror "Your chroot dir ${CHROOT} is inconsistent, please run 'emerge --config net-dns/bind' first" + return 1 + } + fi + + checkconfig || { eend 1; return 1; } + fi + + # -R 10, bug 335398 + _get_pidfile + start-stop-daemon --stop --retry 10 --pidfile $PIDFILE \ + --exec /usr/sbin/named + + if [ -n "${CHROOT}" ] && [ "${CHROOT_NOMOUNT:-0}" -eq 0 ]; then + ebegin "Umounting chroot dirs" + + # just to be sure everything gets clean + while fuser -s ${CHROOT} 2>/dev/null; do + if [ "${reported}" -eq 0 ]; then + einfo "Waiting until all named processes are stopped (max. ${MOUNT_CHECK_TIMEOUT} seconds)" + elif [ "${reported}" -eq "${MOUNT_CHECK_TIMEOUT}" ]; then + eerror "Waiting until all named processes are stopped failed!" + eend 1 + break + fi + sleep 1 + reported=$((reported+1)) + done + + [ "${CHROOT_GEOIP:-0}" -eq 1 ] && _umount ${CHROOT}/usr/share/GeoIP + _umount ${CHROOT}/etc/bind + _umount ${CHROOT}/var/log/named + _umount ${CHROOT}/var/bind + fi + + eend $? +} + +reload() { + local ret + + ebegin "Reloading named.conf and zone files" + + checkconfig || { eend 1; return 1; } + + _get_pidfile + if [ -n "${PIDFILE}" ]; then + start-stop-daemon --pidfile $PIDFILE --signal HUP + ret=$? + else + ewarn "Unable to determine the pidfile... this is" + ewarn "a fallback mode. Please check your installation!" + + $RC_SERVICE restart + ret=$? + fi + + eend $ret +} diff --git a/init.d/ndo2db b/init.d/ndo2db new file mode 100755 index 0000000..3dea06b --- /dev/null +++ b/init.d/ndo2db @@ -0,0 +1,25 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ndoutils/files/ndo2db.init,v 1.1 2007/07/01 08:29:56 dertobi123 Exp $ + +MY_NAGIOS_MAIN_VERSION=3 + +depends() { + before nagios + need mysql +} + +start() { + ebegin "Starting ndo2db" + start-stop-daemon --start --quiet --exec /usr/sbin/ndo2db-${MY_NAGIOS_MAIN_VERSION}x \ + -- -c /etc/nagios/ndo2db.cfg + eend $? +} + +stop() { + ebegin "Stopping ndo2db" + start-stop-daemon --stop --quiet --exec /usr/sbin/ndo2db-${MY_NAGIOS_MAIN_VERSION}x + eend $? +} + diff --git a/init.d/net.eth0 b/init.d/net.eth0 new file mode 120000 index 0000000..3843c79 --- /dev/null +++ b/init.d/net.eth0 @@ -0,0 +1 @@ +net.lo \ No newline at end of file diff --git a/init.d/net.lo b/init.d/net.lo new file mode 100755 index 0000000..6f8b5b1 --- /dev/null +++ b/init.d/net.lo @@ -0,0 +1,737 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +MODULESDIR="${RC_LIBEXECDIR}/net" +MODULESLIST="${RC_SVCDIR}/nettree" +_config_vars="config routes" + +[ -z "${IN_BACKGROUND}" ] && IN_BACKGROUND="NO" + +description="Configures network interfaces." + +# Handy var so we don't have to embed new lines everywhere for array splitting +__IFS=" +" +depend() +{ + local IFACE=${RC_SVCNAME#*.} + local IFVAR=$(shell_var "${IFACE}") + + need localmount + after bootmisc + provide net + keyword -jail -prefix -vserver + + case "${IFACE}" in + lo|lo0);; + *) after net.lo net.lo0;; + esac + + if [ "$(command -v "depend_${IFVAR}")" = "depend_${IFVAR}" ]; then + depend_${IFVAR} + fi + + local dep= prov= + for dep in need use before after provide keyword; do + eval prov=\$rc_${dep}_${IFVAR} + if [ -n "${prov}" ]; then + ${dep} ${prov} + fi + done +} + +# Support bash arrays - sigh +_array_helper() +{ + local _a= + + eval _a=\$$1 + _a=$(echo "${_a}" | sed -e 's:^[[:space:]]*::' -e 's:[[:space:]]*$::' -e '/^$/d' -e 's:[[:space:]]\{1,\}: :g') + + [ -n "${_a}" ] && printf "%s\n" "${_a}" +} + +_get_array() +{ + local _a= + if [ -n "${BASH}" ]; then + case "$(declare -p "$1" 2>/dev/null)" in + "declare -a "*) + ewarn "You are using a bash array for $1." + ewarn "This feature will be removed in the future." + ewarn "Please see net.example for the correct format for $1." + eval "set -- \"\${$1[@]}\"" + for _a; do + printf "%s\n" "${_a}" + done + return 0 + ;; + esac + fi + + _array_helper $1 +} + +# Flatten bash arrays to simple strings +_flatten_array() +{ + if [ -n "${BASH}" ]; then + case "$(declare -p "$1" 2>/dev/null)" in + "declare -a "*) + ewarn "You are using a bash array for $1." + ewarn "This feature will be removed in the future." + ewarn "Please see net.example for the correct format for $1." + eval "set -- \"\${$1[@]}\"" + for x; do + printf "'%s' " "$(printf "$x" | sed "s:':'\\\'':g")" + done + return 0 + ;; + esac + fi + + _array_helper $1 +} + +_wait_for_carrier() +{ + local timeout= efunc=einfon + + _has_carrier && return 0 + + eval timeout=\$carrier_timeout_${IFVAR} + timeout=${timeout:-${carrier_timeout:-5}} + + # Incase users don't want this nice feature ... + [ ${timeout} -le 0 ] && return 0 + + yesno ${RC_PARALLEL} && efunc=einfo + ${efunc} "Waiting for carrier (${timeout} seconds) " + while [ ${timeout} -gt 0 ]; do + sleep 1 + if _has_carrier; then + [ "${efunc}" = "einfon" ] && echo + eend 0 + return 0 + fi + timeout=$((${timeout} - 1)) + [ "${efunc}" = "einfon" ] && printf "." + done + + [ "${efunc}" = "einfon" ] && echo + eend 1 + return 1 +} + +_netmask2cidr() +{ + # Some shells cannot handle hex arithmetic, so we massage it slightly + # Buggy shells include FreeBSD sh, dash and busybox. + # bash and NetBSD sh don't need this. + case $1 in + 0x*) + local hex=${1#0x*} quad= + while [ -n "${hex}" ]; do + local lastbut2=${hex#??*} + quad=${quad}${quad:+.}0x${hex%${lastbut2}*} + hex=${lastbut2} + done + set -- ${quad} + ;; + esac + + local i= len= + local IFS=. + for i in $1; do + while [ ${i} != "0" ]; do + len=$((${len} + ${i} % 2)) + i=$((${i} >> 1)) + done + done + + echo "${len}" +} + +_configure_variables() +{ + local var= v= t= + + for var in ${_config_vars}; do + local v= + for t; do + eval v=\$${var}_${t} + if [ -n "${v}" ]; then + eval ${var}_${IFVAR}=\$${var}_${t} + continue 2 + fi + done + done +} + +_show_address() +{ + einfo "received address $(_get_inet_address "${IFACE}")" +} + +# Basically sorts our modules into order and saves the list +_gen_module_list() +{ + local x= f= force=$1 + if ! ${force} && [ -s "${MODULESLIST}" -a "${MODULESLIST}" -nt "${MODULESDIR}" ]; then + local update=false + for x in "${MODULESDIR}"/*.sh; do + [ -e "${x}" ] || continue + if [ "${x}" -nt "${MODULESLIST}" ]; then + update=true + break + fi + done + ${update} || return 0 + fi + + einfo "Caching network module dependencies" + # Run in a subshell to protect the main script + ( + after() { + eval ${MODULE}_after="\"\${${MODULE}_after}\${${MODULE}_after:+ }$*\"" + } + + before() { + local mod=${MODULE} + local MODULE= + for MODULE; do + after "${mod}" + done + } + + program() { + if [ "$1" = "start" -o "$1" = "stop" ]; then + local s="$1" + shift + eval ${MODULE}_program_${s}="\"\${${MODULE}_program_${s}}\${${MODULE}_program_${s}:+ }$*\"" + else + eval ${MODULE}_program="\"\${${MODULE}_program}\${${MODULE}_program:+ }$*\"" + fi + } + + provide() { + eval ${MODULE}_provide="\"\${${MODULE}_provide}\${${MODULE}_provide:+ }$*\"" + local x + for x in $*; do + eval ${x}_providedby="\"\${${MODULE}_providedby}\${${MODULE}_providedby:+ }${MODULE}\"" + done + } + + for MODULE in "${MODULESDIR}"/*.sh; do + sh -n "${MODULE}" || continue + . "${MODULE}" || continue + MODULE=${MODULE#${MODULESDIR}/} + MODULE=${MODULE%.sh} + eval ${MODULE}_depend + MODULES="${MODULES} ${MODULE}" + done + + VISITED= + SORTED= + visit() { + case " ${VISITED} " in + *" $1 "*) return;; + esac + VISITED="${VISITED} $1" + + eval AFTER=\$${1}_after + for MODULE in ${AFTER}; do + eval PROVIDEDBY=\$${MODULE}_providedby + if [ -n "${PROVIDEDBY}" ]; then + for MODULE in ${PROVIDEDBY}; do + visit "${MODULE}" + done + else + visit "${MODULE}" + fi + done + + eval PROVIDE=\$${1}_provide + for MODULE in ${PROVIDE}; do + visit "${MODULE}" + done + + eval PROVIDEDBY=\$${1}_providedby + [ -z "${PROVIDEDBY}" ] && SORTED="${SORTED} $1" + } + + for MODULE in ${MODULES}; do + visit "${MODULE}" + done + + printf "" > "${MODULESLIST}" + i=0 + for MODULE in ${SORTED}; do + eval PROGRAM=\$${MODULE}_program + eval PROGRAM_START=\$${MODULE}_program_start + eval PROGRAM_STOP=\$${MODULE}_program_stop + eval PROVIDE=\$${MODULE}_provide + echo "module_${i}='${MODULE}'" >> "${MODULESLIST}" + echo "module_${i}_program='${PROGRAM}'" >> "${MODULESLIST}" + echo "module_${i}_program_start='${PROGRAM_START}'" >> "${MODULESLIST}" + echo "module_${i}_program_stop='${PROGRAM_STOP}'" >> "${MODULESLIST}" + echo "module_${i}_provide='${PROVIDE}'" >> "${MODULESLIST}" + i=$((${i} + 1)) + done + echo "module_${i}=" >> "${MODULESLIST}" + ) + + return 0 +} + +_load_modules() +{ + local starting=$1 mymods= + + # Ensure our list is up to date + _gen_module_list false + if ! . "${MODULESLIST}"; then + _gen_module_list true + . "${MODULESLIST}" + fi + + MODULES= + if [ "${IFACE}" != "lo" -a "${IFACE}" != "lo0" ]; then + eval mymods=\$modules_${IFVAR} + [ -z "${mymods}" ] && mymods=${modules} + fi + + local i=-1 x= mod= f= provides= + while true; do + i=$((${i} + 1)) + eval mod=\$module_${i} + [ -z "${mod}" ] && break + [ -e "${MODULESDIR}/${mod}.sh" ] || continue + + eval set -- \$module_${i}_program + if [ -n "$1" ]; then + x= + for x; do + [ -x "${x}" ] && break + done + [ -x "${x}" ] || continue + fi + if ${starting}; then + eval set -- \$module_${i}_program_start + else + eval set -- \$module_${i}_program_stop + fi + if [ -n "$1" ]; then + x= + for x; do + case "${x}" in + /*) [ -x "${x}" ] && break;; + *) type "${x}" >/dev/null 2>&1 && break;; + esac + unset x + done + [ -n "${x}" ] || continue + fi + + eval provides=\$module_${i}_provide + if ${starting}; then + case " ${mymods} " in + *" !${mod} "*) continue;; + *" !${provides} "*) [ -n "${provides}" ] && continue;; + esac + fi + MODULES="${MODULES}${MODULES:+ }${mod}" + + # Now load and wrap our functions + if ! . "${MODULESDIR}/${mod}.sh"; then + eend 1 "${RC_SVCNAME}: error loading module \`${mod}'" + exit 1 + fi + + [ -z "${provides}" ] && continue + + # Wrap our provides + local f= + for f in pre_start start post_start; do + eval "${provides}_${f}() { [ "$(command -v "${mod}_${f}")" = "${mod}_${f}" ] || return 0; ${mod}_${f} \"\$@\"; }" + done + + eval module_${mod}_provides="${provides}" + eval module_${provides}_providedby="${mod}" + done + + # Wrap our preferred modules + for mod in ${mymods}; do + case " ${MODULES} " in + *" ${mod} "*) + eval x=\$module_${mod}_provides + [ -z "${x}" ] && continue + for f in pre_start start post_start; do + eval "${x}_${f}() { [ "$(command -v "${mod}_${f}")" = "${mod}_${f}" ] || return 0; ${mod}_${f} \"\$@\"; }" + done + eval module_${x}_providedby="${mod}" + ;; + esac + done + + # Finally remove any duplicated provides from our list if we're starting + # Otherwise reverse the list + local LIST="${MODULES}" p= + MODULES= + if ${starting}; then + for mod in ${LIST}; do + eval x=\$module_${mod}_provides + if [ -n "${x}" ]; then + eval p=\$module_${x}_providedby + [ "${mod}" != "${p}" ] && continue + fi + MODULES="${MODULES}${MODULES:+ }${mod}" + done + else + for mod in ${LIST}; do + MODULES="${mod}${MODULES:+ }${MODULES}" + done + fi + + veinfo "Loaded modules: ${MODULES}" +} + +_load_config() +{ + local config="$(_get_array "config_${IFVAR}")" + local fallback="$(_get_array fallback_${IFVAR})" + + config_index=0 + local IFS="$__IFS" + set -- ${config} + + # We should support a space separated array for cidr configs + if [ $# = 1 ]; then + unset IFS + set -- ${config} + # Of course, we may have a single address added old style. + case "$2" in + netmask|broadcast|brd|brd+|peer|pointopoint) + local IFS="$__IFS" + set -- ${config} + ;; + esac + fi + + # Ensure that loopback has the correct address + if [ "${IFACE}" = "lo" -o "${IFACE}" = "lo0" ]; then + if [ "$1" != "null" ]; then + config_0="127.0.0.1/8" + config_index=1 + fi + else + if [ -z "$1" ]; then + ewarn "No configuration specified; defaulting to DHCP" + config_0="dhcp" + config_index=1 + fi + fi + + + # We store our config in an array like vars + # so modules can influence it + for cmd; do + eval config_${config_index}="'${cmd}'" + config_index=$((${config_index} + 1)) + done + # Terminate the list + eval config_${config_index}= + + config_index=0 + for cmd in ${fallback}; do + eval fallback_${config_index}="'${cmd}'" + config_index=$((${config_index} + 1)) + done + # Terminate the list + eval fallback_${config_index}= + + # Don't set to zero, so any net modules don't have to do anything extra + config_index=-1 +} + +# Support functions +_run_if() +{ + local cmd=$1 iface=$2 ifr=${IFACE} ifv=${IFVAR} + # Ensure that we don't stamp on real values + local IFACE= IFVAR= + shift + if [ -n "${iface}" ]; then + IFACE="${iface}" + [ "${iface}" != "${ifr}" ] && IFVAR=$(shell_var "${IFACE}") + else + IFACE=${ifr} + IFVAR=${ifv} + fi + ${cmd} +} +interface_exists() +{ + _run_if _exists "$@" +} +interface_up() +{ + _run_if _up "$@" +} +interface_down() +{ + _run_if _down "$@" +} + +start() +{ + local IFACE=${RC_SVCNAME#*.} oneworked=false fallback=false module= + local IFVAR=$(shell_var "${IFACE}") cmd= our_metric= + local metric=0 + + einfo "Bringing up interface ${IFACE}" + eindent + + if [ -z "${MODULES}" ]; then + local MODULES= + _load_modules true + fi + + # We up the iface twice if we have a preup to ensure it's up if + # available in preup and afterwards incase the user inadvertently + # brings it down + if [ "$(command -v preup)" = "preup" ]; then + _up 2>/dev/null + ebegin "Running preup" + eindent + preup || return 1 + eoutdent + fi + + _up 2>/dev/null + + for module in ${MODULES}; do + if [ "$(command -v "${module}_pre_start")" = "${module}_pre_start" ]; then + ${module}_pre_start || exit $? + fi + done + + if ! _exists; then + eerror "ERROR: interface ${IFACE} does not exist" + eerror "Ensure that you have loaded the correct kernel module for your hardware" + return 1 + fi + + if ! _wait_for_carrier; then + if service_started devd; then + ewarn "no carrier, but devd will start us when we have one" + mark_service_inactive "${RC_SVCNAME}" + else + eerror "no carrier" + fi + return 1 + fi + + local config= config_index= + _load_config + config_index=0 + + eval our_metric=\$metric_${IFVAR} + if [ -n "${our_metric}" ]; then + metric=${our_metric} + elif [ "${IFACE}" != "lo" -a "${IFACE}" != "lo0" ]; then + metric=$((${metric} + $(_ifindex))) + fi + + while true; do + eval config=\$config_${config_index} + [ -z "${config}" ] && break + + set -- ${config} + if [ "$1" != "null" -a "$1" != "noop" ]; then + ebegin "$1" + fi + eindent + case "$1" in + noop) + if [ -n "$(_get_inet_address)" ]; then + oneworked=true + break + fi + ;; + null) :;; + [0-9]*|*:*) _add_address ${config};; + *) + if [ "$(command -v "${config}_start")" = "${config}_start" ]; then + "${config}"_start + else + eerror "nothing provides \`${config}'" + fi + ;; + esac + if eend $?; then + oneworked=true + else + eval config=\$fallback_${config_index} + if [ -n "${config}" ]; then + fallback=true + eoutdent + ewarn "Trying fallback configuration ${config}" + eindent + eval config_${config_index}=\$config + unset fallback_${config_index} + config_index=$((${config_index} - 1)) + fi + fi + eoutdent + config_index=$((${config_index} + 1)) + done + + if ! ${oneworked}; then + if [ "$(command -v failup)" = "failup" ]; then + ebegin "Running failup" + eindent + failup + eoutdent + fi + return 1 + fi + + local hidefirstroute=false first=true routes= + if ${fallback}; then + routes="$(_get_array "fallback_routes_${IFVAR}")" + fi + if [ -z "${routes}" ]; then + routes="$(_get_array "routes_${IFVAR}")" + fi + if [ "${IFACE}" = "lo" -o "${IFACE}" = "lo0" ]; then + if [ "${config_0}" != "null" ]; then + routes="127.0.0.0/8 via 127.0.0.1 +${routes}" + hidefirstroute=true + fi + fi + + local OIFS="${IFS}" SIFS="${IFS-y}" + local IFS="$__IFS" + for cmd in ${routes}; do + unset IFS + if ${first}; then + first=false + einfo "Adding routes" + fi + eindent + ebegin ${cmd} + # Work out if we're a host or a net if not told + case ${cmd} in + -net" "*|-host" "*);; + *" "netmask" "*) cmd="-net ${cmd}";; + *.*.*.*/32*) cmd="-host ${cmd}";; + *.*.*.*/*|0.0.0.0|0.0.0.0" "*) cmd="-net ${cmd}";; + default|default" "*) cmd="-net ${cmd}";; + *) cmd="-host ${cmd}";; + esac + if ${hidefirstroute}; then + _add_route ${cmd} >/dev/null 2>&1 + hidefirstroute=false + else + _add_route ${cmd} >/dev/null + fi + eend $? + eoutdent + done + if [ "${SIFS}" = "y" ]; then + unset IFS + else + IFS="${OIFS}" + fi + + for module in ${MODULES}; do + if [ "$(command -v "${module}_post_start")" = "${module}_post_start" ]; then + ${module}_post_start || exit $? + fi + done + + if [ "$(command -v postup)" = "postup" ]; then + ebegin "Running postup" + eindent + postup + eoutdent + fi + + return 0 +} + +stop() +{ + local IFACE=${RC_SVCNAME#*.} module= + local IFVAR=$(shell_var "${IFACE}") opts= + + einfo "Bringing down interface ${IFACE}" + eindent + + if [ -z "${MODULES}" ]; then + local MODULES= + _load_modules false + fi + + if [ "$(command -v predown)" = "predown" ]; then + ebegin "Running predown" + eindent + predown || return 1 + eoutdent + else + if is_net_fs /; then + eerror "root filesystem is network mounted -- can't stop ${IFACE}" + return 1 + fi + fi + + for module in ${MODULES}; do + if [ "$(command -v "${module}_pre_stop")" = "${module}_pre_stop" ]; then + ${module}_pre_stop || exit $? + fi + done + + for module in ${MODULES}; do + if [ "$(command -v "${module}_stop")" = "${module}_stop" ]; then + ${module}_stop + fi + done + + # Only delete addresses for interfaces that exist + if _exists; then + # PPP can manage it's own addresses when IN_BACKGROUND + # Important in case "demand" set on the ppp link + if ! (yesno ${IN_BACKGROUND} && is_ppp) ; then + _delete_addresses "${IFACE}" + fi + fi + + for module in ${MODULES}; do + if [ "$(command -v "${module}_post_stop")" = "${module}_post_stop" ]; then + ${module}_post_stop + fi + done + + # If not in background, and not loopback then bring the interface down + # unless overridden. + if ! yesno ${IN_BACKGROUND} && \ + [ "${IFACE}" != "lo" -a "${IFACE}" != "lo0" ]; then + eval module=\$ifdown_${IFVAR} + module=${module:-${ifdown:-YES}} + yesno ${module} && _down 2>/dev/null + fi + + type resolvconf >/dev/null 2>&1 && resolvconf -d "${IFACE}" 2>/dev/null + + if [ "$(command -v "postdown")" = "postdown" ]; then + ebegin "Running postdown" + eindent + postdown + eoutdent + fi + + return 0 +} diff --git a/init.d/netmount b/init.d/netmount new file mode 100755 index 0000000..6a36d35 --- /dev/null +++ b/init.d/netmount @@ -0,0 +1,106 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Mounts network shares according to /etc/fstab." + +need_portmap() +{ + local opts= + local IFS=" +" + set -- $(fstabinfo --options --fstype nfs,nfs4) + for opts; do + case ,$opts, in + *,noauto,*|*,nolock,*);; + *) return 0;; + esac + done + return 1 +} + +depend() +{ + # Only have portmap as a dependency if there is a nfs mount in fstab + # that is set to mount at boot + local pmap= + if need_portmap; then + pmap="rpc.statd" + [ -x /etc/init.d/rpcbind ] \ + && pmap="$pmap rpcbind" \ + || pmap="$pmap portmap" + fi + + config /etc/fstab + need net $pmap + use afc-client amd autofs openvpn + use dns nfs nfsmount portmap rpcbind rpc.statd rpc.lockd + keyword -jail -prefix -vserver +} + +start() +{ + local myneed= myuse= pmap="portmap" nfsmounts= + [ -x /etc/init.d/rpcbind ] && pmap="rpcbind" + + local x= fs= rc= + for x in $net_fs_list $extra_net_fs_list; do + case "$x" in + nfs|nfs4) + # If the nfsmount script took care of the nfs + # filesystems, then there's no point in trying + # them twice + service_started nfsmount && continue + + # Only try to mount NFS filesystems if portmap was + # started. This is to fix "hang" problems for new + # users who do not add portmap to the default runlevel. + if need_portmap && ! service_started "$pmap"; then + continue + fi + ;; + esac + fs="$fs${fs:+,}$x" + done + + ebegin "Mounting network filesystems" + mount -at $fs + rc=$? + if [ "$RC_UNAME" = Linux ]; then + mount -a -O _netdev + rc=$? + fi + ewend $rc "Could not mount all network filesystems" + return 0 +} + +stop() +{ + local x= fs= + + ebegin "Unmounting network filesystems" + . "$RC_LIBEXECDIR"/sh/rc-mount.sh + + for x in $net_fs_list $extra_net_fs_list; do + fs="$fs${fs:+,}$x" + done + if [ -n "$fs" ]; then + umount -at $fs || eerror "Failed to simply unmount filesystems" + fi + + eindent + fs= + for x in $net_fs_list $extra_net_fs_list; do + fs="$fs${fs:+|}$x" + done + [ -n "$fs" ] && fs="^($fs)$" + do_unmount umount ${fs:+--fstype-regex} $fs --netdev + retval=$? + + eoutdent + if [ "$RC_UNAME" = Linux ]; then + umount -a -O _netdev + retval=$? + fi + eend $retval "Failed to unmount network filesystems" +} diff --git a/init.d/network b/init.d/network new file mode 100755 index 0000000..9f8ac71 --- /dev/null +++ b/init.d/network @@ -0,0 +1,352 @@ +#!/sbin/runscript +# Copyright (c) 2009 Roy Marples +# Released under the 2-clause BSD license. + +# This script was inspired by the equivalent rc.d network from NetBSD. + +description="Configures network interfaces." +__nl=" +" + +depend() +{ + need localmount + after bootmisc + provide net + keyword -jail -prefix -vserver +} + +uniqify() +{ + local result= i= + for i; do + case " $result " in + *" $i "*);; + *) result="$result $i";; + esac + done + echo "${result# *}" +} + +reverse() +{ + local result= i= + for i; do + result="$i $result" + done + echo "${result# *}" +} + +sys_interfaces() +{ + case "$RC_UNAME" in + Linux) + local w= rest= i= cmd=$1 + while read w rest; do + i=${w%%:*} + [ "$i" != "$w" ] || continue + if [ "$cmd" = u ]; then + ifconfig "$i" | grep -q "[ ]*UP" || continue + fi + printf "%s " "$i" + done /dev/null); do + for f in /etc/ifconfig.${c}[0-9]*; do + [ -f "$f" ] && printf "%s" "$f{##*.} " + done + done + ;; + *) + for f in /etc/ifconfig.*; do + [ -f "$f" ] && printf "%s" "${f##*.} " + done + for f in /etc/ip.*; do + [ -f "$f" ] && printf "%s" "${f##*.} " + done + ;; + esac + echo +} + +interfaces() +{ + uniqify $(sys_interfaces "$@") $interfaces $(auto_interfaces) +} + +dumpargs() +{ + local f="$1" + + shift + case "$@" in + '') [ -f "$f" ] && cat "$f";; + *"$__nl"*) echo "$@";; + *) + ( + set -o noglob + IFS=';'; set -- $@ + IFS="$__nl"; echo "$*" + );; + esac +} + +intup=false +runip() +{ + local int="$1" err= + shift + + # Ensure we have a valid broadcast address + case "$@" in + *" broadcast "*|*" brd "*) ;; + *:*) ;; # Ignore IPv6 + *) set -- "$@" brd +;; + esac + + err=$(LC_ALL=C ip address add "$@" dev "$int" 2>&1) + if [ -z "$err" ]; then + # ip does not bring up the interface when adding addresses + if ! $intup; then + ip link set "$int" up + intup=true + fi + return 0 + fi + if [ "$err" = "RTNETLINK answers: File exists" ]; then + ip address del "$@" dev "$int" 2>/dev/null + fi + # Localise the error + ip address add "$@" dev "$int" +} + +routeflush() +{ + if [ "$RC_UNAME" = Linux ]; then + if [ -x /sbin/ip ] || [ -x /bin/ip ]; then + ip route flush scope global + ip route delete default 2>/dev/null + else + # Sadly we also delete some link routes, but + # this cannot be helped + local dest= gate= net= flags= rest= + route -n | while read dest gate net flags rest; do + [ -z "$net" ] && continue + case "$dest" in + [0-9]*) ;; + *) continue;; + esac + local xtra= netmask="netmask $net" + case "$flags" in + U) continue;; + *H*) flags=-host; netmask=;; + *!*) flags=-net; xtra=reject;; + *) flags=-net;; + esac + route del $flags $dest $netmask $xtra + done + # Erase any default dev eth0 routes + route del default 2>/dev/null + fi + else + route -qn flush + fi +} + +runargs() +{ + dumpargs "$@" | while read -r args; do + case "$args" in + ''|"#"*) ;; + *) + ( + eval vebegin "${args#*!}" + eval "${args#*!}" + veend $? + );; + esac + done +} + +start() +{ + local cr=0 r= int= intv= cmd= args= upcmd= + + if [ -z "$domainname" -a -s /etc/defaultdomain ]; then + domainname=$(cat /etc/defaultdomain) + fi + if [ -n "$domainname" ]; then + ebegin "Setting NIS domainname: $domainname" + domainname "$domainname" + eend $? + fi + + einfo "Starting network" + routeflush + if [ "$RC_UNAME" = "Linux" ]; then + ifconfig lo 127.0.0.1 netmask 255.0.0.0 || cr=1 + route add -net 127.0.0.0 netmask 255.0.0.0 \ + gw 127.0.0.1 reject 2>/dev/null + else + ifconfig lo0 127.0.0.1 netmask 255.0.0.0 || cr=1 + route -q add -inet 127.0.0.0 -netmask 255.0.0.0 \ + 127.0.0.1 -reject || cr=1 + fi + eindent + for int in $(interfaces); do + local func= cf= + intv=$(shell_var "$int") + eval upcmd=\$ifup_$intv + for func in ip ifconfig; do + eval cmd=\$${func}_$intv + if [ -n "$cmd" -o -f /etc/"$func.$int" ]; then + cf=/etc/"$func.$int" + break + fi + done + [ -n "$cf" -o -n "$upcmd" -o \ + -f /etc/ifup."$int" -o -f "$cf" ] || continue + veinfo "$int" + case "$func" in + ip) func=runip; intup=false;; + esac + eindent + runargs /etc/ifup."$int" "$upcmd" + r=0 + dumpargs "$cf" "$cmd" | while read -r args; do + case "$args" in + ''|"#"*) ;; + "!"*) + ( + eval vebegin "${args#*!}" + eval "${args#*!}" + veend $? + );; + *) + ( + set -o noglob + eval set -- "$args" + vebegin "$@" + $func "$int" "$@" + veend $? + );; + esac + done + eoutdent + done + eoutdent + eend $cr + + # Wait for any inet6 tentative addresses + r=5 + while [ $r -gt 0 ]; do + tentative || break + [ $r = 5 ] && vebegin "Waiting for tentative addresses" + sleep 1 + r=$(($r - 1)) + done + if [ $r != 5 ]; then + [ $r != 0 ] + veend $? + fi + + if [ -n "$defaultroute" ]; then + ebegin "Setting default route $defaultroute" + route add default $defaultroute + eend $? + elif [ -n "$defaultiproute" ]; then + ebegin "Setting default route $defaultiproute" + ip route add default $defaultiproute + eend $? + fi + + if [ -n "$defaultroute6" ]; then + ebegin "Setting default route $defaultroute6" + if [ "$RC_UNAME" = Linux ]; then + routecmd="route -A inet6 add" + else + routecmd="route -inet6 add" + fi + $routecmd default $defaultroute6 + eend $? + elif [ -n "$defaultiproute6" ]; then + ebegin "Setting default route $defaultiproute6" + ip -f inet6 route add default $defaultiproute6 + eend $? + fi + + return 0 +} + +stop() +{ + # Don't stop the network at shutdown. + # We don't use the noshutdown keyword so that we are started again + # correctly if we go back to multiuser. + yesno ${shutdown_network:-YES} && yesno $RC_GOINGDOWN && return 0 + + local int= intv= cmd= downcmd= r= + einfo "Stopping network" + routeflush + eindent + for int in $(reverse $(interfaces u)); do + intv=$(shell_var "$int") + eval downcmd=\$ifdown_$intv + eval cmd=\$ip_$intv + [ -z "$cmd" ] && eval cmd=\$ifconfig_$intv + if [ -n "$cmd" -o -f /etc/ip."$int" -o \ + -f /etc/ifconfig."$int" -o \ + -n "$downcmd" -o -f /etc/ifdown."$int" ]; + then + veinfo "$int" + runargs /etc/ifdown."$int" "$downcmd" + if [ -x /sbin/ip ] || [ -x /bin/ip ]; then + # We need to do this, otherwise we may + # fail to add things correctly on restart + ip address flush dev "$int" 2>/dev/null + fi + ifconfig "$int" down 2>/dev/null + ifconfig "$int" destroy 2>/dev/null + fi + done + eoutdent + eend 0 +} diff --git a/init.d/nrpe b/init.d/nrpe new file mode 100755 index 0000000..d83171e --- /dev/null +++ b/init.d/nrpe @@ -0,0 +1,36 @@ +#!/sbin/runscript + +opts="${opts} reload" + +depend() { + need net +} + +start() { + ebegin "Starting nrpe" + start-stop-daemon --start --quiet --name nrpe \ + --startas /usr/bin/nrpe \ + -c nagios:nagios \ + -- -c /etc/nagios/nrpe.cfg \ + --daemon + eend $? "Failed to Start nrpe" +} + +stop() { + ebegin "Stopping nrpe" + start-stop-daemon --stop --quiet -n nrpe + eend $? "Failed to Stop nrpe" +} + +reload() { + ebegin "Reloading nrpe" + kill -HUP `pgrep nrpe | head -1` + eend $? "Failed to reload nrpe" +} + +restart() { + ebegin "Restarting nrpe" + svc_stop + svc_start + eend $? "Failed to Restart nrpe" +} diff --git a/init.d/nscd b/init.d/nscd new file mode 100755 index 0000000..70fb3ea --- /dev/null +++ b/init.d/nscd @@ -0,0 +1,63 @@ +#!/sbin/runscript +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo/src/patchsets/glibc/extra/etc/nscd,v 1.3 2009/09/18 12:29:46 flameeyes Exp $ + +depend() { + use dns ldap net slapd +} + +checkconfig() { + if [ ! -d /var/run/nscd ] ; then + mkdir -p /var/run/nscd + chmod 755 /var/run/nscd + fi + if [ -z "${NSCD_PERMS_OK}" ] && [ "$(stat -c %a /var/run/nscd)" != "755" ] ; then + echo "" + ewarn "nscd run dir is not world readable, you should reset the perms:" + ewarn "chmod 755 /var/run/nscd" + ewarn "chmod a+rw /var/run/nscd/socket" + echo "" + ewarn "To disable this warning, set 'NSCD_PERMS_OK' in /etc/conf.d/nscd" + echo "" + fi +} + +start() { + checkconfig + + ebegin "Starting Name Service Cache Daemon" + local secure=`while read curline ; do + table=${curline%:*} + entries=${curline##$table:} + table=${table%%[^a-z]*} + case $table in + passwd*|group*|hosts) + for entry in $entries ; do + case $entry in + nisplus*) + /usr/sbin/nscd_nischeck $table || \ + /echo "-S $table,yes" + ;; + esac + done + ;; + esac + done < /etc/nsswitch.conf` + local pidfile=/var/run/nscd/nscd.pid + mkdir -p "$(dirname ${pidfile})" + start-stop-daemon --start --quiet \ + --exec /usr/sbin/nscd --pidfile ${pidfile} \ + -- $secure + eend $? +} + +stop() { + local pidfile=/var/run/nscd/nscd.pid + ebegin "Shutting down Name Service Cache Daemon" + start-stop-daemon --stop --quiet \ + --exec /usr/sbin/nscd --pidfile ${pidfile} + eend $? +} + +# vim:ts=4 diff --git a/init.d/ntp-client b/init.d/ntp-client new file mode 100755 index 0000000..78715e2 --- /dev/null +++ b/init.d/ntp-client @@ -0,0 +1,32 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/ntp/files/ntp-client.rc,v 1.11 2007/03/09 17:24:28 vapier Exp $ + +depend() { + before cron portmap + need net + use dns logger +} + +checkconfig() { + if ! type "${NTPCLIENT_CMD}" >/dev/null 2>/dev/null ; then + eerror "Please edit /etc/conf.d/ntp-client" + eerror "Unable to locate the client command ${NTPCLIENT_CMD}!" + return 1 + fi + if [ -z "${NTPCLIENT_OPTS}" ] ; then + eerror "Please edit /etc/conf.d/ntp-client" + eerror "I need to know what server/options to use!" + return 1 + fi + return 0 +} + +start() { + checkconfig || return $? + + ebegin "Setting clock via the NTP client '${NTPCLIENT_CMD}'" + "${NTPCLIENT_CMD}" ${NTPCLIENT_OPTS} + eend $? "Failed to set clock" +} diff --git a/init.d/ntpd b/init.d/ntpd new file mode 100755 index 0000000..a5bd1ff --- /dev/null +++ b/init.d/ntpd @@ -0,0 +1,36 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/ntp/files/ntpd.rc,v 1.24 2010/07/18 21:53:24 vapier Exp $ + +depend() { + use net dns logger + after ntp-client +} + +checkconfig() { + if [ ! -f /etc/ntp.conf ] ; then + eerror "Please create /etc/ntp.conf" + eerror "Sample conf: /usr/share/ntp/ntp.conf" + return 1 + fi + return 0 +} + +start() { + checkconfig || return $? + + ebegin "Starting ntpd" + start-stop-daemon --start --exec /usr/sbin/ntpd \ + --pidfile /var/run/ntpd.pid \ + -- -p /var/run/ntpd.pid ${NTPD_OPTS} + eend $? "Failed to start ntpd" +} + +stop() { + ebegin "Stopping ntpd" + start-stop-daemon --stop \ + --pidfile /var/run/ntpd.pid \ + --exec /usr/sbin/ntpd + eend $? "Failed to stop ntpd" +} diff --git a/init.d/numlock b/init.d/numlock new file mode 100755 index 0000000..bfa6add --- /dev/null +++ b/init.d/numlock @@ -0,0 +1,42 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Turns numlock on for the consoles." + +ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}} + +depend() +{ + need localmount + keyword -openvz -prefix -vserver -lxc +} + +_setleds() +{ + [ -z "$1" ] && return 1 + + local dev=/dev/tty t= i=1 retval=0 + [ -d /dev/vc ] && dev=/dev/vc/ + + while [ $i -le $ttyn ]; do + setleds -D "$1"num < $dev$i || retval=1 + i=$(($i + 1)) + done + + return $retval +} + +start() +{ + ebegin "Enabling numlock on ttys" + _setleds + + eend $? "Failed to enable numlock" +} + +stop() +{ + ebegin "Disabling numlock on ttys" + _setleds - + eend $? "Failed to disable numlock" +} diff --git a/init.d/pciparm b/init.d/pciparm new file mode 100755 index 0000000..705b647 --- /dev/null +++ b/init.d/pciparm @@ -0,0 +1,80 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/pciutils/files/init.d-pciparm,v 1.3 2008/10/11 02:47:50 robbat2 Exp $ + +depend() { + before bootmisc hdparm + after localmount +} + +checkconfig() { + if [ ! -f /etc/conf.d/pciparm ]; then + ewarn "/etc/conf.d/pciparm does not exist, skipping" + return 1 + fi + + if [ -z "${PCIPARM_ALL}" -a -z "${PCIPARM_BUS_0}" -a -z "${PCIPARM_VENDOR_0}" ]; then + ewarn "None of PCIPARM_ALL, PCIPARM_BUS_* or PCIPARM_VENDOR_* set in /etc/conf.d/pciparm" + return 1 + fi +} + +do_setpci() { + #ewarn "do_setpci: /usr/sbin/setpci $SETPCI_OPT $@" + SWITCH=$1 + SPEC_ID=$2 + shift 2 + case "$SWITCH" in + -d) DESC=vendor ;; + -s) DESC=bus ;; + *) eerror "Unknown setpci type: $SWITCH" ; return 1 ;; + esac + + if [ -z "$SPEC_ID" ]; then + eerror "Missing device specifier!" + return 1 + fi + if [ -z "$*" ]; then + eerror "Missing configuration to set for ($DESC) $SPEC_ID!" + return 1 + fi + + ebegin "Setting PCI params for ($DESC) $SPEC_ID to $@" + /usr/sbin/setpci $SETPCI_OPT $SWITCH $SPEC_ID "$@" + rc=$? + eend $rc + return $rc +} + +do_setpci_array() { + name=$1 + shift + i=0 + while true; do + eval opt="\$${name}_$i" + # End of loop + [ -z "${opt}" ] && break + # Pass in all other parameters here, in case we want to use multiple + # arguments later. + do_setpci "$@" $opt #|| return 1 + i=$(($i+1)) + done +} + +start() { + if get_bootparam "nopciparm" ; then + ewarn "Skipping pciparm init as requested in kernel cmdline" + return 0 + fi + + checkconfig || return 1 + + # We do not exit after any errors presently, because it might be a + # stability-related fix after a failure. + [ -n "$PCIPARM_ALL" ] && \ + do_setpci -d '*:*' $PCIPARM_ALL #|| return 1 + + do_setpci_array PCIPARM_BUS -s #|| return 1 + do_setpci_array PCIPARM_VENDOR -d #|| return 1 +} diff --git a/init.d/php-fpm b/init.d/php-fpm new file mode 100755 index 0000000..249df0f --- /dev/null +++ b/init.d/php-fpm @@ -0,0 +1,41 @@ +#!/sbin/runscript + +PHPSLOT="php5.3" + +PHP_FPM_CONF="/etc/php/fpm-${PHPSLOT}/php-fpm.conf" + +PHP_FPM_PID="/var/run/php-fpm.pid" + +opts="depend start stop reload" + +depend() { + need net + use apache2 lighttpd nginx +} + +start() { + ebegin "Starting PHP FastCGI Process Manager" + start-stop-daemon --start --pidfile ${PHP_FPM_PID} --exec \ + /usr/bin/php-fpm -- -y "${PHP_FPM_CONF}" -g "${PHP_FPM_PID}" + local i=0 + local timeout=5 + while [ ! -f ${PHP_FPM_PID} ] && [ $i -le $timeout ]; do + sleep 1 + i=$(($i + 1)) + done + + [ $timeout -gt $i ] + eend $? +} + +stop() { + ebegin "Stopping PHP FastCGI Process Manager" + start-stop-daemon --signal QUIT --stop --exec /usr/bin/php-fpm --pidfile ${PHP_FPM_PID} + eend $? +} + +reload() { + ebegin "Reloading PHP FastCGI Process Manager" + [ -f ${PHP_FPM_PID} ] && kill -USR2 $(cat ${PHP_FPM_PID}) + eend $? +} diff --git a/init.d/policyd-weight b/init.d/policyd-weight new file mode 100755 index 0000000..d47e5be --- /dev/null +++ b/init.d/policyd-weight @@ -0,0 +1,25 @@ +#!/sbin/runscript +opts="${opts} reload" + +depend(){ + before postfix + need net +} + +start(){ + ebegin "Starting policyd-weight" + /usr/lib/postfix/policyd-weight start + eend $? +} + +stop(){ + ebegin "Stopping policyd-weight" + /usr/lib/postfix/policyd-weight -k stop + eend $? +} + +reload(){ + ebegin "Reloading policyd-weight" + /usr/lib/postfix/policyd-weight reload + eend $? +} diff --git a/init.d/portmap b/init.d/portmap new file mode 100755 index 0000000..bbffd6c --- /dev/null +++ b/init.d/portmap @@ -0,0 +1,59 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/files/portmap.rc6,v 1.13 2009/05/30 20:50:39 vapier Exp $ + +depend() { + use net + before inetd + before xinetd +} + +checkconfig() { + if [ -e /proc/config.gz ] ; then + if zcat /proc/config.gz | grep -s SUNRPC_REGISTER_V4=y ; then + eerror "portmap does not work with SUNRPC_REGISTER_V4=y;" + eerror "disable it or use the net-nds/rpcbind package." + return 1 + fi + fi + return 0 +} + +start() { + checkconfig || return 1 + + ebegin "Starting portmap" + start-stop-daemon --start --quiet --exec /sbin/portmap -- ${PORTMAP_OPTS} + local ret=$? + eend ${ret} + # without, if a service depending on portmap is started too fast, + # connecting to portmap will fail -- azarah + sleep 1 + return ${ret} +} + +stop() { + ebegin "Stopping portmap" + start-stop-daemon --stop --quiet --exec /sbin/portmap + eend $? +} + +restart() { + # Dump the portmapper's table before stopping + ebegin "Saving portmap table" + local pmap=$(pmap_dump) + eend $? + + # Stop and restart portmapper + svc_stop + sleep 1 + svc_start + + # Reload the portmapper's table + if [ -n "${pmap}" ] ; then + ebegin "Reloading portmap table" + echo "${pmap}" | pmap_set + eend $? + fi +} diff --git a/init.d/postfix b/init.d/postfix new file mode 100755 index 0000000..a821ef0 --- /dev/null +++ b/init.d/postfix @@ -0,0 +1,48 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/postfix.rc6.2.5,v 1.3 2008/08/18 14:18:40 falco Exp $ + +# If you plan to simultaneously use several Postfix instances, don't forget +# to specify your alternate_config_directories variable in your main main.cf file. +# Then make a symlink from /etc/init.d/postfix to /etc/init.d/postfix.alt, +# prepare your new /etc/postfix.alt environment, and at least change these working paths: +# queue_directory = /var/spool/postfix.alt +# data_directory = /var/lib/postfix.alt + +CONF_DIR="/etc/postfix" +CONF_OPT="${SVCNAME##*.}" +if [ -n ${CONF_OPT} -a ${SVCNAME} != "postfix" ]; then + CONF_DIR="${CONF_DIR}.${CONF_OPT}" +fi + +opts="${opts} reload" + +depend() { + use logger dns ypbind amavisd mysql antivirus postfix_greylist net saslauthd + if [ "${SVCNAME}" = "postfix" ]; then + provide mta + fi +} + +start() { + ebegin "Starting postfix (${CONF_DIR})" + if [ ! -d ${CONF_DIR} ]; then + eend 1 "${CONF_DIR} does not exist" + return 1 + fi + /usr/sbin/postfix -c ${CONF_DIR} start >/dev/null 2>&1 + eend $? +} + +stop() { + ebegin "Stopping postfix (${CONF_DIR})" + /usr/sbin/postfix -c ${CONF_DIR} stop >/dev/null 2>&1 + eend $? +} + +reload() { + ebegin "Reloading postfix (${CONF_DIR})" + /usr/sbin/postfix -c ${CONF_DIR} reload >/dev/null 2>&1 + eend $? +} diff --git a/init.d/postgrey b/init.d/postgrey new file mode 100755 index 0000000..7920eb4 --- /dev/null +++ b/init.d/postgrey @@ -0,0 +1,101 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-filter/postgrey/files/postgrey.rc.new,v 1.11 2011/11/30 08:40:51 eras Exp $ + +conf="/etc/conf.d/postgrey" + +extra_started_commands="reload" + +depend() { + need net + before postfix + provide postfix_greylist +} + +conf_error() { + eerror "You need to setup ${conf} first" + return 1 +} + +checkconfig() { +if [ -z "${POSTGREY_TYPE}" ] + then + einfo "You need to choose the server type you want" + einfo "by setting the POSTGREY_TYPE variable in ${conf}." + else + if [ "x${POSTGREY_TYPE}" = "xinet" ] + then + if [ -z "${POSTGREY_PORT}" ] || [ -z "${POSTGREY_HOST}" ] + then + einfo "The following entries are missing in ${conf}:" + [ -z "${POSTGREY_HOST}" ] && einfo " - POSTGREY_HOST" + [ -z "${POSTGREY_PORT}" ] && einfo " - POSTGREY_PORT" + conf_error + fi + POSTGREY_ADDR="${POSTGREY_TYPE}=${POSTGREY_HOST}:${POSTGREY_PORT}" + else + if [ -z "${POSTGREY_SOCKET}" ] + then + einfo "The following entries are missing in ${conf}:" + [ -z "${POSTGREY_SOCKET}" ] && einfo " - POSTGREY_SOCKET" + conf_error + fi + POSTGREY_ADDR="${POSTGREY_TYPE}=${POSTGREY_SOCKET}" + fi +fi + + if [ -z "${POSTGREY_PID}" ] + then + einfo "The following entries are missing in ${conf}:" + [ -z "${POSTGREY_PID}" ] && einfo " - POSTGREY_PID" + conf_error + fi +} + +start() { + checkconfig || return 1 + ebegin "Starting Postgrey" + + # HACK -- start a subshell and corrects perms on the socket... + ( if [ "x${POSTGREY_TYPE}" = "xunix" ]; then + rm -f ${POSTGREY_SOCKET}; + while ! test -S ${POSTGREY_SOCKET}; do sleep 1; done; + chmod a+rw,a-x ${POSTGREY_SOCKET}; fi ) & + + if [ -z ${POSTGREY_DELAY} ] ; then + POSTGREY_DELAY_ARG="" + else + POSTGREY_DELAY_ARG="--delay=${POSTGREY_DELAY}" + fi + + if [ -z "${POSTGREY_TEXT}" ] ; then + POSTGREY_TEXT_ARG="" + else + POSTGREY_TEXT_ARG="--greylist-text=${POSTGREY_TEXT}" + fi + + start-stop-daemon --start --quiet --background \ + --pidfile=${POSTGREY_PID} \ + --name postgrey \ + --exec /usr/sbin/postgrey -- \ + --${POSTGREY_ADDR} \ + --daemonize \ + --pidfile=${POSTGREY_PID} \ + ${POSTGREY_DELAY_ARG} \ + ${POSTGREY_OPTS} \ + "${POSTGREY_TEXT_ARG}" + eend ${?} +} + +stop() { + ebegin "Stopping Postgrey" + start-stop-daemon --stop --quiet --pidfile ${POSTGREY_PID} + eend ${?} +} + +reload() { + ebegin "Reloading Postgrey" + start-stop-daemon --stop --signal HUP --oknodo --pidfile ${POSTGREY_PID} + eend $? +} diff --git a/init.d/procfs b/init.d/procfs new file mode 100755 index 0000000..5254f4d --- /dev/null +++ b/init.d/procfs @@ -0,0 +1,71 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Mounts misc filesystems in /proc." + +depend() +{ + use modules devfs + need localmount + keyword -openvz -prefix -vserver -lxc +} + +start() +{ + # Make sure we insert usbcore if it's a module + if [ -f /proc/modules -a ! -d /sys/module/usbcore -a ! -d /proc/bus/usb ]; then + modprobe -q usbcore + fi + + [ -e /proc/filesystems ] || return 0 + + # Check what USB fs the kernel support. Currently + # 2.5+ kernels, and later 2.4 kernels have 'usbfs', + # while older kernels have 'usbdevfs'. + if [ -d /proc/bus/usb -a ! -e /proc/bus/usb/devices ]; then + local usbfs=$(grep -Fow usbfs /proc/filesystems || + grep -Fow usbdevfs /proc/filesystems) + if [ -n "$usbfs" ]; then + ebegin "Mounting USB device filesystem [$usbfs]" + local usbgid="$(getent group usb | \ + sed -e 's/.*:.*:\(.*\):.*/\1/')" + mount -t $usbfs \ + -o ${usbgid:+devmode=0664,devgid=$usbgid,}noexec,nosuid \ + usbfs /proc/bus/usb + eend $? + fi + fi + + # Setup Kernel Support for miscellaneous Binary Formats + if [ -d /proc/sys/fs/binfmt_misc -a ! -e /proc/sys/fs/binfmt_misc/register ]; then + if grep -qs binfmt_misc /proc/filesystems; then + ebegin "Mounting misc binary format filesystem" + mount -t binfmt_misc -o nodev,noexec,nosuid \ + binfmt_misc /proc/sys/fs/binfmt_misc + if eend $? ; then + local fmts + ebegin "Loading custom binary format handlers" + fmts=$(grep -hsv -e '^[#;]' -e '^[[:space:]]*$' \ + /run/binfmt.d/*.conf \ + "/etc"/binfmt.d/*.conf \ + ""/usr/lib/binfmt.d/*.conf) + if [ -n "${fmts}" ]; then + echo "${fmts}" > /proc/sys/fs/binfmt_misc/register + fi + eend $? + fi + fi + fi + + # Setup Kernel Support for SELinux + if [ -d /selinux ] && ! mountinfo -q /selinux; then + if grep -qs selinuxfs /proc/filesystems; then + ebegin "Mounting SELinux filesystem" + mount -t selinuxfs selinuxfs /selinux + eend $? + fi + fi + + return 0 +} diff --git a/init.d/proftpd b/init.d/proftpd new file mode 100755 index 0000000..fe399a7 --- /dev/null +++ b/init.d/proftpd @@ -0,0 +1,52 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/files/proftpd.initd,v 1.4 2011/09/28 09:47:22 voyageur Exp $ + +extra_started_commands="reload" + +depend() { + need net + use logger dns mysql postgresql antivirus +} + +check_configuration() { + if [ ! -e /etc/proftpd/proftpd.conf ] ; then + eerror "To execute the ProFTPD server you need a /etc/proftpd/proftpd.conf configuration" + eerror "file. In /etc/proftpd you can find a sample configuration." + return 1 + fi + /usr/sbin/proftpd -t &>/dev/null + if [ $? -ne 0 ] ; then + eerror "The ProFTPD configuration file /etc/proftpd/proftpd.conf is invalid! You have to" + eerror "fix your configuration in order to run the ProFTPD server. For more information" + eerror "you may execute the ProFTPD configuration check '/usr/sbin/proftpd -t'." + return 2 + fi +} + +start() { + [ -d /var/run/proftpd ] || mkdir /var/run/proftpd + [ "${RC_CMD}" = "restart" ] || check_configuration || return 1 + ebegin "Starting ProFTPD" + start-stop-daemon --start --quiet \ + --exec /usr/sbin/proftpd \ + --pidfile /var/run/proftpd/proftpd.pid + eend $? +} + +stop() { + [ "${RC_CMD}" != "restart" ] || check_configuration || return 1 + ebegin "Stopping ProFTPD" + start-stop-daemon --stop --quiet --retry 20 \ + --pidfile /var/run/proftpd/proftpd.pid + eend $? +} + +reload() { + check_configuration || return 1 + ebegin "Reloading ProFTPD" + start-stop-daemon --quiet --signal HUP \ + --pidfile /var/run/proftpd/proftpd.pid + eend $? +} diff --git a/init.d/pwcheck b/init.d/pwcheck new file mode 100755 index 0000000..a24b80d --- /dev/null +++ b/init.d/pwcheck @@ -0,0 +1,21 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/files/pwcheck.rc6,v 1.5 2007/04/07 13:03:55 chtekk Exp $ + +depend() { + need localmount + use logger +} + +start() { + ebegin "Starting sasl pwcheck daemon" + start-stop-daemon --start --quiet --oknodo --exec /usr/sbin/pwcheck + eend $? +} + +stop() { + ebegin "Stopping sasl pwcheck daemon" + start-stop-daemon --stop --quiet --oknodo --exec /usr/sbin/pwcheck + eend $? +} diff --git a/init.d/pydoc-2.7 b/init.d/pydoc-2.7 new file mode 100755 index 0000000..6f901a1 --- /dev/null +++ b/init.d/pydoc-2.7 @@ -0,0 +1,29 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public Licence v2 +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.init,v 1.4 2011/10/27 13:56:55 neurogeek Exp $ + +depend() { + need net +} + +start() { + local pydoc_port="${PYDOC2_7_PORT-${PYDOC_PORT}}" + + if [ -z "${pydoc_port}" ]; then + eerror "Port not set" + return 1 + fi + + ebegin "Starting pydoc server on port ${pydoc_port}" + start-stop-daemon --start --background --make-pidfile \ + --pidfile /var/run/pydoc2.7.pid \ + --exec /usr/bin/pydoc2.7 -- -p "${pydoc_port}" + eend $? +} + +stop() { + ebegin "Stopping pydoc server" + start-stop-daemon --stop --quiet --pidfile /var/run/pydoc2.7.pid + eend $? +} diff --git a/init.d/pydoc-3.1 b/init.d/pydoc-3.1 new file mode 100755 index 0000000..c92d259 --- /dev/null +++ b/init.d/pydoc-3.1 @@ -0,0 +1,29 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public Licence v2 +# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.init,v 1.4 2011/10/27 13:56:55 neurogeek Exp $ + +depend() { + need net +} + +start() { + local pydoc_port="${PYDOC3_1_PORT-${PYDOC_PORT}}" + + if [ -z "${pydoc_port}" ]; then + eerror "Port not set" + return 1 + fi + + ebegin "Starting pydoc server on port ${pydoc_port}" + start-stop-daemon --start --background --make-pidfile \ + --pidfile /var/run/pydoc3.1.pid \ + --exec /usr/bin/pydoc3.1 -- -p "${pydoc_port}" + eend $? +} + +stop() { + ebegin "Stopping pydoc server" + start-stop-daemon --stop --quiet --pidfile /var/run/pydoc3.1.pid + eend $? +} diff --git a/init.d/quota b/init.d/quota new file mode 100755 index 0000000..9fd2d90 --- /dev/null +++ b/init.d/quota @@ -0,0 +1,38 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/quota/files/quota.rc7,v 1.1 2011/03/03 07:26:27 jlec Exp $ + +extra_started_commands="check" +description_check="Running quotacheck with quota being offline" + +depend() { + need localmount + use portmap +} + +start() { + if [[ ${RUN_QUOTACHECK} == "yes" ]] ; then + ebegin "Checking quotas (may take a while)" + quotacheck ${QUOTACHECK_OPTS} + eend $? + fi + + ebegin "Starting quota" + quotaon ${QUOTAON_OPTS} + eend $? +} + +stop() { + ebegin "Stopping quota" + quotaoff ${QUOTAOFF_OPTS} + eend $? +} + +check() { + ebegin "Checking quota" + quotaoff ${QUOTAOFF_OPTS} && \ + quotacheck ${QUOTACHECK_OPTS} && \ + quotaon ${QUOTAON_OPTS} + eend $? +} diff --git a/init.d/reboot.sh b/init.d/reboot.sh new file mode 100755 index 0000000..3e50f71 --- /dev/null +++ b/init.d/reboot.sh @@ -0,0 +1,11 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +opts="-dpk" +[ "${RC_DOWN_INTERFACE}" = "yes" ] && opts="${opts}i" + +/sbin/reboot "${opts}" 2>/dev/null + +# hmm, if the above failed, that's kind of odd ... +# so let's force a reboot +/sbin/reboot -f diff --git a/init.d/root b/init.d/root new file mode 100755 index 0000000..9a719b0 --- /dev/null +++ b/init.d/root @@ -0,0 +1,32 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Mount the root fs read/write" + +depend() +{ + need fsck + keyword -jail -openvz -prefix -vserver -lxc +} + +start() +{ + case ",$(fstabinfo -o /)," in + *,ro,*) return 0;; + esac + + if echo 2>/dev/null >/.test.$$; then + rm -f /.test.$$ /fastboot /forcefsck + return 0 + fi + + ebegin "Remounting root filesystem read/write" + case "$RC_UNAME" in + Linux) mount -n -o remount,rw /;; + *) mount -u -o rw /;; + esac + if eend $? "Root filesystem could not be mounted read/write"; then + rm -f /fastboot /forcefsck + fi +} diff --git a/init.d/rpc.rquotad b/init.d/rpc.rquotad new file mode 100755 index 0000000..f657fc4 --- /dev/null +++ b/init.d/rpc.rquotad @@ -0,0 +1,26 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/quota/files/rpc.rquotad.initd,v 1.1 2007/03/25 12:09:39 vapier Exp $ + +[ -e /etc/conf.d/nfs ] && source /etc/conf.d/nfs + +rpc_bin=/usr/sbin/rpc.rquotad + +depend() { + use ypbind net + need portmap + after quota +} + +start() { + ebegin "Starting rpc.rquotad" + ${rpc_bin} ${OPTS_RPC_RQUOTAD} + eend $? +} + +stop() { + ebegin "Stopping rpc.rquotad" + start-stop-daemon --stop --quiet --exec ${rpc_bin} + eend $? +} diff --git a/init.d/rsyncd b/init.d/rsyncd new file mode 100755 index 0000000..1b20282 --- /dev/null +++ b/init.d/rsyncd @@ -0,0 +1,23 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/rsync/files/rsyncd.init.d,v 1.5 2007/02/23 11:33:59 uberlord Exp $ + +depend() { + use net +} + +start() { + ebegin "Starting rsyncd" + start-stop-daemon --start --exec /usr/bin/rsync \ + --pidfile /var/run/rsyncd.pid \ + -- --daemon ${RSYNC_OPTS} + eend $? +} + +stop() { + ebegin "Stopping rsyncd" + start-stop-daemon --stop --exec /usr/bin/rsync \ + --pidfile /var/run/rsyncd.pid + eend $? +} diff --git a/init.d/samba b/init.d/samba new file mode 100755 index 0000000..a1a2fae --- /dev/null +++ b/init.d/samba @@ -0,0 +1,59 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/samba.initd,v 1.2 2010/12/20 20:35:07 vostorga Exp $ + +opts="reload" + +depend() { + after slapd + need net + use cupsd +} + +DAEMONNAME="${SVCNAME##samba.}" +[ "${DAEMONNAME}" != "samba" ] && daemon_list=${DAEMONNAME} + +signal_do() { + local signal="$1" + [ -z "${signal}" ] && return 0 + + local result=0 last_result=0 daemon= cmd_exec= + for daemon in ${daemon_list} ; do + eval cmd_exec=\$${daemon}_${signal} + if [ -n "${cmd_exec}" ]; then + ebegin "${my_service_name} -> ${signal}: ${daemon}" + #echo ${cmd} '->' ${!cmd} + ${cmd_exec} > /dev/null + last_result=$? + eend ${last_result} + fi + result=$(( ${result} + ${last_result} )) + done + return ${result} +} + +mkdir_sambadirs() { + [ -d /var/run/samba ] || mkdir -p /var/run/samba +} + +start() { + ${my_service_PRE} + mkdir_sambadirs + signal_do start && return 0 + + eerror "Error: starting services (see system logs)" + signal_do stop + return 1 +} +stop() { + ${my_service_PRE} + if signal_do stop ; then + ${my_service_POST} + return 0 + fi +} +reload() { + ${my_service_PRE} + signal_do reload +} diff --git a/init.d/saslauthd b/init.d/saslauthd new file mode 100755 index 0000000..a5e9a44 --- /dev/null +++ b/init.d/saslauthd @@ -0,0 +1,21 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/files/saslauthd2.rc6,v 1.7 2007/04/07 13:03:55 chtekk Exp $ + +depend() { + need net +} + +start() { + ebegin "Starting saslauthd" + start-stop-daemon --start --quiet --exec /usr/sbin/saslauthd \ + -- ${SASLAUTHD_OPTS} + eend $? +} + +stop() { + ebegin "Stopping saslauthd" + start-stop-daemon --stop --quiet --pidfile /var/lib/sasl2/saslauthd.pid + eend $? +} diff --git a/init.d/savecache b/init.d/savecache new file mode 100755 index 0000000..355ebce --- /dev/null +++ b/init.d/savecache @@ -0,0 +1,41 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Saves the caches OpenRC uses to non volatile storage" + +start() +{ + if [ -e "$RC_SVCDIR"/clock-skewed ]; then + ewarn "WARNING: clock skew detected!" + if ! yesno "${RC_GOINGDOWN}"; then + eerror "Not saving deptree cache" + return 1 + fi + fi + ebegin "Saving dependency cache" + local rc= + if [ ! -d "$RC_LIBEXECDIR"/cache ]; then + rm -rf "$RC_LIBEXECDIR"/cache + if ! mkdir "$RC_LIBEXECDIR"/cache; then + rc=$? + if yesno "${RC_GOINGDOWN}"; then + rc=0 + fi + eend $rc + return $rc + fi + fi + local save= + for x in deptree depconfig shutdowntime softlevel nettree rc.log; do + [ -e "$RC_SVCDIR/$x" ] && save="$save $RC_SVCDIR/$x" + done + if [ -n "$save" ]; then + cp -p $save "$RC_LIBEXECDIR"/cache 2>/dev/null + fi + rc=$? + if yesno "${RC_GOINGDOWN}"; then + rc=0 + fi + eend $rc +} diff --git a/init.d/shutdown.sh b/init.d/shutdown.sh new file mode 100755 index 0000000..502ef52 --- /dev/null +++ b/init.d/shutdown.sh @@ -0,0 +1,13 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +opts="-d" +[ "${INIT_HALT}" != "HALT" ] && opts="${opts}p" +[ "${RC_DOWN_INTERFACE}" = "yes" ] && opts="${opts}i" +[ "${RC_DOWN_HARDDISK}" = "yes" ] && opts="${opts}h" + +/sbin/halt "${opts}" + +# hmm, if the above failed, that's kind of odd ... +# so let's force a halt +/sbin/halt -f diff --git a/init.d/slapd b/init.d/slapd new file mode 100755 index 0000000..a432944 --- /dev/null +++ b/init.d/slapd @@ -0,0 +1,22 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/files/slapd-initd2,v 1.1 2010/04/11 15:14:48 jokey Exp $ + +depend() { + need net + before dbus hald avahi-daemon + provide ldap +} + +start() { + ebegin "Starting ldap-server" + eval start-stop-daemon --start --pidfile /var/run/openldap/slapd.pid --exec /usr/lib64/openldap/slapd -- -u ldap -g ldap "${OPTS}" + eend $? +} + +stop() { + ebegin "Stopping ldap-server" + start-stop-daemon --stop --signal 2 --quiet --pidfile /var/run/openldap/slapd.pid + eend $? +} diff --git a/init.d/smartd b/init.d/smartd new file mode 100755 index 0000000..131a7d4 --- /dev/null +++ b/init.d/smartd @@ -0,0 +1,43 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/smartmontools/files/smartd.rc,v 1.9 2011/09/15 07:58:50 polynomial-c Exp $ + +depend() { + need localmount + after bootmisc +} + +extra_started_commands="reload" + +checkconfig() { + if [ ! -f "/etc/smartd.conf" ] ; then + eerror "You should setup your /etc/smartd.conf file!" + eerror "See the smartd.conf(5) manpage." + return 1 + fi + return 0 +} + +start() { + checkconfig || return 1 + + ebegin "Starting S.M.A.R.T. monitoring daemon" + start-stop-daemon --start --exec /usr/sbin/smartd \ + --pidfile /var/run/smartd.pid \ + -- -p /var/run/smartd.pid ${SMARTD_OPTS} + eend $? +} + +stop() { + ebegin "Stopping S.M.A.R.T. monitoring daemon" + start-stop-daemon --stop --exec /usr/sbin/smartd \ + --pidfile /var/run/smartd.pid + eend $? +} + +reload() { + ebegin "Reloading configuration" + start-stop-daemon --signal HUP --pidfile /var/run/smartd.pid smartd + eend $? +} diff --git a/init.d/snmpd b/init.d/snmpd new file mode 100755 index 0000000..d8419ea --- /dev/null +++ b/init.d/snmpd @@ -0,0 +1,47 @@ +#!/sbin/runscript +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmpd.init,v 1.1 2009/10/16 08:51:05 gengor Exp $ + +opts="${opts} reload" + +depend() { + use logger + need net +} + +SNMPD_PIDFILE="${SNMPD_PIDFILE:-/var/run/snmpd.pid}" + +checkconfig() { + if [ ! -e /etc/snmp/snmpd.conf ] ; then + eerror "${SVCNAME} requires an /etc/snmp/snmpd.conf configuration file" + return 1 + fi +} + +start() { + checkconfig || return 1 + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --quiet --exec /usr/sbin/snmpd \ + -- -p ${SNMPD_PIDFILE} ${SNMPD_FLAGS} + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --quiet --pidfile ${SNMPD_PIDFILE} + eend $? +} + +reload() { + checkconfig || return 1 + if [ ! -f ${SNMPD_PIDFILE} ]; then + eerror "Cannot reload configuration, ${SVCNAME} is not running" + eend 1 + return 1 + fi + + ebegin "Reloading ${SVCNAME} configuration" + kill -HUP $(< ${SNMPD_PIDFILE}) &>/dev/null + eend $? +} diff --git a/init.d/snmptrapd b/init.d/snmptrapd new file mode 100755 index 0000000..7a311f9 --- /dev/null +++ b/init.d/snmptrapd @@ -0,0 +1,24 @@ +#!/sbin/runscript +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmptrapd.init,v 1.1 2009/10/16 08:51:05 gengor Exp $ + +depend() { + use logger + need net +} + +SNMPTRAPD_PIDFILE="${SNMPTRAPD_PIDFILE:-/var/run/snmptrapd.pid}" + +start() { + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --quiet --exec /usr/sbin/snmptrapd \ + -- -p ${SNMPTRAPD_PIDFILE} ${SNMPTRAPD_FLAGS} + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --quiet --pidfile ${SNMPTRAPD_PIDFILE} + eend $? +} diff --git a/init.d/spamd b/init.d/spamd new file mode 100755 index 0000000..caea84f --- /dev/null +++ b/init.d/spamd @@ -0,0 +1,45 @@ +#!/sbin/runscript +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamassassin/files/3.3.1-spamd.init,v 1.2 2010/04/07 04:13:24 darkside Exp $ + +# NB: Config is in /etc/conf.d/spamd + +# Provide a default location if they haven't in /etc/conf.d/spamd +PIDFILE=${PIDFILE:-/var/run/spamd.pid} + +opts="reload" + +depend() { + need net + before mta + use logger + use mysql +} + +start() { + ebegin "Starting spamd" + start-stop-daemon --start --quiet \ + --name spamd \ + --nicelevel ${SPAMD_NICELEVEL:-0} \ + --pidfile ${PIDFILE} \ + --exec /usr/sbin/spamd -- -d -r ${PIDFILE} \ + ${SPAMD_OPTS} + retval=$? + if ! [ -f "${PIDFILE}" ]; then + sleep 1 + fi + eend ${retval} "Failed to start spamd" +} + +stop() { + ebegin "Stopping spamd" + start-stop-daemon --stop --quiet --pidfile ${PIDFILE} + eend $? "Failed to stop spamd" +} + +reload() { + ebegin "Reloading configuration" + kill -HUP $(< ${PIDFILE}) + eend $? +} diff --git a/init.d/sshd b/init.d/sshd new file mode 100755 index 0000000..86f87ba --- /dev/null +++ b/init.d/sshd @@ -0,0 +1,84 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.2,v 1.1 2011/01/24 02:55:47 vapier Exp $ + +opts="${opts} reload checkconfig gen_keys" + +depend() { + use logger dns + need net +} + +SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh} +SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid} +SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd} + +checkconfig() { + if [ ! -d /var/empty ] ; then + mkdir -p /var/empty || return 1 + fi + + if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then + eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd" + eerror "There is a sample file in /usr/share/doc/openssh" + return 1 + fi + + gen_keys || return 1 + + "${SSHD_BINARY}" -t ${myopts} || return 1 +} + +gen_key() { + local type=$1 key ks + [ $# -eq 1 ] && ks="${type}_" + key="${SSHD_CONFDIR}/ssh_host_${ks}key" + if [ ! -e "${key}" ] ; then + ebegin "Generating ${type} host key" + ssh-keygen -t ${type} -f "${key}" -N '' + eend $? || return $? + fi +} + +gen_keys() { + if egrep -q '^[[:space:]]*Protocol[[:space:]]+.*1' "${SSHD_CONFDIR}"/sshd_config ; then + gen_key rsa1 "" || return 1 + fi + gen_key dsa && gen_key rsa && gen_key ecdsa + return $? +} + +start() { + local myopts="" + [ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \ + && myopts="${myopts} -o PidFile=${SSHD_PIDFILE}" + [ "${SSHD_CONFDIR}" != "/etc/ssh" ] \ + && myopts="${myopts} -f ${SSHD_CONFDIR}/sshd_config" + + checkconfig || return 1 + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" \ + -- ${myopts} ${SSHD_OPTS} + eend $? +} + +stop() { + if [ "${RC_CMD}" = "restart" ] ; then + checkconfig || return 1 + fi + + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" --quiet + eend $? +} + +reload() { + checkconfig || return 1 + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --stop --signal HUP --oknodo \ + --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}" + eend $? +} diff --git a/init.d/staticroute b/init.d/staticroute new file mode 100755 index 0000000..558d57e --- /dev/null +++ b/init.d/staticroute @@ -0,0 +1,104 @@ +#!/sbin/runscript +# Copyright (c) 2009 Roy Marples +# Released under the 2-clause BSD license. + +# This script was inspired by the equivalent rc.d staticroute from NetBSD. + +description="Configures static routes." +__nl=" +" + +depend() +{ + provide net + use network + keyword -jail -prefix -vserver +} + +pre_flight_checks() +{ + route=route + [ -s /etc/route.conf ] && return 0 + + if [ -n "$staticiproute" ]; then + route="ip route" + staticroute="$staticiproute" + fi +} + +dump_args() +{ + # Route configuration file, as used by the NetBSD RC system + if [ -s /etc/route.conf ]; then + cat /etc/route.conf + return $? + fi + + case "$staticroute" in + *"$__nl"*) + echo "$staticroute" + ;; + *) + ( + set -o noglob + IFS=';'; set -- $staticroute + IFS="$__nl"; echo "$*" + ) + ;; + esac +} + +do_routes() +{ + local xtra= family= + [ "$RC_UNAME" != Linux ] && xtra=-q + + ebegin "$1 static routes" + eindent + pre_flight_checks + dump_args | while read args; do + [ -z "$args" ] && continue + case "$args" in + "#"*) + ;; + "+"*) + [ $2 = "add" ] && eval ${args#*+} + ;; + "-"*) + [ $2 = "del" -o $2 = "delete" ] && eval ${args#*-} + ;; + *) + veinfo "$args" + case "$route" in + "ip route") + ip route $2 $args + ;; + *) + # Linux route does cannot work it out ... + if [ "$RC_UNAME" = Linux ]; then + case "$args" in + *:*) family="-A inet6";; + *) family=;; + esac + fi + route $family $xtra $2 -$args + ;; + esac + veend $? + esac + done + eoutdent + eend 0 +} + +start() +{ + do_routes "Adding" "add" +} + +stop() +{ + local cmd="delete" + [ "$RC_UNAME" = Linux ] && cmd="del" + do_routes "Deleting" "$cmd" +} diff --git a/init.d/svnserve b/init.d/svnserve new file mode 100755 index 0000000..186d6f9 --- /dev/null +++ b/init.d/svnserve @@ -0,0 +1,26 @@ +#!/sbin/runscript +# Copyright 2004-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later +# $Header: /var/cvsroot/gentoo-x86/dev-vcs/subversion/files/svnserve.initd2,v 1.1 2011/08/18 09:51:23 chainsaw Exp $ + +depend() { + need net +} + +start() { + ebegin "Starting svnserve" + # Ensure that we run from a readable working dir, and that we do not + # lock filesystems when being run from such a location. + cd / + start-stop-daemon --start --quiet --background --make-pidfile \ + --pidfile /var/run/svnserve.pid --exec /usr/bin/svnserve \ + --user ${SVNSERVE_USER:-apache}:${SVNSERVE_GROUP:-apache} -- \ + --foreground --daemon ${SVNSERVE_OPTS:---root=/var/svn} + eend $? +} + +stop() { + ebegin "Stopping svnserve" + start-stop-daemon --stop --quiet --pidfile /var/run/svnserve.pid + eend $? +} diff --git a/init.d/swap b/init.d/swap new file mode 100755 index 0000000..9fcc101 --- /dev/null +++ b/init.d/swap @@ -0,0 +1,35 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +depend() +{ + need localmount + keyword -jail -openvz -prefix -vserver -lxc +} + +start() +{ + ebegin "Activating swap devices" + case "$RC_UNAME" in + NetBSD|OpenBSD) swapctl -A -t noblk >/dev/null;; + *) swapon -a >/dev/null;; + esac + eend 0 # If swapon has nothing todo it errors, so always return 0 +} + +stop() +{ + ebegin "Deactivating swap devices" + + # Try to unmount all tmpfs filesystems not in use, else a deadlock may + # occure. As $RC_SVCDIR may also be tmpfs we cd to it to lock it + cd "$RC_SVCDIR" + umount -a -t tmpfs 2>/dev/null + + case "$RC_UNAME" in + NetBSD|OpenBSD) swapctl -U -t noblk >/dev/null;; + *) swapoff -a >/dev/null;; + esac + eend 0 +} diff --git a/init.d/swclock b/init.d/swclock new file mode 100755 index 0000000..ba9cd3d --- /dev/null +++ b/init.d/swclock @@ -0,0 +1,30 @@ +#!/sbin/runscript +# Copyright (c) 2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Sets the local clock to the mtime of a given file." + +depend() +{ + before * + provide clock + keyword -openvz -prefix -uml -vserver -xenu -lxc +} + +# swclock is an OpenRC built in + +start() +{ + ebegin "Setting the local clock based on last shutdown time" + if ! swclock 2> /dev/null; then + swclock --warn /sbin/runscript + fi + eend $? +} + +stop() +{ + ebegin "Saving the shutdown time" + swclock --save + eend $? +} diff --git a/init.d/sysctl b/init.d/sysctl new file mode 100755 index 0000000..cb5d92e --- /dev/null +++ b/init.d/sysctl @@ -0,0 +1,34 @@ +#!/sbin/runscript +# Copyright (c) 2007-2008 Roy Marples +# Released under the 2-clause BSD license. + +depend() +{ + before bootmisc logger + keyword -prefix -vserver +} + +start() +{ + local conf= retval=0 err errs + + ebegin "Configuring kernel parameters" + eindent + + for conf in /etc/sysctl.d/*.conf /etc/sysctl.conf; do + if [ -r "$conf" ]; then + vebegin "applying $conf" + if ! err=$(sysctl -q -p "$conf" 2>&1) ; then + errs="${errs} ${err}" + sysctl -q -e -p "${conf}" + fi + veend $? || retval=1 + fi + done + + eoutdent + if [ ${retval} -eq 0 ] && [ -n "${errs}" ] ; then + ewarn "Unknown keys:${errs}" + fi + eend $retval "Some errors were encountered: ${errs}" +} diff --git a/init.d/sysfs b/init.d/sysfs new file mode 100755 index 0000000..2433d84 --- /dev/null +++ b/init.d/sysfs @@ -0,0 +1,64 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Mount the sys filesystem." + +depend() +{ + keyword -prefix -vserver +} + +mount_sys() +{ + grep -Eq "[[:space:]]+sysfs$" /proc/filesystems || return 1 + mountinfo -q /sys && return 0 + + if [ ! -d /sys ]; then + if ! mkdir -m 0755 /sys; then + ewarn "Could not create /sys!" + return 1 + fi + fi + + ebegin "Mounting /sys" + if ! fstabinfo --mount /sys; then + mount -n -t sysfs -o noexec,nosuid,nodev sysfs /sys + fi + eend $? +} + +mount_misc() +{ + # Setup Kernel Support for securityfs + if [ -d /sys/kernel/security ] && \ + ! mountinfo -q /sys/kernel/security; then + if grep -qs securityfs /proc/filesystems; then + ebegin "Mounting security filesystem" + mount -n -t securityfs -o nodev,noexec,nosuid \ + securityfs /sys/kernel/security + eend $? + fi + fi + + # Setup Kernel Support for debugfs + if [ -d /sys/kernel/debug ] && ! mountinfo -q /sys/kernel/debug; then + if grep -qs debugfs /proc/filesystems; then + ebegin "Mounting debug filesystem" + mount -n -t debugfs -o nodev,noexec,nosuid \ + debugfs /sys/kernel/debug + eend $? + fi + fi +} + +start() +{ + local retval + mount_sys + retval=$? + if [ $retval -eq 0 ]; then + mount_misc + fi + return $retval +} diff --git a/init.d/syslog-ng b/init.d/syslog-ng new file mode 100755 index 0000000..7bd8120 --- /dev/null +++ b/init.d/syslog-ng @@ -0,0 +1,60 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.rc6.3,v 1.1 2010/04/06 02:11:35 mr_bones_ Exp $ + +opts="checkconfig reload" + +depend() { + # Make networking dependency conditional on configuration + case $(sed 's/#.*//' /etc/syslog-ng/syslog-ng.conf) in + *source*tcp*|*source*udp*|*destination*tcp*|*destination*udp*) + need net + use stunnel ;; + esac + + config /etc/syslog-ng/syslog-ng.conf + use clock + need hostname localmount + provide logger +} + +checkconfig() { + if [ ! -e /etc/syslog-ng/syslog-ng.conf ] ; then + eerror "You need to create /etc/syslog-ng/syslog-ng.conf first." + eerror "An example can be found in /etc/syslog-ng/syslog-ng.conf.sample" + return 1 + fi + syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf + + # the start and reload functions have their own eends so + # avoid calling this twice when there are no problems + [ $? -eq 0 ] || eend $? "Configuration error. Please fix your configfile (/etc/syslog-ng/syslog-ng.conf)" +} + +start() { + checkconfig || return 1 + ebegin "Starting syslog-ng" + [ -n "${SYSLOG_NG_OPTS}" ] && SYSLOG_NG_OPTS="-- ${SYSLOG_NG_OPTS}" + start-stop-daemon --start --pidfile /var/run/syslog-ng.pid --exec /usr/sbin/syslog-ng ${SYSLOG_NG_OPTS} + eend $? "Failed to start syslog-ng" +} + +stop() { + ebegin "Stopping syslog-ng" + start-stop-daemon --stop --pidfile /var/run/syslog-ng.pid + eend $? "Failed to stop syslog-ng" + sleep 1 # needed for syslog-ng to stop in case we're restarting +} + +reload() { + if [ ! -f /var/run/syslog-ng.pid ]; then + eerror "syslog-ng isn't running" + return 1 + fi + checkconfig || return 1 + ebegin "Reloading configuration and re-opening log files" + start-stop-daemon --stop --oknodo --signal HUP \ + --pidfile /var/run/syslog-ng.pid + eend $? +} diff --git a/init.d/sysstat b/init.d/sysstat new file mode 100755 index 0000000..885782a --- /dev/null +++ b/init.d/sysstat @@ -0,0 +1,19 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/sysstat/files/sysstat.init.d,v 1.3 2011/05/18 02:21:33 jer Exp $ + +depend() { + use hostname +} + +start() { + ebegin "Writing a dummy startup record using sadc (see sadc(8))..." + /usr/lib/sa/sadc -F -L - + eend $? +} + +stop() { + ebegin "Cannot stop writing a dummy startup record (see sadc(8))..." + eend $? +} diff --git a/init.d/teamspeak3-server b/init.d/teamspeak3-server new file mode 100755 index 0000000..4f83085 --- /dev/null +++ b/init.d/teamspeak3-server @@ -0,0 +1,42 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-sound/teamspeak-server-bin/files/teamspeak3-server.rc,v 1.4 2010/09/11 16:01:50 trapni Exp $ + +depend() { + need net + use mysql +} + +start() { + ebegin "Starting TeamSpeak 3 Server" + + # ensure, that the TS3-server finds all custom supplied shared objects on startup. + export LD_LIBRARY_PATH="/opt/teamspeak3-server:$LD_LIBRARY_PATH" + + # temporay fix for EPERM bug (we still leave it here to make sure it is *really* not there) + rm -f /dev/shm/7gbhujb54g8z9hu43jre8 + + start-stop-daemon --start --quiet --background \ + --pidfile "/var/run/teamspeak3-server/server.pid" --make-pidfile \ + --chuid "teamspeak3" --chdir "/opt/teamspeak3-server" \ + --exec "/usr/sbin/ts3server" -- \ + inifile="/etc/teamspeak3-server/server.conf" + + eend $? +} + +stop() { + ebegin "Stopping TeamSpeak Server" + + start-stop-daemon --stop --quiet \ + --pidfile "/var/run/teamspeak3-server/server.pid" + + eend $? +} + +restart() { + svc_stop + sleep 3 + svc_start +} diff --git a/init.d/termencoding b/init.d/termencoding new file mode 100755 index 0000000..2c2e6b0 --- /dev/null +++ b/init.d/termencoding @@ -0,0 +1,48 @@ +#!/sbin/runscript +# Copyright (c) 2008-2009 Roy Marples +# Released under the 2-clause BSD license. + +description="Configures terminal encoding." + +ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}} +: ${unicode:=${UNICODE}} + +depend() +{ + keyword -openvz -prefix -uml -vserver -xenu + need root + after bootmisc +} + +start() +{ + local ttydev=/dev/tty n= + [ -d /dev/vc ] && ttydev=/dev/vc/ + + # Set terminal encoding to either ASCII or UNICODE. + # See utf-8(7) for more information. + local termencoding="%@" termmsg="ASCII" + if yesno ${unicode}; then + termencoding="%G" + termmsg="UTF-8" + fi + + ebegin "Setting terminal encoding [$termmsg]" + n=1 + while [ ${n} -le "$ttyn" ]; do + printf "\033%s" "$termencoding" >$ttydev$n + n=$(($n + 1)) + done + + # Save the encoding for use immediately at boot + if [ -w "$RC_LIBEXECDIR" ]; then + mkdir -p "$RC_LIBEXECDIR"/console + if yesno ${unicode:-${UNICODE}}; then + echo "" > "$RC_LIBEXECDIR"/console/unicode + else + rm -f "$RC_LIBEXECDIR"/console/unicode + fi + fi + + eend 0 +} diff --git a/init.d/twistd b/init.d/twistd new file mode 100755 index 0000000..5d4d4e7 --- /dev/null +++ b/init.d/twistd @@ -0,0 +1,25 @@ +#!/sbin/runscript + +depend() { + need net +} + +start() { + if [[ -z "${TWISTD_OPTS}" ]]; then + eerror "TWISTD_OPTS is not set!" + eerror "You need to configure twistd in /etc/conf.d/twistd." + return 1 + fi + export PYTHONPATH + ebegin "Starting twistd" + start-stop-daemon --start --quiet --pidfile /var/run/twistd.pid \ + --exec /usr/bin/twistd -- --pidfile /var/run/twistd.pid \ + ${TWISTD_OPTS} + eend $? "Failed to start twistd" +} + +stop() { + ebegin "Stopping twistd" + start-stop-daemon --stop --quiet --pidfile /var/run/twistd.pid + eend $? "Failed to stop twistd" +} diff --git a/init.d/udev b/init.d/udev new file mode 100755 index 0000000..833cca0 --- /dev/null +++ b/init.d/udev @@ -0,0 +1,272 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Run udevd and create the device-nodes" + +[ -e /etc/udev/udev.conf ] && . /etc/udev/udev.conf + +rc_coldplug=${rc_coldplug:-${RC_COLDPLUG:-YES}} + +depend() +{ + if [ -f /etc/init.d/sysfs ]; then + # require new enough openrc with sysinit being extra runlevel + # on linux we just check if sysfs init-script exists + # this is to silence out ugly warnings about not-existing sysfs script + provide dev + if yesno "${rc_device_tarball:-no}"; then + need sysfs udev-mount udev-dev-tarball + else + need sysfs udev-mount + fi + before checkfs fsck + + # udev does not work inside vservers + keyword novserver nolxc + fi +} + +cleanup() +{ + # fail more gracely and not leave udevd running + start-stop-daemon --stop --exec /sbin/udevd + exit 1 +} + +disable_hotplug_agent() +{ + if [ -e /proc/sys/kernel/hotplug ]; then + echo "" >/proc/sys/kernel/hotplug + fi +} + +root_link() +{ + /lib64/udev/write_root_link_rule +} + +rules_disable_switch() +{ + # this function disables rules files + # by creating new files with the same name + # in a temp rules directory with higher priority + local f=/dev/.udev/rules.d/"$1" bname="$1" onoff="$2" + + if yesno "${onoff}"; then + echo "# This file disables ${bname} due to /etc/conf.d/udev" \ + > "${f}" + else + rm -f "${f}" + fi +} + +# only called on openrc +is_service_enabled() { + local svc="$1" + + [ ! -e "/etc/init.d/${svc}" ] && return 1 + + [ -e "/etc/runlevels/${RC_BOOTLEVEL}/${svc}" ] && return 0 + [ -e "/etc/runlevels/${RC_DEFAULTLEVEL}/${svc}" ] && return 0 + return 1 +} + +check_openrc_net() +{ + local f=/dev/.udev/rules.d/90-network.rules + is_service_enabled network || return 0 + + # disable network hotplugging + echo "# This file disables network hotplug events calling old-style openrc net scripts" >> "${f}" + echo "# as we use new-style network init script /etc/init.d/network" >> "${f}" +} + +start_udevd() +{ + # load unix domain sockets if built as module, Bug #221253 + if [ -e /proc/modules ] ; then + modprobe -q unix 2>/dev/null + fi + local opts="${udev_opts}" + + ebegin "Starting udevd" + if yesno "${udev_debug:-no}"; then + /sbin/udevd --daemon ${opts} --debug 2>/dev/.udev/udev.log + else + start-stop-daemon --start --exec /sbin/udevd -- --daemon ${opts} + fi + + eend $? +} + +# populate /dev with devices already found by the kernel +populate_dev() +{ + if get_bootparam "nocoldplug" ; then + rc_coldplug="NO" + ewarn "Skipping udev coldplug as requested in kernel cmdline" + fi + + ebegin "Populating /dev with existing devices through uevents" + udevadm control --property=STARTUP=1 + if yesno "${rc_coldplug}"; then + udevadm trigger --action="add" + else + # Do not run any init-scripts, Bug #206518 + udevadm control --property=do_not_run_plug_service=1 + + # only create device nodes + udevadm trigger --action="add" --attr-match=dev + + # run persistent-net stuff, bug 191466 + udevadm trigger --action="add" --subsystem-match=net + fi + eend $? + + # we can speed up booting under these conditions: + # * using devtmpfs so kernel creates device nodes for us + # * only using kernel created device nodes at boot (in /etc/fstab and elsewhere) + # + ebegin "Waiting for uevents to be processed" + udevadm settle --timeout=${udev_settle_timeout:-60} + eend $? + + udevadm control --property=do_not_run_plug_service= + udevadm control --property=STARTUP= + return 0 +} + +# for debugging +start_udevmonitor() +{ + yesno "${udev_monitor:-no}" || return 0 + + udevmonitor_log=/dev/.udev/udevmonitor.log + udevmonitor_pid=/dev/.udev/udevmonitor.pid + + einfo "udev: Running udevadm monitor ${udev_monitor_opts} to get a log of all events" + start-stop-daemon --start --stdout "${udevmonitor_log}" \ + --make-pidfile --pidfile "${udevmonitor_pid}" \ + --background --exec /sbin/udevadm -- monitor ${udev_monitor_opts} +} + +stop_udevmonitor() +{ + yesno "${udev_monitor:-no}" || return 0 + + if yesno "${udev_monitor_keep_running:-no}"; then + ewarn "udev: udevmonitor is still running and writing into ${udevmonitor_log}" + else + einfo "udev: Stopping udevmonitor: Log is in ${udevmonitor_log}" + start-stop-daemon --stop --pidfile "${udevmonitor_pid}" --exec /sbin/udevadm + fi +} + +display_hotplugged_services() { + local svcfile= svc= services= + for svcfile in "${RC_SVCDIR}"/hotplugged/*; do + svc="${svcfile##*/}" + [ -x "${svcfile}" ] || continue + + services="${services} ${svc}" + done + [ -n "${services}" ] && einfo "Device initiated services:${HILITE}${services}${NORMAL}" +} + +check_persistent_net() +{ + # check if there are problems with persistent-net + local syspath= devs= problem=false + for syspath in /sys/class/net/*_rename*; do + if [ -d "${syspath}" ]; then + devs="${devs} ${syspath##*/}" + problem=true + fi + done + + ${problem} || return 0 + + eerror "UDEV: Your system has a problem assigning persistent names" + eerror "to these network interfaces: ${devs}" + + einfo "Checking persistent-net rules:" + # the sed-expression lists all duplicate lines + # from the input, like "uniq -d" does, but uniq + # is installed into /usr/bin and not available at boot. + dups=$( + RULES_FILE='/etc/udev/rules.d/70-persistent-net.rules' + . /lib64/udev/rule_generator.functions + find_all_rules 'NAME=' '.*' | \ + tr ' ' '\n' | \ + sort | \ + sed '$!N; s/^\(.*\)\n\1$/\1/; t; D' + ) + if [ -n "${dups}" ]; then + ewarn "The rules create multiple entries assigning these names:" + eindent + ewarn "${dups}" + eoutdent + else + ewarn "Found no duplicate names in persistent-net rules," + ewarn "there must be some other problem!" + fi + return 1 +} + +check_udev_works() +{ + # should exist on every system, else udev failed + if [ ! -e /dev/zero ]; then + eerror "Assuming udev failed somewhere, as /dev/zero does not exist." + return 1 + fi + return 0 +} + +start() +{ + # do not run this on old baselayout where udev-addon gets loaded + if [ ! -f /etc/init.d/sysfs ]; then + eerror "The $SVCNAME init-script is written for baselayout-2!" + eerror "Please do not use it with baselayout-1!". + return 1 + fi + + check_openrc_net + _start + + display_hotplugged_services + + return 0 +} + +_start() +{ + if [ ! -e /etc/runlevels/${RC_DEFAULTLEVEL:-default}/udev-postmount ]; then + ewarn "You should add udev-postmount service to your default runlevel." + fi + + root_link + rules_disable_switch 75-persistent-net-generator.rules "${persistent_net_disable:-no}" + rules_disable_switch 75-cd-aliases-generator.rules ${persistent_cd_disable:-no} + + disable_hotplug_agent + start_udevd || cleanup + start_udevmonitor + populate_dev || cleanup + + check_persistent_net + + check_udev_works || cleanup + stop_udevmonitor + + return 0 +} + +stop() { + ebegin "Stopping udevd" + start-stop-daemon --stop --exec /sbin/udevd + eend $? +} + diff --git a/init.d/udev-dev-tarball b/init.d/udev-dev-tarball new file mode 100755 index 0000000..d32c7b2 --- /dev/null +++ b/init.d/udev-dev-tarball @@ -0,0 +1,95 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Maintain a tarball of not udev managed device nodes" +[ -e /etc/conf.d/udev ] && . /etc/conf.d/udev + +rc_device_tarball=${rc_device_tarball:-${RC_DEVICE_TARBALL:-NO}} +device_tarball=/lib64/udev/state/devices.tar.bz2 + +depend() { + if [ -f /etc/init.d/sysfs ]; then + need udev-mount + fi +} + +start() +{ + _start +} + +_start() { + if yesno "${rc_device_tarball}" && \ + [ -s "${device_tarball}" ] + then + ebegin "Populating /dev with saved device nodes" + tar -jxpf "${device_tarball}" -C /dev + eend $? + fi +} + +stop() { + if [ -e /dev/.devfsd ] || [ ! -e /dev/.udev ] || [ ! -z "${CDBOOT}" ] || \ + ! yesno "${rc_device_tarball}" || \ + ! touch "${device_tarball}" 2>/dev/null + then + return 0 + fi + + ebegin "Saving device nodes" + # Handle our temp files + save_tmp_base=/tmp/udev.savedevices."$$" + devices_udev="${save_tmp_base}"/devices.udev + devices_real="${save_tmp_base}"/devices.real + devices_totar="${save_tmp_base}"/devices.totar + device_tmp_tarball="${save_tmp_base}"/devices + + rm -rf "${save_tmp_base}" + mkdir "${save_tmp_base}" + touch "${devices_udev}" "${devices_real}" \ + "${devices_totar}" "${device_tmp_tarball}" + + if [ -f "${devices_udev}" -a -f "${devices_real}" -a \ + -f "${devices_totar}" -a -f "${device_tmp_tarball}" ] + then + cd /dev + # Find all devices, but ignore .udev directory + find . -xdev -type b -or -type c -or -type l | \ + cut -d/ -f2- | \ + grep -v ^\\.udev >"${devices_real}" + + # Figure out what udev created + udevadm info --export-db | sed -ne 's,^[SN]: \(.*\),\1,p' >"${devices_udev}" + # These ones we also do not want in there + for x in MAKEDEV core fd initctl pts shm stderr stdin stdout root; do + echo "${x}" >> "${devices_udev}" + done + if [ -d /lib64/udev/devices ]; then + cd /lib64/udev/devices + find . -xdev -type b -or -type c -or -type l | \ + cut -d/ -f2- >> "${devices_udev}" + cd /dev + fi + + fgrep -x -v -f "${devices_udev}" "${devices_real}" > "${devices_totar}" + + # Now only tarball those not created by udev if we have any + if [ -s "${devices_totar}" ]; then + # we dont want to descend into mounted filesystems (e.g. devpts) + # looking up username may involve NIS/network + # and net may be down + tar --one-file-system --numeric-owner \ + -jcpf "${device_tmp_tarball}" -T "${devices_totar}" + mv -f "${device_tmp_tarball}" "${device_tarball}" + else + rm -f "${device_tarball}" + fi + eend 0 + else + eend 1 "Could not create temporary files!" + fi + + rm -rf "${save_tmp_base}" +} + diff --git a/init.d/udev-mount b/init.d/udev-mount new file mode 100755 index 0000000..52cf26b --- /dev/null +++ b/init.d/udev-mount @@ -0,0 +1,107 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Mount tmpfs on /dev" +[ -e /etc/conf.d/udev ] && . /etc/conf.d/udev + +# get_KV and KV_to_int +. /lib64/udev/shell-compat-KV.sh + +# FIXME +# Instead of this script testing kernel version, udev itself should +# Maybe something like udevd --test || exit $? +check_kernel() +{ + if [ $(get_KV) -lt $(KV_to_int '2.6.25') ]; then + eerror "Your kernel is too old to work with this version of udev." + eerror "Current udev only supports Linux kernel 2.6.25 and newer." + return 1 + fi + + yesno "${unreliable_kernel_warning:-yes}" || return 0 + + if [ $(get_KV) -lt $(KV_to_int '2.6.27') ]; then + ewarn "You need at least Linux kernel 2.6.27 for reliable operation of udev." + fi + return 0 +} + + +mount_dev_directory() +{ + if mountinfo -q /dev; then + einfo "/dev is already mounted" + return 0 + fi + + # No options are processed here as they should all be in /etc/fstab + ebegin "Mounting /dev" + if ! fstabinfo --mount /dev; then + # we mount devtmpfs if supported + local fs=tmpfs + grep -qs devtmpfs /proc/filesystems && fs=devtmpfs + + # Some devices require exec, Bug #92921 + mount -n -t "$fs" -o "exec,nosuid,mode=0755,size=10M" udev /dev + fi + eend $? +} + +seed_dev() +{ + # Seed /dev with some things that we know we need + + # creating /dev/console, /dev/tty and /dev/tty1 to be able to write + # to $CONSOLE with/without bootsplash before udevd creates it + [ -c /dev/console ] || mknod -m 600 /dev/console c 5 1 + [ -c /dev/tty1 ] || mknod -m 620 /dev/tty1 c 4 1 + [ -c /dev/tty ] || mknod -m 666 /dev/tty c 5 0 + + # udevd will dup its stdin/stdout/stderr to /dev/null + # and we do not want a file which gets buffered in ram + [ -c /dev/null ] || mknod -m 666 /dev/null c 1 3 + ${HAVE_SELINUX} && restorecon /dev/null + + # so udev can add its start-message to dmesg + [ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11 + + # Create problematic directories + mkdir -p /dev/pts /dev/shm + ${HAVE_SELINUX} && restorecon -R /dev >/dev/null + return 0 +} + + +start() +{ + # do not run this on too old baselayout - udev-addon is already loaded! + if [ ! -f /etc/init.d/sysfs ]; then + eerror "The $SVCNAME init-script is written for baselayout-2!" + eerror "Please do not use it with baselayout-1!". + return 1 + fi + + _start +} + +_start() +{ + check_kernel || return 1 + mount_dev_directory || return 1 + + # Selinux lovin; /selinux should be mounted by selinux-patched init + if [ -x /sbin/restorecon -a -c /selinux/null ]; then + HAVE_SELINUX=true + restorecon /dev > /selinux/null + else + HAVE_SELINUX=false + fi + + # make sure it exists + mkdir -p /dev/.udev /dev/.udev/rules.d + + seed_dev + + return 0 +} diff --git a/init.d/udev-postmount b/init.d/udev-postmount new file mode 100755 index 0000000..12a30f6 --- /dev/null +++ b/init.d/udev-postmount @@ -0,0 +1,53 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/udev/files/164/udev-postmount.initd,v 1.1 2010/10/30 13:53:54 zzam Exp $ + +depend() { + need localmount + after dbus # for trigger failed +} + +dir_writeable() +{ + touch "$1"/.test.$$ 2>/dev/null && rm "$1"/.test.$$ +} + +# store persistent-rules that got created while booting +# when / was still read-only +store_persistent_rules() { + # only continue if rules-directory is writable + dir_writeable /etc/udev/rules.d || return 0 + + local file dest + for file in /dev/.udev/tmp-rules--*; do + dest=${file##*tmp-rules--} + [ "$dest" = '*' ] && break + type=${dest##70-persistent-} + type=${type%%.rules} + ebegin "Saving udev persistent ${type} rules to /etc/udev/rules.d" + cat "$file" >> /etc/udev/rules.d/"$dest" && rm -f "$file" + eend $? "Failed moving persistent rules!" + done +} + + +start() { + # check if this system uses udev + [ -d /dev/.udev/ ] || return 0 + + einfo "Doing udev cleanups" + + # Run the events that failed at first udev trigger + udevadm trigger --type=failed -v + + # store persistent-rules that got created while booting + # when / was still read-only + store_persistent_rules +} + +stop() { + : +} + +# vim:ts=4 diff --git a/init.d/ulogd b/init.d/ulogd new file mode 100755 index 0000000..7d05fe8 --- /dev/null +++ b/init.d/ulogd @@ -0,0 +1,36 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/ulogd/files/ulogd,v 1.3 2009/08/10 06:01:18 wormo Exp $ + +opts="reload" + +depend() { + need net +} + +checkconfig() { + if [ ! -e /etc/ulogd.conf ]; then + eerror "You need /etc/ulogd.conf" + return 1 + fi +} + +start() { + checkconfig || return 1 + ebegin "Starting ulogd" + start-stop-daemon --start --quiet --exec /usr/sbin/ulogd -- -u ulogd -d >/dev/null 2>&1 + eend $? +} + +stop() { + ebegin "Stopping ulogd" + start-stop-daemon --stop --quiet --exec /usr/sbin/ulogd >/dev/null 2>&1 + eend $? +} + +reload() { + ebegin "Reloading ulogd.conf file" + killall -HUP ulogd &>/dev/null + eend $? +} diff --git a/init.d/urandom b/init.d/urandom new file mode 100755 index 0000000..99e1127 --- /dev/null +++ b/init.d/urandom @@ -0,0 +1,45 @@ +#!/sbin/runscript +# Copyright (c) 2007-2009 Roy Marples +# Released under the 2-clause BSD license. + +: ${urandom_seed:=${URANDOM_SEED:-/var/run/random-seed}} +description="Initializes the random number generator." + +depend() +{ + need localmount + keyword -jail -openvz -prefix +} + +save_seed() +{ + local psz=1 + + if [ -e /proc/sys/kernel/random/poolsize ]; then + psz=$(($(cat /proc/sys/kernel/random/poolsize) / 4096)) + fi + + ( # sub shell to prevent umask pollution + umask 077 + dd if=/dev/urandom of="$urandom_seed" count=${psz} 2>/dev/null + ) +} + +start() +{ + [ -c /dev/urandom ] || return + if [ -f "$urandom_seed" ]; then + ebegin "Initializing random number generator" + cat "$urandom_seed" > /dev/urandom + eend $? "Error initializing random number generator" + fi + rm -f "$urandom_seed" && save_seed + return 0 +} + +stop() +{ + ebegin "Saving random seed" + save_seed + eend $? "Failed to save random seed" +} diff --git a/init.d/vixie-cron b/init.d/vixie-cron new file mode 100755 index 0000000..e6d0315 --- /dev/null +++ b/init.d/vixie-cron @@ -0,0 +1,22 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/files/vixie-cron.rc6,v 1.2 2005/06/09 01:35:44 ka0ttic Exp $ + +depend() { + use clock logger + need localmount + provide cron +} + +start() { + ebegin "Starting vixie-cron" + start-stop-daemon --start --quiet --exec /usr/sbin/cron + eend $? +} + +stop() { + ebegin "Stopping vixie-cron" + start-stop-daemon --stop --quiet --pidfile /var/run/cron.pid + eend $? +} diff --git a/iproute2/ematch_map b/iproute2/ematch_map new file mode 100644 index 0000000..7c6a281 --- /dev/null +++ b/iproute2/ematch_map @@ -0,0 +1,5 @@ +# lookup table for ematch kinds +1 cmp +2 nbyte +3 u32 +4 meta diff --git a/iproute2/rt_dsfield b/iproute2/rt_dsfield new file mode 100644 index 0000000..496ef66 --- /dev/null +++ b/iproute2/rt_dsfield @@ -0,0 +1,27 @@ +0x00 default +0x10 lowdelay +0x08 throughput +0x04 reliability +# This value overlap with ECT, do not use it! +0x02 mincost +# These values seems do not want to die, Cisco likes them by a strange reason. +0x20 priority +0x40 immediate +0x60 flash +0x80 flash-override +0xa0 critical +0xc0 internet +0xe0 network +# Newer RFC2597 values +0x28 AF11 +0x30 AF12 +0x38 AF13 +0x48 AF21 +0x50 AF22 +0x58 AF23 +0x68 AF31 +0x70 AF32 +0x78 AF33 +0x88 AF41 +0x90 AF42 +0x98 AF43 diff --git a/iproute2/rt_protos b/iproute2/rt_protos new file mode 100644 index 0000000..38d8ec4 --- /dev/null +++ b/iproute2/rt_protos @@ -0,0 +1,30 @@ +# +# Reserved protocols. +# +0 unspec +1 redirect +2 kernel +3 boot +4 static +8 gated +9 ra +10 mrt +11 zebra +12 bird +13 dnrouted +14 xorp +15 ntk +16 dhcp + +# +# Used by me for gated +# +254 gated/aggr +253 gated/bgp +252 gated/ospf +251 gated/ospfase +250 gated/rip +249 gated/static +248 gated/conn +247 gated/inet +246 gated/default diff --git a/iproute2/rt_realms b/iproute2/rt_realms new file mode 100644 index 0000000..eedd76d --- /dev/null +++ b/iproute2/rt_realms @@ -0,0 +1,13 @@ +# +# reserved values +# +0 cosmos +# +# local +# +#1 inr.ac +#2 inr.ruhep +#3 freenet +#4 radio-msu +#5 russia +#6 internet diff --git a/iproute2/rt_scopes b/iproute2/rt_scopes new file mode 100644 index 0000000..8514bc1 --- /dev/null +++ b/iproute2/rt_scopes @@ -0,0 +1,11 @@ +# +# reserved values +# +0 global +255 nowhere +254 host +253 link +# +# pseudo-reserved +# +200 site diff --git a/iproute2/rt_tables b/iproute2/rt_tables new file mode 100644 index 0000000..541abfd --- /dev/null +++ b/iproute2/rt_tables @@ -0,0 +1,11 @@ +# +# reserved values +# +255 local +254 main +253 default +0 unspec +# +# local +# +#1 inr.ruhep diff --git a/java-config-2/build/compilers.conf b/java-config-2/build/compilers.conf new file mode 100644 index 0000000..2a615cf --- /dev/null +++ b/java-config-2/build/compilers.conf @@ -0,0 +1,5 @@ +# If the ebuild supports it +# it will check the COMPILERS var front to back and +# use the fist compiler that is installed + +#COMPILERS="ecj-3.1 jikes javac" diff --git a/java-config-2/build/jdk.conf b/java-config-2/build/jdk.conf new file mode 100644 index 0000000..0c42763 --- /dev/null +++ b/java-config-2/build/jdk.conf @@ -0,0 +1,12 @@ +# User jdk configuration file +# You can specify which jdk you prefer to use +# see http://www.gentoo.org/doc/en/java.xml#doc_chap4_sect3 for more info +# +# example: + +#1.3=sun-jdk-1.4 ibm-jdk-bin +#1.4=blackdown-jdk +#1.5=sun-jdk + +#or if you want everything with sun-jdk +#*=sun-jdk diff --git a/java-config-2/current-system-vm b/java-config-2/current-system-vm new file mode 120000 index 0000000..7b44858 --- /dev/null +++ b/java-config-2/current-system-vm @@ -0,0 +1 @@ +/usr/lib/jvm/icedtea6-bin \ No newline at end of file diff --git a/java-config-2/virtuals b/java-config-2/virtuals new file mode 100644 index 0000000..c2e3992 --- /dev/null +++ b/java-config-2/virtuals @@ -0,0 +1,4 @@ +# Example: +# +#javamail=gnu-javamail-1 +#javamail=sun-javamail diff --git a/kernel-config/config-2.6.34-gentoo-r12-00 b/kernel-config/config-2.6.34-gentoo-r12-00 new file mode 100644 index 0000000..7e76d90 --- /dev/null +++ b/kernel-config/config-2.6.34-gentoo-r12-00 @@ -0,0 +1,2536 @@ +# +# Automatically generated make config: don't edit +# Linux kernel version: 2.6.34-gentoo-r12 +# Mon Nov 29 18:26:44 2010 +# +CONFIG_64BIT=y +# CONFIG_X86_32 is not set +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_GENERIC_TIME=y +CONFIG_GENERIC_CMOS_UPDATE=y +CONFIG_CLOCKSOURCE_WATCHDOG=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_MMU=y +CONFIG_ZONE_DMA=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_IOMAP=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +# CONFIG_RWSEM_GENERIC_SPINLOCK is not set +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_ARCH_HAS_CPU_IDLE_WAIT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_DEFAULT_IDLE=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_HAVE_CPUMASK_OF_CPU_MAP=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ZONE_DMA32=y +CONFIG_ARCH_POPULATES_NODE_MAP=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_EARLY_RES=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_GENERIC_HARDIRQS=y +CONFIG_GENERIC_HARDIRQS_NO__DO_IRQ=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_PENDING_IRQ=y +CONFIG_USE_GENERIC_SMP_HELPERS=y +CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y +CONFIG_X86_TRAMPOLINE=y +# CONFIG_KTIME_SCALAR is not set +CONFIG_ARCH_CPU_PROBE_RELEASE=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_CONSTRUCTORS=y + +# +# General setup +# +CONFIG_EXPERIMENTAL=y +CONFIG_LOCK_KERNEL=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_LOCALVERSION="" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_BZIP2=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_BZIP2 is not set +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_LZO is not set +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_TREE=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +# CONFIG_TREE_PREEMPT_RCU is not set +# CONFIG_TINY_RCU is not set +# CONFIG_RCU_TRACE is not set +CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_FANOUT_EXACT is not set +# CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=18 +CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y +CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_NS=y +CONFIG_CGROUP_FREEZER=y +# CONFIG_CGROUP_DEVICE is not set +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_RESOURCE_COUNTERS=y +# CONFIG_CGROUP_MEM_RES_CTLR is not set +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +# CONFIG_RT_GROUP_SCHED is not set +# CONFIG_SYSFS_DEPRECATED_V2 is not set +CONFIG_RELAY=y +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_LZO=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +# CONFIG_EMBEDDED is not set +CONFIG_UID16=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_EXTRA_PASS=y +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_PCSPKR_PLATFORM=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +CONFIG_HAVE_PERF_EVENTS=y + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_PERF_COUNTERS is not set +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_PCI_QUIRKS=y +CONFIG_SLUB_DEBUG=y +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB is not set +CONFIG_SLUB=y +# CONFIG_SLOB is not set +CONFIG_PROFILING=y +CONFIG_TRACEPOINTS=y +# CONFIG_OPROFILE is not set +CONFIG_HAVE_OPROFILE=y +CONFIG_KPROBES=y +CONFIG_OPTPROBES=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_USER_RETURN_NOTIFIER=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +CONFIG_SLOW_WORK=y +# CONFIG_SLOW_WORK_DEBUG is not set +# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set +CONFIG_SLABINFO=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_FORCE_LOAD=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_STOP_MACHINE=y +CONFIG_BLOCK=y +CONFIG_BLK_DEV_BSG=y +# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLOCK_COMPAT=y + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=y +CONFIG_IOSCHED_CFQ=y +# CONFIG_CFQ_GROUP_IOSCHED is not set +# CONFIG_DEFAULT_DEADLINE is not set +CONFIG_DEFAULT_CFQ=y +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="cfq" +# CONFIG_INLINE_SPIN_TRYLOCK is not set +# CONFIG_INLINE_SPIN_TRYLOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK is not set +# CONFIG_INLINE_SPIN_LOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK_IRQ is not set +# CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set +CONFIG_INLINE_SPIN_UNLOCK=y +# CONFIG_INLINE_SPIN_UNLOCK_BH is not set +CONFIG_INLINE_SPIN_UNLOCK_IRQ=y +# CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_READ_TRYLOCK is not set +# CONFIG_INLINE_READ_LOCK is not set +# CONFIG_INLINE_READ_LOCK_BH is not set +# CONFIG_INLINE_READ_LOCK_IRQ is not set +# CONFIG_INLINE_READ_LOCK_IRQSAVE is not set +CONFIG_INLINE_READ_UNLOCK=y +# CONFIG_INLINE_READ_UNLOCK_BH is not set +CONFIG_INLINE_READ_UNLOCK_IRQ=y +# CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_WRITE_TRYLOCK is not set +# CONFIG_INLINE_WRITE_LOCK is not set +# CONFIG_INLINE_WRITE_LOCK_BH is not set +# CONFIG_INLINE_WRITE_LOCK_IRQ is not set +# CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set +CONFIG_INLINE_WRITE_UNLOCK=y +# CONFIG_INLINE_WRITE_UNLOCK_BH is not set +CONFIG_INLINE_WRITE_UNLOCK_IRQ=y +# CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_FREEZER=y + +# +# Processor type and features +# +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_GENERIC_CLOCKEVENTS_BUILD=y +CONFIG_SMP=y +CONFIG_SPARSE_IRQ=y +CONFIG_NUMA_IRQ_DESC=y +CONFIG_X86_MPPARSE=y +CONFIG_X86_EXTENDED_PLATFORM=y +# CONFIG_X86_VSMP is not set +CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y +CONFIG_SCHED_OMIT_FRAME_POINTER=y +# CONFIG_PARAVIRT_GUEST is not set +CONFIG_NO_BOOTMEM=y +# CONFIG_MEMTEST is not set +# CONFIG_M386 is not set +# CONFIG_M486 is not set +# CONFIG_M586 is not set +# CONFIG_M586TSC is not set +# CONFIG_M586MMX is not set +# CONFIG_M686 is not set +# CONFIG_MPENTIUMII is not set +# CONFIG_MPENTIUMIII is not set +# CONFIG_MPENTIUMM is not set +# CONFIG_MPENTIUM4 is not set +# CONFIG_MK6 is not set +# CONFIG_MK7 is not set +CONFIG_MK8=y +# CONFIG_MCRUSOE is not set +# CONFIG_MEFFICEON is not set +# CONFIG_MWINCHIPC6 is not set +# CONFIG_MWINCHIP3D is not set +# CONFIG_MGEODEGX1 is not set +# CONFIG_MGEODE_LX is not set +# CONFIG_MCYRIXIII is not set +# CONFIG_MVIAC3_2 is not set +# CONFIG_MVIAC7 is not set +# CONFIG_MPSC is not set +# CONFIG_MCORE2 is not set +# CONFIG_MATOM is not set +# CONFIG_GENERIC_CPU is not set +CONFIG_X86_CPU=y +CONFIG_X86_INTERNODE_CACHE_SHIFT=7 +CONFIG_X86_CMPXCHG=y +CONFIG_X86_L1_CACHE_SHIFT=6 +CONFIG_X86_XADD=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INTEL_USERCOPY=y +CONFIG_X86_USE_PPRO_CHECKSUM=y +CONFIG_X86_TSC=y +CONFIG_X86_CMPXCHG64=y +CONFIG_X86_CMOV=y +CONFIG_X86_MINIMUM_CPU_FAMILY=64 +CONFIG_X86_DEBUGCTLMSR=y +CONFIG_CPU_SUP_INTEL=y +CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_CENTAUR=y +# CONFIG_X86_DS is not set +CONFIG_HPET_TIMER=y +CONFIG_HPET_EMULATE_RTC=y +CONFIG_DMI=y +CONFIG_GART_IOMMU=y +CONFIG_CALGARY_IOMMU=y +CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y +CONFIG_AMD_IOMMU=y +CONFIG_AMD_IOMMU_STATS=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +CONFIG_IOMMU_API=y +# CONFIG_MAXSMP is not set +CONFIG_NR_CPUS=64 +CONFIG_SCHED_SMT=y +CONFIG_SCHED_MC=y +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_X86_LOCAL_APIC=y +CONFIG_X86_IO_APIC=y +CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y +CONFIG_X86_MCE=y +CONFIG_X86_MCE_INTEL=y +CONFIG_X86_MCE_AMD=y +CONFIG_X86_MCE_THRESHOLD=y +# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_I8K is not set +CONFIG_MICROCODE=y +CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_AMD=y +CONFIG_MICROCODE_OLD_INTERFACE=y +CONFIG_X86_MSR=y +CONFIG_X86_CPUID=y +CONFIG_ARCH_PHYS_ADDR_T_64BIT=y +CONFIG_DIRECT_GBPAGES=y +CONFIG_NUMA=y +CONFIG_K8_NUMA=y +CONFIG_X86_64_ACPI_NUMA=y +CONFIG_NODES_SPAN_OTHER_NODES=y +# CONFIG_NUMA_EMU is not set +CONFIG_NODES_SHIFT=6 +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_ARCH_SPARSEMEM_DEFAULT=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_SELECT_MEMORY_MODEL=y +# CONFIG_FLATMEM_MANUAL is not set +# CONFIG_DISCONTIGMEM_MANUAL is not set +CONFIG_SPARSEMEM_MANUAL=y +CONFIG_SPARSEMEM=y +CONFIG_NEED_MULTIPLE_NODES=y +CONFIG_HAVE_MEMORY_PRESENT=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y +CONFIG_SPARSEMEM_VMEMMAP=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_PAGEFLAGS_EXTENDED=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +CONFIG_MIGRATION=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_ZONE_DMA_FLAG=1 +CONFIG_BOUNCE=y +CONFIG_VIRT_TO_BUS=y +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +CONFIG_X86_CHECK_BIOS_CORRUPTION=y +CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +CONFIG_X86_RESERVE_LOW_64K=y +CONFIG_MTRR=y +# CONFIG_MTRR_SANITIZER is not set +CONFIG_X86_PAT=y +CONFIG_ARCH_USES_PG_UNCACHED=y +CONFIG_EFI=y +CONFIG_SECCOMP=y +# CONFIG_CC_STACKPROTECTOR is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_KEXEC=y +CONFIG_CRASH_DUMP=y +CONFIG_PHYSICAL_START=0x1000000 +CONFIG_RELOCATABLE=y +CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_HOTPLUG_CPU=y +# CONFIG_COMPAT_VDSO is not set +# CONFIG_CMDLINE_BOOL is not set +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_HAVE_ARCH_EARLY_PFN_TO_NID=y + +# +# Power management and ACPI options +# +CONFIG_PM=y +CONFIG_PM_DEBUG=y +CONFIG_PM_ADVANCED_DEBUG=y +# CONFIG_PM_VERBOSE is not set +CONFIG_CAN_PM_TRACE=y +CONFIG_PM_TRACE=y +CONFIG_PM_TRACE_RTC=y +CONFIG_PM_SLEEP_SMP=y +CONFIG_PM_SLEEP=y +# CONFIG_PM_SLEEP_ADVANCED_DEBUG is not set +CONFIG_SUSPEND=y +CONFIG_SUSPEND_FREEZER=y +# CONFIG_HIBERNATION is not set +# CONFIG_PM_RUNTIME is not set +CONFIG_PM_OPS=y +CONFIG_ACPI=y +CONFIG_ACPI_SLEEP=y +CONFIG_ACPI_PROCFS=y +CONFIG_ACPI_PROCFS_POWER=y +CONFIG_ACPI_POWER_METER=m +CONFIG_ACPI_SYSFS_POWER=y +CONFIG_ACPI_PROC_EVENT=y +CONFIG_ACPI_AC=y +CONFIG_ACPI_BATTERY=y +CONFIG_ACPI_BUTTON=y +CONFIG_ACPI_FAN=y +CONFIG_ACPI_DOCK=y +CONFIG_ACPI_PROCESSOR=y +CONFIG_ACPI_HOTPLUG_CPU=y +CONFIG_ACPI_PROCESSOR_AGGREGATOR=m +CONFIG_ACPI_THERMAL=y +CONFIG_ACPI_NUMA=y +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_PCI_SLOT=m +CONFIG_X86_PM_TIMER=y +CONFIG_ACPI_CONTAINER=y +# CONFIG_ACPI_SBS is not set +# CONFIG_SFI is not set + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=y +CONFIG_CPU_FREQ_DEBUG=y +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_STAT_DETAILS=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=y +# CONFIG_CPU_FREQ_GOV_POWERSAVE is not set +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=y +# CONFIG_CPU_FREQ_GOV_CONSERVATIVE is not set + +# +# CPUFreq processor drivers +# +# CONFIG_X86_PCC_CPUFREQ is not set +CONFIG_X86_ACPI_CPUFREQ=y +CONFIG_X86_POWERNOW_K8=m +# CONFIG_X86_SPEEDSTEP_CENTRINO is not set +# CONFIG_X86_P4_CLOCKMOD is not set + +# +# shared options +# +# CONFIG_X86_SPEEDSTEP_LIB is not set +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y + +# +# Memory power savings +# +# CONFIG_I7300_IDLE is not set + +# +# Bus options (PCI etc.) +# +CONFIG_PCI=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCI_DOMAINS=y +CONFIG_DMAR=y +# CONFIG_DMAR_DEFAULT_ON is not set +CONFIG_DMAR_FLOPPY_WA=y +# CONFIG_INTR_REMAP is not set +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEAER_INJECT is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_ARCH_SUPPORTS_MSI=y +CONFIG_PCI_MSI=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_HT_IRQ=y +# CONFIG_PCI_IOV is not set +CONFIG_PCI_IOAPIC=y +CONFIG_ISA_DMA_API=y +CONFIG_K8_NB=y +# CONFIG_PCCARD is not set +# CONFIG_HOTPLUG_PCI is not set + +# +# Executable file formats / Emulations +# +CONFIG_BINFMT_ELF=y +CONFIG_COMPAT_BINFMT_ELF=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +# CONFIG_HAVE_AOUT is not set +CONFIG_BINFMT_MISC=y +CONFIG_IA32_EMULATION=y +CONFIG_IA32_AOUT=m +CONFIG_COMPAT=y +CONFIG_COMPAT_FOR_U64_ALIGNMENT=y +CONFIG_SYSVIPC_COMPAT=y +CONFIG_NET=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_SUB_POLICY is not set +# CONFIG_XFRM_MIGRATE is not set +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_IPCOMP=m +# CONFIG_NET_KEY is not set +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_ASK_IP_FIB_HASH=y +# CONFIG_IP_FIB_TRIE is not set +CONFIG_IP_FIB_HASH=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +CONFIG_IP_PNP_RARP=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_ARPD=y +CONFIG_SYN_COOKIES=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_LRO=y +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +# CONFIG_TCP_CONG_BIC is not set +CONFIG_TCP_CONG_CUBIC=y +# CONFIG_TCP_CONG_WESTWOOD is not set +# CONFIG_TCP_CONG_HTCP is not set +# CONFIG_TCP_CONG_HSTCP is not set +# CONFIG_TCP_CONG_HYBLA is not set +# CONFIG_TCP_CONG_VEGAS is not set +# CONFIG_TCP_CONG_SCALABLE is not set +# CONFIG_TCP_CONG_LP is not set +# CONFIG_TCP_CONG_VENO is not set +# CONFIG_TCP_CONG_YEAH is not set +# CONFIG_TCP_CONG_ILLINOIS is not set +# CONFIG_DEFAULT_BIC is not set +CONFIG_DEFAULT_CUBIC=y +# CONFIG_DEFAULT_HTCP is not set +# CONFIG_DEFAULT_VEGAS is not set +# CONFIG_DEFAULT_WESTWOOD is not set +# CONFIG_DEFAULT_RENO is not set +CONFIG_DEFAULT_TCP_CONG="cubic" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_PRIVACY=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_SIT=m +# CONFIG_IPV6_SIT_6RD is not set +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETLABEL=y +CONFIG_NETWORK_SECMARK=y +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=y + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=m +CONFIG_NF_CT_ACCT=y +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_SECMARK=y +# CONFIG_NF_CONNTRACK_EVENTS is not set +CONFIG_NF_CT_PROTO_DCCP=m +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CT_PROTO_SCTP=m +CONFIG_NF_CT_PROTO_UDPLITE=m +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NETFILTER_TPROXY=m +CONFIG_NETFILTER_XTABLES=y +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m +# CONFIG_NETFILTER_XT_TARGET_CT is not set +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +# CONFIG_NETFILTER_XT_TARGET_TRACE is not set +CONFIG_NETFILTER_XT_TARGET_SECMARK=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +# CONFIG_NETFILTER_XT_MATCH_PHYSDEV is not set +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +# CONFIG_NETFILTER_XT_MATCH_RECENT_PROC_COMPAT is not set +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_IP_NF_QUEUE=m +CONFIG_IP_NF_IPTABLES=y +CONFIG_IP_NF_MATCH_ADDRTYPE=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_LOG=y +CONFIG_IP_NF_TARGET_ULOG=y +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_DCCP=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PROTO_UDPLITE=m +CONFIG_NF_NAT_PROTO_SCTP=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_NF_NAT_SIP=m +CONFIG_IP_NF_MANGLE=y +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_IP6_NF_QUEUE=m +CONFIG_IP6_NF_IPTABLES=y +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_TARGET_LOG=y +CONFIG_IP6_NF_FILTER=y +CONFIG_IP6_NF_TARGET_REJECT=y +CONFIG_IP6_NF_MANGLE=y +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +# CONFIG_BRIDGE_NF_EBTABLES is not set +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_CCID3_RTO=100 +CONFIG_IP_DCCP_TFRC_LIB=y + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# CONFIG_NET_DCCPPROBE is not set +CONFIG_IP_SCTP=m +# CONFIG_SCTP_DBG_MSG is not set +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_HMAC_NONE is not set +# CONFIG_SCTP_HMAC_SHA1 is not set +CONFIG_SCTP_HMAC_MD5=y +CONFIG_RDS=m +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +# CONFIG_TIPC_ADVANCED is not set +# CONFIG_TIPC_DEBUG is not set +# CONFIG_ATM is not set +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=m +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_IPX=m +# CONFIG_IPX_INTERN is not set +CONFIG_ATALK=m +# CONFIG_DEV_APPLETALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set +# CONFIG_PHONET is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_INGRESS=m + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_ROUTE=y +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_RSVP6=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +# CONFIG_GACT_PROB is not set +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +# CONFIG_NET_CLS_IND is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +CONFIG_NET_TCPPROBE=m +# CONFIG_NET_DROP_MONITOR is not set +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +# CONFIG_AF_RXRPC is not set +CONFIG_FIB_RULES=y +CONFIG_WIRELESS=y +CONFIG_WEXT_CORE=y +CONFIG_WEXT_PROC=y +CONFIG_CFG80211=y +# CONFIG_NL80211_TESTMODE is not set +# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set +# CONFIG_CFG80211_REG_DEBUG is not set +CONFIG_CFG80211_DEFAULT_PS=y +# CONFIG_CFG80211_DEBUGFS is not set +# CONFIG_CFG80211_INTERNAL_REGDB is not set +CONFIG_CFG80211_WEXT=y +CONFIG_WIRELESS_EXT_SYSFS=y +# CONFIG_LIB80211 is not set +CONFIG_MAC80211=y +CONFIG_MAC80211_HAS_RC=y +CONFIG_MAC80211_RC_MINSTREL=y +# CONFIG_MAC80211_RC_DEFAULT_PID is not set +CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT="minstrel" +# CONFIG_MAC80211_MESH is not set +CONFIG_MAC80211_LEDS=y +# CONFIG_MAC80211_DEBUGFS is not set +# CONFIG_MAC80211_DEBUG_MENU is not set +# CONFIG_WIMAX is not set +CONFIG_RFKILL=y +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +# CONFIG_NET_9P is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" +# CONFIG_DEVTMPFS is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y +CONFIG_FW_LOADER=y +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_SYS_HYPERVISOR is not set +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y +# CONFIG_MTD is not set +# CONFIG_PARPORT is not set +CONFIG_PNP=y +CONFIG_PNP_DEBUG_MESSAGES=y + +# +# Protocols +# +CONFIG_PNPACPI=y +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_FD is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=y +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +# CONFIG_BLK_DEV_OSD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_BLK_DEV_XIP is not set +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +# CONFIG_BLK_DEV_HD is not set +CONFIG_MISC_DEVICES=y +# CONFIG_AD525X_DPOT is not set +# CONFIG_IBM_ASM is not set +# CONFIG_PHANTOM is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_CS5535_MFGPT is not set +# CONFIG_HP_ILO is not set +# CONFIG_ISL29003 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_DS1682 is not set +# CONFIG_VMWARE_BALLOON is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +# CONFIG_EEPROM_AT24 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_CB710_CORE is not set +CONFIG_HAVE_IDE=y +# CONFIG_IDE is not set + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=m +CONFIG_BLK_DEV_SR_VENDOR=y +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_MULTI_LUN is not set +CONFIG_SCSI_CONSTANTS=y +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set +CONFIG_SCSI_WAIT_SCAN=m + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=y +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +# CONFIG_SCSI_SAS_ATA is not set +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SAS_LIBSAS_DEBUG=y +CONFIG_SCSI_SRP_ATTRS=m +# CONFIG_SCSI_LOWLEVEL is not set +CONFIG_SCSI_DH=m +# CONFIG_SCSI_DH_RDAC is not set +# CONFIG_SCSI_DH_HP_SW is not set +# CONFIG_SCSI_DH_EMC is not set +# CONFIG_SCSI_DH_ALUA is not set +CONFIG_SCSI_OSD_INITIATOR=m +CONFIG_SCSI_OSD_ULD=m +CONFIG_SCSI_OSD_DPRINT_SENSE=1 +# CONFIG_SCSI_OSD_DEBUG is not set +CONFIG_ATA=y +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_ATA_VERBOSE_ERROR=y +CONFIG_ATA_ACPI=y +CONFIG_SATA_PMP=y +CONFIG_SATA_AHCI=y +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y +# CONFIG_SATA_SVW is not set +CONFIG_ATA_PIIX=y +# CONFIG_SATA_MV is not set +# CONFIG_SATA_NV is not set +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SX4 is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_PATA_ACPI is not set +# CONFIG_PATA_ALI is not set +CONFIG_PATA_AMD=y +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CS5520 is not set +# CONFIG_PATA_CS5530 is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_LEGACY is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_MPIIX is not set +CONFIG_PATA_OLDPIIX=y +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_NS87415 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_RZ1000 is not set +# CONFIG_PATA_SC1200 is not set +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set +CONFIG_PATA_SCH=y +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=y +CONFIG_MD_RAID10=y +CONFIG_MD_RAID456=m +CONFIG_MULTICORE_RAID456=y +CONFIG_MD_RAID6_PQ=m +CONFIG_ASYNC_RAID6_TEST=m +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_MIRROR=y +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m +# CONFIG_DM_UEVENT is not set +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# + +# +# You can enable one or both FireWire driver stacks. +# + +# +# The newer stack is recommended. +# +# CONFIG_FIREWIRE is not set +# CONFIG_IEEE1394 is not set +CONFIG_I2O=m +CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y +CONFIG_I2O_EXT_ADAPTEC=y +CONFIG_I2O_EXT_ADAPTEC_DMA64=y +CONFIG_I2O_CONFIG=m +CONFIG_I2O_CONFIG_OLD_IOCTL=y +CONFIG_I2O_BUS=m +CONFIG_I2O_BLOCK=m +# CONFIG_I2O_SCSI is not set +CONFIG_I2O_PROC=m +# CONFIG_MACINTOSH_DRIVERS is not set +CONFIG_NETDEVICES=y +CONFIG_IFB=m +CONFIG_DUMMY=m +CONFIG_BONDING=m +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +# CONFIG_EQUALIZER is not set +CONFIG_TUN=m +CONFIG_VETH=m +# CONFIG_NET_SB1000 is not set +# CONFIG_ARCNET is not set +CONFIG_PHYLIB=y + +# +# MII PHY device drivers +# +# CONFIG_MARVELL_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_VITESSE_PHY is not set +CONFIG_SMSC_PHY=m +# CONFIG_BROADCOM_PHY is not set +# CONFIG_ICPLUS_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_FIXED_PHY is not set +# CONFIG_MDIO_BITBANG is not set +CONFIG_NET_ETHERNET=y +CONFIG_MII=y +CONFIG_HAPPYMEAL=m +CONFIG_SUNGEM=m +CONFIG_CASSINI=m +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=m +CONFIG_TYPHOON=m +CONFIG_ETHOC=m +CONFIG_DNET=m +CONFIG_NET_TULIP=y +CONFIG_DE2104X=m +CONFIG_DE2104X_DSL=0 +CONFIG_TULIP=m +# CONFIG_TULIP_MWI is not set +# CONFIG_TULIP_MMIO is not set +# CONFIG_TULIP_NAPI is not set +CONFIG_DE4X5=m +CONFIG_WINBOND_840=m +CONFIG_DM9102=m +CONFIG_ULI526X=m +# CONFIG_HP100 is not set +# CONFIG_IBM_NEW_EMAC_ZMII is not set +# CONFIG_IBM_NEW_EMAC_RGMII is not set +# CONFIG_IBM_NEW_EMAC_TAH is not set +# CONFIG_IBM_NEW_EMAC_EMAC4 is not set +# CONFIG_IBM_NEW_EMAC_NO_FLOW_CTRL is not set +# CONFIG_IBM_NEW_EMAC_MAL_CLR_ICINTSTAT is not set +# CONFIG_IBM_NEW_EMAC_MAL_COMMON_ERR is not set +CONFIG_NET_PCI=y +CONFIG_PCNET32=m +CONFIG_AMD8111_ETH=m +CONFIG_ADAPTEC_STARFIRE=m +CONFIG_KSZ884X_PCI=m +CONFIG_B44=m +CONFIG_B44_PCI_AUTOSELECT=y +CONFIG_B44_PCICORE_AUTOSELECT=y +CONFIG_B44_PCI=y +CONFIG_FORCEDETH=m +# CONFIG_FORCEDETH_NAPI is not set +CONFIG_E100=m +CONFIG_FEALNX=m +CONFIG_NATSEMI=m +CONFIG_NE2K_PCI=m +CONFIG_8139CP=m +CONFIG_8139TOO=m +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_R6040=m +CONFIG_SIS900=m +CONFIG_EPIC100=m +CONFIG_SMSC9420=m +CONFIG_SUNDANCE=m +# CONFIG_SUNDANCE_MMIO is not set +CONFIG_TLAN=m +CONFIG_KS8842=m +CONFIG_KS8851_MLL=m +CONFIG_VIA_RHINE=m +# CONFIG_VIA_RHINE_MMIO is not set +CONFIG_SC92031=m +CONFIG_ATL2=m +CONFIG_NETDEV_1000=y +CONFIG_ACENIC=m +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_DL2K=m +CONFIG_E1000=m +CONFIG_E1000E=m +CONFIG_IP1000=m +CONFIG_IGB=m +CONFIG_IGBVF=m +CONFIG_NS83820=m +CONFIG_HAMACHI=m +CONFIG_YELLOWFIN=m +CONFIG_R8169=m +CONFIG_R8169_VLAN=y +CONFIG_SIS190=m +CONFIG_SKGE=m +# CONFIG_SKGE_DEBUG is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +CONFIG_VIA_VELOCITY=m +CONFIG_TIGON3=m +CONFIG_BNX2=m +CONFIG_CNIC=m +CONFIG_QLA3XXX=m +CONFIG_ATL1=m +CONFIG_ATL1E=m +CONFIG_ATL1C=m +CONFIG_JME=m +CONFIG_NETDEV_10000=y +CONFIG_MDIO=m +CONFIG_CHELSIO_T1=m +CONFIG_CHELSIO_T1_1G=y +CONFIG_CHELSIO_T3_DEPENDS=y +CONFIG_CHELSIO_T3=m +CONFIG_CHELSIO_T4_DEPENDS=y +CONFIG_CHELSIO_T4=m +CONFIG_ENIC=m +CONFIG_IXGBE=m +CONFIG_IXGBEVF=m +CONFIG_IXGB=m +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set +CONFIG_MYRI10GE=m +CONFIG_NETXEN_NIC=m +CONFIG_NIU=m +CONFIG_MLX4_EN=m +CONFIG_MLX4_CORE=m +CONFIG_MLX4_DEBUG=y +CONFIG_TEHUTI=m +CONFIG_BNX2X=m +CONFIG_QLCNIC=m +CONFIG_QLGE=m +CONFIG_SFC=m +CONFIG_BE2NET=m +# CONFIG_TR is not set +# CONFIG_WLAN is not set + +# +# Enable WiMAX (Networking options) to see the WiMAX drivers +# +# CONFIG_WAN is not set +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_NET_FC is not set +CONFIG_NETCONSOLE=y +# CONFIG_NETCONSOLE_DYNAMIC is not set +CONFIG_NETPOLL=y +# CONFIG_NETPOLL_TRAP is not set +CONFIG_NET_POLL_CONTROLLER=y +# CONFIG_VMXNET3 is not set +# CONFIG_ISDN is not set +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_FF_MEMLESS=y +CONFIG_INPUT_POLLDEV=y +# CONFIG_INPUT_SPARSEKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_QT2160 is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +CONFIG_SERIO_SERPORT=y +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_SERIO_ALTERA_PS2 is not set +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_DEVKMEM=y +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_COMPUTONE is not set +# CONFIG_ROCKETPORT is not set +# CONFIG_CYCLADES is not set +# CONFIG_DIGIEPCA is not set +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_ISI is not set +# CONFIG_SYNCLINK is not set +# CONFIG_SYNCLINKMP is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_N_HDLC is not set +# CONFIG_RISCOM8 is not set +# CONFIG_SPECIALIX is not set +# CONFIG_STALDRV is not set +# CONFIG_NOZOMI is not set + +# +# Serial drivers +# +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_SERIAL_8250_PCI=y +CONFIG_SERIAL_8250_PNP=y +CONFIG_SERIAL_8250_NR_UARTS=32 +CONFIG_SERIAL_8250_RUNTIME_UARTS=4 +CONFIG_SERIAL_8250_EXTENDED=y +CONFIG_SERIAL_8250_MANY_PORTS=y +CONFIG_SERIAL_8250_SHARE_IRQ=y +CONFIG_SERIAL_8250_DETECT_IRQ=y +CONFIG_SERIAL_8250_RSA=y + +# +# Non-8250 serial port support +# +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_TIMBERDALE is not set +CONFIG_UNIX98_PTYS=y +# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set +# CONFIG_LEGACY_PTYS is not set +CONFIG_IPMI_HANDLER=m +# CONFIG_IPMI_PANIC_EVENT is not set +CONFIG_IPMI_DEVICE_INTERFACE=m +CONFIG_IPMI_SI=m +CONFIG_IPMI_WATCHDOG=m +CONFIG_IPMI_POWEROFF=m +CONFIG_HW_RANDOM=m +CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_NVRAM=y +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_MWAVE is not set +# CONFIG_PC8736x_GPIO is not set +# CONFIG_RAW_DRIVER is not set +CONFIG_HPET=y +# CONFIG_HPET_MMAP is not set +# CONFIG_HANGCHECK_TIMER is not set +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set +CONFIG_DEVPORT=y +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_SMBUS=m +CONFIG_I2C_ALGOBIT=m +CONFIG_I2C_ALGOPCA=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +CONFIG_I2C_ALI1535=m +CONFIG_I2C_ALI1563=m +CONFIG_I2C_ALI15X3=m +CONFIG_I2C_AMD756=m +CONFIG_I2C_AMD756_S4882=m +CONFIG_I2C_AMD8111=m +CONFIG_I2C_I801=m +CONFIG_I2C_ISCH=m +CONFIG_I2C_PIIX4=m +CONFIG_I2C_NFORCE2=m +CONFIG_I2C_NFORCE2_S4985=m +CONFIG_I2C_SIS5595=m +CONFIG_I2C_SIS630=m +CONFIG_I2C_SIS96X=m +CONFIG_I2C_VIA=m +CONFIG_I2C_VIAPRO=m + +# +# ACPI drivers +# +CONFIG_I2C_SCMI=m + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +CONFIG_I2C_OCORES=m +CONFIG_I2C_SIMTEC=m +# CONFIG_I2C_XILINX is not set + +# +# External I2C/SMBus adapter drivers +# +CONFIG_I2C_PARPORT_LIGHT=m +CONFIG_I2C_TAOS_EVM=m + +# +# Other I2C/SMBus bus drivers +# +CONFIG_I2C_PCA_PLATFORM=m +CONFIG_I2C_STUB=m +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# CONFIG_SPI is not set + +# +# PPS support +# +# CONFIG_PPS is not set +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +# CONFIG_GPIOLIB is not set +# CONFIG_W1 is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +# CONFIG_PDA_POWER is not set +# CONFIG_BATTERY_DS2760 is not set +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_BQ27x00 is not set +# CONFIG_BATTERY_MAX17040 is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=m +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +CONFIG_SENSORS_ABITUGURU=m +CONFIG_SENSORS_ABITUGURU3=m +CONFIG_SENSORS_AD7414=m +CONFIG_SENSORS_AD7418=m +CONFIG_SENSORS_ADM1021=m +CONFIG_SENSORS_ADM1025=m +CONFIG_SENSORS_ADM1026=m +CONFIG_SENSORS_ADM1029=m +CONFIG_SENSORS_ADM1031=m +CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7411=m +CONFIG_SENSORS_ADT7462=m +CONFIG_SENSORS_ADT7470=m +CONFIG_SENSORS_ADT7475=m +CONFIG_SENSORS_ASC7621=m +CONFIG_SENSORS_K8TEMP=m +CONFIG_SENSORS_K10TEMP=m +CONFIG_SENSORS_ASB100=m +CONFIG_SENSORS_ATXP1=m +CONFIG_SENSORS_DS1621=m +CONFIG_SENSORS_I5K_AMB=m +CONFIG_SENSORS_F71805F=m +CONFIG_SENSORS_F71882FG=m +CONFIG_SENSORS_F75375S=m +CONFIG_SENSORS_FSCHMD=m +CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_GL518SM=m +CONFIG_SENSORS_GL520SM=m +CONFIG_SENSORS_CORETEMP=m +CONFIG_SENSORS_IBMAEM=m +CONFIG_SENSORS_IBMPEX=m +CONFIG_SENSORS_IT87=m +CONFIG_SENSORS_LM63=m +CONFIG_SENSORS_LM73=m +CONFIG_SENSORS_LM75=m +CONFIG_SENSORS_LM77=m +CONFIG_SENSORS_LM78=m +CONFIG_SENSORS_LM80=m +CONFIG_SENSORS_LM83=m +CONFIG_SENSORS_LM85=m +CONFIG_SENSORS_LM87=m +CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_LM92=m +CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LTC4215=m +CONFIG_SENSORS_LTC4245=m +CONFIG_SENSORS_LM95241=m +CONFIG_SENSORS_MAX1619=m +CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_PC87360=m +CONFIG_SENSORS_PC87427=m +CONFIG_SENSORS_PCF8591=m +CONFIG_SENSORS_SIS5595=m +CONFIG_SENSORS_DME1737=m +CONFIG_SENSORS_SMSC47M1=m +CONFIG_SENSORS_SMSC47M192=m +CONFIG_SENSORS_SMSC47B397=m +CONFIG_SENSORS_ADS7828=m +CONFIG_SENSORS_AMC6821=m +CONFIG_SENSORS_THMC50=m +CONFIG_SENSORS_TMP401=m +CONFIG_SENSORS_TMP421=m +CONFIG_SENSORS_VIA_CPUTEMP=m +CONFIG_SENSORS_VIA686A=m +CONFIG_SENSORS_VT1211=m +CONFIG_SENSORS_VT8231=m +CONFIG_SENSORS_W83781D=m +CONFIG_SENSORS_W83791D=m +CONFIG_SENSORS_W83792D=m +CONFIG_SENSORS_W83793=m +CONFIG_SENSORS_W83L785TS=m +CONFIG_SENSORS_W83L786NG=m +CONFIG_SENSORS_W83627HF=m +CONFIG_SENSORS_W83627EHF=m +CONFIG_SENSORS_HDAPS=m +CONFIG_SENSORS_LIS3_I2C=m +CONFIG_SENSORS_APPLESMC=m + +# +# ACPI drivers +# +CONFIG_SENSORS_ATK0110=m +CONFIG_SENSORS_LIS3LV02D=m +CONFIG_THERMAL=y +CONFIG_THERMAL_HWMON=y +CONFIG_WATCHDOG=y +# CONFIG_WATCHDOG_NOWAYOUT is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +CONFIG_ACQUIRE_WDT=m +CONFIG_ADVANTECH_WDT=m +CONFIG_ALIM1535_WDT=m +CONFIG_ALIM7101_WDT=m +CONFIG_SC520_WDT=m +CONFIG_SBC_FITPC2_WATCHDOG=m +CONFIG_EUROTECH_WDT=m +CONFIG_IB700_WDT=m +CONFIG_IBMASR=m +CONFIG_WAFER_WDT=m +CONFIG_I6300ESB_WDT=m +CONFIG_ITCO_WDT=m +# CONFIG_ITCO_VENDOR_SUPPORT is not set +CONFIG_IT8712F_WDT=m +CONFIG_IT87_WDT=m +CONFIG_HP_WATCHDOG=m +CONFIG_SC1200_WDT=m +CONFIG_PC87413_WDT=m +CONFIG_60XX_WDT=m +CONFIG_SBC8360_WDT=m +CONFIG_CPU5_WDT=m +CONFIG_SMSC_SCH311X_WDT=m +CONFIG_SMSC37B787_WDT=m +CONFIG_W83627HF_WDT=m +CONFIG_W83697HF_WDT=m +CONFIG_W83697UG_WDT=m +CONFIG_W83877F_WDT=m +CONFIG_W83977F_WDT=m +CONFIG_MACHZ_WDT=m +CONFIG_SBC_EPX_C3_WATCHDOG=m + +# +# PCI-based Watchdog Cards +# +CONFIG_PCIPCWATCHDOG=m +CONFIG_WDTPCI=m +CONFIG_SSB_POSSIBLE=y + +# +# Sonics Silicon Backplane +# +CONFIG_SSB=m +CONFIG_SSB_SPROM=y +CONFIG_SSB_PCIHOST_POSSIBLE=y +CONFIG_SSB_PCIHOST=y +# CONFIG_SSB_B43_PCI_BRIDGE is not set +# CONFIG_SSB_DEBUG is not set +CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y +CONFIG_SSB_DRIVER_PCICORE=y + +# +# Multifunction device drivers +# +CONFIG_MFD_CORE=m +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_MFD_TMIO is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_AB3100_CORE is not set +CONFIG_LPC_SCH=m +# CONFIG_REGULATOR is not set +# CONFIG_MEDIA_SUPPORT is not set + +# +# Graphics support +# +# CONFIG_AGP is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +# CONFIG_VGA_SWITCHEROO is not set +# CONFIG_DRM is not set +# CONFIG_VGASTATE is not set +# CONFIG_VIDEO_OUTPUT_CONTROL is not set +CONFIG_FB=m +# CONFIG_FIRMWARE_EDID is not set +# CONFIG_FB_DDC is not set +# CONFIG_FB_BOOT_VESA_SUPPORT is not set +# CONFIG_FB_CFB_FILLRECT is not set +# CONFIG_FB_CFB_COPYAREA is not set +# CONFIG_FB_CFB_IMAGEBLIT is not set +# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set +# CONFIG_FB_SYS_FILLRECT is not set +# CONFIG_FB_SYS_COPYAREA is not set +# CONFIG_FB_SYS_IMAGEBLIT is not set +# CONFIG_FB_FOREIGN_ENDIAN is not set +# CONFIG_FB_SYS_FOPS is not set +# CONFIG_FB_SVGALIB is not set +# CONFIG_FB_MACMODES is not set +# CONFIG_FB_BACKLIGHT is not set +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ARC is not set +# CONFIG_FB_VGA16 is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_N411 is not set +# CONFIG_FB_HGA is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_LE80578 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_VIA is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_GEODE is not set +# CONFIG_FB_TMIO is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_BROADSHEET is not set +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set + +# +# Display device support +# +# CONFIG_DISPLAY_SUPPORT is not set + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +CONFIG_VGACON_SOFT_SCROLLBACK=y +CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=64 +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# CONFIG_LOGO is not set +# CONFIG_SOUND is not set +# CONFIG_HID_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_UWB is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=m + +# +# LED drivers +# +# CONFIG_LEDS_ALIX2 is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_CLEVO_MAIL is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_INTEL_SS4200 is not set +CONFIG_LEDS_TRIGGERS=y + +# +# LED Triggers +# +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_ACCESSIBILITY is not set +# CONFIG_INFINIBAND is not set +CONFIG_EDAC=y + +# +# Reporting subsystems +# +# CONFIG_EDAC_DEBUG is not set +CONFIG_EDAC_DECODE_MCE=y +# CONFIG_EDAC_MM_EDAC is not set +CONFIG_RTC_LIB=m +CONFIG_RTC_CLASS=m + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set +CONFIG_RTC_DRV_TEST=m + +# +# I2C RTC drivers +# +CONFIG_RTC_DRV_DS1307=m +CONFIG_RTC_DRV_DS1374=m +CONFIG_RTC_DRV_DS1672=m +CONFIG_RTC_DRV_MAX6900=m +CONFIG_RTC_DRV_RS5C372=m +CONFIG_RTC_DRV_ISL1208=m +CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8563=m +CONFIG_RTC_DRV_PCF8583=m +CONFIG_RTC_DRV_M41T80=m +# CONFIG_RTC_DRV_M41T80_WDT is not set +CONFIG_RTC_DRV_BQ32K=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_FM3130=m +CONFIG_RTC_DRV_RX8581=m +CONFIG_RTC_DRV_RX8025=m + +# +# SPI RTC drivers +# + +# +# Platform RTC drivers +# +CONFIG_RTC_DRV_CMOS=m +CONFIG_RTC_DRV_DS1286=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_RTC_DRV_DS1553=m +CONFIG_RTC_DRV_DS1742=m +CONFIG_RTC_DRV_STK17TA8=m +CONFIG_RTC_DRV_M48T86=m +CONFIG_RTC_DRV_M48T35=m +CONFIG_RTC_DRV_M48T59=m +CONFIG_RTC_DRV_MSM6242=m +CONFIG_RTC_DRV_BQ4802=m +CONFIG_RTC_DRV_RP5C01=m +CONFIG_RTC_DRV_V3020=m + +# +# on-CPU RTC drivers +# +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +# CONFIG_INTEL_IOATDMA is not set +# CONFIG_AUXDISPLAY is not set +CONFIG_UIO=m +CONFIG_UIO_CIF=m +CONFIG_UIO_PDRV=m +CONFIG_UIO_PDRV_GENIRQ=m +CONFIG_UIO_AEC=m +CONFIG_UIO_SERCOS3=m +CONFIG_UIO_PCI_GENERIC=m +CONFIG_UIO_NETX=m + +# +# TI VLYNQ +# +CONFIG_STAGING=y +# CONFIG_STAGING_EXCLUDE_BUILD is not set +# CONFIG_ET131X is not set +# CONFIG_SLICOSS is not set +# CONFIG_ECHO is not set +# CONFIG_POCH is not set +# CONFIG_COMEDI is not set + +# +# Qualcomm MSM Camera And Video +# + +# +# Camera Sensor Selection +# +# CONFIG_INPUT_GPIO is not set +# CONFIG_POHMELFS is not set +# CONFIG_IDE_PHISON is not set +# CONFIG_HYPERV is not set +# CONFIG_VME_BUS is not set + +# +# RAR Register Driver +# +# CONFIG_RAR_REGISTER is not set +# CONFIG_IIO is not set +# CONFIG_RAMZSWAP is not set +# CONFIG_BATMAN_ADV is not set +# CONFIG_STRIP is not set +# CONFIG_FB_SM7XX is not set +# CONFIG_DT3155 is not set +# CONFIG_CRYSTALHD is not set +CONFIG_X86_PLATFORM_DEVICES=y +# CONFIG_ACERHDF is not set +# CONFIG_ASUS_LAPTOP is not set +# CONFIG_SONY_LAPTOP is not set +# CONFIG_THINKPAD_ACPI is not set +# CONFIG_INTEL_MENLOW is not set +# CONFIG_ACPI_WMI is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_TOPSTAR_LAPTOP is not set +# CONFIG_ACPI_TOSHIBA is not set +# CONFIG_TOSHIBA_BT_RFKILL is not set +# CONFIG_ACPI_CMPC is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +CONFIG_FIRMWARE_MEMMAP=y +CONFIG_EFI_VARS=y +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_DMIID=y +# CONFIG_ISCSI_IBFT_FIND is not set + +# +# File systems +# +CONFIG_EXT2_FS=m +CONFIG_EXT2_FS_XATTR=y +CONFIG_EXT2_FS_POSIX_ACL=y +CONFIG_EXT2_FS_SECURITY=y +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set +CONFIG_EXT3_FS_XATTR=y +CONFIG_EXT3_FS_POSIX_ACL=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_FS_XATTR=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD=y +CONFIG_JBD_DEBUG=y +CONFIG_JBD2=y +CONFIG_JBD2_DEBUG=y +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +CONFIG_JFS_STATISTICS=y +CONFIG_FS_POSIX_ACL=y +CONFIG_XFS_FS=m +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +CONFIG_XFS_RT=y +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +CONFIG_OCFS2_FS_STATS=y +CONFIG_OCFS2_DEBUG_MASKLOG=y +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +CONFIG_NILFS2_FS=m +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_PRINT_QUOTA_WARNING is not set +CONFIG_QUOTA_DEBUG=y +CONFIG_QUOTA_TREE=y +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=y +CONFIG_QUOTACTL=y +CONFIG_QUOTACTL_COMPAT=y +# CONFIG_AUTOFS_FS is not set +CONFIG_AUTOFS4_FS=m +CONFIG_FUSE_FS=y +# CONFIG_CUSE is not set +CONFIG_GENERIC_ACL=y + +# +# Caches +# +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +CONFIG_FSCACHE_HISTOGRAM=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_FSCACHE_OBJECT_LIST=y +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_HISTOGRAM is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +# CONFIG_NTFS_DEBUG is not set +CONFIG_NTFS_RW=y + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_VMCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_CONFIGFS_FS=m +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ADFS_FS=m +# CONFIG_ADFS_FS_RW is not set +# CONFIG_AFFS_FS is not set +CONFIG_ECRYPT_FS=m +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_LOGFS is not set +CONFIG_CRAMFS=m +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_EMBEDDED=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +# CONFIG_ROMFS_BACKED_BY_MTD is not set +# CONFIG_ROMFS_BACKED_BY_BOTH is not set +CONFIG_ROMFS_ON_BLOCK=y +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EXOFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=y +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +# CONFIG_NFS_V4_1 is not set +CONFIG_ROOT_NFS=y +CONFIG_NFSD=m +CONFIG_NFSD_V2_ACL=y +CONFIG_NFSD_V3=y +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +CONFIG_LOCKD=y +CONFIG_LOCKD_V4=y +CONFIG_EXPORTFS=m +CONFIG_NFS_ACL_SUPPORT=y +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=y +CONFIG_SUNRPC_GSS=y +CONFIG_RPCSEC_GSS_KRB5=y +CONFIG_RPCSEC_GSS_SPKM3=m +CONFIG_SMB_FS=m +# CONFIG_SMB_NLS_DEFAULT is not set +# CONFIG_CEPH_FS is not set +CONFIG_CIFS=m +CONFIG_CIFS_STATS=y +CONFIG_CIFS_STATS2=y +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_UPCALL is not set +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +# CONFIG_CIFS_DEBUG2 is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_EXPERIMENTAL is not set +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +# CONFIG_AFS_FS is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +# CONFIG_LDM_PARTITION is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=m +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +# CONFIG_DLM_DEBUG is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_PRINTK_TIME=y +# CONFIG_ENABLE_WARN_DEPRECATED is not set +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=2048 +CONFIG_MAGIC_SYSRQ=y +# CONFIG_STRIP_ASM_SYMS is not set +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_DEBUG_FS=y +# CONFIG_HEADERS_CHECK is not set +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_SHIRQ is not set +# CONFIG_DETECT_SOFTLOCKUP is not set +# CONFIG_DETECT_HUNG_TASK is not set +# CONFIG_SCHED_DEBUG is not set +CONFIG_SCHEDSTATS=y +CONFIG_TIMER_STATS=y +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_RT_MUTEX_TESTER is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_SPINLOCK_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +CONFIG_STACKTRACE=y +# CONFIG_DEBUG_KOBJECT is not set +CONFIG_DEBUG_BUGVERBOSE=y +# CONFIG_DEBUG_INFO is not set +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_WRITECOUNT is not set +CONFIG_DEBUG_MEMORY_INIT=y +# CONFIG_DEBUG_LIST is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_RCU_TORTURE_TEST is not set +# CONFIG_RCU_CPU_STALL_DETECTOR is not set +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# CONFIG_LKDTM is not set +# CONFIG_FAULT_INJECTION is not set +# CONFIG_LATENCYTOP is not set +CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_DEBUG_PAGEALLOC is not set +CONFIG_USER_STACKTRACE_SUPPORT=y +CONFIG_NOP_TRACER=y +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y +CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_RING_BUFFER=y +CONFIG_EVENT_TRACING=y +CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACING=y +CONFIG_GENERIC_TRACER=y +CONFIG_TRACING_SUPPORT=y +CONFIG_FTRACE=y +# CONFIG_FUNCTION_TRACER is not set +# CONFIG_IRQSOFF_TRACER is not set +# CONFIG_SYSPROF_TRACER is not set +# CONFIG_SCHED_TRACER is not set +# CONFIG_FTRACE_SYSCALLS is not set +# CONFIG_BOOT_TRACER is not set +CONFIG_BRANCH_PROFILE_NONE=y +# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set +# CONFIG_PROFILE_ALL_BRANCHES is not set +# CONFIG_KSYM_TRACER is not set +# CONFIG_STACK_TRACER is not set +# CONFIG_KMEMTRACE is not set +# CONFIG_WORKQUEUE_TRACER is not set +CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENT=y +# CONFIG_FTRACE_STARTUP_TEST is not set +# CONFIG_MMIOTRACE is not set +# CONFIG_RING_BUFFER_BENCHMARK is not set +CONFIG_PROVIDE_OHCI1394_DMA_INIT=y +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_SAMPLES is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_HAVE_ARCH_KMEMCHECK=y +# CONFIG_STRICT_DEVMEM is not set +CONFIG_X86_VERBOSE_BOOTUP=y +CONFIG_EARLY_PRINTK=y +CONFIG_EARLY_PRINTK_DBGP=y +CONFIG_DEBUG_STACKOVERFLOW=y +CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_PER_CPU_MAPS is not set +# CONFIG_X86_PTDUMP is not set +CONFIG_DEBUG_RODATA=y +# CONFIG_DEBUG_RODATA_TEST is not set +CONFIG_DEBUG_NX_TEST=m +# CONFIG_IOMMU_DEBUG is not set +# CONFIG_IOMMU_STRESS is not set +CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set +CONFIG_IO_DELAY_TYPE_0X80=0 +CONFIG_IO_DELAY_TYPE_0XED=1 +CONFIG_IO_DELAY_TYPE_UDELAY=2 +CONFIG_IO_DELAY_TYPE_NONE=3 +CONFIG_IO_DELAY_0X80=y +# CONFIG_IO_DELAY_0XED is not set +# CONFIG_IO_DELAY_UDELAY is not set +# CONFIG_IO_DELAY_NONE is not set +CONFIG_DEFAULT_IO_DELAY_TYPE=0 +CONFIG_DEBUG_BOOT_PARAMS=y +# CONFIG_CPA_DEBUG is not set +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set + +# +# Security options +# +CONFIG_KEYS=y +CONFIG_KEYS_DEBUG_PROC_KEYS=y +CONFIG_SECURITY=y +# CONFIG_SECURITYFS is not set +CONFIG_SECURITY_NETWORK=y +# CONFIG_SECURITY_NETWORK_XFRM is not set +# CONFIG_SECURITY_PATH is not set +# CONFIG_INTEL_TXT is not set +CONFIG_LSM_MMAP_MIN_ADDR=65536 +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_SELINUX_DISABLE=y +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_IMA is not set +CONFIG_DEFAULT_SECURITY_SELINUX=y +# CONFIG_DEFAULT_SECURITY_SMACK is not set +# CONFIG_DEFAULT_SECURITY_TOMOYO is not set +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="selinux" +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +# CONFIG_CRYPTO_FIPS is not set +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=m +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_PCOMP=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_NULL=m +# CONFIG_CRYPTO_PCRYPT is not set +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_CRYPTD=m +CONFIG_CRYPTO_AUTHENC=y +CONFIG_CRYPTO_TEST=m + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_CTS=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=m +CONFIG_CRYPTO_FPU=m + +# +# Hash modes +# +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_VMAC=m + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=m +CONFIG_CRYPTO_CRC32C_INTEL=m +CONFIG_CRYPTO_GHASH=m +# CONFIG_CRYPTO_MD4 is not set +CONFIG_CRYPTO_MD5=y +# CONFIG_CRYPTO_MICHAEL_MIC is not set +CONFIG_CRYPTO_RMD128=m +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_RMD256=m +CONFIG_CRYPTO_RMD320=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=m +CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_TGR192=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_X86_64=m +CONFIG_CRYPTO_AES_NI_INTEL=m +# CONFIG_CRYPTO_ANUBIS is not set +CONFIG_CRYPTO_ARC4=y +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=y +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SALSA20=m +CONFIG_CRYPTO_SALSA20_X86_64=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +CONFIG_CRYPTO_TWOFISH_X86_64=m + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m + +# +# Random Number Generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_PADLOCK is not set +# CONFIG_CRYPTO_DEV_HIFN_795X is not set +CONFIG_HAVE_KVM=y +CONFIG_VIRTUALIZATION=y +# CONFIG_KVM is not set +# CONFIG_VHOST_NET is not set +# CONFIG_VIRTIO_PCI is not set +# CONFIG_VIRTIO_BALLOON is not set +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_BITREVERSE=y +CONFIG_GENERIC_FIND_FIRST_BIT=y +CONFIG_GENERIC_FIND_NEXT_BIT=y +CONFIG_GENERIC_FIND_LAST_BIT=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC7=m +CONFIG_LIBCRC32C=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=m +CONFIG_LZO_COMPRESS=m +CONFIG_LZO_DECOMPRESS=y +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_DMA=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m diff --git a/kernel-config/config-2.6.36-gentoo-r5-00 b/kernel-config/config-2.6.36-gentoo-r5-00 new file mode 100644 index 0000000..32f3e34 --- /dev/null +++ b/kernel-config/config-2.6.36-gentoo-r5-00 @@ -0,0 +1,2631 @@ +# +# Automatically generated make config: don't edit +# Linux kernel version: 2.6.36-gentoo-r5 +# Sun Jan 9 13:50:47 2011 +# +CONFIG_64BIT=y +# CONFIG_X86_32 is not set +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_INSTRUCTION_DECODER=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_GENERIC_CMOS_UPDATE=y +CONFIG_CLOCKSOURCE_WATCHDOG=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_MMU=y +CONFIG_ZONE_DMA=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_IOMAP=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +# CONFIG_RWSEM_GENERIC_SPINLOCK is not set +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_ARCH_HAS_CPU_IDLE_WAIT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_DEFAULT_IDLE=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_HAVE_CPUMASK_OF_CPU_MAP=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ZONE_DMA32=y +CONFIG_ARCH_POPULATES_NODE_MAP=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_EARLY_RES=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_GENERIC_HARDIRQS=y +CONFIG_GENERIC_HARDIRQS_NO__DO_IRQ=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_PENDING_IRQ=y +CONFIG_USE_GENERIC_SMP_HELPERS=y +CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y +CONFIG_X86_TRAMPOLINE=y +CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" +# CONFIG_KTIME_SCALAR is not set +CONFIG_ARCH_CPU_PROBE_RELEASE=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_CONSTRUCTORS=y + +# +# General setup +# +CONFIG_EXPERIMENTAL=y +CONFIG_LOCK_KERNEL=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" +CONFIG_LOCALVERSION="" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_BZIP2=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_BZIP2 is not set +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_LZO is not set +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_WATCH=y +CONFIG_AUDIT_TREE=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +# CONFIG_RCU_TRACE is not set +CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_FANOUT_EXACT is not set +# CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=18 +CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y +CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_NS=y +CONFIG_CGROUP_FREEZER=y +# CONFIG_CGROUP_DEVICE is not set +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_RESOURCE_COUNTERS=y +# CONFIG_CGROUP_MEM_RES_CTLR is not set +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +# CONFIG_RT_GROUP_SCHED is not set +CONFIG_BLK_CGROUP=m +# CONFIG_DEBUG_BLK_CGROUP is not set +# CONFIG_SYSFS_DEPRECATED_V2 is not set +CONFIG_RELAY=y +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_LZO=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +# CONFIG_EMBEDDED is not set +CONFIG_UID16=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_EXTRA_PASS=y +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_PCSPKR_PLATFORM=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +CONFIG_HAVE_PERF_EVENTS=y + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_PERF_COUNTERS is not set +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_PCI_QUIRKS=y +CONFIG_SLUB_DEBUG=y +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB is not set +CONFIG_SLUB=y +CONFIG_PROFILING=y +CONFIG_TRACEPOINTS=y +# CONFIG_OPROFILE is not set +CONFIG_HAVE_OPROFILE=y +CONFIG_KPROBES=y +CONFIG_OPTPROBES=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y +CONFIG_HAVE_USER_RETURN_NOTIFIER=y +CONFIG_HAVE_PERF_EVENTS_NMI=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set +CONFIG_SLABINFO=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_FORCE_LOAD=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_STOP_MACHINE=y +CONFIG_BLOCK=y +CONFIG_BLK_DEV_BSG=y +# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLOCK_COMPAT=y + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=y +CONFIG_IOSCHED_CFQ=m +# CONFIG_CFQ_GROUP_IOSCHED is not set +CONFIG_DEFAULT_DEADLINE=y +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="deadline" +# CONFIG_INLINE_SPIN_TRYLOCK is not set +# CONFIG_INLINE_SPIN_TRYLOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK is not set +# CONFIG_INLINE_SPIN_LOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK_IRQ is not set +# CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set +CONFIG_INLINE_SPIN_UNLOCK=y +# CONFIG_INLINE_SPIN_UNLOCK_BH is not set +CONFIG_INLINE_SPIN_UNLOCK_IRQ=y +# CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_READ_TRYLOCK is not set +# CONFIG_INLINE_READ_LOCK is not set +# CONFIG_INLINE_READ_LOCK_BH is not set +# CONFIG_INLINE_READ_LOCK_IRQ is not set +# CONFIG_INLINE_READ_LOCK_IRQSAVE is not set +CONFIG_INLINE_READ_UNLOCK=y +# CONFIG_INLINE_READ_UNLOCK_BH is not set +CONFIG_INLINE_READ_UNLOCK_IRQ=y +# CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_WRITE_TRYLOCK is not set +# CONFIG_INLINE_WRITE_LOCK is not set +# CONFIG_INLINE_WRITE_LOCK_BH is not set +# CONFIG_INLINE_WRITE_LOCK_IRQ is not set +# CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set +CONFIG_INLINE_WRITE_UNLOCK=y +# CONFIG_INLINE_WRITE_UNLOCK_BH is not set +CONFIG_INLINE_WRITE_UNLOCK_IRQ=y +# CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_FREEZER=y + +# +# Processor type and features +# +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_GENERIC_CLOCKEVENTS_BUILD=y +CONFIG_SMP=y +CONFIG_SPARSE_IRQ=y +CONFIG_NUMA_IRQ_DESC=y +CONFIG_X86_MPPARSE=y +CONFIG_X86_EXTENDED_PLATFORM=y +# CONFIG_X86_VSMP is not set +CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y +CONFIG_SCHED_OMIT_FRAME_POINTER=y +# CONFIG_PARAVIRT_GUEST is not set +CONFIG_NO_BOOTMEM=y +# CONFIG_MEMTEST is not set +CONFIG_MK8=y +# CONFIG_MPSC is not set +# CONFIG_MCORE2 is not set +# CONFIG_MATOM is not set +# CONFIG_GENERIC_CPU is not set +CONFIG_X86_CPU=y +CONFIG_X86_INTERNODE_CACHE_SHIFT=7 +CONFIG_X86_CMPXCHG=y +CONFIG_X86_L1_CACHE_SHIFT=6 +CONFIG_X86_XADD=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INTEL_USERCOPY=y +CONFIG_X86_USE_PPRO_CHECKSUM=y +CONFIG_X86_TSC=y +CONFIG_X86_CMPXCHG64=y +CONFIG_X86_CMOV=y +CONFIG_X86_MINIMUM_CPU_FAMILY=64 +CONFIG_X86_DEBUGCTLMSR=y +CONFIG_CPU_SUP_INTEL=y +CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_CENTAUR=y +CONFIG_HPET_TIMER=y +CONFIG_HPET_EMULATE_RTC=y +CONFIG_DMI=y +CONFIG_GART_IOMMU=y +CONFIG_CALGARY_IOMMU=y +CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y +CONFIG_AMD_IOMMU=y +CONFIG_AMD_IOMMU_STATS=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +CONFIG_IOMMU_API=y +# CONFIG_MAXSMP is not set +CONFIG_NR_CPUS=64 +CONFIG_SCHED_SMT=y +CONFIG_SCHED_MC=y +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_X86_LOCAL_APIC=y +CONFIG_X86_IO_APIC=y +CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y +CONFIG_X86_MCE=y +CONFIG_X86_MCE_INTEL=y +CONFIG_X86_MCE_AMD=y +CONFIG_X86_MCE_THRESHOLD=y +# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_I8K is not set +CONFIG_MICROCODE=y +CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_AMD=y +CONFIG_MICROCODE_OLD_INTERFACE=y +CONFIG_X86_MSR=y +CONFIG_X86_CPUID=y +CONFIG_ARCH_PHYS_ADDR_T_64BIT=y +CONFIG_DIRECT_GBPAGES=y +CONFIG_NUMA=y +CONFIG_K8_NUMA=y +CONFIG_X86_64_ACPI_NUMA=y +CONFIG_NODES_SPAN_OTHER_NODES=y +# CONFIG_NUMA_EMU is not set +CONFIG_NODES_SHIFT=6 +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_ARCH_SPARSEMEM_DEFAULT=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_SPARSEMEM_MANUAL=y +CONFIG_SPARSEMEM=y +CONFIG_NEED_MULTIPLE_NODES=y +CONFIG_HAVE_MEMORY_PRESENT=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y +CONFIG_SPARSEMEM_VMEMMAP=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_PAGEFLAGS_EXTENDED=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +# CONFIG_COMPACTION is not set +CONFIG_MIGRATION=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_ZONE_DMA_FLAG=1 +CONFIG_BOUNCE=y +CONFIG_VIRT_TO_BUS=y +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +CONFIG_X86_CHECK_BIOS_CORRUPTION=y +CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +CONFIG_X86_RESERVE_LOW_64K=y +CONFIG_MTRR=y +# CONFIG_MTRR_SANITIZER is not set +CONFIG_X86_PAT=y +CONFIG_ARCH_USES_PG_UNCACHED=y +CONFIG_EFI=y +CONFIG_SECCOMP=y +# CONFIG_CC_STACKPROTECTOR is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_KEXEC=y +CONFIG_CRASH_DUMP=y +CONFIG_PHYSICAL_START=0x1000000 +CONFIG_RELOCATABLE=y +CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_HOTPLUG_CPU=y +# CONFIG_COMPAT_VDSO is not set +# CONFIG_CMDLINE_BOOL is not set +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_HAVE_ARCH_EARLY_PFN_TO_NID=y +CONFIG_USE_PERCPU_NUMA_NODE_ID=y + +# +# Power management and ACPI options +# +CONFIG_PM=y +CONFIG_PM_DEBUG=y +CONFIG_PM_ADVANCED_DEBUG=y +# CONFIG_PM_VERBOSE is not set +CONFIG_CAN_PM_TRACE=y +CONFIG_PM_TRACE=y +CONFIG_PM_TRACE_RTC=y +CONFIG_PM_SLEEP_SMP=y +CONFIG_PM_SLEEP=y +# CONFIG_PM_SLEEP_ADVANCED_DEBUG is not set +CONFIG_SUSPEND_NVS=y +CONFIG_SUSPEND=y +CONFIG_SUSPEND_FREEZER=y +# CONFIG_HIBERNATION is not set +# CONFIG_PM_RUNTIME is not set +CONFIG_PM_OPS=y +CONFIG_ACPI=y +CONFIG_ACPI_SLEEP=y +CONFIG_ACPI_PROCFS=y +CONFIG_ACPI_PROCFS_POWER=y +CONFIG_ACPI_POWER_METER=m +CONFIG_ACPI_SYSFS_POWER=y +CONFIG_ACPI_EC_DEBUGFS=m +CONFIG_ACPI_PROC_EVENT=y +CONFIG_ACPI_AC=y +CONFIG_ACPI_BATTERY=y +CONFIG_ACPI_BUTTON=y +CONFIG_ACPI_FAN=y +CONFIG_ACPI_DOCK=y +CONFIG_ACPI_PROCESSOR=y +CONFIG_ACPI_HOTPLUG_CPU=y +CONFIG_ACPI_PROCESSOR_AGGREGATOR=m +CONFIG_ACPI_THERMAL=y +CONFIG_ACPI_NUMA=y +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_PCI_SLOT=m +CONFIG_X86_PM_TIMER=y +CONFIG_ACPI_CONTAINER=y +# CONFIG_ACPI_SBS is not set +CONFIG_ACPI_HED=m +CONFIG_ACPI_APEI=y +CONFIG_ACPI_APEI_GHES=m +CONFIG_ACPI_APEI_EINJ=m +CONFIG_ACPI_APEI_ERST_DEBUG=m +# CONFIG_SFI is not set + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=y +CONFIG_CPU_FREQ_DEBUG=y +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_STAT_DETAILS=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=y +# CONFIG_CPU_FREQ_GOV_POWERSAVE is not set +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=y +# CONFIG_CPU_FREQ_GOV_CONSERVATIVE is not set + +# +# CPUFreq processor drivers +# +# CONFIG_X86_PCC_CPUFREQ is not set +CONFIG_X86_ACPI_CPUFREQ=y +CONFIG_X86_POWERNOW_K8=m +# CONFIG_X86_SPEEDSTEP_CENTRINO is not set +# CONFIG_X86_P4_CLOCKMOD is not set + +# +# shared options +# +# CONFIG_X86_SPEEDSTEP_LIB is not set +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +# CONFIG_INTEL_IDLE is not set + +# +# Memory power savings +# +# CONFIG_I7300_IDLE is not set + +# +# Bus options (PCI etc.) +# +CONFIG_PCI=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCI_DOMAINS=y +# CONFIG_PCI_CNB20LE_QUIRK is not set +CONFIG_DMAR=y +# CONFIG_DMAR_DEFAULT_ON is not set +CONFIG_DMAR_FLOPPY_WA=y +# CONFIG_INTR_REMAP is not set +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEAER_INJECT is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_ARCH_SUPPORTS_MSI=y +CONFIG_PCI_MSI=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_HT_IRQ=y +# CONFIG_PCI_IOV is not set +CONFIG_PCI_IOAPIC=y +CONFIG_ISA_DMA_API=y +CONFIG_K8_NB=y +# CONFIG_PCCARD is not set +# CONFIG_HOTPLUG_PCI is not set + +# +# Executable file formats / Emulations +# +CONFIG_BINFMT_ELF=y +CONFIG_COMPAT_BINFMT_ELF=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +# CONFIG_HAVE_AOUT is not set +CONFIG_BINFMT_MISC=y +CONFIG_IA32_EMULATION=y +CONFIG_IA32_AOUT=m +CONFIG_COMPAT=y +CONFIG_COMPAT_FOR_U64_ALIGNMENT=y +CONFIG_SYSVIPC_COMPAT=y +CONFIG_NET=y +CONFIG_COMPAT_NETLINK_MESSAGES=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_SUB_POLICY is not set +CONFIG_XFRM_MIGRATE=y +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_ASK_IP_FIB_HASH=y +# CONFIG_IP_FIB_TRIE is not set +CONFIG_IP_FIB_HASH=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +CONFIG_IP_PNP_RARP=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE=y +CONFIG_IP_MROUTE_MULTIPLE_TABLES=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_ARPD=y +CONFIG_SYN_COOKIES=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_LRO=y +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +# CONFIG_TCP_CONG_BIC is not set +CONFIG_TCP_CONG_CUBIC=y +# CONFIG_TCP_CONG_WESTWOOD is not set +# CONFIG_TCP_CONG_HTCP is not set +# CONFIG_TCP_CONG_HSTCP is not set +# CONFIG_TCP_CONG_HYBLA is not set +# CONFIG_TCP_CONG_VEGAS is not set +# CONFIG_TCP_CONG_SCALABLE is not set +# CONFIG_TCP_CONG_LP is not set +# CONFIG_TCP_CONG_VENO is not set +# CONFIG_TCP_CONG_YEAH is not set +# CONFIG_TCP_CONG_ILLINOIS is not set +CONFIG_DEFAULT_CUBIC=y +# CONFIG_DEFAULT_RENO is not set +CONFIG_DEFAULT_TCP_CONG="cubic" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_PRIVACY=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_SIT=m +# CONFIG_IPV6_SIT_6RD is not set +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETLABEL=y +CONFIG_NETWORK_SECMARK=y +# CONFIG_NETWORK_PHY_TIMESTAMPING is not set +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=y + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_SECMARK=y +# CONFIG_NF_CONNTRACK_ZONES is not set +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CT_PROTO_DCCP=m +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CT_PROTO_SCTP=m +CONFIG_NF_CT_PROTO_UDPLITE=m +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NETFILTER_TPROXY=m +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=m +CONFIG_NETFILTER_XT_CONNMARK=m + +# +# Xtables targets +# +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +CONFIG_NETFILTER_XT_TARGET_NOTRACK=m +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TRACE=m +CONFIG_NETFILTER_XT_TARGET_SECMARK=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m + +# +# Xtables matches +# +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_IP_NF_QUEUE=m +CONFIG_IP_NF_IPTABLES=y +CONFIG_IP_NF_MATCH_ADDRTYPE=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_LOG=y +CONFIG_IP_NF_TARGET_ULOG=y +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_DCCP=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PROTO_UDPLITE=m +CONFIG_NF_NAT_PROTO_SCTP=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_NF_NAT_SIP=m +CONFIG_IP_NF_MANGLE=y +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_IP6_NF_QUEUE=m +CONFIG_IP6_NF_IPTABLES=y +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_TARGET_LOG=y +CONFIG_IP6_NF_FILTER=y +CONFIG_IP6_NF_TARGET_REJECT=y +CONFIG_IP6_NF_MANGLE=y +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_ULOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_CCID3_RTO=100 +CONFIG_IP_DCCP_TFRC_LIB=y + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# CONFIG_NET_DCCPPROBE is not set +CONFIG_IP_SCTP=m +CONFIG_NET_SCTPPROBE=m +# CONFIG_SCTP_DBG_MSG is not set +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_HMAC_NONE is not set +# CONFIG_SCTP_HMAC_SHA1 is not set +CONFIG_SCTP_HMAC_MD5=y +CONFIG_RDS=m +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +# CONFIG_TIPC_ADVANCED is not set +# CONFIG_TIPC_DEBUG is not set +# CONFIG_ATM is not set +CONFIG_L2TP=m +CONFIG_L2TP_DEBUGFS=m +# CONFIG_L2TP_V3 is not set +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=m +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_IPX=m +# CONFIG_IPX_INTERN is not set +CONFIG_ATALK=m +# CONFIG_DEV_APPLETALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set +# CONFIG_PHONET is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_INGRESS=m + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_ROUTE=y +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_RSVP6=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +# CONFIG_GACT_PROB is not set +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +# CONFIG_NET_CLS_IND is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set +CONFIG_DNS_RESOLVER=y +CONFIG_RPS=y + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +CONFIG_NET_TCPPROBE=m +# CONFIG_NET_DROP_MONITOR is not set +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +CONFIG_AF_RXRPC=m +# CONFIG_AF_RXRPC_DEBUG is not set +# CONFIG_RXKAD is not set +CONFIG_FIB_RULES=y +CONFIG_WIRELESS=y +CONFIG_WEXT_CORE=y +CONFIG_WEXT_PROC=y +CONFIG_CFG80211=y +# CONFIG_NL80211_TESTMODE is not set +# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set +# CONFIG_CFG80211_REG_DEBUG is not set +CONFIG_CFG80211_DEFAULT_PS=y +# CONFIG_CFG80211_DEBUGFS is not set +# CONFIG_CFG80211_INTERNAL_REGDB is not set +CONFIG_CFG80211_WEXT=y +CONFIG_WIRELESS_EXT_SYSFS=y +# CONFIG_LIB80211 is not set +CONFIG_MAC80211=y +CONFIG_MAC80211_HAS_RC=y +CONFIG_MAC80211_RC_MINSTREL=y +CONFIG_MAC80211_RC_MINSTREL_HT=y +CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT="minstrel_ht" +# CONFIG_MAC80211_MESH is not set +CONFIG_MAC80211_LEDS=y +# CONFIG_MAC80211_DEBUGFS is not set +# CONFIG_MAC80211_DEBUG_MENU is not set +# CONFIG_WIMAX is not set +CONFIG_RFKILL=y +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +# CONFIG_NET_9P is not set +# CONFIG_CAIF is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" +# CONFIG_DEVTMPFS is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y +CONFIG_FW_LOADER=y +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_SYS_HYPERVISOR is not set +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y +# CONFIG_MTD is not set +# CONFIG_PARPORT is not set +CONFIG_PNP=y +CONFIG_PNP_DEBUG_MESSAGES=y + +# +# Protocols +# +CONFIG_PNPACPI=y +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_FD is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=y +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +# CONFIG_BLK_DEV_OSD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_BLK_DEV_XIP is not set +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +# CONFIG_BLK_DEV_HD is not set +CONFIG_MISC_DEVICES=y +# CONFIG_AD525X_DPOT is not set +# CONFIG_IBM_ASM is not set +# CONFIG_PHANTOM is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_CS5535_MFGPT is not set +# CONFIG_HP_ILO is not set +# CONFIG_ISL29003 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1780 is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_VMWARE_BALLOON is not set +# CONFIG_BMP085 is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +# CONFIG_EEPROM_AT24 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_CB710_CORE is not set +CONFIG_HAVE_IDE=y +# CONFIG_IDE is not set + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=m +CONFIG_BLK_DEV_SR_VENDOR=y +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_MULTI_LUN is not set +CONFIG_SCSI_CONSTANTS=y +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set +CONFIG_SCSI_WAIT_SCAN=m + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=y +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +# CONFIG_SCSI_SAS_ATA is not set +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SAS_LIBSAS_DEBUG=y +CONFIG_SCSI_SRP_ATTRS=m +# CONFIG_SCSI_LOWLEVEL is not set +CONFIG_SCSI_DH=m +# CONFIG_SCSI_DH_RDAC is not set +# CONFIG_SCSI_DH_HP_SW is not set +# CONFIG_SCSI_DH_EMC is not set +# CONFIG_SCSI_DH_ALUA is not set +CONFIG_SCSI_OSD_INITIATOR=m +CONFIG_SCSI_OSD_ULD=m +CONFIG_SCSI_OSD_DPRINT_SENSE=1 +# CONFIG_SCSI_OSD_DEBUG is not set +CONFIG_ATA=y +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_ATA_VERBOSE_ERROR=y +CONFIG_ATA_ACPI=y +CONFIG_SATA_PMP=y + +# +# Controllers with non-SFF native interface +# +CONFIG_SATA_AHCI=y +# CONFIG_SATA_AHCI_PLATFORM is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y + +# +# SFF controllers with custom DMA interface +# +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_SX4 is not set +CONFIG_ATA_BMDMA=y + +# +# SATA SFF controllers with BMDMA +# +CONFIG_ATA_PIIX=y +# CONFIG_SATA_MV is not set +# CONFIG_SATA_NV is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_SVW is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set + +# +# PATA SFF controllers with BMDMA +# +# CONFIG_PATA_ALI is not set +CONFIG_PATA_AMD=y +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CS5520 is not set +# CONFIG_PATA_CS5530 is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87415 is not set +CONFIG_PATA_OLDPIIX=y +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_SC1200 is not set +CONFIG_PATA_SCH=y +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set + +# +# PIO-only SFF controllers +# +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_MPIIX is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_RZ1000 is not set + +# +# Generic fallback / legacy drivers +# +# CONFIG_PATA_ACPI is not set +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_LEGACY is not set +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=y +CONFIG_MD_RAID10=y +CONFIG_MD_RAID456=m +CONFIG_MULTICORE_RAID456=y +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_MIRROR=y +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m +# CONFIG_DM_UEVENT is not set +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# + +# +# You can enable one or both FireWire driver stacks. +# + +# +# The newer stack is recommended. +# +# CONFIG_FIREWIRE is not set +# CONFIG_IEEE1394 is not set +CONFIG_FIREWIRE_NOSY=m +CONFIG_I2O=m +CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y +CONFIG_I2O_EXT_ADAPTEC=y +CONFIG_I2O_EXT_ADAPTEC_DMA64=y +CONFIG_I2O_CONFIG=m +CONFIG_I2O_CONFIG_OLD_IOCTL=y +CONFIG_I2O_BUS=m +CONFIG_I2O_BLOCK=m +# CONFIG_I2O_SCSI is not set +CONFIG_I2O_PROC=m +# CONFIG_MACINTOSH_DRIVERS is not set +CONFIG_NETDEVICES=y +CONFIG_IFB=m +CONFIG_DUMMY=m +CONFIG_BONDING=m +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +# CONFIG_EQUALIZER is not set +CONFIG_TUN=m +CONFIG_VETH=m +# CONFIG_NET_SB1000 is not set +# CONFIG_ARCNET is not set +CONFIG_PHYLIB=y + +# +# MII PHY device drivers +# +# CONFIG_MARVELL_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_VITESSE_PHY is not set +CONFIG_SMSC_PHY=m +# CONFIG_BROADCOM_PHY is not set +# CONFIG_ICPLUS_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_FIXED_PHY is not set +# CONFIG_MDIO_BITBANG is not set +CONFIG_NET_ETHERNET=y +CONFIG_MII=y +CONFIG_HAPPYMEAL=m +CONFIG_SUNGEM=m +CONFIG_CASSINI=m +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=m +CONFIG_TYPHOON=m +CONFIG_ETHOC=m +CONFIG_DNET=m +CONFIG_NET_TULIP=y +CONFIG_DE2104X=m +CONFIG_DE2104X_DSL=0 +CONFIG_TULIP=m +# CONFIG_TULIP_MWI is not set +# CONFIG_TULIP_MMIO is not set +# CONFIG_TULIP_NAPI is not set +CONFIG_DE4X5=m +CONFIG_WINBOND_840=m +CONFIG_DM9102=m +CONFIG_ULI526X=m +# CONFIG_HP100 is not set +# CONFIG_IBM_NEW_EMAC_ZMII is not set +# CONFIG_IBM_NEW_EMAC_RGMII is not set +# CONFIG_IBM_NEW_EMAC_TAH is not set +# CONFIG_IBM_NEW_EMAC_EMAC4 is not set +# CONFIG_IBM_NEW_EMAC_NO_FLOW_CTRL is not set +# CONFIG_IBM_NEW_EMAC_MAL_CLR_ICINTSTAT is not set +# CONFIG_IBM_NEW_EMAC_MAL_COMMON_ERR is not set +CONFIG_NET_PCI=y +CONFIG_PCNET32=m +CONFIG_AMD8111_ETH=m +CONFIG_ADAPTEC_STARFIRE=m +CONFIG_KSZ884X_PCI=m +CONFIG_B44=m +CONFIG_B44_PCI_AUTOSELECT=y +CONFIG_B44_PCICORE_AUTOSELECT=y +CONFIG_B44_PCI=y +CONFIG_FORCEDETH=m +CONFIG_E100=m +CONFIG_FEALNX=m +CONFIG_NATSEMI=m +CONFIG_NE2K_PCI=m +CONFIG_8139CP=m +CONFIG_8139TOO=m +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_R6040=m +CONFIG_SIS900=m +CONFIG_EPIC100=m +CONFIG_SMSC9420=m +CONFIG_SUNDANCE=m +# CONFIG_SUNDANCE_MMIO is not set +CONFIG_TLAN=m +CONFIG_KS8842=m +CONFIG_KS8851_MLL=m +CONFIG_VIA_RHINE=m +# CONFIG_VIA_RHINE_MMIO is not set +CONFIG_SC92031=m +CONFIG_ATL2=m +CONFIG_NETDEV_1000=y +CONFIG_ACENIC=m +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_DL2K=m +CONFIG_E1000=m +CONFIG_E1000E=m +CONFIG_IP1000=m +CONFIG_IGB=m +CONFIG_IGBVF=m +CONFIG_NS83820=m +CONFIG_HAMACHI=m +CONFIG_YELLOWFIN=m +CONFIG_R8169=m +CONFIG_R8169_VLAN=y +CONFIG_SIS190=m +CONFIG_SKGE=m +# CONFIG_SKGE_DEBUG is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +CONFIG_VIA_VELOCITY=m +CONFIG_TIGON3=m +CONFIG_BNX2=m +CONFIG_CNIC=m +CONFIG_QLA3XXX=m +CONFIG_ATL1=m +CONFIG_ATL1E=m +CONFIG_ATL1C=m +CONFIG_JME=m +CONFIG_NETDEV_10000=y +CONFIG_MDIO=m +CONFIG_CHELSIO_T1=m +CONFIG_CHELSIO_T1_1G=y +CONFIG_CHELSIO_T3_DEPENDS=y +CONFIG_CHELSIO_T3=m +CONFIG_CHELSIO_T4_DEPENDS=y +CONFIG_CHELSIO_T4=m +CONFIG_CHELSIO_T4VF_DEPENDS=y +CONFIG_CHELSIO_T4VF=m +CONFIG_ENIC=m +CONFIG_IXGBE=m +CONFIG_IXGBEVF=m +CONFIG_IXGB=m +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set +CONFIG_MYRI10GE=m +CONFIG_NETXEN_NIC=m +CONFIG_NIU=m +CONFIG_MLX4_EN=m +CONFIG_MLX4_CORE=m +CONFIG_MLX4_DEBUG=y +CONFIG_TEHUTI=m +CONFIG_BNX2X=m +CONFIG_QLCNIC=m +CONFIG_QLGE=m +CONFIG_SFC=m +CONFIG_BE2NET=m +# CONFIG_TR is not set +# CONFIG_WLAN is not set + +# +# Enable WiMAX (Networking options) to see the WiMAX drivers +# +# CONFIG_WAN is not set + +# +# CAIF transport drivers +# +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_NET_FC is not set +CONFIG_NETCONSOLE=y +# CONFIG_NETCONSOLE_DYNAMIC is not set +CONFIG_NETPOLL=y +# CONFIG_NETPOLL_TRAP is not set +CONFIG_NET_POLL_CONTROLLER=y +# CONFIG_VMXNET3 is not set +# CONFIG_ISDN is not set +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_FF_MEMLESS=y +CONFIG_INPUT_POLLDEV=y +# CONFIG_INPUT_SPARSEKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_QT2160 is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_TCA6416 is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_MCS is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +CONFIG_SERIO_SERPORT=y +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_SERIO_ALTERA_PS2 is not set +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_DEVKMEM=y +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_COMPUTONE is not set +# CONFIG_ROCKETPORT is not set +# CONFIG_CYCLADES is not set +# CONFIG_DIGIEPCA is not set +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_ISI is not set +# CONFIG_SYNCLINK is not set +# CONFIG_SYNCLINKMP is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_N_HDLC is not set +# CONFIG_N_GSM is not set +# CONFIG_RISCOM8 is not set +# CONFIG_SPECIALIX is not set +# CONFIG_STALDRV is not set +# CONFIG_NOZOMI is not set + +# +# Serial drivers +# +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_SERIAL_8250_PCI=y +CONFIG_SERIAL_8250_PNP=y +CONFIG_SERIAL_8250_NR_UARTS=32 +CONFIG_SERIAL_8250_RUNTIME_UARTS=4 +CONFIG_SERIAL_8250_EXTENDED=y +CONFIG_SERIAL_8250_MANY_PORTS=y +CONFIG_SERIAL_8250_SHARE_IRQ=y +CONFIG_SERIAL_8250_DETECT_IRQ=y +CONFIG_SERIAL_8250_RSA=y + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_MFD_HSU is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_TIMBERDALE is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +CONFIG_UNIX98_PTYS=y +# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set +# CONFIG_LEGACY_PTYS is not set +CONFIG_IPMI_HANDLER=m +# CONFIG_IPMI_PANIC_EVENT is not set +CONFIG_IPMI_DEVICE_INTERFACE=m +CONFIG_IPMI_SI=m +CONFIG_IPMI_WATCHDOG=m +CONFIG_IPMI_POWEROFF=m +CONFIG_HW_RANDOM=m +CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_NVRAM=y +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_MWAVE is not set +# CONFIG_RAW_DRIVER is not set +CONFIG_HPET=y +# CONFIG_HPET_MMAP is not set +# CONFIG_HANGCHECK_TIMER is not set +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set +CONFIG_DEVPORT=y +# CONFIG_RAMOOPS is not set +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_MUX=m + +# +# Multiplexer I2C Chip support +# +CONFIG_I2C_MUX_PCA954x=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_SMBUS=m +CONFIG_I2C_ALGOBIT=m +CONFIG_I2C_ALGOPCA=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +CONFIG_I2C_ALI1535=m +CONFIG_I2C_ALI1563=m +CONFIG_I2C_ALI15X3=m +CONFIG_I2C_AMD756=m +CONFIG_I2C_AMD756_S4882=m +CONFIG_I2C_AMD8111=m +CONFIG_I2C_I801=m +CONFIG_I2C_ISCH=m +CONFIG_I2C_PIIX4=m +CONFIG_I2C_NFORCE2=m +CONFIG_I2C_NFORCE2_S4985=m +CONFIG_I2C_SIS5595=m +CONFIG_I2C_SIS630=m +CONFIG_I2C_SIS96X=m +CONFIG_I2C_VIA=m +CONFIG_I2C_VIAPRO=m + +# +# ACPI drivers +# +CONFIG_I2C_SCMI=m + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +CONFIG_I2C_OCORES=m +CONFIG_I2C_PCA_PLATFORM=m +CONFIG_I2C_SIMTEC=m +# CONFIG_I2C_XILINX is not set + +# +# External I2C/SMBus adapter drivers +# +CONFIG_I2C_PARPORT_LIGHT=m +CONFIG_I2C_TAOS_EVM=m + +# +# Other I2C/SMBus bus drivers +# +CONFIG_I2C_STUB=m +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# CONFIG_SPI is not set + +# +# PPS support +# +# CONFIG_PPS is not set +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +# CONFIG_GPIOLIB is not set +# CONFIG_W1 is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +# CONFIG_PDA_POWER is not set +CONFIG_TEST_POWER=m +# CONFIG_BATTERY_DS2760 is not set +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_BQ27x00 is not set +# CONFIG_BATTERY_MAX17040 is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=m +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +CONFIG_SENSORS_ABITUGURU=m +CONFIG_SENSORS_ABITUGURU3=m +CONFIG_SENSORS_AD7414=m +CONFIG_SENSORS_AD7418=m +CONFIG_SENSORS_ADM1021=m +CONFIG_SENSORS_ADM1025=m +CONFIG_SENSORS_ADM1026=m +CONFIG_SENSORS_ADM1029=m +CONFIG_SENSORS_ADM1031=m +CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7411=m +CONFIG_SENSORS_ADT7462=m +CONFIG_SENSORS_ADT7470=m +CONFIG_SENSORS_ADT7475=m +CONFIG_SENSORS_ASC7621=m +CONFIG_SENSORS_K8TEMP=m +CONFIG_SENSORS_K10TEMP=m +CONFIG_SENSORS_ASB100=m +CONFIG_SENSORS_ATXP1=m +CONFIG_SENSORS_DS1621=m +CONFIG_SENSORS_I5K_AMB=m +CONFIG_SENSORS_F71805F=m +CONFIG_SENSORS_F71882FG=m +CONFIG_SENSORS_F75375S=m +CONFIG_SENSORS_FSCHMD=m +CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_GL518SM=m +CONFIG_SENSORS_GL520SM=m +CONFIG_SENSORS_CORETEMP=m +CONFIG_SENSORS_PKGTEMP=m +CONFIG_SENSORS_IBMAEM=m +CONFIG_SENSORS_IBMPEX=m +CONFIG_SENSORS_IT87=m +CONFIG_SENSORS_JC42=m +CONFIG_SENSORS_LM63=m +CONFIG_SENSORS_LM73=m +CONFIG_SENSORS_LM75=m +CONFIG_SENSORS_LM77=m +CONFIG_SENSORS_LM78=m +CONFIG_SENSORS_LM80=m +CONFIG_SENSORS_LM83=m +CONFIG_SENSORS_LM85=m +CONFIG_SENSORS_LM87=m +CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_LM92=m +CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LTC4215=m +CONFIG_SENSORS_LTC4245=m +CONFIG_SENSORS_LM95241=m +CONFIG_SENSORS_MAX1619=m +CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_PC87360=m +CONFIG_SENSORS_PC87427=m +CONFIG_SENSORS_PCF8591=m +CONFIG_SENSORS_SIS5595=m +CONFIG_SENSORS_SMM665=m +CONFIG_SENSORS_DME1737=m +CONFIG_SENSORS_EMC1403=m +CONFIG_SENSORS_EMC2103=m +CONFIG_SENSORS_SMSC47M1=m +CONFIG_SENSORS_SMSC47M192=m +CONFIG_SENSORS_SMSC47B397=m +CONFIG_SENSORS_ADS7828=m +CONFIG_SENSORS_AMC6821=m +CONFIG_SENSORS_THMC50=m +CONFIG_SENSORS_TMP102=m +CONFIG_SENSORS_TMP401=m +CONFIG_SENSORS_TMP421=m +CONFIG_SENSORS_VIA_CPUTEMP=m +CONFIG_SENSORS_VIA686A=m +CONFIG_SENSORS_VT1211=m +CONFIG_SENSORS_VT8231=m +CONFIG_SENSORS_W83781D=m +CONFIG_SENSORS_W83791D=m +CONFIG_SENSORS_W83792D=m +CONFIG_SENSORS_W83793=m +CONFIG_SENSORS_W83L785TS=m +CONFIG_SENSORS_W83L786NG=m +CONFIG_SENSORS_W83627HF=m +CONFIG_SENSORS_W83627EHF=m +CONFIG_SENSORS_HDAPS=m +CONFIG_SENSORS_LIS3_I2C=m +CONFIG_SENSORS_APPLESMC=m + +# +# ACPI drivers +# +CONFIG_SENSORS_ATK0110=m +CONFIG_SENSORS_LIS3LV02D=m +CONFIG_THERMAL=y +CONFIG_THERMAL_HWMON=y +CONFIG_WATCHDOG=y +# CONFIG_WATCHDOG_NOWAYOUT is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +CONFIG_ACQUIRE_WDT=m +CONFIG_ADVANTECH_WDT=m +CONFIG_ALIM1535_WDT=m +CONFIG_ALIM7101_WDT=m +CONFIG_F71808E_WDT=m +CONFIG_SC520_WDT=m +CONFIG_SBC_FITPC2_WATCHDOG=m +CONFIG_EUROTECH_WDT=m +CONFIG_IB700_WDT=m +CONFIG_IBMASR=m +CONFIG_WAFER_WDT=m +CONFIG_I6300ESB_WDT=m +CONFIG_ITCO_WDT=m +# CONFIG_ITCO_VENDOR_SUPPORT is not set +CONFIG_IT8712F_WDT=m +CONFIG_IT87_WDT=m +CONFIG_HP_WATCHDOG=m +# CONFIG_HPWDT_NMI_DECODING is not set +CONFIG_SC1200_WDT=m +CONFIG_PC87413_WDT=m +CONFIG_60XX_WDT=m +CONFIG_SBC8360_WDT=m +CONFIG_CPU5_WDT=m +CONFIG_SMSC_SCH311X_WDT=m +CONFIG_SMSC37B787_WDT=m +CONFIG_W83627HF_WDT=m +CONFIG_W83697HF_WDT=m +CONFIG_W83697UG_WDT=m +CONFIG_W83877F_WDT=m +CONFIG_W83977F_WDT=m +CONFIG_MACHZ_WDT=m +CONFIG_SBC_EPX_C3_WATCHDOG=m + +# +# PCI-based Watchdog Cards +# +CONFIG_PCIPCWATCHDOG=m +CONFIG_WDTPCI=m +CONFIG_SSB_POSSIBLE=y + +# +# Sonics Silicon Backplane +# +CONFIG_SSB=m +CONFIG_SSB_SPROM=y +CONFIG_SSB_PCIHOST_POSSIBLE=y +CONFIG_SSB_PCIHOST=y +# CONFIG_SSB_B43_PCI_BRIDGE is not set +# CONFIG_SSB_DEBUG is not set +CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y +CONFIG_SSB_DRIVER_PCICORE=y +CONFIG_MFD_SUPPORT=y +CONFIG_MFD_CORE=m +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_TPS6507X is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_MFD_STMPE is not set +# CONFIG_MFD_TC35892 is not set +# CONFIG_MFD_TMIO is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_ABX500_CORE is not set +CONFIG_LPC_SCH=m +CONFIG_MFD_RDC321X=m +CONFIG_MFD_JANZ_CMODIO=m +# CONFIG_REGULATOR is not set +# CONFIG_MEDIA_SUPPORT is not set + +# +# Graphics support +# +# CONFIG_AGP is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +# CONFIG_VGA_SWITCHEROO is not set +# CONFIG_DRM is not set +# CONFIG_VGASTATE is not set +# CONFIG_VIDEO_OUTPUT_CONTROL is not set +CONFIG_FB=m +# CONFIG_FIRMWARE_EDID is not set +# CONFIG_FB_DDC is not set +# CONFIG_FB_BOOT_VESA_SUPPORT is not set +# CONFIG_FB_CFB_FILLRECT is not set +# CONFIG_FB_CFB_COPYAREA is not set +# CONFIG_FB_CFB_IMAGEBLIT is not set +# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set +# CONFIG_FB_SYS_FILLRECT is not set +# CONFIG_FB_SYS_COPYAREA is not set +# CONFIG_FB_SYS_IMAGEBLIT is not set +# CONFIG_FB_FOREIGN_ENDIAN is not set +# CONFIG_FB_SYS_FOPS is not set +# CONFIG_FB_SVGALIB is not set +# CONFIG_FB_MACMODES is not set +# CONFIG_FB_BACKLIGHT is not set +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ARC is not set +# CONFIG_FB_VGA16 is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_N411 is not set +# CONFIG_FB_HGA is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_LE80578 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_VIA is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_GEODE is not set +# CONFIG_FB_TMIO is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_BROADSHEET is not set +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set + +# +# Display device support +# +# CONFIG_DISPLAY_SUPPORT is not set + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +CONFIG_VGACON_SOFT_SCROLLBACK=y +CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=64 +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# CONFIG_LOGO is not set +# CONFIG_SOUND is not set +# CONFIG_HID_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_UWB is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=m + +# +# LED drivers +# +# CONFIG_LEDS_ALIX2 is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_CLEVO_MAIL is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_INTEL_SS4200 is not set +CONFIG_LEDS_TRIGGERS=y + +# +# LED Triggers +# +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_ACCESSIBILITY is not set +# CONFIG_INFINIBAND is not set +CONFIG_EDAC=y + +# +# Reporting subsystems +# +# CONFIG_EDAC_DEBUG is not set +CONFIG_EDAC_DECODE_MCE=y +# CONFIG_EDAC_MM_EDAC is not set +CONFIG_RTC_LIB=m +CONFIG_RTC_CLASS=m + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set +CONFIG_RTC_DRV_TEST=m + +# +# I2C RTC drivers +# +CONFIG_RTC_DRV_DS1307=m +CONFIG_RTC_DRV_DS1374=m +CONFIG_RTC_DRV_DS1672=m +CONFIG_RTC_DRV_DS3232=m +CONFIG_RTC_DRV_MAX6900=m +CONFIG_RTC_DRV_RS5C372=m +CONFIG_RTC_DRV_ISL1208=m +CONFIG_RTC_DRV_ISL12022=m +CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8563=m +CONFIG_RTC_DRV_PCF8583=m +CONFIG_RTC_DRV_M41T80=m +# CONFIG_RTC_DRV_M41T80_WDT is not set +CONFIG_RTC_DRV_BQ32K=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_FM3130=m +CONFIG_RTC_DRV_RX8581=m +CONFIG_RTC_DRV_RX8025=m + +# +# SPI RTC drivers +# + +# +# Platform RTC drivers +# +CONFIG_RTC_DRV_CMOS=m +CONFIG_RTC_DRV_DS1286=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_RTC_DRV_DS1553=m +CONFIG_RTC_DRV_DS1742=m +CONFIG_RTC_DRV_STK17TA8=m +CONFIG_RTC_DRV_M48T86=m +CONFIG_RTC_DRV_M48T35=m +CONFIG_RTC_DRV_M48T59=m +CONFIG_RTC_DRV_MSM6242=m +CONFIG_RTC_DRV_BQ4802=m +CONFIG_RTC_DRV_RP5C01=m +CONFIG_RTC_DRV_V3020=m + +# +# on-CPU RTC drivers +# +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +CONFIG_INTEL_MID_DMAC=m +# CONFIG_INTEL_IOATDMA is not set +CONFIG_TIMB_DMA=m +CONFIG_PCH_DMA=m +CONFIG_DMA_ENGINE=y + +# +# DMA Clients +# +# CONFIG_NET_DMA is not set +# CONFIG_ASYNC_TX_DMA is not set +CONFIG_DMATEST=m +# CONFIG_AUXDISPLAY is not set +CONFIG_UIO=m +CONFIG_UIO_CIF=m +CONFIG_UIO_PDRV=m +CONFIG_UIO_PDRV_GENIRQ=m +CONFIG_UIO_AEC=m +CONFIG_UIO_SERCOS3=m +CONFIG_UIO_PCI_GENERIC=m +CONFIG_UIO_NETX=m +CONFIG_STAGING=y +# CONFIG_STAGING_EXCLUDE_BUILD is not set +# CONFIG_ET131X is not set +# CONFIG_SLICOSS is not set +# CONFIG_ECHO is not set +# CONFIG_COMEDI is not set +# CONFIG_POHMELFS is not set +# CONFIG_IDE_PHISON is not set +# CONFIG_HYPERV is not set +# CONFIG_VME_BUS is not set +# CONFIG_IIO is not set +CONFIG_ZRAM=m +CONFIG_ZRAM_STATS=y +# CONFIG_BATMAN_ADV is not set +# CONFIG_FB_SM7XX is not set +# CONFIG_CRYSTALHD is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_TI_ST is not set +# CONFIG_FB_XGI is not set +# CONFIG_ACPI_QUICKSTART is not set +CONFIG_X86_PLATFORM_DEVICES=y +# CONFIG_ACERHDF is not set +# CONFIG_ASUS_LAPTOP is not set +# CONFIG_SONY_LAPTOP is not set +# CONFIG_IDEAPAD_ACPI is not set +# CONFIG_THINKPAD_ACPI is not set +# CONFIG_INTEL_MENLOW is not set +# CONFIG_ACPI_WMI is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_TOPSTAR_LAPTOP is not set +# CONFIG_TOSHIBA_BT_RFKILL is not set +# CONFIG_ACPI_CMPC is not set +# CONFIG_INTEL_IPS is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +CONFIG_FIRMWARE_MEMMAP=y +CONFIG_EFI_VARS=y +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_DMIID=y +# CONFIG_ISCSI_IBFT_FIND is not set + +# +# File systems +# +CONFIG_EXT2_FS=m +CONFIG_EXT2_FS_XATTR=y +CONFIG_EXT2_FS_POSIX_ACL=y +CONFIG_EXT2_FS_SECURITY=y +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set +CONFIG_EXT3_FS_XATTR=y +CONFIG_EXT3_FS_POSIX_ACL=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_FS_XATTR=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD=y +CONFIG_JBD_DEBUG=y +CONFIG_JBD2=y +CONFIG_JBD2_DEBUG=y +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +CONFIG_JFS_STATISTICS=y +CONFIG_FS_POSIX_ACL=y +CONFIG_XFS_FS=m +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +CONFIG_XFS_RT=y +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +CONFIG_OCFS2_FS_STATS=y +CONFIG_OCFS2_DEBUG_MASKLOG=y +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +CONFIG_NILFS2_FS=m +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_PRINT_QUOTA_WARNING is not set +CONFIG_QUOTA_DEBUG=y +CONFIG_QUOTA_TREE=y +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=y +CONFIG_QUOTACTL=y +CONFIG_QUOTACTL_COMPAT=y +# CONFIG_AUTOFS_FS is not set +CONFIG_AUTOFS4_FS=m +CONFIG_FUSE_FS=y +CONFIG_CUSE=m +CONFIG_GENERIC_ACL=y + +# +# Caches +# +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +CONFIG_FSCACHE_HISTOGRAM=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_FSCACHE_OBJECT_LIST=y +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_HISTOGRAM is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +# CONFIG_NTFS_DEBUG is not set +CONFIG_NTFS_RW=y + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_VMCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_CONFIGFS_FS=m +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ADFS_FS=m +# CONFIG_ADFS_FS_RW is not set +# CONFIG_AFFS_FS is not set +CONFIG_ECRYPT_FS=m +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_LOGFS is not set +CONFIG_CRAMFS=m +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_XATTR=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_EMBEDDED=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +CONFIG_ROMFS_ON_BLOCK=y +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EXOFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=y +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +# CONFIG_NFS_V4_1 is not set +CONFIG_ROOT_NFS=y +# CONFIG_NFS_USE_LEGACY_DNS is not set +CONFIG_NFS_USE_KERNEL_DNS=y +CONFIG_NFSD=m +CONFIG_NFSD_V2_ACL=y +CONFIG_NFSD_V3=y +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +CONFIG_LOCKD=y +CONFIG_LOCKD_V4=y +CONFIG_EXPORTFS=m +CONFIG_NFS_ACL_SUPPORT=y +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=y +CONFIG_SUNRPC_GSS=y +CONFIG_RPCSEC_GSS_KRB5=y +CONFIG_RPCSEC_GSS_SPKM3=m +CONFIG_SMB_FS=m +# CONFIG_SMB_NLS_DEFAULT is not set +# CONFIG_CEPH_FS is not set +CONFIG_CIFS=m +CONFIG_CIFS_STATS=y +CONFIG_CIFS_STATS2=y +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_UPCALL is not set +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +# CONFIG_CIFS_DEBUG2 is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_FSCACHE is not set +# CONFIG_CIFS_EXPERIMENTAL is not set +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +CONFIG_AFS_FS=m +# CONFIG_AFS_DEBUG is not set +# CONFIG_AFS_FSCACHE is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +# CONFIG_LDM_PARTITION is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=m +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +# CONFIG_DLM_DEBUG is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_PRINTK_TIME=y +# CONFIG_ENABLE_WARN_DEPRECATED is not set +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=2048 +CONFIG_MAGIC_SYSRQ=y +# CONFIG_STRIP_ASM_SYMS is not set +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_DEBUG_FS=y +# CONFIG_HEADERS_CHECK is not set +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_SHIRQ is not set +# CONFIG_LOCKUP_DETECTOR is not set +# CONFIG_HARDLOCKUP_DETECTOR is not set +# CONFIG_DETECT_HUNG_TASK is not set +# CONFIG_SCHED_DEBUG is not set +CONFIG_SCHEDSTATS=y +CONFIG_TIMER_STATS=y +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_RT_MUTEX_TESTER is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_SPINLOCK_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +CONFIG_STACKTRACE=y +# CONFIG_DEBUG_KOBJECT is not set +CONFIG_DEBUG_BUGVERBOSE=y +# CONFIG_DEBUG_INFO is not set +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_WRITECOUNT is not set +CONFIG_DEBUG_MEMORY_INIT=y +# CONFIG_DEBUG_LIST is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_RCU_TORTURE_TEST is not set +# CONFIG_RCU_CPU_STALL_DETECTOR is not set +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# CONFIG_LKDTM is not set +CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_FAULT_INJECTION is not set +# CONFIG_LATENCYTOP is not set +CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_DEBUG_PAGEALLOC is not set +CONFIG_USER_STACKTRACE_SUPPORT=y +CONFIG_NOP_TRACER=y +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y +CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_RING_BUFFER=y +CONFIG_EVENT_TRACING=y +CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACING=y +CONFIG_GENERIC_TRACER=y +CONFIG_TRACING_SUPPORT=y +CONFIG_FTRACE=y +# CONFIG_FUNCTION_TRACER is not set +# CONFIG_IRQSOFF_TRACER is not set +# CONFIG_SCHED_TRACER is not set +# CONFIG_FTRACE_SYSCALLS is not set +CONFIG_BRANCH_PROFILE_NONE=y +# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set +# CONFIG_PROFILE_ALL_BRANCHES is not set +# CONFIG_STACK_TRACER is not set +CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENT=y +# CONFIG_FTRACE_STARTUP_TEST is not set +# CONFIG_MMIOTRACE is not set +# CONFIG_RING_BUFFER_BENCHMARK is not set +CONFIG_PROVIDE_OHCI1394_DMA_INIT=y +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_ATOMIC64_SELFTEST is not set +# CONFIG_SAMPLES is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_HAVE_ARCH_KMEMCHECK=y +# CONFIG_STRICT_DEVMEM is not set +CONFIG_X86_VERBOSE_BOOTUP=y +CONFIG_EARLY_PRINTK=y +CONFIG_EARLY_PRINTK_DBGP=y +CONFIG_DEBUG_STACKOVERFLOW=y +CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_PER_CPU_MAPS is not set +# CONFIG_X86_PTDUMP is not set +CONFIG_DEBUG_RODATA=y +# CONFIG_DEBUG_RODATA_TEST is not set +CONFIG_DEBUG_NX_TEST=m +# CONFIG_IOMMU_DEBUG is not set +# CONFIG_IOMMU_STRESS is not set +CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set +CONFIG_IO_DELAY_TYPE_0X80=0 +CONFIG_IO_DELAY_TYPE_0XED=1 +CONFIG_IO_DELAY_TYPE_UDELAY=2 +CONFIG_IO_DELAY_TYPE_NONE=3 +CONFIG_IO_DELAY_0X80=y +# CONFIG_IO_DELAY_0XED is not set +# CONFIG_IO_DELAY_UDELAY is not set +# CONFIG_IO_DELAY_NONE is not set +CONFIG_DEFAULT_IO_DELAY_TYPE=0 +CONFIG_DEBUG_BOOT_PARAMS=y +# CONFIG_CPA_DEBUG is not set +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set + +# +# Security options +# +CONFIG_KEYS=y +CONFIG_KEYS_DEBUG_PROC_KEYS=y +CONFIG_SECURITY=y +# CONFIG_SECURITYFS is not set +CONFIG_SECURITY_NETWORK=y +CONFIG_SECURITY_NETWORK_XFRM=y +# CONFIG_SECURITY_PATH is not set +# CONFIG_INTEL_TXT is not set +CONFIG_LSM_MMAP_MIN_ADDR=65536 +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_SELINUX_DISABLE=y +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_SECURITY_APPARMOR is not set +# CONFIG_IMA is not set +CONFIG_DEFAULT_SECURITY_SELINUX=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="selinux" +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_ASYNC_RAID6_TEST=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +# CONFIG_CRYPTO_FIPS is not set +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=m +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_PCOMP=m +CONFIG_CRYPTO_PCOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_NULL=m +# CONFIG_CRYPTO_PCRYPT is not set +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_CRYPTD=m +CONFIG_CRYPTO_AUTHENC=y +CONFIG_CRYPTO_TEST=m + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_CTS=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=m +CONFIG_CRYPTO_FPU=m + +# +# Hash modes +# +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_VMAC=m + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=m +CONFIG_CRYPTO_CRC32C_INTEL=m +CONFIG_CRYPTO_GHASH=m +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_MICHAEL_MIC=m +CONFIG_CRYPTO_RMD128=m +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_RMD256=m +CONFIG_CRYPTO_RMD320=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=m +CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_TGR192=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_X86_64=m +CONFIG_CRYPTO_AES_NI_INTEL=m +CONFIG_CRYPTO_ANUBIS=m +CONFIG_CRYPTO_ARC4=y +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=y +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SALSA20=m +CONFIG_CRYPTO_SALSA20_X86_64=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +CONFIG_CRYPTO_TWOFISH_X86_64=m + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m + +# +# Random Number Generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_PADLOCK is not set +# CONFIG_CRYPTO_DEV_HIFN_795X is not set +CONFIG_HAVE_KVM=y +# CONFIG_VIRTUALIZATION is not set +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_RAID6_PQ=m +CONFIG_BITREVERSE=y +CONFIG_GENERIC_FIND_FIRST_BIT=y +CONFIG_GENERIC_FIND_NEXT_BIT=y +CONFIG_GENERIC_FIND_LAST_BIT=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC7=m +CONFIG_LIBCRC32C=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=m +CONFIG_LZO_COMPRESS=m +CONFIG_LZO_DECOMPRESS=y +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_DMA=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m diff --git a/kernel-config/config-2.6.37-00 b/kernel-config/config-2.6.37-00 new file mode 100644 index 0000000..093538e --- /dev/null +++ b/kernel-config/config-2.6.37-00 @@ -0,0 +1,2725 @@ +# +# Automatically generated make config: don't edit +# Linux/x86_64 2.6.37 Kernel Configuration +# Fri Jan 14 14:06:12 2011 +# +CONFIG_64BIT=y +# CONFIG_X86_32 is not set +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_INSTRUCTION_DECODER=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_GENERIC_CMOS_UPDATE=y +CONFIG_CLOCKSOURCE_WATCHDOG=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_MMU=y +CONFIG_ZONE_DMA=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_IOMAP=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +# CONFIG_RWSEM_GENERIC_SPINLOCK is not set +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_ARCH_HAS_CPU_IDLE_WAIT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_DEFAULT_IDLE=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_HAVE_CPUMASK_OF_CPU_MAP=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ZONE_DMA32=y +CONFIG_ARCH_POPULATES_NODE_MAP=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_USE_GENERIC_SMP_HELPERS=y +CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y +CONFIG_X86_TRAMPOLINE=y +CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" +# CONFIG_KTIME_SCALAR is not set +CONFIG_ARCH_CPU_PROBE_RELEASE=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_CONSTRUCTORS=y +CONFIG_HAVE_IRQ_WORK=y +CONFIG_IRQ_WORK=y + +# +# General setup +# +CONFIG_EXPERIMENTAL=y +CONFIG_LOCK_KERNEL=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" +CONFIG_LOCALVERSION="" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_BZIP2=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_BZIP2 is not set +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_LZO is not set +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_WATCH=y +CONFIG_AUDIT_TREE=y +CONFIG_HAVE_GENERIC_HARDIRQS=y + +# +# IRQ subsystem +# +CONFIG_GENERIC_HARDIRQS=y +CONFIG_GENERIC_HARDIRQS_NO__DO_IRQ=y +# CONFIG_GENERIC_HARDIRQS_NO_DEPRECATED is not set +CONFIG_HAVE_SPARSE_IRQ=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_PENDING_IRQ=y +# CONFIG_AUTO_IRQ_AFFINITY is not set +# CONFIG_IRQ_PER_CPU is not set +# CONFIG_HARDIRQS_SW_RESEND is not set +CONFIG_SPARSE_IRQ=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +# CONFIG_PREEMPT_RCU is not set +# CONFIG_RCU_TRACE is not set +CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_FANOUT_EXACT is not set +# CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=18 +CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y +CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_NS=y +CONFIG_CGROUP_FREEZER=y +# CONFIG_CGROUP_DEVICE is not set +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_RESOURCE_COUNTERS=y +# CONFIG_CGROUP_MEM_RES_CTLR is not set +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +# CONFIG_RT_GROUP_SCHED is not set +CONFIG_BLK_CGROUP=m +# CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +CONFIG_SYSFS_DEPRECATED=y +# CONFIG_SYSFS_DEPRECATED_V2 is not set +CONFIG_RELAY=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_LZO=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +# CONFIG_EMBEDDED is not set +CONFIG_UID16=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_EXTRA_PASS=y +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_PCSPKR_PLATFORM=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +CONFIG_HAVE_PERF_EVENTS=y + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_PERF_COUNTERS is not set +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_PCI_QUIRKS=y +CONFIG_SLUB_DEBUG=y +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB is not set +CONFIG_SLUB=y +CONFIG_PROFILING=y +CONFIG_TRACEPOINTS=y +# CONFIG_OPROFILE is not set +CONFIG_HAVE_OPROFILE=y +CONFIG_KPROBES=y +# CONFIG_JUMP_LABEL is not set +CONFIG_OPTPROBES=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y +CONFIG_HAVE_USER_RETURN_NOTIFIER=y +CONFIG_HAVE_PERF_EVENTS_NMI=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set +CONFIG_SLABINFO=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_FORCE_LOAD=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_STOP_MACHINE=y +CONFIG_BLOCK=y +CONFIG_BLK_DEV_BSG=y +# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLOCK_COMPAT=y + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=y +CONFIG_IOSCHED_CFQ=m +# CONFIG_CFQ_GROUP_IOSCHED is not set +CONFIG_DEFAULT_DEADLINE=y +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="deadline" +# CONFIG_INLINE_SPIN_TRYLOCK is not set +# CONFIG_INLINE_SPIN_TRYLOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK is not set +# CONFIG_INLINE_SPIN_LOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK_IRQ is not set +# CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set +CONFIG_INLINE_SPIN_UNLOCK=y +# CONFIG_INLINE_SPIN_UNLOCK_BH is not set +CONFIG_INLINE_SPIN_UNLOCK_IRQ=y +# CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_READ_TRYLOCK is not set +# CONFIG_INLINE_READ_LOCK is not set +# CONFIG_INLINE_READ_LOCK_BH is not set +# CONFIG_INLINE_READ_LOCK_IRQ is not set +# CONFIG_INLINE_READ_LOCK_IRQSAVE is not set +CONFIG_INLINE_READ_UNLOCK=y +# CONFIG_INLINE_READ_UNLOCK_BH is not set +CONFIG_INLINE_READ_UNLOCK_IRQ=y +# CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_WRITE_TRYLOCK is not set +# CONFIG_INLINE_WRITE_LOCK is not set +# CONFIG_INLINE_WRITE_LOCK_BH is not set +# CONFIG_INLINE_WRITE_LOCK_IRQ is not set +# CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set +CONFIG_INLINE_WRITE_UNLOCK=y +# CONFIG_INLINE_WRITE_UNLOCK_BH is not set +CONFIG_INLINE_WRITE_UNLOCK_IRQ=y +# CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_FREEZER=y + +# +# Processor type and features +# +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_GENERIC_CLOCKEVENTS_BUILD=y +CONFIG_SMP=y +CONFIG_X86_MPPARSE=y +CONFIG_X86_EXTENDED_PLATFORM=y +# CONFIG_X86_VSMP is not set +CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y +CONFIG_SCHED_OMIT_FRAME_POINTER=y +# CONFIG_PARAVIRT_GUEST is not set +CONFIG_NO_BOOTMEM=y +# CONFIG_MEMTEST is not set +CONFIG_MK8=y +# CONFIG_MPSC is not set +# CONFIG_MCORE2 is not set +# CONFIG_MATOM is not set +# CONFIG_GENERIC_CPU is not set +CONFIG_X86_CPU=y +CONFIG_X86_INTERNODE_CACHE_SHIFT=7 +CONFIG_X86_CMPXCHG=y +CONFIG_X86_L1_CACHE_SHIFT=6 +CONFIG_X86_XADD=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INTEL_USERCOPY=y +CONFIG_X86_USE_PPRO_CHECKSUM=y +CONFIG_X86_TSC=y +CONFIG_X86_CMPXCHG64=y +CONFIG_X86_CMOV=y +CONFIG_X86_MINIMUM_CPU_FAMILY=64 +CONFIG_X86_DEBUGCTLMSR=y +CONFIG_CPU_SUP_INTEL=y +CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_CENTAUR=y +CONFIG_HPET_TIMER=y +CONFIG_HPET_EMULATE_RTC=y +CONFIG_DMI=y +CONFIG_GART_IOMMU=y +CONFIG_CALGARY_IOMMU=y +CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y +CONFIG_AMD_IOMMU=y +CONFIG_AMD_IOMMU_STATS=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +CONFIG_IOMMU_API=y +# CONFIG_MAXSMP is not set +CONFIG_NR_CPUS=64 +CONFIG_SCHED_SMT=y +CONFIG_SCHED_MC=y +# CONFIG_IRQ_TIME_ACCOUNTING is not set +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_X86_LOCAL_APIC=y +CONFIG_X86_IO_APIC=y +CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y +CONFIG_X86_MCE=y +CONFIG_X86_MCE_INTEL=y +CONFIG_X86_MCE_AMD=y +CONFIG_X86_MCE_THRESHOLD=y +# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_I8K is not set +CONFIG_MICROCODE=y +CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_AMD=y +CONFIG_MICROCODE_OLD_INTERFACE=y +CONFIG_X86_MSR=y +CONFIG_X86_CPUID=y +CONFIG_ARCH_PHYS_ADDR_T_64BIT=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DIRECT_GBPAGES=y +CONFIG_NUMA=y +CONFIG_K8_NUMA=y +CONFIG_X86_64_ACPI_NUMA=y +CONFIG_NODES_SPAN_OTHER_NODES=y +# CONFIG_NUMA_EMU is not set +CONFIG_NODES_SHIFT=6 +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_ARCH_SPARSEMEM_DEFAULT=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_SPARSEMEM_MANUAL=y +CONFIG_SPARSEMEM=y +CONFIG_NEED_MULTIPLE_NODES=y +CONFIG_HAVE_MEMORY_PRESENT=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y +CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_HAVE_MEMBLOCK=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_PAGEFLAGS_EXTENDED=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +# CONFIG_COMPACTION is not set +CONFIG_MIGRATION=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_ZONE_DMA_FLAG=1 +CONFIG_BOUNCE=y +CONFIG_VIRT_TO_BUS=y +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +CONFIG_X86_CHECK_BIOS_CORRUPTION=y +CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +CONFIG_X86_RESERVE_LOW=64 +CONFIG_MTRR=y +# CONFIG_MTRR_SANITIZER is not set +CONFIG_X86_PAT=y +CONFIG_ARCH_USES_PG_UNCACHED=y +CONFIG_EFI=y +CONFIG_SECCOMP=y +# CONFIG_CC_STACKPROTECTOR is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_KEXEC=y +CONFIG_CRASH_DUMP=y +CONFIG_PHYSICAL_START=0x1000000 +CONFIG_RELOCATABLE=y +CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_HOTPLUG_CPU=y +# CONFIG_COMPAT_VDSO is not set +# CONFIG_CMDLINE_BOOL is not set +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_HAVE_ARCH_EARLY_PFN_TO_NID=y +CONFIG_USE_PERCPU_NUMA_NODE_ID=y + +# +# Power management and ACPI options +# +CONFIG_PM=y +CONFIG_PM_DEBUG=y +CONFIG_PM_ADVANCED_DEBUG=y +# CONFIG_PM_VERBOSE is not set +CONFIG_CAN_PM_TRACE=y +CONFIG_PM_TRACE=y +CONFIG_PM_TRACE_RTC=y +CONFIG_PM_SLEEP_SMP=y +CONFIG_PM_SLEEP=y +# CONFIG_PM_SLEEP_ADVANCED_DEBUG is not set +CONFIG_SUSPEND_NVS=y +CONFIG_SUSPEND=y +CONFIG_SUSPEND_FREEZER=y +# CONFIG_HIBERNATION is not set +# CONFIG_PM_RUNTIME is not set +CONFIG_PM_OPS=y +CONFIG_ACPI=y +CONFIG_ACPI_SLEEP=y +CONFIG_ACPI_PROCFS=y +CONFIG_ACPI_PROCFS_POWER=y +CONFIG_ACPI_POWER_METER=m +CONFIG_ACPI_EC_DEBUGFS=m +CONFIG_ACPI_PROC_EVENT=y +CONFIG_ACPI_AC=y +CONFIG_ACPI_BATTERY=y +CONFIG_ACPI_BUTTON=y +CONFIG_ACPI_FAN=y +CONFIG_ACPI_DOCK=y +CONFIG_ACPI_PROCESSOR=y +CONFIG_ACPI_HOTPLUG_CPU=y +CONFIG_ACPI_PROCESSOR_AGGREGATOR=m +CONFIG_ACPI_THERMAL=y +CONFIG_ACPI_NUMA=y +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_PCI_SLOT=m +CONFIG_X86_PM_TIMER=y +CONFIG_ACPI_CONTAINER=y +# CONFIG_ACPI_SBS is not set +CONFIG_ACPI_HED=m +CONFIG_ACPI_APEI=y +CONFIG_ACPI_APEI_GHES=m +CONFIG_ACPI_APEI_EINJ=m +CONFIG_ACPI_APEI_ERST_DEBUG=m +# CONFIG_SFI is not set + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=y +CONFIG_CPU_FREQ_DEBUG=y +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_STAT_DETAILS=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=y +# CONFIG_CPU_FREQ_GOV_POWERSAVE is not set +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=y +# CONFIG_CPU_FREQ_GOV_CONSERVATIVE is not set + +# +# CPUFreq processor drivers +# +# CONFIG_X86_PCC_CPUFREQ is not set +CONFIG_X86_ACPI_CPUFREQ=y +CONFIG_X86_POWERNOW_K8=m +# CONFIG_X86_SPEEDSTEP_CENTRINO is not set +# CONFIG_X86_P4_CLOCKMOD is not set + +# +# shared options +# +# CONFIG_X86_SPEEDSTEP_LIB is not set +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +# CONFIG_INTEL_IDLE is not set + +# +# Memory power savings +# +# CONFIG_I7300_IDLE is not set + +# +# Bus options (PCI etc.) +# +CONFIG_PCI=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCI_DOMAINS=y +# CONFIG_PCI_CNB20LE_QUIRK is not set +CONFIG_DMAR=y +# CONFIG_DMAR_DEFAULT_ON is not set +CONFIG_DMAR_FLOPPY_WA=y +# CONFIG_INTR_REMAP is not set +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEAER_INJECT is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_ARCH_SUPPORTS_MSI=y +CONFIG_PCI_MSI=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_HT_IRQ=y +# CONFIG_PCI_IOV is not set +CONFIG_PCI_IOAPIC=y +CONFIG_ISA_DMA_API=y +CONFIG_AMD_NB=y +# CONFIG_PCCARD is not set +# CONFIG_HOTPLUG_PCI is not set + +# +# Executable file formats / Emulations +# +CONFIG_BINFMT_ELF=y +CONFIG_COMPAT_BINFMT_ELF=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +# CONFIG_HAVE_AOUT is not set +CONFIG_BINFMT_MISC=y +CONFIG_IA32_EMULATION=y +CONFIG_IA32_AOUT=m +CONFIG_COMPAT=y +CONFIG_COMPAT_FOR_U64_ALIGNMENT=y +CONFIG_SYSVIPC_COMPAT=y +CONFIG_HAVE_TEXT_POKE_SMP=y +CONFIG_NET=y +CONFIG_COMPAT_NETLINK_MESSAGES=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_SUB_POLICY is not set +CONFIG_XFRM_MIGRATE=y +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_ASK_IP_FIB_HASH=y +# CONFIG_IP_FIB_TRIE is not set +CONFIG_IP_FIB_HASH=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +CONFIG_IP_PNP_RARP=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE=y +CONFIG_IP_MROUTE_MULTIPLE_TABLES=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_ARPD=y +CONFIG_SYN_COOKIES=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_LRO=y +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +# CONFIG_TCP_CONG_BIC is not set +CONFIG_TCP_CONG_CUBIC=y +# CONFIG_TCP_CONG_WESTWOOD is not set +# CONFIG_TCP_CONG_HTCP is not set +# CONFIG_TCP_CONG_HSTCP is not set +# CONFIG_TCP_CONG_HYBLA is not set +# CONFIG_TCP_CONG_VEGAS is not set +# CONFIG_TCP_CONG_SCALABLE is not set +# CONFIG_TCP_CONG_LP is not set +# CONFIG_TCP_CONG_VENO is not set +# CONFIG_TCP_CONG_YEAH is not set +# CONFIG_TCP_CONG_ILLINOIS is not set +CONFIG_DEFAULT_CUBIC=y +# CONFIG_DEFAULT_RENO is not set +CONFIG_DEFAULT_TCP_CONG="cubic" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_PRIVACY=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_SIT=m +# CONFIG_IPV6_SIT_6RD is not set +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETLABEL=y +CONFIG_NETWORK_SECMARK=y +# CONFIG_NETWORK_PHY_TIMESTAMPING is not set +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=y + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_SECMARK=y +# CONFIG_NF_CONNTRACK_ZONES is not set +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CT_PROTO_DCCP=m +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CT_PROTO_SCTP=m +CONFIG_NF_CT_PROTO_UDPLITE=m +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NETFILTER_TPROXY=m +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=m +CONFIG_NETFILTER_XT_CONNMARK=m + +# +# Xtables targets +# +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +CONFIG_NETFILTER_XT_TARGET_NOTRACK=m +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TRACE=m +CONFIG_NETFILTER_XT_TARGET_SECMARK=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m + +# +# Xtables matches +# +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_IP_NF_QUEUE=m +CONFIG_IP_NF_IPTABLES=y +CONFIG_IP_NF_MATCH_ADDRTYPE=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_LOG=y +CONFIG_IP_NF_TARGET_ULOG=y +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_DCCP=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PROTO_UDPLITE=m +CONFIG_NF_NAT_PROTO_SCTP=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_NF_NAT_SIP=m +CONFIG_IP_NF_MANGLE=y +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_IP6_NF_QUEUE=m +CONFIG_IP6_NF_IPTABLES=y +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_TARGET_LOG=y +CONFIG_IP6_NF_FILTER=y +CONFIG_IP6_NF_TARGET_REJECT=y +CONFIG_IP6_NF_MANGLE=y +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_ULOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_TFRC_LIB=y + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# CONFIG_NET_DCCPPROBE is not set +CONFIG_IP_SCTP=m +CONFIG_NET_SCTPPROBE=m +# CONFIG_SCTP_DBG_MSG is not set +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_HMAC_NONE is not set +# CONFIG_SCTP_HMAC_SHA1 is not set +CONFIG_SCTP_HMAC_MD5=y +CONFIG_RDS=m +# CONFIG_RDS_RDMA is not set +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +# CONFIG_TIPC_ADVANCED is not set +# CONFIG_TIPC_DEBUG is not set +# CONFIG_ATM is not set +CONFIG_L2TP=m +CONFIG_L2TP_DEBUGFS=m +# CONFIG_L2TP_V3 is not set +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=m +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_IPX=m +# CONFIG_IPX_INTERN is not set +CONFIG_ATALK=m +# CONFIG_DEV_APPLETALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set +# CONFIG_PHONET is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_INGRESS=m + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_ROUTE=y +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_RSVP6=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +# CONFIG_GACT_PROB is not set +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +CONFIG_NET_ACT_CSUM=m +# CONFIG_NET_CLS_IND is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set +CONFIG_DNS_RESOLVER=y +CONFIG_RPS=y + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +CONFIG_NET_TCPPROBE=m +# CONFIG_NET_DROP_MONITOR is not set +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +CONFIG_AF_RXRPC=m +# CONFIG_AF_RXRPC_DEBUG is not set +# CONFIG_RXKAD is not set +CONFIG_FIB_RULES=y +CONFIG_WIRELESS=y +CONFIG_WEXT_CORE=y +CONFIG_WEXT_PROC=y +CONFIG_CFG80211=y +# CONFIG_NL80211_TESTMODE is not set +# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set +# CONFIG_CFG80211_REG_DEBUG is not set +CONFIG_CFG80211_DEFAULT_PS=y +# CONFIG_CFG80211_DEBUGFS is not set +# CONFIG_CFG80211_INTERNAL_REGDB is not set +CONFIG_CFG80211_WEXT=y +CONFIG_WIRELESS_EXT_SYSFS=y +# CONFIG_LIB80211 is not set +CONFIG_MAC80211=y +CONFIG_MAC80211_HAS_RC=y +CONFIG_MAC80211_RC_MINSTREL=y +CONFIG_MAC80211_RC_MINSTREL_HT=y +CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT="minstrel_ht" +# CONFIG_MAC80211_MESH is not set +CONFIG_MAC80211_LEDS=y +# CONFIG_MAC80211_DEBUGFS is not set +# CONFIG_MAC80211_DEBUG_MENU is not set +# CONFIG_WIMAX is not set +CONFIG_RFKILL=y +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +# CONFIG_NET_9P is not set +# CONFIG_CAIF is not set +CONFIG_CEPH_LIB=m +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" +# CONFIG_DEVTMPFS is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y +CONFIG_FW_LOADER=y +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_SYS_HYPERVISOR is not set +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y +# CONFIG_MTD is not set +# CONFIG_PARPORT is not set +CONFIG_PNP=y +CONFIG_PNP_DEBUG_MESSAGES=y + +# +# Protocols +# +CONFIG_PNPACPI=y +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_FD is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=y +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +# CONFIG_BLK_DEV_OSD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_BLK_DEV_XIP is not set +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +# CONFIG_BLK_DEV_HD is not set +# CONFIG_BLK_DEV_RBD is not set +CONFIG_MISC_DEVICES=y +# CONFIG_AD525X_DPOT is not set +# CONFIG_IBM_ASM is not set +# CONFIG_PHANTOM is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_CS5535_MFGPT is not set +# CONFIG_HP_ILO is not set +# CONFIG_APDS9802ALS is not set +# CONFIG_ISL29003 is not set +# CONFIG_ISL29020 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1780 is not set +# CONFIG_SENSORS_BH1770 is not set +# CONFIG_SENSORS_APDS990X is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_VMWARE_BALLOON is not set +# CONFIG_BMP085 is not set +# CONFIG_PCH_PHUB is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +# CONFIG_EEPROM_AT24 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_CB710_CORE is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_TI_ST is not set +CONFIG_HAVE_IDE=y +# CONFIG_IDE is not set + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=m +CONFIG_BLK_DEV_SR_VENDOR=y +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_MULTI_LUN is not set +CONFIG_SCSI_CONSTANTS=y +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set +CONFIG_SCSI_WAIT_SCAN=m + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=y +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +# CONFIG_SCSI_SAS_ATA is not set +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SAS_LIBSAS_DEBUG=y +CONFIG_SCSI_SRP_ATTRS=m +# CONFIG_SCSI_LOWLEVEL is not set +CONFIG_SCSI_DH=m +# CONFIG_SCSI_DH_RDAC is not set +# CONFIG_SCSI_DH_HP_SW is not set +# CONFIG_SCSI_DH_EMC is not set +# CONFIG_SCSI_DH_ALUA is not set +CONFIG_SCSI_OSD_INITIATOR=m +CONFIG_SCSI_OSD_ULD=m +CONFIG_SCSI_OSD_DPRINT_SENSE=1 +# CONFIG_SCSI_OSD_DEBUG is not set +CONFIG_ATA=y +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_ATA_VERBOSE_ERROR=y +CONFIG_ATA_ACPI=y +CONFIG_SATA_PMP=y + +# +# Controllers with non-SFF native interface +# +CONFIG_SATA_AHCI=y +# CONFIG_SATA_AHCI_PLATFORM is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y + +# +# SFF controllers with custom DMA interface +# +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_SX4 is not set +CONFIG_ATA_BMDMA=y + +# +# SATA SFF controllers with BMDMA +# +CONFIG_ATA_PIIX=y +# CONFIG_SATA_MV is not set +# CONFIG_SATA_NV is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_SVW is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set + +# +# PATA SFF controllers with BMDMA +# +# CONFIG_PATA_ALI is not set +CONFIG_PATA_AMD=y +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CS5520 is not set +# CONFIG_PATA_CS5530 is not set +# CONFIG_PATA_CS5536 is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87415 is not set +CONFIG_PATA_OLDPIIX=y +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_SC1200 is not set +CONFIG_PATA_SCH=y +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set + +# +# PIO-only SFF controllers +# +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_MPIIX is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_RZ1000 is not set + +# +# Generic fallback / legacy drivers +# +# CONFIG_PATA_ACPI is not set +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_LEGACY is not set +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=y +CONFIG_MD_RAID10=y +CONFIG_MD_RAID456=m +CONFIG_MULTICORE_RAID456=y +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_MIRROR=y +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m +# CONFIG_DM_UEVENT is not set +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# +# CONFIG_FIREWIRE is not set +CONFIG_FIREWIRE_NOSY=m +CONFIG_I2O=m +CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y +CONFIG_I2O_EXT_ADAPTEC=y +CONFIG_I2O_EXT_ADAPTEC_DMA64=y +CONFIG_I2O_CONFIG=m +CONFIG_I2O_CONFIG_OLD_IOCTL=y +CONFIG_I2O_BUS=m +CONFIG_I2O_BLOCK=m +# CONFIG_I2O_SCSI is not set +CONFIG_I2O_PROC=m +# CONFIG_MACINTOSH_DRIVERS is not set +CONFIG_NETDEVICES=y +CONFIG_IFB=m +CONFIG_DUMMY=m +CONFIG_BONDING=m +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +# CONFIG_EQUALIZER is not set +CONFIG_TUN=m +CONFIG_VETH=m +# CONFIG_NET_SB1000 is not set +# CONFIG_ARCNET is not set +CONFIG_MII=y +CONFIG_PHYLIB=y + +# +# MII PHY device drivers +# +# CONFIG_MARVELL_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_VITESSE_PHY is not set +CONFIG_SMSC_PHY=m +# CONFIG_BROADCOM_PHY is not set +CONFIG_BCM63XX_PHY=m +# CONFIG_ICPLUS_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_FIXED_PHY is not set +# CONFIG_MDIO_BITBANG is not set +CONFIG_NET_ETHERNET=y +CONFIG_HAPPYMEAL=m +CONFIG_SUNGEM=m +CONFIG_CASSINI=m +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=m +CONFIG_TYPHOON=m +CONFIG_ETHOC=m +CONFIG_DNET=m +CONFIG_NET_TULIP=y +CONFIG_DE2104X=m +CONFIG_DE2104X_DSL=0 +CONFIG_TULIP=m +# CONFIG_TULIP_MWI is not set +# CONFIG_TULIP_MMIO is not set +# CONFIG_TULIP_NAPI is not set +CONFIG_DE4X5=m +CONFIG_WINBOND_840=m +CONFIG_DM9102=m +CONFIG_ULI526X=m +# CONFIG_HP100 is not set +# CONFIG_IBM_NEW_EMAC_ZMII is not set +# CONFIG_IBM_NEW_EMAC_RGMII is not set +# CONFIG_IBM_NEW_EMAC_TAH is not set +# CONFIG_IBM_NEW_EMAC_EMAC4 is not set +# CONFIG_IBM_NEW_EMAC_NO_FLOW_CTRL is not set +# CONFIG_IBM_NEW_EMAC_MAL_CLR_ICINTSTAT is not set +# CONFIG_IBM_NEW_EMAC_MAL_COMMON_ERR is not set +CONFIG_NET_PCI=y +CONFIG_PCNET32=m +CONFIG_AMD8111_ETH=m +CONFIG_ADAPTEC_STARFIRE=m +CONFIG_KSZ884X_PCI=m +CONFIG_B44=m +CONFIG_B44_PCI_AUTOSELECT=y +CONFIG_B44_PCICORE_AUTOSELECT=y +CONFIG_B44_PCI=y +CONFIG_FORCEDETH=m +CONFIG_E100=m +CONFIG_FEALNX=m +CONFIG_NATSEMI=m +CONFIG_NE2K_PCI=m +CONFIG_8139CP=m +CONFIG_8139TOO=m +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_R6040=m +CONFIG_SIS900=m +CONFIG_EPIC100=m +CONFIG_SMSC9420=m +CONFIG_SUNDANCE=m +# CONFIG_SUNDANCE_MMIO is not set +CONFIG_TLAN=m +CONFIG_KS8842=m +CONFIG_KS8851_MLL=m +CONFIG_VIA_RHINE=m +# CONFIG_VIA_RHINE_MMIO is not set +CONFIG_SC92031=m +CONFIG_ATL2=m +CONFIG_NETDEV_1000=y +CONFIG_ACENIC=m +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_DL2K=m +CONFIG_E1000=m +CONFIG_E1000E=m +CONFIG_IP1000=m +CONFIG_IGB=m +CONFIG_IGBVF=m +CONFIG_NS83820=m +CONFIG_HAMACHI=m +CONFIG_YELLOWFIN=m +CONFIG_R8169=m +CONFIG_R8169_VLAN=y +CONFIG_SIS190=m +CONFIG_SKGE=m +# CONFIG_SKGE_DEBUG is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +CONFIG_VIA_VELOCITY=m +CONFIG_TIGON3=m +CONFIG_BNX2=m +CONFIG_CNIC=m +CONFIG_QLA3XXX=m +CONFIG_ATL1=m +CONFIG_ATL1E=m +CONFIG_ATL1C=m +CONFIG_JME=m +CONFIG_STMMAC_ETH=m +# CONFIG_STMMAC_DA is not set +# CONFIG_STMMAC_DUAL_MAC is not set +CONFIG_PCH_GBE=m +CONFIG_NETDEV_10000=y +CONFIG_MDIO=m +CONFIG_CHELSIO_T1=m +CONFIG_CHELSIO_T1_1G=y +CONFIG_CHELSIO_T3_DEPENDS=y +CONFIG_CHELSIO_T3=m +CONFIG_CHELSIO_T4_DEPENDS=y +CONFIG_CHELSIO_T4=m +CONFIG_CHELSIO_T4VF_DEPENDS=y +CONFIG_CHELSIO_T4VF=m +CONFIG_ENIC=m +CONFIG_IXGBE=m +CONFIG_IXGBEVF=m +CONFIG_IXGB=m +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set +CONFIG_MYRI10GE=m +CONFIG_NETXEN_NIC=m +CONFIG_NIU=m +CONFIG_MLX4_EN=m +CONFIG_MLX4_CORE=m +CONFIG_MLX4_DEBUG=y +CONFIG_TEHUTI=m +CONFIG_BNX2X=m +CONFIG_QLCNIC=m +CONFIG_QLGE=m +CONFIG_BNA=m +CONFIG_SFC=m +CONFIG_BE2NET=m +# CONFIG_TR is not set +# CONFIG_WLAN is not set + +# +# Enable WiMAX (Networking options) to see the WiMAX drivers +# +# CONFIG_WAN is not set + +# +# CAIF transport drivers +# +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_NET_FC is not set +CONFIG_NETCONSOLE=y +# CONFIG_NETCONSOLE_DYNAMIC is not set +CONFIG_NETPOLL=y +# CONFIG_NETPOLL_TRAP is not set +CONFIG_NET_POLL_CONTROLLER=y +# CONFIG_VMXNET3 is not set +# CONFIG_ISDN is not set +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_FF_MEMLESS=y +CONFIG_INPUT_POLLDEV=y +# CONFIG_INPUT_SPARSEKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_QT2160 is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_TCA6416 is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_MCS is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +CONFIG_SERIO_SERPORT=y +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_SERIO_ALTERA_PS2 is not set +CONFIG_SERIO_PS2MULT=m +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_DEVKMEM=y +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_COMPUTONE is not set +# CONFIG_ROCKETPORT is not set +# CONFIG_CYCLADES is not set +# CONFIG_DIGIEPCA is not set +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_ISI is not set +# CONFIG_SYNCLINK is not set +# CONFIG_SYNCLINKMP is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_N_HDLC is not set +# CONFIG_N_GSM is not set +# CONFIG_RISCOM8 is not set +# CONFIG_SPECIALIX is not set +# CONFIG_STALDRV is not set +# CONFIG_NOZOMI is not set + +# +# Serial drivers +# +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_SERIAL_8250_PCI=y +CONFIG_SERIAL_8250_PNP=y +CONFIG_SERIAL_8250_NR_UARTS=32 +CONFIG_SERIAL_8250_RUNTIME_UARTS=4 +CONFIG_SERIAL_8250_EXTENDED=y +CONFIG_SERIAL_8250_MANY_PORTS=y +CONFIG_SERIAL_8250_SHARE_IRQ=y +CONFIG_SERIAL_8250_DETECT_IRQ=y +CONFIG_SERIAL_8250_RSA=y + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_MFD_HSU is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_TIMBERDALE is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +CONFIG_UNIX98_PTYS=y +# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set +# CONFIG_LEGACY_PTYS is not set +CONFIG_IPMI_HANDLER=m +# CONFIG_IPMI_PANIC_EVENT is not set +CONFIG_IPMI_DEVICE_INTERFACE=m +CONFIG_IPMI_SI=m +CONFIG_IPMI_WATCHDOG=m +CONFIG_IPMI_POWEROFF=m +CONFIG_HW_RANDOM=m +CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_NVRAM=y +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_MWAVE is not set +# CONFIG_RAW_DRIVER is not set +CONFIG_HPET=y +# CONFIG_HPET_MMAP is not set +# CONFIG_HANGCHECK_TIMER is not set +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set +CONFIG_DEVPORT=y +# CONFIG_RAMOOPS is not set +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_MUX=m + +# +# Multiplexer I2C Chip support +# +CONFIG_I2C_MUX_PCA9541=m +CONFIG_I2C_MUX_PCA954x=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_SMBUS=m +CONFIG_I2C_ALGOBIT=m +CONFIG_I2C_ALGOPCA=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +CONFIG_I2C_ALI1535=m +CONFIG_I2C_ALI1563=m +CONFIG_I2C_ALI15X3=m +CONFIG_I2C_AMD756=m +CONFIG_I2C_AMD756_S4882=m +CONFIG_I2C_AMD8111=m +CONFIG_I2C_I801=m +CONFIG_I2C_ISCH=m +CONFIG_I2C_PIIX4=m +CONFIG_I2C_NFORCE2=m +CONFIG_I2C_NFORCE2_S4985=m +CONFIG_I2C_SIS5595=m +CONFIG_I2C_SIS630=m +CONFIG_I2C_SIS96X=m +CONFIG_I2C_VIA=m +CONFIG_I2C_VIAPRO=m + +# +# ACPI drivers +# +CONFIG_I2C_SCMI=m + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +CONFIG_I2C_INTEL_MID=m +CONFIG_I2C_OCORES=m +CONFIG_I2C_PCA_PLATFORM=m +CONFIG_I2C_SIMTEC=m +# CONFIG_I2C_XILINX is not set + +# +# External I2C/SMBus adapter drivers +# +CONFIG_I2C_PARPORT_LIGHT=m +CONFIG_I2C_TAOS_EVM=m + +# +# Other I2C/SMBus bus drivers +# +CONFIG_I2C_STUB=m +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# CONFIG_SPI is not set + +# +# PPS support +# +# CONFIG_PPS is not set +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +# CONFIG_GPIOLIB is not set +# CONFIG_W1 is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +# CONFIG_PDA_POWER is not set +CONFIG_TEST_POWER=m +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_BQ20Z75 is not set +# CONFIG_BATTERY_BQ27x00 is not set +# CONFIG_BATTERY_MAX17040 is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=m +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +CONFIG_SENSORS_ABITUGURU=m +CONFIG_SENSORS_ABITUGURU3=m +CONFIG_SENSORS_AD7414=m +CONFIG_SENSORS_AD7418=m +CONFIG_SENSORS_ADM1021=m +CONFIG_SENSORS_ADM1025=m +CONFIG_SENSORS_ADM1026=m +CONFIG_SENSORS_ADM1029=m +CONFIG_SENSORS_ADM1031=m +CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7411=m +CONFIG_SENSORS_ADT7462=m +CONFIG_SENSORS_ADT7470=m +CONFIG_SENSORS_ADT7475=m +CONFIG_SENSORS_ASC7621=m +CONFIG_SENSORS_K8TEMP=m +CONFIG_SENSORS_K10TEMP=m +CONFIG_SENSORS_ASB100=m +CONFIG_SENSORS_ATXP1=m +CONFIG_SENSORS_DS1621=m +CONFIG_SENSORS_I5K_AMB=m +CONFIG_SENSORS_F71805F=m +CONFIG_SENSORS_F71882FG=m +CONFIG_SENSORS_F75375S=m +CONFIG_SENSORS_FSCHMD=m +CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_GL518SM=m +CONFIG_SENSORS_GL520SM=m +CONFIG_SENSORS_CORETEMP=m +CONFIG_SENSORS_PKGTEMP=m +CONFIG_SENSORS_IBMAEM=m +CONFIG_SENSORS_IBMPEX=m +CONFIG_SENSORS_IT87=m +CONFIG_SENSORS_JC42=m +CONFIG_SENSORS_LM63=m +CONFIG_SENSORS_LM73=m +CONFIG_SENSORS_LM75=m +CONFIG_SENSORS_LM77=m +CONFIG_SENSORS_LM78=m +CONFIG_SENSORS_LM80=m +CONFIG_SENSORS_LM83=m +CONFIG_SENSORS_LM85=m +CONFIG_SENSORS_LM87=m +CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_LM92=m +CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LTC4215=m +CONFIG_SENSORS_LTC4245=m +CONFIG_SENSORS_LTC4261=m +CONFIG_SENSORS_LM95241=m +CONFIG_SENSORS_MAX1619=m +CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_PC87360=m +CONFIG_SENSORS_PC87427=m +CONFIG_SENSORS_PCF8591=m +CONFIG_SENSORS_SIS5595=m +CONFIG_SENSORS_SMM665=m +CONFIG_SENSORS_DME1737=m +CONFIG_SENSORS_EMC1403=m +CONFIG_SENSORS_EMC2103=m +CONFIG_SENSORS_SMSC47M1=m +CONFIG_SENSORS_SMSC47M192=m +CONFIG_SENSORS_SMSC47B397=m +CONFIG_SENSORS_ADS7828=m +CONFIG_SENSORS_AMC6821=m +CONFIG_SENSORS_THMC50=m +CONFIG_SENSORS_TMP102=m +CONFIG_SENSORS_TMP401=m +CONFIG_SENSORS_TMP421=m +CONFIG_SENSORS_VIA_CPUTEMP=m +CONFIG_SENSORS_VIA686A=m +CONFIG_SENSORS_VT1211=m +CONFIG_SENSORS_VT8231=m +CONFIG_SENSORS_W83781D=m +CONFIG_SENSORS_W83791D=m +CONFIG_SENSORS_W83792D=m +CONFIG_SENSORS_W83793=m +CONFIG_SENSORS_W83795=m +CONFIG_SENSORS_W83795_FANCTRL=y +CONFIG_SENSORS_W83L785TS=m +CONFIG_SENSORS_W83L786NG=m +CONFIG_SENSORS_W83627HF=m +CONFIG_SENSORS_W83627EHF=m +CONFIG_SENSORS_LIS3_I2C=m +CONFIG_SENSORS_APPLESMC=m + +# +# ACPI drivers +# +CONFIG_SENSORS_ATK0110=m +CONFIG_SENSORS_LIS3LV02D=m +CONFIG_THERMAL=y +CONFIG_THERMAL_HWMON=y +CONFIG_WATCHDOG=y +# CONFIG_WATCHDOG_NOWAYOUT is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +CONFIG_ACQUIRE_WDT=m +CONFIG_ADVANTECH_WDT=m +CONFIG_ALIM1535_WDT=m +CONFIG_ALIM7101_WDT=m +CONFIG_F71808E_WDT=m +CONFIG_SC520_WDT=m +CONFIG_SBC_FITPC2_WATCHDOG=m +CONFIG_EUROTECH_WDT=m +CONFIG_IB700_WDT=m +CONFIG_IBMASR=m +CONFIG_WAFER_WDT=m +CONFIG_I6300ESB_WDT=m +CONFIG_ITCO_WDT=m +# CONFIG_ITCO_VENDOR_SUPPORT is not set +CONFIG_IT8712F_WDT=m +CONFIG_IT87_WDT=m +CONFIG_HP_WATCHDOG=m +# CONFIG_HPWDT_NMI_DECODING is not set +CONFIG_SC1200_WDT=m +CONFIG_PC87413_WDT=m +CONFIG_60XX_WDT=m +CONFIG_SBC8360_WDT=m +CONFIG_CPU5_WDT=m +CONFIG_SMSC_SCH311X_WDT=m +CONFIG_SMSC37B787_WDT=m +CONFIG_W83627HF_WDT=m +CONFIG_W83697HF_WDT=m +CONFIG_W83697UG_WDT=m +CONFIG_W83877F_WDT=m +CONFIG_W83977F_WDT=m +CONFIG_MACHZ_WDT=m +CONFIG_SBC_EPX_C3_WATCHDOG=m + +# +# PCI-based Watchdog Cards +# +CONFIG_PCIPCWATCHDOG=m +CONFIG_WDTPCI=m +CONFIG_SSB_POSSIBLE=y + +# +# Sonics Silicon Backplane +# +CONFIG_SSB=m +CONFIG_SSB_SPROM=y +CONFIG_SSB_PCIHOST_POSSIBLE=y +CONFIG_SSB_PCIHOST=y +# CONFIG_SSB_B43_PCI_BRIDGE is not set +# CONFIG_SSB_DEBUG is not set +CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y +CONFIG_SSB_DRIVER_PCICORE=y +CONFIG_MFD_SUPPORT=y +CONFIG_MFD_CORE=m +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_TPS6507X is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_MFD_STMPE is not set +# CONFIG_MFD_TC35892 is not set +# CONFIG_MFD_TMIO is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X_I2C is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_ABX500_CORE is not set +CONFIG_LPC_SCH=m +CONFIG_MFD_RDC321X=m +CONFIG_MFD_JANZ_CMODIO=m +CONFIG_MFD_VX855=m +# CONFIG_REGULATOR is not set +# CONFIG_MEDIA_SUPPORT is not set + +# +# Graphics support +# +# CONFIG_AGP is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +# CONFIG_VGA_SWITCHEROO is not set +# CONFIG_DRM is not set +# CONFIG_STUB_POULSBO is not set +# CONFIG_VGASTATE is not set +# CONFIG_VIDEO_OUTPUT_CONTROL is not set +CONFIG_FB=m +# CONFIG_FIRMWARE_EDID is not set +# CONFIG_FB_DDC is not set +# CONFIG_FB_BOOT_VESA_SUPPORT is not set +# CONFIG_FB_CFB_FILLRECT is not set +# CONFIG_FB_CFB_COPYAREA is not set +# CONFIG_FB_CFB_IMAGEBLIT is not set +# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set +# CONFIG_FB_SYS_FILLRECT is not set +# CONFIG_FB_SYS_COPYAREA is not set +# CONFIG_FB_SYS_IMAGEBLIT is not set +# CONFIG_FB_FOREIGN_ENDIAN is not set +# CONFIG_FB_SYS_FOPS is not set +# CONFIG_FB_SVGALIB is not set +# CONFIG_FB_MACMODES is not set +# CONFIG_FB_BACKLIGHT is not set +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ARC is not set +# CONFIG_FB_VGA16 is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_N411 is not set +# CONFIG_FB_HGA is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_LE80578 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_VIA is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_GEODE is not set +# CONFIG_FB_TMIO is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_BROADSHEET is not set +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set + +# +# Display device support +# +# CONFIG_DISPLAY_SUPPORT is not set + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +CONFIG_VGACON_SOFT_SCROLLBACK=y +CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=64 +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# CONFIG_LOGO is not set +# CONFIG_SOUND is not set +# CONFIG_HID_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_UWB is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=y + +# +# LED drivers +# +# CONFIG_LEDS_ALIX2 is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_LP5521 is not set +# CONFIG_LEDS_LP5523 is not set +# CONFIG_LEDS_CLEVO_MAIL is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_INTEL_SS4200 is not set +CONFIG_LEDS_TRIGGERS=y + +# +# LED Triggers +# +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_ACCESSIBILITY is not set +CONFIG_INFINIBAND=m +CONFIG_INFINIBAND_USER_MAD=m +CONFIG_INFINIBAND_USER_ACCESS=m +CONFIG_INFINIBAND_USER_MEM=y +CONFIG_INFINIBAND_ADDR_TRANS=y +CONFIG_INFINIBAND_MTHCA=m +CONFIG_INFINIBAND_MTHCA_DEBUG=y +CONFIG_INFINIBAND_IPATH=m +CONFIG_INFINIBAND_QIB=m +CONFIG_INFINIBAND_AMSO1100=m +# CONFIG_INFINIBAND_AMSO1100_DEBUG is not set +CONFIG_INFINIBAND_CXGB3=m +# CONFIG_INFINIBAND_CXGB3_DEBUG is not set +CONFIG_INFINIBAND_CXGB4=m +CONFIG_MLX4_INFINIBAND=m +CONFIG_INFINIBAND_NES=m +# CONFIG_INFINIBAND_NES_DEBUG is not set +CONFIG_INFINIBAND_IPOIB=m +CONFIG_INFINIBAND_IPOIB_CM=y +CONFIG_INFINIBAND_IPOIB_DEBUG=y +# CONFIG_INFINIBAND_IPOIB_DEBUG_DATA is not set +CONFIG_INFINIBAND_SRP=m +CONFIG_INFINIBAND_ISER=m +CONFIG_EDAC=y + +# +# Reporting subsystems +# +# CONFIG_EDAC_DEBUG is not set +CONFIG_EDAC_DECODE_MCE=y +# CONFIG_EDAC_MCE_INJ is not set +# CONFIG_EDAC_MM_EDAC is not set +CONFIG_RTC_LIB=m +CONFIG_RTC_CLASS=m + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set +CONFIG_RTC_DRV_TEST=m + +# +# I2C RTC drivers +# +CONFIG_RTC_DRV_DS1307=m +CONFIG_RTC_DRV_DS1374=m +CONFIG_RTC_DRV_DS1672=m +CONFIG_RTC_DRV_DS3232=m +CONFIG_RTC_DRV_MAX6900=m +CONFIG_RTC_DRV_RS5C372=m +CONFIG_RTC_DRV_ISL1208=m +CONFIG_RTC_DRV_ISL12022=m +CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8563=m +CONFIG_RTC_DRV_PCF8583=m +CONFIG_RTC_DRV_M41T80=m +# CONFIG_RTC_DRV_M41T80_WDT is not set +CONFIG_RTC_DRV_BQ32K=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_FM3130=m +CONFIG_RTC_DRV_RX8581=m +CONFIG_RTC_DRV_RX8025=m + +# +# SPI RTC drivers +# + +# +# Platform RTC drivers +# +CONFIG_RTC_DRV_CMOS=m +CONFIG_RTC_DRV_DS1286=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_RTC_DRV_DS1553=m +CONFIG_RTC_DRV_DS1742=m +CONFIG_RTC_DRV_STK17TA8=m +CONFIG_RTC_DRV_M48T86=m +CONFIG_RTC_DRV_M48T35=m +CONFIG_RTC_DRV_M48T59=m +CONFIG_RTC_DRV_MSM6242=m +CONFIG_RTC_DRV_BQ4802=m +CONFIG_RTC_DRV_RP5C01=m +CONFIG_RTC_DRV_V3020=m + +# +# on-CPU RTC drivers +# +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +CONFIG_INTEL_MID_DMAC=m +# CONFIG_INTEL_IOATDMA is not set +CONFIG_TIMB_DMA=m +CONFIG_PCH_DMA=m +CONFIG_DMA_ENGINE=y + +# +# DMA Clients +# +# CONFIG_NET_DMA is not set +# CONFIG_ASYNC_TX_DMA is not set +CONFIG_DMATEST=m +# CONFIG_AUXDISPLAY is not set +CONFIG_UIO=m +CONFIG_UIO_CIF=m +CONFIG_UIO_PDRV=m +CONFIG_UIO_PDRV_GENIRQ=m +CONFIG_UIO_AEC=m +CONFIG_UIO_SERCOS3=m +CONFIG_UIO_PCI_GENERIC=m +CONFIG_UIO_NETX=m +CONFIG_STAGING=y +# CONFIG_STAGING_EXCLUDE_BUILD is not set +# CONFIG_ET131X is not set +# CONFIG_SLICOSS is not set +# CONFIG_ECHO is not set +# CONFIG_COMEDI is not set +# CONFIG_POHMELFS is not set +# CONFIG_AUTOFS_FS is not set +# CONFIG_IDE_PHISON is not set +# CONFIG_HYPERV is not set +# CONFIG_VME_BUS is not set +# CONFIG_IIO is not set +CONFIG_ZRAM=m +# CONFIG_BATMAN_ADV is not set +# CONFIG_FB_SM7XX is not set +# CONFIG_CRYSTALHD is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_FB_XGI is not set +CONFIG_SMB_FS=m +# CONFIG_SMB_NLS_DEFAULT is not set +# CONFIG_ACPI_QUICKSTART is not set +CONFIG_MACH_NO_WESTBRIDGE=y +# CONFIG_FT1000 is not set + +# +# Speakup console speech +# +CONFIG_SPEAKUP=m +CONFIG_SPEAKUP_SYNTH_ACNTSA=m +CONFIG_SPEAKUP_SYNTH_ACNTPC=m +CONFIG_SPEAKUP_SYNTH_APOLLO=m +CONFIG_SPEAKUP_SYNTH_AUDPTR=m +# CONFIG_SPEAKUP_SYNTH_BNS is not set +# CONFIG_SPEAKUP_SYNTH_DECTLK is not set +# CONFIG_SPEAKUP_SYNTH_DECEXT is not set +# CONFIG_SPEAKUP_SYNTH_DECPC is not set +# CONFIG_SPEAKUP_SYNTH_DTLK is not set +# CONFIG_SPEAKUP_SYNTH_KEYPC is not set +# CONFIG_SPEAKUP_SYNTH_LTLK is not set +# CONFIG_SPEAKUP_SYNTH_SOFT is not set +# CONFIG_SPEAKUP_SYNTH_SPKOUT is not set +# CONFIG_SPEAKUP_SYNTH_TXPRT is not set +# CONFIG_SPEAKUP_SYNTH_DUMMY is not set +CONFIG_X86_PLATFORM_DEVICES=y +# CONFIG_ACERHDF is not set +# CONFIG_ASUS_LAPTOP is not set +# CONFIG_SONY_LAPTOP is not set +# CONFIG_IDEAPAD_LAPTOP is not set +# CONFIG_THINKPAD_ACPI is not set +CONFIG_SENSORS_HDAPS=m +# CONFIG_INTEL_MENLOW is not set +# CONFIG_ACPI_WMI is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_TOPSTAR_LAPTOP is not set +# CONFIG_TOSHIBA_BT_RFKILL is not set +# CONFIG_ACPI_CMPC is not set +# CONFIG_INTEL_IPS is not set +# CONFIG_IBM_RTL is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +CONFIG_FIRMWARE_MEMMAP=y +CONFIG_EFI_VARS=y +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_DMIID=y +# CONFIG_ISCSI_IBFT_FIND is not set + +# +# File systems +# +CONFIG_EXT2_FS=m +CONFIG_EXT2_FS_XATTR=y +CONFIG_EXT2_FS_POSIX_ACL=y +CONFIG_EXT2_FS_SECURITY=y +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set +CONFIG_EXT3_FS_XATTR=y +CONFIG_EXT3_FS_POSIX_ACL=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_FS_XATTR=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD=y +CONFIG_JBD_DEBUG=y +CONFIG_JBD2=y +CONFIG_JBD2_DEBUG=y +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +CONFIG_JFS_STATISTICS=y +CONFIG_FS_POSIX_ACL=y +CONFIG_XFS_FS=m +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +CONFIG_XFS_RT=y +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +CONFIG_OCFS2_FS_STATS=y +CONFIG_OCFS2_DEBUG_MASKLOG=y +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +CONFIG_NILFS2_FS=m +CONFIG_EXPORTFS=m +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +# CONFIG_FANOTIFY is not set +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_PRINT_QUOTA_WARNING is not set +CONFIG_QUOTA_DEBUG=y +CONFIG_QUOTA_TREE=y +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=y +CONFIG_QUOTACTL=y +CONFIG_QUOTACTL_COMPAT=y +CONFIG_AUTOFS4_FS=m +CONFIG_FUSE_FS=y +CONFIG_CUSE=m +CONFIG_GENERIC_ACL=y + +# +# Caches +# +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +CONFIG_FSCACHE_HISTOGRAM=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_FSCACHE_OBJECT_LIST=y +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_HISTOGRAM is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +# CONFIG_NTFS_DEBUG is not set +CONFIG_NTFS_RW=y + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_VMCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_CONFIGFS_FS=m +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ADFS_FS=m +# CONFIG_ADFS_FS_RW is not set +# CONFIG_AFFS_FS is not set +CONFIG_ECRYPT_FS=m +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_LOGFS is not set +CONFIG_CRAMFS=m +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_XATTR=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_EMBEDDED=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +CONFIG_ROMFS_ON_BLOCK=y +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EXOFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=y +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +# CONFIG_NFS_V4_1 is not set +CONFIG_ROOT_NFS=y +# CONFIG_NFS_USE_LEGACY_DNS is not set +CONFIG_NFS_USE_KERNEL_DNS=y +# CONFIG_NFS_USE_NEW_IDMAPPER is not set +CONFIG_NFSD=m +CONFIG_NFSD_DEPRECATED=y +CONFIG_NFSD_V2_ACL=y +CONFIG_NFSD_V3=y +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +CONFIG_LOCKD=y +CONFIG_LOCKD_V4=y +CONFIG_NFS_ACL_SUPPORT=y +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=y +CONFIG_SUNRPC_GSS=y +CONFIG_SUNRPC_XPRT_RDMA=m +CONFIG_RPCSEC_GSS_KRB5=y +# CONFIG_CEPH_FS is not set +CONFIG_CIFS=m +CONFIG_CIFS_STATS=y +CONFIG_CIFS_STATS2=y +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_UPCALL is not set +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +# CONFIG_CIFS_DEBUG2 is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_FSCACHE is not set +CONFIG_CIFS_ACL=y +# CONFIG_CIFS_EXPERIMENTAL is not set +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +CONFIG_AFS_FS=m +# CONFIG_AFS_DEBUG is not set +# CONFIG_AFS_FSCACHE is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +# CONFIG_LDM_PARTITION is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=m +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +# CONFIG_DLM_DEBUG is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_PRINTK_TIME=y +# CONFIG_ENABLE_WARN_DEPRECATED is not set +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=2048 +CONFIG_MAGIC_SYSRQ=y +# CONFIG_STRIP_ASM_SYMS is not set +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_DEBUG_FS=y +# CONFIG_HEADERS_CHECK is not set +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_SHIRQ is not set +# CONFIG_LOCKUP_DETECTOR is not set +# CONFIG_HARDLOCKUP_DETECTOR is not set +# CONFIG_DETECT_HUNG_TASK is not set +# CONFIG_SCHED_DEBUG is not set +CONFIG_SCHEDSTATS=y +CONFIG_TIMER_STATS=y +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_RT_MUTEX_TESTER is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +CONFIG_BKL=y +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_SPARSE_RCU_POINTER is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_SPINLOCK_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +CONFIG_STACKTRACE=y +# CONFIG_DEBUG_KOBJECT is not set +CONFIG_DEBUG_BUGVERBOSE=y +# CONFIG_DEBUG_INFO is not set +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_WRITECOUNT is not set +CONFIG_DEBUG_MEMORY_INIT=y +# CONFIG_DEBUG_LIST is not set +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_RCU_TORTURE_TEST is not set +# CONFIG_RCU_CPU_STALL_DETECTOR is not set +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# CONFIG_LKDTM is not set +CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_FAULT_INJECTION is not set +# CONFIG_LATENCYTOP is not set +CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_DEBUG_PAGEALLOC is not set +CONFIG_USER_STACKTRACE_SUPPORT=y +CONFIG_NOP_TRACER=y +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y +CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_RING_BUFFER=y +CONFIG_EVENT_TRACING=y +CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACING=y +CONFIG_GENERIC_TRACER=y +CONFIG_TRACING_SUPPORT=y +CONFIG_FTRACE=y +# CONFIG_FUNCTION_TRACER is not set +# CONFIG_IRQSOFF_TRACER is not set +# CONFIG_SCHED_TRACER is not set +# CONFIG_FTRACE_SYSCALLS is not set +CONFIG_BRANCH_PROFILE_NONE=y +# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set +# CONFIG_PROFILE_ALL_BRANCHES is not set +# CONFIG_STACK_TRACER is not set +CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENT=y +# CONFIG_FTRACE_STARTUP_TEST is not set +# CONFIG_MMIOTRACE is not set +# CONFIG_RING_BUFFER_BENCHMARK is not set +CONFIG_PROVIDE_OHCI1394_DMA_INIT=y +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_ATOMIC64_SELFTEST is not set +CONFIG_ASYNC_RAID6_TEST=m +# CONFIG_SAMPLES is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_HAVE_ARCH_KMEMCHECK=y +# CONFIG_STRICT_DEVMEM is not set +CONFIG_X86_VERBOSE_BOOTUP=y +CONFIG_EARLY_PRINTK=y +CONFIG_EARLY_PRINTK_DBGP=y +CONFIG_DEBUG_STACKOVERFLOW=y +CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_PER_CPU_MAPS is not set +# CONFIG_X86_PTDUMP is not set +CONFIG_DEBUG_RODATA=y +# CONFIG_DEBUG_RODATA_TEST is not set +CONFIG_DEBUG_NX_TEST=m +# CONFIG_IOMMU_DEBUG is not set +# CONFIG_IOMMU_STRESS is not set +CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set +CONFIG_IO_DELAY_TYPE_0X80=0 +CONFIG_IO_DELAY_TYPE_0XED=1 +CONFIG_IO_DELAY_TYPE_UDELAY=2 +CONFIG_IO_DELAY_TYPE_NONE=3 +CONFIG_IO_DELAY_0X80=y +# CONFIG_IO_DELAY_0XED is not set +# CONFIG_IO_DELAY_UDELAY is not set +# CONFIG_IO_DELAY_NONE is not set +CONFIG_DEFAULT_IO_DELAY_TYPE=0 +CONFIG_DEBUG_BOOT_PARAMS=y +# CONFIG_CPA_DEBUG is not set +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set + +# +# Security options +# +CONFIG_KEYS=y +CONFIG_KEYS_DEBUG_PROC_KEYS=y +# CONFIG_SECURITY_DMESG_RESTRICT is not set +CONFIG_SECURITY=y +# CONFIG_SECURITYFS is not set +CONFIG_SECURITY_NETWORK=y +CONFIG_SECURITY_NETWORK_XFRM=y +# CONFIG_SECURITY_PATH is not set +# CONFIG_INTEL_TXT is not set +CONFIG_LSM_MMAP_MIN_ADDR=65536 +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_SELINUX_DISABLE=y +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_SECURITY_APPARMOR is not set +# CONFIG_IMA is not set +CONFIG_DEFAULT_SECURITY_SELINUX=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="selinux" +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=m +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_PCOMP=m +CONFIG_CRYPTO_PCOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_NULL=m +# CONFIG_CRYPTO_PCRYPT is not set +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_CRYPTD=m +CONFIG_CRYPTO_AUTHENC=y +CONFIG_CRYPTO_TEST=m + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_CTS=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=m +CONFIG_CRYPTO_FPU=m + +# +# Hash modes +# +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_VMAC=m + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=m +CONFIG_CRYPTO_CRC32C_INTEL=m +CONFIG_CRYPTO_GHASH=m +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_MICHAEL_MIC=m +CONFIG_CRYPTO_RMD128=m +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_RMD256=m +CONFIG_CRYPTO_RMD320=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=m +CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_TGR192=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_X86_64=m +CONFIG_CRYPTO_AES_NI_INTEL=m +CONFIG_CRYPTO_ANUBIS=m +CONFIG_CRYPTO_ARC4=y +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=y +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SALSA20=m +CONFIG_CRYPTO_SALSA20_X86_64=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +CONFIG_CRYPTO_TWOFISH_X86_64=m + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m + +# +# Random Number Generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_PADLOCK is not set +# CONFIG_CRYPTO_DEV_HIFN_795X is not set +CONFIG_HAVE_KVM=y +# CONFIG_VIRTUALIZATION is not set +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_RAID6_PQ=m +CONFIG_BITREVERSE=y +CONFIG_GENERIC_FIND_FIRST_BIT=y +CONFIG_GENERIC_FIND_NEXT_BIT=y +CONFIG_GENERIC_FIND_LAST_BIT=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC7=m +CONFIG_LIBCRC32C=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=m +CONFIG_LZO_COMPRESS=m +CONFIG_LZO_DECOMPRESS=y +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_GENERIC_ALLOCATOR=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_DMA=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m diff --git a/kernel-config/config-2.6.37-gentoo-r4-00 b/kernel-config/config-2.6.37-gentoo-r4-00 new file mode 100644 index 0000000..b5681e3 --- /dev/null +++ b/kernel-config/config-2.6.37-gentoo-r4-00 @@ -0,0 +1,2694 @@ +# +# Automatically generated make config: don't edit +# Linux/x86_64 2.6.37-gentoo-r4 Kernel Configuration +# Tue Jun 7 23:08:12 2011 +# +CONFIG_64BIT=y +# CONFIG_X86_32 is not set +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_INSTRUCTION_DECODER=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_GENERIC_CMOS_UPDATE=y +CONFIG_CLOCKSOURCE_WATCHDOG=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_MMU=y +CONFIG_ZONE_DMA=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_IOMAP=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +# CONFIG_RWSEM_GENERIC_SPINLOCK is not set +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_ARCH_HAS_CPU_IDLE_WAIT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_DEFAULT_IDLE=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_HAVE_CPUMASK_OF_CPU_MAP=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ZONE_DMA32=y +CONFIG_ARCH_POPULATES_NODE_MAP=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_USE_GENERIC_SMP_HELPERS=y +CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y +CONFIG_X86_TRAMPOLINE=y +CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" +# CONFIG_KTIME_SCALAR is not set +CONFIG_ARCH_CPU_PROBE_RELEASE=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_CONSTRUCTORS=y +CONFIG_HAVE_IRQ_WORK=y +CONFIG_IRQ_WORK=y + +# +# General setup +# +CONFIG_EXPERIMENTAL=y +CONFIG_LOCK_KERNEL=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" +CONFIG_LOCALVERSION="" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_BZIP2=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_BZIP2 is not set +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_LZO is not set +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_WATCH=y +CONFIG_AUDIT_TREE=y +CONFIG_HAVE_GENERIC_HARDIRQS=y + +# +# IRQ subsystem +# +CONFIG_GENERIC_HARDIRQS=y +CONFIG_GENERIC_HARDIRQS_NO__DO_IRQ=y +# CONFIG_GENERIC_HARDIRQS_NO_DEPRECATED is not set +CONFIG_HAVE_SPARSE_IRQ=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_PENDING_IRQ=y +# CONFIG_AUTO_IRQ_AFFINITY is not set +# CONFIG_IRQ_PER_CPU is not set +# CONFIG_HARDIRQS_SW_RESEND is not set +CONFIG_SPARSE_IRQ=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +# CONFIG_PREEMPT_RCU is not set +# CONFIG_RCU_TRACE is not set +CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_FANOUT_EXACT is not set +# CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=18 +CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y +CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_NS=y +CONFIG_CGROUP_FREEZER=y +# CONFIG_CGROUP_DEVICE is not set +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_RESOURCE_COUNTERS=y +# CONFIG_CGROUP_MEM_RES_CTLR is not set +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +# CONFIG_RT_GROUP_SCHED is not set +CONFIG_BLK_CGROUP=m +# CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +# CONFIG_SYSFS_DEPRECATED is not set +CONFIG_RELAY=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_LZO=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +# CONFIG_EMBEDDED is not set +CONFIG_UID16=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_EXTRA_PASS=y +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_PCSPKR_PLATFORM=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +CONFIG_HAVE_PERF_EVENTS=y + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_PERF_COUNTERS is not set +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_PCI_QUIRKS=y +CONFIG_SLUB_DEBUG=y +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB is not set +CONFIG_SLUB=y +CONFIG_PROFILING=y +CONFIG_TRACEPOINTS=y +# CONFIG_OPROFILE is not set +CONFIG_HAVE_OPROFILE=y +CONFIG_KPROBES=y +# CONFIG_JUMP_LABEL is not set +CONFIG_OPTPROBES=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y +CONFIG_HAVE_USER_RETURN_NOTIFIER=y +CONFIG_HAVE_PERF_EVENTS_NMI=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set +CONFIG_SLABINFO=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_FORCE_LOAD=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_STOP_MACHINE=y +CONFIG_BLOCK=y +CONFIG_BLK_DEV_BSG=y +# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLOCK_COMPAT=y + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=y +CONFIG_IOSCHED_CFQ=m +# CONFIG_CFQ_GROUP_IOSCHED is not set +CONFIG_DEFAULT_DEADLINE=y +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="deadline" +# CONFIG_INLINE_SPIN_TRYLOCK is not set +# CONFIG_INLINE_SPIN_TRYLOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK is not set +# CONFIG_INLINE_SPIN_LOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK_IRQ is not set +# CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set +CONFIG_INLINE_SPIN_UNLOCK=y +# CONFIG_INLINE_SPIN_UNLOCK_BH is not set +CONFIG_INLINE_SPIN_UNLOCK_IRQ=y +# CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_READ_TRYLOCK is not set +# CONFIG_INLINE_READ_LOCK is not set +# CONFIG_INLINE_READ_LOCK_BH is not set +# CONFIG_INLINE_READ_LOCK_IRQ is not set +# CONFIG_INLINE_READ_LOCK_IRQSAVE is not set +CONFIG_INLINE_READ_UNLOCK=y +# CONFIG_INLINE_READ_UNLOCK_BH is not set +CONFIG_INLINE_READ_UNLOCK_IRQ=y +# CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_WRITE_TRYLOCK is not set +# CONFIG_INLINE_WRITE_LOCK is not set +# CONFIG_INLINE_WRITE_LOCK_BH is not set +# CONFIG_INLINE_WRITE_LOCK_IRQ is not set +# CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set +CONFIG_INLINE_WRITE_UNLOCK=y +# CONFIG_INLINE_WRITE_UNLOCK_BH is not set +CONFIG_INLINE_WRITE_UNLOCK_IRQ=y +# CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_FREEZER=y + +# +# Processor type and features +# +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_GENERIC_CLOCKEVENTS_BUILD=y +CONFIG_SMP=y +CONFIG_X86_MPPARSE=y +CONFIG_X86_EXTENDED_PLATFORM=y +# CONFIG_X86_VSMP is not set +CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y +CONFIG_SCHED_OMIT_FRAME_POINTER=y +# CONFIG_PARAVIRT_GUEST is not set +CONFIG_NO_BOOTMEM=y +# CONFIG_MEMTEST is not set +CONFIG_MK8=y +# CONFIG_MPSC is not set +# CONFIG_MCORE2 is not set +# CONFIG_MATOM is not set +# CONFIG_GENERIC_CPU is not set +CONFIG_X86_CPU=y +CONFIG_X86_INTERNODE_CACHE_SHIFT=7 +CONFIG_X86_CMPXCHG=y +CONFIG_X86_L1_CACHE_SHIFT=6 +CONFIG_X86_XADD=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INTEL_USERCOPY=y +CONFIG_X86_USE_PPRO_CHECKSUM=y +CONFIG_X86_TSC=y +CONFIG_X86_CMPXCHG64=y +CONFIG_X86_CMOV=y +CONFIG_X86_MINIMUM_CPU_FAMILY=64 +CONFIG_X86_DEBUGCTLMSR=y +CONFIG_CPU_SUP_INTEL=y +CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_CENTAUR=y +CONFIG_HPET_TIMER=y +CONFIG_HPET_EMULATE_RTC=y +CONFIG_DMI=y +CONFIG_GART_IOMMU=y +CONFIG_CALGARY_IOMMU=y +CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y +CONFIG_AMD_IOMMU=y +CONFIG_AMD_IOMMU_STATS=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +CONFIG_IOMMU_API=y +# CONFIG_MAXSMP is not set +CONFIG_NR_CPUS=64 +CONFIG_SCHED_SMT=y +CONFIG_SCHED_MC=y +CONFIG_IRQ_TIME_ACCOUNTING=y +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_X86_LOCAL_APIC=y +CONFIG_X86_IO_APIC=y +CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y +CONFIG_X86_MCE=y +CONFIG_X86_MCE_INTEL=y +CONFIG_X86_MCE_AMD=y +CONFIG_X86_MCE_THRESHOLD=y +# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_I8K is not set +CONFIG_MICROCODE=y +CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_AMD=y +CONFIG_MICROCODE_OLD_INTERFACE=y +CONFIG_X86_MSR=y +CONFIG_X86_CPUID=y +CONFIG_ARCH_PHYS_ADDR_T_64BIT=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DIRECT_GBPAGES=y +CONFIG_NUMA=y +CONFIG_K8_NUMA=y +CONFIG_X86_64_ACPI_NUMA=y +CONFIG_NODES_SPAN_OTHER_NODES=y +# CONFIG_NUMA_EMU is not set +CONFIG_NODES_SHIFT=6 +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_ARCH_SPARSEMEM_DEFAULT=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_SPARSEMEM_MANUAL=y +CONFIG_SPARSEMEM=y +CONFIG_NEED_MULTIPLE_NODES=y +CONFIG_HAVE_MEMORY_PRESENT=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y +CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_HAVE_MEMBLOCK=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_PAGEFLAGS_EXTENDED=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +# CONFIG_COMPACTION is not set +CONFIG_MIGRATION=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_ZONE_DMA_FLAG=1 +CONFIG_BOUNCE=y +CONFIG_VIRT_TO_BUS=y +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +CONFIG_X86_CHECK_BIOS_CORRUPTION=y +CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +CONFIG_X86_RESERVE_LOW=64 +CONFIG_MTRR=y +# CONFIG_MTRR_SANITIZER is not set +CONFIG_X86_PAT=y +CONFIG_ARCH_USES_PG_UNCACHED=y +CONFIG_EFI=y +CONFIG_SECCOMP=y +# CONFIG_CC_STACKPROTECTOR is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_KEXEC=y +CONFIG_CRASH_DUMP=y +CONFIG_PHYSICAL_START=0x1000000 +CONFIG_RELOCATABLE=y +CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_HOTPLUG_CPU=y +# CONFIG_COMPAT_VDSO is not set +# CONFIG_CMDLINE_BOOL is not set +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_HAVE_ARCH_EARLY_PFN_TO_NID=y +CONFIG_USE_PERCPU_NUMA_NODE_ID=y + +# +# Power management and ACPI options +# +CONFIG_PM=y +CONFIG_PM_DEBUG=y +CONFIG_PM_ADVANCED_DEBUG=y +# CONFIG_PM_VERBOSE is not set +CONFIG_CAN_PM_TRACE=y +CONFIG_PM_TRACE=y +CONFIG_PM_TRACE_RTC=y +CONFIG_PM_SLEEP_SMP=y +CONFIG_PM_SLEEP=y +# CONFIG_PM_SLEEP_ADVANCED_DEBUG is not set +CONFIG_SUSPEND_NVS=y +CONFIG_SUSPEND=y +CONFIG_SUSPEND_FREEZER=y +# CONFIG_HIBERNATION is not set +# CONFIG_PM_RUNTIME is not set +CONFIG_PM_OPS=y +CONFIG_ACPI=y +CONFIG_ACPI_SLEEP=y +CONFIG_ACPI_PROCFS=y +CONFIG_ACPI_PROCFS_POWER=y +CONFIG_ACPI_POWER_METER=m +CONFIG_ACPI_EC_DEBUGFS=m +CONFIG_ACPI_PROC_EVENT=y +CONFIG_ACPI_AC=y +CONFIG_ACPI_BATTERY=y +CONFIG_ACPI_BUTTON=y +CONFIG_ACPI_VIDEO=m +CONFIG_ACPI_FAN=y +CONFIG_ACPI_DOCK=y +CONFIG_ACPI_PROCESSOR=y +CONFIG_ACPI_HOTPLUG_CPU=y +CONFIG_ACPI_PROCESSOR_AGGREGATOR=m +CONFIG_ACPI_THERMAL=y +CONFIG_ACPI_NUMA=y +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_PCI_SLOT=m +CONFIG_X86_PM_TIMER=y +CONFIG_ACPI_CONTAINER=y +# CONFIG_ACPI_SBS is not set +CONFIG_ACPI_HED=m +CONFIG_ACPI_APEI=y +CONFIG_ACPI_APEI_GHES=m +CONFIG_ACPI_APEI_EINJ=m +CONFIG_ACPI_APEI_ERST_DEBUG=m +# CONFIG_SFI is not set + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=y +CONFIG_CPU_FREQ_DEBUG=y +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_STAT_DETAILS=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=y +# CONFIG_CPU_FREQ_GOV_POWERSAVE is not set +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=y +# CONFIG_CPU_FREQ_GOV_CONSERVATIVE is not set + +# +# CPUFreq processor drivers +# +# CONFIG_X86_PCC_CPUFREQ is not set +CONFIG_X86_ACPI_CPUFREQ=y +CONFIG_X86_POWERNOW_K8=m +# CONFIG_X86_SPEEDSTEP_CENTRINO is not set +# CONFIG_X86_P4_CLOCKMOD is not set + +# +# shared options +# +# CONFIG_X86_SPEEDSTEP_LIB is not set +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +# CONFIG_INTEL_IDLE is not set + +# +# Memory power savings +# +# CONFIG_I7300_IDLE is not set + +# +# Bus options (PCI etc.) +# +CONFIG_PCI=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCI_DOMAINS=y +# CONFIG_PCI_CNB20LE_QUIRK is not set +CONFIG_DMAR=y +# CONFIG_DMAR_DEFAULT_ON is not set +CONFIG_DMAR_FLOPPY_WA=y +# CONFIG_INTR_REMAP is not set +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEAER_INJECT is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_ARCH_SUPPORTS_MSI=y +CONFIG_PCI_MSI=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_HT_IRQ=y +# CONFIG_PCI_IOV is not set +CONFIG_PCI_IOAPIC=y +CONFIG_ISA_DMA_API=y +CONFIG_AMD_NB=y +# CONFIG_PCCARD is not set +# CONFIG_HOTPLUG_PCI is not set + +# +# Executable file formats / Emulations +# +CONFIG_BINFMT_ELF=y +CONFIG_COMPAT_BINFMT_ELF=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +# CONFIG_HAVE_AOUT is not set +CONFIG_BINFMT_MISC=y +CONFIG_IA32_EMULATION=y +CONFIG_IA32_AOUT=m +CONFIG_COMPAT=y +CONFIG_COMPAT_FOR_U64_ALIGNMENT=y +CONFIG_SYSVIPC_COMPAT=y +CONFIG_HAVE_TEXT_POKE_SMP=y +CONFIG_NET=y +CONFIG_COMPAT_NETLINK_MESSAGES=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_SUB_POLICY is not set +CONFIG_XFRM_MIGRATE=y +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_ASK_IP_FIB_HASH=y +# CONFIG_IP_FIB_TRIE is not set +CONFIG_IP_FIB_HASH=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +CONFIG_IP_PNP_RARP=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE=y +CONFIG_IP_MROUTE_MULTIPLE_TABLES=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_ARPD=y +CONFIG_SYN_COOKIES=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_LRO=y +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +# CONFIG_TCP_CONG_BIC is not set +CONFIG_TCP_CONG_CUBIC=y +# CONFIG_TCP_CONG_WESTWOOD is not set +# CONFIG_TCP_CONG_HTCP is not set +# CONFIG_TCP_CONG_HSTCP is not set +# CONFIG_TCP_CONG_HYBLA is not set +# CONFIG_TCP_CONG_VEGAS is not set +# CONFIG_TCP_CONG_SCALABLE is not set +# CONFIG_TCP_CONG_LP is not set +# CONFIG_TCP_CONG_VENO is not set +# CONFIG_TCP_CONG_YEAH is not set +# CONFIG_TCP_CONG_ILLINOIS is not set +CONFIG_DEFAULT_CUBIC=y +# CONFIG_DEFAULT_RENO is not set +CONFIG_DEFAULT_TCP_CONG="cubic" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_PRIVACY=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_SIT=m +# CONFIG_IPV6_SIT_6RD is not set +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETLABEL=y +CONFIG_NETWORK_SECMARK=y +# CONFIG_NETWORK_PHY_TIMESTAMPING is not set +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=y + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_SECMARK=y +# CONFIG_NF_CONNTRACK_ZONES is not set +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CT_PROTO_DCCP=m +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CT_PROTO_SCTP=m +CONFIG_NF_CT_PROTO_UDPLITE=m +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NETFILTER_TPROXY=m +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=m +CONFIG_NETFILTER_XT_CONNMARK=m + +# +# Xtables targets +# +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +CONFIG_NETFILTER_XT_TARGET_NOTRACK=m +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TRACE=m +CONFIG_NETFILTER_XT_TARGET_SECMARK=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m + +# +# Xtables matches +# +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_IP_NF_QUEUE=m +CONFIG_IP_NF_IPTABLES=y +CONFIG_IP_NF_MATCH_ADDRTYPE=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_LOG=y +CONFIG_IP_NF_TARGET_ULOG=y +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_DCCP=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PROTO_UDPLITE=m +CONFIG_NF_NAT_PROTO_SCTP=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_NF_NAT_SIP=m +CONFIG_IP_NF_MANGLE=y +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_IP6_NF_QUEUE=m +CONFIG_IP6_NF_IPTABLES=y +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_TARGET_LOG=y +CONFIG_IP6_NF_FILTER=y +CONFIG_IP6_NF_TARGET_REJECT=y +CONFIG_IP6_NF_MANGLE=y +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_ULOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_TFRC_LIB=y + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# CONFIG_NET_DCCPPROBE is not set +CONFIG_IP_SCTP=m +CONFIG_NET_SCTPPROBE=m +# CONFIG_SCTP_DBG_MSG is not set +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_HMAC_NONE is not set +# CONFIG_SCTP_HMAC_SHA1 is not set +CONFIG_SCTP_HMAC_MD5=y +CONFIG_RDS=m +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +# CONFIG_TIPC_ADVANCED is not set +# CONFIG_TIPC_DEBUG is not set +# CONFIG_ATM is not set +CONFIG_L2TP=m +CONFIG_L2TP_DEBUGFS=m +# CONFIG_L2TP_V3 is not set +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=m +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_IPX=m +# CONFIG_IPX_INTERN is not set +CONFIG_ATALK=m +# CONFIG_DEV_APPLETALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set +# CONFIG_PHONET is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_INGRESS=m + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_ROUTE=y +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_RSVP6=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +# CONFIG_GACT_PROB is not set +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +CONFIG_NET_ACT_CSUM=m +# CONFIG_NET_CLS_IND is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set +CONFIG_DNS_RESOLVER=y +CONFIG_RPS=y + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +CONFIG_NET_TCPPROBE=m +# CONFIG_NET_DROP_MONITOR is not set +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +CONFIG_AF_RXRPC=m +# CONFIG_AF_RXRPC_DEBUG is not set +# CONFIG_RXKAD is not set +CONFIG_FIB_RULES=y +CONFIG_WIRELESS=y +CONFIG_WEXT_CORE=y +CONFIG_WEXT_PROC=y +CONFIG_CFG80211=y +# CONFIG_NL80211_TESTMODE is not set +# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set +# CONFIG_CFG80211_REG_DEBUG is not set +CONFIG_CFG80211_DEFAULT_PS=y +# CONFIG_CFG80211_DEBUGFS is not set +# CONFIG_CFG80211_INTERNAL_REGDB is not set +CONFIG_CFG80211_WEXT=y +CONFIG_WIRELESS_EXT_SYSFS=y +# CONFIG_LIB80211 is not set +CONFIG_MAC80211=y +CONFIG_MAC80211_HAS_RC=y +CONFIG_MAC80211_RC_MINSTREL=y +CONFIG_MAC80211_RC_MINSTREL_HT=y +CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT="minstrel_ht" +# CONFIG_MAC80211_MESH is not set +CONFIG_MAC80211_LEDS=y +# CONFIG_MAC80211_DEBUGFS is not set +# CONFIG_MAC80211_DEBUG_MENU is not set +# CONFIG_WIMAX is not set +CONFIG_RFKILL=y +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +# CONFIG_NET_9P is not set +# CONFIG_CAIF is not set +CONFIG_CEPH_LIB=m +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" +# CONFIG_DEVTMPFS is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y +CONFIG_FW_LOADER=y +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_SYS_HYPERVISOR is not set +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y +# CONFIG_MTD is not set +# CONFIG_PARPORT is not set +CONFIG_PNP=y +CONFIG_PNP_DEBUG_MESSAGES=y + +# +# Protocols +# +CONFIG_PNPACPI=y +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_FD is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=y +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +# CONFIG_BLK_DEV_OSD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_BLK_DEV_XIP is not set +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +# CONFIG_BLK_DEV_HD is not set +CONFIG_BLK_DEV_RBD=m +CONFIG_MISC_DEVICES=y +# CONFIG_AD525X_DPOT is not set +# CONFIG_IBM_ASM is not set +# CONFIG_PHANTOM is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_CS5535_MFGPT is not set +# CONFIG_HP_ILO is not set +# CONFIG_APDS9802ALS is not set +# CONFIG_ISL29003 is not set +# CONFIG_ISL29020 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1780 is not set +# CONFIG_SENSORS_BH1770 is not set +# CONFIG_SENSORS_APDS990X is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_VMWARE_BALLOON is not set +# CONFIG_BMP085 is not set +# CONFIG_PCH_PHUB is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +# CONFIG_EEPROM_AT24 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_CB710_CORE is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_TI_ST is not set +CONFIG_HAVE_IDE=y +# CONFIG_IDE is not set + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=m +CONFIG_BLK_DEV_SR_VENDOR=y +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_MULTI_LUN is not set +CONFIG_SCSI_CONSTANTS=y +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set +CONFIG_SCSI_WAIT_SCAN=m + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=y +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +# CONFIG_SCSI_SAS_ATA is not set +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SAS_LIBSAS_DEBUG=y +CONFIG_SCSI_SRP_ATTRS=m +# CONFIG_SCSI_LOWLEVEL is not set +CONFIG_SCSI_DH=m +# CONFIG_SCSI_DH_RDAC is not set +# CONFIG_SCSI_DH_HP_SW is not set +# CONFIG_SCSI_DH_EMC is not set +# CONFIG_SCSI_DH_ALUA is not set +CONFIG_SCSI_OSD_INITIATOR=m +CONFIG_SCSI_OSD_ULD=m +CONFIG_SCSI_OSD_DPRINT_SENSE=1 +# CONFIG_SCSI_OSD_DEBUG is not set +CONFIG_ATA=y +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_ATA_VERBOSE_ERROR=y +CONFIG_ATA_ACPI=y +CONFIG_SATA_PMP=y + +# +# Controllers with non-SFF native interface +# +CONFIG_SATA_AHCI=y +# CONFIG_SATA_AHCI_PLATFORM is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y + +# +# SFF controllers with custom DMA interface +# +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_SX4 is not set +CONFIG_ATA_BMDMA=y + +# +# SATA SFF controllers with BMDMA +# +CONFIG_ATA_PIIX=y +# CONFIG_SATA_MV is not set +# CONFIG_SATA_NV is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_SVW is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set + +# +# PATA SFF controllers with BMDMA +# +# CONFIG_PATA_ALI is not set +CONFIG_PATA_AMD=y +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CS5520 is not set +# CONFIG_PATA_CS5530 is not set +# CONFIG_PATA_CS5536 is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87415 is not set +CONFIG_PATA_OLDPIIX=y +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_SC1200 is not set +CONFIG_PATA_SCH=y +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set + +# +# PIO-only SFF controllers +# +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_MPIIX is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_RZ1000 is not set + +# +# Generic fallback / legacy drivers +# +# CONFIG_PATA_ACPI is not set +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_LEGACY is not set +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=y +CONFIG_MD_RAID10=y +CONFIG_MD_RAID456=m +CONFIG_MULTICORE_RAID456=y +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_MIRROR=y +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m +# CONFIG_DM_UEVENT is not set +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# +# CONFIG_FIREWIRE is not set +CONFIG_FIREWIRE_NOSY=m +CONFIG_I2O=m +CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y +CONFIG_I2O_EXT_ADAPTEC=y +CONFIG_I2O_EXT_ADAPTEC_DMA64=y +CONFIG_I2O_CONFIG=m +CONFIG_I2O_CONFIG_OLD_IOCTL=y +CONFIG_I2O_BUS=m +CONFIG_I2O_BLOCK=m +# CONFIG_I2O_SCSI is not set +CONFIG_I2O_PROC=m +# CONFIG_MACINTOSH_DRIVERS is not set +CONFIG_NETDEVICES=y +CONFIG_IFB=m +CONFIG_DUMMY=m +CONFIG_BONDING=m +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +# CONFIG_EQUALIZER is not set +CONFIG_TUN=m +CONFIG_VETH=m +# CONFIG_NET_SB1000 is not set +# CONFIG_ARCNET is not set +CONFIG_MII=y +CONFIG_PHYLIB=y + +# +# MII PHY device drivers +# +# CONFIG_MARVELL_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_VITESSE_PHY is not set +CONFIG_SMSC_PHY=m +# CONFIG_BROADCOM_PHY is not set +# CONFIG_BCM63XX_PHY is not set +# CONFIG_ICPLUS_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_FIXED_PHY is not set +# CONFIG_MDIO_BITBANG is not set +CONFIG_NET_ETHERNET=y +CONFIG_HAPPYMEAL=m +CONFIG_SUNGEM=m +CONFIG_CASSINI=m +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=m +CONFIG_TYPHOON=m +CONFIG_ETHOC=m +CONFIG_DNET=m +CONFIG_NET_TULIP=y +CONFIG_DE2104X=m +CONFIG_DE2104X_DSL=0 +CONFIG_TULIP=m +# CONFIG_TULIP_MWI is not set +# CONFIG_TULIP_MMIO is not set +# CONFIG_TULIP_NAPI is not set +CONFIG_DE4X5=m +CONFIG_WINBOND_840=m +CONFIG_DM9102=m +CONFIG_ULI526X=m +# CONFIG_HP100 is not set +# CONFIG_IBM_NEW_EMAC_ZMII is not set +# CONFIG_IBM_NEW_EMAC_RGMII is not set +# CONFIG_IBM_NEW_EMAC_TAH is not set +# CONFIG_IBM_NEW_EMAC_EMAC4 is not set +# CONFIG_IBM_NEW_EMAC_NO_FLOW_CTRL is not set +# CONFIG_IBM_NEW_EMAC_MAL_CLR_ICINTSTAT is not set +# CONFIG_IBM_NEW_EMAC_MAL_COMMON_ERR is not set +CONFIG_NET_PCI=y +CONFIG_PCNET32=m +CONFIG_AMD8111_ETH=m +CONFIG_ADAPTEC_STARFIRE=m +CONFIG_KSZ884X_PCI=m +CONFIG_B44=m +CONFIG_B44_PCI_AUTOSELECT=y +CONFIG_B44_PCICORE_AUTOSELECT=y +CONFIG_B44_PCI=y +CONFIG_FORCEDETH=m +CONFIG_E100=m +CONFIG_FEALNX=m +CONFIG_NATSEMI=m +CONFIG_NE2K_PCI=m +CONFIG_8139CP=m +CONFIG_8139TOO=m +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_R6040=m +CONFIG_SIS900=m +CONFIG_EPIC100=m +CONFIG_SMSC9420=m +CONFIG_SUNDANCE=m +# CONFIG_SUNDANCE_MMIO is not set +CONFIG_TLAN=m +CONFIG_KS8842=m +CONFIG_KS8851_MLL=m +CONFIG_VIA_RHINE=m +# CONFIG_VIA_RHINE_MMIO is not set +CONFIG_SC92031=m +CONFIG_ATL2=m +CONFIG_NETDEV_1000=y +CONFIG_ACENIC=m +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_DL2K=m +CONFIG_E1000=m +CONFIG_E1000E=m +CONFIG_IP1000=m +CONFIG_IGB=m +CONFIG_IGBVF=m +CONFIG_NS83820=m +CONFIG_HAMACHI=m +CONFIG_YELLOWFIN=m +CONFIG_R8169=m +CONFIG_R8169_VLAN=y +CONFIG_SIS190=m +CONFIG_SKGE=m +# CONFIG_SKGE_DEBUG is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +CONFIG_VIA_VELOCITY=m +CONFIG_TIGON3=m +CONFIG_BNX2=m +CONFIG_CNIC=m +CONFIG_QLA3XXX=m +CONFIG_ATL1=m +CONFIG_ATL1E=m +CONFIG_ATL1C=m +CONFIG_JME=m +CONFIG_STMMAC_ETH=m +CONFIG_STMMAC_DA=y +CONFIG_STMMAC_DUAL_MAC=y +CONFIG_PCH_GBE=m +CONFIG_NETDEV_10000=y +CONFIG_MDIO=m +CONFIG_CHELSIO_T1=m +CONFIG_CHELSIO_T1_1G=y +CONFIG_CHELSIO_T3_DEPENDS=y +CONFIG_CHELSIO_T3=m +CONFIG_CHELSIO_T4_DEPENDS=y +CONFIG_CHELSIO_T4=m +CONFIG_CHELSIO_T4VF_DEPENDS=y +CONFIG_CHELSIO_T4VF=m +CONFIG_ENIC=m +CONFIG_IXGBE=m +CONFIG_IXGBEVF=m +CONFIG_IXGB=m +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set +CONFIG_MYRI10GE=m +CONFIG_NETXEN_NIC=m +CONFIG_NIU=m +CONFIG_MLX4_EN=m +CONFIG_MLX4_CORE=m +CONFIG_MLX4_DEBUG=y +CONFIG_TEHUTI=m +CONFIG_BNX2X=m +CONFIG_QLCNIC=m +CONFIG_QLGE=m +CONFIG_BNA=m +CONFIG_SFC=m +CONFIG_BE2NET=m +# CONFIG_TR is not set +# CONFIG_WLAN is not set + +# +# Enable WiMAX (Networking options) to see the WiMAX drivers +# +# CONFIG_WAN is not set + +# +# CAIF transport drivers +# +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_NET_FC is not set +CONFIG_NETCONSOLE=y +# CONFIG_NETCONSOLE_DYNAMIC is not set +CONFIG_NETPOLL=y +# CONFIG_NETPOLL_TRAP is not set +CONFIG_NET_POLL_CONTROLLER=y +# CONFIG_VMXNET3 is not set +# CONFIG_ISDN is not set +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_FF_MEMLESS=y +CONFIG_INPUT_POLLDEV=y +# CONFIG_INPUT_SPARSEKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_QT2160 is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_TCA6416 is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_MCS is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +CONFIG_SERIO_SERPORT=y +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_SERIO_ALTERA_PS2 is not set +# CONFIG_SERIO_PS2MULT is not set +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_DEVKMEM=y +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_COMPUTONE is not set +# CONFIG_ROCKETPORT is not set +# CONFIG_CYCLADES is not set +# CONFIG_DIGIEPCA is not set +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_ISI is not set +# CONFIG_SYNCLINK is not set +# CONFIG_SYNCLINKMP is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_N_HDLC is not set +# CONFIG_N_GSM is not set +# CONFIG_RISCOM8 is not set +# CONFIG_SPECIALIX is not set +# CONFIG_STALDRV is not set +# CONFIG_NOZOMI is not set + +# +# Serial drivers +# +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_SERIAL_8250_PCI=y +CONFIG_SERIAL_8250_PNP=y +CONFIG_SERIAL_8250_NR_UARTS=32 +CONFIG_SERIAL_8250_RUNTIME_UARTS=4 +CONFIG_SERIAL_8250_EXTENDED=y +CONFIG_SERIAL_8250_MANY_PORTS=y +CONFIG_SERIAL_8250_SHARE_IRQ=y +CONFIG_SERIAL_8250_DETECT_IRQ=y +CONFIG_SERIAL_8250_RSA=y + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_MFD_HSU is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_TIMBERDALE is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +CONFIG_UNIX98_PTYS=y +# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set +# CONFIG_LEGACY_PTYS is not set +CONFIG_IPMI_HANDLER=m +# CONFIG_IPMI_PANIC_EVENT is not set +CONFIG_IPMI_DEVICE_INTERFACE=m +CONFIG_IPMI_SI=m +CONFIG_IPMI_WATCHDOG=m +CONFIG_IPMI_POWEROFF=m +CONFIG_HW_RANDOM=m +CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_NVRAM=y +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_MWAVE is not set +# CONFIG_RAW_DRIVER is not set +CONFIG_HPET=y +# CONFIG_HPET_MMAP is not set +# CONFIG_HANGCHECK_TIMER is not set +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set +CONFIG_DEVPORT=y +# CONFIG_RAMOOPS is not set +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_MUX=m + +# +# Multiplexer I2C Chip support +# +# CONFIG_I2C_MUX_PCA9541 is not set +CONFIG_I2C_MUX_PCA954x=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_SMBUS=m +CONFIG_I2C_ALGOBIT=m +CONFIG_I2C_ALGOPCA=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +CONFIG_I2C_ALI1535=m +CONFIG_I2C_ALI1563=m +CONFIG_I2C_ALI15X3=m +CONFIG_I2C_AMD756=m +CONFIG_I2C_AMD756_S4882=m +CONFIG_I2C_AMD8111=m +CONFIG_I2C_I801=m +CONFIG_I2C_ISCH=m +CONFIG_I2C_PIIX4=m +CONFIG_I2C_NFORCE2=m +CONFIG_I2C_NFORCE2_S4985=m +CONFIG_I2C_SIS5595=m +CONFIG_I2C_SIS630=m +CONFIG_I2C_SIS96X=m +CONFIG_I2C_VIA=m +CONFIG_I2C_VIAPRO=m + +# +# ACPI drivers +# +CONFIG_I2C_SCMI=m + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +CONFIG_I2C_INTEL_MID=m +CONFIG_I2C_OCORES=m +CONFIG_I2C_PCA_PLATFORM=m +CONFIG_I2C_SIMTEC=m +# CONFIG_I2C_XILINX is not set + +# +# External I2C/SMBus adapter drivers +# +CONFIG_I2C_PARPORT_LIGHT=m +CONFIG_I2C_TAOS_EVM=m + +# +# Other I2C/SMBus bus drivers +# +CONFIG_I2C_STUB=m +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# CONFIG_SPI is not set + +# +# PPS support +# +# CONFIG_PPS is not set +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +# CONFIG_GPIOLIB is not set +# CONFIG_W1 is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +# CONFIG_PDA_POWER is not set +CONFIG_TEST_POWER=m +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_BQ20Z75 is not set +# CONFIG_BATTERY_BQ27x00 is not set +# CONFIG_BATTERY_MAX17040 is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=m +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +CONFIG_SENSORS_ABITUGURU=m +CONFIG_SENSORS_ABITUGURU3=m +CONFIG_SENSORS_AD7414=m +CONFIG_SENSORS_AD7418=m +CONFIG_SENSORS_ADM1021=m +CONFIG_SENSORS_ADM1025=m +CONFIG_SENSORS_ADM1026=m +CONFIG_SENSORS_ADM1029=m +CONFIG_SENSORS_ADM1031=m +CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7411=m +CONFIG_SENSORS_ADT7462=m +CONFIG_SENSORS_ADT7470=m +CONFIG_SENSORS_ADT7475=m +CONFIG_SENSORS_ASC7621=m +CONFIG_SENSORS_K8TEMP=m +CONFIG_SENSORS_K10TEMP=m +CONFIG_SENSORS_ASB100=m +CONFIG_SENSORS_ATXP1=m +CONFIG_SENSORS_DS1621=m +CONFIG_SENSORS_I5K_AMB=m +CONFIG_SENSORS_F71805F=m +CONFIG_SENSORS_F71882FG=m +CONFIG_SENSORS_F75375S=m +CONFIG_SENSORS_FSCHMD=m +CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_GL518SM=m +CONFIG_SENSORS_GL520SM=m +CONFIG_SENSORS_CORETEMP=m +CONFIG_SENSORS_PKGTEMP=m +CONFIG_SENSORS_IBMAEM=m +CONFIG_SENSORS_IBMPEX=m +CONFIG_SENSORS_IT87=m +CONFIG_SENSORS_JC42=m +CONFIG_SENSORS_LM63=m +CONFIG_SENSORS_LM73=m +CONFIG_SENSORS_LM75=m +CONFIG_SENSORS_LM77=m +CONFIG_SENSORS_LM78=m +CONFIG_SENSORS_LM80=m +CONFIG_SENSORS_LM83=m +CONFIG_SENSORS_LM85=m +CONFIG_SENSORS_LM87=m +CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_LM92=m +CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LTC4215=m +CONFIG_SENSORS_LTC4245=m +CONFIG_SENSORS_LTC4261=m +CONFIG_SENSORS_LM95241=m +CONFIG_SENSORS_MAX1619=m +CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_PC87360=m +CONFIG_SENSORS_PC87427=m +CONFIG_SENSORS_PCF8591=m +CONFIG_SENSORS_SIS5595=m +CONFIG_SENSORS_SMM665=m +CONFIG_SENSORS_DME1737=m +CONFIG_SENSORS_EMC1403=m +CONFIG_SENSORS_EMC2103=m +CONFIG_SENSORS_SMSC47M1=m +CONFIG_SENSORS_SMSC47M192=m +CONFIG_SENSORS_SMSC47B397=m +CONFIG_SENSORS_ADS7828=m +CONFIG_SENSORS_AMC6821=m +CONFIG_SENSORS_THMC50=m +CONFIG_SENSORS_TMP102=m +CONFIG_SENSORS_TMP401=m +CONFIG_SENSORS_TMP421=m +CONFIG_SENSORS_VIA_CPUTEMP=m +CONFIG_SENSORS_VIA686A=m +CONFIG_SENSORS_VT1211=m +CONFIG_SENSORS_VT8231=m +CONFIG_SENSORS_W83781D=m +CONFIG_SENSORS_W83791D=m +CONFIG_SENSORS_W83792D=m +CONFIG_SENSORS_W83793=m +CONFIG_SENSORS_W83795=m +CONFIG_SENSORS_W83795_FANCTRL=y +CONFIG_SENSORS_W83L785TS=m +CONFIG_SENSORS_W83L786NG=m +CONFIG_SENSORS_W83627HF=m +CONFIG_SENSORS_W83627EHF=m +CONFIG_SENSORS_LIS3_I2C=m +CONFIG_SENSORS_APPLESMC=m + +# +# ACPI drivers +# +CONFIG_SENSORS_ATK0110=m +CONFIG_SENSORS_LIS3LV02D=m +CONFIG_THERMAL=y +CONFIG_THERMAL_HWMON=y +CONFIG_WATCHDOG=y +# CONFIG_WATCHDOG_NOWAYOUT is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +CONFIG_ACQUIRE_WDT=m +CONFIG_ADVANTECH_WDT=m +CONFIG_ALIM1535_WDT=m +CONFIG_ALIM7101_WDT=m +CONFIG_F71808E_WDT=m +CONFIG_SC520_WDT=m +CONFIG_SBC_FITPC2_WATCHDOG=m +CONFIG_EUROTECH_WDT=m +CONFIG_IB700_WDT=m +CONFIG_IBMASR=m +CONFIG_WAFER_WDT=m +CONFIG_I6300ESB_WDT=m +CONFIG_ITCO_WDT=m +# CONFIG_ITCO_VENDOR_SUPPORT is not set +CONFIG_IT8712F_WDT=m +CONFIG_IT87_WDT=m +CONFIG_HP_WATCHDOG=m +# CONFIG_HPWDT_NMI_DECODING is not set +CONFIG_SC1200_WDT=m +CONFIG_PC87413_WDT=m +CONFIG_60XX_WDT=m +CONFIG_SBC8360_WDT=m +CONFIG_CPU5_WDT=m +CONFIG_SMSC_SCH311X_WDT=m +CONFIG_SMSC37B787_WDT=m +CONFIG_W83627HF_WDT=m +CONFIG_W83697HF_WDT=m +CONFIG_W83697UG_WDT=m +CONFIG_W83877F_WDT=m +CONFIG_W83977F_WDT=m +CONFIG_MACHZ_WDT=m +CONFIG_SBC_EPX_C3_WATCHDOG=m + +# +# PCI-based Watchdog Cards +# +CONFIG_PCIPCWATCHDOG=m +CONFIG_WDTPCI=m +CONFIG_SSB_POSSIBLE=y + +# +# Sonics Silicon Backplane +# +CONFIG_SSB=m +CONFIG_SSB_SPROM=y +CONFIG_SSB_PCIHOST_POSSIBLE=y +CONFIG_SSB_PCIHOST=y +# CONFIG_SSB_B43_PCI_BRIDGE is not set +# CONFIG_SSB_DEBUG is not set +CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y +CONFIG_SSB_DRIVER_PCICORE=y +CONFIG_MFD_SUPPORT=y +CONFIG_MFD_CORE=m +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_TPS6507X is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_MFD_STMPE is not set +# CONFIG_MFD_TC35892 is not set +# CONFIG_MFD_TMIO is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X_I2C is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_ABX500_CORE is not set +CONFIG_LPC_SCH=m +CONFIG_MFD_RDC321X=m +CONFIG_MFD_JANZ_CMODIO=m +CONFIG_MFD_VX855=m +# CONFIG_REGULATOR is not set +# CONFIG_MEDIA_SUPPORT is not set + +# +# Graphics support +# +# CONFIG_AGP is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +# CONFIG_VGA_SWITCHEROO is not set +# CONFIG_DRM is not set +CONFIG_STUB_POULSBO=m +# CONFIG_VGASTATE is not set +CONFIG_VIDEO_OUTPUT_CONTROL=m +CONFIG_FB=m +# CONFIG_FIRMWARE_EDID is not set +# CONFIG_FB_DDC is not set +# CONFIG_FB_BOOT_VESA_SUPPORT is not set +# CONFIG_FB_CFB_FILLRECT is not set +# CONFIG_FB_CFB_COPYAREA is not set +# CONFIG_FB_CFB_IMAGEBLIT is not set +# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set +# CONFIG_FB_SYS_FILLRECT is not set +# CONFIG_FB_SYS_COPYAREA is not set +# CONFIG_FB_SYS_IMAGEBLIT is not set +# CONFIG_FB_FOREIGN_ENDIAN is not set +# CONFIG_FB_SYS_FOPS is not set +# CONFIG_FB_SVGALIB is not set +# CONFIG_FB_MACMODES is not set +# CONFIG_FB_BACKLIGHT is not set +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ARC is not set +# CONFIG_FB_VGA16 is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_N411 is not set +# CONFIG_FB_HGA is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_LE80578 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_VIA is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_GEODE is not set +# CONFIG_FB_TMIO is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_BROADSHEET is not set +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set +CONFIG_BACKLIGHT_CLASS_DEVICE=m + +# +# Display device support +# +# CONFIG_DISPLAY_SUPPORT is not set + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +CONFIG_VGACON_SOFT_SCROLLBACK=y +CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=64 +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# CONFIG_LOGO is not set +# CONFIG_SOUND is not set +# CONFIG_HID_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_UWB is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=y + +# +# LED drivers +# +# CONFIG_LEDS_ALIX2 is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_LP5521 is not set +# CONFIG_LEDS_LP5523 is not set +# CONFIG_LEDS_CLEVO_MAIL is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_INTEL_SS4200 is not set +CONFIG_LEDS_TRIGGERS=y + +# +# LED Triggers +# +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_ACCESSIBILITY is not set +# CONFIG_INFINIBAND is not set +CONFIG_EDAC=y + +# +# Reporting subsystems +# +# CONFIG_EDAC_DEBUG is not set +CONFIG_EDAC_DECODE_MCE=y +CONFIG_EDAC_MCE_INJ=m +# CONFIG_EDAC_MM_EDAC is not set +CONFIG_RTC_LIB=m +CONFIG_RTC_CLASS=m + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set +CONFIG_RTC_DRV_TEST=m + +# +# I2C RTC drivers +# +CONFIG_RTC_DRV_DS1307=m +CONFIG_RTC_DRV_DS1374=m +CONFIG_RTC_DRV_DS1672=m +CONFIG_RTC_DRV_DS3232=m +CONFIG_RTC_DRV_MAX6900=m +CONFIG_RTC_DRV_RS5C372=m +CONFIG_RTC_DRV_ISL1208=m +CONFIG_RTC_DRV_ISL12022=m +CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8563=m +CONFIG_RTC_DRV_PCF8583=m +CONFIG_RTC_DRV_M41T80=m +# CONFIG_RTC_DRV_M41T80_WDT is not set +CONFIG_RTC_DRV_BQ32K=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_FM3130=m +CONFIG_RTC_DRV_RX8581=m +CONFIG_RTC_DRV_RX8025=m + +# +# SPI RTC drivers +# + +# +# Platform RTC drivers +# +CONFIG_RTC_DRV_CMOS=m +CONFIG_RTC_DRV_DS1286=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_RTC_DRV_DS1553=m +CONFIG_RTC_DRV_DS1742=m +CONFIG_RTC_DRV_STK17TA8=m +CONFIG_RTC_DRV_M48T86=m +CONFIG_RTC_DRV_M48T35=m +CONFIG_RTC_DRV_M48T59=m +CONFIG_RTC_DRV_MSM6242=m +CONFIG_RTC_DRV_BQ4802=m +CONFIG_RTC_DRV_RP5C01=m +CONFIG_RTC_DRV_V3020=m + +# +# on-CPU RTC drivers +# +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +CONFIG_INTEL_MID_DMAC=m +# CONFIG_INTEL_IOATDMA is not set +CONFIG_TIMB_DMA=m +CONFIG_PCH_DMA=m +CONFIG_DMA_ENGINE=y + +# +# DMA Clients +# +# CONFIG_NET_DMA is not set +# CONFIG_ASYNC_TX_DMA is not set +CONFIG_DMATEST=m +# CONFIG_AUXDISPLAY is not set +CONFIG_UIO=m +CONFIG_UIO_CIF=m +CONFIG_UIO_PDRV=m +CONFIG_UIO_PDRV_GENIRQ=m +CONFIG_UIO_AEC=m +CONFIG_UIO_SERCOS3=m +CONFIG_UIO_PCI_GENERIC=m +CONFIG_UIO_NETX=m +CONFIG_STAGING=y +# CONFIG_STAGING_EXCLUDE_BUILD is not set +# CONFIG_ET131X is not set +# CONFIG_SLICOSS is not set +# CONFIG_ECHO is not set +# CONFIG_COMEDI is not set +# CONFIG_POHMELFS is not set +# CONFIG_AUTOFS_FS is not set +# CONFIG_IDE_PHISON is not set +# CONFIG_HYPERV is not set +# CONFIG_VME_BUS is not set +# CONFIG_IIO is not set +CONFIG_ZRAM=m +# CONFIG_BATMAN_ADV is not set +# CONFIG_SAMSUNG_LAPTOP is not set +# CONFIG_FB_SM7XX is not set +# CONFIG_CRYSTALHD is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_FB_XGI is not set +CONFIG_SMB_FS=m +# CONFIG_SMB_NLS_DEFAULT is not set +# CONFIG_ACPI_QUICKSTART is not set +CONFIG_MACH_NO_WESTBRIDGE=y +# CONFIG_FT1000 is not set + +# +# Speakup console speech +# +# CONFIG_SPEAKUP is not set +CONFIG_X86_PLATFORM_DEVICES=y +# CONFIG_ACER_WMI is not set +# CONFIG_ACERHDF is not set +# CONFIG_ASUS_LAPTOP is not set +# CONFIG_FUJITSU_LAPTOP is not set +# CONFIG_MSI_LAPTOP is not set +# CONFIG_PANASONIC_LAPTOP is not set +# CONFIG_COMPAL_LAPTOP is not set +# CONFIG_SONY_LAPTOP is not set +# CONFIG_IDEAPAD_LAPTOP is not set +# CONFIG_THINKPAD_ACPI is not set +CONFIG_SENSORS_HDAPS=m +# CONFIG_INTEL_MENLOW is not set +# CONFIG_ACPI_WMI is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_TOPSTAR_LAPTOP is not set +# CONFIG_ACPI_TOSHIBA is not set +# CONFIG_TOSHIBA_BT_RFKILL is not set +# CONFIG_ACPI_CMPC is not set +# CONFIG_INTEL_IPS is not set +# CONFIG_IBM_RTL is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +CONFIG_FIRMWARE_MEMMAP=y +CONFIG_EFI_VARS=y +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_DMIID=y +# CONFIG_ISCSI_IBFT_FIND is not set + +# +# File systems +# +CONFIG_EXT2_FS=m +CONFIG_EXT2_FS_XATTR=y +CONFIG_EXT2_FS_POSIX_ACL=y +CONFIG_EXT2_FS_SECURITY=y +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set +CONFIG_EXT3_FS_XATTR=y +CONFIG_EXT3_FS_POSIX_ACL=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_FS_XATTR=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD=y +CONFIG_JBD_DEBUG=y +CONFIG_JBD2=y +CONFIG_JBD2_DEBUG=y +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +CONFIG_JFS_STATISTICS=y +CONFIG_FS_POSIX_ACL=y +CONFIG_XFS_FS=m +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +CONFIG_XFS_RT=y +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +CONFIG_OCFS2_FS_STATS=y +CONFIG_OCFS2_DEBUG_MASKLOG=y +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +CONFIG_NILFS2_FS=m +CONFIG_EXPORTFS=m +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_FANOTIFY=y +CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_PRINT_QUOTA_WARNING is not set +CONFIG_QUOTA_DEBUG=y +CONFIG_QUOTA_TREE=y +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=y +CONFIG_QUOTACTL=y +CONFIG_QUOTACTL_COMPAT=y +CONFIG_AUTOFS4_FS=m +CONFIG_FUSE_FS=y +CONFIG_CUSE=m +CONFIG_GENERIC_ACL=y + +# +# Caches +# +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +CONFIG_FSCACHE_HISTOGRAM=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_FSCACHE_OBJECT_LIST=y +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_HISTOGRAM is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +# CONFIG_NTFS_DEBUG is not set +CONFIG_NTFS_RW=y + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_VMCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_CONFIGFS_FS=m +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ADFS_FS=m +# CONFIG_ADFS_FS_RW is not set +# CONFIG_AFFS_FS is not set +CONFIG_ECRYPT_FS=m +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_LOGFS is not set +CONFIG_CRAMFS=m +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_XATTR=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_EMBEDDED=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +CONFIG_ROMFS_ON_BLOCK=y +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EXOFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=y +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +# CONFIG_NFS_V4_1 is not set +CONFIG_ROOT_NFS=y +# CONFIG_NFS_USE_LEGACY_DNS is not set +CONFIG_NFS_USE_KERNEL_DNS=y +# CONFIG_NFS_USE_NEW_IDMAPPER is not set +CONFIG_NFSD=m +CONFIG_NFSD_DEPRECATED=y +CONFIG_NFSD_V2_ACL=y +CONFIG_NFSD_V3=y +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +CONFIG_LOCKD=y +CONFIG_LOCKD_V4=y +CONFIG_NFS_ACL_SUPPORT=y +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=y +CONFIG_SUNRPC_GSS=y +CONFIG_RPCSEC_GSS_KRB5=y +# CONFIG_CEPH_FS is not set +CONFIG_CIFS=m +CONFIG_CIFS_STATS=y +CONFIG_CIFS_STATS2=y +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_UPCALL is not set +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +# CONFIG_CIFS_DEBUG2 is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_FSCACHE is not set +CONFIG_CIFS_ACL=y +# CONFIG_CIFS_EXPERIMENTAL is not set +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +CONFIG_AFS_FS=m +# CONFIG_AFS_DEBUG is not set +# CONFIG_AFS_FSCACHE is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +# CONFIG_LDM_PARTITION is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=m +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +# CONFIG_DLM_DEBUG is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_PRINTK_TIME=y +# CONFIG_ENABLE_WARN_DEPRECATED is not set +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=2048 +CONFIG_MAGIC_SYSRQ=y +# CONFIG_STRIP_ASM_SYMS is not set +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_DEBUG_FS=y +# CONFIG_HEADERS_CHECK is not set +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_SHIRQ is not set +# CONFIG_LOCKUP_DETECTOR is not set +# CONFIG_HARDLOCKUP_DETECTOR is not set +# CONFIG_DETECT_HUNG_TASK is not set +# CONFIG_SCHED_DEBUG is not set +CONFIG_SCHEDSTATS=y +CONFIG_TIMER_STATS=y +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_RT_MUTEX_TESTER is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +CONFIG_BKL=y +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_SPARSE_RCU_POINTER is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_SPINLOCK_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +CONFIG_STACKTRACE=y +# CONFIG_DEBUG_KOBJECT is not set +CONFIG_DEBUG_BUGVERBOSE=y +# CONFIG_DEBUG_INFO is not set +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_WRITECOUNT is not set +CONFIG_DEBUG_MEMORY_INIT=y +# CONFIG_DEBUG_LIST is not set +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_RCU_TORTURE_TEST is not set +# CONFIG_RCU_CPU_STALL_DETECTOR is not set +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# CONFIG_LKDTM is not set +CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_FAULT_INJECTION is not set +# CONFIG_LATENCYTOP is not set +CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_DEBUG_PAGEALLOC is not set +CONFIG_USER_STACKTRACE_SUPPORT=y +CONFIG_NOP_TRACER=y +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y +CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_RING_BUFFER=y +CONFIG_EVENT_TRACING=y +CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACING=y +CONFIG_GENERIC_TRACER=y +CONFIG_TRACING_SUPPORT=y +CONFIG_FTRACE=y +# CONFIG_FUNCTION_TRACER is not set +# CONFIG_IRQSOFF_TRACER is not set +# CONFIG_SCHED_TRACER is not set +# CONFIG_FTRACE_SYSCALLS is not set +CONFIG_BRANCH_PROFILE_NONE=y +# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set +# CONFIG_PROFILE_ALL_BRANCHES is not set +# CONFIG_STACK_TRACER is not set +CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENT=y +# CONFIG_FTRACE_STARTUP_TEST is not set +# CONFIG_MMIOTRACE is not set +# CONFIG_RING_BUFFER_BENCHMARK is not set +CONFIG_PROVIDE_OHCI1394_DMA_INIT=y +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_ATOMIC64_SELFTEST is not set +CONFIG_ASYNC_RAID6_TEST=m +# CONFIG_SAMPLES is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_HAVE_ARCH_KMEMCHECK=y +# CONFIG_STRICT_DEVMEM is not set +CONFIG_X86_VERBOSE_BOOTUP=y +CONFIG_EARLY_PRINTK=y +CONFIG_EARLY_PRINTK_DBGP=y +CONFIG_DEBUG_STACKOVERFLOW=y +CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_PER_CPU_MAPS is not set +# CONFIG_X86_PTDUMP is not set +CONFIG_DEBUG_RODATA=y +# CONFIG_DEBUG_RODATA_TEST is not set +CONFIG_DEBUG_NX_TEST=m +# CONFIG_IOMMU_DEBUG is not set +# CONFIG_IOMMU_STRESS is not set +CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set +CONFIG_IO_DELAY_TYPE_0X80=0 +CONFIG_IO_DELAY_TYPE_0XED=1 +CONFIG_IO_DELAY_TYPE_UDELAY=2 +CONFIG_IO_DELAY_TYPE_NONE=3 +CONFIG_IO_DELAY_0X80=y +# CONFIG_IO_DELAY_0XED is not set +# CONFIG_IO_DELAY_UDELAY is not set +# CONFIG_IO_DELAY_NONE is not set +CONFIG_DEFAULT_IO_DELAY_TYPE=0 +CONFIG_DEBUG_BOOT_PARAMS=y +# CONFIG_CPA_DEBUG is not set +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set + +# +# Security options +# +CONFIG_KEYS=y +CONFIG_KEYS_DEBUG_PROC_KEYS=y +# CONFIG_SECURITY_DMESG_RESTRICT is not set +CONFIG_SECURITY=y +# CONFIG_SECURITYFS is not set +CONFIG_SECURITY_NETWORK=y +CONFIG_SECURITY_NETWORK_XFRM=y +# CONFIG_SECURITY_PATH is not set +# CONFIG_INTEL_TXT is not set +CONFIG_LSM_MMAP_MIN_ADDR=65536 +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_SELINUX_DISABLE=y +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_SECURITY_APPARMOR is not set +# CONFIG_IMA is not set +CONFIG_DEFAULT_SECURITY_SELINUX=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="selinux" +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=m +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_PCOMP=m +CONFIG_CRYPTO_PCOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_NULL=m +# CONFIG_CRYPTO_PCRYPT is not set +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_CRYPTD=m +CONFIG_CRYPTO_AUTHENC=y +CONFIG_CRYPTO_TEST=m + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_CTS=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=m +CONFIG_CRYPTO_FPU=m + +# +# Hash modes +# +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_VMAC=m + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=m +CONFIG_CRYPTO_CRC32C_INTEL=m +CONFIG_CRYPTO_GHASH=m +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_MICHAEL_MIC=m +CONFIG_CRYPTO_RMD128=m +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_RMD256=m +CONFIG_CRYPTO_RMD320=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=m +CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_TGR192=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_X86_64=m +CONFIG_CRYPTO_AES_NI_INTEL=m +CONFIG_CRYPTO_ANUBIS=m +CONFIG_CRYPTO_ARC4=y +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=y +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SALSA20=m +CONFIG_CRYPTO_SALSA20_X86_64=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +CONFIG_CRYPTO_TWOFISH_X86_64=m + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m + +# +# Random Number Generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_PADLOCK is not set +# CONFIG_CRYPTO_DEV_HIFN_795X is not set +CONFIG_HAVE_KVM=y +# CONFIG_VIRTUALIZATION is not set +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_RAID6_PQ=m +CONFIG_BITREVERSE=y +CONFIG_GENERIC_FIND_FIRST_BIT=y +CONFIG_GENERIC_FIND_NEXT_BIT=y +CONFIG_GENERIC_FIND_LAST_BIT=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC7=m +CONFIG_LIBCRC32C=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=m +CONFIG_LZO_COMPRESS=m +CONFIG_LZO_DECOMPRESS=y +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_DMA=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m diff --git a/kernel-config/config-2.6.38-gentoo-r6-00 b/kernel-config/config-2.6.38-gentoo-r6-00 new file mode 100644 index 0000000..b066b38 --- /dev/null +++ b/kernel-config/config-2.6.38-gentoo-r6-00 @@ -0,0 +1,2722 @@ +# +# Automatically generated make config: don't edit +# Linux/x86_64 2.6.38-gentoo-r6 Kernel Configuration +# Wed Jun 8 13:12:19 2011 +# +CONFIG_64BIT=y +# CONFIG_X86_32 is not set +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_INSTRUCTION_DECODER=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_GENERIC_CMOS_UPDATE=y +CONFIG_CLOCKSOURCE_WATCHDOG=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_MMU=y +CONFIG_ZONE_DMA=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_IOMAP=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +# CONFIG_RWSEM_GENERIC_SPINLOCK is not set +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_ARCH_HAS_CPU_IDLE_WAIT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_DEFAULT_IDLE=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_HAVE_CPUMASK_OF_CPU_MAP=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ZONE_DMA32=y +CONFIG_ARCH_POPULATES_NODE_MAP=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y +CONFIG_X86_TRAMPOLINE=y +CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" +# CONFIG_KTIME_SCALAR is not set +CONFIG_ARCH_CPU_PROBE_RELEASE=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_CONSTRUCTORS=y +CONFIG_HAVE_IRQ_WORK=y +CONFIG_IRQ_WORK=y + +# +# General setup +# +CONFIG_EXPERIMENTAL=y +CONFIG_LOCK_KERNEL=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" +CONFIG_LOCALVERSION="" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_BZIP2=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_XZ=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_BZIP2 is not set +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_XZ is not set +# CONFIG_KERNEL_LZO is not set +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_WATCH=y +CONFIG_AUDIT_TREE=y +CONFIG_HAVE_GENERIC_HARDIRQS=y + +# +# IRQ subsystem +# +CONFIG_GENERIC_HARDIRQS=y +# CONFIG_GENERIC_HARDIRQS_NO_DEPRECATED is not set +CONFIG_HAVE_SPARSE_IRQ=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_PENDING_IRQ=y +# CONFIG_AUTO_IRQ_AFFINITY is not set +# CONFIG_IRQ_PER_CPU is not set +# CONFIG_HARDIRQS_SW_RESEND is not set +CONFIG_SPARSE_IRQ=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +# CONFIG_PREEMPT_RCU is not set +# CONFIG_RCU_TRACE is not set +CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_FANOUT_EXACT is not set +# CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=18 +CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y +CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_NS=y +CONFIG_CGROUP_FREEZER=y +# CONFIG_CGROUP_DEVICE is not set +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_RESOURCE_COUNTERS=y +# CONFIG_CGROUP_MEM_RES_CTLR is not set +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +# CONFIG_RT_GROUP_SCHED is not set +CONFIG_BLK_CGROUP=m +# CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +# CONFIG_SCHED_AUTOGROUP is not set +# CONFIG_SYSFS_DEPRECATED is not set +CONFIG_RELAY=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_XZ=y +CONFIG_RD_LZO=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +# CONFIG_EXPERT is not set +# CONFIG_EMBEDDED is not set +CONFIG_UID16=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_EXTRA_PASS=y +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_PCSPKR_PLATFORM=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +CONFIG_HAVE_PERF_EVENTS=y + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_PERF_COUNTERS is not set +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_PCI_QUIRKS=y +CONFIG_SLUB_DEBUG=y +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB is not set +CONFIG_SLUB=y +CONFIG_PROFILING=y +CONFIG_TRACEPOINTS=y +# CONFIG_OPROFILE is not set +CONFIG_HAVE_OPROFILE=y +CONFIG_KPROBES=y +# CONFIG_JUMP_LABEL is not set +CONFIG_OPTPROBES=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_USE_GENERIC_SMP_HELPERS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y +CONFIG_HAVE_USER_RETURN_NOTIFIER=y +CONFIG_HAVE_PERF_EVENTS_NMI=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set +CONFIG_SLABINFO=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_FORCE_LOAD=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_STOP_MACHINE=y +CONFIG_BLOCK=y +CONFIG_BLK_DEV_BSG=y +# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLOCK_COMPAT=y + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=y +CONFIG_IOSCHED_CFQ=m +# CONFIG_CFQ_GROUP_IOSCHED is not set +CONFIG_DEFAULT_DEADLINE=y +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="deadline" +# CONFIG_INLINE_SPIN_TRYLOCK is not set +# CONFIG_INLINE_SPIN_TRYLOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK is not set +# CONFIG_INLINE_SPIN_LOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK_IRQ is not set +# CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set +CONFIG_INLINE_SPIN_UNLOCK=y +# CONFIG_INLINE_SPIN_UNLOCK_BH is not set +CONFIG_INLINE_SPIN_UNLOCK_IRQ=y +# CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_READ_TRYLOCK is not set +# CONFIG_INLINE_READ_LOCK is not set +# CONFIG_INLINE_READ_LOCK_BH is not set +# CONFIG_INLINE_READ_LOCK_IRQ is not set +# CONFIG_INLINE_READ_LOCK_IRQSAVE is not set +CONFIG_INLINE_READ_UNLOCK=y +# CONFIG_INLINE_READ_UNLOCK_BH is not set +CONFIG_INLINE_READ_UNLOCK_IRQ=y +# CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_WRITE_TRYLOCK is not set +# CONFIG_INLINE_WRITE_LOCK is not set +# CONFIG_INLINE_WRITE_LOCK_BH is not set +# CONFIG_INLINE_WRITE_LOCK_IRQ is not set +# CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set +CONFIG_INLINE_WRITE_UNLOCK=y +# CONFIG_INLINE_WRITE_UNLOCK_BH is not set +CONFIG_INLINE_WRITE_UNLOCK_IRQ=y +# CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_FREEZER=y + +# +# Processor type and features +# +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_GENERIC_CLOCKEVENTS_BUILD=y +CONFIG_SMP=y +CONFIG_X86_MPPARSE=y +CONFIG_X86_EXTENDED_PLATFORM=y +# CONFIG_X86_VSMP is not set +CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y +CONFIG_SCHED_OMIT_FRAME_POINTER=y +# CONFIG_PARAVIRT_GUEST is not set +CONFIG_NO_BOOTMEM=y +# CONFIG_MEMTEST is not set +CONFIG_MK8=y +# CONFIG_MPSC is not set +# CONFIG_MCORE2 is not set +# CONFIG_MATOM is not set +# CONFIG_GENERIC_CPU is not set +CONFIG_X86_CPU=y +CONFIG_X86_INTERNODE_CACHE_SHIFT=7 +CONFIG_X86_CMPXCHG=y +CONFIG_CMPXCHG_LOCAL=y +CONFIG_X86_L1_CACHE_SHIFT=6 +CONFIG_X86_XADD=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INTEL_USERCOPY=y +CONFIG_X86_USE_PPRO_CHECKSUM=y +CONFIG_X86_TSC=y +CONFIG_X86_CMPXCHG64=y +CONFIG_X86_CMOV=y +CONFIG_X86_MINIMUM_CPU_FAMILY=64 +CONFIG_X86_DEBUGCTLMSR=y +CONFIG_CPU_SUP_INTEL=y +CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_CENTAUR=y +CONFIG_HPET_TIMER=y +CONFIG_HPET_EMULATE_RTC=y +CONFIG_DMI=y +CONFIG_GART_IOMMU=y +CONFIG_CALGARY_IOMMU=y +CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y +CONFIG_AMD_IOMMU=y +CONFIG_AMD_IOMMU_STATS=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +CONFIG_IOMMU_API=y +# CONFIG_MAXSMP is not set +CONFIG_NR_CPUS=64 +CONFIG_SCHED_SMT=y +CONFIG_SCHED_MC=y +CONFIG_IRQ_TIME_ACCOUNTING=y +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_X86_LOCAL_APIC=y +CONFIG_X86_IO_APIC=y +CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y +CONFIG_X86_MCE=y +CONFIG_X86_MCE_INTEL=y +CONFIG_X86_MCE_AMD=y +CONFIG_X86_MCE_THRESHOLD=y +# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_I8K is not set +CONFIG_MICROCODE=y +CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_AMD=y +CONFIG_MICROCODE_OLD_INTERFACE=y +CONFIG_X86_MSR=y +CONFIG_X86_CPUID=y +CONFIG_ARCH_PHYS_ADDR_T_64BIT=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DIRECT_GBPAGES=y +CONFIG_NUMA=y +CONFIG_AMD_NUMA=y +CONFIG_X86_64_ACPI_NUMA=y +CONFIG_NODES_SPAN_OTHER_NODES=y +# CONFIG_NUMA_EMU is not set +CONFIG_NODES_SHIFT=6 +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_ARCH_SPARSEMEM_DEFAULT=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_SPARSEMEM_MANUAL=y +CONFIG_SPARSEMEM=y +CONFIG_NEED_MULTIPLE_NODES=y +CONFIG_HAVE_MEMORY_PRESENT=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y +CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_HAVE_MEMBLOCK=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_PAGEFLAGS_EXTENDED=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +CONFIG_COMPACTION=y +CONFIG_MIGRATION=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_ZONE_DMA_FLAG=1 +CONFIG_BOUNCE=y +CONFIG_VIRT_TO_BUS=y +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +CONFIG_TRANSPARENT_HUGEPAGE=y +CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS=y +# CONFIG_TRANSPARENT_HUGEPAGE_MADVISE is not set +CONFIG_X86_CHECK_BIOS_CORRUPTION=y +CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +CONFIG_X86_RESERVE_LOW=64 +CONFIG_MTRR=y +# CONFIG_MTRR_SANITIZER is not set +CONFIG_X86_PAT=y +CONFIG_ARCH_USES_PG_UNCACHED=y +CONFIG_EFI=y +CONFIG_SECCOMP=y +# CONFIG_CC_STACKPROTECTOR is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_KEXEC=y +CONFIG_CRASH_DUMP=y +CONFIG_PHYSICAL_START=0x1000000 +CONFIG_RELOCATABLE=y +CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_HOTPLUG_CPU=y +# CONFIG_COMPAT_VDSO is not set +# CONFIG_CMDLINE_BOOL is not set +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_HAVE_ARCH_EARLY_PFN_TO_NID=y +CONFIG_USE_PERCPU_NUMA_NODE_ID=y + +# +# Power management and ACPI options +# +CONFIG_PM=y +CONFIG_PM_DEBUG=y +CONFIG_PM_ADVANCED_DEBUG=y +# CONFIG_PM_VERBOSE is not set +CONFIG_CAN_PM_TRACE=y +CONFIG_PM_TRACE=y +CONFIG_PM_TRACE_RTC=y +CONFIG_PM_SLEEP_SMP=y +CONFIG_PM_SLEEP=y +# CONFIG_PM_SLEEP_ADVANCED_DEBUG is not set +CONFIG_SUSPEND=y +CONFIG_SUSPEND_FREEZER=y +# CONFIG_HIBERNATION is not set +# CONFIG_PM_RUNTIME is not set +CONFIG_PM_OPS=y +CONFIG_ACPI=y +CONFIG_ACPI_SLEEP=y +CONFIG_ACPI_PROCFS=y +CONFIG_ACPI_PROCFS_POWER=y +CONFIG_ACPI_POWER_METER=m +CONFIG_ACPI_EC_DEBUGFS=m +CONFIG_ACPI_PROC_EVENT=y +CONFIG_ACPI_AC=m +CONFIG_ACPI_BATTERY=m +CONFIG_ACPI_BUTTON=m +CONFIG_ACPI_VIDEO=m +CONFIG_ACPI_FAN=m +CONFIG_ACPI_DOCK=y +CONFIG_ACPI_PROCESSOR=m +CONFIG_ACPI_IPMI=m +CONFIG_ACPI_HOTPLUG_CPU=y +CONFIG_ACPI_PROCESSOR_AGGREGATOR=m +CONFIG_ACPI_THERMAL=m +CONFIG_ACPI_NUMA=y +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_PCI_SLOT=m +CONFIG_X86_PM_TIMER=y +CONFIG_ACPI_CONTAINER=y +# CONFIG_ACPI_SBS is not set +CONFIG_ACPI_HED=m +CONFIG_ACPI_APEI=y +CONFIG_ACPI_APEI_GHES=m +CONFIG_ACPI_APEI_EINJ=m +CONFIG_ACPI_APEI_ERST_DEBUG=m +# CONFIG_SFI is not set + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=m +CONFIG_CPU_FREQ_DEBUG=y +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_STAT_DETAILS=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=m +CONFIG_CPU_FREQ_GOV_POWERSAVE=m +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=m +CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m + +# +# CPUFreq processor drivers +# +CONFIG_X86_PCC_CPUFREQ=m +CONFIG_X86_ACPI_CPUFREQ=m +CONFIG_X86_POWERNOW_K8=m +# CONFIG_X86_SPEEDSTEP_CENTRINO is not set +# CONFIG_X86_P4_CLOCKMOD is not set + +# +# shared options +# +# CONFIG_X86_SPEEDSTEP_LIB is not set +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +# CONFIG_INTEL_IDLE is not set + +# +# Memory power savings +# +# CONFIG_I7300_IDLE is not set + +# +# Bus options (PCI etc.) +# +CONFIG_PCI=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCI_DOMAINS=y +# CONFIG_PCI_CNB20LE_QUIRK is not set +CONFIG_DMAR=y +# CONFIG_DMAR_DEFAULT_ON is not set +CONFIG_DMAR_FLOPPY_WA=y +# CONFIG_INTR_REMAP is not set +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEAER_INJECT is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_ARCH_SUPPORTS_MSI=y +CONFIG_PCI_MSI=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_HT_IRQ=y +# CONFIG_PCI_IOV is not set +CONFIG_PCI_IOAPIC=y +CONFIG_ISA_DMA_API=y +CONFIG_AMD_NB=y +# CONFIG_PCCARD is not set +# CONFIG_HOTPLUG_PCI is not set + +# +# Executable file formats / Emulations +# +CONFIG_BINFMT_ELF=y +CONFIG_COMPAT_BINFMT_ELF=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +# CONFIG_HAVE_AOUT is not set +CONFIG_BINFMT_MISC=y +CONFIG_IA32_EMULATION=y +CONFIG_IA32_AOUT=m +CONFIG_COMPAT=y +CONFIG_COMPAT_FOR_U64_ALIGNMENT=y +CONFIG_SYSVIPC_COMPAT=y +CONFIG_HAVE_TEXT_POKE_SMP=y +CONFIG_NET=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_SUB_POLICY is not set +CONFIG_XFRM_MIGRATE=y +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_ASK_IP_FIB_HASH=y +# CONFIG_IP_FIB_TRIE is not set +CONFIG_IP_FIB_HASH=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +CONFIG_IP_PNP_RARP=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE=y +CONFIG_IP_MROUTE_MULTIPLE_TABLES=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_ARPD=y +CONFIG_SYN_COOKIES=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_LRO=y +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +CONFIG_TCP_CONG_BIC=m +CONFIG_TCP_CONG_CUBIC=m +CONFIG_TCP_CONG_WESTWOOD=m +CONFIG_TCP_CONG_HTCP=m +CONFIG_TCP_CONG_HSTCP=m +CONFIG_TCP_CONG_HYBLA=m +CONFIG_TCP_CONG_VEGAS=m +CONFIG_TCP_CONG_SCALABLE=m +CONFIG_TCP_CONG_LP=m +CONFIG_TCP_CONG_VENO=m +CONFIG_TCP_CONG_YEAH=m +CONFIG_TCP_CONG_ILLINOIS=m +CONFIG_DEFAULT_RENO=y +CONFIG_DEFAULT_TCP_CONG="reno" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_PRIVACY=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_SIT=m +# CONFIG_IPV6_SIT_6RD is not set +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETLABEL=y +CONFIG_NETWORK_SECMARK=y +# CONFIG_NETWORK_PHY_TIMESTAMPING is not set +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=y + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_SECMARK=y +# CONFIG_NF_CONNTRACK_ZONES is not set +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CT_PROTO_DCCP=m +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CT_PROTO_SCTP=m +CONFIG_NF_CT_PROTO_UDPLITE=m +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NETFILTER_TPROXY=m +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=m +CONFIG_NETFILTER_XT_CONNMARK=m + +# +# Xtables targets +# +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +CONFIG_NETFILTER_XT_TARGET_NOTRACK=m +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TRACE=m +CONFIG_NETFILTER_XT_TARGET_SECMARK=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m + +# +# Xtables matches +# +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_IP_NF_QUEUE=m +CONFIG_IP_NF_IPTABLES=m +CONFIG_IP_NF_MATCH_ADDRTYPE=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=m +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_LOG=m +CONFIG_IP_NF_TARGET_ULOG=m +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_DCCP=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PROTO_UDPLITE=m +CONFIG_NF_NAT_PROTO_SCTP=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_NF_NAT_SIP=m +CONFIG_IP_NF_MANGLE=m +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_IP6_NF_QUEUE=m +CONFIG_IP6_NF_IPTABLES=m +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_TARGET_LOG=m +CONFIG_IP6_NF_FILTER=m +CONFIG_IP6_NF_TARGET_REJECT=m +CONFIG_IP6_NF_MANGLE=m +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_ULOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_TFRC_LIB=y + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# CONFIG_NET_DCCPPROBE is not set +CONFIG_IP_SCTP=m +CONFIG_NET_SCTPPROBE=m +# CONFIG_SCTP_DBG_MSG is not set +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_HMAC_NONE is not set +# CONFIG_SCTP_HMAC_SHA1 is not set +CONFIG_SCTP_HMAC_MD5=y +CONFIG_RDS=m +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +CONFIG_TIPC_ADVANCED=y +CONFIG_TIPC_NODES=255 +CONFIG_TIPC_PORTS=8191 +CONFIG_TIPC_LOG=0 +# CONFIG_TIPC_DEBUG is not set +# CONFIG_ATM is not set +CONFIG_L2TP=m +CONFIG_L2TP_DEBUGFS=m +# CONFIG_L2TP_V3 is not set +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=m +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_IPX=m +# CONFIG_IPX_INTERN is not set +CONFIG_ATALK=m +# CONFIG_DEV_APPLETALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set +# CONFIG_PHONET is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_INGRESS=m + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_ROUTE=y +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_RSVP6=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +# CONFIG_GACT_PROB is not set +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +CONFIG_NET_ACT_CSUM=m +# CONFIG_NET_CLS_IND is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set +CONFIG_DNS_RESOLVER=y +# CONFIG_BATMAN_ADV is not set +CONFIG_RPS=y +CONFIG_XPS=y + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +CONFIG_NET_TCPPROBE=m +# CONFIG_NET_DROP_MONITOR is not set +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +CONFIG_AF_RXRPC=m +# CONFIG_AF_RXRPC_DEBUG is not set +# CONFIG_RXKAD is not set +CONFIG_FIB_RULES=y +# CONFIG_WIRELESS is not set +# CONFIG_WIMAX is not set +CONFIG_RFKILL=m +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +# CONFIG_NET_9P is not set +# CONFIG_CAIF is not set +CONFIG_CEPH_LIB=m +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" +# CONFIG_DEVTMPFS is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y +CONFIG_FW_LOADER=y +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_SYS_HYPERVISOR is not set +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y +# CONFIG_MTD is not set +# CONFIG_PARPORT is not set +CONFIG_PNP=y +CONFIG_PNP_DEBUG_MESSAGES=y + +# +# Protocols +# +CONFIG_PNPACPI=y +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_FD is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=y +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +# CONFIG_BLK_DEV_OSD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_BLK_DEV_XIP is not set +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +# CONFIG_BLK_DEV_HD is not set +CONFIG_BLK_DEV_RBD=m +CONFIG_MISC_DEVICES=y +# CONFIG_AD525X_DPOT is not set +# CONFIG_IBM_ASM is not set +# CONFIG_PHANTOM is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_CS5535_MFGPT is not set +# CONFIG_HP_ILO is not set +# CONFIG_APDS9802ALS is not set +# CONFIG_ISL29003 is not set +# CONFIG_ISL29020 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1780 is not set +# CONFIG_SENSORS_BH1770 is not set +# CONFIG_SENSORS_APDS990X is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_VMWARE_BALLOON is not set +# CONFIG_BMP085 is not set +# CONFIG_PCH_PHUB is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +# CONFIG_EEPROM_AT24 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_CB710_CORE is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_TI_ST is not set +CONFIG_HAVE_IDE=y +# CONFIG_IDE is not set + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=m +CONFIG_BLK_DEV_SR_VENDOR=y +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_MULTI_LUN is not set +CONFIG_SCSI_CONSTANTS=y +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set +CONFIG_SCSI_WAIT_SCAN=m + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=y +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +# CONFIG_SCSI_SAS_ATA is not set +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SAS_LIBSAS_DEBUG=y +CONFIG_SCSI_SRP_ATTRS=m +# CONFIG_SCSI_LOWLEVEL is not set +CONFIG_SCSI_DH=m +# CONFIG_SCSI_DH_RDAC is not set +# CONFIG_SCSI_DH_HP_SW is not set +# CONFIG_SCSI_DH_EMC is not set +# CONFIG_SCSI_DH_ALUA is not set +CONFIG_SCSI_OSD_INITIATOR=m +CONFIG_SCSI_OSD_ULD=m +CONFIG_SCSI_OSD_DPRINT_SENSE=1 +# CONFIG_SCSI_OSD_DEBUG is not set +CONFIG_ATA=y +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_ATA_VERBOSE_ERROR=y +CONFIG_ATA_ACPI=y +CONFIG_SATA_PMP=y + +# +# Controllers with non-SFF native interface +# +CONFIG_SATA_AHCI=y +# CONFIG_SATA_AHCI_PLATFORM is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_SATA_ACARD_AHCI is not set +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y + +# +# SFF controllers with custom DMA interface +# +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_SX4 is not set +CONFIG_ATA_BMDMA=y + +# +# SATA SFF controllers with BMDMA +# +CONFIG_ATA_PIIX=y +# CONFIG_SATA_MV is not set +# CONFIG_SATA_NV is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_SVW is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set + +# +# PATA SFF controllers with BMDMA +# +# CONFIG_PATA_ALI is not set +CONFIG_PATA_AMD=y +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CS5520 is not set +# CONFIG_PATA_CS5530 is not set +# CONFIG_PATA_CS5536 is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87415 is not set +CONFIG_PATA_OLDPIIX=y +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_SC1200 is not set +CONFIG_PATA_SCH=y +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set + +# +# PIO-only SFF controllers +# +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_MPIIX is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_RZ1000 is not set + +# +# Generic fallback / legacy drivers +# +# CONFIG_PATA_ACPI is not set +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_LEGACY is not set +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=y +CONFIG_MD_RAID10=y +CONFIG_MD_RAID456=m +CONFIG_MULTICORE_RAID456=y +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_MIRROR=y +CONFIG_DM_RAID=m +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m +# CONFIG_DM_UEVENT is not set +CONFIG_TARGET_CORE=m +CONFIG_TCM_IBLOCK=m +CONFIG_TCM_FILEIO=m +CONFIG_TCM_PSCSI=m +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# +# CONFIG_FIREWIRE is not set +CONFIG_FIREWIRE_NOSY=m +CONFIG_I2O=m +CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y +CONFIG_I2O_EXT_ADAPTEC=y +CONFIG_I2O_EXT_ADAPTEC_DMA64=y +CONFIG_I2O_CONFIG=m +CONFIG_I2O_CONFIG_OLD_IOCTL=y +CONFIG_I2O_BUS=m +CONFIG_I2O_BLOCK=m +# CONFIG_I2O_SCSI is not set +CONFIG_I2O_PROC=m +# CONFIG_MACINTOSH_DRIVERS is not set +CONFIG_NETDEVICES=y +CONFIG_IFB=m +CONFIG_DUMMY=m +CONFIG_BONDING=m +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +# CONFIG_EQUALIZER is not set +CONFIG_TUN=m +CONFIG_VETH=m +# CONFIG_NET_SB1000 is not set +# CONFIG_ARCNET is not set +CONFIG_MII=y +CONFIG_PHYLIB=y + +# +# MII PHY device drivers +# +# CONFIG_MARVELL_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_VITESSE_PHY is not set +CONFIG_SMSC_PHY=m +# CONFIG_BROADCOM_PHY is not set +# CONFIG_BCM63XX_PHY is not set +# CONFIG_ICPLUS_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_FIXED_PHY is not set +# CONFIG_MDIO_BITBANG is not set +CONFIG_NET_ETHERNET=y +CONFIG_HAPPYMEAL=m +CONFIG_SUNGEM=m +CONFIG_CASSINI=m +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=m +CONFIG_TYPHOON=m +CONFIG_ETHOC=m +CONFIG_DNET=m +CONFIG_NET_TULIP=y +CONFIG_DE2104X=m +CONFIG_DE2104X_DSL=0 +CONFIG_TULIP=m +# CONFIG_TULIP_MWI is not set +# CONFIG_TULIP_MMIO is not set +# CONFIG_TULIP_NAPI is not set +CONFIG_DE4X5=m +CONFIG_WINBOND_840=m +CONFIG_DM9102=m +CONFIG_ULI526X=m +# CONFIG_HP100 is not set +# CONFIG_IBM_NEW_EMAC_ZMII is not set +# CONFIG_IBM_NEW_EMAC_RGMII is not set +# CONFIG_IBM_NEW_EMAC_TAH is not set +# CONFIG_IBM_NEW_EMAC_EMAC4 is not set +# CONFIG_IBM_NEW_EMAC_NO_FLOW_CTRL is not set +# CONFIG_IBM_NEW_EMAC_MAL_CLR_ICINTSTAT is not set +# CONFIG_IBM_NEW_EMAC_MAL_COMMON_ERR is not set +CONFIG_NET_PCI=y +CONFIG_PCNET32=m +CONFIG_AMD8111_ETH=m +CONFIG_ADAPTEC_STARFIRE=m +CONFIG_KSZ884X_PCI=m +CONFIG_B44=m +CONFIG_B44_PCI_AUTOSELECT=y +CONFIG_B44_PCICORE_AUTOSELECT=y +CONFIG_B44_PCI=y +CONFIG_FORCEDETH=m +CONFIG_E100=m +CONFIG_FEALNX=m +CONFIG_NATSEMI=m +CONFIG_NE2K_PCI=m +CONFIG_8139CP=m +CONFIG_8139TOO=m +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_R6040=m +CONFIG_SIS900=m +CONFIG_EPIC100=m +CONFIG_SMSC9420=m +CONFIG_SUNDANCE=m +# CONFIG_SUNDANCE_MMIO is not set +CONFIG_TLAN=m +CONFIG_KS8842=m +CONFIG_KS8851_MLL=m +CONFIG_VIA_RHINE=m +# CONFIG_VIA_RHINE_MMIO is not set +CONFIG_SC92031=m +CONFIG_ATL2=m +CONFIG_NETDEV_1000=y +CONFIG_ACENIC=m +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_DL2K=m +CONFIG_E1000=m +CONFIG_E1000E=m +CONFIG_IP1000=m +CONFIG_IGB=m +CONFIG_IGBVF=m +CONFIG_NS83820=m +CONFIG_HAMACHI=m +CONFIG_YELLOWFIN=m +CONFIG_R8169=m +CONFIG_R8169_VLAN=y +CONFIG_SIS190=m +CONFIG_SKGE=m +# CONFIG_SKGE_DEBUG is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +CONFIG_VIA_VELOCITY=m +CONFIG_TIGON3=m +CONFIG_BNX2=m +CONFIG_CNIC=m +CONFIG_QLA3XXX=m +CONFIG_ATL1=m +CONFIG_ATL1E=m +CONFIG_ATL1C=m +CONFIG_JME=m +CONFIG_STMMAC_ETH=m +CONFIG_STMMAC_DA=y +CONFIG_STMMAC_DUAL_MAC=y +CONFIG_PCH_GBE=m +CONFIG_NETDEV_10000=y +CONFIG_MDIO=m +CONFIG_CHELSIO_T1=m +CONFIG_CHELSIO_T1_1G=y +CONFIG_CHELSIO_T3_DEPENDS=y +CONFIG_CHELSIO_T3=m +CONFIG_CHELSIO_T4_DEPENDS=y +CONFIG_CHELSIO_T4=m +CONFIG_CHELSIO_T4VF_DEPENDS=y +CONFIG_CHELSIO_T4VF=m +CONFIG_ENIC=m +CONFIG_IXGBE=m +CONFIG_IXGBEVF=m +CONFIG_IXGB=m +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set +CONFIG_MYRI10GE=m +CONFIG_NETXEN_NIC=m +CONFIG_NIU=m +CONFIG_MLX4_EN=m +CONFIG_MLX4_CORE=m +CONFIG_MLX4_DEBUG=y +CONFIG_TEHUTI=m +CONFIG_BNX2X=m +CONFIG_QLCNIC=m +CONFIG_QLGE=m +CONFIG_BNA=m +CONFIG_SFC=m +CONFIG_BE2NET=m +# CONFIG_TR is not set +# CONFIG_WLAN is not set + +# +# Enable WiMAX (Networking options) to see the WiMAX drivers +# +# CONFIG_WAN is not set + +# +# CAIF transport drivers +# +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_NET_FC is not set +CONFIG_NETCONSOLE=y +# CONFIG_NETCONSOLE_DYNAMIC is not set +CONFIG_NETPOLL=y +# CONFIG_NETPOLL_TRAP is not set +CONFIG_NET_POLL_CONTROLLER=y +# CONFIG_VMXNET3 is not set +# CONFIG_ISDN is not set +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_FF_MEMLESS=y +CONFIG_INPUT_POLLDEV=y +# CONFIG_INPUT_SPARSEKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_QT2160 is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_TCA6416 is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_MCS is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +CONFIG_SERIO_SERPORT=y +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_SERIO_ALTERA_PS2 is not set +# CONFIG_SERIO_PS2MULT is not set +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_DEVKMEM=y +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_COMPUTONE is not set +# CONFIG_ROCKETPORT is not set +# CONFIG_CYCLADES is not set +# CONFIG_DIGIEPCA is not set +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_ISI is not set +# CONFIG_SYNCLINK is not set +# CONFIG_SYNCLINKMP is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_N_HDLC is not set +# CONFIG_N_GSM is not set +# CONFIG_RISCOM8 is not set +# CONFIG_SPECIALIX is not set +# CONFIG_STALDRV is not set +# CONFIG_NOZOMI is not set + +# +# Serial drivers +# +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_SERIAL_8250_PCI=y +CONFIG_SERIAL_8250_PNP=y +CONFIG_SERIAL_8250_NR_UARTS=32 +CONFIG_SERIAL_8250_RUNTIME_UARTS=4 +CONFIG_SERIAL_8250_EXTENDED=y +CONFIG_SERIAL_8250_MANY_PORTS=y +CONFIG_SERIAL_8250_SHARE_IRQ=y +CONFIG_SERIAL_8250_DETECT_IRQ=y +CONFIG_SERIAL_8250_RSA=y + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_MFD_HSU is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_TIMBERDALE is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +# CONFIG_SERIAL_PCH_UART is not set +CONFIG_UNIX98_PTYS=y +# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set +# CONFIG_LEGACY_PTYS is not set +CONFIG_IPMI_HANDLER=m +# CONFIG_IPMI_PANIC_EVENT is not set +CONFIG_IPMI_DEVICE_INTERFACE=m +CONFIG_IPMI_SI=m +CONFIG_IPMI_WATCHDOG=m +CONFIG_IPMI_POWEROFF=m +CONFIG_HW_RANDOM=m +CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_NVRAM=y +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_MWAVE is not set +# CONFIG_RAW_DRIVER is not set +CONFIG_HPET=y +# CONFIG_HPET_MMAP is not set +# CONFIG_HANGCHECK_TIMER is not set +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set +CONFIG_DEVPORT=y +# CONFIG_RAMOOPS is not set +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_MUX=m + +# +# Multiplexer I2C Chip support +# +# CONFIG_I2C_MUX_PCA9541 is not set +CONFIG_I2C_MUX_PCA954x=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_SMBUS=m +CONFIG_I2C_ALGOBIT=m +CONFIG_I2C_ALGOPCA=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +CONFIG_I2C_ALI1535=m +CONFIG_I2C_ALI1563=m +CONFIG_I2C_ALI15X3=m +CONFIG_I2C_AMD756=m +CONFIG_I2C_AMD756_S4882=m +CONFIG_I2C_AMD8111=m +CONFIG_I2C_I801=m +CONFIG_I2C_ISCH=m +CONFIG_I2C_PIIX4=m +CONFIG_I2C_NFORCE2=m +CONFIG_I2C_NFORCE2_S4985=m +CONFIG_I2C_SIS5595=m +CONFIG_I2C_SIS630=m +CONFIG_I2C_SIS96X=m +CONFIG_I2C_VIA=m +CONFIG_I2C_VIAPRO=m + +# +# ACPI drivers +# +CONFIG_I2C_SCMI=m + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +CONFIG_I2C_INTEL_MID=m +CONFIG_I2C_OCORES=m +CONFIG_I2C_PCA_PLATFORM=m +CONFIG_I2C_SIMTEC=m +# CONFIG_I2C_XILINX is not set +CONFIG_I2C_EG20T=m + +# +# External I2C/SMBus adapter drivers +# +CONFIG_I2C_PARPORT_LIGHT=m +CONFIG_I2C_TAOS_EVM=m + +# +# Other I2C/SMBus bus drivers +# +CONFIG_I2C_STUB=m +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# CONFIG_SPI is not set + +# +# PPS support +# +# CONFIG_PPS is not set + +# +# PPS generators support +# +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +# CONFIG_GPIOLIB is not set +# CONFIG_W1 is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +# CONFIG_PDA_POWER is not set +CONFIG_TEST_POWER=m +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_BQ20Z75 is not set +# CONFIG_BATTERY_BQ27x00 is not set +# CONFIG_BATTERY_MAX17040 is not set +# CONFIG_BATTERY_MAX17042 is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=m +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +CONFIG_SENSORS_ABITUGURU=m +CONFIG_SENSORS_ABITUGURU3=m +CONFIG_SENSORS_AD7414=m +CONFIG_SENSORS_AD7418=m +CONFIG_SENSORS_ADM1021=m +CONFIG_SENSORS_ADM1025=m +CONFIG_SENSORS_ADM1026=m +CONFIG_SENSORS_ADM1029=m +CONFIG_SENSORS_ADM1031=m +CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7411=m +CONFIG_SENSORS_ADT7462=m +CONFIG_SENSORS_ADT7470=m +CONFIG_SENSORS_ADT7475=m +CONFIG_SENSORS_ASC7621=m +CONFIG_SENSORS_K8TEMP=m +CONFIG_SENSORS_K10TEMP=m +CONFIG_SENSORS_ASB100=m +CONFIG_SENSORS_ATXP1=m +CONFIG_SENSORS_DS620=m +CONFIG_SENSORS_DS1621=m +CONFIG_SENSORS_I5K_AMB=m +CONFIG_SENSORS_F71805F=m +CONFIG_SENSORS_F71882FG=m +CONFIG_SENSORS_F75375S=m +CONFIG_SENSORS_FSCHMD=m +CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_GL518SM=m +CONFIG_SENSORS_GL520SM=m +CONFIG_SENSORS_CORETEMP=m +CONFIG_SENSORS_PKGTEMP=m +CONFIG_SENSORS_IBMAEM=m +CONFIG_SENSORS_IBMPEX=m +CONFIG_SENSORS_IT87=m +CONFIG_SENSORS_JC42=m +CONFIG_SENSORS_LM63=m +CONFIG_SENSORS_LM73=m +CONFIG_SENSORS_LM75=m +CONFIG_SENSORS_LM77=m +CONFIG_SENSORS_LM78=m +CONFIG_SENSORS_LM80=m +CONFIG_SENSORS_LM83=m +CONFIG_SENSORS_LM85=m +CONFIG_SENSORS_LM87=m +CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_LM92=m +CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LTC4215=m +CONFIG_SENSORS_LTC4245=m +CONFIG_SENSORS_LTC4261=m +CONFIG_SENSORS_LM95241=m +CONFIG_SENSORS_MAX1619=m +CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_PC87360=m +CONFIG_SENSORS_PC87427=m +CONFIG_SENSORS_PCF8591=m +CONFIG_SENSORS_SHT21=m +CONFIG_SENSORS_SIS5595=m +CONFIG_SENSORS_SMM665=m +CONFIG_SENSORS_DME1737=m +CONFIG_SENSORS_EMC1403=m +CONFIG_SENSORS_EMC2103=m +CONFIG_SENSORS_SMSC47M1=m +CONFIG_SENSORS_SMSC47M192=m +CONFIG_SENSORS_SMSC47B397=m +CONFIG_SENSORS_ADS7828=m +CONFIG_SENSORS_AMC6821=m +CONFIG_SENSORS_THMC50=m +CONFIG_SENSORS_TMP102=m +CONFIG_SENSORS_TMP401=m +CONFIG_SENSORS_TMP421=m +CONFIG_SENSORS_VIA_CPUTEMP=m +CONFIG_SENSORS_VIA686A=m +CONFIG_SENSORS_VT1211=m +CONFIG_SENSORS_VT8231=m +CONFIG_SENSORS_W83781D=m +CONFIG_SENSORS_W83791D=m +CONFIG_SENSORS_W83792D=m +CONFIG_SENSORS_W83793=m +CONFIG_SENSORS_W83795=m +CONFIG_SENSORS_W83795_FANCTRL=y +CONFIG_SENSORS_W83L785TS=m +CONFIG_SENSORS_W83L786NG=m +CONFIG_SENSORS_W83627HF=m +CONFIG_SENSORS_W83627EHF=m +CONFIG_SENSORS_LIS3_I2C=m +CONFIG_SENSORS_APPLESMC=m + +# +# ACPI drivers +# +CONFIG_SENSORS_ATK0110=m +CONFIG_SENSORS_LIS3LV02D=m +CONFIG_THERMAL=y +CONFIG_THERMAL_HWMON=y +CONFIG_WATCHDOG=y +# CONFIG_WATCHDOG_NOWAYOUT is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +CONFIG_ACQUIRE_WDT=m +CONFIG_ADVANTECH_WDT=m +CONFIG_ALIM1535_WDT=m +CONFIG_ALIM7101_WDT=m +CONFIG_F71808E_WDT=m +CONFIG_SP5100_TCO=m +CONFIG_SC520_WDT=m +CONFIG_SBC_FITPC2_WATCHDOG=m +CONFIG_EUROTECH_WDT=m +CONFIG_IB700_WDT=m +CONFIG_IBMASR=m +CONFIG_WAFER_WDT=m +CONFIG_I6300ESB_WDT=m +CONFIG_ITCO_WDT=m +# CONFIG_ITCO_VENDOR_SUPPORT is not set +CONFIG_IT8712F_WDT=m +CONFIG_IT87_WDT=m +CONFIG_HP_WATCHDOG=m +# CONFIG_HPWDT_NMI_DECODING is not set +CONFIG_SC1200_WDT=m +CONFIG_PC87413_WDT=m +CONFIG_NV_TCO=m +CONFIG_60XX_WDT=m +CONFIG_SBC8360_WDT=m +CONFIG_CPU5_WDT=m +CONFIG_SMSC_SCH311X_WDT=m +CONFIG_SMSC37B787_WDT=m +CONFIG_W83627HF_WDT=m +CONFIG_W83697HF_WDT=m +CONFIG_W83697UG_WDT=m +CONFIG_W83877F_WDT=m +CONFIG_W83977F_WDT=m +CONFIG_MACHZ_WDT=m +CONFIG_SBC_EPX_C3_WATCHDOG=m + +# +# PCI-based Watchdog Cards +# +CONFIG_PCIPCWATCHDOG=m +CONFIG_WDTPCI=m +CONFIG_SSB_POSSIBLE=y + +# +# Sonics Silicon Backplane +# +CONFIG_SSB=m +CONFIG_SSB_SPROM=y +CONFIG_SSB_PCIHOST_POSSIBLE=y +CONFIG_SSB_PCIHOST=y +# CONFIG_SSB_B43_PCI_BRIDGE is not set +# CONFIG_SSB_DEBUG is not set +CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y +CONFIG_SSB_DRIVER_PCICORE=y +CONFIG_MFD_SUPPORT=y +CONFIG_MFD_CORE=m +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_TPS6507X is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_MFD_STMPE is not set +# CONFIG_MFD_TC3589X is not set +# CONFIG_MFD_TMIO is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X_I2C is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_ABX500_CORE is not set +# CONFIG_MFD_CS5535 is not set +CONFIG_LPC_SCH=m +CONFIG_MFD_RDC321X=m +CONFIG_MFD_JANZ_CMODIO=m +CONFIG_MFD_VX855=m +# CONFIG_MFD_WL1273_CORE is not set +# CONFIG_REGULATOR is not set +# CONFIG_MEDIA_SUPPORT is not set + +# +# Graphics support +# +# CONFIG_AGP is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +# CONFIG_VGA_SWITCHEROO is not set +# CONFIG_DRM is not set +CONFIG_STUB_POULSBO=m +# CONFIG_VGASTATE is not set +CONFIG_VIDEO_OUTPUT_CONTROL=m +CONFIG_FB=m +# CONFIG_FIRMWARE_EDID is not set +# CONFIG_FB_DDC is not set +# CONFIG_FB_BOOT_VESA_SUPPORT is not set +# CONFIG_FB_CFB_FILLRECT is not set +# CONFIG_FB_CFB_COPYAREA is not set +# CONFIG_FB_CFB_IMAGEBLIT is not set +# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set +# CONFIG_FB_SYS_FILLRECT is not set +# CONFIG_FB_SYS_COPYAREA is not set +# CONFIG_FB_SYS_IMAGEBLIT is not set +# CONFIG_FB_FOREIGN_ENDIAN is not set +# CONFIG_FB_SYS_FOPS is not set +# CONFIG_FB_WMT_GE_ROPS is not set +# CONFIG_FB_SVGALIB is not set +# CONFIG_FB_MACMODES is not set +# CONFIG_FB_BACKLIGHT is not set +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ARC is not set +# CONFIG_FB_VGA16 is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_N411 is not set +# CONFIG_FB_HGA is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_LE80578 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_VIA is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_GEODE is not set +# CONFIG_FB_TMIO is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_BROADSHEET is not set +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set +CONFIG_BACKLIGHT_CLASS_DEVICE=m + +# +# Display device support +# +# CONFIG_DISPLAY_SUPPORT is not set + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +CONFIG_VGACON_SOFT_SCROLLBACK=y +CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=64 +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# CONFIG_LOGO is not set +# CONFIG_SOUND is not set +# CONFIG_HID_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_UWB is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=y + +# +# LED drivers +# +# CONFIG_LEDS_ALIX2 is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_LP5521 is not set +# CONFIG_LEDS_LP5523 is not set +# CONFIG_LEDS_CLEVO_MAIL is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_INTEL_SS4200 is not set +CONFIG_LEDS_TRIGGERS=y + +# +# LED Triggers +# +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_NFC_DEVICES is not set +# CONFIG_ACCESSIBILITY is not set +# CONFIG_INFINIBAND is not set +CONFIG_EDAC=y + +# +# Reporting subsystems +# +# CONFIG_EDAC_DEBUG is not set +CONFIG_EDAC_DECODE_MCE=y +CONFIG_EDAC_MCE_INJ=m +# CONFIG_EDAC_MM_EDAC is not set +CONFIG_RTC_LIB=m +CONFIG_RTC_CLASS=m + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set +CONFIG_RTC_DRV_TEST=m + +# +# I2C RTC drivers +# +CONFIG_RTC_DRV_DS1307=m +CONFIG_RTC_DRV_DS1374=m +CONFIG_RTC_DRV_DS1672=m +CONFIG_RTC_DRV_DS3232=m +CONFIG_RTC_DRV_MAX6900=m +CONFIG_RTC_DRV_RS5C372=m +CONFIG_RTC_DRV_ISL1208=m +CONFIG_RTC_DRV_ISL12022=m +CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8563=m +CONFIG_RTC_DRV_PCF8583=m +CONFIG_RTC_DRV_M41T80=m +# CONFIG_RTC_DRV_M41T80_WDT is not set +CONFIG_RTC_DRV_BQ32K=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_FM3130=m +CONFIG_RTC_DRV_RX8581=m +CONFIG_RTC_DRV_RX8025=m + +# +# SPI RTC drivers +# + +# +# Platform RTC drivers +# +CONFIG_RTC_DRV_CMOS=m +CONFIG_RTC_DRV_DS1286=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_RTC_DRV_DS1553=m +CONFIG_RTC_DRV_DS1742=m +CONFIG_RTC_DRV_STK17TA8=m +CONFIG_RTC_DRV_M48T86=m +CONFIG_RTC_DRV_M48T35=m +CONFIG_RTC_DRV_M48T59=m +CONFIG_RTC_DRV_MSM6242=m +CONFIG_RTC_DRV_BQ4802=m +CONFIG_RTC_DRV_RP5C01=m +CONFIG_RTC_DRV_V3020=m + +# +# on-CPU RTC drivers +# +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +CONFIG_INTEL_MID_DMAC=m +# CONFIG_INTEL_IOATDMA is not set +CONFIG_TIMB_DMA=m +CONFIG_PCH_DMA=m +CONFIG_DMA_ENGINE=y + +# +# DMA Clients +# +# CONFIG_NET_DMA is not set +# CONFIG_ASYNC_TX_DMA is not set +CONFIG_DMATEST=m +# CONFIG_AUXDISPLAY is not set +CONFIG_UIO=m +CONFIG_UIO_CIF=m +CONFIG_UIO_PDRV=m +CONFIG_UIO_PDRV_GENIRQ=m +CONFIG_UIO_AEC=m +CONFIG_UIO_SERCOS3=m +CONFIG_UIO_PCI_GENERIC=m +CONFIG_UIO_NETX=m +CONFIG_STAGING=y +# CONFIG_STAGING_EXCLUDE_BUILD is not set +# CONFIG_ET131X is not set +# CONFIG_SLICOSS is not set +# CONFIG_ECHO is not set +# CONFIG_COMEDI is not set +# CONFIG_POHMELFS is not set +# CONFIG_AUTOFS_FS is not set +# CONFIG_IDE_PHISON is not set +# CONFIG_HYPERV is not set +# CONFIG_VME_BUS is not set +# CONFIG_DX_SEP is not set +# CONFIG_IIO is not set +CONFIG_ZRAM=m +# CONFIG_SAMSUNG_LAPTOP is not set +# CONFIG_FB_SM7XX is not set +# CONFIG_CRYSTALHD is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_FB_XGI is not set +CONFIG_SMB_FS=m +# CONFIG_SMB_NLS_DEFAULT is not set +# CONFIG_ACPI_QUICKSTART is not set +CONFIG_MACH_NO_WESTBRIDGE=y +# CONFIG_FT1000 is not set + +# +# Speakup console speech +# +# CONFIG_SPEAKUP is not set +# CONFIG_TOUCHSCREEN_SYNAPTICS_I2C_RMI4 is not set +CONFIG_X86_PLATFORM_DEVICES=y +# CONFIG_ACERHDF is not set +# CONFIG_ASUS_LAPTOP is not set +# CONFIG_FUJITSU_LAPTOP is not set +# CONFIG_MSI_LAPTOP is not set +# CONFIG_PANASONIC_LAPTOP is not set +# CONFIG_COMPAL_LAPTOP is not set +# CONFIG_SONY_LAPTOP is not set +# CONFIG_IDEAPAD_LAPTOP is not set +# CONFIG_THINKPAD_ACPI is not set +CONFIG_SENSORS_HDAPS=m +# CONFIG_INTEL_MENLOW is not set +# CONFIG_ACPI_WMI is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_TOPSTAR_LAPTOP is not set +# CONFIG_ACPI_TOSHIBA is not set +# CONFIG_TOSHIBA_BT_RFKILL is not set +# CONFIG_ACPI_CMPC is not set +# CONFIG_INTEL_IPS is not set +# CONFIG_IBM_RTL is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +CONFIG_FIRMWARE_MEMMAP=y +CONFIG_EFI_VARS=y +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_DMIID=y +# CONFIG_ISCSI_IBFT_FIND is not set + +# +# File systems +# +CONFIG_EXT2_FS=m +CONFIG_EXT2_FS_XATTR=y +CONFIG_EXT2_FS_POSIX_ACL=y +CONFIG_EXT2_FS_SECURITY=y +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set +CONFIG_EXT3_FS_XATTR=y +CONFIG_EXT3_FS_POSIX_ACL=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_FS_XATTR=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD=y +CONFIG_JBD_DEBUG=y +CONFIG_JBD2=y +CONFIG_JBD2_DEBUG=y +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +CONFIG_JFS_STATISTICS=y +CONFIG_XFS_FS=m +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +CONFIG_XFS_RT=y +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +CONFIG_OCFS2_FS_STATS=y +CONFIG_OCFS2_DEBUG_MASKLOG=y +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +CONFIG_NILFS2_FS=m +CONFIG_FS_POSIX_ACL=y +CONFIG_EXPORTFS=m +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_FANOTIFY=y +CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_PRINT_QUOTA_WARNING is not set +CONFIG_QUOTA_DEBUG=y +CONFIG_QUOTA_TREE=m +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=m +CONFIG_QUOTACTL=y +CONFIG_QUOTACTL_COMPAT=y +CONFIG_AUTOFS4_FS=m +CONFIG_FUSE_FS=m +CONFIG_CUSE=m +CONFIG_GENERIC_ACL=y + +# +# Caches +# +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +CONFIG_FSCACHE_HISTOGRAM=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_FSCACHE_OBJECT_LIST=y +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_HISTOGRAM is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +# CONFIG_NTFS_DEBUG is not set +CONFIG_NTFS_RW=y + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_VMCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_CONFIGFS_FS=m +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ADFS_FS=m +# CONFIG_ADFS_FS_RW is not set +# CONFIG_AFFS_FS is not set +CONFIG_ECRYPT_FS=m +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_LOGFS is not set +CONFIG_CRAMFS=m +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_XATTR=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_XZ=y +CONFIG_SQUASHFS_EMBEDDED=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +CONFIG_ROMFS_ON_BLOCK=y +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EXOFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=m +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +CONFIG_NFS_V4_1=y +CONFIG_PNFS_FILE_LAYOUT=m +# CONFIG_NFS_FSCACHE is not set +# CONFIG_NFS_USE_LEGACY_DNS is not set +CONFIG_NFS_USE_KERNEL_DNS=y +# CONFIG_NFS_USE_NEW_IDMAPPER is not set +CONFIG_NFSD=m +CONFIG_NFSD_DEPRECATED=y +CONFIG_NFSD_V2_ACL=y +CONFIG_NFSD_V3=y +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +CONFIG_LOCKD=m +CONFIG_LOCKD_V4=y +CONFIG_NFS_ACL_SUPPORT=m +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=m +CONFIG_SUNRPC_GSS=m +CONFIG_RPCSEC_GSS_KRB5=m +CONFIG_CEPH_FS=m +CONFIG_CIFS=m +CONFIG_CIFS_STATS=y +CONFIG_CIFS_STATS2=y +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_UPCALL is not set +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +# CONFIG_CIFS_DEBUG2 is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_FSCACHE is not set +CONFIG_CIFS_ACL=y +# CONFIG_CIFS_EXPERIMENTAL is not set +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +CONFIG_AFS_FS=m +# CONFIG_AFS_DEBUG is not set +# CONFIG_AFS_FSCACHE is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +# CONFIG_LDM_PARTITION is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=m +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +# CONFIG_DLM_DEBUG is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_PRINTK_TIME=y +# CONFIG_ENABLE_WARN_DEPRECATED is not set +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=2048 +CONFIG_MAGIC_SYSRQ=y +# CONFIG_STRIP_ASM_SYMS is not set +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_DEBUG_FS=y +# CONFIG_HEADERS_CHECK is not set +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_SHIRQ is not set +# CONFIG_LOCKUP_DETECTOR is not set +# CONFIG_HARDLOCKUP_DETECTOR is not set +# CONFIG_DETECT_HUNG_TASK is not set +# CONFIG_SCHED_DEBUG is not set +CONFIG_SCHEDSTATS=y +CONFIG_TIMER_STATS=y +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_RT_MUTEX_TESTER is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +CONFIG_BKL=y +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_SPARSE_RCU_POINTER is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_SPINLOCK_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +CONFIG_STACKTRACE=y +# CONFIG_DEBUG_KOBJECT is not set +CONFIG_DEBUG_BUGVERBOSE=y +# CONFIG_DEBUG_INFO is not set +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_WRITECOUNT is not set +CONFIG_DEBUG_MEMORY_INIT=y +# CONFIG_DEBUG_LIST is not set +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_RCU_TORTURE_TEST is not set +# CONFIG_RCU_CPU_STALL_DETECTOR is not set +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# CONFIG_LKDTM is not set +CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_FAULT_INJECTION is not set +# CONFIG_LATENCYTOP is not set +CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_DEBUG_PAGEALLOC is not set +CONFIG_USER_STACKTRACE_SUPPORT=y +CONFIG_NOP_TRACER=y +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y +CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_RING_BUFFER=y +CONFIG_EVENT_TRACING=y +CONFIG_EVENT_POWER_TRACING_DEPRECATED=y +CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACING=y +CONFIG_GENERIC_TRACER=y +CONFIG_TRACING_SUPPORT=y +CONFIG_FTRACE=y +# CONFIG_FUNCTION_TRACER is not set +# CONFIG_IRQSOFF_TRACER is not set +# CONFIG_SCHED_TRACER is not set +# CONFIG_FTRACE_SYSCALLS is not set +CONFIG_BRANCH_PROFILE_NONE=y +# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set +# CONFIG_PROFILE_ALL_BRANCHES is not set +# CONFIG_STACK_TRACER is not set +CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENT=y +# CONFIG_FTRACE_STARTUP_TEST is not set +# CONFIG_MMIOTRACE is not set +# CONFIG_RING_BUFFER_BENCHMARK is not set +CONFIG_PROVIDE_OHCI1394_DMA_INIT=y +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_ATOMIC64_SELFTEST is not set +CONFIG_ASYNC_RAID6_TEST=m +# CONFIG_SAMPLES is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_HAVE_ARCH_KMEMCHECK=y +# CONFIG_TEST_KSTRTOX is not set +# CONFIG_STRICT_DEVMEM is not set +CONFIG_X86_VERBOSE_BOOTUP=y +CONFIG_EARLY_PRINTK=y +CONFIG_EARLY_PRINTK_DBGP=y +CONFIG_DEBUG_STACKOVERFLOW=y +CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_PER_CPU_MAPS is not set +# CONFIG_X86_PTDUMP is not set +CONFIG_DEBUG_RODATA=y +# CONFIG_DEBUG_RODATA_TEST is not set +# CONFIG_DEBUG_SET_MODULE_RONX is not set +CONFIG_DEBUG_NX_TEST=m +# CONFIG_IOMMU_DEBUG is not set +# CONFIG_IOMMU_STRESS is not set +CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set +CONFIG_IO_DELAY_TYPE_0X80=0 +CONFIG_IO_DELAY_TYPE_0XED=1 +CONFIG_IO_DELAY_TYPE_UDELAY=2 +CONFIG_IO_DELAY_TYPE_NONE=3 +CONFIG_IO_DELAY_0X80=y +# CONFIG_IO_DELAY_0XED is not set +# CONFIG_IO_DELAY_UDELAY is not set +# CONFIG_IO_DELAY_NONE is not set +CONFIG_DEFAULT_IO_DELAY_TYPE=0 +CONFIG_DEBUG_BOOT_PARAMS=y +# CONFIG_CPA_DEBUG is not set +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set + +# +# Security options +# +CONFIG_KEYS=y +CONFIG_KEYS_DEBUG_PROC_KEYS=y +# CONFIG_SECURITY_DMESG_RESTRICT is not set +CONFIG_SECURITY=y +# CONFIG_SECURITYFS is not set +CONFIG_SECURITY_NETWORK=y +CONFIG_SECURITY_NETWORK_XFRM=y +# CONFIG_SECURITY_PATH is not set +# CONFIG_INTEL_TXT is not set +CONFIG_LSM_MMAP_MIN_ADDR=65536 +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_SELINUX_DISABLE=y +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_SECURITY_APPARMOR is not set +# CONFIG_IMA is not set +CONFIG_DEFAULT_SECURITY_SELINUX=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="selinux" +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=m +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_PCOMP=m +CONFIG_CRYPTO_PCOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_NULL=m +# CONFIG_CRYPTO_PCRYPT is not set +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_CRYPTD=m +CONFIG_CRYPTO_AUTHENC=y +CONFIG_CRYPTO_TEST=m + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_CTS=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=m +CONFIG_CRYPTO_FPU=m + +# +# Hash modes +# +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_VMAC=m + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=m +CONFIG_CRYPTO_CRC32C_INTEL=m +CONFIG_CRYPTO_GHASH=m +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_MICHAEL_MIC=m +CONFIG_CRYPTO_RMD128=m +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_RMD256=m +CONFIG_CRYPTO_RMD320=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=m +CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_TGR192=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_X86_64=m +CONFIG_CRYPTO_AES_NI_INTEL=m +CONFIG_CRYPTO_ANUBIS=m +CONFIG_CRYPTO_ARC4=y +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=y +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SALSA20=m +CONFIG_CRYPTO_SALSA20_X86_64=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +CONFIG_CRYPTO_TWOFISH_X86_64=m + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m + +# +# Random Number Generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_USER_API=m +CONFIG_CRYPTO_USER_API_HASH=m +CONFIG_CRYPTO_USER_API_SKCIPHER=m +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_PADLOCK is not set +# CONFIG_CRYPTO_DEV_HIFN_795X is not set +CONFIG_HAVE_KVM=y +# CONFIG_VIRTUALIZATION is not set +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_RAID6_PQ=m +CONFIG_BITREVERSE=y +CONFIG_GENERIC_FIND_FIRST_BIT=y +CONFIG_GENERIC_FIND_NEXT_BIT=y +CONFIG_GENERIC_FIND_LAST_BIT=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC7=m +CONFIG_LIBCRC32C=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=m +CONFIG_LZO_COMPRESS=m +CONFIG_LZO_DECOMPRESS=y +CONFIG_XZ_DEC=y +CONFIG_XZ_DEC_X86=y +CONFIG_XZ_DEC_POWERPC=y +CONFIG_XZ_DEC_IA64=y +CONFIG_XZ_DEC_ARM=y +CONFIG_XZ_DEC_ARMTHUMB=y +CONFIG_XZ_DEC_SPARC=y +CONFIG_XZ_DEC_BCJ=y +CONFIG_XZ_DEC_TEST=m +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_XZ=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_DMA=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m diff --git a/kernel-config/config-2.6.39-gentoo-r3-00 b/kernel-config/config-2.6.39-gentoo-r3-00 new file mode 100644 index 0000000..007b02f --- /dev/null +++ b/kernel-config/config-2.6.39-gentoo-r3-00 @@ -0,0 +1,2764 @@ +# +# Automatically generated make config: don't edit +# Linux/x86_64 2.6.39-gentoo-r3 Kernel Configuration +# Tue Aug 9 23:26:52 2011 +# +CONFIG_64BIT=y +# CONFIG_X86_32 is not set +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_INSTRUCTION_DECODER=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_GENERIC_CMOS_UPDATE=y +CONFIG_CLOCKSOURCE_WATCHDOG=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_MMU=y +CONFIG_ZONE_DMA=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_IOMAP=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +# CONFIG_RWSEM_GENERIC_SPINLOCK is not set +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_ARCH_HAS_CPU_IDLE_WAIT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_DEFAULT_IDLE=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_HAVE_CPUMASK_OF_CPU_MAP=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ZONE_DMA32=y +CONFIG_ARCH_POPULATES_NODE_MAP=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y +CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" +# CONFIG_KTIME_SCALAR is not set +CONFIG_ARCH_CPU_PROBE_RELEASE=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_CONSTRUCTORS=y +CONFIG_HAVE_IRQ_WORK=y +CONFIG_IRQ_WORK=y + +# +# General setup +# +CONFIG_EXPERIMENTAL=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" +CONFIG_LOCALVERSION="" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_BZIP2=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_XZ=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_BZIP2 is not set +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_XZ is not set +# CONFIG_KERNEL_LZO is not set +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_FHANDLE=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_WATCH=y +CONFIG_AUDIT_TREE=y +CONFIG_HAVE_GENERIC_HARDIRQS=y + +# +# IRQ subsystem +# +CONFIG_GENERIC_HARDIRQS=y +CONFIG_HAVE_SPARSE_IRQ=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_IRQ_SHOW=y +CONFIG_GENERIC_PENDING_IRQ=y +CONFIG_IRQ_FORCED_THREADING=y +CONFIG_SPARSE_IRQ=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +# CONFIG_PREEMPT_RCU is not set +# CONFIG_RCU_TRACE is not set +CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_FANOUT_EXACT is not set +# CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=18 +CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y +CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_NS=y +CONFIG_CGROUP_FREEZER=y +# CONFIG_CGROUP_DEVICE is not set +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_RESOURCE_COUNTERS=y +# CONFIG_CGROUP_MEM_RES_CTLR is not set +# CONFIG_CGROUP_PERF is not set +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +# CONFIG_RT_GROUP_SCHED is not set +CONFIG_BLK_CGROUP=m +# CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +# CONFIG_SCHED_AUTOGROUP is not set +# CONFIG_SYSFS_DEPRECATED is not set +CONFIG_RELAY=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_XZ=y +CONFIG_RD_LZO=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +# CONFIG_EXPERT is not set +CONFIG_UID16=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_EXTRA_PASS=y +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_PCSPKR_PLATFORM=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +# CONFIG_EMBEDDED is not set +CONFIG_HAVE_PERF_EVENTS=y + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_PERF_COUNTERS is not set +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_PCI_QUIRKS=y +CONFIG_SLUB_DEBUG=y +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB is not set +CONFIG_SLUB=y +CONFIG_PROFILING=y +CONFIG_TRACEPOINTS=y +# CONFIG_OPROFILE is not set +CONFIG_HAVE_OPROFILE=y +CONFIG_KPROBES=y +# CONFIG_JUMP_LABEL is not set +CONFIG_OPTPROBES=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_USE_GENERIC_SMP_HELPERS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y +CONFIG_HAVE_USER_RETURN_NOTIFIER=y +CONFIG_HAVE_PERF_EVENTS_NMI=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set +CONFIG_SLABINFO=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_FORCE_LOAD=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_STOP_MACHINE=y +CONFIG_BLOCK=y +CONFIG_BLK_DEV_BSG=y +# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLOCK_COMPAT=y + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=y +CONFIG_IOSCHED_CFQ=m +# CONFIG_CFQ_GROUP_IOSCHED is not set +CONFIG_DEFAULT_DEADLINE=y +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="deadline" +# CONFIG_INLINE_SPIN_TRYLOCK is not set +# CONFIG_INLINE_SPIN_TRYLOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK is not set +# CONFIG_INLINE_SPIN_LOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK_IRQ is not set +# CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set +CONFIG_INLINE_SPIN_UNLOCK=y +# CONFIG_INLINE_SPIN_UNLOCK_BH is not set +CONFIG_INLINE_SPIN_UNLOCK_IRQ=y +# CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_READ_TRYLOCK is not set +# CONFIG_INLINE_READ_LOCK is not set +# CONFIG_INLINE_READ_LOCK_BH is not set +# CONFIG_INLINE_READ_LOCK_IRQ is not set +# CONFIG_INLINE_READ_LOCK_IRQSAVE is not set +CONFIG_INLINE_READ_UNLOCK=y +# CONFIG_INLINE_READ_UNLOCK_BH is not set +CONFIG_INLINE_READ_UNLOCK_IRQ=y +# CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_WRITE_TRYLOCK is not set +# CONFIG_INLINE_WRITE_LOCK is not set +# CONFIG_INLINE_WRITE_LOCK_BH is not set +# CONFIG_INLINE_WRITE_LOCK_IRQ is not set +# CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set +CONFIG_INLINE_WRITE_UNLOCK=y +# CONFIG_INLINE_WRITE_UNLOCK_BH is not set +CONFIG_INLINE_WRITE_UNLOCK_IRQ=y +# CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_FREEZER=y + +# +# Processor type and features +# +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_GENERIC_CLOCKEVENTS_BUILD=y +CONFIG_SMP=y +CONFIG_X86_MPPARSE=y +CONFIG_X86_EXTENDED_PLATFORM=y +# CONFIG_X86_VSMP is not set +CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y +CONFIG_SCHED_OMIT_FRAME_POINTER=y +# CONFIG_PARAVIRT_GUEST is not set +CONFIG_NO_BOOTMEM=y +# CONFIG_MEMTEST is not set +CONFIG_MK8=y +# CONFIG_MPSC is not set +# CONFIG_MCORE2 is not set +# CONFIG_MATOM is not set +# CONFIG_GENERIC_CPU is not set +CONFIG_X86_INTERNODE_CACHE_SHIFT=7 +CONFIG_X86_CMPXCHG=y +CONFIG_CMPXCHG_LOCAL=y +CONFIG_X86_L1_CACHE_SHIFT=6 +CONFIG_X86_XADD=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INTEL_USERCOPY=y +CONFIG_X86_USE_PPRO_CHECKSUM=y +CONFIG_X86_TSC=y +CONFIG_X86_CMPXCHG64=y +CONFIG_X86_CMOV=y +CONFIG_X86_MINIMUM_CPU_FAMILY=64 +CONFIG_X86_DEBUGCTLMSR=y +CONFIG_CPU_SUP_INTEL=y +CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_CENTAUR=y +CONFIG_HPET_TIMER=y +CONFIG_HPET_EMULATE_RTC=y +CONFIG_DMI=y +CONFIG_GART_IOMMU=y +CONFIG_CALGARY_IOMMU=y +CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y +CONFIG_AMD_IOMMU=y +CONFIG_AMD_IOMMU_STATS=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +CONFIG_IOMMU_API=y +# CONFIG_MAXSMP is not set +CONFIG_NR_CPUS=64 +CONFIG_SCHED_SMT=y +CONFIG_SCHED_MC=y +CONFIG_IRQ_TIME_ACCOUNTING=y +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_X86_LOCAL_APIC=y +CONFIG_X86_IO_APIC=y +CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y +CONFIG_X86_MCE=y +CONFIG_X86_MCE_INTEL=y +CONFIG_X86_MCE_AMD=y +CONFIG_X86_MCE_THRESHOLD=y +# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_I8K is not set +CONFIG_MICROCODE=y +CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_AMD=y +CONFIG_MICROCODE_OLD_INTERFACE=y +CONFIG_X86_MSR=y +CONFIG_X86_CPUID=y +CONFIG_ARCH_PHYS_ADDR_T_64BIT=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DIRECT_GBPAGES=y +CONFIG_NUMA=y +CONFIG_AMD_NUMA=y +CONFIG_X86_64_ACPI_NUMA=y +CONFIG_NODES_SPAN_OTHER_NODES=y +# CONFIG_NUMA_EMU is not set +CONFIG_NODES_SHIFT=6 +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_ARCH_SPARSEMEM_DEFAULT=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_SPARSEMEM_MANUAL=y +CONFIG_SPARSEMEM=y +CONFIG_NEED_MULTIPLE_NODES=y +CONFIG_HAVE_MEMORY_PRESENT=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y +CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_HAVE_MEMBLOCK=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_PAGEFLAGS_EXTENDED=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +CONFIG_COMPACTION=y +CONFIG_MIGRATION=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_ZONE_DMA_FLAG=1 +CONFIG_BOUNCE=y +CONFIG_VIRT_TO_BUS=y +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +CONFIG_TRANSPARENT_HUGEPAGE=y +CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS=y +# CONFIG_TRANSPARENT_HUGEPAGE_MADVISE is not set +CONFIG_X86_CHECK_BIOS_CORRUPTION=y +CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +CONFIG_X86_RESERVE_LOW=64 +CONFIG_MTRR=y +# CONFIG_MTRR_SANITIZER is not set +CONFIG_X86_PAT=y +CONFIG_ARCH_USES_PG_UNCACHED=y +CONFIG_EFI=y +CONFIG_SECCOMP=y +# CONFIG_CC_STACKPROTECTOR is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_KEXEC=y +CONFIG_CRASH_DUMP=y +CONFIG_PHYSICAL_START=0x1000000 +CONFIG_RELOCATABLE=y +CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_HOTPLUG_CPU=y +# CONFIG_COMPAT_VDSO is not set +# CONFIG_CMDLINE_BOOL is not set +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_HAVE_ARCH_EARLY_PFN_TO_NID=y +CONFIG_USE_PERCPU_NUMA_NODE_ID=y + +# +# Power management and ACPI options +# +CONFIG_SUSPEND=y +CONFIG_SUSPEND_FREEZER=y +# CONFIG_HIBERNATION is not set +CONFIG_PM_SLEEP=y +CONFIG_PM_SLEEP_SMP=y +# CONFIG_PM_RUNTIME is not set +CONFIG_PM=y +CONFIG_PM_DEBUG=y +# CONFIG_PM_VERBOSE is not set +CONFIG_PM_ADVANCED_DEBUG=y +CONFIG_CAN_PM_TRACE=y +CONFIG_PM_TRACE=y +CONFIG_PM_TRACE_RTC=y +CONFIG_ACPI=y +CONFIG_ACPI_SLEEP=y +CONFIG_ACPI_PROCFS=y +CONFIG_ACPI_PROCFS_POWER=y +CONFIG_ACPI_POWER_METER=m +CONFIG_ACPI_EC_DEBUGFS=m +CONFIG_ACPI_PROC_EVENT=y +CONFIG_ACPI_AC=m +CONFIG_ACPI_BATTERY=m +CONFIG_ACPI_BUTTON=m +CONFIG_ACPI_VIDEO=m +CONFIG_ACPI_FAN=m +CONFIG_ACPI_DOCK=y +CONFIG_ACPI_PROCESSOR=m +CONFIG_ACPI_IPMI=m +CONFIG_ACPI_HOTPLUG_CPU=y +CONFIG_ACPI_PROCESSOR_AGGREGATOR=m +CONFIG_ACPI_THERMAL=m +CONFIG_ACPI_NUMA=y +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_PCI_SLOT=m +CONFIG_X86_PM_TIMER=y +CONFIG_ACPI_CONTAINER=y +# CONFIG_ACPI_SBS is not set +CONFIG_ACPI_HED=m +CONFIG_ACPI_APEI=y +CONFIG_ACPI_APEI_GHES=m +# CONFIG_ACPI_APEI_PCIEAER is not set +CONFIG_ACPI_APEI_EINJ=m +CONFIG_ACPI_APEI_ERST_DEBUG=m +# CONFIG_SFI is not set + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=m +CONFIG_CPU_FREQ_DEBUG=y +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_STAT_DETAILS=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=m +CONFIG_CPU_FREQ_GOV_POWERSAVE=m +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=m +CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m + +# +# CPUFreq processor drivers +# +CONFIG_X86_PCC_CPUFREQ=m +CONFIG_X86_ACPI_CPUFREQ=m +CONFIG_X86_POWERNOW_K8=m +# CONFIG_X86_SPEEDSTEP_CENTRINO is not set +# CONFIG_X86_P4_CLOCKMOD is not set + +# +# shared options +# +# CONFIG_X86_SPEEDSTEP_LIB is not set +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +# CONFIG_INTEL_IDLE is not set + +# +# Memory power savings +# +# CONFIG_I7300_IDLE is not set + +# +# Bus options (PCI etc.) +# +CONFIG_PCI=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCI_DOMAINS=y +# CONFIG_PCI_CNB20LE_QUIRK is not set +CONFIG_DMAR=y +# CONFIG_DMAR_DEFAULT_ON is not set +CONFIG_DMAR_FLOPPY_WA=y +# CONFIG_INTR_REMAP is not set +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEAER_INJECT is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_ARCH_SUPPORTS_MSI=y +CONFIG_PCI_MSI=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_HT_IRQ=y +# CONFIG_PCI_IOV is not set +CONFIG_PCI_IOAPIC=y +CONFIG_PCI_LABEL=y +CONFIG_ISA_DMA_API=y +CONFIG_AMD_NB=y +# CONFIG_PCCARD is not set +# CONFIG_HOTPLUG_PCI is not set +# CONFIG_RAPIDIO is not set + +# +# Executable file formats / Emulations +# +CONFIG_BINFMT_ELF=y +CONFIG_COMPAT_BINFMT_ELF=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +# CONFIG_HAVE_AOUT is not set +CONFIG_BINFMT_MISC=y +CONFIG_IA32_EMULATION=y +CONFIG_IA32_AOUT=m +CONFIG_COMPAT=y +CONFIG_COMPAT_FOR_U64_ALIGNMENT=y +CONFIG_SYSVIPC_COMPAT=y +CONFIG_KEYS_COMPAT=y +CONFIG_HAVE_TEXT_POKE_SMP=y +CONFIG_NET=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_SUB_POLICY is not set +CONFIG_XFRM_MIGRATE=y +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_IP_FIB_TRIE_STATS=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_ROUTE_CLASSID=y +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +CONFIG_IP_PNP_RARP=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE=y +CONFIG_IP_MROUTE_MULTIPLE_TABLES=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_ARPD=y +CONFIG_SYN_COOKIES=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_LRO=y +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +CONFIG_TCP_CONG_BIC=m +CONFIG_TCP_CONG_CUBIC=m +CONFIG_TCP_CONG_WESTWOOD=m +CONFIG_TCP_CONG_HTCP=m +CONFIG_TCP_CONG_HSTCP=m +CONFIG_TCP_CONG_HYBLA=m +CONFIG_TCP_CONG_VEGAS=m +CONFIG_TCP_CONG_SCALABLE=m +CONFIG_TCP_CONG_LP=m +CONFIG_TCP_CONG_VENO=m +CONFIG_TCP_CONG_YEAH=m +CONFIG_TCP_CONG_ILLINOIS=m +CONFIG_DEFAULT_RENO=y +CONFIG_DEFAULT_TCP_CONG="reno" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_PRIVACY=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_SIT=m +# CONFIG_IPV6_SIT_6RD is not set +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETLABEL=y +CONFIG_NETWORK_SECMARK=y +# CONFIG_NETWORK_PHY_TIMESTAMPING is not set +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=y + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_SECMARK=y +# CONFIG_NF_CONNTRACK_ZONES is not set +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CONNTRACK_TIMESTAMP=y +CONFIG_NF_CT_PROTO_DCCP=m +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CT_PROTO_SCTP=m +CONFIG_NF_CT_PROTO_UDPLITE=m +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_BROADCAST=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_SNMP=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NETFILTER_TPROXY=m +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=m +CONFIG_NETFILTER_XT_CONNMARK=m +CONFIG_NETFILTER_XT_SET=m + +# +# Xtables targets +# +CONFIG_NETFILTER_XT_TARGET_AUDIT=m +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +CONFIG_NETFILTER_XT_TARGET_NOTRACK=m +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TRACE=m +CONFIG_NETFILTER_XT_TARGET_SECMARK=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m + +# +# Xtables matches +# +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DEVGROUP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +CONFIG_IP_SET=m +CONFIG_IP_SET_MAX=256 +CONFIG_IP_SET_BITMAP_IP=m +CONFIG_IP_SET_BITMAP_IPMAC=m +CONFIG_IP_SET_BITMAP_PORT=m +CONFIG_IP_SET_HASH_IP=m +CONFIG_IP_SET_HASH_IPPORT=m +CONFIG_IP_SET_HASH_IPPORTIP=m +CONFIG_IP_SET_HASH_IPPORTNET=m +CONFIG_IP_SET_HASH_NET=m +CONFIG_IP_SET_HASH_NETPORT=m +CONFIG_IP_SET_LIST_SET=m +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_IP_NF_QUEUE=m +CONFIG_IP_NF_IPTABLES=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=m +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_LOG=m +CONFIG_IP_NF_TARGET_ULOG=m +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_DCCP=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PROTO_UDPLITE=m +CONFIG_NF_NAT_PROTO_SCTP=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_NF_NAT_SIP=m +CONFIG_IP_NF_MANGLE=m +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_IP6_NF_QUEUE=m +CONFIG_IP6_NF_IPTABLES=m +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_TARGET_LOG=m +CONFIG_IP6_NF_FILTER=m +CONFIG_IP6_NF_TARGET_REJECT=m +CONFIG_IP6_NF_MANGLE=m +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_ULOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_TFRC_LIB=y + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# CONFIG_NET_DCCPPROBE is not set +CONFIG_IP_SCTP=m +CONFIG_NET_SCTPPROBE=m +# CONFIG_SCTP_DBG_MSG is not set +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_HMAC_NONE is not set +# CONFIG_SCTP_HMAC_SHA1 is not set +CONFIG_SCTP_HMAC_MD5=y +CONFIG_RDS=m +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +CONFIG_TIPC_ADVANCED=y +CONFIG_TIPC_PORTS=8191 +CONFIG_TIPC_LOG=0 +# CONFIG_TIPC_DEBUG is not set +# CONFIG_ATM is not set +CONFIG_L2TP=m +CONFIG_L2TP_DEBUGFS=m +# CONFIG_L2TP_V3 is not set +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=m +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_IPX=m +# CONFIG_IPX_INTERN is not set +CONFIG_ATALK=m +# CONFIG_DEV_APPLETALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set +# CONFIG_PHONET is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFB=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_MQPRIO=m +CONFIG_NET_SCH_CHOKE=m +CONFIG_NET_SCH_INGRESS=m + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_RSVP6=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +# CONFIG_GACT_PROB is not set +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +CONFIG_NET_ACT_CSUM=m +# CONFIG_NET_CLS_IND is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set +CONFIG_DNS_RESOLVER=y +# CONFIG_BATMAN_ADV is not set +CONFIG_RPS=y +CONFIG_RFS_ACCEL=y +CONFIG_XPS=y + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +CONFIG_NET_TCPPROBE=m +# CONFIG_NET_DROP_MONITOR is not set +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +CONFIG_AF_RXRPC=m +# CONFIG_AF_RXRPC_DEBUG is not set +# CONFIG_RXKAD is not set +CONFIG_FIB_RULES=y +# CONFIG_WIRELESS is not set +# CONFIG_WIMAX is not set +CONFIG_RFKILL=m +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +# CONFIG_NET_9P is not set +# CONFIG_CAIF is not set +CONFIG_CEPH_LIB=m +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" +# CONFIG_DEVTMPFS is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y +CONFIG_FW_LOADER=y +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_SYS_HYPERVISOR is not set +CONFIG_ARCH_NO_SYSDEV_OPS=y +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y +# CONFIG_MTD is not set +# CONFIG_PARPORT is not set +CONFIG_PNP=y +CONFIG_PNP_DEBUG_MESSAGES=y + +# +# Protocols +# +CONFIG_PNPACPI=y +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_FD is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=y +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +# CONFIG_BLK_DEV_OSD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_BLK_DEV_XIP is not set +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +# CONFIG_BLK_DEV_HD is not set +CONFIG_BLK_DEV_RBD=m +CONFIG_SENSORS_LIS3LV02D=m +CONFIG_MISC_DEVICES=y +# CONFIG_AD525X_DPOT is not set +# CONFIG_IBM_ASM is not set +# CONFIG_PHANTOM is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_CS5535_MFGPT is not set +# CONFIG_HP_ILO is not set +# CONFIG_APDS9802ALS is not set +# CONFIG_ISL29003 is not set +# CONFIG_ISL29020 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1780 is not set +# CONFIG_SENSORS_BH1770 is not set +# CONFIG_SENSORS_APDS990X is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_VMWARE_BALLOON is not set +# CONFIG_BMP085 is not set +# CONFIG_PCH_PHUB is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +# CONFIG_EEPROM_AT24 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_CB710_CORE is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_TI_ST is not set +CONFIG_SENSORS_LIS3_I2C=m +CONFIG_HAVE_IDE=y +# CONFIG_IDE is not set + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=m +CONFIG_BLK_DEV_SR_VENDOR=y +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_MULTI_LUN is not set +CONFIG_SCSI_CONSTANTS=y +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set +CONFIG_SCSI_WAIT_SCAN=m + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=y +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +# CONFIG_SCSI_SAS_ATA is not set +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SRP_ATTRS=m +# CONFIG_SCSI_LOWLEVEL is not set +CONFIG_SCSI_DH=m +# CONFIG_SCSI_DH_RDAC is not set +# CONFIG_SCSI_DH_HP_SW is not set +# CONFIG_SCSI_DH_EMC is not set +# CONFIG_SCSI_DH_ALUA is not set +CONFIG_SCSI_OSD_INITIATOR=m +CONFIG_SCSI_OSD_ULD=m +CONFIG_SCSI_OSD_DPRINT_SENSE=1 +# CONFIG_SCSI_OSD_DEBUG is not set +CONFIG_ATA=y +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_ATA_VERBOSE_ERROR=y +CONFIG_ATA_ACPI=y +CONFIG_SATA_PMP=y + +# +# Controllers with non-SFF native interface +# +CONFIG_SATA_AHCI=y +# CONFIG_SATA_AHCI_PLATFORM is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_SATA_ACARD_AHCI is not set +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y + +# +# SFF controllers with custom DMA interface +# +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_SX4 is not set +CONFIG_ATA_BMDMA=y + +# +# SATA SFF controllers with BMDMA +# +CONFIG_ATA_PIIX=y +# CONFIG_SATA_MV is not set +# CONFIG_SATA_NV is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_SVW is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set + +# +# PATA SFF controllers with BMDMA +# +# CONFIG_PATA_ALI is not set +CONFIG_PATA_AMD=y +# CONFIG_PATA_ARASAN_CF is not set +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CS5520 is not set +# CONFIG_PATA_CS5530 is not set +# CONFIG_PATA_CS5536 is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87415 is not set +CONFIG_PATA_OLDPIIX=y +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_SC1200 is not set +CONFIG_PATA_SCH=y +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set + +# +# PIO-only SFF controllers +# +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_MPIIX is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_RZ1000 is not set + +# +# Generic fallback / legacy drivers +# +# CONFIG_PATA_ACPI is not set +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_LEGACY is not set +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=y +CONFIG_MD_RAID10=y +CONFIG_MD_RAID456=m +CONFIG_MULTICORE_RAID456=y +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_MIRROR=y +CONFIG_DM_RAID=m +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m +# CONFIG_DM_UEVENT is not set +CONFIG_DM_FLAKEY=m +CONFIG_TARGET_CORE=m +CONFIG_TCM_IBLOCK=m +CONFIG_TCM_FILEIO=m +CONFIG_TCM_PSCSI=m +CONFIG_LOOPBACK_TARGET=m +# CONFIG_LOOPBACK_TARGET_CDB_DEBUG is not set +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# +# CONFIG_FIREWIRE is not set +CONFIG_FIREWIRE_NOSY=m +CONFIG_I2O=m +CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y +CONFIG_I2O_EXT_ADAPTEC=y +CONFIG_I2O_EXT_ADAPTEC_DMA64=y +CONFIG_I2O_CONFIG=m +CONFIG_I2O_CONFIG_OLD_IOCTL=y +CONFIG_I2O_BUS=m +CONFIG_I2O_BLOCK=m +# CONFIG_I2O_SCSI is not set +CONFIG_I2O_PROC=m +# CONFIG_MACINTOSH_DRIVERS is not set +CONFIG_NETDEVICES=y +CONFIG_IFB=m +CONFIG_DUMMY=m +CONFIG_BONDING=m +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +# CONFIG_EQUALIZER is not set +CONFIG_TUN=m +CONFIG_VETH=m +# CONFIG_NET_SB1000 is not set +# CONFIG_ARCNET is not set +CONFIG_MII=y +CONFIG_PHYLIB=y + +# +# MII PHY device drivers +# +# CONFIG_MARVELL_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_VITESSE_PHY is not set +CONFIG_SMSC_PHY=m +# CONFIG_BROADCOM_PHY is not set +# CONFIG_BCM63XX_PHY is not set +# CONFIG_ICPLUS_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_FIXED_PHY is not set +# CONFIG_MDIO_BITBANG is not set +CONFIG_NET_ETHERNET=y +CONFIG_HAPPYMEAL=m +CONFIG_SUNGEM=m +CONFIG_CASSINI=m +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=m +CONFIG_TYPHOON=m +CONFIG_ETHOC=m +CONFIG_DNET=m +CONFIG_NET_TULIP=y +CONFIG_DE2104X=m +CONFIG_DE2104X_DSL=0 +CONFIG_TULIP=m +# CONFIG_TULIP_MWI is not set +# CONFIG_TULIP_MMIO is not set +# CONFIG_TULIP_NAPI is not set +CONFIG_DE4X5=m +CONFIG_WINBOND_840=m +CONFIG_DM9102=m +CONFIG_ULI526X=m +# CONFIG_HP100 is not set +# CONFIG_IBM_NEW_EMAC_ZMII is not set +# CONFIG_IBM_NEW_EMAC_RGMII is not set +# CONFIG_IBM_NEW_EMAC_TAH is not set +# CONFIG_IBM_NEW_EMAC_EMAC4 is not set +# CONFIG_IBM_NEW_EMAC_NO_FLOW_CTRL is not set +# CONFIG_IBM_NEW_EMAC_MAL_CLR_ICINTSTAT is not set +# CONFIG_IBM_NEW_EMAC_MAL_COMMON_ERR is not set +CONFIG_NET_PCI=y +CONFIG_PCNET32=m +CONFIG_AMD8111_ETH=m +CONFIG_ADAPTEC_STARFIRE=m +CONFIG_KSZ884X_PCI=m +CONFIG_B44=m +CONFIG_B44_PCI_AUTOSELECT=y +CONFIG_B44_PCICORE_AUTOSELECT=y +CONFIG_B44_PCI=y +CONFIG_FORCEDETH=m +CONFIG_E100=m +CONFIG_FEALNX=m +CONFIG_NATSEMI=m +CONFIG_NE2K_PCI=m +CONFIG_8139CP=m +CONFIG_8139TOO=m +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_R6040=m +CONFIG_SIS900=m +CONFIG_EPIC100=m +CONFIG_SMSC9420=m +CONFIG_SUNDANCE=m +# CONFIG_SUNDANCE_MMIO is not set +CONFIG_TLAN=m +CONFIG_KS8842=m +CONFIG_KS8851_MLL=m +CONFIG_VIA_RHINE=m +# CONFIG_VIA_RHINE_MMIO is not set +CONFIG_SC92031=m +CONFIG_ATL2=m +CONFIG_NETDEV_1000=y +CONFIG_ACENIC=m +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_DL2K=m +CONFIG_E1000=m +CONFIG_E1000E=m +CONFIG_IP1000=m +CONFIG_IGB=m +CONFIG_IGBVF=m +CONFIG_NS83820=m +CONFIG_HAMACHI=m +CONFIG_YELLOWFIN=m +CONFIG_R8169=m +CONFIG_SIS190=m +CONFIG_SKGE=m +# CONFIG_SKGE_DEBUG is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +CONFIG_VIA_VELOCITY=m +CONFIG_TIGON3=m +CONFIG_BNX2=m +CONFIG_CNIC=m +CONFIG_QLA3XXX=m +CONFIG_ATL1=m +CONFIG_ATL1E=m +CONFIG_ATL1C=m +CONFIG_JME=m +CONFIG_STMMAC_ETH=m +CONFIG_STMMAC_DA=y +CONFIG_STMMAC_DUAL_MAC=y +CONFIG_PCH_GBE=m +CONFIG_NETDEV_10000=y +CONFIG_MDIO=m +CONFIG_CHELSIO_T1=m +CONFIG_CHELSIO_T1_1G=y +CONFIG_CHELSIO_T3=m +CONFIG_CHELSIO_T4=m +CONFIG_CHELSIO_T4VF=m +CONFIG_ENIC=m +CONFIG_IXGBE=m +CONFIG_IXGBEVF=m +CONFIG_IXGB=m +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set +CONFIG_MYRI10GE=m +CONFIG_NETXEN_NIC=m +CONFIG_NIU=m +CONFIG_MLX4_EN=m +CONFIG_MLX4_CORE=m +CONFIG_MLX4_DEBUG=y +CONFIG_TEHUTI=m +CONFIG_BNX2X=m +CONFIG_QLCNIC=m +CONFIG_QLGE=m +CONFIG_BNA=m +CONFIG_SFC=m +CONFIG_BE2NET=m +# CONFIG_TR is not set +# CONFIG_WLAN is not set + +# +# Enable WiMAX (Networking options) to see the WiMAX drivers +# +# CONFIG_WAN is not set + +# +# CAIF transport drivers +# +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_NET_FC is not set +CONFIG_NETCONSOLE=y +# CONFIG_NETCONSOLE_DYNAMIC is not set +CONFIG_NETPOLL=y +# CONFIG_NETPOLL_TRAP is not set +CONFIG_NET_POLL_CONTROLLER=y +# CONFIG_VMXNET3 is not set +# CONFIG_ISDN is not set +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_FF_MEMLESS=y +CONFIG_INPUT_POLLDEV=y +# CONFIG_INPUT_SPARSEKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_QT1070 is not set +# CONFIG_KEYBOARD_QT2160 is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_TCA6416 is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_MCS is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +CONFIG_SERIO_SERPORT=y +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_SERIO_ALTERA_PS2 is not set +# CONFIG_SERIO_PS2MULT is not set +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_UNIX98_PTYS=y +# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set +# CONFIG_LEGACY_PTYS is not set +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_ROCKETPORT is not set +# CONFIG_CYCLADES is not set +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_SYNCLINK is not set +# CONFIG_SYNCLINKMP is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_NOZOMI is not set +# CONFIG_ISI is not set +# CONFIG_N_HDLC is not set +# CONFIG_N_GSM is not set +CONFIG_DEVKMEM=y +# CONFIG_STALDRV is not set + +# +# Serial drivers +# +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_SERIAL_8250_PCI=y +CONFIG_SERIAL_8250_PNP=y +CONFIG_SERIAL_8250_NR_UARTS=32 +CONFIG_SERIAL_8250_RUNTIME_UARTS=4 +CONFIG_SERIAL_8250_EXTENDED=y +CONFIG_SERIAL_8250_MANY_PORTS=y +CONFIG_SERIAL_8250_SHARE_IRQ=y +CONFIG_SERIAL_8250_DETECT_IRQ=y +CONFIG_SERIAL_8250_RSA=y + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_MFD_HSU is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_TIMBERDALE is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +# CONFIG_SERIAL_PCH_UART is not set +CONFIG_IPMI_HANDLER=m +# CONFIG_IPMI_PANIC_EVENT is not set +CONFIG_IPMI_DEVICE_INTERFACE=m +CONFIG_IPMI_SI=m +CONFIG_IPMI_WATCHDOG=m +CONFIG_IPMI_POWEROFF=m +CONFIG_HW_RANDOM=m +CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_NVRAM=y +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_MWAVE is not set +# CONFIG_RAW_DRIVER is not set +CONFIG_HPET=y +# CONFIG_HPET_MMAP is not set +# CONFIG_HANGCHECK_TIMER is not set +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set +CONFIG_DEVPORT=y +# CONFIG_RAMOOPS is not set +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_MUX=m + +# +# Multiplexer I2C Chip support +# +# CONFIG_I2C_MUX_PCA9541 is not set +CONFIG_I2C_MUX_PCA954x=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_SMBUS=m +CONFIG_I2C_ALGOBIT=m +CONFIG_I2C_ALGOPCA=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +CONFIG_I2C_ALI1535=m +CONFIG_I2C_ALI1563=m +CONFIG_I2C_ALI15X3=m +CONFIG_I2C_AMD756=m +CONFIG_I2C_AMD756_S4882=m +CONFIG_I2C_AMD8111=m +CONFIG_I2C_I801=m +CONFIG_I2C_ISCH=m +CONFIG_I2C_PIIX4=m +CONFIG_I2C_NFORCE2=m +CONFIG_I2C_NFORCE2_S4985=m +CONFIG_I2C_SIS5595=m +CONFIG_I2C_SIS630=m +CONFIG_I2C_SIS96X=m +CONFIG_I2C_VIA=m +CONFIG_I2C_VIAPRO=m + +# +# ACPI drivers +# +CONFIG_I2C_SCMI=m + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +CONFIG_I2C_INTEL_MID=m +CONFIG_I2C_OCORES=m +CONFIG_I2C_PCA_PLATFORM=m +# CONFIG_I2C_PXA_PCI is not set +CONFIG_I2C_SIMTEC=m +# CONFIG_I2C_XILINX is not set +CONFIG_I2C_EG20T=m + +# +# External I2C/SMBus adapter drivers +# +CONFIG_I2C_PARPORT_LIGHT=m +CONFIG_I2C_TAOS_EVM=m + +# +# Other I2C/SMBus bus drivers +# +CONFIG_I2C_STUB=m +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# CONFIG_SPI is not set + +# +# PPS support +# +# CONFIG_PPS is not set + +# +# PPS generators support +# +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +# CONFIG_GPIOLIB is not set +# CONFIG_W1 is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +# CONFIG_PDA_POWER is not set +CONFIG_TEST_POWER=m +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_BQ20Z75 is not set +# CONFIG_BATTERY_BQ27x00 is not set +# CONFIG_BATTERY_MAX17040 is not set +# CONFIG_BATTERY_MAX17042 is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=m +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +CONFIG_SENSORS_ABITUGURU=m +CONFIG_SENSORS_ABITUGURU3=m +CONFIG_SENSORS_AD7414=m +CONFIG_SENSORS_AD7418=m +CONFIG_SENSORS_ADM1021=m +CONFIG_SENSORS_ADM1025=m +CONFIG_SENSORS_ADM1026=m +CONFIG_SENSORS_ADM1029=m +CONFIG_SENSORS_ADM1031=m +CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7411=m +CONFIG_SENSORS_ADT7462=m +CONFIG_SENSORS_ADT7470=m +CONFIG_SENSORS_ADT7475=m +CONFIG_SENSORS_ASC7621=m +CONFIG_SENSORS_K8TEMP=m +CONFIG_SENSORS_K10TEMP=m +CONFIG_SENSORS_ASB100=m +CONFIG_SENSORS_ATXP1=m +CONFIG_SENSORS_DS620=m +CONFIG_SENSORS_DS1621=m +CONFIG_SENSORS_I5K_AMB=m +CONFIG_SENSORS_F71805F=m +CONFIG_SENSORS_F71882FG=m +CONFIG_SENSORS_F75375S=m +CONFIG_SENSORS_FSCHMD=m +CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_GL518SM=m +CONFIG_SENSORS_GL520SM=m +CONFIG_SENSORS_CORETEMP=m +CONFIG_SENSORS_PKGTEMP=m +CONFIG_SENSORS_IBMAEM=m +CONFIG_SENSORS_IBMPEX=m +CONFIG_SENSORS_IT87=m +CONFIG_SENSORS_JC42=m +CONFIG_SENSORS_LINEAGE=m +CONFIG_SENSORS_LM63=m +CONFIG_SENSORS_LM73=m +CONFIG_SENSORS_LM75=m +CONFIG_SENSORS_LM77=m +CONFIG_SENSORS_LM78=m +CONFIG_SENSORS_LM80=m +CONFIG_SENSORS_LM83=m +CONFIG_SENSORS_LM85=m +CONFIG_SENSORS_LM87=m +CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_LM92=m +CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LTC4151=m +CONFIG_SENSORS_LTC4215=m +CONFIG_SENSORS_LTC4245=m +CONFIG_SENSORS_LTC4261=m +CONFIG_SENSORS_LM95241=m +CONFIG_SENSORS_MAX1619=m +CONFIG_SENSORS_MAX6639=m +CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_PC87360=m +CONFIG_SENSORS_PC87427=m +CONFIG_SENSORS_PCF8591=m +CONFIG_PMBUS=m +CONFIG_SENSORS_PMBUS=m +CONFIG_SENSORS_MAX16064=m +CONFIG_SENSORS_MAX34440=m +CONFIG_SENSORS_MAX8688=m +CONFIG_SENSORS_SHT21=m +CONFIG_SENSORS_SIS5595=m +CONFIG_SENSORS_SMM665=m +CONFIG_SENSORS_DME1737=m +CONFIG_SENSORS_EMC1403=m +CONFIG_SENSORS_EMC2103=m +CONFIG_SENSORS_SMSC47M1=m +CONFIG_SENSORS_SMSC47M192=m +CONFIG_SENSORS_SMSC47B397=m +CONFIG_SENSORS_SCH5627=m +CONFIG_SENSORS_ADS1015=m +CONFIG_SENSORS_ADS7828=m +CONFIG_SENSORS_AMC6821=m +CONFIG_SENSORS_THMC50=m +CONFIG_SENSORS_TMP102=m +CONFIG_SENSORS_TMP401=m +CONFIG_SENSORS_TMP421=m +CONFIG_SENSORS_VIA_CPUTEMP=m +CONFIG_SENSORS_VIA686A=m +CONFIG_SENSORS_VT1211=m +CONFIG_SENSORS_VT8231=m +CONFIG_SENSORS_W83781D=m +CONFIG_SENSORS_W83791D=m +CONFIG_SENSORS_W83792D=m +CONFIG_SENSORS_W83793=m +CONFIG_SENSORS_W83795=m +CONFIG_SENSORS_W83795_FANCTRL=y +CONFIG_SENSORS_W83L785TS=m +CONFIG_SENSORS_W83L786NG=m +CONFIG_SENSORS_W83627HF=m +CONFIG_SENSORS_W83627EHF=m +CONFIG_SENSORS_APPLESMC=m + +# +# ACPI drivers +# +CONFIG_SENSORS_ATK0110=m +CONFIG_THERMAL=y +CONFIG_THERMAL_HWMON=y +CONFIG_WATCHDOG=y +# CONFIG_WATCHDOG_NOWAYOUT is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +CONFIG_ACQUIRE_WDT=m +CONFIG_ADVANTECH_WDT=m +CONFIG_ALIM1535_WDT=m +CONFIG_ALIM7101_WDT=m +CONFIG_F71808E_WDT=m +CONFIG_SP5100_TCO=m +CONFIG_SC520_WDT=m +CONFIG_SBC_FITPC2_WATCHDOG=m +CONFIG_EUROTECH_WDT=m +CONFIG_IB700_WDT=m +CONFIG_IBMASR=m +CONFIG_WAFER_WDT=m +CONFIG_I6300ESB_WDT=m +CONFIG_ITCO_WDT=m +# CONFIG_ITCO_VENDOR_SUPPORT is not set +CONFIG_IT8712F_WDT=m +CONFIG_IT87_WDT=m +CONFIG_HP_WATCHDOG=m +# CONFIG_HPWDT_NMI_DECODING is not set +CONFIG_SC1200_WDT=m +CONFIG_PC87413_WDT=m +CONFIG_NV_TCO=m +CONFIG_60XX_WDT=m +CONFIG_SBC8360_WDT=m +CONFIG_CPU5_WDT=m +CONFIG_SMSC_SCH311X_WDT=m +CONFIG_SMSC37B787_WDT=m +CONFIG_W83627HF_WDT=m +CONFIG_W83697HF_WDT=m +CONFIG_W83697UG_WDT=m +CONFIG_W83877F_WDT=m +CONFIG_W83977F_WDT=m +CONFIG_MACHZ_WDT=m +CONFIG_SBC_EPX_C3_WATCHDOG=m + +# +# PCI-based Watchdog Cards +# +CONFIG_PCIPCWATCHDOG=m +CONFIG_WDTPCI=m +CONFIG_SSB_POSSIBLE=y + +# +# Sonics Silicon Backplane +# +CONFIG_SSB=m +CONFIG_SSB_SPROM=y +CONFIG_SSB_PCIHOST_POSSIBLE=y +CONFIG_SSB_PCIHOST=y +# CONFIG_SSB_B43_PCI_BRIDGE is not set +# CONFIG_SSB_DEBUG is not set +CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y +CONFIG_SSB_DRIVER_PCICORE=y +CONFIG_MFD_SUPPORT=y +CONFIG_MFD_CORE=m +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_TPS6105X is not set +# CONFIG_TPS6507X is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_MFD_STMPE is not set +# CONFIG_MFD_TC3589X is not set +# CONFIG_MFD_TMIO is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8997 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X_I2C is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_ABX500_CORE is not set +# CONFIG_MFD_CS5535 is not set +CONFIG_LPC_SCH=m +CONFIG_MFD_RDC321X=m +CONFIG_MFD_JANZ_CMODIO=m +CONFIG_MFD_VX855=m +# CONFIG_MFD_WL1273_CORE is not set +# CONFIG_REGULATOR is not set +# CONFIG_MEDIA_SUPPORT is not set + +# +# Graphics support +# +# CONFIG_AGP is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +# CONFIG_VGA_SWITCHEROO is not set +# CONFIG_DRM is not set +CONFIG_STUB_POULSBO=m +# CONFIG_VGASTATE is not set +CONFIG_VIDEO_OUTPUT_CONTROL=m +CONFIG_FB=m +# CONFIG_FIRMWARE_EDID is not set +# CONFIG_FB_DDC is not set +# CONFIG_FB_BOOT_VESA_SUPPORT is not set +# CONFIG_FB_CFB_FILLRECT is not set +# CONFIG_FB_CFB_COPYAREA is not set +# CONFIG_FB_CFB_IMAGEBLIT is not set +# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set +# CONFIG_FB_SYS_FILLRECT is not set +# CONFIG_FB_SYS_COPYAREA is not set +# CONFIG_FB_SYS_IMAGEBLIT is not set +# CONFIG_FB_FOREIGN_ENDIAN is not set +# CONFIG_FB_SYS_FOPS is not set +# CONFIG_FB_WMT_GE_ROPS is not set +# CONFIG_FB_SVGALIB is not set +# CONFIG_FB_MACMODES is not set +# CONFIG_FB_BACKLIGHT is not set +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ARC is not set +# CONFIG_FB_VGA16 is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_N411 is not set +# CONFIG_FB_HGA is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_LE80578 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_VIA is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_GEODE is not set +# CONFIG_FB_TMIO is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_BROADSHEET is not set +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set +CONFIG_BACKLIGHT_CLASS_DEVICE=m + +# +# Display device support +# +# CONFIG_DISPLAY_SUPPORT is not set + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +CONFIG_VGACON_SOFT_SCROLLBACK=y +CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=64 +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# CONFIG_LOGO is not set +# CONFIG_SOUND is not set +# CONFIG_HID_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_UWB is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=y + +# +# LED drivers +# +# CONFIG_LEDS_LM3530 is not set +# CONFIG_LEDS_ALIX2 is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_LP5521 is not set +# CONFIG_LEDS_LP5523 is not set +# CONFIG_LEDS_CLEVO_MAIL is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_INTEL_SS4200 is not set +CONFIG_LEDS_TRIGGERS=y + +# +# LED Triggers +# +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_NFC_DEVICES is not set +# CONFIG_ACCESSIBILITY is not set +# CONFIG_INFINIBAND is not set +CONFIG_EDAC=y + +# +# Reporting subsystems +# +# CONFIG_EDAC_DEBUG is not set +CONFIG_EDAC_DECODE_MCE=y +CONFIG_EDAC_MCE_INJ=m +# CONFIG_EDAC_MM_EDAC is not set +CONFIG_RTC_LIB=m +CONFIG_RTC_CLASS=m + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set +CONFIG_RTC_DRV_TEST=m + +# +# I2C RTC drivers +# +CONFIG_RTC_DRV_DS1307=m +CONFIG_RTC_DRV_DS1374=m +CONFIG_RTC_DRV_DS1672=m +CONFIG_RTC_DRV_DS3232=m +CONFIG_RTC_DRV_MAX6900=m +CONFIG_RTC_DRV_RS5C372=m +CONFIG_RTC_DRV_ISL1208=m +CONFIG_RTC_DRV_ISL12022=m +CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8563=m +CONFIG_RTC_DRV_PCF8583=m +CONFIG_RTC_DRV_M41T80=m +# CONFIG_RTC_DRV_M41T80_WDT is not set +CONFIG_RTC_DRV_BQ32K=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_FM3130=m +CONFIG_RTC_DRV_RX8581=m +CONFIG_RTC_DRV_RX8025=m + +# +# SPI RTC drivers +# + +# +# Platform RTC drivers +# +CONFIG_RTC_DRV_CMOS=m +CONFIG_RTC_DRV_DS1286=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_RTC_DRV_DS1553=m +CONFIG_RTC_DRV_DS1742=m +CONFIG_RTC_DRV_STK17TA8=m +CONFIG_RTC_DRV_M48T86=m +CONFIG_RTC_DRV_M48T35=m +CONFIG_RTC_DRV_M48T59=m +CONFIG_RTC_DRV_MSM6242=m +CONFIG_RTC_DRV_BQ4802=m +CONFIG_RTC_DRV_RP5C01=m +CONFIG_RTC_DRV_V3020=m + +# +# on-CPU RTC drivers +# +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +CONFIG_INTEL_MID_DMAC=m +# CONFIG_INTEL_IOATDMA is not set +CONFIG_TIMB_DMA=m +CONFIG_PCH_DMA=m +CONFIG_DMA_ENGINE=y + +# +# DMA Clients +# +# CONFIG_NET_DMA is not set +# CONFIG_ASYNC_TX_DMA is not set +CONFIG_DMATEST=m +# CONFIG_AUXDISPLAY is not set +CONFIG_UIO=m +CONFIG_UIO_CIF=m +CONFIG_UIO_PDRV=m +CONFIG_UIO_PDRV_GENIRQ=m +CONFIG_UIO_AEC=m +CONFIG_UIO_SERCOS3=m +CONFIG_UIO_PCI_GENERIC=m +CONFIG_UIO_NETX=m +CONFIG_STAGING=y +# CONFIG_STAGING_EXCLUDE_BUILD is not set +# CONFIG_DIGIEPCA is not set +# CONFIG_RISCOM8 is not set +# CONFIG_SPECIALIX is not set +# CONFIG_COMPUTONE is not set +# CONFIG_ET131X is not set +# CONFIG_SLICOSS is not set +# CONFIG_ECHO is not set +# CONFIG_COMEDI is not set +# CONFIG_RTS_PSTOR is not set +# CONFIG_POHMELFS is not set +# CONFIG_IDE_PHISON is not set +# CONFIG_HYPERV is not set +# CONFIG_VME_BUS is not set +# CONFIG_DX_SEP is not set +# CONFIG_IIO is not set +CONFIG_XVMALLOC=y +CONFIG_ZRAM=m +# CONFIG_ZRAM_DEBUG is not set +# CONFIG_FB_SM7XX is not set +# CONFIG_CRYSTALHD is not set +# CONFIG_FB_XGI is not set +# CONFIG_ACPI_QUICKSTART is not set +CONFIG_MACH_NO_WESTBRIDGE=y +# CONFIG_FT1000 is not set + +# +# Speakup console speech +# +# CONFIG_SPEAKUP is not set +# CONFIG_TOUCHSCREEN_SYNAPTICS_I2C_RMI4 is not set + +# +# Altera FPGA firmware download module +# +CONFIG_ALTERA_STAPL=m +CONFIG_X86_PLATFORM_DEVICES=y +# CONFIG_ACERHDF is not set +# CONFIG_ASUS_LAPTOP is not set +# CONFIG_FUJITSU_LAPTOP is not set +# CONFIG_HP_ACCEL is not set +# CONFIG_MSI_LAPTOP is not set +# CONFIG_PANASONIC_LAPTOP is not set +# CONFIG_COMPAL_LAPTOP is not set +# CONFIG_SONY_LAPTOP is not set +# CONFIG_IDEAPAD_LAPTOP is not set +# CONFIG_THINKPAD_ACPI is not set +CONFIG_SENSORS_HDAPS=m +# CONFIG_INTEL_MENLOW is not set +# CONFIG_ACPI_WMI is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_TOPSTAR_LAPTOP is not set +# CONFIG_ACPI_TOSHIBA is not set +# CONFIG_TOSHIBA_BT_RFKILL is not set +# CONFIG_ACPI_CMPC is not set +# CONFIG_INTEL_IPS is not set +# CONFIG_IBM_RTL is not set +# CONFIG_XO15_EBOOK is not set +# CONFIG_SAMSUNG_LAPTOP is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +CONFIG_FIRMWARE_MEMMAP=y +CONFIG_EFI_VARS=y +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_DMIID=y +CONFIG_DMI_SYSFS=m +# CONFIG_ISCSI_IBFT_FIND is not set +# CONFIG_SIGMA is not set + +# +# File systems +# +CONFIG_EXT2_FS=m +CONFIG_EXT2_FS_XATTR=y +CONFIG_EXT2_FS_POSIX_ACL=y +CONFIG_EXT2_FS_SECURITY=y +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set +CONFIG_EXT3_FS_XATTR=y +CONFIG_EXT3_FS_POSIX_ACL=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_FS_XATTR=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD=y +CONFIG_JBD_DEBUG=y +CONFIG_JBD2=y +CONFIG_JBD2_DEBUG=y +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +CONFIG_JFS_STATISTICS=y +CONFIG_XFS_FS=m +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +CONFIG_XFS_RT=y +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +CONFIG_OCFS2_FS_STATS=y +CONFIG_OCFS2_DEBUG_MASKLOG=y +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +CONFIG_NILFS2_FS=m +CONFIG_FS_POSIX_ACL=y +CONFIG_EXPORTFS=y +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_FANOTIFY=y +CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_PRINT_QUOTA_WARNING is not set +CONFIG_QUOTA_DEBUG=y +CONFIG_QUOTA_TREE=m +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=m +CONFIG_QUOTACTL=y +CONFIG_QUOTACTL_COMPAT=y +CONFIG_AUTOFS4_FS=m +CONFIG_FUSE_FS=m +CONFIG_CUSE=m +CONFIG_GENERIC_ACL=y + +# +# Caches +# +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +CONFIG_FSCACHE_HISTOGRAM=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_FSCACHE_OBJECT_LIST=y +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_HISTOGRAM is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +# CONFIG_NTFS_DEBUG is not set +CONFIG_NTFS_RW=y + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_VMCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_CONFIGFS_FS=m +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ADFS_FS=m +# CONFIG_ADFS_FS_RW is not set +# CONFIG_AFFS_FS is not set +CONFIG_ECRYPT_FS=m +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_LOGFS is not set +CONFIG_CRAMFS=m +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_XATTR=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_XZ=y +CONFIG_SQUASHFS_EMBEDDED=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +CONFIG_ROMFS_ON_BLOCK=y +CONFIG_PSTORE=y +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EXOFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=m +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +CONFIG_NFS_V4_1=y +CONFIG_PNFS_FILE_LAYOUT=m +# CONFIG_NFS_FSCACHE is not set +# CONFIG_NFS_USE_LEGACY_DNS is not set +CONFIG_NFS_USE_KERNEL_DNS=y +# CONFIG_NFS_USE_NEW_IDMAPPER is not set +CONFIG_NFSD=m +CONFIG_NFSD_DEPRECATED=y +CONFIG_NFSD_V2_ACL=y +CONFIG_NFSD_V3=y +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +CONFIG_LOCKD=m +CONFIG_LOCKD_V4=y +CONFIG_NFS_ACL_SUPPORT=m +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=m +CONFIG_SUNRPC_GSS=m +CONFIG_RPCSEC_GSS_KRB5=m +CONFIG_CEPH_FS=m +CONFIG_CIFS=m +CONFIG_CIFS_STATS=y +CONFIG_CIFS_STATS2=y +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_UPCALL is not set +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +# CONFIG_CIFS_DEBUG2 is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_FSCACHE is not set +CONFIG_CIFS_ACL=y +# CONFIG_CIFS_EXPERIMENTAL is not set +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +CONFIG_AFS_FS=m +# CONFIG_AFS_DEBUG is not set +# CONFIG_AFS_FSCACHE is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +# CONFIG_LDM_PARTITION is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=m +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +# CONFIG_DLM_DEBUG is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_PRINTK_TIME=y +CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4 +# CONFIG_ENABLE_WARN_DEPRECATED is not set +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=2048 +CONFIG_MAGIC_SYSRQ=y +# CONFIG_STRIP_ASM_SYMS is not set +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_DEBUG_FS=y +# CONFIG_HEADERS_CHECK is not set +# CONFIG_DEBUG_SECTION_MISMATCH is not set +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_SHIRQ is not set +# CONFIG_LOCKUP_DETECTOR is not set +# CONFIG_HARDLOCKUP_DETECTOR is not set +# CONFIG_DETECT_HUNG_TASK is not set +# CONFIG_SCHED_DEBUG is not set +CONFIG_SCHEDSTATS=y +CONFIG_TIMER_STATS=y +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_RT_MUTEX_TESTER is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_SPARSE_RCU_POINTER is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_SPINLOCK_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +CONFIG_STACKTRACE=y +# CONFIG_DEBUG_KOBJECT is not set +CONFIG_DEBUG_BUGVERBOSE=y +# CONFIG_DEBUG_INFO is not set +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_WRITECOUNT is not set +CONFIG_DEBUG_MEMORY_INIT=y +# CONFIG_DEBUG_LIST is not set +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_RCU_TORTURE_TEST is not set +# CONFIG_RCU_CPU_STALL_DETECTOR is not set +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# CONFIG_LKDTM is not set +CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_FAULT_INJECTION is not set +# CONFIG_LATENCYTOP is not set +CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_DEBUG_PAGEALLOC is not set +CONFIG_USER_STACKTRACE_SUPPORT=y +CONFIG_NOP_TRACER=y +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y +CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_RING_BUFFER=y +CONFIG_EVENT_TRACING=y +CONFIG_EVENT_POWER_TRACING_DEPRECATED=y +CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACING=y +CONFIG_GENERIC_TRACER=y +CONFIG_TRACING_SUPPORT=y +CONFIG_FTRACE=y +# CONFIG_FUNCTION_TRACER is not set +# CONFIG_IRQSOFF_TRACER is not set +# CONFIG_SCHED_TRACER is not set +# CONFIG_FTRACE_SYSCALLS is not set +CONFIG_BRANCH_PROFILE_NONE=y +# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set +# CONFIG_PROFILE_ALL_BRANCHES is not set +# CONFIG_STACK_TRACER is not set +CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENT=y +# CONFIG_FTRACE_STARTUP_TEST is not set +# CONFIG_MMIOTRACE is not set +# CONFIG_RING_BUFFER_BENCHMARK is not set +CONFIG_PROVIDE_OHCI1394_DMA_INIT=y +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_ATOMIC64_SELFTEST is not set +CONFIG_ASYNC_RAID6_TEST=m +# CONFIG_SAMPLES is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_HAVE_ARCH_KMEMCHECK=y +# CONFIG_TEST_KSTRTOX is not set +# CONFIG_STRICT_DEVMEM is not set +CONFIG_X86_VERBOSE_BOOTUP=y +CONFIG_EARLY_PRINTK=y +CONFIG_EARLY_PRINTK_DBGP=y +CONFIG_DEBUG_STACKOVERFLOW=y +CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_PER_CPU_MAPS is not set +# CONFIG_X86_PTDUMP is not set +CONFIG_DEBUG_RODATA=y +# CONFIG_DEBUG_RODATA_TEST is not set +# CONFIG_DEBUG_SET_MODULE_RONX is not set +CONFIG_DEBUG_NX_TEST=m +# CONFIG_IOMMU_DEBUG is not set +# CONFIG_IOMMU_STRESS is not set +CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set +CONFIG_IO_DELAY_TYPE_0X80=0 +CONFIG_IO_DELAY_TYPE_0XED=1 +CONFIG_IO_DELAY_TYPE_UDELAY=2 +CONFIG_IO_DELAY_TYPE_NONE=3 +CONFIG_IO_DELAY_0X80=y +# CONFIG_IO_DELAY_0XED is not set +# CONFIG_IO_DELAY_UDELAY is not set +# CONFIG_IO_DELAY_NONE is not set +CONFIG_DEFAULT_IO_DELAY_TYPE=0 +CONFIG_DEBUG_BOOT_PARAMS=y +# CONFIG_CPA_DEBUG is not set +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set + +# +# Security options +# +CONFIG_KEYS=y +CONFIG_KEYS_DEBUG_PROC_KEYS=y +# CONFIG_SECURITY_DMESG_RESTRICT is not set +CONFIG_SECURITY=y +# CONFIG_SECURITYFS is not set +CONFIG_SECURITY_NETWORK=y +CONFIG_SECURITY_NETWORK_XFRM=y +# CONFIG_SECURITY_PATH is not set +# CONFIG_INTEL_TXT is not set +CONFIG_LSM_MMAP_MIN_ADDR=65536 +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_SELINUX_DISABLE=y +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_SECURITY_APPARMOR is not set +# CONFIG_IMA is not set +CONFIG_DEFAULT_SECURITY_SELINUX=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="selinux" +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=m +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_PCOMP=m +CONFIG_CRYPTO_PCOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_NULL=m +# CONFIG_CRYPTO_PCRYPT is not set +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_CRYPTD=m +CONFIG_CRYPTO_AUTHENC=y +CONFIG_CRYPTO_TEST=m + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_CTS=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=m +CONFIG_CRYPTO_FPU=m + +# +# Hash modes +# +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_VMAC=m + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=m +CONFIG_CRYPTO_CRC32C_INTEL=m +CONFIG_CRYPTO_GHASH=m +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_MICHAEL_MIC=m +CONFIG_CRYPTO_RMD128=m +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_RMD256=m +CONFIG_CRYPTO_RMD320=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=m +CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_TGR192=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_X86_64=m +CONFIG_CRYPTO_AES_NI_INTEL=m +CONFIG_CRYPTO_ANUBIS=m +CONFIG_CRYPTO_ARC4=y +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=y +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SALSA20=m +CONFIG_CRYPTO_SALSA20_X86_64=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +CONFIG_CRYPTO_TWOFISH_X86_64=m + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m + +# +# Random Number Generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_USER_API=m +CONFIG_CRYPTO_USER_API_HASH=m +CONFIG_CRYPTO_USER_API_SKCIPHER=m +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_PADLOCK is not set +# CONFIG_CRYPTO_DEV_HIFN_795X is not set +CONFIG_HAVE_KVM=y +# CONFIG_VIRTUALIZATION is not set +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_RAID6_PQ=m +CONFIG_BITREVERSE=y +CONFIG_GENERIC_FIND_FIRST_BIT=y +CONFIG_GENERIC_FIND_NEXT_BIT=y +CONFIG_GENERIC_FIND_LAST_BIT=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC7=m +CONFIG_LIBCRC32C=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=m +CONFIG_LZO_COMPRESS=m +CONFIG_LZO_DECOMPRESS=y +CONFIG_XZ_DEC=y +CONFIG_XZ_DEC_X86=y +CONFIG_XZ_DEC_POWERPC=y +CONFIG_XZ_DEC_IA64=y +CONFIG_XZ_DEC_ARM=y +CONFIG_XZ_DEC_ARMTHUMB=y +CONFIG_XZ_DEC_SPARC=y +CONFIG_XZ_DEC_BCJ=y +CONFIG_XZ_DEC_TEST=m +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_XZ=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_DMA=y +CONFIG_CPU_RMAP=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m +# CONFIG_AVERAGE is not set diff --git a/kernel-config/config-3.0.6-gentoo-00 b/kernel-config/config-3.0.6-gentoo-00 new file mode 100644 index 0000000..b98ae18 --- /dev/null +++ b/kernel-config/config-3.0.6-gentoo-00 @@ -0,0 +1,2797 @@ +# +# Automatically generated make config: don't edit +# Linux/x86_64 3.0.6-gentoo Kernel Configuration +# +CONFIG_64BIT=y +# CONFIG_X86_32 is not set +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_INSTRUCTION_DECODER=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_GENERIC_CMOS_UPDATE=y +CONFIG_CLOCKSOURCE_WATCHDOG=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_MMU=y +CONFIG_ZONE_DMA=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_IOMAP=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +# CONFIG_RWSEM_GENERIC_SPINLOCK is not set +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_ARCH_HAS_CPU_IDLE_WAIT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_DEFAULT_IDLE=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_HAVE_CPUMASK_OF_CPU_MAP=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ZONE_DMA32=y +CONFIG_ARCH_POPULATES_NODE_MAP=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y +CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" +# CONFIG_KTIME_SCALAR is not set +CONFIG_ARCH_CPU_PROBE_RELEASE=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_HAVE_IRQ_WORK=y +CONFIG_IRQ_WORK=y + +# +# General setup +# +CONFIG_EXPERIMENTAL=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" +CONFIG_LOCALVERSION="" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_BZIP2=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_XZ=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_BZIP2 is not set +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_XZ is not set +# CONFIG_KERNEL_LZO is not set +CONFIG_DEFAULT_HOSTNAME="helga" +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_FHANDLE=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_WATCH=y +CONFIG_AUDIT_TREE=y +CONFIG_HAVE_GENERIC_HARDIRQS=y + +# +# IRQ subsystem +# +CONFIG_GENERIC_HARDIRQS=y +CONFIG_HAVE_SPARSE_IRQ=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_IRQ_SHOW=y +CONFIG_GENERIC_PENDING_IRQ=y +CONFIG_IRQ_FORCED_THREADING=y +CONFIG_SPARSE_IRQ=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +# CONFIG_PREEMPT_RCU is not set +# CONFIG_RCU_TRACE is not set +CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_FANOUT_EXACT is not set +# CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=18 +CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y +CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_FREEZER=y +# CONFIG_CGROUP_DEVICE is not set +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_RESOURCE_COUNTERS=y +# CONFIG_CGROUP_MEM_RES_CTLR is not set +# CONFIG_CGROUP_PERF is not set +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +# CONFIG_RT_GROUP_SCHED is not set +CONFIG_BLK_CGROUP=m +# CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +# CONFIG_SCHED_AUTOGROUP is not set +# CONFIG_SYSFS_DEPRECATED is not set +CONFIG_RELAY=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_XZ=y +CONFIG_RD_LZO=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +# CONFIG_EXPERT is not set +CONFIG_UID16=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_PCSPKR_PLATFORM=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +# CONFIG_EMBEDDED is not set +CONFIG_HAVE_PERF_EVENTS=y + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_PERF_COUNTERS is not set +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_PCI_QUIRKS=y +CONFIG_SLUB_DEBUG=y +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB is not set +CONFIG_SLUB=y +CONFIG_PROFILING=y +CONFIG_TRACEPOINTS=y +# CONFIG_OPROFILE is not set +CONFIG_HAVE_OPROFILE=y +CONFIG_KPROBES=y +# CONFIG_JUMP_LABEL is not set +CONFIG_OPTPROBES=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_USE_GENERIC_SMP_HELPERS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y +CONFIG_HAVE_USER_RETURN_NOTIFIER=y +CONFIG_HAVE_PERF_EVENTS_NMI=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set +CONFIG_SLABINFO=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_FORCE_LOAD=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_STOP_MACHINE=y +CONFIG_BLOCK=y +CONFIG_BLK_DEV_BSG=y +# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLOCK_COMPAT=y + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=y +CONFIG_IOSCHED_CFQ=m +# CONFIG_CFQ_GROUP_IOSCHED is not set +CONFIG_DEFAULT_DEADLINE=y +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="deadline" +# CONFIG_INLINE_SPIN_TRYLOCK is not set +# CONFIG_INLINE_SPIN_TRYLOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK is not set +# CONFIG_INLINE_SPIN_LOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK_IRQ is not set +# CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set +CONFIG_INLINE_SPIN_UNLOCK=y +# CONFIG_INLINE_SPIN_UNLOCK_BH is not set +CONFIG_INLINE_SPIN_UNLOCK_IRQ=y +# CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_READ_TRYLOCK is not set +# CONFIG_INLINE_READ_LOCK is not set +# CONFIG_INLINE_READ_LOCK_BH is not set +# CONFIG_INLINE_READ_LOCK_IRQ is not set +# CONFIG_INLINE_READ_LOCK_IRQSAVE is not set +CONFIG_INLINE_READ_UNLOCK=y +# CONFIG_INLINE_READ_UNLOCK_BH is not set +CONFIG_INLINE_READ_UNLOCK_IRQ=y +# CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_WRITE_TRYLOCK is not set +# CONFIG_INLINE_WRITE_LOCK is not set +# CONFIG_INLINE_WRITE_LOCK_BH is not set +# CONFIG_INLINE_WRITE_LOCK_IRQ is not set +# CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set +CONFIG_INLINE_WRITE_UNLOCK=y +# CONFIG_INLINE_WRITE_UNLOCK_BH is not set +CONFIG_INLINE_WRITE_UNLOCK_IRQ=y +# CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_FREEZER=y + +# +# Processor type and features +# +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_GENERIC_CLOCKEVENTS_BUILD=y +CONFIG_SMP=y +CONFIG_X86_MPPARSE=y +CONFIG_X86_EXTENDED_PLATFORM=y +# CONFIG_X86_VSMP is not set +CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y +CONFIG_SCHED_OMIT_FRAME_POINTER=y +# CONFIG_PARAVIRT_GUEST is not set +CONFIG_NO_BOOTMEM=y +# CONFIG_MEMTEST is not set +CONFIG_MK8=y +# CONFIG_MPSC is not set +# CONFIG_MCORE2 is not set +# CONFIG_MATOM is not set +# CONFIG_GENERIC_CPU is not set +CONFIG_X86_INTERNODE_CACHE_SHIFT=7 +CONFIG_X86_CMPXCHG=y +CONFIG_CMPXCHG_LOCAL=y +CONFIG_X86_L1_CACHE_SHIFT=6 +CONFIG_X86_XADD=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INTEL_USERCOPY=y +CONFIG_X86_USE_PPRO_CHECKSUM=y +CONFIG_X86_TSC=y +CONFIG_X86_CMPXCHG64=y +CONFIG_X86_CMOV=y +CONFIG_X86_MINIMUM_CPU_FAMILY=64 +CONFIG_X86_DEBUGCTLMSR=y +CONFIG_CPU_SUP_INTEL=y +CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_CENTAUR=y +CONFIG_HPET_TIMER=y +CONFIG_HPET_EMULATE_RTC=y +CONFIG_DMI=y +CONFIG_GART_IOMMU=y +CONFIG_CALGARY_IOMMU=y +CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y +CONFIG_AMD_IOMMU=y +CONFIG_AMD_IOMMU_STATS=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +CONFIG_IOMMU_API=y +# CONFIG_MAXSMP is not set +CONFIG_NR_CPUS=64 +CONFIG_SCHED_SMT=y +CONFIG_SCHED_MC=y +CONFIG_IRQ_TIME_ACCOUNTING=y +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_X86_LOCAL_APIC=y +CONFIG_X86_IO_APIC=y +CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y +CONFIG_X86_MCE=y +CONFIG_X86_MCE_INTEL=y +CONFIG_X86_MCE_AMD=y +CONFIG_X86_MCE_THRESHOLD=y +# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_I8K is not set +CONFIG_MICROCODE=y +CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_AMD=y +CONFIG_MICROCODE_OLD_INTERFACE=y +CONFIG_X86_MSR=y +CONFIG_X86_CPUID=y +CONFIG_ARCH_PHYS_ADDR_T_64BIT=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DIRECT_GBPAGES=y +CONFIG_NUMA=y +CONFIG_AMD_NUMA=y +CONFIG_X86_64_ACPI_NUMA=y +CONFIG_NODES_SPAN_OTHER_NODES=y +# CONFIG_NUMA_EMU is not set +CONFIG_NODES_SHIFT=6 +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SPARSEMEM_DEFAULT=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_SPARSEMEM_MANUAL=y +CONFIG_SPARSEMEM=y +CONFIG_NEED_MULTIPLE_NODES=y +CONFIG_HAVE_MEMORY_PRESENT=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y +CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_HAVE_MEMBLOCK=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_PAGEFLAGS_EXTENDED=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +CONFIG_COMPACTION=y +CONFIG_MIGRATION=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_ZONE_DMA_FLAG=1 +CONFIG_BOUNCE=y +CONFIG_VIRT_TO_BUS=y +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +CONFIG_TRANSPARENT_HUGEPAGE=y +CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS=y +# CONFIG_TRANSPARENT_HUGEPAGE_MADVISE is not set +CONFIG_CLEANCACHE=y +CONFIG_X86_CHECK_BIOS_CORRUPTION=y +CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +CONFIG_X86_RESERVE_LOW=64 +CONFIG_MTRR=y +# CONFIG_MTRR_SANITIZER is not set +CONFIG_X86_PAT=y +CONFIG_ARCH_USES_PG_UNCACHED=y +CONFIG_EFI=y +CONFIG_SECCOMP=y +# CONFIG_CC_STACKPROTECTOR is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_KEXEC=y +CONFIG_CRASH_DUMP=y +CONFIG_PHYSICAL_START=0x1000000 +CONFIG_RELOCATABLE=y +CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_HOTPLUG_CPU=y +# CONFIG_COMPAT_VDSO is not set +# CONFIG_CMDLINE_BOOL is not set +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_USE_PERCPU_NUMA_NODE_ID=y + +# +# Power management and ACPI options +# +CONFIG_SUSPEND=y +CONFIG_SUSPEND_FREEZER=y +# CONFIG_HIBERNATION is not set +CONFIG_PM_SLEEP=y +CONFIG_PM_SLEEP_SMP=y +# CONFIG_PM_RUNTIME is not set +CONFIG_PM=y +CONFIG_PM_DEBUG=y +CONFIG_PM_ADVANCED_DEBUG=y +# CONFIG_PM_TEST_SUSPEND is not set +CONFIG_CAN_PM_TRACE=y +CONFIG_PM_TRACE=y +CONFIG_PM_TRACE_RTC=y +CONFIG_ACPI=y +CONFIG_ACPI_SLEEP=y +CONFIG_ACPI_PROCFS=y +CONFIG_ACPI_PROCFS_POWER=y +CONFIG_ACPI_EC_DEBUGFS=m +CONFIG_ACPI_PROC_EVENT=y +CONFIG_ACPI_AC=m +CONFIG_ACPI_BATTERY=m +CONFIG_ACPI_BUTTON=m +CONFIG_ACPI_VIDEO=m +CONFIG_ACPI_FAN=m +CONFIG_ACPI_DOCK=y +CONFIG_ACPI_PROCESSOR=m +CONFIG_ACPI_IPMI=m +CONFIG_ACPI_HOTPLUG_CPU=y +CONFIG_ACPI_PROCESSOR_AGGREGATOR=m +CONFIG_ACPI_THERMAL=m +CONFIG_ACPI_NUMA=y +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_PCI_SLOT=m +CONFIG_X86_PM_TIMER=y +CONFIG_ACPI_CONTAINER=y +# CONFIG_ACPI_SBS is not set +CONFIG_ACPI_HED=m +CONFIG_ACPI_CUSTOM_METHOD=m +CONFIG_ACPI_APEI=y +CONFIG_ACPI_APEI_GHES=m +# CONFIG_ACPI_APEI_PCIEAER is not set +CONFIG_ACPI_APEI_EINJ=m +CONFIG_ACPI_APEI_ERST_DEBUG=m +# CONFIG_SFI is not set + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=m +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_STAT_DETAILS=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=m +CONFIG_CPU_FREQ_GOV_POWERSAVE=m +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=m +CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m + +# +# x86 CPU frequency scaling drivers +# +CONFIG_X86_PCC_CPUFREQ=m +CONFIG_X86_ACPI_CPUFREQ=m +CONFIG_X86_POWERNOW_K8=m +# CONFIG_X86_SPEEDSTEP_CENTRINO is not set +# CONFIG_X86_P4_CLOCKMOD is not set + +# +# shared options +# +# CONFIG_X86_SPEEDSTEP_LIB is not set +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +# CONFIG_INTEL_IDLE is not set + +# +# Memory power savings +# +# CONFIG_I7300_IDLE is not set + +# +# Bus options (PCI etc.) +# +CONFIG_PCI=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCI_DOMAINS=y +# CONFIG_PCI_CNB20LE_QUIRK is not set +CONFIG_DMAR=y +# CONFIG_DMAR_DEFAULT_ON is not set +CONFIG_DMAR_FLOPPY_WA=y +# CONFIG_INTR_REMAP is not set +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEAER_INJECT is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_ARCH_SUPPORTS_MSI=y +CONFIG_PCI_MSI=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_HT_IRQ=y +CONFIG_PCI_IOV=y +CONFIG_PCI_IOAPIC=y +CONFIG_PCI_LABEL=y +CONFIG_ISA_DMA_API=y +CONFIG_AMD_NB=y +# CONFIG_PCCARD is not set +# CONFIG_HOTPLUG_PCI is not set +# CONFIG_RAPIDIO is not set + +# +# Executable file formats / Emulations +# +CONFIG_BINFMT_ELF=y +CONFIG_COMPAT_BINFMT_ELF=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +# CONFIG_HAVE_AOUT is not set +CONFIG_BINFMT_MISC=y +CONFIG_IA32_EMULATION=y +CONFIG_IA32_AOUT=m +CONFIG_COMPAT=y +CONFIG_COMPAT_FOR_U64_ALIGNMENT=y +CONFIG_SYSVIPC_COMPAT=y +CONFIG_KEYS_COMPAT=y +CONFIG_HAVE_TEXT_POKE_SMP=y +CONFIG_NET=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_SUB_POLICY is not set +CONFIG_XFRM_MIGRATE=y +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_IP_FIB_TRIE_STATS=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_ROUTE_CLASSID=y +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +CONFIG_IP_PNP_RARP=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE=y +CONFIG_IP_MROUTE_MULTIPLE_TABLES=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_ARPD=y +CONFIG_SYN_COOKIES=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_LRO=y +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +CONFIG_TCP_CONG_BIC=m +CONFIG_TCP_CONG_CUBIC=m +CONFIG_TCP_CONG_WESTWOOD=m +CONFIG_TCP_CONG_HTCP=m +CONFIG_TCP_CONG_HSTCP=m +CONFIG_TCP_CONG_HYBLA=m +CONFIG_TCP_CONG_VEGAS=m +CONFIG_TCP_CONG_SCALABLE=m +CONFIG_TCP_CONG_LP=m +CONFIG_TCP_CONG_VENO=m +CONFIG_TCP_CONG_YEAH=m +CONFIG_TCP_CONG_ILLINOIS=m +CONFIG_DEFAULT_RENO=y +CONFIG_DEFAULT_TCP_CONG="reno" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_PRIVACY=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_SIT=m +# CONFIG_IPV6_SIT_6RD is not set +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETLABEL=y +CONFIG_NETWORK_SECMARK=y +# CONFIG_NETWORK_PHY_TIMESTAMPING is not set +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=y + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_SECMARK=y +# CONFIG_NF_CONNTRACK_ZONES is not set +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CONNTRACK_TIMESTAMP=y +CONFIG_NF_CT_PROTO_DCCP=m +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CT_PROTO_SCTP=m +CONFIG_NF_CT_PROTO_UDPLITE=m +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_BROADCAST=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_SNMP=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NETFILTER_TPROXY=m +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=m +CONFIG_NETFILTER_XT_CONNMARK=m +CONFIG_NETFILTER_XT_SET=m + +# +# Xtables targets +# +CONFIG_NETFILTER_XT_TARGET_AUDIT=m +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +CONFIG_NETFILTER_XT_TARGET_NOTRACK=m +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TRACE=m +CONFIG_NETFILTER_XT_TARGET_SECMARK=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m + +# +# Xtables matches +# +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DEVGROUP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +CONFIG_IP_SET=m +CONFIG_IP_SET_MAX=256 +CONFIG_IP_SET_BITMAP_IP=m +CONFIG_IP_SET_BITMAP_IPMAC=m +CONFIG_IP_SET_BITMAP_PORT=m +CONFIG_IP_SET_HASH_IP=m +CONFIG_IP_SET_HASH_IPPORT=m +CONFIG_IP_SET_HASH_IPPORTIP=m +CONFIG_IP_SET_HASH_IPPORTNET=m +CONFIG_IP_SET_HASH_NET=m +CONFIG_IP_SET_HASH_NETPORT=m +CONFIG_IP_SET_LIST_SET=m +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_IP_NF_QUEUE=m +CONFIG_IP_NF_IPTABLES=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=m +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_LOG=m +CONFIG_IP_NF_TARGET_ULOG=m +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_DCCP=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PROTO_UDPLITE=m +CONFIG_NF_NAT_PROTO_SCTP=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_NF_NAT_SIP=m +CONFIG_IP_NF_MANGLE=m +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_IP6_NF_QUEUE=m +CONFIG_IP6_NF_IPTABLES=m +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_TARGET_LOG=m +CONFIG_IP6_NF_FILTER=m +CONFIG_IP6_NF_TARGET_REJECT=m +CONFIG_IP6_NF_MANGLE=m +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_ULOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_TFRC_LIB=y + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# CONFIG_NET_DCCPPROBE is not set +CONFIG_IP_SCTP=m +CONFIG_NET_SCTPPROBE=m +# CONFIG_SCTP_DBG_MSG is not set +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_HMAC_NONE is not set +# CONFIG_SCTP_HMAC_SHA1 is not set +CONFIG_SCTP_HMAC_MD5=y +CONFIG_RDS=m +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +CONFIG_TIPC_ADVANCED=y +CONFIG_TIPC_PORTS=8191 +CONFIG_TIPC_LOG=0 +# CONFIG_TIPC_DEBUG is not set +# CONFIG_ATM is not set +CONFIG_L2TP=m +CONFIG_L2TP_DEBUGFS=m +# CONFIG_L2TP_V3 is not set +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=m +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_IPX=m +# CONFIG_IPX_INTERN is not set +CONFIG_ATALK=m +# CONFIG_DEV_APPLETALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set +# CONFIG_PHONET is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFB=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_MQPRIO=m +CONFIG_NET_SCH_CHOKE=m +CONFIG_NET_SCH_QFQ=m +CONFIG_NET_SCH_INGRESS=m + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_RSVP6=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +# CONFIG_GACT_PROB is not set +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +CONFIG_NET_ACT_CSUM=m +# CONFIG_NET_CLS_IND is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set +CONFIG_DNS_RESOLVER=y +# CONFIG_BATMAN_ADV is not set +CONFIG_RPS=y +CONFIG_RFS_ACCEL=y +CONFIG_XPS=y +CONFIG_HAVE_BPF_JIT=y +# CONFIG_BPF_JIT is not set + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +CONFIG_NET_TCPPROBE=m +# CONFIG_NET_DROP_MONITOR is not set +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +CONFIG_AF_RXRPC=m +# CONFIG_AF_RXRPC_DEBUG is not set +# CONFIG_RXKAD is not set +CONFIG_FIB_RULES=y +# CONFIG_WIRELESS is not set +# CONFIG_WIMAX is not set +CONFIG_RFKILL=m +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +# CONFIG_NET_9P is not set +# CONFIG_CAIF is not set +CONFIG_CEPH_LIB=m +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" +# CONFIG_DEVTMPFS is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y +CONFIG_FW_LOADER=y +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_SYS_HYPERVISOR is not set +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y +# CONFIG_MTD is not set +# CONFIG_PARPORT is not set +CONFIG_PNP=y +CONFIG_PNP_DEBUG_MESSAGES=y + +# +# Protocols +# +CONFIG_PNPACPI=y +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_FD is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=y +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +# CONFIG_BLK_DEV_OSD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_BLK_DEV_XIP is not set +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +# CONFIG_BLK_DEV_HD is not set +CONFIG_BLK_DEV_RBD=m +CONFIG_SENSORS_LIS3LV02D=m +CONFIG_MISC_DEVICES=y +# CONFIG_AD525X_DPOT is not set +# CONFIG_IBM_ASM is not set +# CONFIG_PHANTOM is not set +# CONFIG_INTEL_MID_PTI is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_HP_ILO is not set +# CONFIG_APDS9802ALS is not set +# CONFIG_ISL29003 is not set +# CONFIG_ISL29020 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1780 is not set +# CONFIG_SENSORS_BH1770 is not set +# CONFIG_SENSORS_APDS990X is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_VMWARE_BALLOON is not set +# CONFIG_BMP085 is not set +# CONFIG_PCH_PHUB is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +# CONFIG_EEPROM_AT24 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_CB710_CORE is not set + +# +# Texas Instruments shared transport line discipline +# +CONFIG_SENSORS_LIS3_I2C=m +CONFIG_HAVE_IDE=y +# CONFIG_IDE is not set + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=m +CONFIG_BLK_DEV_SR_VENDOR=y +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_MULTI_LUN is not set +CONFIG_SCSI_CONSTANTS=y +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set +CONFIG_SCSI_WAIT_SCAN=m + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=y +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +# CONFIG_SCSI_SAS_ATA is not set +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SRP_ATTRS=m +# CONFIG_SCSI_LOWLEVEL is not set +CONFIG_SCSI_DH=m +# CONFIG_SCSI_DH_RDAC is not set +# CONFIG_SCSI_DH_HP_SW is not set +# CONFIG_SCSI_DH_EMC is not set +# CONFIG_SCSI_DH_ALUA is not set +CONFIG_SCSI_OSD_INITIATOR=m +CONFIG_SCSI_OSD_ULD=m +CONFIG_SCSI_OSD_DPRINT_SENSE=1 +# CONFIG_SCSI_OSD_DEBUG is not set +CONFIG_ATA=y +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_ATA_VERBOSE_ERROR=y +CONFIG_ATA_ACPI=y +CONFIG_SATA_PMP=y + +# +# Controllers with non-SFF native interface +# +CONFIG_SATA_AHCI=y +# CONFIG_SATA_AHCI_PLATFORM is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_SATA_ACARD_AHCI is not set +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y + +# +# SFF controllers with custom DMA interface +# +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_SX4 is not set +CONFIG_ATA_BMDMA=y + +# +# SATA SFF controllers with BMDMA +# +CONFIG_ATA_PIIX=y +# CONFIG_SATA_MV is not set +# CONFIG_SATA_NV is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_SVW is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set + +# +# PATA SFF controllers with BMDMA +# +# CONFIG_PATA_ALI is not set +CONFIG_PATA_AMD=y +# CONFIG_PATA_ARASAN_CF is not set +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CS5520 is not set +# CONFIG_PATA_CS5530 is not set +# CONFIG_PATA_CS5536 is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87415 is not set +CONFIG_PATA_OLDPIIX=y +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_SC1200 is not set +CONFIG_PATA_SCH=y +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set + +# +# PIO-only SFF controllers +# +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_MPIIX is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_RZ1000 is not set + +# +# Generic fallback / legacy drivers +# +# CONFIG_PATA_ACPI is not set +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_LEGACY is not set +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=y +CONFIG_MD_RAID10=y +CONFIG_MD_RAID456=m +CONFIG_MULTICORE_RAID456=y +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_MIRROR=y +CONFIG_DM_RAID=m +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m +# CONFIG_DM_UEVENT is not set +CONFIG_DM_FLAKEY=m +CONFIG_TARGET_CORE=m +CONFIG_TCM_IBLOCK=m +CONFIG_TCM_FILEIO=m +CONFIG_TCM_PSCSI=m +CONFIG_LOOPBACK_TARGET=m +# CONFIG_LOOPBACK_TARGET_CDB_DEBUG is not set +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# +# CONFIG_FIREWIRE is not set +CONFIG_FIREWIRE_NOSY=m +CONFIG_I2O=m +CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y +CONFIG_I2O_EXT_ADAPTEC=y +CONFIG_I2O_EXT_ADAPTEC_DMA64=y +CONFIG_I2O_CONFIG=m +CONFIG_I2O_CONFIG_OLD_IOCTL=y +CONFIG_I2O_BUS=m +CONFIG_I2O_BLOCK=m +# CONFIG_I2O_SCSI is not set +CONFIG_I2O_PROC=m +# CONFIG_MACINTOSH_DRIVERS is not set +CONFIG_NETDEVICES=y +CONFIG_IFB=m +CONFIG_DUMMY=m +CONFIG_BONDING=m +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +# CONFIG_EQUALIZER is not set +CONFIG_TUN=m +CONFIG_VETH=m +# CONFIG_NET_SB1000 is not set +# CONFIG_ARCNET is not set +CONFIG_MII=y +CONFIG_PHYLIB=y + +# +# MII PHY device drivers +# +# CONFIG_MARVELL_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_VITESSE_PHY is not set +CONFIG_SMSC_PHY=m +# CONFIG_BROADCOM_PHY is not set +# CONFIG_ICPLUS_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_FIXED_PHY is not set +# CONFIG_MDIO_BITBANG is not set +CONFIG_NET_ETHERNET=y +CONFIG_HAPPYMEAL=m +CONFIG_SUNGEM=m +CONFIG_CASSINI=m +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=m +CONFIG_TYPHOON=m +CONFIG_ETHOC=m +CONFIG_DNET=m +CONFIG_NET_TULIP=y +CONFIG_DE2104X=m +CONFIG_DE2104X_DSL=0 +CONFIG_TULIP=m +# CONFIG_TULIP_MWI is not set +# CONFIG_TULIP_MMIO is not set +# CONFIG_TULIP_NAPI is not set +CONFIG_DE4X5=m +CONFIG_WINBOND_840=m +CONFIG_DM9102=m +CONFIG_ULI526X=m +# CONFIG_HP100 is not set +# CONFIG_IBM_NEW_EMAC_ZMII is not set +# CONFIG_IBM_NEW_EMAC_RGMII is not set +# CONFIG_IBM_NEW_EMAC_TAH is not set +# CONFIG_IBM_NEW_EMAC_EMAC4 is not set +# CONFIG_IBM_NEW_EMAC_NO_FLOW_CTRL is not set +# CONFIG_IBM_NEW_EMAC_MAL_CLR_ICINTSTAT is not set +# CONFIG_IBM_NEW_EMAC_MAL_COMMON_ERR is not set +CONFIG_NET_PCI=y +CONFIG_PCNET32=m +CONFIG_AMD8111_ETH=m +CONFIG_ADAPTEC_STARFIRE=m +CONFIG_KSZ884X_PCI=m +CONFIG_B44=m +CONFIG_B44_PCI_AUTOSELECT=y +CONFIG_B44_PCICORE_AUTOSELECT=y +CONFIG_B44_PCI=y +CONFIG_FORCEDETH=m +CONFIG_E100=m +CONFIG_FEALNX=m +CONFIG_NATSEMI=m +CONFIG_NE2K_PCI=m +CONFIG_8139CP=m +CONFIG_8139TOO=m +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_R6040=m +CONFIG_SIS900=m +CONFIG_EPIC100=m +CONFIG_SMSC9420=m +CONFIG_SUNDANCE=m +# CONFIG_SUNDANCE_MMIO is not set +CONFIG_TLAN=m +CONFIG_KS8842=m +CONFIG_KS8851_MLL=m +CONFIG_VIA_RHINE=m +# CONFIG_VIA_RHINE_MMIO is not set +CONFIG_SC92031=m +CONFIG_ATL2=m +CONFIG_NETDEV_1000=y +CONFIG_ACENIC=m +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_DL2K=m +CONFIG_E1000=m +CONFIG_E1000E=m +CONFIG_IP1000=m +CONFIG_IGB=m +CONFIG_IGBVF=m +CONFIG_NS83820=m +CONFIG_HAMACHI=m +CONFIG_YELLOWFIN=m +CONFIG_R8169=m +CONFIG_SIS190=m +CONFIG_SKGE=m +# CONFIG_SKGE_DEBUG is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +CONFIG_VIA_VELOCITY=m +CONFIG_TIGON3=m +CONFIG_BNX2=m +CONFIG_CNIC=m +CONFIG_QLA3XXX=m +CONFIG_ATL1=m +CONFIG_ATL1E=m +CONFIG_ATL1C=m +CONFIG_JME=m +CONFIG_STMMAC_ETH=m +CONFIG_STMMAC_DA=y +CONFIG_STMMAC_DUAL_MAC=y +CONFIG_PCH_GBE=m +CONFIG_NETDEV_10000=y +CONFIG_MDIO=m +CONFIG_CHELSIO_T1=m +CONFIG_CHELSIO_T1_1G=y +CONFIG_CHELSIO_T3=m +CONFIG_CHELSIO_T4=m +CONFIG_CHELSIO_T4VF=m +CONFIG_ENIC=m +CONFIG_IXGBE=m +CONFIG_IXGBEVF=m +CONFIG_IXGB=m +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set +CONFIG_MYRI10GE=m +CONFIG_NETXEN_NIC=m +CONFIG_NIU=m +CONFIG_MLX4_EN=m +CONFIG_MLX4_CORE=m +CONFIG_MLX4_DEBUG=y +CONFIG_TEHUTI=m +CONFIG_BNX2X=m +CONFIG_QLCNIC=m +CONFIG_QLGE=m +CONFIG_BNA=m +CONFIG_SFC=m +CONFIG_BE2NET=m +# CONFIG_TR is not set +# CONFIG_WLAN is not set + +# +# Enable WiMAX (Networking options) to see the WiMAX drivers +# +# CONFIG_WAN is not set + +# +# CAIF transport drivers +# +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_NET_FC is not set +CONFIG_NETCONSOLE=y +CONFIG_NETPOLL=y +# CONFIG_NETPOLL_TRAP is not set +CONFIG_NET_POLL_CONTROLLER=y +# CONFIG_VMXNET3 is not set +# CONFIG_ISDN is not set +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_FF_MEMLESS=y +CONFIG_INPUT_POLLDEV=y +# CONFIG_INPUT_SPARSEKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +# CONFIG_KEYBOARD_ADP5589 is not set +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_QT1070 is not set +# CONFIG_KEYBOARD_QT2160 is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_TCA6416 is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_MCS is not set +# CONFIG_KEYBOARD_MPR121 is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +CONFIG_SERIO_SERPORT=y +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_SERIO_ALTERA_PS2 is not set +# CONFIG_SERIO_PS2MULT is not set +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_UNIX98_PTYS=y +# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set +# CONFIG_LEGACY_PTYS is not set +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_ROCKETPORT is not set +# CONFIG_CYCLADES is not set +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_SYNCLINK is not set +# CONFIG_SYNCLINKMP is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_NOZOMI is not set +# CONFIG_ISI is not set +# CONFIG_N_HDLC is not set +# CONFIG_N_GSM is not set +# CONFIG_TRACE_SINK is not set +CONFIG_DEVKMEM=y +# CONFIG_STALDRV is not set + +# +# Serial drivers +# +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_SERIAL_8250_PCI=y +CONFIG_SERIAL_8250_PNP=y +CONFIG_SERIAL_8250_NR_UARTS=32 +CONFIG_SERIAL_8250_RUNTIME_UARTS=4 +CONFIG_SERIAL_8250_EXTENDED=y +CONFIG_SERIAL_8250_MANY_PORTS=y +CONFIG_SERIAL_8250_SHARE_IRQ=y +CONFIG_SERIAL_8250_DETECT_IRQ=y +CONFIG_SERIAL_8250_RSA=y + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_MFD_HSU is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_TIMBERDALE is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +# CONFIG_SERIAL_PCH_UART is not set +# CONFIG_SERIAL_XILINX_PS_UART is not set +CONFIG_IPMI_HANDLER=m +# CONFIG_IPMI_PANIC_EVENT is not set +CONFIG_IPMI_DEVICE_INTERFACE=m +CONFIG_IPMI_SI=m +CONFIG_IPMI_WATCHDOG=m +CONFIG_IPMI_POWEROFF=m +CONFIG_HW_RANDOM=m +CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_NVRAM=y +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_MWAVE is not set +# CONFIG_RAW_DRIVER is not set +CONFIG_HPET=y +# CONFIG_HPET_MMAP is not set +# CONFIG_HANGCHECK_TIMER is not set +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set +CONFIG_DEVPORT=y +# CONFIG_RAMOOPS is not set +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_MUX=m + +# +# Multiplexer I2C Chip support +# +# CONFIG_I2C_MUX_PCA9541 is not set +CONFIG_I2C_MUX_PCA954x=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_SMBUS=m +CONFIG_I2C_ALGOBIT=m +CONFIG_I2C_ALGOPCA=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +CONFIG_I2C_ALI1535=m +CONFIG_I2C_ALI1563=m +CONFIG_I2C_ALI15X3=m +CONFIG_I2C_AMD756=m +CONFIG_I2C_AMD756_S4882=m +CONFIG_I2C_AMD8111=m +CONFIG_I2C_I801=m +CONFIG_I2C_ISCH=m +CONFIG_I2C_PIIX4=m +CONFIG_I2C_NFORCE2=m +CONFIG_I2C_NFORCE2_S4985=m +CONFIG_I2C_SIS5595=m +CONFIG_I2C_SIS630=m +CONFIG_I2C_SIS96X=m +CONFIG_I2C_VIA=m +CONFIG_I2C_VIAPRO=m + +# +# ACPI drivers +# +CONFIG_I2C_SCMI=m + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +CONFIG_I2C_INTEL_MID=m +CONFIG_I2C_OCORES=m +CONFIG_I2C_PCA_PLATFORM=m +# CONFIG_I2C_PXA_PCI is not set +CONFIG_I2C_SIMTEC=m +# CONFIG_I2C_XILINX is not set +CONFIG_I2C_EG20T=m + +# +# External I2C/SMBus adapter drivers +# +CONFIG_I2C_PARPORT_LIGHT=m +CONFIG_I2C_TAOS_EVM=m + +# +# Other I2C/SMBus bus drivers +# +CONFIG_I2C_STUB=m +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# CONFIG_SPI is not set + +# +# PPS support +# +# CONFIG_PPS is not set + +# +# PPS generators support +# + +# +# PTP clock support +# + +# +# Enable Device Drivers -> PPS to see the PTP clock options. +# +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +# CONFIG_GPIOLIB is not set +# CONFIG_W1 is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +# CONFIG_PDA_POWER is not set +CONFIG_TEST_POWER=m +# CONFIG_BATTERY_DS2780 is not set +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_BQ20Z75 is not set +# CONFIG_BATTERY_BQ27x00 is not set +# CONFIG_BATTERY_MAX17040 is not set +# CONFIG_BATTERY_MAX17042 is not set +# CONFIG_CHARGER_MAX8903 is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=m +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +CONFIG_SENSORS_ABITUGURU=m +CONFIG_SENSORS_ABITUGURU3=m +CONFIG_SENSORS_AD7414=m +CONFIG_SENSORS_AD7418=m +CONFIG_SENSORS_ADM1021=m +CONFIG_SENSORS_ADM1025=m +CONFIG_SENSORS_ADM1026=m +CONFIG_SENSORS_ADM1029=m +CONFIG_SENSORS_ADM1031=m +CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7411=m +CONFIG_SENSORS_ADT7462=m +CONFIG_SENSORS_ADT7470=m +CONFIG_SENSORS_ADT7475=m +CONFIG_SENSORS_ASC7621=m +CONFIG_SENSORS_K8TEMP=m +CONFIG_SENSORS_K10TEMP=m +CONFIG_SENSORS_FAM15H_POWER=m +CONFIG_SENSORS_ASB100=m +CONFIG_SENSORS_ATXP1=m +CONFIG_SENSORS_DS620=m +CONFIG_SENSORS_DS1621=m +CONFIG_SENSORS_I5K_AMB=m +CONFIG_SENSORS_F71805F=m +CONFIG_SENSORS_F71882FG=m +CONFIG_SENSORS_F75375S=m +CONFIG_SENSORS_FSCHMD=m +CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_GL518SM=m +CONFIG_SENSORS_GL520SM=m +CONFIG_SENSORS_CORETEMP=m +CONFIG_SENSORS_IBMAEM=m +CONFIG_SENSORS_IBMPEX=m +CONFIG_SENSORS_IT87=m +CONFIG_SENSORS_JC42=m +CONFIG_SENSORS_LINEAGE=m +CONFIG_SENSORS_LM63=m +CONFIG_SENSORS_LM73=m +CONFIG_SENSORS_LM75=m +CONFIG_SENSORS_LM77=m +CONFIG_SENSORS_LM78=m +CONFIG_SENSORS_LM80=m +CONFIG_SENSORS_LM83=m +CONFIG_SENSORS_LM85=m +CONFIG_SENSORS_LM87=m +CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_LM92=m +CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LTC4151=m +CONFIG_SENSORS_LTC4215=m +CONFIG_SENSORS_LTC4245=m +CONFIG_SENSORS_LTC4261=m +CONFIG_SENSORS_LM95241=m +CONFIG_SENSORS_MAX16065=m +CONFIG_SENSORS_MAX1619=m +CONFIG_SENSORS_MAX6639=m +CONFIG_SENSORS_MAX6642=m +CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_PC87360=m +CONFIG_SENSORS_PC87427=m +CONFIG_SENSORS_PCF8591=m +CONFIG_PMBUS=m +CONFIG_SENSORS_PMBUS=m +CONFIG_SENSORS_ADM1275=m +CONFIG_SENSORS_MAX16064=m +CONFIG_SENSORS_MAX34440=m +CONFIG_SENSORS_MAX8688=m +CONFIG_SENSORS_UCD9000=m +CONFIG_SENSORS_UCD9200=m +CONFIG_SENSORS_SHT21=m +CONFIG_SENSORS_SIS5595=m +CONFIG_SENSORS_SMM665=m +CONFIG_SENSORS_DME1737=m +CONFIG_SENSORS_EMC1403=m +CONFIG_SENSORS_EMC2103=m +CONFIG_SENSORS_EMC6W201=m +CONFIG_SENSORS_SMSC47M1=m +CONFIG_SENSORS_SMSC47M192=m +CONFIG_SENSORS_SMSC47B397=m +CONFIG_SENSORS_SCH5627=m +CONFIG_SENSORS_ADS1015=m +CONFIG_SENSORS_ADS7828=m +CONFIG_SENSORS_AMC6821=m +CONFIG_SENSORS_THMC50=m +CONFIG_SENSORS_TMP102=m +CONFIG_SENSORS_TMP401=m +CONFIG_SENSORS_TMP421=m +CONFIG_SENSORS_VIA_CPUTEMP=m +CONFIG_SENSORS_VIA686A=m +CONFIG_SENSORS_VT1211=m +CONFIG_SENSORS_VT8231=m +CONFIG_SENSORS_W83781D=m +CONFIG_SENSORS_W83791D=m +CONFIG_SENSORS_W83792D=m +CONFIG_SENSORS_W83793=m +CONFIG_SENSORS_W83795=m +CONFIG_SENSORS_W83795_FANCTRL=y +CONFIG_SENSORS_W83L785TS=m +CONFIG_SENSORS_W83L786NG=m +CONFIG_SENSORS_W83627HF=m +CONFIG_SENSORS_W83627EHF=m +CONFIG_SENSORS_APPLESMC=m + +# +# ACPI drivers +# +CONFIG_SENSORS_ACPI_POWER=m +CONFIG_SENSORS_ATK0110=m +CONFIG_THERMAL=y +CONFIG_THERMAL_HWMON=y +CONFIG_WATCHDOG=y +# CONFIG_WATCHDOG_NOWAYOUT is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +CONFIG_ACQUIRE_WDT=m +CONFIG_ADVANTECH_WDT=m +CONFIG_ALIM1535_WDT=m +CONFIG_ALIM7101_WDT=m +CONFIG_F71808E_WDT=m +CONFIG_SP5100_TCO=m +CONFIG_SC520_WDT=m +CONFIG_SBC_FITPC2_WATCHDOG=m +CONFIG_EUROTECH_WDT=m +CONFIG_IB700_WDT=m +CONFIG_IBMASR=m +CONFIG_WAFER_WDT=m +CONFIG_I6300ESB_WDT=m +CONFIG_ITCO_WDT=m +# CONFIG_ITCO_VENDOR_SUPPORT is not set +CONFIG_IT8712F_WDT=m +CONFIG_IT87_WDT=m +CONFIG_HP_WATCHDOG=m +# CONFIG_HPWDT_NMI_DECODING is not set +CONFIG_SC1200_WDT=m +CONFIG_PC87413_WDT=m +CONFIG_NV_TCO=m +CONFIG_60XX_WDT=m +CONFIG_SBC8360_WDT=m +CONFIG_CPU5_WDT=m +CONFIG_SMSC_SCH311X_WDT=m +CONFIG_SMSC37B787_WDT=m +CONFIG_W83627HF_WDT=m +CONFIG_W83697HF_WDT=m +CONFIG_W83697UG_WDT=m +CONFIG_W83877F_WDT=m +CONFIG_W83977F_WDT=m +CONFIG_MACHZ_WDT=m +CONFIG_SBC_EPX_C3_WATCHDOG=m + +# +# PCI-based Watchdog Cards +# +CONFIG_PCIPCWATCHDOG=m +CONFIG_WDTPCI=m +CONFIG_SSB_POSSIBLE=y + +# +# Sonics Silicon Backplane +# +CONFIG_SSB=m +CONFIG_SSB_SPROM=y +CONFIG_SSB_PCIHOST_POSSIBLE=y +CONFIG_SSB_PCIHOST=y +# CONFIG_SSB_B43_PCI_BRIDGE is not set +# CONFIG_SSB_DEBUG is not set +CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y +CONFIG_SSB_DRIVER_PCICORE=y +CONFIG_BCMA_POSSIBLE=y + +# +# Broadcom specific AMBA +# +CONFIG_BCMA=m +CONFIG_BCMA_HOST_PCI_POSSIBLE=y +CONFIG_BCMA_HOST_PCI=y +# CONFIG_BCMA_DEBUG is not set +CONFIG_MFD_SUPPORT=y +CONFIG_MFD_CORE=m +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_TPS6105X is not set +# CONFIG_TPS6507X is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_MFD_STMPE is not set +# CONFIG_MFD_TC3589X is not set +# CONFIG_MFD_TMIO is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8997 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X_I2C is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_ABX500_CORE is not set +# CONFIG_MFD_CS5535 is not set +CONFIG_LPC_SCH=m +CONFIG_MFD_RDC321X=m +CONFIG_MFD_JANZ_CMODIO=m +CONFIG_MFD_VX855=m +# CONFIG_MFD_WL1273_CORE is not set +# CONFIG_REGULATOR is not set +# CONFIG_MEDIA_SUPPORT is not set + +# +# Graphics support +# +# CONFIG_AGP is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +# CONFIG_VGA_SWITCHEROO is not set +# CONFIG_DRM is not set +CONFIG_STUB_POULSBO=m +# CONFIG_VGASTATE is not set +CONFIG_VIDEO_OUTPUT_CONTROL=m +CONFIG_FB=m +# CONFIG_FIRMWARE_EDID is not set +# CONFIG_FB_DDC is not set +# CONFIG_FB_BOOT_VESA_SUPPORT is not set +# CONFIG_FB_CFB_FILLRECT is not set +# CONFIG_FB_CFB_COPYAREA is not set +# CONFIG_FB_CFB_IMAGEBLIT is not set +# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set +# CONFIG_FB_SYS_FILLRECT is not set +# CONFIG_FB_SYS_COPYAREA is not set +# CONFIG_FB_SYS_IMAGEBLIT is not set +# CONFIG_FB_FOREIGN_ENDIAN is not set +# CONFIG_FB_SYS_FOPS is not set +# CONFIG_FB_WMT_GE_ROPS is not set +# CONFIG_FB_SVGALIB is not set +# CONFIG_FB_MACMODES is not set +# CONFIG_FB_BACKLIGHT is not set +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ARC is not set +# CONFIG_FB_VGA16 is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_N411 is not set +# CONFIG_FB_HGA is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_LE80578 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_VIA is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_GEODE is not set +# CONFIG_FB_TMIO is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_BROADSHEET is not set +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set +CONFIG_BACKLIGHT_CLASS_DEVICE=m + +# +# Display device support +# +# CONFIG_DISPLAY_SUPPORT is not set + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +CONFIG_VGACON_SOFT_SCROLLBACK=y +CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=64 +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# CONFIG_LOGO is not set +# CONFIG_SOUND is not set +# CONFIG_HID_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_UWB is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=y + +# +# LED drivers +# +# CONFIG_LEDS_LM3530 is not set +# CONFIG_LEDS_ALIX2 is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_LP5521 is not set +# CONFIG_LEDS_LP5523 is not set +# CONFIG_LEDS_CLEVO_MAIL is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_INTEL_SS4200 is not set +CONFIG_LEDS_TRIGGERS=y + +# +# LED Triggers +# +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_NFC_DEVICES is not set +# CONFIG_ACCESSIBILITY is not set +# CONFIG_INFINIBAND is not set +CONFIG_EDAC=y + +# +# Reporting subsystems +# +# CONFIG_EDAC_DEBUG is not set +CONFIG_EDAC_DECODE_MCE=y +CONFIG_EDAC_MCE_INJ=m +# CONFIG_EDAC_MM_EDAC is not set +CONFIG_RTC_LIB=y +CONFIG_RTC_CLASS=y +CONFIG_RTC_HCTOSYS=y +CONFIG_RTC_HCTOSYS_DEVICE="rtc0" +# CONFIG_RTC_DEBUG is not set + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set +CONFIG_RTC_DRV_TEST=m + +# +# I2C RTC drivers +# +CONFIG_RTC_DRV_DS1307=m +CONFIG_RTC_DRV_DS1374=m +CONFIG_RTC_DRV_DS1672=m +CONFIG_RTC_DRV_DS3232=m +CONFIG_RTC_DRV_MAX6900=m +CONFIG_RTC_DRV_RS5C372=m +CONFIG_RTC_DRV_ISL1208=m +CONFIG_RTC_DRV_ISL12022=m +CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8563=m +CONFIG_RTC_DRV_PCF8583=m +CONFIG_RTC_DRV_M41T80=m +# CONFIG_RTC_DRV_M41T80_WDT is not set +CONFIG_RTC_DRV_BQ32K=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_FM3130=m +CONFIG_RTC_DRV_RX8581=m +CONFIG_RTC_DRV_RX8025=m +CONFIG_RTC_DRV_EM3027=m +CONFIG_RTC_DRV_RV3029C2=m + +# +# SPI RTC drivers +# + +# +# Platform RTC drivers +# +CONFIG_RTC_DRV_CMOS=m +CONFIG_RTC_DRV_DS1286=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_RTC_DRV_DS1553=m +CONFIG_RTC_DRV_DS1742=m +CONFIG_RTC_DRV_STK17TA8=m +CONFIG_RTC_DRV_M48T86=m +CONFIG_RTC_DRV_M48T35=m +CONFIG_RTC_DRV_M48T59=m +CONFIG_RTC_DRV_MSM6242=m +CONFIG_RTC_DRV_BQ4802=m +CONFIG_RTC_DRV_RP5C01=m +CONFIG_RTC_DRV_V3020=m + +# +# on-CPU RTC drivers +# +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +CONFIG_INTEL_MID_DMAC=m +# CONFIG_INTEL_IOATDMA is not set +CONFIG_TIMB_DMA=m +CONFIG_PCH_DMA=m +CONFIG_DMA_ENGINE=y + +# +# DMA Clients +# +# CONFIG_NET_DMA is not set +# CONFIG_ASYNC_TX_DMA is not set +CONFIG_DMATEST=m +# CONFIG_AUXDISPLAY is not set +CONFIG_UIO=m +CONFIG_UIO_CIF=m +CONFIG_UIO_PDRV=m +CONFIG_UIO_PDRV_GENIRQ=m +CONFIG_UIO_AEC=m +CONFIG_UIO_SERCOS3=m +CONFIG_UIO_PCI_GENERIC=m +CONFIG_UIO_NETX=m +CONFIG_STAGING=y +# CONFIG_DIGIEPCA is not set +# CONFIG_RISCOM8 is not set +# CONFIG_SPECIALIX is not set +# CONFIG_COMPUTONE is not set +# CONFIG_ET131X is not set +# CONFIG_SLICOSS is not set +# CONFIG_ECHO is not set +# CONFIG_BRCMUTIL is not set +# CONFIG_COMEDI is not set +# CONFIG_RTS_PSTOR is not set +# CONFIG_POHMELFS is not set +# CONFIG_IDE_PHISON is not set +# CONFIG_HYPERV is not set +# CONFIG_VME_BUS is not set +# CONFIG_DX_SEP is not set +# CONFIG_IIO is not set +CONFIG_XVMALLOC=y +CONFIG_ZRAM=m +# CONFIG_ZRAM_DEBUG is not set +CONFIG_ZCACHE=m +# CONFIG_FB_SM7XX is not set +# CONFIG_CRYSTALHD is not set +# CONFIG_FB_XGI is not set +# CONFIG_ACPI_QUICKSTART is not set +CONFIG_MACH_NO_WESTBRIDGE=y +# CONFIG_FT1000 is not set + +# +# Speakup console speech +# +# CONFIG_SPEAKUP is not set +# CONFIG_TOUCHSCREEN_SYNAPTICS_I2C_RMI4 is not set + +# +# Altera FPGA firmware download module +# +CONFIG_ALTERA_STAPL=m +CONFIG_INTEL_MEI=m +CONFIG_X86_PLATFORM_DEVICES=y +# CONFIG_ACERHDF is not set +# CONFIG_ASUS_LAPTOP is not set +# CONFIG_FUJITSU_LAPTOP is not set +# CONFIG_HP_ACCEL is not set +# CONFIG_MSI_LAPTOP is not set +# CONFIG_PANASONIC_LAPTOP is not set +# CONFIG_COMPAL_LAPTOP is not set +# CONFIG_SONY_LAPTOP is not set +# CONFIG_IDEAPAD_LAPTOP is not set +# CONFIG_THINKPAD_ACPI is not set +CONFIG_SENSORS_HDAPS=m +# CONFIG_INTEL_MENLOW is not set +# CONFIG_ACPI_WMI is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_TOPSTAR_LAPTOP is not set +# CONFIG_ACPI_TOSHIBA is not set +# CONFIG_TOSHIBA_BT_RFKILL is not set +# CONFIG_ACPI_CMPC is not set +# CONFIG_INTEL_IPS is not set +# CONFIG_IBM_RTL is not set +# CONFIG_XO15_EBOOK is not set +# CONFIG_SAMSUNG_LAPTOP is not set +# CONFIG_INTEL_OAKTRAIL is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +CONFIG_FIRMWARE_MEMMAP=y +CONFIG_EFI_VARS=y +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_DMIID=y +CONFIG_DMI_SYSFS=m +# CONFIG_ISCSI_IBFT_FIND is not set +# CONFIG_SIGMA is not set +# CONFIG_GOOGLE_FIRMWARE is not set + +# +# File systems +# +CONFIG_EXT2_FS=m +CONFIG_EXT2_FS_XATTR=y +CONFIG_EXT2_FS_POSIX_ACL=y +CONFIG_EXT2_FS_SECURITY=y +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set +CONFIG_EXT3_FS_XATTR=y +CONFIG_EXT3_FS_POSIX_ACL=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_FS_XATTR=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD=y +CONFIG_JBD_DEBUG=y +CONFIG_JBD2=y +CONFIG_JBD2_DEBUG=y +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +CONFIG_JFS_STATISTICS=y +CONFIG_XFS_FS=m +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +CONFIG_XFS_RT=y +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +CONFIG_OCFS2_FS_STATS=y +CONFIG_OCFS2_DEBUG_MASKLOG=y +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +CONFIG_NILFS2_FS=m +CONFIG_FS_POSIX_ACL=y +CONFIG_EXPORTFS=y +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_FANOTIFY=y +CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_PRINT_QUOTA_WARNING is not set +CONFIG_QUOTA_DEBUG=y +CONFIG_QUOTA_TREE=m +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=m +CONFIG_QUOTACTL=y +CONFIG_QUOTACTL_COMPAT=y +CONFIG_AUTOFS4_FS=m +CONFIG_FUSE_FS=m +CONFIG_CUSE=m +CONFIG_GENERIC_ACL=y + +# +# Caches +# +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +CONFIG_FSCACHE_HISTOGRAM=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_FSCACHE_OBJECT_LIST=y +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_HISTOGRAM is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +# CONFIG_NTFS_DEBUG is not set +CONFIG_NTFS_RW=y + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_VMCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_TMPFS_XATTR=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_CONFIGFS_FS=m +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ADFS_FS=m +# CONFIG_ADFS_FS_RW is not set +# CONFIG_AFFS_FS is not set +CONFIG_ECRYPT_FS=m +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_LOGFS is not set +CONFIG_CRAMFS=m +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_XATTR=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_XZ=y +CONFIG_SQUASHFS_EMBEDDED=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +CONFIG_ROMFS_ON_BLOCK=y +CONFIG_PSTORE=y +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EXOFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=m +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +CONFIG_NFS_V4_1=y +CONFIG_PNFS_FILE_LAYOUT=m +CONFIG_PNFS_OBJLAYOUT=m +# CONFIG_NFS_FSCACHE is not set +# CONFIG_NFS_USE_LEGACY_DNS is not set +CONFIG_NFS_USE_KERNEL_DNS=y +# CONFIG_NFS_USE_NEW_IDMAPPER is not set +CONFIG_NFSD=m +CONFIG_NFSD_DEPRECATED=y +CONFIG_NFSD_V2_ACL=y +CONFIG_NFSD_V3=y +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +CONFIG_LOCKD=m +CONFIG_LOCKD_V4=y +CONFIG_NFS_ACL_SUPPORT=m +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=m +CONFIG_SUNRPC_GSS=m +CONFIG_RPCSEC_GSS_KRB5=m +CONFIG_CEPH_FS=m +CONFIG_CIFS=m +CONFIG_CIFS_STATS=y +CONFIG_CIFS_STATS2=y +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_UPCALL is not set +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +# CONFIG_CIFS_DEBUG2 is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_FSCACHE is not set +CONFIG_CIFS_ACL=y +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +CONFIG_AFS_FS=m +# CONFIG_AFS_DEBUG is not set +# CONFIG_AFS_FSCACHE is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +# CONFIG_LDM_PARTITION is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=m +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +# CONFIG_DLM_DEBUG is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_PRINTK_TIME=y +CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4 +# CONFIG_ENABLE_WARN_DEPRECATED is not set +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=2048 +CONFIG_MAGIC_SYSRQ=y +# CONFIG_STRIP_ASM_SYMS is not set +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_DEBUG_FS=y +# CONFIG_HEADERS_CHECK is not set +# CONFIG_DEBUG_SECTION_MISMATCH is not set +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_SHIRQ is not set +# CONFIG_LOCKUP_DETECTOR is not set +# CONFIG_HARDLOCKUP_DETECTOR is not set +# CONFIG_DETECT_HUNG_TASK is not set +# CONFIG_SCHED_DEBUG is not set +CONFIG_SCHEDSTATS=y +CONFIG_TIMER_STATS=y +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_RT_MUTEX_TESTER is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_SPARSE_RCU_POINTER is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_SPINLOCK_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +CONFIG_STACKTRACE=y +CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_KOBJECT is not set +CONFIG_DEBUG_BUGVERBOSE=y +# CONFIG_DEBUG_INFO is not set +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_WRITECOUNT is not set +CONFIG_DEBUG_MEMORY_INIT=y +# CONFIG_DEBUG_LIST is not set +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_RCU_TORTURE_TEST is not set +CONFIG_RCU_CPU_STALL_TIMEOUT=60 +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# CONFIG_DEBUG_PER_CPU_MAPS is not set +# CONFIG_LKDTM is not set +CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_FAULT_INJECTION is not set +# CONFIG_LATENCYTOP is not set +CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_DEBUG_PAGEALLOC is not set +CONFIG_USER_STACKTRACE_SUPPORT=y +CONFIG_NOP_TRACER=y +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y +CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_RING_BUFFER=y +CONFIG_EVENT_TRACING=y +CONFIG_EVENT_POWER_TRACING_DEPRECATED=y +CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACING=y +CONFIG_GENERIC_TRACER=y +CONFIG_TRACING_SUPPORT=y +CONFIG_FTRACE=y +# CONFIG_FUNCTION_TRACER is not set +# CONFIG_IRQSOFF_TRACER is not set +# CONFIG_SCHED_TRACER is not set +# CONFIG_FTRACE_SYSCALLS is not set +CONFIG_BRANCH_PROFILE_NONE=y +# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set +# CONFIG_PROFILE_ALL_BRANCHES is not set +# CONFIG_STACK_TRACER is not set +CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENT=y +# CONFIG_FTRACE_STARTUP_TEST is not set +# CONFIG_MMIOTRACE is not set +# CONFIG_RING_BUFFER_BENCHMARK is not set +CONFIG_PROVIDE_OHCI1394_DMA_INIT=y +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_ATOMIC64_SELFTEST is not set +CONFIG_ASYNC_RAID6_TEST=m +# CONFIG_SAMPLES is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_HAVE_ARCH_KMEMCHECK=y +# CONFIG_TEST_KSTRTOX is not set +# CONFIG_STRICT_DEVMEM is not set +CONFIG_X86_VERBOSE_BOOTUP=y +CONFIG_EARLY_PRINTK=y +CONFIG_EARLY_PRINTK_DBGP=y +CONFIG_DEBUG_STACKOVERFLOW=y +# CONFIG_X86_PTDUMP is not set +CONFIG_DEBUG_RODATA=y +# CONFIG_DEBUG_RODATA_TEST is not set +# CONFIG_DEBUG_SET_MODULE_RONX is not set +CONFIG_DEBUG_NX_TEST=m +# CONFIG_IOMMU_DEBUG is not set +# CONFIG_IOMMU_STRESS is not set +CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set +CONFIG_IO_DELAY_TYPE_0X80=0 +CONFIG_IO_DELAY_TYPE_0XED=1 +CONFIG_IO_DELAY_TYPE_UDELAY=2 +CONFIG_IO_DELAY_TYPE_NONE=3 +CONFIG_IO_DELAY_0X80=y +# CONFIG_IO_DELAY_0XED is not set +# CONFIG_IO_DELAY_UDELAY is not set +# CONFIG_IO_DELAY_NONE is not set +CONFIG_DEFAULT_IO_DELAY_TYPE=0 +CONFIG_DEBUG_BOOT_PARAMS=y +# CONFIG_CPA_DEBUG is not set +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set + +# +# Security options +# +CONFIG_KEYS=y +CONFIG_KEYS_DEBUG_PROC_KEYS=y +# CONFIG_SECURITY_DMESG_RESTRICT is not set +CONFIG_SECURITY=y +# CONFIG_SECURITYFS is not set +CONFIG_SECURITY_NETWORK=y +CONFIG_SECURITY_NETWORK_XFRM=y +# CONFIG_SECURITY_PATH is not set +# CONFIG_INTEL_TXT is not set +CONFIG_LSM_MMAP_MIN_ADDR=65536 +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_SELINUX_DISABLE=y +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_SECURITY_APPARMOR is not set +# CONFIG_IMA is not set +CONFIG_DEFAULT_SECURITY_SELINUX=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="selinux" +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=m +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_PCOMP=m +CONFIG_CRYPTO_PCOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_NULL=m +# CONFIG_CRYPTO_PCRYPT is not set +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_CRYPTD=m +CONFIG_CRYPTO_AUTHENC=y +CONFIG_CRYPTO_TEST=m + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_CTS=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=m + +# +# Hash modes +# +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_VMAC=m + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=m +CONFIG_CRYPTO_CRC32C_INTEL=m +CONFIG_CRYPTO_GHASH=m +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_MICHAEL_MIC=m +CONFIG_CRYPTO_RMD128=m +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_RMD256=m +CONFIG_CRYPTO_RMD320=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=m +CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_TGR192=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_X86_64=m +CONFIG_CRYPTO_AES_NI_INTEL=m +CONFIG_CRYPTO_ANUBIS=m +CONFIG_CRYPTO_ARC4=y +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=y +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SALSA20=m +CONFIG_CRYPTO_SALSA20_X86_64=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +CONFIG_CRYPTO_TWOFISH_X86_64=m + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m + +# +# Random Number Generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_USER_API=m +CONFIG_CRYPTO_USER_API_HASH=m +CONFIG_CRYPTO_USER_API_SKCIPHER=m +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_PADLOCK is not set +# CONFIG_CRYPTO_DEV_HIFN_795X is not set +CONFIG_HAVE_KVM=y +# CONFIG_VIRTUALIZATION is not set +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_RAID6_PQ=m +CONFIG_BITREVERSE=y +CONFIG_GENERIC_FIND_FIRST_BIT=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC7=m +CONFIG_LIBCRC32C=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=m +CONFIG_LZO_COMPRESS=m +CONFIG_LZO_DECOMPRESS=y +CONFIG_XZ_DEC=y +CONFIG_XZ_DEC_X86=y +CONFIG_XZ_DEC_POWERPC=y +CONFIG_XZ_DEC_IA64=y +CONFIG_XZ_DEC_ARM=y +CONFIG_XZ_DEC_ARMTHUMB=y +CONFIG_XZ_DEC_SPARC=y +CONFIG_XZ_DEC_BCJ=y +CONFIG_XZ_DEC_TEST=m +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_XZ=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_DMA=y +CONFIG_CHECK_SIGNATURE=y +CONFIG_CPU_RMAP=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m +CONFIG_AVERAGE=y diff --git a/layman/layman.cfg b/layman/layman.cfg new file mode 100644 index 0000000..b45c6f0 --- /dev/null +++ b/layman/layman.cfg @@ -0,0 +1,81 @@ +[MAIN] + +#----------------------------------------------------------- +# Defines the directory where overlays should be installed + +storage : /var/lib/layman + +#----------------------------------------------------------- +# Remote overlay lists will be stored here +# layman will append _md5(url).xml to each filename + +cache : %(storage)s/cache + +#----------------------------------------------------------- +# The list of locally installed overlays + +local_list: %(storage)s/overlays.xml + +#----------------------------------------------------------- +# Path to the make.conf file that should be modified by +# layman + +make_conf : %(storage)s/make.conf + +#----------------------------------------------------------- +# URLs of the remote lists of overlays (one per line) or +# local overlay definitions +# +#overlays : http://www.gentoo.org/proj/en/overlays/repositories.xml +# http://dev.gentoo.org/~wrobel/layman/global-overlays.xml +# http://mydomain.org/my-layman-list.xml +# file:///var/lib/layman/my-list.xml + +overlays : http://www.gentoo.org/proj/en/overlays/repositories.xml + +#----------------------------------------------------------- +# Proxy support +# If unset, layman will use the http_proxy environment variable. +# +#proxy : http://[user:pass@]www.my-proxy.org:3128 + +#----------------------------------------------------------- +# Strict checking of overlay definitions +# +# Set either to "yes" or "no". If "no" layman will issue +# warnings if an overlay definition is missing either +# description or contact information. +# +nocheck : yes + +#----------------------------------------------------------- +# Umask settings +# +# layman should usually work with a umask of 0022. You should +# only change this setting if you are absolutely certain that +# you know what you are doing. +# +#umask : 0022 + +#----------------------------------------------------------- +# Command overrides +# +# You can have commands point to either a binary at a different +# location, e.g. +# +# /home/you/local/bin/git +# +# or just the command, e.g. +# +# git +# +# to use PATH-based resolution of the binary to call. +# +#bzr_command : /usr/bin/bzr +#cvs_command : /usr/bin/cvs +#darcs_command : /usr/bin/darcs +#git_command : /usr/bin/git +#mercurial_command : /usr/bin/hg +#rsync_command : /usr/bin/rsync +#svn_command : /usr/bin/svn +#tar_command : /bin/tar diff --git a/ld.so.conf.d/05binutils.conf b/ld.so.conf.d/05binutils.conf new file mode 100644 index 0000000..88e75b5 --- /dev/null +++ b/ld.so.conf.d/05binutils.conf @@ -0,0 +1 @@ +/usr/x86_64-pc-linux-gnu/lib diff --git a/lftp/lftp.conf b/lftp/lftp.conf new file mode 100644 index 0000000..08d6f7c --- /dev/null +++ b/lftp/lftp.conf @@ -0,0 +1,90 @@ +## some useful aliases +alias dir ls +alias less more +alias zless zmore +alias bzless bzmore +alias reconnect "close; cache flush; cd ." +alias edit "eval -f \"get $0 -o ~/.lftp/edit.tmp.$$ && shell \\\"cp -p ~/.lftp/edit.tmp.$$ ~/.lftp/edit.tmp.$$.orig && $EDITOR ~/.lftp/edit.tmp.$$ && test ~/.lftp/edit.tmp.$$ -nt ~/.lftp/edit.tmp.$$.orig\\\" && put ~/.lftp/edit.tmp.$$ -o $0; shell rm -f ~/.lftp/edit.tmp.$$*\"" + +## make prompt look better +set prompt "lftp \S\? \u\@\h:\w> " +## some may prefer colors (contributed by Matthew ) +#set prompt "\[\e[1;30m\][\[\e[0;34m\]f\[\e[1m\]t\[\e[37m\]p\[\e[30m\]] \[\e[34m\]\u\[\e[0;34m\]\@\[\e[1m\]\h\[\e[1;30m\]:\[\e[1;34m\]\w\[\e[1;30m\]>\[\e[0m\] " +## Uncomment the following two lines to make switch cls and ls, making +## cls the default. +#alias ls command cls +#alias hostls command ls + +## default protocol selection +#set default-protocol/ftp.* ftp +#set default-protocol/www.* http +#set default-protocol/localhost file + +## this makes lftp faster but doesn't work with some sites/routers +#set ftp:sync-mode off + +## synchronous mode for broken servers and/or routers +set sync-mode/ftp.idsoftware.com on +set sync-mode/ftp.microsoft.com on +set sync-mode/sunsolve.sun.com on +## extended regex to match first server message for automatic sync-mode. +set auto-sync-mode "icrosoft FTP Service|MadGoat|MikroTik" + +## if default ftp passive mode does not work, try this: +# set ftp:passive-mode off + +## Set this to follow http redirections +set xfer:max-redirections 10 + +## Proxy can help to pass a firewall +## Environment variables ftp_proxy, http_proxy and no_proxy are used to +## initialize the below variables automatically. You can set them here too. +## +## ftp:proxy must communicate with client over ftp protocol, squid won't do. +## This can be e.g. TIS-FWTK or rftpd. User and password are optional. +# set ftp:proxy ftp://[user:pass@]your_ftp_proxy:port +## ...but squid still can be used to access ftp servers, using hftp protocol: +# set ftp:proxy http://your.squid.address:port +## ...if squid allows CONNECT to arbitrary ports, then you can use CONNECT +## instead of hftp: +# set ftp:use-hftp no +## +## no proxy for host +# set ftp:proxy/local_host "" +## or domain +# set ftp:proxy/*.domain.com ... +## +## http:proxy must communicate with client over http protocol, e.g. squid. +## Default port is 3128. +# set http:proxy your_http_proxy[:port] +## hftp:proxy must also be an http proxy. It is used for FTP over HTTP access. +# set hftp:proxy your_http_proxy[:port] +## +## net:no-proxy disables proxy usage for list of domains. +# set net:no-proxy .domain.com,.otherdom.net + +## If you don't have direct ftp access, this setting can be useful to select +## hftp instead of ftp automatically. +# set ftp:proxy http://your.http.proxy:port + +## This can be used for automatic saving of configuration +# set at-exit "set > ~/.lftp/settings" +# source ~/.lftp/settings + +## and this is for remembring last site +## (combine with previous rule if you want) +# set at-exit "bo a last" +# open last + +## Terminal strings to set titlebars for terminals that don't +## properly specify tsl and fsl capabilities. +## Use cmd:set-term-status to enable this. +set cmd:term-status/*screen* "\e_\T\e\\" +set cmd:term-status/*xterm* "\e[11;0]\e]2;\T\007\e[11]" +set cmd:term-status/*rxvt* "\e[11;0]\e]2;\T\007\e[11]" +# set cmd:set-term-status on + +## If you don't like advertising lftp or servers hate it, set this: +# set ftp:anon-pass "mozilla@" +# set ftp:client "" +# set http:user-agent "Mozilla/4.7 [en] (WinNT; I)" diff --git a/local.d/README b/local.d/README new file mode 100644 index 0000000..d3c1156 --- /dev/null +++ b/local.d/README @@ -0,0 +1,9 @@ +This directory should contain programs or scripts which are to be run +when the local service is started or stopped. + +If a file in this directory is executable and it has a .start extension, +it will be run when the local service is started. If a file is +executable and it has a .stop extension, it will be run when the local +service is stopped. + +All files are processed in lexical order. diff --git a/local.d/baselayout1.start b/local.d/baselayout1.start new file mode 100755 index 0000000..85ea2e2 --- /dev/null +++ b/local.d/baselayout1.start @@ -0,0 +1,13 @@ +# /etc/conf.d/local.start + +# This is a good place to load any misc programs +# on startup (use &>/dev/null to hide output) + +echo "Setze Standard-Route IPv6 via fe80::1 dev eth0" +/sbin/ip -6 route add default via fe80::1 dev eth0 + +#/sbin/ip -6 route add "2a01:238:4225:6e00::/56" dev lo + +echo "Sende Mail wegen Boot ..." +echo "Server `hostname` wird '`date`' gebootet" | /usr/bin/mailx -s "Boot von `hostname`" root@localhost + diff --git a/local.d/baselayout1.stop b/local.d/baselayout1.stop new file mode 100755 index 0000000..fba418d --- /dev/null +++ b/local.d/baselayout1.stop @@ -0,0 +1,16 @@ +# /etc/conf.d/local.stop + +# This is a good place to unload any misc. +# programs you started above. +# For example, if you are using OSS and have +# "/usr/local/bin/soundon" above, put +# "/usr/local/bin/soundoff" here. + +echo "Sende Mail wegen Shutdown ..." +echo "Server `hostname` wird '`date`' ordentlich heruntergefahren" | /usr/bin/mailx -s "Shutdown von `hostname`" root@localhost + +echo +echo "Warte 5 Sekunden ..." +echo +sleep 5 + diff --git a/logrotate.d/.rcs/apache2,v b/logrotate.d/.rcs/apache2,v new file mode 100644 index 0000000..ffe49c7 --- /dev/null +++ b/logrotate.d/.rcs/apache2,v @@ -0,0 +1,73 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.02.12.03.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.12.01.06.54.26; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# Apache2 logrotate snipet for Gentoo Linux +# Contributes by Chuck Short +# +#/var/log/apache2/*log { +# missingok +# notifempty +# sharedscripts +# postrotate +# /etc/init.d/apache2 reload > /dev/null 2>&1 || true +# endscript +#} + +script apache2-reload + /etc/init.d/apache2 reload >/dev/null || true +endscript + +#rotate 10 +daily + +/var/log/apache2/*log { + size 4m + olddir /var/log/apache2/%Y-%m + postrotate apache2-reload +} + +# vim: ts=4 filetype=conf +@ + + +1.1 +log +@Initial revision +@ +text +@d4 16 +d21 3 +a23 6 + missingok + notifempty + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null 2>&1 || true + endscript +d25 2 +@ diff --git a/logrotate.d/.rcs/clamav,v b/logrotate.d/.rcs/clamav,v new file mode 100644 index 0000000..2266e61 --- /dev/null +++ b/logrotate.d/.rcs/clamav,v @@ -0,0 +1,61 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.02.12.03.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.12.01.19.01.48; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@/var/log/clamav/clamd.log { + missingok + weekly + size 1m + postrotate + /etc/init.d/clamd logfix + /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true + endscript +} + +/var/log/clamav/freshclam.log { + missingok + weekly + size 1m + postrotate + /etc/init.d/clamd logfix + /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true + endscript +} + +# vim: ts=4 filetype=conf +@ + + +1.1 +log +@Initial revision +@ +text +@d3 2 +d13 2 +d20 2 +@ diff --git a/logrotate.d/.rcs/elog-save-summary,v b/logrotate.d/.rcs/elog-save-summary,v new file mode 100644 index 0000000..ba0950c --- /dev/null +++ b/logrotate.d/.rcs/elog-save-summary,v @@ -0,0 +1,51 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.02.12.03.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.30.21.18.51; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id: elog-save-summary 7609 2007-08-15 04:37:36Z zmedico $ +# Rotate the log created by the save_summary elog module. + +/var/log/portage/elog/summary.log { + missingok + nocreate + delaycompress +} + +# vim: ts=4 filetype=conf +@ + + +1.1 +log +@Initial revision +@ +text +@d3 1 +d11 2 +@ diff --git a/logrotate.d/.rcs/mysql,v b/logrotate.d/.rcs/mysql,v new file mode 100644 index 0000000..fdd85d8 --- /dev/null +++ b/logrotate.d/.rcs/mysql,v @@ -0,0 +1,55 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.02.12.03.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.30.06.29.11; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql-init-scripts/files/logrotate.mysql,v 1.1 2007/01/12 16:54:20 chtekk Exp $ + +/var/log/mysql/mysql.err /var/log/mysql/mysql.log /var/log/mysql/mysqld.err { +monthly +create 660 mysql mysql +notifempty +size 5M +sharedscripts +missingok +postrotate +/bin/kill -HUP `cat /var/run/mysqld/mysqld.pid` +endscript +} + +# vim: ts=4 filetype=conf +@ + + +1.1 +log +@Initial revision +@ +text +@d16 2 +@ diff --git a/logrotate.d/.rcs/named,v b/logrotate.d/.rcs/named,v new file mode 100644 index 0000000..38d65fe --- /dev/null +++ b/logrotate.d/.rcs/named,v @@ -0,0 +1,51 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.27.10.53.14; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@ +script named-reload + /usr/sbin/rndc reload >/dev/null || true +endscript + +/var/log/named/complete-debug.log /var/log/named/debug.log /var/log/named/query.log { + daily + olddir /var/log/named/%Y-%m + size 4M + maxage 6m + notifempty + missingok + postrotate named-reload +} + +/var/log/named/named.log { + weekly + olddir /var/log/named/%Y-%m + size 1M + maxage 2y + notifempty + missingok + postrotate named-reload +} + + +# vim: ts=4 filetype=conf +@ diff --git a/logrotate.d/.rcs/rsyncd,v b/logrotate.d/.rcs/rsyncd,v new file mode 100644 index 0000000..74264c8 --- /dev/null +++ b/logrotate.d/.rcs/rsyncd,v @@ -0,0 +1,49 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.02.12.03.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.30.16.27.03; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@/var/log/rsync.log { + compress + maxage 365 + rotate 7 + size=+1024k + notifempty + missingok + copytruncate +} + +# vim: ts=4 filetype=conf +@ + + +1.1 +log +@Initial revision +@ +text +@d10 2 +@ diff --git a/logrotate.d/.rcs/syslog-ng,v b/logrotate.d/.rcs/syslog-ng,v new file mode 100644 index 0000000..9500953 --- /dev/null +++ b/logrotate.d/.rcs/syslog-ng,v @@ -0,0 +1,105 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.02.12.03.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.30.21.54.44; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.logrotate,v 1.3 2008/10/15 20:46:12 mr_bones_ Exp $ +# +# Syslog-ng logrotate snippet for Gentoo Linux +# contributed by Michael Sterrett +# + +#/var/log/messages { +# missingok +# sharedscripts +# postrotate +# /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true +# endscript +#} + +script syslog-reload + /etc/init.d/syslog-ng reload >/dev/null || true +endscript + +/var/log/messages { + daily + olddir /var/log/.old/%Y-%m + size 1024K + postrotate syslog-reload +} + +/var/log/syslog.d/* { + daily + olddir /var/log/syslog.d/.old/%Y-%m + size 1024K + postrotate syslog-reload + maxage 1y +} + +/var/log/debug.log { + daily + olddir /var/log/.old/%Y-%m + size 4M + postrotate syslog-reload + maxage 6m +} + +/var/log/mail/authdaemond /var/log/mail/amavis* /var/log/mail/imapd* /var/log/mail/pop3d* /var/log/mail/postgrey /var/log/mail/spam* { + daily + olddir /var/log/mail/.old/%Y-%m + size 1024K + postrotate syslog-reload + maxage 1y +} + +/var/log/mail/postfix/* { + daily + olddir /var/log/mail/.old/postfix/%Y-%m + size 1024K + postrotate syslog-reload + maxage 1y +} + + +# vim: ts=4 filetype=conf +@ + + +1.1 +log +@Initial revision +@ +text +@d7 12 +d20 4 +a23 5 + missingok + sharedscripts + postrotate + /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true + endscript +d25 35 +@ diff --git a/logrotate.d/.rcs/ulogd,v b/logrotate.d/.rcs/ulogd,v new file mode 100644 index 0000000..7ee287b --- /dev/null +++ b/logrotate.d/.rcs/ulogd,v @@ -0,0 +1,67 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.12.02.12.03.24; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.30.16.29.33; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@#/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap { +# missingok +# sharedscripts +# postrotate +# /bin/killall -HUP ulogd 2> /dev/null || true +# endscript +#} + +/var/log/ulogd/*.log { + daily + maxage 2y + rotate 999 + olddir /var/log/ulogd/%Y-%m + size 4M + sharedscripts + postrotate + #/etc/init.d/ulogd restart + /bin/killall -HUP ulogd 2> /dev/null || true + endscript +} + +# vim: ts=4 filetype=conf +@ + + +1.1 +log +@Initial revision +@ +text +@d1 14 +a14 2 +/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap { + missingok +d17 2 +a18 1 + /bin/killall -HUP ulogd 2> /dev/null || true +d21 2 +@ diff --git a/logrotate.d/apache2 b/logrotate.d/apache2 new file mode 100644 index 0000000..461976e --- /dev/null +++ b/logrotate.d/apache2 @@ -0,0 +1,26 @@ +# Apache2 logrotate snipet for Gentoo Linux +# Contributes by Chuck Short +# +#/var/log/apache2/*log { +# missingok +# notifempty +# sharedscripts +# postrotate +# /etc/init.d/apache2 reload > /dev/null 2>&1 || true +# endscript +#} + +script apache2-reload + /etc/init.d/apache2 reload >/dev/null || true +endscript + +#rotate 10 +daily + +/var/log/apache2/*log { + size 4m + olddir /var/log/apache2/%Y-%m + postrotate apache2-reload +} + +# vim: ts=4 filetype=conf diff --git a/logrotate.d/clamav b/logrotate.d/clamav new file mode 100644 index 0000000..01b8323 --- /dev/null +++ b/logrotate.d/clamav @@ -0,0 +1,21 @@ +/var/log/clamav/clamd.log { + missingok + weekly + size 1m + postrotate + /etc/init.d/clamd logfix + /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true + endscript +} + +/var/log/clamav/freshclam.log { + missingok + weekly + size 1m + postrotate + /etc/init.d/clamd logfix + /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true + endscript +} + +# vim: ts=4 filetype=conf diff --git a/logrotate.d/elog-save-summary b/logrotate.d/elog-save-summary new file mode 100644 index 0000000..81f69bd --- /dev/null +++ b/logrotate.d/elog-save-summary @@ -0,0 +1,12 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# Rotate the log created by the save_summary elog module. + +/var/log/portage/elog/summary.log { + #su portage portage + missingok + nocreate + delaycompress +} + +# vim: ts=4 filetype=conf diff --git a/logrotate.d/mysql b/logrotate.d/mysql new file mode 100644 index 0000000..14ecda4 --- /dev/null +++ b/logrotate.d/mysql @@ -0,0 +1,17 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /etc/logrotate.d/.rcs/mysql,v 1.2 2010/12/02 12:03:24 root Exp $ + +/var/log/mysql/mysql.err /var/log/mysql/mysql.log /var/log/mysql/mysqld.err { +monthly +create 660 mysql mysql +notifempty +size 5M +sharedscripts +missingok +postrotate +/bin/kill -HUP `cat /var/run/mysqld/mysqld.pid` +endscript +} + +# vim: ts=4 filetype=conf diff --git a/logrotate.d/named b/logrotate.d/named new file mode 100644 index 0000000..70c66c6 --- /dev/null +++ b/logrotate.d/named @@ -0,0 +1,27 @@ + +script named-reload + /etc/init.d/named restart >/dev/null || true +endscript + +/var/log/named/complete-debug.log /var/log/named/debug.log /var/log/named/query.log { + daily + olddir /var/log/named/%Y-%m + size 4M + maxage 6m + notifempty + missingok + postrotate named-reload +} + +/var/log/named/named.log { + weekly + olddir /var/log/named/%Y-%m + size 1M + maxage 2y + notifempty + missingok + postrotate named-reload +} + + +# vim: ts=4 filetype=conf diff --git a/logrotate.d/openrc b/logrotate.d/openrc new file mode 100644 index 0000000..a168f23 --- /dev/null +++ b/logrotate.d/openrc @@ -0,0 +1,7 @@ +/var/log/rc.log { + compress + rotate 4 + weekly + missingok + notifempty +} diff --git a/logrotate.d/rsyncd b/logrotate.d/rsyncd new file mode 100644 index 0000000..1b5d3b3 --- /dev/null +++ b/logrotate.d/rsyncd @@ -0,0 +1,11 @@ +/var/log/rsync.log { + compress + maxage 365 + rotate 7 + size=+1024k + notifempty + missingok + copytruncate +} + +# vim: ts=4 filetype=conf diff --git a/logrotate.d/syslog-ng b/logrotate.d/syslog-ng new file mode 100644 index 0000000..421d307 --- /dev/null +++ b/logrotate.d/syslog-ng @@ -0,0 +1,59 @@ +# $Header: /etc/logrotate.d/.rcs/syslog-ng,v 1.2 2010/12/02 12:03:24 root Exp $ +# +# Syslog-ng logrotate snippet for Gentoo Linux +# contributed by Michael Sterrett +# + +#/var/log/messages { +# missingok +# sharedscripts +# postrotate +# /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true +# endscript +#} + +script syslog-reload + /etc/init.d/syslog-ng reload >/dev/null || true +endscript + +/var/log/messages { + daily + olddir /var/log/.old/%Y-%m + size 1024K + postrotate syslog-reload +} + +/var/log/syslog.d/* { + daily + olddir /var/log/syslog.d/.old/%Y-%m + size 1024K + postrotate syslog-reload + maxage 1y +} + +/var/log/debug.log { + daily + olddir /var/log/.old/%Y-%m + size 4M + postrotate syslog-reload + maxage 6m +} + +/var/log/mail/authdaemond /var/log/mail/amavis* /var/log/mail/imapd* /var/log/mail/pop3d* /var/log/mail/postgrey /var/log/mail/spam* { + daily + olddir /var/log/mail/.old/%Y-%m + size 1024K + postrotate syslog-reload + maxage 1y +} + +/var/log/mail/postfix/* { + daily + olddir /var/log/mail/.old/postfix/%Y-%m + size 1024K + postrotate syslog-reload + maxage 1y +} + + +# vim: ts=4 filetype=conf diff --git a/logrotate.d/ulogd b/logrotate.d/ulogd new file mode 100644 index 0000000..f468319 --- /dev/null +++ b/logrotate.d/ulogd @@ -0,0 +1,22 @@ +#/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap { +# missingok +# sharedscripts +# postrotate +# /bin/killall -HUP ulogd 2> /dev/null || true +# endscript +#} + +/var/log/ulogd/*.log { + daily + maxage 2y + rotate 999 + olddir /var/log/ulogd/%Y-%m + size 4M + sharedscripts + postrotate + /etc/init.d/ulogd restart + #/bin/killall -HUP ulogd 2> /dev/null || true + endscript +} + +# vim: ts=4 filetype=conf diff --git a/lvm/archive/vg0_00000.vg b/lvm/archive/vg0_00000.vg new file mode 100644 index 0000000..2310709 --- /dev/null +++ b/lvm/archive/vg0_00000.vg @@ -0,0 +1,208 @@ +# Generated by LVM2 version 2.02.73(2) (2010-09-18): Tue Nov 30 00:58:00 2010 + +contents = "Text Format Volume Group" +version = 1 + +description = "Created *before* executing '/sbin/vgscan --mknodes --config 'global { locking_dir = \"/dev/.lvm\" }''" + +creation_host = "(none)" # Linux (none) 2.6.34-gentoo-r12 #1 SMP Mon Nov 29 18:31:06 CET 2010 x86_64 +creation_time = 1291075080 # Tue Nov 30 00:58:00 2010 + +vg0 { + id = "UflbwM-FGlw-qFqq-1b6T-Uw2G-AAdY-M94ilh" + seqno = 10 + status = ["RESIZEABLE", "READ", "WRITE"] + flags = [] + extent_size = 8192 # 4 Megabytes + max_lv = 0 + max_pv = 0 + metadata_copies = 0 + + physical_volumes { + + pv0 { + id = "k3351o-llEC-DnzL-mbrw-m3kb-mvv0-5mIRfc" + device = "/dev/md5" # Hint only + + status = ["ALLOCATABLE"] + flags = [] + dev_size = 957313152 # 456.482 Gigabytes + pe_start = 384 + pe_count = 116859 # 456.48 Gigabytes + } + } + + logical_volumes { + + tmp { + id = "1bbUbK-jKNY-dbqm-U0T0-OKff-h5Ed-NtK8fh" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 512 # 2 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 0 + ] + } + } + + usr { + id = "QdCiqc-WAxV-qFyC-808H-tdyt-xdEf-Qbfzv2" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3072 # 12 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 512 + ] + } + } + + var { + id = "nz4D5c-TcAH-O0iD-RSs7-0Cjg-rDSA-399f3S" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3840 # 15 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 3584 + ] + } + } + + opt { + id = "vNtxlo-1SGL-LRmW-6Rcj-K2lv-SsWW-Mj76sq" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3840 # 15 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 7424 + ] + } + } + + home { + id = "jQqaJP-Su48-lBZz-oVdu-HNru-6m3L-zXLgiz" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 25600 # 100 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 11264 + ] + } + } + + var_tmp { + id = "MvBpIS-WHWz-HpzV-gTfI-yexq-Odbk-9gLkL8" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 36864 + ] + } + } + + backup { + id = "oU4b0r-e0Qh-RsUg-n0m0-JAx2-T3is-UOXV7W" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 15360 # 60 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 39424 + ] + } + } + + portage { + id = "7RV5kq-43Ep-eJil-3RSc-IQj5-Rjzp-CtLxfY" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 1280 # 5 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 54784 + ] + } + } + + distfiles { + id = "RTdfBJ-rROm-3zao-FAjG-5iQT-kBPE-dJ43zh" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 56064 + ] + } + } + } +} diff --git a/lvm/archive/vg0_00001.vg b/lvm/archive/vg0_00001.vg new file mode 100644 index 0000000..ff3e3a8 --- /dev/null +++ b/lvm/archive/vg0_00001.vg @@ -0,0 +1,208 @@ +# Generated by LVM2 version 2.02.73(2) (2010-09-18): Tue Nov 30 09:12:50 2010 + +contents = "Text Format Volume Group" +version = 1 + +description = "Created *before* executing 'lvcreate -L 50G -n www vg0'" + +creation_host = "helga" # Linux helga 2.6.34-gentoo-r12 #1 SMP Mon Nov 29 18:31:06 CET 2010 x86_64 +creation_time = 1291104770 # Tue Nov 30 09:12:50 2010 + +vg0 { + id = "UflbwM-FGlw-qFqq-1b6T-Uw2G-AAdY-M94ilh" + seqno = 10 + status = ["RESIZEABLE", "READ", "WRITE"] + flags = [] + extent_size = 8192 # 4 Megabytes + max_lv = 0 + max_pv = 0 + metadata_copies = 0 + + physical_volumes { + + pv0 { + id = "k3351o-llEC-DnzL-mbrw-m3kb-mvv0-5mIRfc" + device = "/dev/md5" # Hint only + + status = ["ALLOCATABLE"] + flags = [] + dev_size = 957313152 # 456.482 Gigabytes + pe_start = 384 + pe_count = 116859 # 456.48 Gigabytes + } + } + + logical_volumes { + + tmp { + id = "1bbUbK-jKNY-dbqm-U0T0-OKff-h5Ed-NtK8fh" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 512 # 2 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 0 + ] + } + } + + usr { + id = "QdCiqc-WAxV-qFyC-808H-tdyt-xdEf-Qbfzv2" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3072 # 12 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 512 + ] + } + } + + var { + id = "nz4D5c-TcAH-O0iD-RSs7-0Cjg-rDSA-399f3S" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3840 # 15 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 3584 + ] + } + } + + opt { + id = "vNtxlo-1SGL-LRmW-6Rcj-K2lv-SsWW-Mj76sq" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3840 # 15 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 7424 + ] + } + } + + home { + id = "jQqaJP-Su48-lBZz-oVdu-HNru-6m3L-zXLgiz" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 25600 # 100 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 11264 + ] + } + } + + var_tmp { + id = "MvBpIS-WHWz-HpzV-gTfI-yexq-Odbk-9gLkL8" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 36864 + ] + } + } + + backup { + id = "oU4b0r-e0Qh-RsUg-n0m0-JAx2-T3is-UOXV7W" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 15360 # 60 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 39424 + ] + } + } + + portage { + id = "7RV5kq-43Ep-eJil-3RSc-IQj5-Rjzp-CtLxfY" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 1280 # 5 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 54784 + ] + } + } + + distfiles { + id = "RTdfBJ-rROm-3zao-FAjG-5iQT-kBPE-dJ43zh" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 56064 + ] + } + } + } +} diff --git a/lvm/archive/vg0_00002.vg b/lvm/archive/vg0_00002.vg new file mode 100644 index 0000000..d643ae5 --- /dev/null +++ b/lvm/archive/vg0_00002.vg @@ -0,0 +1,227 @@ +# Generated by LVM2 version 2.02.73(2) (2010-09-18): Tue Nov 30 09:13:04 2010 + +contents = "Text Format Volume Group" +version = 1 + +description = "Created *before* executing 'lvcreate -L 10G -n var_lib vg0'" + +creation_host = "helga" # Linux helga 2.6.34-gentoo-r12 #1 SMP Mon Nov 29 18:31:06 CET 2010 x86_64 +creation_time = 1291104784 # Tue Nov 30 09:13:04 2010 + +vg0 { + id = "UflbwM-FGlw-qFqq-1b6T-Uw2G-AAdY-M94ilh" + seqno = 11 + status = ["RESIZEABLE", "READ", "WRITE"] + flags = [] + extent_size = 8192 # 4 Megabytes + max_lv = 0 + max_pv = 0 + metadata_copies = 0 + + physical_volumes { + + pv0 { + id = "k3351o-llEC-DnzL-mbrw-m3kb-mvv0-5mIRfc" + device = "/dev/md5" # Hint only + + status = ["ALLOCATABLE"] + flags = [] + dev_size = 957313152 # 456.482 Gigabytes + pe_start = 384 + pe_count = 116859 # 456.48 Gigabytes + } + } + + logical_volumes { + + tmp { + id = "1bbUbK-jKNY-dbqm-U0T0-OKff-h5Ed-NtK8fh" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 512 # 2 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 0 + ] + } + } + + usr { + id = "QdCiqc-WAxV-qFyC-808H-tdyt-xdEf-Qbfzv2" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3072 # 12 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 512 + ] + } + } + + var { + id = "nz4D5c-TcAH-O0iD-RSs7-0Cjg-rDSA-399f3S" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3840 # 15 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 3584 + ] + } + } + + opt { + id = "vNtxlo-1SGL-LRmW-6Rcj-K2lv-SsWW-Mj76sq" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3840 # 15 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 7424 + ] + } + } + + home { + id = "jQqaJP-Su48-lBZz-oVdu-HNru-6m3L-zXLgiz" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 25600 # 100 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 11264 + ] + } + } + + var_tmp { + id = "MvBpIS-WHWz-HpzV-gTfI-yexq-Odbk-9gLkL8" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 36864 + ] + } + } + + backup { + id = "oU4b0r-e0Qh-RsUg-n0m0-JAx2-T3is-UOXV7W" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 15360 # 60 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 39424 + ] + } + } + + portage { + id = "7RV5kq-43Ep-eJil-3RSc-IQj5-Rjzp-CtLxfY" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 1280 # 5 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 54784 + ] + } + } + + distfiles { + id = "RTdfBJ-rROm-3zao-FAjG-5iQT-kBPE-dJ43zh" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 56064 + ] + } + } + + www { + id = "G2ctQb-TMPR-o3Iw-CtCz-A8io-Tpqq-krXN6O" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 12800 # 50 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 58624 + ] + } + } + } +} diff --git a/lvm/backup/vg0 b/lvm/backup/vg0 new file mode 100644 index 0000000..9f7424f --- /dev/null +++ b/lvm/backup/vg0 @@ -0,0 +1,246 @@ +# Generated by LVM2 version 2.02.73(2) (2010-09-18): Tue Nov 30 09:13:04 2010 + +contents = "Text Format Volume Group" +version = 1 + +description = "Created *after* executing 'lvcreate -L 10G -n var_lib vg0'" + +creation_host = "helga" # Linux helga 2.6.34-gentoo-r12 #1 SMP Mon Nov 29 18:31:06 CET 2010 x86_64 +creation_time = 1291104784 # Tue Nov 30 09:13:04 2010 + +vg0 { + id = "UflbwM-FGlw-qFqq-1b6T-Uw2G-AAdY-M94ilh" + seqno = 12 + status = ["RESIZEABLE", "READ", "WRITE"] + flags = [] + extent_size = 8192 # 4 Megabytes + max_lv = 0 + max_pv = 0 + metadata_copies = 0 + + physical_volumes { + + pv0 { + id = "k3351o-llEC-DnzL-mbrw-m3kb-mvv0-5mIRfc" + device = "/dev/md5" # Hint only + + status = ["ALLOCATABLE"] + flags = [] + dev_size = 957313152 # 456.482 Gigabytes + pe_start = 384 + pe_count = 116859 # 456.48 Gigabytes + } + } + + logical_volumes { + + tmp { + id = "1bbUbK-jKNY-dbqm-U0T0-OKff-h5Ed-NtK8fh" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 512 # 2 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 0 + ] + } + } + + usr { + id = "QdCiqc-WAxV-qFyC-808H-tdyt-xdEf-Qbfzv2" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3072 # 12 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 512 + ] + } + } + + var { + id = "nz4D5c-TcAH-O0iD-RSs7-0Cjg-rDSA-399f3S" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3840 # 15 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 3584 + ] + } + } + + opt { + id = "vNtxlo-1SGL-LRmW-6Rcj-K2lv-SsWW-Mj76sq" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 3840 # 15 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 7424 + ] + } + } + + home { + id = "jQqaJP-Su48-lBZz-oVdu-HNru-6m3L-zXLgiz" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 25600 # 100 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 11264 + ] + } + } + + var_tmp { + id = "MvBpIS-WHWz-HpzV-gTfI-yexq-Odbk-9gLkL8" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 36864 + ] + } + } + + backup { + id = "oU4b0r-e0Qh-RsUg-n0m0-JAx2-T3is-UOXV7W" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 15360 # 60 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 39424 + ] + } + } + + portage { + id = "7RV5kq-43Ep-eJil-3RSc-IQj5-Rjzp-CtLxfY" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 1280 # 5 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 54784 + ] + } + } + + distfiles { + id = "RTdfBJ-rROm-3zao-FAjG-5iQT-kBPE-dJ43zh" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 56064 + ] + } + } + + www { + id = "G2ctQb-TMPR-o3Iw-CtCz-A8io-Tpqq-krXN6O" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 12800 # 50 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 58624 + ] + } + } + + var_lib { + id = "Uvg5NV-3h9X-YZpv-ouET-IGsD-SA4t-WQInlY" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 71424 + ] + } + } + } +} diff --git a/lvm/cache/.cache b/lvm/cache/.cache new file mode 100644 index 0000000..f9a8c07 --- /dev/null +++ b/lvm/cache/.cache @@ -0,0 +1,121 @@ +# This file is automatically maintained by lvm. + +persistent_filter_cache { + valid_devices=[ + "/dev/block/1:13", + "/dev/block/1:14", + "/dev/disk/by-uuid/016e320e-adc4-49e2-bbef-3bbfcca3e061", + "/dev/disk/by-uuid/2ef3f905-85fb-449d-a475-cc7b155859e9", + "/dev/md5", + "/dev/dm-6", + "/dev/ram11", + "/dev/disk/by-uuid/4529fd4e-3f6a-4f93-97f6-13b239e290d0", + "/dev/mapper/vg0-opt", + "/dev/mapper/vg0-var_tmp", + "/dev/disk/by-uuid/ef01531f-1d0b-4017-9a0a-fe283b0b4002", + "/dev/block/253:2", + "/dev/block/253:8", + "/dev/mapper/vg0-tmp", + "/dev/disk/by-id/dm-name-vg0-portage", + "/dev/block/1:12", + "/dev/vg0/home", + "/dev/md/4_0", + "/dev/dm-5", + "/dev/vg0/distfiles", + "/dev/ram10", + "/dev/disk/by-id/md-uuid-d40fb806:936051ce:2bb44714:c9ba289e", + "/dev/mapper/vg0-backup", + "/dev/disk/by-id/md-uuid-e14ce422:f5403896:2bb44714:c9ba289e", + "/dev/block/253:3", + "/dev/block/253:4", + "/dev/block/253:7", + "/dev/disk/by-id/dm-name-vg0-usr", + "/dev/block/1:10", + "/dev/vg0/portage", + "/dev/ram12", + "/dev/vg0/opt", + "/dev/block/1:6", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilhRTdfBJrROm3zaoFAjG5iQTkBPEdJ43zh", + "/dev/disk/by-id/dm-name-vg0-var", + "/dev/ram6", + "/dev/block/253:1", + "/dev/mapper/vg0-portage", + "/dev/disk/by-id/md-uuid-e646515a:d67b7d90:2bb44714:c9ba289e", + "/dev/disk/by-uuid/195667d8-27ba-43d7-8f7c-4e1adec2480e", + "/dev/block/1:11", + "/dev/block/9:5", + "/dev/ram13", + "/dev/ram14", + "/dev/block/1:5", + "/dev/disk/by-uuid/6c4afd3c-e823-4b2f-8bf9-379dad03656a", + "/dev/vg0/tmp", + "/dev/mapper/vg0-distfiles", + "/dev/ram5", + "/dev/block/253:0", + "/dev/vg0/backup", + "/dev/block/1:15", + "/dev/dm-2", + "/dev/md3", + "/dev/md4", + "/dev/dm-8", + "/dev/block/1:1", + "/dev/mapper/vg0-home", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilhMvBpISWHWzHpzVgTfIyexqOdbk9gLkL8", + "/dev/ram1", + "/dev/disk/by-uuid/45140c03-809b-4343-8c8a-c424786ed86b", + "/dev/block/253:6", + "/dev/mapper/vg0-usr", + "/dev/md2", + "/dev/dm-3", + "/dev/dm-4", + "/dev/dm-7", + "/dev/block/1:0", + "/dev/mapper/vg0-var", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilhQdCiqcWAxVqFyC808HtdytxdEfQbfzv2", + "/dev/disk/by-id/dm-name-vg0-var_tmp", + "/dev/disk/by-id/dm-name-vg0-distfiles", + "/dev/ram0", + "/dev/disk/by-id/dm-name-vg0-home", + "/dev/vg0/var_tmp", + "/dev/block/253:5", + "/dev/disk/by-uuid/3d73e83f-56d2-4d34-a881-0db5edb71ca2", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilh7RV5kq43EpeJil3RScIQj5RjzpCtLxfY", + "/dev/block/9:2", + "/dev/dm-1", + "/dev/root", + "/dev/disk/by-uuid/8313d568-2a70-4cf9-a608-7a82bf9e12a5", + "/dev/disk/by-id/dm-name-vg0-tmp", + "/dev/block/1:2", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilhoU4b0re0QhRsUgn0m0JAx2T3isUOXV7W", + "/dev/block/1:8", + "/dev/block/1:9", + "/dev/md/2_0", + "/dev/disk/by-id/dm-name-vg0-backup", + "/dev/ram2", + "/dev/ram8", + "/dev/ram9", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilhvNtxlo1SGLLRmW6RcjK2lvSsWWMj76sq", + "/dev/md/3_0", + "/dev/md/5_0", + "/dev/disk/by-id/md-uuid-dd2865af:1aa294d4:2bb44714:c9ba289e", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilh1bbUbKjKNYdbqmU0T0OKffh5EdNtK8fh", + "/dev/block/9:3", + "/dev/block/9:4", + "/dev/dm-0", + "/dev/disk/by-uuid/95d9c65b-c487-4045-bfb8-017cdeb21a0f", + "/dev/vg0/var", + "/dev/ram15", + "/dev/block/1:3", + "/dev/block/1:4", + "/dev/block/1:7", + "/dev/disk/by-uuid/093cbf96-5d04-479b-a77f-4abcb88ebe6c", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilhjQqaJPSu48lBZzoVduHNru6m3LzXLgiz", + "/dev/vg0/usr", + "/dev/disk/by-id/dm-uuid-LVM-UflbwMFGlwqFqq1b6TUw2GAAdYM94ilhnz4D5cTcAHO0iDRSs70CjgrDSA399f3S", + "/dev/disk/by-id/dm-name-vg0-opt", + "/dev/disk/by-uuid/e346fd9e-67df-446e-8295-631e2846089b", + "/dev/ram3", + "/dev/ram4", + "/dev/ram7" + ] +} diff --git a/lvm/lvm.conf b/lvm/lvm.conf new file mode 100644 index 0000000..567144b --- /dev/null +++ b/lvm/lvm.conf @@ -0,0 +1,525 @@ +# This is an example configuration file for the LVM2 system. +# It contains the default settings that would be used if there was no +# /etc/lvm/lvm.conf file. +# +# Refer to 'man lvm.conf' for further information including the file layout. +# +# To put this file in a different directory and override /etc/lvm set +# the environment variable LVM_SYSTEM_DIR before running the tools. + + +# This section allows you to configure which block devices should +# be used by the LVM system. +devices { + + # Where do you want your volume groups to appear ? + dir = "/dev" + + # An array of directories that contain the device nodes you wish + # to use with LVM2. + scan = [ "/dev" ] + + # If several entries in the scanned directories correspond to the + # same block device and the tools need to display a name for device, + # all the pathnames are matched against each item in the following + # list of regular expressions in turn and the first match is used. + preferred_names = [ ] + + # Try to avoid using undescriptive /dev/dm-N names, if present. + # preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] + + # A filter that tells LVM2 to only use a restricted set of devices. + # The filter consists of an array of regular expressions. These + # expressions can be delimited by a character of your choice, and + # prefixed with either an 'a' (for accept) or 'r' (for reject). + # The first expression found to match a device name determines if + # the device will be accepted or rejected (ignored). Devices that + # don't match any patterns are accepted. + + # Be careful if there there are symbolic links or multiple filesystem + # entries for the same device as each name is checked separately against + # the list of patterns. The effect is that if any name matches any 'a' + # pattern, the device is accepted; otherwise if any name matches any 'r' + # pattern it is rejected; otherwise it is accepted. + + # Don't have more than one filter line active at once: only one gets used. + + # Run vgscan after you change this parameter to ensure that + # the cache file gets regenerated (see below). + # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. + + + # By default we accept every block device: + # Gentoo: we exclude /dev/nbd by default, because it makes a lot of kernel + # noise when you probed while not available. + filter = [ "r|/dev/nbd.*|", "a/.*/" ] + + # Exclude the cdrom drive + # filter = [ "r|/dev/cdrom|" ] + + # When testing I like to work with just loopback devices: + # filter = [ "a/loop/", "r/.*/" ] + + # Or maybe all loops and ide drives except hdc: + # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] + + # Use anchors if you want to be really specific + # filter = [ "a|^/dev/hda8$|", "r/.*/" ] + + # The results of the filtering are cached on disk to avoid + # rescanning dud devices (which can take a very long time). + # By default this cache is stored in the /etc/lvm/cache directory + # in a file called '.cache'. + # It is safe to delete the contents: the tools regenerate it. + # (The old setting 'cache' is still respected if neither of + # these new ones is present.) + cache_dir = "/etc/lvm/cache" + cache_file_prefix = "" + + # You can turn off writing this cache file by setting this to 0. + write_cache_state = 1 + + # Advanced settings. + + # List of pairs of additional acceptable block device types found + # in /proc/devices with maximum (non-zero) number of partitions. + # types = [ "fd", 16 ] + + # If sysfs is mounted (2.6 kernels) restrict device scanning to + # the block devices it believes are valid. + # 1 enables; 0 disables. + sysfs_scan = 1 + + # By default, LVM2 will ignore devices used as components of + # software RAID (md) devices by looking for md superblocks. + # 1 enables; 0 disables. + md_component_detection = 1 + + # By default, if a PV is placed directly upon an md device, LVM2 + # will align its data blocks with the md device's stripe-width. + # 1 enables; 0 disables. + md_chunk_alignment = 1 + + # By default, the start of a PV's data area will be a multiple of + # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. + # - minimum_io_size - the smallest request the device can perform + # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) + # - optimal_io_size - the device's preferred unit of receiving I/O + # (e.g. MD's stripe width) + # minimum_io_size is used if optimal_io_size is undefined (0). + # If md_chunk_alignment is enabled, that detects the optimal_io_size. + # This setting takes precedence over md_chunk_alignment. + # 1 enables; 0 disables. + data_alignment_detection = 1 + + # Alignment (in KB) of start of data area when creating a new PV. + # If a PV is placed directly upon an md device and md_chunk_alignment or + # data_alignment_detection is enabled this parameter is ignored. + # Set to 0 for the default alignment of 1MB or page size, if larger. + data_alignment = 0 + + # By default, the start of the PV's aligned data area will be shifted by + # the 'alignment_offset' exposed in sysfs. This offset is often 0 but + # may be non-zero; e.g.: certain 4KB sector drives that compensate for + # windows partitioning will have an alignment_offset of 3584 bytes + # (sector 7 is the lowest aligned logical block, the 4KB sectors start + # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). + # 1 enables; 0 disables. + data_alignment_offset_detection = 1 + + # If, while scanning the system for PVs, LVM2 encounters a device-mapper + # device that has its I/O suspended, it waits for it to become accessible. + # Set this to 1 to skip such devices. This should only be needed + # in recovery situations. + ignore_suspended_devices = 0 + + # Allow use of pvcreate --uuid without requiring --restorefile. + require_restorefile_with_uuid = 1 +} + +# This section that allows you to configure the nature of the +# information that LVM2 reports. +log { + + # Controls the messages sent to stdout or stderr. + # There are three levels of verbosity, 3 being the most verbose. + verbose = 0 + + # Should we send log messages through syslog? + # 1 is yes; 0 is no. + syslog = 1 + + # Should we log error and debug messages to a file? + # By default there is no log file. + #file = "/var/log/lvm2.log" + + # Should we overwrite the log file each time the program is run? + # By default we append. + overwrite = 0 + + # What level of log messages should we send to the log file and/or syslog? + # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. + # 7 is the most verbose (LOG_DEBUG). + level = 0 + + # Format of output messages + # Whether or not (1 or 0) to indent messages according to their severity + indent = 1 + + # Whether or not (1 or 0) to display the command name on each line output + command_names = 0 + + # A prefix to use before the message text (but after the command name, + # if selected). Default is two spaces, so you can see/grep the severity + # of each message. + prefix = " " + + # To make the messages look similar to the original LVM tools use: + # indent = 0 + # command_names = 1 + # prefix = " -- " + + # Set this if you want log messages during activation. + # Don't use this in low memory situations (can deadlock). + # activation = 0 +} + +# Configuration of metadata backups and archiving. In LVM2 when we +# talk about a 'backup' we mean making a copy of the metadata for the +# *current* system. The 'archive' contains old metadata configurations. +# Backups are stored in a human readeable text format. +backup { + + # Should we maintain a backup of the current metadata configuration ? + # Use 1 for Yes; 0 for No. + # Think very hard before turning this off! + backup = 1 + + # Where shall we keep it ? + # Remember to back up this directory regularly! + backup_dir = "/etc/lvm/backup" + + # Should we maintain an archive of old metadata configurations. + # Use 1 for Yes; 0 for No. + # On by default. Think very hard before turning this off. + archive = 1 + + # Where should archived files go ? + # Remember to back up this directory regularly! + archive_dir = "/etc/lvm/archive" + + # What is the minimum number of archive files you wish to keep ? + retain_min = 10 + + # What is the minimum time you wish to keep an archive file for ? + retain_days = 30 +} + +# Settings for the running LVM2 in shell (readline) mode. +shell { + + # Number of lines of history to store in ~/.lvm_history + history_size = 100 +} + + +# Miscellaneous global LVM2 settings +global { + + # The file creation mask for any files and directories created. + # Interpreted as octal if the first digit is zero. + umask = 077 + + # Allow other users to read the files + #umask = 022 + + # Enabling test mode means that no changes to the on disk metadata + # will be made. Equivalent to having the -t option on every + # command. Defaults to off. + test = 0 + + # Default value for --units argument + units = "h" + + # Since version 2.02.54, the tools distinguish between powers of + # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. + # KB, MB, GB). + # If you have scripts that depend on the old behaviour, set this to 0 + # temporarily until you update them. + si_unit_consistency = 1 + + # Whether or not to communicate with the kernel device-mapper. + # Set to 0 if you want to use the tools to manipulate LVM metadata + # without activating any logical volumes. + # If the device-mapper kernel driver is not present in your kernel + # setting this to 0 should suppress the error messages. + activation = 1 + + # If we can't communicate with device-mapper, should we try running + # the LVM1 tools? + # This option only applies to 2.4 kernels and is provided to help you + # switch between device-mapper kernels and LVM1 kernels. + # The LVM1 tools need to be installed with .lvm1 suffices + # e.g. vgscan.lvm1 and they will stop working after you start using + # the new lvm2 on-disk metadata format. + # The default value is set when the tools are built. + # fallback_to_lvm1 = 0 + # Gentoo: the LVM tools are a seperate package. + fallback_to_lvm1 = 0 + + # The default metadata format that commands should use - "lvm1" or "lvm2". + # The command line override is -M1 or -M2. + # Defaults to "lvm2". + # format = "lvm2" + + # Location of proc filesystem + proc = "/proc" + + # Type of locking to use. Defaults to local file-based locking (1). + # Turn locking off by setting to 0 (dangerous: risks metadata corruption + # if LVM2 commands get run concurrently). + # Type 2 uses the external shared library locking_library. + # Type 3 uses built-in clustered locking. + # Type 4 uses read-only locking which forbids any operations that might + # change metadata. + locking_type = 1 + + # Set to 0 to fail when a lock request cannot be satisfied immediately. + wait_for_locks = 1 + + # If using external locking (type 2) and initialisation fails, + # with this set to 1 an attempt will be made to use the built-in + # clustered locking. + # If you are using a customised locking_library you should set this to 0. + fallback_to_clustered_locking = 1 + + # If an attempt to initialise type 2 or type 3 locking failed, perhaps + # because cluster components such as clvmd are not running, with this set + # to 1 an attempt will be made to use local file-based locking (type 1). + # If this succeeds, only commands against local volume groups will proceed. + # Volume Groups marked as clustered will be ignored. + fallback_to_local_locking = 1 + + # Local non-LV directory that holds file-based locks while commands are + # in progress. A directory like /tmp that may get wiped on reboot is OK. + locking_dir = "/var/lock/lvm" + + # Whenever there are competing read-only and read-write access requests for + # a volume group's metadata, instead of always granting the read-only + # requests immediately, delay them to allow the read-write requests to be + # serviced. Without this setting, write access may be stalled by a high + # volume of read-only requests. + # NB. This option only affects locking_type = 1 viz. local file-based + # locking. + prioritise_write_locks = 1 + + # Other entries can go here to allow you to load shared libraries + # e.g. if support for LVM1 metadata was compiled as a shared library use + # format_libraries = "liblvm2format1.so" + # Full pathnames can be given. + + # Search this directory first for shared libraries. + # library_dir = "/lib" + + # The external locking library to load if locking_type is set to 2. + # locking_library = "liblvm2clusterlock.so" + + # Treat any internal errors as fatal errors, aborting the process that + # encountered the internal error. Please only enable for debugging. + abort_on_internal_errors = 0 +} + +activation { + # Set to 0 to disable udev synchronisation (if compiled into the binaries). + # Processes will not wait for notification from udev. + # They will continue irrespective of any possible udev processing + # in the background. You should only use this if udev is not running + # or has rules that ignore the devices LVM2 creates. + # The command line argument --nodevsync takes precedence over this setting. + # If set to 1 when udev is not running, and there are LVM2 processes + # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. + udev_sync = 1 + + # Set to 0 to disable the udev rules installed by LVM2 (if built with + # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks + # for active logical volumes directly itself. + # N.B. Manual intervention may be required if this setting is changed + # while any logical volumes are active. + udev_rules = 1 + + # How to fill in missing stripes if activating an incomplete volume. + # Using "error" will make inaccessible parts of the device return + # I/O errors on access. You can instead use a device path, in which + # case, that device will be used to in place of missing stripes. + # But note that using anything other than "error" with mirrored + # or snapshotted volumes is likely to result in data corruption. + missing_stripe_filler = "error" + + # How much stack (in KB) to reserve for use while devices suspended + reserved_stack = 256 + + # How much memory (in KB) to reserve for use while devices suspended + reserved_memory = 8192 + + # Nice value used while devices suspended + process_priority = -18 + + # If volume_list is defined, each LV is only activated if there is a + # match against the list. + # "vgname" and "vgname/lvname" are matched exactly. + # "@tag" matches any tag set in the LV or VG. + # "@*" matches if any tag defined on the host is also set in the LV or VG + # + # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] + + # Size (in KB) of each copy operation when mirroring + mirror_region_size = 512 + + # Setting to use when there is no readahead value stored in the metadata. + # + # "none" - Disable readahead. + # "auto" - Use default value chosen by kernel. + readahead = "auto" + + # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define + # how a device failure affecting a mirror is handled. + # A mirror is composed of mirror images (copies) and a log. + # A disk log ensures that a mirror does not need to be re-synced + # (all copies made the same) every time a machine reboots or crashes. + # + # In the event of a failure, the specified policy will be used to determine + # what happens. This applies to automatic repairs (when the mirror is being + # monitored by dmeventd) and to manual lvconvert --repair when + # --use-policies is given. + # + # "remove" - Simply remove the faulty device and run without it. If + # the log device fails, the mirror would convert to using + # an in-memory log. This means the mirror will not + # remember its sync status across crashes/reboots and + # the entire mirror will be re-synced. If a + # mirror image fails, the mirror will convert to a + # non-mirrored device if there is only one remaining good + # copy. + # + # "allocate" - Remove the faulty device and try to allocate space on + # a new device to be a replacement for the failed device. + # Using this policy for the log is fast and maintains the + # ability to remember sync state through crashes/reboots. + # Using this policy for a mirror device is slow, as it + # requires the mirror to resynchronize the devices, but it + # will preserve the mirror characteristic of the device. + # This policy acts like "remove" if no suitable device and + # space can be allocated for the replacement. + # + # "allocate_anywhere" - Not yet implemented. Useful to place the log device + # temporarily on same physical volume as one of the mirror + # images. This policy is not recommended for mirror devices + # since it would break the redundant nature of the mirror. This + # policy acts like "remove" if no suitable device and space can + # be allocated for the replacement. + + mirror_log_fault_policy = "allocate" + mirror_image_fault_policy = "remove" + + # While activating devices, I/O to devices being (re)configured is + # suspended, and as a precaution against deadlocks, LVM2 needs to pin + # any memory it is using so it is not paged out. Groups of pages that + # are known not to be accessed during activation need not be pinned + # into memory. Each string listed in this setting is compared against + # each line in /proc/self/maps, and the pages corresponding to any + # lines that match are not pinned. On some systems locale-archive was + # found to make up over 80% of the memory used by the process. + # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] + + # Set to 1 to revert to the default behaviour prior to version 2.02.62 + # which used mlockall() to pin the whole process's memory while activating + # devices. + use_mlockall = 0 + + # Monitoring is enabled by default when activating logical volumes. + # Set to 0 to disable monitoring or use the --ignoremonitoring option. + monitoring = 1 + + # When pvmove or lvconvert must wait for the kernel to finish + # synchronising or merging data, they check and report progress + # at intervals of this number of seconds. The default is 15 seconds. + # If this is set to 0 and there is only one thing to wait for, there + # are no progress reports, but the process is awoken immediately the + # operation is complete. + polling_interval = 15 +} + + +#################### +# Advanced section # +#################### + +# Metadata settings +# +metadata { + # Default number of copies of metadata to hold on each PV. 0, 1 or 2. + # You might want to override it from the command line with 0 + # when running pvcreate on new PVs which are to be added to large VGs. + # Gentoo: enable for data safety, but PV resize is then disabled. + #pvmetadatacopies = 2 + + # Default number of copies of metadata to maintain for each VG. + # If set to a non-zero value, LVM automatically chooses which of + # the available metadata areas to use to achieve the requested + # number of copies of the VG metadata. If you set a value larger + # than the the total number of metadata areas available then + # metadata is stored in them all. + # The default value of 0 ("unmanaged") disables this automatic + # management and allows you to control which metadata areas + # are used at the individual PV level using 'pvchange + # --metadataignore y/n'. + + # vgmetadatacopies = 0 + + # Approximate default size of on-disk metadata areas in sectors. + # You should increase this if you have large volume groups or + # you want to retain a large on-disk history of your metadata changes. + + # pvmetadatasize = 255 + + # List of directories holding live copies of text format metadata. + # These directories must not be on logical volumes! + # It's possible to use LVM2 with a couple of directories here, + # preferably on different (non-LV) filesystems, and with no other + # on-disk metadata (pvmetadatacopies = 0). Or this can be in + # addition to on-disk metadata areas. + # The feature was originally added to simplify testing and is not + # supported under low memory situations - the machine could lock up. + # + # Never edit any files in these directories by hand unless you + # you are absolutely sure you know what you are doing! Use + # the supplied toolset to make changes (e.g. vgcfgrestore). + + # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] +} + +# Event daemon +# +dmeventd { + # mirror_library is the library used when monitoring a mirror device. + # + # "libdevmapper-event-lvm2mirror.so" attempts to recover from + # failures. It removes failed devices from a volume group and + # reconfigures a mirror as necessary. If no mirror library is + # provided, mirrors are not monitored through dmeventd. + + mirror_library = "libdevmapper-event-lvm2mirror.so" + + # snapshot_library is the library used when monitoring a snapshot device. + # + # "libdevmapper-event-lvm2snapshot.so" monitors the filling of + # snapshots and emits a warning through syslog when the use of + # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and + # 95% of the snapshot is filled. + + snapshot_library = "libdevmapper-event-lvm2snapshot.so" + + # Full path of the dmeventd binary. + # + # executable = "/sbin/dmeventd" +} diff --git a/mail/aliases b/mail/aliases new file mode 120000 index 0000000..9e0f571 --- /dev/null +++ b/mail/aliases @@ -0,0 +1 @@ +../postfix/maps/aliases \ No newline at end of file diff --git a/mail/aliases.dont_use b/mail/aliases.dont_use new file mode 100644 index 0000000..ea83505 --- /dev/null +++ b/mail/aliases.dont_use @@ -0,0 +1,33 @@ +# Basic system aliases -- these MUST be present. +MAILER-DAEMON: postmaster +postmaster: root + +# General redirections for pseudo accounts. +adm: root +bin: root +daemon: root +exim: root +lp: root +mail: root +named: root +nobody: root +postfix: root + +# Well-known aliases -- these should be filled in! +# root: +# operator: + +# Standard RFC2142 aliases +abuse: postmaster +ftp: root +hostmaster: root +news: usenet +noc: root +security: root +usenet: root +uucp: root +webmaster: root +www: webmaster + +# trap decode to catch security attacks +# decode: /dev/null diff --git a/mail/spamassassin/init.pre b/mail/spamassassin/init.pre new file mode 100644 index 0000000..15ce8cc --- /dev/null +++ b/mail/spamassassin/init.pre @@ -0,0 +1,36 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file contains plugin activation commands for plugins included +# in SpamAssassin 3.0.x releases. It will not be installed if you +# already have a file in place called "init.pre". +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. +########################################################################### + +# RelayCountry - add metadata for Bayes learning, marking the countries +# a message was relayed through +# +# Note: This requires the IP::Country::Fast Perl module +# +# loadplugin Mail::SpamAssassin::Plugin::RelayCountry + +# URIDNSBL - look up URLs found in the message against several DNS +# blocklists. +# +#loadplugin Mail::SpamAssassin::Plugin::URIDNSBL + +# Hashcash - perform hashcash verification. +# +#loadplugin Mail::SpamAssassin::Plugin::Hashcash + +# SPF - perform SPF verification. +# +#loadplugin Mail::SpamAssassin::Plugin::SPF + diff --git a/mail/spamassassin/local.cf b/mail/spamassassin/local.cf new file mode 100644 index 0000000..a4c26ac --- /dev/null +++ b/mail/spamassassin/local.cf @@ -0,0 +1,85 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# Only a small subset of options are listed below +# +########################################################################### + +# Add *****SPAM***** to the Subject header of spam e-mails +# +# rewrite_header Subject *****SPAM***** + + +# Save spam messages as a message/rfc822 MIME attachment instead of +# modifying the original message (0: off, 2: use text/plain instead) +# +# report_safe 1 + + +# Set which networks or hosts are considered 'trusted' by your mail +# server (i.e. not spammers) +# +# trusted_networks 212.17.35. + + +# Set file-locking method (flock is not safe over NFS, but is faster) +# +# lock_method flock + + +# Set the threshold at which a message is considered spam (default: 5.0) +# +# required_score 5.0 + + +# Use Bayesian classifier (default: 1) +# +# use_bayes 1 + + +# Bayesian classifier auto-learning (default: 1) +# +# bayes_auto_learn 1 + + +# Set headers which may provide inappropriate cues to the Bayesian +# classifier +# +# bayes_ignore_header X-Bogosity +# bayes_ignore_header X-Spam-Flag +# bayes_ignore_header X-Spam-Status + + +# Some shortcircuiting, if the plugin is enabled +# +ifplugin Mail::SpamAssassin::Plugin::Shortcircuit +# +# default: strongly-whitelisted mails are *really* whitelisted now, if the +# shortcircuiting plugin is active, causing early exit to save CPU load. +# Uncomment to turn this on +# +# shortcircuit USER_IN_WHITELIST on +# shortcircuit USER_IN_DEF_WHITELIST on +# shortcircuit USER_IN_ALL_SPAM_TO on +# shortcircuit SUBJECT_IN_WHITELIST on + +# the opposite; blacklisted mails can also save CPU +# +# shortcircuit USER_IN_BLACKLIST on +# shortcircuit USER_IN_BLACKLIST_TO on +# shortcircuit SUBJECT_IN_BLACKLIST on + +# if you have taken the time to correctly specify your "trusted_networks", +# this is another good way to save CPU +# +# shortcircuit ALL_TRUSTED on + +# and a well-trained bayes DB can save running rules, too +# +# shortcircuit BAYES_99 spam +# shortcircuit BAYES_00 ham + +endif # Mail::SpamAssassin::Plugin::Shortcircuit + diff --git a/mail/spamassassin/local.cf.example b/mail/spamassassin/local.cf.example new file mode 100644 index 0000000..1bc6137 --- /dev/null +++ b/mail/spamassassin/local.cf.example @@ -0,0 +1,2 @@ +# Sensitive data, such as database connection info, should be stored in +# /etc/mail/spamassassin/secrets.cf with appropriate permissions diff --git a/mail/spamassassin/sa-update-keys/pubring.gpg b/mail/spamassassin/sa-update-keys/pubring.gpg new file mode 100644 index 0000000000000000000000000000000000000000..097cb0ef04392e80abc5ecea1883f5a8082d3be6 GIT binary patch literal 2783 zcmV<53Ly2F0t*B~r))F<5CFk_*1m;L92s!`*=8#sdl}>@uM1~_V5kuDwY$@+bHZ$B zWn>a1`O&6EX9lFXSU6XN&`yR=LV#X>d)$YdGy=NASbZBUDc`Npbj7}{^#0bItdm~r zyx^S1_tHjG`G7T39LKP?wYC!($XeByh`-j&~=K}%r| z^Z`YE5E^Lr=(Y|+6nDpYw?4q=?q8rC;*EpzA;oP}onFW&I)Lp+;lco6vKa_{79m`D zF$nT?^0EmY1MN{yrI;{roll!4QnM}Pt|$gp_5`6swtZyn+BFWO9q@yiV9x8kgx*4= zC|Mf%y5`;w8qgj}8Nrd)NFRxQh%maa2Rd6$iiy;kP$jhltIaX3{g)vmJBHsaxmiX! z8E!t)j;-)PU(YU+@+daEWuH75^_qDQ)HN6x8>A|Gr3#c$pRWy(T;e8DH@iwazj$sG zckoVlX%+Wf@>m(Y2zw7U)|CveqCk$XkOh+62_il)WL#v~6nhlM-{Rg*NP(`M;A*yT z5)}sO_pm%;D(jMKGVlY_fXTXZLG7$Q^z&?IKYvsErd0m;a7C06@D|yBzpoJTnHw=_ zM01lpoq~GFallM=a~1UA#2hU-hsE2K#%ak^GDD1C?~#caCXJyQPqm@HmXB@b_xOG9 z=;@=rcbkFjxRn3~DYQRzaAaY0WpgfbaA9p>b8}&Hb7^iaZ*pfKQ)y>zX>MmAOJ#W= zJaT1hWnpt=Kyz?mZDDhBVRLh7ZZ24Gy)p~1`7!Y2Ll2G z6#@tY1Qr4V0RkQY0vCV)3JDNER;C(KMC?Umeh>d_USnPX@Ef#cn6ud!>yFsK-`sld&G=9&u}zj zl#)KZoHbBOmmAgMNvW9W<` zpo$260`+AuNYtIO4~qNTXlCo>X?8Rv<<>R8-K*&(aMA)}7 z+6yP*KH+Msw;@nl$w23jYpxFAElKJTj3!qRzC&oJn<9}i=KSwOYr+&+D+bOAUQh07 zX&?%br$Lctqd(HD)_haHp4OL~5##A1NKnbA)GCa9`kpsYS}Ng8n{@O;yiZb@4QgoB zA;|_d6#r6LJzDE~xfl-jXnrZUW3&e5eMfT*Xf_#p^A431W13JbZH_3ZW3F~nRcW5} z5nav{S&koyXQvlV(S0TA!FrzhuREXMb)DTKn5wLp)ScyEROyeA5i0J~IjD5M+L`jK zI>+$VLJZXTO?M&(5No%c+s6|BSMkCW>@}w=wcWGEz^I=U3NxJkt!}VX$AD=Vq08;R zNG5VN?(vMN&f&Zt6QK2pJ*g7Vf(>6b9M=PZx;E-9^#vY0C zw0fie5-fj?P1uqKE)_JCT{wk@#G{&ev=N~KN9<^ z--8pNhIKx8$!byMF8!$LolwlqfCxl9JwgN=^_FOoQ<5bN4!T+ZZQ4uWJP_G;$uPA# z(3u%paSmLZ0+qcg8&RsYz)x(!6g~D_LHc2J68DaknU$xp79vqdKY-G>uV5%4l>tJm!Z2z2Tj%)ryS^ zP>S2X;d~ybkq^^y-v1&_wR9NmiHB4R+fxIUUR%ZaqU5Hw)U`lZvB&0kh9%YQ2=&@n z6)NIrhC0=<7u;=J(;isk0*%;^=13fh03ejqF%xr4jD3@cYdu!+ZB!vDGLyhlZ3gUb znwv&V!o(u~Qy!Y7tH|VWD@oa!-G&+;JSCA&^0TAmg!rf)e*ZjAlH%;Ewb@V9rXsxO z?x#k|SC4w_w8-5CFB1zu$UnTD6E*2DuFg zPZL9w<$|)utZo4e=QMTDG5+e!n_NS@#~{Z*n`^z$k9yQYqRH+#Isr0qj9oSr%GuV> z3;@pxwP4Si7zdLbq8IyRCdUDCUxAD{+N?Amu??RonG&OFVp4%bE$QuiVwPotRyaaT zQdXO4?B+p^BAzWsON3&28E6C{=Sy;ctrs$ae?9ZUeGbN7wGwr1^D2${tCmgw59~%~ z`%LYrmNe(kYjCZjnCzFn)0qXp2V5m2o*(W!d;ld~mK9`;iQS|&BF?Q}iQVGUvzrC? z17XEvVVAG<(aaOhJhVD{`EZzawl{E+$e=M3FwciP-`v+Z8RGug*!YGv+Cx(+?>K-T zD+cP6tHTgn*HYcK(K`$cQ#wM>Jwn$#Uk3b_4826amviq$oZ4^F!>dS%-eC97moaaM zZr(R0O_yx0^(44kRkx392M1Ok)Lctvjuc;Cx-wc^5^L#XD9DL-{(?iM?_$U#luqsw zH0egkDUw5+3QbP?$lsUX><EC_tgna2X93Pza2s1Ip3?04r<+ A<^TWy literal 0 HcmV?d00001 diff --git a/mail/spamassassin/secrets.cf.example b/mail/spamassassin/secrets.cf.example new file mode 100644 index 0000000..efa31a6 --- /dev/null +++ b/mail/spamassassin/secrets.cf.example @@ -0,0 +1,14 @@ +# The below sample from bug 91430 is an example of using mysql +# for spam filter storage + +#(Tell Spamassissin to use MySQL for bayes data +#bayes_store_module Mail::SpamAssassin::BayesStore::SQL +#bayes_sql_dsn DBI:mysql:sa_bayes:localhost:3306 +#bayes_sql_username db_name +#bayes_sql_password another_very_secret_password + +#(Tell Spamassissin to use MySQL for AWL data +#auto_whitelist_factory Mail::SpamAssassin::SQLBasedAddrList +#user_awl_dsn DBI:mysql:sa_bayes:localhost:3306 +#user_awl_sql_username db_name +#user_awl_sql_password another_very_secret_password diff --git a/mail/spamassassin/v310.pre b/mail/spamassassin/v310.pre new file mode 100644 index 0000000..56e5b2f --- /dev/null +++ b/mail/spamassassin/v310.pre @@ -0,0 +1,78 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.1.0, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. +########################################################################### + +# DCC - perform DCC message checks. +# +# DCC is disabled here because it is not open source. See the DCC +# license for more details. +# +#loadplugin Mail::SpamAssassin::Plugin::DCC + +# Pyzor - perform Pyzor message checks. +# +loadplugin Mail::SpamAssassin::Plugin::Pyzor + +# Razor2 - perform Razor2 message checks. +# +loadplugin Mail::SpamAssassin::Plugin::Razor2 + +# SpamCop - perform SpamCop message reporting +# +loadplugin Mail::SpamAssassin::Plugin::SpamCop + +# AntiVirus - some simple anti-virus checks, this is not a replacement +# for an anti-virus filter like Clam AntiVirus +# +#loadplugin Mail::SpamAssassin::Plugin::AntiVirus + +# AWL - do auto-whitelist checks +# +#loadplugin Mail::SpamAssassin::Plugin::AWL + +# AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning +# +loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold + +# TextCat - language guesser +# +#loadplugin Mail::SpamAssassin::Plugin::TextCat + +# AccessDB - lookup from-addresses in access database +# +#loadplugin Mail::SpamAssassin::Plugin::AccessDB + +# WhitelistSubject - Whitelist/Blacklist certain subject regular expressions +# +loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject + +########################################################################### +# experimental plugins + +# DomainKeys - perform DomainKeys verification +# +# This plugin has been removed as of v3.3.0. Use the DKIM plugin instead, +# which supports both Domain Keys and DKIM. + +# MIMEHeader - apply regexp rules against MIME headers in the message +# +loadplugin Mail::SpamAssassin::Plugin::MIMEHeader + +# ReplaceTags +# +loadplugin Mail::SpamAssassin::Plugin::ReplaceTags + diff --git a/mail/spamassassin/v312.pre b/mail/spamassassin/v312.pre new file mode 100644 index 0000000..cba5d7d --- /dev/null +++ b/mail/spamassassin/v312.pre @@ -0,0 +1,29 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.1.2, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. + +########################################################################### +# experimental plugins + +# DKIM - perform DKIM verification +# +# Mail::DKIM module required for use, see INSTALL for more information. +# +# Note that if C version 0.20 or later is installed, this +# renders the DomainKeys plugin redundant. +# +loadplugin Mail::SpamAssassin::Plugin::DKIM + diff --git a/mail/spamassassin/v320.pre b/mail/spamassassin/v320.pre new file mode 100644 index 0000000..846c73a --- /dev/null +++ b/mail/spamassassin/v320.pre @@ -0,0 +1,64 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.2.0, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. +########################################################################### + +# Check - Provides main check functionality +# +loadplugin Mail::SpamAssassin::Plugin::Check + +# HTTPSMismatch - find URI mismatches between href and anchor text +# +loadplugin Mail::SpamAssassin::Plugin::HTTPSMismatch + +# URIDetail - test URIs using detailed URI information +# +loadplugin Mail::SpamAssassin::Plugin::URIDetail + +# Shortcircuit - stop evaluation early if high-accuracy rules fire +# +# loadplugin Mail::SpamAssassin::Plugin::Shortcircuit + +# Plugins which used to be EvalTests.pm +# broken out into separate plugins +loadplugin Mail::SpamAssassin::Plugin::Bayes +loadplugin Mail::SpamAssassin::Plugin::BodyEval +loadplugin Mail::SpamAssassin::Plugin::DNSEval +loadplugin Mail::SpamAssassin::Plugin::HTMLEval +loadplugin Mail::SpamAssassin::Plugin::HeaderEval +loadplugin Mail::SpamAssassin::Plugin::MIMEEval +loadplugin Mail::SpamAssassin::Plugin::RelayEval +loadplugin Mail::SpamAssassin::Plugin::URIEval +loadplugin Mail::SpamAssassin::Plugin::WLBLEval + +# VBounce - anti-bounce-message rules, see rules/20_vbounce.cf +# +loadplugin Mail::SpamAssassin::Plugin::VBounce + +# Rule2XSBody - speedup by compilation of ruleset to native code +# +# loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody + +# ASN - Look up the Autonomous System Number of the connecting IP +# and create a header containing ASN data for bayes tokenization. +# See plugin's POD docs for usage info. +# +# loadplugin Mail::SpamAssassin::Plugin::ASN + +# ImageInfo - rules to match metadata of image attachments +# +loadplugin Mail::SpamAssassin::Plugin::ImageInfo + diff --git a/mail/spamassassin/v330.pre b/mail/spamassassin/v330.pre new file mode 100644 index 0000000..1e2335a --- /dev/null +++ b/mail/spamassassin/v330.pre @@ -0,0 +1,28 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.3.0, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. +########################################################################### + +# PhishTag - allows sites to rewrite suspect phish-mail URLs +# (Note: this requires configuration, see http://umut.topkara.org/PhishTag) +# +#loadplugin Mail::SpamAssassin::Plugin::PhishTag + +# FreeMail - detect email addresses using free webmail services, +# usable as input for other rules +# +loadplugin Mail::SpamAssassin::Plugin::FreeMail + diff --git a/mc/cedit.menu b/mc/cedit.menu new file mode 100644 index 0000000..c2dfe29 --- /dev/null +++ b/mc/cedit.menu @@ -0,0 +1,468 @@ +shell_patterns=0 # expression type + +# The macros are: +# +# %c The cursor column position number. For edit menu only. +# %i The indent of blank space, equal the cursor column +# position. For edit menu only. +# %y The syntax type of current file. For edit menu only. +# %b The block file name. +# %f The current file name. +# %n Only the current file name without extension. +# %x The extension of current file name. +# %d The current directory name. +# %F The current file in the unselected panel. +# %D The directory name of the unselected panel. +# %t The currently tagged files. +# %T The tagged files in the unselected panel. +# %u and %U Similar to the %t and %T macros, but in +# addition the files are untagged. You can use this macro +# only once per menu file entry or extension file entry, +# because next time there will be no tagged files. +# %s and %S The selected files: The tagged files if +# there are any. Otherwise the current file. +# +# %% The % character +# +# %{some text} Prompt for the substitution. An input box +# is shown and the text inside the braces is used as a +# prompt. The macro is substituted by the text typed by the +# user. The user can press ESC or F10 to cancel. This macro +# doesn't work on the command line yet. + +#----------------------- Begin [perl] language template ----------------------- ++ y Perl\ Program | f \.pl$ +1 Author description header + unset LANG + unset LANGUAGE + LC_ALL= + MY_UID="`id | sed 's/^.*uid=\([^(]*\).*$/\1/'`" + AUTHOR="`awk -F: '$3 == '$MY_UID' {print $5}' /etc/passwd`" + cat >>%b < + # Created at: `date` + # Computer: `uname -n` + # System: `uname -sr` on `uname -m` + # + # Copyright (c) `date +%%Y` $AUTHOR All rights reserved. + # + #---------------------------------------------------------------------- + # Configure section: + + #---------------------------------------------------------------------- + # + # main() + + EOF + ++ y Perl\ Program | f \.pl$ +2 while () + cat < %b + %iwhile() { + %i} + EOF + ++ y Perl\ Program | f \.pl$ +3 for () + cat < %b + %ifor ($i = ; $i < ; $i++) { + %i} + EOF + ++ y Perl\ Program | f \.pl$ +4 foreach () + cat < %b + %iforeach ($ ) { + %i} + EOF + ++ y Perl\ Program | f \.pl$ +5 if () + cat < %b + %iif () { + %i} + EOF + ++ y Perl\ Program | f \.pl$ +6 if () else + cat < %b + %iif () { + %i} else { + %i} + EOF + ++ y Perl\ Program | f \.pl$ +7 if () elsif () + cat < %b + %iif () { + %i} elsif () { + %i} + EOF + ++ y Perl\ Program | f \.pl$ +8 substr () + echo "%i$ = substr(\$str, \$off, \$cnt);" >%b + ++ y Perl\ Program | f \.pl$ +9 opendir () + cat < %b + %iopendir(DIR, \$dir) || die("\$0: can't open \$dir\n"); + EOF + ++ y Perl\ Program | f \.pl$ +a sub () + NAME=%{ Enter name of subroutine: } + cat < %b + sub + $NAME () + { + } # end of $NAME() + EOF +#----------------------- End [perl] language template ------------------------- + +#---------------------- Begin [shell] language template ----------------------- ++ y Shell\ Script | f \.sh$ +1 Author description header + unset LANG + unset LANGUAGE + LC_ALL= + MY_UID="`id | sed 's/^.*uid=\([^(]*\).*$/\1/'`" + AUTHOR="`awk -F: '$3 == '$MY_UID' {print $5}' /etc/passwd`" + cat >>%b < + # Created at: `date` + # Computer: `uname -n` + # System: `uname -sr` on `uname -m` + # + # Copyright (c) `date +%%Y` $AUTHOR All rights reserved. + # + #---------------------------------------------------------------------- + # Configure section: + + #---------------------------------------------------------------------- + # + # main() + + EOF + ++ y Shell\ Script | f \.sh$ +3 for + cat < %b + %ifor i in \$ + %ido + %idone + EOF + ++ y Shell\ Script | f \.sh$ +4 while + cat < %b + %iwhile + %ido + %idone + EOF + ++ y Shell\ Script | f \.sh$ +5 if [] then else + cat <> %b + %iif [ ];then + %ielse + %ifi + EOF + ++ y Shell\ Script | f \.sh$ +6 case + NUMBER=%{ Enter number elements of case:} + cat < %b + %icase "\$" in + EOF + while [ "$NUMBER" -gt 0 ] + do + cat <> %b + %i) + %i ;; + EOF + let NUMBER=$NUMBER-1 + done + cat <> %b + %i*) + %iesac + EOF + ++ y Shell\ Script | f \.sh$ +7 function + NAME=%{ Enter name of function:} + cat <> %b + $NAME() { + } # end of $NAME() + EOF + ++ y Shell\ Script | f \.sh$ +8 select of bash + cat <> %b + %iselect i in \$l + %ido + %i if [ -n "\$i" ];then + %i break + %i else + %i continue + %i fi + %idone + EOF + +#----------------------- End [shell] language template ------------------------ + +#------------------------- Begin [c] language template ------------------------ ++ f \.h$ | f \.c$ | f \.cc$ +1 Author description header + unset LANG + unset LANGUAGE + LC_ALL= + MY_UID="`id | sed 's/^.*uid=\([^(]*\).*$/\1/'`" + AUTHOR="`awk -F: '$3 == '$MY_UID' {print $5}' /etc/passwd`" + cat >> %b < + * Created at: `date` + * Computer: `uname -n` + * System: `uname -sr` on `uname -m` + * + * Copyright (c) `date +%%Y` $AUTHOR All rights reserved. + * + ********************************************************************/ + EOF + ++ f \.h$ | f \.c$ | f \.cc$ +2 GPL description header + cat >>%b < %b + %iif () { + %i} + EOF + ++ f \.c$ | f \.cc$ +4 if () else + cat < %b + %iif () { + %i} else { + %i} + EOF + ++ f \.c$ | f \.cc$ +5 if () else if () + cat < %b + %iif ( ) { + %i} else if ( ) { + %i} + EOF + ++ f \.c$ | f \.cc$ +6 switch () + NUMBER=%{ Enter number elements of switch:} + echo "%iswitch () {" >%b + while [ "$NUMBER" -gt 0 ] + do + echo "%icase '':" >>%b + echo "%i break;" >>%b + let NUMBER=$NUMBER-1 + done + echo "%i default:" >>%b + echo "%i}" >>%b + ++ f \.c$ | f \.cc$ +7 for () + cat < %b + %ifor (i = ; i < ; i++) { + %i} + EOF + ++ f \.c$ | f \.cc$ +8 while () + cat < %b + %iwhile () { + %i} + EOF + ++ f \.c$ | f \.cc$ +9 do {} while () + cat < %b + %ido { + %i} while () + EOF + ++ f \.c$ | f \.cc$ +a array + cat < %b + %ichar const x[] = { + %i, , + %i}; + EOF + ++ f \.c$ | f \.cc$ +b enum + cat < %b + %ienum x { + %i, , + %i}; + EOF + ++ f \.c$ | f \.cc$ +c struct + cat < %b + %istruct ? { + %i; + %i}; + EOF + ++ f \.c$ | f \.cc$ +d union + cat < %b + %iunion ? { + %i; + %i}; + EOF + ++ f \.c$ | f \.cc$ +e typedef struct + cat < %b + %itypedef struct { + %i; + %i} ?; + EOF + ++ f \.c$ | f \.cc$ +f function + NAME=%{ Enter name of function:} + cat <> %b + $NAME() + { + } /* end of $NAME() */ + EOF + ++ f \.c$ | f \.h$ | f \.cc$ +g #include + INC=%{ Enter include name: } + if [ -r "$INC" ];then + echo \#include \"$INC\" >%b + else + echo \#include \<$INC\> >%b + fi + ++ f \.c$ | f \.h$ | f \.cc$ +d #define + echo "#define " >%b + ++ f \.c$ | f \.h$ | f \.cc$ +d #ifdef + cat < %b + #ifdef + #else + #endif + EOF + ++ f \.c$ | f \.h$ | f \.cc$ +............................................................................... + ++ f \.c$ | f \.h$ | f \.cc$ +h View all *.h into current directory + cat *.h |less + ++ f \.c$ | f \.cc$ +d Run gdb for current file + [ -x "./%n" ] && gdb ./%n + += f \.c$ | f \.cc$ ++ f \.c$ | f \.cc$ +c Compile, link and run the current .c file + export CFLAGS="-g -Wall -O2" + make || make %n || cc $CFLAGS -o %n %f + [ -r "%n" ] && (echo "*** press any key for run... ***"; read) + [ -x "%n" ] && ./%n + (echo -ne "\n--- Press any key for return to edit. ---"; read) + ++ f \.c$ | f \.h$ +t Indent `C' formatter + indent -kr -pcs %b 1>/dev/null 2> %e + +#--------------------- End [c/c++] language template -------------------------- + +#------------------------- Begin unknown template ----------------------------- ++ y unknown & t r +s #! /bin/sh + echo "#! /bin/sh" >%b + ++ y unknown & t r +p #! /usr/bin/perl + echo "#! /usr/bin/perl" >%b + ++ y unknown & t r +a Author description header + unset LANG + unset LANGUAGE + LC_ALL= + MY_UID="`id | sed 's/^.*uid=\([^(]*\).*$/\1/'`" + AUTHOR="`awk -F: '$3 == '$MY_UID' {print $5}' /etc/passwd`" + cat >>%b < + Created at: `date` + Computer: `uname -n` + System: `uname -sr` on `uname -m` + + Copyright (c) `date +%%Y` $AUTHOR All rights reserved. + ---------------------------------------------------------------------- + + EOF +#--------------------------- End unknown template ----------------------------- + +------------------------------------------------------------------------------- + +#----------------------- Begin common section --------------------------------- +I Insert `Changelog' string + DATE="`date +%%Y-%%m-%%d`" + MY_UID="`id | sed 's/^.*uid=\([^(]*\).*$/\1/'`" + AUTHOR="`awk -F: '$3 == '$MY_UID' {print $5}' /etc/passwd`" + EMAIL="<$REPLYTO>" + echo "$DATE $AUTHOR $EMAIL" >%b + +s Invoke `shell' + sh + +m view `man' + MAN=%{Enter name of man:} + TMPFILE=`mktemp ${MC_TMPDIR:-/tmp}/mcview.$MAN.XXXXXX` || exit 1 + man -Pcat $MAN >$TMPFILE + mcview $TMPFILE + rm -f $TMPFILE + +i Insert a out of command to cursor. + CMD=%{ Enter command: } + eval $CMD > %b + +o Open bash to next free console + open -s -- /bin/bash +#-------------------------- End of common section ----------------------------- diff --git a/mc/edit.indent.rc b/mc/edit.indent.rc new file mode 100644 index 0000000..92f82d5 --- /dev/null +++ b/mc/edit.indent.rc @@ -0,0 +1,31 @@ +#! /bin/sh +# *** External Formatter (Indenter) for GNU Midnight Commander. +# arguments: +# $1 - Name of the file being edited +# $2 - Name of the file to be processed + +exec >/dev/null + +case `echo $1 |sed 's/^.*\.//'` in + c|h) + # ftp://ftp.gnu.org/pub/gnu/indent/ + # Please add options to your ~/.indent.pro, not here. + indent "$2" + ;; + C|cc|CC|cxx|CXX|cpp|CPP) + # http://astyle.sourceforge.net/ + astyle "$2" + ;; + java|JAVA) + # http://astyle.sourceforge.net/ + astyle --style=java --mode=java "$2" + ;; + htm|html|HTM|HTML) + # http://tidy.sourceforge.net/ + tidy -q -m -ascii -wrap 80 "$2" + ;; + *) + # http://www.gnu.org/software/coreutils/ + fmt "$2" >"$2.tmp" && rm -f "$2" && mv -f "$2.tmp" "$2" + ;; +esac diff --git a/mc/edit.spell.rc b/mc/edit.spell.rc new file mode 100644 index 0000000..e9dee8b --- /dev/null +++ b/mc/edit.spell.rc @@ -0,0 +1,11 @@ +#! /bin/sh +# *** External Spell Checker for GNU Midnight Commander. +# arguments: +# $1 - Name of the file being edited +# $2 - Name of the file to be processed + +if aspell /dev/null 2>&1; then + aspell -c "$2" +else + ispell "$2" +fi diff --git a/mc/filehighlight.ini b/mc/filehighlight.ini new file mode 100644 index 0000000..cca5499 --- /dev/null +++ b/mc/filehighlight.ini @@ -0,0 +1,45 @@ +[executable] + type=FILE_EXE + +[directory] + type=DIR + + +[device] + type=DEVICE + +[special] + type=SPECIAL + +[stalelink] + type=STALE_LINK + +[symlink] + type=SYMLINK + +[core] + regexp=^core\\.*\\d*$ + +[temp] + extensions=tmp;$$$;~;bak + extensions_case=false + regexp=(^#.*|.*~$) + +[archive] + extensions=gz;bz2;tar;tgz;rpm;Z;rar;zip;arj;cab;lzh;lha;zoo;arc;ark;xz;tbz;tbz2; + +[doc] + extensions=txt;doc;rtf;diz;ctl;me;ps;pdf;xml;xsd;xslt;dtd;html;shtml;htm;mail;msg;lsm;po;nroff;man;tex;sgml;css;text;letter;chm + +[source] + extensions=c;h;cc;hh;cpp;cxx;hpp;asm;py;pl;pm;inc;cgi;php;phps;js;java;jav;jasm;sh;bash;diff;patch;pas;tcl;tk;awk;m4;st;mak;sl;ada;caml;ml;mli;mly;mll;mlp;sas;prg;hs;hi;erl + +[media] + extensions=mp2;mp3;mpg;ogg;mpeg;wav;avi;asf;mov;mol;mpl;xm;mod;it;med;mid;midi;s3m;umx;vob;mkv;flv;mp4;m3u + +[graph] + extensions=jpg;jpeg;gif;png;tif;pcx;bmp;xpm;xbm;eps;pic;rle;ico;wmf;omf;ai;cdr + +[database] + extensions=dbf;mdn;db;mdb;dat;fox;dbx;mdx;sql;mssql;msql;ssql;pgsql;xls;cdx;dbi + diff --git a/mc/mc.ext b/mc/mc.ext new file mode 100644 index 0000000..7d97ed7 --- /dev/null +++ b/mc/mc.ext @@ -0,0 +1,664 @@ +# Midnight Commander 3.0 extension file +# Warning: Structure of this file has changed completely with version 3.0 +# +# All lines starting with # or empty lines are thrown away. +# Lines starting in the first column should have following format: +# +# keyword/descNL, i.e. everything after keyword/ until new line is desc +# +# keyword can be: +# +# shell (desc is, when starting with a dot, any extension (no wildcars), +# i.e. matches all the files *desc . Example: .tar matches *.tar; +# if it doesn't start with a dot, it matches only a file of that name) +# +# regex (desc is an extended regular expression) +# Please note that we are using the GNU regex library and thus +# \| matches the literal | and | has special meaning (or) and +# () have special meaning and \( \) stand for literal ( ). +# +# type (file matches this if `file %f` matches regular expression desc +# (the filename: part from `file %f` is removed)) +# +# directory (matches any directory matching regular expression desc) +# +# include (matches an include directive) +# +# default (matches any file no matter what desc is) +# +# Other lines should start with a space or tab and should be in the format: +# +# keyword=commandNL (with no spaces around =), where keyword should be: +# +# Open (if the user presses Enter or doubleclicks it), +# +# View (F3), Edit (F4) +# +# Include is the keyword used to add any further entries from an include/ +# section +# +# command is any one-line shell command, with the following substitutions: +# +# %% -> % character +# %p -> name of the current file (without path, but pwd is its path) +# %f -> name of the current file. Unlike %p, if file is located on a +# non-local virtual filesystem, i.e. either tarfs or ftpfs, +# then the file will be temporarily copied into a local directory +# and %f will be the full path to this local temporal file. +# If you don't want to get a local copy and want to get the +# virtual fs path (like /#ftp:ftp.cvut.cz/pub/hungry/xword), then +# use %d/%p instead of %f. +# %d -> name of the current directory (pwd, without trailing slash) +# %s -> "selected files", i.e. space separated list of tagged files if any +# or name of the current file +# %t -> list of tagged files +# %u -> list of tagged files (they'll be untaged after the command) +# +# (If these 6 letters are in uppercase, they refer to the other panel. +# But you shouldn't have to use it in this file.) +# +# +# %cd -> the rest is a path mc should change into (cd won't work, since it's +# a child process). %cd handles even vfs names. +# +# %view -> the command you type will be piped into mc's internal file viewer +# if you type only the %view and no command, viewer will load %f file +# instead (i.e. no piping, so it is different to %view cat %f) +# %view may be directly followed by {} with a list of any of +# ascii (Ascii mode), hex (Hex mode), nroff (color highlighting for +# text using backspace for bold and underscore) and unform +# (no highlighting for nroff sequences) separated by commas. +# +# %var -> You use it like this: %var{VAR:default}. This macro will expand +# to the value of the VAR variable in the environment if it's set +# otherwise the value in default will be used. This is similar to +# the Bourne shell ${VAR-default} construct. +# +# Rules are applied from top to bottom, thus the order is important. +# If some actions are missing, search continues as if this target didn't +# match (i.e. if a file matches the first and second entry and View action +# is missing in the first one, then on pressing F3 the View action from +# the second entry will be used. default should catch all the actions. +# +# Any new entries you develop for you are always welcome if they are +# useful on more than one system. You can post your modifications +# as tickets at www.midnight-commander.org + + +### Changes ### +# +# Reorganization: 2000-05-01 Michal Svec + + +### TODO ### +# +# Postscript Open: ps2svga [gs -DEVICE=jpeg|zgv or something] +# Images asciiview +# +# All X Apps [Nothing/Warning] if no DISPLAY +# Not found [Default/Warning] +# Empty Output [Default/Warning] +# Edit: CopyOut+EDIT+CopyIn +# Security Check gzip/bzip EDIT (mktemp) +# +# Maybe: Open/XOpen/GOpen/KOpen/... for Console/X/GNOME/KDE/etc. + + +### Archives ### + +# .tgz, .tpz, .tar.gz, .tar.z, .tar.Z, .ipk +regex/\.t([gp]?z|ar\.g?[zZ])$|\.ipk$ + Open=%cd %p#utar + View=%view{ascii} gzip -dc %f 2>/dev/null | tar tvvf - + +regex/\.tar\.bz$ + # Open=%cd %p#utar + View=%view{ascii} bzip -dc %f 2>/dev/null | tar tvvf - + +regex/\.t(ar\.bz2|bz2?|b2)$ + Open=%cd %p#utar + View=%view{ascii} bzip2 -dc %f 2>/dev/null | tar tvvf - + +# .tar.lzma, .tlz +regex/\.t(ar\.lzma|lz)$ + Open=%cd %p#utar + View=%view{ascii} lzma -dc %f 2>/dev/null | tar tvvf - + +# .tar.xz, .txz +regex/\.t(ar\.xz|xz)$ + Open=%cd %p#utar + View=%view{ascii} xz -dc %f 2>/dev/null | tar tvvf - + +# .tar.F - used in QNX +regex/\.tar\.F$ + # Open=%cd %p#utar + View=%view{ascii} freeze -dc %f 2>/dev/null | tar tvvf - + +# .qpr/.qpk - QNX Neutrino package installer files +regex/\.(qp[rk])$ + Open=%cd %p#utar + View=%view{ascii} gzip -dc %f 2>/dev/null | tar tvvf - + +# tar +regex/\.(tar|TAR)$ + Open=%cd %p#utar + View=%view{ascii} tar tvvf - < %f + +# lha +type/^LHa\ .*archive + Open=%cd %p#ulha + View=%view{ascii} lha l %f + +# arj +regex/\.a(rj|[0-9][0-9])$ + Open=%cd %p#uarj + View=%view{ascii} unarj l %f + +# cab +regex/\.([cC][aA][bB])$ + Open=%cd %p#ucab + View=%view{ascii} cabextract -l %f + +# ha +regex/\.([Hh][Aa])$ + Open=%cd %p#uha + View=%view{ascii} ha lf %f + +# rar +regex/\.[rR]([aA][rR]|[0-9][0-9])$ + Open=%cd %p#urar + View=%view{ascii} rar v -c- %f + +# ALZip +regex/\.(alz|ALZ)$ + Open=%cd %p#ualz + View=%view{ascii} unalz -l %f + +# cpio +shell/.cpio.Z + Open=%cd %p#ucpio + View=%view{ascii} gzip -dc %f | cpio -itv 2>/dev/null + +shell/.cpio.gz + Open=%cd %p#ucpio + View=%view{ascii} gzip -dc %f | cpio -itv 2>/dev/null + +shell/.cpio + Open=%cd %p#ucpio + View=%view{ascii} cpio -itv < %f 2>/dev/null + +# ls-lR +regex/(^|\.)ls-?lR(\.gz|Z|bz2)$ + Open=%cd %p#lslR + +# patch +regex/\.(diff|patch)(\.bz2)$ + Open=%cd %p#patchfs + View=%view{ascii} bzip2 -dc %f 2>/dev/null + +regex/\.(diff|patch)(\.(gz|Z))$ + Open=%cd %p#patchfs + View=%view{ascii} gzip -dc %f 2>/dev/null + +regex/\.(diff|patch)$ + Open=%cd %p#patchfs + View=%view{ascii} /bin/cat %f 2>/dev/null + +# ar library +regex/\.s?a$ + Open=%cd %p#uar + #Open=%view{ascii} ar tv %f + View=%view{ascii} file %f && nm -C %f + +# trpm +regex/\.trpm$ + Open=%cd %p#trpm + View=%view{ascii} rpm -qivl --scripts `basename %p .trpm` + +# RPM packages (SuSE uses *.spm for source packages) +regex/\.(src\.rpm|spm)$ + Open=%cd %p#rpm + View=%view{ascii} if rpm --nosignature --version >/dev/null 2>&1; then RPM="rpm --nosignature" ; else RPM="rpm" ; fi ; $RPM -qivlp --scripts %f + +regex/\.rpm$ + Open=%cd %p#rpm + View=%view{ascii} if rpm --nosignature --version >/dev/null 2>&1; then RPM="rpm --nosignature" ; else RPM="rpm" ; fi ; $RPM -qivlp --scripts %f + +# deb +regex/\.u?deb$ + Open=%cd %p#deb + View=%view{ascii} dpkg-deb -I %f && echo && dpkg-deb -c %f + +# dpkg +shell/.debd + Open=%cd %p#debd + View=%view{ascii} dpkg -s `echo %p | sed 's/\([0-9a-z.-]*\).*/\1/'` +# apt +shell/.deba + Open=%cd %p#deba + View=%view{ascii} apt-cache show `echo %p | sed 's/\([0-9a-z.-]*\).*/\1/'` + +# ISO9660 +regex/\.([iI][sS][oO])$ + Open=%cd %p#iso9660 + View=%view{ascii} isoinfo -l -i %f + +# 7zip archives (they are not man pages) +regex/\.(7z|7Z)$ + Open=%cd %p#u7z + View=%view{ascii} 7za l %f 2>/dev/null + +# Mailboxes +type/^ASCII\ mail\ text + Open=%cd %p#mailfs + + +### Sources ### + +# C +shell/.c + Open=%var{EDITOR:vi} %f + +# Fortran +shell/.f + Open=%var{EDITOR:vi} %f + +# Header +regex/\.(h|hpp)$ + Open=%var{EDITOR:vi} %f + +# Asm +shell/.s + Open=%var{EDITOR:vi} %f + +# C++ +regex/\.(C|cc|cpp)$ + Open=%var{EDITOR:vi} %f + +# .so libraries +regex/\.(so|so\.[0-9\.]*)$ + View=%view{ascii} file %f && nm -C -D %f + +# Object +type/^ELF + #Open=%var{PAGER:more} %f + View=%view{ascii} file %f && nm -C %f + +### Documentation ### + +# Texinfo +regex/\.(te?xi|texinfo)$ + +# GNU Info page +type/^Info\ text + Open=info -f %f + +shell/.info + Open=info -f %f + +# Manual page +regex/(([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])|\.man)$ + Open=case %d/%f in */log/*|*/logs/*) cat %f ;; *) { zsoelim %f 2>/dev/null || cat %f; } | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) cat %f ;; *) { zsoelim %f 2>/dev/null || cat %f; } | nroff -c -Tlatin1 -mandoc ;; esac + +# Perl pod page +shell/.pod + Open=pod2man %f | nroff -c -Tlatin1 -mandoc | %var{PAGER:more} + View=%view{ascii,nroff} pod2man %f | nroff -c -Tlatin1 -mandoc + +# Troff with me macros. +# Exception - "read.me" is not a nroff file. +shell/read.me + Open= + View= + +shell/.me + Open=nroff -c -Tlatin1 -me %f | %var{PAGER:more} + View=%view{ascii,nroff} nroff -c -Tlatin1 -me %f + +# Troff with ms macros. +shell/.ms + Open=nroff -c -Tlatin1 -ms %f | %var{PAGER:more} + View=%view{ascii,nroff} nroff -c -Tlatin1 -ms %f + +# Manual page - compressed +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.g?[Zz]$ + Open=case %d/%f in */log/*|*/logs/*) gzip -dc %f ;; *) gzip -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) gzip -dc %f ;; *) gzip -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.bz$ + Open=case %d/%f in */log/*|*/logs/*) bzip -dc %f ;; *) bzip -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) bzip -dc %f ;; *) bzip -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.bz2$ + Open=case %d/%f in */log/*|*/logs/*) bzip2 -dc %f ;; *) bzip2 -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) bzip2 -dc %f ;; *) bzip2 -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.lzma$ + Open=case %d/%f in */log/*|*/logs/*) lzma -dc %f ;; *) lzma -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) lzma -dc %f ;; *) lzma -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.xz$ + Open=case %d/%f in */log/*|*/logs/*) xz -dc %f ;; *) xz -dc %f | nroff -c -Tlatin1 -mandoc ;; esac | %var{PAGER:more} + View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) xz -dc %f ;; *) xz -dc %f | nroff -c -Tlatin1 -mandoc ;; esac + +# CHM +regex/\.(chm|CHM)$ + Open=which kchmviewer > /dev/null 2>&1 && (kchmviewer %f &) || (xchm %f &) + +### Images ### + +type/^GIF + Include=image + +type/^JPEG + View=%view{ascii} identify %f; test -x /usr/bin/exif && echo && exif %f 2>/dev/null + Include=image + +type/^PC\ bitmap + Include=image + +type/^PNG + Include=image + +type/^TIFF + Include=image + +type/^PBM + Include=image + +type/^PGM + Include=image + +type/^PPM + Include=image + +type/^Netpbm + Include=image + +shell/.xcf + Open=(gimp %f &) + +shell/.xbm + Open=bitmap %f + +shell/.xpm + Include=image + View=sxpm %f + +shell/.ico + Include=image + +include/image + Open=if [ "$DISPLAY" = "" ]; then zgv %f; else (gqview %f &); fi + View=%view{ascii} identify %f + #View=%view{ascii} asciiview %f + + +### Sound files ### + +regex/\.([wW][aA][vV]|[sS][nN][dD]|[vV][oO][cC]|[aA][uU]|[sS][mM][pP]|[aA][iI][fF][fF]|[sS][nN][dD])$ + Open=if [ "$DISPLAY" = "" ]; then play %f; else (xmms %f >/dev/null 2>&1 &); fi + +regex/\.([mM][oO][dD]|[sS]3[mM]|[xX][mM]|[iI][tT]|[mM][tT][mM]|669|[sS][tT][mM]|[uU][lL][tT]|[fF][aA][rR])$ + Open=mikmod %f + #Open=tracker %f + +regex/\.([wW][aA][wW]22)$ + Open=vplay -s 22 %f + +regex/\.([mM][pP]3)$ + Open=if [ "$DISPLAY" = "" ]; then mpg123 %f; else (xmms %f >/dev/null 2>&1 &); fi + View=%view{ascii} mpg123 -vtn1 %f 2>&1 | sed -n '/^Title/,/^Comment/p;/^MPEG/,/^Audio/p' + +regex/\.([oO][gG][gG|aA|vV|xX])$ + Open=if [ "$DISPLAY" = "" ]; then ogg123 %f; else (xmms %f >/dev/null 2>&1 &); fi + View=%view{ascii} ogginfo %s + +regex/\.([sS][pP][xX]|[fF][lL][aA][cC])$ + Open=if [ "$DISPLAY" = "" ]; then play %f; else (xmms %f >/dev/null 2>&1 &); fi + +regex/\.([mM][iI][dD][iI]?|[rR][mM][iI][dD]?)$ + Open=timidity %f + +regex/\.([wW][mM][aA])$ + Open=mplayer -vo null %f + View=%view{ascii} mplayer -quiet -slave -frames 0 -vo null -ao null -identify %f 2>/dev/null | tail +13 || file %f + + +### Play lists ### + +regex/\.([mM]3[uU]|[pP][lL][sS])$ + Open=if [ -z "$DISPLAY" ]; then mplayer -vo null -playlist %f; else (xmms -p %f >/dev/null 2>&1 &); fi + + +### Video ### + +regex/\.([aA][vV][iI])$ + Include=video + +regex/\.([aA][sS][fFxX])$ + Include=video + +regex/\.([dD][iI][vV][xX])$ + Include=video + +regex/\.([mM][kK][vV])$ + Include=video + +regex/\.([mM][oO][vV]|[qQ][tT])$ + Include=video + +regex/\.([mM][pP]4|[mM][pP][eE]?[gG])$ + Include=video + +regex/\.([vV][oO][bB])$ + Include=video + +regex/\.([wW][mM][vV])$ + Include=video + +regex/\.([fF][lL][iIcCvV])$ + Include=video + +regex/\.([oO][gG][mM])$ + Include=video + +regex/\.([rR][aA]?[mM])$ + Open=(realplay %f >/dev/null 2>&1 &) + +include/video + Open=(mplayer %f >/dev/null 2>&1 &) + #Open=(gtv %f >/dev/null 2>&1 &) + #Open=(xanim %f >/dev/null 2>&1 &) + + +### Documents ### + +# Postscript +type/^PostScript + Open=(gv %f &) + View=%view{ascii} ps2ascii %f + +# PDF +type/^PDF + Open=(xpdf %f &) + #Open=(acroread %f &) + #Open=(ghostview %f &) + View=%view{ascii} pdftotext %f - + +# The following code very ugly and should not be taken as example. +# It should be cleaned up when the new format of mc.ext is developed. + +# html +regex/\.([hH][tT][mM][lL]?)$ + Open=(if test -n "" && test -n "$DISPLAY"; then ( file://%d/%p &) 1>&2; else links %f || lynx -force_html %f || ${PAGER:-more} %f; fi) 2>/dev/null + View=%view{ascii} links -dump %f 2>/dev/null || w3m -dump %f 2>/dev/null || lynx -dump -force_html %f + +# StarOffice 5.2 +shell/.sdw + Open=(ooffice %f &) + +# StarOffice 6 and OpenOffice.org formats +regex/\.(odt|ott|sxw|stw|ods|ots|sxc|stc|odp|otp|sxi|sti|odg|otg|sxd|std|odb|odf|sxm|odm|sxg)$ + Open=(ooffice %f &) + View=%view{ascii} odt2txt %f + +# AbiWord +shell/.abw + Open=(abiword %f &) + +# Microsoft Word Document +regex/\.([Dd][oO][cCtT]|[Ww][rR][iI])$ + Open=(abiword %f >/dev/null 2>&1 &) + View=%view{ascii} antiword -t %f || catdoc -w %f || word2x -f text %f - || strings %f +type/^Microsoft\ Word + Open=(abiword %f >/dev/null 2>&1 &) + View=%view{ascii} antiword -t %f || catdoc -w %f || word2x -f text %f - || strings %f + +# RTF document +regex/\.([rR][tT][fF])$ + Open=(abiword %f >/dev/null 2>&1 &) + +# Microsoft Excel Worksheet +regex/\.([xX][lL][sSwW])$ + Open=(gnumeric %f >/dev/null 2>&1 &) + View=%view{ascii} xls2csv %f || strings %f +type/^Microsoft\ Excel + Open=(gnumeric %f >/dev/null 2>&1 &) + View=%view{ascii} xls2csv %f || strings %f + +# Use OpenOffice.org to open any MS Office documents +type/^Microsoft\ Office\ Document + Open=(ooffice %f &) + +# Framemaker +type/^FrameMaker + Open=fmclient -f %f + +# DVI +regex/\.([dD][vV][iI])$ + Open=if [ x$DISPLAY = x ]; then dvisvga %f; else (xdvi %f &); fi + View=%view{ascii} dvi2tty %f + +# TeX +regex/\.([Tt][Ee][Xx])$ + Open=%var{EDITOR:vi} %f + +# DjVu +regex/\.(djvu|DJVU)$ + Open=djview %f & + +### Miscellaneous ### + +# Makefile +regex/[Mm]akefile$ + Open=make -f %f %{Enter parameters} + +# Imakefile +shell/Imakefile + Open=xmkmf -a + +# Makefile.PL (MakeMaker) +regex/^Makefile.(PL|pl)$ + Open=%var{PERL:perl} %f + +# dbf +regex/\.([dD][bB][fF])$ + Open=%view{ascii} dbview %f + View=%view{ascii} dbview -b %f + +# REXX script +regex/\.(rexx?|cmd)$ + Open=rexx %f %{Enter parameters};echo "Press ENTER";read y + +# Disk images for Commodore computers (VIC20, C64, C128) +regex/\.(d64|D64)$ + Open=%cd %p#uc1541 + View=%view{ascii} c1541 %f -list + Extract=c1541 %f -extract + +# Glade, a user interface designer for GTK+ and GNOME +regex/\.([Gg][Ll][Aa][Dd][Ee])$ + Open=if glade-3 --version >/dev/null 2>&1; then (glade-3 %f >/dev/null 2>&1 &); else (glade-2 %f >/dev/null 2>&1 &); fi + +# Gettext Catalogs +shell/.mo + View=%view{ascii} msgunfmt %f || cat %f + +# lyx +regex/\.(lyx|LYX)$ + Open=lyx %f + View=%view{ascii} lyxcat %f + +### Plain compressed files ### + +# ace +regex/\.(ace|ACE)$ + Open=%cd %p#uace + View=%view{ascii} unace l %f + Extract=unace x %f + +# arc +regex/\.(arc|ARC)$ + Open=%cd %p#uarc + View=%view{ascii} arc l %f + Extract=arc x %f '*' + Extract (with flags)=I=%{Enter any Arc flags:}; if test -n "$I"; then arc x $I %f; fi + +# zip +type/^([Zz][Ii][Pp])\ archive + Open=%cd %p#uzip + View=%view{ascii} unzip -v %f + +# zoo +regex/\.([Zz][Oo][Oo])$ + Open=%cd %p#uzoo + View=%view{ascii} zoo l %f + +# gzip +type/^gzip + Open=gzip -dc %f | %var{PAGER:more} + View=%view{ascii} gzip -dc %f 2>/dev/null + +regex/\.(gz|Z)$ + View=%view{ascii} gzip -dc %f 2>/dev/null + +# bzip2 +type/^bzip2 + Open=bzip2 -dc %f | %var{PAGER:more} + View=%view{ascii} bzip2 -dc %f 2>/dev/null + +regex/\.bz2?$ + View=%view{ascii} bzip2 -dc %f 2>/dev/null + +# bzip +type/^bzip + Open=bzip -dc %f | %var{PAGER:more} + View=%view{ascii} bzip -dc %f 2>/dev/null + +# compress +type/^compress + Open=gzip -dc %f | %var{PAGER:more} + View=%view{ascii} gzip -dc %f 2>/dev/null + +# lzma +regex/\.lzma$ + Open=lzma -dc %f | %var{PAGER:more} + View=%view{ascii} lzma -dc %f 2>/dev/null + +# xz +regex/\.xz$ + Open=xz -dc %f | %var{PAGER:more} + View=%view{ascii} xz -dc %f 2>/dev/null + + +### Default ### + +# Default target for anything not described above +default/* + Open= + View= + + +### EOF ### diff --git a/mc/mc.keymap b/mc/mc.keymap new file mode 100644 index 0000000..07b1c85 --- /dev/null +++ b/mc/mc.keymap @@ -0,0 +1,451 @@ +[editor] +EditXStore = ctrl-insert +EditXPaste = shift-insert +EditXCut = shift-delete + +EditDeleteLine = ctrl-y +EditDeleteToLineEnd = ctrl-k +EditDeleteToLineBegin = + +EditLeft = left +EditRight = right +EditUp = up +EditDown = down +EditEnter = enter +EditReturn = shift-enter +EditBackSpace = backspace; ctrl-h +EditDelete = delete; ctrl-d +EditPageUp = pgup +EditPageDown = pgdn +EditWordLeft = ctrl-left; ctrl-z +EditWordRight = ctrl-right; ctrl-x +EditHome = home +EditEnd = end +EditTab = tab +EditUndo = ctrl-u +EditBeginningOfText = ctrl-home; alt-lt +EditEndOfText = ctrl-end; alt-gt +EditScrollUp = ctrl-up +EditScrollDown = ctrl-down +EditBeginPage = ctrl-pgup +EditEndPage = ctrl-pgdn +EditDeleteWordLeft = alt-backspace +EditDeleteWordRight = alt-d +EditParagraphUp = +EditParagraphDown = +EditSave = f2 +EditLoad = +EditNew = ctrl-n +EditSaveas = f12 +EditMark = f3 +EditCopy = f5 +EditMove = f6 +EditRemove = f8 +EditMarkAll = +EditUnmark = +EditFind = f7 +EditMarkLine = +EditMarkWord = + +EditShiftBlockLeft = +EditShiftBlockRight = + +EditPageUpHighlight = shift-pgup +EditPageDownHighlight = shift-pgdn +EditLeftHighlight = shift-left +EditRightHighlight = shift-right +EditWordLeftHighlight = ctrl-shift-left +EditWordRightHighlight = ctrl-shift-right +EditUpHighlight = shift-up +EditDownHighlight = shift-down +EditHomeHighlight = shift-home +EditEndHighlight = shift-end +EditBeginningOfTextHighlight = ctrl-shift-home +EditEndOfTextHighlight = ctrl-shift-end +EditBeginPageHighlight = ctrl-shift-pgup +EditEndPageHighlight = ctrl-shift-pgdn +EditScrollUpHighlight = ctrl-shift-up +EditScrollDownHighlight = ctrl-shift-down +EditParagraphUpHighlight = +EditParagraphDownHighlight = + +EditPageUpAltHighlight = alt-pgup +EditPageDownAltHighlight = alt-pgdn +EditLeftAltHighlight = alt-left +EditRightAltHighlight = alt-right +EditWordLeftAltHighlight = ctrl-alt-left +EditWordRightAltHighlight = ctrl-alt-right +EditUpAltHighlight = alt-up +EditDownAltHighlight = alt-down +EditHomeAltHighlight = alt-home +EditEndAltHighlight = alt-end +EditBeginningOfTextAltHighlight = ctrl-alt-home +EditEndOfTextHighlight = ctrl-alt-end +EditBeginPageHighlight = ctrl-alt-pgup +EditEndPageAltHighlight = ctrl-alt-pgdn +EditScrollUpAltHighlight = +EditScrollDownAltHighlight = +EditParagraphUpAltHighlight = +EditParagraphDownAltHighlight = + +EditSaveBlock = ctrl-f +EditColumnMark = f13 +EditFindAgain = f17 +EditReplace = f4 +EditReplaceAgain = f14 +EditCompleteWord = alt-tab +EditDebugStart = +EditDebugStop = +EditDebugToggleBreak = +EditDebugClear = +EditDebugNext = +EditDebugStep = +EditDebugBackTrace = +EditDebugContinue = +EditDebugEnterCommand = +EditDebugUntilCurser = +EditInsertFile = f15 +EditQuit = f10 +EditToggleInsert = insert +EditHelp = f1 +EditDate = +EditRefresh = ctrl-l +EditGoto = alt-l +EditManPage = +EditSort = alt-t +EditMail = alt-m +EditCancel = +EditComplete = + +EditParagraphFormat = alt-p +EditUtil = +EditTypeLoadPython = +EditFindFile = +EditCtags = +EditMatchBracket = alt-b +EditTerminal = +EditTerminalApp = +EditExtCmd = alt-u +EditUserMenu = f11 +EditSaveDesktop = +EditNewWindow = +EditCycle = +EditMenu = f9 +EditSaveAndQuit = +EditRunAnother = +EditCheckSaveAndQuit = +EditMaximize = +EditToggleBookmark = alt-k +EditFlushBookmarks = alt-o +EditNextBookmark = alt-j +EditPrevBookmark = alt-i + +EditSelectionHistory = +EditShell = ctrl-o +EditInsertLiteral = ctrl-q + +EditBeginRecordMacro = +EditEndRecordMacro = +EditBeginOrEndMacro = ctrl-r +EditExecuteMacro = ctrl-a +EditDeleteMacro = + +EditToggleLineState = alt-n +EditToggleTabTWS = alt-underline +EditToggleSyntax = ctrl-s +EditToggleShowMargin = + +EditFindDefinition = alt-enter +EditLoadPrevFile = alt-minus +EditLoadNextFile = alt-plus + +SelectCodepage = alt-e + +[viewer] +ViewHelp = f1 +ViewToggleWrapMode = f2 +ViewQuit = f3; f10; q; esc +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewContinueSearch = ctrl-r; ctrl-s; f17; n +ViewMoveToBol = ctrl-a +ViewMoveToEol = ctrl-e +ViewMoveLeft = h; left +ViewMoveRight = l; right +ViewMoveLeft10 = ctrl-left +ViewMoveRight10 = ctrl-right +ViewMoveUp = k; y; insert; up; ctrl-p +ViewMoveDown = j; e; delete; down; enter; ctrl-n +ViewMovePgDn = f; space; pgdn; ctrl-v +ViewMovePgUp = b; pgup; alt-v; backspace +ViewMoveHalfPgDn = d +ViewMoveHalfPgUp = u +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +ViewGotoBookmark = m +ViewNewBookmark = r +ViewNextFile = ctrl-f +ViewPrevFile = ctrl-b +SelectCodepage = alt-e +ShowCommandLine = ctrl-o +ViewToggleRuler = alt-r + +[viewer:hex] +ViewHelp = f1 +ViewToggleHexEditMode = f2 +ViewQuit = f3; f10; q; esc +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewHexEditSave = f6 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewToggleHexNavMode = tab +ViewMoveToBol = ctrl-a; home +ViewMoveToEol = ctrl-e; end +ViewMoveLeft = b; left +ViewMoveRight = f; right +ViewMoveUp = k; y; up +ViewMoveDown = j; delete; down +ViewMovePgDn = pgdn; ctrl-v +ViewMovePgUp = pgup; alt-v +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g + +[main] +CmdHelp = f1 +CmdUserMenu = f2 +CmdView = f3 +CmdViewFile = f13 +CmdEdit = f4 +CmdEditForceInternal = +CmdCopy = f5 +CmdRename = f6 +CmdMkdir = f7 +CmdDelete = f8 +CmdMenu = f9 +CmdQuit = f10 +CmdMenuLastSelected = f19 +CmdQuietQuit = f20 +CmdFind = alt-question +CmdQuickCd = alt-c +CmdQuickChdir = ctrl-backslash +CmdReread = ctrl-r +CmdSingleDirsize = ctrl-space +CmdSuspend = ctrl-z +CmdSwapPanel = ctrl-u +CmdHistory = alt-h +CmdListing = +CmdToggleListing = alt-t +CmdToggleShowHidden = alt-dot +CmdTogglePanelsSplit = alt-comma +ShowCommandLine = ctrl-o +CmdCopyCurrentPathname = alt-a +CmdCopyOtherPathname = alt-shift-a +CmdFilteredView = alt-exclamation +CmdSelect = kpplus +CmdUnselect = kpminus +CmdReverseSelection = kpasterisk +CmdDialogList = alt-prime +ExtMap1 = ctrl-x + +[main:xmap] +CmdChmod = c +CmdChown = o +CmdCompareDirs = d +CmdEditSymlink = ctrl-s +CmdLink = l +CmdSymlink = s +CmdRelativeSymlink = v +CmdInfo = i +CmdQuickView = q +CmdExternalPanelize = exclamation +CmdReselectVfs = a +CmdJobs = j +CmdCopyCurrentPathname = p +CmdCopyOtherPathname = ctrl-p +CmdCopyCurrentTagged = t +CmdCopyOtherTagged = ctrl-t +CmdDiffView = ctrl-d + +[panel] +PanelStartSearch = ctrl-s; alt-s +PanelMarkFile = insert; ctrl-t +PanelMarkFileUp = shift-up +PanelMarkFileDown = shift-down +PanelMoveDown = down; ctrl-n +PanelMoveUp = up; ctrl-p +PanelMoveLeft = left +PanelMoveRight = right +PanelPrevPage = pgup; alt-v +PanelNextPage = pgdn; ctrl-v +PanelDoEnter = enter +PanelChdirOtherPanel = alt-o +PanelChdirToReadlink = alt-l +PanelViewSimple = F13 +PanelEditNew = F14 +PanelCopyLocal = F15 +PanelRenameLocal = F16 +PanelDeleteLocal = F18 +PanelReverseSelection = alt-asterisk +PanelSelect = alt-plus +PanelUnselect = alt-minus +PanelGotoChildDir = ctrl-pgdn +PanelGotoParentDir = ctrl-pgup +PanelDirectoryHistoryList = alt-shift-h +PanelDirectoryHistoryNext = alt-u +PanelDirectoryHistoryPrev = alt-y +PanelGotoBottomFile = alt-j +PanelGotoMiddleFile = alt-r +PanelSyncOtherPanel = alt-i +PanelGotoTopFile = alt-g +PanelSetPanelEncoding = alt-e +PanelMoveHome = alt-lt; home; a1 +PanelMoveEnd = alt-gt; end; c1 +PanelSelectSortOrder= +PanelToggleSortOrderPrev= +PanelToggleSortOrderNext= +PanelReverseSort= +PanelSortOrderByName= +PanelSortOrderByExt= +PanelSortOrderBySize= +PanelSortOrderByMTime= +PanelSmartGotoParentDir= + +[input] +InputBol = ctrl-a; alt-lt; home; a1 +InputEol = ctrl-e; alt-gt; end; c1 +InputMoveLeft = left; alt-left +InputWordLeft = ctrl-left +InputBackwardChar = ctrl-b +InputBackwardWord = alt-b +InputMoveRight = right; alt-right +InputWordRight = ctrl-right +InputForwardChar = ctrl-f +InputForwardWord = alt-f +InputBackwardDelete = backspace; ctrl-h +InputDeleteChar = delete; ctrl-d +InputKillWord = alt-d +InputBackwardKillWord = alt-backspace +InputSetMark = +InputKillRegion = ctrl-w +InputXCut = +InputXStore = alt-w +InputXPaste = +InputYank = ctrl-y +InputKillLine = ctrl-k +InputHistoryPrev = alt-p; ctrl-down +InputHistoryNext = alt-n; ctrl-up +InputHistoryShow = alt-h +InputComplete = alt-tab +InputClearLine = +InputLeftHighlight = shift-left +InputRightHighlight = shift-right +InputWordLeftHighlight = ctrl-shift-left +InputWordRightHighlight = ctrl-shift-right +InputBolHighlight = shift-home +InputEolHighlight = shift-end + +[listbox] +ListboxMoveUp = up; ctrl-p +ListboxMoveDown = down; ctrl-n +ListboxMoveHome = home; alt-lt; a1 +ListboxMoveEnd = end; alt-gt; c1 +ListboxMovePgUp = pgup; alt-v +ListboxMovePgDn = pgdn; ctrl-v +ListboxDeleteItem = delete; d +ListboxDeleteAll = shift-delete; shift-d + +[tree] +TreeHelp = f1 +TreeForget = f3 +TreeToggleNav = f4 +TreeCopy = f5 +TreeMove = f6 +TreeMoveUp = up; ctrl-p +TreeMoveDown = down; ctrl-n +TreeMoveLeft = left +TreeMoveRight = right +TreeMoveHome = home; alt-lt; a1 +TreeMoveEnd = end; alt-gt; c1 +TreeMovePgUp = pgup; alt-v +TreeMovePgDn = pgdn; ctrl-v +TreeOpen = enter +TreeRescan = f2; ctrl-r +TreeStartSearch = ctrl-s; alt-s +TreeRemove = f8; delete + +[help] +HelpHelp = f1 +HelpIndex = f2; c +HelpBack = f3; left; l +HelpQuit = f10; esc +HelpMoveUp = up; ctrl-p +HelpMoveDown = down; ctrl-n +HelpMovePgDn = f; space; pgdn; ctrl-v +HelpMovePgUp = b; pgup; alt-v; backspace +HelpMoveHalfPgDn = d +HelpMoveHalfPgUp = u +HelpMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +HelpMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +HelpSelectLink = right; enter +HelpNextLink = tab +HelpPrevLink = alt-tab +HelpNextNode = n +HelpPrevNode = p + +[dialog] +DialogOK = enter +DialogCancel = f10; esc; ctrl-g +DialogPrevItem = left; up +DialogNextItem = right; down +DialogHelp = f1 +DialogSuspend = ctrl-z +DialogRefresh = ctrl-l +CmdDialogList = alt-prime +CmdDialogNext = alt-rbrace +CmdDialogPrev = alt-lbrace + + +[diffviewer] +DiffDisplaySymbols = alt-s; s +DiffDisplayNumbers = alt-n; l +DiffFull = f +DiffEqual = equal +DiffSplitMore = gt +DiffSplitLess = lt +DiffSetTab2 = 2 +DiffSetTab3 = 3 +DiffSetTab4 = 4 +DiffSetTab8 = 8 +DiffSwapPanel = ctrl-u +DiffRedo = ctrl-r +DiffNextHunk = n; enter; space +DiffPrevHunk = p; backspace +DiffGoto = g; shift-g +DiffSave = f2 +DiffEditCurrent = f4 +DiffEditOther = f14 +DiffMergeCurrentHunk = f5 +DiffSearch = f7 +DiffContinueSearch = f17 +DiffOptions = f9 +DiffBOF = ctrl-home +DiffEOF = ctrl-end +DiffDown = down +DiffUp = up +DiffQuickLeft = ctrl-left +DiffQuickRight = ctrl-right +DiffLeft = left +DiffRight = right +DiffPageDown = pgdn +DiffPageUp = pgup +DiffHome = home +DiffEnd = end +DiffHelp = f1 +DiffQuit = f10; q; shift-q; esc +ShowCommandLine = ctrl-o +SelectCodepage = alt-e diff --git a/mc/mc.keymap.default b/mc/mc.keymap.default new file mode 100644 index 0000000..07b1c85 --- /dev/null +++ b/mc/mc.keymap.default @@ -0,0 +1,451 @@ +[editor] +EditXStore = ctrl-insert +EditXPaste = shift-insert +EditXCut = shift-delete + +EditDeleteLine = ctrl-y +EditDeleteToLineEnd = ctrl-k +EditDeleteToLineBegin = + +EditLeft = left +EditRight = right +EditUp = up +EditDown = down +EditEnter = enter +EditReturn = shift-enter +EditBackSpace = backspace; ctrl-h +EditDelete = delete; ctrl-d +EditPageUp = pgup +EditPageDown = pgdn +EditWordLeft = ctrl-left; ctrl-z +EditWordRight = ctrl-right; ctrl-x +EditHome = home +EditEnd = end +EditTab = tab +EditUndo = ctrl-u +EditBeginningOfText = ctrl-home; alt-lt +EditEndOfText = ctrl-end; alt-gt +EditScrollUp = ctrl-up +EditScrollDown = ctrl-down +EditBeginPage = ctrl-pgup +EditEndPage = ctrl-pgdn +EditDeleteWordLeft = alt-backspace +EditDeleteWordRight = alt-d +EditParagraphUp = +EditParagraphDown = +EditSave = f2 +EditLoad = +EditNew = ctrl-n +EditSaveas = f12 +EditMark = f3 +EditCopy = f5 +EditMove = f6 +EditRemove = f8 +EditMarkAll = +EditUnmark = +EditFind = f7 +EditMarkLine = +EditMarkWord = + +EditShiftBlockLeft = +EditShiftBlockRight = + +EditPageUpHighlight = shift-pgup +EditPageDownHighlight = shift-pgdn +EditLeftHighlight = shift-left +EditRightHighlight = shift-right +EditWordLeftHighlight = ctrl-shift-left +EditWordRightHighlight = ctrl-shift-right +EditUpHighlight = shift-up +EditDownHighlight = shift-down +EditHomeHighlight = shift-home +EditEndHighlight = shift-end +EditBeginningOfTextHighlight = ctrl-shift-home +EditEndOfTextHighlight = ctrl-shift-end +EditBeginPageHighlight = ctrl-shift-pgup +EditEndPageHighlight = ctrl-shift-pgdn +EditScrollUpHighlight = ctrl-shift-up +EditScrollDownHighlight = ctrl-shift-down +EditParagraphUpHighlight = +EditParagraphDownHighlight = + +EditPageUpAltHighlight = alt-pgup +EditPageDownAltHighlight = alt-pgdn +EditLeftAltHighlight = alt-left +EditRightAltHighlight = alt-right +EditWordLeftAltHighlight = ctrl-alt-left +EditWordRightAltHighlight = ctrl-alt-right +EditUpAltHighlight = alt-up +EditDownAltHighlight = alt-down +EditHomeAltHighlight = alt-home +EditEndAltHighlight = alt-end +EditBeginningOfTextAltHighlight = ctrl-alt-home +EditEndOfTextHighlight = ctrl-alt-end +EditBeginPageHighlight = ctrl-alt-pgup +EditEndPageAltHighlight = ctrl-alt-pgdn +EditScrollUpAltHighlight = +EditScrollDownAltHighlight = +EditParagraphUpAltHighlight = +EditParagraphDownAltHighlight = + +EditSaveBlock = ctrl-f +EditColumnMark = f13 +EditFindAgain = f17 +EditReplace = f4 +EditReplaceAgain = f14 +EditCompleteWord = alt-tab +EditDebugStart = +EditDebugStop = +EditDebugToggleBreak = +EditDebugClear = +EditDebugNext = +EditDebugStep = +EditDebugBackTrace = +EditDebugContinue = +EditDebugEnterCommand = +EditDebugUntilCurser = +EditInsertFile = f15 +EditQuit = f10 +EditToggleInsert = insert +EditHelp = f1 +EditDate = +EditRefresh = ctrl-l +EditGoto = alt-l +EditManPage = +EditSort = alt-t +EditMail = alt-m +EditCancel = +EditComplete = + +EditParagraphFormat = alt-p +EditUtil = +EditTypeLoadPython = +EditFindFile = +EditCtags = +EditMatchBracket = alt-b +EditTerminal = +EditTerminalApp = +EditExtCmd = alt-u +EditUserMenu = f11 +EditSaveDesktop = +EditNewWindow = +EditCycle = +EditMenu = f9 +EditSaveAndQuit = +EditRunAnother = +EditCheckSaveAndQuit = +EditMaximize = +EditToggleBookmark = alt-k +EditFlushBookmarks = alt-o +EditNextBookmark = alt-j +EditPrevBookmark = alt-i + +EditSelectionHistory = +EditShell = ctrl-o +EditInsertLiteral = ctrl-q + +EditBeginRecordMacro = +EditEndRecordMacro = +EditBeginOrEndMacro = ctrl-r +EditExecuteMacro = ctrl-a +EditDeleteMacro = + +EditToggleLineState = alt-n +EditToggleTabTWS = alt-underline +EditToggleSyntax = ctrl-s +EditToggleShowMargin = + +EditFindDefinition = alt-enter +EditLoadPrevFile = alt-minus +EditLoadNextFile = alt-plus + +SelectCodepage = alt-e + +[viewer] +ViewHelp = f1 +ViewToggleWrapMode = f2 +ViewQuit = f3; f10; q; esc +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewContinueSearch = ctrl-r; ctrl-s; f17; n +ViewMoveToBol = ctrl-a +ViewMoveToEol = ctrl-e +ViewMoveLeft = h; left +ViewMoveRight = l; right +ViewMoveLeft10 = ctrl-left +ViewMoveRight10 = ctrl-right +ViewMoveUp = k; y; insert; up; ctrl-p +ViewMoveDown = j; e; delete; down; enter; ctrl-n +ViewMovePgDn = f; space; pgdn; ctrl-v +ViewMovePgUp = b; pgup; alt-v; backspace +ViewMoveHalfPgDn = d +ViewMoveHalfPgUp = u +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +ViewGotoBookmark = m +ViewNewBookmark = r +ViewNextFile = ctrl-f +ViewPrevFile = ctrl-b +SelectCodepage = alt-e +ShowCommandLine = ctrl-o +ViewToggleRuler = alt-r + +[viewer:hex] +ViewHelp = f1 +ViewToggleHexEditMode = f2 +ViewQuit = f3; f10; q; esc +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewHexEditSave = f6 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewToggleHexNavMode = tab +ViewMoveToBol = ctrl-a; home +ViewMoveToEol = ctrl-e; end +ViewMoveLeft = b; left +ViewMoveRight = f; right +ViewMoveUp = k; y; up +ViewMoveDown = j; delete; down +ViewMovePgDn = pgdn; ctrl-v +ViewMovePgUp = pgup; alt-v +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g + +[main] +CmdHelp = f1 +CmdUserMenu = f2 +CmdView = f3 +CmdViewFile = f13 +CmdEdit = f4 +CmdEditForceInternal = +CmdCopy = f5 +CmdRename = f6 +CmdMkdir = f7 +CmdDelete = f8 +CmdMenu = f9 +CmdQuit = f10 +CmdMenuLastSelected = f19 +CmdQuietQuit = f20 +CmdFind = alt-question +CmdQuickCd = alt-c +CmdQuickChdir = ctrl-backslash +CmdReread = ctrl-r +CmdSingleDirsize = ctrl-space +CmdSuspend = ctrl-z +CmdSwapPanel = ctrl-u +CmdHistory = alt-h +CmdListing = +CmdToggleListing = alt-t +CmdToggleShowHidden = alt-dot +CmdTogglePanelsSplit = alt-comma +ShowCommandLine = ctrl-o +CmdCopyCurrentPathname = alt-a +CmdCopyOtherPathname = alt-shift-a +CmdFilteredView = alt-exclamation +CmdSelect = kpplus +CmdUnselect = kpminus +CmdReverseSelection = kpasterisk +CmdDialogList = alt-prime +ExtMap1 = ctrl-x + +[main:xmap] +CmdChmod = c +CmdChown = o +CmdCompareDirs = d +CmdEditSymlink = ctrl-s +CmdLink = l +CmdSymlink = s +CmdRelativeSymlink = v +CmdInfo = i +CmdQuickView = q +CmdExternalPanelize = exclamation +CmdReselectVfs = a +CmdJobs = j +CmdCopyCurrentPathname = p +CmdCopyOtherPathname = ctrl-p +CmdCopyCurrentTagged = t +CmdCopyOtherTagged = ctrl-t +CmdDiffView = ctrl-d + +[panel] +PanelStartSearch = ctrl-s; alt-s +PanelMarkFile = insert; ctrl-t +PanelMarkFileUp = shift-up +PanelMarkFileDown = shift-down +PanelMoveDown = down; ctrl-n +PanelMoveUp = up; ctrl-p +PanelMoveLeft = left +PanelMoveRight = right +PanelPrevPage = pgup; alt-v +PanelNextPage = pgdn; ctrl-v +PanelDoEnter = enter +PanelChdirOtherPanel = alt-o +PanelChdirToReadlink = alt-l +PanelViewSimple = F13 +PanelEditNew = F14 +PanelCopyLocal = F15 +PanelRenameLocal = F16 +PanelDeleteLocal = F18 +PanelReverseSelection = alt-asterisk +PanelSelect = alt-plus +PanelUnselect = alt-minus +PanelGotoChildDir = ctrl-pgdn +PanelGotoParentDir = ctrl-pgup +PanelDirectoryHistoryList = alt-shift-h +PanelDirectoryHistoryNext = alt-u +PanelDirectoryHistoryPrev = alt-y +PanelGotoBottomFile = alt-j +PanelGotoMiddleFile = alt-r +PanelSyncOtherPanel = alt-i +PanelGotoTopFile = alt-g +PanelSetPanelEncoding = alt-e +PanelMoveHome = alt-lt; home; a1 +PanelMoveEnd = alt-gt; end; c1 +PanelSelectSortOrder= +PanelToggleSortOrderPrev= +PanelToggleSortOrderNext= +PanelReverseSort= +PanelSortOrderByName= +PanelSortOrderByExt= +PanelSortOrderBySize= +PanelSortOrderByMTime= +PanelSmartGotoParentDir= + +[input] +InputBol = ctrl-a; alt-lt; home; a1 +InputEol = ctrl-e; alt-gt; end; c1 +InputMoveLeft = left; alt-left +InputWordLeft = ctrl-left +InputBackwardChar = ctrl-b +InputBackwardWord = alt-b +InputMoveRight = right; alt-right +InputWordRight = ctrl-right +InputForwardChar = ctrl-f +InputForwardWord = alt-f +InputBackwardDelete = backspace; ctrl-h +InputDeleteChar = delete; ctrl-d +InputKillWord = alt-d +InputBackwardKillWord = alt-backspace +InputSetMark = +InputKillRegion = ctrl-w +InputXCut = +InputXStore = alt-w +InputXPaste = +InputYank = ctrl-y +InputKillLine = ctrl-k +InputHistoryPrev = alt-p; ctrl-down +InputHistoryNext = alt-n; ctrl-up +InputHistoryShow = alt-h +InputComplete = alt-tab +InputClearLine = +InputLeftHighlight = shift-left +InputRightHighlight = shift-right +InputWordLeftHighlight = ctrl-shift-left +InputWordRightHighlight = ctrl-shift-right +InputBolHighlight = shift-home +InputEolHighlight = shift-end + +[listbox] +ListboxMoveUp = up; ctrl-p +ListboxMoveDown = down; ctrl-n +ListboxMoveHome = home; alt-lt; a1 +ListboxMoveEnd = end; alt-gt; c1 +ListboxMovePgUp = pgup; alt-v +ListboxMovePgDn = pgdn; ctrl-v +ListboxDeleteItem = delete; d +ListboxDeleteAll = shift-delete; shift-d + +[tree] +TreeHelp = f1 +TreeForget = f3 +TreeToggleNav = f4 +TreeCopy = f5 +TreeMove = f6 +TreeMoveUp = up; ctrl-p +TreeMoveDown = down; ctrl-n +TreeMoveLeft = left +TreeMoveRight = right +TreeMoveHome = home; alt-lt; a1 +TreeMoveEnd = end; alt-gt; c1 +TreeMovePgUp = pgup; alt-v +TreeMovePgDn = pgdn; ctrl-v +TreeOpen = enter +TreeRescan = f2; ctrl-r +TreeStartSearch = ctrl-s; alt-s +TreeRemove = f8; delete + +[help] +HelpHelp = f1 +HelpIndex = f2; c +HelpBack = f3; left; l +HelpQuit = f10; esc +HelpMoveUp = up; ctrl-p +HelpMoveDown = down; ctrl-n +HelpMovePgDn = f; space; pgdn; ctrl-v +HelpMovePgUp = b; pgup; alt-v; backspace +HelpMoveHalfPgDn = d +HelpMoveHalfPgUp = u +HelpMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +HelpMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +HelpSelectLink = right; enter +HelpNextLink = tab +HelpPrevLink = alt-tab +HelpNextNode = n +HelpPrevNode = p + +[dialog] +DialogOK = enter +DialogCancel = f10; esc; ctrl-g +DialogPrevItem = left; up +DialogNextItem = right; down +DialogHelp = f1 +DialogSuspend = ctrl-z +DialogRefresh = ctrl-l +CmdDialogList = alt-prime +CmdDialogNext = alt-rbrace +CmdDialogPrev = alt-lbrace + + +[diffviewer] +DiffDisplaySymbols = alt-s; s +DiffDisplayNumbers = alt-n; l +DiffFull = f +DiffEqual = equal +DiffSplitMore = gt +DiffSplitLess = lt +DiffSetTab2 = 2 +DiffSetTab3 = 3 +DiffSetTab4 = 4 +DiffSetTab8 = 8 +DiffSwapPanel = ctrl-u +DiffRedo = ctrl-r +DiffNextHunk = n; enter; space +DiffPrevHunk = p; backspace +DiffGoto = g; shift-g +DiffSave = f2 +DiffEditCurrent = f4 +DiffEditOther = f14 +DiffMergeCurrentHunk = f5 +DiffSearch = f7 +DiffContinueSearch = f17 +DiffOptions = f9 +DiffBOF = ctrl-home +DiffEOF = ctrl-end +DiffDown = down +DiffUp = up +DiffQuickLeft = ctrl-left +DiffQuickRight = ctrl-right +DiffLeft = left +DiffRight = right +DiffPageDown = pgdn +DiffPageUp = pgup +DiffHome = home +DiffEnd = end +DiffHelp = f1 +DiffQuit = f10; q; shift-q; esc +ShowCommandLine = ctrl-o +SelectCodepage = alt-e diff --git a/mc/mc.keymap.emacs b/mc/mc.keymap.emacs new file mode 100644 index 0000000..0f38188 --- /dev/null +++ b/mc/mc.keymap.emacs @@ -0,0 +1,455 @@ +[editor] +EditXStore = alt-w +EditXPaste = ctrl-y +EditXCut = ctrl-w + +EditDeleteLine = ctrl-y +EditDeleteToLineEnd = ctrl-k +EditDeleteToLineBegin = + +EditLeft = left; ctrl-b +EditRight = right; ctrl-f +EditUp = up; ctrl-p +EditDown = down; ctrl-n +EditEnter = enter +EditReturn = shift-enter +EditBackSpace = backspace +EditDelete = delete +EditPageUp = pgup; alt-v +EditPageDown = pgdn; ctrl-v +EditWordLeft = ctrl-left; alt-b +EditWordRight = ctrl-right; alt-f +EditHome = home; ctrl-a +EditEnd = end; ctrl-e +EditTab = tab +EditUndo = ctrl-u +EditBeginningOfText = ctrl-home; alt-lt +EditEndOfText = ctrl-end; alt-gt +EditScrollUp = ctrl-up +EditScrollDown = ctrl-down +EditBeginPage = ctrl-pgup +EditEndPage = ctrl-pgdn +EditDeleteWordLeft = alt-backspace +EditDeleteWordRight = alt-d +EditParagraphUp = +EditParagraphDown = +EditSave = f2 +EditLoad = +EditSaveas = f12 +EditMark = f3; ctrl-at +EditCopy = f5 +EditMove = f6 +EditRemove = f8 +EditMarkAll = +EditUnmark = +EditFind = f7; ctrl-s +EditMarkLine = +EditMarkWord = + +EditShiftBlockLeft = +EditShiftBlockRight = + +EditPageUpHighlight = shift-pgup +EditPageDownHighlight = shift-pgdn +EditLeftHighlight = shift-left +EditRightHighlight = shift-right +EditWordLeftHighlight = ctrl-shift-left +EditWordRightHighlight = ctrl-shift-right +EditUpHighlight = shift-up +EditDownHighlight = shift-down +EditHomeHighlight = shift-home +EditEndHighlight = shift-end +EditBeginningOfTextHighlight = ctrl-shift-home +EditEndOfTextHighlight = ctrl-shift-end +EditBeginPageHighlight = ctrl-shift-pgup +EditEndPageHighlight = ctrl-shift-pgdn +EditScrollUpHighlight = ctrl-shift-up +EditScrollDownHighlight = ctrl-shift-down +EditParagraphUpHighlight = +EditParagraphDownHighlight = + +EditPageUpAltHighlight = alt-pgup +EditPageDownAltHighlight = alt-pgdn +EditLeftAltHighlight = alt-left +EditRightAltHighlight = alt-right +EditWordLeftAltHighlight = ctrl-alt-left +EditWordRightAltHighlight = ctrl-alt-right +EditUpAltHighlight = alt-up +EditDownAltHighlight = alt-down +EditHomeAltHighlight = alt-home +EditEndAltHighlight = alt-end +EditBeginningOfTextAltHighlight = ctrl-alt-home +EditEndOfTextHighlight = ctrl-alt-end +EditBeginPageHighlight = ctrl-alt-pgup +EditEndPageAltHighlight = ctrl-alt-pgdn +EditScrollUpAltHighlight = +EditScrollDownAltHighlight = +EditParagraphUpAltHighlight = +EditParagraphDownAltHighlight = + +EditSaveBlock = +EditColumnMark = f13 +EditFindAgain = f17 +EditReplace = f4 +EditReplaceAgain = f14 +EditCompleteWord = alt-tab +EditDebugStart = +EditDebugStop = +EditDebugToggleBreak = +EditDebugClear = +EditDebugNext = +EditDebugStep = +EditDebugBackTrace = +EditDebugContinue = +EditDebugEnterCommand = +EditDebugUntilCurser = +EditInsertFile = f15 +EditQuit = f10 +EditToggleInsert = insert +EditHelp = f1 +EditDate = +EditRefresh = ctrl-l +EditGoto = alt-l +EditManPage = +EditSort = alt-t +EditMail = +EditCancel = +EditComplete = + +EditParagraphFormat = alt-p +EditUtil = +EditTypeLoadPython = +EditFindFile = +EditCtags = +EditMatchBracket = +EditTerminal = +EditTerminalApp = +EditExtCmd = alt-u +EditUserMenu = f11 +EditSaveDesktop = +EditNewWindow = +EditCycle = +EditMenu = f9 +EditSaveAndQuit = +EditRunAnother = +EditCheckSaveAndQuit = +EditMaximize = +EditToggleBookmark = +EditFlushBookmarks = +EditNextBookmark = +EditPrevBookmark = + +EditSelectionHistory = +EditShell = ctrl-o +EditInsertLiteral = ctrl-q + +EditBeginRecordMacro = +EditEndRecordMacro = +EditBeginOrEndMacro = ctrl-r +EditDeleteMacro = + +EditToggleLineState = alt-n +EditToggleTabTWS = alt-underline +EditToggleSyntax = ctrl-s +EditToggleShowMargin = + +EditFindDefinition = alt-enter +EditLoadPrevFile = alt-minus +EditLoadNextFile = alt-plus + +SelectCodepage = alt-e + +EditExtMode = ctrl-x + +[edit:xmap] +EditNew = k +EditExecuteMacro = e + +[viewer] +ViewHelp = f1 +ViewToggleWrapMode = f2 +ViewQuit = f3; f10; q; esc +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewContinueSearch = ctrl-r; ctrl-s; f17; n +ViewMoveToBol = ctrl-a +ViewMoveToEol = ctrl-e +ViewMoveLeft = h; left +ViewMoveRight = l; right +ViewMoveLeft10 = ctrl-left +ViewMoveRight10 = ctrl-right +ViewMoveUp = k; y; insert; up; ctrl-p +ViewMoveDown = j; e; delete; down; enter; ctrl-n +ViewMovePgDn = f; space; pgdn; ctrl-v +ViewMovePgUp = b; pgup; alt-v; backspace +ViewMoveHalfPgDn = d +ViewMoveHalfPgUp = u +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +ViewGotoBookmark = m +ViewNewBookmark = r +ViewNextFile = ctrl-f +ViewPrevFile = ctrl-b +SelectCodepage = alt-e +ShowCommandLine = ctrl-o +ViewToggleRuler = alt-r + +[viewer:hex] +ViewHelp = f1 +ViewToggleHexEditMode = f2 +ViewQuit = f3; f10; q; esc +ViewToggleHexMode = f4 +ViewGoto = f5 +ViewHexEditSave = f6 +ViewSearch = f7; question; slash +ViewToggleMagicMode = f8 +ViewToggleNroffMode = f9 +ViewToggleHexNavMode = tab +ViewMoveToBol = ctrl-a; home +ViewMoveToEol = ctrl-e; end +ViewMoveLeft = b; left +ViewMoveRight = f; right +ViewMoveUp = k; y; up +ViewMoveDown = j; delete; down +ViewMovePgDn = pgdn; ctrl-v +ViewMovePgUp = pgup; alt-v +ViewMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +ViewMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g + +[main] +CmdHelp = f1 +CmdUserMenu = f2 +CmdView = f3 +CmdViewFile = f13 +CmdEdit = f4 +CmdEditForceInternal = +CmdCopy = f5 +CmdRename = f6 +CmdMkdir = f7 +CmdDelete = f8 +CmdMenu = f9 +CmdQuit = f10 +CmdMenuLastSelected = f19 +CmdQuietQuit = f20 +CmdFind = alt-question +CmdQuickCd = alt-c +CmdQuickChdir = ctrl-backslash +CmdReread = ctrl-r +CmdSingleDirsize = ctrl-space +CmdSuspend = ctrl-z +CmdSwapPanel = ctrl-u +CmdHistory = alt-h +CmdListing = +CmdToggleListing = alt-t +CmdToggleShowHidden = alt-dot +CmdTogglePanelsSplit = alt-comma +ShowCommandLine = ctrl-o +CmdCopyCurrentPathname = alt-a +CmdCopyOtherPathname = alt-shift-a +CmdFilteredView = alt-exclamation +CmdSelect = kpplus +CmdUnselect = kpminus +CmdReverseSelection = kpasterisk +CmdDialogList = alt-prime +ExtMap1 = ctrl-x + +[main:xmap] +CmdChmod = c +CmdChown = o +CmdCompareDirs = d +CmdEditSymlink = ctrl-s +CmdLink = l +CmdSymlink = s +CmdRelativeSymlink = v +CmdInfo = i +CmdQuickView = q +CmdExternalPanelize = exclamation +CmdReselectVfs = a +CmdJobs = j +CmdCopyCurrentPathname = p +CmdCopyOtherPathname = ctrl-p +CmdCopyCurrentTagged = t +CmdCopyOtherTagged = ctrl-t +CmdDiffView = ctrl-d + +[panel] +PanelStartSearch = ctrl-s; alt-s +PanelMarkFile = insert; ctrl-t +PanelMarkFileUp = shift-up +PanelMarkFileDown = shift-down +PanelMoveDown = down; ctrl-n +PanelMoveUp = up; ctrl-p +PanelMoveLeft = left +PanelMoveRight = right +PanelPrevPage = pgup; alt-v +PanelNextPage = pgdn; ctrl-v +PanelDoEnter = enter +PanelChdirOtherPanel = alt-o +PanelChdirToReadlink = alt-l +PanelViewSimple = F13 +PanelEditNew = F14 +PanelCopyLocal = F15 +PanelRenameLocal = F16 +PanelDeleteLocal = F18 +PanelReverseSelection = alt-asterisk +PanelSelect = alt-plus +PanelUnselect = alt-minus +PanelGotoChildDir = ctrl-pgdn +PanelGotoParentDir = ctrl-pgup +PanelDirectoryHistoryList = alt-shift-h +PanelDirectoryHistoryNext = alt-u +PanelDirectoryHistoryPrev = alt-y +PanelGotoBottomFile = alt-j +PanelGotoMiddleFile = alt-r +PanelSyncOtherPanel = alt-i +PanelGotoTopFile = alt-g +PanelSetPanelEncoding = alt-e +PanelMoveHome = alt-lt; home; a1 +PanelMoveEnd = alt-gt; end; c1 +PanelSelectSortOrder= +PanelToggleSortOrderPrev= +PanelToggleSortOrderNext= +PanelReverseSort= +PanelSortOrderByName= +PanelSortOrderByExt= +PanelSortOrderBySize= +PanelSortOrderByMTime= +PanelSmartGotoParentDir= + +[input] +InputBol = ctrl-a; alt-lt; home; a1 +InputEol = ctrl-e; alt-gt; end; c1 +InputMoveLeft = left; alt-left +InputWordLeft = ctrl-left +InputBackwardChar = ctrl-b +InputBackwardWord = alt-b +InputMoveRight = right; alt-right +InputWordRight = ctrl-right +InputForwardChar = ctrl-f +InputForwardWord = alt-f +InputBackwardDelete = backspace +InputDeleteChar = delete +InputKillWord = alt-d +InputBackwardKillWord = alt-backspace +InputSetMark = +InputKillRegion = ctrl-w +InputXCut = +InputXStore = alt-w +InputXPaste = +InputYank = ctrl-y +InputKillLine = ctrl-k +InputHistoryPrev = alt-p; ctrl-down +InputHistoryNext = alt-n; ctrl-up +InputHistoryShow = alt-h +InputComplete = alt-tab +InputClearLine = +InputLeftHighlight = +InputRightHighlight = +InputWordLeftHighlight = +InputWordRightHighlight = +InputBolHighlight = +InputEolHighlight = + +[listbox] +ListboxMoveUp = up; ctrl-p +ListboxMoveDown = down; ctrl-n +ListboxMoveHome = home; alt-lt; a1 +ListboxMoveEnd = end; alt-gt; c1 +ListboxMovePgUp = pgup; alt-v +ListboxMovePgDn = pgdn; ctrl-v +ListboxDeleteItem = delete; d +ListboxDeleteAll = shift-delete; shift-d + +[tree] +TreeHelp = f1 +TreeForget = f3 +TreeToggleNav = f4 +TreeCopy = f5 +TreeMove = f6 +TreeMoveUp = up; ctrl-p +TreeMoveDown = down; ctrl-n +TreeMoveLeft = left +TreeMoveRight = right +TreeMoveHome = home; alt-lt; a1 +TreeMoveEnd = end; alt-gt; c1 +TreeMovePgUp = pgup; alt-v +TreeMovePgDn = pgdn; ctrl-v +TreeOpen = enter +TreeRescan = f2; ctrl-r +TreeStartSearch = ctrl-s; alt-s +TreeRemove = f8; delete + +[help] +HelpHelp = f1 +HelpIndex = f2; c +HelpBack = f3; left; l +HelpQuit = f10; esc +HelpMoveUp = up; ctrl-p +HelpMoveDown = down; ctrl-n +HelpMovePgDn = f; space; pgdn; ctrl-v +HelpMovePgUp = b; pgup; alt-v; backspace +HelpMoveHalfPgDn = d +HelpMoveHalfPgUp = u +HelpMoveTop = home; ctrl-home; ctrl-pgup; a1; alt-lt; g +HelpMoveBottom = end; ctrl-end; ctrl-pgdn; c1; alt-gt; shift-g +HelpSelectLink = right; enter +HelpNextLink = tab +HelpPrevLink = alt-tab +HelpNextNode = n +HelpPrevNode = p + +[dialog] +DialogOK = enter +DialogCancel = f10; esc; ctrl-g +DialogPrevItem = left; up +DialogNextItem = right; down +DialogHelp = f1 +DialogSuspend = ctrl-z +DialogRefresh = ctrl-l +CmdDialogList = alt-prime +CmdDialogNext = alt-rbrace +CmdDialogPrev = alt-lbrace + + +[diffviewer] +DiffDisplaySymbols = alt-s; s +DiffDisplayNumbers = alt-n; l +DiffFull = f +DiffEqual = equal +DiffSplitMore = gt +DiffSplitLess = lt +DiffSetTab2 = 2 +DiffSetTab3 = 3 +DiffSetTab4 = 4 +DiffSetTab8 = 8 +DiffSwapPanel = ctrl-u +DiffRedo = ctrl-r +DiffNextHunk = n; enter; space +DiffPrevHunk = p; backspace +DiffGoto = g; shift-g +DiffSave = f2 +DiffEditCurrent = f4 +DiffEditOther = f14 +DiffMergeCurrentHunk = f5 +DiffSearch = f7 +DiffContinueSearch = f17 +DiffOptions = f9 +DiffBOF = ctrl-home +DiffEOF = ctrl-end +DiffDown = down +DiffUp = up +DiffQuickLeft = ctrl-left +DiffQuickRight = ctrl-right +DiffLeft = left +DiffRight = right +DiffPageDown = pgdn +DiffPageUp = pgup +DiffHome = home +DiffEnd = end +DiffHelp = f1 +DiffQuit = f10; q; shift-q; esc +ShowCommandLine = ctrl-o +SelectCodepage = alt-e diff --git a/mc/mc.menu b/mc/mc.menu new file mode 100644 index 0000000..929776f --- /dev/null +++ b/mc/mc.menu @@ -0,0 +1,383 @@ +shell_patterns=0 ++ ! t t +@ Do something on the current file + CMD=%{Enter command} + $CMD %f + ++ t t +@ Do something on the tagged files + set %t; CMD=%{Enter command} + while [ -n "$1" ]; do + $CMD "$1" + shift + done + + +0 Edit a bug report and send it to root + I=`mktemp "${MC_TMPDIR:-/tmp}/mail.XXXXXX"` || exit 1 + ${EDITOR-vi} "$I" + test -r $I && mail root < $I + rm -f "$I" + +=+ f \.1$ | f \.3$ | f \.4$ | f \.5$ | f \.6$ | f \.7$ | f \.8$ | f \.man$ & t r +1 Display the file with roff -man + nroff -man %f | less + +2 Call the info hypertext browser + info + += t d +3 Compress the current subdirectory (tar.gz) + Pwd=`basename %d /` + echo -n "Name of the compressed file (without extension) [$Pwd]: " + read tar + if [ "$tar"x = x ]; then tar="$Pwd"; fi + cd .. && \ + tar cf - "$Pwd" | gzip -f9 > "$tar.tar.gz" && \ + echo "../$tar.tar.gz created." + +4 Compress the current subdirectory (tar.bz2) + Pwd=`basename %d /` + echo -n "Name of the compressed file (without extension) [$Pwd]: " + read tar + if [ "$tar"x = x ]; then tar="$Pwd"; fi + cd .. && \ + tar cf - "$Pwd" | bzip2 -f > "$tar.tar.bz2" && \ + echo "../$tar.tar.bz2 created." + +5 Compress the current subdirectory (tar.p7) + Pwd=`basename %d /` + echo -n "Name of the compressed file (without extension) [$Pwd]: " + read tar + if [ "$tar"x = x ]; then tar="$Pwd"; fi + cd .. && \ + tar cf - "$Pwd" | 7za a -si "$tar.tar.7z" && \ + echo "../$tar.tar.7z created." + +6 Compress the current subdirectory (tar.lzma) + Pwd=`basename %d /` + echo -n "Name of the compressed file (without extension) [$Pwd]: " + read tar + if [ "$tar"x = x ]; then tar="$Pwd"; fi + cd .. && \ + tar cf - "$Pwd" | lzma -f > "$tar.tar.lzma" && \ + echo "../$tar.tar.lzma created." + +7 Compress the current subdirectory (tar.lz) + Pwd=`basename %d /` + echo -n "Name of the compressed file (without extension) [$Pwd]: " + read tar + if [ "$tar"x = x ]; then tar="$Pwd"; fi + cd .. && \ + tar cf - "$Pwd" | lzip -f > "$tar.tar.lz" && \ + echo "../$tar.tar.lz created." + +8 Compress the current subdirectory (tar.xz) + Pwd=`basename %d /` + echo -n "Name of the compressed file (without extension) [$Pwd]: " + read tar + if [ "$tar"x = x ]; then tar="$Pwd"; fi + cd .. && \ + tar cf - "$Pwd" | xz -f > "$tar.tar.xz" && \ + echo "../$tar.tar.xz created." + += f \.c$ & t r ++ f \.c$ & t r & ! t t + Compile and link current .c file + make `basename %f .c` 2>/dev/null || cc -O -o `basename %f .c` %f + ++ t r & ! t t +a Append file to opposite + cat %f >> %D/%f + ++ t t +A Append files to opposite files + set %t + while [ -n "$1" ]; do + cat "$1" >> "%D/$1" + shift + done + ++ t r & ! t t +d Delete file if a copy exists in the other directory. + if [ "%d" = "%D" ]; then + echo "The two directories must be different." + exit 1 + fi + if [ -f %D/%f ]; then # if two of them, then + if cmp -s %D/%f %f; then + rm %f && echo "%f: DELETED." + else + echo "%f and %D/%f differ: NOT deleted." + echo -n "Press RETURN " + read key + fi + else + echo "%f: No copy in %D/%f: NOT deleted." + fi + ++ t t +D Delete tagged files if a copy exists in the other directory. + if [ "%d" = "%D" ]; then + echo "The two directores must be different." + exit 1 + fi + for i in %t + do + if [ -f "%D/$i" ]; then + SUM1="`sum $i`" + SUM2="`sum %D/$i`" + if [ "$SUM1" = "$SUM2" ]; then + rm "$i" && echo "${i}: DELETED." + else + echo "$i and %D/$i differ: NOT deleted." + fi + else + echo "%f has no copy in %D/%f: NOT deleted." + fi + done + +m View manual page + MAN=%{Enter manual name} + %view man -P cat $MAN + += f \.gz$ & t r ++ ! t t +n Inspect gzip'ed newsbatch file + dd if=%f bs=1 skip=12|zcat|${PAGER-more} + # assuming the cunbatch header is 12 bytes long. + += t r & ++ ! t t +h Strip headers from current newsarticle + CHECK=`awk '{print $1 ; exit}' %f` 2>/dev/null + case "$CHECK" in + Newsgroups:|Path:) + I=`mktemp "${MC_TMPDIR:-/tmp}/news.XXXXXX"` || exit 1 + cp %f "$I" && sed '/^'"$CHECK"' /,/^$/d' "$I" > %f + [ "$?" = "0" ] && rm "$I" + echo "%f: header removed." + ;; + *) + echo "%f is not a news article." + ;; + esac + ++ t t +H Strip headers from the marked newsarticles + set %t + while [ -n "$1" ]; do + CHECK=`awk '{print $1 ; exit}' $1` 2>/dev/null + WFILE=`mktemp "${MC_TMPDIR:-/tmp}/news.XXXXXX"` || exit 1 + case "$CHECK" in + Newsgroups:|Path:) + cp "$1" "$WFILE" && sed '/^'"$CHECK"' /,/^$/d' "$WFILE" > "$1" + if [ "$?" = "0" ]; then + rm "$WFILE"; echo "$1 header removed. OK." + else + echo "Oops! Please check $1 against $WFILE." + fi + ;; + *) + echo "$1 skipped: Not a news article." + ;; + esac + shift + done + += t r ++ ! t t +r Copy file to remote host + echo -n "To which host?: " + read Host + echo -n "To which directory on $Host?: " + read Dir + rcp -p %f "${Host}:$Dir" + ++ t t +R Copy files to remote host (no error checking) + echo -n "Copy files to which host?: " + read Host + echo -n "To which directory on $Host? :" + read Dir + rcp -pr %u "${Host}:$Dir" + += f \.tex$ & t r ++ f \.tex$ & t r & ! t t +t Run latex on file and show it with xdvi + latex %f && xdvi `basename %f .tex`.dvi + +=+ f ^part | f ^Part | f uue & t r ++ t t +U Uudecode marked news articles (needs work) + set %t + ( + while [ -n "$1" ]; do # strip headers + FIRST=`awk '{print $1 ; exit}' "$1"` + cat "$1" | sed '/^'"$FIRST"' /,/^$/d'; shift + done + ) |sed '/^$/d' |sed -n '/^begin 6/,/^end$/p' | uudecode + if [ "$?" != "0" ]; then + echo "Cannot decode %t." + fi + echo "Please test the output file before deleting anything." + +=+ f \.tar\.gz$ | f \.tar\.z$ | f \.tgz$ | f \.tpz$ | f \.tar\.lz$ | f \.tar\.lzma$ | f \.tar\.7z$ | f \.tar\.xz$ | f \.tar\.Z$ | f \.tar\.bz2$ & t r +x Extract the contents of a compressed tar file + unset PRG + case %f in + *.tar.bz2) + PRG="bunzip2 -c" + ;; + *.tar.gz|*.tar.z|*.tgz|*.tpz|*.tar.Z) + PRG="gzip -dc" + ;; + *.tar.lzma) + PRG="lzma -dc" + ;; + *.tar.lz) + PRG="lzip -dc" + ;; + *.tar.xz) + PRG="xz -dc" + ;; + *.tar.7z) + PRG="7za e -so" + ;; + *) + exit 1 + ;; + esac + $PRG %f | tar xvf - + += t r ++ ! t t +y Gzip or gunzip current file + unset DECOMP + case %f in + *.gz) DECOMP=-d;; + *.[zZ]) DECOMP=-d;; + esac + gzip $DECOMP -v %f + ++ t t +Y Gzip or gunzip tagged files + for i in %t + do + unset DECOMP + case "$i" in + *.gz) DECOMP=-d;; + *.[zZ]) DECOMP=-d;; + esac + gzip $DECOMP -v "$i" + done + ++ ! t t +b Bzip2 or bunzip2 current file + unset DECOMP + case %f in + *.bz2) DECOMP=-d;; + esac + bzip2 $DECOMP -v %f + ++ t t +B Bzip2 or bunzip2 tagged files + for i in %t + do + unset DECOMP + case "$i" in + *.bz2) DECOMP=-d;; + esac + bzip2 $DECOMP -v "$i" + done + ++ f \.tar.gz$ | f \.tgz$ | f \.tpz$ | f \.tar.Z$ | f \.tar.z$ | f \.tar.bz2$ | f \.tar.F$ & t r & ! t t +z Extract compressed tar file to subdirectory + unset D + set gzip -cd + case %f in + *.tar.gz) D="`basename %f .tar.gz`";; + *.tgz) D="`basename %f .tgz`";; + *.tpz) D="`basename %f .tpz`";; + *.tar.Z) D="`basename %f .tar.Z`";; + *.tar.z) D="`basename %f .tar.z`";; + *.tar.bz2) D="`basename %f .tar.bz2`"; set bunzip2 -c ;; + *.tar.F) D="`basename %f .tar.F`"; set freeze -dc; + esac + mkdir "$D"; cd "$D" && ("$1" "$2" ../%f | tar xvf -) + ++ t t +Z Extract compressed tar files to subdirectories + for i in %t + do + set gzip -dc + unset D + case "$i" in + *.tar.gz) D="`basename $i .tar.gz`";; + *.tgz) D="`basename $i .tgz`";; + *.tpz) D="`basename $i .tpz`";; + *.tar.Z) D="`basename $i .tar.Z`";; + *.tar.z) D="`basename $i .tar.z`";; + *.tar.F) D="`basename $i .tar.F`"; set freeze -dc;; + *.tar.bz2) D="`basename $i .tar.bz2`"; set bunzip2 -c;; + esac + mkdir "$D"; (cd "$D" && "$1" "$2" "../$i" | tar xvf -) + done + ++ f \.gz$ | f \.tgz$ | f \.tpz$ | f \.Z$ | f \.z$ | f \.bz2$ & t r & ! t t +c Convert gz<->bz2, tar.gz<->tar.bz2 & tgz->tar.bz2 + unset D + unset EXT + case %f in + *.tgz) EXT=tgz;; + *.tpz) EXT=tpz;; + *.Z) EXT=Z;; + *.z) EXT=z;; + *.gz) EXT=gz;; + *.bz2) EXT=bz2;; + esac + case $EXT in + tgz|tpz) D="`basename %f .$EXT`.tar";; + gz|Z|z) D="`basename %f .$EXT`";; + bz2) D="`basename %f .bz2`";; + esac + if [ "$EXT" = "bz2" ]; then + bunzip2 -v %f ; gzip -f9 -v "$D" + else + gunzip -v %f ; bzip2 -v "$D" + fi + ++ t t +C Convert gz<->bz2, tar.gz<->tar.bz2 & tgz->tar.bz2 + set %t + while [ -n "$1" ] + do + unset D + unset EXT + case "$1" in + *.tgz) EXT=tgz;; + *.tpz) EXT=tpz;; + *.Z) EXT=Z;; + *.z) EXT=z;; + *.gz) EXT=gz;; + *.bz2) EXT=bz2;; + esac + case $EXT in + tgz) D="`basename $1 .tgz`.tar";; + tpz) D="`basename $1 .tpz`.tar";; + gz|Z|z) D="`basename $1 .$EXT`";; + bz2) D="`basename $1 .bz2`";; + esac + if [ "$EXT" = "bz2" ]; then + bunzip2 -v "$1" + gzip -f9 -v "$D" + else + gunzip -v "$1" + bzip2 -v "$D" + fi + shift + done + ++ x /usr/bin/open | x /usr/local/bin/open & x /bin/sh +o Open next a free console + open -s -- sh diff --git a/mc/mc.menu.sr b/mc/mc.menu.sr new file mode 100644 index 0000000..e57a628 --- /dev/null +++ b/mc/mc.menu.sr @@ -0,0 +1,344 @@ +shell_patterns=0 ++ ! t t +@ Ради нешто над текућом датотеком + CMD=%{Унесите наредбу} + $CMD %f + ++ t t +@ Ради нешто над означеним датотекама + set %t; CMD=%{Унесите наредбу} + while [ -n "$1" ]; do + $CMD "$1" + shift + done + + +0 Уреди пријаву грешке и пошаљи је администратору + ${EDITOR-vi} /tmp/mail.$$ + test -r /tmp/mail.$$ && mail root < /tmp/mail.$$ + rm -f /tmp/mail.$$ + +=+ f \.1$ | f \.3$ | f \.4$ | f \.5$ | f \.6$ | f \.7$ | f \.8$ | f \.man$ & t r +1 Прикажи датотеку уз помоћ roff -man + nroff -man %f | less + +2 Позови читач хипертекста info + info + += t d +3 Компримуј текући поддиректоријум (tar.gz) + Pwd=`basename "%d" /` + echo -n "Назив компримоване датотеке (без врсте) [$Pwd]: " + read tar + if [ "$tar"x = x ]; then tar="$Pwd"; fi + cd .. && \ + tar cf - "$Pwd" | gzip -f9 > "$tar.tar.gz" && \ + echo "Датотека ../$tar.tar.gz је створена." + +4 Компримуј текући поддиректоријум (tar.bz2) + Pwd=`basename %d /` + echo -n "Назив компримоване датотеке (без врсте) [$Pwd]: " + read tar + if [ "$tar"x = x ]; then tar="$Pwd"; fi + cd .. && \ + tar cf - "$Pwd" | bzip2 -f > "$tar.tar.bz2" && \ + echo "Датотека ../$tar.tar.bz2 је створена." + += f \.c$ & t r ++ f \.c$ & t r & ! t t +5 Преведи и повежи текућу датотеку врсте `.c' + make `basename %f .c` 2>/dev/null || cc -O -o `basename %f .c` %f + ++ t r & ! t t +a Надовежи датотеку на ону из другог окна + cat %f >>%D/%f + ++ t t +A Надовежи датотеке на оне из другог окна + set %t + while [ -n "$1" ]; do + cat "$1" >> "%D/$1" + shift + done + ++ t r & ! t t +d Обриши датотеку ако њена копија постоји у другом окну. + if [ "%d" = "%D" ]; then + echo "Два директоријума морају да буду различити." + exit 1 + fi + if [ -f %D/%f ]; then # if two of them, then + if cmp -s %D/%f %f; then + rm %f && echo "%f: ОБРИСАНА." + else + echo "%f и %D/%f се разликују: НИЈЕ обрисана." + echo -n "Притисните `RETURN' " + read тастер + fi + else + echo "%f: Нема копије у %D/%f: НИЈЕ обрисана." + fi + ++ t t +D Обриши означене датотеке ако постоји копија у другом окну. + if [ "%d" = "%D" ]; then + echo "Два директоријума морају да буду различити." + exit 1 + fi + for i in %t + do + if [ -f "%D/$i" ]; then + SUM1="`sum $i`" + SUM2="`sum %D/$i`" + if [ "$SUM1" = "$SUM2" ]; then + rm "$i" && echo "${i}: ОБРИСАНА." + else + echo "$i и %D/$i се разликују: НИЈЕ обрисана." + fi + else + echo "%f нема копију у %D/%f: НИЈЕ обрисана." + fi + done + +m Погледај страницу упутства + MAN=%{Унесите назив упутства} + %view man -P cat $MAN + += f \.gz$ & t r ++ ! t t +n Прегледај датотеку вести компримовану програмом gzip + dd if=%f bs=1 skip=12|zcat|${PAGER-more} + # assuming the cunbatch header is 12 bytes long. + += t r & ++ ! t t +h Скини заглавља из текућег чланка вести + CHECK=`awk '{print $1 ; exit}' %f` 2>/dev/null + case "$CHECK" in + Newsgroups:|Path:) + cp %f /tmp/%f.$$ && sed '/^'"$CHECK"' /,/^$/d' /tmp/%f.$$ > %f + [ "$?" = "0" ] && rm "/tmp/%f.$$" + echo "%f: уклоњено заглавље." + ;; + *) + echo "%f није чланак вести." + ;; + esac + ++ t t +H Скини заглавља из означених чланака вести + set %t + while [ -n "$1" ]; do + CHECK=`awk '{print $1 ; exit}' "$1"` 2>/dev/null + WFILE=/tmp/${1}.$$ + case "$CHECK" in + Newsgroups:|Path:) + cp "$1" "$WFILE" && sed '/^'"$CHECK"' /,/^$/d' "$WFILE" > "$1" + if [ "$?" = "0" ]; then + rm "$WFILE"; echo "$1 заглавље уклоњено. У реду." + else + echo "Уупс! Молим да проверите $1 са $WFILE." + fi + ;; + *) + echo "$1 прескочена: Није чланак вести." + ;; + esac + shift + done + += t r ++ ! t t +r Копирај датотеку на удаљеног домаћина + echo -n "На ког домаћина?: " + read Домаћин + echo -n "У који директоријум на $Домаћин?: " + read Дир + rcp -p %f "${Домаћин}:$Дир" + ++ t t +R Копирај датотеке на удаљеног домаћина (без провере грешака) + echo -n "На ког домаћина да копирам датотеке?: " + read Домаћин + echo -n "У који директоријум на $Домаћин? :" + read Дир + rcp -pr %u "${Домаћин}:$Дир" + += f \.tex$ & t r ++ f \.tex$ & t r & ! t t +t Покрени ЛаТеХ над датотеком и прикажи је преко програма `xdvi' + latex %f && xdvi `basename %f .tex`.dvi + +=+ f ^part | f ^Part | f uue & t r ++ t t +U Уудекодирај означени чланак вести (требало би разрадити) + set %t + ( + while [ -n "$1" ]; do # strip headers + FIRST=`awk '{print $1 ; exit}' "$1"` + cat "$1" | sed '/^'"$FIRST"' /,/^$/d'; shift + done + ) |sed '/^$/d' |sed -n '/^begin 6/,/^end$/p' | uudecode + if [ "$?" != "0" ]; then + echo "Не могу да декодирам %t." + fi + echo "Молим да проверите излазну датотеку пре било каквог брисања." + +=+ f \.tar\.gz$ | f \.tar\.z$ | f \.tgz$ | f \.tpz$ | f \.tar\.lz$ | f \.tar\.lzma$ | f \.tar\.7z$ | f \.tar\.xz$ | f \.tar\.Z$ | f \.tar\.bz2$ & t r +x Издвој садржај компримоване датотеке врсте `tar' + unset PRG + case %f in + *.tar.bz2) + PRG="bunzip2 -c" + ;; + *.tar.gz|*.tar.z|*.tgz|*.tpz|*.tar.Z) + PRG="gzip -dc" + ;; + *.tar.lzma) + PRG="lzma -dc" + ;; + *.tar.lz) + PRG="lzip -dc" + ;; + *.tar.xz) + PRG="xz -dc" + ;; + *.tar.7z) + PRG="7za e -so" + ;; + *) + exit 1 + ;; + esac + $PRG %f | tar xvf - + += t r ++ ! t t +y Пакуј или расп. тек. дат. програмима `gzip' или `gunzip' + unset DECOMP + case %f in + *.gz) DECOMP=-d;; + *.[zZ]) DECOMP=-d;; + esac + gzip $DECOMP -v %f + ++ t t +Y Пакуј или расп. означ. дат. програмима `gzip' или `gunzip' + for i in %t + do + unset DECOMP + case "$i" in + *.gz) DECOMP=-d;; + *.[zZ]) DECOMP=-d;; + esac + gzip $DECOMP -v "$i" + done + ++ ! t t +b Пакуј или расп. тек. дат. програмима `bzip2' или `bunzip2' + unset DECOMP + case %f in + *.bz2) DECOMP=-d;; + esac + bzip2 $DECOMP -v %f + ++ t t +B Пакуј или расп. означ. дат. програмима `bzip2' или `bunzip2' + for i in %t + do + unset DECOMP + case "$i" in + *.bz2) DECOMP=-d;; + esac + bzip2 $DECOMP -v "$i" + done + ++ f \.tar.gz$ | f \.tgz$ | f \.tpz$ | f \.tar.Z$ | f \.tar.z$ | f \.tar.bz2$ | f \.tar.F$ & t r & ! t t +z Издвој компримовану датотеку врсте `tar' у поддиректоријум + unset D + set gzip -cd + case %f in + *.tar.gz) D="`basename %f .tar.gz`";; + *.tgz) D="`basename %f .tgz`";; + *.tpz) D="`basename %f .tpz`";; + *.tar.Z) D="`basename %f .tar.Z`";; + *.tar.z) D="`basename %f .tar.z`";; + *.tar.bz2) D="`basename %f .tar.bz2`"; set bunzip2 -c ;; + *.tar.F) D="`basename %f .tar.F`"; set freeze -dc; + esac + mkdir "$D"; cd "$D" && ("$1" "$2" ../%f | tar xvf -) + ++ t t +Z Издвој компримовану датотеке врсте `tar' у поддиректоријуме + for i in %t + do + set gzip -dc + unset D + case "$i" in + *.tar.gz) D="`basename $i .tar.gz`";; + *.tgz) D="`basename $i .tgz`";; + *.tpz) D="`basename $i .tpz`";; + *.tar.Z) D="`basename $i .tar.Z`";; + *.tar.z) D="`basename $i .tar.z`";; + *.tar.F) D="`basename $i .tar.F`"; set freeze -dc;; + *.tar.bz2) D="`basename $i .tar.bz2`"; set bunzip2 -c;; + esac + mkdir "$D"; (cd "$D" && "$1" "$2" "../$i" | tar xvf -) + done + ++ f \.gz$ | f \.tgz$ | f \.tpz$ | f \.Z$ | f \.z$ | f \.bz2$ & t r & ! t t +c Пребаци gz<->bz2, tar.gz<->tar.bz2 и tgz->tar.bz2 + unset D + case "%f" in + *.tgz) EXT=tgz;; + *.tpz) EXT=tpz;; + *.Z) EXT=Z;; + *.z) EXT=z;; + *.gz) EXT=gz;; + *.bz2) EXT=bz2;; + esac + case $EXT in + tgz|tpz) D="`basename %f .$EXT`.tar";; + gz|Z|z) D="`basename %f .$EXT`";; + bz2) D="`basename %f .bz2`";; + esac + if [ "$EXT" = "bz2" ]; then + bunzip2 -v "%f" ; gzip -f9 -v "$D" + else + gunzip -v "%f" ; bzip2 -v "$D" + fi + ++ t t +C Пребаци gz<->bz2, tar.gz<->tar.bz2 и tgz->tar.bz2 + set %t + while [ -n "$1" ] + do + unset D + case "$1" in + *.tgz) EXT=tgz;; + *.tpz) EXT=tpz;; + *.Z) EXT=Z;; + *.z) EXT=z;; + *.gz) EXT=gz;; + *.bz2) EXT=bz2;; + esac + case $EXT in + tgz) D="`basename $1 .tgz`.tar";; + tpz) D="`basename $1 .tpz`.tar";; + gz|Z|z) D="`basename $1 .$EXT`";; + bz2) D="`basename $1 .bz2`";; + esac + if [ "$EXT" = "bz2" ]; then + bunzip2 -v "$1" + gzip -f9 -v "$D" + else + gunzip -v "$1" + bzip2 -v "$D" + fi + shift + done + ++ x /usr/bin/open | x /usr/local/bin/open & x /bin/sh +o Отвори следећу слободну конзолу + open -s -- sh + diff --git a/mc/sfs.ini b/mc/sfs.ini new file mode 100644 index 0000000..522cca1 --- /dev/null +++ b/mc/sfs.ini @@ -0,0 +1,28 @@ +# +# This is config for Single File fileSystem +# +# Notice that output files (%3) are pre-created atomically in /tmp +# with 0600 rights, so it is safe to > %3 +# +gz/1 gzip < %1 > %3 +ugz/1 gzip -cdf < %1 > %3 +bz/1 bzip < %1 > %3 +ubz/1 bzip -d < %1 > %3 +bz2/1 bzip2 < %1 > %3 +ubz2/1 bzip2 -d < %1 > %3 +lzma/1 lzma < %1 > %3 +ulzma/1 lzma -d < %1 > %3 +xz/1 xz < %1 > %3 +uxz/1 xz -d < %1 > %3 +tar/1 tar cf %3 %1 +tgz/1 tar czf %3 %1 +uhtml/1 lynx -force_html -dump %1 > %3 +uman/1 groff -Tascii -man %1 > %3 +uue/1 uuenpipe < %1 > %3 +uude/1 uudepipe < %1 > %3 +crlf/1 todos < %1 > %3 +cr/1 fromdos < %1 > %3 +# Fixme: we need it to fail whenever it should +url:2 lynx -source `echo "%2" | sed 's-|-/-g'` > %3 +nop/1 cat %1 > %3 +strings/1 strings %1 > %3 diff --git a/mdadm.conf b/mdadm.conf new file mode 100644 index 0000000..7bdff67 --- /dev/null +++ b/mdadm.conf @@ -0,0 +1,65 @@ +# mdadm configuration file +# +# mdadm will function properly without the use of a configuration file, +# but this file is useful for keeping track of arrays and member disks. +# In general, a mdadm.conf file is created, and updated, after arrays +# are created. This is the opposite behavior of /etc/raidtab which is +# created prior to array construction. +# +# +# the config file takes two types of lines: +# +# DEVICE lines specify a list of devices of where to look for +# potential member disks +# +# ARRAY lines specify information about how to identify arrays so +# so that they can be activated +# +# You can have more than one device line and use wild cards. The first +# example includes SCSI the first partition of SCSI disks /dev/sdb, +# /dev/sdc, /dev/sdd, /dev/sdj, /dev/sdk, and /dev/sdl. The second +# line looks for array slices on IDE disks. +# +#DEVICE /dev/sd[bcdjkl]1 +#DEVICE /dev/hda1 /dev/hdb1 +# +# If you mount devfs on /dev, then a suitable way to list all devices is: +#DEVICE /dev/discs/*/* +# +# +# The AUTO line can control which arrays get assembled by auto-assembly, +# meaing either "mdadm -As" when there are no 'ARRAY' lines in this file, +# or "mdadm --incremental" when the array found is not listed in this file. +# By default, all arrays that are found are assembled. +# If you want to ignore all DDF arrays (maybe they are managed by dmraid), +# and only assemble 1.x arrays if which are marked for 'this' homehost, +# but assemble all others, then use +#AUTO -ddf homehost -1.x +all +# +# ARRAY lines specify an array to assemble and a method of identification. +# Arrays can currently be identified by using a UUID, superblock minor number, +# or a listing of devices. +# +# super-minor is usually the minor number of the metadevice +# UUID is the Universally Unique Identifier for the array +# Each can be obtained using +# +# mdadm -D +# +#ARRAY /dev/md0 UUID=3aaa0122:29827cfa:5331ad66:ca767371 +#ARRAY /dev/md1 super-minor=1 +#ARRAY /dev/md2 devices=/dev/hda1,/dev/hdb1 +# +# ARRAY lines can also specify a "spare-group" for each array. mdadm --monitor +# will then move a spare between arrays in a spare-group if one array has a failed +# drive but no spare +#ARRAY /dev/md4 uuid=b23f3c6d:aec43a9f:fd65db85:369432df spare-group=group1 +#ARRAY /dev/md5 uuid=19464854:03f71b1b:e0df2edd:246cc977 spare-group=group1 +# +# When used in --follow (aka --monitor) mode, mdadm needs a +# mail address and/or a program. This can be given with "mailaddr" +# and "program" lines to that monitoring can be started using +# mdadm --follow --scan & echo $! > /var/run/mdadm +# If the lines are not found, mdadm will exit quietly +#MAILADDR root@mydomain.tld +#PROGRAM /usr/sbin/handle-mdadm-events diff --git a/modprobe.d/aliases.conf b/modprobe.d/aliases.conf new file mode 100644 index 0000000..52f30c9 --- /dev/null +++ b/modprobe.d/aliases.conf @@ -0,0 +1,42 @@ +# Aliases to tell insmod/modprobe which modules to use + +# Uncomment the network protocols you don't want loaded: +# alias net-pf-1 off # Unix +# alias net-pf-2 off # IPv4 +# alias net-pf-3 off # Amateur Radio AX.25 +# alias net-pf-4 off # IPX +# alias net-pf-5 off # DDP / appletalk +# alias net-pf-6 off # Amateur Radio NET/ROM +# alias net-pf-9 off # X.25 +# alias net-pf-10 off # IPv6 +# alias net-pf-11 off # ROSE / Amateur Radio X.25 PLP +# alias net-pf-19 off # Acorn Econet + +alias char-major-10-175 agpgart +alias char-major-10-200 tun +alias char-major-81 bttv +alias char-major-108 ppp_generic +alias /dev/ppp ppp_generic +alias tty-ldisc-3 ppp_async +alias tty-ldisc-14 ppp_synctty +alias ppp-compress-21 bsd_comp +alias ppp-compress-24 ppp_deflate +alias ppp-compress-26 ppp_deflate + +# Crypto modules (see http://www.kerneli.org/) +alias loop-xfer-gen-0 loop_gen +alias loop-xfer-3 loop_fish2 +alias loop-xfer-gen-10 loop_gen +alias cipher-2 des +alias cipher-3 fish2 +alias cipher-4 blowfish +alias cipher-6 idea +alias cipher-7 serp6f +alias cipher-8 mars6 +alias cipher-11 rc62 +alias cipher-15 dfc2 +alias cipher-16 rijndael +alias cipher-17 rc5 + +# Support for i2c and lm_sensors +alias char-major-89 i2c-dev diff --git a/modprobe.d/blacklist.conf b/modprobe.d/blacklist.conf new file mode 100644 index 0000000..90bc234 --- /dev/null +++ b/modprobe.d/blacklist.conf @@ -0,0 +1,29 @@ +# This file lists modules which will not be loaded by udev, +# not at coldplugging and not on hotplug events. + +# Add your own entries to this file +# in the format "blacklist " + +# Some examples: +# evbug is a debug tool and should be loaded explicitly +blacklist evbug + +# Autoloading eth1394 most of the time re-orders your network +# interfaces, and with buggy kernel 2.6.21, udev persistent-net +# is not able to rename these devices, so you get eth?_rename devices +# plus an exceeded 30sec boot timeout +blacklist eth1394 + +# You probably want this to not get the console beep loud on every tab :) +#blacklist pcspkr + +# these drivers are very simple, the HID drivers are usually preferred +#blacklist usbmouse +#blacklist usbkbd + +# Sometimes loading a framebuffer driver at boot gets the console black +#install pci:v*d*sv*sd*bc03sc*i* /bin/true + +# hplip and cups 1.4+ use raw USB devices, so it requires usblp not be loaded +#blacklist usblp + diff --git a/modprobe.d/i386.conf b/modprobe.d/i386.conf new file mode 100644 index 0000000..b89459f --- /dev/null +++ b/modprobe.d/i386.conf @@ -0,0 +1,4 @@ +alias parport_lowlevel parport_pc +alias char-major-10-144 nvram +alias binfmt-0064 binfmt_aout +alias char-major-10-135 rtc diff --git a/modprobe.d/pnp-aliases.conf b/modprobe.d/pnp-aliases.conf new file mode 100644 index 0000000..3675fbb --- /dev/null +++ b/modprobe.d/pnp-aliases.conf @@ -0,0 +1,17 @@ +# /etc/modprobe.d/pnp-aliases +# +# These aliases are used by this udev-rule: +# SUBSYSTEM=="pnp", ENV{MODALIAS}!="?*", RUN+="/bin/sh -c '/sbin/modprobe -a $$(while read id; do echo pnp:d$$id; done < /sys$devpath/id)'" +# +# They should help to autoload drivers used by various pnp-devices +# (if not blacklisted somewhere else) +# +alias pnp:dPNP0510 irtty-sir +alias pnp:dPNP0511 irtty-sir +alias pnp:dPNP0700 floppy +alias pnp:dPNP0800 pcspkr +alias pnp:dPNP0b00 rtc +alias pnp:dPNP0303 atkbd +alias pnp:dPNP0f13 psmouse +alias pnp:dPNPb02f analog + diff --git a/modprobe.d/usb-load-ehci-first.conf b/modprobe.d/usb-load-ehci-first.conf new file mode 100644 index 0000000..3b5db0e --- /dev/null +++ b/modprobe.d/usb-load-ehci-first.conf @@ -0,0 +1,2 @@ +install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe --ignore-install ohci_hcd $CMDLINE_OPTS +install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe --ignore-install uhci_hcd $CMDLINE_OPTS diff --git a/mutt/Muttrc b/mutt/Muttrc new file mode 100644 index 0000000..6f0d63e --- /dev/null +++ b/mutt/Muttrc @@ -0,0 +1,19 @@ +# Some minimal Mutt settings, Gentoo-style. These reflect the Gentoo +# predilection for maildir folders. +# +# Please don't add settings to this file to change other user +# preferences (such as colors), since those can be hard for a user to +# undo if their preference doesn't match yours! For example, it is +# *impossible* currently in mutt to remove color settings from objects +# other than the index. + +set mbox_type=Maildir +set folder=~/.maildir +set spoolfile=~/.maildir/ +set record=~/.maildir-sent/ +set move=no + +# Maybe we shouldn't set index_format here, but this is a recommended +# one for maildir-style folders. + +set index_format="%4C %Z %{%b %d} %-16.16L %s" diff --git a/mutt/Muttrc.dist b/mutt/Muttrc.dist new file mode 100644 index 0000000..5758000 --- /dev/null +++ b/mutt/Muttrc.dist @@ -0,0 +1,5137 @@ +# +# System configuration file for Mutt +# + +# Default list of header fields to weed when displaying. +# Ignore all lines by default... +ignore * + +# ... then allow these through. +unignore from: subject to cc date x-mailer x-url user-agent + +# Display the fields in this order +hdr_order date from to cc subject + +# imitate the old search-body function +macro index \eb "~b " "search in message bodies" + +# simulate the old url menu +macro index,pager,attach,compose \cb "\ + set my_pipe_decode=\$pipe_decode pipe_decode\ + urlview\ + set pipe_decode=\$my_pipe_decode; unset my_pipe_decode" \ +"call urlview to extract URLs out of a message" + +# Show documentation when pressing F1 +macro generic,pager " less /usr/share/doc/mutt-1.5.21-r1/manual.txt" "show Mutt documentation" + +# show the incoming mailboxes list (just like "mutt -y") and back when pressing "y" +macro index,pager y "?" "show incoming mailboxes list" +bind browser y exit + +# Use folders which match on \\.gz$ as gzipped folders: +# open-hook \\.gz$ "gzip -cd %f > %t" +# close-hook \\.gz$ "gzip -c %t > %f" +# append-hook \\.gz$ "gzip -c %t >> %f" + +# If Mutt is unable to determine your site's domain name correctly, you can +# set the default here. +# +# set hostname=cs.hmc.edu + +# If your sendmail supports the -B8BITMIME flag, enable the following +# +# set use_8bitmime + +# Use mime.types to look up handlers for application/octet-stream. Can +# be undone with unmime_lookup. +mime_lookup application/octet-stream + +## +## *** DEFAULT SETTINGS FOR THE ATTACHMENTS PATCH *** +## + +## +## Please see the manual (section "attachments") for detailed +## documentation of the "attachments" command. +## +## Removing a pattern from a list removes that pattern literally. It +## does not remove any type matching the pattern. +## +## attachments +A */.* +## attachments +A image/jpeg +## unattachments +A */.* +## +## This leaves "attached" image/jpeg files on the allowed attachments +## list. It does not remove all items, as you might expect, because the +## second */.* is not a matching expression at this time. +## +## Remember: "unattachments" only undoes what "attachments" has done! +## It does not trigger any matching on actual messages. + +## Qualify any MIME part with an "attachment" disposition, EXCEPT for +## text/x-vcard and application/pgp parts. (PGP parts are already known +## to mutt, and can be searched for with ~g, ~G, and ~k.) +## +## I've added x-pkcs7 to this, since it functions (for S/MIME) +## analogously to PGP signature attachments. S/MIME isn't supported +## in a stock mutt build, but we can still treat it specially here. +## +attachments +A */.* +attachments -A text/x-vcard application/pgp.* +attachments -A application/x-pkcs7-.* + +## Discount all MIME parts with an "inline" disposition, unless they're +## text/plain. (Why inline a text/plain part unless it's external to the +## message flow?) +## +attachments +I text/plain + +## These two lines make Mutt qualify MIME containers. (So, for example, +## a message/rfc822 forward will count as an attachment.) The first +## line is unnecessary if you already have "attach-allow */.*", of +## course. These are off by default! The MIME elements contained +## within a message/* or multipart/* are still examined, even if the +## containers themselves don't qualify. +## +#attachments +A message/.* multipart/.* +#attachments +I message/.* multipart/.* + +## You probably don't really care to know about deleted attachments. +attachments -A message/external-body +attachments -I message/external-body + +## +## More settings +## + + +# set abort_nosubject=ask-yes +# +# Name: abort_nosubject +# Type: quadoption +# Default: ask-yes +# +# +# If set to yes, when composing messages and no subject is given +# at the subject prompt, composition will be aborted. If set to +# no, composing messages with no subject given at the subject +# prompt will never be aborted. +# +# +# set abort_unmodified=yes +# +# Name: abort_unmodified +# Type: quadoption +# Default: yes +# +# +# If set to yes, composition will automatically abort after +# editing the message body if no changes are made to the file (this +# check only happens after the first edit of the file). When set +# to no, composition will never be aborted. +# +# +# set alias_file="~/.muttrc" +# +# Name: alias_file +# Type: path +# Default: "~/.muttrc" +# +# +# The default file in which to save aliases created by the +# function. Entries added to this file are +# encoded in the character set specified by $config_charset if it +# is set or the current character set otherwise. +# +# Note: Mutt will not automatically source this file; you must +# explicitly use the ``source'' command for it to be executed in case +# this option points to a dedicated alias file. +# +# The default for this option is the currently used muttrc file, or +# ``~/.muttrc'' if no user muttrc was found. +# +# +# set alias_format="%4n %2f %t %-10a %r" +# +# Name: alias_format +# Type: string +# Default: "%4n %2f %t %-10a %r" +# +# +# Specifies the format of the data displayed for the ``alias'' menu. The +# following printf(3)-style sequences are available: +# %a alias name +# %f flags - currently, a ``d'' for an alias marked for deletion +# %n index number +# %r address which alias expands to +# %t character which indicates if the alias is tagged for inclusion +# +# +# set allow_8bit=yes +# +# Name: allow_8bit +# Type: boolean +# Default: yes +# +# +# Controls whether 8-bit data is converted to 7-bit using either Quoted- +# Printable or Base64 encoding when sending mail. +# +# +# set allow_ansi=no +# +# Name: allow_ansi +# Type: boolean +# Default: no +# +# +# Controls whether ANSI color codes in messages (and color tags in +# rich text messages) are to be interpreted. +# Messages containing these codes are rare, but if this option is set, +# their text will be colored accordingly. Note that this may override +# your color choices, and even present a security problem, since a +# message could include a line like +# [-- PGP output follows ... +# +# and give it the same color as your attachment color (see also +# $crypt_timestamp). +# +# +# set arrow_cursor=no +# +# Name: arrow_cursor +# Type: boolean +# Default: no +# +# +# When set, an arrow (``->'') will be used to indicate the current entry +# in menus instead of highlighting the whole line. On slow network or modem +# links this will make response faster because there is less that has to +# be redrawn on the screen when moving to the next or previous entries +# in the menu. +# +# +# set ascii_chars=no +# +# Name: ascii_chars +# Type: boolean +# Default: no +# +# +# If set, Mutt will use plain ASCII characters when displaying thread +# and attachment trees, instead of the default ACS characters. +# +# +# set askbcc=no +# +# Name: askbcc +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for blind-carbon-copy (Bcc) recipients +# before editing an outgoing message. +# +# +# set askcc=no +# +# Name: askcc +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for carbon-copy (Cc) recipients before +# editing the body of an outgoing message. +# +# +# set ask_follow_up=no +# +# Name: ask_follow_up +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for follow-up groups before editing +# the body of an outgoing message. +# +# +# set ask_x_comment_to=no +# +# Name: ask_x_comment_to +# Type: boolean +# Default: no +# +# +# If set, Mutt will prompt you for x-comment-to field before editing +# the body of an outgoing message. +# +# +# set assumed_charset="" +# +# Name: assumed_charset +# Type: string +# Default: "" +# +# +# This variable is a colon-separated list of character encoding +# schemes for messages without character encoding indication. +# Header field values and message body content without character encoding +# indication would be assumed that they are written in one of this list. +# By default, all the header fields and message body without any charset +# indication are assumed to be in ``us-ascii''. +# +# For example, Japanese users might prefer this: +# set assumed_charset="iso-2022-jp:euc-jp:shift_jis:utf-8" +# +# However, only the first content is valid for the message body. +# +# +# set attach_charset="" +# +# Name: attach_charset +# Type: string +# Default: "" +# +# +# This variable is a colon-separated list of character encoding +# schemes for text file attachments. Mutt uses this setting to guess +# which encoding files being attached are encoded in to convert them to +# a proper character set given in $send_charset. +# +# If unset, the value of $charset will be used instead. +# For example, the following configuration would work for Japanese +# text handling: +# set attach_charset="iso-2022-jp:euc-jp:shift_jis:utf-8" +# +# Note: for Japanese users, ``iso-2022-*'' must be put at the head +# of the value as shown above if included. +# +# +# set attach_format="%u%D%I %t%4n %T%.40d%> [%.7m/%.10M, %.6e%?C?, %C?, %s] " +# +# Name: attach_format +# Type: string +# Default: "%u%D%I %t%4n %T%.40d%> [%.7m/%.10M, %.6e%?C?, %C?, %s] " +# +# +# This variable describes the format of the ``attachment'' menu. The +# following printf(3)-style sequences are understood: +# %C charset +# %c requires charset conversion (``n'' or ``c'') +# %D deleted flag +# %d description +# %e MIME content-transfer-encoding +# %f filename +# %I disposition (``I'' for inline, ``A'' for attachment) +# %m major MIME type +# %M MIME subtype +# %n attachment number +# %Q ``Q'', if MIME part qualifies for attachment counting +# %s size +# %t tagged flag +# %T graphic tree characters +# %u unlink (=to delete) flag +# %X number of qualifying MIME parts in this part and its children +# (please see the ``attachments'' section for possible speed effects) +# %>X right justify the rest of the string and pad with character ``X'' +# %|X pad to the end of the line with character ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# For an explanation of ``soft-fill'', see the $index_format documentation. +# +# +# set attach_sep="\n" +# +# Name: attach_sep +# Type: string +# Default: "\n" +# +# +# The separator to add between attachments when operating (saving, +# printing, piping, etc) on a list of tagged attachments. +# +# +# set attach_split=yes +# +# Name: attach_split +# Type: boolean +# Default: yes +# +# +# If this variable is unset, when operating (saving, printing, piping, +# etc) on a list of tagged attachments, Mutt will concatenate the +# attachments and will operate on them as a single attachment. The +# $attach_sep separator is added after each attachment. When set, +# Mutt will operate on the attachments one by one. +# +# +# set attribution="On %d, %n wrote:" +# +# Name: attribution +# Type: string +# Default: "On %d, %n wrote:" +# +# +# This is the string that will precede a message which has been included +# in a reply. For a full listing of defined printf(3)-like sequences see +# the section on $index_format. +# +# +# set auto_tag=no +# +# Name: auto_tag +# Type: boolean +# Default: no +# +# +# When set, functions in the index menu which affect a message +# will be applied to all tagged messages (if there are any). When +# unset, you must first use the function (bound to ``;'' +# by default) to make the next function apply to all tagged messages. +# +# +# set autoedit=no +# +# Name: autoedit +# Type: boolean +# Default: no +# +# +# When set along with $edit_headers, Mutt will skip the initial +# send-menu (prompting for subject and recipients) and allow you to +# immediately begin editing the body of your +# message. The send-menu may still be accessed once you have finished +# editing the body of your message. +# +# Note: when this option is set, you cannot use send-hooks that depend +# on the recipients when composing a new (non-reply) message, as the initial +# list of recipients is empty. +# +# Also see $fast_reply. +# +# +# set beep=yes +# +# Name: beep +# Type: boolean +# Default: yes +# +# +# When this variable is set, mutt will beep when an error occurs. +# +# +# set beep_new=no +# +# Name: beep_new +# Type: boolean +# Default: no +# +# +# When this variable is set, mutt will beep whenever it prints a message +# notifying you of new mail. This is independent of the setting of the +# $beep variable. +# +# +# set bounce=ask-yes +# +# Name: bounce +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether you will be asked to confirm bouncing messages. +# If set to yes you don't get asked if you want to bounce a +# message. Setting this variable to no is not generally useful, +# and thus not recommended, because you are unable to bounce messages. +# +# +# set bounce_delivered=yes +# +# Name: bounce_delivered +# Type: boolean +# Default: yes +# +# +# When this variable is set, mutt will include Delivered-To headers when +# bouncing messages. Postfix users may wish to unset this variable. +# +# +# set braille_friendly=no +# +# Name: braille_friendly +# Type: boolean +# Default: no +# +# +# When this variable is set, mutt will place the cursor at the beginning +# of the current line in menus, even when the $arrow_cursor variable +# is unset, making it easier for blind persons using Braille displays to +# follow these menus. The option is unset by default because many +# visual terminals don't permit making the cursor invisible. +# +# +# set catchup_newsgroup=ask-yes +# +# Name: catchup_newsgroup +# Type: quadoption +# Default: ask-yes +# +# +# If this variable is set, Mutt will mark all articles in newsgroup +# as read when you quit the newsgroup (catchup newsgroup). +# +# +# set certificate_file="~/.mutt_certificates" +# +# Name: certificate_file +# Type: path +# Default: "~/.mutt_certificates" +# +# +# This variable specifies the file where the certificates you trust +# are saved. When an unknown certificate is encountered, you are asked +# if you accept it or not. If you accept it, the certificate can also +# be saved in this file and further connections are automatically +# accepted. +# +# You can also manually add CA certificates in this file. Any server +# certificate that is signed with one of these CA certificates is +# also automatically accepted. +# +# Example: +# set certificate_file=~/.mutt/certificates +# +# +# set charset="" +# +# Name: charset +# Type: string +# Default: "" +# +# +# Character set your terminal uses to display and enter textual data. +# It is also the fallback for $send_charset. +# +# Upon startup Mutt tries to derive this value from environment variables +# such as $LC_CTYPE or $LANG. +# +# Note: It should only be set in case Mutt isn't able to determine the +# character set used correctly. +# +# +# set check_mbox_size=no +# +# Name: check_mbox_size +# Type: boolean +# Default: no +# +# +# When this variable is set, mutt will use file size attribute instead of +# access time when checking for new mail in mbox and mmdf folders. +# +# This variable is unset by default and should only be enabled when +# new mail detection for these folder types is unreliable or doesn't work. +# +# Note that enabling this variable should happen before any ``mailboxes'' +# directives occur in configuration files regarding mbox or mmdf folders +# because mutt needs to determine the initial new mail status of such a +# mailbox by performing a fast mailbox scan when it is defined. +# Afterwards the new mail status is tracked by file size changes. +# +# +# set change_folder_next=no +# +# Name: change_folder_next +# Type: boolean +# Default: no +# +# +# When this variable is set, the change-folder command will start at the +# next folder after the current folder in your mailbox list instead of +# starting at the first folder. +# +# +# set check_new=yes +# +# Name: check_new +# Type: boolean +# Default: yes +# +# +# Note: this option only affects maildir and MH style +# mailboxes. +# +# When set, Mutt will check for new mail delivered while the +# mailbox is open. Especially with MH mailboxes, this operation can +# take quite some time since it involves scanning the directory and +# checking each file to see if it has already been looked at. If +# this variable is unset, no check for new mail is performed +# while the mailbox is open. +# +# +# set collapse_unread=yes +# +# Name: collapse_unread +# Type: boolean +# Default: yes +# +# +# When unset, Mutt will not collapse a thread if it contains any +# unread messages. +# +# +# set collapse_flagged=yes +# +# Name: collapse_flagged +# Type: boolean +# Default: yes +# +# +# When unset, Mutt will not collapse a thread if it contains any +# flagged messages. +# +# +# set compose_format="-- Mutt: Compose [Approx. msg size: %l Atts: %a]%>-" +# +# Name: compose_format +# Type: string +# Default: "-- Mutt: Compose [Approx. msg size: %l Atts: %a]%>-" +# +# +# Controls the format of the status line displayed in the ``compose'' +# menu. This string is similar to $status_format, but has its own +# set of printf(3)-like sequences: +# %a total number of attachments +# %h local hostname +# %l approximate size (in bytes) of the current message +# %v Mutt version string +# +# +# See the text describing the $status_format option for more +# information on how to set $compose_format. +# +# +# set config_charset="" +# +# Name: config_charset +# Type: string +# Default: "" +# +# +# When defined, Mutt will recode commands in rc files from this +# encoding to the current character set as specified by $charset +# and aliases written to $alias_file from the current character set. +# +# Please note that if setting $charset it must be done before +# setting $config_charset. +# +# Recoding should be avoided as it may render unconvertable +# characters as question marks which can lead to undesired +# side effects (for example in regular expressions). +# +# +# set confirmappend=yes +# +# Name: confirmappend +# Type: boolean +# Default: yes +# +# +# When set, Mutt will prompt for confirmation when appending messages to +# an existing mailbox. +# +# +# set confirmcreate=yes +# +# Name: confirmcreate +# Type: boolean +# Default: yes +# +# +# When set, Mutt will prompt for confirmation when saving messages to a +# mailbox which does not yet exist before creating it. +# +# +# set connect_timeout=30 +# +# Name: connect_timeout +# Type: number +# Default: 30 +# +# +# Causes Mutt to timeout a network connection (for IMAP, POP or SMTP) after this +# many seconds if the connection is not able to be established. A negative +# value causes Mutt to wait indefinitely for the connection attempt to succeed. +# +# +# set content_type="text/plain" +# +# Name: content_type +# Type: string +# Default: "text/plain" +# +# +# Sets the default Content-Type for the body of newly composed messages. +# +# +# set copy=yes +# +# Name: copy +# Type: quadoption +# Default: yes +# +# +# This variable controls whether or not copies of your outgoing messages +# will be saved for later references. Also see $record, +# $save_name, $force_name and ``fcc-hook''. +# +# +# set crypt_autoencrypt=no +# +# Name: crypt_autoencrypt +# Type: boolean +# Default: no +# +# +# Setting this variable will cause Mutt to always attempt to PGP +# encrypt outgoing messages. This is probably only useful in +# connection to the ``send-hook'' command. It can be overridden +# by use of the pgp menu, when encryption is not required or +# signing is requested as well. If $smime_is_default is set, +# then OpenSSL is used instead to create S/MIME messages and +# settings can be overridden by use of the smime menu instead. +# (Crypto only) +# +# +# set crypt_autopgp=yes +# +# Name: crypt_autopgp +# Type: boolean +# Default: yes +# +# +# This variable controls whether or not mutt may automatically enable +# PGP encryption/signing for messages. See also $crypt_autoencrypt, +# $crypt_replyencrypt, +# $crypt_autosign, $crypt_replysign and $smime_is_default. +# +# +# set crypt_autosign=no +# +# Name: crypt_autosign +# Type: boolean +# Default: no +# +# +# Setting this variable will cause Mutt to always attempt to +# cryptographically sign outgoing messages. This can be overridden +# by use of the pgp menu, when signing is not required or +# encryption is requested as well. If $smime_is_default is set, +# then OpenSSL is used instead to create S/MIME messages and settings can +# be overridden by use of the smime menu instead of the pgp menu. +# (Crypto only) +# +# +# set crypt_autosmime=yes +# +# Name: crypt_autosmime +# Type: boolean +# Default: yes +# +# +# This variable controls whether or not mutt may automatically enable +# S/MIME encryption/signing for messages. See also $crypt_autoencrypt, +# $crypt_replyencrypt, +# $crypt_autosign, $crypt_replysign and $smime_is_default. +# +# +# set crypt_replyencrypt=yes +# +# Name: crypt_replyencrypt +# Type: boolean +# Default: yes +# +# +# If set, automatically PGP or OpenSSL encrypt replies to messages which are +# encrypted. +# (Crypto only) +# +# +# set crypt_replysign=no +# +# Name: crypt_replysign +# Type: boolean +# Default: no +# +# +# If set, automatically PGP or OpenSSL sign replies to messages which are +# signed. +# +# Note: this does not work on messages that are encrypted +# and signed! +# (Crypto only) +# +# +# set crypt_replysignencrypted=no +# +# Name: crypt_replysignencrypted +# Type: boolean +# Default: no +# +# +# If set, automatically PGP or OpenSSL sign replies to messages +# which are encrypted. This makes sense in combination with +# $crypt_replyencrypt, because it allows you to sign all +# messages which are automatically encrypted. This works around +# the problem noted in $crypt_replysign, that mutt is not able +# to find out whether an encrypted message is also signed. +# (Crypto only) +# +# +# set crypt_timestamp=yes +# +# Name: crypt_timestamp +# Type: boolean +# Default: yes +# +# +# If set, mutt will include a time stamp in the lines surrounding +# PGP or S/MIME output, so spoofing such lines is more difficult. +# If you are using colors to mark these lines, and rely on these, +# you may unset this setting. +# (Crypto only) +# +# +# set crypt_use_gpgme=no +# +# Name: crypt_use_gpgme +# Type: boolean +# Default: no +# +# +# This variable controls the use of the GPGME-enabled crypto backends. +# If it is set and Mutt was built with gpgme support, the gpgme code for +# S/MIME and PGP will be used instead of the classic code. Note that +# you need to set this option in .muttrc; it won't have any effect when +# used interactively. +# +# +# set crypt_use_pka=no +# +# Name: crypt_use_pka +# Type: boolean +# Default: no +# +# +# Controls whether mutt uses PKA +# (see http://www.g10code.de/docs/pka-intro.de.pdf) during signature +# verification (only supported by the GPGME backend). +# +# +# set crypt_verify_sig=yes +# +# Name: crypt_verify_sig +# Type: quadoption +# Default: yes +# +# +# If ``yes'', always attempt to verify PGP or S/MIME signatures. +# If ``ask-*'', ask whether or not to verify the signature. +# If ``no'', never attempt to verify cryptographic signatures. +# (Crypto only) +# +# +# set date_format="!%a, %b %d, %Y at %I:%M:%S%p %Z" +# +# Name: date_format +# Type: string +# Default: "!%a, %b %d, %Y at %I:%M:%S%p %Z" +# +# +# This variable controls the format of the date printed by the ``%d'' +# sequence in $index_format. This is passed to the strftime(3) +# function to process the date, see the man page for the proper syntax. +# +# Unless the first character in the string is a bang (``!''), the month +# and week day names are expanded according to the locale specified in +# the variable $locale. If the first character in the string is a +# bang, the bang is discarded, and the month and week day names in the +# rest of the string are expanded in the C locale (that is in US +# English). +# +# +# set default_hook="~f %s !~P | (~P ~C %s)" +# +# Name: default_hook +# Type: string +# Default: "~f %s !~P | (~P ~C %s)" +# +# +# This variable controls how ``message-hook'', ``reply-hook'', ``send-hook'', +# ``send2-hook'', ``save-hook'', and ``fcc-hook'' will +# be interpreted if they are specified with only a simple regexp, +# instead of a matching pattern. The hooks are expanded when they are +# declared, so a hook will be interpreted according to the value of this +# variable at the time the hook is declared. +# +# The default value matches +# if the message is either from a user matching the regular expression +# given, or if it is from you (if the from address matches +# ``alternates'') and is to or cc'ed to a user matching the given +# regular expression. +# +# +# set delete=ask-yes +# +# Name: delete +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not messages are really deleted when closing or +# synchronizing a mailbox. If set to yes, messages marked for +# deleting will automatically be purged without prompting. If set to +# no, messages marked for deletion will be kept in the mailbox. +# +# +# set delete_untag=yes +# +# Name: delete_untag +# Type: boolean +# Default: yes +# +# +# If this option is set, mutt will untag messages when marking them +# for deletion. This applies when you either explicitly delete a message, +# or when you save it to another folder. +# +# +# set digest_collapse=yes +# +# Name: digest_collapse +# Type: boolean +# Default: yes +# +# +# If this option is set, mutt's received-attachments menu will not show the subparts of +# individual messages in a multipart/digest. To see these subparts, press ``v'' on that menu. +# +# +# set display_filter="" +# +# Name: display_filter +# Type: path +# Default: "" +# +# +# When set, specifies a command used to filter messages. When a message +# is viewed it is passed as standard input to $display_filter, and the +# filtered message is read from the standard output. +# +# +# set dotlock_program="/usr/bin/mutt_dotlock" +# +# Name: dotlock_program +# Type: path +# Default: "/usr/bin/mutt_dotlock" +# +# +# Contains the path of the mutt_dotlock(8) binary to be used by +# mutt. +# +# +# set dsn_notify="" +# +# Name: dsn_notify +# Type: string +# Default: "" +# +# +# This variable sets the request for when notification is returned. The +# string consists of a comma separated list (no spaces!) of one or more +# of the following: never, to never request notification, +# failure, to request notification on transmission failure, +# delay, to be notified of message delays, success, to be +# notified of successful transmission. +# +# Example: +# set dsn_notify="failure,delay" +# +# Note: when using $sendmail for delivery, you should not enable +# this unless you are either using Sendmail 8.8.x or greater or a MTA +# providing a sendmail(1)-compatible interface supporting the -N option +# for DSN. For SMTP delivery, DSN support is auto-detected so that it +# depends on the server whether DSN will be used or not. +# +# +# set dsn_return="" +# +# Name: dsn_return +# Type: string +# Default: "" +# +# +# This variable controls how much of your message is returned in DSN +# messages. It may be set to either hdrs to return just the +# message header, or full to return the full message. +# +# Example: +# set dsn_return=hdrs +# +# Note: when using $sendmail for delivery, you should not enable +# this unless you are either using Sendmail 8.8.x or greater or a MTA +# providing a sendmail(1)-compatible interface supporting the -R option +# for DSN. For SMTP delivery, DSN support is auto-detected so that it +# depends on the server whether DSN will be used or not. +# +# +# set duplicate_threads=yes +# +# Name: duplicate_threads +# Type: boolean +# Default: yes +# +# +# This variable controls whether mutt, when $sort is set to threads, threads +# messages with the same Message-Id together. If it is set, it will indicate +# that it thinks they are duplicates of each other with an equals sign +# in the thread tree. +# +# +# set edit_headers=no +# +# Name: edit_headers +# Type: boolean +# Default: no +# +# +# This option allows you to edit the header of your outgoing messages +# along with the body of your message. +# +# Note that changes made to the References: and Date: headers are +# ignored for interoperability reasons. +# +# +# set editor="" +# +# Name: editor +# Type: path +# Default: "" +# +# +# This variable specifies which editor is used by mutt. +# It defaults to the value of the $VISUAL, or $EDITOR, environment +# variable, or to the string ``vi'' if neither of those are set. +# +# +# set encode_from=no +# +# Name: encode_from +# Type: boolean +# Default: no +# +# +# When set, mutt will quoted-printable encode messages when +# they contain the string ``From '' (note the trailing space) in the beginning of a line. +# This is useful to avoid the tampering certain mail delivery and transport +# agents tend to do with messages (in order to prevent tools from +# misinterpreting the line as a mbox message separator). +# +# +# set entropy_file="" +# +# Name: entropy_file +# Type: path +# Default: "" +# +# +# The file which includes random data that is used to initialize SSL +# library functions. +# +# +# set envelope_from_address="" +# +# Name: envelope_from_address +# Type: e-mail address +# Default: "" +# +# +# Manually sets the envelope sender for outgoing messages. +# This value is ignored if $use_envelope_from is unset. +# +# +# set escape="~" +# +# Name: escape +# Type: string +# Default: "~" +# +# +# Escape character to use for functions in the built-in editor. +# +# +# set fast_reply=no +# +# Name: fast_reply +# Type: boolean +# Default: no +# +# +# When set, the initial prompt for recipients and subject are skipped +# when replying to messages, and the initial prompt for subject is +# skipped when forwarding messages. +# +# Note: this variable has no effect when the $autoedit +# variable is set. +# +# +# set fcc_attach=yes +# +# Name: fcc_attach +# Type: quadoption +# Default: yes +# +# +# This variable controls whether or not attachments on outgoing messages +# are saved along with the main body of your message. +# +# +# set fcc_clear=no +# +# Name: fcc_clear +# Type: boolean +# Default: no +# +# +# When this variable is set, FCCs will be stored unencrypted and +# unsigned, even when the actual message is encrypted and/or +# signed. +# (PGP only) +# +# +# set folder="~/Mail" +# +# Name: folder +# Type: path +# Default: "~/Mail" +# +# +# Specifies the default location of your mailboxes. A ``+'' or ``='' at the +# beginning of a pathname will be expanded to the value of this +# variable. Note that if you change this variable (from the default) +# value you need to make sure that the assignment occurs before +# you use ``+'' or ``='' for any other variables since expansion takes place +# when handling the ``mailboxes'' command. +# +# +# set folder_format="%2C %t %N %F %2l %-8.8u %-8.8g %8s %d %f" +# +# Name: folder_format +# Type: string +# Default: "%2C %t %N %F %2l %-8.8u %-8.8g %8s %d %f" +# +# +# This variable allows you to customize the file browser display to your +# personal taste. This string is similar to $index_format, but has +# its own set of printf(3)-like sequences: +# %C current file number +# %d date/time folder was last modified +# %D date/time folder was last modified using $date_format. +# %f filename (``/'' is appended to directory names, +# ``@'' to symbolic links and ``*'' to executable +# files) +# %F file permissions +# %g group name (or numeric gid, if missing) +# %l number of hard links +# %N N if folder has new mail, blank otherwise +# %s size in bytes +# %t ``*'' if the file is tagged, blank otherwise +# %u owner name (or numeric uid, if missing) +# %>X right justify the rest of the string and pad with character ``X'' +# %|X pad to the end of the line with character ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# For an explanation of ``soft-fill'', see the $index_format documentation. +# +# +# set followup_to=yes +# +# Name: followup_to +# Type: boolean +# Default: yes +# +# +# Controls whether or not the ``Mail-Followup-To:'' header field is +# generated when sending mail. When set, Mutt will generate this +# field when you are replying to a known mailing list, specified with +# the ``subscribe'' or ``lists'' commands. +# +# This field has two purposes. First, preventing you from +# receiving duplicate copies of replies to messages which you send +# to mailing lists, and second, ensuring that you do get a reply +# separately for any messages sent to known lists to which you are +# not subscribed. +# +# The header will contain only the list's address +# for subscribed lists, and both the list address and your own +# email address for unsubscribed lists. Without this header, a +# group reply to your message sent to a subscribed list will be +# sent to both the list and your address, resulting in two copies +# of the same email for you. +# +# +# set followup_to_poster=ask-yes +# +# Name: followup_to_poster +# Type: quadoption +# Default: ask-yes +# +# +# If this variable is set and the keyword "poster" is present in +# Followup-To header, follow-up to newsgroup function is not +# permitted. The message will be mailed to the submitter of the +# message via mail. +# +# +# set force_name=no +# +# Name: force_name +# Type: boolean +# Default: no +# +# +# This variable is similar to $save_name, except that Mutt will +# store a copy of your outgoing message by the username of the address +# you are sending to even if that mailbox does not exist. +# +# Also see the $record variable. +# +# +# set forward_decode=yes +# +# Name: forward_decode +# Type: boolean +# Default: yes +# +# +# Controls the decoding of complex MIME messages into text/plain when +# forwarding a message. The message header is also RFC2047 decoded. +# This variable is only used, if $mime_forward is unset, +# otherwise $mime_forward_decode is used instead. +# +# +# set forward_decrypt=yes +# +# Name: forward_decrypt +# Type: boolean +# Default: yes +# +# +# Controls the handling of encrypted messages when forwarding a message. +# When set, the outer layer of encryption is stripped off. This +# variable is only used if $mime_forward is set and +# $mime_forward_decode is unset. +# (PGP only) +# +# +# set forward_edit=yes +# +# Name: forward_edit +# Type: quadoption +# Default: yes +# +# +# This quadoption controls whether or not the user is automatically +# placed in the editor when forwarding messages. For those who always want +# to forward with no modification, use a setting of ``no''. +# +# +# set forward_format="[%a: %s]" +# +# Name: forward_format +# Type: string +# Default: "[%a: %s]" +# +# +# This variable controls the default subject when forwarding a message. +# It uses the same format sequences as the $index_format variable. +# +# +# set forward_quote=no +# +# Name: forward_quote +# Type: boolean +# Default: no +# +# +# When set, forwarded messages included in the main body of the +# message (when $mime_forward is unset) will be quoted using +# $indent_string. +# +# +# set from="" +# +# Name: from +# Type: e-mail address +# Default: "" +# +# +# When set, this variable contains a default from address. It +# can be overridden using ``my_hdr'' (including from a ``send-hook'') and +# $reverse_name. This variable is ignored if $use_from is unset. +# +# This setting defaults to the contents of the environment variable $EMAIL. +# +# +# set gecos_mask="^[^,]*" +# +# Name: gecos_mask +# Type: regular expression +# Default: "^[^,]*" +# +# +# A regular expression used by mutt to parse the GECOS field of a password +# entry when expanding the alias. The default value +# will return the string up to the first ``,'' encountered. +# If the GECOS field contains a string like ``lastname, firstname'' then you +# should set it to ``.*''. +# +# This can be useful if you see the following behavior: you address an e-mail +# to user ID ``stevef'' whose full name is ``Steve Franklin''. If mutt expands +# ``stevef'' to ``"Franklin" stevef@foo.bar'' then you should set the $gecos_mask to +# a regular expression that will match the whole name so mutt will expand +# ``Franklin'' to ``Franklin, Steve''. +# +# +# set group_index_format="%4C %M%N %5s %-45.45f %d" +# +# Name: group_index_format +# Type: string +# Default: "%4C %M%N %5s %-45.45f %d" +# +# +# This variable allows you to customize the newsgroup browser display to +# your personal taste. This string is similar to ``index_format'', but +# has its own set of printf()-like sequences: +# +# %C current newsgroup number +# %d description of newsgroup (becomes from server) +# %f newsgroup name +# %M - if newsgroup not allowed for direct post (moderated for example) +# %N N if newsgroup is new, u if unsubscribed, blank otherwise +# %n number of new articles in newsgroup +# %s number of unread articles in newsgroup +# %>X right justify the rest of the string and pad with character "X" +# %|X pad to the end of the line with character "X" +# +# +# set hdrs=yes +# +# Name: hdrs +# Type: boolean +# Default: yes +# +# +# When unset, the header fields normally added by the ``my_hdr'' +# command are not created. This variable must be unset before +# composing a new message or replying in order to take effect. If set, +# the user defined header fields are added to every new message. +# +# +# set header=no +# +# Name: header +# Type: boolean +# Default: no +# +# +# When set, this variable causes Mutt to include the header +# of the message you are replying to into the edit buffer. +# The $weed setting applies. +# +# +# set header_cache="" +# +# Name: header_cache +# Type: path +# Default: "" +# +# +# This variable points to the header cache database. +# If pointing to a directory Mutt will contain a header cache +# database file per folder, if pointing to a file that file will +# be a single global header cache. By default it is unset so no header +# caching will be used. +# +# Header caching can greatly improve speed when opening POP, IMAP +# MH or Maildir folders, see ``caching'' for details. +# +# +# set header_cache_compress=yes +# +# Name: header_cache_compress +# Type: boolean +# Default: yes +# +# +# When mutt is compiled with qdbm or tokyocabinet as header cache backend, +# this option determines whether the database will be compressed. +# Compression results in database files roughly being one fifth +# of the usual diskspace, but the decompression can result in a +# slower opening of cached folder(s) which in general is still +# much faster than opening non header cached folders. +# +# +# set header_cache_pagesize="16384" +# +# Name: header_cache_pagesize +# Type: string +# Default: "16384" +# +# +# When mutt is compiled with either gdbm or bdb4 as the header cache backend, +# this option changes the database page size. Too large or too small +# values can waste space, memory, or CPU time. The default should be more +# or less optimal for most use cases. +# +# +# set help=yes +# +# Name: help +# Type: boolean +# Default: yes +# +# +# When set, help lines describing the bindings for the major functions +# provided by each menu are displayed on the first line of the screen. +# +# Note: The binding will not be displayed correctly if the +# function is bound to a sequence rather than a single keystroke. Also, +# the help line may not be updated if a binding is changed while Mutt is +# running. Since this variable is primarily aimed at new users, neither +# of these should present a major problem. +# +# +# set hidden_host=no +# +# Name: hidden_host +# Type: boolean +# Default: no +# +# +# When set, mutt will skip the host name part of $hostname variable +# when adding the domain part to addresses. This variable does not +# affect the generation of Message-IDs, and it will not lead to the +# cut-off of first-level domains. +# +# +# set hide_limited=no +# +# Name: hide_limited +# Type: boolean +# Default: no +# +# +# When set, mutt will not show the presence of messages that are hidden +# by limiting, in the thread tree. +# +# +# set hide_missing=yes +# +# Name: hide_missing +# Type: boolean +# Default: yes +# +# +# When set, mutt will not show the presence of missing messages in the +# thread tree. +# +# +# set hide_thread_subject=yes +# +# Name: hide_thread_subject +# Type: boolean +# Default: yes +# +# +# When set, mutt will not show the subject of messages in the thread +# tree that have the same subject as their parent or closest previously +# displayed sibling. +# +# +# set hide_top_limited=no +# +# Name: hide_top_limited +# Type: boolean +# Default: no +# +# +# When set, mutt will not show the presence of messages that are hidden +# by limiting, at the top of threads in the thread tree. Note that when +# $hide_limited is set, this option will have no effect. +# +# +# set hide_top_missing=yes +# +# Name: hide_top_missing +# Type: boolean +# Default: yes +# +# +# When set, mutt will not show the presence of missing messages at the +# top of threads in the thread tree. Note that when $hide_missing is +# set, this option will have no effect. +# +# +# set history=10 +# +# Name: history +# Type: number +# Default: 10 +# +# +# This variable controls the size (in number of strings remembered) of +# the string history buffer per category. The buffer is cleared each time the +# variable is set. +# +# +# set history_file="~/.mutthistory" +# +# Name: history_file +# Type: path +# Default: "~/.mutthistory" +# +# +# The file in which Mutt will save its history. +# +# +# set honor_disposition=no +# +# Name: honor_disposition +# Type: boolean +# Default: no +# +# +# When set, Mutt will not display attachments with a +# disposition of ``attachment'' inline even if it could +# render the part to plain text. These MIME parts can only +# be viewed from the attachment menu. +# +# If unset, Mutt will render all MIME parts it can +# properly transform to plain text. +# +# +# set honor_followup_to=yes +# +# Name: honor_followup_to +# Type: quadoption +# Default: yes +# +# +# This variable controls whether or not a Mail-Followup-To header is +# honored when group-replying to a message. +# +# +# set hostname="" +# +# Name: hostname +# Type: string +# Default: "" +# +# +# Specifies the fully-qualified hostname of the system mutt is running on +# containing the host's name and the DNS domain it belongs to. It is used +# as the domain part (after ``@'') for local email addresses as well as +# Message-Id headers. +# +# Its value is determined at startup as follows: If the node's name +# as returned by the uname(3) function contains the hostname and the +# domain, these are used to construct $hostname. If there is no +# domain part returned, Mutt will look for a ``domain'' or ``search'' +# line in /etc/resolv.conf to determine the domain. Optionally, Mutt +# can be compiled with a fixed domain name in which case a detected +# one is not used. +# +# Also see $use_domain and $hidden_host. +# +# +# set ignore_linear_white_space=no +# +# Name: ignore_linear_white_space +# Type: boolean +# Default: no +# +# +# This option replaces linear-white-space between encoded-word +# and text to a single space to prevent the display of MIME-encoded +# ``Subject:'' field from being divided into multiple lines. +# +# +# set ignore_list_reply_to=no +# +# Name: ignore_list_reply_to +# Type: boolean +# Default: no +# +# +# Affects the behavior of the function when replying to +# messages from mailing lists (as defined by the ``subscribe'' or +# ``lists'' commands). When set, if the ``Reply-To:'' field is +# set to the same value as the ``To:'' field, Mutt assumes that the +# ``Reply-To:'' field was set by the mailing list to automate responses +# to the list, and will ignore this field. To direct a response to the +# mailing list when this option is set, use the +# function; will reply to both the sender and the +# list. +# +# +# set imap_authenticators="" +# +# Name: imap_authenticators +# Type: string +# Default: "" +# +# +# This is a colon-delimited list of authentication methods mutt may +# attempt to use to log in to an IMAP server, in the order mutt should +# try them. Authentication methods are either ``login'' or the right +# side of an IMAP ``AUTH=xxx'' capability string, e.g. ``digest-md5'', ``gssapi'' +# or ``cram-md5''. This option is case-insensitive. If it's +# unset (the default) mutt will try all available methods, +# in order from most-secure to least-secure. +# +# Example: +# set imap_authenticators="gssapi:cram-md5:login" +# +# Note: Mutt will only fall back to other authentication methods if +# the previous methods are unavailable. If a method is available but +# authentication fails, mutt will not connect to the IMAP server. +# +# +# set imap_check_subscribed=no +# +# Name: imap_check_subscribed +# Type: boolean +# Default: no +# +# +# When set, mutt will fetch the set of subscribed folders from +# your server on connection, and add them to the set of mailboxes +# it polls for new mail just as if you had issued individual ``mailboxes'' +# commands. +# +# +# set imap_delim_chars="/." +# +# Name: imap_delim_chars +# Type: string +# Default: "/." +# +# +# This contains the list of characters which you would like to treat +# as folder separators for displaying IMAP paths. In particular it +# helps in using the ``='' shortcut for your folder variable. +# +# +# set imap_headers="" +# +# Name: imap_headers +# Type: string +# Default: "" +# +# +# Mutt requests these header fields in addition to the default headers +# (``Date:'', ``From:'', ``Subject:'', ``To:'', ``Cc:'', ``Message-Id:'', +# ``References:'', ``Content-Type:'', ``Content-Description:'', ``In-Reply-To:'', +# ``Reply-To:'', ``Lines:'', ``List-Post:'', ``X-Label:'') from IMAP +# servers before displaying the index menu. You may want to add more +# headers for spam detection. +# +# Note: This is a space separated list, items should be uppercase +# and not contain the colon, e.g. ``X-BOGOSITY X-SPAM-STATUS'' for the +# ``X-Bogosity:'' and ``X-Spam-Status:'' header fields. +# +# +# set imap_idle=no +# +# Name: imap_idle +# Type: boolean +# Default: no +# +# +# When set, mutt will attempt to use the IMAP IDLE extension +# to check for new mail in the current mailbox. Some servers +# (dovecot was the inspiration for this option) react badly +# to mutt's implementation. If your connection seems to freeze +# up periodically, try unsetting this. +# +# +# set imap_keepalive=900 +# +# Name: imap_keepalive +# Type: number +# Default: 900 +# +# +# This variable specifies the maximum amount of time in seconds that mutt +# will wait before polling open IMAP connections, to prevent the server +# from closing them before mutt has finished with them. The default is +# well within the RFC-specified minimum amount of time (30 minutes) before +# a server is allowed to do this, but in practice the RFC does get +# violated every now and then. Reduce this number if you find yourself +# getting disconnected from your IMAP server due to inactivity. +# +# +# set imap_list_subscribed=no +# +# Name: imap_list_subscribed +# Type: boolean +# Default: no +# +# +# This variable configures whether IMAP folder browsing will look for +# only subscribed folders or all folders. This can be toggled in the +# IMAP browser with the function. +# +# +# set imap_login="" +# +# Name: imap_login +# Type: string +# Default: "" +# +# +# Your login name on the IMAP server. +# +# This variable defaults to the value of $imap_user. +# +# +# set imap_pass="" +# +# Name: imap_pass +# Type: string +# Default: "" +# +# +# Specifies the password for your IMAP account. If unset, Mutt will +# prompt you for your password when you invoke the function +# or try to open an IMAP folder. +# +# Warning: you should only use this option when you are on a +# fairly secure machine, because the superuser can read your muttrc even +# if you are the only one who can read the file. +# +# +# set imap_passive=yes +# +# Name: imap_passive +# Type: boolean +# Default: yes +# +# +# When set, mutt will not open new IMAP connections to check for new +# mail. Mutt will only check for new mail over existing IMAP +# connections. This is useful if you don't want to be prompted to +# user/password pairs on mutt invocation, or if opening the connection +# is slow. +# +# +# set imap_peek=yes +# +# Name: imap_peek +# Type: boolean +# Default: yes +# +# +# When set, mutt will avoid implicitly marking your mail as read whenever +# you fetch a message from the server. This is generally a good thing, +# but can make closing an IMAP folder somewhat slower. This option +# exists to appease speed freaks. +# +# +# set imap_pipeline_depth=15 +# +# Name: imap_pipeline_depth +# Type: number +# Default: 15 +# +# +# Controls the number of IMAP commands that may be queued up before they +# are sent to the server. A deeper pipeline reduces the amount of time +# mutt must wait for the server, and can make IMAP servers feel much +# more responsive. But not all servers correctly handle pipelined commands, +# so if you have problems you might want to try setting this variable to 0. +# +# Note: Changes to this variable have no effect on open connections. +# +# +# set imap_servernoise=yes +# +# Name: imap_servernoise +# Type: boolean +# Default: yes +# +# +# When set, mutt will display warning messages from the IMAP +# server as error messages. Since these messages are often +# harmless, or generated due to configuration problems on the +# server which are out of the users' hands, you may wish to suppress +# them at some point. +# +# +# set imap_user="" +# +# Name: imap_user +# Type: string +# Default: "" +# +# +# The name of the user whose mail you intend to access on the IMAP +# server. +# +# This variable defaults to your user name on the local machine. +# +# +# set implicit_autoview=no +# +# Name: implicit_autoview +# Type: boolean +# Default: no +# +# +# If set to ``yes'', mutt will look for a mailcap entry with the +# ``copiousoutput'' flag set for every MIME attachment it doesn't have +# an internal viewer defined for. If such an entry is found, mutt will +# use the viewer defined in that entry to convert the body part to text +# form. +# +# +# set include=ask-yes +# +# Name: include +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not a copy of the message(s) you are replying to +# is included in your reply. +# +# +# set include_onlyfirst=no +# +# Name: include_onlyfirst +# Type: boolean +# Default: no +# +# +# Controls whether or not Mutt includes only the first attachment +# of the message you are replying. +# +# +# set indent_string="> " +# +# Name: indent_string +# Type: string +# Default: "> " +# +# +# Specifies the string to prepend to each line of text quoted in a +# message to which you are replying. You are strongly encouraged not to +# change this value, as it tends to agitate the more fanatical netizens. +# +# The value of this option is ignored if $text_flowed is set, too because +# the quoting mechanism is strictly defined for format=flowed. +# +# This option is a format string, please see the description of +# $index_format for supported printf(3)-style sequences. +# +# +# set index_format="%4C %Z %{%b %d} %-15.15L (%?l?%4l&%4c?) %s" +# +# Name: index_format +# Type: string +# Default: "%4C %Z %{%b %d} %-15.15L (%?l?%4l&%4c?) %s" +# +# +# This variable allows you to customize the message index display to +# your personal taste. +# +# ``Format strings'' are similar to the strings used in the C +# function printf(3) to format output (see the man page for more details). +# The following sequences are defined in Mutt: +# %a address of the author +# %A reply-to address (if present; otherwise: address of author) +# %b filename of the original message folder (think mailbox) +# %B the list to which the letter was sent, or else the folder name (%b). +# %c number of characters (bytes) in the message +# %C current message number +# %d date and time of the message in the format specified by +# $date_format converted to sender's time zone +# %D date and time of the message in the format specified by +# $date_format converted to the local time zone +# %e current message number in thread +# %E number of messages in current thread +# %f sender (address + real name), either From: or Return-Path: +# %F author name, or recipient name if the message is from you +# %g newsgroup name (if compiled with nntp support) +# %H spam attribute(s) of this message +# %i message-id of the current message +# %l number of lines in the message (does not work with maildir, +# mh, and possibly IMAP folders) +# %L If an address in the ``To:'' or ``Cc:'' header field matches an address +# defined by the users ``subscribe'' command, this displays +# "To ", otherwise the same as %F. +# %m total number of message in the mailbox +# %M number of hidden messages if the thread is collapsed. +# %N message score +# %n author's real name (or address if missing) +# %O original save folder where mutt would formerly have +# stashed the message: list name or recipient name +# if not sent to a list +# %P progress indicator for the built-in pager (how much of the file has been displayed) +# %R ``x-comment-to:'' field (if present and compiled with nntp support) +# %s subject of the message +# %S status of the message (``N''/``D''/``d''/``!''/``r''/*) +# %t ``To:'' field (recipients) +# %T the appropriate character from the $to_chars string +# %u user (login) name of the author +# %v first name of the author, or the recipient if the message is from you +# %W name of organization of author (``organization:'' field) +# %X number of attachments +# (please see the ``attachments'' section for possible speed effects) +# %y ``X-Label:'' field, if present +# %Y ``X-Label:'' field, if present, and (1) not at part of a thread tree, +# (2) at the top of a thread, or (3) ``X-Label:'' is different from +# preceding message's ``X-Label:''. +# %Z message status flags +# %{fmt} the date and time of the message is converted to sender's +# time zone, and ``fmt'' is expanded by the library function +# strftime(3); a leading bang disables locales +# %[fmt] the date and time of the message is converted to the local +# time zone, and ``fmt'' is expanded by the library function +# strftime(3); a leading bang disables locales +# %(fmt) the local date and time when the message was received. +# ``fmt'' is expanded by the library function strftime(3); +# a leading bang disables locales +# % the current local time. ``fmt'' is expanded by the library +# function strftime(3); a leading bang disables locales. +# %>X right justify the rest of the string and pad with character ``X'' +# %|X pad to the end of the line with character ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# ``Soft-fill'' deserves some explanation: Normal right-justification +# will print everything to the left of the ``%>'', displaying padding and +# whatever lies to the right only if there's room. By contrast, +# soft-fill gives priority to the right-hand side, guaranteeing space +# to display it and showing padding only if there's still room. If +# necessary, soft-fill will eat text leftwards to make room for +# rightward text. +# +# Note that these expandos are supported in +# ``save-hook'', ``fcc-hook'' and ``fcc-save-hook'', too. +# +# +# set inews="" +# +# Name: inews +# Type: path +# Default: "" +# +# +# If set, specifies the program and arguments used to deliver news posted +# by Mutt. Otherwise, mutt posts article using current connection to +# news server. The following printf-style sequence is understood: +# +# %s newsserver name +# +# Example: set inews="/usr/local/bin/inews -hS" +# +# +# set ispell="ispell" +# +# Name: ispell +# Type: path +# Default: "ispell" +# +# +# How to invoke ispell (GNU's spell-checking software). +# +# +# set keep_flagged=no +# +# Name: keep_flagged +# Type: boolean +# Default: no +# +# +# If set, read messages marked as flagged will not be moved +# from your spool mailbox to your $mbox mailbox, or as a result of +# a ``mbox-hook'' command. +# +# +# set locale="C" +# +# Name: locale +# Type: string +# Default: "C" +# +# +# The locale used by strftime(3) to format dates. Legal values are +# the strings your system accepts for the locale environment variable $LC_TIME. +# +# +# set mail_check=5 +# +# Name: mail_check +# Type: number +# Default: 5 +# +# +# This variable configures how often (in seconds) mutt should look for +# new mail. Also see the $timeout variable. +# +# +# set mail_check_recent=yes +# +# Name: mail_check_recent +# Type: boolean +# Default: yes +# +# +# When set, Mutt will only notify you about new mail that has been received +# since the last time you opened the mailbox. When unset, Mutt will notify you +# if any new mail exists in the mailbox, regardless of whether you have visited it +# recently. +# +# When $mark_old is set, Mutt does not consider the mailbox to contain new +# mail if only old messages exist. +# +# +# set mailcap_path="" +# +# Name: mailcap_path +# Type: string +# Default: "" +# +# +# This variable specifies which files to consult when attempting to +# display MIME bodies not directly supported by Mutt. +# +# +# set mailcap_sanitize=yes +# +# Name: mailcap_sanitize +# Type: boolean +# Default: yes +# +# +# If set, mutt will restrict possible characters in mailcap % expandos +# to a well-defined set of safe characters. This is the safe setting, +# but we are not sure it doesn't break some more advanced MIME stuff. +# +# DON'T CHANGE THIS SETTING UNLESS YOU ARE REALLY SURE WHAT YOU ARE +# DOING! +# +# +# set maildir_header_cache_verify=yes +# +# Name: maildir_header_cache_verify +# Type: boolean +# Default: yes +# +# +# Check for Maildir unaware programs other than mutt having modified maildir +# files when the header cache is in use. This incurs one stat(2) per +# message every time the folder is opened (which can be very slow for NFS +# folders). +# +# +# set maildir_trash=no +# +# Name: maildir_trash +# Type: boolean +# Default: no +# +# +# If set, messages marked as deleted will be saved with the maildir +# trashed flag instead of unlinked. Note: this only applies +# to maildir-style mailboxes. Setting it will have no effect on other +# mailbox types. +# +# +# set mark_old=yes +# +# Name: mark_old +# Type: boolean +# Default: yes +# +# +# Controls whether or not mutt marks new unread +# messages as old if you exit a mailbox without reading them. +# With this option set, the next time you start mutt, the messages +# will show up with an ``O'' next to them in the index menu, +# indicating that they are old. +# +# +# set markers=yes +# +# Name: markers +# Type: boolean +# Default: yes +# +# +# Controls the display of wrapped lines in the internal pager. If set, a +# ``+'' marker is displayed at the beginning of wrapped lines. +# +# Also see the $smart_wrap variable. +# +# +# set mask="!^\\.[^.]" +# +# Name: mask +# Type: regular expression +# Default: "!^\\.[^.]" +# +# +# A regular expression used in the file browser, optionally preceded by +# the not operator ``!''. Only files whose names match this mask +# will be shown. The match is always case-sensitive. +# +# +# set mbox="~/mbox" +# +# Name: mbox +# Type: path +# Default: "~/mbox" +# +# +# This specifies the folder into which read mail in your $spoolfile +# folder will be appended. +# +# Also see the $move variable. +# +# +# set mbox_type=mbox +# +# Name: mbox_type +# Type: folder magic +# Default: mbox +# +# +# The default mailbox type used when creating new folders. May be any of +# ``mbox'', ``MMDF'', ``MH'' and ``Maildir''. This is overridden by the +# -m command-line option. +# +# +# set menu_context=0 +# +# Name: menu_context +# Type: number +# Default: 0 +# +# +# This variable controls the number of lines of context that are given +# when scrolling through menus. (Similar to $pager_context.) +# +# +# set menu_move_off=yes +# +# Name: menu_move_off +# Type: boolean +# Default: yes +# +# +# When unset, the bottom entry of menus will never scroll up past +# the bottom of the screen, unless there are less entries than lines. +# When set, the bottom entry may move off the bottom. +# +# +# set menu_scroll=no +# +# Name: menu_scroll +# Type: boolean +# Default: no +# +# +# When set, menus will be scrolled up or down one line when you +# attempt to move across a screen boundary. If unset, the screen +# is cleared and the next or previous page of the menu is displayed +# (useful for slow links to avoid many redraws). +# +# +# set message_cache_clean=no +# +# Name: message_cache_clean +# Type: boolean +# Default: no +# +# +# If set, mutt will clean out obsolete entries from the message cache when +# the mailbox is synchronized. You probably only want to set it +# every once in a while, since it can be a little slow +# (especially for large folders). +# +# +# set message_cachedir="" +# +# Name: message_cachedir +# Type: path +# Default: "" +# +# +# Set this to a directory and mutt will cache copies of messages from +# your IMAP and POP servers here. You are free to remove entries at any +# time. +# +# When setting this variable to a directory, mutt needs to fetch every +# remote message only once and can perform regular expression searches +# as fast as for local folders. +# +# Also see the $message_cache_clean variable. +# +# +# set message_format="%s" +# +# Name: message_format +# Type: string +# Default: "%s" +# +# +# This is the string displayed in the ``attachment'' menu for +# attachments of type message/rfc822. For a full listing of defined +# printf(3)-like sequences see the section on $index_format. +# +# +# set meta_key=no +# +# Name: meta_key +# Type: boolean +# Default: no +# +# +# If set, forces Mutt to interpret keystrokes with the high bit (bit 8) +# set as if the user had pressed the Esc key and whatever key remains +# after having the high bit removed. For example, if the key pressed +# has an ASCII value of 0xf8, then this is treated as if the user had +# pressed Esc then ``x''. This is because the result of removing the +# high bit from 0xf8 is 0x78, which is the ASCII character +# ``x''. +# +# +# set metoo=no +# +# Name: metoo +# Type: boolean +# Default: no +# +# +# If unset, Mutt will remove your address (see the ``alternates'' +# command) from the list of recipients when replying to a message. +# +# +# set mh_purge=no +# +# Name: mh_purge +# Type: boolean +# Default: no +# +# +# When unset, mutt will mimic mh's behavior and rename deleted messages +# to , in mh folders instead of really deleting +# them. This leaves the message on disk but makes programs reading the folder +# ignore it. If the variable is set, the message files will simply be +# deleted. +# +# This option is similar to $maildir_trash for Maildir folders. +# +# +# set mh_seq_flagged="flagged" +# +# Name: mh_seq_flagged +# Type: string +# Default: "flagged" +# +# +# The name of the MH sequence used for flagged messages. +# +# +# set mh_seq_replied="replied" +# +# Name: mh_seq_replied +# Type: string +# Default: "replied" +# +# +# The name of the MH sequence used to tag replied messages. +# +# +# set mh_seq_unseen="unseen" +# +# Name: mh_seq_unseen +# Type: string +# Default: "unseen" +# +# +# The name of the MH sequence used for unseen messages. +# +# +# set mime_forward=no +# +# Name: mime_forward +# Type: quadoption +# Default: no +# +# +# When set, the message you are forwarding will be attached as a +# separate message/rfc822 MIME part instead of included in the main body of the +# message. This is useful for forwarding MIME messages so the receiver +# can properly view the message as it was delivered to you. If you like +# to switch between MIME and not MIME from mail to mail, set this +# variable to ``ask-no'' or ``ask-yes''. +# +# Also see $forward_decode and $mime_forward_decode. +# +# +# set mime_forward_decode=no +# +# Name: mime_forward_decode +# Type: boolean +# Default: no +# +# +# Controls the decoding of complex MIME messages into text/plain when +# forwarding a message while $mime_forward is set. Otherwise +# $forward_decode is used instead. +# +# +# set mime_forward_rest=yes +# +# Name: mime_forward_rest +# Type: quadoption +# Default: yes +# +# +# When forwarding multiple attachments of a MIME message from the attachment +# menu, attachments which cannot be decoded in a reasonable manner will +# be attached to the newly composed message if this option is set. +# +# +# set mime_subject=yes +# +# Name: mime_subject +# Type: boolean +# Default: yes +# +# +# If unset, 8-bit ``subject:'' line in article header will not be +# encoded according to RFC2047 to base64. This is useful when message +# is Usenet article, because MIME for news is nonstandard feature. +# +# +# set mix_entry_format="%4n %c %-16s %a" +# +# Name: mix_entry_format +# Type: string +# Default: "%4n %c %-16s %a" +# +# +# This variable describes the format of a remailer line on the mixmaster +# chain selection screen. The following printf(3)-like sequences are +# supported: +# %n The running number on the menu. +# %c Remailer capabilities. +# %s The remailer's short name. +# %a The remailer's e-mail address. +# +# +# set mixmaster="mixmaster" +# +# Name: mixmaster +# Type: path +# Default: "mixmaster" +# +# +# This variable contains the path to the Mixmaster binary on your +# system. It is used with various sets of parameters to gather the +# list of known remailers, and to finally send a message through the +# mixmaster chain. +# +# +# set move=no +# +# Name: move +# Type: quadoption +# Default: no +# +# +# Controls whether or not Mutt will move read messages +# from your spool mailbox to your $mbox mailbox, or as a result of +# a ``mbox-hook'' command. +# +# +# set narrow_tree=no +# +# Name: narrow_tree +# Type: boolean +# Default: no +# +# +# This variable, when set, makes the thread tree narrower, allowing +# deeper threads to fit on the screen. +# +# +# set net_inc=10 +# +# Name: net_inc +# Type: number +# Default: 10 +# +# +# Operations that expect to transfer a large amount of data over the +# network will update their progress every $net_inc kilobytes. +# If set to 0, no progress messages will be displayed. +# +# See also $read_inc, $write_inc and $net_inc. +# +# +# set news_cache_dir="~/.mutt" +# +# Name: news_cache_dir +# Type: path +# Default: "~/.mutt" +# +# +# This variable pointing to directory where Mutt will save cached news +# articles headers in. If unset, headers will not be saved at all +# and will be reloaded each time when you enter to newsgroup. +# +# +# set news_server="" +# +# Name: news_server +# Type: string +# Default: "" +# +# +# This variable specifies domain name or address of NNTP server. It +# defaults to the newsserver specified in the environment variable +# $NNTPSERVER or contained in the file /etc/nntpserver. You can also +# specify username and an alternative port for each newsserver, ie: +# +# [news[s]://][username[:password]@]newsserver[:port] +# +# +# set newsrc="~/.newsrc" +# +# Name: newsrc +# Type: path +# Default: "~/.newsrc" +# +# +# The file, containing info about subscribed newsgroups - names and +# indexes of read articles. The following printf-style sequence +# is understood: +# +# %s newsserver name +# +# +# set nntp_context=1000 +# +# Name: nntp_context +# Type: number +# Default: 1000 +# +# +# This variable defines number of articles which will be in index when +# newsgroup entered. If active newsgroup have more articles than this +# number, oldest articles will be ignored. Also controls how many +# articles headers will be saved in cache when you quit newsgroup. +# +# +# set nntp_load_description=yes +# +# Name: nntp_load_description +# Type: boolean +# Default: yes +# +# +# This variable controls whether or not descriptions for each newsgroup +# must be loaded when newsgroup is added to list (first time list +# loading or new newsgroup adding). +# +# +# set nntp_user="" +# +# Name: nntp_user +# Type: string +# Default: "" +# +# +# Your login name on the NNTP server. If unset and NNTP server requires +# authentification, Mutt will prompt you for your account name when you +# connect to newsserver. +# +# +# set nntp_pass="" +# +# Name: nntp_pass +# Type: string +# Default: "" +# +# +# Your password for NNTP account. +# +# +# set nntp_poll=60 +# +# Name: nntp_poll +# Type: number +# Default: 60 +# +# +# The time in seconds until any operations on newsgroup except post new +# article will cause recheck for new news. If set to 0, Mutt will +# recheck newsgroup on each operation in index (stepping, read article, +# etc.). +# +# +# set nntp_reconnect=ask-yes +# +# Name: nntp_reconnect +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not Mutt will try to reconnect to newsserver when +# connection lost. +# +# +# set pager="builtin" +# +# Name: pager +# Type: path +# Default: "builtin" +# +# +# This variable specifies which pager you would like to use to view +# messages. The value ``builtin'' means to use the built-in pager, otherwise this +# variable should specify the pathname of the external pager you would +# like to use. +# +# Using an external pager may have some disadvantages: Additional +# keystrokes are necessary because you can't call mutt functions +# directly from the pager, and screen resizes cause lines longer than +# the screen width to be badly formatted in the help menu. +# +# +# set pager_context=0 +# +# Name: pager_context +# Type: number +# Default: 0 +# +# +# This variable controls the number of lines of context that are given +# when displaying the next or previous page in the internal pager. By +# default, Mutt will display the line after the last one on the screen +# at the top of the next page (0 lines of context). +# +# This variable also specifies the amount of context given for search +# results. If positive, this many lines will be given before a match, +# if 0, the match will be top-aligned. +# +# +# set pager_format="-%Z- %C/%m: %-20.20n %s%* -- (%P)" +# +# Name: pager_format +# Type: string +# Default: "-%Z- %C/%m: %-20.20n %s%* -- (%P)" +# +# +# This variable controls the format of the one-line message ``status'' +# displayed before each message in either the internal or an external +# pager. The valid sequences are listed in the $index_format +# section. +# +# +# set pager_index_lines=0 +# +# Name: pager_index_lines +# Type: number +# Default: 0 +# +# +# Determines the number of lines of a mini-index which is shown when in +# the pager. The current message, unless near the top or bottom of the +# folder, will be roughly one third of the way down this mini-index, +# giving the reader the context of a few messages before and after the +# message. This is useful, for example, to determine how many messages +# remain to be read in the current thread. One of the lines is reserved +# for the status bar from the index, so a setting of 6 +# will only show 5 lines of the actual index. A value of 0 results in +# no index being shown. If the number of messages in the current folder +# is less than $pager_index_lines, then the index will only use as +# many lines as it needs. +# +# +# set pager_stop=no +# +# Name: pager_stop +# Type: boolean +# Default: no +# +# +# When set, the internal-pager will not move to the next message +# when you are at the end of a message and invoke the +# function. +# +# +# set pgp_auto_decode=no +# +# Name: pgp_auto_decode +# Type: boolean +# Default: no +# +# +# If set, mutt will automatically attempt to decrypt traditional PGP +# messages whenever the user performs an operation which ordinarily would +# result in the contents of the message being operated on. For example, +# if the user displays a pgp-traditional message which has not been manually +# checked with the function, mutt will automatically +# check the message for traditional pgp. +# +# +# set pgp_autoinline=no +# +# Name: pgp_autoinline +# Type: boolean +# Default: no +# +# +# This option controls whether Mutt generates old-style inline +# (traditional) PGP encrypted or signed messages under certain +# circumstances. This can be overridden by use of the pgp menu, +# when inline is not required. +# +# Note that Mutt might automatically use PGP/MIME for messages +# which consist of more than a single MIME part. Mutt can be +# configured to ask before sending PGP/MIME messages when inline +# (traditional) would not work. +# +# Also see the $pgp_mime_auto variable. +# +# Also note that using the old-style PGP message format is strongly +# deprecated. +# (PGP only) +# +# +# set pgp_check_exit=yes +# +# Name: pgp_check_exit +# Type: boolean +# Default: yes +# +# +# If set, mutt will check the exit code of the PGP subprocess when +# signing or encrypting. A non-zero exit code means that the +# subprocess failed. +# (PGP only) +# +# +# set pgp_clearsign_command="" +# +# Name: pgp_clearsign_command +# Type: string +# Default: "" +# +# +# This format is used to create an old-style ``clearsigned'' PGP +# message. Note that the use of this format is strongly +# deprecated. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_decode_command="" +# +# Name: pgp_decode_command +# Type: string +# Default: "" +# +# +# This format strings specifies a command which is used to decode +# application/pgp attachments. +# +# The PGP command formats have their own set of printf(3)-like sequences: +# %p Expands to PGPPASSFD=0 when a pass phrase is needed, to an empty +# string otherwise. Note: This may be used with a %? construct. +# %f Expands to the name of a file containing a message. +# %s Expands to the name of a file containing the signature part +# of a multipart/signed attachment when verifying it. +# %a The value of $pgp_sign_as. +# %r One or more key IDs. +# +# +# For examples on how to configure these formats for the various versions +# of PGP which are floating around, see the pgp and gpg sample configuration files in +# the samples/ subdirectory which has been installed on your system +# alongside the documentation. +# (PGP only) +# +# +# set pgp_decrypt_command="" +# +# Name: pgp_decrypt_command +# Type: string +# Default: "" +# +# +# This command is used to decrypt a PGP encrypted message. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_encrypt_only_command="" +# +# Name: pgp_encrypt_only_command +# Type: string +# Default: "" +# +# +# This command is used to encrypt a body part without signing it. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_encrypt_sign_command="" +# +# Name: pgp_encrypt_sign_command +# Type: string +# Default: "" +# +# +# This command is used to both sign and encrypt a body part. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_entry_format="%4n %t%f %4l/0x%k %-4a %2c %u" +# +# Name: pgp_entry_format +# Type: string +# Default: "%4n %t%f %4l/0x%k %-4a %2c %u" +# +# +# This variable allows you to customize the PGP key selection menu to +# your personal taste. This string is similar to $index_format, but +# has its own set of printf(3)-like sequences: +# %n number +# %k key id +# %u user id +# %a algorithm +# %l key length +# %f flags +# %c capabilities +# %t trust/validity of the key-uid association +# %[] date of the key where is an strftime(3) expression +# +# +# (PGP only) +# +# +# set pgp_export_command="" +# +# Name: pgp_export_command +# Type: string +# Default: "" +# +# +# This command is used to export a public key from the user's +# key ring. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_getkeys_command="" +# +# Name: pgp_getkeys_command +# Type: string +# Default: "" +# +# +# This command is invoked whenever mutt will need public key information. +# Of the sequences supported by $pgp_decode_command, %r is the only +# printf(3)-like sequence used with this format. +# (PGP only) +# +# +# set pgp_good_sign="" +# +# Name: pgp_good_sign +# Type: regular expression +# Default: "" +# +# +# If you assign a text to this variable, then a PGP signature is only +# considered verified if the output from $pgp_verify_command contains +# the text. Use this variable if the exit code from the command is 0 +# even for bad signatures. +# (PGP only) +# +# +# set pgp_ignore_subkeys=yes +# +# Name: pgp_ignore_subkeys +# Type: boolean +# Default: yes +# +# +# Setting this variable will cause Mutt to ignore OpenPGP subkeys. Instead, +# the principal key will inherit the subkeys' capabilities. Unset this +# if you want to play interesting key selection games. +# (PGP only) +# +# +# set pgp_import_command="" +# +# Name: pgp_import_command +# Type: string +# Default: "" +# +# +# This command is used to import a key from a message into +# the user's public key ring. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_list_pubring_command="" +# +# Name: pgp_list_pubring_command +# Type: string +# Default: "" +# +# +# This command is used to list the public key ring's contents. The +# output format must be analogous to the one used by +# gpg --list-keys --with-colons. +# +# This format is also generated by the pgpring utility which comes +# with mutt. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_list_secring_command="" +# +# Name: pgp_list_secring_command +# Type: string +# Default: "" +# +# +# This command is used to list the secret key ring's contents. The +# output format must be analogous to the one used by: +# gpg --list-keys --with-colons. +# +# This format is also generated by the pgpring utility which comes +# with mutt. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_long_ids=no +# +# Name: pgp_long_ids +# Type: boolean +# Default: no +# +# +# If set, use 64 bit PGP key IDs, if unset use the normal 32 bit key IDs. +# (PGP only) +# +# +# set pgp_mime_auto=ask-yes +# +# Name: pgp_mime_auto +# Type: quadoption +# Default: ask-yes +# +# +# This option controls whether Mutt will prompt you for +# automatically sending a (signed/encrypted) message using +# PGP/MIME when inline (traditional) fails (for any reason). +# +# Also note that using the old-style PGP message format is strongly +# deprecated. +# (PGP only) +# +# +# set pgp_replyinline=no +# +# Name: pgp_replyinline +# Type: boolean +# Default: no +# +# +# Setting this variable will cause Mutt to always attempt to +# create an inline (traditional) message when replying to a +# message which is PGP encrypted/signed inline. This can be +# overridden by use of the pgp menu, when inline is not +# required. This option does not automatically detect if the +# (replied-to) message is inline; instead it relies on Mutt +# internals for previously checked/flagged messages. +# +# Note that Mutt might automatically use PGP/MIME for messages +# which consist of more than a single MIME part. Mutt can be +# configured to ask before sending PGP/MIME messages when inline +# (traditional) would not work. +# +# Also see the $pgp_mime_auto variable. +# +# Also note that using the old-style PGP message format is strongly +# deprecated. +# (PGP only) +# +# +# set pgp_retainable_sigs=no +# +# Name: pgp_retainable_sigs +# Type: boolean +# Default: no +# +# +# If set, signed and encrypted messages will consist of nested +# multipart/signed and multipart/encrypted body parts. +# +# This is useful for applications like encrypted and signed mailing +# lists, where the outer layer (multipart/encrypted) can be easily +# removed, while the inner multipart/signed part is retained. +# (PGP only) +# +# +# set pgp_show_unusable=yes +# +# Name: pgp_show_unusable +# Type: boolean +# Default: yes +# +# +# If set, mutt will display non-usable keys on the PGP key selection +# menu. This includes keys which have been revoked, have expired, or +# have been marked as ``disabled'' by the user. +# (PGP only) +# +# +# set pgp_sign_as="" +# +# Name: pgp_sign_as +# Type: string +# Default: "" +# +# +# If you have more than one key pair, this option allows you to specify +# which of your private keys to use. It is recommended that you use the +# keyid form to specify your key (e.g. 0x00112233). +# (PGP only) +# +# +# set pgp_sign_command="" +# +# Name: pgp_sign_command +# Type: string +# Default: "" +# +# +# This command is used to create the detached PGP signature for a +# multipart/signed PGP/MIME body part. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_sort_keys=address +# +# Name: pgp_sort_keys +# Type: sort order +# Default: address +# +# +# Specifies how the entries in the pgp menu are sorted. The +# following are legal values: +# address sort alphabetically by user id +# keyid sort alphabetically by key id +# date sort by key creation date +# trust sort by the trust of the key +# +# +# If you prefer reverse order of the above values, prefix it with +# ``reverse-''. +# (PGP only) +# +# +# set pgp_strict_enc=yes +# +# Name: pgp_strict_enc +# Type: boolean +# Default: yes +# +# +# If set, Mutt will automatically encode PGP/MIME signed messages as +# quoted-printable. Please note that unsetting this variable may +# lead to problems with non-verifyable PGP signatures, so only change +# this if you know what you are doing. +# (PGP only) +# +# +# set pgp_timeout=300 +# +# Name: pgp_timeout +# Type: number +# Default: 300 +# +# +# The number of seconds after which a cached passphrase will expire if +# not used. +# (PGP only) +# +# +# set sidebar_delim="|" +# +# Name: sidebar_delim +# Type: string +# Default: "|" +# +# +# This specifies the delimiter between the sidebar (if visible) and +# other screens. +# +# +# set sidebar_visible=no +# +# Name: sidebar_visible +# Type: boolean +# Default: no +# +# +# This specifies whether or not to show sidebar (left-side list of folders). +# +# +# set sidebar_width=0 +# +# Name: sidebar_width +# Type: number +# Default: 0 +# +# +# The width of the sidebar. +# +# +# set pgp_use_gpg_agent=no +# +# Name: pgp_use_gpg_agent +# Type: boolean +# Default: no +# +# +# If set, mutt will use a possibly-running gpg-agent(1) process. +# (PGP only) +# +# +# set pgp_verify_command="" +# +# Name: pgp_verify_command +# Type: string +# Default: "" +# +# +# This command is used to verify PGP signatures. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pgp_verify_key_command="" +# +# Name: pgp_verify_key_command +# Type: string +# Default: "" +# +# +# This command is used to verify key information from the key selection +# menu. +# +# This is a format string, see the $pgp_decode_command command for +# possible printf(3)-like sequences. +# (PGP only) +# +# +# set pipe_decode=no +# +# Name: pipe_decode +# Type: boolean +# Default: no +# +# +# Used in connection with the command. When unset, +# Mutt will pipe the messages without any preprocessing. When set, Mutt +# will weed headers and will attempt to decode the messages +# first. +# +# +# set pipe_sep="\n" +# +# Name: pipe_sep +# Type: string +# Default: "\n" +# +# +# The separator to add between messages when piping a list of tagged +# messages to an external Unix command. +# +# +# set pipe_split=no +# +# Name: pipe_split +# Type: boolean +# Default: no +# +# +# Used in connection with the function following +# . If this variable is unset, when piping a list of +# tagged messages Mutt will concatenate the messages and will pipe them +# all concatenated. When set, Mutt will pipe the messages one by one. +# In both cases the messages are piped in the current sorted order, +# and the $pipe_sep separator is added after each message. +# +# +# set pop_auth_try_all=yes +# +# Name: pop_auth_try_all +# Type: boolean +# Default: yes +# +# +# If set, Mutt will try all available authentication methods. +# When unset, Mutt will only fall back to other authentication +# methods if the previous methods are unavailable. If a method is +# available but authentication fails, Mutt will not connect to the POP server. +# +# +# set pop_authenticators="" +# +# Name: pop_authenticators +# Type: string +# Default: "" +# +# +# This is a colon-delimited list of authentication methods mutt may +# attempt to use to log in to an POP server, in the order mutt should +# try them. Authentication methods are either ``user'', ``apop'' or any +# SASL mechanism, e.g. ``digest-md5'', ``gssapi'' or ``cram-md5''. +# This option is case-insensitive. If this option is unset +# (the default) mutt will try all available methods, in order from +# most-secure to least-secure. +# +# Example: +# set pop_authenticators="digest-md5:apop:user" +# +# +# set pop_checkinterval=60 +# +# Name: pop_checkinterval +# Type: number +# Default: 60 +# +# +# This variable configures how often (in seconds) mutt should look for +# new mail in the currently selected mailbox if it is a POP mailbox. +# +# +# set pop_delete=ask-no +# +# Name: pop_delete +# Type: quadoption +# Default: ask-no +# +# +# If set, Mutt will delete successfully downloaded messages from the POP +# server when using the function. When unset, Mutt will +# download messages but also leave them on the POP server. +# +# +# set pop_host="" +# +# Name: pop_host +# Type: string +# Default: "" +# +# +# The name of your POP server for the function. You +# can also specify an alternative port, username and password, i.e.: +# [pop[s]://][username[:password]@]popserver[:port] +# +# where ``[...]'' denotes an optional part. +# +# +# set pop_last=no +# +# Name: pop_last +# Type: boolean +# Default: no +# +# +# If this variable is set, mutt will try to use the ``LAST'' POP command +# for retrieving only unread messages from the POP server when using +# the function. +# +# +# set pop_pass="" +# +# Name: pop_pass +# Type: string +# Default: "" +# +# +# Specifies the password for your POP account. If unset, Mutt will +# prompt you for your password when you open a POP mailbox. +# +# Warning: you should only use this option when you are on a +# fairly secure machine, because the superuser can read your muttrc +# even if you are the only one who can read the file. +# +# +# set pop_reconnect=ask-yes +# +# Name: pop_reconnect +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not Mutt will try to reconnect to the POP server if +# the connection is lost. +# +# +# set pop_user="" +# +# Name: pop_user +# Type: string +# Default: "" +# +# +# Your login name on the POP server. +# +# This variable defaults to your user name on the local machine. +# +# +# set post_indent_string="" +# +# Name: post_indent_string +# Type: string +# Default: "" +# +# +# Similar to the $attribution variable, Mutt will append this +# string after the inclusion of a message which is being replied to. +# +# +# set post_moderated=ask-yes +# +# Name: post_moderated +# Type: quadoption +# Default: ask-yes +# +# +# If set to yes, Mutt will post article to newsgroup that have +# not permissions to posting (e.g. moderated). Note: if newsserver +# does not support posting to that newsgroup or totally read-only, that +# posting will not have an effect. +# +# +# set postpone=ask-yes +# +# Name: postpone +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not messages are saved in the $postponed +# mailbox when you elect not to send immediately. +# +# Also see the $recall variable. +# +# +# set postponed="~/postponed" +# +# Name: postponed +# Type: path +# Default: "~/postponed" +# +# +# Mutt allows you to indefinitely ``postpone sending a message'' which +# you are editing. When you choose to postpone a message, Mutt saves it +# in the mailbox specified by this variable. +# +# Also see the $postpone variable. +# +# +# set preconnect="" +# +# Name: preconnect +# Type: string +# Default: "" +# +# +# If set, a shell command to be executed if mutt fails to establish +# a connection to the server. This is useful for setting up secure +# connections, e.g. with ssh(1). If the command returns a nonzero +# status, mutt gives up opening the server. Example: +# set preconnect="ssh -f -q -L 1234:mailhost.net:143 mailhost.net \ +# sleep 20 < /dev/null > /dev/null" +# +# Mailbox ``foo'' on ``mailhost.net'' can now be reached +# as ``{localhost:1234}foo''. +# +# Note: For this example to work, you must be able to log in to the +# remote machine without having to enter a password. +# +# +# set print=ask-no +# +# Name: print +# Type: quadoption +# Default: ask-no +# +# +# Controls whether or not Mutt really prints messages. +# This is set to ``ask-no'' by default, because some people +# accidentally hit ``p'' often. +# +# +# set print_command="lpr" +# +# Name: print_command +# Type: path +# Default: "lpr" +# +# +# This specifies the command pipe that should be used to print messages. +# +# +# set print_decode=yes +# +# Name: print_decode +# Type: boolean +# Default: yes +# +# +# Used in connection with the command. If this +# option is set, the message is decoded before it is passed to the +# external command specified by $print_command. If this option +# is unset, no processing will be applied to the message when +# printing it. The latter setting may be useful if you are using +# some advanced printer filter which is able to properly format +# e-mail messages for printing. +# +# +# set print_split=no +# +# Name: print_split +# Type: boolean +# Default: no +# +# +# Used in connection with the command. If this option +# is set, the command specified by $print_command is executed once for +# each message which is to be printed. If this option is unset, +# the command specified by $print_command is executed only once, and +# all the messages are concatenated, with a form feed as the message +# separator. +# +# Those who use the enscript(1) program's mail-printing mode will +# most likely want to set this option. +# +# +# set prompt_after=yes +# +# Name: prompt_after +# Type: boolean +# Default: yes +# +# +# If you use an external $pager, setting this variable will +# cause Mutt to prompt you for a command when the pager exits rather +# than returning to the index menu. If unset, Mutt will return to the +# index menu when the external pager exits. +# +# +# set query_command="" +# +# Name: query_command +# Type: path +# Default: "" +# +# +# This specifies the command Mutt will use to make external address +# queries. The string may contain a ``%s'', which will be substituted +# with the query string the user types. Mutt will add quotes around the +# string substituted for ``%s'' automatically according to shell quoting +# rules, so you should avoid adding your own. If no ``%s'' is found in +# the string, Mutt will append the user's query to the end of the string. +# See ``query'' for more information. +# +# +# set query_format="%4c %t %-25.25a %-25.25n %?e?(%e)?" +# +# Name: query_format +# Type: string +# Default: "%4c %t %-25.25a %-25.25n %?e?(%e)?" +# +# +# This variable describes the format of the ``query'' menu. The +# following printf(3)-style sequences are understood: +# %a destination address +# %c current entry number +# %e extra information * +# %n destination name +# %t ``*'' if current entry is tagged, a space otherwise +# %>X right justify the rest of the string and pad with ``X'' +# %|X pad to the end of the line with ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# For an explanation of ``soft-fill'', see the $index_format documentation. +# +# * = can be optionally printed if nonzero, see the $status_format documentation. +# +# +# set quit=yes +# +# Name: quit +# Type: quadoption +# Default: yes +# +# +# This variable controls whether ``quit'' and ``exit'' actually quit +# from mutt. If this option is set, they do quit, if it is unset, they +# have no effect, and if it is set to ask-yes or ask-no, you are +# prompted for confirmation when you try to quit. +# +# +# set quote_empty=yes +# +# Name: quote_empty +# Type: boolean +# Default: yes +# +# +# Controls whether or not empty lines will be quoted using +# ``indent_string''. +# +# +# set quote_quoted=no +# +# Name: quote_quoted +# Type: boolean +# Default: no +# +# +# Controls how quoted lines will be quoted. If set, one quote +# character will be added to the end of existing prefix. Otherwise, +# quoted lines will be prepended by ``indent_string''. +# +# +# set quote_regexp="^([ \t]*[|>:}#])+" +# +# Name: quote_regexp +# Type: regular expression +# Default: "^([ \t]*[|>:}#])+" +# +# +# A regular expression used in the internal pager to determine quoted +# sections of text in the body of a message. Quoted text may be filtered +# out using the command, or colored according to the +# ``color quoted'' family of directives. +# +# Higher levels of quoting may be colored differently (``color quoted1'', +# ``color quoted2'', etc.). The quoting level is determined by removing +# the last character from the matched text and recursively reapplying +# the regular expression until it fails to produce a match. +# +# Match detection may be overridden by the $smileys regular expression. +# +# +# set read_inc=10 +# +# Name: read_inc +# Type: number +# Default: 10 +# +# +# If set to a value greater than 0, Mutt will display which message it +# is currently on when reading a mailbox or when performing search actions +# such as search and limit. The message is printed after +# this many messages have been read or searched (e.g., if set to 25, Mutt will +# print a message when it is at message 25, and then again when it gets +# to message 50). This variable is meant to indicate progress when +# reading or searching large mailboxes which may take some time. +# When set to 0, only a single message will appear before the reading +# the mailbox. +# +# Also see the $write_inc, $net_inc and $time_inc variables and the +# ``tuning'' section of the manual for performance considerations. +# +# +# set read_only=no +# +# Name: read_only +# Type: boolean +# Default: no +# +# +# If set, all folders are opened in read-only mode. +# +# +# set realname="" +# +# Name: realname +# Type: string +# Default: "" +# +# +# This variable specifies what ``real'' or ``personal'' name should be used +# when sending messages. +# +# By default, this is the GECOS field from /etc/passwd. Note that this +# variable will not be used when the user has set a real name +# in the $from variable. +# +# +# set recall=ask-yes +# +# Name: recall +# Type: quadoption +# Default: ask-yes +# +# +# Controls whether or not Mutt recalls postponed messages +# when composing a new message. +# +# Setting this variable to is not generally useful, and thus not +# recommended. +# +# Also see $postponed variable. +# +# +# set record="~/sent" +# +# Name: record +# Type: path +# Default: "~/sent" +# +# +# This specifies the file into which your outgoing messages should be +# appended. (This is meant as the primary method for saving a copy of +# your messages, but another way to do this is using the ``my_hdr'' +# command to create a ``Bcc:'' field with your email address in it.) +# +# The value of $record is overridden by the $force_name and +# $save_name variables, and the ``fcc-hook'' command. +# +# +# set reply_regexp="^(re([\\[0-9\\]+])*|aw):[ \t]*" +# +# Name: reply_regexp +# Type: regular expression +# Default: "^(re([\\[0-9\\]+])*|aw):[ \t]*" +# +# +# A regular expression used to recognize reply messages when threading +# and replying. The default value corresponds to the English "Re:" and +# the German "Aw:". +# +# +# set reply_self=no +# +# Name: reply_self +# Type: boolean +# Default: no +# +# +# If unset and you are replying to a message sent by you, Mutt will +# assume that you want to reply to the recipients of that message rather +# than to yourself. +# +# Also see the ``alternates'' command. +# +# +# set reply_to=ask-yes +# +# Name: reply_to +# Type: quadoption +# Default: ask-yes +# +# +# If set, when replying to a message, Mutt will use the address listed +# in the Reply-to: header as the recipient of the reply. If unset, +# it will use the address in the From: header field instead. This +# option is useful for reading a mailing list that sets the Reply-To: +# header field to the list address and you want to send a private +# message to the author of a message. +# +# +# set resolve=yes +# +# Name: resolve +# Type: boolean +# Default: yes +# +# +# When set, the cursor will be automatically advanced to the next +# (possibly undeleted) message whenever a command that modifies the +# current message is executed. +# +# +# set reverse_alias=no +# +# Name: reverse_alias +# Type: boolean +# Default: no +# +# +# This variable controls whether or not Mutt will display the ``personal'' +# name from your aliases in the index menu if it finds an alias that +# matches the message's sender. For example, if you have the following +# alias: +# alias juser abd30425@somewhere.net (Joe User) +# +# and then you receive mail which contains the following header: +# From: abd30425@somewhere.net +# +# It would be displayed in the index menu as ``Joe User'' instead of +# ``abd30425@somewhere.net.'' This is useful when the person's e-mail +# address is not human friendly. +# +# +# set reverse_name=no +# +# Name: reverse_name +# Type: boolean +# Default: no +# +# +# It may sometimes arrive that you receive mail to a certain machine, +# move the messages to another machine, and reply to some the messages +# from there. If this variable is set, the default From: line of +# the reply messages is built using the address where you received the +# messages you are replying to if that address matches your +# ``alternates''. If the variable is unset, or the address that would be +# used doesn't match your ``alternates'', the From: line will use +# your address on the current machine. +# +# Also see the ``alternates'' command. +# +# +# set reverse_realname=yes +# +# Name: reverse_realname +# Type: boolean +# Default: yes +# +# +# This variable fine-tunes the behavior of the $reverse_name feature. +# When it is set, mutt will use the address from incoming messages as-is, +# possibly including eventual real names. When it is unset, mutt will +# override any such real names with the setting of the $realname variable. +# +# +# set rfc2047_parameters=no +# +# Name: rfc2047_parameters +# Type: boolean +# Default: no +# +# +# When this variable is set, Mutt will decode RFC2047-encoded MIME +# parameters. You want to set this variable when mutt suggests you +# to save attachments to files named like: +# =?iso-8859-1?Q?file=5F=E4=5F991116=2Ezip?= +# +# When this variable is set interactively, the change won't be +# active until you change folders. +# +# Note that this use of RFC2047's encoding is explicitly +# prohibited by the standard, but nevertheless encountered in the +# wild. +# +# Also note that setting this parameter will not have the effect +# that mutt generates this kind of encoding. Instead, mutt will +# unconditionally use the encoding specified in RFC2231. +# +# +# set save_address=no +# +# Name: save_address +# Type: boolean +# Default: no +# +# +# If set, mutt will take the sender's full address when choosing a +# default folder for saving a mail. If $save_name or $force_name +# is set too, the selection of the Fcc folder will be changed as well. +# +# +# set save_empty=yes +# +# Name: save_empty +# Type: boolean +# Default: yes +# +# +# When unset, mailboxes which contain no saved messages will be removed +# when closed (the exception is $spoolfile which is never removed). +# If set, mailboxes are never removed. +# +# Note: This only applies to mbox and MMDF folders, Mutt does not +# delete MH and Maildir directories. +# +# +# set save_history=0 +# +# Name: save_history +# Type: number +# Default: 0 +# +# +# This variable controls the size of the history (per category) saved in the +# $history_file file. +# +# +# set save_name=no +# +# Name: save_name +# Type: boolean +# Default: no +# +# +# This variable controls how copies of outgoing messages are saved. +# When set, a check is made to see if a mailbox specified by the +# recipient address exists (this is done by searching for a mailbox in +# the $folder directory with the username part of the +# recipient address). If the mailbox exists, the outgoing message will +# be saved to that mailbox, otherwise the message is saved to the +# $record mailbox. +# +# Also see the $force_name variable. +# +# +# set score=yes +# +# Name: score +# Type: boolean +# Default: yes +# +# +# When this variable is unset, scoring is turned off. This can +# be useful to selectively disable scoring for certain folders when the +# $score_threshold_delete variable and related are used. +# +# +# set score_threshold_delete=-1 +# +# Name: score_threshold_delete +# Type: number +# Default: -1 +# +# +# Messages which have been assigned a score equal to or lower than the value +# of this variable are automatically marked for deletion by mutt. Since +# mutt scores are always greater than or equal to zero, the default setting +# of this variable will never mark a message for deletion. +# +# +# set score_threshold_flag=9999 +# +# Name: score_threshold_flag +# Type: number +# Default: 9999 +# +# +# Messages which have been assigned a score greater than or equal to this +# variable's value are automatically marked "flagged". +# +# +# set score_threshold_read=-1 +# +# Name: score_threshold_read +# Type: number +# Default: -1 +# +# +# Messages which have been assigned a score equal to or lower than the value +# of this variable are automatically marked as read by mutt. Since +# mutt scores are always greater than or equal to zero, the default setting +# of this variable will never mark a message read. +# +# +# set search_context=0 +# +# Name: search_context +# Type: number +# Default: 0 +# +# +# For the pager, this variable specifies the number of lines shown +# before search results. By default, search results will be top-aligned. +# +# +# set send_charset="us-ascii:iso-8859-1:utf-8" +# +# Name: send_charset +# Type: string +# Default: "us-ascii:iso-8859-1:utf-8" +# +# +# A colon-delimited list of character sets for outgoing messages. Mutt will use the +# first character set into which the text can be converted exactly. +# If your $charset is not ``iso-8859-1'' and recipients may not +# understand ``UTF-8'', it is advisable to include in the list an +# appropriate widely used standard character set (such as +# ``iso-8859-2'', ``koi8-r'' or ``iso-2022-jp'') either instead of or after +# ``iso-8859-1''. +# +# In case the text cannot be converted into one of these exactly, +# mutt uses $charset as a fallback. +# +# +# set sendmail="/usr/sbin/sendmail -oem -oi" +# +# Name: sendmail +# Type: path +# Default: "/usr/sbin/sendmail -oem -oi" +# +# +# Specifies the program and arguments used to deliver mail sent by Mutt. +# Mutt expects that the specified program interprets additional +# arguments as recipient addresses. +# +# +# set sendmail_wait=0 +# +# Name: sendmail_wait +# Type: number +# Default: 0 +# +# +# Specifies the number of seconds to wait for the $sendmail process +# to finish before giving up and putting delivery in the background. +# +# Mutt interprets the value of this variable as follows: +# >0 number of seconds to wait for sendmail to finish before continuing +# 0 wait forever for sendmail to finish +# <0 always put sendmail in the background without waiting +# +# +# Note that if you specify a value other than 0, the output of the child +# process will be put in a temporary file. If there is some error, you +# will be informed as to where to find the output. +# +# +# set shell="" +# +# Name: shell +# Type: path +# Default: "" +# +# +# Command to use when spawning a subshell. By default, the user's login +# shell from /etc/passwd is used. +# +# +# set save_unsubscribed=no +# +# Name: save_unsubscribed +# Type: boolean +# Default: no +# +# +# When set, info about unsubscribed newsgroups will be saved into +# ``newsrc'' file and into cache. +# +# +# set show_new_news=yes +# +# Name: show_new_news +# Type: boolean +# Default: yes +# +# +# If set, newsserver will be asked for new newsgroups on entering +# the browser. Otherwise, it will be done only once for a newsserver. +# Also controls whether or not number of new articles of subscribed +# newsgroups will be then checked. +# +# +# set show_only_unread=no +# +# Name: show_only_unread +# Type: boolean +# Default: no +# +# +# If set, only subscribed newsgroups that contain unread articles +# will be displayed in browser. +# +# +# set sig_dashes=yes +# +# Name: sig_dashes +# Type: boolean +# Default: yes +# +# +# If set, a line containing ``-- '' (note the trailing space) will be inserted before your +# $signature. It is strongly recommended that you not unset +# this variable unless your signature contains just your name. The +# reason for this is because many software packages use ``-- \n'' to +# detect your signature. For example, Mutt has the ability to highlight +# the signature in a different color in the built-in pager. +# +# +# set sig_on_top=no +# +# Name: sig_on_top +# Type: boolean +# Default: no +# +# +# If set, the signature will be included before any quoted or forwarded +# text. It is strongly recommended that you do not set this variable +# unless you really know what you are doing, and are prepared to take +# some heat from netiquette guardians. +# +# +# set signature="~/.signature" +# +# Name: signature +# Type: path +# Default: "~/.signature" +# +# +# Specifies the filename of your signature, which is appended to all +# outgoing messages. If the filename ends with a pipe (``|''), it is +# assumed that filename is a shell command and input should be read from +# its standard output. +# +# +# set simple_search="~f %s | ~s %s" +# +# Name: simple_search +# Type: string +# Default: "~f %s | ~s %s" +# +# +# Specifies how Mutt should expand a simple search into a real search +# pattern. A simple search is one that does not contain any of the ``~'' pattern +# operators. See ``patterns'' for more information on search patterns. +# +# For example, if you simply type ``joe'' at a search or limit prompt, Mutt +# will automatically expand it to the value specified by this variable by +# replacing ``%s'' with the supplied string. +# For the default value, ``joe'' would be expanded to: ``~f joe | ~s joe''. +# +# +# set sleep_time=1 +# +# Name: sleep_time +# Type: number +# Default: 1 +# +# +# Specifies time, in seconds, to pause while displaying certain informational +# messages, while moving from folder to folder and after expunging +# messages from the current folder. The default is to pause one second, so +# a value of zero for this option suppresses the pause. +# +# +# set smart_wrap=yes +# +# Name: smart_wrap +# Type: boolean +# Default: yes +# +# +# Controls the display of lines longer than the screen width in the +# internal pager. If set, long lines are wrapped at a word boundary. If +# unset, lines are simply wrapped at the screen edge. Also see the +# $markers variable. +# +# +# set smileys="(>From )|(:[-^]?[][)(><}{|/DP])" +# +# Name: smileys +# Type: regular expression +# Default: "(>From )|(:[-^]?[][)(><}{|/DP])" +# +# +# The pager uses this variable to catch some common false +# positives of $quote_regexp, most notably smileys and not consider +# a line quoted text if it also matches $smileys. This mostly +# happens at the beginning of a line. +# +# +# set smime_ask_cert_label=yes +# +# Name: smime_ask_cert_label +# Type: boolean +# Default: yes +# +# +# This flag controls whether you want to be asked to enter a label +# for a certificate about to be added to the database or not. It is +# set by default. +# (S/MIME only) +# +# +# set smime_ca_location="" +# +# Name: smime_ca_location +# Type: path +# Default: "" +# +# +# This variable contains the name of either a directory, or a file which +# contains trusted certificates for use with OpenSSL. +# (S/MIME only) +# +# +# set smime_certificates="" +# +# Name: smime_certificates +# Type: path +# Default: "" +# +# +# Since for S/MIME there is no pubring/secring as with PGP, mutt has to handle +# storage and retrieval of keys by itself. This is very basic right +# now, and keys and certificates are stored in two different +# directories, both named as the hash-value retrieved from +# OpenSSL. There is an index file which contains mailbox-address +# keyid pairs, and which can be manually edited. This option points to +# the location of the certificates. +# (S/MIME only) +# +# +# set smime_decrypt_command="" +# +# Name: smime_decrypt_command +# Type: string +# Default: "" +# +# +# This format string specifies a command which is used to decrypt +# application/x-pkcs7-mime attachments. +# +# The OpenSSL command formats have their own set of printf(3)-like sequences +# similar to PGP's: +# %f Expands to the name of a file containing a message. +# %s Expands to the name of a file containing the signature part +# of a multipart/signed attachment when verifying it. +# %k The key-pair specified with $smime_default_key +# %c One or more certificate IDs. +# %a The algorithm used for encryption. +# %C CA location: Depending on whether $smime_ca_location +# points to a directory or file, this expands to +# ``-CApath $smime_ca_location'' or ``-CAfile $smime_ca_location''. +# +# +# For examples on how to configure these formats, see the smime.rc in +# the samples/ subdirectory which has been installed on your system +# alongside the documentation. +# (S/MIME only) +# +# +# set smime_decrypt_use_default_key=yes +# +# Name: smime_decrypt_use_default_key +# Type: boolean +# Default: yes +# +# +# If set (default) this tells mutt to use the default key for decryption. Otherwise, +# if managing multiple certificate-key-pairs, mutt will try to use the mailbox-address +# to determine the key to use. It will ask you to supply a key, if it can't find one. +# (S/MIME only) +# +# +# set smime_default_key="" +# +# Name: smime_default_key +# Type: string +# Default: "" +# +# +# This is the default key-pair to use for signing. This must be set to the +# keyid (the hash-value that OpenSSL generates) to work properly +# (S/MIME only) +# +# +# set smime_encrypt_command="" +# +# Name: smime_encrypt_command +# Type: string +# Default: "" +# +# +# This command is used to create encrypted S/MIME messages. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_encrypt_with="" +# +# Name: smime_encrypt_with +# Type: string +# Default: "" +# +# +# This sets the algorithm that should be used for encryption. +# Valid choices are ``des'', ``des3'', ``rc2-40'', ``rc2-64'', ``rc2-128''. +# If unset, ``3des'' (TripleDES) is used. +# (S/MIME only) +# +# +# set smime_get_cert_command="" +# +# Name: smime_get_cert_command +# Type: string +# Default: "" +# +# +# This command is used to extract X509 certificates from a PKCS7 structure. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_get_cert_email_command="" +# +# Name: smime_get_cert_email_command +# Type: string +# Default: "" +# +# +# This command is used to extract the mail address(es) used for storing +# X509 certificates, and for verification purposes (to check whether the +# certificate was issued for the sender's mailbox). +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_get_signer_cert_command="" +# +# Name: smime_get_signer_cert_command +# Type: string +# Default: "" +# +# +# This command is used to extract only the signers X509 certificate from a S/MIME +# signature, so that the certificate's owner may get compared to the +# email's ``From:'' field. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_import_cert_command="" +# +# Name: smime_import_cert_command +# Type: string +# Default: "" +# +# +# This command is used to import a certificate via smime_keys. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_is_default=no +# +# Name: smime_is_default +# Type: boolean +# Default: no +# +# +# The default behavior of mutt is to use PGP on all auto-sign/encryption +# operations. To override and to use OpenSSL instead this must be set. +# However, this has no effect while replying, since mutt will automatically +# select the same application that was used to sign/encrypt the original +# message. (Note that this variable can be overridden by unsetting $crypt_autosmime.) +# (S/MIME only) +# +# +# set smime_keys="" +# +# Name: smime_keys +# Type: path +# Default: "" +# +# +# Since for S/MIME there is no pubring/secring as with PGP, mutt has to handle +# storage and retrieval of keys/certs by itself. This is very basic right now, +# and stores keys and certificates in two different directories, both +# named as the hash-value retrieved from OpenSSL. There is an index file +# which contains mailbox-address keyid pair, and which can be manually +# edited. This option points to the location of the private keys. +# (S/MIME only) +# +# +# set smime_pk7out_command="" +# +# Name: smime_pk7out_command +# Type: string +# Default: "" +# +# +# This command is used to extract PKCS7 structures of S/MIME signatures, +# in order to extract the public X509 certificate(s). +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_sign_command="" +# +# Name: smime_sign_command +# Type: string +# Default: "" +# +# +# This command is used to created S/MIME signatures of type +# multipart/signed, which can be read by all mail clients. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_sign_opaque_command="" +# +# Name: smime_sign_opaque_command +# Type: string +# Default: "" +# +# +# This command is used to created S/MIME signatures of type +# application/x-pkcs7-signature, which can only be handled by mail +# clients supporting the S/MIME extension. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_timeout=300 +# +# Name: smime_timeout +# Type: number +# Default: 300 +# +# +# The number of seconds after which a cached passphrase will expire if +# not used. +# (S/MIME only) +# +# +# set smime_verify_command="" +# +# Name: smime_verify_command +# Type: string +# Default: "" +# +# +# This command is used to verify S/MIME signatures of type multipart/signed. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smime_verify_opaque_command="" +# +# Name: smime_verify_opaque_command +# Type: string +# Default: "" +# +# +# This command is used to verify S/MIME signatures of type +# application/x-pkcs7-mime. +# +# This is a format string, see the $smime_decrypt_command command for +# possible printf(3)-like sequences. +# (S/MIME only) +# +# +# set smtp_authenticators="" +# +# Name: smtp_authenticators +# Type: string +# Default: "" +# +# +# This is a colon-delimited list of authentication methods mutt may +# attempt to use to log in to an SMTP server, in the order mutt should +# try them. Authentication methods are any SASL mechanism, e.g. +# ``digest-md5'', ``gssapi'' or ``cram-md5''. +# This option is case-insensitive. If it is ``unset'' +# (the default) mutt will try all available methods, in order from +# most-secure to least-secure. +# +# Example: +# set smtp_authenticators="digest-md5:cram-md5" +# +# +# set smtp_pass="" +# +# Name: smtp_pass +# Type: string +# Default: "" +# +# +# Specifies the password for your SMTP account. If unset, Mutt will +# prompt you for your password when you first send mail via SMTP. +# See $smtp_url to configure mutt to send mail via SMTP. +# +# Warning: you should only use this option when you are on a +# fairly secure machine, because the superuser can read your muttrc even +# if you are the only one who can read the file. +# +# +# set smtp_url="" +# +# Name: smtp_url +# Type: string +# Default: "" +# +# +# Defines the SMTP smarthost where sent messages should relayed for +# delivery. This should take the form of an SMTP URL, e.g.: +# smtp[s]://[user[:pass]@]host[:port] +# +# where ``[...]'' denotes an optional part. +# Setting this variable overrides the value of the $sendmail +# variable. +# +# +# set sort=date +# +# Name: sort +# Type: sort order +# Default: date +# +# +# Specifies how to sort messages in the ``index'' menu. Valid values +# are: +# - date or date-sent +# - date-received +# - from +# - mailbox-order (unsorted) +# - score +# - size +# - spam +# - subject +# - threads +# - to +# +# +# You may optionally use the ``reverse-'' prefix to specify reverse sorting +# order (example: ``set sort=reverse-date-sent''). +# +# +# set sort_alias=alias +# +# Name: sort_alias +# Type: sort order +# Default: alias +# +# +# Specifies how the entries in the ``alias'' menu are sorted. The +# following are legal values: +# - address (sort alphabetically by email address) +# - alias (sort alphabetically by alias name) +# - unsorted (leave in order specified in .muttrc) +# +# +# set sort_aux=date +# +# Name: sort_aux +# Type: sort order +# Default: date +# +# +# When sorting by threads, this variable controls how threads are sorted +# in relation to other threads, and how the branches of the thread trees +# are sorted. This can be set to any value that $sort can, except +# ``threads'' (in that case, mutt will just use ``date-sent''). You can also +# specify the ``last-'' prefix in addition to the ``reverse-'' prefix, but ``last-'' +# must come after ``reverse-''. The ``last-'' prefix causes messages to be +# sorted against its siblings by which has the last descendant, using +# the rest of $sort_aux as an ordering. For instance, +# set sort_aux=last-date-received +# +# would mean that if a new message is received in a +# thread, that thread becomes the last one displayed (or the first, if +# you have ``set sort=reverse-threads''.) +# +# Note: For reversed $sort +# order $sort_aux is reversed again (which is not the right thing to do, +# but kept to not break any existing configuration setting). +# +# +# set sort_browser=alpha +# +# Name: sort_browser +# Type: sort order +# Default: alpha +# +# +# Specifies how to sort entries in the file browser. By default, the +# entries are sorted alphabetically. Valid values: +# - alpha (alphabetically) +# - date +# - size +# - unsorted +# +# +# You may optionally use the ``reverse-'' prefix to specify reverse sorting +# order (example: ``set sort_browser=reverse-date''). +# +# +# set sort_re=yes +# +# Name: sort_re +# Type: boolean +# Default: yes +# +# +# This variable is only useful when sorting by threads with +# $strict_threads unset. In that case, it changes the heuristic +# mutt uses to thread messages by subject. With $sort_re set, mutt will +# only attach a message as the child of another message by subject if +# the subject of the child message starts with a substring matching the +# setting of $reply_regexp. With $sort_re unset, mutt will attach +# the message whether or not this is the case, as long as the +# non-$reply_regexp parts of both messages are identical. +# +# +# set spam_separator="," +# +# Name: spam_separator +# Type: string +# Default: "," +# +# +# This variable controls what happens when multiple spam headers +# are matched: if unset, each successive header will overwrite any +# previous matches value for the spam label. If set, each successive +# match will append to the previous, using this variable's value as a +# separator. +# +# +# set spoolfile="" +# +# Name: spoolfile +# Type: path +# Default: "" +# +# +# If your spool mailbox is in a non-default place where Mutt cannot find +# it, you can specify its location with this variable. Mutt will +# initially set this variable to the value of the environment +# variable $MAIL or $MAILDIR if either is defined. +# +# +# set ssl_ca_certificates_file="" +# +# Name: ssl_ca_certificates_file +# Type: path +# Default: "" +# +# +# This variable specifies a file containing trusted CA certificates. +# Any server certificate that is signed with one of these CA +# certificates is also automatically accepted. +# +# Example: +# set ssl_ca_certificates_file=/etc/ssl/certs/ca-certificates.crt +# +# +# set ssl_client_cert="" +# +# Name: ssl_client_cert +# Type: path +# Default: "" +# +# +# The file containing a client certificate and its associated private +# key. +# +# +# set ssl_force_tls=no +# +# Name: ssl_force_tls +# Type: boolean +# Default: no +# +# +# If this variable is set, Mutt will require that all connections +# to remote servers be encrypted. Furthermore it will attempt to +# negotiate TLS even if the server does not advertise the capability, +# since it would otherwise have to abort the connection anyway. This +# option supersedes $ssl_starttls. +# +# +# set ssl_min_dh_prime_bits=0 +# +# Name: ssl_min_dh_prime_bits +# Type: number +# Default: 0 +# +# +# This variable specifies the minimum acceptable prime size (in bits) +# for use in any Diffie-Hellman key exchange. A value of 0 will use +# the default from the GNUTLS library. +# +# +# set ssl_starttls=yes +# +# Name: ssl_starttls +# Type: quadoption +# Default: yes +# +# +# If set (the default), mutt will attempt to use STARTTLS on servers +# advertising the capability. When unset, mutt will not attempt to +# use STARTTLS regardless of the server's capabilities. +# +# +# set ssl_use_sslv2=no +# +# Name: ssl_use_sslv2 +# Type: boolean +# Default: no +# +# +# This variable specifies whether to attempt to use SSLv2 in the +# SSL authentication process. +# +# +# set ssl_use_sslv3=yes +# +# Name: ssl_use_sslv3 +# Type: boolean +# Default: yes +# +# +# This variable specifies whether to attempt to use SSLv3 in the +# SSL authentication process. +# +# +# set ssl_use_tlsv1=yes +# +# Name: ssl_use_tlsv1 +# Type: boolean +# Default: yes +# +# +# This variable specifies whether to attempt to use TLSv1 in the +# SSL authentication process. +# +# +# set ssl_usesystemcerts=yes +# +# Name: ssl_usesystemcerts +# Type: boolean +# Default: yes +# +# +# If set to yes, mutt will use CA certificates in the +# system-wide certificate store when checking if a server certificate +# is signed by a trusted CA. +# +# +# set ssl_verify_dates=yes +# +# Name: ssl_verify_dates +# Type: boolean +# Default: yes +# +# +# If set (the default), mutt will not automatically accept a server +# certificate that is either not yet valid or already expired. You should +# only unset this for particular known hosts, using the +# function. +# +# +# set ssl_verify_host=yes +# +# Name: ssl_verify_host +# Type: boolean +# Default: yes +# +# +# If set (the default), mutt will not automatically accept a server +# certificate whose host name does not match the host used in your folder +# URL. You should only unset this for particular known hosts, using +# the function. +# +# +# set status_chars="-*%A" +# +# Name: status_chars +# Type: string +# Default: "-*%A" +# +# +# Controls the characters used by the ``%r'' indicator in +# $status_format. The first character is used when the mailbox is +# unchanged. The second is used when the mailbox has been changed, and +# it needs to be resynchronized. The third is used if the mailbox is in +# read-only mode, or if the mailbox will not be written when exiting +# that mailbox (You can toggle whether to write changes to a mailbox +# with the operation, bound by default to ``%''). The fourth +# is used to indicate that the current folder has been opened in attach- +# message mode (Certain operations like composing a new mail, replying, +# forwarding, etc. are not permitted in this mode). +# +# +# set status_format="-%r-Mutt: %f [Msgs:%?M?%M/?%m%?n? New:%n?%?o? Old:%o?%?d? Del:%d?%?F? Flag:%F?%?t? Tag:%t?%?p? Post:%p?%?b? Inc:%b?%?l? %l?]---(%s/%S)-%>-(%P)---" +# +# Name: status_format +# Type: string +# Default: "-%r-Mutt: %f [Msgs:%?M?%M/?%m%?n? New:%n?%?o? Old:%o?%?d? Del:%d?%?F? Flag:%F?%?t? Tag:%t?%?p? Post:%p?%?b? Inc:%b?%?l? %l?]---(%s/%S)-%>-(%P)---" +# +# +# Controls the format of the status line displayed in the ``index'' +# menu. This string is similar to $index_format, but has its own +# set of printf(3)-like sequences: +# %b number of mailboxes with new mail * +# %d number of deleted messages * +# %f the full pathname of the current mailbox +# %F number of flagged messages * +# %h local hostname +# %l size (in bytes) of the current mailbox * +# %L size (in bytes) of the messages shown +# (i.e., which match the current limit) * +# %m the number of messages in the mailbox * +# %M the number of messages shown (i.e., which match the current limit) * +# %n number of new messages in the mailbox * +# %o number of old unread messages * +# %p number of postponed messages * +# %P percentage of the way through the index +# %r modified/read-only/won't-write/attach-message indicator, +# according to $status_chars +# %s current sorting mode ($sort) +# %S current aux sorting method ($sort_aux) +# %t number of tagged messages * +# %u number of unread messages * +# %v Mutt version string +# %V currently active limit pattern, if any * +# %>X right justify the rest of the string and pad with ``X'' +# %|X pad to the end of the line with ``X'' +# %*X soft-fill with character ``X'' as pad +# +# +# For an explanation of ``soft-fill'', see the $index_format documentation. +# +# * = can be optionally printed if nonzero +# +# Some of the above sequences can be used to optionally print a string +# if their value is nonzero. For example, you may only want to see the +# number of flagged messages if such messages exist, since zero is not +# particularly meaningful. To optionally print a string based upon one +# of the above sequences, the following construct is used: +# +# %??? +# +# where sequence_char is a character from the table above, and +# optional_string is the string you would like printed if +# sequence_char is nonzero. optional_string may contain +# other sequences as well as normal text, but you may not nest +# optional strings. +# +# Here is an example illustrating how to optionally print the number of +# new messages in a mailbox: +# +# %?n?%n new messages.? +# +# You can also switch between two strings using the following construct: +# +# %??&? +# +# If the value of sequence_char is non-zero, if_string will +# be expanded, otherwise else_string will be expanded. +# +# You can force the result of any printf(3)-like sequence to be lowercase +# by prefixing the sequence character with an underscore (``_'') sign. +# For example, if you want to display the local hostname in lowercase, +# you would use: ``%_h''. +# +# If you prefix the sequence character with a colon (``:'') character, mutt +# will replace any dots in the expansion by underscores. This might be helpful +# with IMAP folders that don't like dots in folder names. +# +# +# set status_on_top=no +# +# Name: status_on_top +# Type: boolean +# Default: no +# +# +# Setting this variable causes the ``status bar'' to be displayed on +# the first line of the screen rather than near the bottom. If $help +# is set, too it'll be placed at the bottom. +# +# +# set strict_threads=no +# +# Name: strict_threads +# Type: boolean +# Default: no +# +# +# If set, threading will only make use of the ``In-Reply-To'' and +# ``References:'' fields when you $sort by message threads. By +# default, messages with the same subject are grouped together in +# ``pseudo threads.''. This may not always be desirable, such as in a +# personal mailbox where you might have several unrelated messages with +# the subjects like ``hi'' which will get grouped together. See also +# $sort_re for a less drastic way of controlling this +# behavior. +# +# +# set suspend=yes +# +# Name: suspend +# Type: boolean +# Default: yes +# +# +# When unset, mutt won't stop when the user presses the terminal's +# susp key, usually ``^Z''. This is useful if you run mutt +# inside an xterm using a command like ``xterm -e mutt''. +# +# +# set text_flowed=no +# +# Name: text_flowed +# Type: boolean +# Default: no +# +# +# When set, mutt will generate ``format=flowed'' bodies with a content type +# of ``text/plain; format=flowed''. +# This format is easier to handle for some mailing software, and generally +# just looks like ordinary text. To actually make use of this format's +# features, you'll need support in your editor. +# +# Note that $indent_string is ignored when this option is set. +# +# +# set thorough_search=yes +# +# Name: thorough_search +# Type: boolean +# Default: yes +# +# +# Affects the ~b and ~h search operations described in +# section ``patterns''. If set, the headers and body/attachments of +# messages to be searched are decoded before searching. If unset, +# messages are searched as they appear in the folder. +# +# Users searching attachments or for non-ASCII characters should set +# this value because decoding also includes MIME parsing/decoding and possible +# character set conversions. Otherwise mutt will attempt to match against the +# raw message received (for example quoted-printable encoded or with encoded +# headers) which may lead to incorrect search results. +# +# +# set thread_received=no +# +# Name: thread_received +# Type: boolean +# Default: no +# +# +# When set, mutt uses the date received rather than the date sent +# to thread messages by subject. +# +# +# set tilde=no +# +# Name: tilde +# Type: boolean +# Default: no +# +# +# When set, the internal-pager will pad blank lines to the bottom of the +# screen with a tilde (``~''). +# +# +# set time_inc=0 +# +# Name: time_inc +# Type: number +# Default: 0 +# +# +# Along with $read_inc, $write_inc, and $net_inc, this +# variable controls the frequency with which progress updates are +# displayed. It suppresses updates less than $time_inc milliseconds +# apart. This can improve throughput on systems with slow terminals, +# or when running mutt on a remote system. +# +# Also see the ``tuning'' section of the manual for performance considerations. +# +# +# set timeout=600 +# +# Name: timeout +# Type: number +# Default: 600 +# +# +# When Mutt is waiting for user input either idling in menus or +# in an interactive prompt, Mutt would block until input is +# present. Depending on the context, this would prevent certain +# operations from working, like checking for new mail or keeping +# an IMAP connection alive. +# +# This variable controls how many seconds Mutt will at most wait +# until it aborts waiting for input, performs these operations and +# continues to wait for input. +# +# A value of zero or less will cause Mutt to never time out. +# +# +# set tmpdir="" +# +# Name: tmpdir +# Type: path +# Default: "" +# +# +# This variable allows you to specify where Mutt will place its +# temporary files needed for displaying and composing messages. If +# this variable is not set, the environment variable $TMPDIR is +# used. If $TMPDIR is not set then ``/tmp'' is used. +# +# +# set to_chars=" +TCFL" +# +# Name: to_chars +# Type: string +# Default: " +TCFL" +# +# +# Controls the character used to indicate mail addressed to you. The +# first character is the one used when the mail is not addressed to your +# address. The second is used when you are the only +# recipient of the message. The third is when your address +# appears in the ``To:'' header field, but you are not the only recipient of +# the message. The fourth character is used when your +# address is specified in the ``Cc:'' header field, but you are not the only +# recipient. The fifth character is used to indicate mail that was sent +# by you. The sixth character is used to indicate when a mail +# was sent to a mailing-list you subscribe to. +# +# +# set tunnel="" +# +# Name: tunnel +# Type: string +# Default: "" +# +# +# Setting this variable will cause mutt to open a pipe to a command +# instead of a raw socket. You may be able to use this to set up +# preauthenticated connections to your IMAP/POP3/SMTP server. Example: +# set tunnel="ssh -q mailhost.net /usr/local/libexec/imapd" +# +# Note: For this example to work you must be able to log in to the remote +# machine without having to enter a password. +# +# When set, Mutt uses the tunnel for all remote connections. +# Please see ``account-hook'' in the manual for how to use different +# tunnel commands per connection. +# +# +# set uncollapse_jump=no +# +# Name: uncollapse_jump +# Type: boolean +# Default: no +# +# +# When set, Mutt will jump to the next unread message, if any, +# when the current thread is uncollapsed. +# +# +# set use_8bitmime=no +# +# Name: use_8bitmime +# Type: boolean +# Default: no +# +# +# Warning: do not set this variable unless you are using a version +# of sendmail which supports the -B8BITMIME flag (such as sendmail +# 8.8.x) or you may not be able to send mail. +# +# When set, Mutt will invoke $sendmail with the -B8BITMIME +# flag when sending 8-bit messages to enable ESMTP negotiation. +# +# +# set use_domain=yes +# +# Name: use_domain +# Type: boolean +# Default: yes +# +# +# When set, Mutt will qualify all local addresses (ones without the +# ``@host'' portion) with the value of $hostname. If unset, no +# addresses will be qualified. +# +# +# set use_envelope_from=no +# +# Name: use_envelope_from +# Type: boolean +# Default: no +# +# +# When set, mutt will set the envelope sender of the message. +# If $envelope_from_address is set, it will be used as the sender +# address. If unset, mutt will attempt to derive the sender from the +# ``From:'' header. +# +# Note that this information is passed to sendmail command using the +# -f command line switch. Therefore setting this option is not useful +# if the $sendmail variable already contains -f or if the +# executable pointed to by $sendmail doesn't support the -f switch. +# +# +# set use_from=yes +# +# Name: use_from +# Type: boolean +# Default: yes +# +# +# When set, Mutt will generate the ``From:'' header field when +# sending messages. If unset, no ``From:'' header field will be +# generated unless the user explicitly sets one using the ``my_hdr'' +# command. +# +# +# set use_idn=yes +# +# Name: use_idn +# Type: boolean +# Default: yes +# +# +# When set, Mutt will show you international domain names decoded. +# Note: You can use IDNs for addresses even if this is unset. +# This variable only affects decoding. +# +# +# set use_ipv6=yes +# +# Name: use_ipv6 +# Type: boolean +# Default: yes +# +# +# When set, Mutt will look for IPv6 addresses of hosts it tries to +# contact. If this option is unset, Mutt will restrict itself to IPv4 addresses. +# Normally, the default should work. +# +# +# set user_agent=yes +# +# Name: user_agent +# Type: boolean +# Default: yes +# +# +# When set, mutt will add a ``User-Agent:'' header to outgoing +# messages, indicating which version of mutt was used for composing +# them. +# +# +# set visual="" +# +# Name: visual +# Type: path +# Default: "" +# +# +# Specifies the visual editor to invoke when the ``~v'' command is +# given in the built-in editor. +# +# +# set wait_key=yes +# +# Name: wait_key +# Type: boolean +# Default: yes +# +# +# Controls whether Mutt will ask you to press a key after an external command +# has been invoked by these functions: , +# , , , +# and commands. +# +# It is also used when viewing attachments with ``auto_view'', provided +# that the corresponding mailcap entry has a needsterminal flag, +# and the external program is interactive. +# +# When set, Mutt will always ask for a key. When unset, Mutt will wait +# for a key only if the external command returned a non-zero status. +# +# +# set weed=yes +# +# Name: weed +# Type: boolean +# Default: yes +# +# +# When set, mutt will weed headers when displaying, forwarding, +# printing, or replying to messages. +# +# +# set wrap=0 +# +# Name: wrap +# Type: number +# Default: 0 +# +# +# When set to a positive value, mutt will wrap text at $wrap characters. +# When set to a negative value, mutt will wrap text so that there are $wrap +# characters of empty space on the right side of the terminal. Setting it +# to zero makes mutt wrap at the terminal width. +# +# +# set wrap_headers=78 +# +# Name: wrap_headers +# Type: number +# Default: 78 +# +# +# This option specifies the number of characters to use for wrapping +# an outgoing message's headers. Allowed values are between 78 and 998 +# inclusive. +# +# Note: This option usually shouldn't be changed. RFC5233 +# recommends a line length of 78 (the default), so please only change +# this setting when you know what you're doing. +# +# +# set wrap_search=yes +# +# Name: wrap_search +# Type: boolean +# Default: yes +# +# +# Controls whether searches wrap around the end. +# +# When set, searches will wrap around the first (or last) item. When +# unset, incremental searches will not wrap. +# +# +# set wrapmargin=0 +# +# Name: wrapmargin +# Type: number +# Default: 0 +# +# +# (DEPRECATED) Equivalent to setting $wrap with a negative value. +# +# +# set write_bcc=yes +# +# Name: write_bcc +# Type: boolean +# Default: yes +# +# +# Controls whether mutt writes out the Bcc header when saving +# messages to FCC. Bcc headers will never be written to a message +# when sending it. +# +# +# set write_inc=10 +# +# Name: write_inc +# Type: number +# Default: 10 +# +# +# When writing a mailbox, a message will be printed every +# $write_inc messages to indicate progress. If set to 0, only a +# single message will be displayed before writing a mailbox. +# +# Also see the $read_inc, $net_inc and $time_inc variables and the +# ``tuning'' section of the manual for performance considerations. +# +# +# set x_comment_to=no +# +# Name: x_comment_to +# Type: boolean +# Default: no +# +# +# If set, Mutt will add ``X-Comment-To:'' field (that contains full +# name of original article author) to article that followuped to newsgroup. +# +# diff --git a/mutt/mime.types b/mutt/mime.types new file mode 120000 index 0000000..836d968 --- /dev/null +++ b/mutt/mime.types @@ -0,0 +1 @@ +/etc/mime.types \ No newline at end of file diff --git a/mutt/mime.types.dist b/mutt/mime.types.dist new file mode 100644 index 0000000..51934e9 --- /dev/null +++ b/mutt/mime.types.dist @@ -0,0 +1,113 @@ +# $Id$ + +# +# sample mime.types +# + +application/andrew-inset ez +application/excel xls +application/octet-stream bin +application/oda oda +application/pdf pdf +application/pgp pgp +application/postscript ps PS eps +application/rdf+xml rdf +application/rss+xml rss +application/rtf rtf +application/vnd.mozilla.xul+xml xul +application/vnd.oasis.opendocument.chart odc +application/vnd.oasis.opendocument.database odb +application/vnd.oasis.opendocument.formula odf +application/vnd.oasis.opendocument.graphics odg +application/vnd.oasis.opendocument.graphics-template otg +application/vnd.oasis.opendocument.image odi +application/vnd.oasis.opendocument.presentation odp +application/vnd.oasis.opendocument.presentation-template otp +application/vnd.oasis.opendocument.spreadsheet ods +application/vnd.oasis.opendocument.spreadsheet-template ots +application/vnd.oasis.opendocument.text odt +application/vnd.oasis.opendocument.text-master odm +application/vnd.oasis.opendocument.text-template ott +application/vnd.oasis.opendocument.text-web oth +application/vnd.sun.xml.calc sxc +application/vnd.sun.xml.calc.template stc +application/vnd.sun.xml.draw sxd +application/vnd.sun.xml.draw.template std +application/vnd.sun.xml.impress sxi +application/vnd.sun.xml.impress.template sti +application/vnd.sun.xml.writer sxw +application/vnd.sun.xml.writer.global sxg +application/vnd.sun.xml.writer.math sxm +application/vnd.sun.xml.writer.template stw +application/x-arj-compressed arj +application/x-bcpio bcpio +application/x-chess-pgn pgn +application/x-cpio cpio +application/x-csh csh +application/x-debian-package deb +application/x-msdos-program com exe bat +application/x-dvi dvi +application/x-gtar gtar +application/x-gunzip gz +application/x-hdf hdf +application/x-latex latex +application/x-mif mif +application/x-netcdf cdf nc +application/x-perl pl pm +application/x-rar-compressed rar +application/x-sh sh +application/x-shar shar +application/x-sv4cpio sv4cpio +application/x-sv4crc sv4crc +application/x-tar tar +application/x-tar-gz tgz tar.gz +application/x-tcl tcl +application/x-tex tex +application/x-texinfo texi texinfo +application/x-troff t tr roff +application/x-troff-man man +application/x-troff-me me +application/x-troff-ms ms +application/x-ustar ustar +application/x-wais-source src +application/x-zip-compressed zip +application/xhtml+xml xhtml xht +application/xml xml xsl + +audio/basic snd +audio/midi mid midi +audio/ulaw au +audio/x-aiff aif aifc aiff +audio/x-wav wav + +image/gif gif +image/ief ief +image/jpeg jpe jpeg jpg +image/png png +image/svg+xml svg svgz +image/tiff tif tiff +image/x-cmu-raster ras +image/x-portable-anymap pnm +image/x-portable-bitmap pbm +image/x-portable-graymap pgm +image/x-portable-pixmap ppm +image/x-rgb rgb +image/x-xbitmap xbm +image/x-xpixmap xpm +image/x-xwindowdump xwd + +text/html html htm +text/plain asc txt +text/richtext rtx +text/tab-separated-values tsv +text/x-setext etx + +video/dl dl +video/fli fli +video/gl gl +video/mpeg mp2 mpe mpeg mpg +video/quicktime mov qt +video/x-msvideo avi +video/x-sgi-movie movie + +x-world/x-vrml vrm vrml wrl diff --git a/mysql/.rcs/my.cnf,v b/mysql/.rcs/my.cnf,v new file mode 100644 index 0000000..9fadb5a --- /dev/null +++ b/mysql/.rcs/my.cnf,v @@ -0,0 +1,391 @@ +head 1.5; +access; +symbols; +locks; strict; +comment @# @; + + +1.5 +date 2010.11.30.08.33.13; author root; state Exp; +branches; +next 1.4; + +1.4 +date 2010.11.30.08.26.18; author root; state Exp; +branches; +next 1.3; + +1.3 +date 2010.11.30.06.46.14; author root; state Exp; +branches; +next 1.2; + +1.2 +date 2010.05.27.20.00.10; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.01.55.34; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.5 +log +@Checked in. +@ +text +@# /etc/mysql/my.cnf: The global mysql configuration file. +# $Header: /etc/mysql/my.cnf,v 1.4 2010/11/30 08:26:18 root Exp $ + +# The following options will be passed to all MySQL clients +[client] +#password = your_password +port = 3306 +socket = /var/run/mysqld/mysqld.sock + +[mysql] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 +prompt=MySQL \u@@\h:\d >\_ + +[mysqladmin] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlcheck] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqldump] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlimport] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlshow] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[myisamchk] +character-sets-dir=/usr/share/mysql/charsets + +[myisampack] +character-sets-dir=/usr/share/mysql/charsets + +# use [safe_mysqld] with mysql-3 +[mysqld_safe] +err-log = /var/log/mysql/mysql.err + +# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations +[mysqld] +character-set-server = utf8 +#default-character-set = utf8 +user = mysql +port = 3306 +socket = /var/run/mysqld/mysqld.sock +pid-file = /var/run/mysqld/mysqld.pid +log-error = /var/log/mysql/mysqld.err +basedir = /usr +datadir = /var/lib/mysql +skip-external-locking +key_buffer = 32M +max_allowed_packet = 4M +table_cache = 64 +sort_buffer_size = 2M +net_buffer_length = 8K +read_buffer_size = 2M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 32M +#language = /usr/share/mysql/english +language = /usr/share/mysql/german + +# security: +# using "localhost" in connects uses sockets by default +# skip-networking +#bind-address = 127.0.0.1 + +#log-bin = helga-mysql-bin +server-id = 2 + +#auto_increment_increment = 2 +#auto_increment_offset = 2 + +#master-host = sarah.brehm-online.com +#master-port = 3306 +#master-user = replication +#master-password = uhu +#master-connect-retry = 60 +#report-host = helga.brehm-online.com + +# point the following paths to different dedicated disks +tmpdir = /tmp/ +#log-update = /path-to-dedicated-directory/hostname + +# you need the debug USE flag enabled to use the following directives, +# if needed, uncomment them, start the server and issue +# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace +# this will show you *exactly* what's happening in your server ;) + +#log = /tmp/mysqld.sql +#gdb +#debug = d:t:i:o,/tmp/mysqld.trace +#one-thread + +# uncomment the following directives if you are using BDB tables +#bdb_cache_size = 4M +#bdb_max_lock = 10000 + +# the following is the InnoDB configuration +# if you wish to disable innodb instead +# uncomment just the next line +#skip-innodb +# +# the rest of the innodb config follows: +# don't eat too much memory, we're trying to be safe on 64Mb boxes +# you might want to bump this up a bit on boxes with more RAM +innodb_buffer_pool_size = 64M +# this is the default, increase it if you have lots of tables +innodb_additional_mem_pool_size = 4M +# +# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( +# and upstream wants things to be under /var/lib/mysql/, so that's the route +# we have to take for the moment +#innodb_data_home_dir = /var/lib/mysql/ +#innodb_log_arch_dir = /var/lib/mysql/ +#innodb_log_group_home_dir = /var/lib/mysql/ +# you may wish to change this size to be more suitable for your system +# the max is there to avoid run-away growth on your machine +innodb_data_file_path = ibdata1:10M:autoextend:max:128M +# we keep this at around 25% of of innodb_buffer_pool_size +# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) +innodb_log_file_size = 5M +# this is the default, increase it if you have very large transactions going on +innodb_log_buffer_size = 8M +# this is the default and won't hurt you +# you shouldn't need to tweak it +innodb_log_files_in_group=2 +# see the innodb config docs, the other options are not always safe +innodb_flush_log_at_trx_commit = 1 +innodb_lock_wait_timeout = 50 +innodb_file_per_table +sync_binlog = 1 + +[mysqldump] +quick +max_allowed_packet = 64M + +[mysql] +# uncomment the next directive if you are not familiar with SQL +#safe-updates + +[isamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[myisamchk] +key_buffer = 40M +sort_buffer_size = 40M +read_buffer = 4M +write_buffer = 4M + +[mysqlhotcopy] +interactive-timeout +@ + + +1.4 +log +@Checked in. +@ +text +@d2 1 +a2 1 +# $Header: /etc/mysql/my.cnf,v 1.2 2010/05/27 20:00:10 root Exp $ +d48 1 +a48 1 +default-character-set = utf8 +d112 1 +a112 1 +innodb_buffer_pool_size = 64 +@ + + +1.3 +log +@Checked in. +@ +text +@d2 1 +a2 1 +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.1,v 1.2 2010/03/24 18:26:09 robbat2 Exp $ +d13 1 +d48 1 +d57 2 +a58 2 +key_buffer = 16M +max_allowed_packet = 1M +d60 1 +a60 1 +sort_buffer_size = 512K +d62 5 +a66 4 +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M +language = /usr/share/mysql/english +d71 1 +a71 1 +bind-address = 127.0.0.1 +d73 12 +a84 2 +log-bin +server-id = 1 +d112 1 +a112 1 +innodb_buffer_pool_size = 16M +d114 1 +a114 1 +innodb_additional_mem_pool_size = 2M +d137 1 +d141 1 +a141 1 +max_allowed_packet = 16M +d148 1 +a148 1 +key_buffer = 20M +d154 4 +a157 4 +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M +@ + + +1.2 +log +@Checked in. +@ +text +@d2 1 +a2 1 +# $Header: /etc/mysql/my.cnf,v 1.1 2010/05/26 01:55:34 root Exp $ +a12 1 +prompt=MySQL \u@@\h:\d >\_ +a46 1 +default-character-set = utf8 +d55 2 +a56 2 +key_buffer = 32M +max_allowed_packet = 4M +d58 1 +a58 1 +sort_buffer_size = 2M +d60 4 +a63 5 +read_buffer_size = 2M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 32M +#language = /usr/share/mysql/english +language = /usr/share/mysql/german +d68 1 +a68 1 +#bind-address = 127.0.0.1 +d70 2 +a71 12 +log-bin = helga-mysql-bin +server-id = 2 + +auto_increment_increment = 2 +auto_increment_offset = 2 + +master-host = sarah.brehm-online.com +master-port = 3306 +master-user = replication +master-password = uhu +master-connect-retry = 60 +report-host = helga.brehm-online.com +d99 1 +a99 1 +innodb_buffer_pool_size = 64 +d101 1 +a101 1 +innodb_additional_mem_pool_size = 4M +a123 1 +sync_binlog = 1 +d127 1 +a127 1 +max_allowed_packet = 64M +d134 1 +a134 1 +key_buffer = 20M +d140 4 +a143 4 +key_buffer = 40M +sort_buffer_size = 40M +read_buffer = 4M +write_buffer = 4M +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.1,v 1.2 2010/03/24 18:26:09 robbat2 Exp $ +d13 1 +d48 1 +d57 2 +a58 2 +key_buffer = 16M +max_allowed_packet = 1M +d60 1 +a60 1 +sort_buffer_size = 512K +d62 5 +a66 4 +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M +language = /usr/share/mysql/english +d71 1 +a71 1 +bind-address = 127.0.0.1 +d73 12 +a84 2 +log-bin +server-id = 1 +d112 1 +a112 1 +innodb_buffer_pool_size = 16M +d114 1 +a114 1 +innodb_additional_mem_pool_size = 2M +d137 1 +d141 1 +a141 1 +max_allowed_packet = 16M +d148 1 +a148 1 +key_buffer = 20M +d154 4 +a157 4 +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M +@ diff --git a/mysql/.rcs/my.cnf.orig,v b/mysql/.rcs/my.cnf.orig,v new file mode 100644 index 0000000..d24b0b3 --- /dev/null +++ b/mysql/.rcs/my.cnf.orig,v @@ -0,0 +1,170 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.08.22.44; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# /etc/mysql/my.cnf: The global mysql configuration file. +# $Header: /etc/mysql/my.cnf,v 1.3 2010/11/30 06:46:14 root Exp $ + +# The following options will be passed to all MySQL clients +[client] +#password = your_password +port = 3306 +socket = /var/run/mysqld/mysqld.sock + +[mysql] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqladmin] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlcheck] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqldump] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlimport] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlshow] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[myisamchk] +character-sets-dir=/usr/share/mysql/charsets + +[myisampack] +character-sets-dir=/usr/share/mysql/charsets + +# use [safe_mysqld] with mysql-3 +[mysqld_safe] +err-log = /var/log/mysql/mysql.err + +# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations +[mysqld] +character-set-server = utf8 +user = mysql +port = 3306 +socket = /var/run/mysqld/mysqld.sock +pid-file = /var/run/mysqld/mysqld.pid +log-error = /var/log/mysql/mysqld.err +basedir = /usr +datadir = /var/lib/mysql +skip-external-locking +key_buffer = 16M +max_allowed_packet = 1M +table_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M +language = /usr/share/mysql/english + +# security: +# using "localhost" in connects uses sockets by default +# skip-networking +bind-address = 127.0.0.1 + +log-bin +server-id = 1 + +# point the following paths to different dedicated disks +tmpdir = /tmp/ +#log-update = /path-to-dedicated-directory/hostname + +# you need the debug USE flag enabled to use the following directives, +# if needed, uncomment them, start the server and issue +# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace +# this will show you *exactly* what's happening in your server ;) + +#log = /tmp/mysqld.sql +#gdb +#debug = d:t:i:o,/tmp/mysqld.trace +#one-thread + +# uncomment the following directives if you are using BDB tables +#bdb_cache_size = 4M +#bdb_max_lock = 10000 + +# the following is the InnoDB configuration +# if you wish to disable innodb instead +# uncomment just the next line +#skip-innodb +# +# the rest of the innodb config follows: +# don't eat too much memory, we're trying to be safe on 64Mb boxes +# you might want to bump this up a bit on boxes with more RAM +innodb_buffer_pool_size = 16M +# this is the default, increase it if you have lots of tables +innodb_additional_mem_pool_size = 2M +# +# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( +# and upstream wants things to be under /var/lib/mysql/, so that's the route +# we have to take for the moment +#innodb_data_home_dir = /var/lib/mysql/ +#innodb_log_arch_dir = /var/lib/mysql/ +#innodb_log_group_home_dir = /var/lib/mysql/ +# you may wish to change this size to be more suitable for your system +# the max is there to avoid run-away growth on your machine +innodb_data_file_path = ibdata1:10M:autoextend:max:128M +# we keep this at around 25% of of innodb_buffer_pool_size +# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) +innodb_log_file_size = 5M +# this is the default, increase it if you have very large transactions going on +innodb_log_buffer_size = 8M +# this is the default and won't hurt you +# you shouldn't need to tweak it +innodb_log_files_in_group=2 +# see the innodb config docs, the other options are not always safe +innodb_flush_log_at_trx_commit = 1 +innodb_lock_wait_timeout = 50 +innodb_file_per_table + +[mysqldump] +quick +max_allowed_packet = 16M + +[mysql] +# uncomment the next directive if you are not familiar with SQL +#safe-updates + +[isamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[myisamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[mysqlhotcopy] +interactive-timeout +@ diff --git a/mysql/my.cnf b/mysql/my.cnf new file mode 100644 index 0000000..8cd84f0 --- /dev/null +++ b/mysql/my.cnf @@ -0,0 +1,160 @@ +# /etc/mysql/my.cnf: The global mysql configuration file. +# $Header: /etc/mysql/.rcs/my.cnf,v 1.5 2010/11/30 08:33:13 root Exp $ + +# The following options will be passed to all MySQL clients +[client] +#password = your_password +port = 3306 +socket = /var/run/mysqld/mysqld.sock + +[mysql] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 +prompt=MySQL \u@\h:\d >\_ + +[mysqladmin] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlcheck] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqldump] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlimport] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlshow] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[myisamchk] +character-sets-dir=/usr/share/mysql/charsets + +[myisampack] +character-sets-dir=/usr/share/mysql/charsets + +# use [safe_mysqld] with mysql-3 +[mysqld_safe] +err-log = /var/log/mysql/mysql.err + +# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations +[mysqld] +character-set-server = utf8 +#default-character-set = utf8 +user = mysql +port = 3306 +socket = /var/run/mysqld/mysqld.sock +pid-file = /var/run/mysqld/mysqld.pid +log-error = /var/log/mysql/mysqld.err +basedir = /usr +datadir = /var/lib/mysql +skip-external-locking +key_buffer = 32M +max_allowed_packet = 4M +table_cache = 64 +sort_buffer_size = 2M +net_buffer_length = 8K +read_buffer_size = 2M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 32M +#language = /usr/share/mysql/english +language = /usr/share/mysql/german + +# security: +# using "localhost" in connects uses sockets by default +# skip-networking +#bind-address = 127.0.0.1 + +#log-bin = helga-mysql-bin +server-id = 2 + +#auto_increment_increment = 2 +#auto_increment_offset = 2 + +#master-host = sarah.brehm-online.com +#master-port = 3306 +#master-user = replication +#master-password = uhu +#master-connect-retry = 60 +#report-host = helga.brehm-online.com + +# point the following paths to different dedicated disks +tmpdir = /tmp/ +#log-update = /path-to-dedicated-directory/hostname + +# you need the debug USE flag enabled to use the following directives, +# if needed, uncomment them, start the server and issue +# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace +# this will show you *exactly* what's happening in your server ;) + +#log = /tmp/mysqld.sql +#gdb +#debug = d:t:i:o,/tmp/mysqld.trace +#one-thread + +# uncomment the following directives if you are using BDB tables +#bdb_cache_size = 4M +#bdb_max_lock = 10000 + +# the following is the InnoDB configuration +# if you wish to disable innodb instead +# uncomment just the next line +#skip-innodb +# +# the rest of the innodb config follows: +# don't eat too much memory, we're trying to be safe on 64Mb boxes +# you might want to bump this up a bit on boxes with more RAM +innodb_buffer_pool_size = 64M +# this is the default, increase it if you have lots of tables +innodb_additional_mem_pool_size = 4M +# +# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( +# and upstream wants things to be under /var/lib/mysql/, so that's the route +# we have to take for the moment +#innodb_data_home_dir = /var/lib/mysql/ +#innodb_log_arch_dir = /var/lib/mysql/ +#innodb_log_group_home_dir = /var/lib/mysql/ +# you may wish to change this size to be more suitable for your system +# the max is there to avoid run-away growth on your machine +innodb_data_file_path = ibdata1:10M:autoextend:max:128M +# we keep this at around 25% of of innodb_buffer_pool_size +# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) +innodb_log_file_size = 5M +# this is the default, increase it if you have very large transactions going on +innodb_log_buffer_size = 8M +# this is the default and won't hurt you +# you shouldn't need to tweak it +innodb_log_files_in_group=2 +# see the innodb config docs, the other options are not always safe +innodb_flush_log_at_trx_commit = 1 +innodb_lock_wait_timeout = 50 +innodb_file_per_table +sync_binlog = 1 + +[mysqldump] +quick +max_allowed_packet = 64M + +[mysql] +# uncomment the next directive if you are not familiar with SQL +#safe-updates + +[isamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[myisamchk] +key_buffer = 40M +sort_buffer_size = 40M +read_buffer = 4M +write_buffer = 4M + +[mysqlhotcopy] +interactive-timeout diff --git a/mysql/my.cnf.orig b/mysql/my.cnf.orig new file mode 100644 index 0000000..ac235e3 --- /dev/null +++ b/mysql/my.cnf.orig @@ -0,0 +1,146 @@ +# /etc/mysql/my.cnf: The global mysql configuration file. +# $Header: /etc/mysql/.rcs/my.cnf.orig,v 1.1 2010/11/30 08:22:44 root Exp $ + +# The following options will be passed to all MySQL clients +[client] +#password = your_password +port = 3306 +socket = /var/run/mysqld/mysqld.sock + +[mysql] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqladmin] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlcheck] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqldump] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlimport] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[mysqlshow] +character-sets-dir=/usr/share/mysql/charsets +default-character-set=utf8 + +[myisamchk] +character-sets-dir=/usr/share/mysql/charsets + +[myisampack] +character-sets-dir=/usr/share/mysql/charsets + +# use [safe_mysqld] with mysql-3 +[mysqld_safe] +err-log = /var/log/mysql/mysql.err + +# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations +[mysqld] +character-set-server = utf8 +user = mysql +port = 3306 +socket = /var/run/mysqld/mysqld.sock +pid-file = /var/run/mysqld/mysqld.pid +log-error = /var/log/mysql/mysqld.err +basedir = /usr +datadir = /var/lib/mysql +skip-external-locking +key_buffer = 16M +max_allowed_packet = 1M +table_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M +language = /usr/share/mysql/english + +# security: +# using "localhost" in connects uses sockets by default +# skip-networking +bind-address = 127.0.0.1 + +log-bin +server-id = 1 + +# point the following paths to different dedicated disks +tmpdir = /tmp/ +#log-update = /path-to-dedicated-directory/hostname + +# you need the debug USE flag enabled to use the following directives, +# if needed, uncomment them, start the server and issue +# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace +# this will show you *exactly* what's happening in your server ;) + +#log = /tmp/mysqld.sql +#gdb +#debug = d:t:i:o,/tmp/mysqld.trace +#one-thread + +# uncomment the following directives if you are using BDB tables +#bdb_cache_size = 4M +#bdb_max_lock = 10000 + +# the following is the InnoDB configuration +# if you wish to disable innodb instead +# uncomment just the next line +#skip-innodb +# +# the rest of the innodb config follows: +# don't eat too much memory, we're trying to be safe on 64Mb boxes +# you might want to bump this up a bit on boxes with more RAM +innodb_buffer_pool_size = 16M +# this is the default, increase it if you have lots of tables +innodb_additional_mem_pool_size = 2M +# +# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( +# and upstream wants things to be under /var/lib/mysql/, so that's the route +# we have to take for the moment +#innodb_data_home_dir = /var/lib/mysql/ +#innodb_log_arch_dir = /var/lib/mysql/ +#innodb_log_group_home_dir = /var/lib/mysql/ +# you may wish to change this size to be more suitable for your system +# the max is there to avoid run-away growth on your machine +innodb_data_file_path = ibdata1:10M:autoextend:max:128M +# we keep this at around 25% of of innodb_buffer_pool_size +# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) +innodb_log_file_size = 5M +# this is the default, increase it if you have very large transactions going on +innodb_log_buffer_size = 8M +# this is the default and won't hurt you +# you shouldn't need to tweak it +innodb_log_files_in_group=2 +# see the innodb config docs, the other options are not always safe +innodb_flush_log_at_trx_commit = 1 +innodb_lock_wait_timeout = 50 +innodb_file_per_table + +[mysqldump] +quick +max_allowed_packet = 16M + +[mysql] +# uncomment the next directive if you are not familiar with SQL +#safe-updates + +[isamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[myisamchk] +key_buffer = 20M +sort_buffer_size = 20M +read_buffer = 2M +write_buffer = 2M + +[mysqlhotcopy] +interactive-timeout diff --git a/mysql/mysqlaccess.conf b/mysql/mysqlaccess.conf new file mode 100644 index 0000000..faf47da --- /dev/null +++ b/mysql/mysqlaccess.conf @@ -0,0 +1,45 @@ +# ------------------------------------------------------------------------- # +# MySQLaccess version 2.0p2 # +# (c) Yves.Carlier@rug.ac.be, 1997 # +# # +# *** Configuration file *** # +# # +# -Default values read by mysqlaccess during initialisation. # +# This file is looked for in # +# 1) the current directory # +# 2) /etc/ # +# -Options given on the command-line override the values given in here # +# -Given options can't be overruled by empty/blanc options!! # +# ------------------------------------------------------------------------- # + + +# ----------------# +# Global settings # +# --------------- # + #$Param{'host'} = ''; + $Param{'user'} = 'nobody'; + $Param{'db'} = 'test'; + $Param{'password'} = 'foobar'; + $Param{'debug'} = 0; + +# --------------------------# +# Settings for Command-line # +# ------------------------- # +if ($CMD) { + $Param{'superuser'} = 'root'; + $Param{'rhost'} = 'localhost'; + $Param{'spassword'} = ''; + $Param{'brief'} = 1; +} + +# ---------------------# +# Settings for CGI-BIN # +# -------------------- # +if ($CGI) { + $Param{'superuser'} = 'root'; + $Param{'rhost'} = 'localhost'; + $Param{'spassword'} = ''; + $Param{'table'} = 1; +} + +1; #to make require happy diff --git a/nagios/cgi.cfg b/nagios/cgi.cfg new file mode 100644 index 0000000..cc19172 --- /dev/null +++ b/nagios/cgi.cfg @@ -0,0 +1,357 @@ +################################################################# +# +# CGI.CFG - Sample CGI Configuration File for Nagios 3.3.1 +# +# Last Modified: 06-17-2009 +# +################################################################# + + +# MAIN CONFIGURATION FILE +# This tells the CGIs where to find your main configuration file. +# The CGIs will read the main and host config files for any other +# data they might need. + +main_config_file=/etc/nagios/nagios.cfg + + + +# PHYSICAL HTML PATH +# This is the path where the HTML files for Nagios reside. This +# value is used to locate the logo images needed by the statusmap +# and statuswrl CGIs. + +physical_html_path=/usr/share/nagios/htdocs + + + +# URL HTML PATH +# This is the path portion of the URL that corresponds to the +# physical location of the Nagios HTML files (as defined above). +# This value is used by the CGIs to locate the online documentation +# and graphics. If you access the Nagios pages with an URL like +# http://www.myhost.com/nagios, this value should be '/nagios' +# (without the quotes). + +url_html_path=/nagios + + + +# CONTEXT-SENSITIVE HELP +# This option determines whether or not a context-sensitive +# help icon will be displayed for most of the CGIs. +# Values: 0 = disables context-sensitive help +# 1 = enables context-sensitive help + +show_context_help=0 + + + +# PENDING STATES OPTION +# This option determines what states should be displayed in the web +# interface for hosts/services that have not yet been checked. +# Values: 0 = leave hosts/services that have not been check yet in their original state +# 1 = mark hosts/services that have not been checked yet as PENDING + +use_pending_states=1 + + + + +# AUTHENTICATION USAGE +# This option controls whether or not the CGIs will use any +# authentication when displaying host and service information, as +# well as committing commands to Nagios for processing. +# +# Read the HTML documentation to learn how the authorization works! +# +# NOTE: It is a really *bad* idea to disable authorization, unless +# you plan on removing the command CGI (cmd.cgi)! Failure to do +# so will leave you wide open to kiddies messing with Nagios and +# possibly hitting you with a denial of service attack by filling up +# your drive by continuously writing to your command file! +# +# Setting this value to 0 will cause the CGIs to *not* use +# authentication (bad idea), while any other value will make them +# use the authentication functions (the default). + +use_authentication=1 + + + + +# x509 CERT AUTHENTICATION +# When enabled, this option allows you to use x509 cert (SSL) +# authentication in the CGIs. This is an advanced option and should +# not be enabled unless you know what you're doing. + +use_ssl_authentication=0 + + + + +# DEFAULT USER +# Setting this variable will define a default user name that can +# access pages without authentication. This allows people within a +# secure domain (i.e., behind a firewall) to see the current status +# without authenticating. You may want to use this to avoid basic +# authentication if you are not using a secure server since basic +# authentication transmits passwords in the clear. +# +# Important: Do not define a default username unless you are +# running a secure web server and are sure that everyone who has +# access to the CGIs has been authenticated in some manner! If you +# define this variable, anyone who has not authenticated to the web +# server will inherit all rights you assign to this user! + +#default_user_name=guest + + + +# SYSTEM/PROCESS INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# have access to viewing the Nagios process information as +# provided by the Extended Information CGI (extinfo.cgi). By +# default, *no one* has access to this unless you choose to +# not use authorization. You may use an asterisk (*) to +# authorize any user who has authenticated to the web server. + +authorized_for_system_information=nagiosadmin + + + +# CONFIGURATION INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# can view ALL configuration information (hosts, commands, etc). +# By default, users can only view configuration information +# for the hosts and services they are contacts for. You may use +# an asterisk (*) to authorize any user who has authenticated +# to the web server. + +authorized_for_configuration_information=nagiosadmin + + + +# SYSTEM/PROCESS COMMAND ACCESS +# This option is a comma-delimited list of all usernames that +# can issue shutdown and restart commands to Nagios via the +# command CGI (cmd.cgi). Users in this list can also change +# the program mode to active or standby. By default, *no one* +# has access to this unless you choose to not use authorization. +# You may use an asterisk (*) to authorize any user who has +# authenticated to the web server. + +authorized_for_system_commands=nagiosadmin + + + +# GLOBAL HOST/SERVICE VIEW ACCESS +# These two options are comma-delimited lists of all usernames that +# can view information for all hosts and services that are being +# monitored. By default, users can only view information +# for hosts or services that they are contacts for (unless you +# you choose to not use authorization). You may use an asterisk (*) +# to authorize any user who has authenticated to the web server. + + +authorized_for_all_services=nagiosadmin +authorized_for_all_hosts=nagiosadmin + + + +# GLOBAL HOST/SERVICE COMMAND ACCESS +# These two options are comma-delimited lists of all usernames that +# can issue host or service related commands via the command +# CGI (cmd.cgi) for all hosts and services that are being monitored. +# By default, users can only issue commands for hosts or services +# that they are contacts for (unless you you choose to not use +# authorization). You may use an asterisk (*) to authorize any +# user who has authenticated to the web server. + +authorized_for_all_service_commands=nagiosadmin +authorized_for_all_host_commands=nagiosadmin + + + +# READ-ONLY USERS +# A comma-delimited list of usernames that have read-only rights in +# the CGIs. This will block any service or host commands normally shown +# on the extinfo CGI pages. It will also block comments from being shown +# to read-only users. + +#authorized_for_read_only=user1,user2 + + + + +# STATUSMAP BACKGROUND IMAGE +# This option allows you to specify an image to be used as a +# background in the statusmap CGI. It is assumed that the image +# resides in the HTML images path (i.e. /usr/local/nagios/share/images). +# This path is automatically determined by appending "/images" +# to the path specified by the 'physical_html_path' directive. +# Note: The image file may be in GIF, PNG, JPEG, or GD2 format. +# However, I recommend that you convert your image to GD2 format +# (uncompressed), as this will cause less CPU load when the CGI +# generates the image. + +#statusmap_background_image=smbackground.gd2 + + + + +# STATUSMAP TRANSPARENCY INDEX COLOR +# These options set the r,g,b values of the background color used the statusmap CGI, +# so normal browsers that can't show real png transparency set the desired color as +# a background color instead (to make it look pretty). +# Defaults to white: (R,G,B) = (255,255,255). + +#color_transparency_index_r=255 +#color_transparency_index_g=255 +#color_transparency_index_b=255 + + + + +# DEFAULT STATUSMAP LAYOUT METHOD +# This option allows you to specify the default layout method +# the statusmap CGI should use for drawing hosts. If you do +# not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 1 = Depth layers +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular +# 5 = Circular (Marked Up) + +default_statusmap_layout=5 + + + +# DEFAULT STATUSWRL LAYOUT METHOD +# This option allows you to specify the default layout method +# the statuswrl (VRML) CGI should use for drawing hosts. If you +# do not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular + +default_statuswrl_layout=4 + + + +# STATUSWRL INCLUDE +# This option allows you to include your own objects in the +# generated VRML world. It is assumed that the file +# resides in the HTML path (i.e. /usr/local/nagios/share). + +#statuswrl_include=myworld.wrl + + + +# PING SYNTAX +# This option determines what syntax should be used when +# attempting to ping a host from the WAP interface (using +# the statuswml CGI. You must include the full path to +# the ping binary, along with all required options. The +# $HOSTADDRESS$ macro is substituted with the address of +# the host before the command is executed. +# Please note that the syntax for the ping binary is +# notorious for being different on virtually ever *NIX +# OS and distribution, so you may have to tweak this to +# work on your system. + +ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ + + + +# REFRESH RATE +# This option allows you to specify the refresh rate in seconds +# of various CGIs (status, statusmap, extinfo, and outages). + +refresh_rate=90 + + + +# ESCAPE HTML TAGS +# This option determines whether HTML tags in host and service +# status output is escaped in the web interface. If enabled, +# your plugin output will not be able to contain clickable links. + +escape_html_tags=1 + + + + +# SOUND OPTIONS +# These options allow you to specify an optional audio file +# that should be played in your browser window when there are +# problems on the network. The audio files are used only in +# the status CGI. Only the sound for the most critical problem +# will be played. Order of importance (higher to lower) is as +# follows: unreachable hosts, down hosts, critical services, +# warning services, and unknown services. If there are no +# visible problems, the sound file optionally specified by +# 'normal_sound' variable will be played. +# +# +# = +# +# Note: All audio files must be placed in the /media subdirectory +# under the HTML path (i.e. /usr/local/nagios/share/media/). + +#host_unreachable_sound=hostdown.wav +#host_down_sound=hostdown.wav +#service_critical_sound=critical.wav +#service_warning_sound=warning.wav +#service_unknown_sound=warning.wav +#normal_sound=noproblem.wav + + + +# URL TARGET FRAMES +# These options determine the target frames in which notes and +# action URLs will open. + +action_url_target=_blank +notes_url_target=_blank + + + + +# LOCK AUTHOR NAMES OPTION +# This option determines whether users can change the author name +# when submitting comments, scheduling downtime. If disabled, the +# author names will be locked into their contact name, as defined in Nagios. +# Values: 0 = allow editing author names +# 1 = lock author names (disallow editing) + +lock_author_names=1 + + + + +# SPLUNK INTEGRATION OPTIONS +# These options allow you to enable integration with Splunk +# in the web interface. If enabled, you'll be presented with +# "Splunk It" links in various places in the CGIs (log file, +# alert history, host/service detail, etc). Useful if you're +# trying to research why a particular problem occurred. +# For more information on Splunk, visit http://www.splunk.com/ + +# This option determines whether the Splunk integration is enabled +# Values: 0 = disable Splunk integration +# 1 = enable Splunk integration + +#enable_splunk_integration=1 + + +# This option should be the URL used to access your instance of Splunk + +#splunk_url=http://127.0.0.1:8000/ + + + diff --git a/nagios/nagios.cfg b/nagios/nagios.cfg new file mode 100644 index 0000000..683e00c --- /dev/null +++ b/nagios/nagios.cfg @@ -0,0 +1,1322 @@ +############################################################################## +# +# NAGIOS.CFG - Sample Main Config File for Nagios 3.3.1 +# +# Read the documentation for more information on this configuration +# file. I've provided some comments here, but things may not be so +# clear without further explanation. +# +# Last Modified: 12-14-2008 +# +############################################################################## + + +# LOG FILE +# This is the main log file where service and host events are logged +# for historical purposes. This should be the first option specified +# in the config file!!! + +log_file=/var/nagios/nagios.log + + + +# OBJECT CONFIGURATION FILE(S) +# These are the object configuration files in which you define hosts, +# host groups, contacts, contact groups, services, etc. +# You can split your object definitions across several config files +# if you wish (as shown below), or keep them all in a single config file. + +# You can specify individual object config files as shown below: +cfg_file=/etc/nagios/objects/commands.cfg +cfg_file=/etc/nagios/objects/contacts.cfg +cfg_file=/etc/nagios/objects/timeperiods.cfg +cfg_file=/etc/nagios/objects/templates.cfg + +# Definitions for monitoring the local (Linux) host +cfg_file=/etc/nagios/objects/localhost.cfg + +# Definitions for monitoring a Windows machine +#cfg_file=/etc/nagios/objects/windows.cfg + +# Definitions for monitoring a router/switch +#cfg_file=/etc/nagios/objects/switch.cfg + +# Definitions for monitoring a network printer +#cfg_file=/etc/nagios/objects/printer.cfg + + +# You can also tell Nagios to process all config files (with a .cfg +# extension) in a particular directory by using the cfg_dir +# directive as shown below: + +#cfg_dir=/etc/nagios/servers +#cfg_dir=/etc/nagios/printers +#cfg_dir=/etc/nagios/switches +#cfg_dir=/etc/nagios/routers + + + + +# OBJECT CACHE FILE +# This option determines where object definitions are cached when +# Nagios starts/restarts. The CGIs read object definitions from +# this cache file (rather than looking at the object config files +# directly) in order to prevent inconsistencies that can occur +# when the config files are modified after Nagios starts. + +object_cache_file=/var/nagios/objects.cache + + + +# PRE-CACHED OBJECT FILE +# This options determines the location of the precached object file. +# If you run Nagios with the -p command line option, it will preprocess +# your object configuration file(s) and write the cached config to this +# file. You can then start Nagios with the -u option to have it read +# object definitions from this precached file, rather than the standard +# object configuration files (see the cfg_file and cfg_dir options above). +# Using a precached object file can speed up the time needed to (re)start +# the Nagios process if you've got a large and/or complex configuration. +# Read the documentation section on optimizing Nagios to find our more +# about how this feature works. + +precached_object_file=/var/nagios/objects.precache + + + +# RESOURCE FILE +# This is an optional resource file that contains $USERx$ macro +# definitions. Multiple resource files can be specified by using +# multiple resource_file definitions. The CGIs will not attempt to +# read the contents of resource files, so information that is +# considered to be sensitive (usernames, passwords, etc) can be +# defined as macros in this file and restrictive permissions (600) +# can be placed on this file. + +resource_file=/etc/nagios/resource.cfg + + + +# STATUS FILE +# This is where the current status of all monitored services and +# hosts is stored. Its contents are read and processed by the CGIs. +# The contents of the status file are deleted every time Nagios +# restarts. + +status_file=/var/nagios/status.dat + + + +# STATUS FILE UPDATE INTERVAL +# This option determines the frequency (in seconds) that +# Nagios will periodically dump program, host, and +# service status data. + +status_update_interval=10 + + + +# NAGIOS USER +# This determines the effective user that Nagios should run as. +# You can either supply a username or a UID. + +nagios_user=nagios + + + +# NAGIOS GROUP +# This determines the effective group that Nagios should run as. +# You can either supply a group name or a GID. + +nagios_group=nagios + + + +# EXTERNAL COMMAND OPTION +# This option allows you to specify whether or not Nagios should check +# for external commands (in the command file defined below). By default +# Nagios will *not* check for external commands, just to be on the +# cautious side. If you want to be able to use the CGI command interface +# you will have to enable this. +# Values: 0 = disable commands, 1 = enable commands + +check_external_commands=1 + + + +# EXTERNAL COMMAND CHECK INTERVAL +# This is the interval at which Nagios should check for external commands. +# This value works of the interval_length you specify later. If you leave +# that at its default value of 60 (seconds), a value of 1 here will cause +# Nagios to check for external commands every minute. If you specify a +# number followed by an "s" (i.e. 15s), this will be interpreted to mean +# actual seconds rather than a multiple of the interval_length variable. +# Note: In addition to reading the external command file at regularly +# scheduled intervals, Nagios will also check for external commands after +# event handlers are executed. +# NOTE: Setting this value to -1 causes Nagios to check the external +# command file as often as possible. + +#command_check_interval=15s +command_check_interval=-1 + + + +# EXTERNAL COMMAND FILE +# This is the file that Nagios checks for external command requests. +# It is also where the command CGI will write commands that are submitted +# by users, so it must be writeable by the user that the web server +# is running as (usually 'nobody'). Permissions should be set at the +# directory level instead of on the file, as the file is deleted every +# time its contents are processed. + +command_file=/var/nagios/rw/nagios.cmd + + + +# EXTERNAL COMMAND BUFFER SLOTS +# This settings is used to tweak the number of items or "slots" that +# the Nagios daemon should allocate to the buffer that holds incoming +# external commands before they are processed. As external commands +# are processed by the daemon, they are removed from the buffer. + +external_command_buffer_slots=4096 + + + +# LOCK FILE +# This is the lockfile that Nagios will use to store its PID number +# in when it is running in daemon mode. + +lock_file=/var/nagios/nagios.lock + + + +# TEMP FILE +# This is a temporary file that is used as scratch space when Nagios +# updates the status log, cleans the comment file, etc. This file +# is created, used, and deleted throughout the time that Nagios is +# running. + +temp_file=/var/nagios/nagios.tmp + + + +# TEMP PATH +# This is path where Nagios can create temp files for service and +# host check results, etc. + +temp_path=/tmp + + + +# EVENT BROKER OPTIONS +# Controls what (if any) data gets sent to the event broker. +# Values: 0 = Broker nothing +# -1 = Broker everything +# = See documentation + +event_broker_options=-1 + + + +# EVENT BROKER MODULE(S) +# This directive is used to specify an event broker module that should +# by loaded by Nagios at startup. Use multiple directives if you want +# to load more than one module. Arguments that should be passed to +# the module at startup are seperated from the module path by a space. +# +#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +# WARNING !!! WARNING !!! WARNING !!! WARNING !!! WARNING !!! WARNING +#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +# +# Do NOT overwrite modules while they are being used by Nagios or Nagios +# will crash in a fiery display of SEGFAULT glory. This is a bug/limitation +# either in dlopen(), the kernel, and/or the filesystem. And maybe Nagios... +# +# The correct/safe way of updating a module is by using one of these methods: +# 1. Shutdown Nagios, replace the module file, restart Nagios +# 2. Delete the original module file, move the new module file into place, restart Nagios +# +# Example: +# +# broker_module= [moduleargs] + +#broker_module=/somewhere/module1.o +#broker_module=/somewhere/module2.o arg1 arg2=3 debug=0 + + + +# LOG ROTATION METHOD +# This is the log rotation method that Nagios should use to rotate +# the main log file. Values are as follows.. +# n = None - don't rotate the log +# h = Hourly rotation (top of the hour) +# d = Daily rotation (midnight every day) +# w = Weekly rotation (midnight on Saturday evening) +# m = Monthly rotation (midnight last day of month) + +log_rotation_method=d + + + +# LOG ARCHIVE PATH +# This is the directory where archived (rotated) log files should be +# placed (assuming you've chosen to do log rotation). + +log_archive_path=/var/nagios/archives + + + +# LOGGING OPTIONS +# If you want messages logged to the syslog facility, as well as the +# Nagios log file set this option to 1. If not, set it to 0. + +use_syslog=1 + + + +# NOTIFICATION LOGGING OPTION +# If you don't want notifications to be logged, set this value to 0. +# If notifications should be logged, set the value to 1. + +log_notifications=1 + + + +# SERVICE RETRY LOGGING OPTION +# If you don't want service check retries to be logged, set this value +# to 0. If retries should be logged, set the value to 1. + +log_service_retries=1 + + + +# HOST RETRY LOGGING OPTION +# If you don't want host check retries to be logged, set this value to +# 0. If retries should be logged, set the value to 1. + +log_host_retries=1 + + + +# EVENT HANDLER LOGGING OPTION +# If you don't want host and service event handlers to be logged, set +# this value to 0. If event handlers should be logged, set the value +# to 1. + +log_event_handlers=1 + + + +# INITIAL STATES LOGGING OPTION +# If you want Nagios to log all initial host and service states to +# the main log file (the first time the service or host is checked) +# you can enable this option by setting this value to 1. If you +# are not using an external application that does long term state +# statistics reporting, you do not need to enable this option. In +# this case, set the value to 0. + +log_initial_states=0 + + + +# EXTERNAL COMMANDS LOGGING OPTION +# If you don't want Nagios to log external commands, set this value +# to 0. If external commands should be logged, set this value to 1. +# Note: This option does not include logging of passive service +# checks - see the option below for controlling whether or not +# passive checks are logged. + +log_external_commands=1 + + + +# PASSIVE CHECKS LOGGING OPTION +# If you don't want Nagios to log passive host and service checks, set +# this value to 0. If passive checks should be logged, set +# this value to 1. + +log_passive_checks=1 + + + +# GLOBAL HOST AND SERVICE EVENT HANDLERS +# These options allow you to specify a host and service event handler +# command that is to be run for every host or service state change. +# The global event handler is executed immediately prior to the event +# handler that you have optionally specified in each host or +# service definition. The command argument is the short name of a +# command definition that you define in your host configuration file. +# Read the HTML docs for more information. + +#global_host_event_handler=somecommand +#global_service_event_handler=somecommand + + + +# SERVICE INTER-CHECK DELAY METHOD +# This is the method that Nagios should use when initially +# "spreading out" service checks when it starts monitoring. The +# default is to use smart delay calculation, which will try to +# space all service checks out evenly to minimize CPU load. +# Using the dumb setting will cause all checks to be scheduled +# at the same time (with no delay between them)! This is not a +# good thing for production, but is useful when testing the +# parallelization functionality. +# n = None - don't use any delay between checks +# d = Use a "dumb" delay of 1 second between checks +# s = Use "smart" inter-check delay calculation +# x.xx = Use an inter-check delay of x.xx seconds + +service_inter_check_delay_method=s + + + +# MAXIMUM SERVICE CHECK SPREAD +# This variable determines the timeframe (in minutes) from the +# program start time that an initial check of all services should +# be completed. Default is 30 minutes. + +max_service_check_spread=30 + + + +# SERVICE CHECK INTERLEAVE FACTOR +# This variable determines how service checks are interleaved. +# Interleaving the service checks allows for a more even +# distribution of service checks and reduced load on remote +# hosts. Setting this value to 1 is equivalent to how versions +# of Nagios previous to 0.0.5 did service checks. Set this +# value to s (smart) for automatic calculation of the interleave +# factor unless you have a specific reason to change it. +# s = Use "smart" interleave factor calculation +# x = Use an interleave factor of x, where x is a +# number greater than or equal to 1. + +service_interleave_factor=s + + + +# HOST INTER-CHECK DELAY METHOD +# This is the method that Nagios should use when initially +# "spreading out" host checks when it starts monitoring. The +# default is to use smart delay calculation, which will try to +# space all host checks out evenly to minimize CPU load. +# Using the dumb setting will cause all checks to be scheduled +# at the same time (with no delay between them)! +# n = None - don't use any delay between checks +# d = Use a "dumb" delay of 1 second between checks +# s = Use "smart" inter-check delay calculation +# x.xx = Use an inter-check delay of x.xx seconds + +host_inter_check_delay_method=s + + + +# MAXIMUM HOST CHECK SPREAD +# This variable determines the timeframe (in minutes) from the +# program start time that an initial check of all hosts should +# be completed. Default is 30 minutes. + +max_host_check_spread=30 + + + +# MAXIMUM CONCURRENT SERVICE CHECKS +# This option allows you to specify the maximum number of +# service checks that can be run in parallel at any given time. +# Specifying a value of 1 for this variable essentially prevents +# any service checks from being parallelized. A value of 0 +# will not restrict the number of concurrent checks that are +# being executed. + +max_concurrent_checks=0 + + + +# HOST AND SERVICE CHECK REAPER FREQUENCY +# This is the frequency (in seconds!) that Nagios will process +# the results of host and service checks. + +check_result_reaper_frequency=10 + + + + +# MAX CHECK RESULT REAPER TIME +# This is the max amount of time (in seconds) that a single +# check result reaper event will be allowed to run before +# returning control back to Nagios so it can perform other +# duties. + +max_check_result_reaper_time=30 + + + + +# CHECK RESULT PATH +# This is directory where Nagios stores the results of host and +# service checks that have not yet been processed. +# +# Note: Make sure that only one instance of Nagios has access +# to this directory! + +check_result_path=/var/nagios/spool/checkresults + + + + +# MAX CHECK RESULT FILE AGE +# This option determines the maximum age (in seconds) which check +# result files are considered to be valid. Files older than this +# threshold will be mercilessly deleted without further processing. + +max_check_result_file_age=3600 + + + + +# CACHED HOST CHECK HORIZON +# This option determines the maximum amount of time (in seconds) +# that the state of a previous host check is considered current. +# Cached host states (from host checks that were performed more +# recently that the timeframe specified by this value) can immensely +# improve performance in regards to the host check logic. +# Too high of a value for this option may result in inaccurate host +# states being used by Nagios, while a lower value may result in a +# performance hit for host checks. Use a value of 0 to disable host +# check caching. + +cached_host_check_horizon=15 + + + +# CACHED SERVICE CHECK HORIZON +# This option determines the maximum amount of time (in seconds) +# that the state of a previous service check is considered current. +# Cached service states (from service checks that were performed more +# recently that the timeframe specified by this value) can immensely +# improve performance in regards to predictive dependency checks. +# Use a value of 0 to disable service check caching. + +cached_service_check_horizon=15 + + + +# ENABLE PREDICTIVE HOST DEPENDENCY CHECKS +# This option determines whether or not Nagios will attempt to execute +# checks of hosts when it predicts that future dependency logic test +# may be needed. These predictive checks can help ensure that your +# host dependency logic works well. +# Values: +# 0 = Disable predictive checks +# 1 = Enable predictive checks (default) + +enable_predictive_host_dependency_checks=1 + + + +# ENABLE PREDICTIVE SERVICE DEPENDENCY CHECKS +# This option determines whether or not Nagios will attempt to execute +# checks of service when it predicts that future dependency logic test +# may be needed. These predictive checks can help ensure that your +# service dependency logic works well. +# Values: +# 0 = Disable predictive checks +# 1 = Enable predictive checks (default) + +enable_predictive_service_dependency_checks=1 + + + +# SOFT STATE DEPENDENCIES +# This option determines whether or not Nagios will use soft state +# information when checking host and service dependencies. Normally +# Nagios will only use the latest hard host or service state when +# checking dependencies. If you want it to use the latest state (regardless +# of whether its a soft or hard state type), enable this option. +# Values: +# 0 = Don't use soft state dependencies (default) +# 1 = Use soft state dependencies + +soft_state_dependencies=0 + + + +# TIME CHANGE ADJUSTMENT THRESHOLDS +# These options determine when Nagios will react to detected changes +# in system time (either forward or backwards). + +#time_change_threshold=900 + + + +# AUTO-RESCHEDULING OPTION +# This option determines whether or not Nagios will attempt to +# automatically reschedule active host and service checks to +# "smooth" them out over time. This can help balance the load on +# the monitoring server. +# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE +# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY + +auto_reschedule_checks=0 + + + +# AUTO-RESCHEDULING INTERVAL +# This option determines how often (in seconds) Nagios will +# attempt to automatically reschedule checks. This option only +# has an effect if the auto_reschedule_checks option is enabled. +# Default is 30 seconds. +# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE +# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY + +auto_rescheduling_interval=30 + + + +# AUTO-RESCHEDULING WINDOW +# This option determines the "window" of time (in seconds) that +# Nagios will look at when automatically rescheduling checks. +# Only host and service checks that occur in the next X seconds +# (determined by this variable) will be rescheduled. This option +# only has an effect if the auto_reschedule_checks option is +# enabled. Default is 180 seconds (3 minutes). +# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE +# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY + +auto_rescheduling_window=180 + + + +# SLEEP TIME +# This is the number of seconds to sleep between checking for system +# events and service checks that need to be run. + +sleep_time=0.25 + + + +# TIMEOUT VALUES +# These options control how much time Nagios will allow various +# types of commands to execute before killing them off. Options +# are available for controlling maximum time allotted for +# service checks, host checks, event handlers, notifications, the +# ocsp command, and performance data commands. All values are in +# seconds. + +service_check_timeout=60 +host_check_timeout=30 +event_handler_timeout=30 +notification_timeout=30 +ocsp_timeout=5 +perfdata_timeout=5 + + + +# RETAIN STATE INFORMATION +# This setting determines whether or not Nagios will save state +# information for services and hosts before it shuts down. Upon +# startup Nagios will reload all saved service and host state +# information before starting to monitor. This is useful for +# maintaining long-term data on state statistics, etc, but will +# slow Nagios down a bit when it (re)starts. Since its only +# a one-time penalty, I think its well worth the additional +# startup delay. + +retain_state_information=1 + + + +# STATE RETENTION FILE +# This is the file that Nagios should use to store host and +# service state information before it shuts down. The state +# information in this file is also read immediately prior to +# starting to monitor the network when Nagios is restarted. +# This file is used only if the retain_state_information +# variable is set to 1. + +state_retention_file=/var/nagios/retention.dat + + + +# RETENTION DATA UPDATE INTERVAL +# This setting determines how often (in minutes) that Nagios +# will automatically save retention data during normal operation. +# If you set this value to 0, Nagios will not save retention +# data at regular interval, but it will still save retention +# data before shutting down or restarting. If you have disabled +# state retention, this option has no effect. + +retention_update_interval=60 + + + +# USE RETAINED PROGRAM STATE +# This setting determines whether or not Nagios will set +# program status variables based on the values saved in the +# retention file. If you want to use retained program status +# information, set this value to 1. If not, set this value +# to 0. + +use_retained_program_state=1 + + + +# USE RETAINED SCHEDULING INFO +# This setting determines whether or not Nagios will retain +# the scheduling info (next check time) for hosts and services +# based on the values saved in the retention file. If you +# If you want to use retained scheduling info, set this +# value to 1. If not, set this value to 0. + +use_retained_scheduling_info=1 + + + +# RETAINED ATTRIBUTE MASKS (ADVANCED FEATURE) +# The following variables are used to specify specific host and +# service attributes that should *not* be retained by Nagios during +# program restarts. +# +# The values of the masks are bitwise ANDs of values specified +# by the "MODATTR_" definitions found in include/common.h. +# For example, if you do not want the current enabled/disabled state +# of flap detection and event handlers for hosts to be retained, you +# would use a value of 24 for the host attribute mask... +# MODATTR_EVENT_HANDLER_ENABLED (8) + MODATTR_FLAP_DETECTION_ENABLED (16) = 24 + +# This mask determines what host attributes are not retained +retained_host_attribute_mask=0 + +# This mask determines what service attributes are not retained +retained_service_attribute_mask=0 + +# These two masks determine what process attributes are not retained. +# There are two masks, because some process attributes have host and service +# options. For example, you can disable active host checks, but leave active +# service checks enabled. +retained_process_host_attribute_mask=0 +retained_process_service_attribute_mask=0 + +# These two masks determine what contact attributes are not retained. +# There are two masks, because some contact attributes have host and +# service options. For example, you can disable host notifications for +# a contact, but leave service notifications enabled for them. +retained_contact_host_attribute_mask=0 +retained_contact_service_attribute_mask=0 + + + +# INTERVAL LENGTH +# This is the seconds per unit interval as used in the +# host/contact/service configuration files. Setting this to 60 means +# that each interval is one minute long (60 seconds). Other settings +# have not been tested much, so your mileage is likely to vary... + +interval_length=60 + + + +# CHECK FOR UPDATES +# This option determines whether Nagios will automatically check to +# see if new updates (releases) are available. It is recommend that you +# enable this option to ensure that you stay on top of the latest critical +# patches to Nagios. Nagios is critical to you - make sure you keep it in +# good shape. Nagios will check once a day for new updates. Data collected +# by Nagios Enterprises from the update check is processed in accordance +# with our privacy policy - see http://api.nagios.org for details. + +check_for_updates=1 + + + +# BARE UPDATE CHECK +# This option deterines what data Nagios will send to api.nagios.org when +# it checks for updates. By default, Nagios will send information on the +# current version of Nagios you have installed, as well as an indicator as +# to whether this was a new installation or not. Nagios Enterprises uses +# this data to determine the number of users running specific version of +# Nagios. Enable this option if you do not want this information to be sent. + +bare_update_check=0 + + + +# AGGRESSIVE HOST CHECKING OPTION +# If you don't want to turn on aggressive host checking features, set +# this value to 0 (the default). Otherwise set this value to 1 to +# enable the aggressive check option. Read the docs for more info +# on what aggressive host check is or check out the source code in +# base/checks.c + +use_aggressive_host_checking=0 + + + +# SERVICE CHECK EXECUTION OPTION +# This determines whether or not Nagios will actively execute +# service checks when it initially starts. If this option is +# disabled, checks are not actively made, but Nagios can still +# receive and process passive check results that come in. Unless +# you're implementing redundant hosts or have a special need for +# disabling the execution of service checks, leave this enabled! +# Values: 1 = enable checks, 0 = disable checks + +execute_service_checks=1 + + + +# PASSIVE SERVICE CHECK ACCEPTANCE OPTION +# This determines whether or not Nagios will accept passive +# service checks results when it initially (re)starts. +# Values: 1 = accept passive checks, 0 = reject passive checks + +accept_passive_service_checks=1 + + + +# HOST CHECK EXECUTION OPTION +# This determines whether or not Nagios will actively execute +# host checks when it initially starts. If this option is +# disabled, checks are not actively made, but Nagios can still +# receive and process passive check results that come in. Unless +# you're implementing redundant hosts or have a special need for +# disabling the execution of host checks, leave this enabled! +# Values: 1 = enable checks, 0 = disable checks + +execute_host_checks=1 + + + +# PASSIVE HOST CHECK ACCEPTANCE OPTION +# This determines whether or not Nagios will accept passive +# host checks results when it initially (re)starts. +# Values: 1 = accept passive checks, 0 = reject passive checks + +accept_passive_host_checks=1 + + + +# NOTIFICATIONS OPTION +# This determines whether or not Nagios will sent out any host or +# service notifications when it is initially (re)started. +# Values: 1 = enable notifications, 0 = disable notifications + +enable_notifications=1 + + + +# EVENT HANDLER USE OPTION +# This determines whether or not Nagios will run any host or +# service event handlers when it is initially (re)started. Unless +# you're implementing redundant hosts, leave this option enabled. +# Values: 1 = enable event handlers, 0 = disable event handlers + +enable_event_handlers=1 + + + +# PROCESS PERFORMANCE DATA OPTION +# This determines whether or not Nagios will process performance +# data returned from service and host checks. If this option is +# enabled, host performance data will be processed using the +# host_perfdata_command (defined below) and service performance +# data will be processed using the service_perfdata_command (also +# defined below). Read the HTML docs for more information on +# performance data. +# Values: 1 = process performance data, 0 = do not process performance data + +process_performance_data=0 + + + +# HOST AND SERVICE PERFORMANCE DATA PROCESSING COMMANDS +# These commands are run after every host and service check is +# performed. These commands are executed only if the +# enable_performance_data option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on performance data. + +#host_perfdata_command=process-host-perfdata +#service_perfdata_command=process-service-perfdata + + + +# HOST AND SERVICE PERFORMANCE DATA FILES +# These files are used to store host and service performance data. +# Performance data is only written to these files if the +# enable_performance_data option (above) is set to 1. + +#host_perfdata_file=/tmp/host-perfdata +#service_perfdata_file=/tmp/service-perfdata + + + +# HOST AND SERVICE PERFORMANCE DATA FILE TEMPLATES +# These options determine what data is written (and how) to the +# performance data files. The templates may contain macros, special +# characters (\t for tab, \r for carriage return, \n for newline) +# and plain text. A newline is automatically added after each write +# to the performance data file. Some examples of what you can do are +# shown below. + +#host_perfdata_file_template=[HOSTPERFDATA]\t$TIMET$\t$HOSTNAME$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$ +#service_perfdata_file_template=[SERVICEPERFDATA]\t$TIMET$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$ + + + +# HOST AND SERVICE PERFORMANCE DATA FILE MODES +# This option determines whether or not the host and service +# performance data files are opened in write ("w") or append ("a") +# mode. If you want to use named pipes, you should use the special +# pipe ("p") mode which avoid blocking at startup, otherwise you will +# likely want the defult append ("a") mode. + +#host_perfdata_file_mode=a +#service_perfdata_file_mode=a + + + +# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING INTERVAL +# These options determine how often (in seconds) the host and service +# performance data files are processed using the commands defined +# below. A value of 0 indicates the files should not be periodically +# processed. + +#host_perfdata_file_processing_interval=0 +#service_perfdata_file_processing_interval=0 + + + +# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING COMMANDS +# These commands are used to periodically process the host and +# service performance data files. The interval at which the +# processing occurs is determined by the options above. + +#host_perfdata_file_processing_command=process-host-perfdata-file +#service_perfdata_file_processing_command=process-service-perfdata-file + + + +# OBSESS OVER SERVICE CHECKS OPTION +# This determines whether or not Nagios will obsess over service +# checks and run the ocsp_command defined below. Unless you're +# planning on implementing distributed monitoring, do not enable +# this option. Read the HTML docs for more information on +# implementing distributed monitoring. +# Values: 1 = obsess over services, 0 = do not obsess (default) + +obsess_over_services=0 + + + +# OBSESSIVE COMPULSIVE SERVICE PROCESSOR COMMAND +# This is the command that is run for every service check that is +# processed by Nagios. This command is executed only if the +# obsess_over_services option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on implementing distributed monitoring. + +#ocsp_command=somecommand + + + +# OBSESS OVER HOST CHECKS OPTION +# This determines whether or not Nagios will obsess over host +# checks and run the ochp_command defined below. Unless you're +# planning on implementing distributed monitoring, do not enable +# this option. Read the HTML docs for more information on +# implementing distributed monitoring. +# Values: 1 = obsess over hosts, 0 = do not obsess (default) + +obsess_over_hosts=0 + + + +# OBSESSIVE COMPULSIVE HOST PROCESSOR COMMAND +# This is the command that is run for every host check that is +# processed by Nagios. This command is executed only if the +# obsess_over_hosts option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on implementing distributed monitoring. + +#ochp_command=somecommand + + + +# TRANSLATE PASSIVE HOST CHECKS OPTION +# This determines whether or not Nagios will translate +# DOWN/UNREACHABLE passive host check results into their proper +# state for this instance of Nagios. This option is useful +# if you have distributed or failover monitoring setup. In +# these cases your other Nagios servers probably have a different +# "view" of the network, with regards to the parent/child relationship +# of hosts. If a distributed monitoring server thinks a host +# is DOWN, it may actually be UNREACHABLE from the point of +# this Nagios instance. Enabling this option will tell Nagios +# to translate any DOWN or UNREACHABLE host states it receives +# passively into the correct state from the view of this server. +# Values: 1 = perform translation, 0 = do not translate (default) + +translate_passive_host_checks=0 + + + +# PASSIVE HOST CHECKS ARE SOFT OPTION +# This determines whether or not Nagios will treat passive host +# checks as being HARD or SOFT. By default, a passive host check +# result will put a host into a HARD state type. This can be changed +# by enabling this option. +# Values: 0 = passive checks are HARD, 1 = passive checks are SOFT + +passive_host_checks_are_soft=0 + + + +# ORPHANED HOST/SERVICE CHECK OPTIONS +# These options determine whether or not Nagios will periodically +# check for orphaned host service checks. Since service checks are +# not rescheduled until the results of their previous execution +# instance are processed, there exists a possibility that some +# checks may never get rescheduled. A similar situation exists for +# host checks, although the exact scheduling details differ a bit +# from service checks. Orphaned checks seem to be a rare +# problem and should not happen under normal circumstances. +# If you have problems with service checks never getting +# rescheduled, make sure you have orphaned service checks enabled. +# Values: 1 = enable checks, 0 = disable checks + +check_for_orphaned_services=1 +check_for_orphaned_hosts=1 + + + +# SERVICE FRESHNESS CHECK OPTION +# This option determines whether or not Nagios will periodically +# check the "freshness" of service results. Enabling this option +# is useful for ensuring passive checks are received in a timely +# manner. +# Values: 1 = enabled freshness checking, 0 = disable freshness checking + +check_service_freshness=1 + + + +# SERVICE FRESHNESS CHECK INTERVAL +# This setting determines how often (in seconds) Nagios will +# check the "freshness" of service check results. If you have +# disabled service freshness checking, this option has no effect. + +service_freshness_check_interval=60 + + + +# HOST FRESHNESS CHECK OPTION +# This option determines whether or not Nagios will periodically +# check the "freshness" of host results. Enabling this option +# is useful for ensuring passive checks are received in a timely +# manner. +# Values: 1 = enabled freshness checking, 0 = disable freshness checking + +check_host_freshness=0 + + + +# HOST FRESHNESS CHECK INTERVAL +# This setting determines how often (in seconds) Nagios will +# check the "freshness" of host check results. If you have +# disabled host freshness checking, this option has no effect. + +host_freshness_check_interval=60 + + + + +# ADDITIONAL FRESHNESS THRESHOLD LATENCY +# This setting determines the number of seconds that Nagios +# will add to any host and service freshness thresholds that +# it calculates (those not explicitly specified by the user). + +additional_freshness_latency=15 + + + + +# FLAP DETECTION OPTION +# This option determines whether or not Nagios will try +# and detect hosts and services that are "flapping". +# Flapping occurs when a host or service changes between +# states too frequently. When Nagios detects that a +# host or service is flapping, it will temporarily suppress +# notifications for that host/service until it stops +# flapping. Flap detection is very experimental, so read +# the HTML documentation before enabling this feature! +# Values: 1 = enable flap detection +# 0 = disable flap detection (default) + +enable_flap_detection=1 + + + +# FLAP DETECTION THRESHOLDS FOR HOSTS AND SERVICES +# Read the HTML documentation on flap detection for +# an explanation of what this option does. This option +# has no effect if flap detection is disabled. + +low_service_flap_threshold=5.0 +high_service_flap_threshold=20.0 +low_host_flap_threshold=5.0 +high_host_flap_threshold=20.0 + + + +# DATE FORMAT OPTION +# This option determines how short dates are displayed. Valid options +# include: +# us (MM-DD-YYYY HH:MM:SS) +# euro (DD-MM-YYYY HH:MM:SS) +# iso8601 (YYYY-MM-DD HH:MM:SS) +# strict-iso8601 (YYYY-MM-DDTHH:MM:SS) +# + +date_format=us + + + + +# TIMEZONE OFFSET +# This option is used to override the default timezone that this +# instance of Nagios runs in. If not specified, Nagios will use +# the system configured timezone. +# +# NOTE: In order to display the correct timezone in the CGIs, you +# will also need to alter the Apache directives for the CGI path +# to include your timezone. Example: +# +# +# SetEnv TZ "Australia/Brisbane" +# ... +# + +#use_timezone=US/Mountain +#use_timezone=Australia/Brisbane + + + + +# P1.PL FILE LOCATION +# This value determines where the p1.pl perl script (used by the +# embedded Perl interpreter) is located. If you didn't compile +# Nagios with embedded Perl support, this option has no effect. + +p1_file=/usr/sbin/p1.pl + + + +# EMBEDDED PERL INTERPRETER OPTION +# This option determines whether or not the embedded Perl interpreter +# will be enabled during runtime. This option has no effect if Nagios +# has not been compiled with support for embedded Perl. +# Values: 0 = disable interpreter, 1 = enable interpreter + +enable_embedded_perl=1 + + + +# EMBEDDED PERL USAGE OPTION +# This option determines whether or not Nagios will process Perl plugins +# and scripts with the embedded Perl interpreter if the plugins/scripts +# do not explicitly indicate whether or not it is okay to do so. Read +# the HTML documentation on the embedded Perl interpreter for more +# information on how this option works. + +use_embedded_perl_implicitly=1 + + + +# ILLEGAL OBJECT NAME CHARACTERS +# This option allows you to specify illegal characters that cannot +# be used in host names, service descriptions, or names of other +# object types. + +illegal_object_name_chars=`~!$%^&*|'"<>?,()= + + + +# ILLEGAL MACRO OUTPUT CHARACTERS +# This option allows you to specify illegal characters that are +# stripped from macros before being used in notifications, event +# handlers, etc. This DOES NOT affect macros used in service or +# host check commands. +# The following macros are stripped of the characters you specify: +# $HOSTOUTPUT$ +# $HOSTPERFDATA$ +# $HOSTACKAUTHOR$ +# $HOSTACKCOMMENT$ +# $SERVICEOUTPUT$ +# $SERVICEPERFDATA$ +# $SERVICEACKAUTHOR$ +# $SERVICEACKCOMMENT$ + +illegal_macro_output_chars=`~$&|'"<> + + + +# REGULAR EXPRESSION MATCHING +# This option controls whether or not regular expression matching +# takes place in the object config files. Regular expression +# matching is used to match host, hostgroup, service, and service +# group names/descriptions in some fields of various object types. +# Values: 1 = enable regexp matching, 0 = disable regexp matching + +use_regexp_matching=0 + + + +# "TRUE" REGULAR EXPRESSION MATCHING +# This option controls whether or not "true" regular expression +# matching takes place in the object config files. This option +# only has an effect if regular expression matching is enabled +# (see above). If this option is DISABLED, regular expression +# matching only occurs if a string contains wildcard characters +# (* and ?). If the option is ENABLED, regexp matching occurs +# all the time (which can be annoying). +# Values: 1 = enable true matching, 0 = disable true matching + +use_true_regexp_matching=0 + + + +# ADMINISTRATOR EMAIL/PAGER ADDRESSES +# The email and pager address of a global administrator (likely you). +# Nagios never uses these values itself, but you can access them by +# using the $ADMINEMAIL$ and $ADMINPAGER$ macros in your notification +# commands. + +admin_email=nagios@localhost +admin_pager=pagenagios@localhost + + + +# DAEMON CORE DUMP OPTION +# This option determines whether or not Nagios is allowed to create +# a core dump when it runs as a daemon. Note that it is generally +# considered bad form to allow this, but it may be useful for +# debugging purposes. Enabling this option doesn't guarantee that +# a core file will be produced, but that's just life... +# Values: 1 - Allow core dumps +# 0 - Do not allow core dumps (default) + +daemon_dumps_core=0 + + + +# LARGE INSTALLATION TWEAKS OPTION +# This option determines whether or not Nagios will take some shortcuts +# which can save on memory and CPU usage in large Nagios installations. +# Read the documentation for more information on the benefits/tradeoffs +# of enabling this option. +# Values: 1 - Enabled tweaks +# 0 - Disable tweaks (default) + +use_large_installation_tweaks=0 + + + +# ENABLE ENVIRONMENT MACROS +# This option determines whether or not Nagios will make all standard +# macros available as environment variables when host/service checks +# and system commands (event handlers, notifications, etc.) are +# executed. Enabling this option can cause performance issues in +# large installations, as it will consume a bit more memory and (more +# importantly) consume more CPU. +# Values: 1 - Enable environment variable macros (default) +# 0 - Disable environment variable macros + +enable_environment_macros=1 + + + +# CHILD PROCESS MEMORY OPTION +# This option determines whether or not Nagios will free memory in +# child processes (processed used to execute system commands and host/ +# service checks). If you specify a value here, it will override +# program defaults. +# Value: 1 - Free memory in child processes +# 0 - Do not free memory in child processes + +#free_child_process_memory=1 + + + +# CHILD PROCESS FORKING BEHAVIOR +# This option determines how Nagios will fork child processes +# (used to execute system commands and host/service checks). Normally +# child processes are fork()ed twice, which provides a very high level +# of isolation from problems. Fork()ing once is probably enough and will +# save a great deal on CPU usage (in large installs), so you might +# want to consider using this. If you specify a value here, it will +# program defaults. +# Value: 1 - Child processes fork() twice +# 0 - Child processes fork() just once + +#child_processes_fork_twice=1 + + + +# DEBUG LEVEL +# This option determines how much (if any) debugging information will +# be written to the debug file. OR values together to log multiple +# types of information. +# Values: +# -1 = Everything +# 0 = Nothing +# 1 = Functions +# 2 = Configuration +# 4 = Process information +# 8 = Scheduled events +# 16 = Host/service checks +# 32 = Notifications +# 64 = Event broker +# 128 = External commands +# 256 = Commands +# 512 = Scheduled downtime +# 1024 = Comments +# 2048 = Macros + +debug_level=0 + + + +# DEBUG VERBOSITY +# This option determines how verbose the debug log out will be. +# Values: 0 = Brief output +# 1 = More detailed +# 2 = Very detailed + +debug_verbosity=1 + + + +# DEBUG FILE +# This option determines where Nagios should write debugging information. + +debug_file=/var/nagios/nagios.debug + + + +# MAX DEBUG FILE SIZE +# This option determines the maximum size (in bytes) of the debug file. If +# the file grows larger than this size, it will be renamed with a .old +# extension. If a file already exists with a .old extension it will +# automatically be deleted. This helps ensure your disk space usage doesn't +# get out of control when debugging Nagios. + +max_debug_file_size=1000000 + + diff --git a/nagios/ndo2db.cfg b/nagios/ndo2db.cfg new file mode 100644 index 0000000..bc0baab --- /dev/null +++ b/nagios/ndo2db.cfg @@ -0,0 +1,166 @@ +##################################################################### +# NDO2DB DAEMON CONFIG FILE +# +# Last Modified: 10-29-2007 +##################################################################### + + +# USER/GROUP PRIVILIGES +# These options determine the user/group that the daemon should run as. +# You can specify a number (uid/gid) or a name for either option. + +ndo2db_user=nagios +ndo2db_group=nagios + + + +# SOCKET TYPE +# This option determines what type of socket the daemon will create +# an accept connections from. +# Value: +# unix = Unix domain socket (default) +# tcp = TCP socket + +socket_type=unix +#socket_type=tcp + + + +# SOCKET NAME +# This option determines the name and path of the UNIX domain +# socket that the daemon will create and accept connections from. +# This option is only valid if the socket type specified above +# is "unix". + +socket_name=/var/nagios/ndo.sock + + + +# TCP PORT +# This option determines what port the daemon will listen for +# connections on. This option is only vlaid if the socket type +# specified above is "tcp". + +tcp_port=5668 + + + +# DATABASE SERVER TYPE +# This option determines what type of DB server the daemon should +# connect to. +# Values: +# mysql = MySQL +# pgsql = PostgreSQL + +db_servertype=mysql + + + +# DATABASE HOST +# This option specifies what host the DB server is running on. + +db_host=localhost + + + +# DATABASE PORT +# This option specifies the port that the DB server is running on. +# Values: +# 3306 = Default MySQL port +# 5432 = Default PostgreSQL port + +db_port=3306 + + + +# DATABASE NAME +# This option specifies the name of the database that should be used. + +db_name=nagios + + + +# DATABASE TABLE PREFIX +# Determines the prefix (if any) that should be prepended to table names. +# If you modify the table prefix, you'll need to modify the SQL script for +# creating the database! + +db_prefix=nagios_ + + + +# DATABASE USERNAME/PASSWORD +# This is the username/password that will be used to authenticate to the DB. +# The user needs at least SELECT, INSERT, UPDATE, and DELETE privileges on +# the database. + +db_user=ndouser +db_pass=ndopassword + + + +## TABLE TRIMMING OPTIONS +# Several database tables containing Nagios event data can become quite large +# over time. Most admins will want to trim these tables and keep only a +# certain amount of data in them. The options below are used to specify the +# age (in MINUTES) that data should be allowd to remain in various tables +# before it is deleted. Using a value of zero (0) for any value means that +# that particular table should NOT be automatically trimmed. + +# Keep timed events for 24 hours +max_timedevents_age=1440 + +# Keep system commands for 1 week +max_systemcommands_age=10080 + +# Keep service checks for 1 week +max_servicechecks_age=10080 + +# Keep host checks for 1 week +max_hostchecks_age=10080 + +# Keep event handlers for 31 days +max_eventhandlers_age=44640 + + + + + +# DEBUG LEVEL +# This option determines how much (if any) debugging information will +# be written to the debug file. OR values together to log multiple +# types of information. +# Values: -1 = Everything +# 0 = Nothing +# 1 = Process info +# 2 = SQL queries + +debug_level=0 + + + +# DEBUG VERBOSITY +# This option determines how verbose the debug log out will be. +# Values: 0 = Brief output +# 1 = More detailed +# 2 = Very detailed + +debug_verbosity=1 + + + +# DEBUG FILE +# This option determines where the daemon should write debugging information. + +debug_file=@localstatedir@/ndo2db.debug + + + +# MAX DEBUG FILE SIZE +# This option determines the maximum size (in bytes) of the debug file. If +# the file grows larger than this size, it will be renamed with a .old +# extension. If a file already exists with a .old extension it will +# automatically be deleted. This helps ensure your disk space usage doesn't +# get out of control when debugging. + +max_debug_file_size=1000000 diff --git a/nagios/ndomod.cfg b/nagios/ndomod.cfg new file mode 100644 index 0000000..63a9b57 --- /dev/null +++ b/nagios/ndomod.cfg @@ -0,0 +1,151 @@ +##################################################################### +# NDOMOD CONFIG FILE +# +# Last Modified: 09-05-2007 +##################################################################### + + +# INSTANCE NAME +# This option identifies the "name" associated with this particular +# instance of Nagios and is used to seperate data coming from multiple +# instances. Defaults to 'default' (without quotes). + +instance_name=default + + + +# OUTPUT TYPE +# This option determines what type of output sink the NDO NEB module +# should use for data output. Valid options include: +# file = standard text file +# tcpsocket = TCP socket +# unixsocket = UNIX domain socket (default) + +#output_type=file +#output_type=tcpsocket +output_type=unixsocket + + + +# OUTPUT +# This option determines the name and path of the file or UNIX domain +# socket to which output will be sent if the output type option specified +# above is "file" or "unixsocket", respectively. If the output type +# option is "tcpsocket", this option is used to specify the IP address +# of fully qualified domain name of the host that the module should +# connect to for sending output. + +#output=/usr/local/nagios/var/ndo.dat +#output=127.0.0.1 +output=/usr/local/nagios/var/ndo.sock + + + +# TCP PORT +# This option determines what port the module will connect to in +# order to send output. This option is only vlaid if the output type +# option specified above is "tcpsocket". + +tcp_port=5668 + + + +# OUTPUT BUFFER +# This option determines the size of the output buffer, which will help +# prevent data from getting lost if there is a temporary disconnect from +# the data sink. The number of items specified here is the number of +# lines (each of variable size) of output that will be buffered. + +output_buffer_items=5000 + + + +# BUFFER FILE +# This option is used to specify a file which will be used to store the +# contents of buffered data which could not be sent to the NDO2DB daemon +# before Nagios shuts down. Prior to shutting down, the NDO NEB module +# will write all buffered data to this file for later processing. When +# Nagios (re)starts, the NDO NEB module will read the contents of this +# file and send it to the NDO2DB daemon for processing. + +buffer_file=/usr/local/nagios/var/ndomod.tmp + + + +# FILE ROTATION INTERVAL +# This option determines how often (in seconds) the output file is +# rotated by Nagios. File rotation is handled by Nagios by executing +# the command defined by the file_rotation_command option. This +# option has no effect if the output_type option is a socket. + +file_rotation_interval=14400 + + + +# FILE ROTATION COMMAND +# This option specified the command (as defined in Nagios) that is +# used to rotate the output file at the interval specified by the +# file_rotation_interval option. This option has no effect if the +# output_type option is a socket. +# +# See the file 'misccommands.cfg' for an example command definition +# that you can use to rotate the log file. + +#file_rotation_command=rotate_ndo_log + + + +# FILE ROTATION TIMEOUT +# This option specified the maximum number of seconds that the file +# rotation command should be allowed to run before being prematurely +# terminated. + +file_rotation_timeout=60 + + + +# RECONNECT INTERVAL +# This option determines how often (in seconds) that the NDO NEB +# module will attempt to re-connect to the output file or socket if +# a connection to it is lost. + +reconnect_interval=15 + + + +# RECONNECT WARNING INTERVAL +# This option determines how often (in seconds) a warning message will +# be logged to the Nagios log file if a connection to the output file +# or socket cannot be re-established. + +reconnect_warning_interval=15 +#reconnect_warning_interval=900 + + + +# DATA PROCESSING OPTION +# This option determines what data the NDO NEB module will process. +# Do not mess with this option unless you know what you're doing!!!! +# Read the source code (include/ndbxtmod.h) to determine what values +# to use here. Values from source code should be OR'ed to get the +# value to use here. A value of -1 will cause all data to be processed. +# Read the source code (include/ndomod.h) and look for "NDOMOD_PROCESS_" +# to determine what values to use here. Values from source code should +# be OR'ed to get the value to use here. A value of -1 will cause all +# data to be processed. + +data_processing_options=-1 + + + +# CONFIG OUTPUT OPTION +# This option determines what types of configuration data the NDO +# NEB module will dump from Nagios. Values can be OR'ed together. +# Values: +# 0 = Don't dump any configuration information +# 1 = Dump only original config (from config files) +# 2 = Dump config only after retained information has been restored +# 3 = Dump both original and retained configuration + +config_output_options=2 + diff --git a/nagios/nrpe.cfg b/nagios/nrpe.cfg new file mode 100644 index 0000000..e121a78 --- /dev/null +++ b/nagios/nrpe.cfg @@ -0,0 +1,215 @@ +############################################################################# +# Sample NRPE Config File +# Written by: Ethan Galstad (nagios@nagios.org) +# +# Last Modified: 11-23-2007 +# +# NOTES: +# This is a sample configuration file for the NRPE daemon. It needs to be +# located on the remote host that is running the NRPE daemon, not the host +# from which the check_nrpe client is being executed. +############################################################################# + + +# LOG FACILITY +# The syslog facility that should be used for logging purposes. + +log_facility=daemon + + + +# PID FILE +# The name of the file in which the NRPE daemon should write it's process ID +# number. The file is only written if the NRPE daemon is started by the root +# user and is running in standalone mode. + +pid_file=/var/run/nrpe/nrpe.pid + + + +# PORT NUMBER +# Port number we should wait for connections on. +# NOTE: This must be a non-priviledged port (i.e. > 1024). +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +server_port=5666 + + + +# SERVER ADDRESS +# Address that nrpe should bind to in case there are more than one interface +# and you do not want nrpe to bind on all interfaces. +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +#server_address=127.0.0.1 + + + +# NRPE USER +# This determines the effective user that the NRPE daemon should run as. +# You can either supply a username or a UID. +# +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +nrpe_user=nagios + + + +# NRPE GROUP +# This determines the effective group that the NRPE daemon should run as. +# You can either supply a group name or a GID. +# +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +nrpe_group=nagios + + + +# ALLOWED HOST ADDRESSES +# This is an optional comma-delimited list of IP address or hostnames +# that are allowed to talk to the NRPE daemon. +# +# Note: The daemon only does rudimentary checking of the client's IP +# address. I would highly recommend adding entries in your /etc/hosts.allow +# file to allow only the specified host to connect to the port +# you are running this daemon on. +# +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +allowed_hosts=127.0.0.1 + + + +# COMMAND ARGUMENT PROCESSING +# This option determines whether or not the NRPE daemon will allow clients +# to specify arguments to commands that are executed. This option only works +# if the daemon was configured with the --enable-command-args configure script +# option. +# +# *** ENABLING THIS OPTION IS A SECURITY RISK! *** +# Read the SECURITY file for information on some of the security implications +# of enabling this variable. +# +# Values: 0=do not allow arguments, 1=allow command arguments + +dont_blame_nrpe=0 + + + +# COMMAND PREFIX +# This option allows you to prefix all commands with a user-defined string. +# A space is automatically added between the specified prefix string and the +# command line from the command definition. +# +# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! *** +# Usage scenario: +# Execute restricted commmands using sudo. For this to work, you need to add +# the nagios user to your /etc/sudoers. An example entry for alllowing +# execution of the plugins from might be: +# +# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/ +# +# This lets the nagios user run all commands in that directory (and only them) +# without asking for a password. If you do this, make sure you don't give +# random users write access to that directory or its contents! + +# command_prefix=/usr/bin/sudo + + + +# DEBUGGING OPTION +# This option determines whether or not debugging messages are logged to the +# syslog facility. +# Values: 0=debugging off, 1=debugging on + +debug=0 + + + +# COMMAND TIMEOUT +# This specifies the maximum number of seconds that the NRPE daemon will +# allow plugins to finish executing before killing them off. + +command_timeout=60 + + + +# CONNECTION TIMEOUT +# This specifies the maximum number of seconds that the NRPE daemon will +# wait for a connection to be established before exiting. This is sometimes +# seen where a network problem stops the SSL being established even though +# all network sessions are connected. This causes the nrpe daemons to +# accumulate, eating system resources. Do not set this too low. + +connection_timeout=300 + + + +# WEEK RANDOM SEED OPTION +# This directive allows you to use SSL even if your system does not have +# a /dev/random or /dev/urandom (on purpose or because the necessary patches +# were not applied). The random number generator will be seeded from a file +# which is either a file pointed to by the environment valiable $RANDFILE +# or $HOME/.rnd. If neither exists, the pseudo random number generator will +# be initialized and a warning will be issued. +# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness + +#allow_weak_random_seed=1 + + + +# INCLUDE CONFIG FILE +# This directive allows you to include definitions from an external config file. + +#include= + + + +# INCLUDE CONFIG DIRECTORY +# This directive allows you to include definitions from config files (with a +# .cfg extension) in one or more directories (with recursion). + +#include_dir= +#include_dir= + + + +# COMMAND DEFINITIONS +# Command definitions that this daemon will run. Definitions +# are in the following format: +# +# command[]= +# +# When the daemon receives a request to return the results of +# it will execute the command specified by the argument. +# +# Unlike Nagios, the command line cannot contain macros - it must be +# typed exactly as it should be executed. +# +# Note: Any plugins that are used in the command lines must reside +# on the machine that this daemon is running on! The examples below +# assume that you have plugins installed in a /usr/local/nagios/libexec +# directory. Also note that you will have to modify the definitions below +# to match the argument format the plugins expect. Remember, these are +# examples only! + + +# The following examples use hardcoded command arguments... + +command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10 +command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20 +command[check_hda1]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1 +command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z +command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200 + + +# The following examples allow user-supplied arguments and can +# only be used if the NRPE daemon was compiled with support for +# command arguments *AND* the dont_blame_nrpe directive in this +# config file is set to '1'. This poses a potential security risk, so +# make sure you read the SECURITY file before doing this. + +#command[check_users]=/usr/lib64/nagios/plugins/check_users -w $ARG1$ -c $ARG2$ +#command[check_load]=/usr/lib64/nagios/plugins/check_load -w $ARG1$ -c $ARG2$ +#command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ +#command[check_procs]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ diff --git a/nagios/objects/commands.cfg b/nagios/objects/commands.cfg new file mode 100644 index 0000000..a9d8ff1 --- /dev/null +++ b/nagios/objects/commands.cfg @@ -0,0 +1,240 @@ +############################################################################### +# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 3.3.1 +# +# Last Modified: 05-31-2007 +# +# NOTES: This config file provides you with some example command definitions +# that you can reference in host, service, and contact definitions. +# +# You don't need to keep commands in a separate file from your other +# object definitions. This has been done just to make things easier to +# understand. +# +############################################################################### + + +################################################################################ +# +# SAMPLE NOTIFICATION COMMANDS +# +# These are some example notification commands. They may or may not work on +# your system without modification. As an example, some systems will require +# you to use "/usr/bin/mailx" instead of "/usr/bin/mail" in the commands below. +# +################################################################################ + + +# 'notify-host-by-email' command definition +define command{ + command_name notify-host-by-email + command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$ + } + +# 'notify-service-by-email' command definition +define command{ + command_name notify-service-by-email + command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$ + } + + + + + +################################################################################ +# +# SAMPLE HOST CHECK COMMANDS +# +################################################################################ + + +# This command checks to see if a host is "alive" by pinging it +# The check must result in a 100% packet loss or 5 second (5000ms) round trip +# average time to produce a critical error. +# Note: Five ICMP echo packets are sent (determined by the '-p 5' argument) + +# 'check-host-alive' command definition +define command{ + command_name check-host-alive + command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5 + } + + + + +################################################################################ +# +# SAMPLE SERVICE CHECK COMMANDS +# +# These are some example service check commands. They may or may not work on +# your system, as they must be modified for your plugins. See the HTML +# documentation on the plugins for examples of how to configure command definitions. +# +# NOTE: The following 'check_local_...' functions are designed to monitor +# various metrics on the host that Nagios is running on (i.e. this one). +################################################################################ + +# 'check_local_disk' command definition +define command{ + command_name check_local_disk + command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ + } + + +# 'check_local_load' command definition +define command{ + command_name check_local_load + command_line $USER1$/check_load -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_procs' command definition +define command{ + command_name check_local_procs + command_line $USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ + } + + +# 'check_local_users' command definition +define command{ + command_name check_local_users + command_line $USER1$/check_users -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_swap' command definition +define command{ + command_name check_local_swap + command_line $USER1$/check_swap -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_mrtgtraf' command definition +define command{ + command_name check_local_mrtgtraf + command_line $USER1$/check_mrtgtraf -F $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$ -e $ARG5$ + } + + +################################################################################ +# NOTE: The following 'check_...' commands are used to monitor services on +# both local and remote hosts. +################################################################################ + +# 'check_ftp' command definition +define command{ + command_name check_ftp + command_line $USER1$/check_ftp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_hpjd' command definition +define command{ + command_name check_hpjd + command_line $USER1$/check_hpjd -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_snmp' command definition +define command{ + command_name check_snmp + command_line $USER1$/check_snmp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_http' command definition +define command{ + command_name check_http + command_line $USER1$/check_http -I $HOSTADDRESS$ $ARG1$ + } + + +# 'check_ssh' command definition +define command{ + command_name check_ssh + command_line $USER1$/check_ssh $ARG1$ $HOSTADDRESS$ + } + + +# 'check_dhcp' command definition +define command{ + command_name check_dhcp + command_line $USER1$/check_dhcp $ARG1$ + } + + +# 'check_ping' command definition +define command{ + command_name check_ping + command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5 + } + + +# 'check_pop' command definition +define command{ + command_name check_pop + command_line $USER1$/check_pop -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_imap' command definition +define command{ + command_name check_imap + command_line $USER1$/check_imap -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_smtp' command definition +define command{ + command_name check_smtp + command_line $USER1$/check_smtp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_tcp' command definition +define command{ + command_name check_tcp + command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$ + } + + +# 'check_udp' command definition +define command{ + command_name check_udp + command_line $USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$ + } + + +# 'check_nt' command definition +define command{ + command_name check_nt + command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -v $ARG1$ $ARG2$ + } + + + +################################################################################ +# +# SAMPLE PERFORMANCE DATA COMMANDS +# +# These are sample performance data commands that can be used to send performance +# data output to two text files (one for hosts, another for services). If you +# plan on simply writing performance data out to a file, consider using the +# host_perfdata_file and service_perfdata_file options in the main config file. +# +################################################################################ + + +# 'process-host-perfdata' command definition +define command{ + command_name process-host-perfdata + command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/nagios/host-perfdata.out + } + + +# 'process-service-perfdata' command definition +define command{ + command_name process-service-perfdata + command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/nagios/service-perfdata.out + } + + diff --git a/nagios/objects/contacts.cfg b/nagios/objects/contacts.cfg new file mode 100644 index 0000000..b90fc68 --- /dev/null +++ b/nagios/objects/contacts.cfg @@ -0,0 +1,55 @@ +############################################################################### +# CONTACTS.CFG - SAMPLE CONTACT/CONTACTGROUP DEFINITIONS +# +# Last Modified: 05-31-2007 +# +# NOTES: This config file provides you with some example contact and contact +# group definitions that you can reference in host and service +# definitions. +# +# You don't need to keep these definitions in a separate file from your +# other object definitions. This has been done just to make things +# easier to understand. +# +############################################################################### + + + +############################################################################### +############################################################################### +# +# CONTACTS +# +############################################################################### +############################################################################### + +# Just one contact defined by default - the Nagios admin (that's you) +# This contact definition inherits a lot of default values from the 'generic-contact' +# template which is defined elsewhere. + +define contact{ + contact_name nagiosadmin ; Short name of user + use generic-contact ; Inherit default values from generic-contact template (defined above) + alias Nagios Admin ; Full name of user + + email nagios@localhost ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ****** + } + + + +############################################################################### +############################################################################### +# +# CONTACT GROUPS +# +############################################################################### +############################################################################### + +# We only have one contact in this simple configuration file, so there is +# no need to create more than one contact group. + +define contactgroup{ + contactgroup_name admins + alias Nagios Administrators + members nagiosadmin + } diff --git a/nagios/objects/localhost.cfg b/nagios/objects/localhost.cfg new file mode 100644 index 0000000..6882ced --- /dev/null +++ b/nagios/objects/localhost.cfg @@ -0,0 +1,157 @@ +############################################################################### +# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE +# +# Last Modified: 05-31-2007 +# +# NOTE: This config file is intended to serve as an *extremely* simple +# example of how you can create configuration entries to monitor +# the local (Linux) machine. +# +############################################################################### + + + + +############################################################################### +############################################################################### +# +# HOST DEFINITION +# +############################################################################### +############################################################################### + +# Define a host for the local machine + +define host{ + use linux-server ; Name of host template to use + ; This host definition will inherit all variables that are defined + ; in (or inherited by) the linux-server host template definition. + host_name localhost + alias localhost + address 127.0.0.1 + } + + + +############################################################################### +############################################################################### +# +# HOST GROUP DEFINITION +# +############################################################################### +############################################################################### + +# Define an optional hostgroup for Linux machines + +define hostgroup{ + hostgroup_name linux-servers ; The name of the hostgroup + alias Linux Servers ; Long name of the group + members localhost ; Comma separated list of hosts that belong to this group + } + + + +############################################################################### +############################################################################### +# +# SERVICE DEFINITIONS +# +############################################################################### +############################################################################### + + +# Define a service to "ping" the local machine + +define service{ + use local-service ; Name of service template to use + host_name localhost + service_description PING + check_command check_ping!100.0,20%!500.0,60% + } + + +# Define a service to check the disk space of the root partition +# on the local machine. Warning if < 20% free, critical if +# < 10% free space on partition. + +define service{ + use local-service ; Name of service template to use + host_name localhost + service_description Root Partition + check_command check_local_disk!20%!10%!/ + } + + + +# Define a service to check the number of currently logged in +# users on the local machine. Warning if > 20 users, critical +# if > 50 users. + +define service{ + use local-service ; Name of service template to use + host_name localhost + service_description Current Users + check_command check_local_users!20!50 + } + + +# Define a service to check the number of currently running procs +# on the local machine. Warning if > 250 processes, critical if +# > 400 users. + +define service{ + use local-service ; Name of service template to use + host_name localhost + service_description Total Processes + check_command check_local_procs!250!400!RSZDT + } + + + +# Define a service to check the load on the local machine. + +define service{ + use local-service ; Name of service template to use + host_name localhost + service_description Current Load + check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0 + } + + + +# Define a service to check the swap usage the local machine. +# Critical if less than 10% of swap is free, warning if less than 20% is free + +define service{ + use local-service ; Name of service template to use + host_name localhost + service_description Swap Usage + check_command check_local_swap!20!10 + } + + + +# Define a service to check SSH on the local machine. +# Disable notifications for this service by default, as not all users may have SSH enabled. + +define service{ + use local-service ; Name of service template to use + host_name localhost + service_description SSH + check_command check_ssh + notifications_enabled 0 + } + + + +# Define a service to check HTTP on the local machine. +# Disable notifications for this service by default, as not all users may have HTTP enabled. + +define service{ + use local-service ; Name of service template to use + host_name localhost + service_description HTTP + check_command check_http + notifications_enabled 0 + } + diff --git a/nagios/objects/printer.cfg b/nagios/objects/printer.cfg new file mode 100644 index 0000000..1de8855 --- /dev/null +++ b/nagios/objects/printer.cfg @@ -0,0 +1,85 @@ +############################################################################### +# PRINTER.CFG - SAMPLE CONFIG FILE FOR MONITORING A NETWORK PRINTER +# +# Last Modified: 10-03-2007 +# +# NOTES: This config file assumes that you are using the sample configuration +# files that get installed with the Nagios quickstart guide. +# +############################################################################### + + + + +############################################################################### +############################################################################### +# +# HOST DEFINITIONS +# +############################################################################### +############################################################################### + +# Define a host for the printer we'll be monitoring +# Change the host_name, alias, and address to fit your situation + +define host{ + use generic-printer ; Inherit default values from a template + host_name hplj2605dn ; The name we're giving to this printer + alias HP LaserJet 2605dn ; A longer name associated with the printer + address 192.168.1.30 ; IP address of the printer + hostgroups network-printers ; Host groups this printer is associated with + } + + + + +############################################################################### +############################################################################### +# +# HOST GROUP DEFINITIONS +# +############################################################################### +############################################################################### + +# A hostgroup for network printers + +define hostgroup{ + hostgroup_name network-printers ; The name of the hostgroup + alias Network Printers ; Long name of the group + } + + + + +############################################################################### +############################################################################### +# +# SERVICE DEFINITIONS +# +############################################################################### +############################################################################### + +# Create a service for monitoring the status of the printer +# Change the host_name to match the name of the host you defined above +# If the printer has an SNMP community string other than "public", change the check_command directive to reflect that + +define service{ + use generic-service ; Inherit values from a template + host_name hplj2605dn ; The name of the host the service is associated with + service_description Printer Status ; The service description + check_command check_hpjd!-C public ; The command used to monitor the service + normal_check_interval 10 ; Check the service every 10 minutes under normal conditions + retry_check_interval 1 ; Re-check the service every minute until its final/hard state is determined + } + + +# Create a service for "pinging" the printer occassionally. Useful for monitoring RTA, packet loss, etc. + +define service{ + use generic-service + host_name hplj2605dn + service_description PING + check_command check_ping!3000.0,80%!5000.0,100% + normal_check_interval 10 + retry_check_interval 1 + } diff --git a/nagios/objects/switch.cfg b/nagios/objects/switch.cfg new file mode 100644 index 0000000..60c4db6 --- /dev/null +++ b/nagios/objects/switch.cfg @@ -0,0 +1,113 @@ +############################################################################### +# SWITCH.CFG - SAMPLE CONFIG FILE FOR MONITORING A SWITCH +# +# Last Modified: 10-03-2007 +# +# NOTES: This config file assumes that you are using the sample configuration +# files that get installed with the Nagios quickstart guide. +# +############################################################################### + + + + +############################################################################### +############################################################################### +# +# HOST DEFINITIONS +# +############################################################################### +############################################################################### + +# Define the switch that we'll be monitoring + +define host{ + use generic-switch ; Inherit default values from a template + host_name linksys-srw224p ; The name we're giving to this switch + alias Linksys SRW224P Switch ; A longer name associated with the switch + address 192.168.1.253 ; IP address of the switch + hostgroups switches ; Host groups this switch is associated with + } + + + + +############################################################################### +############################################################################### +# +# HOST GROUP DEFINITIONS +# +############################################################################### +############################################################################### + +# Create a new hostgroup for switches + +define hostgroup{ + hostgroup_name switches ; The name of the hostgroup + alias Network Switches ; Long name of the group + } + + + + +############################################################################### +############################################################################### +# +# SERVICE DEFINITIONS +# +############################################################################### +############################################################################### + +# Create a service to PING to switch + +define service{ + use generic-service ; Inherit values from a template + host_name linksys-srw224p ; The name of the host the service is associated with + service_description PING ; The service description + check_command check_ping!200.0,20%!600.0,60% ; The command used to monitor the service + normal_check_interval 5 ; Check the service every 5 minutes under normal conditions + retry_check_interval 1 ; Re-check the service every minute until its final/hard state is determined + } + + +# Monitor uptime via SNMP + +define service{ + use generic-service ; Inherit values from a template + host_name linksys-srw224p + service_description Uptime + check_command check_snmp!-C public -o sysUpTime.0 + } + + + +# Monitor Port 1 status via SNMP + +define service{ + use generic-service ; Inherit values from a template + host_name linksys-srw224p + service_description Port 1 Link Status + check_command check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB + } + + + +# Monitor bandwidth via MRTG logs + +define service{ + use generic-service ; Inherit values from a template + host_name linksys-srw224p + service_description Port 1 Bandwidth Usage + check_command check_local_mrtgtraf!/var/lib/mrtg/192.168.1.253_1.log!AVG!1000000,1000000!5000000,5000000!10 + } + + + + + + + + + + + diff --git a/nagios/objects/templates.cfg b/nagios/objects/templates.cfg new file mode 100644 index 0000000..16a980d --- /dev/null +++ b/nagios/objects/templates.cfg @@ -0,0 +1,190 @@ +############################################################################### +# TEMPLATES.CFG - SAMPLE OBJECT TEMPLATES +# +# Last Modified: 10-03-2007 +# +# NOTES: This config file provides you with some example object definition +# templates that are refered by other host, service, contact, etc. +# definitions in other config files. +# +# You don't need to keep these definitions in a separate file from your +# other object definitions. This has been done just to make things +# easier to understand. +# +############################################################################### + + + +############################################################################### +############################################################################### +# +# CONTACT TEMPLATES +# +############################################################################### +############################################################################### + +# Generic contact definition template - This is NOT a real contact, just a template! + +define contact{ + name generic-contact ; The name of this contact template + service_notification_period 24x7 ; service notifications can be sent anytime + host_notification_period 24x7 ; host notifications can be sent anytime + service_notification_options w,u,c,r,f,s ; send notifications for all service states, flapping events, and scheduled downtime events + host_notification_options d,u,r,f,s ; send notifications for all host states, flapping events, and scheduled downtime events + service_notification_commands notify-service-by-email ; send service notifications via email + host_notification_commands notify-host-by-email ; send host notifications via email + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL CONTACT, JUST A TEMPLATE! + } + + + + +############################################################################### +############################################################################### +# +# HOST TEMPLATES +# +############################################################################### +############################################################################### + +# Generic host definition template - This is NOT a real host, just a template! + +define host{ + name generic-host ; The name of this host template + notifications_enabled 1 ; Host notifications are enabled + event_handler_enabled 1 ; Host event handler is enabled + flap_detection_enabled 1 ; Flap detection is enabled + failure_prediction_enabled 1 ; Failure prediction is enabled + process_perf_data 1 ; Process performance data + retain_status_information 1 ; Retain status information across program restarts + retain_nonstatus_information 1 ; Retain non-status information across program restarts + notification_period 24x7 ; Send host notifications at any time + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE! + } + + +# Linux host definition template - This is NOT a real host, just a template! + +define host{ + name linux-server ; The name of this host template + use generic-host ; This template inherits other values from the generic-host template + check_period 24x7 ; By default, Linux hosts are checked round the clock + check_interval 5 ; Actively check the host every 5 minutes + retry_interval 1 ; Schedule host check retries at 1 minute intervals + max_check_attempts 10 ; Check each Linux host 10 times (max) + check_command check-host-alive ; Default command to check Linux hosts + notification_period workhours ; Linux admins hate to be woken up, so we only notify during the day + ; Note that the notification_period variable is being overridden from + ; the value that is inherited from the generic-host template! + notification_interval 120 ; Resend notifications every 2 hours + notification_options d,u,r ; Only send notifications for specific host states + contact_groups admins ; Notifications get sent to the admins by default + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE! + } + + + +# Windows host definition template - This is NOT a real host, just a template! + +define host{ + name windows-server ; The name of this host template + use generic-host ; Inherit default values from the generic-host template + check_period 24x7 ; By default, Windows servers are monitored round the clock + check_interval 5 ; Actively check the server every 5 minutes + retry_interval 1 ; Schedule host check retries at 1 minute intervals + max_check_attempts 10 ; Check each server 10 times (max) + check_command check-host-alive ; Default command to check if servers are "alive" + notification_period 24x7 ; Send notification out at any time - day or night + notification_interval 30 ; Resend notifications every 30 minutes + notification_options d,r ; Only send notifications for specific host states + contact_groups admins ; Notifications get sent to the admins by default + hostgroups windows-servers ; Host groups that Windows servers should be a member of + register 0 ; DONT REGISTER THIS - ITS JUST A TEMPLATE + } + + +# We define a generic printer template that can be used for most printers we monitor + +define host{ + name generic-printer ; The name of this host template + use generic-host ; Inherit default values from the generic-host template + check_period 24x7 ; By default, printers are monitored round the clock + check_interval 5 ; Actively check the printer every 5 minutes + retry_interval 1 ; Schedule host check retries at 1 minute intervals + max_check_attempts 10 ; Check each printer 10 times (max) + check_command check-host-alive ; Default command to check if printers are "alive" + notification_period workhours ; Printers are only used during the workday + notification_interval 30 ; Resend notifications every 30 minutes + notification_options d,r ; Only send notifications for specific host states + contact_groups admins ; Notifications get sent to the admins by default + register 0 ; DONT REGISTER THIS - ITS JUST A TEMPLATE + } + + +# Define a template for switches that we can reuse +define host{ + name generic-switch ; The name of this host template + use generic-host ; Inherit default values from the generic-host template + check_period 24x7 ; By default, switches are monitored round the clock + check_interval 5 ; Switches are checked every 5 minutes + retry_interval 1 ; Schedule host check retries at 1 minute intervals + max_check_attempts 10 ; Check each switch 10 times (max) + check_command check-host-alive ; Default command to check if routers are "alive" + notification_period 24x7 ; Send notifications at any time + notification_interval 30 ; Resend notifications every 30 minutes + notification_options d,r ; Only send notifications for specific host states + contact_groups admins ; Notifications get sent to the admins by default + register 0 ; DONT REGISTER THIS - ITS JUST A TEMPLATE + } + + + + +############################################################################### +############################################################################### +# +# SERVICE TEMPLATES +# +############################################################################### +############################################################################### + +# Generic service definition template - This is NOT a real service, just a template! + +define service{ + name generic-service ; The 'name' of this service template + active_checks_enabled 1 ; Active service checks are enabled + passive_checks_enabled 1 ; Passive service checks are enabled/accepted + parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems) + obsess_over_service 1 ; We should obsess over this service (if necessary) + check_freshness 0 ; Default is to NOT check service 'freshness' + notifications_enabled 1 ; Service notifications are enabled + event_handler_enabled 1 ; Service event handler is enabled + flap_detection_enabled 1 ; Flap detection is enabled + failure_prediction_enabled 1 ; Failure prediction is enabled + process_perf_data 1 ; Process performance data + retain_status_information 1 ; Retain status information across program restarts + retain_nonstatus_information 1 ; Retain non-status information across program restarts + is_volatile 0 ; The service is not volatile + check_period 24x7 ; The service can be checked at any time of the day + max_check_attempts 3 ; Re-check the service up to 3 times in order to determine its final (hard) state + normal_check_interval 10 ; Check the service every 10 minutes under normal conditions + retry_check_interval 2 ; Re-check the service every two minutes until a hard state can be determined + contact_groups admins ; Notifications get sent out to everyone in the 'admins' group + notification_options w,u,c,r ; Send notifications about warning, unknown, critical, and recovery events + notification_interval 60 ; Re-notify about service problems every hour + notification_period 24x7 ; Notifications can be sent out at any time + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE! + } + + +# Local service definition template - This is NOT a real service, just a template! + +define service{ + name local-service ; The name of this service template + use generic-service ; Inherit default values from the generic-service definition + max_check_attempts 4 ; Re-check the service up to 4 times in order to determine its final (hard) state + normal_check_interval 5 ; Check the service every 5 minutes under normal conditions + retry_check_interval 1 ; Re-check the service every minute until a hard state can be determined + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE! + } + diff --git a/nagios/objects/timeperiods.cfg b/nagios/objects/timeperiods.cfg new file mode 100644 index 0000000..a3e7265 --- /dev/null +++ b/nagios/objects/timeperiods.cfg @@ -0,0 +1,117 @@ +############################################################################### +# TIMEPERIODS.CFG - SAMPLE TIMEPERIOD DEFINITIONS +# +# Last Modified: 05-31-2007 +# +# NOTES: This config file provides you with some example timeperiod definitions +# that you can reference in host, service, contact, and dependency +# definitions. +# +# You don't need to keep timeperiods in a separate file from your other +# object definitions. This has been done just to make things easier to +# understand. +# +############################################################################### + + + +############################################################################### +############################################################################### +# +# TIME PERIODS +# +############################################################################### +############################################################################### + +# This defines a timeperiod where all times are valid for checks, +# notifications, etc. The classic "24x7" support nightmare. :-) +define timeperiod{ + timeperiod_name 24x7 + alias 24 Hours A Day, 7 Days A Week + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 + } + + +# 'workhours' timeperiod definition +define timeperiod{ + timeperiod_name workhours + alias Normal Work Hours + monday 09:00-17:00 + tuesday 09:00-17:00 + wednesday 09:00-17:00 + thursday 09:00-17:00 + friday 09:00-17:00 + } + + +# 'none' timeperiod definition +define timeperiod{ + timeperiod_name none + alias No Time Is A Good Time + } + +define timeperiod{ + timeperiod_name even_days + alias All even days in a month + 2007-01-01 - 2012-12-31 / 2 00:00-24:00 + tuesday 1 april - friday 2 may 00:00-24:00 + monday 3 - thursday 4 00:00-24:00 + february -1 00:00-24:00 + friday -2 00:00-24:00 + thursday -1 november 00:00-24:00 + monday 3 - thursday 4 00:00-24:00 + day 1 - 15 00:00-24:00 + day 20 - -1 00:00-24:00 + july 10 - 15 00:00-24:00 + april 10 - may 15 00:00-24:00 + tuesday 1 april - friday 2 may 00:00-24:00 + 2007-01-01 - 2008-02-01 / 3 00:00-24:00 + 2008-04-01 / 7 00:00-24:00 + monday 3 - thursday 4 / 2 00:00-24:00 + day 1 - 15 / 5 00:00-24:00 + july 10 - 15 / 2 00:00-24:00 + tuesday 1 april - friday 2 may / 6 00:00-24:00 +} + + +# Some U.S. holidays +# Note: The timeranges for each holiday are meant to *exclude* the holidays from being +# treated as a valid time for notifications, etc. You probably don't want your pager +# going off on New Year's. Although you're employer might... :-) +define timeperiod{ + name us-holidays + timeperiod_name us-holidays + alias U.S. Holidays + + january 1 00:00-00:00 ; New Years + monday -1 may 00:00-00:00 ; Memorial Day (last Monday in May) + july 4 00:00-00:00 ; Independence Day + monday 1 september 00:00-00:00 ; Labor Day (first Monday in September) + thursday 4 november 00:00-00:00 ; Thanksgiving (4th Thursday in November) + december 25 00:00-00:00 ; Christmas + } + + +# This defines a modified "24x7" timeperiod that covers every day of the +# year, except for U.S. holidays (defined in the timeperiod above). +define timeperiod{ + timeperiod_name 24x7_sans_holidays + alias 24x7 Sans Holidays + + use us-holidays ; Get holiday exceptions from other timeperiod + + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 + } + diff --git a/nagios/objects/windows.cfg b/nagios/objects/windows.cfg new file mode 100644 index 0000000..264a63a --- /dev/null +++ b/nagios/objects/windows.cfg @@ -0,0 +1,145 @@ +############################################################################### +# WINDOWS.CFG - SAMPLE CONFIG FILE FOR MONITORING A WINDOWS MACHINE +# +# Last Modified: 06-13-2007 +# +# NOTES: This config file assumes that you are using the sample configuration +# files that get installed with the Nagios quickstart guide. +# +############################################################################### + + + + +############################################################################### +############################################################################### +# +# HOST DEFINITIONS +# +############################################################################### +############################################################################### + +# Define a host for the Windows machine we'll be monitoring +# Change the host_name, alias, and address to fit your situation + +define host{ + use windows-server ; Inherit default values from a template + host_name winserver ; The name we're giving to this host + alias My Windows Server ; A longer name associated with the host + address 192.168.1.2 ; IP address of the host + } + + + + +############################################################################### +############################################################################### +# +# HOST GROUP DEFINITIONS +# +############################################################################### +############################################################################### + + +# Define a hostgroup for Windows machines +# All hosts that use the windows-server template will automatically be a member of this group + +define hostgroup{ + hostgroup_name windows-servers ; The name of the hostgroup + alias Windows Servers ; Long name of the group + } + + + + +############################################################################### +############################################################################### +# +# SERVICE DEFINITIONS +# +############################################################################### +############################################################################### + + +# Create a service for monitoring the version of NSCLient++ that is installed +# Change the host_name to match the name of the host you defined above + +define service{ + use generic-service + host_name winserver + service_description NSClient++ Version + check_command check_nt!CLIENTVERSION + } + + + +# Create a service for monitoring the uptime of the server +# Change the host_name to match the name of the host you defined above + +define service{ + use generic-service + host_name winserver + service_description Uptime + check_command check_nt!UPTIME + } + + + +# Create a service for monitoring CPU load +# Change the host_name to match the name of the host you defined above + +define service{ + use generic-service + host_name winserver + service_description CPU Load + check_command check_nt!CPULOAD!-l 5,80,90 + } + + + +# Create a service for monitoring memory usage +# Change the host_name to match the name of the host you defined above + +define service{ + use generic-service + host_name winserver + service_description Memory Usage + check_command check_nt!MEMUSE!-w 80 -c 90 + } + + + +# Create a service for monitoring C:\ disk usage +# Change the host_name to match the name of the host you defined above + +define service{ + use generic-service + host_name winserver + service_description C:\ Drive Space + check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90 + } + + + +# Create a service for monitoring the W3SVC service +# Change the host_name to match the name of the host you defined above + +define service{ + use generic-service + host_name winserver + service_description W3SVC + check_command check_nt!SERVICESTATE!-d SHOWALL -l W3SVC + } + + + +# Create a service for monitoring the Explorer.exe process +# Change the host_name to match the name of the host you defined above + +define service{ + use generic-service + host_name winserver + service_description Explorer + check_command check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe + } + diff --git a/nagios/resource.cfg b/nagios/resource.cfg new file mode 100644 index 0000000..edb5a51 --- /dev/null +++ b/nagios/resource.cfg @@ -0,0 +1,34 @@ +########################################################################### +# +# RESOURCE.CFG - Sample Resource File for Nagios 3.3.1 +# +# Last Modified: 09-10-2003 +# +# You can define $USERx$ macros in this file, which can in turn be used +# in command definitions in your host config file(s). $USERx$ macros are +# useful for storing sensitive information such as usernames, passwords, +# etc. They are also handy for specifying the path to plugins and +# event handlers - if you decide to move the plugins or event handlers to +# a different directory in the future, you can just update one or two +# $USERx$ macros, instead of modifying a lot of command definitions. +# +# The CGIs will not attempt to read the contents of resource files, so +# you can set restrictive permissions (600 or 660) on them. +# +# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$) +# +# Resource files may also be used to store configuration directives for +# external data sources like MySQL... +# +########################################################################### + +# Sets $USER1$ to be the path to the plugins +$USER1$=/usr/lib64/nagios/plugins + +# Sets $USER2$ to be the path to event handlers +#$USER2$=/usr/lib64/nagios/plugins/eventhandlers + +# Store some usernames and passwords (hidden from the CGIs) +#$USER3$=someuser +#$USER4$=somepassword + diff --git a/openldap/.rcs/ldap.conf,v b/openldap/.rcs/ldap.conf,v new file mode 100644 index 0000000..4fa7960 --- /dev/null +++ b/openldap/.rcs/ldap.conf,v @@ -0,0 +1,57 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.05.27.08.01.03; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.05.26.02.52.07; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# +# LDAP Defaults +# + +# See ldap.conf(5) for details +# This file should be world readable but not world writable. + +#BASE dc=example,dc=com +BASE dc=brehm-online,dc=com +#URI ldap://ldap.example.com ldap://ldap-master.example.com:666 + +SIZELIMIT 12 +TIMELIMIT 15 +DEREF never +@ + + +1.1 +log +@Initial revision +@ +text +@d9 1 +d12 3 +a14 3 +#SIZELIMIT 12 +#TIMELIMIT 15 +#DEREF never +@ diff --git a/openldap/.rcs/slapd.conf,v b/openldap/.rcs/slapd.conf,v new file mode 100644 index 0000000..352fb69 --- /dev/null +++ b/openldap/.rcs/slapd.conf,v @@ -0,0 +1,135 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.04.07.20.51.32; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.11.30.15.35.44; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# +include /etc/openldap/schema/core.schema +include /etc/openldap/schema/cosine.schema +include /etc/openldap/schema/inetorgperson.schema +include /etc/openldap/schema/extension.schema +#include /etc/openldap/schema/mozilla.schema +include /etc/openldap/schema/mozillaorg.schema +include /etc/openldap/schema/ppolicy.schema +include /etc/openldap/schema/nis.schema +include /etc/openldap/schema/samba.schema +include /etc/openldap/schema/misc.schema +include /etc/openldap/schema/evolutionperson.schema +include /etc/openldap/schema/authldap.schema +include /etc/openldap/schema/openssh.schema + +# Define global ACLs to disable default read access. + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. +#referral ldap://root.openldap.org + +pidfile /var/run/openldap/slapd.pid +argsfile /var/run/openldap/slapd.args + +loglevel config ACL stats stats2 + +TLSCertificateKeyFile /etc/openldap/ssl/ldap.pem +TLSCertificateFile /etc/openldap/ssl/ldap.pem + +# Load dynamic backend modules: +# modulepath /usr/lib64/openldap/openldap +# moduleload back_sql.so +# moduleload back_sock.so +# moduleload back_shell.so +# moduleload back_relay.so +# moduleload back_perl.so +# moduleload back_passwd.so +# moduleload back_null.so +# moduleload back_monitor.so +# moduleload back_meta.so +# moduleload back_ldap.so +# moduleload back_dnssrv.so + +# Sample security restrictions +# Require integrity protection (prevent hijacking) +# Require 112-bit (3DES or better) encryption for updates +# Require 63-bit encryption for simple bind +# security ssf=1 update_ssf=112 simple_bind=64 + +# Sample access control policy: +# Root DSE: allow anyone to read it +# Subschema (sub)entry DSE: allow anyone to read it +# Other DSEs: +# Allow self write access +# Allow authenticated users read access +# Allow anonymous users to authenticate +# Directives needed to implement policy: +# access to dn.base="" by * read +# access to dn.base="cn=Subschema" by * read +# access to * +# by self write +# by users read +# by anonymous auth +# +# if no access controls are present, the default policy +# allows anyone and everyone to read anything but restricts +# updates to rootdn. (e.g., "access to * by * read") +# +# rootdn can always read and write EVERYTHING! +access to * + by dn="cn=frank, dc=brehm-online, dc=com" write + by anonymous read + by users write + +####################################################################### +# BDB database definitions +####################################################################### + +database hdb +suffix "dc=brehm-online, dc=com" +# +checkpoint 32 30 +rootdn "cn=frank, dc=brehm-online, dc=com" +# Cleartext passwords, especially for the rootdn, should +# be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. +rootpw {SSHA}9cKLW4uzCU0YDM7zCkfsBH9XfXG2YCMR +# The database directory MUST exist prior to running slapd AND +# should only be accessible by the slapd and slap tools. +# Mode 700 recommended. +directory /var/lib/openldap-data +# Indices to maintain +index objectClass eq +index mail,cn,givenName,sn sub +@ + + +1.1 +log +@Initial revision +@ +text +@d17 1 +@ diff --git a/openldap/DB_CONFIG.example b/openldap/DB_CONFIG.example new file mode 100644 index 0000000..e7cf5ba --- /dev/null +++ b/openldap/DB_CONFIG.example @@ -0,0 +1,28 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/DB_CONFIG,v 1.3.2.4 2007/12/18 11:53:27 ghenry Exp $ +# Example DB_CONFIG file for use with slapd(8) BDB/HDB databases. +# +# See the Oracle Berkeley DB documentation +# +# for detail description of DB_CONFIG syntax and semantics. +# +# Hints can also be found in the OpenLDAP Software FAQ +# +# in particular: +# + +# Note: most DB_CONFIG settings will take effect only upon rebuilding +# the DB environment. + +# one 0.25 GB cache +set_cachesize 0 268435456 1 + +# Data Directory +#set_data_dir db + +# Transaction Log settings +set_lg_regionmax 262144 +set_lg_bsize 2097152 +#set_lg_dir logs + +# Note: special DB_CONFIG flags are no longer needed for "quick" +# slapadd(8) or slapindex(8) access (see their -q option). diff --git a/openldap/ldap.conf b/openldap/ldap.conf new file mode 100644 index 0000000..6178d7f --- /dev/null +++ b/openldap/ldap.conf @@ -0,0 +1,14 @@ +# +# LDAP Defaults +# + +# See ldap.conf(5) for details +# This file should be world readable but not world writable. + +#BASE dc=example,dc=com +BASE dc=brehm-online,dc=com +#URI ldap://ldap.example.com ldap://ldap-master.example.com:666 + +SIZELIMIT 12 +TIMELIMIT 15 +DEREF never diff --git a/openldap/ldap.conf.default b/openldap/ldap.conf.default new file mode 100644 index 0000000..a94cfaa --- /dev/null +++ b/openldap/ldap.conf.default @@ -0,0 +1,13 @@ +# +# LDAP Defaults +# + +# See ldap.conf(5) for details +# This file should be world readable but not world writable. + +#BASE dc=example,dc=com +#URI ldap://ldap.example.com ldap://ldap-master.example.com:666 + +#SIZELIMIT 12 +#TIMELIMIT 15 +#DEREF never diff --git a/openldap/schema/.rcs/amavisd-new.schema,v b/openldap/schema/.rcs/amavisd-new.schema,v new file mode 100644 index 0000000..dcde912 --- /dev/null +++ b/openldap/schema/.rcs/amavisd-new.schema,v @@ -0,0 +1,817 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.13.08.19; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@#-------------------------------------------------------------------------- +# LDAP Schema for amavisd-new Jacques Supcik, PhD +#----------------------------- IP-Plus Internet Services +# Release 1.2.2 Swisscom Enterprise Solutions Ltd +# 30 May 2004 3050 Bern - Switzerland +#-------------------------------------------------------------------------- +# Copyright (c) 2004 Jacques Supcik, Swisscom Enterprise Solutions Ltd. +# Permission is granted to copy, distribute and/or modify this document +# under the terms of the GNU Free Documentation License, Version 1.2 +# or any later version published by the Free Software Foundation; +# with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. +# A copy of the license is included in the section entitled "GNU +# Free Documentation License". +#-------------------------------------------------------------------------- +# Changes made to LDAP Schema to make it import and play nicely with +# Novell NDS - Michael Tracey, SONOPRESS USA, LLC April 07 2005 +# ( uncomment each dn:, changetype:, add:, add X-NDS-NAME attribute, replace +# "attributetype" by "attributetypes:" and "objectclasse" by "objectclasses:" +# (plural,colon), and unwrap each attributetypes: and objectclasses: ) +#-------------------------------------------------------------------------- +# 1.3.6.1.4.1.15312 Jozef Stefan Institute's OID +# 1.3.6.1.4.1.15312.2 amavisd-new +# 1.3.6.1.4.1.15312.2.2 amavisd-new LDAP Elements +# 1.3.6.1.4.1.15312.2.2.1 AttributeTypes +# 1.3.6.1.4.1.15312.2.2.2 ObjectClasses +# 1.3.6.1.4.1.15312.2.2.3 Syntax Definitions +#-------------------------------------------------------------------------- + +# Attribute Types +#----------------- + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.1 + NAME 'amavisVirusLover' + DESC 'Virus Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.2 + NAME 'amavisBannedFilesLover' + DESC 'Banned Files Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.3 + NAME 'amavisBypassVirusChecks' + DESC 'Bypass Virus Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.4 + NAME 'amavisBypassSpamChecks' + DESC 'Bypass Spam Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.5 + NAME 'amavisSpamTagLevel' + DESC 'Spam Tag Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.6 + NAME 'amavisSpamTag2Level' + DESC 'Spam Tag2 Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.7 + NAME 'amavisSpamKillLevel' + DESC 'Spam Kill Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.8 + NAME 'amavisSpamModifiesSubj' + DESC 'Modifies Subject on spam' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.9 + NAME 'amavisWhitelistSender' + DESC 'White List Sender' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.10 + NAME 'amavisBlacklistSender' + DESC 'Black List Sender' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.11 + NAME 'amavisSpamQuarantineTo' + DESC 'Spam Quarantine to' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.12 + NAME 'amavisSpamLover' + DESC 'Spam Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.13 + NAME 'amavisBadHeaderLover' + DESC 'Bad Header Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.14 + NAME 'amavisBypassBannedChecks' + DESC 'Bypass Banned Files Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.15 + NAME 'amavisBypassHeaderChecks' + DESC 'Bypass Header Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.16 + NAME 'amavisVirusQuarantineTo' + DESC 'Virus quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.17 + NAME 'amavisBannedQuarantineTo' + DESC 'Banned Files quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.18 + NAME 'amavisBadHeaderQuarantineTo' + DESC 'Bad Header quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.19 + NAME 'amavisLocal' + DESC 'Is user considered local' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.20 + NAME 'amavisMessageSizeLimit' + DESC 'Message size limit' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.21 + NAME 'amavisWarnVirusRecip' + DESC 'Notify virus recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.22 + NAME 'amavisWarnBannedRecip' + DESC 'Notify banned file recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.23 + NAME 'amavisWarnBadHeaderRecip' + DESC 'Notify bad header recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.24 + NAME 'amavisVirusAdmin' + DESC 'Virus admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.25 + NAME 'amavisNewVirusAdmin' + DESC 'New virus admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.26 + NAME 'amavisSpamAdmin' + DESC 'Spam admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.27 + NAME 'amavisBannedAdmin' + DESC 'Banned file admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.28 + NAME 'amavisBadHeaderAdmin' + DESC 'Bad header admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.29 + NAME 'amavisBannedRuleNames' + DESC 'Banned rule names' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.30 + NAME 'amavisSpamDsnCutoffLevel' + DESC 'Spam DSN Cutoff Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.31 + NAME 'amavisSpamQuarantineCutoffLevel' + DESC 'Spam Quarantine Cutoff Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.32 + NAME 'amavisSpamSubjectTag' + DESC 'Spam Subject Tag' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.33 + NAME 'amavisSpamSubjectTag2' + DESC 'Spam Subject Tag2' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.34 + NAME 'amavisArchiveQuarantineTo' + DESC 'Archive quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + + +# Classes +#--------- + +# amavisAccount +# This class is an auxiliary class, this mean that the class will be added +# to a structural class. Usually, the structural class is the class that +# represent the mail account itself (e.g. an inetOrgPerson) + +#dn: cn=schema +#changetype: modify +#add: objectclasses +objectclass ( 1.3.6.1.4.1.15312.2.2.2.1 + NAME 'amavisAccount' AUXILIARY + DESC 'Amavisd Account' + SUP top + MAY ( amavisVirusLover $ amavisBypassVirusChecks $ + amavisSpamLover $ amavisBypassSpamChecks $ + amavisBannedFilesLover $ amavisBypassBannedChecks $ + amavisBadHeaderLover $ amavisBypassHeaderChecks $ + amavisSpamTagLevel $ amavisSpamTag2Level $ amavisSpamKillLevel $ + amavisWhitelistSender $ amavisBlacklistSender $ + amavisSpamQuarantineTo $ amavisVirusQuarantineTo $ + amavisBannedQuarantineTo $ amavisBadHeaderQuarantineTo $ + amavisArchiveQuarantineTo $ + amavisSpamModifiesSubj $ amavisLocal $ amavisMessageSizeLimit $ + amavisWarnVirusRecip $ amavisWarnBannedRecip $ + amavisWarnBadHeaderRecip $ amavisVirusAdmin $ amavisNewVirusAdmin $ + amavisSpamAdmin $ amavisBannedAdmin $ amavisBadHeaderAdmin $ + amavisBannedRuleNames $ + amavisSpamDsnCutoffLevel $ amavisSpamQuarantineCutoffLevel $ + amavisSpamSubjectTag $ amavisSpamSubjectTag2 $ + cn $ description ) ) + +#-------------------------------------------------------------------------- +# +# GNU Free Documentation License +# Version 1.2, November 2002 +# +# +# Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. +# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# Everyone is permitted to copy and distribute verbatim copies +# of this license document, but changing it is not allowed. +# +# +# 0. PREAMBLE +# +# The purpose of this License is to make a manual, textbook, or other +# functional and useful document "free" in the sense of freedom: to +# assure everyone the effective freedom to copy and redistribute it, +# with or without modifying it, either commercially or noncommercially. +# Secondarily, this License preserves for the author and publisher a way +# to get credit for their work, while not being considered responsible +# for modifications made by others. +# +# This License is a kind of "copyleft", which means that derivative +# works of the document must themselves be free in the same sense. It +# complements the GNU General Public License, which is a copyleft +# license designed for free software. +# +# We have designed this License in order to use it for manuals for free +# software, because free software needs free documentation: a free +# program should come with manuals providing the same freedoms that the +# software does. But this License is not limited to software manuals; +# it can be used for any textual work, regardless of subject matter or +# whether it is published as a printed book. We recommend this License +# principally for works whose purpose is instruction or reference. +# +# +# 1. APPLICABILITY AND DEFINITIONS +# +# This License applies to any manual or other work, in any medium, that +# contains a notice placed by the copyright holder saying it can be +# distributed under the terms of this License. Such a notice grants a +# world-wide, royalty-free license, unlimited in duration, to use that +# work under the conditions stated herein. The "Document", below, +# refers to any such manual or work. Any member of the public is a +# licensee, and is addressed as "you". You accept the license if you +# copy, modify or distribute the work in a way requiring permission +# under copyright law. +# +# A "Modified Version" of the Document means any work containing the +# Document or a portion of it, either copied verbatim, or with +# modifications and/or translated into another language. +# +# A "Secondary Section" is a named appendix or a front-matter section of +# the Document that deals exclusively with the relationship of the +# publishers or authors of the Document to the Document's overall subject +# (or to related matters) and contains nothing that could fall directly +# within that overall subject. (Thus, if the Document is in part a +# textbook of mathematics, a Secondary Section may not explain any +# mathematics.) The relationship could be a matter of historical +# connection with the subject or with related matters, or of legal, +# commercial, philosophical, ethical or political position regarding +# them. +# +# The "Invariant Sections" are certain Secondary Sections whose titles +# are designated, as being those of Invariant Sections, in the notice +# that says that the Document is released under this License. If a +# section does not fit the above definition of Secondary then it is not +# allowed to be designated as Invariant. The Document may contain zero +# Invariant Sections. If the Document does not identify any Invariant +# Sections then there are none. +# +# The "Cover Texts" are certain short passages of text that are listed, +# as Front-Cover Texts or Back-Cover Texts, in the notice that says that +# the Document is released under this License. A Front-Cover Text may +# be at most 5 words, and a Back-Cover Text may be at most 25 words. +# +# A "Transparent" copy of the Document means a machine-readable copy, +# represented in a format whose specification is available to the +# general public, that is suitable for revising the document +# straightforwardly with generic text editors or (for images composed of +# pixels) generic paint programs or (for drawings) some widely available +# drawing editor, and that is suitable for input to text formatters or +# for automatic translation to a variety of formats suitable for input +# to text formatters. A copy made in an otherwise Transparent file +# format whose markup, or absence of markup, has been arranged to thwart +# or discourage subsequent modification by readers is not Transparent. +# An image format is not Transparent if used for any substantial amount +# of text. A copy that is not "Transparent" is called "Opaque". +# +# Examples of suitable formats for Transparent copies include plain +# ASCII without markup, Texinfo input format, LaTeX input format, SGML +# or XML using a publicly available DTD, and standard-conforming simple +# HTML, PostScript or PDF designed for human modification. Examples of +# transparent image formats include PNG, XCF and JPG. Opaque formats +# include proprietary formats that can be read and edited only by +# proprietary word processors, SGML or XML for which the DTD and/or +# processing tools are not generally available, and the +# machine-generated HTML, PostScript or PDF produced by some word +# processors for output purposes only. +# +# The "Title Page" means, for a printed book, the title page itself, +# plus such following pages as are needed to hold, legibly, the material +# this License requires to appear in the title page. For works in +# formats which do not have any title page as such, "Title Page" means +# the text near the most prominent appearance of the work's title, +# preceding the beginning of the body of the text. +# +# A section "Entitled XYZ" means a named subunit of the Document whose +# title either is precisely XYZ or contains XYZ in parentheses following +# text that translates XYZ in another language. (Here XYZ stands for a +# specific section name mentioned below, such as "Acknowledgements", +# "Dedications", "Endorsements", or "History".) To "Preserve the Title" +# of such a section when you modify the Document means that it remains a +# section "Entitled XYZ" according to this definition. +# +# The Document may include Warranty Disclaimers next to the notice which +# states that this License applies to the Document. These Warranty +# Disclaimers are considered to be included by reference in this +# License, but only as regards disclaiming warranties: any other +# implication that these Warranty Disclaimers may have is void and has +# no effect on the meaning of this License. +# +# +# 2. VERBATIM COPYING +# +# You may copy and distribute the Document in any medium, either +# commercially or noncommercially, provided that this License, the +# copyright notices, and the license notice saying this License applies +# to the Document are reproduced in all copies, and that you add no other +# conditions whatsoever to those of this License. You may not use +# technical measures to obstruct or control the reading or further +# copying of the copies you make or distribute. However, you may accept +# compensation in exchange for copies. If you distribute a large enough +# number of copies you must also follow the conditions in section 3. +# +# You may also lend copies, under the same conditions stated above, and +# you may publicly display copies. +# +# +# 3. COPYING IN QUANTITY +# +# If you publish printed copies (or copies in media that commonly have +# printed covers) of the Document, numbering more than 100, and the +# Document's license notice requires Cover Texts, you must enclose the +# copies in covers that carry, clearly and legibly, all these Cover +# Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on +# the back cover. Both covers must also clearly and legibly identify +# you as the publisher of these copies. The front cover must present +# the full title with all words of the title equally prominent and +# visible. You may add other material on the covers in addition. +# Copying with changes limited to the covers, as long as they preserve +# the title of the Document and satisfy these conditions, can be treated +# as verbatim copying in other respects. +# +# If the required texts for either cover are too voluminous to fit +# legibly, you should put the first ones listed (as many as fit +# reasonably) on the actual cover, and continue the rest onto adjacent +# pages. +# +# If you publish or distribute Opaque copies of the Document numbering +# more than 100, you must either include a machine-readable Transparent +# copy along with each Opaque copy, or state in or with each Opaque copy +# a computer-network location from which the general network-using +# public has access to download using public-standard network protocols +# a complete Transparent copy of the Document, free of added material. +# If you use the latter option, you must take reasonably prudent steps, +# when you begin distribution of Opaque copies in quantity, to ensure +# that this Transparent copy will remain thus accessible at the stated +# location until at least one year after the last time you distribute an +# Opaque copy (directly or through your agents or retailers) of that +# edition to the public. +# +# It is requested, but not required, that you contact the authors of the +# Document well before redistributing any large number of copies, to give +# them a chance to provide you with an updated version of the Document. +# +# +# 4. MODIFICATIONS +# +# You may copy and distribute a Modified Version of the Document under +# the conditions of sections 2 and 3 above, provided that you release +# the Modified Version under precisely this License, with the Modified +# Version filling the role of the Document, thus licensing distribution +# and modification of the Modified Version to whoever possesses a copy +# of it. In addition, you must do these things in the Modified Version: +# +# A. Use in the Title Page (and on the covers, if any) a title distinct +# from that of the Document, and from those of previous versions +# (which should, if there were any, be listed in the History section +# of the Document). You may use the same title as a previous version +# if the original publisher of that version gives permission. +# B. List on the Title Page, as authors, one or more persons or entities +# responsible for authorship of the modifications in the Modified +# Version, together with at least five of the principal authors of the +# Document (all of its principal authors, if it has fewer than five), +# unless they release you from this requirement. +# C. State on the Title page the name of the publisher of the +# Modified Version, as the publisher. +# D. Preserve all the copyright notices of the Document. +# E. Add an appropriate copyright notice for your modifications +# adjacent to the other copyright notices. +# F. Include, immediately after the copyright notices, a license notice +# giving the public permission to use the Modified Version under the +# terms of this License, in the form shown in the Addendum below. +# G. Preserve in that license notice the full lists of Invariant Sections +# and required Cover Texts given in the Document's license notice. +# H. Include an unaltered copy of this License. +# I. Preserve the section Entitled "History", Preserve its Title, and add +# to it an item stating at least the title, year, new authors, and +# publisher of the Modified Version as given on the Title Page. If +# there is no section Entitled "History" in the Document, create one +# stating the title, year, authors, and publisher of the Document as +# given on its Title Page, then add an item describing the Modified +# Version as stated in the previous sentence. +# J. Preserve the network location, if any, given in the Document for +# public access to a Transparent copy of the Document, and likewise +# the network locations given in the Document for previous versions +# it was based on. These may be placed in the "History" section. +# You may omit a network location for a work that was published at +# least four years before the Document itself, or if the original +# publisher of the version it refers to gives permission. +# K. For any section Entitled "Acknowledgements" or "Dedications", +# Preserve the Title of the section, and preserve in the section all +# the substance and tone of each of the contributor acknowledgements +# and/or dedications given therein. +# L. Preserve all the Invariant Sections of the Document, +# unaltered in their text and in their titles. Section numbers +# or the equivalent are not considered part of the section titles. +# M. Delete any section Entitled "Endorsements". Such a section +# may not be included in the Modified Version. +# N. Do not retitle any existing section to be Entitled "Endorsements" +# or to conflict in title with any Invariant Section. +# O. Preserve any Warranty Disclaimers. +# +# If the Modified Version includes new front-matter sections or +# appendices that qualify as Secondary Sections and contain no material +# copied from the Document, you may at your option designate some or all +# of these sections as invariant. To do this, add their titles to the +# list of Invariant Sections in the Modified Version's license notice. +# These titles must be distinct from any other section titles. +# +# You may add a section Entitled "Endorsements", provided it contains +# nothing but endorsements of your Modified Version by various +# parties--for example, statements of peer review or that the text has +# been approved by an organization as the authoritative definition of a +# standard. +# +# You may add a passage of up to five words as a Front-Cover Text, and a +# passage of up to 25 words as a Back-Cover Text, to the end of the list +# of Cover Texts in the Modified Version. Only one passage of +# Front-Cover Text and one of Back-Cover Text may be added by (or +# through arrangements made by) any one entity. If the Document already +# includes a cover text for the same cover, previously added by you or +# by arrangement made by the same entity you are acting on behalf of, +# you may not add another; but you may replace the old one, on explicit +# permission from the previous publisher that added the old one. +# +# The author(s) and publisher(s) of the Document do not by this License +# give permission to use their names for publicity for or to assert or +# imply endorsement of any Modified Version. +# +# +# 5. COMBINING DOCUMENTS +# +# You may combine the Document with other documents released under this +# License, under the terms defined in section 4 above for modified +# versions, provided that you include in the combination all of the +# Invariant Sections of all of the original documents, unmodified, and +# list them all as Invariant Sections of your combined work in its +# license notice, and that you preserve all their Warranty Disclaimers. +# +# The combined work need only contain one copy of this License, and +# multiple identical Invariant Sections may be replaced with a single +# copy. If there are multiple Invariant Sections with the same name but +# different contents, make the title of each such section unique by +# adding at the end of it, in parentheses, the name of the original +# author or publisher of that section if known, or else a unique number. +# Make the same adjustment to the section titles in the list of +# Invariant Sections in the license notice of the combined work. +# +# In the combination, you must combine any sections Entitled "History" +# in the various original documents, forming one section Entitled +# "History"; likewise combine any sections Entitled "Acknowledgements", +# and any sections Entitled "Dedications". You must delete all sections +# Entitled "Endorsements". +# +# +# 6. COLLECTIONS OF DOCUMENTS +# +# You may make a collection consisting of the Document and other documents +# released under this License, and replace the individual copies of this +# License in the various documents with a single copy that is included in +# the collection, provided that you follow the rules of this License for +# verbatim copying of each of the documents in all other respects. +# +# You may extract a single document from such a collection, and distribute +# it individually under this License, provided you insert a copy of this +# License into the extracted document, and follow this License in all +# other respects regarding verbatim copying of that document. +# +# +# 7. AGGREGATION WITH INDEPENDENT WORKS +# +# A compilation of the Document or its derivatives with other separate +# and independent documents or works, in or on a volume of a storage or +# distribution medium, is called an "aggregate" if the copyright +# resulting from the compilation is not used to limit the legal rights +# of the compilation's users beyond what the individual works permit. +# When the Document is included in an aggregate, this License does not +# apply to the other works in the aggregate which are not themselves +# derivative works of the Document. +# +# If the Cover Text requirement of section 3 is applicable to these +# copies of the Document, then if the Document is less than one half of +# the entire aggregate, the Document's Cover Texts may be placed on +# covers that bracket the Document within the aggregate, or the +# electronic equivalent of covers if the Document is in electronic form. +# Otherwise they must appear on printed covers that bracket the whole +# aggregate. +# +# +# 8. TRANSLATION +# +# Translation is considered a kind of modification, so you may +# distribute translations of the Document under the terms of section 4. +# Replacing Invariant Sections with translations requires special +# permission from their copyright holders, but you may include +# translations of some or all Invariant Sections in addition to the +# original versions of these Invariant Sections. You may include a +# translation of this License, and all the license notices in the +# Document, and any Warranty Disclaimers, provided that you also include +# the original English version of this License and the original versions +# of those notices and disclaimers. In case of a disagreement between +# the translation and the original version of this License or a notice +# or disclaimer, the original version will prevail. +# +# If a section in the Document is Entitled "Acknowledgements", +# "Dedications", or "History", the requirement (section 4) to Preserve +# its Title (section 1) will typically require changing the actual +# title. +# +# +# 9. TERMINATION +# +# You may not copy, modify, sublicense, or distribute the Document except +# as expressly provided for under this License. Any other attempt to +# copy, modify, sublicense or distribute the Document is void, and will +# automatically terminate your rights under this License. However, +# parties who have received copies, or rights, from you under this +# License will not have their licenses terminated so long as such +# parties remain in full compliance. +# +# +# 10. FUTURE REVISIONS OF THIS LICENSE +# +# The Free Software Foundation may publish new, revised versions +# of the GNU Free Documentation License from time to time. Such new +# versions will be similar in spirit to the present version, but may +# differ in detail to address new problems or concerns. See +# http://www.gnu.org/copyleft/. +# +# Each version of the License is given a distinguishing version number. +# If the Document specifies that a particular numbered version of this +# License "or any later version" applies to it, you have the option of +# following the terms and conditions either of that specified version or +# of any later version that has been published (not as a draft) by the +# Free Software Foundation. If the Document does not specify a version +# number of this License, you may choose any version ever published (not +# as a draft) by the Free Software Foundation. +@ diff --git a/openldap/schema/.rcs/authldap.schema,v b/openldap/schema/.rcs/authldap.schema,v new file mode 100644 index 0000000..741c062 --- /dev/null +++ b/openldap/schema/.rcs/authldap.schema,v @@ -0,0 +1,124 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.02.41.44; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@#$Id: authldap.schema,v 1.8 2005/03/20 19:10:30 mrsam Exp $ +# +# OID prefix: 1.3.6.1.4.1.10018 +# +# Attributes: 1.3.6.1.4.1.10018.1.1 +# +# Depends on: nis.schema, which depends on cosine.schema + +attributetype ( 1.3.6.1.4.1.10018.1.1.1 NAME 'mailbox' + DESC 'The absolute path to the mailbox for a mail account in a non-default location' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.2 NAME 'quota' + DESC 'A string that represents the quota on a mailbox' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.3 NAME 'clearPassword' + DESC 'A separate text that stores the mail account password in clear text' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128}) + +attributetype ( 1.3.6.1.4.1.10018.1.1.4 NAME 'maildrop' + DESC 'RFC822 Mailbox - mail alias' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.5 NAME 'mailsource' + DESC 'Message source' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.6 NAME 'virtualdomain' + DESC 'A mail domain that is mapped to a single mail account' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.7 NAME 'virtualdomainuser' + DESC 'Mailbox that receives mail for a mail domain' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.8 NAME 'defaultdelivery' + DESC 'Default mail delivery instructions' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.9 NAME 'disableimap' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.10 NAME 'disablepop3' + DESC 'Set this attribute to 1 to disable POP3 access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.11 NAME 'disablewebmail' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.12 NAME 'sharedgroup' + DESC 'Virtual shared group' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.13 NAME 'disableshared' + DESC 'Set this attribute to 1 to disable shared mailbox usage' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.14 NAME 'mailhost' + DESC 'Host to which incoming POP/IMAP connections should be proxied' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# +# Objects: 1.3.6.1.4.1.10018.1.2 +# + +objectclass ( 1.3.6.1.4.1.10018.1.2.1 NAME 'CourierMailAccount' SUP top AUXILIARY + DESC 'Mail account object as used by the Courier mail server' + MUST ( mail $ homeDirectory ) + MAY ( uidNumber $ gidNumber $ mailbox $ uid $ cn $ gecos $ description $ loginShell $ quota $ userPassword $ clearPassword $ defaultdelivery $ disableimap $ disablepop3 $ disablewebmail $ sharedgroup $ disableshared $ mailhost) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.2 NAME 'CourierMailAlias' SUP top AUXILIARY + DESC 'Mail aliasing/forwarding entry' + MUST ( mail $ maildrop ) + MAY ( mailsource $ description ) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.3 NAME 'CourierDomainAlias' SUP top AUXILIARY + DESC 'Domain mail aliasing/forwarding entry' + MUST ( virtualdomain $ virtualdomainuser ) + MAY ( mailsource $ description ) ) +@ diff --git a/openldap/schema/.rcs/collective.schema,v b/openldap/schema/.rcs/collective.schema,v new file mode 100644 index 0000000..c9476a3 --- /dev/null +++ b/openldap/schema/.rcs/collective.schema,v @@ -0,0 +1,233 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# collective.schema -- Collective attribute schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (2003). +## Please see full copyright statement below. + +# From RFC 3671 [portions trimmed]: +# Collective Attributes in LDAP + +#Abstract +# +# X.500 collective attributes allow common characteristics to be shared +# between collections of entries. This document summarizes the X.500 +# information model for collective attributes and describes use of +# collective attributes in LDAP (Lightweight Directory Access Protocol). +# This document provides schema definitions for collective attributes +# for use in LDAP. + +#3. Collective Attribute Types +# +# A userApplications attribute type can be defined to be COLLECTIVE +# [RFC2252]. This indicates that the same attribute values will appear +# in the entries of an entry collection subject to the use of the +# collectiveExclusions attribute and other administrative controls. +# +# Collective attribute types are commonly defined as subtypes of non- +# collective attribute types. By convention, collective attributes are +# named by prefixing the name of their non-collective supertype with +# "c-". For example, the collective telephone attribute is named +# c-TelephoneNumber after its non-collective supertype telephoneNumber. +# +# Non-collective attributes types SHALL NOT subtype collective +# attributes. +# +# Collective attributes SHALL NOT be SINGLE-VALUED. Collective +# attribute types SHALL NOT appear in the attribute types of an object +# class definition. +# +# Operational attributes SHALL NOT be defined to be collective. +# +# The remainder of section provides a summary of collective attributes +# derived from those defined in [X.520]. Implementations of this +# specification SHOULD support the following collective attributes and +# MAY support additional collective attributes. +# +# +#3.1. Collective Locality Name +# +# The c-l attribute type specifies a locality name for a collection of +# entries. +# +attributeType ( 2.5.4.7.1 NAME 'c-l' + SUP l COLLECTIVE ) +# +# +#3.2. Collective State or Province Name +# +# The c-st attribute type specifies a state or province name for a +# collection of entries. +# +attributeType ( 2.5.4.8.1 NAME 'c-st' + SUP st COLLECTIVE ) +# +# +#3.3. Collective Street Address +# +# The c-street attribute type specifies a street address for a +# collection of entries. +# +attributeType ( 2.5.4.9.1 NAME 'c-street' + SUP street COLLECTIVE ) +# +# +#3.4. Collective Organization Name +# +# The c-o attribute type specifies an organization name for a collection +# of entries. +# +attributeType ( 2.5.4.10.1 NAME 'c-o' + SUP o COLLECTIVE ) +# +# +#3.5. Collective Organizational Unit Name +# +# The c-ou attribute type specifies an organizational unit name for a +# collection of entries. +# +attributeType ( 2.5.4.11.1 NAME 'c-ou' + SUP ou COLLECTIVE ) +# +# +#3.6. Collective Postal Address +# +# The c-PostalAddress attribute type specifies a postal address for a +# collection of entries. +# +attributeType ( 2.5.4.16.1 NAME 'c-PostalAddress' + SUP postalAddress COLLECTIVE ) +# +# +#3.7. Collective Postal Code +# +# The c-PostalCode attribute type specifies a postal code for a +# collection of entries. +# +attributeType ( 2.5.4.17.1 NAME 'c-PostalCode' + SUP postalCode COLLECTIVE ) +# +# +#3.8. Collective Post Office Box +# +# The c-PostOfficeBox attribute type specifies a post office box for a +# collection of entries. +# +attributeType ( 2.5.4.18.1 NAME 'c-PostOfficeBox' + SUP postOfficeBox COLLECTIVE ) +# +# +#3.9. Collective Physical Delivery Office Name +# +# The c-PhysicalDeliveryOfficeName attribute type specifies a physical +# delivery office name for a collection of entries. +# +attributeType ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName' + SUP physicalDeliveryOfficeName COLLECTIVE ) +# +# +#3.10. Collective Telephone Number +# +# The c-TelephoneNumber attribute type specifies a telephone number for +# a collection of entries. +# +attributeType ( 2.5.4.20.1 NAME 'c-TelephoneNumber' + SUP telephoneNumber COLLECTIVE ) +# +# +#3.11. Collective Telex Number +# +# The c-TelexNumber attribute type specifies a telex number for a +# collection of entries. +# +attributeType ( 2.5.4.21.1 NAME 'c-TelexNumber' + SUP telexNumber COLLECTIVE ) +# +# +#3.13. Collective Facsimile Telephone Number +# +# The c-FacsimileTelephoneNumber attribute type specifies a facsimile +# telephone number for a collection of entries. +# +attributeType ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber' + SUP facsimileTelephoneNumber COLLECTIVE ) +# +# +#3.14. Collective International ISDN Number +# +# The c-InternationalISDNNumber attribute type specifies an +# international ISDN number for a collection of entries. +# +attributeType ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber' + SUP internationalISDNNumber COLLECTIVE ) + +# Full Copyright +# +# Copyright (C) The Internet Society (2003). All Rights Reserved. +# +# This document and translations of it may be copied and furnished +# to others, and derivative works that comment on or otherwise explain +# it or assist in its implmentation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph +# are included on all such copies and derivative works. However, +# this document itself may not be modified in any way, such as by +# removing the copyright notice or references to the Internet Society +# or other Internet organizations, except as needed for the purpose +# of developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be followed, +# or as required to translate it into languages other than English. +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.4 2009/01/22 00:01:13 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/corba.schema,v b/openldap/schema/.rcs/corba.schema,v new file mode 100644 index 0000000..7064c70 --- /dev/null +++ b/openldap/schema/.rcs/corba.schema,v @@ -0,0 +1,283 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# corba.schema -- Corba Object Schema +# depends upon core.schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.6 2011/01/04 23:50:51 kurt Exp $ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1999). +## Please see full copyright statement below. + + +# Network Working Group V. Ryan +# Request for Comments: 2714 R. Lee +# Category: Informational S. Seligman +# Sun Microsystems, Inc. +# October 1999 +# +# +# Schema for Representing CORBA Object References in an LDAP Directory +# +# Status of this Memo +# +# This memo provides information for the Internet community. It does +# not specify an Internet standard of any kind. Distribution of this +# memo is unlimited. +# +# Copyright Notice +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# Abstract +# +# CORBA [CORBA] is the Common Object Request Broker Architecture +# defined by the Object Management Group. This document defines the +# schema for representing CORBA object references in an LDAP directory +# [LDAPv3]. +# +# [trimmed] + +# 3. Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# corbaIor +# corbaRepositoryId +# +# 3.1 corbaIor +# +# This attribute stores the string representation of the interoperable +# object reference (IOR) for a CORBA object. An IOR is an opaque handle +# for the object which contains the information necessary to locate the +# object, even if the object is in another ORB. +# +# This attribute's syntax is 'IA5 String' and its case is +# insignificant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.14 +# NAME 'corbaIor' +# DESC 'Stringified interoperable object reference of a CORBA object' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.14 + NAME 'corbaIor' + DESC 'Stringified interoperable object reference of a CORBA object' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +# 3.2 corbaRepositoryId +# +# Each CORBA interface has a unique "repository id" (also called "type +# id") that identifies the interface. A CORBA object has one or more +# repository ids, one for each interface that it implements. +# +# The format of a repository id can be any string, but the OMG +# specifies four standard formats: +# +# a. IDL-style +# +# IDL:Prefix/ModuleName/InterfaceName:VersionNumber +# +# For example, the repository id for the "NamingContext" in OMG's COS +# Naming module is: "IDL:omg.org/CosNaming/NamingContext:1.0". +# +# b. RMI-style +# +# RMI:ClassName:HashCode[:SUID] +# +# This format is used by RMI-IIOP remote objects [RMI-IIOP]. +# "ClassName" is the fully qualified name of the class (for example, +# "java.lang.String"). "HashCode" is the object's hash code (that is, +# that obtained by invoking the "hashCode()" method). "SUID" is the +# "stream unique identifier", which is a 64-bit number that uniquely +# identifies the serialization version of the class; SUID is optional +# in the repository id. +# +# c. DCE-style +# +# DCE:UUID +# +# This format is used for DCE/CORBA interoperability [CORBA-DCE]. +# "UUID" represents a DCE UUID. +# +# d. "local" +# +# This format is defined by the local Object Request Broker (ORB). +# +# The corbaRepositoryId attribute is a multivalued attribute; each +# value records a single repository id of an interface implemented by +# the CORBA object. This attribute need not contain a complete list of +# the interfaces implemented by the CORBA object. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. The values of this attribute are encoded using UTF-8. +# Some values may require translation from their native representation +# in order to be correctly encoded using UTF-8. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.15 +# NAME 'corbaRepositoryId' +# DESC 'Repository ids of interfaces implemented by a CORBA object' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.15 + NAME 'corbaRepositoryId' + DESC 'Repository ids of interfaces implemented by a CORBA object' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 4. Object Class Definitions +# +# The following object classes are defined in this document: +# +# corbaContainer +# corbaObject +# corbaObjectReference +# +# 4.1 corbaContainer +# +# This structural object class represents a container for a CORBA +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.10 +# NAME 'corbaContainer' +# DESC 'Container for a CORBA object' +# SUP top +# STRUCTURAL +# MUST ( cn ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.10 + NAME 'corbaContainer' + DESC 'Container for a CORBA object' + SUP top + STRUCTURAL + MUST cn ) + +# 4.2 corbaObject +# +# This abstract object class is the root class for representing a CORBA +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.9 +# NAME 'corbaObject' +# DESC 'CORBA object representation' +# SUP top +# ABSTRACT +# MAY ( corbaRepositoryId $ description ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.9 + NAME 'corbaObject' + DESC 'CORBA object representation' + SUP top + ABSTRACT + MAY ( corbaRepositoryId $ description ) ) + +# 4.3 corbaObjectReference +# +# This auxiliary object class represents a CORBA object reference. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.11 +# NAME 'corbaObjectReference' +# DESC 'CORBA interoperable object reference' +# SUP corbaObject +# AUXILIARY +# MUST ( corbaIor ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.11 + NAME 'corbaObjectReference' + DESC 'CORBA interoperable object reference' + SUP corbaObject + AUXILIARY + MUST corbaIor ) + +# 10. Full Copyright Statement +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# This document and translations of it may be copied and furnished to +# others, and derivative works that comment on or otherwise explain it +# or assist in its implementation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph are +# included on all such copies and derivative works. However, this +# document itself may not be modified in any way, such as by removing +# the copyright notice or references to the Internet Society or other +# Internet organizations, except as needed for the purpose of +# developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be +# followed, or as required to translate it into languages other than +# English. +# +# The limited permissions granted above are perpetual and will not be +# revoked by the Internet Society or its successors or assigns. +# +# This document and the information contained herein is provided on an +# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +@ + + +1.1 +log +@Initial revision +@ +text +@d3 2 +a4 2 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.4 2009/01/22 00:01:13 kurt Exp $ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.4 2009/01/22 00:01:13 kurt Exp $ +d7 1 +a7 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/core.schema,v b/openldap/schema/.rcs/core.schema,v new file mode 100644 index 0000000..e6bfe4f --- /dev/null +++ b/openldap/schema/.rcs/core.schema,v @@ -0,0 +1,653 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# OpenLDAP Core schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.9 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2006). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +# +# +# Includes LDAPv3 schema items from: +# RFC 2252/2256 (LDAPv3) +# +# Select standard track schema items: +# RFC 1274 (uid/dc) +# RFC 2079 (URI) +# RFC 2247 (dc/dcObject) +# RFC 2587 (PKI) +# RFC 2589 (Dynamic Directory Services) +# RFC 4524 (associatedDomain) +# +# Select informational schema items: +# RFC 2377 (uidObject) + +# +# Standard attribute types from RFC 2256 +# + +# system schema +#attributetype ( 2.5.4.0 NAME 'objectClass' +# DESC 'RFC2256: object classes of the entity' +# EQUALITY objectIdentifierMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +# system schema +#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) +# DESC 'RFC2256: name of aliased object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) + +attributetype ( 2.5.4.2 NAME 'knowledgeInformation' + DESC 'RFC2256: knowledge information' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +# system schema +#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) +# DESC 'RFC2256: common name(s) for which the entity is known by' +# SUP name ) + +attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) + DESC 'RFC2256: last (family) name(s) for which the entity is known by' + SUP name ) + +attributetype ( 2.5.4.5 NAME 'serialNumber' + DESC 'RFC2256: serial number of the entity' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) + +# RFC 4519 definition ('countryName' in X.500 and RFC2256) +attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) + DESC 'RFC4519: two-letter ISO-3166 country code' + SUP name + SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 + SINGLE-VALUE ) + +#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# DESC 'RFC2256: ISO-3166 country 2-letter code' +# SUP name SINGLE-VALUE ) + +attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) + DESC 'RFC2256: locality which this object resides in' + SUP name ) + +attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) + DESC 'RFC2256: state or province which this object resides in' + SUP name ) + +attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) + DESC 'RFC2256: street address of this object' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) + DESC 'RFC2256: organization this object belongs to' + SUP name ) + +attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) + DESC 'RFC2256: organizational unit this object belongs to' + SUP name ) + +attributetype ( 2.5.4.12 NAME 'title' + DESC 'RFC2256: title associated with the entity' + SUP name ) + +# system schema +#attributetype ( 2.5.4.13 NAME 'description' +# DESC 'RFC2256: descriptive information' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) + +# Deprecated by enhancedSearchGuide +attributetype ( 2.5.4.14 NAME 'searchGuide' + DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) + +attributetype ( 2.5.4.15 NAME 'businessCategory' + DESC 'RFC2256: business category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.16 NAME 'postalAddress' + DESC 'RFC2256: postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 2.5.4.17 NAME 'postalCode' + DESC 'RFC2256: postal code' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 2.5.4.18 NAME 'postOfficeBox' + DESC 'RFC2256: Post Office Box' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' + DESC 'RFC2256: Physical Delivery Office Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.20 NAME 'telephoneNumber' + DESC 'RFC2256: Telephone Number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) + +attributetype ( 2.5.4.21 NAME 'telexNumber' + DESC 'RFC2256: Telex Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) + +attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' + DESC 'RFC2256: Teletex Terminal Identifier' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) + +attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) + DESC 'RFC2256: Facsimile (Fax) Telephone Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + +attributetype ( 2.5.4.24 NAME 'x121Address' + DESC 'RFC2256: X.121 Address' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) + +attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' + DESC 'RFC2256: international ISDN number' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) + +attributetype ( 2.5.4.26 NAME 'registeredAddress' + DESC 'RFC2256: registered postal address' + SUP postalAddress + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 2.5.4.27 NAME 'destinationIndicator' + DESC 'RFC2256: destination indicator' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) + +attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' + DESC 'RFC2256: preferred delivery method' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 + SINGLE-VALUE ) + +attributetype ( 2.5.4.29 NAME 'presentationAddress' + DESC 'RFC2256: presentation address' + EQUALITY presentationAddressMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 + SINGLE-VALUE ) + +attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' + DESC 'RFC2256: supported application context' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +attributetype ( 2.5.4.31 NAME 'member' + DESC 'RFC2256: member of a group' + SUP distinguishedName ) + +attributetype ( 2.5.4.32 NAME 'owner' + DESC 'RFC2256: owner (of the object)' + SUP distinguishedName ) + +attributetype ( 2.5.4.33 NAME 'roleOccupant' + DESC 'RFC2256: occupant of role' + SUP distinguishedName ) + +# system schema +#attributetype ( 2.5.4.34 NAME 'seeAlso' +# DESC 'RFC2256: DN of related object' +# SUP distinguishedName ) + +# system schema +#attributetype ( 2.5.4.35 NAME 'userPassword' +# DESC 'RFC2256/2307: password of user' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) + +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +attributetype ( 2.5.4.36 NAME 'userCertificate' + DESC 'RFC2256: X.509 user certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +attributetype ( 2.5.4.37 NAME 'cACertificate' + DESC 'RFC2256: X.509 CA certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.38 NAME 'authorityRevocationList' + DESC 'RFC2256: X.509 authority revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.39 NAME 'certificateRevocationList' + DESC 'RFC2256: X.509 certificate revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +# Must be stored and requested in the binary form +attributetype ( 2.5.4.40 NAME 'crossCertificatePair' + DESC 'RFC2256: X.509 cross certificate pair, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) + +# system schema +#attributetype ( 2.5.4.41 NAME 'name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) + DESC 'RFC2256: first name(s) for which the entity is known by' + SUP name ) + +attributetype ( 2.5.4.43 NAME 'initials' + DESC 'RFC2256: initials of some or all of names, but not the surname(s).' + SUP name ) + +attributetype ( 2.5.4.44 NAME 'generationQualifier' + DESC 'RFC2256: name qualifier indicating a generation' + SUP name ) + +attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' + DESC 'RFC2256: X.500 unique identifier' + EQUALITY bitStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) + +attributetype ( 2.5.4.46 NAME 'dnQualifier' + DESC 'RFC2256: DN qualifier' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreOrderingMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) + +attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' + DESC 'RFC2256: enhanced search guide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) + +attributetype ( 2.5.4.48 NAME 'protocolInformation' + DESC 'RFC2256: protocol information' + EQUALITY protocolInformationMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) + +# system schema +#attributetype ( 2.5.4.49 NAME 'distinguishedName' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.5.4.50 NAME 'uniqueMember' + DESC 'RFC2256: unique member of a group' + EQUALITY uniqueMemberMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) + +attributetype ( 2.5.4.51 NAME 'houseIdentifier' + DESC 'RFC2256: house identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' + DESC 'RFC2256: supported algorithms' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.53 NAME 'deltaRevocationList' + DESC 'RFC2256: delta revocation list; use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +attributetype ( 2.5.4.54 NAME 'dmdName' + DESC 'RFC2256: name of DMD' + SUP name ) + +attributetype ( 2.5.4.65 NAME 'pseudonym' + DESC 'X.520(4th): pseudonym for the object' + SUP name ) + +# Standard object classes from RFC2256 + +# system schema +#objectclass ( 2.5.6.0 NAME 'top' +# DESC 'RFC2256: top of the superclass chain' +# ABSTRACT +# MUST objectClass ) + +# system schema +#objectclass ( 2.5.6.1 NAME 'alias' +# DESC 'RFC2256: an alias' +# SUP top STRUCTURAL +# MUST aliasedObjectName ) + +objectclass ( 2.5.6.2 NAME 'country' + DESC 'RFC2256: a country' + SUP top STRUCTURAL + MUST c + MAY ( searchGuide $ description ) ) + +objectclass ( 2.5.6.3 NAME 'locality' + DESC 'RFC2256: a locality' + SUP top STRUCTURAL + MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) + +objectclass ( 2.5.6.4 NAME 'organization' + DESC 'RFC2256: an organization' + SUP top STRUCTURAL + MUST o + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) + +objectclass ( 2.5.6.5 NAME 'organizationalUnit' + DESC 'RFC2256: an organizational unit' + SUP top STRUCTURAL + MUST ou + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) + +objectclass ( 2.5.6.6 NAME 'person' + DESC 'RFC2256: a person' + SUP top STRUCTURAL + MUST ( sn $ cn ) + MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) + +objectclass ( 2.5.6.7 NAME 'organizationalPerson' + DESC 'RFC2256: an organizational person' + SUP person STRUCTURAL + MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) + +objectclass ( 2.5.6.8 NAME 'organizationalRole' + DESC 'RFC2256: an organizational role' + SUP top STRUCTURAL + MUST cn + MAY ( x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) + +objectclass ( 2.5.6.9 NAME 'groupOfNames' + DESC 'RFC2256: a group of names (DNs)' + SUP top STRUCTURAL + MUST ( member $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) + +objectclass ( 2.5.6.10 NAME 'residentialPerson' + DESC 'RFC2256: an residential person' + SUP person STRUCTURAL + MUST l + MAY ( businessCategory $ x121Address $ registeredAddress $ + destinationIndicator $ preferredDeliveryMethod $ telexNumber $ + teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l ) ) + +objectclass ( 2.5.6.11 NAME 'applicationProcess' + DESC 'RFC2256: an application process' + SUP top STRUCTURAL + MUST cn + MAY ( seeAlso $ ou $ l $ description ) ) + +objectclass ( 2.5.6.12 NAME 'applicationEntity' + DESC 'RFC2256: an application entity' + SUP top STRUCTURAL + MUST ( presentationAddress $ cn ) + MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ + description ) ) + +objectclass ( 2.5.6.13 NAME 'dSA' + DESC 'RFC2256: a directory system agent (a server)' + SUP applicationEntity STRUCTURAL + MAY knowledgeInformation ) + +objectclass ( 2.5.6.14 NAME 'device' + DESC 'RFC2256: a device' + SUP top STRUCTURAL + MUST cn + MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) + +objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' + DESC 'RFC2256: a strong authentication user' + SUP top AUXILIARY + MUST userCertificate ) + +objectclass ( 2.5.6.16 NAME 'certificationAuthority' + DESC 'RFC2256: a certificate authority' + SUP top AUXILIARY + MUST ( authorityRevocationList $ certificateRevocationList $ + cACertificate ) MAY crossCertificatePair ) + +objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' + DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' + SUP top STRUCTURAL + MUST ( uniqueMember $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) + +objectclass ( 2.5.6.18 NAME 'userSecurityInformation' + DESC 'RFC2256: a user security information' + SUP top AUXILIARY + MAY ( supportedAlgorithms ) ) + +objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' + SUP certificationAuthority + AUXILIARY MAY ( deltaRevocationList ) ) + +objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( certificateRevocationList $ authorityRevocationList $ + deltaRevocationList ) ) + +objectclass ( 2.5.6.20 NAME 'dmd' + SUP top STRUCTURAL + MUST ( dmdName ) + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + street $ postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l $ description ) ) + +# +# Object Classes from RFC 2587 +# +objectclass ( 2.5.6.21 NAME 'pkiUser' + DESC 'RFC2587: a PKI user' + SUP top AUXILIARY + MAY userCertificate ) + +objectclass ( 2.5.6.22 NAME 'pkiCA' + DESC 'RFC2587: PKI certificate authority' + SUP top AUXILIARY + MAY ( authorityRevocationList $ certificateRevocationList $ + cACertificate $ crossCertificatePair ) ) + +objectclass ( 2.5.6.23 NAME 'deltaCRL' + DESC 'RFC2587: PKI user' + SUP top AUXILIARY + MAY deltaRevocationList ) + +# +# Standard Track URI label schema from RFC 2079 +# system schema +#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' +# DESC 'RFC2079: Uniform Resource Identifier with optional label' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' + DESC 'RFC2079: object that contains the URI attribute type' + SUP top AUXILIARY + MAY ( labeledURI ) ) + +# +# Derived from RFC 1274, but with new "short names" +# +#attributetype ( 0.9.2342.19200300.100.1.1 +# NAME ( 'uid' 'userid' ) +# DESC 'RFC1274: user identifier' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +attributetype ( 0.9.2342.19200300.100.1.3 + NAME ( 'mail' 'rfc822Mailbox' ) + DESC 'RFC1274: RFC822 Mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' + DESC 'RFC1274: simple security object' + SUP top AUXILIARY + MUST userPassword ) + +# RFC 1274 + RFC 2247 +attributetype ( 0.9.2342.19200300.100.1.25 + NAME ( 'dc' 'domainComponent' ) + DESC 'RFC1274/2247: domain component' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# RFC 2247 +objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' + DESC 'RFC2247: domain component object' + SUP top AUXILIARY MUST dc ) + +# RFC 2377 +objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' + DESC 'RFC2377: uid object' + SUP top AUXILIARY MUST uid ) + +# RFC 4524 +# The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181] +# host names [RFC1123] that are associated with an object. That is, +# values of this attribute should conform to the following ABNF: +# +# domain = root / label *( DOT label ) +# root = SPACE +# label = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ] +# LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z" +# SPACE = %x20 ; space (" ") +# HYPHEN = %x2D ; hyphen ("-") +# DOT = %x2E ; period (".") +attributetype ( 0.9.2342.19200300.100.1.37 + NAME 'associatedDomain' + DESC 'RFC1274: domain associated with object' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema) +attributetype ( 1.2.840.113549.1.9.1 + NAME ( 'email' 'emailAddress' 'pkcs9email' ) + DESC 'RFC3280: legacy attribute for email addresses in DNs' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.7 2009/01/22 00:01:13 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/cosine.schema,v b/openldap/schema/.rcs/cosine.schema,v new file mode 100644 index 0000000..d72bd33 --- /dev/null +++ b/openldap/schema/.rcs/cosine.schema,v @@ -0,0 +1,2614 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# RFC1274: Cosine and Internet X.500 schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# RFC1274: Cosine and Internet X.500 schema +# +# This file contains LDAPv3 schema derived from X.500 COSINE "pilot" +# schema. As this schema was defined for X.500(89), some +# oddities were introduced in the mapping to LDAPv3. The +# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt +# (a work in progress) +# +# Note: It seems that the pilot schema evolved beyond what was +# described in RFC1274. However, this document attempts to describes +# RFC1274 as published. +# +# Depends on core.schema + + +# Network Working Group P. Barker +# Request for Comments: 1274 S. Kille +# University College London +# November 1991 +# +# The COSINE and Internet X.500 Schema +# +# [trimmed] +# +# Abstract +# +# This document suggests an X.500 Directory Schema, or Naming +# Architecture, for use in the COSINE and Internet X.500 pilots. The +# schema is independent of any specific implementation. As well as +# indicating support for the standard object classes and attributes, a +# large number of generally useful object classes and attributes are +# also defined. An appendix to this document includes a machine +# processable version of the schema. +# +# [trimmed] + +# 7. Object Identifiers +# +# Some additional object identifiers are defined for this schema. +# These are also reproduced in Appendix C. +# +# data OBJECT IDENTIFIER ::= {ccitt 9} +# pss OBJECT IDENTIFIER ::= {data 2342} +# ucl OBJECT IDENTIFIER ::= {pss 19200300} +# pilot OBJECT IDENTIFIER ::= {ucl 100} +# +# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1} +# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3} +# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4} +# pilotGroups OBJECT IDENTIFIER ::= {pilot 10} +# +# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4} +# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::= +# {pilotAttributeSyntax 5} +# +# 8. Object Classes +# [relocated after 9] + +# +# 9. Attribute Types +# +# 9.1. X.500 standard attribute types +# +# A number of generally useful attribute types are defined in X.520, +# and these are supported. Refer to that document for descriptions of +# the suggested usage of these attribute types. The ASN.1 for these +# attribute types is reproduced for completeness in Appendix C. +# +# 9.2. X.400 standard attribute types +# +# The standard X.400 attribute types are supported. See X.402 for full +# details. The ASN.1 for these attribute types is reproduced in +# Appendix C. +# +# 9.3. COSINE/Internet attribute types +# +# This section describes all the attribute types defined for use in the +# COSINE and Internet pilots. Descriptions are given as to the +# suggested usage of these attribute types. The ASN.1 for these +# attribute types is reproduced in Appendix C. +# +# 9.3.1. Userid +# +# The Userid attribute type specifies a computer system login name. +# +# userid ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-identifier)) +# ::= {pilotAttributeType 1} +# +#(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) +## EQUALITY caseIgnoreMatch +## SUBSTR caseIgnoreSubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.2. Text Encoded O/R Address +# +# The Text Encoded O/R Address attribute type specifies a text encoding +# of an X.400 O/R address, as specified in RFC 987. The use of this +# attribute is deprecated as the attribute is intended for interim use +# only. This attribute will be the first candidate for the attribute +# expiry mechanisms! +# +# textEncodedORAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-text-encoded-or-address)) +# ::= {pilotAttributeType 2} +# +attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.3. RFC 822 Mailbox +# +# The RFC822 Mailbox attribute type specifies an electronic mailbox +# attribute following the syntax specified in RFC 822. Note that this +# attribute should not be used for greybook or other non-Internet order +# mailboxes. +# +# rfc822Mailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-rfc822-mailbox)) +# ::= {pilotAttributeType 3} +# +#(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) +## EQUALITY caseIgnoreIA5Match +## SUBSTR caseIgnoreIA5SubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# 9.3.4. Information +# +# The Information attribute type specifies any general information +# pertinent to an object. It is recommended that specific usage of +# this attribute type is avoided, and that specific requirements are +# met by other (possibly additional) attribute types. +# +# info ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-information)) +# ::= {pilotAttributeType 4} +# +attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' + DESC 'RFC1274: general information' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) + + +# 9.3.5. Favourite Drink +# +# The Favourite Drink attribute type specifies the favourite drink of +# an object (or person). +# +# favouriteDrink ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-favourite-drink)) +# ::= {pilotAttributeType 5} +# +attributetype ( 0.9.2342.19200300.100.1.5 + NAME ( 'drink' 'favouriteDrink' ) + DESC 'RFC1274: favorite drink' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.6. Room Number +# +# The Room Number attribute type specifies the room number of an +# object. Note that the commonName attribute should be used for naming +# room objects. +# +# roomNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-room-number)) +# ::= {pilotAttributeType 6} +# +attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' + DESC 'RFC1274: room number' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.7. Photo +# +# The Photo attribute type specifies a "photograph" for an object. +# This should be encoded in G3 fax as explained in recommendation T.4, +# with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as +# defined in X.420. +# +# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules +# information-objects } +# +# photo ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-photo)) +# ::= {pilotAttributeType 7} +# +attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' + DESC 'RFC1274: photo (G3 fax)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) + +# 9.3.8. User Class +# +# The User Class attribute type specifies a category of computer user. +# The semantics placed on this attribute are for local interpretation. +# Examples of current usage od this attribute in academia are +# undergraduate student, researcher, lecturer, etc. Note that the +# organizationalStatus attribute may now often be preferred as it makes +# no distinction between computer users and others. +# +# userClass ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-class)) +# ::= {pilotAttributeType 8} +# +attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' + DESC 'RFC1274: category of user' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.9. Host +# +# The Host attribute type specifies a host computer. +# +# host ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-host)) +# ::= {pilotAttributeType 9} +# +attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' + DESC 'RFC1274: host computer' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.10. Manager +# +# The Manager attribute type specifies the manager of an object +# represented by an entry. +# +# manager ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 10} +# +attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' + DESC 'RFC1274: DN of manager' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.11. Document Identifier +# +# The Document Identifier attribute type specifies a unique identifier +# for a document. +# +# documentIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-identifier)) +# ::= {pilotAttributeType 11} +# +attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' + DESC 'RFC1274: unique identifier of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.12. Document Title +# +# The Document Title attribute type specifies the title of a document. +# +# documentTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-title)) +# ::= {pilotAttributeType 12} +# +attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' + DESC 'RFC1274: title of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.13. Document Version +# +# The Document Version attribute type specifies the version number of a +# document. +# +# documentVersion ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-version)) +# ::= {pilotAttributeType 13} +# +attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' + DESC 'RFC1274: version of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.14. Document Author +# +# The Document Author attribute type specifies the distinguished name +# of the author of a document. +# +# documentAuthor ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 14} +# +attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' + DESC 'RFC1274: DN of author of document' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.15. Document Location +# +# The Document Location attribute type specifies the location of the +# document original. +# +# documentLocation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-location)) +# ::= {pilotAttributeType 15} +# +attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' + DESC 'RFC1274: location of document original' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.16. Home Telephone Number +# +# The Home Telephone Number attribute type specifies a home telephone +# number associated with a person. Attribute values should follow the +# agreed format for international telephone numbers: i.e., "+44 71 123 +# 4567". +# +# homeTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 20} +# +attributetype ( 0.9.2342.19200300.100.1.20 + NAME ( 'homePhone' 'homeTelephoneNumber' ) + DESC 'RFC1274: home telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.17. Secretary +# +# The Secretary attribute type specifies the secretary of a person. +# The attribute value for Secretary is a distinguished name. +# +# secretary ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 21} +# +attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' + DESC 'RFC1274: DN of secretary' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.18. Other Mailbox +# +# The Other Mailbox attribute type specifies values for electronic +# mailbox types other than X.400 and rfc822. +# +# otherMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# SEQUENCE { +# mailboxType PrintableString, -- e.g. Telemail +# mailbox IA5String -- e.g. X378:Joe +# } +# ::= {pilotAttributeType 22} +# +attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ) + +# 9.3.19. Last Modified Time +# +# The Last Modified Time attribute type specifies the last time, in UTC +# time, that an entry was modified. Ideally, this attribute should be +# maintained by the DSA. +# +# lastModifiedTime ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# uTCTimeSyntax +# ::= {pilotAttributeType 23} +# +## Deprecated in favor of modifyTimeStamp +#attributetype ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime' +# DESC 'RFC1274: time of last modify, replaced by modifyTimestamp' +# OBSOLETE +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 +# USAGE directoryOperation ) + +# 9.3.20. Last Modified By +# +# The Last Modified By attribute specifies the distinguished name of +# the last user to modify the associated entry. Ideally, this +# attribute should be maintained by the DSA. +# +# lastModifiedBy ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 24} +# +## Deprecated in favor of modifiersName +#attributetype ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy' +# DESC 'RFC1274: last modifier, replaced by modifiersName' +# OBSOLETE +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 +# USAGE directoryOperation ) + +# 9.3.21. Domain Component +# +# The Domain Component attribute type specifies a DNS/NRS domain. For +# example, "uk" or "ac". +# +# domainComponent ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# SINGLE VALUE +# ::= {pilotAttributeType 25} +# +##(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) +## EQUALITY caseIgnoreIA5Match +## SUBSTR caseIgnoreIA5SubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# 9.3.22. DNS ARecord +# +# The A Record attribute type specifies a type A (Address) DNS resource +# record [6] [7]. +# +# aRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 26} +# +## incorrect syntax? +attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +## missing from RFC1274 +## incorrect syntax? +attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.23. MX Record +# +# The MX Record attribute type specifies a type MX (Mail Exchange) DNS +# resource record [6] [7]. +# +# mXRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 28} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.24. NS Record +# +# The NS Record attribute type specifies an NS (Name Server) DNS +# resource record [6] [7]. +# +# nSRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 29} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.25. SOA Record +# +# The SOA Record attribute type specifies a type SOA (Start of +# Authority) DNS resorce record [6] [7]. +# +# sOARecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 30} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.26. CNAME Record +# +# The CNAME Record attribute type specifies a type CNAME (Canonical +# Name) DNS resource record [6] [7]. +# +# cNAMERecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# iA5StringSyntax +# ::= {pilotAttributeType 31} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.27. Associated Domain +# +# The Associated Domain attribute type specifies a DNS or NRS domain +# which is associated with an object in the DIT. For example, the entry +# in the DIT with a distinguished name "C=GB, O=University College +# London" would have an associated domain of "UCL.AC.UK. Note that all +# domains should be represented in rfc822 order. See [3] for more +# details of usage of this attribute. +# +# associatedDomain ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# ::= {pilotAttributeType 37} +# +#attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' +# EQUALITY caseIgnoreIA5Match +# SUBSTR caseIgnoreIA5SubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.28. Associated Name +# +# The Associated Name attribute type specifies an entry in the +# organisational DIT associated with a DNS/NRS domain. See [3] for +# more details of usage of this attribute. +# +# associatedName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 38} +# +attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' + DESC 'RFC1274: DN of entry associated with domain' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.29. Home postal address +# +# The Home postal address attribute type specifies a home postal +# address for an object. This should be limited to up to 6 lines of 30 +# characters each. +# +# homePostalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# postalAddress +# MATCHES FOR EQUALITY +# ::= {pilotAttributeType 39} +# +attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' + DESC 'RFC1274: home postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +# 9.3.30. Personal Title +# +# The Personal Title attribute type specifies a personal title for a +# person. Examples of personal titles are "Ms", "Dr", "Prof" and "Rev". +# +# personalTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-personal-title)) +# ::= {pilotAttributeType 40} +# +attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' + DESC 'RFC1274: personal title' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.31. Mobile Telephone Number +# +# The Mobile Telephone Number attribute type specifies a mobile +# telephone number associated with a person. Attribute values should +# follow the agreed format for international telephone numbers: i.e., +# "+44 71 123 4567". +# +# mobileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 41} +# +attributetype ( 0.9.2342.19200300.100.1.41 + NAME ( 'mobile' 'mobileTelephoneNumber' ) + DESC 'RFC1274: mobile telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.32. Pager Telephone Number +# +# The Pager Telephone Number attribute type specifies a pager telephone +# number for an object. Attribute values should follow the agreed +# format for international telephone numbers: i.e., "+44 71 123 4567". +# +# pagerTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 42} +# +attributetype ( 0.9.2342.19200300.100.1.42 + NAME ( 'pager' 'pagerTelephoneNumber' ) + DESC 'RFC1274: pager telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.33. Friendly Country Name +# +# The Friendly Country Name attribute type specifies names of countries +# in human readable format. The standard attribute country name must +# be one of the two-letter codes defined in ISO 3166. +# +# friendlyCountryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# ::= {pilotAttributeType 43} +# +attributetype ( 0.9.2342.19200300.100.1.43 + NAME ( 'co' 'friendlyCountryName' ) + DESC 'RFC1274: friendly country name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 9.3.34. Unique Identifier +# +# The Unique Identifier attribute type specifies a "unique identifier" +# for an object represented in the Directory. The domain within which +# the identifier is unique, and the exact semantics of the identifier, +# are for local definition. For a person, this might be an +# institution-wide payroll number. For an organisational unit, it +# might be a department code. +# +# uniqueIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-unique-identifier)) +# ::= {pilotAttributeType 44} +# +attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' + DESC 'RFC1274: unique identifer' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.35. Organisational Status +# +# The Organisational Status attribute type specifies a category by +# which a person is often referred to in an organisation. Examples of +# usage in academia might include undergraduate student, researcher, +# lecturer, etc. +# +# A Directory administrator should probably consider carefully the +# distinctions between this and the title and userClass attributes. +# +# organizationalStatus ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-organizational-status)) +# ::= {pilotAttributeType 45} +# +attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' + DESC 'RFC1274: organizational status' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.36. Janet Mailbox +# +# The Janet Mailbox attribute type specifies an electronic mailbox +# attribute following the syntax specified in the Grey Book of the +# Coloured Book series. This attribute is intended for the convenience +# of U.K users unfamiliar with rfc822 and little-endian mail addresses. +# Entries using this attribute MUST also include an rfc822Mailbox +# attribute. +# +# janetMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-janet-mailbox)) +# ::= {pilotAttributeType 46} +# +attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' + DESC 'RFC1274: Janet mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# 9.3.37. Mail Preference Option +# +# An attribute to allow users to indicate a preference for inclusion of +# their names on mailing lists (electronic or physical). The absence +# of such an attribute should be interpreted as if the attribute was +# present with value "no-list-inclusion". This attribute should be +# interpreted by anyone using the directory to derive mailing lists, +# and its value respected. +# +# mailPreferenceOption ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX ENUMERATED { +# no-list-inclusion(0), +# any-list-inclusion(1), -- may be added to any lists +# professional-list-inclusion(2) +# -- may be added to lists +# -- which the list provider +# -- views as related to the +# -- users professional inter- +# -- ests, perhaps evaluated +# -- from the business of the +# -- organisation or keywords +# -- in the entry. +# } +# ::= {pilotAttributeType 47} +# +attributetype ( 0.9.2342.19200300.100.1.47 + NAME 'mailPreferenceOption' + DESC 'RFC1274: mail preference option' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +# 9.3.38. Building Name +# +# The Building Name attribute type specifies the name of the building +# where an organisation or organisational unit is based. +# +# buildingName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-building-name)) +# ::= {pilotAttributeType 48} +# +attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' + DESC 'RFC1274: name of building' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.39. DSA Quality +# +# The DSA Quality attribute type specifies the purported quality of a +# DSA. It allows a DSA manager to indicate the expected level of +# availability of the DSA. See [8] for details of the syntax. +# +# dSAQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 49} +# +attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' + DESC 'RFC1274: DSA Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) + +# 9.3.40. Single Level Quality +# +# The Single Level Quality attribute type specifies the purported data +# quality at the level immediately below in the DIT. See [8] for +# details of the syntax. +# +# singleLevelQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 50} +# +attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' + DESC 'RFC1274: Single Level Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.41. Subtree Minimum Quality +# +# The Subtree Minimum Quality attribute type specifies the purported +# minimum data quality for a DIT subtree. See [8] for more discussion +# and details of the syntax. +# +# subtreeMinimumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 51} +# +attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality' + DESC 'RFC1274: Subtree Mininum Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.42. Subtree Maximum Quality +# +# The Subtree Maximum Quality attribute type specifies the purported +# maximum data quality for a DIT subtree. See [8] for more discussion +# and details of the syntax. +# +# subtreeMaximumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 52} +# +attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality' + DESC 'RFC1274: Subtree Maximun Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.43. Personal Signature +# +# The Personal Signature attribute type allows for a representation of +# a person's signature. This should be encoded in G3 fax as explained +# in recommendation T.4, with an ASN.1 wrapper to make it compatible +# with an X.400 BodyPart as defined in X.420. +# +# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules +# information-objects } +# +# personalSignature ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-personal-signature)) +# ::= {pilotAttributeType 53} +# +attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' + DESC 'RFC1274: Personal Signature (G3 fax)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 ) + +# 9.3.44. DIT Redirect +# +# The DIT Redirect attribute type is used to indicate that the object +# described by one entry now has a newer entry in the DIT. The entry +# containing the redirection attribute should be expired after a +# suitable grace period. This attribute may be used when an individual +# changes his/her place of work, and thus acquires a new organisational +# DN. +# +# dITRedirect ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 54} +# +attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' + DESC 'RFC1274: DIT Redirect' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.45. Audio +# +# The Audio attribute type allows the storing of sounds in the +# Directory. The attribute uses a u-law encoded sound file as used by +# the "play" utility on a Sun 4. This is an interim format. +# +# audio ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# Audio +# (SIZE (1 .. ub-audio)) +# ::= {pilotAttributeType 55} +# +attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' + DESC 'RFC1274: audio (u-law)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) + +# 9.3.46. Publisher of Document +# +# +# The Publisher of Document attribute is the person and/or organization +# that published a document. +# +# documentPublisher ATTRIBUTE +# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax +# ::= {pilotAttributeType 56} +# +attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' + DESC 'RFC1274: publisher of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 9.4. Generally useful syntaxes +# +# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# iA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# -- Syntaxes to support the DNS attributes +# +# DNSRecordSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY +# +# +# NRSInformationSyntax ATTRIBUTE-SYNTAX +# NRSInformation +# MATCHES FOR EQUALITY +# +# +# NRSInformation ::= SET { +# [0] Context, +# [1] Address-space-id, +# routes [2] SEQUENCE OF SEQUENCE { +# Route-cost, +# Addressing-info } +# } +# +# +# 9.5. Upper bounds on length of attribute values +# +# +# ub-document-identifier INTEGER ::= 256 +# +# ub-document-location INTEGER ::= 256 +# +# ub-document-title INTEGER ::= 256 +# +# ub-document-version INTEGER ::= 256 +# +# ub-favourite-drink INTEGER ::= 256 +# +# ub-host INTEGER ::= 256 +# +# ub-information INTEGER ::= 2048 +# +# ub-unique-identifier INTEGER ::= 256 +# +# ub-personal-title INTEGER ::= 256 +# +# ub-photo INTEGER ::= 250000 +# +# ub-rfc822-mailbox INTEGER ::= 256 +# +# ub-room-number INTEGER ::= 256 +# +# ub-text-or-address INTEGER ::= 256 +# +# ub-user-class INTEGER ::= 256 +# +# ub-user-identifier INTEGER ::= 256 +# +# ub-organizational-status INTEGER ::= 256 +# +# ub-janet-mailbox INTEGER ::= 256 +# +# ub-building-name INTEGER ::= 256 +# +# ub-personal-signature ::= 50000 +# +# ub-audio INTEGER ::= 250000 +# + +# [back to 8] +# 8. Object Classes +# +# 8.1. X.500 standard object classes +# +# A number of generally useful object classes are defined in X.521, and +# these are supported. Refer to that document for descriptions of the +# suggested usage of these object classes. The ASN.1 for these object +# classes is reproduced for completeness in Appendix C. +# +# 8.2. X.400 standard object classes +# +# A number of object classes defined in X.400 are supported. Refer to +# X.402 for descriptions of the usage of these object classes. The +# ASN.1 for these object classes is reproduced for completeness in +# Appendix C. +# +# 8.3. COSINE/Internet object classes +# +# This section attempts to fuse together the object classes designed +# for use in the COSINE and Internet pilot activities. Descriptions +# are given of the suggested usage of these object classes. The ASN.1 +# for these object classes is also reproduced in Appendix C. +# +# 8.3.1. Pilot Object +# +# The PilotObject object class is used as a sub-class to allow some +# common, useful attributes to be assigned to entries of all other +# object classes. +# +# pilotObject OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# info, +# photo, +# manager, +# uniqueIdentifier, +# lastModifiedTime, +# lastModifiedBy, +# dITRedirect, +# audio} +# ::= {pilotObjectClass 3} +# +#objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' +# DESC 'RFC1274: pilot object' +# SUP top AUXILIARY +# MAY ( info $ photo $ manager $ uniqueIdentifier $ +# lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio ) +# ) + +# 8.3.2. Pilot Person +# +# The PilotPerson object class is used as a sub-class of person, to +# allow the use of a number of additional attributes to be assigned to +# entries of object class person. +# +# pilotPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# userid, +# textEncodedORAddress, +# rfc822Mailbox, +# favouriteDrink, +# roomNumber, +# userClass, +# homeTelephoneNumber, +# homePostalAddress, +# secretary, +# personalTitle, +# preferredDeliveryMethod, +# businessCategory, +# janetMailbox, +# otherMailbox, +# mobileTelephoneNumber, +# pagerTelephoneNumber, +# organizationalStatus, +# mailPreferenceOption, +# personalSignature} +# ::= {pilotObjectClass 4} +# +objectclass ( 0.9.2342.19200300.100.4.4 + NAME ( 'pilotPerson' 'newPilotPerson' ) + SUP person STRUCTURAL + MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $ + favouriteDrink $ roomNumber $ userClass $ + homeTelephoneNumber $ homePostalAddress $ secretary $ + personalTitle $ preferredDeliveryMethod $ businessCategory $ + janetMailbox $ otherMailbox $ mobileTelephoneNumber $ + pagerTelephoneNumber $ organizationalStatus $ + mailPreferenceOption $ personalSignature ) + ) + +# 8.3.3. Account +# +# The Account object class is used to define entries representing +# computer accounts. The userid attribute should be used for naming +# entries of this object class. +# +# account OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userid} +# MAY CONTAIN { +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# host} +# ::= {pilotObjectClass 5} +# +objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' + SUP top STRUCTURAL + MUST userid + MAY ( description $ seeAlso $ localityName $ + organizationName $ organizationalUnitName $ host ) + ) + +# 8.3.4. Document +# +# The Document object class is used to define entries which represent +# documents. +# +# document OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# documentIdentifier} +# MAY CONTAIN { +# commonName, +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# documentTitle, +# documentVersion, +# documentAuthor, +# documentLocation, +# documentPublisher} +# ::= {pilotObjectClass 6} +# +objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' + SUP top STRUCTURAL + MUST documentIdentifier + MAY ( commonName $ description $ seeAlso $ localityName $ + organizationName $ organizationalUnitName $ + documentTitle $ documentVersion $ documentAuthor $ + documentLocation $ documentPublisher ) + ) + +# 8.3.5. Room +# +# The Room object class is used to define entries representing rooms. +# The commonName attribute should be used for naming pentries of this +# object class. +# +# room OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# roomNumber, +# description, +# seeAlso, +# telephoneNumber} +# ::= {pilotObjectClass 7} +# +objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' + SUP top STRUCTURAL + MUST commonName + MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) + ) + +# 8.3.6. Document Series +# +# The Document Series object class is used to define an entry which +# represents a series of documents (e.g., The Request For Comments +# papers). +# +# documentSeries OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# localityName, +# organizationName, +# organizationalUnitName} +# ::= {pilotObjectClass 9} +# +objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' + SUP top STRUCTURAL + MUST commonName + MAY ( description $ seeAlso $ telephonenumber $ + localityName $ organizationName $ organizationalUnitName ) + ) + +# 8.3.7. Domain +# +# The Domain object class is used to define entries which represent DNS +# or NRS domains. The domainComponent attribute should be used for +# naming entries of this object class. The usage of this object class +# is described in more detail in [3]. +# +# domain OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# domainComponent} +# MAY CONTAIN { +# associatedName, +# organizationName, +# organizationalAttributeSet} +# ::= {pilotObjectClass 13} +# +objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' + SUP top STRUCTURAL + MUST domainComponent + MAY ( associatedName $ organizationName $ description $ + businessCategory $ seeAlso $ searchGuide $ userPassword $ + localityName $ stateOrProvinceName $ streetAddress $ + physicalDeliveryOfficeName $ postalAddress $ postalCode $ + postOfficeBox $ streetAddress $ + facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ + preferredDeliveryMethod $ destinationIndicator $ + registeredAddress $ x121Address ) + ) + +# 8.3.8. RFC822 Local Part +# +# The RFC822 Local Part object class is used to define entries which +# represent the local part of RFC822 mail addresses. This treats this +# part of an RFC822 address as a domain. The usage of this object +# class is described in more detail in [3]. +# +# rFC822localPart OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# commonName, +# surname, +# description, +# seeAlso, +# telephoneNumber, +# postalAttributeSet, +# telecommunicationAttributeSet} +# ::= {pilotObjectClass 14} +# +objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' + SUP domain STRUCTURAL + MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $ + physicalDeliveryOfficeName $ postalAddress $ postalCode $ + postOfficeBox $ streetAddress $ + facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ + telexNumber $ preferredDeliveryMethod $ destinationIndicator $ + registeredAddress $ x121Address ) + ) + +# 8.3.9. DNS Domain +# +# The DNS Domain (Domain NameServer) object class is used to define +# entries for DNS domains. The usage of this object class is described +# in more detail in [3]. +# +# dNSDomain OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# ARecord, +# MDRecord, +# MXRecord, +# NSRecord, +# SOARecord, +# CNAMERecord} +# ::= {pilotObjectClass 15} +# +objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' + SUP domain STRUCTURAL + MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ + SOARecord $ CNAMERecord ) + ) + +# 8.3.10. Domain Related Object +# +# The Domain Related Object object class is used to define entries +# which represent DNS/NRS domains which are "equivalent" to an X.500 +# domain: e.g., an organisation or organisational unit. The usage of +# this object class is described in more detail in [3]. +# +# domainRelatedObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# associatedDomain} +# ::= {pilotObjectClass 17} +# +objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' + DESC 'RFC1274: an object related to an domain' + SUP top AUXILIARY + MUST associatedDomain ) + +# 8.3.11. Friendly Country +# +# The Friendly Country object class is used to define country entries +# in the DIT. The object class is used to allow friendlier naming of +# countries than that allowed by the object class country. The naming +# attribute of object class country, countryName, has to be a 2 letter +# string defined in ISO 3166. +# +# friendlyCountry OBJECT-CLASS +# SUBCLASS OF country +# MUST CONTAIN { +# friendlyCountryName} +# ::= {pilotObjectClass 18} +# +objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' + SUP country STRUCTURAL + MUST friendlyCountryName ) + +# 8.3.12. Simple Security Object +# +# The Simple Security Object object class is used to allow an entry to +# have a userPassword attribute when an entry's principal object +# classes do not allow userPassword as an attribute type. +# +# simpleSecurityObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userPassword } +# ::= {pilotObjectClass 19} +# +## (in core.schema) +## objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' +## SUP top AUXILIARY +## MUST userPassword ) + +# 8.3.13. Pilot Organization +# +# The PilotOrganization object class is used as a sub-class of +# organization and organizationalUnit to allow a number of additional +# attributes to be assigned to entries of object classes organization +# and organizationalUnit. +# +# pilotOrganization OBJECT-CLASS +# SUBCLASS OF organization, organizationalUnit +# MAY CONTAIN { +# buildingName} +# ::= {pilotObjectClass 20} +# +objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' + SUP ( organization $ organizationalUnit ) STRUCTURAL + MAY buildingName ) + +# 8.3.14. Pilot DSA +# +# The PilotDSA object class is used as a sub-class of the dsa object +# class to allow additional attributes to be assigned to entries for +# DSAs. +# +# pilotDSA OBJECT-CLASS +# SUBCLASS OF dsa +# MUST CONTAIN { +# dSAQuality} +# ::= {pilotObjectClass 21} +# +objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' + SUP dsa STRUCTURAL + MAY dSAQuality ) + +# 8.3.15. Quality Labelled Data +# +# The Quality Labelled Data object class is used to allow the +# assignment of the data quality attributes to subtrees in the DIT. +# +# See [8] for more details. +# +# qualityLabelledData OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# dSAQuality} +# MAY CONTAIN { +# subtreeMinimumQuality, +# subtreeMaximumQuality} +# ::= {pilotObjectClass 22} +objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' + SUP top AUXILIARY + MUST dsaQuality + MAY ( subtreeMinimumQuality $ subtreeMaximumQuality ) + ) + + +# References +# +# [1] CCITT/ISO, "X.500, The Directory - overview of concepts, +# models and services, CCITT /ISO IS 9594. +# +# [2] Kille, S., "The THORN and RARE X.500 Naming Architecture, in +# University College London, Department of Computer Science +# Research Note 89/48, May 1989. +# +# [3] Kille, S., "X.500 and Domains", RFC 1279, University College +# London, November 1991. +# +# [4] Rose, M., "PSI/NYSERNet White Pages Pilot Project: Status +# Report", Technical Report 90-09-10-1, published by NYSERNet +# Inc, 1990. +# +# [5] Craigie, J., "UK Academic Community Directory Service Pilot +# Project, pp. 305-310 in Computer Networks and ISDN Systems +# 17 (1989), published by North Holland. +# +# [6] Mockapetris, P., "Domain Names - Concepts and Facilities", +# RFC 1034, USC/Information Sciences Institute, November 1987. +# +# [7] Mockapetris, P., "Domain Names - Implementation and +# Specification, RFC 1035, USC/Information Sciences Institute, +# November 1987. +# +# [8] Kille, S., "Handling QOS (Quality of service) in the +# Directory," publication in process, March 1991. +# +# +# APPENDIX C - Summary of all Object Classes and Attribute Types +# +# -- Some Important Object Identifiers +# +# data OBJECT IDENTIFIER ::= {ccitt 9} +# pss OBJECT IDENTIFIER ::= {data 2342} +# ucl OBJECT IDENTIFIER ::= {pss 19200300} +# pilot OBJECT IDENTIFIER ::= {ucl 100} +# +# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1} +# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3} +# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4} +# pilotGroups OBJECT IDENTIFIER ::= {pilot 10} +# +# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4} +# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::= +# {pilotAttributeSyntax 5} +# +# -- Standard Object Classes +# +# top OBJECT-CLASS +# MUST CONTAIN { +# objectClass} +# ::= {objectClass 0} +# +# +# alias OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# aliasedObjectName} +# ::= {objectClass 1} +# +# +# country OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# countryName} +# MAY CONTAIN { +# description, +# searchGuide} +# ::= {objectClass 2} +# +# +# locality OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# description, +# localityName, +# stateOrProvinceName, +# searchGuide, +# seeAlso, +# streetAddress} +# ::= {objectClass 3} +# +# +# organization OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# organizationName} +# MAY CONTAIN { +# organizationalAttributeSet} +# ::= {objectClass 4} +# +# +# organizationalUnit OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# organizationalUnitName} +# MAY CONTAIN { +# organizationalAttributeSet} +# ::= {objectClass 5} +# +# +# person OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# surname} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# userPassword} +# ::= {objectClass 6} +# +# +# organizationalPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# localeAttributeSet, +# organizationalUnitName, +# postalAttributeSet, +# telecommunicationAttributeSet, +# title} +# ::= {objectClass 7} +# +# +# organizationalRole OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localeAttributeSet, +# organizationalUnitName, +# postalAttributeSet, +# preferredDeliveryMethod, +# roleOccupant, +# seeAlso, +# telecommunicationAttributeSet} +# ::= {objectClass 8} +# +# +# groupOfNames OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# member} +# MAY CONTAIN { +# description, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# businessCategory} +# ::= {objectClass 9} +# +# +# residentialPerson OBJECT-CLASS +# SUBCLASS OF person +# MUST CONTAIN { +# localityName} +# MAY CONTAIN { +# localeAttributeSet, +# postalAttributeSet, +# preferredDeliveryMethod, +# telecommunicationAttributeSet, +# businessCategory} +# ::= {objectClass 10} +# +# +# applicationProcess OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localityName, +# organizationalUnitName, +# seeAlso} +# ::= {objectClass 11} +# +# +# applicationEntity OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# presentationAddress} +# MAY CONTAIN { +# description, +# localityName, +# organizationName, +# organizationalUnitName, +# seeAlso, +# supportedApplicationContext} +# ::= {objectClass 12} +# +# +# dSA OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# knowledgeInformation} +# ::= {objectClass 13} +# +# +# device OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localityName, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# serialNumber} +# ::= {objectClass 14} +# +# +# strongAuthenticationUser OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userCertificate} +# ::= {objectClass 15} +# +# +# certificationAuthority OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# cACertificate, +# certificateRevocationList, +# authorityRevocationList} +# MAY CONTAIN { +# crossCertificatePair} +# ::= {objectClass 16} +# +# -- Standard MHS Object Classes +# +# mhsDistributionList OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# mhsDLSubmitPermissions, +# mhsORAddresses} +# MAY CONTAIN { +# description, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# mhsDeliverableContentTypes, +# mhsdeliverableEits, +# mhsDLMembers, +# mhsPreferredDeliveryMethods} +# ::= {mhsObjectClass 0} +# +# +# mhsMessageStore OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# description, +# owner, +# mhsSupportedOptionalAttributes, +# mhsSupportedAutomaticActions, +# mhsSupportedContentTypes} +# ::= {mhsObjectClass 1} +# +# +# mhsMessageTransferAgent OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# description, +# owner, +# mhsDeliverableContentLength} +# ::= {mhsObjectClass 2} +# +# +# mhsOrganizationalUser OBJECT-CLASS +# SUBCLASS OF organizationalPerson +# MUST CONTAIN { +# mhsORAddresses} +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsMessageStoreName, +# mhsPreferredDeliveryMethods } +# ::= {mhsObjectClass 3} +# +# +# mhsResidentialUser OBJECT-CLASS +# SUBCLASS OF residentialPerson +# MUST CONTAIN { +# mhsORAddresses} +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsMessageStoreName, +# mhsPreferredDeliveryMethods } +# ::= {mhsObjectClass 4} +# +# +# mhsUserAgent OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsORAddresses, +# owner} +# ::= {mhsObjectClass 5} +# +# +# +# +# -- Pilot Object Classes +# +# pilotObject OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# info, +# photo, +# manager, +# uniqueIdentifier, +# lastModifiedTime, +# lastModifiedBy, +# dITRedirect, +# audio} +# ::= {pilotObjectClass 3} +# pilotPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# userid, +# textEncodedORAddress, +# rfc822Mailbox, +# favouriteDrink, +# roomNumber, +# userClass, +# homeTelephoneNumber, +# homePostalAddress, +# secretary, +# personalTitle, +# preferredDeliveryMethod, +# businessCategory, +# janetMailbox, +# otherMailbox, +# mobileTelephoneNumber, +# pagerTelephoneNumber, +# organizationalStatus, +# mailPreferenceOption, +# personalSignature} +# ::= {pilotObjectClass 4} +# +# +# account OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userid} +# MAY CONTAIN { +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# host} +# ::= {pilotObjectClass 5} +# +# +# document OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# documentIdentifier} +# MAY CONTAIN { +# commonName, +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# documentTitle, +# documentVersion, +# documentAuthor, +# documentLocation, +# documentPublisher} +# ::= {pilotObjectClass 6} +# +# +# room OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# roomNumber, +# description, +# seeAlso, +# telephoneNumber} +# ::= {pilotObjectClass 7} +# +# +# documentSeries OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# localityName, +# organizationName, +# organizationalUnitName} +# ::= {pilotObjectClass 9} +# +# +# domain OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# domainComponent} +# MAY CONTAIN { +# associatedName, +# organizationName, +# organizationalAttributeSet} +# ::= {pilotObjectClass 13} +# +# +# rFC822localPart OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# commonName, +# surname, +# description, +# seeAlso, +# telephoneNumber, +# postalAttributeSet, +# telecommunicationAttributeSet} +# ::= {pilotObjectClass 14} +# +# +# dNSDomain OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# ARecord, +# MDRecord, +# MXRecord, +# NSRecord, +# SOARecord, +# CNAMERecord} +# ::= {pilotObjectClass 15} +# +# +# domainRelatedObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# associatedDomain} +# ::= {pilotObjectClass 17} +# +# +# friendlyCountry OBJECT-CLASS +# SUBCLASS OF country +# MUST CONTAIN { +# friendlyCountryName} +# ::= {pilotObjectClass 18} +# +# +# simpleSecurityObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userPassword } +# ::= {pilotObjectClass 19} +# +# +# pilotOrganization OBJECT-CLASS +# SUBCLASS OF organization, organizationalUnit +# MAY CONTAIN { +# buildingName} +# ::= {pilotObjectClass 20} +# +# +# pilotDSA OBJECT-CLASS +# SUBCLASS OF dsa +# MUST CONTAIN { +# dSAQuality} +# ::= {pilotObjectClass 21} +# +# +# qualityLabelledData OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# dSAQuality} +# MAY CONTAIN { +# subtreeMinimumQuality, +# subtreeMaximumQuality} +# ::= {pilotObjectClass 22} +# +# +# +# +# -- Standard Attribute Types +# +# objectClass ObjectClass +# ::= {attributeType 0} +# +# +# aliasedObjectName AliasedObjectName +# ::= {attributeType 1} +# +# +# knowledgeInformation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreString +# ::= {attributeType 2} +# +# +# commonName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-common-name)) +# ::= {attributeType 3} +# +# +# surname ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-surname)) +# ::= {attributeType 4} +# +# +# serialNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX printableStringSyntax +# (SIZE (1..ub-serial-number)) +# ::= {attributeType 5} +# +# +# countryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PrintableString +# (SIZE (1..ub-country-code)) +# SINGLE VALUE +# ::= {attributeType 6} +# +# +# localityName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-locality-name)) +# ::= {attributeType 7} +# +# +# stateOrProvinceName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-state-name)) +# ::= {attributeType 8} +# +# +# streetAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-street-address)) +# ::= {attributeType 9} +# +# +# organizationName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-organization-name)) +# ::= {attributeType 10} +# +# +# organizationalUnitName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-organizational-unit-name)) +# ::= {attributeType 11} +# +# +# title ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-title)) +# ::= {attributeType 12} +# +# +# description ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-description)) +# ::= {attributeType 13} +# +# +# searchGuide ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX Guide +# ::= {attributeType 14} +# +# +# businessCategory ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-business-category)) +# ::= {attributeType 15} +# +# +# postalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PostalAddress +# MATCHES FOR EQUALITY +# ::= {attributeType 16} +# +# +# postalCode ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-postal-code)) +# ::= {attributeType 17} +# +# +# postOfficeBox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-post-office-box)) +# ::= {attributeType 18} +# +# +# physicalDeliveryOfficeName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-physical-office-name)) +# ::= {attributeType 19} +# +# +# telephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX telephoneNumberSyntax +# (SIZE (1..ub-telephone-number)) +# ::= {attributeType 20} +# +# +# telexNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX TelexNumber +# (SIZE (1..ub-telex)) +# ::= {attributeType 21} +# +# +# teletexTerminalIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX TeletexTerminalIdentifier +# (SIZE (1..ub-teletex-terminal-id)) +# ::= {attributeType 22} +# +# +# facsimileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX FacsimileTelephoneNumber +# ::= {attributeType 23} +# +# +# x121Address ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX NumericString +# (SIZE (1..ub-x121-address)) +# ::= {attributeType 24} +# +# +# internationaliSDNNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX NumericString +# (SIZE (1..ub-isdn-address)) +# ::= {attributeType 25} +# +# +# registeredAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PostalAddress +# ::= {attributeType 26} +# +# +# destinationIndicator ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PrintableString +# (SIZE (1..ub-destination-indicator)) +# MATCHES FOR EQUALITY SUBSTRINGS +# ::= {attributeType 27} +# +# +# preferredDeliveryMethod ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX deliveryMethod +# ::= {attributeType 28} +# +# +# presentationAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PresentationAddress +# MATCHES FOR EQUALITY +# ::= {attributeType 29} +# +# +# supportedApplicationContext ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX objectIdentifierSyntax +# ::= {attributeType 30} +# +# +# member ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 31} +# +# +# owner ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 32} +# +# +# roleOccupant ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 33} +# +# +# seeAlso ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 34} +# +# +# userPassword ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX Userpassword +# ::= {attributeType 35} +# +# +# userCertificate ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX UserCertificate +# ::= {attributeType 36} +# +# +# cACertificate ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX cACertificate +# ::= {attributeType 37} +# +# +# authorityRevocationList ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX AuthorityRevocationList +# ::= {attributeType 38} +# +# +# certificateRevocationList ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX CertificateRevocationList +# ::= {attributeType 39} +# +# +# crossCertificatePair ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX CrossCertificatePair +# ::= {attributeType 40} +# +# +# +# +# -- Standard MHS Attribute Types +# +# mhsDeliverableContentLength ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX integer +# ::= {mhsAttributeType 0} +# +# +# mhsDeliverableContentTypes ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 1} +# +# +# mhsDeliverableEits ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 2} +# +# +# mhsDLMembers ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oRName +# ::= {mhsAttributeType 3} +# +# +# mhsDLSubmitPermissions ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX dLSubmitPermission +# ::= {mhsAttributeType 4} +# +# +# mhsMessageStoreName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX dN +# ::= {mhsAttributeType 5} +# +# +# mhsORAddresses ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oRAddress +# ::= {mhsAttributeType 6} +# +# +# mhsPreferredDeliveryMethods ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX deliveryMethod +# ::= {mhsAttributeType 7} +# +# +# mhsSupportedAutomaticActions ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 8} +# +# +# mhsSupportedContentTypes ATTRIBUTE +# +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 9} +# +# +# mhsSupportedOptionalAttributes ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 10} +# +# +# +# +# -- Pilot Attribute Types +# +# userid ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-identifier)) +# ::= {pilotAttributeType 1} +# +# +# textEncodedORAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-text-encoded-or-address)) +# ::= {pilotAttributeType 2} +# +# +# rfc822Mailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-rfc822-mailbox)) +# ::= {pilotAttributeType 3} +# +# +# info ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-information)) +# ::= {pilotAttributeType 4} +# +# +# favouriteDrink ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-favourite-drink)) +# ::= {pilotAttributeType 5} +# +# +# roomNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-room-number)) +# ::= {pilotAttributeType 6} +# +# +# photo ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-photo)) +# ::= {pilotAttributeType 7} +# +# +# userClass ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-class)) +# ::= {pilotAttributeType 8} +# +# +# host ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-host)) +# ::= {pilotAttributeType 9} +# +# +# manager ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 10} +# +# +# documentIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-identifier)) +# ::= {pilotAttributeType 11} +# +# +# documentTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-title)) +# ::= {pilotAttributeType 12} +# +# +# documentVersion ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-version)) +# ::= {pilotAttributeType 13} +# +# +# documentAuthor ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 14} +# +# +# documentLocation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-location)) +# ::= {pilotAttributeType 15} +# +# +# homeTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 20} +# +# +# secretary ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 21} +# +# +# otherMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# SEQUENCE { +# mailboxType PrintableString, -- e.g. Telemail +# mailbox IA5String -- e.g. X378:Joe +# } +# ::= {pilotAttributeType 22} +# +# +# lastModifiedTime ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# uTCTimeSyntax +# ::= {pilotAttributeType 23} +# +# +# lastModifiedBy ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 24} +# +# +# domainComponent ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# SINGLE VALUE +# ::= {pilotAttributeType 25} +# +# +# aRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 26} +# +# +# mXRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 28} +# +# +# nSRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 29} +# +# sOARecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 30} +# +# +# cNAMERecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# iA5StringSyntax +# ::= {pilotAttributeType 31} +# +# +# associatedDomain ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# ::= {pilotAttributeType 37} +# +# +# associatedName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 38} +# +# +# homePostalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# postalAddress +# MATCHES FOR EQUALITY +# ::= {pilotAttributeType 39} +# +# +# personalTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-personal-title)) +# ::= {pilotAttributeType 40} +# +# +# mobileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 41} +# +# +# pagerTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 42} +# +# +# friendlyCountryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# ::= {pilotAttributeType 43} +# +# +# uniqueIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-unique-identifier)) +# ::= {pilotAttributeType 44} +# +# +# organizationalStatus ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-organizational-status)) +# ::= {pilotAttributeType 45} +# +# +# janetMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-janet-mailbox)) +# ::= {pilotAttributeType 46} +# +# +# mailPreferenceOption ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX ENUMERATED { +# no-list-inclusion(0), +# any-list-inclusion(1), -- may be added to any lists +# professional-list-inclusion(2) +# -- may be added to lists +# -- which the list provider +# -- views as related to the +# -- users professional inter- +# -- ests, perhaps evaluated +# -- from the business of the +# -- organisation or keywords +# -- in the entry. +# } +# ::= {pilotAttributeType 47} +# +# +# buildingName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-building-name)) +# ::= {pilotAttributeType 48} +# +# +# dSAQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 49} +# +# +# singleLevelQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# +# +# subtreeMinimumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 51} +# +# +# subtreeMaximumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 52} +# +# +# personalSignature ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-personal-signature)) +# ::= {pilotAttributeType 53} +# +# +# dITRedirect ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 54} +# +# +# audio ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# Audio +# (SIZE (1 .. ub-audio)) +# ::= {pilotAttributeType 55} +# +# documentPublisher ATTRIBUTE +# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax +# ::= {pilotAttributeType 56} +# +# +# +# -- Generally useful syntaxes +# +# +# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# iA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# -- Syntaxes to support the DNS attributes +# +# DNSRecordSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY +# +# +# NRSInformationSyntax ATTRIBUTE-SYNTAX +# NRSInformation +# MATCHES FOR EQUALITY +# +# +# NRSInformation ::= SET { +# [0] Context, +# [1] Address-space-id, +# routes [2] SEQUENCE OF SEQUENCE { +# Route-cost, +# Addressing-info } +# } +# +# +# -- Upper bounds on length of attribute values +# +# +# ub-document-identifier INTEGER ::= 256 +# +# ub-document-location INTEGER ::= 256 +# +# ub-document-title INTEGER ::= 256 +# +# ub-document-version INTEGER ::= 256 +# +# ub-favourite-drink INTEGER ::= 256 +# +# ub-host INTEGER ::= 256 +# +# ub-information INTEGER ::= 2048 +# +# ub-unique-identifier INTEGER ::= 256 +# +# ub-personal-title INTEGER ::= 256 +# +# ub-photo INTEGER ::= 250000 +# +# ub-rfc822-mailbox INTEGER ::= 256 +# +# ub-room-number INTEGER ::= 256 +# +# ub-text-or-address INTEGER ::= 256 +# +# ub-user-class INTEGER ::= 256 +# +# ub-user-identifier INTEGER ::= 256 +# +# ub-organizational-status INTEGER ::= 256 +# +# ub-janet-mailbox INTEGER ::= 256 +# +# ub-building-name INTEGER ::= 256 +# +# ub-personal-signature ::= 50000 +# +# ub-audio INTEGER ::= 250000 +# +# [remainder of memo trimmed] + +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/duaconf.schema,v b/openldap/schema/.rcs/duaconf.schema,v new file mode 100644 index 0000000..abf1588 --- /dev/null +++ b/openldap/schema/.rcs/duaconf.schema,v @@ -0,0 +1,304 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/duaconf.schema,v 1.5.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# DUA schema from draft-joslin-config-schema (a work in progress) + +# Contents of this file are subject to change (including deletion) +# without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +## Notes: +## - The matching rule for attributes followReferrals and dereferenceAliases +## has been changed to booleanMatch since their syntax is boolean +## - There was a typo in the name of the dereferenceAliases attributeType +## in the DUAConfigProfile objectClass definition +## - Credit goes to the original Authors + +# +# Application Working Group M. Ansari +# INTERNET-DRAFT Sun Microsystems, Inc. +# Expires Febuary 2003 L. Howard +# PADL Software Pty. Ltd. +# B. Joslin [ed.] +# Hewlett-Packard Company +# +# September 15th, 2003 +# Intended Category: Informational +# +# +# A Configuration Schema for LDAP Based +# Directory User Agents +# +# +#Status of this Memo +# +# This memo provides information for the Internet community. This +# memo does not specify an Internet standard of any kind. Distribu- +# tion of this memo is unlimited. +# +# This document is an Internet-Draft and is in full conformance with +# all provisions of Section 10 of RFC2026. +# +# This document is an Internet-Draft. Internet-Drafts are working +# documents of the Internet Engineering Task Force (IETF), its areas, +# and its working groups. Note that other groups may also distribute +# working documents as Internet-Drafts. +# +# Internet-Drafts are draft documents valid for a maximum of six +# months. Internet-Drafts may be updated, replaced, or made obsolete +# by other documents at any time. It is not appropriate to use +# Internet-Drafts as reference material or to cite them other than as +# a "working draft" or "work in progress". +# +# To learn the current status of any Internet-Draft, please check the +# 1id-abstracts.txt listing contained in the Internet-Drafts Shadow +# Directories on ds.internic.net (US East Coast), nic.nordu.net +# (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific +# Rim). +# +# Distribution of this document is unlimited. +# +# +# Abstract +# +# This document describes a mechanism for global configuration of +# similar directory user agents. This document defines a schema for +# configuration of these DUAs that may be discovered using the Light- +# weight Directory Access Protocol in RFC 2251[17]. A set of attri- +# bute types and an objectclass are proposed, along with specific +# guidelines for interpreting them. A significant feature of the +# global configuration policy for DUAs is a mechanism that allows +# DUAs to re-configure their schema to that of the end user's +# environment. This configuration is achieved through attribute and +# objectclass mapping. This document is intended to be a skeleton +# for future documents that describe configuration of specific DUA +# services. +# +# +# [trimmed] +# +# +# 2. General Issues +# +# The schema defined by this document is defined under the "DUA Con- +# figuration Schema." This schema is derived from the OID: iso (1) +# org (3) dod (6) internet (1) private (4) enterprises (1) Hewlett- +# Packard Company (11) directory (1) LDAP-UX Integration Project (3) +# DUA Configuration Schema (1). This OID is represented in this +# document by the keystring "DUAConfSchemaOID" +# (1.3.6.1.4.1.11.1.3.1). +objectidentifier DUAConfSchemaOID 1.3.6.1.4.1.11.1.3.1 +# +# 2.2 Attributes +# +# The attributes and classes defined in this document are summarized +# below. +# +# The following attributes are defined in this document: +# +# preferredServerList +# defaultServerList +# defaultSearchBase +# defaultSearchScope +# authenticationMethod +# credentialLevel +# serviceSearchDescriptor +# +# +# +# Joslin [Page 3] +# Internet-Draft DUA Configuration Schema October 2002 +# +# +# serviceCredentialLevel +# serviceAuthenticationMethod +# attributeMap +# objectclassMap +# searchTimeLimit +# bindTimeLimit +# followReferrals +# dereferenceAliases +# profileTTL +# +# 2.3 Object Classes +# +# The following object class is defined in this document: +# +# DUAConfigProfile +# +# +attributeType ( DUAConfSchemaOID:1.0 NAME 'defaultServerList' + DESC 'Default LDAP server host address used by a DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.1 NAME 'defaultSearchBase' + DESC 'Default LDAP base DN used by a DUA' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.2 NAME 'preferredServerList' + DESC 'Preferred LDAP server host addresses to be used by a + DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.3 NAME 'searchTimeLimit' + DESC 'Maximum time in seconds a DUA should allow for a + search to complete' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.4 NAME 'bindTimeLimit' + DESC 'Maximum time in seconds a DUA should allow for the + bind operation to complete' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.5 NAME 'followReferrals' + DESC 'Tells DUA if it should follow referrals + returned by a DSA search result' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.16 NAME 'dereferenceAliases' + DESC 'Tells DUA if it should dereference aliases' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.6 NAME 'authenticationMethod' + DESC 'A keystring which identifies the type of + authentication method used to contact the DSA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.7 NAME 'profileTTL' + DESC 'Time to live, in seconds, before a client DUA + should re-read this configuration profile' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.14 NAME 'serviceSearchDescriptor' + DESC 'LDAP search descriptor list used by a DUA' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributeType ( DUAConfSchemaOID:1.9 NAME 'attributeMap' + DESC 'Attribute mappings used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.10 NAME 'credentialLevel' + DESC 'Identifies type of credentials a DUA should + use when binding to the LDAP server' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.11 NAME 'objectclassMap' + DESC 'Objectclass mappings used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.12 NAME 'defaultSearchScope' + DESC 'Default search scope used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.13 NAME 'serviceCredentialLevel' + DESC 'Identifies type of credentials a DUA + should use when binding to the LDAP server for a + specific service' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.15 NAME 'serviceAuthenticationMethod' + DESC 'Authentication method used by a service of the DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +# +# 4. Class Definition +# +# The objectclass below is constructed from the attributes defined in +# 3, with the exception of the cn attribute, which is defined in RFC +# 2256 [8]. cn is used to represent the name of the DUA configura- +# tion profile. +# +objectClass ( DUAConfSchemaOID:2.5 NAME 'DUAConfigProfile' + SUP top STRUCTURAL + DESC 'Abstraction of a base configuration for a DUA' + MUST ( cn ) + MAY ( defaultServerList $ preferredServerList $ + defaultSearchBase $ defaultSearchScope $ + searchTimeLimit $ bindTimeLimit $ + credentialLevel $ authenticationMethod $ + followReferrals $ dereferenceAliases $ + serviceSearchDescriptor $ serviceCredentialLevel $ + serviceAuthenticationMethod $ objectclassMap $ + attributeMap $ profileTTL ) ) +@ + + +1.1 +log +@Initial revision +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/duaconf.schema,v 1.5.2.4 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/dyngroup.schema,v b/openldap/schema/.rcs/dyngroup.schema,v new file mode 100644 index 0000000..eb168ac --- /dev/null +++ b/openldap/schema/.rcs/dyngroup.schema,v @@ -0,0 +1,134 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# dyngroup.schema -- Dynamic Group schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.7 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Dynamic Group schema (experimental), as defined by Netscape. See +# http://www.redhat.com/docs/manuals/ent-server/pdf/esadmin611.pdf +# page 70 for details on how these groups were used. +# +# A description of the objectclass definition is available here: +# http://www.redhat.com/docs/manuals/dir-server/schema/7.1/oc_dir.html#1303745 +# +# depends upon: +# core.schema +# +# These definitions are considered experimental due to the lack of +# a formal specification (e.g., RFC). +# +# NOT RECOMMENDED FOR PRODUCTION USE! USE WITH CAUTION! +# +# The Netscape documentation describes this as an auxiliary objectclass +# but their implementations have always defined it as a structural class. +# The sloppiness here is because Netscape-derived servers don't actually +# implement the X.500 data model, and they don't honor the distinction +# between structural and auxiliary classes. This fact is noted here: +# http://forum.java.sun.com/thread.jspa?threadID=5016864&messageID=9034636 +# +# In accordance with other existing implementations, we define it as a +# structural class. +# +# Our definition of memberURL also does not match theirs but again +# their published definition and what works in practice do not agree. +# In other words, the Netscape definitions are broken and interoperability +# is not guaranteed. +# +# Also see the new DynGroup proposed spec at +# http://tools.ietf.org/html/draft-haripriya-dynamicgroup-02 + +objectIdentifier NetscapeRoot 2.16.840.1.113730 + +objectIdentifier NetscapeLDAP NetscapeRoot:3 +objectIdentifier NetscapeLDAPattributeType NetscapeLDAP:1 +objectIdentifier NetscapeLDAPobjectClass NetscapeLDAP:2 + +objectIdentifier OpenLDAPExp11 1.3.6.1.4.1.4203.666.11 +objectIdentifier DynGroupBase OpenLDAPExp11:8 +objectIdentifier DynGroupAttr DynGroupBase:1 +objectIdentifier DynGroupOC DynGroupBase:2 + +attributetype ( NetscapeLDAPattributeType:198 + NAME 'memberURL' + DESC 'Identifies an URL associated with each member of a group. Any type of labeled URL can be used.' + SUP labeledURI ) + +attributetype ( DynGroupAttr:1 + NAME 'dgIdentity' + DESC 'Identity to use when processing the memberURL' + SUP distinguishedName SINGLE-VALUE ) + +attributeType ( DynGroupAttr:2 + NAME 'dgAuthz' + DESC 'Optional authorization rules that determine who is allowed to assume the dgIdentity' + EQUALITY authzMatch + SYNTAX 1.3.6.1.4.1.4203.666.2.7 + X-ORDERED 'VALUES' ) + +objectClass ( NetscapeLDAPobjectClass:33 + NAME 'groupOfURLs' + SUP top STRUCTURAL + MUST cn + MAY ( memberURL $ businessCategory $ description $ o $ ou $ + owner $ seeAlso ) ) + +# The Haripriya dyngroup schema still needs a lot of work. +# We're just adding support for the dgIdentity attribute for now... +objectClass ( DynGroupOC:1 + NAME 'dgIdentityAux' + SUP top AUXILIARY + MAY ( dgIdentity $ dgAuthz ) ) + + +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.5 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/evolutionperson.schema,v b/openldap/schema/.rcs/evolutionperson.schema,v new file mode 100644 index 0000000..cbeb5be --- /dev/null +++ b/openldap/schema/.rcs/evolutionperson.schema,v @@ -0,0 +1,236 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.12.03.09.46.41; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079] +# (core.schema) +# +# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] +# (core.schema) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) +# +# The Internet Organizational Person Schema (inetorgperson) +# +# OIDs are broken up into the following: +# 1.3.6.1.4.1.8506.1.? +# .1 Syntaxes +# .2 Attributes +# .3 Objectclasses + +# primaryPhone +attributetype ( 1.3.6.1.4.1.8506.1.2.1 + NAME 'primaryPhone' + DESC 'preferred phone number used to contact a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# carPhone +attributetype ( 1.3.6.1.4.1.8506.1.2.2 + NAME 'carPhone' + DESC 'car phone telephone number of the person' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.3 + NAME ( 'homeFacsimileTelephoneNumber' 'homeFax' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.4 + NAME 'otherPhone' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.5 + NAME 'businessRole' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.6 + NAME 'managerName' + SUP name ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.7 + NAME 'assistantName' + SUP name ) + +# spouseName +# single valued (/me smirks) +attributetype ( 1.3.6.1.4.1.8506.1.2.8 + NAME 'spouseName' + SUP name + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.9 + NAME 'otherPostalAddress' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.10 + NAME ( 'mailer' 'mua' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.11 + NAME ( 'birthDate' 'dob' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.12 + NAME 'anniversary' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.13 + NAME 'note' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.14 + NAME 'evolutionArbitrary' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} ) + ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.15 + NAME 'fileAs' + SUP name ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.16 + NAME 'assistantPhone' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.17 + NAME 'companyPhone' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.18 + NAME 'callbackPhone' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +#attributetype ( 1.3.6.1.4.1.8506.1.2.19 +# NAME ( 'otherFacsimileTelephoneNumber' 'otherFax' ) +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.20 + NAME 'radio' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.21 + NAME 'telex' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.22 + NAME 'tty' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# deprecated - use the multivalued category +attributetype ( 1.3.6.1.4.1.8506.1.2.23 + NAME 'categories' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.24 + NAME 'contact' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.25 + NAME 'listName' + SUP name + SINGLE-VALUE ) + +# deprecated - use calEntry and its attributes from RFC 2739 +attributetype ( 1.3.6.1.4.1.8506.1.2.26 + NAME 'calendarURI' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +# deprecated - use calEntry and its attributes from RFC 2739 +attributetype ( 1.3.6.1.4.1.8506.1.2.27 + NAME 'freeBusyURI' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.28 + NAME 'category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} ) + + +# evolutionPerson +objectclass ( 1.3.6.1.4.1.8506.1.3.1 + NAME 'evolutionPerson' + DESC 'Objectclass geared to Evolution Usage' + SUP inetOrgPerson + STRUCTURAL + MAY ( + fileAs $ primaryPhone $ carPhone $ homeFacsimileTelephoneNumber $ + otherPhone $ businessRole $ managerName $ assistantName $ assistantPhone $ + otherPostalAddress $ mailer $ birthDate $ anniversary $ spouseName $ + note $ companyPhone $ callbackPhone $ otherFacsimileTelephoneNumber $ + radio $ telex $ tty $ categories $ category $ calendarURI $ freeBusyURI ) + ) + +# evolutionPersonList +objectclass ( 1.3.6.1.4.1.8506.1.3.2 + NAME 'evolutionPersonList' + DESC 'Objectclass geared to Evolution Contact Lists' + SUP top + STRUCTURAL + MUST ( + listName ) + MAY ( + mail $ contact ) + ) +@ diff --git a/openldap/schema/.rcs/extension.schema,v b/openldap/schema/.rcs/extension.schema,v new file mode 100644 index 0000000..400cd91 --- /dev/null +++ b/openldap/schema/.rcs/extension.schema,v @@ -0,0 +1,68 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.05.22.17.12.20; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@attributetype ( 1.3.6.1.4.1.4203.666.100.121 + NAME ( 'rdn' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.122 + NAME ( 'otherFacsimiletelephoneNumber' ) + SUP telephoneNumber ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.123 + NAME ( 'IPPhone' ) + SUP telephoneNumber ) + +# This attribute handles MS/Outlook and Netscape Communicator + +attributetype ( 1.3.6.1.4.1.4203.666.100.124 + NAME ( 'URL' 'homeUrl' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.125 + NAME ( 'comment' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.126 + NAME ( 'conferenceInformation' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.127 + NAME ( 'reports' ) + SUP manager ) + +objectclass ( 1.3.6.1.4.1.4203.666.100.1 + NAME 'officePerson' + DESC 'Office employee or computer user' + SUP inetOrgPerson + STRUCTURAL + MAY ( c $ + rdn $ + otherFacsimiletelephoneNumber $ + IPPhone $ + URL $ + comment $ + reports $ + conferenceInformation ) + ) +@ diff --git a/openldap/schema/.rcs/inetorgperson.schema,v b/openldap/schema/.rcs/inetorgperson.schema,v new file mode 100644 index 0000000..e7a7c3a --- /dev/null +++ b/openldap/schema/.rcs/inetorgperson.schema,v @@ -0,0 +1,198 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# inetorgperson.schema -- InetOrgPerson (RFC2798) +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.18.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# InetOrgPerson (RFC2798) +# +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079] +# (core.schema) +# +# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] +# (core.schema) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) + +# carLicense +# This multivalued field is used to record the values of the license or +# registration plate associated with an individual. +attributetype ( 2.16.840.1.113730.3.1.1 + NAME 'carLicense' + DESC 'RFC2798: vehicle license or registration plate' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# departmentNumber +# Code for department to which a person belongs. This can also be +# strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123). +attributetype ( 2.16.840.1.113730.3.1.2 + NAME 'departmentNumber' + DESC 'RFC2798: identifies a department within an organization' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# displayName +# When displaying an entry, especially within a one-line summary list, it +# is useful to be able to identify a name to be used. Since other attri- +# bute types such as 'cn' are multivalued, an additional attribute type is +# needed. Display name is defined for this purpose. +attributetype ( 2.16.840.1.113730.3.1.241 + NAME 'displayName' + DESC 'RFC2798: preferred name to be used when displaying entries' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# employeeNumber +# Numeric or alphanumeric identifier assigned to a person, typically based +# on order of hire or association with an organization. Single valued. +attributetype ( 2.16.840.1.113730.3.1.3 + NAME 'employeeNumber' + DESC 'RFC2798: numerically identifies an employee within an organization' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# employeeType +# Used to identify the employer to employee relationship. Typical values +# used will be "Contractor", "Employee", "Intern", "Temp", "External", and +# "Unknown" but any value may be used. +attributetype ( 2.16.840.1.113730.3.1.4 + NAME 'employeeType' + DESC 'RFC2798: type of employment for a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# jpegPhoto +# Used to store one or more images of a person using the JPEG File +# Interchange Format [JFIF]. +# Note that the jpegPhoto attribute type was defined for use in the +# Internet X.500 pilots but no referencable definition for it could be +# located. +attributetype ( 0.9.2342.19200300.100.1.60 + NAME 'jpegPhoto' + DESC 'RFC2798: a JPEG image' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) + +# preferredLanguage +# Used to indicate an individual's preferred written or spoken +# language. This is useful for international correspondence or human- +# computer interaction. Values for this attribute type MUST conform to +# the definition of the Accept-Language header field defined in +# [RFC2068] with one exception: the sequence "Accept-Language" ":" +# should be omitted. This is a single valued attribute type. +attributetype ( 2.16.840.1.113730.3.1.39 + NAME 'preferredLanguage' + DESC 'RFC2798: preferred written or spoken language for a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# userSMIMECertificate +# A PKCS#7 [RFC2315] SignedData, where the content that is signed is +# ignored by consumers of userSMIMECertificate values. It is +# recommended that values have a `contentType' of data with an absent +# `content' field. Values of this attribute contain a person's entire +# certificate chain and an smimeCapabilities field [RFC2633] that at a +# minimum describes their SMIME algorithm capabilities. Values for +# this attribute are to be stored and requested in binary form, as +# 'userSMIMECertificate;binary'. If available, this attribute is +# preferred over the userCertificate attribute for S/MIME applications. +## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary +attributetype ( 2.16.840.1.113730.3.1.40 + NAME 'userSMIMECertificate' + DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) + +# userPKCS12 +# PKCS #12 [PKCS12] provides a format for exchange of personal identity +# information. When such information is stored in a directory service, +# the userPKCS12 attribute should be used. This attribute is to be stored +# and requested in binary form, as 'userPKCS12;binary'. The attribute +# values are PFX PDUs stored as binary data. +## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary +attributetype ( 2.16.840.1.113730.3.1.216 + NAME 'userPKCS12' + DESC 'RFC2798: personal identity information, a PKCS #12 PFX' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) + + +# inetOrgPerson +# The inetOrgPerson represents people who are associated with an +# organization in some way. It is a structural class and is derived +# from the organizationalPerson which is defined in X.521 [X521]. +objectclass ( 2.16.840.1.113730.3.2.2 + NAME 'inetOrgPerson' + DESC 'RFC2798: Internet Organizational Person' + SUP organizationalPerson + STRUCTURAL + MAY ( + audio $ businessCategory $ carLicense $ departmentNumber $ + displayName $ employeeNumber $ employeeType $ givenName $ + homePhone $ homePostalAddress $ initials $ jpegPhoto $ + labeledURI $ mail $ manager $ mobile $ o $ pager $ + photo $ roomNumber $ secretary $ uid $ userCertificate $ + x500uniqueIdentifier $ preferredLanguage $ + userSMIMECertificate $ userPKCS12 ) + ) +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.18.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/java.schema,v b/openldap/schema/.rcs/java.schema,v new file mode 100644 index 0000000..c041ce9 --- /dev/null +++ b/openldap/schema/.rcs/java.schema,v @@ -0,0 +1,446 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# java.schema -- Java Object Schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Java Object Schema (defined in RFC 2713) +# depends upon core.schema +# + +# Network Working Group V. Ryan +# Request for Comments: 2713 S. Seligman +# Category: Informational R. Lee +# Sun Microsystems, Inc. +# October 1999 +# +# +# Schema for Representing Java(tm) Objects in an LDAP Directory +# +# Status of this Memo +# +# This memo provides information for the Internet community. It does +# not specify an Internet standard of any kind. Distribution of this +# memo is unlimited. +# +# Copyright Notice +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# Abstract +# +# This document defines the schema for representing Java(tm) objects in +# an LDAP directory [LDAPv3]. It defines schema elements to represent +# a Java serialized object [Serial], a Java marshalled object [RMI], a +# Java remote object [RMI], and a JNDI reference [JNDI]. +# + +# [trimmed] + +# 3 Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# javaClassName +# javaClassNames +# javaCodebase +# javaSerializedData +# javaFactory +# javaReferenceAddress +# javaDoc +# +# 3.1 javaClassName +# +# This attribute stores the fully qualified name of the Java object's +# "distinguished" class or interface (for example, "java.lang.String"). +# It is a single-valued attribute. This attribute's syntax is ' +# Directory String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.6 +# NAME 'javaClassName' +# DESC 'Fully qualified name of distinguished Java class or +# interface' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.6 + NAME 'javaClassName' + DESC 'Fully qualified name of distinguished Java class or interface' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# 3.2 javaCodebase +# +# This attribute stores the Java class definition's locations. It +# specifies the locations from which to load the class definition for +# the class specified by the javaClassName attribute. Each value of +# the attribute contains an ordered list of URLs, separated by spaces. +# For example, a value of "url1 url2 url3" means that the three +# (possibly interdependent) URLs (url1, url2, and url3) form the +# codebase for loading in the Java class definition. +# +# If the javaCodebase attribute contains more than one value, each +# value is an independent codebase. That is, there is no relationship +# between the URLs in one value and those in another; each value can be +# viewed as an alternate source for loading the Java class definition. +# See [Java] for information regarding class loading. +# +# This attribute's syntax is 'IA5 String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.7 +# NAME 'javaCodebase' +# DESC 'URL(s) specifying the location of class definition' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.7 + NAME 'javaCodebase' + DESC 'URL(s) specifying the location of class definition' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 3.3 javaClassNames +# +# This attribute stores the Java object's fully qualified class or +# interface names (for example, "java.lang.String"). It is a +# multivalued attribute. When more than one value is present, each is +# the name of a class or interface, or ancestor class or interface, of +# this object. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.13 +# NAME 'javaClassNames' +# DESC 'Fully qualified Java class or interface name' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.13 + NAME 'javaClassNames' + DESC 'Fully qualified Java class or interface name' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 3.4 javaSerializedData +# +# This attribute stores the serialized form of a Java object. The +# serialized form is described in [Serial]. +# +# This attribute's syntax is 'Octet String'. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.8 +# NAME 'javaSerializedData +# DESC 'Serialized form of a Java object' +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.8 + NAME 'javaSerializedData' + DESC 'Serialized form of a Java object' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 + SINGLE-VALUE ) + +# 3.5 javaFactory +# +# This attribute stores the fully qualified class name of the object +# factory (for example, "com.wiz.jndi.WizObjectFactory") that can be +# used to create an instance of the object identified by the +# javaClassName attribute. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.10 +# NAME 'javaFactory' +# DESC 'Fully qualified Java class name of a JNDI object factory' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.10 + NAME 'javaFactory' + DESC 'Fully qualified Java class name of a JNDI object factory' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# 3.6 javaReferenceAddress +# +# This attribute represents the sequence of addresses of a JNDI +# reference. Each of its values represents one address, a Java object +# of type javax.naming.RefAddr. Its value is a concatenation of the +# address type and address contents, preceded by a sequence number (the +# order of addresses in a JNDI reference is significant). For example: +# +# #0#TypeA#ValA +# #1#TypeB#ValB +# #2#TypeC##rO0ABXNyABpq... +# +# In more detail, the value is encoded as follows: +# +# The delimiter is the first character of the value. For readability +# the character '#' is recommended when it is not otherwise used +# anywhere in the value, but any character may be used subject to +# restrictions given below. +# +# The first delimiter is followed by the sequence number. The sequence +# number of an address is its position in the JNDI reference, with the +# first address being numbered 0. It is represented by its shortest +# string form, in decimal notation. +# +# The sequence number is followed by a delimiter, then by the address +# type, and then by another delimiter. If the address is of Java class +# javax.naming.StringRefAddr, then this delimiter is followed by the +# value of the address contents (which is a string). Otherwise, this +# delimiter is followed immediately by another delimiter, and then by +# the Base64 encoding of the serialized form of the entire address. +# +# The delimiter may be any character other than a digit or a character +# contained in the address type. In addition, if the address contents +# is a string, the delimiter may not be the first character of that +# string. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. It can contain multiple values. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.11 +# NAME 'javaReferenceAddress' +# DESC 'Addresses associated with a JNDI Reference' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.11 + NAME 'javaReferenceAddress' + DESC 'Addresses associated with a JNDI Reference' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 3.7 javaDoc +# +# This attribute stores a pointer to the Java documentation for the +# class. It's value is a URL. For example, the following URL points to +# the specification of the java.lang.String class: +# http://java.sun.com/products/jdk/1.2/docs/api/java/lang/String.html +# +# This attribute's syntax is 'IA5 String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.12 +# NAME 'javaDoc' +# DESC 'The Java documentation for the class' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.12 + NAME 'javaDoc' + DESC 'The Java documentation for the class' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 4 Object Class Definitions +# +# The following object classes are defined in this document: +# +# javaContainer +# javaObject +# javaSerializedObject +# javaMarshalledObject +# javaNamingReference +# +# 4.1 javaContainer +# +# This structural object class represents a container for a Java +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.1 +# NAME 'javaContainer' +# DESC 'Container for a Java object' +# SUP top +# STRUCTURAL +# MUST ( cn ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1 + NAME 'javaContainer' + DESC 'Container for a Java object' + SUP top + STRUCTURAL + MUST cn ) + +# 4.2 javaObject +# +# This abstract object class represents a Java object. A javaObject +# cannot exist in the directory; only auxiliary or structural +# subclasses of it can exist in the directory. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.4 +# NAME 'javaObject' +# DESC 'Java object representation' +# SUP top +# ABSTRACT +# MUST ( javaClassName ) +# MAY ( javaClassNames $ +# javaCodebase $ +# javaDoc $ +# description ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.4 + NAME 'javaObject' + DESC 'Java object representation' + SUP top + ABSTRACT + MUST javaClassName + MAY ( javaClassNames $ javaCodebase $ + javaDoc $ description ) ) + +# 4.3 javaSerializedObject +# +# This auxiliary object class represents a Java serialized object. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.5 +# NAME 'javaSerializedObject' +# DESC 'Java serialized object' +# SUP javaObject +# AUXILIARY +# MUST ( javaSerializedData ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.5 + NAME 'javaSerializedObject' + DESC 'Java serialized object' + SUP javaObject + AUXILIARY + MUST javaSerializedData ) + +# 4.4 javaMarshalledObject +# +# This auxiliary object class represents a Java marshalled object. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.8 +# NAME 'javaMarshalledObject' +# DESC 'Java marshalled object' +# SUP javaObject +# AUXILIARY +# MUST ( javaSerializedData ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.8 + NAME 'javaMarshalledObject' + DESC 'Java marshalled object' + SUP javaObject + AUXILIARY + MUST javaSerializedData ) + +# 4.5 javaNamingReference +# +# This auxiliary object class represents a JNDI reference. It must be +# mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.7 +# NAME 'javaNamingReference' +# DESC 'JNDI reference' +# SUP javaObject +# AUXILIARY +# MAY ( javaReferenceAddress $ +# javaFactory ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.7 + NAME 'javaNamingReference' + DESC 'JNDI reference' + SUP javaObject + AUXILIARY + MAY ( javaReferenceAddress $ javaFactory ) ) + +# Full Copyright Statement +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# This document and translations of it may be copied and furnished to +# others, and derivative works that comment on or otherwise explain it +# or assist in its implementation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph are +# included on all such copies and derivative works. However, this +# document itself may not be modified in any way, such as by removing +# the copyright notice or references to the Internet Society or other +# Internet organizations, except as needed for the purpose of +# developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be +# followed, or as required to translate it into languages other than +# English. +# +# The limited permissions granted above are perpetual and will not be +# revoked by the Internet Society or its successors or assigns. +# +# This document and the information contained herein is provided on an +# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/kerberos.schema,v b/openldap/schema/.rcs/kerberos.schema,v new file mode 100644 index 0000000..0fbdebc --- /dev/null +++ b/openldap/schema/.rcs/kerberos.schema,v @@ -0,0 +1,695 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.06.28.16.05.43; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Novell Kerberos Schema Definitions +# Novell Inc. +# 1800 South Novell Place +# Provo, UT 84606 +# +# VeRsIoN=1.0 +# CoPyRiGhT=(c) Copyright 2006, Novell, Inc. All rights reserved +# +# OIDs: +# joint-iso-ccitt(2) +# country(16) +# us(840) +# organization(1) +# Novell(113719) +# applications(1) +# kerberos(301) +# Kerberos Attribute Type(4) attr# version# +# specific attribute definitions +# Kerberos Attribute Syntax(5) +# specific syntax definitions +# Kerberos Object Class(6) class# version# +# specific class definitions +# +# iso(1) +# member-body(2) +# United States(840) +# mit (113554) +# infosys(1) +# ldap(4) +# attributeTypes(1) +# Kerberos(6) + +######################################################################## + + +######################################################################## +# Attribute Type Definitions # +######################################################################## + +##### This is the principal name in the RFC 1964 specified format + +attributetype ( 2.16.840.1.113719.1.301.4.1.1 + NAME 'krbPrincipalName' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + +##### If there are multiple krbPrincipalName values for an entry, this +##### is the canonical principal name in the RFC 1964 specified +##### format. (If this attribute does not exist, then all +##### krbPrincipalName values are treated as canonical.) + +attributetype ( 1.2.840.113554.1.4.1.6.1 + NAME 'krbCanonicalName' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE) + +##### This specifies the type of the principal, the types could be any of +##### the types mentioned in section 6.2 of RFC 4120 + +attributetype ( 2.16.840.1.113719.1.301.4.3.1 + NAME 'krbPrincipalType' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### This flag is used to find whether directory User Password has to be used +##### as kerberos password. +##### TRUE, if User Password is to be used as the kerberos password. +##### FALSE, if User Password and the kerberos password are different. + +attributetype ( 2.16.840.1.113719.1.301.4.5.1 + NAME 'krbUPEnabled' + DESC 'Boolean' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE) + + +##### The time at which the principal expires + +attributetype ( 2.16.840.1.113719.1.301.4.6.1 + NAME 'krbPrincipalExpiration' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### The krbTicketFlags attribute holds information about the kerberos flags for a principal +##### The values (0x00000001 - 0x00800000) are reserved for standards and +##### values (0x01000000 - 0x80000000) can be used for proprietary extensions. +##### The flags and values as per RFC 4120 and MIT implementation are, +##### DISALLOW_POSTDATED 0x00000001 +##### DISALLOW_FORWARDABLE 0x00000002 +##### DISALLOW_TGT_BASED 0x00000004 +##### DISALLOW_RENEWABLE 0x00000008 +##### DISALLOW_PROXIABLE 0x00000010 +##### DISALLOW_DUP_SKEY 0x00000020 +##### DISALLOW_ALL_TIX 0x00000040 +##### REQUIRES_PRE_AUTH 0x00000080 +##### REQUIRES_HW_AUTH 0x00000100 +##### REQUIRES_PWCHANGE 0x00000200 +##### DISALLOW_SVR 0x00001000 +##### PWCHANGE_SERVICE 0x00002000 + + +attributetype ( 2.16.840.1.113719.1.301.4.8.1 + NAME 'krbTicketFlags' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### The maximum ticket lifetime for a principal in seconds + +attributetype ( 2.16.840.1.113719.1.301.4.9.1 + NAME 'krbMaxTicketLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Maximum renewable lifetime for a principal's ticket in seconds + +attributetype ( 2.16.840.1.113719.1.301.4.10.1 + NAME 'krbMaxRenewableAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Forward reference to the Realm object. +##### (FDN of the krbRealmContainer object). +##### Example: cn=ACME.COM, cn=Kerberos, cn=Security + +attributetype ( 2.16.840.1.113719.1.301.4.14.1 + NAME 'krbRealmReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### List of LDAP servers that kerberos servers can contact. +##### The attribute holds data in the ldap uri format, +##### Examples: acme.com#636, 164.164.164.164#1636, ldaps://acme.com:636 +##### +##### The values of this attribute need to be updated, when +##### the LDAP servers listed here are renamed, moved or deleted. + +attributetype ( 2.16.840.1.113719.1.301.4.15.1 + NAME 'krbLdapServers' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### A set of forward references to the KDC Service objects. +##### (FDNs of the krbKdcService objects). +##### Example: cn=kdc - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.17.1 + NAME 'krbKdcServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### A set of forward references to the Password Service objects. +##### (FDNs of the krbPwdService objects). +##### Example: cn=kpasswdd - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.18.1 + NAME 'krbPwdServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute holds the Host Name or the ip address, +##### transport protocol and ports of the kerberos service host +##### The format is host_name-or-ip_address#protocol#port +##### Protocol can be 0 or 1. 0 is for UDP. 1 is for TCP. + +attributetype ( 2.16.840.1.113719.1.301.4.24.1 + NAME 'krbHostServer' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + + +##### This attribute holds the scope for searching the principals +##### under krbSubTree attribute of krbRealmContainer +##### The value can either be 1 (ONE) or 2 (SUB_TREE). + +attributetype ( 2.16.840.1.113719.1.301.4.25.1 + NAME 'krbSearchScope' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### FDNs pointing to Kerberos principals + +attributetype ( 2.16.840.1.113719.1.301.4.26.1 + NAME 'krbPrincipalReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute specifies which attribute of the user objects +##### be used as the principal name component for Kerberos. +##### The allowed values are cn, sn, uid, givenname, fullname. + +attributetype ( 2.16.840.1.113719.1.301.4.28.1 + NAME 'krbPrincNamingAttr' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE) + + +##### A set of forward references to the Administration Service objects. +##### (FDNs of the krbAdmService objects). +##### Example: cn=kadmindd - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.29.1 + NAME 'krbAdmServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### Maximum lifetime of a principal's password + +attributetype ( 2.16.840.1.113719.1.301.4.30.1 + NAME 'krbMaxPwdLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum lifetime of a principal's password + +attributetype ( 2.16.840.1.113719.1.301.4.31.1 + NAME 'krbMinPwdLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum number of character clases allowed in a password + +attributetype ( 2.16.840.1.113719.1.301.4.32.1 + NAME 'krbPwdMinDiffChars' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum length of the password + +attributetype ( 2.16.840.1.113719.1.301.4.33.1 + NAME 'krbPwdMinLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Number of previous versions of passwords that are stored + +attributetype ( 2.16.840.1.113719.1.301.4.34.1 + NAME 'krbPwdHistoryLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Number of consecutive pre-authentication failures before lockout + +attributetype ( 1.3.6.1.4.1.5322.21.2.1 + NAME 'krbPwdMaxFailure' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Period after which bad preauthentication count will be reset + +attributetype ( 1.3.6.1.4.1.5322.21.2.2 + NAME 'krbPwdFailureCountInterval' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Period in which lockout is enforced + +attributetype ( 1.3.6.1.4.1.5322.21.2.3 + NAME 'krbPwdLockoutDuration' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### FDN pointing to a Kerberos Password Policy object + +attributetype ( 2.16.840.1.113719.1.301.4.36.1 + NAME 'krbPwdPolicyReference' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE) + + +##### The time at which the principal's password expires + +attributetype ( 2.16.840.1.113719.1.301.4.37.1 + NAME 'krbPasswordExpiration' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### This attribute holds the principal's key (krbPrincipalKey) that is encrypted with +##### the master key (krbMKey). +##### The attribute is ASN.1 encoded. +##### +##### The format of the value for this attribute is explained below, +##### KrbKeySet ::= SEQUENCE { +##### attribute-major-vno [0] UInt16, +##### attribute-minor-vno [1] UInt16, +##### kvno [2] UInt32, +##### mkvno [3] UInt32 OPTIONAL, +##### keys [4] SEQUENCE OF KrbKey, +##### ... +##### } +##### +##### KrbKey ::= SEQUENCE { +##### salt [0] KrbSalt OPTIONAL, +##### key [1] EncryptionKey, +##### s2kparams [2] OCTET STRING OPTIONAL, +##### ... +##### } +##### +##### KrbSalt ::= SEQUENCE { +##### type [0] Int32, +##### salt [1] OCTET STRING OPTIONAL +##### } +##### +##### EncryptionKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + +attributetype ( 2.16.840.1.113719.1.301.4.39.1 + NAME 'krbPrincipalKey' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### FDN pointing to a Kerberos Ticket Policy object. + +attributetype ( 2.16.840.1.113719.1.301.4.40.1 + NAME 'krbTicketPolicyReference' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE) + + +##### Forward reference to an entry that starts sub-trees +##### where principals and other kerberos objects in the realm are configured. +##### Example: ou=acme, ou=pq, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.41.1 + NAME 'krbSubTrees' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### Holds the default encryption/salt type combinations of principals for +##### the Realm. Stores in the form of key:salt strings. This will be +##### subset of the supported encryption/salt types. +##### Example: des-cbc-crc:normal + +attributetype ( 2.16.840.1.113719.1.301.4.42.1 + NAME 'krbDefaultEncSaltTypes' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### Holds the supported encryption/salt type combinations of principals for +##### the Realm. Stores in the form of key:salt strings. +##### The supported encryption types are mentioned in RFC 3961 +##### The supported salt types are, +##### NORMAL +##### V4 +##### NOREALM +##### ONLYREALM +##### SPECIAL +##### AFS3 +##### Example: des-cbc-crc:normal + +attributetype ( 2.16.840.1.113719.1.301.4.43.1 + NAME 'krbSupportedEncSaltTypes' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### This attribute holds the principal's old keys (krbPwdHistory) that is encrypted with +##### the kadmin/history key. +##### The attribute is ASN.1 encoded. +##### +##### The format of the value for this attribute is explained below, +##### KrbKeySet ::= SEQUENCE { +##### attribute-major-vno [0] UInt16, +##### attribute-minor-vno [1] UInt16, +##### kvno [2] UInt32, +##### mkvno [3] UInt32 OPTIONAL -- actually kadmin/history key, +##### keys [4] SEQUENCE OF KrbKey, +##### ... +##### } +##### +##### KrbKey ::= SEQUENCE { +##### salt [0] KrbSalt OPTIONAL, +##### key [1] EncryptionKey, +##### s2kparams [2] OCTET STRING OPTIONAL, +##### ... +##### } +##### +##### KrbSalt ::= SEQUENCE { +##### type [0] Int32, +##### salt [1] OCTET STRING OPTIONAL +##### } +##### +##### EncryptionKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + +attributetype ( 2.16.840.1.113719.1.301.4.44.1 + NAME 'krbPwdHistory' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### The time at which the principal's password last password change happened. + +attributetype ( 2.16.840.1.113719.1.301.4.45.1 + NAME 'krbLastPwdChange' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### This attribute holds the kerberos master key. +##### This can be used to encrypt principal keys. +##### This attribute has to be secured in directory. +##### +##### This attribute is ASN.1 encoded. +##### The format of the value for this attribute is explained below, +##### KrbMKey ::= SEQUENCE { +##### kvno [0] UInt32, +##### key [1] MasterKey +##### } +##### +##### MasterKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + + +attributetype ( 2.16.840.1.113719.1.301.4.46.1 + NAME 'krbMKey' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### This stores the alternate principal names for the principal in the RFC 1964 specified format + +attributetype ( 2.16.840.1.113719.1.301.4.47.1 + NAME 'krbPrincipalAliases' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + + +##### The time at which the principal's last successful authentication happened. + +attributetype ( 2.16.840.1.113719.1.301.4.48.1 + NAME 'krbLastSuccessfulAuth' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### The time at which the principal's last failed authentication happened. + +attributetype ( 2.16.840.1.113719.1.301.4.49.1 + NAME 'krbLastFailedAuth' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### This attribute stores the number of failed authentication attempts +##### happened for the principal since the last successful authentication. + +attributetype ( 2.16.840.1.113719.1.301.4.50.1 + NAME 'krbLoginFailedCount' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + + +##### This attribute holds the application specific data. + +attributetype ( 2.16.840.1.113719.1.301.4.51.1 + NAME 'krbExtraData' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### This attributes holds references to the set of directory objects. +##### This stores the DNs of the directory objects to which the +##### principal object belongs to. + +attributetype ( 2.16.840.1.113719.1.301.4.52.1 + NAME 'krbObjectReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute holds references to a Container object where +##### the additional principal objects and stand alone principal +##### objects (krbPrincipal) can be created. + +attributetype ( 2.16.840.1.113719.1.301.4.53.1 + NAME 'krbPrincContainerRef' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + +##### A list of services to which a service principal can delegate. +attributetype ( 1.3.6.1.4.1.5322.21.2.4 + NAME 'krbAllowedToDelegateTo' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + +######################################################################## +######################################################################## +# Object Class Definitions # +######################################################################## + +#### This is a kerberos container for all the realms in a tree. + +objectclass ( 2.16.840.1.113719.1.301.6.1.1 + NAME 'krbContainer' + SUP top + STRUCTURAL + MUST ( cn ) ) + + +##### The krbRealmContainer is created per realm and holds realm specific data. + +objectclass ( 2.16.840.1.113719.1.301.6.2.1 + NAME 'krbRealmContainer' + SUP top + STRUCTURAL + MUST ( cn ) + MAY ( krbMKey $ krbUPEnabled $ krbSubTrees $ krbSearchScope $ krbLdapServers $ krbSupportedEncSaltTypes $ krbDefaultEncSaltTypes $ krbTicketPolicyReference $ krbKdcServers $ krbPwdServers $ krbAdmServers $ krbPrincNamingAttr $ krbPwdPolicyReference $ krbPrincContainerRef ) ) + + +##### An instance of a class derived from krbService is created per +##### kerberos authentication or administration server in an realm and holds +##### references to the realm objects. These references is used to further read +##### realm specific data to service AS/TGS requests. Additionally this object +##### contains some server specific data like pathnames and ports that the +##### server uses. This is the identity the kerberos server logs in with. A key +##### pair for the same is created and the kerberos server logs in with the same. +##### +##### krbKdcService, krbAdmService and krbPwdService derive from this class. + +objectclass ( 2.16.840.1.113719.1.301.6.3.1 + NAME 'krbService' + SUP top + ABSTRACT + MUST ( cn ) + MAY ( krbHostServer $ krbRealmReferences ) ) + + +##### Representative object for the KDC server to bind into a LDAP directory +##### and have a connection to access Kerberos data with the required +##### access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.4.1 + NAME 'krbKdcService' + SUP krbService + STRUCTURAL ) + + +##### Representative object for the Kerberos Password server to bind into a LDAP directory +##### and have a connection to access Kerberos data with the required +##### access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.5.1 + NAME 'krbPwdService' + SUP krbService + STRUCTURAL ) + + +###### The principal data auxiliary class. Holds principal information +###### and is used to store principal information for Person, Service objects. + +objectclass ( 2.16.840.1.113719.1.301.6.8.1 + NAME 'krbPrincipalAux' + SUP top + AUXILIARY + MAY ( krbPrincipalName $ krbCanonicalName $ krbUPEnabled $ krbPrincipalKey $ krbTicketPolicyReference $ krbPrincipalExpiration $ krbPasswordExpiration $ krbPwdPolicyReference $ krbPrincipalType $ krbPwdHistory $ krbLastPwdChange $ krbPrincipalAliases $ krbLastSuccessfulAuth $ krbLastFailedAuth $ krbLoginFailedCount $ krbExtraData $ krbAllowedToDelegateTo ) ) + + +###### This class is used to create additional principals and stand alone principals. + +objectclass ( 2.16.840.1.113719.1.301.6.9.1 + NAME 'krbPrincipal' + SUP top + MUST ( krbPrincipalName ) + MAY ( krbObjectReferences ) ) + + +###### The principal references auxiliary class. Holds all principals referred +###### from a service + +objectclass ( 2.16.840.1.113719.1.301.6.11.1 + NAME 'krbPrincRefAux' + SUP top + AUXILIARY + MAY krbPrincipalReferences ) + + +##### Representative object for the Kerberos Administration server to bind into a LDAP directory +##### and have a connection Id to access Kerberos data with the required access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.13.1 + NAME 'krbAdmService' + SUP krbService + STRUCTURAL ) + + +##### The krbPwdPolicy object is a template password policy that +##### can be applied to principals when they are created. +##### These policy attributes will be in effect, when the Kerberos +##### passwords are different from users' passwords (UP). + +objectclass ( 2.16.840.1.113719.1.301.6.14.1 + NAME 'krbPwdPolicy' + SUP top + MUST ( cn ) + MAY ( krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration ) ) + + +##### The krbTicketPolicyAux holds Kerberos ticket policy attributes. +##### This class can be attached to a principal object or realm object. + +objectclass ( 2.16.840.1.113719.1.301.6.16.1 + NAME 'krbTicketPolicyAux' + SUP top + AUXILIARY + MAY ( krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge ) ) + + +##### The krbTicketPolicy object is an effective ticket policy that is associated with a realm or a principal + +objectclass ( 2.16.840.1.113719.1.301.6.17.1 + NAME 'krbTicketPolicy' + SUP top + MUST ( cn ) ) + +@ diff --git a/openldap/schema/.rcs/misc.schema,v b/openldap/schema/.rcs/misc.schema,v new file mode 100644 index 0000000..f3c578b --- /dev/null +++ b/openldap/schema/.rcs/misc.schema,v @@ -0,0 +1,118 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# misc.schema -- assorted schema definitions +# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.30.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Assorted definitions from several sources, including +# ''works in progress''. Contents of this file are +# subject to change (including deletion) without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +#----------------------------------------------------------- +# draft-lachman-laser-ldap-mail-routing-02.txt !!!EXPIRED!!! +# (a work in progress) +# +attributetype ( 2.16.840.1.113730.3.1.13 + NAME 'mailLocalAddress' + DESC 'RFC822 email address of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 2.16.840.1.113730.3.1.18 + NAME 'mailHost' + DESC 'FQDN of the SMTP/MTA of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113730.3.1.47 + NAME 'mailRoutingAddress' + DESC 'RFC822 routing address of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +# I-D leaves this OID TBD. +# iPlanet uses 2.16.840.1.113.730.3.2.147 but that is an +# improperly delegated OID. A typo is likely. +objectclass ( 2.16.840.1.113730.3.2.147 + NAME 'inetLocalMailRecipient' + DESC 'Internet local mail recipient' + SUP top AUXILIARY + MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) ) + +#----------------------------------------------------------- +# draft-srivastava-ldap-mail-00.txt !!!EXPIRED!!! +# (a work in progress) +# +attributetype ( 1.3.6.1.4.1.42.2.27.2.1.15 + NAME 'rfc822MailMember' + DESC 'rfc822 mail address of group member(s)' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#----------------------------------------------------------- +# !!!no I-D!!! +# (a work in progress) +# +objectclass ( 1.3.6.1.4.1.42.2.27.1.2.5 + NAME 'nisMailAlias' + DESC 'NIS mail alias' + SUP top STRUCTURAL + MUST cn + MAY rfc822MailMember ) +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.30.2.4 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/mozilla.schema,v b/openldap/schema/.rcs/mozilla.schema,v new file mode 100644 index 0000000..6cb8096 --- /dev/null +++ b/openldap/schema/.rcs/mozilla.schema,v @@ -0,0 +1,203 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2007.06.04.11.33.39; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# Mozilla: @@VERSION@@ +# +# mozillaAbPersonAlpha +# +# Created initial version --[[User:Standard8|Standard8]] 12:21, 5 Dec 2005 (PST) +# +# This file contains LDAPv3 schema for use with the Mozilla Address Book +# and is intended to ... + +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079], and A Summary of +# the X.500(96) User Schema for use with LDAPv3 [RFC2256] (core.schema) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) +# +# The InetOrgPerson Schema [RFC2798] (inetorgperson.schema) + +# 1.3.6.1.4.1.13769.2.x - Mozilla AB 'Contact' tab + +attributetype ( 1.3.6.1.4.1.13769.2.1 + NAME ( 'mozillaNickname' 'xmozillanickname' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.13769.2.2 + NAME ( 'mozillaSecondEmail' 'xmozillasecondemail' ) + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.3 + NAME ( 'mozillaUseHtmlMail' 'xmozillausehtmlmail' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +# AOL Instant Messenger (AIM) Identity +attributetype ( 1.3.6.1.4.1.13769.2.4 + NAME ( 'nsAIMid' 'nscpaimscreenname' ) + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 1.3.6.1.4.1.13769.3.x - Mozilla AB 'Address' tab + +attributetype ( 1.3.6.1.4.1.13769.3.1 + NAME 'mozillaHomeStreet' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.2 + NAME 'mozillaHomeStreet2' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.3 + NAME 'mozillaHomeLocalityName' + SUP name + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.4 + NAME 'mozillaHomeState' + SUP name + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.5 + NAME 'mozillaHomePostalCode' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.6 + NAME 'mozillaHomeCountryName' + SUP name + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.7 + NAME 'mozillaHomeUrl' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.8 + NAME 'mozillaWorkStreet2' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.9 + NAME 'mozillaWorkUrl' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +# 1.3.6.1.4.1.13769.4.x - Mozilla AB 'Other' tab + +attributetype ( 1.3.6.1.4.1.13769.4.1 + NAME 'mozillaCustom1' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.4.2 NAME 'mozillaCustom2' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.4.3 NAME 'mozillaCustom3' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.4.4 NAME 'mozillaCustom4' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +# 1.3.6.1.4.1.13769.9 - Mozilla AB objectclasses + +# The mozillaAddressBookEntry object class is used to define entries +# representing Cards in the Mozilla Address Book. The commonName attribute +# is used for naming entries of this object class, but may not be unique. +# department $ + +objectclass ( 1.3.6.1.4.1.13769.9.1 + NAME 'mozillaAbPersonAlpha' + SUP top AUXILIARY + MUST ( cn ) + MAY ( + c $ + description $ + displayName $ + fax $ + givenName $ + homePhone $ + l $ + mail $ + mobile $ + mozillaNickname $ + mozillaSecondEmail $ + mozillaUseHtmlMail $ + nsAIMid $ + mozillaWorkStreet2 $ + mozillaWorkUrl $ + mozillaHomeCountryName $ + mozillaHomeLocalityName $ + mozillaHomePostalCode $ + mozillaHomeState $ + mozillaHomeStreet $ + mozillaHomeStreet2 $ + mozillaHomeUrl $ + mozillaCustom1 $ + mozillaCustom2 $ + mozillaCustom3 $ + mozillaCustom4 $ + o $ + ou $ + pager $ + postalCode $ + postOfficeBox $ + sn $ + st $ + street $ + telephoneNumber $ + title $ + co + ) ) + + +@ diff --git a/openldap/schema/.rcs/mozillaorg.schema,v b/openldap/schema/.rcs/mozillaorg.schema,v new file mode 100644 index 0000000..ecd1f04 --- /dev/null +++ b/openldap/schema/.rcs/mozillaorg.schema,v @@ -0,0 +1,205 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.11.30.09.56.34; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# +# mozillaOrgPerson schema v. 0.6.3 +# + +# req. core +# req. cosine +# req. inetorgperson + +# attribute defs + +attributetype ( 1.3.6.1.4.1.13769.2.1.1 + NAME ( 'mozillaNickname' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.2 + NAME ( 'mozillaUseHtmlMail' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.3 + NAME 'mozillaSecondEmail' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.4 + NAME 'mozillaHomeLocalityName' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.5 + NAME 'mozillaPostalAddress2' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.6 + NAME 'mozillaHomePostalAddress2' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.7 + NAME ( 'mozillaHomeState' ) SUP name ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.8 + NAME 'mozillaHomePostalCode' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.9 + NAME ( 'mozillaHomeCountryName' ) + SUP name SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.10 + NAME ( 'mozillaHomeFriendlyCountryName' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.11 + NAME ( 'mozillaHomeUrl' ) + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.12 + NAME ( 'mozillaWorkUrl' ) + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# un-comment for all LDAP server NOT supporting SYNTAX 2.16.840.1.113730.3.7.1 +attributetype ( 1.3.6.1.4.1.13769.2.1.13 + NAME ( 'nsAIMid' ) + DESC 'AOL Instant Messenger (AIM) Identity' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.14 NAME ( 'mozillaHomeStreet' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.15 NAME ( 'mozillaWorkStreet2' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +# un-comment for Netscape 6.x and all other LDAP server supporting SYNTAX 2.16.840.1.113730.3.7.1 +# attributeTypes ( 2.16.840.1.113730.3.1.2013 +# NAME ( 'nsAIMid' ) +# DESC 'AOL Instant Messenger (AIM) Identity' +# SYNTAX 2.16.840.1.113730.3.7.1 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.96 + NAME ( 'mozillaCustom1' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.97 + NAME ( 'mozillaCustom2' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.98 + NAME ( 'mozillaCustom3' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.99 + NAME ( 'mozillaCustom4' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# defined in "A Summary of the X.500(96) User Schema for use with LDAPv3" - RFC 2256 +# +# attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# DESC 'RFC2256: ISO-3166 country 2-letter code' +# SUP name SINGLE-VALUE ) + +# defined in "The COSINE and Internet X.500 Schema" - RFC 1274 +# +# attributetype ( 0.9.2342.19200300.100.1.43 +# NAME ( 'co' 'friendlyCountryName' ) +# DESC 'RFC1274: friendly country name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + + +# objectClass defs + +objectclass ( 1.3.6.1.4.1.13769.2.2.1 + NAME 'mozillaOrgPerson' + SUP top + AUXILIARY + MAY ( + sn $ + givenName $ + cn $ + mozillaNickname $ + title $ + telephoneNumber $ + facsimileTelephoneNumber $ + mobile $ + pager $ + homePhone $ + street $ + postalCode $ + mozillaPostalAddress2 $ + mozillaHomeStreet $ + mozillaHomePostalAddress2 $ + mozillaWorkStreet2 $ + l $ + mozillaHomeLocalityName $ + st $ + mozillaHomeState $ + mozillaHomePostalCode $ + c $ + mozillaHomeCountryName $ + co $ + mozillaHomeFriendlyCountryName $ + ou $ + o $ + mail $ + mozillaSecondEmail $ + mozillaUseHtmlMail $ + nsAIMid $ + mozillaHomeUrl $ + mozillaWorkUrl $ + description $ + mozillaCustom1 $ + mozillaCustom2 $ + mozillaCustom3 $ + mozillaCustom4 ) ) + +# not part of the official Mozilla schema but read by Mozilla: 'departmentNumber' and 'postOfficeBox' +@ diff --git a/openldap/schema/.rcs/nis.schema,v b/openldap/schema/.rcs/nis.schema,v new file mode 100644 index 0000000..3484c05 --- /dev/null +++ b/openldap/schema/.rcs/nis.schema,v @@ -0,0 +1,280 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,v 1.15.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# Definitions from RFC2307 (Experimental) +# An Approach for Using LDAP as a Network Information Service + +# Depends upon core.schema and cosine.schema + +# Note: The definitions in RFC2307 are given in syntaxes closely related +# to those in RFC2252, however, some liberties are taken that are not +# supported by RFC2252. This file has been written following RFC2252 +# strictly. + +# OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1). +# i.e. nisSchema in RFC2307 is 1.3.6.1.1.1 +# +# Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined) +# validaters for these syntaxes are incomplete, they only +# implement printable string validation (which is good as the +# common use of these syntaxes violates the specification). +# Attribute types are under 1.3.6.1.1.1.1 +# Object classes are under 1.3.6.1.1.1.2 + +# Attribute Type Definitions + +# builtin +#attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' +# DESC 'An integer uniquely identifying a user in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# builtin +#attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' +# DESC 'An integer uniquely identifying a group in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' + DESC 'The GECOS field; the common name' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' + DESC 'The absolute path to the home directory' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' + DESC 'The path to the login shell' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' + DESC 'Netgroup triple' + SYNTAX 1.3.6.1.1.1.0.0 ) + +attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' + SUP name ) + +attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' + DESC 'IP address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' + DESC 'IP network' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' + DESC 'IP netmask' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' + DESC 'MAC address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' + DESC 'rpc.bootparamd parameter' + SYNTAX 1.3.6.1.1.1.0.1 ) + +attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' + DESC 'Boot image name' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' + SUP name ) + +attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE ) + +# Object Class Definitions + +objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' + DESC 'Abstraction of an account with POSIX attributes' + SUP top AUXILIARY + MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) + MAY ( userPassword $ loginShell $ gecos $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' + DESC 'Additional attributes for shadow passwords' + SUP top AUXILIARY + MUST uid + MAY ( userPassword $ shadowLastChange $ shadowMin $ + shadowMax $ shadowWarning $ shadowInactive $ + shadowExpire $ shadowFlag $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' + DESC 'Abstraction of a group of accounts' + SUP top STRUCTURAL + MUST ( cn $ gidNumber ) + MAY ( userPassword $ memberUid $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' + DESC 'Abstraction an Internet Protocol service' + SUP top STRUCTURAL + MUST ( cn $ ipServicePort $ ipServiceProtocol ) + MAY ( description ) ) + +objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' + DESC 'Abstraction of an IP protocol' + SUP top STRUCTURAL + MUST ( cn $ ipProtocolNumber $ description ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' + DESC 'Abstraction of an ONC/RPC binding' + SUP top STRUCTURAL + MUST ( cn $ oncRpcNumber $ description ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' + DESC 'Abstraction of a host, an IP device' + SUP top AUXILIARY + MUST ( cn $ ipHostNumber ) + MAY ( l $ description $ manager ) ) + +objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' + DESC 'Abstraction of an IP network' + SUP top STRUCTURAL + MUST ( cn $ ipNetworkNumber ) + MAY ( ipNetmaskNumber $ l $ description $ manager ) ) + +objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' + DESC 'Abstraction of a netgroup' + SUP top STRUCTURAL + MUST cn + MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' + DESC 'A generic abstraction of a NIS map' + SUP top STRUCTURAL + MUST nisMapName + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' + DESC 'An entry in a NIS map' + SUP top STRUCTURAL + MUST ( cn $ nisMapEntry $ nisMapName ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' + DESC 'A device with a MAC address' + SUP top AUXILIARY + MAY macAddress ) + +objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' + DESC 'A device with boot parameters' + SUP top AUXILIARY + MAY ( bootFile $ bootParameter ) ) +@ + + +1.1 +log +@Initial revision +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,v 1.15.2.4 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/openldap.schema,v b/openldap/schema/.rcs/openldap.schema,v new file mode 100644 index 0000000..c653d28 --- /dev/null +++ b/openldap/schema/.rcs/openldap.schema,v @@ -0,0 +1,97 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.schema,v 1.24.2.7 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# +# OpenLDAP Project's directory schema items +# +# depends upon: +# core.schema +# cosine.schema +# inetorgperson.schema +# +# These are provided for informational purposes only. + +objectIdentifier OpenLDAProot 1.3.6.1.4.1.4203 + +objectIdentifier OpenLDAP OpenLDAProot:1 +objectIdentifier OpenLDAPattributeType OpenLDAP:3 +objectIdentifier OpenLDAPobjectClass OpenLDAP:4 + +objectClass ( OpenLDAPobjectClass:3 + NAME 'OpenLDAPorg' + DESC 'OpenLDAP Organizational Object' + SUP organization + MAY ( buildingName $ displayName $ labeledURI ) ) + +objectClass ( OpenLDAPobjectClass:4 + NAME 'OpenLDAPou' + DESC 'OpenLDAP Organizational Unit Object' + SUP organizationalUnit + MAY ( buildingName $ displayName $ labeledURI $ o ) ) + +objectClass ( OpenLDAPobjectClass:5 + NAME 'OpenLDAPperson' + DESC 'OpenLDAP Person' + SUP ( pilotPerson $ inetOrgPerson ) + MUST ( uid $ cn ) + MAY ( givenName $ labeledURI $ o ) ) + +objectClass ( OpenLDAPobjectClass:6 + NAME 'OpenLDAPdisplayableObject' + DESC 'OpenLDAP Displayable Object' + AUXILIARY + MAY displayName ) +@ + + +1.1 +log +@Initial revision +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.schema,v 1.24.2.5 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/openssh.schema,v b/openldap/schema/.rcs/openssh.schema,v new file mode 100644 index 0000000..c2b51de --- /dev/null +++ b/openldap/schema/.rcs/openssh.schema,v @@ -0,0 +1,53 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.04.07.20.50.11; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@# +# LDAP Public Key Patch schema for use with openssh-ldappubkey +# Author: Eric AUGE +# Frank Brehm +# +# $Header: http://svn.profitbricks.localdomain/trunk/packages/openssh-ldap/openssh.schema 11624 2011-04-07 16:00:04Z fbrehm $ +# +# Based on the proposal of : Mark Ruijter +# + +# octetString SYNTAX +attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' + DESC 'MANDATORY: OpenSSH Public key' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + +attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.14 NAME 'sshPrivateKey' + DESC 'MANDATORY: OpenSSH Private key' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + +# printableString SYNTAX yes|no +objectclass ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY + DESC 'MANDATORY: OpenSSH LPK objectclass' + MAY ( sshPublicKey $ sshPrivateKey $ uid ) + ) + + +# vim: fileencoding=utf-8 filetype=conf ts=4 +@ diff --git a/openldap/schema/.rcs/pmi.schema,v b/openldap/schema/.rcs/pmi.schema,v new file mode 100644 index 0000000..fc3708e --- /dev/null +++ b/openldap/schema/.rcs/pmi.schema,v @@ -0,0 +1,507 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# OpenLDAP X.509 PMI schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/pmi.schema,v 1.1.2.4 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2006). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +# +# +# Includes LDAPv3 schema items from: +# ITU X.509 (08/2005) +# +## X.509 (08/2005) pp. 120-121 +## +## -- object identifier assignments -- +## -- object classes -- +## id-oc-pmiUser OBJECT IDENTIFIER ::= {id-oc 24} +## id-oc-pmiAA OBJECT IDENTIFIER ::= {id-oc 25} +## id-oc-pmiSOA OBJECT IDENTIFIER ::= {id-oc 26} +## id-oc-attCertCRLDistributionPts OBJECT IDENTIFIER ::= {id-oc 27} +## id-oc-privilegePolicy OBJECT IDENTIFIER ::= {id-oc 32} +## id-oc-pmiDelegationPath OBJECT IDENTIFIER ::= {id-oc 33} +## id-oc-protectedPrivilegePolicy OBJECT IDENTIFIER ::= {id-oc 34} +## -- directory attributes -- +## id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} +## id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} +## id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61} +## id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62} +## id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63} +## id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71} +## id-at-role OBJECT IDENTIFIER ::= {id-at 72} +## id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73} +## id-at-protPrivPolicy OBJECT IDENTIFIER ::= {id-at 74} +## id-at-xMLPrivilegeInfo OBJECT IDENTIFIER ::= {id-at 75} +## id-at-xMLPprotPrivPolicy OBJECT IDENTIFIER ::= {id-at 76} +## -- attribute certificate extensions -- +## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} +## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} +## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} +## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} +## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} +## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} +## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} +## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} +## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} +## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} +## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} +## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} +## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} +## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} +## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} +## -- PMI matching rules -- +## id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} +## id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45} +## id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46} +## id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53} +## id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54} +## id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55} +## id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56} +## id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57} +## id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58} +## id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59} +## id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61} +## id-mr-sOAIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 66} +## id-mr-indirectIssuerMatch OBJECT IDENTIFIER ::= {id-mr 67} +## +## +## X.509 (08/2005) pp. 71, 86-89 +## +## 14.4.1 Role attribute +## role ATTRIBUTE ::= { +## WITH SYNTAX RoleSyntax +## ID id-at-role } +## RoleSyntax ::= SEQUENCE { +## roleAuthority [0] GeneralNames OPTIONAL, +## roleName [1] GeneralName } +## +## 14.5 XML privilege information attribute +## xmlPrivilegeInfo ATTRIBUTE ::= { +## WITH SYNTAX UTF8String -- contains XML-encoded privilege information +## ID id-at-xMLPrivilegeInfo } +## +## 17.1 PMI directory object classes +## +## 17.1.1 PMI user object class +## pmiUser OBJECT-CLASS ::= { +## -- a PMI user (i.e., a "holder") +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {attributeCertificateAttribute} +## ID id-oc-pmiUser } +## +## 17.1.2 PMI AA object class +## pmiAA OBJECT-CLASS ::= { +## -- a PMI AA +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {aACertificate | +## attributeCertificateRevocationList | +## attributeAuthorityRevocationList} +## ID id-oc-pmiAA } +## +## 17.1.3 PMI SOA object class +## pmiSOA OBJECT-CLASS ::= { -- a PMI Source of Authority +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {attributeCertificateRevocationList | +## attributeAuthorityRevocationList | +## attributeDescriptorCertificate} +## ID id-oc-pmiSOA } +## +## 17.1.4 Attribute certificate CRL distribution point object class +## attCertCRLDistributionPt OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN { attributeCertificateRevocationList | +## attributeAuthorityRevocationList } +## ID id-oc-attCertCRLDistributionPts } +## +## 17.1.5 PMI delegation path +## pmiDelegationPath OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN { delegationPath } +## ID id-oc-pmiDelegationPath } +## +## 17.1.6 Privilege policy object class +## privilegePolicy OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {privPolicy } +## ID id-oc-privilegePolicy } +## +## 17.1.7 Protected privilege policy object class +## protectedPrivilegePolicy OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {protPrivPolicy } +## ID id-oc-protectedPrivilegePolicy } +## +## 17.2 PMI Directory attributes +## +## 17.2.1 Attribute certificate attribute +## attributeCertificateAttribute ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-attributeCertificate } +## +## 17.2.2 AA certificate attribute +## aACertificate ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-aACertificate } +## +## 17.2.3 Attribute descriptor certificate attribute +## attributeDescriptorCertificate ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-attributeDescriptorCertificate } +## +## 17.2.4 Attribute certificate revocation list attribute +## attributeCertificateRevocationList ATTRIBUTE ::= { +## WITH SYNTAX CertificateList +## EQUALITY MATCHING RULE certificateListExactMatch +## ID id-at-attributeCertificateRevocationList} +## +## 17.2.5 AA certificate revocation list attribute +## attributeAuthorityRevocationList ATTRIBUTE ::= { +## WITH SYNTAX CertificateList +## EQUALITY MATCHING RULE certificateListExactMatch +## ID id-at-attributeAuthorityRevocationList } +## +## 17.2.6 Delegation path attribute +## delegationPath ATTRIBUTE ::= { +## WITH SYNTAX AttCertPath +## ID id-at-delegationPath } +## AttCertPath ::= SEQUENCE OF AttributeCertificate +## +## 17.2.7 Privilege policy attribute +## privPolicy ATTRIBUTE ::= { +## WITH SYNTAX PolicySyntax +## ID id-at-privPolicy } +## +## 17.2.8 Protected privilege policy attribute +## protPrivPolicy ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-protPrivPolicy } +## +## 17.2.9 XML Protected privilege policy attribute +## xmlPrivPolicy ATTRIBUTE ::= { +## WITH SYNTAX UTF8String -- contains XML-encoded privilege policy information +## ID id-at-xMLPprotPrivPolicy } +## + +## -- object identifier assignments -- +## -- object classes -- +objectidentifier id-oc-pmiUser 2.5.6.24 +objectidentifier id-oc-pmiAA 2.5.6.25 +objectidentifier id-oc-pmiSOA 2.5.6.26 +objectidentifier id-oc-attCertCRLDistributionPts 2.5.6.27 +objectidentifier id-oc-privilegePolicy 2.5.6.32 +objectidentifier id-oc-pmiDelegationPath 2.5.6.33 +objectidentifier id-oc-protectedPrivilegePolicy 2.5.6.34 +## -- directory attributes -- +objectidentifier id-at-attributeCertificate 2.5.4.58 +objectidentifier id-at-attributeCertificateRevocationList 2.5.4.59 +objectidentifier id-at-aACertificate 2.5.4.61 +objectidentifier id-at-attributeDescriptorCertificate 2.5.4.62 +objectidentifier id-at-attributeAuthorityRevocationList 2.5.4.63 +objectidentifier id-at-privPolicy 2.5.4.71 +objectidentifier id-at-role 2.5.4.72 +objectidentifier id-at-delegationPath 2.5.4.73 +objectidentifier id-at-protPrivPolicy 2.5.4.74 +objectidentifier id-at-xMLPrivilegeInfo 2.5.4.75 +objectidentifier id-at-xMLPprotPrivPolicy 2.5.4.76 +## -- attribute certificate extensions -- +## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} +## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} +## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} +## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} +## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} +## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} +## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} +## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} +## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} +## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} +## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} +## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} +## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} +## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} +## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} +## -- PMI matching rules -- +objectidentifier id-mr 2.5.13 +objectidentifier id-mr-attributeCertificateMatch id-mr:42 +objectidentifier id-mr-attributeCertificateExactMatch id-mr:45 +objectidentifier id-mr-holderIssuerMatch id-mr:46 +objectidentifier id-mr-authAttIdMatch id-mr:53 +objectidentifier id-mr-roleSpecCertIdMatch id-mr:54 +objectidentifier id-mr-basicAttConstraintsMatch id-mr:55 +objectidentifier id-mr-delegatedNameConstraintsMatch id-mr:56 +objectidentifier id-mr-timeSpecMatch id-mr:57 +objectidentifier id-mr-attDescriptorMatch id-mr:58 +objectidentifier id-mr-acceptableCertPoliciesMatch id-mr:59 +objectidentifier id-mr-delegationPathMatch id-mr:61 +objectidentifier id-mr-sOAIdentifierMatch id-mr:66 +objectidentifier id-mr-indirectIssuerMatch id-mr:67 +## -- syntaxes -- +## NOTE: 1.3.6.1.4.1.4203.666.11.10 is the oid arc assigned by OpenLDAP +## to this work in progress +objectidentifier AttributeCertificate 1.3.6.1.4.1.4203.666.11.10.2.1 +objectidentifier CertificateList 1.3.6.1.4.1.1466.115.121.1.9 +objectidentifier AttCertPath 1.3.6.1.4.1.4203.666.11.10.2.4 +objectidentifier PolicySyntax 1.3.6.1.4.1.4203.666.11.10.2.5 +objectidentifier RoleSyntax 1.3.6.1.4.1.4203.666.11.10.2.6 +# NOTE: OIDs from (expired) +#objectidentifier AttributeCertificate 1.2.826.0.1.3344810.7.5 +#objectidentifier AttCertPath 1.2.826.0.1.3344810.7.10 +#objectidentifier PolicySyntax 1.2.826.0.1.3344810.7.17 +#objectidentifier RoleSyntax 1.2.826.0.1.3344810.7.13 +## +## Substitute syntaxes +## +## AttCertPath +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.4 + NAME 'AttCertPath' + DESC 'X.509 PMI attribute cartificate path: SEQUENCE OF AttributeCertificate' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## PolicySyntax +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.5 + NAME 'PolicySyntax' + DESC 'X.509 PMI policy syntax' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## RoleSyntax +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.6 + NAME 'RoleSyntax' + DESC 'X.509 PMI role syntax' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## X.509 (08/2005) pp. 71, 86-89 +## +## 14.4.1 Role attribute +attributeType ( id-at-role + NAME 'role' + DESC 'X.509 Role attribute, use ;binary' + SYNTAX RoleSyntax ) +## +## 14.5 XML privilege information attribute +## -- contains XML-encoded privilege information +attributeType ( id-at-xMLPrivilegeInfo + NAME 'xmlPrivilegeInfo' + DESC 'X.509 XML privilege information attribute' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +## +## 17.2 PMI Directory attributes +## +## 17.2.1 Attribute certificate attribute +attributeType ( id-at-attributeCertificate + NAME 'attributeCertificateAttribute' + DESC 'X.509 Attribute certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.2 AA certificate attribute +attributeType ( id-at-aACertificate + NAME 'aACertificate' + DESC 'X.509 AA certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.3 Attribute descriptor certificate attribute +attributeType ( id-at-attributeDescriptorCertificate + NAME 'attributeDescriptorCertificate' + DESC 'X.509 Attribute descriptor certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.4 Attribute certificate revocation list attribute +attributeType ( id-at-attributeCertificateRevocationList + NAME 'attributeCertificateRevocationList' + DESC 'X.509 Attribute certificate revocation list attribute, use ;binary' + SYNTAX CertificateList + X-EQUALITY 'certificateListExactMatch, not implemented yet' ) +## +## 17.2.5 AA certificate revocation list attribute +attributeType ( id-at-attributeAuthorityRevocationList + NAME 'attributeAuthorityRevocationList' + DESC 'X.509 AA certificate revocation list attribute, use ;binary' + SYNTAX CertificateList + X-EQUALITY 'certificateListExactMatch, not implemented yet' ) +## +## 17.2.6 Delegation path attribute +attributeType ( id-at-delegationPath + NAME 'delegationPath' + DESC 'X.509 Delegation path attribute, use ;binary' + SYNTAX AttCertPath ) +## AttCertPath ::= SEQUENCE OF AttributeCertificate +## +## 17.2.7 Privilege policy attribute +attributeType ( id-at-privPolicy + NAME 'privPolicy' + DESC 'X.509 Privilege policy attribute, use ;binary' + SYNTAX PolicySyntax ) +## +## 17.2.8 Protected privilege policy attribute +attributeType ( id-at-protPrivPolicy + NAME 'protPrivPolicy' + DESC 'X.509 Protected privilege policy attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.9 XML Protected privilege policy attribute +## -- contains XML-encoded privilege policy information +attributeType ( id-at-xMLPprotPrivPolicy + NAME 'xmlPrivPolicy' + DESC 'X.509 XML Protected privilege policy attribute' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +## +## 17.1 PMI directory object classes +## +## 17.1.1 PMI user object class +## -- a PMI user (i.e., a "holder") +objectClass ( id-oc-pmiUser + NAME 'pmiUser' + DESC 'X.509 PMI user object class' + SUP top + AUXILIARY + MAY ( attributeCertificateAttribute ) ) +## +## 17.1.2 PMI AA object class +## -- a PMI AA +objectClass ( id-oc-pmiAA + NAME 'pmiAA' + DESC 'X.509 PMI AA object class' + SUP top + AUXILIARY + MAY ( aACertificate $ + attributeCertificateRevocationList $ + attributeAuthorityRevocationList + ) ) +## +## 17.1.3 PMI SOA object class +## -- a PMI Source of Authority +objectClass ( id-oc-pmiSOA + NAME 'pmiSOA' + DESC 'X.509 PMI SOA object class' + SUP top + AUXILIARY + MAY ( attributeCertificateRevocationList $ + attributeAuthorityRevocationList $ + attributeDescriptorCertificate + ) ) +## +## 17.1.4 Attribute certificate CRL distribution point object class +objectClass ( id-oc-attCertCRLDistributionPts + NAME 'attCertCRLDistributionPt' + DESC 'X.509 Attribute certificate CRL distribution point object class' + SUP top + AUXILIARY + MAY ( attributeCertificateRevocationList $ + attributeAuthorityRevocationList + ) ) +## +## 17.1.5 PMI delegation path +objectClass ( id-oc-pmiDelegationPath + NAME 'pmiDelegationPath' + DESC 'X.509 PMI delegation path' + SUP top + AUXILIARY + MAY ( delegationPath ) ) +## +## 17.1.6 Privilege policy object class +objectClass ( id-oc-privilegePolicy + NAME 'privilegePolicy' + DESC 'X.509 Privilege policy object class' + SUP top + AUXILIARY + MAY ( privPolicy ) ) +## +## 17.1.7 Protected privilege policy object class +objectClass ( id-oc-protectedPrivilegePolicy + NAME 'protectedPrivilegePolicy' + DESC 'X.509 Protected privilege policy object class' + SUP top + AUXILIARY + MAY ( protPrivPolicy ) ) + +@ + + +1.1 +log +@Initial revision +@ +text +@d2 1 +a2 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/pmi.schema,v 1.1.2.2 2009/01/22 00:01:14 kurt Exp $ +d5 1 +a5 1 +## Copyright 1998-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/ppolicy.schema,v b/openldap/schema/.rcs/ppolicy.schema,v new file mode 100644 index 0000000..08296ca --- /dev/null +++ b/openldap/schema/.rcs/ppolicy.schema,v @@ -0,0 +1,574 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.02.26.23.15.34; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.06.09.10.40.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 2004-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (2004). +## Please see full copyright statement below. + +# Definitions from Draft behera-ldap-password-policy-07 (a work in progress) +# Password Policy for LDAP Directories +# With extensions from Hewlett-Packard: +# pwdCheckModule etc. + +# Contents of this file are subject to change (including deletion) +# without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +#Network Working Group J. Sermersheim +#Internet-Draft Novell, Inc +#Expires: April 24, 2005 L. Poitou +# Sun Microsystems +# October 24, 2004 +# +# +# Password Policy for LDAP Directories +# draft-behera-ldap-password-policy-08.txt +# +#Status of this Memo +# +# This document is an Internet-Draft and is subject to all provisions +# of section 3 of RFC 3667. By submitting this Internet-Draft, each +# author represents that any applicable patent or other IPR claims of +# which he or she is aware have been or will be disclosed, and any of +# which he or she become aware will be disclosed, in accordance with +# RFC 3668. +# +# Internet-Drafts are working documents of the Internet Engineering +# Task Force (IETF), its areas, and its working groups. Note that +# other groups may also distribute working documents as +# Internet-Drafts. +# +# Internet-Drafts are draft documents valid for a maximum of six months +# and may be updated, replaced, or obsoleted by other documents at any +# time. It is inappropriate to use Internet-Drafts as reference +# material or to cite them other than as "work in progress." +# +# The list of current Internet-Drafts can be accessed at +# http://www.ietf.org/ietf/1id-abstracts.txt. +# +# The list of Internet-Draft Shadow Directories can be accessed at +# http://www.ietf.org/shadow.html. +# +# This Internet-Draft will expire on April 24, 2005. +# +#Copyright Notice +# +# Copyright (C) The Internet Society (2004). +# +#Abstract +# +# Password policy as described in this document is a set of rules that +# controls how passwords are used and administered in Lightweight +# Directory Access Protocol (LDAP) based directories. In order to +# improve the security of LDAP directories and make it difficult for +# password cracking programs to break into directories, it is desirable +# to enforce a set of rules on password usage. These rules are made to +# +# [trimmed] +# +#5. Schema used for Password Policy +# +# The schema elements defined here fall into two general categories. A +# password policy object class is defined which contains a set of +# administrative password policy attributes, and a set of operational +# attributes are defined that hold general password policy state +# information for each user. +# +#5.2 Attribute Types used in the pwdPolicy ObjectClass +# +# Following are the attribute types used by the pwdPolicy object class. +# +#5.2.1 pwdAttribute +# +# This holds the name of the attribute to which the password policy is +# applied. For example, the password policy may be applied to the +# userPassword attribute. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.1 + NAME 'pwdAttribute' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +#5.2.2 pwdMinAge +# +# This attribute holds the number of seconds that must elapse between +# modifications to the password. If this attribute is not present, 0 +# seconds is assumed. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.2 + NAME 'pwdMinAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.3 pwdMaxAge +# +# This attribute holds the number of seconds after which a modified +# password will expire. +# +# If this attribute is not present, or if the value is 0 the password +# does not expire. If not 0, the value must be greater than or equal +# to the value of the pwdMinAge. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.3 + NAME 'pwdMaxAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.4 pwdInHistory +# +# This attribute specifies the maximum number of used passwords stored +# in the pwdHistory attribute. +# +# If this attribute is not present, or if the value is 0, used +# passwords are not stored in the pwdHistory attribute and thus may be +# reused. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.4 + NAME 'pwdInHistory' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.5 pwdCheckQuality +# +# {TODO: Consider changing the syntax to OID. Each OID will list a +# quality rule (like min len, # of special characters, etc). These +# rules can be specified outsid ethis document.} +# +# {TODO: Note that even though this is meant to be a check that happens +# during password modification, it may also be allowed to happen during +# authN. This is useful for situations where the password is encrypted +# when modified, but decrypted when used to authN.} +# +# This attribute indicates how the password quality will be verified +# while being modified or added. If this attribute is not present, or +# if the value is '0', quality checking will not be enforced. A value +# of '1' indicates that the server will check the quality, and if the +# server is unable to check it (due to a hashed password or other +# reasons) it will be accepted. A value of '2' indicates that the +# server will check the quality, and if the server is unable to verify +# it, it will return an error refusing the password. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.5 + NAME 'pwdCheckQuality' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.6 pwdMinLength +# +# When quality checking is enabled, this attribute holds the minimum +# number of characters that must be used in a password. If this +# attribute is not present, no minimum password length will be +# enforced. If the server is unable to check the length (due to a +# hashed password or otherwise), the server will, depending on the +# value of the pwdCheckQuality attribute, either accept the password +# without checking it ('0' or '1') or refuse it ('2'). + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.6 + NAME 'pwdMinLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.7 pwdExpireWarning +# +# This attribute specifies the maximum number of seconds before a +# password is due to expire that expiration warning messages will be +# returned to an authenticating user. +# +# If this attribute is not present, or if the value is 0 no warnings +# will be returned. If not 0, the value must be smaller than the value +# of the pwdMaxAge attribute. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.7 + NAME 'pwdExpireWarning' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.8 pwdGraceAuthNLimit +# +# This attribute specifies the number of times an expired password can +# be used to authenticate. If this attribute is not present or if the +# value is 0, authentication will fail. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.8 + NAME 'pwdGraceAuthNLimit' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.9 pwdLockout +# +# This attribute indicates, when its value is "TRUE", that the password +# may not be used to authenticate after a specified number of +# consecutive failed bind attempts. The maximum number of consecutive +# failed bind attempts is specified in pwdMaxFailure. +# +# If this attribute is not present, or if the value is "FALSE", the +# password may be used to authenticate when the number of failed bind +# attempts has been reached. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.9 + NAME 'pwdLockout' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.10 pwdLockoutDuration +# +# This attribute holds the number of seconds that the password cannot +# be used to authenticate due to too many failed bind attempts. If +# this attribute is not present, or if the value is 0 the password +# cannot be used to authenticate until reset by a password +# administrator. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.10 + NAME 'pwdLockoutDuration' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.11 pwdMaxFailure +# +# This attribute specifies the number of consecutive failed bind +# attempts after which the password may not be used to authenticate. +# If this attribute is not present, or if the value is 0, this policy +# is not checked, and the value of pwdLockout will be ignored. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.11 + NAME 'pwdMaxFailure' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.12 pwdFailureCountInterval +# +# This attribute holds the number of seconds after which the password +# failures are purged from the failure counter, even though no +# successful authentication occurred. +# +# If this attribute is not present, or if its value is 0, the failure +# counter is only reset by a successful authentication. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.12 + NAME 'pwdFailureCountInterval' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.13 pwdMustChange +# +# This attribute specifies with a value of "TRUE" that users must +# change their passwords when they first bind to the directory after a +# password is set or reset by a password administrator. If this +# attribute is not present, or if the value is "FALSE", users are not +# required to change their password upon binding after the password +# administrator sets or resets the password. This attribute is not set +# due to any actions specified by this document, it is typically set by +# a password administrator after resetting a user's password. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.13 + NAME 'pwdMustChange' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.14 pwdAllowUserChange +# +# This attribute indicates whether users can change their own +# passwords, although the change operation is still subject to access +# control. If this attribute is not present, a value of "TRUE" is +# assumed. This attribute is intended to be used in the absense of an +# access control mechanism. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.14 + NAME 'pwdAllowUserChange' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.15 pwdSafeModify +# +# This attribute specifies whether or not the existing password must be +# sent along with the new password when being changed. If this +# attribute is not present, a "FALSE" value is assumed. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.15 + NAME 'pwdSafeModify' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +# HP extensions +# +# pwdCheckModule +# +# This attribute names a user-defined loadable module that provides +# a check_password() function. If pwdCheckQuality is set to '1' or '2' +# this function will be called after all of the internal password +# quality checks have been passed. The function has this prototype: +# +# int check_password( char *password, char **errormessage, void *arg ) +# +# The function should return LDAP_SUCCESS for a valid password. + +attributetype ( 1.3.6.1.4.1.4754.1.99.1 + NAME 'pwdCheckModule' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + DESC 'Loadable module that instantiates "check_password() function' + SINGLE-VALUE ) + +objectclass ( 1.3.6.1.4.1.4754.2.99.1 + NAME 'pwdPolicyChecker' + SUP top + AUXILIARY + MAY ( pwdCheckModule ) ) + +#5.1 The pwdPolicy Object Class +# +# This object class contains the attributes defining a password policy +# in effect for a set of users. Section 10 describes the +# administration of this object, and the relationship between it and +# particular objects. +# +objectclass ( 1.3.6.1.4.1.42.2.27.8.2.1 + NAME 'pwdPolicy' + SUP top + AUXILIARY + MUST ( pwdAttribute ) + MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ + pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout + $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ + pwdMustChange $ pwdAllowUserChange $ pwdSafeModify ) ) + +#5.3 Attribute Types for Password Policy State Information +# +# Password policy state information must be maintained for each user. +# The information is located in each user entry as a set of operational +# attributes. These operational attributes are: pwdChangedTime, +# pwdAccountLockedTime, pwdFailureTime, pwdHistory, pwdGraceUseTime, +# pwdReset, pwdPolicySubEntry. +# +#5.3.1 Password Policy State Attribute Option +# +# Since the password policy could apply to several attributes used to +# store passwords, each of the above operational attributes must have +# an option to specify which pwdAttribute it applies to. The password +# policy option is defined as the following: +# +# pwd- +# +# where passwordAttribute a string following the OID syntax +# (1.3.6.1.4.1.1466.115.121.1.38). The attribute type descriptor +# (short name) MUST be used. +# +# For example, if the pwdPolicy object has for pwdAttribute +# "userPassword" then the pwdChangedTime operational attribute, in a +# user entry, will be: +# +# pwdChangedTime;pwd-userPassword: 20000103121520Z +# +# This attribute option follows sub-typing semantics. If a client +# requests a password policy state attribute to be returned in a search +# operation, and does not specify an option, all subtypes of that +# policy state attribute are returned. +# +#5.3.2 pwdChangedTime +# +# This attribute specifies the last time the entry's password was +# changed. This is used by the password expiration policy. If this +# attribute does not exist, the password will never expire. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.16 +# NAME 'pwdChangedTime' +# DESC 'The time the password was last changed' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.3 pwdAccountLockedTime +# +# This attribute holds the time that the user's account was locked. A +# locked account means that the password may no longer be used to +# authenticate. A 000001010000Z value means that the account has been +# locked permanently, and that only a password administrator can unlock +# the account. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.17 +# NAME 'pwdAccountLockedTime' +# DESC 'The time an user account was locked' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.4 pwdFailureTime +# +# This attribute holds the timestamps of the consecutive authentication +# failures. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.19 +# NAME 'pwdFailureTime' +# DESC 'The timestamps of the last consecutive authentication +# failures' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# USAGE directoryOperation ) +# +#5.3.5 pwdHistory +# +# This attribute holds a history of previously used passwords. Values +# of this attribute are transmitted in string format as given by the +# following ABNF: +# +# pwdHistory = time "#" syntaxOID "#" length "#" data +# +# time = +# +# syntaxOID = numericoid ; the string representation of the +# ; dotted-decimal OID that defines the +# ; syntax used to store the password. +# ; numericoid is described in 4.1 +# ; of [RFC2252]. +# +# length = numericstring ; the number of octets in data. +# ; numericstring is described in 4.1 +# ; of [RFC2252]. +# +# data = . +# +# This format allows the server to store, and transmit a history of +# passwords that have been used. In order for equality matching to +# function properly, the time field needs to adhere to a consistent +# format. For this purpose, the time field MUST be in GMT format. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.20 +# NAME 'pwdHistory' +# DESC 'The history of user s passwords' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 +# USAGE directoryOperation ) +# +#5.3.6 pwdGraceUseTime +# +# This attribute holds the timestamps of grace authentications after a +# password has expired. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.21 +# NAME 'pwdGraceUseTime' +# DESC 'The timestamps of the grace authentication after the +# password has expired' +# EQUALITY generalizedTimeMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# +#5.3.7 pwdReset +# +# This attribute holds a flag to indicate (when TRUE) that the password +# has been updated by the password administrator and must be changed by +# the user on first authentication. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.22 +# NAME 'pwdReset' +# DESC 'The indication that the password has been reset' +# EQUALITY booleanMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.8 pwdPolicySubentry +# +# This attribute points to the pwdPolicy subentry in effect for this +# object. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.23 +# NAME 'pwdPolicySubentry' +# DESC 'The pwdPolicy subentry in effect for this object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +# +#Disclaimer of Validity +# +# This document and the information contained herein are provided on an +# "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS +# OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET +# ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, +# INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE +# INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED +# WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +# +# +#Copyright Statement +# +# Copyright (C) The Internet Society (2004). This document is subject +# to the rights, licenses and restrictions contained in BCP 78, and +# except as set forth therein, the authors retain all their rights. + +@ + + +1.1 +log +@Initial revision +@ +text +@d1 1 +a1 1 +# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.4 2009/01/22 00:01:14 kurt Exp $ +d4 1 +a4 1 +## Copyright 2004-2009 The OpenLDAP Foundation. +@ diff --git a/openldap/schema/.rcs/quota.schema,v b/openldap/schema/.rcs/quota.schema,v new file mode 100644 index 0000000..6c5936a --- /dev/null +++ b/openldap/schema/.rcs/quota.schema,v @@ -0,0 +1,42 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.05.26.02.52.57; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@## +## schema file for Unix Quotas +## Schema for storing Unix Quotas in LDAP +## OIDs are owned by Cogent Innovators, LLC +## +## 1.3.6.1.4.1.19937.1.1.x - attributetypes +## 1.3.6.1.4.1.19937.1.2.x - objectclasses +## + +attributetype ( 1.3.6.1.4.1.19937.1.1.1 NAME 'quota' + DESC 'Quotas (FileSystem:BlocksSoft,BlocksHard,InodesSoft,InodesHard)' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} ) + +objectclass ( 1.3.6.1.4.1.19937.1.2.1 NAME 'systemQuotas' SUP posixAccount AUXILIARY + DESC 'System Quotas' + MUST ( uid ) + MAY ( quota )) +@ diff --git a/openldap/schema/.rcs/samba.schema,v b/openldap/schema/.rcs/samba.schema,v new file mode 100644 index 0000000..34e0c33 --- /dev/null +++ b/openldap/schema/.rcs/samba.schema,v @@ -0,0 +1,599 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.08.19.20.35.41; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@## +## schema file for OpenLDAP 2.x +## Schema for storing Samba user accounts and group maps in LDAP +## OIDs are owned by the Samba Team +## +## Prerequisite schemas - uid (cosine.schema) +## - displayName (inetorgperson.schema) +## - gidNumber (nis.schema) +## +## 1.3.6.1.4.1.7165.2.1.x - attributetypes +## 1.3.6.1.4.1.7165.2.2.x - objectclasses +## +## Printer support +## 1.3.6.1.4.1.7165.2.3.1.x - attributetypes +## 1.3.6.1.4.1.7165.2.3.2.x - objectclasses +## +## Samba4 +## 1.3.6.1.4.1.7165.4.1.x - attributetypes +## 1.3.6.1.4.1.7165.4.2.x - objectclasses +## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls +## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations +## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track +## +## ----- READ THIS WHEN ADDING A NEW ATTRIBUTE OR OBJECT CLASS ------ +## +## Run the 'get_next_oid' bash script in this directory to find the +## next available OID for attribute type and object classes. +## +## $ ./get_next_oid +## attributetype ( 1.3.6.1.4.1.7165.2.1.XX NAME .... +## objectclass ( 1.3.6.1.4.1.7165.2.2.XX NAME .... +## +## Also ensure that new entries adhere to the declaration style +## used throughout this file +## +## ( 1.3.6.1.4.1.7165.2.XX.XX NAME .... +## ^ ^ ^ +## +## The spaces are required for the get_next_oid script (and for +## readability). +## +## ------------------------------------------------------------------ + +# objectIdentifier SambaRoot 1.3.6.1.4.1.7165 +# objectIdentifier Samba3 SambaRoot:2 +# objectIdentifier Samba3Attrib Samba3:1 +# objectIdentifier Samba3ObjectClass Samba3:2 +# objectIdentifier Samba4 SambaRoot:4 + +######################################################################## +## HISTORICAL ## +######################################################################## + +## +## Password hashes +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword' +# DESC 'LanManager Passwd' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword' +# DESC 'NT Passwd' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) + +## +## Account flags in string format ([UWDX ]) +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.4 NAME 'acctFlags' +# DESC 'Account Flags' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) + +## +## Password timestamps & policies +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.3 NAME 'pwdLastSet' +# DESC 'NT pwdLastSet' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.5 NAME 'logonTime' +# DESC 'NT logonTime' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.6 NAME 'logoffTime' +# DESC 'NT logoffTime' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.7 NAME 'kickoffTime' +# DESC 'NT kickoffTime' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.8 NAME 'pwdCanChange' +# DESC 'NT pwdCanChange' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.9 NAME 'pwdMustChange' +# DESC 'NT pwdMustChange' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +## +## string settings +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.10 NAME 'homeDrive' +# DESC 'NT homeDrive' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.11 NAME 'scriptPath' +# DESC 'NT scriptPath' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.12 NAME 'profilePath' +# DESC 'NT profilePath' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.13 NAME 'userWorkstations' +# DESC 'userWorkstations' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.17 NAME 'smbHome' +# DESC 'smbHome' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.18 NAME 'domain' +# DESC 'Windows NT domain to which the user belongs' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +## +## user and group RID +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.14 NAME 'rid' +# DESC 'NT rid' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.15 NAME 'primaryGroupID' +# DESC 'NT Group RID' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +## +## The smbPasswordEntry objectclass has been depreciated in favor of the +## sambaAccount objectclass +## +#objectclass ( 1.3.6.1.4.1.7165.2.2.1 NAME 'smbPasswordEntry' SUP top AUXILIARY +# DESC 'Samba smbpasswd entry' +# MUST ( uid $ uidNumber ) +# MAY ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags )) + +#objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL +# DESC 'Samba Account' +# MUST ( uid $ rid ) +# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ +# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ +# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ +# description $ userWorkstations $ primaryGroupID $ domain )) + +#objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY +# DESC 'Samba Auxiliary Account' +# MUST ( uid $ rid ) +# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ +# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ +# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ +# description $ userWorkstations $ primaryGroupID $ domain )) + +######################################################################## +## END OF HISTORICAL ## +######################################################################## + +####################################################################### +## Attributes used by Samba 3.0 schema ## +####################################################################### + +## +## Password hashes +## +attributetype ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' + DESC 'LanManager Password' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' + DESC 'MD4 hash of the unicode password' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) + +## +## Account flags in string format ([UWDX ]) +## +attributetype ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' + DESC 'Account Flags' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) + +## +## Password timestamps & policies +## +attributetype ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' + DESC 'Timestamp of the last password update' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' + DESC 'Timestamp of when the user is allowed to update the password' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' + DESC 'Timestamp of when the password will expire' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' + DESC 'Timestamp of last logon' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' + DESC 'Timestamp of last logoff' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' + DESC 'Timestamp of when the user will be logged off automatically' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' + DESC 'Bad password attempt count' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' + DESC 'Time of the last bad password attempt' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' + DESC 'Logon Hours' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{42} SINGLE-VALUE ) + +## +## string settings +## +attributetype ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' + DESC 'Driver letter of home directory mapping' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' + DESC 'Logon script path' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' + DESC 'Roaming profile path' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' + DESC 'List of user workstations the user is allowed to logon to' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' + DESC 'Home directory UNC path' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' + DESC 'Windows NT domain to which the user belongs' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' + DESC 'Base64 encoded user parameter string' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' + DESC 'Concatenated MD5 hashes of the salted NT passwords used on this account' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) + +## +## SID, of any type +## + +attributetype ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' + DESC 'Security ID' + EQUALITY caseIgnoreIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) + +## +## Primary group SID, compatible with ntSid +## + +attributetype ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' + DESC 'Primary Group Security ID' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' + DESC 'Security ID List' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) + +## +## group mapping attributes +## +attributetype ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' + DESC 'NT Group Type' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +## +## Store info on the domain +## + +attributetype ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' + DESC 'Next NT rid to give our for users' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' + DESC 'Next NT rid to give out for groups' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' + DESC 'Next NT rid to give out for anything' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' + DESC 'Base at which the samba RID generation algorithm should operate' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' + DESC 'Share Name' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' + DESC 'Option Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' + DESC 'A boolean option' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' + DESC 'An integer option' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' + DESC 'A string option' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption' + DESC 'A string list option' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + + +##attributetype ( 1.3.6.1.4.1.7165.2.1.50 NAME 'sambaPrivName' +## SUP name ) + +##attributetype ( 1.3.6.1.4.1.7165.2.1.52 NAME 'sambaPrivilegeList' +## DESC 'Privileges List' +## EQUALITY caseIgnoreIA5Match +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' + DESC 'Trust Password Flags' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# "min password length" +attributetype ( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' + DESC 'Minimal password length (default: 5)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "password history" +attributetype ( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' + DESC 'Length of Password History Entries (default: 0 => off)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "user must logon to change password" +attributetype ( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' + DESC 'Force Users to logon for password change (default: 0 => off, 2 => on)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "maximum password age" +attributetype ( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' + DESC 'Maximum password age, in seconds (default: -1 => never expire passwords)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "minimum password age" +attributetype ( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' + DESC 'Minimum password age, in seconds (default: 0 => allow immediate password change)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "lockout duration" +attributetype ( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' + DESC 'Lockout duration in minutes (default: 30, -1 => forever)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "reset count minutes" +attributetype ( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow' + DESC 'Reset time after lockout in minutes (default: 30)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "bad lockout attempt" +attributetype ( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' + DESC 'Lockout users after bad logon attempts (default: 0 => off)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "disconnect time" +attributetype ( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' + DESC 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "refuse machine password change" +attributetype ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' + DESC 'Allow Machine Password changes (default: 0 => off)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# +attributetype ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' + DESC 'Clear text password (used for trusted domain passwords)' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + +# +attributetype ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' + DESC 'Previous clear text password (used for trusted domain passwords)' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + + + +####################################################################### +## objectClasses used by Samba 3.0 schema ## +####################################################################### + +## The X.500 data model (and therefore LDAPv3) says that each entry can +## only have one structural objectclass. OpenLDAP 2.0 does not enforce +## this currently but will in v2.1 + +## +## added new objectclass (and OID) for 3.0 to help us deal with backwards +## compatibility with 2.2 installations (e.g. ldapsam_compat) --jerry +## +objectclass ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY + DESC 'Samba 3.0 Auxilary SAM Account' + MUST ( uid $ sambaSID ) + MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ + sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ + sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ + displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ + sambaProfilePath $ description $ sambaUserWorkstations $ + sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ + sambaBadPasswordCount $ sambaBadPasswordTime $ + sambaPasswordHistory $ sambaLogonHours)) + +## +## Group mapping info +## +objectclass ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY + DESC 'Samba Group Mapping' + MUST ( gidNumber $ sambaSID $ sambaGroupType ) + MAY ( displayName $ description $ sambaSIDList )) + +## +## Trust password for trust relationships (any kind) +## +objectclass ( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' SUP top STRUCTURAL + DESC 'Samba Trust Password' + MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags ) + MAY ( sambaSID $ sambaPwdLastSet )) + +## +## Trust password for trusted domains +## (to be stored beneath the trusting sambaDomain object in the DIT) +## +objectclass ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL + DESC 'Samba Trusted Domain Password' + MUST ( sambaDomainName $ sambaSID $ + sambaClearTextPassword $ sambaPwdLastSet ) + MAY ( sambaPreviousClearTextPassword )) + +## +## Whole-of-domain info +## +objectclass ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL + DESC 'Samba Domain Information' + MUST ( sambaDomainName $ + sambaSID ) + MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ + sambaAlgorithmicRidBase $ + sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ + sambaMaxPwdAge $ sambaMinPwdAge $ + sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ + sambaForceLogoff $ sambaRefuseMachinePwdChange )) + +## +## used for idmap_ldap module +## +objectclass ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY + DESC 'Pool for allocating UNIX uids/gids' + MUST ( uidNumber $ gidNumber ) ) + + +objectclass ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY + DESC 'Mapping from a SID to an ID' + MUST ( sambaSID ) + MAY ( uidNumber $ gidNumber ) ) + +objectclass ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL + DESC 'Structural Class for a SID' + MUST ( sambaSID ) ) + +objectclass ( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' SUP top AUXILIARY + DESC 'Samba Configuration Section' + MAY ( description ) ) + +objectclass ( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' SUP top STRUCTURAL + DESC 'Samba Share Section' + MUST ( sambaShareName ) + MAY ( description ) ) + +objectclass ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURAL + DESC 'Samba Configuration Option' + MUST ( sambaOptionName ) + MAY ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ + sambaStringListoption $ description ) ) + + +## retired during privilege rewrite +##objectclass ( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' SUP top AUXILIARY +## DESC 'Samba Privilege' +## MUST ( sambaSID ) +## MAY ( sambaPrivilegeList ) ) +@ diff --git a/openldap/schema/README b/openldap/schema/README new file mode 100644 index 0000000..e4a2012 --- /dev/null +++ b/openldap/schema/README @@ -0,0 +1,80 @@ +This directory contains user application schema definitions for use +with slapd(8). + +File Description +---- ----------- +collective.schema Collective attributes (experimental) +corba.schema Corba Object +core.schema OpenLDAP "core" +cosine.schema COSINE Pilot +duaconf.schema Client Configuration (work in progress) +dyngroup.schema Dynamic Group (experimental) +inetorgperson.schema InetOrgPerson +java.schema Java Object +misc.schema Miscellaneous Schema (experimental) +nadf.schema North American Directory Forum (obsolete) +nis.schema Network Information Service (experimental) +openldap.schema OpenLDAP Project (FYI) +ppolicy.schema Password Policy Schema (work in progress) + +Additional "generally useful" schema definitions can be submitted +using the OpenLDAP Issue Tracking System . +Submissions should include a stable reference to a mature, open +technical specification (e.g., an RFC) for the schema. + +The core.ldif and openldap.ldif files are equivalent to their +corresponding .schema files. They have been provided as examples +for use with the dynamic configuration backend. These example files +are not actually necessary since slapd will automatically convert any +included *.schema files into LDIF when converting a slapd.conf file +to a configuration database, but they serve as a model of how to +convert schema files in general. + +--- + +This notice applies to all files in this directory. + +Copyright 1998-2011 The OpenLDAP Foundation, Redwood City, California, USA +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted only as authorized by the OpenLDAP +Public License. A copy of this license is available at +http://www.OpenLDAP.org/license.html or in file LICENSE in the +top-level directory of the distribution. + +--- + +This notice applies to all schema in this directory which are derived +from RFCs and other IETF documents. + +Portions Copyright 1991-2004, The Internet Society. All Rights Reserved. + +This document and translations of it may be copied and furnished +to others, and derivative works that comment on or otherwise explain +it or assist in its implementation may be prepared, copied, published +and distributed, in whole or in part, without restriction of any +kind, provided that the above copyright notice and this paragraph +are included on all such copies and derivative works. However, +this document itself may not be modified in any way, such as by +removing the copyright notice or references to the Internet Society +or other Internet organizations, except as needed for the purpose +of developing Internet standards in which case the procedures for +copyrights defined in the Internet Standards process must be +followed, or as required to translate it into languages other than +English. + +The limited permissions granted above are perpetual and will not +be revoked by the Internet Society or its successors or assigns. + +This document and the information contained herein is provided on +an "AS IS" basis and THE AUTHORS, THE INTERNET SOCIETY, AND THE +INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE +OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY +IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR +PURPOSE. + + +--- +$OpenLDAP: pkg/ldap/servers/slapd/schema/README,v 1.29.2.6 2011/01/04 23:50:51 kurt Exp $ diff --git a/openldap/schema/amavisd-new.schema b/openldap/schema/amavisd-new.schema new file mode 100644 index 0000000..4d97d3c --- /dev/null +++ b/openldap/schema/amavisd-new.schema @@ -0,0 +1,931 @@ +#-------------------------------------------------------------------------- +# LDAP Schema for amavisd-new Jacques Supcik, PhD +#----------------------------- IP-Plus Internet Services +# Release 1.2.2 Swisscom Enterprise Solutions Ltd +# 30 May 2004 3050 Bern - Switzerland +#-------------------------------------------------------------------------- +# Copyright (c) 2004 Jacques Supcik, Swisscom Enterprise Solutions Ltd. +# Permission is granted to copy, distribute and/or modify this document +# under the terms of the GNU Free Documentation License, Version 1.2 +# or any later version published by the Free Software Foundation; +# with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. +# A copy of the license is included in the section entitled "GNU +# Free Documentation License". +#-------------------------------------------------------------------------- +# Changes made to LDAP Schema to make it import and play nicely with +# Novell NDS - Michael Tracey, SONOPRESS USA, LLC April 07 2005 +# ( uncomment each dn:, changetype:, add:, add X-NDS-NAME attribute, replace +# "attributetype" by "attributetypes:" and "objectclasse" by "objectclasses:" +# (plural,colon), and unwrap each attributetypes: and objectclasses: ) +#-------------------------------------------------------------------------- +# 1.3.6.1.4.1.15312 Jozef Stefan Institute's OID +# 1.3.6.1.4.1.15312.2 amavisd-new +# 1.3.6.1.4.1.15312.2.2 amavisd-new LDAP Elements +# 1.3.6.1.4.1.15312.2.2.1 AttributeTypes +# 1.3.6.1.4.1.15312.2.2.2 ObjectClasses +# 1.3.6.1.4.1.15312.2.2.3 Syntax Definitions +#-------------------------------------------------------------------------- + +# Attribute Types +#----------------- + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.1 + NAME 'amavisVirusLover' + DESC 'Virus Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.2 + NAME 'amavisBannedFilesLover' + DESC 'Banned Files Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.3 + NAME 'amavisBypassVirusChecks' + DESC 'Bypass Virus Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.4 + NAME 'amavisBypassSpamChecks' + DESC 'Bypass Spam Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.5 + NAME 'amavisSpamTagLevel' + DESC 'Spam Tag Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.6 + NAME 'amavisSpamTag2Level' + DESC 'Spam Tag2 Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.7 + NAME 'amavisSpamKillLevel' + DESC 'Spam Kill Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.8 + NAME 'amavisSpamModifiesSubj' + DESC 'Modifies Subject on spam - no longer in use since 2.7.0' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.9 + NAME 'amavisWhitelistSender' + DESC 'White List Sender' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.10 + NAME 'amavisBlacklistSender' + DESC 'Black List Sender' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.11 + NAME 'amavisSpamQuarantineTo' + DESC 'Spam Quarantine to' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.12 + NAME 'amavisSpamLover' + DESC 'Spam Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.13 + NAME 'amavisBadHeaderLover' + DESC 'Bad Header Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.14 + NAME 'amavisBypassBannedChecks' + DESC 'Bypass Banned Files Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.15 + NAME 'amavisBypassHeaderChecks' + DESC 'Bypass Header Check' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.16 + NAME 'amavisVirusQuarantineTo' + DESC 'Virus quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.17 + NAME 'amavisBannedQuarantineTo' + DESC 'Banned Files quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.18 + NAME 'amavisBadHeaderQuarantineTo' + DESC 'Bad Header quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.19 + NAME 'amavisLocal' + DESC 'Is user considered local' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.20 + NAME 'amavisMessageSizeLimit' + DESC 'Message size limit' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.21 + NAME 'amavisWarnVirusRecip' + DESC 'Notify virus recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.22 + NAME 'amavisWarnBannedRecip' + DESC 'Notify banned file recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.23 + NAME 'amavisWarnBadHeaderRecip' + DESC 'Notify bad header recipients' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.24 + NAME 'amavisVirusAdmin' + DESC 'Virus admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.25 + NAME 'amavisNewVirusAdmin' + DESC 'New virus admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.26 + NAME 'amavisSpamAdmin' + DESC 'Spam admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.27 + NAME 'amavisBannedAdmin' + DESC 'Banned file admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.28 + NAME 'amavisBadHeaderAdmin' + DESC 'Bad header admin' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.29 + NAME 'amavisBannedRuleNames' + DESC 'Banned rule names' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.30 + NAME 'amavisSpamDsnCutoffLevel' + DESC 'Spam DSN Cutoff Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.31 + NAME 'amavisSpamQuarantineCutoffLevel' + DESC 'Spam Quarantine Cutoff Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.32 + NAME 'amavisSpamSubjectTag' + DESC 'Spam Subject Tag' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.33 + NAME 'amavisSpamSubjectTag2' + DESC 'Spam Subject Tag2' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.34 + NAME 'amavisArchiveQuarantineTo' + DESC 'Archive quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.35 + NAME 'amavisAddrExtensionVirus' + DESC 'Address Extension for Virus' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.36 + NAME 'amavisAddrExtensionSpam' + DESC 'Address Extension for Spam' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.37 + NAME 'amavisAddrExtensionBanned' + DESC 'Address Extension for Banned' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.38 + NAME 'amavisAddrExtensionBadHeader' + DESC 'Address Extension for Bad Header' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +# NEW since 2.7.0: + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.39 + NAME 'amavisSpamTag3Level' + DESC 'Spam Tag3 Level' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.40 + NAME 'amavisSpamSubjectTag3' + DESC 'Spam Subject Tag3' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.41 + NAME 'amavisUncheckedQuarantineTo' + DESC 'Virus quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.42 + NAME 'amavisCleanQuarantineTo' + DESC 'Clean quarantine location' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.43 + NAME 'amavisUncheckedLover' + DESC 'Unchecked Files Lover' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.44 + NAME 'amavisForwardMethod' + DESC 'Forward / next hop destination' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.45 + NAME 'amavisSaUserConf' + DESC 'SpamAssassin user preferences configuration filename' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +#dn: cn=schema +#changetype: modify +#add: attributetypes +attributetype ( 1.3.6.1.4.1.15312.2.2.1.46 + NAME 'amavisSaUserName' + DESC 'SpamAssassin username (for Bayes and AWL lookups)' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + + +# Classes +#--------- + +# amavisAccount +# This class is an auxiliary class, this mean that the class will be added +# to a structural class. Usually, the structural class is the class that +# represent the mail account itself (e.g. an inetOrgPerson) + +#dn: cn=schema +#changetype: modify +#add: objectclasses +objectclass ( 1.3.6.1.4.1.15312.2.2.2.1 + NAME 'amavisAccount' AUXILIARY + DESC 'Amavisd Account' + SUP top + MAY ( amavisVirusLover $ amavisBypassVirusChecks $ + amavisSpamLover $ amavisBypassSpamChecks $ + amavisBannedFilesLover $ amavisBypassBannedChecks $ + amavisBadHeaderLover $ amavisBypassHeaderChecks $ + amavisSpamTagLevel $ amavisSpamTag2Level $ amavisSpamKillLevel $ + amavisWhitelistSender $ amavisBlacklistSender $ + amavisSpamQuarantineTo $ amavisVirusQuarantineTo $ + amavisBannedQuarantineTo $ amavisBadHeaderQuarantineTo $ + amavisArchiveQuarantineTo $ + amavisSpamModifiesSubj $ amavisLocal $ amavisMessageSizeLimit $ + amavisWarnVirusRecip $ amavisWarnBannedRecip $ + amavisWarnBadHeaderRecip $ amavisVirusAdmin $ amavisNewVirusAdmin $ + amavisSpamAdmin $ amavisBannedAdmin $ amavisBadHeaderAdmin $ + amavisBannedRuleNames $ + amavisSpamDsnCutoffLevel $ amavisSpamQuarantineCutoffLevel $ + amavisSpamSubjectTag $ amavisSpamSubjectTag2 $ + amavisAddrExtensionVirus $ amavisAddrExtensionSpam $ + amavisAddrExtensionBanned $ amavisAddrExtensionBadHeader $ + amavisSpamTag3Level $ amavisSpamSubjectTag3 $ + amavisUncheckedQuarantineTo $ amavisCleanQuarantineTo $ + amavisUncheckedLover $ amavisForwardMethod $ + amavisSaUserConf $ amavisSaUserName $ + cn $ description ) ) + +#-------------------------------------------------------------------------- +# +# GNU Free Documentation License +# Version 1.2, November 2002 +# +# +# Copyright (C) 2000,2001,2002 Free Software Foundation, Inc. +# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# Everyone is permitted to copy and distribute verbatim copies +# of this license document, but changing it is not allowed. +# +# +# 0. PREAMBLE +# +# The purpose of this License is to make a manual, textbook, or other +# functional and useful document "free" in the sense of freedom: to +# assure everyone the effective freedom to copy and redistribute it, +# with or without modifying it, either commercially or noncommercially. +# Secondarily, this License preserves for the author and publisher a way +# to get credit for their work, while not being considered responsible +# for modifications made by others. +# +# This License is a kind of "copyleft", which means that derivative +# works of the document must themselves be free in the same sense. It +# complements the GNU General Public License, which is a copyleft +# license designed for free software. +# +# We have designed this License in order to use it for manuals for free +# software, because free software needs free documentation: a free +# program should come with manuals providing the same freedoms that the +# software does. But this License is not limited to software manuals; +# it can be used for any textual work, regardless of subject matter or +# whether it is published as a printed book. We recommend this License +# principally for works whose purpose is instruction or reference. +# +# +# 1. APPLICABILITY AND DEFINITIONS +# +# This License applies to any manual or other work, in any medium, that +# contains a notice placed by the copyright holder saying it can be +# distributed under the terms of this License. Such a notice grants a +# world-wide, royalty-free license, unlimited in duration, to use that +# work under the conditions stated herein. The "Document", below, +# refers to any such manual or work. Any member of the public is a +# licensee, and is addressed as "you". You accept the license if you +# copy, modify or distribute the work in a way requiring permission +# under copyright law. +# +# A "Modified Version" of the Document means any work containing the +# Document or a portion of it, either copied verbatim, or with +# modifications and/or translated into another language. +# +# A "Secondary Section" is a named appendix or a front-matter section of +# the Document that deals exclusively with the relationship of the +# publishers or authors of the Document to the Document's overall subject +# (or to related matters) and contains nothing that could fall directly +# within that overall subject. (Thus, if the Document is in part a +# textbook of mathematics, a Secondary Section may not explain any +# mathematics.) The relationship could be a matter of historical +# connection with the subject or with related matters, or of legal, +# commercial, philosophical, ethical or political position regarding +# them. +# +# The "Invariant Sections" are certain Secondary Sections whose titles +# are designated, as being those of Invariant Sections, in the notice +# that says that the Document is released under this License. If a +# section does not fit the above definition of Secondary then it is not +# allowed to be designated as Invariant. The Document may contain zero +# Invariant Sections. If the Document does not identify any Invariant +# Sections then there are none. +# +# The "Cover Texts" are certain short passages of text that are listed, +# as Front-Cover Texts or Back-Cover Texts, in the notice that says that +# the Document is released under this License. A Front-Cover Text may +# be at most 5 words, and a Back-Cover Text may be at most 25 words. +# +# A "Transparent" copy of the Document means a machine-readable copy, +# represented in a format whose specification is available to the +# general public, that is suitable for revising the document +# straightforwardly with generic text editors or (for images composed of +# pixels) generic paint programs or (for drawings) some widely available +# drawing editor, and that is suitable for input to text formatters or +# for automatic translation to a variety of formats suitable for input +# to text formatters. A copy made in an otherwise Transparent file +# format whose markup, or absence of markup, has been arranged to thwart +# or discourage subsequent modification by readers is not Transparent. +# An image format is not Transparent if used for any substantial amount +# of text. A copy that is not "Transparent" is called "Opaque". +# +# Examples of suitable formats for Transparent copies include plain +# ASCII without markup, Texinfo input format, LaTeX input format, SGML +# or XML using a publicly available DTD, and standard-conforming simple +# HTML, PostScript or PDF designed for human modification. Examples of +# transparent image formats include PNG, XCF and JPG. Opaque formats +# include proprietary formats that can be read and edited only by +# proprietary word processors, SGML or XML for which the DTD and/or +# processing tools are not generally available, and the +# machine-generated HTML, PostScript or PDF produced by some word +# processors for output purposes only. +# +# The "Title Page" means, for a printed book, the title page itself, +# plus such following pages as are needed to hold, legibly, the material +# this License requires to appear in the title page. For works in +# formats which do not have any title page as such, "Title Page" means +# the text near the most prominent appearance of the work's title, +# preceding the beginning of the body of the text. +# +# A section "Entitled XYZ" means a named subunit of the Document whose +# title either is precisely XYZ or contains XYZ in parentheses following +# text that translates XYZ in another language. (Here XYZ stands for a +# specific section name mentioned below, such as "Acknowledgements", +# "Dedications", "Endorsements", or "History".) To "Preserve the Title" +# of such a section when you modify the Document means that it remains a +# section "Entitled XYZ" according to this definition. +# +# The Document may include Warranty Disclaimers next to the notice which +# states that this License applies to the Document. These Warranty +# Disclaimers are considered to be included by reference in this +# License, but only as regards disclaiming warranties: any other +# implication that these Warranty Disclaimers may have is void and has +# no effect on the meaning of this License. +# +# +# 2. VERBATIM COPYING +# +# You may copy and distribute the Document in any medium, either +# commercially or noncommercially, provided that this License, the +# copyright notices, and the license notice saying this License applies +# to the Document are reproduced in all copies, and that you add no other +# conditions whatsoever to those of this License. You may not use +# technical measures to obstruct or control the reading or further +# copying of the copies you make or distribute. However, you may accept +# compensation in exchange for copies. If you distribute a large enough +# number of copies you must also follow the conditions in section 3. +# +# You may also lend copies, under the same conditions stated above, and +# you may publicly display copies. +# +# +# 3. COPYING IN QUANTITY +# +# If you publish printed copies (or copies in media that commonly have +# printed covers) of the Document, numbering more than 100, and the +# Document's license notice requires Cover Texts, you must enclose the +# copies in covers that carry, clearly and legibly, all these Cover +# Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on +# the back cover. Both covers must also clearly and legibly identify +# you as the publisher of these copies. The front cover must present +# the full title with all words of the title equally prominent and +# visible. You may add other material on the covers in addition. +# Copying with changes limited to the covers, as long as they preserve +# the title of the Document and satisfy these conditions, can be treated +# as verbatim copying in other respects. +# +# If the required texts for either cover are too voluminous to fit +# legibly, you should put the first ones listed (as many as fit +# reasonably) on the actual cover, and continue the rest onto adjacent +# pages. +# +# If you publish or distribute Opaque copies of the Document numbering +# more than 100, you must either include a machine-readable Transparent +# copy along with each Opaque copy, or state in or with each Opaque copy +# a computer-network location from which the general network-using +# public has access to download using public-standard network protocols +# a complete Transparent copy of the Document, free of added material. +# If you use the latter option, you must take reasonably prudent steps, +# when you begin distribution of Opaque copies in quantity, to ensure +# that this Transparent copy will remain thus accessible at the stated +# location until at least one year after the last time you distribute an +# Opaque copy (directly or through your agents or retailers) of that +# edition to the public. +# +# It is requested, but not required, that you contact the authors of the +# Document well before redistributing any large number of copies, to give +# them a chance to provide you with an updated version of the Document. +# +# +# 4. MODIFICATIONS +# +# You may copy and distribute a Modified Version of the Document under +# the conditions of sections 2 and 3 above, provided that you release +# the Modified Version under precisely this License, with the Modified +# Version filling the role of the Document, thus licensing distribution +# and modification of the Modified Version to whoever possesses a copy +# of it. In addition, you must do these things in the Modified Version: +# +# A. Use in the Title Page (and on the covers, if any) a title distinct +# from that of the Document, and from those of previous versions +# (which should, if there were any, be listed in the History section +# of the Document). You may use the same title as a previous version +# if the original publisher of that version gives permission. +# B. List on the Title Page, as authors, one or more persons or entities +# responsible for authorship of the modifications in the Modified +# Version, together with at least five of the principal authors of the +# Document (all of its principal authors, if it has fewer than five), +# unless they release you from this requirement. +# C. State on the Title page the name of the publisher of the +# Modified Version, as the publisher. +# D. Preserve all the copyright notices of the Document. +# E. Add an appropriate copyright notice for your modifications +# adjacent to the other copyright notices. +# F. Include, immediately after the copyright notices, a license notice +# giving the public permission to use the Modified Version under the +# terms of this License, in the form shown in the Addendum below. +# G. Preserve in that license notice the full lists of Invariant Sections +# and required Cover Texts given in the Document's license notice. +# H. Include an unaltered copy of this License. +# I. Preserve the section Entitled "History", Preserve its Title, and add +# to it an item stating at least the title, year, new authors, and +# publisher of the Modified Version as given on the Title Page. If +# there is no section Entitled "History" in the Document, create one +# stating the title, year, authors, and publisher of the Document as +# given on its Title Page, then add an item describing the Modified +# Version as stated in the previous sentence. +# J. Preserve the network location, if any, given in the Document for +# public access to a Transparent copy of the Document, and likewise +# the network locations given in the Document for previous versions +# it was based on. These may be placed in the "History" section. +# You may omit a network location for a work that was published at +# least four years before the Document itself, or if the original +# publisher of the version it refers to gives permission. +# K. For any section Entitled "Acknowledgements" or "Dedications", +# Preserve the Title of the section, and preserve in the section all +# the substance and tone of each of the contributor acknowledgements +# and/or dedications given therein. +# L. Preserve all the Invariant Sections of the Document, +# unaltered in their text and in their titles. Section numbers +# or the equivalent are not considered part of the section titles. +# M. Delete any section Entitled "Endorsements". Such a section +# may not be included in the Modified Version. +# N. Do not retitle any existing section to be Entitled "Endorsements" +# or to conflict in title with any Invariant Section. +# O. Preserve any Warranty Disclaimers. +# +# If the Modified Version includes new front-matter sections or +# appendices that qualify as Secondary Sections and contain no material +# copied from the Document, you may at your option designate some or all +# of these sections as invariant. To do this, add their titles to the +# list of Invariant Sections in the Modified Version's license notice. +# These titles must be distinct from any other section titles. +# +# You may add a section Entitled "Endorsements", provided it contains +# nothing but endorsements of your Modified Version by various +# parties--for example, statements of peer review or that the text has +# been approved by an organization as the authoritative definition of a +# standard. +# +# You may add a passage of up to five words as a Front-Cover Text, and a +# passage of up to 25 words as a Back-Cover Text, to the end of the list +# of Cover Texts in the Modified Version. Only one passage of +# Front-Cover Text and one of Back-Cover Text may be added by (or +# through arrangements made by) any one entity. If the Document already +# includes a cover text for the same cover, previously added by you or +# by arrangement made by the same entity you are acting on behalf of, +# you may not add another; but you may replace the old one, on explicit +# permission from the previous publisher that added the old one. +# +# The author(s) and publisher(s) of the Document do not by this License +# give permission to use their names for publicity for or to assert or +# imply endorsement of any Modified Version. +# +# +# 5. COMBINING DOCUMENTS +# +# You may combine the Document with other documents released under this +# License, under the terms defined in section 4 above for modified +# versions, provided that you include in the combination all of the +# Invariant Sections of all of the original documents, unmodified, and +# list them all as Invariant Sections of your combined work in its +# license notice, and that you preserve all their Warranty Disclaimers. +# +# The combined work need only contain one copy of this License, and +# multiple identical Invariant Sections may be replaced with a single +# copy. If there are multiple Invariant Sections with the same name but +# different contents, make the title of each such section unique by +# adding at the end of it, in parentheses, the name of the original +# author or publisher of that section if known, or else a unique number. +# Make the same adjustment to the section titles in the list of +# Invariant Sections in the license notice of the combined work. +# +# In the combination, you must combine any sections Entitled "History" +# in the various original documents, forming one section Entitled +# "History"; likewise combine any sections Entitled "Acknowledgements", +# and any sections Entitled "Dedications". You must delete all sections +# Entitled "Endorsements". +# +# +# 6. COLLECTIONS OF DOCUMENTS +# +# You may make a collection consisting of the Document and other documents +# released under this License, and replace the individual copies of this +# License in the various documents with a single copy that is included in +# the collection, provided that you follow the rules of this License for +# verbatim copying of each of the documents in all other respects. +# +# You may extract a single document from such a collection, and distribute +# it individually under this License, provided you insert a copy of this +# License into the extracted document, and follow this License in all +# other respects regarding verbatim copying of that document. +# +# +# 7. AGGREGATION WITH INDEPENDENT WORKS +# +# A compilation of the Document or its derivatives with other separate +# and independent documents or works, in or on a volume of a storage or +# distribution medium, is called an "aggregate" if the copyright +# resulting from the compilation is not used to limit the legal rights +# of the compilation's users beyond what the individual works permit. +# When the Document is included in an aggregate, this License does not +# apply to the other works in the aggregate which are not themselves +# derivative works of the Document. +# +# If the Cover Text requirement of section 3 is applicable to these +# copies of the Document, then if the Document is less than one half of +# the entire aggregate, the Document's Cover Texts may be placed on +# covers that bracket the Document within the aggregate, or the +# electronic equivalent of covers if the Document is in electronic form. +# Otherwise they must appear on printed covers that bracket the whole +# aggregate. +# +# +# 8. TRANSLATION +# +# Translation is considered a kind of modification, so you may +# distribute translations of the Document under the terms of section 4. +# Replacing Invariant Sections with translations requires special +# permission from their copyright holders, but you may include +# translations of some or all Invariant Sections in addition to the +# original versions of these Invariant Sections. You may include a +# translation of this License, and all the license notices in the +# Document, and any Warranty Disclaimers, provided that you also include +# the original English version of this License and the original versions +# of those notices and disclaimers. In case of a disagreement between +# the translation and the original version of this License or a notice +# or disclaimer, the original version will prevail. +# +# If a section in the Document is Entitled "Acknowledgements", +# "Dedications", or "History", the requirement (section 4) to Preserve +# its Title (section 1) will typically require changing the actual +# title. +# +# +# 9. TERMINATION +# +# You may not copy, modify, sublicense, or distribute the Document except +# as expressly provided for under this License. Any other attempt to +# copy, modify, sublicense or distribute the Document is void, and will +# automatically terminate your rights under this License. However, +# parties who have received copies, or rights, from you under this +# License will not have their licenses terminated so long as such +# parties remain in full compliance. +# +# +# 10. FUTURE REVISIONS OF THIS LICENSE +# +# The Free Software Foundation may publish new, revised versions +# of the GNU Free Documentation License from time to time. Such new +# versions will be similar in spirit to the present version, but may +# differ in detail to address new problems or concerns. See +# http://www.gnu.org/copyleft/. +# +# Each version of the License is given a distinguishing version number. +# If the Document specifies that a particular numbered version of this +# License "or any later version" applies to it, you have the option of +# following the terms and conditions either of that specified version or +# of any later version that has been published (not as a draft) by the +# Free Software Foundation. If the Document does not specify a version +# number of this License, you may choose any version ever published (not +# as a draft) by the Free Software Foundation. diff --git a/openldap/schema/authldap.schema b/openldap/schema/authldap.schema new file mode 100644 index 0000000..4df51a0 --- /dev/null +++ b/openldap/schema/authldap.schema @@ -0,0 +1,100 @@ +#$Id: authldap.schema,v 1.2 2010/05/10 15:34:23 root Exp $ +# +# OID prefix: 1.3.6.1.4.1.10018 +# +# Attributes: 1.3.6.1.4.1.10018.1.1 +# +# Depends on: nis.schema, which depends on cosine.schema + +attributetype ( 1.3.6.1.4.1.10018.1.1.1 NAME 'mailbox' + DESC 'The absolute path to the mailbox for a mail account in a non-default location' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.2 NAME 'quota' + DESC 'A string that represents the quota on a mailbox' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.3 NAME 'clearPassword' + DESC 'A separate text that stores the mail account password in clear text' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128}) + +attributetype ( 1.3.6.1.4.1.10018.1.1.4 NAME 'maildrop' + DESC 'RFC822 Mailbox - mail alias' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.5 NAME 'mailsource' + DESC 'Message source' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.6 NAME 'virtualdomain' + DESC 'A mail domain that is mapped to a single mail account' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.7 NAME 'virtualdomainuser' + DESC 'Mailbox that receives mail for a mail domain' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.8 NAME 'defaultdelivery' + DESC 'Default mail delivery instructions' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.9 NAME 'disableimap' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.10 NAME 'disablepop3' + DESC 'Set this attribute to 1 to disable POP3 access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.11 NAME 'disablewebmail' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.12 NAME 'sharedgroup' + DESC 'Virtual shared group' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.13 NAME 'disableshared' + DESC 'Set this attribute to 1 to disable shared mailbox usage' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#attributetype ( 1.3.6.1.4.1.10018.1.1.14 NAME 'mailhost' +# DESC 'Host to which incoming POP/IMAP connections should be proxied' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# +# Objects: 1.3.6.1.4.1.10018.1.2 +# + +objectclass ( 1.3.6.1.4.1.10018.1.2.1 NAME 'CourierMailAccount' SUP top AUXILIARY + DESC 'Mail account object as used by the Courier mail server' + MUST ( mail $ homeDirectory ) + MAY ( uidNumber $ gidNumber $ mailbox $ uid $ cn $ gecos $ description $ loginShell $ quota $ userPassword $ clearPassword $ defaultdelivery $ disableimap $ disablepop3 $ disablewebmail $ sharedgroup $ disableshared $ mailHost) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.2 NAME 'CourierMailAlias' SUP top AUXILIARY + DESC 'Mail aliasing/forwarding entry' + MUST ( mail $ maildrop ) + MAY ( mailsource $ description ) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.3 NAME 'CourierDomainAlias' SUP top AUXILIARY + DESC 'Domain mail aliasing/forwarding entry' + MUST ( virtualdomain $ virtualdomainuser ) + MAY ( mailsource $ description ) ) diff --git a/openldap/schema/authldap.schema.default b/openldap/schema/authldap.schema.default new file mode 100644 index 0000000..802b18c --- /dev/null +++ b/openldap/schema/authldap.schema.default @@ -0,0 +1,103 @@ +#$Id: authldap.schema,v 1.9 2009/12/18 04:24:20 mrsam Exp $ +# +# OID prefix: 1.3.6.1.4.1.10018 +# +# Attributes: 1.3.6.1.4.1.10018.1.1 +# +# Depends on: nis.schema, which depends on cosine.schema + +attributetype ( 1.3.6.1.4.1.10018.1.1.1 NAME 'mailbox' + DESC 'The absolute path to the mailbox for a mail account in a non-default location' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.2 NAME 'quota' + DESC 'A string that represents the quota on a mailbox' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.3 NAME 'clearPassword' + DESC 'A separate text that stores the mail account password in clear text' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.4 NAME 'maildrop' + DESC 'RFC822 Mailbox - mail alias' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.5 NAME 'mailsource' + DESC 'Message source' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.6 NAME 'virtualdomain' + DESC 'A mail domain that is mapped to a single mail account' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.7 NAME 'virtualdomainuser' + DESC 'Mailbox that receives mail for a mail domain' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.8 NAME 'defaultdelivery' + DESC 'Default mail delivery instructions' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.9 NAME 'disableimap' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.10 NAME 'disablepop3' + DESC 'Set this attribute to 1 to disable POP3 access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.11 NAME 'disablewebmail' + DESC 'Set this attribute to 1 to disable IMAP access' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.12 NAME 'sharedgroup' + DESC 'Virtual shared group' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.4.1.10018.1.1.13 NAME 'disableshared' + DESC 'Set this attribute to 1 to disable shared mailbox usage' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#attributetype ( 1.3.6.1.4.1.10018.1.1.14 NAME 'mailhost' +# DESC 'Host to which incoming POP/IMAP connections should be proxied' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) +# +# +# Objects: 1.3.6.1.4.1.10018.1.2 +# + +objectclass ( 1.3.6.1.4.1.10018.1.2.1 NAME 'CourierMailAccount' + DESC 'Mail account object as used by the Courier mail server' + SUP top AUXILIARY + MUST ( mail $ homeDirectory ) + MAY ( uidNumber $ gidNumber $ mailbox $ uid $ cn $ gecos $ description $ loginShell $ quota $ userPassword $ clearPassword $ defaultdelivery $ disableimap $ disablepop3 $ disablewebmail $ sharedgroup $ disableshared $ mailhost ) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.2 NAME 'CourierMailAlias' + DESC 'Mail aliasing/forwarding entry' + SUP top AUXILIARY + MUST ( mail $ maildrop ) + MAY ( mailsource $ description ) ) + +objectclass ( 1.3.6.1.4.1.10018.1.2.3 NAME 'CourierDomainAlias' + DESC 'Domain mail aliasing/forwarding entry' + SUP top AUXILIARY + MUST ( virtualdomain $ virtualdomainuser ) + MAY ( mailsource $ description ) ) diff --git a/openldap/schema/collective.schema b/openldap/schema/collective.schema new file mode 100644 index 0000000..15c8194 --- /dev/null +++ b/openldap/schema/collective.schema @@ -0,0 +1,190 @@ +# collective.schema -- Collective attribute schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (2003). +## Please see full copyright statement below. + +# From RFC 3671 [portions trimmed]: +# Collective Attributes in LDAP + +#Abstract +# +# X.500 collective attributes allow common characteristics to be shared +# between collections of entries. This document summarizes the X.500 +# information model for collective attributes and describes use of +# collective attributes in LDAP (Lightweight Directory Access Protocol). +# This document provides schema definitions for collective attributes +# for use in LDAP. + +#3. Collective Attribute Types +# +# A userApplications attribute type can be defined to be COLLECTIVE +# [RFC2252]. This indicates that the same attribute values will appear +# in the entries of an entry collection subject to the use of the +# collectiveExclusions attribute and other administrative controls. +# +# Collective attribute types are commonly defined as subtypes of non- +# collective attribute types. By convention, collective attributes are +# named by prefixing the name of their non-collective supertype with +# "c-". For example, the collective telephone attribute is named +# c-TelephoneNumber after its non-collective supertype telephoneNumber. +# +# Non-collective attributes types SHALL NOT subtype collective +# attributes. +# +# Collective attributes SHALL NOT be SINGLE-VALUED. Collective +# attribute types SHALL NOT appear in the attribute types of an object +# class definition. +# +# Operational attributes SHALL NOT be defined to be collective. +# +# The remainder of section provides a summary of collective attributes +# derived from those defined in [X.520]. Implementations of this +# specification SHOULD support the following collective attributes and +# MAY support additional collective attributes. +# +# +#3.1. Collective Locality Name +# +# The c-l attribute type specifies a locality name for a collection of +# entries. +# +attributeType ( 2.5.4.7.1 NAME 'c-l' + SUP l COLLECTIVE ) +# +# +#3.2. Collective State or Province Name +# +# The c-st attribute type specifies a state or province name for a +# collection of entries. +# +attributeType ( 2.5.4.8.1 NAME 'c-st' + SUP st COLLECTIVE ) +# +# +#3.3. Collective Street Address +# +# The c-street attribute type specifies a street address for a +# collection of entries. +# +attributeType ( 2.5.4.9.1 NAME 'c-street' + SUP street COLLECTIVE ) +# +# +#3.4. Collective Organization Name +# +# The c-o attribute type specifies an organization name for a collection +# of entries. +# +attributeType ( 2.5.4.10.1 NAME 'c-o' + SUP o COLLECTIVE ) +# +# +#3.5. Collective Organizational Unit Name +# +# The c-ou attribute type specifies an organizational unit name for a +# collection of entries. +# +attributeType ( 2.5.4.11.1 NAME 'c-ou' + SUP ou COLLECTIVE ) +# +# +#3.6. Collective Postal Address +# +# The c-PostalAddress attribute type specifies a postal address for a +# collection of entries. +# +attributeType ( 2.5.4.16.1 NAME 'c-PostalAddress' + SUP postalAddress COLLECTIVE ) +# +# +#3.7. Collective Postal Code +# +# The c-PostalCode attribute type specifies a postal code for a +# collection of entries. +# +attributeType ( 2.5.4.17.1 NAME 'c-PostalCode' + SUP postalCode COLLECTIVE ) +# +# +#3.8. Collective Post Office Box +# +# The c-PostOfficeBox attribute type specifies a post office box for a +# collection of entries. +# +attributeType ( 2.5.4.18.1 NAME 'c-PostOfficeBox' + SUP postOfficeBox COLLECTIVE ) +# +# +#3.9. Collective Physical Delivery Office Name +# +# The c-PhysicalDeliveryOfficeName attribute type specifies a physical +# delivery office name for a collection of entries. +# +attributeType ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName' + SUP physicalDeliveryOfficeName COLLECTIVE ) +# +# +#3.10. Collective Telephone Number +# +# The c-TelephoneNumber attribute type specifies a telephone number for +# a collection of entries. +# +attributeType ( 2.5.4.20.1 NAME 'c-TelephoneNumber' + SUP telephoneNumber COLLECTIVE ) +# +# +#3.11. Collective Telex Number +# +# The c-TelexNumber attribute type specifies a telex number for a +# collection of entries. +# +attributeType ( 2.5.4.21.1 NAME 'c-TelexNumber' + SUP telexNumber COLLECTIVE ) +# +# +#3.13. Collective Facsimile Telephone Number +# +# The c-FacsimileTelephoneNumber attribute type specifies a facsimile +# telephone number for a collection of entries. +# +attributeType ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber' + SUP facsimileTelephoneNumber COLLECTIVE ) +# +# +#3.14. Collective International ISDN Number +# +# The c-InternationalISDNNumber attribute type specifies an +# international ISDN number for a collection of entries. +# +attributeType ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber' + SUP internationalISDNNumber COLLECTIVE ) + +# Full Copyright +# +# Copyright (C) The Internet Society (2003). All Rights Reserved. +# +# This document and translations of it may be copied and furnished +# to others, and derivative works that comment on or otherwise explain +# it or assist in its implmentation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph +# are included on all such copies and derivative works. However, +# this document itself may not be modified in any way, such as by +# removing the copyright notice or references to the Internet Society +# or other Internet organizations, except as needed for the purpose +# of developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be followed, +# or as required to translate it into languages other than English. diff --git a/openldap/schema/collective.schema.default b/openldap/schema/collective.schema.default new file mode 100644 index 0000000..9160f70 --- /dev/null +++ b/openldap/schema/collective.schema.default @@ -0,0 +1,190 @@ +# collective.schema -- Collective attribute schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.5 2010/04/13 20:23:47 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (2003). +## Please see full copyright statement below. + +# From RFC 3671 [portions trimmed]: +# Collective Attributes in LDAP + +#Abstract +# +# X.500 collective attributes allow common characteristics to be shared +# between collections of entries. This document summarizes the X.500 +# information model for collective attributes and describes use of +# collective attributes in LDAP (Lightweight Directory Access Protocol). +# This document provides schema definitions for collective attributes +# for use in LDAP. + +#3. Collective Attribute Types +# +# A userApplications attribute type can be defined to be COLLECTIVE +# [RFC2252]. This indicates that the same attribute values will appear +# in the entries of an entry collection subject to the use of the +# collectiveExclusions attribute and other administrative controls. +# +# Collective attribute types are commonly defined as subtypes of non- +# collective attribute types. By convention, collective attributes are +# named by prefixing the name of their non-collective supertype with +# "c-". For example, the collective telephone attribute is named +# c-TelephoneNumber after its non-collective supertype telephoneNumber. +# +# Non-collective attributes types SHALL NOT subtype collective +# attributes. +# +# Collective attributes SHALL NOT be SINGLE-VALUED. Collective +# attribute types SHALL NOT appear in the attribute types of an object +# class definition. +# +# Operational attributes SHALL NOT be defined to be collective. +# +# The remainder of section provides a summary of collective attributes +# derived from those defined in [X.520]. Implementations of this +# specification SHOULD support the following collective attributes and +# MAY support additional collective attributes. +# +# +#3.1. Collective Locality Name +# +# The c-l attribute type specifies a locality name for a collection of +# entries. +# +attributeType ( 2.5.4.7.1 NAME 'c-l' + SUP l COLLECTIVE ) +# +# +#3.2. Collective State or Province Name +# +# The c-st attribute type specifies a state or province name for a +# collection of entries. +# +attributeType ( 2.5.4.8.1 NAME 'c-st' + SUP st COLLECTIVE ) +# +# +#3.3. Collective Street Address +# +# The c-street attribute type specifies a street address for a +# collection of entries. +# +attributeType ( 2.5.4.9.1 NAME 'c-street' + SUP street COLLECTIVE ) +# +# +#3.4. Collective Organization Name +# +# The c-o attribute type specifies an organization name for a collection +# of entries. +# +attributeType ( 2.5.4.10.1 NAME 'c-o' + SUP o COLLECTIVE ) +# +# +#3.5. Collective Organizational Unit Name +# +# The c-ou attribute type specifies an organizational unit name for a +# collection of entries. +# +attributeType ( 2.5.4.11.1 NAME 'c-ou' + SUP ou COLLECTIVE ) +# +# +#3.6. Collective Postal Address +# +# The c-PostalAddress attribute type specifies a postal address for a +# collection of entries. +# +attributeType ( 2.5.4.16.1 NAME 'c-PostalAddress' + SUP postalAddress COLLECTIVE ) +# +# +#3.7. Collective Postal Code +# +# The c-PostalCode attribute type specifies a postal code for a +# collection of entries. +# +attributeType ( 2.5.4.17.1 NAME 'c-PostalCode' + SUP postalCode COLLECTIVE ) +# +# +#3.8. Collective Post Office Box +# +# The c-PostOfficeBox attribute type specifies a post office box for a +# collection of entries. +# +attributeType ( 2.5.4.18.1 NAME 'c-PostOfficeBox' + SUP postOfficeBox COLLECTIVE ) +# +# +#3.9. Collective Physical Delivery Office Name +# +# The c-PhysicalDeliveryOfficeName attribute type specifies a physical +# delivery office name for a collection of entries. +# +attributeType ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName' + SUP physicalDeliveryOfficeName COLLECTIVE ) +# +# +#3.10. Collective Telephone Number +# +# The c-TelephoneNumber attribute type specifies a telephone number for +# a collection of entries. +# +attributeType ( 2.5.4.20.1 NAME 'c-TelephoneNumber' + SUP telephoneNumber COLLECTIVE ) +# +# +#3.11. Collective Telex Number +# +# The c-TelexNumber attribute type specifies a telex number for a +# collection of entries. +# +attributeType ( 2.5.4.21.1 NAME 'c-TelexNumber' + SUP telexNumber COLLECTIVE ) +# +# +#3.13. Collective Facsimile Telephone Number +# +# The c-FacsimileTelephoneNumber attribute type specifies a facsimile +# telephone number for a collection of entries. +# +attributeType ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber' + SUP facsimileTelephoneNumber COLLECTIVE ) +# +# +#3.14. Collective International ISDN Number +# +# The c-InternationalISDNNumber attribute type specifies an +# international ISDN number for a collection of entries. +# +attributeType ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber' + SUP internationalISDNNumber COLLECTIVE ) + +# Full Copyright +# +# Copyright (C) The Internet Society (2003). All Rights Reserved. +# +# This document and translations of it may be copied and furnished +# to others, and derivative works that comment on or otherwise explain +# it or assist in its implmentation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph +# are included on all such copies and derivative works. However, +# this document itself may not be modified in any way, such as by +# removing the copyright notice or references to the Internet Society +# or other Internet organizations, except as needed for the purpose +# of developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be followed, +# or as required to translate it into languages other than English. diff --git a/openldap/schema/corba.schema b/openldap/schema/corba.schema new file mode 100644 index 0000000..a5800b6 --- /dev/null +++ b/openldap/schema/corba.schema @@ -0,0 +1,239 @@ +# corba.schema -- Corba Object Schema +# depends upon core.schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.6 2011/01/04 23:50:51 kurt Exp $ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1999). +## Please see full copyright statement below. + + +# Network Working Group V. Ryan +# Request for Comments: 2714 R. Lee +# Category: Informational S. Seligman +# Sun Microsystems, Inc. +# October 1999 +# +# +# Schema for Representing CORBA Object References in an LDAP Directory +# +# Status of this Memo +# +# This memo provides information for the Internet community. It does +# not specify an Internet standard of any kind. Distribution of this +# memo is unlimited. +# +# Copyright Notice +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# Abstract +# +# CORBA [CORBA] is the Common Object Request Broker Architecture +# defined by the Object Management Group. This document defines the +# schema for representing CORBA object references in an LDAP directory +# [LDAPv3]. +# +# [trimmed] + +# 3. Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# corbaIor +# corbaRepositoryId +# +# 3.1 corbaIor +# +# This attribute stores the string representation of the interoperable +# object reference (IOR) for a CORBA object. An IOR is an opaque handle +# for the object which contains the information necessary to locate the +# object, even if the object is in another ORB. +# +# This attribute's syntax is 'IA5 String' and its case is +# insignificant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.14 +# NAME 'corbaIor' +# DESC 'Stringified interoperable object reference of a CORBA object' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.14 + NAME 'corbaIor' + DESC 'Stringified interoperable object reference of a CORBA object' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +# 3.2 corbaRepositoryId +# +# Each CORBA interface has a unique "repository id" (also called "type +# id") that identifies the interface. A CORBA object has one or more +# repository ids, one for each interface that it implements. +# +# The format of a repository id can be any string, but the OMG +# specifies four standard formats: +# +# a. IDL-style +# +# IDL:Prefix/ModuleName/InterfaceName:VersionNumber +# +# For example, the repository id for the "NamingContext" in OMG's COS +# Naming module is: "IDL:omg.org/CosNaming/NamingContext:1.0". +# +# b. RMI-style +# +# RMI:ClassName:HashCode[:SUID] +# +# This format is used by RMI-IIOP remote objects [RMI-IIOP]. +# "ClassName" is the fully qualified name of the class (for example, +# "java.lang.String"). "HashCode" is the object's hash code (that is, +# that obtained by invoking the "hashCode()" method). "SUID" is the +# "stream unique identifier", which is a 64-bit number that uniquely +# identifies the serialization version of the class; SUID is optional +# in the repository id. +# +# c. DCE-style +# +# DCE:UUID +# +# This format is used for DCE/CORBA interoperability [CORBA-DCE]. +# "UUID" represents a DCE UUID. +# +# d. "local" +# +# This format is defined by the local Object Request Broker (ORB). +# +# The corbaRepositoryId attribute is a multivalued attribute; each +# value records a single repository id of an interface implemented by +# the CORBA object. This attribute need not contain a complete list of +# the interfaces implemented by the CORBA object. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. The values of this attribute are encoded using UTF-8. +# Some values may require translation from their native representation +# in order to be correctly encoded using UTF-8. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.15 +# NAME 'corbaRepositoryId' +# DESC 'Repository ids of interfaces implemented by a CORBA object' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.15 + NAME 'corbaRepositoryId' + DESC 'Repository ids of interfaces implemented by a CORBA object' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 4. Object Class Definitions +# +# The following object classes are defined in this document: +# +# corbaContainer +# corbaObject +# corbaObjectReference +# +# 4.1 corbaContainer +# +# This structural object class represents a container for a CORBA +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.10 +# NAME 'corbaContainer' +# DESC 'Container for a CORBA object' +# SUP top +# STRUCTURAL +# MUST ( cn ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.10 + NAME 'corbaContainer' + DESC 'Container for a CORBA object' + SUP top + STRUCTURAL + MUST cn ) + +# 4.2 corbaObject +# +# This abstract object class is the root class for representing a CORBA +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.9 +# NAME 'corbaObject' +# DESC 'CORBA object representation' +# SUP top +# ABSTRACT +# MAY ( corbaRepositoryId $ description ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.9 + NAME 'corbaObject' + DESC 'CORBA object representation' + SUP top + ABSTRACT + MAY ( corbaRepositoryId $ description ) ) + +# 4.3 corbaObjectReference +# +# This auxiliary object class represents a CORBA object reference. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.11 +# NAME 'corbaObjectReference' +# DESC 'CORBA interoperable object reference' +# SUP corbaObject +# AUXILIARY +# MUST ( corbaIor ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.11 + NAME 'corbaObjectReference' + DESC 'CORBA interoperable object reference' + SUP corbaObject + AUXILIARY + MUST corbaIor ) + +# 10. Full Copyright Statement +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# This document and translations of it may be copied and furnished to +# others, and derivative works that comment on or otherwise explain it +# or assist in its implementation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph are +# included on all such copies and derivative works. However, this +# document itself may not be modified in any way, such as by removing +# the copyright notice or references to the Internet Society or other +# Internet organizations, except as needed for the purpose of +# developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be +# followed, or as required to translate it into languages other than +# English. +# +# The limited permissions granted above are perpetual and will not be +# revoked by the Internet Society or its successors or assigns. +# +# This document and the information contained herein is provided on an +# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. diff --git a/openldap/schema/corba.schema.default b/openldap/schema/corba.schema.default new file mode 100644 index 0000000..9791679 --- /dev/null +++ b/openldap/schema/corba.schema.default @@ -0,0 +1,239 @@ +# corba.schema -- Corba Object Schema +# depends upon core.schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.5 2010/04/13 20:23:47 kurt Exp $ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.5 2010/04/13 20:23:47 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1999). +## Please see full copyright statement below. + + +# Network Working Group V. Ryan +# Request for Comments: 2714 R. Lee +# Category: Informational S. Seligman +# Sun Microsystems, Inc. +# October 1999 +# +# +# Schema for Representing CORBA Object References in an LDAP Directory +# +# Status of this Memo +# +# This memo provides information for the Internet community. It does +# not specify an Internet standard of any kind. Distribution of this +# memo is unlimited. +# +# Copyright Notice +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# Abstract +# +# CORBA [CORBA] is the Common Object Request Broker Architecture +# defined by the Object Management Group. This document defines the +# schema for representing CORBA object references in an LDAP directory +# [LDAPv3]. +# +# [trimmed] + +# 3. Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# corbaIor +# corbaRepositoryId +# +# 3.1 corbaIor +# +# This attribute stores the string representation of the interoperable +# object reference (IOR) for a CORBA object. An IOR is an opaque handle +# for the object which contains the information necessary to locate the +# object, even if the object is in another ORB. +# +# This attribute's syntax is 'IA5 String' and its case is +# insignificant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.14 +# NAME 'corbaIor' +# DESC 'Stringified interoperable object reference of a CORBA object' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.14 + NAME 'corbaIor' + DESC 'Stringified interoperable object reference of a CORBA object' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +# 3.2 corbaRepositoryId +# +# Each CORBA interface has a unique "repository id" (also called "type +# id") that identifies the interface. A CORBA object has one or more +# repository ids, one for each interface that it implements. +# +# The format of a repository id can be any string, but the OMG +# specifies four standard formats: +# +# a. IDL-style +# +# IDL:Prefix/ModuleName/InterfaceName:VersionNumber +# +# For example, the repository id for the "NamingContext" in OMG's COS +# Naming module is: "IDL:omg.org/CosNaming/NamingContext:1.0". +# +# b. RMI-style +# +# RMI:ClassName:HashCode[:SUID] +# +# This format is used by RMI-IIOP remote objects [RMI-IIOP]. +# "ClassName" is the fully qualified name of the class (for example, +# "java.lang.String"). "HashCode" is the object's hash code (that is, +# that obtained by invoking the "hashCode()" method). "SUID" is the +# "stream unique identifier", which is a 64-bit number that uniquely +# identifies the serialization version of the class; SUID is optional +# in the repository id. +# +# c. DCE-style +# +# DCE:UUID +# +# This format is used for DCE/CORBA interoperability [CORBA-DCE]. +# "UUID" represents a DCE UUID. +# +# d. "local" +# +# This format is defined by the local Object Request Broker (ORB). +# +# The corbaRepositoryId attribute is a multivalued attribute; each +# value records a single repository id of an interface implemented by +# the CORBA object. This attribute need not contain a complete list of +# the interfaces implemented by the CORBA object. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. The values of this attribute are encoded using UTF-8. +# Some values may require translation from their native representation +# in order to be correctly encoded using UTF-8. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.15 +# NAME 'corbaRepositoryId' +# DESC 'Repository ids of interfaces implemented by a CORBA object' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.15 + NAME 'corbaRepositoryId' + DESC 'Repository ids of interfaces implemented by a CORBA object' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 4. Object Class Definitions +# +# The following object classes are defined in this document: +# +# corbaContainer +# corbaObject +# corbaObjectReference +# +# 4.1 corbaContainer +# +# This structural object class represents a container for a CORBA +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.10 +# NAME 'corbaContainer' +# DESC 'Container for a CORBA object' +# SUP top +# STRUCTURAL +# MUST ( cn ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.10 + NAME 'corbaContainer' + DESC 'Container for a CORBA object' + SUP top + STRUCTURAL + MUST cn ) + +# 4.2 corbaObject +# +# This abstract object class is the root class for representing a CORBA +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.9 +# NAME 'corbaObject' +# DESC 'CORBA object representation' +# SUP top +# ABSTRACT +# MAY ( corbaRepositoryId $ description ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.9 + NAME 'corbaObject' + DESC 'CORBA object representation' + SUP top + ABSTRACT + MAY ( corbaRepositoryId $ description ) ) + +# 4.3 corbaObjectReference +# +# This auxiliary object class represents a CORBA object reference. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.11 +# NAME 'corbaObjectReference' +# DESC 'CORBA interoperable object reference' +# SUP corbaObject +# AUXILIARY +# MUST ( corbaIor ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.11 + NAME 'corbaObjectReference' + DESC 'CORBA interoperable object reference' + SUP corbaObject + AUXILIARY + MUST corbaIor ) + +# 10. Full Copyright Statement +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# This document and translations of it may be copied and furnished to +# others, and derivative works that comment on or otherwise explain it +# or assist in its implementation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph are +# included on all such copies and derivative works. However, this +# document itself may not be modified in any way, such as by removing +# the copyright notice or references to the Internet Society or other +# Internet organizations, except as needed for the purpose of +# developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be +# followed, or as required to translate it into languages other than +# English. +# +# The limited permissions granted above are perpetual and will not be +# revoked by the Internet Society or its successors or assigns. +# +# This document and the information contained herein is provided on an +# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. diff --git a/openldap/schema/core.ldif b/openldap/schema/core.ldif new file mode 100644 index 0000000..56a94ad --- /dev/null +++ b/openldap/schema/core.ldif @@ -0,0 +1,591 @@ +# OpenLDAP Core schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.ldif,v 1.2.2.8 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2003). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +# +# +# +# Includes LDAPv3 schema items from: +# RFC 2252/2256 (LDAPv3) +# +# Select standard track schema items: +# RFC 1274 (uid/dc) +# RFC 2079 (URI) +# RFC 2247 (dc/dcObject) +# RFC 2587 (PKI) +# RFC 2589 (Dynamic Directory Services) +# +# Select informational schema items: +# RFC 2377 (uidObject) +# +# +# Standard attribute types from RFC 2256 +# +dn: cn=core,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: core +# +# system schema +#olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' +# DESC 'RFC2256: object classes of the entity' +# EQUALITY objectIdentifierMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) +# DESC 'RFC2256: name of aliased object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) +# +olcAttributeTypes: ( 2.5.4.2 NAME 'knowledgeInformation' + DESC 'RFC2256: knowledge information' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) +# DESC 'RFC2256: common name(s) for which the entity is known by' +# SUP name ) +# +olcAttributeTypes: ( 2.5.4.4 NAME ( 'sn' 'surname' ) + DESC 'RFC2256: last (family) name(s) for which the entity is known by' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.5 NAME 'serialNumber' + DESC 'RFC2256: serial number of the entity' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) +# +# RFC 4519 definition ('countryName' in X.500 and RFC2256) +olcAttributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' ) + DESC 'RFC4519: two-letter ISO-3166 country code' + SUP name + SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 + SINGLE-VALUE ) +# +olcAttributeTypes: ( 2.5.4.7 NAME ( 'l' 'localityName' ) + DESC 'RFC2256: locality which this object resides in' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) + DESC 'RFC2256: state or province which this object resides in' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) + DESC 'RFC2256: street address of this object' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +# +olcAttributeTypes: ( 2.5.4.10 NAME ( 'o' 'organizationName' ) + DESC 'RFC2256: organization this object belongs to' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) + DESC 'RFC2256: organizational unit this object belongs to' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.12 NAME 'title' + DESC 'RFC2256: title associated with the entity' + SUP name ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.13 NAME 'description' +# DESC 'RFC2256: descriptive information' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) +# +# Deprecated by enhancedSearchGuide +olcAttributeTypes: ( 2.5.4.14 NAME 'searchGuide' + DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) +# +olcAttributeTypes: ( 2.5.4.15 NAME 'businessCategory' + DESC 'RFC2256: business category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +# +olcAttributeTypes: ( 2.5.4.16 NAME 'postalAddress' + DESC 'RFC2256: postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) +# +olcAttributeTypes: ( 2.5.4.17 NAME 'postalCode' + DESC 'RFC2256: postal code' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) +# +olcAttributeTypes: ( 2.5.4.18 NAME 'postOfficeBox' + DESC 'RFC2256: Post Office Box' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) +# +olcAttributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' + DESC 'RFC2256: Physical Delivery Office Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +# +olcAttributeTypes: ( 2.5.4.20 NAME 'telephoneNumber' + DESC 'RFC2256: Telephone Number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) +# +olcAttributeTypes: ( 2.5.4.21 NAME 'telexNumber' + DESC 'RFC2256: Telex Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) +# +olcAttributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier' + DESC 'RFC2256: Teletex Terminal Identifier' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) +# +olcAttributeTypes: ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) + DESC 'RFC2256: Facsimile (Fax) Telephone Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) +# +olcAttributeTypes: ( 2.5.4.24 NAME 'x121Address' + DESC 'RFC2256: X.121 Address' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) +# +olcAttributeTypes: ( 2.5.4.25 NAME 'internationaliSDNNumber' + DESC 'RFC2256: international ISDN number' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) +# +olcAttributeTypes: ( 2.5.4.26 NAME 'registeredAddress' + DESC 'RFC2256: registered postal address' + SUP postalAddress + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) +# +olcAttributeTypes: ( 2.5.4.27 NAME 'destinationIndicator' + DESC 'RFC2256: destination indicator' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) +# +olcAttributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod' + DESC 'RFC2256: preferred delivery method' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 + SINGLE-VALUE ) +# +olcAttributeTypes: ( 2.5.4.29 NAME 'presentationAddress' + DESC 'RFC2256: presentation address' + EQUALITY presentationAddressMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 + SINGLE-VALUE ) +# +olcAttributeTypes: ( 2.5.4.30 NAME 'supportedApplicationContext' + DESC 'RFC2256: supported application context' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) +# +olcAttributeTypes: ( 2.5.4.31 NAME 'member' + DESC 'RFC2256: member of a group' + SUP distinguishedName ) +# +olcAttributeTypes: ( 2.5.4.32 NAME 'owner' + DESC 'RFC2256: owner (of the object)' + SUP distinguishedName ) +# +olcAttributeTypes: ( 2.5.4.33 NAME 'roleOccupant' + DESC 'RFC2256: occupant of role' + SUP distinguishedName ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' +# DESC 'RFC2256: DN of related object' +# SUP distinguishedName ) +# +# system schema +#olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword' +# DESC 'RFC2256/2307: password of user' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) +# +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +olcAttributeTypes: ( 2.5.4.36 NAME 'userCertificate' + DESC 'RFC2256: X.509 user certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) +# +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +olcAttributeTypes: ( 2.5.4.37 NAME 'cACertificate' + DESC 'RFC2256: X.509 CA certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) +# +# Must be transferred using ;binary +olcAttributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList' + DESC 'RFC2256: X.509 authority revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) +# +# Must be transferred using ;binary +olcAttributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList' + DESC 'RFC2256: X.509 certificate revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) +# +# Must be stored and requested in the binary form +olcAttributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair' + DESC 'RFC2256: X.509 cross certificate pair, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) +# +# 2.5.4.41 is defined above as it's used for subtyping +#olcAttributeTypes: ( 2.5.4.41 NAME 'name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) +# +olcAttributeTypes: ( 2.5.4.42 NAME ( 'givenName' 'gn' ) + DESC 'RFC2256: first name(s) for which the entity is known by' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.43 NAME 'initials' + DESC 'RFC2256: initials of some or all of names, but not the surname(s).' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.44 NAME 'generationQualifier' + DESC 'RFC2256: name qualifier indicating a generation' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.45 NAME 'x500UniqueIdentifier' + DESC 'RFC2256: X.500 unique identifier' + EQUALITY bitStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) +# +olcAttributeTypes: ( 2.5.4.46 NAME 'dnQualifier' + DESC 'RFC2256: DN qualifier' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreOrderingMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) +# +olcAttributeTypes: ( 2.5.4.47 NAME 'enhancedSearchGuide' + DESC 'RFC2256: enhanced search guide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) +# +olcAttributeTypes: ( 2.5.4.48 NAME 'protocolInformation' + DESC 'RFC2256: protocol information' + EQUALITY protocolInformationMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) +# +# 2.5.4.49 is defined above as it's used for subtyping +#olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +# +olcAttributeTypes: ( 2.5.4.50 NAME 'uniqueMember' + DESC 'RFC2256: unique member of a group' + EQUALITY uniqueMemberMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) +# +olcAttributeTypes: ( 2.5.4.51 NAME 'houseIdentifier' + DESC 'RFC2256: house identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) +# +# Must be transferred using ;binary +olcAttributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms' + DESC 'RFC2256: supported algorithms' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) +# +# Must be transferred using ;binary +olcAttributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList' + DESC 'RFC2256: delta revocation list; use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) +# +olcAttributeTypes: ( 2.5.4.54 NAME 'dmdName' + DESC 'RFC2256: name of DMD' + SUP name ) +# +olcAttributeTypes: ( 2.5.4.65 NAME 'pseudonym' + DESC 'X.520(4th): pseudonym for the object' + SUP name ) +# +# Standard object classes from RFC2256 +# +# system schema +#olcObjectClasses: ( 2.5.6.1 NAME 'alias' +# DESC 'RFC2256: an alias' +# SUP top STRUCTURAL +# MUST aliasedObjectName ) +# +olcObjectClasses: ( 2.5.6.2 NAME 'country' + DESC 'RFC2256: a country' + SUP top STRUCTURAL + MUST c + MAY ( searchGuide $ description ) ) +# +olcObjectClasses: ( 2.5.6.3 NAME 'locality' + DESC 'RFC2256: a locality' + SUP top STRUCTURAL + MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.4 NAME 'organization' + DESC 'RFC2256: an organization' + SUP top STRUCTURAL + MUST o + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.5 NAME 'organizationalUnit' + DESC 'RFC2256: an organizational unit' + SUP top STRUCTURAL + MUST ou + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.6 NAME 'person' + DESC 'RFC2256: a person' + SUP top STRUCTURAL + MUST ( sn $ cn ) + MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) +# +olcObjectClasses: ( 2.5.6.7 NAME 'organizationalPerson' + DESC 'RFC2256: an organizational person' + SUP person STRUCTURAL + MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) +# +olcObjectClasses: ( 2.5.6.8 NAME 'organizationalRole' + DESC 'RFC2256: an organizational role' + SUP top STRUCTURAL + MUST cn + MAY ( x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.9 NAME 'groupOfNames' + DESC 'RFC2256: a group of names (DNs)' + SUP top STRUCTURAL + MUST ( member $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) +# +olcObjectClasses: ( 2.5.6.10 NAME 'residentialPerson' + DESC 'RFC2256: an residential person' + SUP person STRUCTURAL + MUST l + MAY ( businessCategory $ x121Address $ registeredAddress $ + destinationIndicator $ preferredDeliveryMethod $ telexNumber $ + teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l ) ) +# +olcObjectClasses: ( 2.5.6.11 NAME 'applicationProcess' + DESC 'RFC2256: an application process' + SUP top STRUCTURAL + MUST cn + MAY ( seeAlso $ ou $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.12 NAME 'applicationEntity' + DESC 'RFC2256: an application entity' + SUP top STRUCTURAL + MUST ( presentationAddress $ cn ) + MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ + description ) ) +# +olcObjectClasses: ( 2.5.6.13 NAME 'dSA' + DESC 'RFC2256: a directory system agent (a server)' + SUP applicationEntity STRUCTURAL + MAY knowledgeInformation ) +# +olcObjectClasses: ( 2.5.6.14 NAME 'device' + DESC 'RFC2256: a device' + SUP top STRUCTURAL + MUST cn + MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) +# +olcObjectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser' + DESC 'RFC2256: a strong authentication user' + SUP top AUXILIARY + MUST userCertificate ) +# +olcObjectClasses: ( 2.5.6.16 NAME 'certificationAuthority' + DESC 'RFC2256: a certificate authority' + SUP top AUXILIARY + MUST ( authorityRevocationList $ certificateRevocationList $ + cACertificate ) MAY crossCertificatePair ) +# +olcObjectClasses: ( 2.5.6.17 NAME 'groupOfUniqueNames' + DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' + SUP top STRUCTURAL + MUST ( uniqueMember $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) +# +olcObjectClasses: ( 2.5.6.18 NAME 'userSecurityInformation' + DESC 'RFC2256: a user security information' + SUP top AUXILIARY + MAY ( supportedAlgorithms ) ) +# +olcObjectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2' + SUP certificationAuthority + AUXILIARY MAY ( deltaRevocationList ) ) +# +olcObjectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( certificateRevocationList $ authorityRevocationList $ + deltaRevocationList ) ) +# +olcObjectClasses: ( 2.5.6.20 NAME 'dmd' + SUP top STRUCTURAL + MUST ( dmdName ) + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + street $ postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l $ description ) ) +# +# +# Object Classes from RFC 2587 +# +olcObjectClasses: ( 2.5.6.21 NAME 'pkiUser' + DESC 'RFC2587: a PKI user' + SUP top AUXILIARY + MAY userCertificate ) +# +olcObjectClasses: ( 2.5.6.22 NAME 'pkiCA' + DESC 'RFC2587: PKI certificate authority' + SUP top AUXILIARY + MAY ( authorityRevocationList $ certificateRevocationList $ + cACertificate $ crossCertificatePair ) ) +# +olcObjectClasses: ( 2.5.6.23 NAME 'deltaCRL' + DESC 'RFC2587: PKI user' + SUP top AUXILIARY + MAY deltaRevocationList ) +# +# +# Standard Track URI label schema from RFC 2079 +# system schema +#olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' +# DESC 'RFC2079: Uniform Resource Identifier with optional label' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +# +olcObjectClasses: ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' + DESC 'RFC2079: object that contains the URI attribute type' + MAY ( labeledURI ) + SUP top AUXILIARY ) +# +# +# Derived from RFC 1274, but with new "short names" +# +#olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 +# NAME ( 'uid' 'userid' ) +# DESC 'RFC1274: user identifier' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +# +olcAttributeTypes: ( 0.9.2342.19200300.100.1.3 + NAME ( 'mail' 'rfc822Mailbox' ) + DESC 'RFC1274: RFC822 Mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) +# +olcObjectClasses: ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' + DESC 'RFC1274: simple security object' + SUP top AUXILIARY + MUST userPassword ) +# +# RFC 1274 + RFC 2247 +olcAttributeTypes: ( 0.9.2342.19200300.100.1.25 + NAME ( 'dc' 'domainComponent' ) + DESC 'RFC1274/2247: domain component' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +# +# RFC 2247 +olcObjectClasses: ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' + DESC 'RFC2247: domain component object' + SUP top AUXILIARY MUST dc ) +# +# RFC 2377 +olcObjectClasses: ( 1.3.6.1.1.3.1 NAME 'uidObject' + DESC 'RFC2377: uid object' + SUP top AUXILIARY MUST uid ) +# +# From COSINE Pilot +olcAttributeTypes: ( 0.9.2342.19200300.100.1.37 + NAME 'associatedDomain' + DESC 'RFC1274: domain associated with object' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +# +# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema) +olcAttributeTypes: ( 1.2.840.113549.1.9.1 + NAME ( 'email' 'emailAddress' 'pkcs9email' ) + DESC 'RFC3280: legacy attribute for email addresses in DNs' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) +# diff --git a/openldap/schema/core.schema b/openldap/schema/core.schema new file mode 100644 index 0000000..77ea8a8 --- /dev/null +++ b/openldap/schema/core.schema @@ -0,0 +1,610 @@ +# OpenLDAP Core schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.9 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2006). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +# +# +# Includes LDAPv3 schema items from: +# RFC 2252/2256 (LDAPv3) +# +# Select standard track schema items: +# RFC 1274 (uid/dc) +# RFC 2079 (URI) +# RFC 2247 (dc/dcObject) +# RFC 2587 (PKI) +# RFC 2589 (Dynamic Directory Services) +# RFC 4524 (associatedDomain) +# +# Select informational schema items: +# RFC 2377 (uidObject) + +# +# Standard attribute types from RFC 2256 +# + +# system schema +#attributetype ( 2.5.4.0 NAME 'objectClass' +# DESC 'RFC2256: object classes of the entity' +# EQUALITY objectIdentifierMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +# system schema +#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) +# DESC 'RFC2256: name of aliased object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) + +attributetype ( 2.5.4.2 NAME 'knowledgeInformation' + DESC 'RFC2256: knowledge information' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +# system schema +#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) +# DESC 'RFC2256: common name(s) for which the entity is known by' +# SUP name ) + +attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) + DESC 'RFC2256: last (family) name(s) for which the entity is known by' + SUP name ) + +attributetype ( 2.5.4.5 NAME 'serialNumber' + DESC 'RFC2256: serial number of the entity' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) + +# RFC 4519 definition ('countryName' in X.500 and RFC2256) +attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) + DESC 'RFC4519: two-letter ISO-3166 country code' + SUP name + SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 + SINGLE-VALUE ) + +#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# DESC 'RFC2256: ISO-3166 country 2-letter code' +# SUP name SINGLE-VALUE ) + +attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) + DESC 'RFC2256: locality which this object resides in' + SUP name ) + +attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) + DESC 'RFC2256: state or province which this object resides in' + SUP name ) + +attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) + DESC 'RFC2256: street address of this object' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) + DESC 'RFC2256: organization this object belongs to' + SUP name ) + +attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) + DESC 'RFC2256: organizational unit this object belongs to' + SUP name ) + +attributetype ( 2.5.4.12 NAME 'title' + DESC 'RFC2256: title associated with the entity' + SUP name ) + +# system schema +#attributetype ( 2.5.4.13 NAME 'description' +# DESC 'RFC2256: descriptive information' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) + +# Deprecated by enhancedSearchGuide +attributetype ( 2.5.4.14 NAME 'searchGuide' + DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) + +attributetype ( 2.5.4.15 NAME 'businessCategory' + DESC 'RFC2256: business category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.16 NAME 'postalAddress' + DESC 'RFC2256: postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 2.5.4.17 NAME 'postalCode' + DESC 'RFC2256: postal code' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 2.5.4.18 NAME 'postOfficeBox' + DESC 'RFC2256: Post Office Box' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' + DESC 'RFC2256: Physical Delivery Office Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.20 NAME 'telephoneNumber' + DESC 'RFC2256: Telephone Number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) + +attributetype ( 2.5.4.21 NAME 'telexNumber' + DESC 'RFC2256: Telex Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) + +attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' + DESC 'RFC2256: Teletex Terminal Identifier' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) + +attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) + DESC 'RFC2256: Facsimile (Fax) Telephone Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + +attributetype ( 2.5.4.24 NAME 'x121Address' + DESC 'RFC2256: X.121 Address' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) + +attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' + DESC 'RFC2256: international ISDN number' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) + +attributetype ( 2.5.4.26 NAME 'registeredAddress' + DESC 'RFC2256: registered postal address' + SUP postalAddress + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 2.5.4.27 NAME 'destinationIndicator' + DESC 'RFC2256: destination indicator' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) + +attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' + DESC 'RFC2256: preferred delivery method' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 + SINGLE-VALUE ) + +attributetype ( 2.5.4.29 NAME 'presentationAddress' + DESC 'RFC2256: presentation address' + EQUALITY presentationAddressMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 + SINGLE-VALUE ) + +attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' + DESC 'RFC2256: supported application context' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +attributetype ( 2.5.4.31 NAME 'member' + DESC 'RFC2256: member of a group' + SUP distinguishedName ) + +attributetype ( 2.5.4.32 NAME 'owner' + DESC 'RFC2256: owner (of the object)' + SUP distinguishedName ) + +attributetype ( 2.5.4.33 NAME 'roleOccupant' + DESC 'RFC2256: occupant of role' + SUP distinguishedName ) + +# system schema +#attributetype ( 2.5.4.34 NAME 'seeAlso' +# DESC 'RFC2256: DN of related object' +# SUP distinguishedName ) + +# system schema +#attributetype ( 2.5.4.35 NAME 'userPassword' +# DESC 'RFC2256/2307: password of user' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) + +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +attributetype ( 2.5.4.36 NAME 'userCertificate' + DESC 'RFC2256: X.509 user certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +attributetype ( 2.5.4.37 NAME 'cACertificate' + DESC 'RFC2256: X.509 CA certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.38 NAME 'authorityRevocationList' + DESC 'RFC2256: X.509 authority revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.39 NAME 'certificateRevocationList' + DESC 'RFC2256: X.509 certificate revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +# Must be stored and requested in the binary form +attributetype ( 2.5.4.40 NAME 'crossCertificatePair' + DESC 'RFC2256: X.509 cross certificate pair, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) + +# system schema +#attributetype ( 2.5.4.41 NAME 'name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) + DESC 'RFC2256: first name(s) for which the entity is known by' + SUP name ) + +attributetype ( 2.5.4.43 NAME 'initials' + DESC 'RFC2256: initials of some or all of names, but not the surname(s).' + SUP name ) + +attributetype ( 2.5.4.44 NAME 'generationQualifier' + DESC 'RFC2256: name qualifier indicating a generation' + SUP name ) + +attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' + DESC 'RFC2256: X.500 unique identifier' + EQUALITY bitStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) + +attributetype ( 2.5.4.46 NAME 'dnQualifier' + DESC 'RFC2256: DN qualifier' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreOrderingMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) + +attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' + DESC 'RFC2256: enhanced search guide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) + +attributetype ( 2.5.4.48 NAME 'protocolInformation' + DESC 'RFC2256: protocol information' + EQUALITY protocolInformationMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) + +# system schema +#attributetype ( 2.5.4.49 NAME 'distinguishedName' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.5.4.50 NAME 'uniqueMember' + DESC 'RFC2256: unique member of a group' + EQUALITY uniqueMemberMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) + +attributetype ( 2.5.4.51 NAME 'houseIdentifier' + DESC 'RFC2256: house identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' + DESC 'RFC2256: supported algorithms' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.53 NAME 'deltaRevocationList' + DESC 'RFC2256: delta revocation list; use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +attributetype ( 2.5.4.54 NAME 'dmdName' + DESC 'RFC2256: name of DMD' + SUP name ) + +attributetype ( 2.5.4.65 NAME 'pseudonym' + DESC 'X.520(4th): pseudonym for the object' + SUP name ) + +# Standard object classes from RFC2256 + +# system schema +#objectclass ( 2.5.6.0 NAME 'top' +# DESC 'RFC2256: top of the superclass chain' +# ABSTRACT +# MUST objectClass ) + +# system schema +#objectclass ( 2.5.6.1 NAME 'alias' +# DESC 'RFC2256: an alias' +# SUP top STRUCTURAL +# MUST aliasedObjectName ) + +objectclass ( 2.5.6.2 NAME 'country' + DESC 'RFC2256: a country' + SUP top STRUCTURAL + MUST c + MAY ( searchGuide $ description ) ) + +objectclass ( 2.5.6.3 NAME 'locality' + DESC 'RFC2256: a locality' + SUP top STRUCTURAL + MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) + +objectclass ( 2.5.6.4 NAME 'organization' + DESC 'RFC2256: an organization' + SUP top STRUCTURAL + MUST o + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) + +objectclass ( 2.5.6.5 NAME 'organizationalUnit' + DESC 'RFC2256: an organizational unit' + SUP top STRUCTURAL + MUST ou + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) + +objectclass ( 2.5.6.6 NAME 'person' + DESC 'RFC2256: a person' + SUP top STRUCTURAL + MUST ( sn $ cn ) + MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) + +objectclass ( 2.5.6.7 NAME 'organizationalPerson' + DESC 'RFC2256: an organizational person' + SUP person STRUCTURAL + MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) + +objectclass ( 2.5.6.8 NAME 'organizationalRole' + DESC 'RFC2256: an organizational role' + SUP top STRUCTURAL + MUST cn + MAY ( x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) + +objectclass ( 2.5.6.9 NAME 'groupOfNames' + DESC 'RFC2256: a group of names (DNs)' + SUP top STRUCTURAL + MUST ( member $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) + +objectclass ( 2.5.6.10 NAME 'residentialPerson' + DESC 'RFC2256: an residential person' + SUP person STRUCTURAL + MUST l + MAY ( businessCategory $ x121Address $ registeredAddress $ + destinationIndicator $ preferredDeliveryMethod $ telexNumber $ + teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l ) ) + +objectclass ( 2.5.6.11 NAME 'applicationProcess' + DESC 'RFC2256: an application process' + SUP top STRUCTURAL + MUST cn + MAY ( seeAlso $ ou $ l $ description ) ) + +objectclass ( 2.5.6.12 NAME 'applicationEntity' + DESC 'RFC2256: an application entity' + SUP top STRUCTURAL + MUST ( presentationAddress $ cn ) + MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ + description ) ) + +objectclass ( 2.5.6.13 NAME 'dSA' + DESC 'RFC2256: a directory system agent (a server)' + SUP applicationEntity STRUCTURAL + MAY knowledgeInformation ) + +objectclass ( 2.5.6.14 NAME 'device' + DESC 'RFC2256: a device' + SUP top STRUCTURAL + MUST cn + MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) + +objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' + DESC 'RFC2256: a strong authentication user' + SUP top AUXILIARY + MUST userCertificate ) + +objectclass ( 2.5.6.16 NAME 'certificationAuthority' + DESC 'RFC2256: a certificate authority' + SUP top AUXILIARY + MUST ( authorityRevocationList $ certificateRevocationList $ + cACertificate ) MAY crossCertificatePair ) + +objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' + DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' + SUP top STRUCTURAL + MUST ( uniqueMember $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) + +objectclass ( 2.5.6.18 NAME 'userSecurityInformation' + DESC 'RFC2256: a user security information' + SUP top AUXILIARY + MAY ( supportedAlgorithms ) ) + +objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' + SUP certificationAuthority + AUXILIARY MAY ( deltaRevocationList ) ) + +objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( certificateRevocationList $ authorityRevocationList $ + deltaRevocationList ) ) + +objectclass ( 2.5.6.20 NAME 'dmd' + SUP top STRUCTURAL + MUST ( dmdName ) + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + street $ postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l $ description ) ) + +# +# Object Classes from RFC 2587 +# +objectclass ( 2.5.6.21 NAME 'pkiUser' + DESC 'RFC2587: a PKI user' + SUP top AUXILIARY + MAY userCertificate ) + +objectclass ( 2.5.6.22 NAME 'pkiCA' + DESC 'RFC2587: PKI certificate authority' + SUP top AUXILIARY + MAY ( authorityRevocationList $ certificateRevocationList $ + cACertificate $ crossCertificatePair ) ) + +objectclass ( 2.5.6.23 NAME 'deltaCRL' + DESC 'RFC2587: PKI user' + SUP top AUXILIARY + MAY deltaRevocationList ) + +# +# Standard Track URI label schema from RFC 2079 +# system schema +#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' +# DESC 'RFC2079: Uniform Resource Identifier with optional label' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' + DESC 'RFC2079: object that contains the URI attribute type' + SUP top AUXILIARY + MAY ( labeledURI ) ) + +# +# Derived from RFC 1274, but with new "short names" +# +#attributetype ( 0.9.2342.19200300.100.1.1 +# NAME ( 'uid' 'userid' ) +# DESC 'RFC1274: user identifier' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +attributetype ( 0.9.2342.19200300.100.1.3 + NAME ( 'mail' 'rfc822Mailbox' ) + DESC 'RFC1274: RFC822 Mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' + DESC 'RFC1274: simple security object' + SUP top AUXILIARY + MUST userPassword ) + +# RFC 1274 + RFC 2247 +attributetype ( 0.9.2342.19200300.100.1.25 + NAME ( 'dc' 'domainComponent' ) + DESC 'RFC1274/2247: domain component' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# RFC 2247 +objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' + DESC 'RFC2247: domain component object' + SUP top AUXILIARY MUST dc ) + +# RFC 2377 +objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' + DESC 'RFC2377: uid object' + SUP top AUXILIARY MUST uid ) + +# RFC 4524 +# The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181] +# host names [RFC1123] that are associated with an object. That is, +# values of this attribute should conform to the following ABNF: +# +# domain = root / label *( DOT label ) +# root = SPACE +# label = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ] +# LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z" +# SPACE = %x20 ; space (" ") +# HYPHEN = %x2D ; hyphen ("-") +# DOT = %x2E ; period (".") +attributetype ( 0.9.2342.19200300.100.1.37 + NAME 'associatedDomain' + DESC 'RFC1274: domain associated with object' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema) +attributetype ( 1.2.840.113549.1.9.1 + NAME ( 'email' 'emailAddress' 'pkcs9email' ) + DESC 'RFC3280: legacy attribute for email addresses in DNs' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + diff --git a/openldap/schema/core.schema.default b/openldap/schema/core.schema.default new file mode 100644 index 0000000..850135e --- /dev/null +++ b/openldap/schema/core.schema.default @@ -0,0 +1,610 @@ +# OpenLDAP Core schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.8 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2006). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +# +# +# Includes LDAPv3 schema items from: +# RFC 2252/2256 (LDAPv3) +# +# Select standard track schema items: +# RFC 1274 (uid/dc) +# RFC 2079 (URI) +# RFC 2247 (dc/dcObject) +# RFC 2587 (PKI) +# RFC 2589 (Dynamic Directory Services) +# RFC 4524 (associatedDomain) +# +# Select informational schema items: +# RFC 2377 (uidObject) + +# +# Standard attribute types from RFC 2256 +# + +# system schema +#attributetype ( 2.5.4.0 NAME 'objectClass' +# DESC 'RFC2256: object classes of the entity' +# EQUALITY objectIdentifierMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +# system schema +#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) +# DESC 'RFC2256: name of aliased object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) + +attributetype ( 2.5.4.2 NAME 'knowledgeInformation' + DESC 'RFC2256: knowledge information' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +# system schema +#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) +# DESC 'RFC2256: common name(s) for which the entity is known by' +# SUP name ) + +attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) + DESC 'RFC2256: last (family) name(s) for which the entity is known by' + SUP name ) + +attributetype ( 2.5.4.5 NAME 'serialNumber' + DESC 'RFC2256: serial number of the entity' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) + +# RFC 4519 definition ('countryName' in X.500 and RFC2256) +attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) + DESC 'RFC4519: two-letter ISO-3166 country code' + SUP name + SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 + SINGLE-VALUE ) + +#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# DESC 'RFC2256: ISO-3166 country 2-letter code' +# SUP name SINGLE-VALUE ) + +attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) + DESC 'RFC2256: locality which this object resides in' + SUP name ) + +attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) + DESC 'RFC2256: state or province which this object resides in' + SUP name ) + +attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) + DESC 'RFC2256: street address of this object' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) + DESC 'RFC2256: organization this object belongs to' + SUP name ) + +attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) + DESC 'RFC2256: organizational unit this object belongs to' + SUP name ) + +attributetype ( 2.5.4.12 NAME 'title' + DESC 'RFC2256: title associated with the entity' + SUP name ) + +# system schema +#attributetype ( 2.5.4.13 NAME 'description' +# DESC 'RFC2256: descriptive information' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) + +# Deprecated by enhancedSearchGuide +attributetype ( 2.5.4.14 NAME 'searchGuide' + DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) + +attributetype ( 2.5.4.15 NAME 'businessCategory' + DESC 'RFC2256: business category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.16 NAME 'postalAddress' + DESC 'RFC2256: postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 2.5.4.17 NAME 'postalCode' + DESC 'RFC2256: postal code' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 2.5.4.18 NAME 'postOfficeBox' + DESC 'RFC2256: Post Office Box' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' + DESC 'RFC2256: Physical Delivery Office Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 2.5.4.20 NAME 'telephoneNumber' + DESC 'RFC2256: Telephone Number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) + +attributetype ( 2.5.4.21 NAME 'telexNumber' + DESC 'RFC2256: Telex Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) + +attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' + DESC 'RFC2256: Teletex Terminal Identifier' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) + +attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) + DESC 'RFC2256: Facsimile (Fax) Telephone Number' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + +attributetype ( 2.5.4.24 NAME 'x121Address' + DESC 'RFC2256: X.121 Address' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) + +attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' + DESC 'RFC2256: international ISDN number' + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) + +attributetype ( 2.5.4.26 NAME 'registeredAddress' + DESC 'RFC2256: registered postal address' + SUP postalAddress + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 2.5.4.27 NAME 'destinationIndicator' + DESC 'RFC2256: destination indicator' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) + +attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' + DESC 'RFC2256: preferred delivery method' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 + SINGLE-VALUE ) + +attributetype ( 2.5.4.29 NAME 'presentationAddress' + DESC 'RFC2256: presentation address' + EQUALITY presentationAddressMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 + SINGLE-VALUE ) + +attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' + DESC 'RFC2256: supported application context' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +attributetype ( 2.5.4.31 NAME 'member' + DESC 'RFC2256: member of a group' + SUP distinguishedName ) + +attributetype ( 2.5.4.32 NAME 'owner' + DESC 'RFC2256: owner (of the object)' + SUP distinguishedName ) + +attributetype ( 2.5.4.33 NAME 'roleOccupant' + DESC 'RFC2256: occupant of role' + SUP distinguishedName ) + +# system schema +#attributetype ( 2.5.4.34 NAME 'seeAlso' +# DESC 'RFC2256: DN of related object' +# SUP distinguishedName ) + +# system schema +#attributetype ( 2.5.4.35 NAME 'userPassword' +# DESC 'RFC2256/2307: password of user' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) + +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +attributetype ( 2.5.4.36 NAME 'userCertificate' + DESC 'RFC2256: X.509 user certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + +# Must be transferred using ;binary +# with certificateExactMatch rule (per X.509) +attributetype ( 2.5.4.37 NAME 'cACertificate' + DESC 'RFC2256: X.509 CA certificate, use ;binary' + EQUALITY certificateExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.38 NAME 'authorityRevocationList' + DESC 'RFC2256: X.509 authority revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.39 NAME 'certificateRevocationList' + DESC 'RFC2256: X.509 certificate revocation list, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +# Must be stored and requested in the binary form +attributetype ( 2.5.4.40 NAME 'crossCertificatePair' + DESC 'RFC2256: X.509 cross certificate pair, use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) + +# system schema +#attributetype ( 2.5.4.41 NAME 'name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) + DESC 'RFC2256: first name(s) for which the entity is known by' + SUP name ) + +attributetype ( 2.5.4.43 NAME 'initials' + DESC 'RFC2256: initials of some or all of names, but not the surname(s).' + SUP name ) + +attributetype ( 2.5.4.44 NAME 'generationQualifier' + DESC 'RFC2256: name qualifier indicating a generation' + SUP name ) + +attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' + DESC 'RFC2256: X.500 unique identifier' + EQUALITY bitStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) + +attributetype ( 2.5.4.46 NAME 'dnQualifier' + DESC 'RFC2256: DN qualifier' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreOrderingMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) + +attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' + DESC 'RFC2256: enhanced search guide' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) + +attributetype ( 2.5.4.48 NAME 'protocolInformation' + DESC 'RFC2256: protocol information' + EQUALITY protocolInformationMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) + +# system schema +#attributetype ( 2.5.4.49 NAME 'distinguishedName' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.5.4.50 NAME 'uniqueMember' + DESC 'RFC2256: unique member of a group' + EQUALITY uniqueMemberMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) + +attributetype ( 2.5.4.51 NAME 'houseIdentifier' + DESC 'RFC2256: house identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' + DESC 'RFC2256: supported algorithms' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) + +# Must be transferred using ;binary +attributetype ( 2.5.4.53 NAME 'deltaRevocationList' + DESC 'RFC2256: delta revocation list; use ;binary' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + +attributetype ( 2.5.4.54 NAME 'dmdName' + DESC 'RFC2256: name of DMD' + SUP name ) + +attributetype ( 2.5.4.65 NAME 'pseudonym' + DESC 'X.520(4th): pseudonym for the object' + SUP name ) + +# Standard object classes from RFC2256 + +# system schema +#objectclass ( 2.5.6.0 NAME 'top' +# DESC 'RFC2256: top of the superclass chain' +# ABSTRACT +# MUST objectClass ) + +# system schema +#objectclass ( 2.5.6.1 NAME 'alias' +# DESC 'RFC2256: an alias' +# SUP top STRUCTURAL +# MUST aliasedObjectName ) + +objectclass ( 2.5.6.2 NAME 'country' + DESC 'RFC2256: a country' + SUP top STRUCTURAL + MUST c + MAY ( searchGuide $ description ) ) + +objectclass ( 2.5.6.3 NAME 'locality' + DESC 'RFC2256: a locality' + SUP top STRUCTURAL + MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) + +objectclass ( 2.5.6.4 NAME 'organization' + DESC 'RFC2256: an organization' + SUP top STRUCTURAL + MUST o + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) + +objectclass ( 2.5.6.5 NAME 'organizationalUnit' + DESC 'RFC2256: an organizational unit' + SUP top STRUCTURAL + MUST ou + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) + +objectclass ( 2.5.6.6 NAME 'person' + DESC 'RFC2256: a person' + SUP top STRUCTURAL + MUST ( sn $ cn ) + MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) + +objectclass ( 2.5.6.7 NAME 'organizationalPerson' + DESC 'RFC2256: an organizational person' + SUP person STRUCTURAL + MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) + +objectclass ( 2.5.6.8 NAME 'organizationalRole' + DESC 'RFC2256: an organizational role' + SUP top STRUCTURAL + MUST cn + MAY ( x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) + +objectclass ( 2.5.6.9 NAME 'groupOfNames' + DESC 'RFC2256: a group of names (DNs)' + SUP top STRUCTURAL + MUST ( member $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) + +objectclass ( 2.5.6.10 NAME 'residentialPerson' + DESC 'RFC2256: an residential person' + SUP person STRUCTURAL + MUST l + MAY ( businessCategory $ x121Address $ registeredAddress $ + destinationIndicator $ preferredDeliveryMethod $ telexNumber $ + teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l ) ) + +objectclass ( 2.5.6.11 NAME 'applicationProcess' + DESC 'RFC2256: an application process' + SUP top STRUCTURAL + MUST cn + MAY ( seeAlso $ ou $ l $ description ) ) + +objectclass ( 2.5.6.12 NAME 'applicationEntity' + DESC 'RFC2256: an application entity' + SUP top STRUCTURAL + MUST ( presentationAddress $ cn ) + MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ + description ) ) + +objectclass ( 2.5.6.13 NAME 'dSA' + DESC 'RFC2256: a directory system agent (a server)' + SUP applicationEntity STRUCTURAL + MAY knowledgeInformation ) + +objectclass ( 2.5.6.14 NAME 'device' + DESC 'RFC2256: a device' + SUP top STRUCTURAL + MUST cn + MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) + +objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' + DESC 'RFC2256: a strong authentication user' + SUP top AUXILIARY + MUST userCertificate ) + +objectclass ( 2.5.6.16 NAME 'certificationAuthority' + DESC 'RFC2256: a certificate authority' + SUP top AUXILIARY + MUST ( authorityRevocationList $ certificateRevocationList $ + cACertificate ) MAY crossCertificatePair ) + +objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' + DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' + SUP top STRUCTURAL + MUST ( uniqueMember $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) + +objectclass ( 2.5.6.18 NAME 'userSecurityInformation' + DESC 'RFC2256: a user security information' + SUP top AUXILIARY + MAY ( supportedAlgorithms ) ) + +objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' + SUP certificationAuthority + AUXILIARY MAY ( deltaRevocationList ) ) + +objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( certificateRevocationList $ authorityRevocationList $ + deltaRevocationList ) ) + +objectclass ( 2.5.6.20 NAME 'dmd' + SUP top STRUCTURAL + MUST ( dmdName ) + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + street $ postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l $ description ) ) + +# +# Object Classes from RFC 2587 +# +objectclass ( 2.5.6.21 NAME 'pkiUser' + DESC 'RFC2587: a PKI user' + SUP top AUXILIARY + MAY userCertificate ) + +objectclass ( 2.5.6.22 NAME 'pkiCA' + DESC 'RFC2587: PKI certificate authority' + SUP top AUXILIARY + MAY ( authorityRevocationList $ certificateRevocationList $ + cACertificate $ crossCertificatePair ) ) + +objectclass ( 2.5.6.23 NAME 'deltaCRL' + DESC 'RFC2587: PKI user' + SUP top AUXILIARY + MAY deltaRevocationList ) + +# +# Standard Track URI label schema from RFC 2079 +# system schema +#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' +# DESC 'RFC2079: Uniform Resource Identifier with optional label' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' + DESC 'RFC2079: object that contains the URI attribute type' + SUP top AUXILIARY + MAY ( labeledURI ) ) + +# +# Derived from RFC 1274, but with new "short names" +# +#attributetype ( 0.9.2342.19200300.100.1.1 +# NAME ( 'uid' 'userid' ) +# DESC 'RFC1274: user identifier' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +attributetype ( 0.9.2342.19200300.100.1.3 + NAME ( 'mail' 'rfc822Mailbox' ) + DESC 'RFC1274: RFC822 Mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' + DESC 'RFC1274: simple security object' + SUP top AUXILIARY + MUST userPassword ) + +# RFC 1274 + RFC 2247 +attributetype ( 0.9.2342.19200300.100.1.25 + NAME ( 'dc' 'domainComponent' ) + DESC 'RFC1274/2247: domain component' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# RFC 2247 +objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' + DESC 'RFC2247: domain component object' + SUP top AUXILIARY MUST dc ) + +# RFC 2377 +objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' + DESC 'RFC2377: uid object' + SUP top AUXILIARY MUST uid ) + +# RFC 4524 +# The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181] +# host names [RFC1123] that are associated with an object. That is, +# values of this attribute should conform to the following ABNF: +# +# domain = root / label *( DOT label ) +# root = SPACE +# label = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ] +# LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z" +# SPACE = %x20 ; space (" ") +# HYPHEN = %x2D ; hyphen ("-") +# DOT = %x2E ; period (".") +attributetype ( 0.9.2342.19200300.100.1.37 + NAME 'associatedDomain' + DESC 'RFC1274: domain associated with object' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema) +attributetype ( 1.2.840.113549.1.9.1 + NAME ( 'email' 'emailAddress' 'pkcs9email' ) + DESC 'RFC3280: legacy attribute for email addresses in DNs' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + diff --git a/openldap/schema/cosine.ldif b/openldap/schema/cosine.ldif new file mode 100644 index 0000000..e7e5386 --- /dev/null +++ b/openldap/schema/cosine.ldif @@ -0,0 +1,200 @@ +# RFC1274: Cosine and Internet X.500 schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.ldif,v 1.1.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# RFC1274: Cosine and Internet X.500 schema +# +# This file contains LDAPv3 schema derived from X.500 COSINE "pilot" +# schema. As this schema was defined for X.500(89), some +# oddities were introduced in the mapping to LDAPv3. The +# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt +# (a work in progress) +# +# Note: It seems that the pilot schema evolved beyond what was +# described in RFC1274. However, this document attempts to describes +# RFC1274 as published. +# +# Depends on core.ldif +# +# This file was automatically generated from cosine.schema; see that +# file for complete background. +# +dn: cn=cosine,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: cosine +olcAttributeTypes: ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' + EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1. + 1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'RFC1274: g + eneral information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDri + nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR caseIgno + reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'RFC1 + 274: room number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S + YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'RFC1274: + photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'RFC12 + 74: category of user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat + ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'RFC1274: h + ost computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTA + X 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'RFC127 + 4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115 + .121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' D + ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch SUBSTR + caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC ' + RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstri + ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' DES + C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSu + bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DESC + 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch SYNTAX 1 + .3.6.1.4.1.1466.115.121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' DE + SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch SUBSTR c + aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone' 'homeTe + lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY telephoneNumb + erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121 + .1.50 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'RFC + 1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.146 + 6.115.121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' SYNTAX + 1.3.6.1.4.1.1466.115.121.1.39 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY ca + seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' EQUALITY c + aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' EQUALITY c + aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' EQUALITY c + aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' EQUALITY + caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' EQUALIT + Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC + 'RFC1274: DN of entry associated with domain' EQUALITY distinguishedNameMatc + h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' D + ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIg + noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DESC + 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstring + sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileTel + ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY telephoneNum + berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 + 1.1.50 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTelep + honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY telephoneNumber + Match SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 + .50 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCount + ryName' ) DESC 'RFC1274: friendly country name' EQUALITY caseIgnoreMatch SUBS + TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' DE + SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.14 + 66.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus + ' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR caseI + gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC ' + RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5Subst + ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption + ' DESC 'RFC1274: mail preference option' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC ' + RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstrin + gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC 'RF + C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' + DESC 'RFC1274: Single Level Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SIN + GLE-VALUE ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQualit + y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 13 SINGLE-VALUE ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQualit + y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 13 SINGLE-VALUE ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' D + ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 23 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC 'R + FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466 + .115.121.1.12 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'RFC1274 + : audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' D + ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR caseIgno + reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' 'newPilo + tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $ rfc822 + Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber $ hom + ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $ busine + ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ pagerTelep + honeNumber $ organizationalStatus $ mailPreferenceOption $ personalSignature + ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top STRUCT + URAL MUST userid MAY ( description $ seeAlso $ localityName $ organizationNam + e $ organizationalUnitName $ host ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top STRUC + TURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso $ loca + lityName $ organizationName $ organizationalUnitName $ documentTitle $ docume + ntVersion $ documentAuthor $ documentLocation $ documentPublisher ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURA + L MUST commonName MAY ( roomNumber $ description $ seeAlso $ telephoneNumber + ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top + STRUCTURAL MUST commonName MAY ( description $ seeAlso $ telephonenumber $ l + ocalityName $ organizationName $ organizationalUnitName ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCT + URAL MUST domainComponent MAY ( associatedName $ organizationName $ descripti + on $ businessCategory $ seeAlso $ searchGuide $ userPassword $ localityName $ + stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $ postalAdd + ress $ postalCode $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber + $ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ tel + exNumber $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress + $ x121Address ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP d + omain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $ telepho + neNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOffi + ceBox $ streetAddress $ facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ preferredDelivery + Method $ destinationIndicator $ registeredAddress $ x121Address ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP domain + STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAME + Record ) ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' D + ESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST associat + edDomain ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP c + ountry STRUCTURAL MUST friendlyCountryName ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' SU + P ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa STR + UCTURAL MAY dSAQuality ) +olcObjectClasses: ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' + SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $ subtreeMaximu + mQuality ) ) diff --git a/openldap/schema/cosine.schema b/openldap/schema/cosine.schema new file mode 100644 index 0000000..a300cc8 --- /dev/null +++ b/openldap/schema/cosine.schema @@ -0,0 +1,2571 @@ +# RFC1274: Cosine and Internet X.500 schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# RFC1274: Cosine and Internet X.500 schema +# +# This file contains LDAPv3 schema derived from X.500 COSINE "pilot" +# schema. As this schema was defined for X.500(89), some +# oddities were introduced in the mapping to LDAPv3. The +# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt +# (a work in progress) +# +# Note: It seems that the pilot schema evolved beyond what was +# described in RFC1274. However, this document attempts to describes +# RFC1274 as published. +# +# Depends on core.schema + + +# Network Working Group P. Barker +# Request for Comments: 1274 S. Kille +# University College London +# November 1991 +# +# The COSINE and Internet X.500 Schema +# +# [trimmed] +# +# Abstract +# +# This document suggests an X.500 Directory Schema, or Naming +# Architecture, for use in the COSINE and Internet X.500 pilots. The +# schema is independent of any specific implementation. As well as +# indicating support for the standard object classes and attributes, a +# large number of generally useful object classes and attributes are +# also defined. An appendix to this document includes a machine +# processable version of the schema. +# +# [trimmed] + +# 7. Object Identifiers +# +# Some additional object identifiers are defined for this schema. +# These are also reproduced in Appendix C. +# +# data OBJECT IDENTIFIER ::= {ccitt 9} +# pss OBJECT IDENTIFIER ::= {data 2342} +# ucl OBJECT IDENTIFIER ::= {pss 19200300} +# pilot OBJECT IDENTIFIER ::= {ucl 100} +# +# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1} +# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3} +# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4} +# pilotGroups OBJECT IDENTIFIER ::= {pilot 10} +# +# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4} +# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::= +# {pilotAttributeSyntax 5} +# +# 8. Object Classes +# [relocated after 9] + +# +# 9. Attribute Types +# +# 9.1. X.500 standard attribute types +# +# A number of generally useful attribute types are defined in X.520, +# and these are supported. Refer to that document for descriptions of +# the suggested usage of these attribute types. The ASN.1 for these +# attribute types is reproduced for completeness in Appendix C. +# +# 9.2. X.400 standard attribute types +# +# The standard X.400 attribute types are supported. See X.402 for full +# details. The ASN.1 for these attribute types is reproduced in +# Appendix C. +# +# 9.3. COSINE/Internet attribute types +# +# This section describes all the attribute types defined for use in the +# COSINE and Internet pilots. Descriptions are given as to the +# suggested usage of these attribute types. The ASN.1 for these +# attribute types is reproduced in Appendix C. +# +# 9.3.1. Userid +# +# The Userid attribute type specifies a computer system login name. +# +# userid ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-identifier)) +# ::= {pilotAttributeType 1} +# +#(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) +## EQUALITY caseIgnoreMatch +## SUBSTR caseIgnoreSubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.2. Text Encoded O/R Address +# +# The Text Encoded O/R Address attribute type specifies a text encoding +# of an X.400 O/R address, as specified in RFC 987. The use of this +# attribute is deprecated as the attribute is intended for interim use +# only. This attribute will be the first candidate for the attribute +# expiry mechanisms! +# +# textEncodedORAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-text-encoded-or-address)) +# ::= {pilotAttributeType 2} +# +attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.3. RFC 822 Mailbox +# +# The RFC822 Mailbox attribute type specifies an electronic mailbox +# attribute following the syntax specified in RFC 822. Note that this +# attribute should not be used for greybook or other non-Internet order +# mailboxes. +# +# rfc822Mailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-rfc822-mailbox)) +# ::= {pilotAttributeType 3} +# +#(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) +## EQUALITY caseIgnoreIA5Match +## SUBSTR caseIgnoreIA5SubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# 9.3.4. Information +# +# The Information attribute type specifies any general information +# pertinent to an object. It is recommended that specific usage of +# this attribute type is avoided, and that specific requirements are +# met by other (possibly additional) attribute types. +# +# info ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-information)) +# ::= {pilotAttributeType 4} +# +attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' + DESC 'RFC1274: general information' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) + + +# 9.3.5. Favourite Drink +# +# The Favourite Drink attribute type specifies the favourite drink of +# an object (or person). +# +# favouriteDrink ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-favourite-drink)) +# ::= {pilotAttributeType 5} +# +attributetype ( 0.9.2342.19200300.100.1.5 + NAME ( 'drink' 'favouriteDrink' ) + DESC 'RFC1274: favorite drink' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.6. Room Number +# +# The Room Number attribute type specifies the room number of an +# object. Note that the commonName attribute should be used for naming +# room objects. +# +# roomNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-room-number)) +# ::= {pilotAttributeType 6} +# +attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' + DESC 'RFC1274: room number' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.7. Photo +# +# The Photo attribute type specifies a "photograph" for an object. +# This should be encoded in G3 fax as explained in recommendation T.4, +# with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as +# defined in X.420. +# +# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules +# information-objects } +# +# photo ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-photo)) +# ::= {pilotAttributeType 7} +# +attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' + DESC 'RFC1274: photo (G3 fax)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) + +# 9.3.8. User Class +# +# The User Class attribute type specifies a category of computer user. +# The semantics placed on this attribute are for local interpretation. +# Examples of current usage od this attribute in academia are +# undergraduate student, researcher, lecturer, etc. Note that the +# organizationalStatus attribute may now often be preferred as it makes +# no distinction between computer users and others. +# +# userClass ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-class)) +# ::= {pilotAttributeType 8} +# +attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' + DESC 'RFC1274: category of user' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.9. Host +# +# The Host attribute type specifies a host computer. +# +# host ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-host)) +# ::= {pilotAttributeType 9} +# +attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' + DESC 'RFC1274: host computer' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.10. Manager +# +# The Manager attribute type specifies the manager of an object +# represented by an entry. +# +# manager ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 10} +# +attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' + DESC 'RFC1274: DN of manager' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.11. Document Identifier +# +# The Document Identifier attribute type specifies a unique identifier +# for a document. +# +# documentIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-identifier)) +# ::= {pilotAttributeType 11} +# +attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' + DESC 'RFC1274: unique identifier of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.12. Document Title +# +# The Document Title attribute type specifies the title of a document. +# +# documentTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-title)) +# ::= {pilotAttributeType 12} +# +attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' + DESC 'RFC1274: title of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.13. Document Version +# +# The Document Version attribute type specifies the version number of a +# document. +# +# documentVersion ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-version)) +# ::= {pilotAttributeType 13} +# +attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' + DESC 'RFC1274: version of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.14. Document Author +# +# The Document Author attribute type specifies the distinguished name +# of the author of a document. +# +# documentAuthor ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 14} +# +attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' + DESC 'RFC1274: DN of author of document' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.15. Document Location +# +# The Document Location attribute type specifies the location of the +# document original. +# +# documentLocation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-location)) +# ::= {pilotAttributeType 15} +# +attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' + DESC 'RFC1274: location of document original' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.16. Home Telephone Number +# +# The Home Telephone Number attribute type specifies a home telephone +# number associated with a person. Attribute values should follow the +# agreed format for international telephone numbers: i.e., "+44 71 123 +# 4567". +# +# homeTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 20} +# +attributetype ( 0.9.2342.19200300.100.1.20 + NAME ( 'homePhone' 'homeTelephoneNumber' ) + DESC 'RFC1274: home telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.17. Secretary +# +# The Secretary attribute type specifies the secretary of a person. +# The attribute value for Secretary is a distinguished name. +# +# secretary ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 21} +# +attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' + DESC 'RFC1274: DN of secretary' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.18. Other Mailbox +# +# The Other Mailbox attribute type specifies values for electronic +# mailbox types other than X.400 and rfc822. +# +# otherMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# SEQUENCE { +# mailboxType PrintableString, -- e.g. Telemail +# mailbox IA5String -- e.g. X378:Joe +# } +# ::= {pilotAttributeType 22} +# +attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ) + +# 9.3.19. Last Modified Time +# +# The Last Modified Time attribute type specifies the last time, in UTC +# time, that an entry was modified. Ideally, this attribute should be +# maintained by the DSA. +# +# lastModifiedTime ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# uTCTimeSyntax +# ::= {pilotAttributeType 23} +# +## Deprecated in favor of modifyTimeStamp +#attributetype ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime' +# DESC 'RFC1274: time of last modify, replaced by modifyTimestamp' +# OBSOLETE +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 +# USAGE directoryOperation ) + +# 9.3.20. Last Modified By +# +# The Last Modified By attribute specifies the distinguished name of +# the last user to modify the associated entry. Ideally, this +# attribute should be maintained by the DSA. +# +# lastModifiedBy ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 24} +# +## Deprecated in favor of modifiersName +#attributetype ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy' +# DESC 'RFC1274: last modifier, replaced by modifiersName' +# OBSOLETE +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 +# USAGE directoryOperation ) + +# 9.3.21. Domain Component +# +# The Domain Component attribute type specifies a DNS/NRS domain. For +# example, "uk" or "ac". +# +# domainComponent ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# SINGLE VALUE +# ::= {pilotAttributeType 25} +# +##(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) +## EQUALITY caseIgnoreIA5Match +## SUBSTR caseIgnoreIA5SubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# 9.3.22. DNS ARecord +# +# The A Record attribute type specifies a type A (Address) DNS resource +# record [6] [7]. +# +# aRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 26} +# +## incorrect syntax? +attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +## missing from RFC1274 +## incorrect syntax? +attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.23. MX Record +# +# The MX Record attribute type specifies a type MX (Mail Exchange) DNS +# resource record [6] [7]. +# +# mXRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 28} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.24. NS Record +# +# The NS Record attribute type specifies an NS (Name Server) DNS +# resource record [6] [7]. +# +# nSRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 29} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.25. SOA Record +# +# The SOA Record attribute type specifies a type SOA (Start of +# Authority) DNS resorce record [6] [7]. +# +# sOARecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 30} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.26. CNAME Record +# +# The CNAME Record attribute type specifies a type CNAME (Canonical +# Name) DNS resource record [6] [7]. +# +# cNAMERecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# iA5StringSyntax +# ::= {pilotAttributeType 31} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.27. Associated Domain +# +# The Associated Domain attribute type specifies a DNS or NRS domain +# which is associated with an object in the DIT. For example, the entry +# in the DIT with a distinguished name "C=GB, O=University College +# London" would have an associated domain of "UCL.AC.UK. Note that all +# domains should be represented in rfc822 order. See [3] for more +# details of usage of this attribute. +# +# associatedDomain ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# ::= {pilotAttributeType 37} +# +#attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' +# EQUALITY caseIgnoreIA5Match +# SUBSTR caseIgnoreIA5SubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.28. Associated Name +# +# The Associated Name attribute type specifies an entry in the +# organisational DIT associated with a DNS/NRS domain. See [3] for +# more details of usage of this attribute. +# +# associatedName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 38} +# +attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' + DESC 'RFC1274: DN of entry associated with domain' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.29. Home postal address +# +# The Home postal address attribute type specifies a home postal +# address for an object. This should be limited to up to 6 lines of 30 +# characters each. +# +# homePostalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# postalAddress +# MATCHES FOR EQUALITY +# ::= {pilotAttributeType 39} +# +attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' + DESC 'RFC1274: home postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +# 9.3.30. Personal Title +# +# The Personal Title attribute type specifies a personal title for a +# person. Examples of personal titles are "Ms", "Dr", "Prof" and "Rev". +# +# personalTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-personal-title)) +# ::= {pilotAttributeType 40} +# +attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' + DESC 'RFC1274: personal title' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.31. Mobile Telephone Number +# +# The Mobile Telephone Number attribute type specifies a mobile +# telephone number associated with a person. Attribute values should +# follow the agreed format for international telephone numbers: i.e., +# "+44 71 123 4567". +# +# mobileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 41} +# +attributetype ( 0.9.2342.19200300.100.1.41 + NAME ( 'mobile' 'mobileTelephoneNumber' ) + DESC 'RFC1274: mobile telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.32. Pager Telephone Number +# +# The Pager Telephone Number attribute type specifies a pager telephone +# number for an object. Attribute values should follow the agreed +# format for international telephone numbers: i.e., "+44 71 123 4567". +# +# pagerTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 42} +# +attributetype ( 0.9.2342.19200300.100.1.42 + NAME ( 'pager' 'pagerTelephoneNumber' ) + DESC 'RFC1274: pager telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.33. Friendly Country Name +# +# The Friendly Country Name attribute type specifies names of countries +# in human readable format. The standard attribute country name must +# be one of the two-letter codes defined in ISO 3166. +# +# friendlyCountryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# ::= {pilotAttributeType 43} +# +attributetype ( 0.9.2342.19200300.100.1.43 + NAME ( 'co' 'friendlyCountryName' ) + DESC 'RFC1274: friendly country name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 9.3.34. Unique Identifier +# +# The Unique Identifier attribute type specifies a "unique identifier" +# for an object represented in the Directory. The domain within which +# the identifier is unique, and the exact semantics of the identifier, +# are for local definition. For a person, this might be an +# institution-wide payroll number. For an organisational unit, it +# might be a department code. +# +# uniqueIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-unique-identifier)) +# ::= {pilotAttributeType 44} +# +attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' + DESC 'RFC1274: unique identifer' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.35. Organisational Status +# +# The Organisational Status attribute type specifies a category by +# which a person is often referred to in an organisation. Examples of +# usage in academia might include undergraduate student, researcher, +# lecturer, etc. +# +# A Directory administrator should probably consider carefully the +# distinctions between this and the title and userClass attributes. +# +# organizationalStatus ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-organizational-status)) +# ::= {pilotAttributeType 45} +# +attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' + DESC 'RFC1274: organizational status' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.36. Janet Mailbox +# +# The Janet Mailbox attribute type specifies an electronic mailbox +# attribute following the syntax specified in the Grey Book of the +# Coloured Book series. This attribute is intended for the convenience +# of U.K users unfamiliar with rfc822 and little-endian mail addresses. +# Entries using this attribute MUST also include an rfc822Mailbox +# attribute. +# +# janetMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-janet-mailbox)) +# ::= {pilotAttributeType 46} +# +attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' + DESC 'RFC1274: Janet mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# 9.3.37. Mail Preference Option +# +# An attribute to allow users to indicate a preference for inclusion of +# their names on mailing lists (electronic or physical). The absence +# of such an attribute should be interpreted as if the attribute was +# present with value "no-list-inclusion". This attribute should be +# interpreted by anyone using the directory to derive mailing lists, +# and its value respected. +# +# mailPreferenceOption ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX ENUMERATED { +# no-list-inclusion(0), +# any-list-inclusion(1), -- may be added to any lists +# professional-list-inclusion(2) +# -- may be added to lists +# -- which the list provider +# -- views as related to the +# -- users professional inter- +# -- ests, perhaps evaluated +# -- from the business of the +# -- organisation or keywords +# -- in the entry. +# } +# ::= {pilotAttributeType 47} +# +attributetype ( 0.9.2342.19200300.100.1.47 + NAME 'mailPreferenceOption' + DESC 'RFC1274: mail preference option' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +# 9.3.38. Building Name +# +# The Building Name attribute type specifies the name of the building +# where an organisation or organisational unit is based. +# +# buildingName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-building-name)) +# ::= {pilotAttributeType 48} +# +attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' + DESC 'RFC1274: name of building' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.39. DSA Quality +# +# The DSA Quality attribute type specifies the purported quality of a +# DSA. It allows a DSA manager to indicate the expected level of +# availability of the DSA. See [8] for details of the syntax. +# +# dSAQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 49} +# +attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' + DESC 'RFC1274: DSA Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) + +# 9.3.40. Single Level Quality +# +# The Single Level Quality attribute type specifies the purported data +# quality at the level immediately below in the DIT. See [8] for +# details of the syntax. +# +# singleLevelQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 50} +# +attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' + DESC 'RFC1274: Single Level Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.41. Subtree Minimum Quality +# +# The Subtree Minimum Quality attribute type specifies the purported +# minimum data quality for a DIT subtree. See [8] for more discussion +# and details of the syntax. +# +# subtreeMinimumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 51} +# +attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality' + DESC 'RFC1274: Subtree Mininum Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.42. Subtree Maximum Quality +# +# The Subtree Maximum Quality attribute type specifies the purported +# maximum data quality for a DIT subtree. See [8] for more discussion +# and details of the syntax. +# +# subtreeMaximumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 52} +# +attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality' + DESC 'RFC1274: Subtree Maximun Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.43. Personal Signature +# +# The Personal Signature attribute type allows for a representation of +# a person's signature. This should be encoded in G3 fax as explained +# in recommendation T.4, with an ASN.1 wrapper to make it compatible +# with an X.400 BodyPart as defined in X.420. +# +# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules +# information-objects } +# +# personalSignature ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-personal-signature)) +# ::= {pilotAttributeType 53} +# +attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' + DESC 'RFC1274: Personal Signature (G3 fax)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 ) + +# 9.3.44. DIT Redirect +# +# The DIT Redirect attribute type is used to indicate that the object +# described by one entry now has a newer entry in the DIT. The entry +# containing the redirection attribute should be expired after a +# suitable grace period. This attribute may be used when an individual +# changes his/her place of work, and thus acquires a new organisational +# DN. +# +# dITRedirect ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 54} +# +attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' + DESC 'RFC1274: DIT Redirect' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.45. Audio +# +# The Audio attribute type allows the storing of sounds in the +# Directory. The attribute uses a u-law encoded sound file as used by +# the "play" utility on a Sun 4. This is an interim format. +# +# audio ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# Audio +# (SIZE (1 .. ub-audio)) +# ::= {pilotAttributeType 55} +# +attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' + DESC 'RFC1274: audio (u-law)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) + +# 9.3.46. Publisher of Document +# +# +# The Publisher of Document attribute is the person and/or organization +# that published a document. +# +# documentPublisher ATTRIBUTE +# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax +# ::= {pilotAttributeType 56} +# +attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' + DESC 'RFC1274: publisher of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 9.4. Generally useful syntaxes +# +# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# iA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# -- Syntaxes to support the DNS attributes +# +# DNSRecordSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY +# +# +# NRSInformationSyntax ATTRIBUTE-SYNTAX +# NRSInformation +# MATCHES FOR EQUALITY +# +# +# NRSInformation ::= SET { +# [0] Context, +# [1] Address-space-id, +# routes [2] SEQUENCE OF SEQUENCE { +# Route-cost, +# Addressing-info } +# } +# +# +# 9.5. Upper bounds on length of attribute values +# +# +# ub-document-identifier INTEGER ::= 256 +# +# ub-document-location INTEGER ::= 256 +# +# ub-document-title INTEGER ::= 256 +# +# ub-document-version INTEGER ::= 256 +# +# ub-favourite-drink INTEGER ::= 256 +# +# ub-host INTEGER ::= 256 +# +# ub-information INTEGER ::= 2048 +# +# ub-unique-identifier INTEGER ::= 256 +# +# ub-personal-title INTEGER ::= 256 +# +# ub-photo INTEGER ::= 250000 +# +# ub-rfc822-mailbox INTEGER ::= 256 +# +# ub-room-number INTEGER ::= 256 +# +# ub-text-or-address INTEGER ::= 256 +# +# ub-user-class INTEGER ::= 256 +# +# ub-user-identifier INTEGER ::= 256 +# +# ub-organizational-status INTEGER ::= 256 +# +# ub-janet-mailbox INTEGER ::= 256 +# +# ub-building-name INTEGER ::= 256 +# +# ub-personal-signature ::= 50000 +# +# ub-audio INTEGER ::= 250000 +# + +# [back to 8] +# 8. Object Classes +# +# 8.1. X.500 standard object classes +# +# A number of generally useful object classes are defined in X.521, and +# these are supported. Refer to that document for descriptions of the +# suggested usage of these object classes. The ASN.1 for these object +# classes is reproduced for completeness in Appendix C. +# +# 8.2. X.400 standard object classes +# +# A number of object classes defined in X.400 are supported. Refer to +# X.402 for descriptions of the usage of these object classes. The +# ASN.1 for these object classes is reproduced for completeness in +# Appendix C. +# +# 8.3. COSINE/Internet object classes +# +# This section attempts to fuse together the object classes designed +# for use in the COSINE and Internet pilot activities. Descriptions +# are given of the suggested usage of these object classes. The ASN.1 +# for these object classes is also reproduced in Appendix C. +# +# 8.3.1. Pilot Object +# +# The PilotObject object class is used as a sub-class to allow some +# common, useful attributes to be assigned to entries of all other +# object classes. +# +# pilotObject OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# info, +# photo, +# manager, +# uniqueIdentifier, +# lastModifiedTime, +# lastModifiedBy, +# dITRedirect, +# audio} +# ::= {pilotObjectClass 3} +# +#objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' +# DESC 'RFC1274: pilot object' +# SUP top AUXILIARY +# MAY ( info $ photo $ manager $ uniqueIdentifier $ +# lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio ) +# ) + +# 8.3.2. Pilot Person +# +# The PilotPerson object class is used as a sub-class of person, to +# allow the use of a number of additional attributes to be assigned to +# entries of object class person. +# +# pilotPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# userid, +# textEncodedORAddress, +# rfc822Mailbox, +# favouriteDrink, +# roomNumber, +# userClass, +# homeTelephoneNumber, +# homePostalAddress, +# secretary, +# personalTitle, +# preferredDeliveryMethod, +# businessCategory, +# janetMailbox, +# otherMailbox, +# mobileTelephoneNumber, +# pagerTelephoneNumber, +# organizationalStatus, +# mailPreferenceOption, +# personalSignature} +# ::= {pilotObjectClass 4} +# +objectclass ( 0.9.2342.19200300.100.4.4 + NAME ( 'pilotPerson' 'newPilotPerson' ) + SUP person STRUCTURAL + MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $ + favouriteDrink $ roomNumber $ userClass $ + homeTelephoneNumber $ homePostalAddress $ secretary $ + personalTitle $ preferredDeliveryMethod $ businessCategory $ + janetMailbox $ otherMailbox $ mobileTelephoneNumber $ + pagerTelephoneNumber $ organizationalStatus $ + mailPreferenceOption $ personalSignature ) + ) + +# 8.3.3. Account +# +# The Account object class is used to define entries representing +# computer accounts. The userid attribute should be used for naming +# entries of this object class. +# +# account OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userid} +# MAY CONTAIN { +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# host} +# ::= {pilotObjectClass 5} +# +objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' + SUP top STRUCTURAL + MUST userid + MAY ( description $ seeAlso $ localityName $ + organizationName $ organizationalUnitName $ host ) + ) + +# 8.3.4. Document +# +# The Document object class is used to define entries which represent +# documents. +# +# document OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# documentIdentifier} +# MAY CONTAIN { +# commonName, +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# documentTitle, +# documentVersion, +# documentAuthor, +# documentLocation, +# documentPublisher} +# ::= {pilotObjectClass 6} +# +objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' + SUP top STRUCTURAL + MUST documentIdentifier + MAY ( commonName $ description $ seeAlso $ localityName $ + organizationName $ organizationalUnitName $ + documentTitle $ documentVersion $ documentAuthor $ + documentLocation $ documentPublisher ) + ) + +# 8.3.5. Room +# +# The Room object class is used to define entries representing rooms. +# The commonName attribute should be used for naming pentries of this +# object class. +# +# room OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# roomNumber, +# description, +# seeAlso, +# telephoneNumber} +# ::= {pilotObjectClass 7} +# +objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' + SUP top STRUCTURAL + MUST commonName + MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) + ) + +# 8.3.6. Document Series +# +# The Document Series object class is used to define an entry which +# represents a series of documents (e.g., The Request For Comments +# papers). +# +# documentSeries OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# localityName, +# organizationName, +# organizationalUnitName} +# ::= {pilotObjectClass 9} +# +objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' + SUP top STRUCTURAL + MUST commonName + MAY ( description $ seeAlso $ telephonenumber $ + localityName $ organizationName $ organizationalUnitName ) + ) + +# 8.3.7. Domain +# +# The Domain object class is used to define entries which represent DNS +# or NRS domains. The domainComponent attribute should be used for +# naming entries of this object class. The usage of this object class +# is described in more detail in [3]. +# +# domain OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# domainComponent} +# MAY CONTAIN { +# associatedName, +# organizationName, +# organizationalAttributeSet} +# ::= {pilotObjectClass 13} +# +objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' + SUP top STRUCTURAL + MUST domainComponent + MAY ( associatedName $ organizationName $ description $ + businessCategory $ seeAlso $ searchGuide $ userPassword $ + localityName $ stateOrProvinceName $ streetAddress $ + physicalDeliveryOfficeName $ postalAddress $ postalCode $ + postOfficeBox $ streetAddress $ + facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ + preferredDeliveryMethod $ destinationIndicator $ + registeredAddress $ x121Address ) + ) + +# 8.3.8. RFC822 Local Part +# +# The RFC822 Local Part object class is used to define entries which +# represent the local part of RFC822 mail addresses. This treats this +# part of an RFC822 address as a domain. The usage of this object +# class is described in more detail in [3]. +# +# rFC822localPart OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# commonName, +# surname, +# description, +# seeAlso, +# telephoneNumber, +# postalAttributeSet, +# telecommunicationAttributeSet} +# ::= {pilotObjectClass 14} +# +objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' + SUP domain STRUCTURAL + MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $ + physicalDeliveryOfficeName $ postalAddress $ postalCode $ + postOfficeBox $ streetAddress $ + facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ + telexNumber $ preferredDeliveryMethod $ destinationIndicator $ + registeredAddress $ x121Address ) + ) + +# 8.3.9. DNS Domain +# +# The DNS Domain (Domain NameServer) object class is used to define +# entries for DNS domains. The usage of this object class is described +# in more detail in [3]. +# +# dNSDomain OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# ARecord, +# MDRecord, +# MXRecord, +# NSRecord, +# SOARecord, +# CNAMERecord} +# ::= {pilotObjectClass 15} +# +objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' + SUP domain STRUCTURAL + MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ + SOARecord $ CNAMERecord ) + ) + +# 8.3.10. Domain Related Object +# +# The Domain Related Object object class is used to define entries +# which represent DNS/NRS domains which are "equivalent" to an X.500 +# domain: e.g., an organisation or organisational unit. The usage of +# this object class is described in more detail in [3]. +# +# domainRelatedObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# associatedDomain} +# ::= {pilotObjectClass 17} +# +objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' + DESC 'RFC1274: an object related to an domain' + SUP top AUXILIARY + MUST associatedDomain ) + +# 8.3.11. Friendly Country +# +# The Friendly Country object class is used to define country entries +# in the DIT. The object class is used to allow friendlier naming of +# countries than that allowed by the object class country. The naming +# attribute of object class country, countryName, has to be a 2 letter +# string defined in ISO 3166. +# +# friendlyCountry OBJECT-CLASS +# SUBCLASS OF country +# MUST CONTAIN { +# friendlyCountryName} +# ::= {pilotObjectClass 18} +# +objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' + SUP country STRUCTURAL + MUST friendlyCountryName ) + +# 8.3.12. Simple Security Object +# +# The Simple Security Object object class is used to allow an entry to +# have a userPassword attribute when an entry's principal object +# classes do not allow userPassword as an attribute type. +# +# simpleSecurityObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userPassword } +# ::= {pilotObjectClass 19} +# +## (in core.schema) +## objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' +## SUP top AUXILIARY +## MUST userPassword ) + +# 8.3.13. Pilot Organization +# +# The PilotOrganization object class is used as a sub-class of +# organization and organizationalUnit to allow a number of additional +# attributes to be assigned to entries of object classes organization +# and organizationalUnit. +# +# pilotOrganization OBJECT-CLASS +# SUBCLASS OF organization, organizationalUnit +# MAY CONTAIN { +# buildingName} +# ::= {pilotObjectClass 20} +# +objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' + SUP ( organization $ organizationalUnit ) STRUCTURAL + MAY buildingName ) + +# 8.3.14. Pilot DSA +# +# The PilotDSA object class is used as a sub-class of the dsa object +# class to allow additional attributes to be assigned to entries for +# DSAs. +# +# pilotDSA OBJECT-CLASS +# SUBCLASS OF dsa +# MUST CONTAIN { +# dSAQuality} +# ::= {pilotObjectClass 21} +# +objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' + SUP dsa STRUCTURAL + MAY dSAQuality ) + +# 8.3.15. Quality Labelled Data +# +# The Quality Labelled Data object class is used to allow the +# assignment of the data quality attributes to subtrees in the DIT. +# +# See [8] for more details. +# +# qualityLabelledData OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# dSAQuality} +# MAY CONTAIN { +# subtreeMinimumQuality, +# subtreeMaximumQuality} +# ::= {pilotObjectClass 22} +objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' + SUP top AUXILIARY + MUST dsaQuality + MAY ( subtreeMinimumQuality $ subtreeMaximumQuality ) + ) + + +# References +# +# [1] CCITT/ISO, "X.500, The Directory - overview of concepts, +# models and services, CCITT /ISO IS 9594. +# +# [2] Kille, S., "The THORN and RARE X.500 Naming Architecture, in +# University College London, Department of Computer Science +# Research Note 89/48, May 1989. +# +# [3] Kille, S., "X.500 and Domains", RFC 1279, University College +# London, November 1991. +# +# [4] Rose, M., "PSI/NYSERNet White Pages Pilot Project: Status +# Report", Technical Report 90-09-10-1, published by NYSERNet +# Inc, 1990. +# +# [5] Craigie, J., "UK Academic Community Directory Service Pilot +# Project, pp. 305-310 in Computer Networks and ISDN Systems +# 17 (1989), published by North Holland. +# +# [6] Mockapetris, P., "Domain Names - Concepts and Facilities", +# RFC 1034, USC/Information Sciences Institute, November 1987. +# +# [7] Mockapetris, P., "Domain Names - Implementation and +# Specification, RFC 1035, USC/Information Sciences Institute, +# November 1987. +# +# [8] Kille, S., "Handling QOS (Quality of service) in the +# Directory," publication in process, March 1991. +# +# +# APPENDIX C - Summary of all Object Classes and Attribute Types +# +# -- Some Important Object Identifiers +# +# data OBJECT IDENTIFIER ::= {ccitt 9} +# pss OBJECT IDENTIFIER ::= {data 2342} +# ucl OBJECT IDENTIFIER ::= {pss 19200300} +# pilot OBJECT IDENTIFIER ::= {ucl 100} +# +# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1} +# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3} +# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4} +# pilotGroups OBJECT IDENTIFIER ::= {pilot 10} +# +# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4} +# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::= +# {pilotAttributeSyntax 5} +# +# -- Standard Object Classes +# +# top OBJECT-CLASS +# MUST CONTAIN { +# objectClass} +# ::= {objectClass 0} +# +# +# alias OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# aliasedObjectName} +# ::= {objectClass 1} +# +# +# country OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# countryName} +# MAY CONTAIN { +# description, +# searchGuide} +# ::= {objectClass 2} +# +# +# locality OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# description, +# localityName, +# stateOrProvinceName, +# searchGuide, +# seeAlso, +# streetAddress} +# ::= {objectClass 3} +# +# +# organization OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# organizationName} +# MAY CONTAIN { +# organizationalAttributeSet} +# ::= {objectClass 4} +# +# +# organizationalUnit OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# organizationalUnitName} +# MAY CONTAIN { +# organizationalAttributeSet} +# ::= {objectClass 5} +# +# +# person OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# surname} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# userPassword} +# ::= {objectClass 6} +# +# +# organizationalPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# localeAttributeSet, +# organizationalUnitName, +# postalAttributeSet, +# telecommunicationAttributeSet, +# title} +# ::= {objectClass 7} +# +# +# organizationalRole OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localeAttributeSet, +# organizationalUnitName, +# postalAttributeSet, +# preferredDeliveryMethod, +# roleOccupant, +# seeAlso, +# telecommunicationAttributeSet} +# ::= {objectClass 8} +# +# +# groupOfNames OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# member} +# MAY CONTAIN { +# description, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# businessCategory} +# ::= {objectClass 9} +# +# +# residentialPerson OBJECT-CLASS +# SUBCLASS OF person +# MUST CONTAIN { +# localityName} +# MAY CONTAIN { +# localeAttributeSet, +# postalAttributeSet, +# preferredDeliveryMethod, +# telecommunicationAttributeSet, +# businessCategory} +# ::= {objectClass 10} +# +# +# applicationProcess OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localityName, +# organizationalUnitName, +# seeAlso} +# ::= {objectClass 11} +# +# +# applicationEntity OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# presentationAddress} +# MAY CONTAIN { +# description, +# localityName, +# organizationName, +# organizationalUnitName, +# seeAlso, +# supportedApplicationContext} +# ::= {objectClass 12} +# +# +# dSA OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# knowledgeInformation} +# ::= {objectClass 13} +# +# +# device OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localityName, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# serialNumber} +# ::= {objectClass 14} +# +# +# strongAuthenticationUser OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userCertificate} +# ::= {objectClass 15} +# +# +# certificationAuthority OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# cACertificate, +# certificateRevocationList, +# authorityRevocationList} +# MAY CONTAIN { +# crossCertificatePair} +# ::= {objectClass 16} +# +# -- Standard MHS Object Classes +# +# mhsDistributionList OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# mhsDLSubmitPermissions, +# mhsORAddresses} +# MAY CONTAIN { +# description, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# mhsDeliverableContentTypes, +# mhsdeliverableEits, +# mhsDLMembers, +# mhsPreferredDeliveryMethods} +# ::= {mhsObjectClass 0} +# +# +# mhsMessageStore OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# description, +# owner, +# mhsSupportedOptionalAttributes, +# mhsSupportedAutomaticActions, +# mhsSupportedContentTypes} +# ::= {mhsObjectClass 1} +# +# +# mhsMessageTransferAgent OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# description, +# owner, +# mhsDeliverableContentLength} +# ::= {mhsObjectClass 2} +# +# +# mhsOrganizationalUser OBJECT-CLASS +# SUBCLASS OF organizationalPerson +# MUST CONTAIN { +# mhsORAddresses} +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsMessageStoreName, +# mhsPreferredDeliveryMethods } +# ::= {mhsObjectClass 3} +# +# +# mhsResidentialUser OBJECT-CLASS +# SUBCLASS OF residentialPerson +# MUST CONTAIN { +# mhsORAddresses} +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsMessageStoreName, +# mhsPreferredDeliveryMethods } +# ::= {mhsObjectClass 4} +# +# +# mhsUserAgent OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsORAddresses, +# owner} +# ::= {mhsObjectClass 5} +# +# +# +# +# -- Pilot Object Classes +# +# pilotObject OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# info, +# photo, +# manager, +# uniqueIdentifier, +# lastModifiedTime, +# lastModifiedBy, +# dITRedirect, +# audio} +# ::= {pilotObjectClass 3} +# pilotPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# userid, +# textEncodedORAddress, +# rfc822Mailbox, +# favouriteDrink, +# roomNumber, +# userClass, +# homeTelephoneNumber, +# homePostalAddress, +# secretary, +# personalTitle, +# preferredDeliveryMethod, +# businessCategory, +# janetMailbox, +# otherMailbox, +# mobileTelephoneNumber, +# pagerTelephoneNumber, +# organizationalStatus, +# mailPreferenceOption, +# personalSignature} +# ::= {pilotObjectClass 4} +# +# +# account OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userid} +# MAY CONTAIN { +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# host} +# ::= {pilotObjectClass 5} +# +# +# document OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# documentIdentifier} +# MAY CONTAIN { +# commonName, +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# documentTitle, +# documentVersion, +# documentAuthor, +# documentLocation, +# documentPublisher} +# ::= {pilotObjectClass 6} +# +# +# room OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# roomNumber, +# description, +# seeAlso, +# telephoneNumber} +# ::= {pilotObjectClass 7} +# +# +# documentSeries OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# localityName, +# organizationName, +# organizationalUnitName} +# ::= {pilotObjectClass 9} +# +# +# domain OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# domainComponent} +# MAY CONTAIN { +# associatedName, +# organizationName, +# organizationalAttributeSet} +# ::= {pilotObjectClass 13} +# +# +# rFC822localPart OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# commonName, +# surname, +# description, +# seeAlso, +# telephoneNumber, +# postalAttributeSet, +# telecommunicationAttributeSet} +# ::= {pilotObjectClass 14} +# +# +# dNSDomain OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# ARecord, +# MDRecord, +# MXRecord, +# NSRecord, +# SOARecord, +# CNAMERecord} +# ::= {pilotObjectClass 15} +# +# +# domainRelatedObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# associatedDomain} +# ::= {pilotObjectClass 17} +# +# +# friendlyCountry OBJECT-CLASS +# SUBCLASS OF country +# MUST CONTAIN { +# friendlyCountryName} +# ::= {pilotObjectClass 18} +# +# +# simpleSecurityObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userPassword } +# ::= {pilotObjectClass 19} +# +# +# pilotOrganization OBJECT-CLASS +# SUBCLASS OF organization, organizationalUnit +# MAY CONTAIN { +# buildingName} +# ::= {pilotObjectClass 20} +# +# +# pilotDSA OBJECT-CLASS +# SUBCLASS OF dsa +# MUST CONTAIN { +# dSAQuality} +# ::= {pilotObjectClass 21} +# +# +# qualityLabelledData OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# dSAQuality} +# MAY CONTAIN { +# subtreeMinimumQuality, +# subtreeMaximumQuality} +# ::= {pilotObjectClass 22} +# +# +# +# +# -- Standard Attribute Types +# +# objectClass ObjectClass +# ::= {attributeType 0} +# +# +# aliasedObjectName AliasedObjectName +# ::= {attributeType 1} +# +# +# knowledgeInformation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreString +# ::= {attributeType 2} +# +# +# commonName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-common-name)) +# ::= {attributeType 3} +# +# +# surname ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-surname)) +# ::= {attributeType 4} +# +# +# serialNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX printableStringSyntax +# (SIZE (1..ub-serial-number)) +# ::= {attributeType 5} +# +# +# countryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PrintableString +# (SIZE (1..ub-country-code)) +# SINGLE VALUE +# ::= {attributeType 6} +# +# +# localityName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-locality-name)) +# ::= {attributeType 7} +# +# +# stateOrProvinceName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-state-name)) +# ::= {attributeType 8} +# +# +# streetAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-street-address)) +# ::= {attributeType 9} +# +# +# organizationName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-organization-name)) +# ::= {attributeType 10} +# +# +# organizationalUnitName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-organizational-unit-name)) +# ::= {attributeType 11} +# +# +# title ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-title)) +# ::= {attributeType 12} +# +# +# description ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-description)) +# ::= {attributeType 13} +# +# +# searchGuide ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX Guide +# ::= {attributeType 14} +# +# +# businessCategory ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-business-category)) +# ::= {attributeType 15} +# +# +# postalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PostalAddress +# MATCHES FOR EQUALITY +# ::= {attributeType 16} +# +# +# postalCode ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-postal-code)) +# ::= {attributeType 17} +# +# +# postOfficeBox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-post-office-box)) +# ::= {attributeType 18} +# +# +# physicalDeliveryOfficeName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-physical-office-name)) +# ::= {attributeType 19} +# +# +# telephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX telephoneNumberSyntax +# (SIZE (1..ub-telephone-number)) +# ::= {attributeType 20} +# +# +# telexNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX TelexNumber +# (SIZE (1..ub-telex)) +# ::= {attributeType 21} +# +# +# teletexTerminalIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX TeletexTerminalIdentifier +# (SIZE (1..ub-teletex-terminal-id)) +# ::= {attributeType 22} +# +# +# facsimileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX FacsimileTelephoneNumber +# ::= {attributeType 23} +# +# +# x121Address ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX NumericString +# (SIZE (1..ub-x121-address)) +# ::= {attributeType 24} +# +# +# internationaliSDNNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX NumericString +# (SIZE (1..ub-isdn-address)) +# ::= {attributeType 25} +# +# +# registeredAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PostalAddress +# ::= {attributeType 26} +# +# +# destinationIndicator ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PrintableString +# (SIZE (1..ub-destination-indicator)) +# MATCHES FOR EQUALITY SUBSTRINGS +# ::= {attributeType 27} +# +# +# preferredDeliveryMethod ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX deliveryMethod +# ::= {attributeType 28} +# +# +# presentationAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PresentationAddress +# MATCHES FOR EQUALITY +# ::= {attributeType 29} +# +# +# supportedApplicationContext ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX objectIdentifierSyntax +# ::= {attributeType 30} +# +# +# member ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 31} +# +# +# owner ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 32} +# +# +# roleOccupant ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 33} +# +# +# seeAlso ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 34} +# +# +# userPassword ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX Userpassword +# ::= {attributeType 35} +# +# +# userCertificate ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX UserCertificate +# ::= {attributeType 36} +# +# +# cACertificate ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX cACertificate +# ::= {attributeType 37} +# +# +# authorityRevocationList ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX AuthorityRevocationList +# ::= {attributeType 38} +# +# +# certificateRevocationList ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX CertificateRevocationList +# ::= {attributeType 39} +# +# +# crossCertificatePair ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX CrossCertificatePair +# ::= {attributeType 40} +# +# +# +# +# -- Standard MHS Attribute Types +# +# mhsDeliverableContentLength ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX integer +# ::= {mhsAttributeType 0} +# +# +# mhsDeliverableContentTypes ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 1} +# +# +# mhsDeliverableEits ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 2} +# +# +# mhsDLMembers ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oRName +# ::= {mhsAttributeType 3} +# +# +# mhsDLSubmitPermissions ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX dLSubmitPermission +# ::= {mhsAttributeType 4} +# +# +# mhsMessageStoreName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX dN +# ::= {mhsAttributeType 5} +# +# +# mhsORAddresses ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oRAddress +# ::= {mhsAttributeType 6} +# +# +# mhsPreferredDeliveryMethods ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX deliveryMethod +# ::= {mhsAttributeType 7} +# +# +# mhsSupportedAutomaticActions ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 8} +# +# +# mhsSupportedContentTypes ATTRIBUTE +# +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 9} +# +# +# mhsSupportedOptionalAttributes ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 10} +# +# +# +# +# -- Pilot Attribute Types +# +# userid ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-identifier)) +# ::= {pilotAttributeType 1} +# +# +# textEncodedORAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-text-encoded-or-address)) +# ::= {pilotAttributeType 2} +# +# +# rfc822Mailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-rfc822-mailbox)) +# ::= {pilotAttributeType 3} +# +# +# info ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-information)) +# ::= {pilotAttributeType 4} +# +# +# favouriteDrink ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-favourite-drink)) +# ::= {pilotAttributeType 5} +# +# +# roomNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-room-number)) +# ::= {pilotAttributeType 6} +# +# +# photo ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-photo)) +# ::= {pilotAttributeType 7} +# +# +# userClass ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-class)) +# ::= {pilotAttributeType 8} +# +# +# host ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-host)) +# ::= {pilotAttributeType 9} +# +# +# manager ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 10} +# +# +# documentIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-identifier)) +# ::= {pilotAttributeType 11} +# +# +# documentTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-title)) +# ::= {pilotAttributeType 12} +# +# +# documentVersion ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-version)) +# ::= {pilotAttributeType 13} +# +# +# documentAuthor ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 14} +# +# +# documentLocation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-location)) +# ::= {pilotAttributeType 15} +# +# +# homeTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 20} +# +# +# secretary ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 21} +# +# +# otherMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# SEQUENCE { +# mailboxType PrintableString, -- e.g. Telemail +# mailbox IA5String -- e.g. X378:Joe +# } +# ::= {pilotAttributeType 22} +# +# +# lastModifiedTime ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# uTCTimeSyntax +# ::= {pilotAttributeType 23} +# +# +# lastModifiedBy ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 24} +# +# +# domainComponent ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# SINGLE VALUE +# ::= {pilotAttributeType 25} +# +# +# aRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 26} +# +# +# mXRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 28} +# +# +# nSRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 29} +# +# sOARecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 30} +# +# +# cNAMERecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# iA5StringSyntax +# ::= {pilotAttributeType 31} +# +# +# associatedDomain ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# ::= {pilotAttributeType 37} +# +# +# associatedName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 38} +# +# +# homePostalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# postalAddress +# MATCHES FOR EQUALITY +# ::= {pilotAttributeType 39} +# +# +# personalTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-personal-title)) +# ::= {pilotAttributeType 40} +# +# +# mobileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 41} +# +# +# pagerTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 42} +# +# +# friendlyCountryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# ::= {pilotAttributeType 43} +# +# +# uniqueIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-unique-identifier)) +# ::= {pilotAttributeType 44} +# +# +# organizationalStatus ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-organizational-status)) +# ::= {pilotAttributeType 45} +# +# +# janetMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-janet-mailbox)) +# ::= {pilotAttributeType 46} +# +# +# mailPreferenceOption ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX ENUMERATED { +# no-list-inclusion(0), +# any-list-inclusion(1), -- may be added to any lists +# professional-list-inclusion(2) +# -- may be added to lists +# -- which the list provider +# -- views as related to the +# -- users professional inter- +# -- ests, perhaps evaluated +# -- from the business of the +# -- organisation or keywords +# -- in the entry. +# } +# ::= {pilotAttributeType 47} +# +# +# buildingName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-building-name)) +# ::= {pilotAttributeType 48} +# +# +# dSAQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 49} +# +# +# singleLevelQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# +# +# subtreeMinimumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 51} +# +# +# subtreeMaximumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 52} +# +# +# personalSignature ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-personal-signature)) +# ::= {pilotAttributeType 53} +# +# +# dITRedirect ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 54} +# +# +# audio ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# Audio +# (SIZE (1 .. ub-audio)) +# ::= {pilotAttributeType 55} +# +# documentPublisher ATTRIBUTE +# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax +# ::= {pilotAttributeType 56} +# +# +# +# -- Generally useful syntaxes +# +# +# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# iA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# -- Syntaxes to support the DNS attributes +# +# DNSRecordSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY +# +# +# NRSInformationSyntax ATTRIBUTE-SYNTAX +# NRSInformation +# MATCHES FOR EQUALITY +# +# +# NRSInformation ::= SET { +# [0] Context, +# [1] Address-space-id, +# routes [2] SEQUENCE OF SEQUENCE { +# Route-cost, +# Addressing-info } +# } +# +# +# -- Upper bounds on length of attribute values +# +# +# ub-document-identifier INTEGER ::= 256 +# +# ub-document-location INTEGER ::= 256 +# +# ub-document-title INTEGER ::= 256 +# +# ub-document-version INTEGER ::= 256 +# +# ub-favourite-drink INTEGER ::= 256 +# +# ub-host INTEGER ::= 256 +# +# ub-information INTEGER ::= 2048 +# +# ub-unique-identifier INTEGER ::= 256 +# +# ub-personal-title INTEGER ::= 256 +# +# ub-photo INTEGER ::= 250000 +# +# ub-rfc822-mailbox INTEGER ::= 256 +# +# ub-room-number INTEGER ::= 256 +# +# ub-text-or-address INTEGER ::= 256 +# +# ub-user-class INTEGER ::= 256 +# +# ub-user-identifier INTEGER ::= 256 +# +# ub-organizational-status INTEGER ::= 256 +# +# ub-janet-mailbox INTEGER ::= 256 +# +# ub-building-name INTEGER ::= 256 +# +# ub-personal-signature ::= 50000 +# +# ub-audio INTEGER ::= 250000 +# +# [remainder of memo trimmed] + diff --git a/openldap/schema/cosine.schema.default b/openldap/schema/cosine.schema.default new file mode 100644 index 0000000..f226bea --- /dev/null +++ b/openldap/schema/cosine.schema.default @@ -0,0 +1,2571 @@ +# RFC1274: Cosine and Internet X.500 schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# RFC1274: Cosine and Internet X.500 schema +# +# This file contains LDAPv3 schema derived from X.500 COSINE "pilot" +# schema. As this schema was defined for X.500(89), some +# oddities were introduced in the mapping to LDAPv3. The +# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt +# (a work in progress) +# +# Note: It seems that the pilot schema evolved beyond what was +# described in RFC1274. However, this document attempts to describes +# RFC1274 as published. +# +# Depends on core.schema + + +# Network Working Group P. Barker +# Request for Comments: 1274 S. Kille +# University College London +# November 1991 +# +# The COSINE and Internet X.500 Schema +# +# [trimmed] +# +# Abstract +# +# This document suggests an X.500 Directory Schema, or Naming +# Architecture, for use in the COSINE and Internet X.500 pilots. The +# schema is independent of any specific implementation. As well as +# indicating support for the standard object classes and attributes, a +# large number of generally useful object classes and attributes are +# also defined. An appendix to this document includes a machine +# processable version of the schema. +# +# [trimmed] + +# 7. Object Identifiers +# +# Some additional object identifiers are defined for this schema. +# These are also reproduced in Appendix C. +# +# data OBJECT IDENTIFIER ::= {ccitt 9} +# pss OBJECT IDENTIFIER ::= {data 2342} +# ucl OBJECT IDENTIFIER ::= {pss 19200300} +# pilot OBJECT IDENTIFIER ::= {ucl 100} +# +# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1} +# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3} +# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4} +# pilotGroups OBJECT IDENTIFIER ::= {pilot 10} +# +# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4} +# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::= +# {pilotAttributeSyntax 5} +# +# 8. Object Classes +# [relocated after 9] + +# +# 9. Attribute Types +# +# 9.1. X.500 standard attribute types +# +# A number of generally useful attribute types are defined in X.520, +# and these are supported. Refer to that document for descriptions of +# the suggested usage of these attribute types. The ASN.1 for these +# attribute types is reproduced for completeness in Appendix C. +# +# 9.2. X.400 standard attribute types +# +# The standard X.400 attribute types are supported. See X.402 for full +# details. The ASN.1 for these attribute types is reproduced in +# Appendix C. +# +# 9.3. COSINE/Internet attribute types +# +# This section describes all the attribute types defined for use in the +# COSINE and Internet pilots. Descriptions are given as to the +# suggested usage of these attribute types. The ASN.1 for these +# attribute types is reproduced in Appendix C. +# +# 9.3.1. Userid +# +# The Userid attribute type specifies a computer system login name. +# +# userid ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-identifier)) +# ::= {pilotAttributeType 1} +# +#(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) +## EQUALITY caseIgnoreMatch +## SUBSTR caseIgnoreSubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.2. Text Encoded O/R Address +# +# The Text Encoded O/R Address attribute type specifies a text encoding +# of an X.400 O/R address, as specified in RFC 987. The use of this +# attribute is deprecated as the attribute is intended for interim use +# only. This attribute will be the first candidate for the attribute +# expiry mechanisms! +# +# textEncodedORAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-text-encoded-or-address)) +# ::= {pilotAttributeType 2} +# +attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.3. RFC 822 Mailbox +# +# The RFC822 Mailbox attribute type specifies an electronic mailbox +# attribute following the syntax specified in RFC 822. Note that this +# attribute should not be used for greybook or other non-Internet order +# mailboxes. +# +# rfc822Mailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-rfc822-mailbox)) +# ::= {pilotAttributeType 3} +# +#(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) +## EQUALITY caseIgnoreIA5Match +## SUBSTR caseIgnoreIA5SubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# 9.3.4. Information +# +# The Information attribute type specifies any general information +# pertinent to an object. It is recommended that specific usage of +# this attribute type is avoided, and that specific requirements are +# met by other (possibly additional) attribute types. +# +# info ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-information)) +# ::= {pilotAttributeType 4} +# +attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' + DESC 'RFC1274: general information' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) + + +# 9.3.5. Favourite Drink +# +# The Favourite Drink attribute type specifies the favourite drink of +# an object (or person). +# +# favouriteDrink ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-favourite-drink)) +# ::= {pilotAttributeType 5} +# +attributetype ( 0.9.2342.19200300.100.1.5 + NAME ( 'drink' 'favouriteDrink' ) + DESC 'RFC1274: favorite drink' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.6. Room Number +# +# The Room Number attribute type specifies the room number of an +# object. Note that the commonName attribute should be used for naming +# room objects. +# +# roomNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-room-number)) +# ::= {pilotAttributeType 6} +# +attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' + DESC 'RFC1274: room number' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.7. Photo +# +# The Photo attribute type specifies a "photograph" for an object. +# This should be encoded in G3 fax as explained in recommendation T.4, +# with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as +# defined in X.420. +# +# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules +# information-objects } +# +# photo ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-photo)) +# ::= {pilotAttributeType 7} +# +attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' + DESC 'RFC1274: photo (G3 fax)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) + +# 9.3.8. User Class +# +# The User Class attribute type specifies a category of computer user. +# The semantics placed on this attribute are for local interpretation. +# Examples of current usage od this attribute in academia are +# undergraduate student, researcher, lecturer, etc. Note that the +# organizationalStatus attribute may now often be preferred as it makes +# no distinction between computer users and others. +# +# userClass ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-class)) +# ::= {pilotAttributeType 8} +# +attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' + DESC 'RFC1274: category of user' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.9. Host +# +# The Host attribute type specifies a host computer. +# +# host ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-host)) +# ::= {pilotAttributeType 9} +# +attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' + DESC 'RFC1274: host computer' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.10. Manager +# +# The Manager attribute type specifies the manager of an object +# represented by an entry. +# +# manager ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 10} +# +attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' + DESC 'RFC1274: DN of manager' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.11. Document Identifier +# +# The Document Identifier attribute type specifies a unique identifier +# for a document. +# +# documentIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-identifier)) +# ::= {pilotAttributeType 11} +# +attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' + DESC 'RFC1274: unique identifier of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.12. Document Title +# +# The Document Title attribute type specifies the title of a document. +# +# documentTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-title)) +# ::= {pilotAttributeType 12} +# +attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' + DESC 'RFC1274: title of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.13. Document Version +# +# The Document Version attribute type specifies the version number of a +# document. +# +# documentVersion ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-version)) +# ::= {pilotAttributeType 13} +# +attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' + DESC 'RFC1274: version of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.14. Document Author +# +# The Document Author attribute type specifies the distinguished name +# of the author of a document. +# +# documentAuthor ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 14} +# +attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' + DESC 'RFC1274: DN of author of document' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.15. Document Location +# +# The Document Location attribute type specifies the location of the +# document original. +# +# documentLocation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-location)) +# ::= {pilotAttributeType 15} +# +attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' + DESC 'RFC1274: location of document original' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.16. Home Telephone Number +# +# The Home Telephone Number attribute type specifies a home telephone +# number associated with a person. Attribute values should follow the +# agreed format for international telephone numbers: i.e., "+44 71 123 +# 4567". +# +# homeTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 20} +# +attributetype ( 0.9.2342.19200300.100.1.20 + NAME ( 'homePhone' 'homeTelephoneNumber' ) + DESC 'RFC1274: home telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.17. Secretary +# +# The Secretary attribute type specifies the secretary of a person. +# The attribute value for Secretary is a distinguished name. +# +# secretary ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 21} +# +attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' + DESC 'RFC1274: DN of secretary' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.18. Other Mailbox +# +# The Other Mailbox attribute type specifies values for electronic +# mailbox types other than X.400 and rfc822. +# +# otherMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# SEQUENCE { +# mailboxType PrintableString, -- e.g. Telemail +# mailbox IA5String -- e.g. X378:Joe +# } +# ::= {pilotAttributeType 22} +# +attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ) + +# 9.3.19. Last Modified Time +# +# The Last Modified Time attribute type specifies the last time, in UTC +# time, that an entry was modified. Ideally, this attribute should be +# maintained by the DSA. +# +# lastModifiedTime ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# uTCTimeSyntax +# ::= {pilotAttributeType 23} +# +## Deprecated in favor of modifyTimeStamp +#attributetype ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime' +# DESC 'RFC1274: time of last modify, replaced by modifyTimestamp' +# OBSOLETE +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 +# USAGE directoryOperation ) + +# 9.3.20. Last Modified By +# +# The Last Modified By attribute specifies the distinguished name of +# the last user to modify the associated entry. Ideally, this +# attribute should be maintained by the DSA. +# +# lastModifiedBy ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 24} +# +## Deprecated in favor of modifiersName +#attributetype ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy' +# DESC 'RFC1274: last modifier, replaced by modifiersName' +# OBSOLETE +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 +# USAGE directoryOperation ) + +# 9.3.21. Domain Component +# +# The Domain Component attribute type specifies a DNS/NRS domain. For +# example, "uk" or "ac". +# +# domainComponent ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# SINGLE VALUE +# ::= {pilotAttributeType 25} +# +##(in core.schema) +##attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) +## EQUALITY caseIgnoreIA5Match +## SUBSTR caseIgnoreIA5SubstringsMatch +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# 9.3.22. DNS ARecord +# +# The A Record attribute type specifies a type A (Address) DNS resource +# record [6] [7]. +# +# aRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 26} +# +## incorrect syntax? +attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +## missing from RFC1274 +## incorrect syntax? +attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.23. MX Record +# +# The MX Record attribute type specifies a type MX (Mail Exchange) DNS +# resource record [6] [7]. +# +# mXRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 28} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.24. NS Record +# +# The NS Record attribute type specifies an NS (Name Server) DNS +# resource record [6] [7]. +# +# nSRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 29} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.25. SOA Record +# +# The SOA Record attribute type specifies a type SOA (Start of +# Authority) DNS resorce record [6] [7]. +# +# sOARecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 30} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.26. CNAME Record +# +# The CNAME Record attribute type specifies a type CNAME (Canonical +# Name) DNS resource record [6] [7]. +# +# cNAMERecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# iA5StringSyntax +# ::= {pilotAttributeType 31} +# +## incorrect syntax!! +attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.27. Associated Domain +# +# The Associated Domain attribute type specifies a DNS or NRS domain +# which is associated with an object in the DIT. For example, the entry +# in the DIT with a distinguished name "C=GB, O=University College +# London" would have an associated domain of "UCL.AC.UK. Note that all +# domains should be represented in rfc822 order. See [3] for more +# details of usage of this attribute. +# +# associatedDomain ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# ::= {pilotAttributeType 37} +# +#attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' +# EQUALITY caseIgnoreIA5Match +# SUBSTR caseIgnoreIA5SubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 9.3.28. Associated Name +# +# The Associated Name attribute type specifies an entry in the +# organisational DIT associated with a DNS/NRS domain. See [3] for +# more details of usage of this attribute. +# +# associatedName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 38} +# +attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' + DESC 'RFC1274: DN of entry associated with domain' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.29. Home postal address +# +# The Home postal address attribute type specifies a home postal +# address for an object. This should be limited to up to 6 lines of 30 +# characters each. +# +# homePostalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# postalAddress +# MATCHES FOR EQUALITY +# ::= {pilotAttributeType 39} +# +attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' + DESC 'RFC1274: home postal address' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +# 9.3.30. Personal Title +# +# The Personal Title attribute type specifies a personal title for a +# person. Examples of personal titles are "Ms", "Dr", "Prof" and "Rev". +# +# personalTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-personal-title)) +# ::= {pilotAttributeType 40} +# +attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' + DESC 'RFC1274: personal title' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.31. Mobile Telephone Number +# +# The Mobile Telephone Number attribute type specifies a mobile +# telephone number associated with a person. Attribute values should +# follow the agreed format for international telephone numbers: i.e., +# "+44 71 123 4567". +# +# mobileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 41} +# +attributetype ( 0.9.2342.19200300.100.1.41 + NAME ( 'mobile' 'mobileTelephoneNumber' ) + DESC 'RFC1274: mobile telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.32. Pager Telephone Number +# +# The Pager Telephone Number attribute type specifies a pager telephone +# number for an object. Attribute values should follow the agreed +# format for international telephone numbers: i.e., "+44 71 123 4567". +# +# pagerTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 42} +# +attributetype ( 0.9.2342.19200300.100.1.42 + NAME ( 'pager' 'pagerTelephoneNumber' ) + DESC 'RFC1274: pager telephone number' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 9.3.33. Friendly Country Name +# +# The Friendly Country Name attribute type specifies names of countries +# in human readable format. The standard attribute country name must +# be one of the two-letter codes defined in ISO 3166. +# +# friendlyCountryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# ::= {pilotAttributeType 43} +# +attributetype ( 0.9.2342.19200300.100.1.43 + NAME ( 'co' 'friendlyCountryName' ) + DESC 'RFC1274: friendly country name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 9.3.34. Unique Identifier +# +# The Unique Identifier attribute type specifies a "unique identifier" +# for an object represented in the Directory. The domain within which +# the identifier is unique, and the exact semantics of the identifier, +# are for local definition. For a person, this might be an +# institution-wide payroll number. For an organisational unit, it +# might be a department code. +# +# uniqueIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-unique-identifier)) +# ::= {pilotAttributeType 44} +# +attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' + DESC 'RFC1274: unique identifer' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.35. Organisational Status +# +# The Organisational Status attribute type specifies a category by +# which a person is often referred to in an organisation. Examples of +# usage in academia might include undergraduate student, researcher, +# lecturer, etc. +# +# A Directory administrator should probably consider carefully the +# distinctions between this and the title and userClass attributes. +# +# organizationalStatus ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-organizational-status)) +# ::= {pilotAttributeType 45} +# +attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' + DESC 'RFC1274: organizational status' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.36. Janet Mailbox +# +# The Janet Mailbox attribute type specifies an electronic mailbox +# attribute following the syntax specified in the Grey Book of the +# Coloured Book series. This attribute is intended for the convenience +# of U.K users unfamiliar with rfc822 and little-endian mail addresses. +# Entries using this attribute MUST also include an rfc822Mailbox +# attribute. +# +# janetMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-janet-mailbox)) +# ::= {pilotAttributeType 46} +# +attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' + DESC 'RFC1274: Janet mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# 9.3.37. Mail Preference Option +# +# An attribute to allow users to indicate a preference for inclusion of +# their names on mailing lists (electronic or physical). The absence +# of such an attribute should be interpreted as if the attribute was +# present with value "no-list-inclusion". This attribute should be +# interpreted by anyone using the directory to derive mailing lists, +# and its value respected. +# +# mailPreferenceOption ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX ENUMERATED { +# no-list-inclusion(0), +# any-list-inclusion(1), -- may be added to any lists +# professional-list-inclusion(2) +# -- may be added to lists +# -- which the list provider +# -- views as related to the +# -- users professional inter- +# -- ests, perhaps evaluated +# -- from the business of the +# -- organisation or keywords +# -- in the entry. +# } +# ::= {pilotAttributeType 47} +# +attributetype ( 0.9.2342.19200300.100.1.47 + NAME 'mailPreferenceOption' + DESC 'RFC1274: mail preference option' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +# 9.3.38. Building Name +# +# The Building Name attribute type specifies the name of the building +# where an organisation or organisational unit is based. +# +# buildingName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-building-name)) +# ::= {pilotAttributeType 48} +# +attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' + DESC 'RFC1274: name of building' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# 9.3.39. DSA Quality +# +# The DSA Quality attribute type specifies the purported quality of a +# DSA. It allows a DSA manager to indicate the expected level of +# availability of the DSA. See [8] for details of the syntax. +# +# dSAQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 49} +# +attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' + DESC 'RFC1274: DSA Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) + +# 9.3.40. Single Level Quality +# +# The Single Level Quality attribute type specifies the purported data +# quality at the level immediately below in the DIT. See [8] for +# details of the syntax. +# +# singleLevelQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 50} +# +attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' + DESC 'RFC1274: Single Level Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.41. Subtree Minimum Quality +# +# The Subtree Minimum Quality attribute type specifies the purported +# minimum data quality for a DIT subtree. See [8] for more discussion +# and details of the syntax. +# +# subtreeMinimumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 51} +# +attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality' + DESC 'RFC1274: Subtree Mininum Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.42. Subtree Maximum Quality +# +# The Subtree Maximum Quality attribute type specifies the purported +# maximum data quality for a DIT subtree. See [8] for more discussion +# and details of the syntax. +# +# subtreeMaximumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 52} +# +attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality' + DESC 'RFC1274: Subtree Maximun Quality' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) + +# 9.3.43. Personal Signature +# +# The Personal Signature attribute type allows for a representation of +# a person's signature. This should be encoded in G3 fax as explained +# in recommendation T.4, with an ASN.1 wrapper to make it compatible +# with an X.400 BodyPart as defined in X.420. +# +# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules +# information-objects } +# +# personalSignature ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-personal-signature)) +# ::= {pilotAttributeType 53} +# +attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' + DESC 'RFC1274: Personal Signature (G3 fax)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 ) + +# 9.3.44. DIT Redirect +# +# The DIT Redirect attribute type is used to indicate that the object +# described by one entry now has a newer entry in the DIT. The entry +# containing the redirection attribute should be expired after a +# suitable grace period. This attribute may be used when an individual +# changes his/her place of work, and thus acquires a new organisational +# DN. +# +# dITRedirect ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 54} +# +attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' + DESC 'RFC1274: DIT Redirect' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +# 9.3.45. Audio +# +# The Audio attribute type allows the storing of sounds in the +# Directory. The attribute uses a u-law encoded sound file as used by +# the "play" utility on a Sun 4. This is an interim format. +# +# audio ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# Audio +# (SIZE (1 .. ub-audio)) +# ::= {pilotAttributeType 55} +# +attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' + DESC 'RFC1274: audio (u-law)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) + +# 9.3.46. Publisher of Document +# +# +# The Publisher of Document attribute is the person and/or organization +# that published a document. +# +# documentPublisher ATTRIBUTE +# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax +# ::= {pilotAttributeType 56} +# +attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' + DESC 'RFC1274: publisher of document' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 9.4. Generally useful syntaxes +# +# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# iA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# -- Syntaxes to support the DNS attributes +# +# DNSRecordSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY +# +# +# NRSInformationSyntax ATTRIBUTE-SYNTAX +# NRSInformation +# MATCHES FOR EQUALITY +# +# +# NRSInformation ::= SET { +# [0] Context, +# [1] Address-space-id, +# routes [2] SEQUENCE OF SEQUENCE { +# Route-cost, +# Addressing-info } +# } +# +# +# 9.5. Upper bounds on length of attribute values +# +# +# ub-document-identifier INTEGER ::= 256 +# +# ub-document-location INTEGER ::= 256 +# +# ub-document-title INTEGER ::= 256 +# +# ub-document-version INTEGER ::= 256 +# +# ub-favourite-drink INTEGER ::= 256 +# +# ub-host INTEGER ::= 256 +# +# ub-information INTEGER ::= 2048 +# +# ub-unique-identifier INTEGER ::= 256 +# +# ub-personal-title INTEGER ::= 256 +# +# ub-photo INTEGER ::= 250000 +# +# ub-rfc822-mailbox INTEGER ::= 256 +# +# ub-room-number INTEGER ::= 256 +# +# ub-text-or-address INTEGER ::= 256 +# +# ub-user-class INTEGER ::= 256 +# +# ub-user-identifier INTEGER ::= 256 +# +# ub-organizational-status INTEGER ::= 256 +# +# ub-janet-mailbox INTEGER ::= 256 +# +# ub-building-name INTEGER ::= 256 +# +# ub-personal-signature ::= 50000 +# +# ub-audio INTEGER ::= 250000 +# + +# [back to 8] +# 8. Object Classes +# +# 8.1. X.500 standard object classes +# +# A number of generally useful object classes are defined in X.521, and +# these are supported. Refer to that document for descriptions of the +# suggested usage of these object classes. The ASN.1 for these object +# classes is reproduced for completeness in Appendix C. +# +# 8.2. X.400 standard object classes +# +# A number of object classes defined in X.400 are supported. Refer to +# X.402 for descriptions of the usage of these object classes. The +# ASN.1 for these object classes is reproduced for completeness in +# Appendix C. +# +# 8.3. COSINE/Internet object classes +# +# This section attempts to fuse together the object classes designed +# for use in the COSINE and Internet pilot activities. Descriptions +# are given of the suggested usage of these object classes. The ASN.1 +# for these object classes is also reproduced in Appendix C. +# +# 8.3.1. Pilot Object +# +# The PilotObject object class is used as a sub-class to allow some +# common, useful attributes to be assigned to entries of all other +# object classes. +# +# pilotObject OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# info, +# photo, +# manager, +# uniqueIdentifier, +# lastModifiedTime, +# lastModifiedBy, +# dITRedirect, +# audio} +# ::= {pilotObjectClass 3} +# +#objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' +# DESC 'RFC1274: pilot object' +# SUP top AUXILIARY +# MAY ( info $ photo $ manager $ uniqueIdentifier $ +# lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio ) +# ) + +# 8.3.2. Pilot Person +# +# The PilotPerson object class is used as a sub-class of person, to +# allow the use of a number of additional attributes to be assigned to +# entries of object class person. +# +# pilotPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# userid, +# textEncodedORAddress, +# rfc822Mailbox, +# favouriteDrink, +# roomNumber, +# userClass, +# homeTelephoneNumber, +# homePostalAddress, +# secretary, +# personalTitle, +# preferredDeliveryMethod, +# businessCategory, +# janetMailbox, +# otherMailbox, +# mobileTelephoneNumber, +# pagerTelephoneNumber, +# organizationalStatus, +# mailPreferenceOption, +# personalSignature} +# ::= {pilotObjectClass 4} +# +objectclass ( 0.9.2342.19200300.100.4.4 + NAME ( 'pilotPerson' 'newPilotPerson' ) + SUP person STRUCTURAL + MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $ + favouriteDrink $ roomNumber $ userClass $ + homeTelephoneNumber $ homePostalAddress $ secretary $ + personalTitle $ preferredDeliveryMethod $ businessCategory $ + janetMailbox $ otherMailbox $ mobileTelephoneNumber $ + pagerTelephoneNumber $ organizationalStatus $ + mailPreferenceOption $ personalSignature ) + ) + +# 8.3.3. Account +# +# The Account object class is used to define entries representing +# computer accounts. The userid attribute should be used for naming +# entries of this object class. +# +# account OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userid} +# MAY CONTAIN { +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# host} +# ::= {pilotObjectClass 5} +# +objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' + SUP top STRUCTURAL + MUST userid + MAY ( description $ seeAlso $ localityName $ + organizationName $ organizationalUnitName $ host ) + ) + +# 8.3.4. Document +# +# The Document object class is used to define entries which represent +# documents. +# +# document OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# documentIdentifier} +# MAY CONTAIN { +# commonName, +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# documentTitle, +# documentVersion, +# documentAuthor, +# documentLocation, +# documentPublisher} +# ::= {pilotObjectClass 6} +# +objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' + SUP top STRUCTURAL + MUST documentIdentifier + MAY ( commonName $ description $ seeAlso $ localityName $ + organizationName $ organizationalUnitName $ + documentTitle $ documentVersion $ documentAuthor $ + documentLocation $ documentPublisher ) + ) + +# 8.3.5. Room +# +# The Room object class is used to define entries representing rooms. +# The commonName attribute should be used for naming pentries of this +# object class. +# +# room OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# roomNumber, +# description, +# seeAlso, +# telephoneNumber} +# ::= {pilotObjectClass 7} +# +objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' + SUP top STRUCTURAL + MUST commonName + MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) + ) + +# 8.3.6. Document Series +# +# The Document Series object class is used to define an entry which +# represents a series of documents (e.g., The Request For Comments +# papers). +# +# documentSeries OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# localityName, +# organizationName, +# organizationalUnitName} +# ::= {pilotObjectClass 9} +# +objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' + SUP top STRUCTURAL + MUST commonName + MAY ( description $ seeAlso $ telephonenumber $ + localityName $ organizationName $ organizationalUnitName ) + ) + +# 8.3.7. Domain +# +# The Domain object class is used to define entries which represent DNS +# or NRS domains. The domainComponent attribute should be used for +# naming entries of this object class. The usage of this object class +# is described in more detail in [3]. +# +# domain OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# domainComponent} +# MAY CONTAIN { +# associatedName, +# organizationName, +# organizationalAttributeSet} +# ::= {pilotObjectClass 13} +# +objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' + SUP top STRUCTURAL + MUST domainComponent + MAY ( associatedName $ organizationName $ description $ + businessCategory $ seeAlso $ searchGuide $ userPassword $ + localityName $ stateOrProvinceName $ streetAddress $ + physicalDeliveryOfficeName $ postalAddress $ postalCode $ + postOfficeBox $ streetAddress $ + facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ + preferredDeliveryMethod $ destinationIndicator $ + registeredAddress $ x121Address ) + ) + +# 8.3.8. RFC822 Local Part +# +# The RFC822 Local Part object class is used to define entries which +# represent the local part of RFC822 mail addresses. This treats this +# part of an RFC822 address as a domain. The usage of this object +# class is described in more detail in [3]. +# +# rFC822localPart OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# commonName, +# surname, +# description, +# seeAlso, +# telephoneNumber, +# postalAttributeSet, +# telecommunicationAttributeSet} +# ::= {pilotObjectClass 14} +# +objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' + SUP domain STRUCTURAL + MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $ + physicalDeliveryOfficeName $ postalAddress $ postalCode $ + postOfficeBox $ streetAddress $ + facsimileTelephoneNumber $ internationalISDNNumber $ + telephoneNumber $ teletexTerminalIdentifier $ + telexNumber $ preferredDeliveryMethod $ destinationIndicator $ + registeredAddress $ x121Address ) + ) + +# 8.3.9. DNS Domain +# +# The DNS Domain (Domain NameServer) object class is used to define +# entries for DNS domains. The usage of this object class is described +# in more detail in [3]. +# +# dNSDomain OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# ARecord, +# MDRecord, +# MXRecord, +# NSRecord, +# SOARecord, +# CNAMERecord} +# ::= {pilotObjectClass 15} +# +objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' + SUP domain STRUCTURAL + MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ + SOARecord $ CNAMERecord ) + ) + +# 8.3.10. Domain Related Object +# +# The Domain Related Object object class is used to define entries +# which represent DNS/NRS domains which are "equivalent" to an X.500 +# domain: e.g., an organisation or organisational unit. The usage of +# this object class is described in more detail in [3]. +# +# domainRelatedObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# associatedDomain} +# ::= {pilotObjectClass 17} +# +objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' + DESC 'RFC1274: an object related to an domain' + SUP top AUXILIARY + MUST associatedDomain ) + +# 8.3.11. Friendly Country +# +# The Friendly Country object class is used to define country entries +# in the DIT. The object class is used to allow friendlier naming of +# countries than that allowed by the object class country. The naming +# attribute of object class country, countryName, has to be a 2 letter +# string defined in ISO 3166. +# +# friendlyCountry OBJECT-CLASS +# SUBCLASS OF country +# MUST CONTAIN { +# friendlyCountryName} +# ::= {pilotObjectClass 18} +# +objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' + SUP country STRUCTURAL + MUST friendlyCountryName ) + +# 8.3.12. Simple Security Object +# +# The Simple Security Object object class is used to allow an entry to +# have a userPassword attribute when an entry's principal object +# classes do not allow userPassword as an attribute type. +# +# simpleSecurityObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userPassword } +# ::= {pilotObjectClass 19} +# +## (in core.schema) +## objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' +## SUP top AUXILIARY +## MUST userPassword ) + +# 8.3.13. Pilot Organization +# +# The PilotOrganization object class is used as a sub-class of +# organization and organizationalUnit to allow a number of additional +# attributes to be assigned to entries of object classes organization +# and organizationalUnit. +# +# pilotOrganization OBJECT-CLASS +# SUBCLASS OF organization, organizationalUnit +# MAY CONTAIN { +# buildingName} +# ::= {pilotObjectClass 20} +# +objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' + SUP ( organization $ organizationalUnit ) STRUCTURAL + MAY buildingName ) + +# 8.3.14. Pilot DSA +# +# The PilotDSA object class is used as a sub-class of the dsa object +# class to allow additional attributes to be assigned to entries for +# DSAs. +# +# pilotDSA OBJECT-CLASS +# SUBCLASS OF dsa +# MUST CONTAIN { +# dSAQuality} +# ::= {pilotObjectClass 21} +# +objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' + SUP dsa STRUCTURAL + MAY dSAQuality ) + +# 8.3.15. Quality Labelled Data +# +# The Quality Labelled Data object class is used to allow the +# assignment of the data quality attributes to subtrees in the DIT. +# +# See [8] for more details. +# +# qualityLabelledData OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# dSAQuality} +# MAY CONTAIN { +# subtreeMinimumQuality, +# subtreeMaximumQuality} +# ::= {pilotObjectClass 22} +objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' + SUP top AUXILIARY + MUST dsaQuality + MAY ( subtreeMinimumQuality $ subtreeMaximumQuality ) + ) + + +# References +# +# [1] CCITT/ISO, "X.500, The Directory - overview of concepts, +# models and services, CCITT /ISO IS 9594. +# +# [2] Kille, S., "The THORN and RARE X.500 Naming Architecture, in +# University College London, Department of Computer Science +# Research Note 89/48, May 1989. +# +# [3] Kille, S., "X.500 and Domains", RFC 1279, University College +# London, November 1991. +# +# [4] Rose, M., "PSI/NYSERNet White Pages Pilot Project: Status +# Report", Technical Report 90-09-10-1, published by NYSERNet +# Inc, 1990. +# +# [5] Craigie, J., "UK Academic Community Directory Service Pilot +# Project, pp. 305-310 in Computer Networks and ISDN Systems +# 17 (1989), published by North Holland. +# +# [6] Mockapetris, P., "Domain Names - Concepts and Facilities", +# RFC 1034, USC/Information Sciences Institute, November 1987. +# +# [7] Mockapetris, P., "Domain Names - Implementation and +# Specification, RFC 1035, USC/Information Sciences Institute, +# November 1987. +# +# [8] Kille, S., "Handling QOS (Quality of service) in the +# Directory," publication in process, March 1991. +# +# +# APPENDIX C - Summary of all Object Classes and Attribute Types +# +# -- Some Important Object Identifiers +# +# data OBJECT IDENTIFIER ::= {ccitt 9} +# pss OBJECT IDENTIFIER ::= {data 2342} +# ucl OBJECT IDENTIFIER ::= {pss 19200300} +# pilot OBJECT IDENTIFIER ::= {ucl 100} +# +# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1} +# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3} +# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4} +# pilotGroups OBJECT IDENTIFIER ::= {pilot 10} +# +# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4} +# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::= +# {pilotAttributeSyntax 5} +# +# -- Standard Object Classes +# +# top OBJECT-CLASS +# MUST CONTAIN { +# objectClass} +# ::= {objectClass 0} +# +# +# alias OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# aliasedObjectName} +# ::= {objectClass 1} +# +# +# country OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# countryName} +# MAY CONTAIN { +# description, +# searchGuide} +# ::= {objectClass 2} +# +# +# locality OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# description, +# localityName, +# stateOrProvinceName, +# searchGuide, +# seeAlso, +# streetAddress} +# ::= {objectClass 3} +# +# +# organization OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# organizationName} +# MAY CONTAIN { +# organizationalAttributeSet} +# ::= {objectClass 4} +# +# +# organizationalUnit OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# organizationalUnitName} +# MAY CONTAIN { +# organizationalAttributeSet} +# ::= {objectClass 5} +# +# +# person OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# surname} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# userPassword} +# ::= {objectClass 6} +# +# +# organizationalPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# localeAttributeSet, +# organizationalUnitName, +# postalAttributeSet, +# telecommunicationAttributeSet, +# title} +# ::= {objectClass 7} +# +# +# organizationalRole OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localeAttributeSet, +# organizationalUnitName, +# postalAttributeSet, +# preferredDeliveryMethod, +# roleOccupant, +# seeAlso, +# telecommunicationAttributeSet} +# ::= {objectClass 8} +# +# +# groupOfNames OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# member} +# MAY CONTAIN { +# description, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# businessCategory} +# ::= {objectClass 9} +# +# +# residentialPerson OBJECT-CLASS +# SUBCLASS OF person +# MUST CONTAIN { +# localityName} +# MAY CONTAIN { +# localeAttributeSet, +# postalAttributeSet, +# preferredDeliveryMethod, +# telecommunicationAttributeSet, +# businessCategory} +# ::= {objectClass 10} +# +# +# applicationProcess OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localityName, +# organizationalUnitName, +# seeAlso} +# ::= {objectClass 11} +# +# +# applicationEntity OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# presentationAddress} +# MAY CONTAIN { +# description, +# localityName, +# organizationName, +# organizationalUnitName, +# seeAlso, +# supportedApplicationContext} +# ::= {objectClass 12} +# +# +# dSA OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# knowledgeInformation} +# ::= {objectClass 13} +# +# +# device OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# localityName, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# serialNumber} +# ::= {objectClass 14} +# +# +# strongAuthenticationUser OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userCertificate} +# ::= {objectClass 15} +# +# +# certificationAuthority OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# cACertificate, +# certificateRevocationList, +# authorityRevocationList} +# MAY CONTAIN { +# crossCertificatePair} +# ::= {objectClass 16} +# +# -- Standard MHS Object Classes +# +# mhsDistributionList OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName, +# mhsDLSubmitPermissions, +# mhsORAddresses} +# MAY CONTAIN { +# description, +# organizationName, +# organizationalUnitName, +# owner, +# seeAlso, +# mhsDeliverableContentTypes, +# mhsdeliverableEits, +# mhsDLMembers, +# mhsPreferredDeliveryMethods} +# ::= {mhsObjectClass 0} +# +# +# mhsMessageStore OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# description, +# owner, +# mhsSupportedOptionalAttributes, +# mhsSupportedAutomaticActions, +# mhsSupportedContentTypes} +# ::= {mhsObjectClass 1} +# +# +# mhsMessageTransferAgent OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# description, +# owner, +# mhsDeliverableContentLength} +# ::= {mhsObjectClass 2} +# +# +# mhsOrganizationalUser OBJECT-CLASS +# SUBCLASS OF organizationalPerson +# MUST CONTAIN { +# mhsORAddresses} +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsMessageStoreName, +# mhsPreferredDeliveryMethods } +# ::= {mhsObjectClass 3} +# +# +# mhsResidentialUser OBJECT-CLASS +# SUBCLASS OF residentialPerson +# MUST CONTAIN { +# mhsORAddresses} +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsMessageStoreName, +# mhsPreferredDeliveryMethods } +# ::= {mhsObjectClass 4} +# +# +# mhsUserAgent OBJECT-CLASS +# SUBCLASS OF applicationEntity +# MAY CONTAIN { +# mhsDeliverableContentLength, +# mhsDeliverableContentTypes, +# mhsDeliverableEits, +# mhsORAddresses, +# owner} +# ::= {mhsObjectClass 5} +# +# +# +# +# -- Pilot Object Classes +# +# pilotObject OBJECT-CLASS +# SUBCLASS OF top +# MAY CONTAIN { +# info, +# photo, +# manager, +# uniqueIdentifier, +# lastModifiedTime, +# lastModifiedBy, +# dITRedirect, +# audio} +# ::= {pilotObjectClass 3} +# pilotPerson OBJECT-CLASS +# SUBCLASS OF person +# MAY CONTAIN { +# userid, +# textEncodedORAddress, +# rfc822Mailbox, +# favouriteDrink, +# roomNumber, +# userClass, +# homeTelephoneNumber, +# homePostalAddress, +# secretary, +# personalTitle, +# preferredDeliveryMethod, +# businessCategory, +# janetMailbox, +# otherMailbox, +# mobileTelephoneNumber, +# pagerTelephoneNumber, +# organizationalStatus, +# mailPreferenceOption, +# personalSignature} +# ::= {pilotObjectClass 4} +# +# +# account OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userid} +# MAY CONTAIN { +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# host} +# ::= {pilotObjectClass 5} +# +# +# document OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# documentIdentifier} +# MAY CONTAIN { +# commonName, +# description, +# seeAlso, +# localityName, +# organizationName, +# organizationalUnitName, +# documentTitle, +# documentVersion, +# documentAuthor, +# documentLocation, +# documentPublisher} +# ::= {pilotObjectClass 6} +# +# +# room OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# roomNumber, +# description, +# seeAlso, +# telephoneNumber} +# ::= {pilotObjectClass 7} +# +# +# documentSeries OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# commonName} +# MAY CONTAIN { +# description, +# seeAlso, +# telephoneNumber, +# localityName, +# organizationName, +# organizationalUnitName} +# ::= {pilotObjectClass 9} +# +# +# domain OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# domainComponent} +# MAY CONTAIN { +# associatedName, +# organizationName, +# organizationalAttributeSet} +# ::= {pilotObjectClass 13} +# +# +# rFC822localPart OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# commonName, +# surname, +# description, +# seeAlso, +# telephoneNumber, +# postalAttributeSet, +# telecommunicationAttributeSet} +# ::= {pilotObjectClass 14} +# +# +# dNSDomain OBJECT-CLASS +# SUBCLASS OF domain +# MAY CONTAIN { +# ARecord, +# MDRecord, +# MXRecord, +# NSRecord, +# SOARecord, +# CNAMERecord} +# ::= {pilotObjectClass 15} +# +# +# domainRelatedObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# associatedDomain} +# ::= {pilotObjectClass 17} +# +# +# friendlyCountry OBJECT-CLASS +# SUBCLASS OF country +# MUST CONTAIN { +# friendlyCountryName} +# ::= {pilotObjectClass 18} +# +# +# simpleSecurityObject OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# userPassword } +# ::= {pilotObjectClass 19} +# +# +# pilotOrganization OBJECT-CLASS +# SUBCLASS OF organization, organizationalUnit +# MAY CONTAIN { +# buildingName} +# ::= {pilotObjectClass 20} +# +# +# pilotDSA OBJECT-CLASS +# SUBCLASS OF dsa +# MUST CONTAIN { +# dSAQuality} +# ::= {pilotObjectClass 21} +# +# +# qualityLabelledData OBJECT-CLASS +# SUBCLASS OF top +# MUST CONTAIN { +# dSAQuality} +# MAY CONTAIN { +# subtreeMinimumQuality, +# subtreeMaximumQuality} +# ::= {pilotObjectClass 22} +# +# +# +# +# -- Standard Attribute Types +# +# objectClass ObjectClass +# ::= {attributeType 0} +# +# +# aliasedObjectName AliasedObjectName +# ::= {attributeType 1} +# +# +# knowledgeInformation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreString +# ::= {attributeType 2} +# +# +# commonName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-common-name)) +# ::= {attributeType 3} +# +# +# surname ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-surname)) +# ::= {attributeType 4} +# +# +# serialNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX printableStringSyntax +# (SIZE (1..ub-serial-number)) +# ::= {attributeType 5} +# +# +# countryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PrintableString +# (SIZE (1..ub-country-code)) +# SINGLE VALUE +# ::= {attributeType 6} +# +# +# localityName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-locality-name)) +# ::= {attributeType 7} +# +# +# stateOrProvinceName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-state-name)) +# ::= {attributeType 8} +# +# +# streetAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-street-address)) +# ::= {attributeType 9} +# +# +# organizationName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-organization-name)) +# ::= {attributeType 10} +# +# +# organizationalUnitName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-organizational-unit-name)) +# ::= {attributeType 11} +# +# +# title ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-title)) +# ::= {attributeType 12} +# +# +# description ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-description)) +# ::= {attributeType 13} +# +# +# searchGuide ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX Guide +# ::= {attributeType 14} +# +# +# businessCategory ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-business-category)) +# ::= {attributeType 15} +# +# +# postalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PostalAddress +# MATCHES FOR EQUALITY +# ::= {attributeType 16} +# +# +# postalCode ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-postal-code)) +# ::= {attributeType 17} +# +# +# postOfficeBox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-post-office-box)) +# ::= {attributeType 18} +# +# +# physicalDeliveryOfficeName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax +# (SIZE (1..ub-physical-office-name)) +# ::= {attributeType 19} +# +# +# telephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX telephoneNumberSyntax +# (SIZE (1..ub-telephone-number)) +# ::= {attributeType 20} +# +# +# telexNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX TelexNumber +# (SIZE (1..ub-telex)) +# ::= {attributeType 21} +# +# +# teletexTerminalIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX TeletexTerminalIdentifier +# (SIZE (1..ub-teletex-terminal-id)) +# ::= {attributeType 22} +# +# +# facsimileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX FacsimileTelephoneNumber +# ::= {attributeType 23} +# +# +# x121Address ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX NumericString +# (SIZE (1..ub-x121-address)) +# ::= {attributeType 24} +# +# +# internationaliSDNNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX NumericString +# (SIZE (1..ub-isdn-address)) +# ::= {attributeType 25} +# +# +# registeredAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PostalAddress +# ::= {attributeType 26} +# +# +# destinationIndicator ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PrintableString +# (SIZE (1..ub-destination-indicator)) +# MATCHES FOR EQUALITY SUBSTRINGS +# ::= {attributeType 27} +# +# +# preferredDeliveryMethod ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX deliveryMethod +# ::= {attributeType 28} +# +# +# presentationAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX PresentationAddress +# MATCHES FOR EQUALITY +# ::= {attributeType 29} +# +# +# supportedApplicationContext ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX objectIdentifierSyntax +# ::= {attributeType 30} +# +# +# member ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 31} +# +# +# owner ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 32} +# +# +# roleOccupant ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 33} +# +# +# seeAlso ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax +# ::= {attributeType 34} +# +# +# userPassword ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX Userpassword +# ::= {attributeType 35} +# +# +# userCertificate ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX UserCertificate +# ::= {attributeType 36} +# +# +# cACertificate ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX cACertificate +# ::= {attributeType 37} +# +# +# authorityRevocationList ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX AuthorityRevocationList +# ::= {attributeType 38} +# +# +# certificateRevocationList ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX CertificateRevocationList +# ::= {attributeType 39} +# +# +# crossCertificatePair ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX CrossCertificatePair +# ::= {attributeType 40} +# +# +# +# +# -- Standard MHS Attribute Types +# +# mhsDeliverableContentLength ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX integer +# ::= {mhsAttributeType 0} +# +# +# mhsDeliverableContentTypes ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 1} +# +# +# mhsDeliverableEits ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 2} +# +# +# mhsDLMembers ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oRName +# ::= {mhsAttributeType 3} +# +# +# mhsDLSubmitPermissions ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX dLSubmitPermission +# ::= {mhsAttributeType 4} +# +# +# mhsMessageStoreName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX dN +# ::= {mhsAttributeType 5} +# +# +# mhsORAddresses ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oRAddress +# ::= {mhsAttributeType 6} +# +# +# mhsPreferredDeliveryMethods ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX deliveryMethod +# ::= {mhsAttributeType 7} +# +# +# mhsSupportedAutomaticActions ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 8} +# +# +# mhsSupportedContentTypes ATTRIBUTE +# +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 9} +# +# +# mhsSupportedOptionalAttributes ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX oID +# ::= {mhsAttributeType 10} +# +# +# +# +# -- Pilot Attribute Types +# +# userid ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-identifier)) +# ::= {pilotAttributeType 1} +# +# +# textEncodedORAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-text-encoded-or-address)) +# ::= {pilotAttributeType 2} +# +# +# rfc822Mailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-rfc822-mailbox)) +# ::= {pilotAttributeType 3} +# +# +# info ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-information)) +# ::= {pilotAttributeType 4} +# +# +# favouriteDrink ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-favourite-drink)) +# ::= {pilotAttributeType 5} +# +# +# roomNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-room-number)) +# ::= {pilotAttributeType 6} +# +# +# photo ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-photo)) +# ::= {pilotAttributeType 7} +# +# +# userClass ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-user-class)) +# ::= {pilotAttributeType 8} +# +# +# host ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-host)) +# ::= {pilotAttributeType 9} +# +# +# manager ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 10} +# +# +# documentIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-identifier)) +# ::= {pilotAttributeType 11} +# +# +# documentTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-title)) +# ::= {pilotAttributeType 12} +# +# +# documentVersion ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-version)) +# ::= {pilotAttributeType 13} +# +# +# documentAuthor ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 14} +# +# +# documentLocation ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-document-location)) +# ::= {pilotAttributeType 15} +# +# +# homeTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 20} +# +# +# secretary ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 21} +# +# +# otherMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# SEQUENCE { +# mailboxType PrintableString, -- e.g. Telemail +# mailbox IA5String -- e.g. X378:Joe +# } +# ::= {pilotAttributeType 22} +# +# +# lastModifiedTime ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# uTCTimeSyntax +# ::= {pilotAttributeType 23} +# +# +# lastModifiedBy ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 24} +# +# +# domainComponent ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# SINGLE VALUE +# ::= {pilotAttributeType 25} +# +# +# aRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 26} +# +# +# mXRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 28} +# +# +# nSRecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 29} +# +# sOARecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# DNSRecordSyntax +# ::= {pilotAttributeType 30} +# +# +# cNAMERecord ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# iA5StringSyntax +# ::= {pilotAttributeType 31} +# +# +# associatedDomain ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# ::= {pilotAttributeType 37} +# +# +# associatedName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 38} +# +# +# homePostalAddress ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# postalAddress +# MATCHES FOR EQUALITY +# ::= {pilotAttributeType 39} +# +# +# personalTitle ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-personal-title)) +# ::= {pilotAttributeType 40} +# +# +# mobileTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 41} +# +# +# pagerTelephoneNumber ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# telephoneNumberSyntax +# ::= {pilotAttributeType 42} +# +# +# friendlyCountryName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# ::= {pilotAttributeType 43} +# +# +# uniqueIdentifier ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-unique-identifier)) +# ::= {pilotAttributeType 44} +# +# +# organizationalStatus ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-organizational-status)) +# ::= {pilotAttributeType 45} +# +# +# janetMailbox ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreIA5StringSyntax +# (SIZE (1 .. ub-janet-mailbox)) +# ::= {pilotAttributeType 46} +# +# +# mailPreferenceOption ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX ENUMERATED { +# no-list-inclusion(0), +# any-list-inclusion(1), -- may be added to any lists +# professional-list-inclusion(2) +# -- may be added to lists +# -- which the list provider +# -- views as related to the +# -- users professional inter- +# -- ests, perhaps evaluated +# -- from the business of the +# -- organisation or keywords +# -- in the entry. +# } +# ::= {pilotAttributeType 47} +# +# +# buildingName ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# caseIgnoreStringSyntax +# (SIZE (1 .. ub-building-name)) +# ::= {pilotAttributeType 48} +# +# +# dSAQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax +# SINGLE VALUE +# ::= {pilotAttributeType 49} +# +# +# singleLevelQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# +# +# subtreeMinimumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 51} +# +# +# subtreeMaximumQuality ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX DataQualitySyntax +# SINGLE VALUE +# -- Defaults to singleLevelQuality +# ::= {pilotAttributeType 52} +# +# +# personalSignature ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# CHOICE { +# g3-facsimile [3] G3FacsimileBodyPart +# } +# (SIZE (1 .. ub-personal-signature)) +# ::= {pilotAttributeType 53} +# +# +# dITRedirect ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# distinguishedNameSyntax +# ::= {pilotAttributeType 54} +# +# +# audio ATTRIBUTE +# WITH ATTRIBUTE-SYNTAX +# Audio +# (SIZE (1 .. ub-audio)) +# ::= {pilotAttributeType 55} +# +# documentPublisher ATTRIBUTE +# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax +# ::= {pilotAttributeType 56} +# +# +# +# -- Generally useful syntaxes +# +# +# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# iA5StringSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY SUBSTRINGS +# +# +# -- Syntaxes to support the DNS attributes +# +# DNSRecordSyntax ATTRIBUTE-SYNTAX +# IA5String +# MATCHES FOR EQUALITY +# +# +# NRSInformationSyntax ATTRIBUTE-SYNTAX +# NRSInformation +# MATCHES FOR EQUALITY +# +# +# NRSInformation ::= SET { +# [0] Context, +# [1] Address-space-id, +# routes [2] SEQUENCE OF SEQUENCE { +# Route-cost, +# Addressing-info } +# } +# +# +# -- Upper bounds on length of attribute values +# +# +# ub-document-identifier INTEGER ::= 256 +# +# ub-document-location INTEGER ::= 256 +# +# ub-document-title INTEGER ::= 256 +# +# ub-document-version INTEGER ::= 256 +# +# ub-favourite-drink INTEGER ::= 256 +# +# ub-host INTEGER ::= 256 +# +# ub-information INTEGER ::= 2048 +# +# ub-unique-identifier INTEGER ::= 256 +# +# ub-personal-title INTEGER ::= 256 +# +# ub-photo INTEGER ::= 250000 +# +# ub-rfc822-mailbox INTEGER ::= 256 +# +# ub-room-number INTEGER ::= 256 +# +# ub-text-or-address INTEGER ::= 256 +# +# ub-user-class INTEGER ::= 256 +# +# ub-user-identifier INTEGER ::= 256 +# +# ub-organizational-status INTEGER ::= 256 +# +# ub-janet-mailbox INTEGER ::= 256 +# +# ub-building-name INTEGER ::= 256 +# +# ub-personal-signature ::= 50000 +# +# ub-audio INTEGER ::= 250000 +# +# [remainder of memo trimmed] + diff --git a/openldap/schema/duaconf.schema b/openldap/schema/duaconf.schema new file mode 100644 index 0000000..d0a62bd --- /dev/null +++ b/openldap/schema/duaconf.schema @@ -0,0 +1,261 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/duaconf.schema,v 1.5.2.6 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# DUA schema from draft-joslin-config-schema (a work in progress) + +# Contents of this file are subject to change (including deletion) +# without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +## Notes: +## - The matching rule for attributes followReferrals and dereferenceAliases +## has been changed to booleanMatch since their syntax is boolean +## - There was a typo in the name of the dereferenceAliases attributeType +## in the DUAConfigProfile objectClass definition +## - Credit goes to the original Authors + +# +# Application Working Group M. Ansari +# INTERNET-DRAFT Sun Microsystems, Inc. +# Expires Febuary 2003 L. Howard +# PADL Software Pty. Ltd. +# B. Joslin [ed.] +# Hewlett-Packard Company +# +# September 15th, 2003 +# Intended Category: Informational +# +# +# A Configuration Schema for LDAP Based +# Directory User Agents +# +# +#Status of this Memo +# +# This memo provides information for the Internet community. This +# memo does not specify an Internet standard of any kind. Distribu- +# tion of this memo is unlimited. +# +# This document is an Internet-Draft and is in full conformance with +# all provisions of Section 10 of RFC2026. +# +# This document is an Internet-Draft. Internet-Drafts are working +# documents of the Internet Engineering Task Force (IETF), its areas, +# and its working groups. Note that other groups may also distribute +# working documents as Internet-Drafts. +# +# Internet-Drafts are draft documents valid for a maximum of six +# months. Internet-Drafts may be updated, replaced, or made obsolete +# by other documents at any time. It is not appropriate to use +# Internet-Drafts as reference material or to cite them other than as +# a "working draft" or "work in progress". +# +# To learn the current status of any Internet-Draft, please check the +# 1id-abstracts.txt listing contained in the Internet-Drafts Shadow +# Directories on ds.internic.net (US East Coast), nic.nordu.net +# (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific +# Rim). +# +# Distribution of this document is unlimited. +# +# +# Abstract +# +# This document describes a mechanism for global configuration of +# similar directory user agents. This document defines a schema for +# configuration of these DUAs that may be discovered using the Light- +# weight Directory Access Protocol in RFC 2251[17]. A set of attri- +# bute types and an objectclass are proposed, along with specific +# guidelines for interpreting them. A significant feature of the +# global configuration policy for DUAs is a mechanism that allows +# DUAs to re-configure their schema to that of the end user's +# environment. This configuration is achieved through attribute and +# objectclass mapping. This document is intended to be a skeleton +# for future documents that describe configuration of specific DUA +# services. +# +# +# [trimmed] +# +# +# 2. General Issues +# +# The schema defined by this document is defined under the "DUA Con- +# figuration Schema." This schema is derived from the OID: iso (1) +# org (3) dod (6) internet (1) private (4) enterprises (1) Hewlett- +# Packard Company (11) directory (1) LDAP-UX Integration Project (3) +# DUA Configuration Schema (1). This OID is represented in this +# document by the keystring "DUAConfSchemaOID" +# (1.3.6.1.4.1.11.1.3.1). +objectidentifier DUAConfSchemaOID 1.3.6.1.4.1.11.1.3.1 +# +# 2.2 Attributes +# +# The attributes and classes defined in this document are summarized +# below. +# +# The following attributes are defined in this document: +# +# preferredServerList +# defaultServerList +# defaultSearchBase +# defaultSearchScope +# authenticationMethod +# credentialLevel +# serviceSearchDescriptor +# +# +# +# Joslin [Page 3] +# Internet-Draft DUA Configuration Schema October 2002 +# +# +# serviceCredentialLevel +# serviceAuthenticationMethod +# attributeMap +# objectclassMap +# searchTimeLimit +# bindTimeLimit +# followReferrals +# dereferenceAliases +# profileTTL +# +# 2.3 Object Classes +# +# The following object class is defined in this document: +# +# DUAConfigProfile +# +# +attributeType ( DUAConfSchemaOID:1.0 NAME 'defaultServerList' + DESC 'Default LDAP server host address used by a DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.1 NAME 'defaultSearchBase' + DESC 'Default LDAP base DN used by a DUA' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.2 NAME 'preferredServerList' + DESC 'Preferred LDAP server host addresses to be used by a + DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.3 NAME 'searchTimeLimit' + DESC 'Maximum time in seconds a DUA should allow for a + search to complete' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.4 NAME 'bindTimeLimit' + DESC 'Maximum time in seconds a DUA should allow for the + bind operation to complete' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.5 NAME 'followReferrals' + DESC 'Tells DUA if it should follow referrals + returned by a DSA search result' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.16 NAME 'dereferenceAliases' + DESC 'Tells DUA if it should dereference aliases' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.6 NAME 'authenticationMethod' + DESC 'A keystring which identifies the type of + authentication method used to contact the DSA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.7 NAME 'profileTTL' + DESC 'Time to live, in seconds, before a client DUA + should re-read this configuration profile' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.14 NAME 'serviceSearchDescriptor' + DESC 'LDAP search descriptor list used by a DUA' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributeType ( DUAConfSchemaOID:1.9 NAME 'attributeMap' + DESC 'Attribute mappings used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.10 NAME 'credentialLevel' + DESC 'Identifies type of credentials a DUA should + use when binding to the LDAP server' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.11 NAME 'objectclassMap' + DESC 'Objectclass mappings used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.12 NAME 'defaultSearchScope' + DESC 'Default search scope used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.13 NAME 'serviceCredentialLevel' + DESC 'Identifies type of credentials a DUA + should use when binding to the LDAP server for a + specific service' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.15 NAME 'serviceAuthenticationMethod' + DESC 'Authentication method used by a service of the DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +# +# 4. Class Definition +# +# The objectclass below is constructed from the attributes defined in +# 3, with the exception of the cn attribute, which is defined in RFC +# 2256 [8]. cn is used to represent the name of the DUA configura- +# tion profile. +# +objectClass ( DUAConfSchemaOID:2.5 NAME 'DUAConfigProfile' + SUP top STRUCTURAL + DESC 'Abstraction of a base configuration for a DUA' + MUST ( cn ) + MAY ( defaultServerList $ preferredServerList $ + defaultSearchBase $ defaultSearchScope $ + searchTimeLimit $ bindTimeLimit $ + credentialLevel $ authenticationMethod $ + followReferrals $ dereferenceAliases $ + serviceSearchDescriptor $ serviceCredentialLevel $ + serviceAuthenticationMethod $ objectclassMap $ + attributeMap $ profileTTL ) ) diff --git a/openldap/schema/duaconf.schema.default b/openldap/schema/duaconf.schema.default new file mode 100644 index 0000000..aae37d6 --- /dev/null +++ b/openldap/schema/duaconf.schema.default @@ -0,0 +1,261 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/duaconf.schema,v 1.5.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# DUA schema from draft-joslin-config-schema (a work in progress) + +# Contents of this file are subject to change (including deletion) +# without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +## Notes: +## - The matching rule for attributes followReferrals and dereferenceAliases +## has been changed to booleanMatch since their syntax is boolean +## - There was a typo in the name of the dereferenceAliases attributeType +## in the DUAConfigProfile objectClass definition +## - Credit goes to the original Authors + +# +# Application Working Group M. Ansari +# INTERNET-DRAFT Sun Microsystems, Inc. +# Expires Febuary 2003 L. Howard +# PADL Software Pty. Ltd. +# B. Joslin [ed.] +# Hewlett-Packard Company +# +# September 15th, 2003 +# Intended Category: Informational +# +# +# A Configuration Schema for LDAP Based +# Directory User Agents +# +# +#Status of this Memo +# +# This memo provides information for the Internet community. This +# memo does not specify an Internet standard of any kind. Distribu- +# tion of this memo is unlimited. +# +# This document is an Internet-Draft and is in full conformance with +# all provisions of Section 10 of RFC2026. +# +# This document is an Internet-Draft. Internet-Drafts are working +# documents of the Internet Engineering Task Force (IETF), its areas, +# and its working groups. Note that other groups may also distribute +# working documents as Internet-Drafts. +# +# Internet-Drafts are draft documents valid for a maximum of six +# months. Internet-Drafts may be updated, replaced, or made obsolete +# by other documents at any time. It is not appropriate to use +# Internet-Drafts as reference material or to cite them other than as +# a "working draft" or "work in progress". +# +# To learn the current status of any Internet-Draft, please check the +# 1id-abstracts.txt listing contained in the Internet-Drafts Shadow +# Directories on ds.internic.net (US East Coast), nic.nordu.net +# (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific +# Rim). +# +# Distribution of this document is unlimited. +# +# +# Abstract +# +# This document describes a mechanism for global configuration of +# similar directory user agents. This document defines a schema for +# configuration of these DUAs that may be discovered using the Light- +# weight Directory Access Protocol in RFC 2251[17]. A set of attri- +# bute types and an objectclass are proposed, along with specific +# guidelines for interpreting them. A significant feature of the +# global configuration policy for DUAs is a mechanism that allows +# DUAs to re-configure their schema to that of the end user's +# environment. This configuration is achieved through attribute and +# objectclass mapping. This document is intended to be a skeleton +# for future documents that describe configuration of specific DUA +# services. +# +# +# [trimmed] +# +# +# 2. General Issues +# +# The schema defined by this document is defined under the "DUA Con- +# figuration Schema." This schema is derived from the OID: iso (1) +# org (3) dod (6) internet (1) private (4) enterprises (1) Hewlett- +# Packard Company (11) directory (1) LDAP-UX Integration Project (3) +# DUA Configuration Schema (1). This OID is represented in this +# document by the keystring "DUAConfSchemaOID" +# (1.3.6.1.4.1.11.1.3.1). +objectidentifier DUAConfSchemaOID 1.3.6.1.4.1.11.1.3.1 +# +# 2.2 Attributes +# +# The attributes and classes defined in this document are summarized +# below. +# +# The following attributes are defined in this document: +# +# preferredServerList +# defaultServerList +# defaultSearchBase +# defaultSearchScope +# authenticationMethod +# credentialLevel +# serviceSearchDescriptor +# +# +# +# Joslin [Page 3] +# Internet-Draft DUA Configuration Schema October 2002 +# +# +# serviceCredentialLevel +# serviceAuthenticationMethod +# attributeMap +# objectclassMap +# searchTimeLimit +# bindTimeLimit +# followReferrals +# dereferenceAliases +# profileTTL +# +# 2.3 Object Classes +# +# The following object class is defined in this document: +# +# DUAConfigProfile +# +# +attributeType ( DUAConfSchemaOID:1.0 NAME 'defaultServerList' + DESC 'Default LDAP server host address used by a DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.1 NAME 'defaultSearchBase' + DESC 'Default LDAP base DN used by a DUA' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.2 NAME 'preferredServerList' + DESC 'Preferred LDAP server host addresses to be used by a + DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.3 NAME 'searchTimeLimit' + DESC 'Maximum time in seconds a DUA should allow for a + search to complete' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.4 NAME 'bindTimeLimit' + DESC 'Maximum time in seconds a DUA should allow for the + bind operation to complete' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.5 NAME 'followReferrals' + DESC 'Tells DUA if it should follow referrals + returned by a DSA search result' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.16 NAME 'dereferenceAliases' + DESC 'Tells DUA if it should dereference aliases' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.6 NAME 'authenticationMethod' + DESC 'A keystring which identifies the type of + authentication method used to contact the DSA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.7 NAME 'profileTTL' + DESC 'Time to live, in seconds, before a client DUA + should re-read this configuration profile' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.14 NAME 'serviceSearchDescriptor' + DESC 'LDAP search descriptor list used by a DUA' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributeType ( DUAConfSchemaOID:1.9 NAME 'attributeMap' + DESC 'Attribute mappings used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.10 NAME 'credentialLevel' + DESC 'Identifies type of credentials a DUA should + use when binding to the LDAP server' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.11 NAME 'objectclassMap' + DESC 'Objectclass mappings used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.12 NAME 'defaultSearchScope' + DESC 'Default search scope used by a DUA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributeType ( DUAConfSchemaOID:1.13 NAME 'serviceCredentialLevel' + DESC 'Identifies type of credentials a DUA + should use when binding to the LDAP server for a + specific service' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( DUAConfSchemaOID:1.15 NAME 'serviceAuthenticationMethod' + DESC 'Authentication method used by a service of the DUA' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +# +# 4. Class Definition +# +# The objectclass below is constructed from the attributes defined in +# 3, with the exception of the cn attribute, which is defined in RFC +# 2256 [8]. cn is used to represent the name of the DUA configura- +# tion profile. +# +objectClass ( DUAConfSchemaOID:2.5 NAME 'DUAConfigProfile' + SUP top STRUCTURAL + DESC 'Abstraction of a base configuration for a DUA' + MUST ( cn ) + MAY ( defaultServerList $ preferredServerList $ + defaultSearchBase $ defaultSearchScope $ + searchTimeLimit $ bindTimeLimit $ + credentialLevel $ authenticationMethod $ + followReferrals $ dereferenceAliases $ + serviceSearchDescriptor $ serviceCredentialLevel $ + serviceAuthenticationMethod $ objectclassMap $ + attributeMap $ profileTTL ) ) diff --git a/openldap/schema/dyngroup.ldif b/openldap/schema/dyngroup.ldif new file mode 100644 index 0000000..1068ac4 --- /dev/null +++ b/openldap/schema/dyngroup.ldif @@ -0,0 +1,71 @@ +# dyngroup.schema -- Dynamic Group schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.ldif,v 1.1.2.3 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Dynamic Group schema (experimental), as defined by Netscape. See +# http://www.redhat.com/docs/manuals/ent-server/pdf/esadmin611.pdf +# page 70 for details on how these groups were used. +# +# A description of the objectclass definition is available here: +# http://www.redhat.com/docs/manuals/dir-server/schema/7.1/oc_dir.html#1303745 +# +# depends upon: +# core.schema +# +# These definitions are considered experimental due to the lack of +# a formal specification (e.g., RFC). +# +# NOT RECOMMENDED FOR PRODUCTION USE! USE WITH CAUTION! +# +# The Netscape documentation describes this as an auxiliary objectclass +# but their implementations have always defined it as a structural class. +# The sloppiness here is because Netscape-derived servers don't actually +# implement the X.500 data model, and they don't honor the distinction +# between structural and auxiliary classes. This fact is noted here: +# http://forum.java.sun.com/thread.jspa?threadID=5016864&messageID=9034636 +# +# In accordance with other existing implementations, we define it as a +# structural class. +# +# Our definition of memberURL also does not match theirs but again +# their published definition and what works in practice do not agree. +# In other words, the Netscape definitions are broken and interoperability +# is not guaranteed. +# +# Also see the new DynGroup proposed spec at +# http://tools.ietf.org/html/draft-haripriya-dynamicgroup-02 +dn: cn=dyngroup,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: dyngroup +olcObjectIdentifier: {0}NetscapeRoot 2.16.840.1.113730 +olcObjectIdentifier: {1}NetscapeLDAP NetscapeRoot:3 +olcObjectIdentifier: {2}NetscapeLDAPattributeType NetscapeLDAP:1 +olcObjectIdentifier: {3}NetscapeLDAPobjectClass NetscapeLDAP:2 +olcObjectIdentifier: {4}OpenLDAPExp11 1.3.6.1.4.1.4203.666.11 +olcObjectIdentifier: {5}DynGroupBase OpenLDAPExp11:8 +olcObjectIdentifier: {6}DynGroupAttr DynGroupBase:1 +olcObjectIdentifier: {7}DynGroupOC DynGroupBase:2 +olcAttributeTypes: {0}( NetscapeLDAPattributeType:198 NAME 'memberURL' DESC 'I + dentifies an URL associated with each member of a group. Any type of labeled + URL can be used.' SUP labeledURI ) +olcAttributeTypes: {1}( DynGroupAttr:1 NAME 'dgIdentity' DESC 'Identity to use + when processing the memberURL' SUP distinguishedName SINGLE-VALUE ) +olcAttributeTypes: {2}( DynGroupAttr:2 NAME 'dgAuthz' DESC 'Optional authoriza + tion rules that determine who is allowed to assume the dgIdentity' EQUALITY a + uthzMatch SYNTAX 1.3.6.1.4.1.4203.666.2.7 X-ORDERED 'VALUES' ) +olcObjectClasses: {0}( NetscapeLDAPobjectClass:33 NAME 'groupOfURLs' SUP top S + TRUCTURAL MUST cn MAY ( memberURL $ businessCategory $ description $ o $ ou $ + owner $ seeAlso ) ) +olcObjectClasses: {1}( DynGroupOC:1 NAME 'dgIdentityAux' SUP top AUXILIARY MAY + ( dgIdentity $ dgAuthz ) ) diff --git a/openldap/schema/dyngroup.schema b/openldap/schema/dyngroup.schema new file mode 100644 index 0000000..7c43e0d --- /dev/null +++ b/openldap/schema/dyngroup.schema @@ -0,0 +1,91 @@ +# dyngroup.schema -- Dynamic Group schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.7 2011/01/04 23:50:51 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Dynamic Group schema (experimental), as defined by Netscape. See +# http://www.redhat.com/docs/manuals/ent-server/pdf/esadmin611.pdf +# page 70 for details on how these groups were used. +# +# A description of the objectclass definition is available here: +# http://www.redhat.com/docs/manuals/dir-server/schema/7.1/oc_dir.html#1303745 +# +# depends upon: +# core.schema +# +# These definitions are considered experimental due to the lack of +# a formal specification (e.g., RFC). +# +# NOT RECOMMENDED FOR PRODUCTION USE! USE WITH CAUTION! +# +# The Netscape documentation describes this as an auxiliary objectclass +# but their implementations have always defined it as a structural class. +# The sloppiness here is because Netscape-derived servers don't actually +# implement the X.500 data model, and they don't honor the distinction +# between structural and auxiliary classes. This fact is noted here: +# http://forum.java.sun.com/thread.jspa?threadID=5016864&messageID=9034636 +# +# In accordance with other existing implementations, we define it as a +# structural class. +# +# Our definition of memberURL also does not match theirs but again +# their published definition and what works in practice do not agree. +# In other words, the Netscape definitions are broken and interoperability +# is not guaranteed. +# +# Also see the new DynGroup proposed spec at +# http://tools.ietf.org/html/draft-haripriya-dynamicgroup-02 + +objectIdentifier NetscapeRoot 2.16.840.1.113730 + +objectIdentifier NetscapeLDAP NetscapeRoot:3 +objectIdentifier NetscapeLDAPattributeType NetscapeLDAP:1 +objectIdentifier NetscapeLDAPobjectClass NetscapeLDAP:2 + +objectIdentifier OpenLDAPExp11 1.3.6.1.4.1.4203.666.11 +objectIdentifier DynGroupBase OpenLDAPExp11:8 +objectIdentifier DynGroupAttr DynGroupBase:1 +objectIdentifier DynGroupOC DynGroupBase:2 + +attributetype ( NetscapeLDAPattributeType:198 + NAME 'memberURL' + DESC 'Identifies an URL associated with each member of a group. Any type of labeled URL can be used.' + SUP labeledURI ) + +attributetype ( DynGroupAttr:1 + NAME 'dgIdentity' + DESC 'Identity to use when processing the memberURL' + SUP distinguishedName SINGLE-VALUE ) + +attributeType ( DynGroupAttr:2 + NAME 'dgAuthz' + DESC 'Optional authorization rules that determine who is allowed to assume the dgIdentity' + EQUALITY authzMatch + SYNTAX 1.3.6.1.4.1.4203.666.2.7 + X-ORDERED 'VALUES' ) + +objectClass ( NetscapeLDAPobjectClass:33 + NAME 'groupOfURLs' + SUP top STRUCTURAL + MUST cn + MAY ( memberURL $ businessCategory $ description $ o $ ou $ + owner $ seeAlso ) ) + +# The Haripriya dyngroup schema still needs a lot of work. +# We're just adding support for the dgIdentity attribute for now... +objectClass ( DynGroupOC:1 + NAME 'dgIdentityAux' + SUP top AUXILIARY + MAY ( dgIdentity $ dgAuthz ) ) + + diff --git a/openldap/schema/dyngroup.schema.default b/openldap/schema/dyngroup.schema.default new file mode 100644 index 0000000..d69bf0f --- /dev/null +++ b/openldap/schema/dyngroup.schema.default @@ -0,0 +1,91 @@ +# dyngroup.schema -- Dynamic Group schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.6 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Dynamic Group schema (experimental), as defined by Netscape. See +# http://www.redhat.com/docs/manuals/ent-server/pdf/esadmin611.pdf +# page 70 for details on how these groups were used. +# +# A description of the objectclass definition is available here: +# http://www.redhat.com/docs/manuals/dir-server/schema/7.1/oc_dir.html#1303745 +# +# depends upon: +# core.schema +# +# These definitions are considered experimental due to the lack of +# a formal specification (e.g., RFC). +# +# NOT RECOMMENDED FOR PRODUCTION USE! USE WITH CAUTION! +# +# The Netscape documentation describes this as an auxiliary objectclass +# but their implementations have always defined it as a structural class. +# The sloppiness here is because Netscape-derived servers don't actually +# implement the X.500 data model, and they don't honor the distinction +# between structural and auxiliary classes. This fact is noted here: +# http://forum.java.sun.com/thread.jspa?threadID=5016864&messageID=9034636 +# +# In accordance with other existing implementations, we define it as a +# structural class. +# +# Our definition of memberURL also does not match theirs but again +# their published definition and what works in practice do not agree. +# In other words, the Netscape definitions are broken and interoperability +# is not guaranteed. +# +# Also see the new DynGroup proposed spec at +# http://tools.ietf.org/html/draft-haripriya-dynamicgroup-02 + +objectIdentifier NetscapeRoot 2.16.840.1.113730 + +objectIdentifier NetscapeLDAP NetscapeRoot:3 +objectIdentifier NetscapeLDAPattributeType NetscapeLDAP:1 +objectIdentifier NetscapeLDAPobjectClass NetscapeLDAP:2 + +objectIdentifier OpenLDAPExp11 1.3.6.1.4.1.4203.666.11 +objectIdentifier DynGroupBase OpenLDAPExp11:8 +objectIdentifier DynGroupAttr DynGroupBase:1 +objectIdentifier DynGroupOC DynGroupBase:2 + +attributetype ( NetscapeLDAPattributeType:198 + NAME 'memberURL' + DESC 'Identifies an URL associated with each member of a group. Any type of labeled URL can be used.' + SUP labeledURI ) + +attributetype ( DynGroupAttr:1 + NAME 'dgIdentity' + DESC 'Identity to use when processing the memberURL' + SUP distinguishedName SINGLE-VALUE ) + +attributeType ( DynGroupAttr:2 + NAME 'dgAuthz' + DESC 'Optional authorization rules that determine who is allowed to assume the dgIdentity' + EQUALITY authzMatch + SYNTAX 1.3.6.1.4.1.4203.666.2.7 + X-ORDERED 'VALUES' ) + +objectClass ( NetscapeLDAPobjectClass:33 + NAME 'groupOfURLs' + SUP top STRUCTURAL + MUST cn + MAY ( memberURL $ businessCategory $ description $ o $ ou $ + owner $ seeAlso ) ) + +# The Haripriya dyngroup schema still needs a lot of work. +# We're just adding support for the dgIdentity attribute for now... +objectClass ( DynGroupOC:1 + NAME 'dgIdentityAux' + SUP top AUXILIARY + MAY ( dgIdentity $ dgAuthz ) ) + + diff --git a/openldap/schema/evolutionperson.schema b/openldap/schema/evolutionperson.schema new file mode 100644 index 0000000..96d475e --- /dev/null +++ b/openldap/schema/evolutionperson.schema @@ -0,0 +1,212 @@ +# +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079] +# (core.schema) +# +# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] +# (core.schema) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) +# +# The Internet Organizational Person Schema (inetorgperson) +# +# OIDs are broken up into the following: +# 1.3.6.1.4.1.8506.1.? +# .1 Syntaxes +# .2 Attributes +# .3 Objectclasses + +# primaryPhone +attributetype ( 1.3.6.1.4.1.8506.1.2.1 + NAME 'primaryPhone' + DESC 'preferred phone number used to contact a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# carPhone +attributetype ( 1.3.6.1.4.1.8506.1.2.2 + NAME 'carPhone' + DESC 'car phone telephone number of the person' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.3 + NAME ( 'homeFacsimileTelephoneNumber' 'homeFax' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.4 + NAME 'otherPhone' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.5 + NAME 'businessRole' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.6 + NAME 'managerName' + SUP name ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.7 + NAME 'assistantName' + SUP name ) + +# spouseName +# single valued (/me smirks) +attributetype ( 1.3.6.1.4.1.8506.1.2.8 + NAME 'spouseName' + SUP name + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.9 + NAME 'otherPostalAddress' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.10 + NAME ( 'mailer' 'mua' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.11 + NAME ( 'birthDate' 'dob' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.12 + NAME 'anniversary' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.13 + NAME 'note' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.14 + NAME 'evolutionArbitrary' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} ) + ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.15 + NAME 'fileAs' + SUP name ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.16 + NAME 'assistantPhone' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.17 + NAME 'companyPhone' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.18 + NAME 'callbackPhone' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +#attributetype ( 1.3.6.1.4.1.8506.1.2.19 +# NAME ( 'otherFacsimileTelephoneNumber' 'otherFax' ) +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.20 + NAME 'radio' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.21 + NAME 'telex' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.22 + NAME 'tty' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# deprecated - use the multivalued category +attributetype ( 1.3.6.1.4.1.8506.1.2.23 + NAME 'categories' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.24 + NAME 'contact' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.25 + NAME 'listName' + SUP name + SINGLE-VALUE ) + +# deprecated - use calEntry and its attributes from RFC 2739 +attributetype ( 1.3.6.1.4.1.8506.1.2.26 + NAME 'calendarURI' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +# deprecated - use calEntry and its attributes from RFC 2739 +attributetype ( 1.3.6.1.4.1.8506.1.2.27 + NAME 'freeBusyURI' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.8506.1.2.28 + NAME 'category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} ) + + +# evolutionPerson +objectclass ( 1.3.6.1.4.1.8506.1.3.1 + NAME 'evolutionPerson' + DESC 'Objectclass geared to Evolution Usage' + SUP inetOrgPerson + STRUCTURAL + MAY ( + fileAs $ primaryPhone $ carPhone $ homeFacsimileTelephoneNumber $ + otherPhone $ businessRole $ managerName $ assistantName $ assistantPhone $ + otherPostalAddress $ mailer $ birthDate $ anniversary $ spouseName $ + note $ companyPhone $ callbackPhone $ otherFacsimileTelephoneNumber $ + radio $ telex $ tty $ categories $ category $ calendarURI $ freeBusyURI ) + ) + +# evolutionPersonList +objectclass ( 1.3.6.1.4.1.8506.1.3.2 + NAME 'evolutionPersonList' + DESC 'Objectclass geared to Evolution Contact Lists' + SUP top + STRUCTURAL + MUST ( + listName ) + MAY ( + mail $ contact ) + ) diff --git a/openldap/schema/extension.schema b/openldap/schema/extension.schema new file mode 100644 index 0000000..a565751 --- /dev/null +++ b/openldap/schema/extension.schema @@ -0,0 +1,44 @@ +attributetype ( 1.3.6.1.4.1.4203.666.100.121 + NAME ( 'rdn' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.122 + NAME ( 'otherFacsimiletelephoneNumber' ) + SUP telephoneNumber ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.123 + NAME ( 'IPPhone' ) + SUP telephoneNumber ) + +# This attribute handles MS/Outlook and Netscape Communicator + +attributetype ( 1.3.6.1.4.1.4203.666.100.124 + NAME ( 'URL' 'homeUrl' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.125 + NAME ( 'comment' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.126 + NAME ( 'conferenceInformation' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.4203.666.100.127 + NAME ( 'reports' ) + SUP manager ) + +objectclass ( 1.3.6.1.4.1.4203.666.100.1 + NAME 'officePerson' + DESC 'Office employee or computer user' + SUP inetOrgPerson + STRUCTURAL + MAY ( c $ + rdn $ + otherFacsimiletelephoneNumber $ + IPPhone $ + URL $ + comment $ + reports $ + conferenceInformation ) + ) diff --git a/openldap/schema/inetorgperson.ldif b/openldap/schema/inetorgperson.ldif new file mode 100644 index 0000000..317c680 --- /dev/null +++ b/openldap/schema/inetorgperson.ldif @@ -0,0 +1,69 @@ +# InetOrgPerson (RFC2798) +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.ldif,v 1.1.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# InetOrgPerson (RFC2798) +# +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079] +# (core.ldif) +# +# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] +# (core.ldif) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.ldif) +# +# This file was automatically generated from inetorgperson.schema; see +# that file for complete references. +# +dn: cn=inetorgperson,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: inetorgperson +olcAttributeTypes: ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'RFC279 + 8: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR cas + eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC ' + RFC2798: identifies a department within an organization' EQUALITY caseIgnoreM + atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'RFC + 2798: preferred name to be used when displaying entries' EQUALITY caseIgnoreM + atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SI + NGLE-VALUE ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'RF + C2798: numerically identifies an employee within an organization' EQUALITY ca + seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 + 1.1.15 SINGLE-VALUE ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'RFC2 + 798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgn + oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'RFC2 + 798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC + 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIg + noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 15 SINGLE-VALUE ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' D + ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.14 + 66.115.121.1.5 ) +olcAttributeTypes: ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'RFC2 + 798: personal identity information, a PKCS #12 PFX' SYNTAX 1.3.6.1.4.1.1466.1 + 15.121.1.5 ) +olcObjectClasses: ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RFC2 + 798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY + ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ em + ployeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ ini + tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo + $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ pre + ferredLanguage $ userSMIMECertificate $ userPKCS12 ) ) diff --git a/openldap/schema/inetorgperson.schema b/openldap/schema/inetorgperson.schema new file mode 100644 index 0000000..d04810a --- /dev/null +++ b/openldap/schema/inetorgperson.schema @@ -0,0 +1,155 @@ +# inetorgperson.schema -- InetOrgPerson (RFC2798) +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.18.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# InetOrgPerson (RFC2798) +# +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079] +# (core.schema) +# +# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] +# (core.schema) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) + +# carLicense +# This multivalued field is used to record the values of the license or +# registration plate associated with an individual. +attributetype ( 2.16.840.1.113730.3.1.1 + NAME 'carLicense' + DESC 'RFC2798: vehicle license or registration plate' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# departmentNumber +# Code for department to which a person belongs. This can also be +# strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123). +attributetype ( 2.16.840.1.113730.3.1.2 + NAME 'departmentNumber' + DESC 'RFC2798: identifies a department within an organization' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# displayName +# When displaying an entry, especially within a one-line summary list, it +# is useful to be able to identify a name to be used. Since other attri- +# bute types such as 'cn' are multivalued, an additional attribute type is +# needed. Display name is defined for this purpose. +attributetype ( 2.16.840.1.113730.3.1.241 + NAME 'displayName' + DESC 'RFC2798: preferred name to be used when displaying entries' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# employeeNumber +# Numeric or alphanumeric identifier assigned to a person, typically based +# on order of hire or association with an organization. Single valued. +attributetype ( 2.16.840.1.113730.3.1.3 + NAME 'employeeNumber' + DESC 'RFC2798: numerically identifies an employee within an organization' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# employeeType +# Used to identify the employer to employee relationship. Typical values +# used will be "Contractor", "Employee", "Intern", "Temp", "External", and +# "Unknown" but any value may be used. +attributetype ( 2.16.840.1.113730.3.1.4 + NAME 'employeeType' + DESC 'RFC2798: type of employment for a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# jpegPhoto +# Used to store one or more images of a person using the JPEG File +# Interchange Format [JFIF]. +# Note that the jpegPhoto attribute type was defined for use in the +# Internet X.500 pilots but no referencable definition for it could be +# located. +attributetype ( 0.9.2342.19200300.100.1.60 + NAME 'jpegPhoto' + DESC 'RFC2798: a JPEG image' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) + +# preferredLanguage +# Used to indicate an individual's preferred written or spoken +# language. This is useful for international correspondence or human- +# computer interaction. Values for this attribute type MUST conform to +# the definition of the Accept-Language header field defined in +# [RFC2068] with one exception: the sequence "Accept-Language" ":" +# should be omitted. This is a single valued attribute type. +attributetype ( 2.16.840.1.113730.3.1.39 + NAME 'preferredLanguage' + DESC 'RFC2798: preferred written or spoken language for a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# userSMIMECertificate +# A PKCS#7 [RFC2315] SignedData, where the content that is signed is +# ignored by consumers of userSMIMECertificate values. It is +# recommended that values have a `contentType' of data with an absent +# `content' field. Values of this attribute contain a person's entire +# certificate chain and an smimeCapabilities field [RFC2633] that at a +# minimum describes their SMIME algorithm capabilities. Values for +# this attribute are to be stored and requested in binary form, as +# 'userSMIMECertificate;binary'. If available, this attribute is +# preferred over the userCertificate attribute for S/MIME applications. +## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary +attributetype ( 2.16.840.1.113730.3.1.40 + NAME 'userSMIMECertificate' + DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) + +# userPKCS12 +# PKCS #12 [PKCS12] provides a format for exchange of personal identity +# information. When such information is stored in a directory service, +# the userPKCS12 attribute should be used. This attribute is to be stored +# and requested in binary form, as 'userPKCS12;binary'. The attribute +# values are PFX PDUs stored as binary data. +## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary +attributetype ( 2.16.840.1.113730.3.1.216 + NAME 'userPKCS12' + DESC 'RFC2798: personal identity information, a PKCS #12 PFX' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) + + +# inetOrgPerson +# The inetOrgPerson represents people who are associated with an +# organization in some way. It is a structural class and is derived +# from the organizationalPerson which is defined in X.521 [X521]. +objectclass ( 2.16.840.1.113730.3.2.2 + NAME 'inetOrgPerson' + DESC 'RFC2798: Internet Organizational Person' + SUP organizationalPerson + STRUCTURAL + MAY ( + audio $ businessCategory $ carLicense $ departmentNumber $ + displayName $ employeeNumber $ employeeType $ givenName $ + homePhone $ homePostalAddress $ initials $ jpegPhoto $ + labeledURI $ mail $ manager $ mobile $ o $ pager $ + photo $ roomNumber $ secretary $ uid $ userCertificate $ + x500uniqueIdentifier $ preferredLanguage $ + userSMIMECertificate $ userPKCS12 ) + ) diff --git a/openldap/schema/inetorgperson.schema.default b/openldap/schema/inetorgperson.schema.default new file mode 100644 index 0000000..e36a95e --- /dev/null +++ b/openldap/schema/inetorgperson.schema.default @@ -0,0 +1,155 @@ +# inetorgperson.schema -- InetOrgPerson (RFC2798) +# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.18.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# InetOrgPerson (RFC2798) +# +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079] +# (core.schema) +# +# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] +# (core.schema) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) + +# carLicense +# This multivalued field is used to record the values of the license or +# registration plate associated with an individual. +attributetype ( 2.16.840.1.113730.3.1.1 + NAME 'carLicense' + DESC 'RFC2798: vehicle license or registration plate' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# departmentNumber +# Code for department to which a person belongs. This can also be +# strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123). +attributetype ( 2.16.840.1.113730.3.1.2 + NAME 'departmentNumber' + DESC 'RFC2798: identifies a department within an organization' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# displayName +# When displaying an entry, especially within a one-line summary list, it +# is useful to be able to identify a name to be used. Since other attri- +# bute types such as 'cn' are multivalued, an additional attribute type is +# needed. Display name is defined for this purpose. +attributetype ( 2.16.840.1.113730.3.1.241 + NAME 'displayName' + DESC 'RFC2798: preferred name to be used when displaying entries' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# employeeNumber +# Numeric or alphanumeric identifier assigned to a person, typically based +# on order of hire or association with an organization. Single valued. +attributetype ( 2.16.840.1.113730.3.1.3 + NAME 'employeeNumber' + DESC 'RFC2798: numerically identifies an employee within an organization' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# employeeType +# Used to identify the employer to employee relationship. Typical values +# used will be "Contractor", "Employee", "Intern", "Temp", "External", and +# "Unknown" but any value may be used. +attributetype ( 2.16.840.1.113730.3.1.4 + NAME 'employeeType' + DESC 'RFC2798: type of employment for a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# jpegPhoto +# Used to store one or more images of a person using the JPEG File +# Interchange Format [JFIF]. +# Note that the jpegPhoto attribute type was defined for use in the +# Internet X.500 pilots but no referencable definition for it could be +# located. +attributetype ( 0.9.2342.19200300.100.1.60 + NAME 'jpegPhoto' + DESC 'RFC2798: a JPEG image' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) + +# preferredLanguage +# Used to indicate an individual's preferred written or spoken +# language. This is useful for international correspondence or human- +# computer interaction. Values for this attribute type MUST conform to +# the definition of the Accept-Language header field defined in +# [RFC2068] with one exception: the sequence "Accept-Language" ":" +# should be omitted. This is a single valued attribute type. +attributetype ( 2.16.840.1.113730.3.1.39 + NAME 'preferredLanguage' + DESC 'RFC2798: preferred written or spoken language for a person' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# userSMIMECertificate +# A PKCS#7 [RFC2315] SignedData, where the content that is signed is +# ignored by consumers of userSMIMECertificate values. It is +# recommended that values have a `contentType' of data with an absent +# `content' field. Values of this attribute contain a person's entire +# certificate chain and an smimeCapabilities field [RFC2633] that at a +# minimum describes their SMIME algorithm capabilities. Values for +# this attribute are to be stored and requested in binary form, as +# 'userSMIMECertificate;binary'. If available, this attribute is +# preferred over the userCertificate attribute for S/MIME applications. +## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary +attributetype ( 2.16.840.1.113730.3.1.40 + NAME 'userSMIMECertificate' + DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) + +# userPKCS12 +# PKCS #12 [PKCS12] provides a format for exchange of personal identity +# information. When such information is stored in a directory service, +# the userPKCS12 attribute should be used. This attribute is to be stored +# and requested in binary form, as 'userPKCS12;binary'. The attribute +# values are PFX PDUs stored as binary data. +## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary +attributetype ( 2.16.840.1.113730.3.1.216 + NAME 'userPKCS12' + DESC 'RFC2798: personal identity information, a PKCS #12 PFX' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) + + +# inetOrgPerson +# The inetOrgPerson represents people who are associated with an +# organization in some way. It is a structural class and is derived +# from the organizationalPerson which is defined in X.521 [X521]. +objectclass ( 2.16.840.1.113730.3.2.2 + NAME 'inetOrgPerson' + DESC 'RFC2798: Internet Organizational Person' + SUP organizationalPerson + STRUCTURAL + MAY ( + audio $ businessCategory $ carLicense $ departmentNumber $ + displayName $ employeeNumber $ employeeType $ givenName $ + homePhone $ homePostalAddress $ initials $ jpegPhoto $ + labeledURI $ mail $ manager $ mobile $ o $ pager $ + photo $ roomNumber $ secretary $ uid $ userCertificate $ + x500uniqueIdentifier $ preferredLanguage $ + userSMIMECertificate $ userPKCS12 ) + ) diff --git a/openldap/schema/java.schema b/openldap/schema/java.schema new file mode 100644 index 0000000..5b4dc52 --- /dev/null +++ b/openldap/schema/java.schema @@ -0,0 +1,403 @@ +# java.schema -- Java Object Schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Java Object Schema (defined in RFC 2713) +# depends upon core.schema +# + +# Network Working Group V. Ryan +# Request for Comments: 2713 S. Seligman +# Category: Informational R. Lee +# Sun Microsystems, Inc. +# October 1999 +# +# +# Schema for Representing Java(tm) Objects in an LDAP Directory +# +# Status of this Memo +# +# This memo provides information for the Internet community. It does +# not specify an Internet standard of any kind. Distribution of this +# memo is unlimited. +# +# Copyright Notice +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# Abstract +# +# This document defines the schema for representing Java(tm) objects in +# an LDAP directory [LDAPv3]. It defines schema elements to represent +# a Java serialized object [Serial], a Java marshalled object [RMI], a +# Java remote object [RMI], and a JNDI reference [JNDI]. +# + +# [trimmed] + +# 3 Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# javaClassName +# javaClassNames +# javaCodebase +# javaSerializedData +# javaFactory +# javaReferenceAddress +# javaDoc +# +# 3.1 javaClassName +# +# This attribute stores the fully qualified name of the Java object's +# "distinguished" class or interface (for example, "java.lang.String"). +# It is a single-valued attribute. This attribute's syntax is ' +# Directory String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.6 +# NAME 'javaClassName' +# DESC 'Fully qualified name of distinguished Java class or +# interface' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.6 + NAME 'javaClassName' + DESC 'Fully qualified name of distinguished Java class or interface' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# 3.2 javaCodebase +# +# This attribute stores the Java class definition's locations. It +# specifies the locations from which to load the class definition for +# the class specified by the javaClassName attribute. Each value of +# the attribute contains an ordered list of URLs, separated by spaces. +# For example, a value of "url1 url2 url3" means that the three +# (possibly interdependent) URLs (url1, url2, and url3) form the +# codebase for loading in the Java class definition. +# +# If the javaCodebase attribute contains more than one value, each +# value is an independent codebase. That is, there is no relationship +# between the URLs in one value and those in another; each value can be +# viewed as an alternate source for loading the Java class definition. +# See [Java] for information regarding class loading. +# +# This attribute's syntax is 'IA5 String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.7 +# NAME 'javaCodebase' +# DESC 'URL(s) specifying the location of class definition' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.7 + NAME 'javaCodebase' + DESC 'URL(s) specifying the location of class definition' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 3.3 javaClassNames +# +# This attribute stores the Java object's fully qualified class or +# interface names (for example, "java.lang.String"). It is a +# multivalued attribute. When more than one value is present, each is +# the name of a class or interface, or ancestor class or interface, of +# this object. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.13 +# NAME 'javaClassNames' +# DESC 'Fully qualified Java class or interface name' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.13 + NAME 'javaClassNames' + DESC 'Fully qualified Java class or interface name' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 3.4 javaSerializedData +# +# This attribute stores the serialized form of a Java object. The +# serialized form is described in [Serial]. +# +# This attribute's syntax is 'Octet String'. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.8 +# NAME 'javaSerializedData +# DESC 'Serialized form of a Java object' +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.8 + NAME 'javaSerializedData' + DESC 'Serialized form of a Java object' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 + SINGLE-VALUE ) + +# 3.5 javaFactory +# +# This attribute stores the fully qualified class name of the object +# factory (for example, "com.wiz.jndi.WizObjectFactory") that can be +# used to create an instance of the object identified by the +# javaClassName attribute. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.10 +# NAME 'javaFactory' +# DESC 'Fully qualified Java class name of a JNDI object factory' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.10 + NAME 'javaFactory' + DESC 'Fully qualified Java class name of a JNDI object factory' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# 3.6 javaReferenceAddress +# +# This attribute represents the sequence of addresses of a JNDI +# reference. Each of its values represents one address, a Java object +# of type javax.naming.RefAddr. Its value is a concatenation of the +# address type and address contents, preceded by a sequence number (the +# order of addresses in a JNDI reference is significant). For example: +# +# #0#TypeA#ValA +# #1#TypeB#ValB +# #2#TypeC##rO0ABXNyABpq... +# +# In more detail, the value is encoded as follows: +# +# The delimiter is the first character of the value. For readability +# the character '#' is recommended when it is not otherwise used +# anywhere in the value, but any character may be used subject to +# restrictions given below. +# +# The first delimiter is followed by the sequence number. The sequence +# number of an address is its position in the JNDI reference, with the +# first address being numbered 0. It is represented by its shortest +# string form, in decimal notation. +# +# The sequence number is followed by a delimiter, then by the address +# type, and then by another delimiter. If the address is of Java class +# javax.naming.StringRefAddr, then this delimiter is followed by the +# value of the address contents (which is a string). Otherwise, this +# delimiter is followed immediately by another delimiter, and then by +# the Base64 encoding of the serialized form of the entire address. +# +# The delimiter may be any character other than a digit or a character +# contained in the address type. In addition, if the address contents +# is a string, the delimiter may not be the first character of that +# string. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. It can contain multiple values. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.11 +# NAME 'javaReferenceAddress' +# DESC 'Addresses associated with a JNDI Reference' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.11 + NAME 'javaReferenceAddress' + DESC 'Addresses associated with a JNDI Reference' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 3.7 javaDoc +# +# This attribute stores a pointer to the Java documentation for the +# class. It's value is a URL. For example, the following URL points to +# the specification of the java.lang.String class: +# http://java.sun.com/products/jdk/1.2/docs/api/java/lang/String.html +# +# This attribute's syntax is 'IA5 String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.12 +# NAME 'javaDoc' +# DESC 'The Java documentation for the class' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.12 + NAME 'javaDoc' + DESC 'The Java documentation for the class' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 4 Object Class Definitions +# +# The following object classes are defined in this document: +# +# javaContainer +# javaObject +# javaSerializedObject +# javaMarshalledObject +# javaNamingReference +# +# 4.1 javaContainer +# +# This structural object class represents a container for a Java +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.1 +# NAME 'javaContainer' +# DESC 'Container for a Java object' +# SUP top +# STRUCTURAL +# MUST ( cn ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1 + NAME 'javaContainer' + DESC 'Container for a Java object' + SUP top + STRUCTURAL + MUST cn ) + +# 4.2 javaObject +# +# This abstract object class represents a Java object. A javaObject +# cannot exist in the directory; only auxiliary or structural +# subclasses of it can exist in the directory. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.4 +# NAME 'javaObject' +# DESC 'Java object representation' +# SUP top +# ABSTRACT +# MUST ( javaClassName ) +# MAY ( javaClassNames $ +# javaCodebase $ +# javaDoc $ +# description ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.4 + NAME 'javaObject' + DESC 'Java object representation' + SUP top + ABSTRACT + MUST javaClassName + MAY ( javaClassNames $ javaCodebase $ + javaDoc $ description ) ) + +# 4.3 javaSerializedObject +# +# This auxiliary object class represents a Java serialized object. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.5 +# NAME 'javaSerializedObject' +# DESC 'Java serialized object' +# SUP javaObject +# AUXILIARY +# MUST ( javaSerializedData ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.5 + NAME 'javaSerializedObject' + DESC 'Java serialized object' + SUP javaObject + AUXILIARY + MUST javaSerializedData ) + +# 4.4 javaMarshalledObject +# +# This auxiliary object class represents a Java marshalled object. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.8 +# NAME 'javaMarshalledObject' +# DESC 'Java marshalled object' +# SUP javaObject +# AUXILIARY +# MUST ( javaSerializedData ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.8 + NAME 'javaMarshalledObject' + DESC 'Java marshalled object' + SUP javaObject + AUXILIARY + MUST javaSerializedData ) + +# 4.5 javaNamingReference +# +# This auxiliary object class represents a JNDI reference. It must be +# mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.7 +# NAME 'javaNamingReference' +# DESC 'JNDI reference' +# SUP javaObject +# AUXILIARY +# MAY ( javaReferenceAddress $ +# javaFactory ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.7 + NAME 'javaNamingReference' + DESC 'JNDI reference' + SUP javaObject + AUXILIARY + MAY ( javaReferenceAddress $ javaFactory ) ) + +# Full Copyright Statement +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# This document and translations of it may be copied and furnished to +# others, and derivative works that comment on or otherwise explain it +# or assist in its implementation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph are +# included on all such copies and derivative works. However, this +# document itself may not be modified in any way, such as by removing +# the copyright notice or references to the Internet Society or other +# Internet organizations, except as needed for the purpose of +# developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be +# followed, or as required to translate it into languages other than +# English. +# +# The limited permissions granted above are perpetual and will not be +# revoked by the Internet Society or its successors or assigns. +# +# This document and the information contained herein is provided on an +# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. diff --git a/openldap/schema/java.schema.default b/openldap/schema/java.schema.default new file mode 100644 index 0000000..ecd892d --- /dev/null +++ b/openldap/schema/java.schema.default @@ -0,0 +1,403 @@ +# java.schema -- Java Object Schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Java Object Schema (defined in RFC 2713) +# depends upon core.schema +# + +# Network Working Group V. Ryan +# Request for Comments: 2713 S. Seligman +# Category: Informational R. Lee +# Sun Microsystems, Inc. +# October 1999 +# +# +# Schema for Representing Java(tm) Objects in an LDAP Directory +# +# Status of this Memo +# +# This memo provides information for the Internet community. It does +# not specify an Internet standard of any kind. Distribution of this +# memo is unlimited. +# +# Copyright Notice +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# Abstract +# +# This document defines the schema for representing Java(tm) objects in +# an LDAP directory [LDAPv3]. It defines schema elements to represent +# a Java serialized object [Serial], a Java marshalled object [RMI], a +# Java remote object [RMI], and a JNDI reference [JNDI]. +# + +# [trimmed] + +# 3 Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# javaClassName +# javaClassNames +# javaCodebase +# javaSerializedData +# javaFactory +# javaReferenceAddress +# javaDoc +# +# 3.1 javaClassName +# +# This attribute stores the fully qualified name of the Java object's +# "distinguished" class or interface (for example, "java.lang.String"). +# It is a single-valued attribute. This attribute's syntax is ' +# Directory String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.6 +# NAME 'javaClassName' +# DESC 'Fully qualified name of distinguished Java class or +# interface' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.6 + NAME 'javaClassName' + DESC 'Fully qualified name of distinguished Java class or interface' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# 3.2 javaCodebase +# +# This attribute stores the Java class definition's locations. It +# specifies the locations from which to load the class definition for +# the class specified by the javaClassName attribute. Each value of +# the attribute contains an ordered list of URLs, separated by spaces. +# For example, a value of "url1 url2 url3" means that the three +# (possibly interdependent) URLs (url1, url2, and url3) form the +# codebase for loading in the Java class definition. +# +# If the javaCodebase attribute contains more than one value, each +# value is an independent codebase. That is, there is no relationship +# between the URLs in one value and those in another; each value can be +# viewed as an alternate source for loading the Java class definition. +# See [Java] for information regarding class loading. +# +# This attribute's syntax is 'IA5 String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.7 +# NAME 'javaCodebase' +# DESC 'URL(s) specifying the location of class definition' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.7 + NAME 'javaCodebase' + DESC 'URL(s) specifying the location of class definition' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 3.3 javaClassNames +# +# This attribute stores the Java object's fully qualified class or +# interface names (for example, "java.lang.String"). It is a +# multivalued attribute. When more than one value is present, each is +# the name of a class or interface, or ancestor class or interface, of +# this object. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.13 +# NAME 'javaClassNames' +# DESC 'Fully qualified Java class or interface name' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.13 + NAME 'javaClassNames' + DESC 'Fully qualified Java class or interface name' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 3.4 javaSerializedData +# +# This attribute stores the serialized form of a Java object. The +# serialized form is described in [Serial]. +# +# This attribute's syntax is 'Octet String'. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.8 +# NAME 'javaSerializedData +# DESC 'Serialized form of a Java object' +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.8 + NAME 'javaSerializedData' + DESC 'Serialized form of a Java object' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 + SINGLE-VALUE ) + +# 3.5 javaFactory +# +# This attribute stores the fully qualified class name of the object +# factory (for example, "com.wiz.jndi.WizObjectFactory") that can be +# used to create an instance of the object identified by the +# javaClassName attribute. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.10 +# NAME 'javaFactory' +# DESC 'Fully qualified Java class name of a JNDI object factory' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# SINGLE-VALUE +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.10 + NAME 'javaFactory' + DESC 'Fully qualified Java class name of a JNDI object factory' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# 3.6 javaReferenceAddress +# +# This attribute represents the sequence of addresses of a JNDI +# reference. Each of its values represents one address, a Java object +# of type javax.naming.RefAddr. Its value is a concatenation of the +# address type and address contents, preceded by a sequence number (the +# order of addresses in a JNDI reference is significant). For example: +# +# #0#TypeA#ValA +# #1#TypeB#ValB +# #2#TypeC##rO0ABXNyABpq... +# +# In more detail, the value is encoded as follows: +# +# The delimiter is the first character of the value. For readability +# the character '#' is recommended when it is not otherwise used +# anywhere in the value, but any character may be used subject to +# restrictions given below. +# +# The first delimiter is followed by the sequence number. The sequence +# number of an address is its position in the JNDI reference, with the +# first address being numbered 0. It is represented by its shortest +# string form, in decimal notation. +# +# The sequence number is followed by a delimiter, then by the address +# type, and then by another delimiter. If the address is of Java class +# javax.naming.StringRefAddr, then this delimiter is followed by the +# value of the address contents (which is a string). Otherwise, this +# delimiter is followed immediately by another delimiter, and then by +# the Base64 encoding of the serialized form of the entire address. +# +# The delimiter may be any character other than a digit or a character +# contained in the address type. In addition, if the address contents +# is a string, the delimiter may not be the first character of that +# string. +# +# This attribute's syntax is 'Directory String' and its case is +# significant. It can contain multiple values. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.11 +# NAME 'javaReferenceAddress' +# DESC 'Addresses associated with a JNDI Reference' +# EQUALITY caseExactMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.11 + NAME 'javaReferenceAddress' + DESC 'Addresses associated with a JNDI Reference' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# 3.7 javaDoc +# +# This attribute stores a pointer to the Java documentation for the +# class. It's value is a URL. For example, the following URL points to +# the specification of the java.lang.String class: +# http://java.sun.com/products/jdk/1.2/docs/api/java/lang/String.html +# +# This attribute's syntax is 'IA5 String' and its case is significant. +# +# ( 1.3.6.1.4.1.42.2.27.4.1.12 +# NAME 'javaDoc' +# DESC 'The Java documentation for the class' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 +# ) +# +attributetype ( 1.3.6.1.4.1.42.2.27.4.1.12 + NAME 'javaDoc' + DESC 'The Java documentation for the class' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# 4 Object Class Definitions +# +# The following object classes are defined in this document: +# +# javaContainer +# javaObject +# javaSerializedObject +# javaMarshalledObject +# javaNamingReference +# +# 4.1 javaContainer +# +# This structural object class represents a container for a Java +# object. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.1 +# NAME 'javaContainer' +# DESC 'Container for a Java object' +# SUP top +# STRUCTURAL +# MUST ( cn ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1 + NAME 'javaContainer' + DESC 'Container for a Java object' + SUP top + STRUCTURAL + MUST cn ) + +# 4.2 javaObject +# +# This abstract object class represents a Java object. A javaObject +# cannot exist in the directory; only auxiliary or structural +# subclasses of it can exist in the directory. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.4 +# NAME 'javaObject' +# DESC 'Java object representation' +# SUP top +# ABSTRACT +# MUST ( javaClassName ) +# MAY ( javaClassNames $ +# javaCodebase $ +# javaDoc $ +# description ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.4 + NAME 'javaObject' + DESC 'Java object representation' + SUP top + ABSTRACT + MUST javaClassName + MAY ( javaClassNames $ javaCodebase $ + javaDoc $ description ) ) + +# 4.3 javaSerializedObject +# +# This auxiliary object class represents a Java serialized object. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.5 +# NAME 'javaSerializedObject' +# DESC 'Java serialized object' +# SUP javaObject +# AUXILIARY +# MUST ( javaSerializedData ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.5 + NAME 'javaSerializedObject' + DESC 'Java serialized object' + SUP javaObject + AUXILIARY + MUST javaSerializedData ) + +# 4.4 javaMarshalledObject +# +# This auxiliary object class represents a Java marshalled object. It +# must be mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.8 +# NAME 'javaMarshalledObject' +# DESC 'Java marshalled object' +# SUP javaObject +# AUXILIARY +# MUST ( javaSerializedData ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.8 + NAME 'javaMarshalledObject' + DESC 'Java marshalled object' + SUP javaObject + AUXILIARY + MUST javaSerializedData ) + +# 4.5 javaNamingReference +# +# This auxiliary object class represents a JNDI reference. It must be +# mixed in with a structural object class. +# +# ( 1.3.6.1.4.1.42.2.27.4.2.7 +# NAME 'javaNamingReference' +# DESC 'JNDI reference' +# SUP javaObject +# AUXILIARY +# MAY ( javaReferenceAddress $ +# javaFactory ) +# ) +# +objectclass ( 1.3.6.1.4.1.42.2.27.4.2.7 + NAME 'javaNamingReference' + DESC 'JNDI reference' + SUP javaObject + AUXILIARY + MAY ( javaReferenceAddress $ javaFactory ) ) + +# Full Copyright Statement +# +# Copyright (C) The Internet Society (1999). All Rights Reserved. +# +# This document and translations of it may be copied and furnished to +# others, and derivative works that comment on or otherwise explain it +# or assist in its implementation may be prepared, copied, published +# and distributed, in whole or in part, without restriction of any +# kind, provided that the above copyright notice and this paragraph are +# included on all such copies and derivative works. However, this +# document itself may not be modified in any way, such as by removing +# the copyright notice or references to the Internet Society or other +# Internet organizations, except as needed for the purpose of +# developing Internet standards in which case the procedures for +# copyrights defined in the Internet Standards process must be +# followed, or as required to translate it into languages other than +# English. +# +# The limited permissions granted above are perpetual and will not be +# revoked by the Internet Society or its successors or assigns. +# +# This document and the information contained herein is provided on an +# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. diff --git a/openldap/schema/kerberos.schema b/openldap/schema/kerberos.schema new file mode 100644 index 0000000..f4f8aca --- /dev/null +++ b/openldap/schema/kerberos.schema @@ -0,0 +1,678 @@ +# Novell Kerberos Schema Definitions +# Novell Inc. +# 1800 South Novell Place +# Provo, UT 84606 +# +# VeRsIoN=1.0 +# CoPyRiGhT=(c) Copyright 2006, Novell, Inc. All rights reserved +# +# OIDs: +# joint-iso-ccitt(2) +# country(16) +# us(840) +# organization(1) +# Novell(113719) +# applications(1) +# kerberos(301) +# Kerberos Attribute Type(4) attr# version# +# specific attribute definitions +# Kerberos Attribute Syntax(5) +# specific syntax definitions +# Kerberos Object Class(6) class# version# +# specific class definitions +# +# iso(1) +# member-body(2) +# United States(840) +# mit (113554) +# infosys(1) +# ldap(4) +# attributeTypes(1) +# Kerberos(6) + +######################################################################## + + +######################################################################## +# Attribute Type Definitions # +######################################################################## + +##### This is the principal name in the RFC 1964 specified format + +attributetype ( 2.16.840.1.113719.1.301.4.1.1 + NAME 'krbPrincipalName' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + +##### If there are multiple krbPrincipalName values for an entry, this +##### is the canonical principal name in the RFC 1964 specified +##### format. (If this attribute does not exist, then all +##### krbPrincipalName values are treated as canonical.) + +attributetype ( 1.2.840.113554.1.4.1.6.1 + NAME 'krbCanonicalName' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE) + +##### This specifies the type of the principal, the types could be any of +##### the types mentioned in section 6.2 of RFC 4120 + +attributetype ( 2.16.840.1.113719.1.301.4.3.1 + NAME 'krbPrincipalType' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### This flag is used to find whether directory User Password has to be used +##### as kerberos password. +##### TRUE, if User Password is to be used as the kerberos password. +##### FALSE, if User Password and the kerberos password are different. + +attributetype ( 2.16.840.1.113719.1.301.4.5.1 + NAME 'krbUPEnabled' + DESC 'Boolean' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE) + + +##### The time at which the principal expires + +attributetype ( 2.16.840.1.113719.1.301.4.6.1 + NAME 'krbPrincipalExpiration' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### The krbTicketFlags attribute holds information about the kerberos flags for a principal +##### The values (0x00000001 - 0x00800000) are reserved for standards and +##### values (0x01000000 - 0x80000000) can be used for proprietary extensions. +##### The flags and values as per RFC 4120 and MIT implementation are, +##### DISALLOW_POSTDATED 0x00000001 +##### DISALLOW_FORWARDABLE 0x00000002 +##### DISALLOW_TGT_BASED 0x00000004 +##### DISALLOW_RENEWABLE 0x00000008 +##### DISALLOW_PROXIABLE 0x00000010 +##### DISALLOW_DUP_SKEY 0x00000020 +##### DISALLOW_ALL_TIX 0x00000040 +##### REQUIRES_PRE_AUTH 0x00000080 +##### REQUIRES_HW_AUTH 0x00000100 +##### REQUIRES_PWCHANGE 0x00000200 +##### DISALLOW_SVR 0x00001000 +##### PWCHANGE_SERVICE 0x00002000 + + +attributetype ( 2.16.840.1.113719.1.301.4.8.1 + NAME 'krbTicketFlags' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### The maximum ticket lifetime for a principal in seconds + +attributetype ( 2.16.840.1.113719.1.301.4.9.1 + NAME 'krbMaxTicketLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Maximum renewable lifetime for a principal's ticket in seconds + +attributetype ( 2.16.840.1.113719.1.301.4.10.1 + NAME 'krbMaxRenewableAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Forward reference to the Realm object. +##### (FDN of the krbRealmContainer object). +##### Example: cn=ACME.COM, cn=Kerberos, cn=Security + +attributetype ( 2.16.840.1.113719.1.301.4.14.1 + NAME 'krbRealmReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### List of LDAP servers that kerberos servers can contact. +##### The attribute holds data in the ldap uri format, +##### Examples: acme.com#636, 164.164.164.164#1636, ldaps://acme.com:636 +##### +##### The values of this attribute need to be updated, when +##### the LDAP servers listed here are renamed, moved or deleted. + +attributetype ( 2.16.840.1.113719.1.301.4.15.1 + NAME 'krbLdapServers' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### A set of forward references to the KDC Service objects. +##### (FDNs of the krbKdcService objects). +##### Example: cn=kdc - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.17.1 + NAME 'krbKdcServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### A set of forward references to the Password Service objects. +##### (FDNs of the krbPwdService objects). +##### Example: cn=kpasswdd - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.18.1 + NAME 'krbPwdServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute holds the Host Name or the ip address, +##### transport protocol and ports of the kerberos service host +##### The format is host_name-or-ip_address#protocol#port +##### Protocol can be 0 or 1. 0 is for UDP. 1 is for TCP. + +attributetype ( 2.16.840.1.113719.1.301.4.24.1 + NAME 'krbHostServer' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + + +##### This attribute holds the scope for searching the principals +##### under krbSubTree attribute of krbRealmContainer +##### The value can either be 1 (ONE) or 2 (SUB_TREE). + +attributetype ( 2.16.840.1.113719.1.301.4.25.1 + NAME 'krbSearchScope' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### FDNs pointing to Kerberos principals + +attributetype ( 2.16.840.1.113719.1.301.4.26.1 + NAME 'krbPrincipalReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute specifies which attribute of the user objects +##### be used as the principal name component for Kerberos. +##### The allowed values are cn, sn, uid, givenname, fullname. + +attributetype ( 2.16.840.1.113719.1.301.4.28.1 + NAME 'krbPrincNamingAttr' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE) + + +##### A set of forward references to the Administration Service objects. +##### (FDNs of the krbAdmService objects). +##### Example: cn=kadmindd - server 1, ou=uvw, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.29.1 + NAME 'krbAdmServers' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### Maximum lifetime of a principal's password + +attributetype ( 2.16.840.1.113719.1.301.4.30.1 + NAME 'krbMaxPwdLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum lifetime of a principal's password + +attributetype ( 2.16.840.1.113719.1.301.4.31.1 + NAME 'krbMinPwdLife' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum number of character clases allowed in a password + +attributetype ( 2.16.840.1.113719.1.301.4.32.1 + NAME 'krbPwdMinDiffChars' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Minimum length of the password + +attributetype ( 2.16.840.1.113719.1.301.4.33.1 + NAME 'krbPwdMinLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Number of previous versions of passwords that are stored + +attributetype ( 2.16.840.1.113719.1.301.4.34.1 + NAME 'krbPwdHistoryLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Number of consecutive pre-authentication failures before lockout + +attributetype ( 1.3.6.1.4.1.5322.21.2.1 + NAME 'krbPwdMaxFailure' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Period after which bad preauthentication count will be reset + +attributetype ( 1.3.6.1.4.1.5322.21.2.2 + NAME 'krbPwdFailureCountInterval' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### Period in which lockout is enforced + +attributetype ( 1.3.6.1.4.1.5322.21.2.3 + NAME 'krbPwdLockoutDuration' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + +##### FDN pointing to a Kerberos Password Policy object + +attributetype ( 2.16.840.1.113719.1.301.4.36.1 + NAME 'krbPwdPolicyReference' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE) + + +##### The time at which the principal's password expires + +attributetype ( 2.16.840.1.113719.1.301.4.37.1 + NAME 'krbPasswordExpiration' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### This attribute holds the principal's key (krbPrincipalKey) that is encrypted with +##### the master key (krbMKey). +##### The attribute is ASN.1 encoded. +##### +##### The format of the value for this attribute is explained below, +##### KrbKeySet ::= SEQUENCE { +##### attribute-major-vno [0] UInt16, +##### attribute-minor-vno [1] UInt16, +##### kvno [2] UInt32, +##### mkvno [3] UInt32 OPTIONAL, +##### keys [4] SEQUENCE OF KrbKey, +##### ... +##### } +##### +##### KrbKey ::= SEQUENCE { +##### salt [0] KrbSalt OPTIONAL, +##### key [1] EncryptionKey, +##### s2kparams [2] OCTET STRING OPTIONAL, +##### ... +##### } +##### +##### KrbSalt ::= SEQUENCE { +##### type [0] Int32, +##### salt [1] OCTET STRING OPTIONAL +##### } +##### +##### EncryptionKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + +attributetype ( 2.16.840.1.113719.1.301.4.39.1 + NAME 'krbPrincipalKey' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### FDN pointing to a Kerberos Ticket Policy object. + +attributetype ( 2.16.840.1.113719.1.301.4.40.1 + NAME 'krbTicketPolicyReference' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE) + + +##### Forward reference to an entry that starts sub-trees +##### where principals and other kerberos objects in the realm are configured. +##### Example: ou=acme, ou=pq, o=xyz + +attributetype ( 2.16.840.1.113719.1.301.4.41.1 + NAME 'krbSubTrees' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### Holds the default encryption/salt type combinations of principals for +##### the Realm. Stores in the form of key:salt strings. This will be +##### subset of the supported encryption/salt types. +##### Example: des-cbc-crc:normal + +attributetype ( 2.16.840.1.113719.1.301.4.42.1 + NAME 'krbDefaultEncSaltTypes' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### Holds the supported encryption/salt type combinations of principals for +##### the Realm. Stores in the form of key:salt strings. +##### The supported encryption types are mentioned in RFC 3961 +##### The supported salt types are, +##### NORMAL +##### V4 +##### NOREALM +##### ONLYREALM +##### SPECIAL +##### AFS3 +##### Example: des-cbc-crc:normal + +attributetype ( 2.16.840.1.113719.1.301.4.43.1 + NAME 'krbSupportedEncSaltTypes' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + + +##### This attribute holds the principal's old keys (krbPwdHistory) that is encrypted with +##### the kadmin/history key. +##### The attribute is ASN.1 encoded. +##### +##### The format of the value for this attribute is explained below, +##### KrbKeySet ::= SEQUENCE { +##### attribute-major-vno [0] UInt16, +##### attribute-minor-vno [1] UInt16, +##### kvno [2] UInt32, +##### mkvno [3] UInt32 OPTIONAL -- actually kadmin/history key, +##### keys [4] SEQUENCE OF KrbKey, +##### ... +##### } +##### +##### KrbKey ::= SEQUENCE { +##### salt [0] KrbSalt OPTIONAL, +##### key [1] EncryptionKey, +##### s2kparams [2] OCTET STRING OPTIONAL, +##### ... +##### } +##### +##### KrbSalt ::= SEQUENCE { +##### type [0] Int32, +##### salt [1] OCTET STRING OPTIONAL +##### } +##### +##### EncryptionKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + +attributetype ( 2.16.840.1.113719.1.301.4.44.1 + NAME 'krbPwdHistory' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### The time at which the principal's password last password change happened. + +attributetype ( 2.16.840.1.113719.1.301.4.45.1 + NAME 'krbLastPwdChange' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + +##### The time at which the principal was last administratively unlocked. + +attributetype ( 1.3.6.1.4.1.5322.21.2.5 + NAME 'krbLastAdminUnlock' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + +##### This attribute holds the kerberos master key. +##### This can be used to encrypt principal keys. +##### This attribute has to be secured in directory. +##### +##### This attribute is ASN.1 encoded. +##### The format of the value for this attribute is explained below, +##### KrbMKey ::= SEQUENCE { +##### kvno [0] UInt32, +##### key [1] MasterKey +##### } +##### +##### MasterKey ::= SEQUENCE { +##### keytype [0] Int32, +##### keyvalue [1] OCTET STRING +##### } + + +attributetype ( 2.16.840.1.113719.1.301.4.46.1 + NAME 'krbMKey' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### This stores the alternate principal names for the principal in the RFC 1964 specified format + +attributetype ( 2.16.840.1.113719.1.301.4.47.1 + NAME 'krbPrincipalAliases' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + + +##### The time at which the principal's last successful authentication happened. + +attributetype ( 2.16.840.1.113719.1.301.4.48.1 + NAME 'krbLastSuccessfulAuth' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### The time at which the principal's last failed authentication happened. + +attributetype ( 2.16.840.1.113719.1.301.4.49.1 + NAME 'krbLastFailedAuth' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE) + + +##### This attribute stores the number of failed authentication attempts +##### happened for the principal since the last successful authentication. + +attributetype ( 2.16.840.1.113719.1.301.4.50.1 + NAME 'krbLoginFailedCount' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE) + + + +##### This attribute holds the application specific data. + +attributetype ( 2.16.840.1.113719.1.301.4.51.1 + NAME 'krbExtraData' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) + + +##### This attributes holds references to the set of directory objects. +##### This stores the DNs of the directory objects to which the +##### principal object belongs to. + +attributetype ( 2.16.840.1.113719.1.301.4.52.1 + NAME 'krbObjectReferences' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + + +##### This attribute holds references to a Container object where +##### the additional principal objects and stand alone principal +##### objects (krbPrincipal) can be created. + +attributetype ( 2.16.840.1.113719.1.301.4.53.1 + NAME 'krbPrincContainerRef' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + +##### A list of services to which a service principal can delegate. +attributetype ( 1.3.6.1.4.1.5322.21.2.4 + NAME 'krbAllowedToDelegateTo' + EQUALITY caseExactIA5Match + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) + +######################################################################## +######################################################################## +# Object Class Definitions # +######################################################################## + +#### This is a kerberos container for all the realms in a tree. + +objectclass ( 2.16.840.1.113719.1.301.6.1.1 + NAME 'krbContainer' + SUP top + STRUCTURAL + MUST ( cn ) ) + + +##### The krbRealmContainer is created per realm and holds realm specific data. + +objectclass ( 2.16.840.1.113719.1.301.6.2.1 + NAME 'krbRealmContainer' + SUP top + STRUCTURAL + MUST ( cn ) + MAY ( krbMKey $ krbUPEnabled $ krbSubTrees $ krbSearchScope $ krbLdapServers $ krbSupportedEncSaltTypes $ krbDefaultEncSaltTypes $ krbTicketPolicyReference $ krbKdcServers $ krbPwdServers $ krbAdmServers $ krbPrincNamingAttr $ krbPwdPolicyReference $ krbPrincContainerRef ) ) + + +##### An instance of a class derived from krbService is created per +##### kerberos authentication or administration server in an realm and holds +##### references to the realm objects. These references is used to further read +##### realm specific data to service AS/TGS requests. Additionally this object +##### contains some server specific data like pathnames and ports that the +##### server uses. This is the identity the kerberos server logs in with. A key +##### pair for the same is created and the kerberos server logs in with the same. +##### +##### krbKdcService, krbAdmService and krbPwdService derive from this class. + +objectclass ( 2.16.840.1.113719.1.301.6.3.1 + NAME 'krbService' + SUP top + ABSTRACT + MUST ( cn ) + MAY ( krbHostServer $ krbRealmReferences ) ) + + +##### Representative object for the KDC server to bind into a LDAP directory +##### and have a connection to access Kerberos data with the required +##### access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.4.1 + NAME 'krbKdcService' + SUP krbService + STRUCTURAL ) + + +##### Representative object for the Kerberos Password server to bind into a LDAP directory +##### and have a connection to access Kerberos data with the required +##### access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.5.1 + NAME 'krbPwdService' + SUP krbService + STRUCTURAL ) + + +###### The principal data auxiliary class. Holds principal information +###### and is used to store principal information for Person, Service objects. + +objectclass ( 2.16.840.1.113719.1.301.6.8.1 + NAME 'krbPrincipalAux' + SUP top + AUXILIARY + MAY ( krbPrincipalName $ krbCanonicalName $ krbUPEnabled $ krbPrincipalKey $ krbTicketPolicyReference $ krbPrincipalExpiration $ krbPasswordExpiration $ krbPwdPolicyReference $ krbPrincipalType $ krbPwdHistory $ krbLastPwdChange $ krbLastAdminUnlock $ krbPrincipalAliases $ krbLastSuccessfulAuth $ krbLastFailedAuth $ krbLoginFailedCount $ krbExtraData $ krbAllowedToDelegateTo ) ) + + +###### This class is used to create additional principals and stand alone principals. + +objectclass ( 2.16.840.1.113719.1.301.6.9.1 + NAME 'krbPrincipal' + SUP top + MUST ( krbPrincipalName ) + MAY ( krbObjectReferences ) ) + + +###### The principal references auxiliary class. Holds all principals referred +###### from a service + +objectclass ( 2.16.840.1.113719.1.301.6.11.1 + NAME 'krbPrincRefAux' + SUP top + AUXILIARY + MAY krbPrincipalReferences ) + + +##### Representative object for the Kerberos Administration server to bind into a LDAP directory +##### and have a connection Id to access Kerberos data with the required access rights. + +objectclass ( 2.16.840.1.113719.1.301.6.13.1 + NAME 'krbAdmService' + SUP krbService + STRUCTURAL ) + + +##### The krbPwdPolicy object is a template password policy that +##### can be applied to principals when they are created. +##### These policy attributes will be in effect, when the Kerberos +##### passwords are different from users' passwords (UP). + +objectclass ( 2.16.840.1.113719.1.301.6.14.1 + NAME 'krbPwdPolicy' + SUP top + MUST ( cn ) + MAY ( krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration ) ) + + +##### The krbTicketPolicyAux holds Kerberos ticket policy attributes. +##### This class can be attached to a principal object or realm object. + +objectclass ( 2.16.840.1.113719.1.301.6.16.1 + NAME 'krbTicketPolicyAux' + SUP top + AUXILIARY + MAY ( krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge ) ) + + +##### The krbTicketPolicy object is an effective ticket policy that is associated with a realm or a principal + +objectclass ( 2.16.840.1.113719.1.301.6.17.1 + NAME 'krbTicketPolicy' + SUP top + MUST ( cn ) ) + diff --git a/openldap/schema/misc.schema b/openldap/schema/misc.schema new file mode 100644 index 0000000..a22db3b --- /dev/null +++ b/openldap/schema/misc.schema @@ -0,0 +1,75 @@ +# misc.schema -- assorted schema definitions +# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.30.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Assorted definitions from several sources, including +# ''works in progress''. Contents of this file are +# subject to change (including deletion) without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +#----------------------------------------------------------- +# draft-lachman-laser-ldap-mail-routing-02.txt !!!EXPIRED!!! +# (a work in progress) +# +attributetype ( 2.16.840.1.113730.3.1.13 + NAME 'mailLocalAddress' + DESC 'RFC822 email address of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 2.16.840.1.113730.3.1.18 + NAME 'mailHost' + DESC 'FQDN of the SMTP/MTA of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113730.3.1.47 + NAME 'mailRoutingAddress' + DESC 'RFC822 routing address of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +# I-D leaves this OID TBD. +# iPlanet uses 2.16.840.1.113.730.3.2.147 but that is an +# improperly delegated OID. A typo is likely. +objectclass ( 2.16.840.1.113730.3.2.147 + NAME 'inetLocalMailRecipient' + DESC 'Internet local mail recipient' + SUP top AUXILIARY + MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) ) + +#----------------------------------------------------------- +# draft-srivastava-ldap-mail-00.txt !!!EXPIRED!!! +# (a work in progress) +# +attributetype ( 1.3.6.1.4.1.42.2.27.2.1.15 + NAME 'rfc822MailMember' + DESC 'rfc822 mail address of group member(s)' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#----------------------------------------------------------- +# !!!no I-D!!! +# (a work in progress) +# +objectclass ( 1.3.6.1.4.1.42.2.27.1.2.5 + NAME 'nisMailAlias' + DESC 'NIS mail alias' + SUP top STRUCTURAL + MUST cn + MAY rfc822MailMember ) diff --git a/openldap/schema/misc.schema.default b/openldap/schema/misc.schema.default new file mode 100644 index 0000000..a01da87 --- /dev/null +++ b/openldap/schema/misc.schema.default @@ -0,0 +1,75 @@ +# misc.schema -- assorted schema definitions +# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.30.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Assorted definitions from several sources, including +# ''works in progress''. Contents of this file are +# subject to change (including deletion) without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +#----------------------------------------------------------- +# draft-lachman-laser-ldap-mail-routing-02.txt !!!EXPIRED!!! +# (a work in progress) +# +attributetype ( 2.16.840.1.113730.3.1.13 + NAME 'mailLocalAddress' + DESC 'RFC822 email address of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 2.16.840.1.113730.3.1.18 + NAME 'mailHost' + DESC 'FQDN of the SMTP/MTA of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113730.3.1.47 + NAME 'mailRoutingAddress' + DESC 'RFC822 routing address of this recipient' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +# I-D leaves this OID TBD. +# iPlanet uses 2.16.840.1.113.730.3.2.147 but that is an +# improperly delegated OID. A typo is likely. +objectclass ( 2.16.840.1.113730.3.2.147 + NAME 'inetLocalMailRecipient' + DESC 'Internet local mail recipient' + SUP top AUXILIARY + MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) ) + +#----------------------------------------------------------- +# draft-srivastava-ldap-mail-00.txt !!!EXPIRED!!! +# (a work in progress) +# +attributetype ( 1.3.6.1.4.1.42.2.27.2.1.15 + NAME 'rfc822MailMember' + DESC 'rfc822 mail address of group member(s)' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#----------------------------------------------------------- +# !!!no I-D!!! +# (a work in progress) +# +objectclass ( 1.3.6.1.4.1.42.2.27.1.2.5 + NAME 'nisMailAlias' + DESC 'NIS mail alias' + SUP top STRUCTURAL + MUST cn + MAY rfc822MailMember ) diff --git a/openldap/schema/mozilla.schema.old b/openldap/schema/mozilla.schema.old new file mode 100644 index 0000000..a4aca67 --- /dev/null +++ b/openldap/schema/mozilla.schema.old @@ -0,0 +1,179 @@ +# Mozilla: @VERSION@ +# +# mozillaAbPersonAlpha +# +# Created initial version --[[User:Standard8|Standard8]] 12:21, 5 Dec 2005 (PST) +# +# This file contains LDAPv3 schema for use with the Mozilla Address Book +# and is intended to ... + +# Depends upon +# Definition of an X.500 Attribute Type and an Object Class to Hold +# Uniform Resource Identifiers (URIs) [RFC2079], and A Summary of +# the X.500(96) User Schema for use with LDAPv3 [RFC2256] (core.schema) +# +# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) +# +# The InetOrgPerson Schema [RFC2798] (inetorgperson.schema) + +# 1.3.6.1.4.1.13769.2.x - Mozilla AB 'Contact' tab + +attributetype ( 1.3.6.1.4.1.13769.2.1 + NAME ( 'mozillaNickname' 'xmozillanickname' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.13769.2.2 + NAME ( 'mozillaSecondEmail' 'xmozillasecondemail' ) + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.3 + NAME ( 'mozillaUseHtmlMail' 'xmozillausehtmlmail' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +# AOL Instant Messenger (AIM) Identity +attributetype ( 1.3.6.1.4.1.13769.2.4 + NAME ( 'nsAIMid' 'nscpaimscreenname' ) + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +# 1.3.6.1.4.1.13769.3.x - Mozilla AB 'Address' tab + +attributetype ( 1.3.6.1.4.1.13769.3.1 + NAME 'mozillaHomeStreet' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.2 + NAME 'mozillaHomeStreet2' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.3 + NAME 'mozillaHomeLocalityName' + SUP name + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.4 + NAME 'mozillaHomeState' + SUP name + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.5 + NAME 'mozillaHomePostalCode' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.6 + NAME 'mozillaHomeCountryName' + SUP name + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.7 + NAME 'mozillaHomeUrl' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.8 + NAME 'mozillaWorkStreet2' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.3.9 + NAME 'mozillaWorkUrl' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +# 1.3.6.1.4.1.13769.4.x - Mozilla AB 'Other' tab + +attributetype ( 1.3.6.1.4.1.13769.4.1 + NAME 'mozillaCustom1' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.4.2 NAME 'mozillaCustom2' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.4.3 NAME 'mozillaCustom3' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.4.4 NAME 'mozillaCustom4' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} + SINGLE-VALUE ) + +# 1.3.6.1.4.1.13769.9 - Mozilla AB objectclasses + +# The mozillaAddressBookEntry object class is used to define entries +# representing Cards in the Mozilla Address Book. The commonName attribute +# is used for naming entries of this object class, but may not be unique. +# department $ + +objectclass ( 1.3.6.1.4.1.13769.9.1 + NAME 'mozillaAbPersonAlpha' + SUP top AUXILIARY + MUST ( cn ) + MAY ( + c $ + description $ + displayName $ + fax $ + givenName $ + homePhone $ + l $ + mail $ + mobile $ + mozillaNickname $ + mozillaSecondEmail $ + mozillaUseHtmlMail $ + nsAIMid $ + mozillaWorkStreet2 $ + mozillaWorkUrl $ + mozillaHomeCountryName $ + mozillaHomeLocalityName $ + mozillaHomePostalCode $ + mozillaHomeState $ + mozillaHomeStreet $ + mozillaHomeStreet2 $ + mozillaHomeUrl $ + mozillaCustom1 $ + mozillaCustom2 $ + mozillaCustom3 $ + mozillaCustom4 $ + o $ + ou $ + pager $ + postalCode $ + postOfficeBox $ + sn $ + st $ + street $ + telephoneNumber $ + title $ + co + ) ) + + diff --git a/openldap/schema/mozillaorg.schema b/openldap/schema/mozillaorg.schema new file mode 100644 index 0000000..85b6d0f --- /dev/null +++ b/openldap/schema/mozillaorg.schema @@ -0,0 +1,181 @@ +# +# mozillaOrgPerson schema v. 0.6.3 +# + +# req. core +# req. cosine +# req. inetorgperson + +# attribute defs + +attributetype ( 1.3.6.1.4.1.13769.2.1.1 + NAME ( 'mozillaNickname' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.2 + NAME ( 'mozillaUseHtmlMail' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.3 + NAME 'mozillaSecondEmail' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.4 + NAME 'mozillaHomeLocalityName' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.5 + NAME 'mozillaPostalAddress2' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.6 + NAME 'mozillaHomePostalAddress2' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.7 + NAME ( 'mozillaHomeState' ) SUP name ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.8 + NAME 'mozillaHomePostalCode' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.9 + NAME ( 'mozillaHomeCountryName' ) + SUP name SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.10 + NAME ( 'mozillaHomeFriendlyCountryName' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.11 + NAME ( 'mozillaHomeUrl' ) + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.12 + NAME ( 'mozillaWorkUrl' ) + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# un-comment for all LDAP server NOT supporting SYNTAX 2.16.840.1.113730.3.7.1 +attributetype ( 1.3.6.1.4.1.13769.2.1.13 + NAME ( 'nsAIMid' ) + DESC 'AOL Instant Messenger (AIM) Identity' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.14 NAME ( 'mozillaHomeStreet' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.15 NAME ( 'mozillaWorkStreet2' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +# un-comment for Netscape 6.x and all other LDAP server supporting SYNTAX 2.16.840.1.113730.3.7.1 +# attributeTypes ( 2.16.840.1.113730.3.1.2013 +# NAME ( 'nsAIMid' ) +# DESC 'AOL Instant Messenger (AIM) Identity' +# SYNTAX 2.16.840.1.113730.3.7.1 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.96 + NAME ( 'mozillaCustom1' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.97 + NAME ( 'mozillaCustom2' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.98 + NAME ( 'mozillaCustom3' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.99 + NAME ( 'mozillaCustom4' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# defined in "A Summary of the X.500(96) User Schema for use with LDAPv3" - RFC 2256 +# +# attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# DESC 'RFC2256: ISO-3166 country 2-letter code' +# SUP name SINGLE-VALUE ) + +# defined in "The COSINE and Internet X.500 Schema" - RFC 1274 +# +# attributetype ( 0.9.2342.19200300.100.1.43 +# NAME ( 'co' 'friendlyCountryName' ) +# DESC 'RFC1274: friendly country name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + + +# objectClass defs + +objectclass ( 1.3.6.1.4.1.13769.2.2.1 + NAME 'mozillaOrgPerson' + SUP top + AUXILIARY + MAY ( + sn $ + givenName $ + cn $ + mozillaNickname $ + title $ + telephoneNumber $ + facsimileTelephoneNumber $ + mobile $ + pager $ + homePhone $ + street $ + postalCode $ + mozillaPostalAddress2 $ + mozillaHomeStreet $ + mozillaHomePostalAddress2 $ + mozillaWorkStreet2 $ + l $ + mozillaHomeLocalityName $ + st $ + mozillaHomeState $ + mozillaHomePostalCode $ + c $ + mozillaHomeCountryName $ + co $ + mozillaHomeFriendlyCountryName $ + ou $ + o $ + mail $ + mozillaSecondEmail $ + mozillaUseHtmlMail $ + nsAIMid $ + mozillaHomeUrl $ + mozillaWorkUrl $ + description $ + mozillaCustom1 $ + mozillaCustom2 $ + mozillaCustom3 $ + mozillaCustom4 ) ) + +# not part of the official Mozilla schema but read by Mozilla: 'departmentNumber' and 'postOfficeBox' diff --git a/openldap/schema/mozillaorg.schema.default b/openldap/schema/mozillaorg.schema.default new file mode 100644 index 0000000..6a528d3 --- /dev/null +++ b/openldap/schema/mozillaorg.schema.default @@ -0,0 +1,175 @@ +# +# mozillaOrgPerson schema v. 0.6.3 +# + +# req. core +# req. cosine +# req. inetorgperson + +# attribute defs + +attributetype ( 1.3.6.1.4.1.13769.2.1.1 + NAME ( 'mozillaNickname' ) + SUP name ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.2 + NAME ( 'mozillaUseHtmlMail' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.3 + NAME 'mozillaSecondEmail' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.4 + NAME 'mozillaHomeLocalityName' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.5 + NAME 'mozillaPostalAddress2' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.6 + NAME 'mozillaHomePostalAddress2' + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.7 + NAME ( 'mozillaHomeState' ) SUP name ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.8 + NAME 'mozillaHomePostalCode' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.9 + NAME ( 'mozillaHomeCountryName' ) + SUP name SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.10 + NAME ( 'mozillaHomeFriendlyCountryName' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.11 + NAME ( 'mozillaHomeUrl' ) + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.12 + NAME ( 'mozillaWorkUrl' ) + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# un-comment for all LDAP server NOT supporting SYNTAX 2.16.840.1.113730.3.7.1 +attributetype ( 1.3.6.1.4.1.13769.2.1.13 + NAME ( 'nsAIMid' ) + DESC 'AOL Instant Messenger (AIM) Identity' + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.14 NAME ( 'mozillaHomeStreet' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +# un-comment for Netscape 6.x and all other LDAP server supporting SYNTAX 2.16.840.1.113730.3.7.1 +# attributeTypes ( 2.16.840.1.113730.3.1.2013 +# NAME ( 'nsAIMid' ) +# DESC 'AOL Instant Messenger (AIM) Identity' +# SYNTAX 2.16.840.1.113730.3.7.1 ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.96 + NAME ( 'mozillaCustom1' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.97 + NAME ( 'mozillaCustom2' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.98 + NAME ( 'mozillaCustom3' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.13769.2.1.99 + NAME ( 'mozillaCustom4' ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) + +# defined in "A Summary of the X.500(96) User Schema for use with LDAPv3" - RFC 2256 +# +# attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) +# DESC 'RFC2256: ISO-3166 country 2-letter code' +# SUP name SINGLE-VALUE ) + +# defined in "The COSINE and Internet X.500 Schema" - RFC 1274 +# +# attributetype ( 0.9.2342.19200300.100.1.43 +# NAME ( 'co' 'friendlyCountryName' ) +# DESC 'RFC1274: friendly country name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + + +# objectClass defs + +objectclass ( 1.3.6.1.4.1.13769.2.2.1 + NAME 'mozillaOrgPerson' + SUP top + AUXILIARY + MAY ( + sn $ + givenName $ + cn $ + mozillaNickname $ + title $ + telephoneNumber $ + facsimileTelephoneNumber $ + mobile $ + pager $ + homePhone $ + street $ + postalCode $ + mozillaPostalAddress2 $ + mozillaHomeStreet $ + mozillaHomePostalAddress2 $ + l $ + mozillaHomeLocalityName $ + st $ + mozillaHomeState $ + mozillaHomePostalCode $ + c $ + mozillaHomeCountryName $ + co $ + mozillaHomeFriendlyCountryName $ + ou $ + o $ + mail $ + mozillaSecondEmail $ + mozillaUseHtmlMail $ + nsAIMid $ + mozillaHomeUrl $ + mozillaWorkUrl $ + description $ + mozillaCustom1 $ + mozillaCustom2 $ + mozillaCustom3 $ + mozillaCustom4 ) ) + +# not part of the official Mozilla schema but read by Mozilla: 'departmentNumber' and 'postOfficeBox' diff --git a/openldap/schema/nis.ldif b/openldap/schema/nis.ldif new file mode 100644 index 0000000..e754471 --- /dev/null +++ b/openldap/schema/nis.ldif @@ -0,0 +1,120 @@ +# NIS (RFC2307) +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.ldif,v 1.1.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# Definitions from RFC2307 (Experimental) +# An Approach for Using LDAP as a Network Information Service +# +# Depends upon core.ldif and cosine.ldif +# +# This file was automatically generated from nis.schema; see that file +# for complete references. +# +dn: cn=nis,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: nis +olcAttributeTypes: ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; th + e common name' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatc + h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolut + e path to the home directory' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1 + 466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to th + e login shell' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.2 + 6 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY integ + erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY integerM + atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY integer + Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY integerM + atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY integerMat + ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactI + A5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 26 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY ca + seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.11 + 5.121.1.26 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgr + oup triple' SYNTAX 1.3.6.1.1.1.0.0 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY intege + rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP name ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY int + egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY integer + Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP address + ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP netw + ork' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SI + NGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP netm + ask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SI + NGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC address' + EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.bootp + aramd parameter' SYNTAX 1.3.6.1.1.1.0.1 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image nam + e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name ) +olcAttributeTypes: ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY caseExac + tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121. + 1.26{1024} SINGLE-VALUE ) +olcObjectClasses: ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'Abstraction o + f an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNu + mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ + description ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC 'Additional a + ttributes for shadow passwords' SUP top AUXILIARY MUST uid MAY ( userPassword + $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive + $ shadowExpire $ shadowFlag $ description ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC 'Abstraction of + a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY ( userPas + sword $ memberUid $ description ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC 'Abstraction an I + nternet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort $ ipSe + rviceProtocol ) MAY description ) +olcObjectClasses: ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC 'Abstraction of + an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $ description + ) MAY description ) +olcObjectClasses: ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction of an O + NC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $ description ) M + AY description ) +olcObjectClasses: ( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction of a ho + st, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l $ desc + ription $ manager ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC 'Abstraction of a + n IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY ( ipNetmas + kNumber $ l $ description $ manager ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC 'Abstraction of + a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $ memberNisNe + tgroup $ description ) ) +olcObjectClasses: ( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic abstracti + on of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description ) +olcObjectClasses: ( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC 'An entry in a + NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY descri + ption ) +olcObjectClasses: ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A device w + ith a MAC address' SUP top AUXILIARY MAY macAddress ) +olcObjectClasses: ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A device + with boot parameters' SUP top AUXILIARY MAY ( bootFile $ bootParameter ) ) diff --git a/openldap/schema/nis.schema b/openldap/schema/nis.schema new file mode 100644 index 0000000..8fc1088 --- /dev/null +++ b/openldap/schema/nis.schema @@ -0,0 +1,237 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,v 1.15.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# Definitions from RFC2307 (Experimental) +# An Approach for Using LDAP as a Network Information Service + +# Depends upon core.schema and cosine.schema + +# Note: The definitions in RFC2307 are given in syntaxes closely related +# to those in RFC2252, however, some liberties are taken that are not +# supported by RFC2252. This file has been written following RFC2252 +# strictly. + +# OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1). +# i.e. nisSchema in RFC2307 is 1.3.6.1.1.1 +# +# Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined) +# validaters for these syntaxes are incomplete, they only +# implement printable string validation (which is good as the +# common use of these syntaxes violates the specification). +# Attribute types are under 1.3.6.1.1.1.1 +# Object classes are under 1.3.6.1.1.1.2 + +# Attribute Type Definitions + +# builtin +#attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' +# DESC 'An integer uniquely identifying a user in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# builtin +#attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' +# DESC 'An integer uniquely identifying a group in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' + DESC 'The GECOS field; the common name' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' + DESC 'The absolute path to the home directory' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' + DESC 'The path to the login shell' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' + DESC 'Netgroup triple' + SYNTAX 1.3.6.1.1.1.0.0 ) + +attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' + SUP name ) + +attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' + DESC 'IP address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' + DESC 'IP network' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' + DESC 'IP netmask' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' + DESC 'MAC address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' + DESC 'rpc.bootparamd parameter' + SYNTAX 1.3.6.1.1.1.0.1 ) + +attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' + DESC 'Boot image name' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' + SUP name ) + +attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE ) + +# Object Class Definitions + +objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' + DESC 'Abstraction of an account with POSIX attributes' + SUP top AUXILIARY + MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) + MAY ( userPassword $ loginShell $ gecos $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' + DESC 'Additional attributes for shadow passwords' + SUP top AUXILIARY + MUST uid + MAY ( userPassword $ shadowLastChange $ shadowMin $ + shadowMax $ shadowWarning $ shadowInactive $ + shadowExpire $ shadowFlag $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' + DESC 'Abstraction of a group of accounts' + SUP top STRUCTURAL + MUST ( cn $ gidNumber ) + MAY ( userPassword $ memberUid $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' + DESC 'Abstraction an Internet Protocol service' + SUP top STRUCTURAL + MUST ( cn $ ipServicePort $ ipServiceProtocol ) + MAY ( description ) ) + +objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' + DESC 'Abstraction of an IP protocol' + SUP top STRUCTURAL + MUST ( cn $ ipProtocolNumber $ description ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' + DESC 'Abstraction of an ONC/RPC binding' + SUP top STRUCTURAL + MUST ( cn $ oncRpcNumber $ description ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' + DESC 'Abstraction of a host, an IP device' + SUP top AUXILIARY + MUST ( cn $ ipHostNumber ) + MAY ( l $ description $ manager ) ) + +objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' + DESC 'Abstraction of an IP network' + SUP top STRUCTURAL + MUST ( cn $ ipNetworkNumber ) + MAY ( ipNetmaskNumber $ l $ description $ manager ) ) + +objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' + DESC 'Abstraction of a netgroup' + SUP top STRUCTURAL + MUST cn + MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' + DESC 'A generic abstraction of a NIS map' + SUP top STRUCTURAL + MUST nisMapName + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' + DESC 'An entry in a NIS map' + SUP top STRUCTURAL + MUST ( cn $ nisMapEntry $ nisMapName ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' + DESC 'A device with a MAC address' + SUP top AUXILIARY + MAY macAddress ) + +objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' + DESC 'A device with boot parameters' + SUP top AUXILIARY + MAY ( bootFile $ bootParameter ) ) diff --git a/openldap/schema/nis.schema.default b/openldap/schema/nis.schema.default new file mode 100644 index 0000000..fa9d8b8 --- /dev/null +++ b/openldap/schema/nis.schema.default @@ -0,0 +1,237 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,v 1.15.2.5 2010/04/13 20:23:48 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# Definitions from RFC2307 (Experimental) +# An Approach for Using LDAP as a Network Information Service + +# Depends upon core.schema and cosine.schema + +# Note: The definitions in RFC2307 are given in syntaxes closely related +# to those in RFC2252, however, some liberties are taken that are not +# supported by RFC2252. This file has been written following RFC2252 +# strictly. + +# OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1). +# i.e. nisSchema in RFC2307 is 1.3.6.1.1.1 +# +# Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined) +# validaters for these syntaxes are incomplete, they only +# implement printable string validation (which is good as the +# common use of these syntaxes violates the specification). +# Attribute types are under 1.3.6.1.1.1.1 +# Object classes are under 1.3.6.1.1.1.2 + +# Attribute Type Definitions + +# builtin +#attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' +# DESC 'An integer uniquely identifying a user in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# builtin +#attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' +# DESC 'An integer uniquely identifying a group in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' + DESC 'The GECOS field; the common name' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' + DESC 'The absolute path to the home directory' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' + DESC 'The path to the login shell' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' + DESC 'Netgroup triple' + SYNTAX 1.3.6.1.1.1.0.0 ) + +attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' + SUP name ) + +attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' + DESC 'IP address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' + DESC 'IP network' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' + DESC 'IP netmask' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' + DESC 'MAC address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' + DESC 'rpc.bootparamd parameter' + SYNTAX 1.3.6.1.1.1.0.1 ) + +attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' + DESC 'Boot image name' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' + SUP name ) + +attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE ) + +# Object Class Definitions + +objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' + DESC 'Abstraction of an account with POSIX attributes' + SUP top AUXILIARY + MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) + MAY ( userPassword $ loginShell $ gecos $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' + DESC 'Additional attributes for shadow passwords' + SUP top AUXILIARY + MUST uid + MAY ( userPassword $ shadowLastChange $ shadowMin $ + shadowMax $ shadowWarning $ shadowInactive $ + shadowExpire $ shadowFlag $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' + DESC 'Abstraction of a group of accounts' + SUP top STRUCTURAL + MUST ( cn $ gidNumber ) + MAY ( userPassword $ memberUid $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' + DESC 'Abstraction an Internet Protocol service' + SUP top STRUCTURAL + MUST ( cn $ ipServicePort $ ipServiceProtocol ) + MAY ( description ) ) + +objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' + DESC 'Abstraction of an IP protocol' + SUP top STRUCTURAL + MUST ( cn $ ipProtocolNumber $ description ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' + DESC 'Abstraction of an ONC/RPC binding' + SUP top STRUCTURAL + MUST ( cn $ oncRpcNumber $ description ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' + DESC 'Abstraction of a host, an IP device' + SUP top AUXILIARY + MUST ( cn $ ipHostNumber ) + MAY ( l $ description $ manager ) ) + +objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' + DESC 'Abstraction of an IP network' + SUP top STRUCTURAL + MUST ( cn $ ipNetworkNumber ) + MAY ( ipNetmaskNumber $ l $ description $ manager ) ) + +objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' + DESC 'Abstraction of a netgroup' + SUP top STRUCTURAL + MUST cn + MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) ) + +objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' + DESC 'A generic abstraction of a NIS map' + SUP top STRUCTURAL + MUST nisMapName + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' + DESC 'An entry in a NIS map' + SUP top STRUCTURAL + MUST ( cn $ nisMapEntry $ nisMapName ) + MAY description ) + +objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' + DESC 'A device with a MAC address' + SUP top AUXILIARY + MAY macAddress ) + +objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' + DESC 'A device with boot parameters' + SUP top AUXILIARY + MAY ( bootFile $ bootParameter ) ) diff --git a/openldap/schema/openldap.ldif b/openldap/schema/openldap.ldif new file mode 100644 index 0000000..1c532f7 --- /dev/null +++ b/openldap/schema/openldap.ldif @@ -0,0 +1,88 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.ldif,v 1.2.2.7 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +# +# OpenLDAP Project's directory schema items +# +# depends upon: +# core.schema +# cosine.schema +# inetorgperson.schema +# +# These are provided for informational purposes only. +# +# This openldap.ldif file is provided as a demonstration of how to +# convert a *.schema file into *.ldif format. The key points: +# In LDIF, a blank line terminates an entry. Blank lines in a *.schema +# file should be replaced with a single '#' to turn them into +# comments, or they should just be removed. +# In addition to the actual schema directives, the file needs a small +# header to make it a valid LDAP entry. This header must provide the +# dn of the entry, the objectClass, and the cn, as shown here: +# +dn: cn=openldap,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: openldap +# +# The schema directives need to be changed to LDAP Attributes. +# First a basic string substitution can be done on each of the keywords: +# objectIdentifier -> olcObjectIdentifier: +# objectClass -> olcObjectClasses: +# attributeType -> olcAttributeTypes: +# Then leading whitespace must be fixed. The slapd.conf format allows +# tabs or spaces to denote line continuation, while LDIF only allows +# the space character. +# Also slapd.conf preserves the continuation character, while LDIF strips +# it out. So a single TAB/SPACE in slapd.conf must be replaced with +# two SPACEs in LDIF, otherwise the continued text may get joined as +# a single word. +# The directives must be listed in a proper sequence: +# All olcObjectIdentifiers must be first, so they may be referenced by +# any following definitions. +# All olcAttributeTypes must be next, so they may be referenced by any +# following objectClass definitions. +# All olcObjectClasses must be after the olcAttributeTypes. +# And of course, any superior must occur before anything that inherits +# from it. +# +olcObjectIdentifier: OpenLDAProot 1.3.6.1.4.1.4203 +# +olcObjectIdentifier: OpenLDAP OpenLDAProot:1 +olcObjectIdentifier: OpenLDAPattributeType OpenLDAP:3 +olcObjectIdentifier: OpenLDAPobjectClass OpenLDAP:4 +# +olcObjectClasses: ( OpenLDAPobjectClass:3 + NAME 'OpenLDAPorg' + DESC 'OpenLDAP Organizational Object' + SUP organization + MAY ( buildingName $ displayName $ labeledURI ) ) +# +olcObjectClasses: ( OpenLDAPobjectClass:4 + NAME 'OpenLDAPou' + DESC 'OpenLDAP Organizational Unit Object' + SUP organizationalUnit + MAY ( buildingName $ displayName $ labeledURI $ o ) ) +# +olcObjectClasses: ( OpenLDAPobjectClass:5 + NAME 'OpenLDAPperson' + DESC 'OpenLDAP Person' + SUP ( pilotPerson $ inetOrgPerson ) + MUST ( uid $ cn ) + MAY ( givenName $ labeledURI $ o ) ) +# +olcObjectClasses: ( OpenLDAPobjectClass:6 + NAME 'OpenLDAPdisplayableObject' + DESC 'OpenLDAP Displayable Object' + AUXILIARY + MAY displayName ) diff --git a/openldap/schema/openldap.schema b/openldap/schema/openldap.schema new file mode 100644 index 0000000..c8b9290 --- /dev/null +++ b/openldap/schema/openldap.schema @@ -0,0 +1,54 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.schema,v 1.24.2.7 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# +# OpenLDAP Project's directory schema items +# +# depends upon: +# core.schema +# cosine.schema +# inetorgperson.schema +# +# These are provided for informational purposes only. + +objectIdentifier OpenLDAProot 1.3.6.1.4.1.4203 + +objectIdentifier OpenLDAP OpenLDAProot:1 +objectIdentifier OpenLDAPattributeType OpenLDAP:3 +objectIdentifier OpenLDAPobjectClass OpenLDAP:4 + +objectClass ( OpenLDAPobjectClass:3 + NAME 'OpenLDAPorg' + DESC 'OpenLDAP Organizational Object' + SUP organization + MAY ( buildingName $ displayName $ labeledURI ) ) + +objectClass ( OpenLDAPobjectClass:4 + NAME 'OpenLDAPou' + DESC 'OpenLDAP Organizational Unit Object' + SUP organizationalUnit + MAY ( buildingName $ displayName $ labeledURI $ o ) ) + +objectClass ( OpenLDAPobjectClass:5 + NAME 'OpenLDAPperson' + DESC 'OpenLDAP Person' + SUP ( pilotPerson $ inetOrgPerson ) + MUST ( uid $ cn ) + MAY ( givenName $ labeledURI $ o ) ) + +objectClass ( OpenLDAPobjectClass:6 + NAME 'OpenLDAPdisplayableObject' + DESC 'OpenLDAP Displayable Object' + AUXILIARY + MAY displayName ) diff --git a/openldap/schema/openldap.schema.default b/openldap/schema/openldap.schema.default new file mode 100644 index 0000000..633fbd1 --- /dev/null +++ b/openldap/schema/openldap.schema.default @@ -0,0 +1,54 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.schema,v 1.24.2.6 2010/04/13 20:23:49 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +# +# OpenLDAP Project's directory schema items +# +# depends upon: +# core.schema +# cosine.schema +# inetorgperson.schema +# +# These are provided for informational purposes only. + +objectIdentifier OpenLDAProot 1.3.6.1.4.1.4203 + +objectIdentifier OpenLDAP OpenLDAProot:1 +objectIdentifier OpenLDAPattributeType OpenLDAP:3 +objectIdentifier OpenLDAPobjectClass OpenLDAP:4 + +objectClass ( OpenLDAPobjectClass:3 + NAME 'OpenLDAPorg' + DESC 'OpenLDAP Organizational Object' + SUP organization + MAY ( buildingName $ displayName $ labeledURI ) ) + +objectClass ( OpenLDAPobjectClass:4 + NAME 'OpenLDAPou' + DESC 'OpenLDAP Organizational Unit Object' + SUP organizationalUnit + MAY ( buildingName $ displayName $ labeledURI $ o ) ) + +objectClass ( OpenLDAPobjectClass:5 + NAME 'OpenLDAPperson' + DESC 'OpenLDAP Person' + SUP ( pilotPerson $ inetOrgPerson ) + MUST ( uid $ cn ) + MAY ( givenName $ labeledURI $ o ) ) + +objectClass ( OpenLDAPobjectClass:6 + NAME 'OpenLDAPdisplayableObject' + DESC 'OpenLDAP Displayable Object' + AUXILIARY + MAY displayName ) diff --git a/openldap/schema/openssh.schema b/openldap/schema/openssh.schema new file mode 100644 index 0000000..2979293 --- /dev/null +++ b/openldap/schema/openssh.schema @@ -0,0 +1,29 @@ +# +# LDAP Public Key Patch schema for use with openssh-ldappubkey +# Author: Eric AUGE +# Frank Brehm +# +# $Header: /etc/openldap/schema/.rcs/openssh.schema,v 1.1 2011/04/07 20:50:11 root Exp $ +# +# Based on the proposal of : Mark Ruijter +# + +# octetString SYNTAX +attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' + DESC 'MANDATORY: OpenSSH Public key' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + +attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.14 NAME 'sshPrivateKey' + DESC 'MANDATORY: OpenSSH Private key' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + +# printableString SYNTAX yes|no +objectclass ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY + DESC 'MANDATORY: OpenSSH LPK objectclass' + MAY ( sshPublicKey $ sshPrivateKey $ uid ) + ) + + +# vim: fileencoding=utf-8 filetype=conf ts=4 diff --git a/openldap/schema/pmi.schema b/openldap/schema/pmi.schema new file mode 100644 index 0000000..adac7a3 --- /dev/null +++ b/openldap/schema/pmi.schema @@ -0,0 +1,464 @@ +# OpenLDAP X.509 PMI schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/pmi.schema,v 1.1.2.4 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2006). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +# +# +# Includes LDAPv3 schema items from: +# ITU X.509 (08/2005) +# +## X.509 (08/2005) pp. 120-121 +## +## -- object identifier assignments -- +## -- object classes -- +## id-oc-pmiUser OBJECT IDENTIFIER ::= {id-oc 24} +## id-oc-pmiAA OBJECT IDENTIFIER ::= {id-oc 25} +## id-oc-pmiSOA OBJECT IDENTIFIER ::= {id-oc 26} +## id-oc-attCertCRLDistributionPts OBJECT IDENTIFIER ::= {id-oc 27} +## id-oc-privilegePolicy OBJECT IDENTIFIER ::= {id-oc 32} +## id-oc-pmiDelegationPath OBJECT IDENTIFIER ::= {id-oc 33} +## id-oc-protectedPrivilegePolicy OBJECT IDENTIFIER ::= {id-oc 34} +## -- directory attributes -- +## id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} +## id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} +## id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61} +## id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62} +## id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63} +## id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71} +## id-at-role OBJECT IDENTIFIER ::= {id-at 72} +## id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73} +## id-at-protPrivPolicy OBJECT IDENTIFIER ::= {id-at 74} +## id-at-xMLPrivilegeInfo OBJECT IDENTIFIER ::= {id-at 75} +## id-at-xMLPprotPrivPolicy OBJECT IDENTIFIER ::= {id-at 76} +## -- attribute certificate extensions -- +## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} +## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} +## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} +## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} +## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} +## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} +## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} +## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} +## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} +## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} +## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} +## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} +## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} +## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} +## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} +## -- PMI matching rules -- +## id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} +## id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45} +## id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46} +## id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53} +## id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54} +## id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55} +## id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56} +## id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57} +## id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58} +## id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59} +## id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61} +## id-mr-sOAIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 66} +## id-mr-indirectIssuerMatch OBJECT IDENTIFIER ::= {id-mr 67} +## +## +## X.509 (08/2005) pp. 71, 86-89 +## +## 14.4.1 Role attribute +## role ATTRIBUTE ::= { +## WITH SYNTAX RoleSyntax +## ID id-at-role } +## RoleSyntax ::= SEQUENCE { +## roleAuthority [0] GeneralNames OPTIONAL, +## roleName [1] GeneralName } +## +## 14.5 XML privilege information attribute +## xmlPrivilegeInfo ATTRIBUTE ::= { +## WITH SYNTAX UTF8String -- contains XML-encoded privilege information +## ID id-at-xMLPrivilegeInfo } +## +## 17.1 PMI directory object classes +## +## 17.1.1 PMI user object class +## pmiUser OBJECT-CLASS ::= { +## -- a PMI user (i.e., a "holder") +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {attributeCertificateAttribute} +## ID id-oc-pmiUser } +## +## 17.1.2 PMI AA object class +## pmiAA OBJECT-CLASS ::= { +## -- a PMI AA +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {aACertificate | +## attributeCertificateRevocationList | +## attributeAuthorityRevocationList} +## ID id-oc-pmiAA } +## +## 17.1.3 PMI SOA object class +## pmiSOA OBJECT-CLASS ::= { -- a PMI Source of Authority +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {attributeCertificateRevocationList | +## attributeAuthorityRevocationList | +## attributeDescriptorCertificate} +## ID id-oc-pmiSOA } +## +## 17.1.4 Attribute certificate CRL distribution point object class +## attCertCRLDistributionPt OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN { attributeCertificateRevocationList | +## attributeAuthorityRevocationList } +## ID id-oc-attCertCRLDistributionPts } +## +## 17.1.5 PMI delegation path +## pmiDelegationPath OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN { delegationPath } +## ID id-oc-pmiDelegationPath } +## +## 17.1.6 Privilege policy object class +## privilegePolicy OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {privPolicy } +## ID id-oc-privilegePolicy } +## +## 17.1.7 Protected privilege policy object class +## protectedPrivilegePolicy OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {protPrivPolicy } +## ID id-oc-protectedPrivilegePolicy } +## +## 17.2 PMI Directory attributes +## +## 17.2.1 Attribute certificate attribute +## attributeCertificateAttribute ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-attributeCertificate } +## +## 17.2.2 AA certificate attribute +## aACertificate ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-aACertificate } +## +## 17.2.3 Attribute descriptor certificate attribute +## attributeDescriptorCertificate ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-attributeDescriptorCertificate } +## +## 17.2.4 Attribute certificate revocation list attribute +## attributeCertificateRevocationList ATTRIBUTE ::= { +## WITH SYNTAX CertificateList +## EQUALITY MATCHING RULE certificateListExactMatch +## ID id-at-attributeCertificateRevocationList} +## +## 17.2.5 AA certificate revocation list attribute +## attributeAuthorityRevocationList ATTRIBUTE ::= { +## WITH SYNTAX CertificateList +## EQUALITY MATCHING RULE certificateListExactMatch +## ID id-at-attributeAuthorityRevocationList } +## +## 17.2.6 Delegation path attribute +## delegationPath ATTRIBUTE ::= { +## WITH SYNTAX AttCertPath +## ID id-at-delegationPath } +## AttCertPath ::= SEQUENCE OF AttributeCertificate +## +## 17.2.7 Privilege policy attribute +## privPolicy ATTRIBUTE ::= { +## WITH SYNTAX PolicySyntax +## ID id-at-privPolicy } +## +## 17.2.8 Protected privilege policy attribute +## protPrivPolicy ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-protPrivPolicy } +## +## 17.2.9 XML Protected privilege policy attribute +## xmlPrivPolicy ATTRIBUTE ::= { +## WITH SYNTAX UTF8String -- contains XML-encoded privilege policy information +## ID id-at-xMLPprotPrivPolicy } +## + +## -- object identifier assignments -- +## -- object classes -- +objectidentifier id-oc-pmiUser 2.5.6.24 +objectidentifier id-oc-pmiAA 2.5.6.25 +objectidentifier id-oc-pmiSOA 2.5.6.26 +objectidentifier id-oc-attCertCRLDistributionPts 2.5.6.27 +objectidentifier id-oc-privilegePolicy 2.5.6.32 +objectidentifier id-oc-pmiDelegationPath 2.5.6.33 +objectidentifier id-oc-protectedPrivilegePolicy 2.5.6.34 +## -- directory attributes -- +objectidentifier id-at-attributeCertificate 2.5.4.58 +objectidentifier id-at-attributeCertificateRevocationList 2.5.4.59 +objectidentifier id-at-aACertificate 2.5.4.61 +objectidentifier id-at-attributeDescriptorCertificate 2.5.4.62 +objectidentifier id-at-attributeAuthorityRevocationList 2.5.4.63 +objectidentifier id-at-privPolicy 2.5.4.71 +objectidentifier id-at-role 2.5.4.72 +objectidentifier id-at-delegationPath 2.5.4.73 +objectidentifier id-at-protPrivPolicy 2.5.4.74 +objectidentifier id-at-xMLPrivilegeInfo 2.5.4.75 +objectidentifier id-at-xMLPprotPrivPolicy 2.5.4.76 +## -- attribute certificate extensions -- +## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} +## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} +## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} +## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} +## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} +## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} +## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} +## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} +## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} +## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} +## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} +## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} +## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} +## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} +## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} +## -- PMI matching rules -- +objectidentifier id-mr 2.5.13 +objectidentifier id-mr-attributeCertificateMatch id-mr:42 +objectidentifier id-mr-attributeCertificateExactMatch id-mr:45 +objectidentifier id-mr-holderIssuerMatch id-mr:46 +objectidentifier id-mr-authAttIdMatch id-mr:53 +objectidentifier id-mr-roleSpecCertIdMatch id-mr:54 +objectidentifier id-mr-basicAttConstraintsMatch id-mr:55 +objectidentifier id-mr-delegatedNameConstraintsMatch id-mr:56 +objectidentifier id-mr-timeSpecMatch id-mr:57 +objectidentifier id-mr-attDescriptorMatch id-mr:58 +objectidentifier id-mr-acceptableCertPoliciesMatch id-mr:59 +objectidentifier id-mr-delegationPathMatch id-mr:61 +objectidentifier id-mr-sOAIdentifierMatch id-mr:66 +objectidentifier id-mr-indirectIssuerMatch id-mr:67 +## -- syntaxes -- +## NOTE: 1.3.6.1.4.1.4203.666.11.10 is the oid arc assigned by OpenLDAP +## to this work in progress +objectidentifier AttributeCertificate 1.3.6.1.4.1.4203.666.11.10.2.1 +objectidentifier CertificateList 1.3.6.1.4.1.1466.115.121.1.9 +objectidentifier AttCertPath 1.3.6.1.4.1.4203.666.11.10.2.4 +objectidentifier PolicySyntax 1.3.6.1.4.1.4203.666.11.10.2.5 +objectidentifier RoleSyntax 1.3.6.1.4.1.4203.666.11.10.2.6 +# NOTE: OIDs from (expired) +#objectidentifier AttributeCertificate 1.2.826.0.1.3344810.7.5 +#objectidentifier AttCertPath 1.2.826.0.1.3344810.7.10 +#objectidentifier PolicySyntax 1.2.826.0.1.3344810.7.17 +#objectidentifier RoleSyntax 1.2.826.0.1.3344810.7.13 +## +## Substitute syntaxes +## +## AttCertPath +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.4 + NAME 'AttCertPath' + DESC 'X.509 PMI attribute cartificate path: SEQUENCE OF AttributeCertificate' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## PolicySyntax +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.5 + NAME 'PolicySyntax' + DESC 'X.509 PMI policy syntax' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## RoleSyntax +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.6 + NAME 'RoleSyntax' + DESC 'X.509 PMI role syntax' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## X.509 (08/2005) pp. 71, 86-89 +## +## 14.4.1 Role attribute +attributeType ( id-at-role + NAME 'role' + DESC 'X.509 Role attribute, use ;binary' + SYNTAX RoleSyntax ) +## +## 14.5 XML privilege information attribute +## -- contains XML-encoded privilege information +attributeType ( id-at-xMLPrivilegeInfo + NAME 'xmlPrivilegeInfo' + DESC 'X.509 XML privilege information attribute' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +## +## 17.2 PMI Directory attributes +## +## 17.2.1 Attribute certificate attribute +attributeType ( id-at-attributeCertificate + NAME 'attributeCertificateAttribute' + DESC 'X.509 Attribute certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.2 AA certificate attribute +attributeType ( id-at-aACertificate + NAME 'aACertificate' + DESC 'X.509 AA certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.3 Attribute descriptor certificate attribute +attributeType ( id-at-attributeDescriptorCertificate + NAME 'attributeDescriptorCertificate' + DESC 'X.509 Attribute descriptor certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.4 Attribute certificate revocation list attribute +attributeType ( id-at-attributeCertificateRevocationList + NAME 'attributeCertificateRevocationList' + DESC 'X.509 Attribute certificate revocation list attribute, use ;binary' + SYNTAX CertificateList + X-EQUALITY 'certificateListExactMatch, not implemented yet' ) +## +## 17.2.5 AA certificate revocation list attribute +attributeType ( id-at-attributeAuthorityRevocationList + NAME 'attributeAuthorityRevocationList' + DESC 'X.509 AA certificate revocation list attribute, use ;binary' + SYNTAX CertificateList + X-EQUALITY 'certificateListExactMatch, not implemented yet' ) +## +## 17.2.6 Delegation path attribute +attributeType ( id-at-delegationPath + NAME 'delegationPath' + DESC 'X.509 Delegation path attribute, use ;binary' + SYNTAX AttCertPath ) +## AttCertPath ::= SEQUENCE OF AttributeCertificate +## +## 17.2.7 Privilege policy attribute +attributeType ( id-at-privPolicy + NAME 'privPolicy' + DESC 'X.509 Privilege policy attribute, use ;binary' + SYNTAX PolicySyntax ) +## +## 17.2.8 Protected privilege policy attribute +attributeType ( id-at-protPrivPolicy + NAME 'protPrivPolicy' + DESC 'X.509 Protected privilege policy attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.9 XML Protected privilege policy attribute +## -- contains XML-encoded privilege policy information +attributeType ( id-at-xMLPprotPrivPolicy + NAME 'xmlPrivPolicy' + DESC 'X.509 XML Protected privilege policy attribute' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +## +## 17.1 PMI directory object classes +## +## 17.1.1 PMI user object class +## -- a PMI user (i.e., a "holder") +objectClass ( id-oc-pmiUser + NAME 'pmiUser' + DESC 'X.509 PMI user object class' + SUP top + AUXILIARY + MAY ( attributeCertificateAttribute ) ) +## +## 17.1.2 PMI AA object class +## -- a PMI AA +objectClass ( id-oc-pmiAA + NAME 'pmiAA' + DESC 'X.509 PMI AA object class' + SUP top + AUXILIARY + MAY ( aACertificate $ + attributeCertificateRevocationList $ + attributeAuthorityRevocationList + ) ) +## +## 17.1.3 PMI SOA object class +## -- a PMI Source of Authority +objectClass ( id-oc-pmiSOA + NAME 'pmiSOA' + DESC 'X.509 PMI SOA object class' + SUP top + AUXILIARY + MAY ( attributeCertificateRevocationList $ + attributeAuthorityRevocationList $ + attributeDescriptorCertificate + ) ) +## +## 17.1.4 Attribute certificate CRL distribution point object class +objectClass ( id-oc-attCertCRLDistributionPts + NAME 'attCertCRLDistributionPt' + DESC 'X.509 Attribute certificate CRL distribution point object class' + SUP top + AUXILIARY + MAY ( attributeCertificateRevocationList $ + attributeAuthorityRevocationList + ) ) +## +## 17.1.5 PMI delegation path +objectClass ( id-oc-pmiDelegationPath + NAME 'pmiDelegationPath' + DESC 'X.509 PMI delegation path' + SUP top + AUXILIARY + MAY ( delegationPath ) ) +## +## 17.1.6 Privilege policy object class +objectClass ( id-oc-privilegePolicy + NAME 'privilegePolicy' + DESC 'X.509 Privilege policy object class' + SUP top + AUXILIARY + MAY ( privPolicy ) ) +## +## 17.1.7 Protected privilege policy object class +objectClass ( id-oc-protectedPrivilegePolicy + NAME 'protectedPrivilegePolicy' + DESC 'X.509 Protected privilege policy object class' + SUP top + AUXILIARY + MAY ( protPrivPolicy ) ) + diff --git a/openldap/schema/pmi.schema.default b/openldap/schema/pmi.schema.default new file mode 100644 index 0000000..a14bf37 --- /dev/null +++ b/openldap/schema/pmi.schema.default @@ -0,0 +1,464 @@ +# OpenLDAP X.509 PMI schema +# $OpenLDAP: pkg/ldap/servers/slapd/schema/pmi.schema,v 1.1.2.3 2010/04/13 20:23:49 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (1997-2006). +## All Rights Reserved. +## +## This document and translations of it may be copied and furnished to +## others, and derivative works that comment on or otherwise explain it +## or assist in its implementation may be prepared, copied, published +## and distributed, in whole or in part, without restriction of any +## kind, provided that the above copyright notice and this paragraph are +## included on all such copies and derivative works. However, this +## document itself may not be modified in any way, such as by removing +## the copyright notice or references to the Internet Society or other +## Internet organizations, except as needed for the purpose of +## developing Internet standards in which case the procedures for +## copyrights defined in the Internet Standards process must be +## followed, or as required to translate it into languages other than +## English. +## +## The limited permissions granted above are perpetual and will not be +## revoked by the Internet Society or its successors or assigns. +## +## This document and the information contained herein is provided on an +## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +# +# +# Includes LDAPv3 schema items from: +# ITU X.509 (08/2005) +# +## X.509 (08/2005) pp. 120-121 +## +## -- object identifier assignments -- +## -- object classes -- +## id-oc-pmiUser OBJECT IDENTIFIER ::= {id-oc 24} +## id-oc-pmiAA OBJECT IDENTIFIER ::= {id-oc 25} +## id-oc-pmiSOA OBJECT IDENTIFIER ::= {id-oc 26} +## id-oc-attCertCRLDistributionPts OBJECT IDENTIFIER ::= {id-oc 27} +## id-oc-privilegePolicy OBJECT IDENTIFIER ::= {id-oc 32} +## id-oc-pmiDelegationPath OBJECT IDENTIFIER ::= {id-oc 33} +## id-oc-protectedPrivilegePolicy OBJECT IDENTIFIER ::= {id-oc 34} +## -- directory attributes -- +## id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} +## id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} +## id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61} +## id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62} +## id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63} +## id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71} +## id-at-role OBJECT IDENTIFIER ::= {id-at 72} +## id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73} +## id-at-protPrivPolicy OBJECT IDENTIFIER ::= {id-at 74} +## id-at-xMLPrivilegeInfo OBJECT IDENTIFIER ::= {id-at 75} +## id-at-xMLPprotPrivPolicy OBJECT IDENTIFIER ::= {id-at 76} +## -- attribute certificate extensions -- +## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} +## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} +## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} +## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} +## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} +## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} +## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} +## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} +## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} +## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} +## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} +## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} +## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} +## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} +## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} +## -- PMI matching rules -- +## id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} +## id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45} +## id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46} +## id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53} +## id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54} +## id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55} +## id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56} +## id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57} +## id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58} +## id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59} +## id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61} +## id-mr-sOAIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 66} +## id-mr-indirectIssuerMatch OBJECT IDENTIFIER ::= {id-mr 67} +## +## +## X.509 (08/2005) pp. 71, 86-89 +## +## 14.4.1 Role attribute +## role ATTRIBUTE ::= { +## WITH SYNTAX RoleSyntax +## ID id-at-role } +## RoleSyntax ::= SEQUENCE { +## roleAuthority [0] GeneralNames OPTIONAL, +## roleName [1] GeneralName } +## +## 14.5 XML privilege information attribute +## xmlPrivilegeInfo ATTRIBUTE ::= { +## WITH SYNTAX UTF8String -- contains XML-encoded privilege information +## ID id-at-xMLPrivilegeInfo } +## +## 17.1 PMI directory object classes +## +## 17.1.1 PMI user object class +## pmiUser OBJECT-CLASS ::= { +## -- a PMI user (i.e., a "holder") +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {attributeCertificateAttribute} +## ID id-oc-pmiUser } +## +## 17.1.2 PMI AA object class +## pmiAA OBJECT-CLASS ::= { +## -- a PMI AA +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {aACertificate | +## attributeCertificateRevocationList | +## attributeAuthorityRevocationList} +## ID id-oc-pmiAA } +## +## 17.1.3 PMI SOA object class +## pmiSOA OBJECT-CLASS ::= { -- a PMI Source of Authority +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {attributeCertificateRevocationList | +## attributeAuthorityRevocationList | +## attributeDescriptorCertificate} +## ID id-oc-pmiSOA } +## +## 17.1.4 Attribute certificate CRL distribution point object class +## attCertCRLDistributionPt OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN { attributeCertificateRevocationList | +## attributeAuthorityRevocationList } +## ID id-oc-attCertCRLDistributionPts } +## +## 17.1.5 PMI delegation path +## pmiDelegationPath OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN { delegationPath } +## ID id-oc-pmiDelegationPath } +## +## 17.1.6 Privilege policy object class +## privilegePolicy OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {privPolicy } +## ID id-oc-privilegePolicy } +## +## 17.1.7 Protected privilege policy object class +## protectedPrivilegePolicy OBJECT-CLASS ::= { +## SUBCLASS OF {top} +## KIND auxiliary +## MAY CONTAIN {protPrivPolicy } +## ID id-oc-protectedPrivilegePolicy } +## +## 17.2 PMI Directory attributes +## +## 17.2.1 Attribute certificate attribute +## attributeCertificateAttribute ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-attributeCertificate } +## +## 17.2.2 AA certificate attribute +## aACertificate ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-aACertificate } +## +## 17.2.3 Attribute descriptor certificate attribute +## attributeDescriptorCertificate ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-attributeDescriptorCertificate } +## +## 17.2.4 Attribute certificate revocation list attribute +## attributeCertificateRevocationList ATTRIBUTE ::= { +## WITH SYNTAX CertificateList +## EQUALITY MATCHING RULE certificateListExactMatch +## ID id-at-attributeCertificateRevocationList} +## +## 17.2.5 AA certificate revocation list attribute +## attributeAuthorityRevocationList ATTRIBUTE ::= { +## WITH SYNTAX CertificateList +## EQUALITY MATCHING RULE certificateListExactMatch +## ID id-at-attributeAuthorityRevocationList } +## +## 17.2.6 Delegation path attribute +## delegationPath ATTRIBUTE ::= { +## WITH SYNTAX AttCertPath +## ID id-at-delegationPath } +## AttCertPath ::= SEQUENCE OF AttributeCertificate +## +## 17.2.7 Privilege policy attribute +## privPolicy ATTRIBUTE ::= { +## WITH SYNTAX PolicySyntax +## ID id-at-privPolicy } +## +## 17.2.8 Protected privilege policy attribute +## protPrivPolicy ATTRIBUTE ::= { +## WITH SYNTAX AttributeCertificate +## EQUALITY MATCHING RULE attributeCertificateExactMatch +## ID id-at-protPrivPolicy } +## +## 17.2.9 XML Protected privilege policy attribute +## xmlPrivPolicy ATTRIBUTE ::= { +## WITH SYNTAX UTF8String -- contains XML-encoded privilege policy information +## ID id-at-xMLPprotPrivPolicy } +## + +## -- object identifier assignments -- +## -- object classes -- +objectidentifier id-oc-pmiUser 2.5.6.24 +objectidentifier id-oc-pmiAA 2.5.6.25 +objectidentifier id-oc-pmiSOA 2.5.6.26 +objectidentifier id-oc-attCertCRLDistributionPts 2.5.6.27 +objectidentifier id-oc-privilegePolicy 2.5.6.32 +objectidentifier id-oc-pmiDelegationPath 2.5.6.33 +objectidentifier id-oc-protectedPrivilegePolicy 2.5.6.34 +## -- directory attributes -- +objectidentifier id-at-attributeCertificate 2.5.4.58 +objectidentifier id-at-attributeCertificateRevocationList 2.5.4.59 +objectidentifier id-at-aACertificate 2.5.4.61 +objectidentifier id-at-attributeDescriptorCertificate 2.5.4.62 +objectidentifier id-at-attributeAuthorityRevocationList 2.5.4.63 +objectidentifier id-at-privPolicy 2.5.4.71 +objectidentifier id-at-role 2.5.4.72 +objectidentifier id-at-delegationPath 2.5.4.73 +objectidentifier id-at-protPrivPolicy 2.5.4.74 +objectidentifier id-at-xMLPrivilegeInfo 2.5.4.75 +objectidentifier id-at-xMLPprotPrivPolicy 2.5.4.76 +## -- attribute certificate extensions -- +## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} +## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} +## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} +## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} +## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} +## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} +## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} +## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} +## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} +## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} +## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} +## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} +## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} +## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} +## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} +## -- PMI matching rules -- +objectidentifier id-mr 2.5.13 +objectidentifier id-mr-attributeCertificateMatch id-mr:42 +objectidentifier id-mr-attributeCertificateExactMatch id-mr:45 +objectidentifier id-mr-holderIssuerMatch id-mr:46 +objectidentifier id-mr-authAttIdMatch id-mr:53 +objectidentifier id-mr-roleSpecCertIdMatch id-mr:54 +objectidentifier id-mr-basicAttConstraintsMatch id-mr:55 +objectidentifier id-mr-delegatedNameConstraintsMatch id-mr:56 +objectidentifier id-mr-timeSpecMatch id-mr:57 +objectidentifier id-mr-attDescriptorMatch id-mr:58 +objectidentifier id-mr-acceptableCertPoliciesMatch id-mr:59 +objectidentifier id-mr-delegationPathMatch id-mr:61 +objectidentifier id-mr-sOAIdentifierMatch id-mr:66 +objectidentifier id-mr-indirectIssuerMatch id-mr:67 +## -- syntaxes -- +## NOTE: 1.3.6.1.4.1.4203.666.11.10 is the oid arc assigned by OpenLDAP +## to this work in progress +objectidentifier AttributeCertificate 1.3.6.1.4.1.4203.666.11.10.2.1 +objectidentifier CertificateList 1.3.6.1.4.1.1466.115.121.1.9 +objectidentifier AttCertPath 1.3.6.1.4.1.4203.666.11.10.2.4 +objectidentifier PolicySyntax 1.3.6.1.4.1.4203.666.11.10.2.5 +objectidentifier RoleSyntax 1.3.6.1.4.1.4203.666.11.10.2.6 +# NOTE: OIDs from (expired) +#objectidentifier AttributeCertificate 1.2.826.0.1.3344810.7.5 +#objectidentifier AttCertPath 1.2.826.0.1.3344810.7.10 +#objectidentifier PolicySyntax 1.2.826.0.1.3344810.7.17 +#objectidentifier RoleSyntax 1.2.826.0.1.3344810.7.13 +## +## Substitute syntaxes +## +## AttCertPath +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.4 + NAME 'AttCertPath' + DESC 'X.509 PMI attribute cartificate path: SEQUENCE OF AttributeCertificate' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## PolicySyntax +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.5 + NAME 'PolicySyntax' + DESC 'X.509 PMI policy syntax' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## RoleSyntax +ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.6 + NAME 'RoleSyntax' + DESC 'X.509 PMI role syntax' + X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) +## +## X.509 (08/2005) pp. 71, 86-89 +## +## 14.4.1 Role attribute +attributeType ( id-at-role + NAME 'role' + DESC 'X.509 Role attribute, use ;binary' + SYNTAX RoleSyntax ) +## +## 14.5 XML privilege information attribute +## -- contains XML-encoded privilege information +attributeType ( id-at-xMLPrivilegeInfo + NAME 'xmlPrivilegeInfo' + DESC 'X.509 XML privilege information attribute' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +## +## 17.2 PMI Directory attributes +## +## 17.2.1 Attribute certificate attribute +attributeType ( id-at-attributeCertificate + NAME 'attributeCertificateAttribute' + DESC 'X.509 Attribute certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.2 AA certificate attribute +attributeType ( id-at-aACertificate + NAME 'aACertificate' + DESC 'X.509 AA certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.3 Attribute descriptor certificate attribute +attributeType ( id-at-attributeDescriptorCertificate + NAME 'attributeDescriptorCertificate' + DESC 'X.509 Attribute descriptor certificate attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.4 Attribute certificate revocation list attribute +attributeType ( id-at-attributeCertificateRevocationList + NAME 'attributeCertificateRevocationList' + DESC 'X.509 Attribute certificate revocation list attribute, use ;binary' + SYNTAX CertificateList + X-EQUALITY 'certificateListExactMatch, not implemented yet' ) +## +## 17.2.5 AA certificate revocation list attribute +attributeType ( id-at-attributeAuthorityRevocationList + NAME 'attributeAuthorityRevocationList' + DESC 'X.509 AA certificate revocation list attribute, use ;binary' + SYNTAX CertificateList + X-EQUALITY 'certificateListExactMatch, not implemented yet' ) +## +## 17.2.6 Delegation path attribute +attributeType ( id-at-delegationPath + NAME 'delegationPath' + DESC 'X.509 Delegation path attribute, use ;binary' + SYNTAX AttCertPath ) +## AttCertPath ::= SEQUENCE OF AttributeCertificate +## +## 17.2.7 Privilege policy attribute +attributeType ( id-at-privPolicy + NAME 'privPolicy' + DESC 'X.509 Privilege policy attribute, use ;binary' + SYNTAX PolicySyntax ) +## +## 17.2.8 Protected privilege policy attribute +attributeType ( id-at-protPrivPolicy + NAME 'protPrivPolicy' + DESC 'X.509 Protected privilege policy attribute, use ;binary' + SYNTAX AttributeCertificate + EQUALITY attributeCertificateExactMatch ) +## +## 17.2.9 XML Protected privilege policy attribute +## -- contains XML-encoded privilege policy information +attributeType ( id-at-xMLPprotPrivPolicy + NAME 'xmlPrivPolicy' + DESC 'X.509 XML Protected privilege policy attribute' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +## +## 17.1 PMI directory object classes +## +## 17.1.1 PMI user object class +## -- a PMI user (i.e., a "holder") +objectClass ( id-oc-pmiUser + NAME 'pmiUser' + DESC 'X.509 PMI user object class' + SUP top + AUXILIARY + MAY ( attributeCertificateAttribute ) ) +## +## 17.1.2 PMI AA object class +## -- a PMI AA +objectClass ( id-oc-pmiAA + NAME 'pmiAA' + DESC 'X.509 PMI AA object class' + SUP top + AUXILIARY + MAY ( aACertificate $ + attributeCertificateRevocationList $ + attributeAuthorityRevocationList + ) ) +## +## 17.1.3 PMI SOA object class +## -- a PMI Source of Authority +objectClass ( id-oc-pmiSOA + NAME 'pmiSOA' + DESC 'X.509 PMI SOA object class' + SUP top + AUXILIARY + MAY ( attributeCertificateRevocationList $ + attributeAuthorityRevocationList $ + attributeDescriptorCertificate + ) ) +## +## 17.1.4 Attribute certificate CRL distribution point object class +objectClass ( id-oc-attCertCRLDistributionPts + NAME 'attCertCRLDistributionPt' + DESC 'X.509 Attribute certificate CRL distribution point object class' + SUP top + AUXILIARY + MAY ( attributeCertificateRevocationList $ + attributeAuthorityRevocationList + ) ) +## +## 17.1.5 PMI delegation path +objectClass ( id-oc-pmiDelegationPath + NAME 'pmiDelegationPath' + DESC 'X.509 PMI delegation path' + SUP top + AUXILIARY + MAY ( delegationPath ) ) +## +## 17.1.6 Privilege policy object class +objectClass ( id-oc-privilegePolicy + NAME 'privilegePolicy' + DESC 'X.509 Privilege policy object class' + SUP top + AUXILIARY + MAY ( privPolicy ) ) +## +## 17.1.7 Protected privilege policy object class +objectClass ( id-oc-protectedPrivilegePolicy + NAME 'protectedPrivilegePolicy' + DESC 'X.509 Protected privilege policy object class' + SUP top + AUXILIARY + MAY ( protPrivPolicy ) ) + diff --git a/openldap/schema/ppolicy.schema b/openldap/schema/ppolicy.schema new file mode 100644 index 0000000..a1df1c3 --- /dev/null +++ b/openldap/schema/ppolicy.schema @@ -0,0 +1,531 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.6 2011/01/04 23:50:52 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 2004-2011 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (2004). +## Please see full copyright statement below. + +# Definitions from Draft behera-ldap-password-policy-07 (a work in progress) +# Password Policy for LDAP Directories +# With extensions from Hewlett-Packard: +# pwdCheckModule etc. + +# Contents of this file are subject to change (including deletion) +# without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +#Network Working Group J. Sermersheim +#Internet-Draft Novell, Inc +#Expires: April 24, 2005 L. Poitou +# Sun Microsystems +# October 24, 2004 +# +# +# Password Policy for LDAP Directories +# draft-behera-ldap-password-policy-08.txt +# +#Status of this Memo +# +# This document is an Internet-Draft and is subject to all provisions +# of section 3 of RFC 3667. By submitting this Internet-Draft, each +# author represents that any applicable patent or other IPR claims of +# which he or she is aware have been or will be disclosed, and any of +# which he or she become aware will be disclosed, in accordance with +# RFC 3668. +# +# Internet-Drafts are working documents of the Internet Engineering +# Task Force (IETF), its areas, and its working groups. Note that +# other groups may also distribute working documents as +# Internet-Drafts. +# +# Internet-Drafts are draft documents valid for a maximum of six months +# and may be updated, replaced, or obsoleted by other documents at any +# time. It is inappropriate to use Internet-Drafts as reference +# material or to cite them other than as "work in progress." +# +# The list of current Internet-Drafts can be accessed at +# http://www.ietf.org/ietf/1id-abstracts.txt. +# +# The list of Internet-Draft Shadow Directories can be accessed at +# http://www.ietf.org/shadow.html. +# +# This Internet-Draft will expire on April 24, 2005. +# +#Copyright Notice +# +# Copyright (C) The Internet Society (2004). +# +#Abstract +# +# Password policy as described in this document is a set of rules that +# controls how passwords are used and administered in Lightweight +# Directory Access Protocol (LDAP) based directories. In order to +# improve the security of LDAP directories and make it difficult for +# password cracking programs to break into directories, it is desirable +# to enforce a set of rules on password usage. These rules are made to +# +# [trimmed] +# +#5. Schema used for Password Policy +# +# The schema elements defined here fall into two general categories. A +# password policy object class is defined which contains a set of +# administrative password policy attributes, and a set of operational +# attributes are defined that hold general password policy state +# information for each user. +# +#5.2 Attribute Types used in the pwdPolicy ObjectClass +# +# Following are the attribute types used by the pwdPolicy object class. +# +#5.2.1 pwdAttribute +# +# This holds the name of the attribute to which the password policy is +# applied. For example, the password policy may be applied to the +# userPassword attribute. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.1 + NAME 'pwdAttribute' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +#5.2.2 pwdMinAge +# +# This attribute holds the number of seconds that must elapse between +# modifications to the password. If this attribute is not present, 0 +# seconds is assumed. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.2 + NAME 'pwdMinAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.3 pwdMaxAge +# +# This attribute holds the number of seconds after which a modified +# password will expire. +# +# If this attribute is not present, or if the value is 0 the password +# does not expire. If not 0, the value must be greater than or equal +# to the value of the pwdMinAge. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.3 + NAME 'pwdMaxAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.4 pwdInHistory +# +# This attribute specifies the maximum number of used passwords stored +# in the pwdHistory attribute. +# +# If this attribute is not present, or if the value is 0, used +# passwords are not stored in the pwdHistory attribute and thus may be +# reused. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.4 + NAME 'pwdInHistory' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.5 pwdCheckQuality +# +# {TODO: Consider changing the syntax to OID. Each OID will list a +# quality rule (like min len, # of special characters, etc). These +# rules can be specified outsid ethis document.} +# +# {TODO: Note that even though this is meant to be a check that happens +# during password modification, it may also be allowed to happen during +# authN. This is useful for situations where the password is encrypted +# when modified, but decrypted when used to authN.} +# +# This attribute indicates how the password quality will be verified +# while being modified or added. If this attribute is not present, or +# if the value is '0', quality checking will not be enforced. A value +# of '1' indicates that the server will check the quality, and if the +# server is unable to check it (due to a hashed password or other +# reasons) it will be accepted. A value of '2' indicates that the +# server will check the quality, and if the server is unable to verify +# it, it will return an error refusing the password. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.5 + NAME 'pwdCheckQuality' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.6 pwdMinLength +# +# When quality checking is enabled, this attribute holds the minimum +# number of characters that must be used in a password. If this +# attribute is not present, no minimum password length will be +# enforced. If the server is unable to check the length (due to a +# hashed password or otherwise), the server will, depending on the +# value of the pwdCheckQuality attribute, either accept the password +# without checking it ('0' or '1') or refuse it ('2'). + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.6 + NAME 'pwdMinLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.7 pwdExpireWarning +# +# This attribute specifies the maximum number of seconds before a +# password is due to expire that expiration warning messages will be +# returned to an authenticating user. +# +# If this attribute is not present, or if the value is 0 no warnings +# will be returned. If not 0, the value must be smaller than the value +# of the pwdMaxAge attribute. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.7 + NAME 'pwdExpireWarning' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.8 pwdGraceAuthNLimit +# +# This attribute specifies the number of times an expired password can +# be used to authenticate. If this attribute is not present or if the +# value is 0, authentication will fail. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.8 + NAME 'pwdGraceAuthNLimit' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.9 pwdLockout +# +# This attribute indicates, when its value is "TRUE", that the password +# may not be used to authenticate after a specified number of +# consecutive failed bind attempts. The maximum number of consecutive +# failed bind attempts is specified in pwdMaxFailure. +# +# If this attribute is not present, or if the value is "FALSE", the +# password may be used to authenticate when the number of failed bind +# attempts has been reached. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.9 + NAME 'pwdLockout' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.10 pwdLockoutDuration +# +# This attribute holds the number of seconds that the password cannot +# be used to authenticate due to too many failed bind attempts. If +# this attribute is not present, or if the value is 0 the password +# cannot be used to authenticate until reset by a password +# administrator. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.10 + NAME 'pwdLockoutDuration' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.11 pwdMaxFailure +# +# This attribute specifies the number of consecutive failed bind +# attempts after which the password may not be used to authenticate. +# If this attribute is not present, or if the value is 0, this policy +# is not checked, and the value of pwdLockout will be ignored. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.11 + NAME 'pwdMaxFailure' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.12 pwdFailureCountInterval +# +# This attribute holds the number of seconds after which the password +# failures are purged from the failure counter, even though no +# successful authentication occurred. +# +# If this attribute is not present, or if its value is 0, the failure +# counter is only reset by a successful authentication. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.12 + NAME 'pwdFailureCountInterval' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.13 pwdMustChange +# +# This attribute specifies with a value of "TRUE" that users must +# change their passwords when they first bind to the directory after a +# password is set or reset by a password administrator. If this +# attribute is not present, or if the value is "FALSE", users are not +# required to change their password upon binding after the password +# administrator sets or resets the password. This attribute is not set +# due to any actions specified by this document, it is typically set by +# a password administrator after resetting a user's password. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.13 + NAME 'pwdMustChange' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.14 pwdAllowUserChange +# +# This attribute indicates whether users can change their own +# passwords, although the change operation is still subject to access +# control. If this attribute is not present, a value of "TRUE" is +# assumed. This attribute is intended to be used in the absense of an +# access control mechanism. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.14 + NAME 'pwdAllowUserChange' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.15 pwdSafeModify +# +# This attribute specifies whether or not the existing password must be +# sent along with the new password when being changed. If this +# attribute is not present, a "FALSE" value is assumed. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.15 + NAME 'pwdSafeModify' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +# HP extensions +# +# pwdCheckModule +# +# This attribute names a user-defined loadable module that provides +# a check_password() function. If pwdCheckQuality is set to '1' or '2' +# this function will be called after all of the internal password +# quality checks have been passed. The function has this prototype: +# +# int check_password( char *password, char **errormessage, void *arg ) +# +# The function should return LDAP_SUCCESS for a valid password. + +attributetype ( 1.3.6.1.4.1.4754.1.99.1 + NAME 'pwdCheckModule' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + DESC 'Loadable module that instantiates "check_password() function' + SINGLE-VALUE ) + +objectclass ( 1.3.6.1.4.1.4754.2.99.1 + NAME 'pwdPolicyChecker' + SUP top + AUXILIARY + MAY ( pwdCheckModule ) ) + +#5.1 The pwdPolicy Object Class +# +# This object class contains the attributes defining a password policy +# in effect for a set of users. Section 10 describes the +# administration of this object, and the relationship between it and +# particular objects. +# +objectclass ( 1.3.6.1.4.1.42.2.27.8.2.1 + NAME 'pwdPolicy' + SUP top + AUXILIARY + MUST ( pwdAttribute ) + MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ + pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout + $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ + pwdMustChange $ pwdAllowUserChange $ pwdSafeModify ) ) + +#5.3 Attribute Types for Password Policy State Information +# +# Password policy state information must be maintained for each user. +# The information is located in each user entry as a set of operational +# attributes. These operational attributes are: pwdChangedTime, +# pwdAccountLockedTime, pwdFailureTime, pwdHistory, pwdGraceUseTime, +# pwdReset, pwdPolicySubEntry. +# +#5.3.1 Password Policy State Attribute Option +# +# Since the password policy could apply to several attributes used to +# store passwords, each of the above operational attributes must have +# an option to specify which pwdAttribute it applies to. The password +# policy option is defined as the following: +# +# pwd- +# +# where passwordAttribute a string following the OID syntax +# (1.3.6.1.4.1.1466.115.121.1.38). The attribute type descriptor +# (short name) MUST be used. +# +# For example, if the pwdPolicy object has for pwdAttribute +# "userPassword" then the pwdChangedTime operational attribute, in a +# user entry, will be: +# +# pwdChangedTime;pwd-userPassword: 20000103121520Z +# +# This attribute option follows sub-typing semantics. If a client +# requests a password policy state attribute to be returned in a search +# operation, and does not specify an option, all subtypes of that +# policy state attribute are returned. +# +#5.3.2 pwdChangedTime +# +# This attribute specifies the last time the entry's password was +# changed. This is used by the password expiration policy. If this +# attribute does not exist, the password will never expire. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.16 +# NAME 'pwdChangedTime' +# DESC 'The time the password was last changed' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.3 pwdAccountLockedTime +# +# This attribute holds the time that the user's account was locked. A +# locked account means that the password may no longer be used to +# authenticate. A 000001010000Z value means that the account has been +# locked permanently, and that only a password administrator can unlock +# the account. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.17 +# NAME 'pwdAccountLockedTime' +# DESC 'The time an user account was locked' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.4 pwdFailureTime +# +# This attribute holds the timestamps of the consecutive authentication +# failures. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.19 +# NAME 'pwdFailureTime' +# DESC 'The timestamps of the last consecutive authentication +# failures' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# USAGE directoryOperation ) +# +#5.3.5 pwdHistory +# +# This attribute holds a history of previously used passwords. Values +# of this attribute are transmitted in string format as given by the +# following ABNF: +# +# pwdHistory = time "#" syntaxOID "#" length "#" data +# +# time = +# +# syntaxOID = numericoid ; the string representation of the +# ; dotted-decimal OID that defines the +# ; syntax used to store the password. +# ; numericoid is described in 4.1 +# ; of [RFC2252]. +# +# length = numericstring ; the number of octets in data. +# ; numericstring is described in 4.1 +# ; of [RFC2252]. +# +# data = . +# +# This format allows the server to store, and transmit a history of +# passwords that have been used. In order for equality matching to +# function properly, the time field needs to adhere to a consistent +# format. For this purpose, the time field MUST be in GMT format. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.20 +# NAME 'pwdHistory' +# DESC 'The history of user s passwords' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 +# USAGE directoryOperation ) +# +#5.3.6 pwdGraceUseTime +# +# This attribute holds the timestamps of grace authentications after a +# password has expired. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.21 +# NAME 'pwdGraceUseTime' +# DESC 'The timestamps of the grace authentication after the +# password has expired' +# EQUALITY generalizedTimeMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# +#5.3.7 pwdReset +# +# This attribute holds a flag to indicate (when TRUE) that the password +# has been updated by the password administrator and must be changed by +# the user on first authentication. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.22 +# NAME 'pwdReset' +# DESC 'The indication that the password has been reset' +# EQUALITY booleanMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.8 pwdPolicySubentry +# +# This attribute points to the pwdPolicy subentry in effect for this +# object. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.23 +# NAME 'pwdPolicySubentry' +# DESC 'The pwdPolicy subentry in effect for this object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +# +#Disclaimer of Validity +# +# This document and the information contained herein are provided on an +# "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS +# OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET +# ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, +# INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE +# INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED +# WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +# +# +#Copyright Statement +# +# Copyright (C) The Internet Society (2004). This document is subject +# to the rights, licenses and restrictions contained in BCP 78, and +# except as set forth therein, the authors retain all their rights. + diff --git a/openldap/schema/ppolicy.schema.default b/openldap/schema/ppolicy.schema.default new file mode 100644 index 0000000..482e890 --- /dev/null +++ b/openldap/schema/ppolicy.schema.default @@ -0,0 +1,531 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.5 2010/04/13 20:23:49 kurt Exp $ +## This work is part of OpenLDAP Software . +## +## Copyright 2004-2010 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . +# +## Portions Copyright (C) The Internet Society (2004). +## Please see full copyright statement below. + +# Definitions from Draft behera-ldap-password-policy-07 (a work in progress) +# Password Policy for LDAP Directories +# With extensions from Hewlett-Packard: +# pwdCheckModule etc. + +# Contents of this file are subject to change (including deletion) +# without notice. +# +# Not recommended for production use! +# Use with extreme caution! + +#Network Working Group J. Sermersheim +#Internet-Draft Novell, Inc +#Expires: April 24, 2005 L. Poitou +# Sun Microsystems +# October 24, 2004 +# +# +# Password Policy for LDAP Directories +# draft-behera-ldap-password-policy-08.txt +# +#Status of this Memo +# +# This document is an Internet-Draft and is subject to all provisions +# of section 3 of RFC 3667. By submitting this Internet-Draft, each +# author represents that any applicable patent or other IPR claims of +# which he or she is aware have been or will be disclosed, and any of +# which he or she become aware will be disclosed, in accordance with +# RFC 3668. +# +# Internet-Drafts are working documents of the Internet Engineering +# Task Force (IETF), its areas, and its working groups. Note that +# other groups may also distribute working documents as +# Internet-Drafts. +# +# Internet-Drafts are draft documents valid for a maximum of six months +# and may be updated, replaced, or obsoleted by other documents at any +# time. It is inappropriate to use Internet-Drafts as reference +# material or to cite them other than as "work in progress." +# +# The list of current Internet-Drafts can be accessed at +# http://www.ietf.org/ietf/1id-abstracts.txt. +# +# The list of Internet-Draft Shadow Directories can be accessed at +# http://www.ietf.org/shadow.html. +# +# This Internet-Draft will expire on April 24, 2005. +# +#Copyright Notice +# +# Copyright (C) The Internet Society (2004). +# +#Abstract +# +# Password policy as described in this document is a set of rules that +# controls how passwords are used and administered in Lightweight +# Directory Access Protocol (LDAP) based directories. In order to +# improve the security of LDAP directories and make it difficult for +# password cracking programs to break into directories, it is desirable +# to enforce a set of rules on password usage. These rules are made to +# +# [trimmed] +# +#5. Schema used for Password Policy +# +# The schema elements defined here fall into two general categories. A +# password policy object class is defined which contains a set of +# administrative password policy attributes, and a set of operational +# attributes are defined that hold general password policy state +# information for each user. +# +#5.2 Attribute Types used in the pwdPolicy ObjectClass +# +# Following are the attribute types used by the pwdPolicy object class. +# +#5.2.1 pwdAttribute +# +# This holds the name of the attribute to which the password policy is +# applied. For example, the password policy may be applied to the +# userPassword attribute. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.1 + NAME 'pwdAttribute' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + +#5.2.2 pwdMinAge +# +# This attribute holds the number of seconds that must elapse between +# modifications to the password. If this attribute is not present, 0 +# seconds is assumed. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.2 + NAME 'pwdMinAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.3 pwdMaxAge +# +# This attribute holds the number of seconds after which a modified +# password will expire. +# +# If this attribute is not present, or if the value is 0 the password +# does not expire. If not 0, the value must be greater than or equal +# to the value of the pwdMinAge. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.3 + NAME 'pwdMaxAge' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.4 pwdInHistory +# +# This attribute specifies the maximum number of used passwords stored +# in the pwdHistory attribute. +# +# If this attribute is not present, or if the value is 0, used +# passwords are not stored in the pwdHistory attribute and thus may be +# reused. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.4 + NAME 'pwdInHistory' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.5 pwdCheckQuality +# +# {TODO: Consider changing the syntax to OID. Each OID will list a +# quality rule (like min len, # of special characters, etc). These +# rules can be specified outsid ethis document.} +# +# {TODO: Note that even though this is meant to be a check that happens +# during password modification, it may also be allowed to happen during +# authN. This is useful for situations where the password is encrypted +# when modified, but decrypted when used to authN.} +# +# This attribute indicates how the password quality will be verified +# while being modified or added. If this attribute is not present, or +# if the value is '0', quality checking will not be enforced. A value +# of '1' indicates that the server will check the quality, and if the +# server is unable to check it (due to a hashed password or other +# reasons) it will be accepted. A value of '2' indicates that the +# server will check the quality, and if the server is unable to verify +# it, it will return an error refusing the password. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.5 + NAME 'pwdCheckQuality' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.6 pwdMinLength +# +# When quality checking is enabled, this attribute holds the minimum +# number of characters that must be used in a password. If this +# attribute is not present, no minimum password length will be +# enforced. If the server is unable to check the length (due to a +# hashed password or otherwise), the server will, depending on the +# value of the pwdCheckQuality attribute, either accept the password +# without checking it ('0' or '1') or refuse it ('2'). + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.6 + NAME 'pwdMinLength' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.7 pwdExpireWarning +# +# This attribute specifies the maximum number of seconds before a +# password is due to expire that expiration warning messages will be +# returned to an authenticating user. +# +# If this attribute is not present, or if the value is 0 no warnings +# will be returned. If not 0, the value must be smaller than the value +# of the pwdMaxAge attribute. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.7 + NAME 'pwdExpireWarning' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.8 pwdGraceAuthNLimit +# +# This attribute specifies the number of times an expired password can +# be used to authenticate. If this attribute is not present or if the +# value is 0, authentication will fail. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.8 + NAME 'pwdGraceAuthNLimit' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.9 pwdLockout +# +# This attribute indicates, when its value is "TRUE", that the password +# may not be used to authenticate after a specified number of +# consecutive failed bind attempts. The maximum number of consecutive +# failed bind attempts is specified in pwdMaxFailure. +# +# If this attribute is not present, or if the value is "FALSE", the +# password may be used to authenticate when the number of failed bind +# attempts has been reached. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.9 + NAME 'pwdLockout' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.10 pwdLockoutDuration +# +# This attribute holds the number of seconds that the password cannot +# be used to authenticate due to too many failed bind attempts. If +# this attribute is not present, or if the value is 0 the password +# cannot be used to authenticate until reset by a password +# administrator. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.10 + NAME 'pwdLockoutDuration' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.11 pwdMaxFailure +# +# This attribute specifies the number of consecutive failed bind +# attempts after which the password may not be used to authenticate. +# If this attribute is not present, or if the value is 0, this policy +# is not checked, and the value of pwdLockout will be ignored. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.11 + NAME 'pwdMaxFailure' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.12 pwdFailureCountInterval +# +# This attribute holds the number of seconds after which the password +# failures are purged from the failure counter, even though no +# successful authentication occurred. +# +# If this attribute is not present, or if its value is 0, the failure +# counter is only reset by a successful authentication. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.12 + NAME 'pwdFailureCountInterval' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) + +#5.2.13 pwdMustChange +# +# This attribute specifies with a value of "TRUE" that users must +# change their passwords when they first bind to the directory after a +# password is set or reset by a password administrator. If this +# attribute is not present, or if the value is "FALSE", users are not +# required to change their password upon binding after the password +# administrator sets or resets the password. This attribute is not set +# due to any actions specified by this document, it is typically set by +# a password administrator after resetting a user's password. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.13 + NAME 'pwdMustChange' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.14 pwdAllowUserChange +# +# This attribute indicates whether users can change their own +# passwords, although the change operation is still subject to access +# control. If this attribute is not present, a value of "TRUE" is +# assumed. This attribute is intended to be used in the absense of an +# access control mechanism. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.14 + NAME 'pwdAllowUserChange' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +#5.2.15 pwdSafeModify +# +# This attribute specifies whether or not the existing password must be +# sent along with the new password when being changed. If this +# attribute is not present, a "FALSE" value is assumed. + +attributetype ( 1.3.6.1.4.1.42.2.27.8.1.15 + NAME 'pwdSafeModify' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) + +# HP extensions +# +# pwdCheckModule +# +# This attribute names a user-defined loadable module that provides +# a check_password() function. If pwdCheckQuality is set to '1' or '2' +# this function will be called after all of the internal password +# quality checks have been passed. The function has this prototype: +# +# int check_password( char *password, char **errormessage, void *arg ) +# +# The function should return LDAP_SUCCESS for a valid password. + +attributetype ( 1.3.6.1.4.1.4754.1.99.1 + NAME 'pwdCheckModule' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + DESC 'Loadable module that instantiates "check_password() function' + SINGLE-VALUE ) + +objectclass ( 1.3.6.1.4.1.4754.2.99.1 + NAME 'pwdPolicyChecker' + SUP top + AUXILIARY + MAY ( pwdCheckModule ) ) + +#5.1 The pwdPolicy Object Class +# +# This object class contains the attributes defining a password policy +# in effect for a set of users. Section 10 describes the +# administration of this object, and the relationship between it and +# particular objects. +# +objectclass ( 1.3.6.1.4.1.42.2.27.8.2.1 + NAME 'pwdPolicy' + SUP top + AUXILIARY + MUST ( pwdAttribute ) + MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ + pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout + $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ + pwdMustChange $ pwdAllowUserChange $ pwdSafeModify ) ) + +#5.3 Attribute Types for Password Policy State Information +# +# Password policy state information must be maintained for each user. +# The information is located in each user entry as a set of operational +# attributes. These operational attributes are: pwdChangedTime, +# pwdAccountLockedTime, pwdFailureTime, pwdHistory, pwdGraceUseTime, +# pwdReset, pwdPolicySubEntry. +# +#5.3.1 Password Policy State Attribute Option +# +# Since the password policy could apply to several attributes used to +# store passwords, each of the above operational attributes must have +# an option to specify which pwdAttribute it applies to. The password +# policy option is defined as the following: +# +# pwd- +# +# where passwordAttribute a string following the OID syntax +# (1.3.6.1.4.1.1466.115.121.1.38). The attribute type descriptor +# (short name) MUST be used. +# +# For example, if the pwdPolicy object has for pwdAttribute +# "userPassword" then the pwdChangedTime operational attribute, in a +# user entry, will be: +# +# pwdChangedTime;pwd-userPassword: 20000103121520Z +# +# This attribute option follows sub-typing semantics. If a client +# requests a password policy state attribute to be returned in a search +# operation, and does not specify an option, all subtypes of that +# policy state attribute are returned. +# +#5.3.2 pwdChangedTime +# +# This attribute specifies the last time the entry's password was +# changed. This is used by the password expiration policy. If this +# attribute does not exist, the password will never expire. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.16 +# NAME 'pwdChangedTime' +# DESC 'The time the password was last changed' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.3 pwdAccountLockedTime +# +# This attribute holds the time that the user's account was locked. A +# locked account means that the password may no longer be used to +# authenticate. A 000001010000Z value means that the account has been +# locked permanently, and that only a password administrator can unlock +# the account. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.17 +# NAME 'pwdAccountLockedTime' +# DESC 'The time an user account was locked' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.4 pwdFailureTime +# +# This attribute holds the timestamps of the consecutive authentication +# failures. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.19 +# NAME 'pwdFailureTime' +# DESC 'The timestamps of the last consecutive authentication +# failures' +# EQUALITY generalizedTimeMatch +# ORDERING generalizedTimeOrderingMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# USAGE directoryOperation ) +# +#5.3.5 pwdHistory +# +# This attribute holds a history of previously used passwords. Values +# of this attribute are transmitted in string format as given by the +# following ABNF: +# +# pwdHistory = time "#" syntaxOID "#" length "#" data +# +# time = +# +# syntaxOID = numericoid ; the string representation of the +# ; dotted-decimal OID that defines the +# ; syntax used to store the password. +# ; numericoid is described in 4.1 +# ; of [RFC2252]. +# +# length = numericstring ; the number of octets in data. +# ; numericstring is described in 4.1 +# ; of [RFC2252]. +# +# data = . +# +# This format allows the server to store, and transmit a history of +# passwords that have been used. In order for equality matching to +# function properly, the time field needs to adhere to a consistent +# format. For this purpose, the time field MUST be in GMT format. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.20 +# NAME 'pwdHistory' +# DESC 'The history of user s passwords' +# EQUALITY octetStringMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 +# USAGE directoryOperation ) +# +#5.3.6 pwdGraceUseTime +# +# This attribute holds the timestamps of grace authentications after a +# password has expired. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.21 +# NAME 'pwdGraceUseTime' +# DESC 'The timestamps of the grace authentication after the +# password has expired' +# EQUALITY generalizedTimeMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +# +#5.3.7 pwdReset +# +# This attribute holds a flag to indicate (when TRUE) that the password +# has been updated by the password administrator and must be changed by +# the user on first authentication. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.22 +# NAME 'pwdReset' +# DESC 'The indication that the password has been reset' +# EQUALITY booleanMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +#5.3.8 pwdPolicySubentry +# +# This attribute points to the pwdPolicy subentry in effect for this +# object. +# +# ( 1.3.6.1.4.1.42.2.27.8.1.23 +# NAME 'pwdPolicySubentry' +# DESC 'The pwdPolicy subentry in effect for this object' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 +# SINGLE-VALUE +# USAGE directoryOperation ) +# +# +#Disclaimer of Validity +# +# This document and the information contained herein are provided on an +# "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS +# OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET +# ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, +# INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE +# INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED +# WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +# +# +#Copyright Statement +# +# Copyright (C) The Internet Society (2004). This document is subject +# to the rights, licenses and restrictions contained in BCP 78, and +# except as set forth therein, the authors retain all their rights. + diff --git a/openldap/schema/quota.schema b/openldap/schema/quota.schema new file mode 100644 index 0000000..b5e216f --- /dev/null +++ b/openldap/schema/quota.schema @@ -0,0 +1,18 @@ +## +## schema file for Unix Quotas +## Schema for storing Unix Quotas in LDAP +## OIDs are owned by Cogent Innovators, LLC +## +## 1.3.6.1.4.1.19937.1.1.x - attributetypes +## 1.3.6.1.4.1.19937.1.2.x - objectclasses +## + +attributetype ( 1.3.6.1.4.1.19937.1.1.1 NAME 'quota' + DESC 'Quotas (FileSystem:BlocksSoft,BlocksHard,InodesSoft,InodesHard)' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} ) + +objectclass ( 1.3.6.1.4.1.19937.1.2.1 NAME 'systemQuotas' SUP posixAccount AUXILIARY + DESC 'System Quotas' + MUST ( uid ) + MAY ( quota )) diff --git a/openldap/schema/samba.schema b/openldap/schema/samba.schema new file mode 100644 index 0000000..8f82ddd --- /dev/null +++ b/openldap/schema/samba.schema @@ -0,0 +1,575 @@ +## +## schema file for OpenLDAP 2.x +## Schema for storing Samba user accounts and group maps in LDAP +## OIDs are owned by the Samba Team +## +## Prerequisite schemas - uid (cosine.schema) +## - displayName (inetorgperson.schema) +## - gidNumber (nis.schema) +## +## 1.3.6.1.4.1.7165.2.1.x - attributetypes +## 1.3.6.1.4.1.7165.2.2.x - objectclasses +## +## Printer support +## 1.3.6.1.4.1.7165.2.3.1.x - attributetypes +## 1.3.6.1.4.1.7165.2.3.2.x - objectclasses +## +## Samba4 +## 1.3.6.1.4.1.7165.4.1.x - attributetypes +## 1.3.6.1.4.1.7165.4.2.x - objectclasses +## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls +## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations +## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track +## +## ----- READ THIS WHEN ADDING A NEW ATTRIBUTE OR OBJECT CLASS ------ +## +## Run the 'get_next_oid' bash script in this directory to find the +## next available OID for attribute type and object classes. +## +## $ ./get_next_oid +## attributetype ( 1.3.6.1.4.1.7165.2.1.XX NAME .... +## objectclass ( 1.3.6.1.4.1.7165.2.2.XX NAME .... +## +## Also ensure that new entries adhere to the declaration style +## used throughout this file +## +## ( 1.3.6.1.4.1.7165.2.XX.XX NAME .... +## ^ ^ ^ +## +## The spaces are required for the get_next_oid script (and for +## readability). +## +## ------------------------------------------------------------------ + +# objectIdentifier SambaRoot 1.3.6.1.4.1.7165 +# objectIdentifier Samba3 SambaRoot:2 +# objectIdentifier Samba3Attrib Samba3:1 +# objectIdentifier Samba3ObjectClass Samba3:2 +# objectIdentifier Samba4 SambaRoot:4 + +######################################################################## +## HISTORICAL ## +######################################################################## + +## +## Password hashes +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword' +# DESC 'LanManager Passwd' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword' +# DESC 'NT Passwd' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) + +## +## Account flags in string format ([UWDX ]) +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.4 NAME 'acctFlags' +# DESC 'Account Flags' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) + +## +## Password timestamps & policies +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.3 NAME 'pwdLastSet' +# DESC 'NT pwdLastSet' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.5 NAME 'logonTime' +# DESC 'NT logonTime' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.6 NAME 'logoffTime' +# DESC 'NT logoffTime' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.7 NAME 'kickoffTime' +# DESC 'NT kickoffTime' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.8 NAME 'pwdCanChange' +# DESC 'NT pwdCanChange' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.9 NAME 'pwdMustChange' +# DESC 'NT pwdMustChange' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +## +## string settings +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.10 NAME 'homeDrive' +# DESC 'NT homeDrive' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.11 NAME 'scriptPath' +# DESC 'NT scriptPath' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.12 NAME 'profilePath' +# DESC 'NT profilePath' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.13 NAME 'userWorkstations' +# DESC 'userWorkstations' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.17 NAME 'smbHome' +# DESC 'smbHome' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.18 NAME 'domain' +# DESC 'Windows NT domain to which the user belongs' +# EQUALITY caseIgnoreIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) + +## +## user and group RID +## +#attributetype ( 1.3.6.1.4.1.7165.2.1.14 NAME 'rid' +# DESC 'NT rid' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +#attributetype ( 1.3.6.1.4.1.7165.2.1.15 NAME 'primaryGroupID' +# DESC 'NT Group RID' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +## +## The smbPasswordEntry objectclass has been depreciated in favor of the +## sambaAccount objectclass +## +#objectclass ( 1.3.6.1.4.1.7165.2.2.1 NAME 'smbPasswordEntry' SUP top AUXILIARY +# DESC 'Samba smbpasswd entry' +# MUST ( uid $ uidNumber ) +# MAY ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags )) + +#objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL +# DESC 'Samba Account' +# MUST ( uid $ rid ) +# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ +# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ +# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ +# description $ userWorkstations $ primaryGroupID $ domain )) + +#objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY +# DESC 'Samba Auxiliary Account' +# MUST ( uid $ rid ) +# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ +# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ +# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ +# description $ userWorkstations $ primaryGroupID $ domain )) + +######################################################################## +## END OF HISTORICAL ## +######################################################################## + +####################################################################### +## Attributes used by Samba 3.0 schema ## +####################################################################### + +## +## Password hashes +## +attributetype ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' + DESC 'LanManager Password' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' + DESC 'MD4 hash of the unicode password' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) + +## +## Account flags in string format ([UWDX ]) +## +attributetype ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' + DESC 'Account Flags' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) + +## +## Password timestamps & policies +## +attributetype ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' + DESC 'Timestamp of the last password update' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' + DESC 'Timestamp of when the user is allowed to update the password' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' + DESC 'Timestamp of when the password will expire' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' + DESC 'Timestamp of last logon' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' + DESC 'Timestamp of last logoff' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' + DESC 'Timestamp of when the user will be logged off automatically' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' + DESC 'Bad password attempt count' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' + DESC 'Time of the last bad password attempt' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' + DESC 'Logon Hours' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{42} SINGLE-VALUE ) + +## +## string settings +## +attributetype ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' + DESC 'Driver letter of home directory mapping' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' + DESC 'Logon script path' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' + DESC 'Roaming profile path' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' + DESC 'List of user workstations the user is allowed to logon to' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' + DESC 'Home directory UNC path' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' + DESC 'Windows NT domain to which the user belongs' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' + DESC 'Base64 encoded user parameter string' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' + DESC 'Concatenated MD5 hashes of the salted NT passwords used on this account' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) + +## +## SID, of any type +## + +attributetype ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' + DESC 'Security ID' + EQUALITY caseIgnoreIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) + +## +## Primary group SID, compatible with ntSid +## + +attributetype ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' + DESC 'Primary Group Security ID' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' + DESC 'Security ID List' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) + +## +## group mapping attributes +## +attributetype ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' + DESC 'NT Group Type' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +## +## Store info on the domain +## + +attributetype ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' + DESC 'Next NT rid to give our for users' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' + DESC 'Next NT rid to give out for groups' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' + DESC 'Next NT rid to give out for anything' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' + DESC 'Base at which the samba RID generation algorithm should operate' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' + DESC 'Share Name' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' + DESC 'Option Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' + DESC 'A boolean option' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' + DESC 'An integer option' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' + DESC 'A string option' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption' + DESC 'A string list option' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + + +##attributetype ( 1.3.6.1.4.1.7165.2.1.50 NAME 'sambaPrivName' +## SUP name ) + +##attributetype ( 1.3.6.1.4.1.7165.2.1.52 NAME 'sambaPrivilegeList' +## DESC 'Privileges List' +## EQUALITY caseIgnoreIA5Match +## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) + +attributetype ( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' + DESC 'Trust Password Flags' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# "min password length" +attributetype ( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' + DESC 'Minimal password length (default: 5)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "password history" +attributetype ( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' + DESC 'Length of Password History Entries (default: 0 => off)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "user must logon to change password" +attributetype ( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' + DESC 'Force Users to logon for password change (default: 0 => off, 2 => on)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "maximum password age" +attributetype ( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' + DESC 'Maximum password age, in seconds (default: -1 => never expire passwords)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "minimum password age" +attributetype ( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' + DESC 'Minimum password age, in seconds (default: 0 => allow immediate password change)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "lockout duration" +attributetype ( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' + DESC 'Lockout duration in minutes (default: 30, -1 => forever)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "reset count minutes" +attributetype ( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow' + DESC 'Reset time after lockout in minutes (default: 30)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "bad lockout attempt" +attributetype ( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' + DESC 'Lockout users after bad logon attempts (default: 0 => off)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "disconnect time" +attributetype ( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' + DESC 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# "refuse machine password change" +attributetype ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' + DESC 'Allow Machine Password changes (default: 0 => off)' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +# +attributetype ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' + DESC 'Clear text password (used for trusted domain passwords)' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + +# +attributetype ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' + DESC 'Previous clear text password (used for trusted domain passwords)' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + + + +####################################################################### +## objectClasses used by Samba 3.0 schema ## +####################################################################### + +## The X.500 data model (and therefore LDAPv3) says that each entry can +## only have one structural objectclass. OpenLDAP 2.0 does not enforce +## this currently but will in v2.1 + +## +## added new objectclass (and OID) for 3.0 to help us deal with backwards +## compatibility with 2.2 installations (e.g. ldapsam_compat) --jerry +## +objectclass ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY + DESC 'Samba 3.0 Auxilary SAM Account' + MUST ( uid $ sambaSID ) + MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ + sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ + sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ + displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ + sambaProfilePath $ description $ sambaUserWorkstations $ + sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ + sambaBadPasswordCount $ sambaBadPasswordTime $ + sambaPasswordHistory $ sambaLogonHours)) + +## +## Group mapping info +## +objectclass ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY + DESC 'Samba Group Mapping' + MUST ( gidNumber $ sambaSID $ sambaGroupType ) + MAY ( displayName $ description $ sambaSIDList )) + +## +## Trust password for trust relationships (any kind) +## +objectclass ( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' SUP top STRUCTURAL + DESC 'Samba Trust Password' + MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags ) + MAY ( sambaSID $ sambaPwdLastSet )) + +## +## Trust password for trusted domains +## (to be stored beneath the trusting sambaDomain object in the DIT) +## +objectclass ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL + DESC 'Samba Trusted Domain Password' + MUST ( sambaDomainName $ sambaSID $ + sambaClearTextPassword $ sambaPwdLastSet ) + MAY ( sambaPreviousClearTextPassword )) + +## +## Whole-of-domain info +## +objectclass ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL + DESC 'Samba Domain Information' + MUST ( sambaDomainName $ + sambaSID ) + MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ + sambaAlgorithmicRidBase $ + sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ + sambaMaxPwdAge $ sambaMinPwdAge $ + sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ + sambaForceLogoff $ sambaRefuseMachinePwdChange )) + +## +## used for idmap_ldap module +## +objectclass ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY + DESC 'Pool for allocating UNIX uids/gids' + MUST ( uidNumber $ gidNumber ) ) + + +objectclass ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY + DESC 'Mapping from a SID to an ID' + MUST ( sambaSID ) + MAY ( uidNumber $ gidNumber ) ) + +objectclass ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL + DESC 'Structural Class for a SID' + MUST ( sambaSID ) ) + +objectclass ( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' SUP top AUXILIARY + DESC 'Samba Configuration Section' + MAY ( description ) ) + +objectclass ( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' SUP top STRUCTURAL + DESC 'Samba Share Section' + MUST ( sambaShareName ) + MAY ( description ) ) + +objectclass ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURAL + DESC 'Samba Configuration Option' + MUST ( sambaOptionName ) + MAY ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ + sambaStringListoption $ description ) ) + + +## retired during privilege rewrite +##objectclass ( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' SUP top AUXILIARY +## DESC 'Samba Privilege' +## MUST ( sambaSID ) +## MAY ( sambaPrivilegeList ) ) diff --git a/openldap/slapd.conf b/openldap/slapd.conf new file mode 100644 index 0000000..8d1bdae --- /dev/null +++ b/openldap/slapd.conf @@ -0,0 +1,97 @@ +# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# +include /etc/openldap/schema/core.schema +include /etc/openldap/schema/cosine.schema +include /etc/openldap/schema/inetorgperson.schema +include /etc/openldap/schema/extension.schema +#include /etc/openldap/schema/mozilla.schema +include /etc/openldap/schema/mozillaorg.schema +include /etc/openldap/schema/ppolicy.schema +include /etc/openldap/schema/nis.schema +include /etc/openldap/schema/samba.schema +include /etc/openldap/schema/misc.schema +include /etc/openldap/schema/evolutionperson.schema +include /etc/openldap/schema/authldap.schema +include /etc/openldap/schema/openssh.schema + +# Define global ACLs to disable default read access. + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. +#referral ldap://root.openldap.org + +pidfile /var/run/openldap/slapd.pid +argsfile /var/run/openldap/slapd.args + +loglevel config ACL stats stats2 + +TLSCertificateKeyFile /etc/openldap/ssl/ldap.pem +TLSCertificateFile /etc/openldap/ssl/ldap.pem + +# Load dynamic backend modules: +# modulepath /usr/lib64/openldap/openldap +# moduleload back_sql.so +# moduleload back_sock.so +# moduleload back_shell.so +# moduleload back_relay.so +# moduleload back_perl.so +# moduleload back_passwd.so +# moduleload back_null.so +# moduleload back_monitor.so +# moduleload back_meta.so +# moduleload back_ldap.so +# moduleload back_dnssrv.so + +# Sample security restrictions +# Require integrity protection (prevent hijacking) +# Require 112-bit (3DES or better) encryption for updates +# Require 63-bit encryption for simple bind +# security ssf=1 update_ssf=112 simple_bind=64 + +# Sample access control policy: +# Root DSE: allow anyone to read it +# Subschema (sub)entry DSE: allow anyone to read it +# Other DSEs: +# Allow self write access +# Allow authenticated users read access +# Allow anonymous users to authenticate +# Directives needed to implement policy: +# access to dn.base="" by * read +# access to dn.base="cn=Subschema" by * read +# access to * +# by self write +# by users read +# by anonymous auth +# +# if no access controls are present, the default policy +# allows anyone and everyone to read anything but restricts +# updates to rootdn. (e.g., "access to * by * read") +# +# rootdn can always read and write EVERYTHING! +access to * + by dn="cn=frank, dc=brehm-online, dc=com" write + by anonymous read + by users write + +####################################################################### +# BDB database definitions +####################################################################### + +database hdb +suffix "dc=brehm-online, dc=com" +# +checkpoint 32 30 +rootdn "cn=frank, dc=brehm-online, dc=com" +# Cleartext passwords, especially for the rootdn, should +# be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. +rootpw {SSHA}9cKLW4uzCU0YDM7zCkfsBH9XfXG2YCMR +# The database directory MUST exist prior to running slapd AND +# should only be accessible by the slapd and slap tools. +# Mode 700 recommended. +directory /var/lib/openldap-data +# Indices to maintain +index objectClass eq +index mail,cn,givenName,sn sub diff --git a/openldap/slapd.conf.default b/openldap/slapd.conf.default new file mode 100644 index 0000000..ea9e489 --- /dev/null +++ b/openldap/slapd.conf.default @@ -0,0 +1,75 @@ +# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# +include /etc/openldap/schema/core.schema + +# Define global ACLs to disable default read access. + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. +#referral ldap://root.openldap.org + +pidfile /var/run/openldap/slapd.pid +argsfile /var/run/openldap/slapd.args + +# Load dynamic backend modules: +# modulepath /usr/lib64/openldap/openldap +# moduleload back_sql.so +# moduleload back_sock.so +# moduleload back_shell.so +# moduleload back_relay.so +# moduleload back_perl.so +# moduleload back_passwd.so +# moduleload back_null.so +# moduleload back_monitor.so +# moduleload back_meta.so +# moduleload back_ldap.so +# moduleload back_dnssrv.so + +# Sample security restrictions +# Require integrity protection (prevent hijacking) +# Require 112-bit (3DES or better) encryption for updates +# Require 63-bit encryption for simple bind +# security ssf=1 update_ssf=112 simple_bind=64 + +# Sample access control policy: +# Root DSE: allow anyone to read it +# Subschema (sub)entry DSE: allow anyone to read it +# Other DSEs: +# Allow self write access +# Allow authenticated users read access +# Allow anonymous users to authenticate +# Directives needed to implement policy: +# access to dn.base="" by * read +# access to dn.base="cn=Subschema" by * read +# access to * +# by self write +# by users read +# by anonymous auth +# +# if no access controls are present, the default policy +# allows anyone and everyone to read anything but restricts +# updates to rootdn. (e.g., "access to * by * read") +# +# rootdn can always read and write EVERYTHING! + +####################################################################### +# BDB database definitions +####################################################################### + +database hdb +suffix "dc=my-domain,dc=com" +# +checkpoint 32 30 +rootdn "cn=Manager,dc=my-domain,dc=com" +# Cleartext passwords, especially for the rootdn, should +# be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. +rootpw secret +# The database directory MUST exist prior to running slapd AND +# should only be accessible by the slapd and slap tools. +# Mode 700 recommended. +directory /var/lib/openldap-data +# Indices to maintain +index objectClass eq diff --git a/openldap/ssl.orig/ldap.crt b/openldap/ssl.orig/ldap.crt new file mode 100644 index 0000000..fa06ff8 --- /dev/null +++ b/openldap/ssl.orig/ldap.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICxTCCAi6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UEBhMCVVMx +EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExEzAR +BgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2Vz +IE9ubHkxFTATBgNVBAMTDGxvY2FsaG9zdCBDQTEdMBsGCSqGSIb3DQEJARYOcm9v +dEBsb2NhbGhvc3QwHhcNMTAxMTMwMDYxOTIxWhcNMTIxMTI5MDYxOTIxWjCBpjEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRh +IEJhcmJhcmExEzARBgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0 +aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNVBAMTCWxvY2FsaG9zdDEdMBsGCSqGSIb3 +DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB +AMkIfppB2/lqViayi38AY7fPF3aGucpFDxrcVy2lhj4ulFY9anldtE1yji5EnrQo +utB4/3EPNta6TARazZwPJc68pEXCSKJNOwxr8BayD/C8s4+7Dbp6jPd478QF11Ct +67Z1Ir/dV6sxE7ygAJBs9bGYpAWrVQvcEkfMJtpzvHKdAgMBAAEwDQYJKoZIhvcN +AQEFBQADgYEAWXBBlzPp0DFDIoK/VwNBEYwD2qWuBCidH5DXsLB0Oje3W8ZGxd8K +4dJQlQ/Hz/FQwV6Olior0dVCNf1atI1R/zgLXWXwr2rNqD6an9Io54SktnJo0180 +UOezPxxK+lIwydrlpHKtQucO0wIf9gpFCJTofXpek8Xl1GmQtsl4SYA= +-----END CERTIFICATE----- diff --git a/openldap/ssl.orig/ldap.csr b/openldap/ssl.orig/ldap.csr new file mode 100644 index 0000000..1e7c8b4 --- /dev/null +++ b/openldap/ssl.orig/ldap.csr @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIB5zCCAVACAQAwgaYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh +MRYwFAYDVQQHEw1TYW50YSBCYXJiYXJhMRMwEQYDVQQKEwpTU0wgU2VydmVyMSIw +IAYDVQQLExlGb3IgVGVzdGluZyBQdXJwb3NlcyBPbmx5MRIwEAYDVQQDEwlsb2Nh +bGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0MIGfMA0GCSqGSIb3 +DQEBAQUAA4GNADCBiQKBgQDJCH6aQdv5alYmsot/AGO3zxd2hrnKRQ8a3FctpYY+ +LpRWPWp5XbRNco4uRJ60KLrQeP9xDzbWukwEWs2cDyXOvKRFwkiiTTsMa/AWsg/w +vLOPuw26eoz3eO/EBddQreu2dSK/3VerMRO8oACQbPWxmKQFq1UL3BJHzCbac7xy +nQIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEApDvEKMknyUCSYspWyLEEAi2VDRMD +o8W8nIrBzmKr3gr1AyS217YTe6om5qGrg4rN6+EOH6aK9PpKEwDNNN8iPD5v37Ec +eo6KB3TRGbbu8GoNbyhOzkJpbnVBdqA4nq8YQXy3+tYnWJ0GkiPYjs+HymkUSGxl +S2Aj0iy0jSm5crM= +-----END CERTIFICATE REQUEST----- diff --git a/openldap/ssl.orig/ldap.key b/openldap/ssl.orig/ldap.key new file mode 100644 index 0000000..0efab40 --- /dev/null +++ b/openldap/ssl.orig/ldap.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDJCH6aQdv5alYmsot/AGO3zxd2hrnKRQ8a3FctpYY+LpRWPWp5 +XbRNco4uRJ60KLrQeP9xDzbWukwEWs2cDyXOvKRFwkiiTTsMa/AWsg/wvLOPuw26 +eoz3eO/EBddQreu2dSK/3VerMRO8oACQbPWxmKQFq1UL3BJHzCbac7xynQIDAQAB +AoGBALJnh3L932mIpMvSx1j9z4Dfl8Ln7RlEEBOWVwd7TZcBX0LpXgQ21Dum3ebR +nsXjH2bC+m4rQk9tJOj4bF+CUdmA5SFLWfM31HlqVDwEl8paZ4LTei6mcbMqbOte +x9e/EEcQAPa1+OM6a6DNmB3tfvyCuINjz0jDH1vDjCoi6loBAkEA/l2+gOxiZlxC +/A1Xf06YIe2I/grOintx2DH0nHt9oZJnfirU5B91C45tlQ/8BMtazwkurvzKkTS/ +ivnvN3rDeQJBAMpTDfqaTTRgOaGwAwzrZTOFLQB+Opnvdrbs5mO13v2GJKMgLBZg +vJN2HiBPZLQZQHRv7FdS6vBm8GcHrGtIG0UCQQCHoHRzSZct/QO6YWLF/qIfdQgW +bKy0Kh4JqJlE1pOmEuob27qn6B4Ai3DiiiNWaxeATOUXaLKZugZnk9x5OHwBAkEA +lrgaYMZTnyHTrOxGyXgOErwx0v01wHjP8eM2ma7hZ/FnF5Ie5ai4sg060gzy0utA +xbyezkp5tA6rJcVknyK/FQJAec5lFqa4HRXwEYTgJH9z1jjqFyIJCLiyuWkONPqL +ADr7+AWgSSlojIDOW1UG12wAYBjuXYeSENfYWUtmY0JhhQ== +-----END RSA PRIVATE KEY----- diff --git a/openldap/ssl.orig/ldap.pem b/openldap/ssl.orig/ldap.pem new file mode 100644 index 0000000..e07bc46 --- /dev/null +++ b/openldap/ssl.orig/ldap.pem @@ -0,0 +1,33 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDJCH6aQdv5alYmsot/AGO3zxd2hrnKRQ8a3FctpYY+LpRWPWp5 +XbRNco4uRJ60KLrQeP9xDzbWukwEWs2cDyXOvKRFwkiiTTsMa/AWsg/wvLOPuw26 +eoz3eO/EBddQreu2dSK/3VerMRO8oACQbPWxmKQFq1UL3BJHzCbac7xynQIDAQAB +AoGBALJnh3L932mIpMvSx1j9z4Dfl8Ln7RlEEBOWVwd7TZcBX0LpXgQ21Dum3ebR +nsXjH2bC+m4rQk9tJOj4bF+CUdmA5SFLWfM31HlqVDwEl8paZ4LTei6mcbMqbOte +x9e/EEcQAPa1+OM6a6DNmB3tfvyCuINjz0jDH1vDjCoi6loBAkEA/l2+gOxiZlxC +/A1Xf06YIe2I/grOintx2DH0nHt9oZJnfirU5B91C45tlQ/8BMtazwkurvzKkTS/ +ivnvN3rDeQJBAMpTDfqaTTRgOaGwAwzrZTOFLQB+Opnvdrbs5mO13v2GJKMgLBZg +vJN2HiBPZLQZQHRv7FdS6vBm8GcHrGtIG0UCQQCHoHRzSZct/QO6YWLF/qIfdQgW +bKy0Kh4JqJlE1pOmEuob27qn6B4Ai3DiiiNWaxeATOUXaLKZugZnk9x5OHwBAkEA +lrgaYMZTnyHTrOxGyXgOErwx0v01wHjP8eM2ma7hZ/FnF5Ie5ai4sg060gzy0utA +xbyezkp5tA6rJcVknyK/FQJAec5lFqa4HRXwEYTgJH9z1jjqFyIJCLiyuWkONPqL +ADr7+AWgSSlojIDOW1UG12wAYBjuXYeSENfYWUtmY0JhhQ== +-----END RSA PRIVATE KEY----- + +-----BEGIN CERTIFICATE----- +MIICxTCCAi6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UEBhMCVVMx +EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExEzAR +BgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2Vz +IE9ubHkxFTATBgNVBAMTDGxvY2FsaG9zdCBDQTEdMBsGCSqGSIb3DQEJARYOcm9v +dEBsb2NhbGhvc3QwHhcNMTAxMTMwMDYxOTIxWhcNMTIxMTI5MDYxOTIxWjCBpjEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRh +IEJhcmJhcmExEzARBgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0 +aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNVBAMTCWxvY2FsaG9zdDEdMBsGCSqGSIb3 +DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB +AMkIfppB2/lqViayi38AY7fPF3aGucpFDxrcVy2lhj4ulFY9anldtE1yji5EnrQo +utB4/3EPNta6TARazZwPJc68pEXCSKJNOwxr8BayD/C8s4+7Dbp6jPd478QF11Ct +67Z1Ir/dV6sxE7ygAJBs9bGYpAWrVQvcEkfMJtpzvHKdAgMBAAEwDQYJKoZIhvcN +AQEFBQADgYEAWXBBlzPp0DFDIoK/VwNBEYwD2qWuBCidH5DXsLB0Oje3W8ZGxd8K +4dJQlQ/Hz/FQwV6Olior0dVCNf1atI1R/zgLXWXwr2rNqD6an9Io54SktnJo0180 +UOezPxxK+lIwydrlpHKtQucO0wIf9gpFCJTofXpek8Xl1GmQtsl4SYA= +-----END CERTIFICATE----- diff --git a/openldap/ssl/ca.rnd b/openldap/ssl/ca.rnd new file mode 100644 index 0000000000000000000000000000000000000000..3837e03f445ec31bf6c521c700fb09c2a1c9b940 GIT binary patch literal 1024 zcmV+b1poUmmz_a+(fIdBqK@kb#5)Obw~d%-o-p8?MhT%IS@#PSP0uZ1%7ES_bQF?= zRn{Pj4>;uMZ8|)z4DaW<*`-459)U24AqYeFjHsygwQ~U#a0|a&%NOh@z)R>$B>UdX zASwX|V#uDq7C6!{`K%QFFR?c__u+`&K2-HVyfe=>0T)hdzckn22CileYBIc9JLX48 zcMC)p!wCQ>0mowbvn?!yT_4;{#5@GE+&OGw+9b`#%GYZOAIGt-Q4XIFiXoJLn&Y(O zZa5a(v$Nepg83)h`yxF25$f=;QDN9cH0HtZrFOuvO*$kuR-wE zhul^kNI>zW$P4V_Cbf%nWn<_vxLK#3NI{EiK=Czpn{!zCgXcZ&>RnItthkouGKsAc zn>M+k^v=bE+QNZF^@?LL5y3LnWZFxt)+rAMi~Ym{TRFY0dt0NG7W*UK$ZatJK}cs}Af<|BVQ=qH3Y)d@s?`N~ zq{6|<+7ORr!CBc4Wf0k2cHqlK9aT{;erbcbfXFTjVm4_rM^L04qAB?Q=};?LZ=GAd z6pnOGQxq30bXa#%HRsmrA>Grfe7)k(pj4KDXF57h5|pOe)*jECx_A@!+lT8xf6v8p zmg0a@woa(EsN%a%CglKQF9eIF-v~^LH>tZCTain?@$i}`hF4dse-(}nuj(d0!{yYq ztT!ZT^d9rgjHCHD$6-V9IBQZ_)uxx4qwAe0ng=BckQrE@0O^8jcyi`sUZrol44l0S>pTK%4h}cgqhQ-D3!-5Md+?s8CXH; z(lEdmc+_7wM2U&UWz;-K98#}dp9~K2^5Cb$_7yA`>^i9Sh|&W!^$=xBk2l3OnJGd` z2bapJpSt9<&8y1xNhn$_*KxORTpPVuv)Zp4HFe57-vIXn-a_Y3PX{rIi;|@^{~H^g uQNe{^XFDdY?Qy@aw#vXdt-a=gEx?X*@%;hK +## Version 0.2 - 20010501 +## +## + + +### external tools +openssl="/usr/bin/openssl" + +### some optional terminal sequences +case $TERM in + xterm|xterm*|vt220|vt220*) + T_MD=`echo dummy | awk '{ printf("%c%c%c%c", 27, 91, 49, 109); }'` + T_ME=`echo dummy | awk '{ printf("%c%c%c", 27, 91, 109); }'` + ;; + vt100|vt100*) + T_MD=`echo dummy | awk '{ printf("%c%c%c%c%c%c", 27, 91, 49, 109, 0, 0); }'` + T_ME=`echo dummy | awk '{ printf("%c%c%c%c%c", 27, 91, 109, 0, 0); }'` + ;; + default) + T_MD='' + T_ME='' + ;; +esac + +# find some random files +# (do not use /dev/random here, because this device +# doesn't work as expected on all platforms) +randfiles='' +for file in /var/log/messages /var/adm/messages \ + /kernel /vmunix /vmlinuz \ + /etc/hosts /etc/resolv.conf; do + if [ -f $file ]; then + if [ ".$randfiles" = . ]; then + randfiles="$file" + else + randfiles="${randfiles}:$file" + fi + fi +done + + +echo "" +echo "${T_MD}" +echo "----------------------------------------------------------------------" +echo "Create self-signed test certificate" +echo "" +echo "Christian Zoffoli " +echo "Version 0.2 - 20010501" +echo "" +echo "" +echo "______________________________________________________________________${T_ME}" +echo "" +echo "" + + +if [ ! -e ./ldap.pem ];then + echo "Will create ldap.pem in `pwd`" +else + echo "ldap.pem already exist, dying" + exit +fi + + +mkdir -p /tmp/tmpssl-$$ +pushd /tmp/tmpssl-$$ > /dev/null + +echo "" +echo "" +echo "${T_MD}Generating Certificate " +echo "______________________________________________________________________${T_ME}" +echo "" + + +COMMONNAME=`hostname` + +if [ ! -n "$COMMONNAME" ] + then + COMMONNAME="www.openldap.org" +fi +#. /etc/sysconfig/i18n +if [ -n "$COUNTRY" ] + then + COUNTRY=`echo $LANG | sed -e "s/.*_//;s/@.*//;s/\..*//;s/_.*//" |tr a-z A-Z` +else + COUNTRY="US" +fi + +cat >.cfg <&2 + exit 1 +fi + + +popd >/dev/null + + +rm -f /tmp/tmpssl-$$/*.csr +rm -f /tmp/tmpssl-$$/ca.* +chmod 400 /tmp/tmpssl-$$/* + +echo "Certificate creation done!" +cp /tmp/tmpssl-$$/ldap.* . +chown ldap:ldap ldap.* + +rm -rf /tmp/tmpssl-$$ + + diff --git a/openldap/ssl/ldap.cfg b/openldap/ssl/ldap.cfg new file mode 100644 index 0000000..dc671eb --- /dev/null +++ b/openldap/ssl/ldap.cfg @@ -0,0 +1,24 @@ +[ req ] +default_bits = 1024 +distinguished_name = req_DN +RANDFILE = ca.rnd +[ req_DN ] +countryName = "1. Country Name (2 letter code)" +countryName_default = "DE" +countryName_min = 2 +countryName_max = 2 +stateOrProvinceName = "2. State or Province Name (full name) " +stateOrProvinceName_default = "Berlin" +localityName = "3. Locality Name (eg, city) " +localityName_default = "Berlin" +0.organizationName = "4. Organization Name (eg, company) " +0.organizationName_default = "LDAP Server Frank Brehm" +organizationalUnitName = "5. Organizational Unit Name (eg, section) " +organizationalUnitName_default = "privat" +commonName = "6. Common Name (eg, CA name) " +commonName_max = 64 +commonName_default = "helga" +emailAddress = "7. Email Address (eg, name@FQDN)" +emailAddress_max = 40 +emailAddress_default = "frank@brehm-online.com" + diff --git a/openldap/ssl/ldap.crt b/openldap/ssl/ldap.crt new file mode 100644 index 0000000..ee91d6b --- /dev/null +++ b/openldap/ssl/ldap.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICxTCCAi6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UEBhMCVVMx +EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExEzAR +BgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2Vz +IE9ubHkxFTATBgNVBAMTDGxvY2FsaG9zdCBDQTEdMBsGCSqGSIb3DQEJARYOcm9v +dEBsb2NhbGhvc3QwHhcNMTAwNTI1MTEwMTEwWhcNMTIwNTI0MTEwMTEwWjCBpjEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRh +IEJhcmJhcmExEzARBgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0 +aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNVBAMTCWxvY2FsaG9zdDEdMBsGCSqGSIb3 +DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB +ALbICAPLPYcODylOsvPdKrE+qr5dS9nCkjXH6bcsbfhSlwsPZHOFlZA5lyFDMXQ0 +KqHTgjJfu9LlzifuWaEIa6K1wR8JWooypO1+p/jtej96CBJkKmdvBriAJA6tEAI7 +KombpUjVtph5qxBppFdTi/ppWQapFXJws8wFPP27u+9/AgMBAAEwDQYJKoZIhvcN +AQEFBQADgYEAkXgJ3tPFfYdjj5vmeHCZhi/zmKh0ZDE8AouZtf+1F5Iu7kbKA5Tm +r/EwGbRdFPLRJilkU9HzchhKOAgGq134hyG0GpoR4aPXtPo6PZuSB1qTKlpSg5hZ +qTNuK59XjjnzugNDQsnrguUuLWcziHinJDw03EAZOQDcbnAowA0RgG4= +-----END CERTIFICATE----- diff --git a/openldap/ssl/ldap.csr b/openldap/ssl/ldap.csr new file mode 100644 index 0000000..636388d --- /dev/null +++ b/openldap/ssl/ldap.csr @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIB5zCCAVACAQAwgaYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh +MRYwFAYDVQQHEw1TYW50YSBCYXJiYXJhMRMwEQYDVQQKEwpTU0wgU2VydmVyMSIw +IAYDVQQLExlGb3IgVGVzdGluZyBQdXJwb3NlcyBPbmx5MRIwEAYDVQQDEwlsb2Nh +bGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0MIGfMA0GCSqGSIb3 +DQEBAQUAA4GNADCBiQKBgQC2yAgDyz2HDg8pTrLz3SqxPqq+XUvZwpI1x+m3LG34 +UpcLD2RzhZWQOZchQzF0NCqh04IyX7vS5c4n7lmhCGuitcEfCVqKMqTtfqf47Xo/ +eggSZCpnbwa4gCQOrRACOyqJm6VI1baYeasQaaRXU4v6aVkGqRVycLPMBTz9u7vv +fwIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEAiQaI92ntIkmrOzcmmQJIeXkQkNGA +BsATYIiNYiF6F2ZdQ4MKO8GtWBr2Q7aVkTKdmob+klPbE+RtsSetV/UxHXR0uhVb +rFfAGtE8f1I4W88SuS20uc9qtCe1ctDUiukgZnla/acOCyAlZWnnXTxV2a7SZURI +2J2gb0tUO69jgkE= +-----END CERTIFICATE REQUEST----- diff --git a/openldap/ssl/ldap.key b/openldap/ssl/ldap.key new file mode 100644 index 0000000..d26ee71 --- /dev/null +++ b/openldap/ssl/ldap.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQC2yAgDyz2HDg8pTrLz3SqxPqq+XUvZwpI1x+m3LG34UpcLD2Rz +hZWQOZchQzF0NCqh04IyX7vS5c4n7lmhCGuitcEfCVqKMqTtfqf47Xo/eggSZCpn +bwa4gCQOrRACOyqJm6VI1baYeasQaaRXU4v6aVkGqRVycLPMBTz9u7vvfwIDAQAB +AoGBAKaiGAR1biNI4vOSpryB3eD2s6yW24arxqW3Gk/+9kaT7NWNc9OJbj+s8SXG +3zgEMvWTILgR5Oaw0NBAkH+pcI27wcfZ1Hg0kmHEW3iN2JAaOe+7TpNo9z+t0KAt +PtYr8yIbmHM3OAiIYEKrzA3sVZsNgIOfmy8ZkeqzuQsr98hRAkEA5NL7r1MWVUtk +6xUH8qf4s9KXL/VNR0jFHopu7wHIayE8M71D81NmS00JrTw3pisO1lAm5pwlCx83 +nkYUwPJWaQJBAMx9MbYkFUHubTK4iTTZWuVxx89FSFRaEQbs3RICtgGup39z7M43 +2kuRkks1o06RacWsauOEvmuqJduMhUUA6acCQGL5a0nDe4Z7LPSNzTlFNEq7jQ9+ +X+W0cSarpB4XPFQyNPMAK3MFINrzQHtA76UdPLawRpM6+L7dytXX5EQszfkCQQDL +4jtxblKflRjdTG7I+boOML7W4y41pEN70yisL3XHAZvRkQTXq4qEdBUX1dgImyWJ +yNoeFRlDAbeTSm0KGtnbAkEApwA8ih41mV/L42YaC9FZvNk3oLlzLrRIB7jUExx1 +jSiahMlgF5UqYKom9m9BZM18/OqS6FudWBe0HwVvaW5TTA== +-----END RSA PRIVATE KEY----- diff --git a/openldap/ssl/ldap.pem b/openldap/ssl/ldap.pem new file mode 100644 index 0000000..3041f39 --- /dev/null +++ b/openldap/ssl/ldap.pem @@ -0,0 +1,32 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDC2x9zmiatUHorHfp1Na2M6hI5XVgYe4RsGPTLOVtwZv3e6vvN +kh82JH8HoUc1Ji1CzT0PXXLzUiNLROwMYYVAOyOZM/DdOEUGvqjUabACVvyC0cqf +/vwO3ITkcVgs4Y7R2UQ3kW8Z0vuAlWMu6lqgWEfda8obAwKrkat+nqs6wQIDAQAB +AoGAOCuKaXyqYZOtY/iEVn1exhxDnJ2343bXuYGIL30dSs2lqTj71UqmDKmApOZs +7HlQ2sznKSK7HEE1Q2Fe2kLScivWMghk5yLIRWy0BMeJanYfyD2s05NO3cZJHC2I +YEmEPs35ZHU1xWwAvBlvxVigZN/X7XVmEQeY0IvMd6a4WTECQQD88L8a93dZlsQW +jDXjv8s+ZzsHeAAlmu6uIMbK1lZCK/GQSu3tVxSatQV7+izYQtIVEQBCLciZRV6M +tzzScKJfAkEAxTaDLOGOF7XKsU6FG6vIvsr2oQF3P9gINTxaDP9LFC+ma6kydgug +YOXxuEfMWaveFikv6Yyf2KrslY22dAp23wJAJxy7EFpv1CSiEbKAqsT/kpi34gHG +VApPGhHra3YVRIozAlLz052BjCKtxGv8/zvl7GgCmDkoKbs2UaAMAaZ1FQJAWdL8 +aELLz2zTx3J2GiZiJtSXBLqAMCobgvPcKDNXZPhXGo5UF4QwJjJVqJO7NdScMQfN +dNjCLZOccnm7cpsZjQJBAIAk0b2Rgsqdog47jHngh4uUm3UZvetu8eDdjM6YO81j +trdZrBfwBtbqGP09E9a0BblntkQqFm5SJMYsEPqTUh8= +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIICrTCCAhYCCQDdpuHdFpyZTjANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMC +REUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMSAwHgYDVQQKExdM +REFQIFNlcnZlciBGcmFuayBCcmVobTEPMA0GA1UECxMGcHJpdmF0MQ4wDAYDVQQD +EwVoZWxnYTElMCMGCSqGSIb3DQEJARYWZnJhbmtAYnJlaG0tb25saW5lLmNvbTAg +Fw0xMDA1MjcwODE3MTRaGA80NzQ4MDQyMjA4MTcxNFowgZkxCzAJBgNVBAYTAkRF +MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEgMB4GA1UEChMXTERB +UCBTZXJ2ZXIgRnJhbmsgQnJlaG0xDzANBgNVBAsTBnByaXZhdDEOMAwGA1UEAxMF +aGVsZ2ExJTAjBgkqhkiG9w0BCQEWFmZyYW5rQGJyZWhtLW9ubGluZS5jb20wgZ8w +DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMLbH3OaJq1Qeisd+nU1rYzqEjldWBh7 +hGwY9Ms5W3Bm/d7q+82SHzYkfwehRzUmLULNPQ9dcvNSI0tE7AxhhUA7I5kz8N04 +RQa+qNRpsAJW/ILRyp/+/A7chORxWCzhjtHZRDeRbxnS+4CVYy7qWqBYR91ryhsD +AquRq36eqzrBAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAi4XMZW7HO8U8te6fcVK8 +Y8LJULZP2yu3LFHdAwApVqwfZ1D7bw1yOB5OL3wuTpOA5UvgkPKt07FKim5HHAh9 +S+kq2GC+EJZ0S6EZRRElvtfoeZ2BfK19JsPn5X3xEtLP7WytecHW2G1Vvt8MKTP2 +7vFo3lt2khHimaS9zGWaZAE= +-----END CERTIFICATE----- diff --git a/openldap/ssl/ldap.pem.orig b/openldap/ssl/ldap.pem.orig new file mode 100644 index 0000000..0924db7 --- /dev/null +++ b/openldap/ssl/ldap.pem.orig @@ -0,0 +1,33 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQC2yAgDyz2HDg8pTrLz3SqxPqq+XUvZwpI1x+m3LG34UpcLD2Rz +hZWQOZchQzF0NCqh04IyX7vS5c4n7lmhCGuitcEfCVqKMqTtfqf47Xo/eggSZCpn +bwa4gCQOrRACOyqJm6VI1baYeasQaaRXU4v6aVkGqRVycLPMBTz9u7vvfwIDAQAB +AoGBAKaiGAR1biNI4vOSpryB3eD2s6yW24arxqW3Gk/+9kaT7NWNc9OJbj+s8SXG +3zgEMvWTILgR5Oaw0NBAkH+pcI27wcfZ1Hg0kmHEW3iN2JAaOe+7TpNo9z+t0KAt +PtYr8yIbmHM3OAiIYEKrzA3sVZsNgIOfmy8ZkeqzuQsr98hRAkEA5NL7r1MWVUtk +6xUH8qf4s9KXL/VNR0jFHopu7wHIayE8M71D81NmS00JrTw3pisO1lAm5pwlCx83 +nkYUwPJWaQJBAMx9MbYkFUHubTK4iTTZWuVxx89FSFRaEQbs3RICtgGup39z7M43 +2kuRkks1o06RacWsauOEvmuqJduMhUUA6acCQGL5a0nDe4Z7LPSNzTlFNEq7jQ9+ +X+W0cSarpB4XPFQyNPMAK3MFINrzQHtA76UdPLawRpM6+L7dytXX5EQszfkCQQDL +4jtxblKflRjdTG7I+boOML7W4y41pEN70yisL3XHAZvRkQTXq4qEdBUX1dgImyWJ +yNoeFRlDAbeTSm0KGtnbAkEApwA8ih41mV/L42YaC9FZvNk3oLlzLrRIB7jUExx1 +jSiahMlgF5UqYKom9m9BZM18/OqS6FudWBe0HwVvaW5TTA== +-----END RSA PRIVATE KEY----- + +-----BEGIN CERTIFICATE----- +MIICxTCCAi6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UEBhMCVVMx +EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExEzAR +BgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2Vz +IE9ubHkxFTATBgNVBAMTDGxvY2FsaG9zdCBDQTEdMBsGCSqGSIb3DQEJARYOcm9v +dEBsb2NhbGhvc3QwHhcNMTAwNTI1MTEwMTEwWhcNMTIwNTI0MTEwMTEwWjCBpjEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRh +IEJhcmJhcmExEzARBgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0 +aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNVBAMTCWxvY2FsaG9zdDEdMBsGCSqGSIb3 +DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB +ALbICAPLPYcODylOsvPdKrE+qr5dS9nCkjXH6bcsbfhSlwsPZHOFlZA5lyFDMXQ0 +KqHTgjJfu9LlzifuWaEIa6K1wR8JWooypO1+p/jtej96CBJkKmdvBriAJA6tEAI7 +KombpUjVtph5qxBppFdTi/ppWQapFXJws8wFPP27u+9/AgMBAAEwDQYJKoZIhvcN +AQEFBQADgYEAkXgJ3tPFfYdjj5vmeHCZhi/zmKh0ZDE8AouZtf+1F5Iu7kbKA5Tm +r/EwGbRdFPLRJilkU9HzchhKOAgGq134hyG0GpoR4aPXtPo6PZuSB1qTKlpSg5hZ +qTNuK59XjjnzugNDQsnrguUuLWcziHinJDw03EAZOQDcbnAowA0RgG4= +-----END CERTIFICATE----- diff --git a/openldap/ssl/ldap.pem.sarah b/openldap/ssl/ldap.pem.sarah new file mode 100644 index 0000000..2a6c641 --- /dev/null +++ b/openldap/ssl/ldap.pem.sarah @@ -0,0 +1,29 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQC5JYulsSmNa1/166eZHPnunTx5MYKxr/zrObXcIFcNSqIZVJYg +ymJy9icG9QxWEfBsHYSJzyIQG/y11tDvCs5wKCu/624vLQfWVCO63M4vPSCR0aGG +KVoUjqRrx3V8xi/ahmIUn0A7veyWpHarest7FWIh4FiwvVnhv3QCJ6T05wIDAQAB +AoGAahQd78ASq6kioPb03qAgfttt444/cGkBwxAcp1OMLNxfBZ5WKdFrGKz57V2H +ROUgWAGNh5u6y3oNj23V5a/OWLDVaj8t+o1sxHTEPzZ6QQb9ZrXwOtgUarLkwkhe +Ut+JqqwZtzS1tepD/wATceUQC263KpzElO+rmR6s/brrpAECQQDeDuUDd0UkP6Sd +sdPMAO0+AUbp2TMYxprHtOTQ1m+RAh1g/NQrzSLzFynZ2mUAWy8jaEC54vl2K4rx +gDXt5j4BAkEA1XJO7vi8gmbdXBdZajolyHRcHHF7Od6U5WFxpLOo95jUrP3DTuE0 +yUQmfjikCq6wfQNsEAA1AmnYjSfVvmcC5wJBAJuXFCA5kdi0P0O/NgfbHmAzxNxV +s9fIUOtddHZfygxwzuUGQiPuuG5b7JcYz2xQd9b3VWLqBqEmIVTV4POwQAECQQC4 +DZmC93mV+J1oi7nOn9V0xOGopTJc9FHwedZE76cD2gWKJkgD/K5H3zxSGwVZMMl/ +AzRrl8IeEqdpELB/PtSBAkAUUo9Y4gGn1miw9fyWvDfjtXcO/ZWjk9xMhgG4l3Np +P1MzCDqDPThu3fDMt0IxcNLao60ogA3GwN47QrsI76kS +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIICJzCCAZACCQC7lpQGTP6eUjANBgkqhkiG9w0BAQQFADBYMQswCQYDVQQGEwJV +UzEUMBIGA1UEChMLTERBUCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciB0ZXN0aW5nIHB1 +cnBvc2VzIG9ubHkxDzANBgNVBAMTBmthZ29tZTAeFw0wNjA4MDMxNTM4NDVaFw0y +MjA2MTQwNjEzMjVaMFgxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtMREFQIFNlcnZl +cjEiMCAGA1UECxMZRm9yIHRlc3RpbmcgcHVycG9zZXMgb25seTEPMA0GA1UEAxMG +a2Fnb21lMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5JYulsSmNa1/166eZ +HPnunTx5MYKxr/zrObXcIFcNSqIZVJYgymJy9icG9QxWEfBsHYSJzyIQG/y11tDv +Cs5wKCu/624vLQfWVCO63M4vPSCR0aGGKVoUjqRrx3V8xi/ahmIUn0A7veyWpHar +est7FWIh4FiwvVnhv3QCJ6T05wIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAKQ7y0+3 +nn34SB7LzY2kLbeJ3EId0GBLIr7DmvJ0YohhgEVffBv+aBS4eWxANiO2B7utIUTm +wU3XFcQIL3nk97B20Yi/12VbUEeEIZdiYf3YBYjtW+7u1m0nzpB5Go7OJQV6Ngii +JWd8eQIqe5u0zJGu1QTTbdM1DMu+W9/9euiw +-----END CERTIFICATE----- diff --git a/pam.d/atd b/pam.d/atd new file mode 100644 index 0000000..e3b4b72 --- /dev/null +++ b/pam.d/atd @@ -0,0 +1,10 @@ +# +# The PAM configuration file for the at daemon +# + +auth required pam_env.so +auth include system-auth +account include system-auth +session required pam_limits.so +session include system-auth + diff --git a/pam.d/chage b/pam.d/chage new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/chage @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/chfn b/pam.d/chfn new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/chfn @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/chgpasswd b/pam.d/chgpasswd new file mode 100644 index 0000000..960b32e --- /dev/null +++ b/pam.d/chgpasswd @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth include system-auth + +account include system-auth + +password include system-auth diff --git a/pam.d/chpasswd b/pam.d/chpasswd new file mode 100644 index 0000000..960b32e --- /dev/null +++ b/pam.d/chpasswd @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth include system-auth + +account include system-auth + +password include system-auth diff --git a/pam.d/chsh b/pam.d/chsh new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/chsh @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/cron b/pam.d/cron new file mode 100644 index 0000000..62eb029 --- /dev/null +++ b/pam.d/cron @@ -0,0 +1,7 @@ +#%PAM-1.0 + +account required pam_unix.so + +auth required pam_unix.so + +session optional pam_limits.so diff --git a/pam.d/cups b/pam.d/cups new file mode 100644 index 0000000..acccae5 --- /dev/null +++ b/pam.d/cups @@ -0,0 +1,5 @@ +# File autogenerated by pamd_mimic in pam eclass + + +auth include system-auth +account include system-auth diff --git a/pam.d/cvs b/pam.d/cvs new file mode 100644 index 0000000..f401ec0 --- /dev/null +++ b/pam.d/cvs @@ -0,0 +1,4 @@ +#%PAM-1.0 +auth include system-auth +account include system-auth +session include system-auth diff --git a/pam.d/ftp b/pam.d/ftp new file mode 100644 index 0000000..540844b --- /dev/null +++ b/pam.d/ftp @@ -0,0 +1,18 @@ +# Provided by ftpbase (dont remove this line!) +# Standard pam.d file for ftp service packages. +# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftpbase/files/ftp-pamd-include,v 1.1 2005/06/28 14:52:26 uberlord Exp $ + +auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed +auth include system-auth + +# If this is enabled, anonymous logins will fail because the 'ftp' user does +# not have a "valid" shell, as listed in /etc/shells. +# +# If you enable this, it is recommended that you do *not* give the 'ftp' +# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and +# add /bin/false to /etc/shells. +# auth required pam_shells.so + +account include system-auth + +session include system-auth diff --git a/pam.d/groupadd b/pam.d/groupadd new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/groupadd @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/groupdel b/pam.d/groupdel new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/groupdel @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/groupmems b/pam.d/groupmems new file mode 100644 index 0000000..8f49f5c --- /dev/null +++ b/pam.d/groupmems @@ -0,0 +1,4 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +account required pam_permit.so +password include system-auth diff --git a/pam.d/groupmod b/pam.d/groupmod new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/groupmod @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/imap b/pam.d/imap new file mode 100644 index 0000000..f2d511a --- /dev/null +++ b/pam.d/imap @@ -0,0 +1,8 @@ +# Provided by mailbase (dont remove this line!) +# Standard pam.d file for mail service packages. +# $Header: /var/cvsroot/gentoo-x86/net-mail/mailbase/files/common-pamd-include,v 1.1 2005/04/29 13:07:50 ticho Exp $ + +auth required pam_nologin.so +auth include system-auth +account include system-auth +session include system-auth diff --git a/pam.d/imap4 b/pam.d/imap4 new file mode 120000 index 0000000..3c1fb1d --- /dev/null +++ b/pam.d/imap4 @@ -0,0 +1 @@ +imap \ No newline at end of file diff --git a/pam.d/imap4s b/pam.d/imap4s new file mode 120000 index 0000000..3c1fb1d --- /dev/null +++ b/pam.d/imap4s @@ -0,0 +1 @@ +imap \ No newline at end of file diff --git a/pam.d/imaps b/pam.d/imaps new file mode 120000 index 0000000..3c1fb1d --- /dev/null +++ b/pam.d/imaps @@ -0,0 +1 @@ +imap \ No newline at end of file diff --git a/pam.d/login b/pam.d/login new file mode 100644 index 0000000..13abd27 --- /dev/null +++ b/pam.d/login @@ -0,0 +1,6 @@ +auth required pam_securetty.so +auth include system-local-login + +account include system-local-login +password include system-local-login +session include system-local-login diff --git a/pam.d/newusers b/pam.d/newusers new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/newusers @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/other b/pam.d/other new file mode 100644 index 0000000..d8cb1fe --- /dev/null +++ b/pam.d/other @@ -0,0 +1,4 @@ +auth required pam_deny.so +account required pam_deny.so +password required pam_deny.so +session required pam_deny.so diff --git a/pam.d/passwd b/pam.d/passwd new file mode 100644 index 0000000..960b32e --- /dev/null +++ b/pam.d/passwd @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth include system-auth + +account include system-auth + +password include system-auth diff --git a/pam.d/pop b/pam.d/pop new file mode 100644 index 0000000..f2d511a --- /dev/null +++ b/pam.d/pop @@ -0,0 +1,8 @@ +# Provided by mailbase (dont remove this line!) +# Standard pam.d file for mail service packages. +# $Header: /var/cvsroot/gentoo-x86/net-mail/mailbase/files/common-pamd-include,v 1.1 2005/04/29 13:07:50 ticho Exp $ + +auth required pam_nologin.so +auth include system-auth +account include system-auth +session include system-auth diff --git a/pam.d/pop3 b/pam.d/pop3 new file mode 120000 index 0000000..6a7375a --- /dev/null +++ b/pam.d/pop3 @@ -0,0 +1 @@ +pop \ No newline at end of file diff --git a/pam.d/pop3s b/pam.d/pop3s new file mode 120000 index 0000000..6a7375a --- /dev/null +++ b/pam.d/pop3s @@ -0,0 +1 @@ +pop \ No newline at end of file diff --git a/pam.d/pops b/pam.d/pops new file mode 120000 index 0000000..6a7375a --- /dev/null +++ b/pam.d/pops @@ -0,0 +1 @@ +pop \ No newline at end of file diff --git a/pam.d/samba b/pam.d/samba new file mode 100644 index 0000000..91beadd --- /dev/null +++ b/pam.d/samba @@ -0,0 +1,8 @@ +#%PAM-1.0 +# * pam_smbpass.so authenticates against the smbpasswd file +# * changed Redhat's 'pam_stack' with 'include' for *BSD compatibility +# (Diego "Flameeyes" Petteno'): enable with pam>=0.78 only +auth required pam_smbpass.so nodelay +account include system-auth +session include system-auth +password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf diff --git a/pam.d/saslauthd b/pam.d/saslauthd new file mode 100644 index 0000000..d50a849 --- /dev/null +++ b/pam.d/saslauthd @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth required pam_nologin.so +auth include system-auth + +account include system-auth + +session include system-auth diff --git a/pam.d/screen b/pam.d/screen new file mode 100644 index 0000000..cd5e3f1 --- /dev/null +++ b/pam.d/screen @@ -0,0 +1,4 @@ +# File autogenerated by pamd_mimic in pam eclass + + +auth include system-auth diff --git a/pam.d/shadow b/pam.d/shadow new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/shadow @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/smtp b/pam.d/smtp new file mode 100644 index 0000000..acccae5 --- /dev/null +++ b/pam.d/smtp @@ -0,0 +1,5 @@ +# File autogenerated by pamd_mimic in pam eclass + + +auth include system-auth +account include system-auth diff --git a/pam.d/sshd b/pam.d/sshd new file mode 100644 index 0000000..b801aaa --- /dev/null +++ b/pam.d/sshd @@ -0,0 +1,4 @@ +auth include system-remote-login +account include system-remote-login +password include system-remote-login +session include system-remote-login diff --git a/pam.d/start-stop-daemon b/pam.d/start-stop-daemon new file mode 100644 index 0000000..2127f6a --- /dev/null +++ b/pam.d/start-stop-daemon @@ -0,0 +1,2 @@ +account required pam_permit.so +session include system-services diff --git a/pam.d/su b/pam.d/su new file mode 100644 index 0000000..4d0600b --- /dev/null +++ b/pam.d/su @@ -0,0 +1,33 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth sufficient pam_listfile.so item=ruser file=/etc/security/users.allow sense=allow onerr=fail + +# If you want to restrict users begin allowed to su even more, +# create /etc/security/suauth.allow (or to that matter) that is only +# writable by root, and add users that are allowed to su to that +# file, one per line. +#auth required pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow + +# Uncomment this to allow users in the wheel group to su without +# entering a passwd. +#auth sufficient pam_wheel.so use_uid trust + +# Alternatively to above, you can implement a list of users that do +# not need to supply a passwd with a list. +#auth sufficient pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass + +# Comment this to allow any user, even those not in the 'wheel' +# group to su +auth required pam_wheel.so use_uid + +auth include system-auth + +account include system-auth + +password include system-auth + +session include system-auth +session required pam_env.so +session optional pam_xauth.so + diff --git a/pam.d/sudo b/pam.d/sudo new file mode 100644 index 0000000..b94d487 --- /dev/null +++ b/pam.d/sudo @@ -0,0 +1,6 @@ +# File autogenerated by pamd_mimic in pam eclass + + +auth include system-auth +account include system-auth +session include system-auth diff --git a/pam.d/system-auth b/pam.d/system-auth new file mode 100644 index 0000000..bb9fcdb --- /dev/null +++ b/pam.d/system-auth @@ -0,0 +1,15 @@ +auth required pam_env.so +auth required pam_unix.so try_first_pass likeauth nullok +auth optional pam_permit.so + +account required pam_unix.so +account optional pam_permit.so + +password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 +password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow +password optional pam_permit.so + +session required pam_limits.so +session required pam_env.so +session required pam_unix.so +session optional pam_permit.so diff --git a/pam.d/system-local-login b/pam.d/system-local-login new file mode 100644 index 0000000..2f415ed --- /dev/null +++ b/pam.d/system-local-login @@ -0,0 +1,4 @@ +auth include system-login +account include system-login +password include system-login +session include system-login diff --git a/pam.d/system-login b/pam.d/system-login new file mode 100644 index 0000000..a20e8f9 --- /dev/null +++ b/pam.d/system-login @@ -0,0 +1,19 @@ +auth required pam_tally2.so onerr=succeed +auth required pam_shells.so +auth required pam_nologin.so +auth include system-auth + +account required pam_access.so +account required pam_nologin.so +account include system-auth +account required pam_tally2.so onerr=succeed + +password include system-auth + +session optional pam_loginuid.so +session required pam_env.so +session optional pam_lastlog.so +session include system-auth +session optional pam_motd.so motd=/etc/motd +session optional pam_mail.so + diff --git a/pam.d/system-remote-login b/pam.d/system-remote-login new file mode 100644 index 0000000..2f415ed --- /dev/null +++ b/pam.d/system-remote-login @@ -0,0 +1,4 @@ +auth include system-login +account include system-login +password include system-login +session include system-login diff --git a/pam.d/system-services b/pam.d/system-services new file mode 100644 index 0000000..a964f33 --- /dev/null +++ b/pam.d/system-services @@ -0,0 +1,7 @@ +auth sufficient pam_permit.so +account include system-auth +session optional pam_loginuid.so +session required pam_limits.so +session required pam_env.so +session required pam_unix.so +session optional pam_permit.so diff --git a/pam.d/useradd b/pam.d/useradd new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/useradd @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/userdel b/pam.d/userdel new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/userdel @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pam.d/usermod b/pam.d/usermod new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/pam.d/usermod @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/pango/pangox.aliases b/pango/pangox.aliases new file mode 100644 index 0000000..9b41aa7 --- /dev/null +++ b/pango/pangox.aliases @@ -0,0 +1,220 @@ +# File defining aliases of PangoFontDescription to X font set +# +# family style variant weight stretch XLFD + +sans normal normal normal normal \ + "-*-helvetica-medium-r-normal--*-*-*-*-*-*-*-*,\ + -*-gulim-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +sans italic normal normal normal \ + "-*-helvetica-medium-o-normal--*-*-*-*-*-*-*-*,\ + -*-gulim-medium-o-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +sans normal normal bold normal \ + "-*-helvetica-bold-r-normal--*-*-*-*-*-*-*-*,\ + -*-gulim-bold-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +sans italic normal bold normal \ + "-*-helvetica-bold-o-normal--*-*-*-*-*-*-*-*,\ + -*-gulim-bold-o-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + + +serif normal normal normal normal \ + "-*-times-medium-r-normal--*-*-*-*-*-*-*-*,\ + -*-batang-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +serif italic normal normal normal \ + "-*-times-medium-i-normal--*-*-*-*-*-*-*-*,\ + -*-batang-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +serif normal normal bold normal \ + "-*-times-bold-r-normal--*-*-*-*-*-*-*-*,\ + -*-batang-bold-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +serif italic normal bold normal \ + "-*-times-bold-i-normal--*-*-*-*-*-*-*-*,\ + -*-batang-bold-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +monospace normal normal normal normal \ + "-*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -*-dotum-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +monospace italic normal normal normal \ + "-*-fixed-medium-i-normal--*-*-*-*-*-*-*-*,\ + -*-dotum-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +monospace normal normal bold normal \ + "-*-fixed-bold-r-normal--*-*-*-*-*-*-*-*,\ + -*-dotum-bold-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" + +monospace italic normal bold normal \ + "-*-fixed-bold-i-normal--*-*-*-*-*-*-*-*,\ + -*-dotum-bold-r-normal--*-*-*-*-*-*-ksc5601.1987-0,\ + -*-clearlyu-medium-r-normal--*-*-*-*-*-*-iso10646-1,\ + -*-fixed-medium-r-normal--*-*-*-*-*-*-*-*,\ + -kaist-iyagi-bold-r-normal--*-*-*-*-*-*-johab-1,\ + -*-song ti-medium-r-normal--*-*-*-*-*-*-*-*,\ + -freetype-unitamil-medium-r-normal--*-*-*-*-*-*-iso10646-tam,\ + -*-devanagari-medium-r-normal--*-*-*-*-*-*-iso10646-dev,\ + -*-gujarati-medium-r-normal--*-*-*-*-*-*-iso10646-guj,\ + -*-gurmukhi-medium-r-normal--*-*-*-*-*-*-iso10646-gur,\ + -*-bengali-medium-r-normal--*-*-*-*-*-*-iso10646-bng,\ + -*-kannada-medium-r-normal--*-*-*-*-*-*-iso10646-kan,\ + -*-burmese-medium-r-normal--*-*-*-*-*-*-iso10646-brm,\ + -*-buginese-medium-r-normal--*-*-*-*-*-*-iso10646-bgn,\ + -*-oriya-medium-r-normal--*-*-*-*-*-*-iso10646-ori,\ + -daewoo-mincho-medium-r-normal--*-*-*-*-*-*-ksc5601.1987-0" diff --git a/pango/x86_64-pc-linux-gnu/pango.modules b/pango/x86_64-pc-linux-gnu/pango.modules new file mode 100644 index 0000000..7e40469 --- /dev/null +++ b/pango/x86_64-pc-linux-gnu/pango.modules @@ -0,0 +1,35 @@ +# Pango Modules file +# Automatically generated file, do not edit +# +# ModulesPath = /usr/lib64/pango/1.6.0/modules +# +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so devaIndicScriptEngineLang PangoEngineLang PangoRenderNone devanagari:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so bengIndicScriptEngineLang PangoEngineLang PangoRenderNone bengali:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so guruIndicScriptEngineLang PangoEngineLang PangoRenderNone gurmukhi:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so gujrIndicScriptEngineLang PangoEngineLang PangoRenderNone gujarati:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so oryaIndicScriptEngineLang PangoEngineLang PangoRenderNone oriya:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so tamlIndicScriptEngineLang PangoEngineLang PangoRenderNone tamil:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so teluIndicScriptEngineLang PangoEngineLang PangoRenderNone telugu:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so kndaIndicScriptEngineLang PangoEngineLang PangoRenderNone kannada:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so mlymIndicScriptEngineLang PangoEngineLang PangoRenderNone malayalam:* +/usr/lib64/pango/1.6.0/modules/pango-indic-lang.so sinhIndicScriptEngineLang PangoEngineLang PangoRenderNone sinhala:* +/usr/lib64/pango/1.6.0/modules/pango-basic-x.so BasicScriptEngineX PangoEngineShape PangoRenderX common: +/usr/lib64/pango/1.6.0/modules/pango-arabic-lang.so ArabicScriptEngineLang PangoEngineLang PangoRenderNone arabic:* +/usr/lib64/pango/1.6.0/modules/pango-syriac-fc.so SyriacScriptEngineFc PangoEngineShape PangoRenderFc syriac:* +/usr/lib64/pango/1.6.0/modules/pango-thai-fc.so ThaiScriptEngineFc PangoEngineShape PangoRenderFc thai:* lao:* +/usr/lib64/pango/1.6.0/modules/pango-tibetan-fc.so TibetanScriptEngineFc PangoEngineShape PangoRenderFc tibetan:* +/usr/lib64/pango/1.6.0/modules/pango-khmer-fc.so KhmerScriptEngineFc PangoEngineShape PangoRenderFc khmer:* +/usr/lib64/pango/1.6.0/modules/pango-hebrew-fc.so HebrewScriptEngineFc PangoEngineShape PangoRenderFc hebrew:* +/usr/lib64/pango/1.6.0/modules/pango-hangul-fc.so HangulScriptEngineFc PangoEngineShape PangoRenderFc hangul:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so devaScriptEngineFc PangoEngineShape PangoRenderFc devanagari:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so bengScriptEngineFc PangoEngineShape PangoRenderFc bengali:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so guruScriptEngineFc PangoEngineShape PangoRenderFc gurmukhi:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so gujrScriptEngineFc PangoEngineShape PangoRenderFc gujarati:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so oryaScriptEngineFc PangoEngineShape PangoRenderFc oriya:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so tamlScriptEngineFc PangoEngineShape PangoRenderFc tamil:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so teluScriptEngineFc PangoEngineShape PangoRenderFc telugu:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so kndaScriptEngineFc PangoEngineShape PangoRenderFc kannada:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so mlymScriptEngineFc PangoEngineShape PangoRenderFc malayalam:* +/usr/lib64/pango/1.6.0/modules/pango-indic-fc.so sinhScriptEngineFc PangoEngineShape PangoRenderFc sinhala:* +/usr/lib64/pango/1.6.0/modules/pango-arabic-fc.so ArabicScriptEngineFc PangoEngineShape PangoRenderFc arabic:* nko:* +/usr/lib64/pango/1.6.0/modules/pango-basic-fc.so BasicScriptEngineFc PangoEngineShape PangoRenderFc latin:* cyrillic:* greek:* armenian:* georgian:* runic:* ogham:* bopomofo:* cherokee:* coptic:* deseret:* ethiopic:* gothic:* han:* hiragana:* katakana:* old-italic:* canadian-aboriginal:* yi:* braille:* cypriot:* limbu:* osmanya:* shavian:* linear-b:* ugaritic:* glagolitic:* cuneiform:* phoenician:* common: diff --git a/php/apache2-php5.3/.rcs/php.ini,v b/php/apache2-php5.3/.rcs/php.ini,v new file mode 100644 index 0000000..f1c3f0f --- /dev/null +++ b/php/apache2-php5.3/.rcs/php.ini,v @@ -0,0 +1,1950 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.01.09.10.39.36; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2011.01.08.23.47.50; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +;output_buffering = 4096 +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +;display_errors = On +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +;enable_dl = Off +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" +from="frank@@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1 +log +@Initial revision +@ +text +@d262 2 +a263 1 +output_buffering = 4096 +d532 2 +a533 1 +display_errors = On +d817 2 +a818 1 +enable_dl = Off +d903 1 +d1222 1 +a1222 1 +mysql.default_host = +d1273 1 +a1273 1 +mysqli.default_host = +d1489 1 +a1489 1 +session.name = PHPSESSID +@ diff --git a/php/apache2-php5.3/.rcs/php.ini.orig,v b/php/apache2-php5.3/.rcs/php.ini.orig,v new file mode 100644 index 0000000..199aa15 --- /dev/null +++ b/php/apache2-php5.3/.rcs/php.ini.orig,v @@ -0,0 +1,1914 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.01.08.23.47.50; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ diff --git a/php/apache2-php5.3/ext-active/apc.ini b/php/apache2-php5.3/ext-active/apc.ini new file mode 120000 index 0000000..3c72dfd --- /dev/null +++ b/php/apache2-php5.3/ext-active/apc.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/apc.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/bcmath.ini b/php/apache2-php5.3/ext-active/bcmath.ini new file mode 120000 index 0000000..0836843 --- /dev/null +++ b/php/apache2-php5.3/ext-active/bcmath.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/bcmath.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/bz2.ini b/php/apache2-php5.3/ext-active/bz2.ini new file mode 120000 index 0000000..93621af --- /dev/null +++ b/php/apache2-php5.3/ext-active/bz2.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/bz2.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/calendar.ini b/php/apache2-php5.3/ext-active/calendar.ini new file mode 120000 index 0000000..248e0d7 --- /dev/null +++ b/php/apache2-php5.3/ext-active/calendar.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/calendar.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/crack.ini b/php/apache2-php5.3/ext-active/crack.ini new file mode 120000 index 0000000..053593d --- /dev/null +++ b/php/apache2-php5.3/ext-active/crack.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/crack.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/curl.ini b/php/apache2-php5.3/ext-active/curl.ini new file mode 120000 index 0000000..ffe30f7 --- /dev/null +++ b/php/apache2-php5.3/ext-active/curl.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/curl.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/dba.ini b/php/apache2-php5.3/ext-active/dba.ini new file mode 120000 index 0000000..ca34cb7 --- /dev/null +++ b/php/apache2-php5.3/ext-active/dba.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/dba.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/enchant.ini b/php/apache2-php5.3/ext-active/enchant.ini new file mode 120000 index 0000000..8b23bb2 --- /dev/null +++ b/php/apache2-php5.3/ext-active/enchant.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/enchant.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/exif.ini b/php/apache2-php5.3/ext-active/exif.ini new file mode 120000 index 0000000..9d71ca8 --- /dev/null +++ b/php/apache2-php5.3/ext-active/exif.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/exif.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/ftp.ini b/php/apache2-php5.3/ext-active/ftp.ini new file mode 120000 index 0000000..14abd12 --- /dev/null +++ b/php/apache2-php5.3/ext-active/ftp.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/ftp.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/gd.ini b/php/apache2-php5.3/ext-active/gd.ini new file mode 120000 index 0000000..4f5ef54 --- /dev/null +++ b/php/apache2-php5.3/ext-active/gd.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/gd.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/gettext.ini b/php/apache2-php5.3/ext-active/gettext.ini new file mode 120000 index 0000000..f3444bd --- /dev/null +++ b/php/apache2-php5.3/ext-active/gettext.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/gettext.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/gmp.ini b/php/apache2-php5.3/ext-active/gmp.ini new file mode 120000 index 0000000..26aa0c1 --- /dev/null +++ b/php/apache2-php5.3/ext-active/gmp.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/gmp.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/http.ini b/php/apache2-php5.3/ext-active/http.ini new file mode 120000 index 0000000..d227e2a --- /dev/null +++ b/php/apache2-php5.3/ext-active/http.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/http.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/imagick.ini b/php/apache2-php5.3/ext-active/imagick.ini new file mode 120000 index 0000000..b23ce76 --- /dev/null +++ b/php/apache2-php5.3/ext-active/imagick.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/imagick.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/imap.ini b/php/apache2-php5.3/ext-active/imap.ini new file mode 120000 index 0000000..5f59b3e --- /dev/null +++ b/php/apache2-php5.3/ext-active/imap.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/imap.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/intl.ini b/php/apache2-php5.3/ext-active/intl.ini new file mode 120000 index 0000000..b68d7c4 --- /dev/null +++ b/php/apache2-php5.3/ext-active/intl.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/intl.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/ldap.ini b/php/apache2-php5.3/ext-active/ldap.ini new file mode 120000 index 0000000..ddc1074 --- /dev/null +++ b/php/apache2-php5.3/ext-active/ldap.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/ldap.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/mailparse.ini b/php/apache2-php5.3/ext-active/mailparse.ini new file mode 120000 index 0000000..61cf9c3 --- /dev/null +++ b/php/apache2-php5.3/ext-active/mailparse.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/mailparse.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/mbstring.ini b/php/apache2-php5.3/ext-active/mbstring.ini new file mode 120000 index 0000000..a9afaa0 --- /dev/null +++ b/php/apache2-php5.3/ext-active/mbstring.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/mbstring.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/mcrypt.ini b/php/apache2-php5.3/ext-active/mcrypt.ini new file mode 120000 index 0000000..fdab9c7 --- /dev/null +++ b/php/apache2-php5.3/ext-active/mcrypt.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/mcrypt.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/mysql.ini b/php/apache2-php5.3/ext-active/mysql.ini new file mode 120000 index 0000000..6ac65a7 --- /dev/null +++ b/php/apache2-php5.3/ext-active/mysql.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/mysql.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/mysqli.ini b/php/apache2-php5.3/ext-active/mysqli.ini new file mode 120000 index 0000000..dd21899 --- /dev/null +++ b/php/apache2-php5.3/ext-active/mysqli.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/mysqli.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/odbc.ini b/php/apache2-php5.3/ext-active/odbc.ini new file mode 120000 index 0000000..b77e96d --- /dev/null +++ b/php/apache2-php5.3/ext-active/odbc.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/odbc.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/pcntl.ini b/php/apache2-php5.3/ext-active/pcntl.ini new file mode 120000 index 0000000..fe1f813 --- /dev/null +++ b/php/apache2-php5.3/ext-active/pcntl.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/pcntl.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/pspell.ini b/php/apache2-php5.3/ext-active/pspell.ini new file mode 120000 index 0000000..7d0dd91 --- /dev/null +++ b/php/apache2-php5.3/ext-active/pspell.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/pspell.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/snmp.ini b/php/apache2-php5.3/ext-active/snmp.ini new file mode 120000 index 0000000..21b868d --- /dev/null +++ b/php/apache2-php5.3/ext-active/snmp.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/snmp.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/soap.ini b/php/apache2-php5.3/ext-active/soap.ini new file mode 120000 index 0000000..54fe260 --- /dev/null +++ b/php/apache2-php5.3/ext-active/soap.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/soap.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/sockets.ini b/php/apache2-php5.3/ext-active/sockets.ini new file mode 120000 index 0000000..976c36b --- /dev/null +++ b/php/apache2-php5.3/ext-active/sockets.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/sockets.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/sysvmsg.ini b/php/apache2-php5.3/ext-active/sysvmsg.ini new file mode 120000 index 0000000..05cd9aa --- /dev/null +++ b/php/apache2-php5.3/ext-active/sysvmsg.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/sysvmsg.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/sysvsem.ini b/php/apache2-php5.3/ext-active/sysvsem.ini new file mode 120000 index 0000000..97698c5 --- /dev/null +++ b/php/apache2-php5.3/ext-active/sysvsem.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/sysvsem.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/sysvshm.ini b/php/apache2-php5.3/ext-active/sysvshm.ini new file mode 120000 index 0000000..cf63cfa --- /dev/null +++ b/php/apache2-php5.3/ext-active/sysvshm.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/sysvshm.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/tidy.ini b/php/apache2-php5.3/ext-active/tidy.ini new file mode 120000 index 0000000..b8ef64f --- /dev/null +++ b/php/apache2-php5.3/ext-active/tidy.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/tidy.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/wddx.ini b/php/apache2-php5.3/ext-active/wddx.ini new file mode 120000 index 0000000..c851489 --- /dev/null +++ b/php/apache2-php5.3/ext-active/wddx.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/wddx.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/xmlrpc.ini b/php/apache2-php5.3/ext-active/xmlrpc.ini new file mode 120000 index 0000000..94cc8ea --- /dev/null +++ b/php/apache2-php5.3/ext-active/xmlrpc.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/xmlrpc.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/xsl.ini b/php/apache2-php5.3/ext-active/xsl.ini new file mode 120000 index 0000000..26780c3 --- /dev/null +++ b/php/apache2-php5.3/ext-active/xsl.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/xsl.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/zip.ini b/php/apache2-php5.3/ext-active/zip.ini new file mode 120000 index 0000000..ea03892 --- /dev/null +++ b/php/apache2-php5.3/ext-active/zip.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/zip.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext-active/zlib.ini b/php/apache2-php5.3/ext-active/zlib.ini new file mode 120000 index 0000000..23c1e3a --- /dev/null +++ b/php/apache2-php5.3/ext-active/zlib.ini @@ -0,0 +1 @@ +/etc/php/apache2-php5.3/ext/zlib.ini \ No newline at end of file diff --git a/php/apache2-php5.3/ext/apc.ini b/php/apache2-php5.3/ext/apc.ini new file mode 100644 index 0000000..5ec2d6e --- /dev/null +++ b/php/apache2-php5.3/ext/apc.ini @@ -0,0 +1,26 @@ +extension=apc.so +apc.enabled="1" +apc.shm_segments="1" +apc.shm_size="30M" +apc.num_files_hint="1024" +apc.ttl="7200" +apc.user_ttl="7200" +apc.gc_ttl="3600" +apc.cache_by_default="1" +;apc.filters="" +apc.mmap_file_mask="/tmp/apcphp5.XXXXXX" +apc.slam_defense="0" +apc.file_update_protection="2" +apc.enable_cli="0" +apc.max_file_size="1M" +apc.stat="1" +apc.write_lock="1" +apc.report_autofilter="0" +apc.include_once_override="0" +apc.rfc1867="0" +apc.rfc1867_prefix="upload_" +apc.rfc1867_name="APC_UPLOAD_PROGRESS" +apc.rfc1867_freq="0" +apc.localcache="0" +apc.localcache.size="512" +apc.coredump_unmap="0" diff --git a/php/apache2-php5.3/ext/bcmath.ini b/php/apache2-php5.3/ext/bcmath.ini new file mode 100644 index 0000000..7e0ae9a --- /dev/null +++ b/php/apache2-php5.3/ext/bcmath.ini @@ -0,0 +1 @@ +extension=bcmath.so diff --git a/php/apache2-php5.3/ext/bz2.ini b/php/apache2-php5.3/ext/bz2.ini new file mode 100644 index 0000000..f9d67d2 --- /dev/null +++ b/php/apache2-php5.3/ext/bz2.ini @@ -0,0 +1 @@ +extension=bz2.so diff --git a/php/apache2-php5.3/ext/calendar.ini b/php/apache2-php5.3/ext/calendar.ini new file mode 100644 index 0000000..9106f44 --- /dev/null +++ b/php/apache2-php5.3/ext/calendar.ini @@ -0,0 +1 @@ +extension=calendar.so diff --git a/php/apache2-php5.3/ext/crack.ini b/php/apache2-php5.3/ext/crack.ini new file mode 100644 index 0000000..25bab90 --- /dev/null +++ b/php/apache2-php5.3/ext/crack.ini @@ -0,0 +1 @@ +extension=crack.so diff --git a/php/apache2-php5.3/ext/curl.ini b/php/apache2-php5.3/ext/curl.ini new file mode 100644 index 0000000..3ed40f6 --- /dev/null +++ b/php/apache2-php5.3/ext/curl.ini @@ -0,0 +1 @@ +extension=curl.so diff --git a/php/apache2-php5.3/ext/dba.ini b/php/apache2-php5.3/ext/dba.ini new file mode 100644 index 0000000..3058911 --- /dev/null +++ b/php/apache2-php5.3/ext/dba.ini @@ -0,0 +1 @@ +extension=dba.so diff --git a/php/apache2-php5.3/ext/enchant.ini b/php/apache2-php5.3/ext/enchant.ini new file mode 100644 index 0000000..f9b3244 --- /dev/null +++ b/php/apache2-php5.3/ext/enchant.ini @@ -0,0 +1 @@ +extension=enchant.so diff --git a/php/apache2-php5.3/ext/exif.ini b/php/apache2-php5.3/ext/exif.ini new file mode 100644 index 0000000..0688bbe --- /dev/null +++ b/php/apache2-php5.3/ext/exif.ini @@ -0,0 +1 @@ +extension=exif.so diff --git a/php/apache2-php5.3/ext/ftp.ini b/php/apache2-php5.3/ext/ftp.ini new file mode 100644 index 0000000..d4c6f43 --- /dev/null +++ b/php/apache2-php5.3/ext/ftp.ini @@ -0,0 +1 @@ +extension=ftp.so diff --git a/php/apache2-php5.3/ext/gd.ini b/php/apache2-php5.3/ext/gd.ini new file mode 100644 index 0000000..1941c0d --- /dev/null +++ b/php/apache2-php5.3/ext/gd.ini @@ -0,0 +1 @@ +extension=gd.so diff --git a/php/apache2-php5.3/ext/gettext.ini b/php/apache2-php5.3/ext/gettext.ini new file mode 100644 index 0000000..1b2e930 --- /dev/null +++ b/php/apache2-php5.3/ext/gettext.ini @@ -0,0 +1 @@ +extension=gettext.so diff --git a/php/apache2-php5.3/ext/gmp.ini b/php/apache2-php5.3/ext/gmp.ini new file mode 100644 index 0000000..16d339e --- /dev/null +++ b/php/apache2-php5.3/ext/gmp.ini @@ -0,0 +1 @@ +extension=gmp.so diff --git a/php/apache2-php5.3/ext/http.ini b/php/apache2-php5.3/ext/http.ini new file mode 100644 index 0000000..7c994f1 --- /dev/null +++ b/php/apache2-php5.3/ext/http.ini @@ -0,0 +1,22 @@ +extension=http.so +http.etag.mode=MD5 +http.force_exit=1 +http.log.allowed_methods= +http.log.cache= +http.log.composite= +http.log.not_found= +http.log.redirect= +http.only_exceptions=0 +http.persistent.handles.ident=GLOBAL +http.persistent.handles.limit=-1 +http.request.datashare.connect=0 +http.request.datashare.cookie=0 +http.request.datashare.dns=1 +http.request.datashare.ssl=0 +http.request.methods.allowed= +http.request.methods.custom= +http.send.inflate.start_auto=0 +http.send.inflate.start_flags=0 +http.send.deflate.start_auto=0 +http.send.deflate.start_flags=0 +http.send.not_found_404=1 diff --git a/php/apache2-php5.3/ext/imagick.ini b/php/apache2-php5.3/ext/imagick.ini new file mode 100644 index 0000000..d7513f1 --- /dev/null +++ b/php/apache2-php5.3/ext/imagick.ini @@ -0,0 +1 @@ +extension=imagick.so diff --git a/php/apache2-php5.3/ext/imap.ini b/php/apache2-php5.3/ext/imap.ini new file mode 100644 index 0000000..a70747f --- /dev/null +++ b/php/apache2-php5.3/ext/imap.ini @@ -0,0 +1 @@ +extension=imap.so diff --git a/php/apache2-php5.3/ext/intl.ini b/php/apache2-php5.3/ext/intl.ini new file mode 100644 index 0000000..b334e92 --- /dev/null +++ b/php/apache2-php5.3/ext/intl.ini @@ -0,0 +1 @@ +extension=intl.so diff --git a/php/apache2-php5.3/ext/ldap.ini b/php/apache2-php5.3/ext/ldap.ini new file mode 100644 index 0000000..00825a2 --- /dev/null +++ b/php/apache2-php5.3/ext/ldap.ini @@ -0,0 +1 @@ +extension=ldap.so diff --git a/php/apache2-php5.3/ext/mailparse.ini b/php/apache2-php5.3/ext/mailparse.ini new file mode 100644 index 0000000..cb7ebda --- /dev/null +++ b/php/apache2-php5.3/ext/mailparse.ini @@ -0,0 +1 @@ +extension=mailparse.so diff --git a/php/apache2-php5.3/ext/mbstring.ini b/php/apache2-php5.3/ext/mbstring.ini new file mode 100644 index 0000000..772b052 --- /dev/null +++ b/php/apache2-php5.3/ext/mbstring.ini @@ -0,0 +1 @@ +extension=mbstring.so diff --git a/php/apache2-php5.3/ext/mcrypt.ini b/php/apache2-php5.3/ext/mcrypt.ini new file mode 100644 index 0000000..547ebdd --- /dev/null +++ b/php/apache2-php5.3/ext/mcrypt.ini @@ -0,0 +1 @@ +extension=mcrypt.so diff --git a/php/apache2-php5.3/ext/mysql.ini b/php/apache2-php5.3/ext/mysql.ini new file mode 100644 index 0000000..da09c40 --- /dev/null +++ b/php/apache2-php5.3/ext/mysql.ini @@ -0,0 +1 @@ +extension=mysql.so diff --git a/php/apache2-php5.3/ext/mysqli.ini b/php/apache2-php5.3/ext/mysqli.ini new file mode 100644 index 0000000..9d0502f --- /dev/null +++ b/php/apache2-php5.3/ext/mysqli.ini @@ -0,0 +1 @@ +extension=mysqli.so diff --git a/php/apache2-php5.3/ext/odbc.ini b/php/apache2-php5.3/ext/odbc.ini new file mode 100644 index 0000000..96a0730 --- /dev/null +++ b/php/apache2-php5.3/ext/odbc.ini @@ -0,0 +1 @@ +extension=odbc.so diff --git a/php/apache2-php5.3/ext/pcntl.ini b/php/apache2-php5.3/ext/pcntl.ini new file mode 100644 index 0000000..f0a7145 --- /dev/null +++ b/php/apache2-php5.3/ext/pcntl.ini @@ -0,0 +1 @@ +extension=pcntl.so diff --git a/php/apache2-php5.3/ext/pspell.ini b/php/apache2-php5.3/ext/pspell.ini new file mode 100644 index 0000000..b4d0a8c --- /dev/null +++ b/php/apache2-php5.3/ext/pspell.ini @@ -0,0 +1 @@ +extension=pspell.so diff --git a/php/apache2-php5.3/ext/snmp.ini b/php/apache2-php5.3/ext/snmp.ini new file mode 100644 index 0000000..15acf38 --- /dev/null +++ b/php/apache2-php5.3/ext/snmp.ini @@ -0,0 +1 @@ +extension=snmp.so diff --git a/php/apache2-php5.3/ext/soap.ini b/php/apache2-php5.3/ext/soap.ini new file mode 100644 index 0000000..1deef9c --- /dev/null +++ b/php/apache2-php5.3/ext/soap.ini @@ -0,0 +1 @@ +extension=soap.so diff --git a/php/apache2-php5.3/ext/sockets.ini b/php/apache2-php5.3/ext/sockets.ini new file mode 100644 index 0000000..327228b --- /dev/null +++ b/php/apache2-php5.3/ext/sockets.ini @@ -0,0 +1 @@ +extension=sockets.so diff --git a/php/apache2-php5.3/ext/sysvmsg.ini b/php/apache2-php5.3/ext/sysvmsg.ini new file mode 100644 index 0000000..639950e --- /dev/null +++ b/php/apache2-php5.3/ext/sysvmsg.ini @@ -0,0 +1 @@ +extension=sysvmsg.so diff --git a/php/apache2-php5.3/ext/sysvsem.ini b/php/apache2-php5.3/ext/sysvsem.ini new file mode 100644 index 0000000..dd2c343 --- /dev/null +++ b/php/apache2-php5.3/ext/sysvsem.ini @@ -0,0 +1 @@ +extension=sysvsem.so diff --git a/php/apache2-php5.3/ext/sysvshm.ini b/php/apache2-php5.3/ext/sysvshm.ini new file mode 100644 index 0000000..4c26779 --- /dev/null +++ b/php/apache2-php5.3/ext/sysvshm.ini @@ -0,0 +1 @@ +extension=sysvshm.so diff --git a/php/apache2-php5.3/ext/tidy.ini b/php/apache2-php5.3/ext/tidy.ini new file mode 100644 index 0000000..834babc --- /dev/null +++ b/php/apache2-php5.3/ext/tidy.ini @@ -0,0 +1 @@ +extension=tidy.so diff --git a/php/apache2-php5.3/ext/wddx.ini b/php/apache2-php5.3/ext/wddx.ini new file mode 100644 index 0000000..95571ae --- /dev/null +++ b/php/apache2-php5.3/ext/wddx.ini @@ -0,0 +1 @@ +extension=wddx.so diff --git a/php/apache2-php5.3/ext/xmlrpc.ini b/php/apache2-php5.3/ext/xmlrpc.ini new file mode 100644 index 0000000..b03d93c --- /dev/null +++ b/php/apache2-php5.3/ext/xmlrpc.ini @@ -0,0 +1 @@ +extension=xmlrpc.so diff --git a/php/apache2-php5.3/ext/xsl.ini b/php/apache2-php5.3/ext/xsl.ini new file mode 100644 index 0000000..3223510 --- /dev/null +++ b/php/apache2-php5.3/ext/xsl.ini @@ -0,0 +1 @@ +extension=xsl.so diff --git a/php/apache2-php5.3/ext/zip.ini b/php/apache2-php5.3/ext/zip.ini new file mode 100644 index 0000000..bb70997 --- /dev/null +++ b/php/apache2-php5.3/ext/zip.ini @@ -0,0 +1 @@ +extension=zip.so diff --git a/php/apache2-php5.3/ext/zlib.ini b/php/apache2-php5.3/ext/zlib.ini new file mode 100644 index 0000000..3d29bce --- /dev/null +++ b/php/apache2-php5.3/ext/zlib.ini @@ -0,0 +1 @@ +extension=zlib.so diff --git a/php/apache2-php5.3/php.ini b/php/apache2-php5.3/php.ini new file mode 100644 index 0000000..0af83e3 --- /dev/null +++ b/php/apache2-php5.3/php.ini @@ -0,0 +1,1898 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +;output_buffering = 4096 +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +;display_errors = On +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +;enable_dl = Off +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" +from="frank@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/var/lib/php/session" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/apache2-php5.3/php.ini.orig b/php/apache2-php5.3/php.ini.orig new file mode 100644 index 0000000..8f4eac8 --- /dev/null +++ b/php/apache2-php5.3/php.ini.orig @@ -0,0 +1,1890 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/apache2-php5/.rcs/php.ini,v b/php/apache2-php5/.rcs/php.ini,v new file mode 100644 index 0000000..81d47ba --- /dev/null +++ b/php/apache2-php5/.rcs/php.ini,v @@ -0,0 +1,2652 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.10.30.19.18.46; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.19.20.47.53; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +;output_buffering = 4096 +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" +from="frank@@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_exif.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1 +log +@Initial revision +@ +text +@a2 11 +;;;;;;;;;;; +; WARNING ; +;;;;;;;;;;; +; This is the default settings file for new PHP installations. +; By default, PHP installs itself with a configuration suitable for +; development purposes, and *NOT* for production purposes. +; For several security-oriented considerations that should be taken +; before going online with your site, please consult php.ini-recommended +; and http://php.net/manual/en/security.php. + + +d6 16 +a21 8 +; This file controls many aspects of PHP's behavior. In order for PHP to +; read it, it must be named 'php.ini'. PHP looks for it in the current +; working directory, in the path designated by the environment variable +; PHPRC, and in the path that was defined in compile time (in that order). +; Under Windows, the compile-time path is the Windows directory. The +; path in which the php.ini file is looked for can be overridden using +; the -c argument in command line mode. +; +d26 10 +a35 1 +; +d39 4 +a42 1 +; +d45 3 +a47 2 +; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). +; +d49 6 +a54 5 +; | bitwise OR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT +; +d57 1 +a57 1 +; +d60 1 +a60 1 +; +d62 3 +a64 3 +; foo = none ; sets foo to an empty string +; foo = "none" ; sets foo to the string 'none' +; +d68 1 +a68 2 +; +; +d72 13 +a84 3 +; All the values in the php.ini-dist file correspond to the builtin +; defaults (that is, if no php.ini is used, or if you delete these lines, +; the builtin defaults will be identical). +d86 119 +d211 1 +d214 13 +a226 10 +; Enable compatibility mode with Zend Engine 1 (PHP 4.x) +zend.ze1_compatibility_mode = Off + +; Allow the tags are recognized. +; NOTE: Using short tags should be avoided when developing applications or +; libraries that are meant for redistribution, or deployment on PHP +; servers which are not under your control, because short tags may not +; be supported on the target server. For portable, redistributable code, +; be sure not to use short tags. +short_open_tag = On +d229 1 +d233 2 +a234 1 +precision = 12 +d237 1 +d240 23 +a262 7 +; Output buffering allows you to send header lines (including cookies) even +; after you send body content, at the price of slowing PHP's output layer a +; bit. You can enable output buffering during runtime by calling the output +; buffering functions. You can also enable output buffering for all files by +; setting this directive to On. If you wish to limit the size of the buffer +; to a certain size - you can use a maximum number of bytes instead of 'On', as +; a value for this directive (e.g., output_buffering=4096). +d270 3 +a272 3 +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +d274 1 +a274 1 +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +d276 2 +a277 1 +; Instead you must use zlib.output_handler. +d284 3 +a286 3 +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +d288 2 +a289 1 +; output_handler, or otherwise the output will be corrupted. +d291 2 +d298 1 +d306 2 +d312 2 +a313 3 +; which should be instantiated. +; A warning appears if the specified function is not defined, or if the +; function doesn't include/implement the missing class. +d316 1 +a316 1 +unserialize_callback_func= +d323 13 +a335 10 +; Whether to enable the ability to force arguments to be passed by reference +; at function call time. This method is deprecated and is likely to be +; unsupported in future versions of PHP/Zend. The encouraged method of +; specifying which arguments should be passed by reference is in the function +; declaration. You're encouraged to try and turn this option Off and make +; sure your scripts work properly with it in order to ensure they will work +; with future versions of the language (you will receive a warning each time +; you use this feature, and the argument will be passed by value instead of by +; reference). +allow_call_time_pass_reference = On +a336 1 +; +d338 1 +a338 1 +; +d344 1 +d351 1 +d356 1 +a363 1 +; +d365 2 +a366 1 +; environment variable! +d372 1 +d379 1 +d385 1 +d391 1 +d396 1 +d405 5 +a409 3 +; the request. Consider enabling it if executing long request, which may end up +; being interrupted by the user or a browser timing out. +; ignore_user_abort = On +d414 2 +a415 1 +; realpath_cache_size=16k +d420 6 +a425 1 +; realpath_cache_ttl=120 +a426 3 +; +; Misc +; +d431 1 +a433 1 + +d438 22 +a459 5 +max_execution_time = 30 ; Maximum execution time of each script, in seconds +max_input_time = 60 ; Maximum amount of time each script may spend parsing request data +;max_input_nesting_level = 64 ; Maximum input variable nesting level +memory_limit = 128M ; Maximum amount of memory a script may consume (128MB) + +d465 17 +a481 3 +; error_reporting is a bit-field. Or each number up to get desired error +; reporting level +; E_ALL - All errors and warnings (doesn't include E_STRICT) +d502 41 +a542 39 +; +; Examples: +; +; - Show all errors, except for notices and coding standards warnings +; +;error_reporting = E_ALL & ~E_NOTICE +; +; - Show all errors, except for notices +; +;error_reporting = E_ALL & ~E_NOTICE | E_STRICT +; +; - Show only errors +; +;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR +; +; - Show all errors except for notices and coding standards warnings +; +error_reporting = E_ALL & ~E_NOTICE + +; Print out errors (as a part of the output). For production web sites, +; you're strongly encouraged to turn this feature off, and use error logging +; instead (see below). Keeping display_errors enabled on a production web site +; may reveal security information to end users, such as file paths on your Web +; server, your database schema or other information. +; +; possible values for display_errors: +; +; Off - Do not display any errors +; stderr - Display errors to STDERR (affects only CGI/CLI binaries!) +; +;display_errors = "stderr" +; +; stdout (On) - Display errors to STDOUT +; +display_errors = On + +; Even when display_errors is on, errors that occur during PHP's startup +; sequence are not displayed. It's strongly recommended to keep +; display_startup_errors off, except for when debugging. +d545 9 +a553 4 +; Log errors into a log file (server-specific log, stderr, or error_log (below)) +; As stated above, you're strongly advised to use error logging in place of +; error displaying on production web sites. +log_errors = Off +d557 1 +d562 1 +d568 1 +d574 1 +d577 1 +d580 7 +a586 1 +; Store the last error/warning message in $php_errormsg (boolean). +d590 1 +d592 1 +d596 10 +a605 3 +; Disable the inclusion of HTML tags in error messages. +; Note: Never use this feature for production boxes. +;html_errors = Off +d609 1 +a609 1 +; You can download a copy of the PHP manual from http://www.php.net/docs.php +d612 1 +a612 1 +; the dot. +d614 2 +d617 2 +d621 4 +a624 1 +; String to output before an error message. +d627 4 +a630 1 +; String to output after an error message. +d633 5 +a637 3 +; Log errors to specified file. +;error_log = filename + +a640 1 + +a643 2 +; +; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 +d646 3 +a648 1 +; Default is "&". +d652 1 +a652 1 +; Default is "&". +d654 2 +d658 26 +a683 5 +; This directive describes the order in which PHP registers GET, POST, Cookie, +; Environment and Built-in variables (G, P, C, E & S respectively, often +; referred to as EGPCS or GPC). Registration is done from left to right, newer +; values override older values. +variables_order = "EGPCS" +d687 1 +a687 4 +; with user data. This makes most sense when coupled with track_vars - in which +; case you can access all of the GPC variables through the $HTTP_*_VARS[], +; variables. +; +d691 1 +d694 24 +a717 9 +; Whether or not to register the old-style input arrays, HTTP_GET_VARS +; and friends. If you're not using them, it's recommended to turn them off, +; for performance reasons. +register_long_arrays = On + +; This directive tells PHP whether to declare the argv&argc variables (that +; would contain the GET information). If you don't use these variables, you +; should turn it off for increased performance. +register_argc_argv = On +d724 1 +d728 1 +d731 15 +a745 5 +; Magic quotes +; + +; Magic quotes for incoming GET/POST/Cookie data. +magic_quotes_gpc = On +d748 1 +d752 1 +d755 2 +a756 1 +; Automatically add files before or after any PHP document. +d758 3 +d763 1 +a763 1 +; As of 4.0b4, PHP always outputs a character encoding by default in +d768 1 +d770 3 +d775 3 +a777 1 +; Always populate the $HTTP_RAW_POST_DATA variable. +a779 1 + +d789 3 +d798 1 +d803 1 +d807 4 +a810 1 +extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 +d815 1 +d822 2 +a823 1 +; cgi.force_redirect = 1 +d826 2 +a827 2 +; every request. +; cgi.nph = 1 +d833 2 +a834 1 +; cgi.redirect_status_env = ; +d839 1 +a839 1 +; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting +d842 2 +a843 1 +; cgi.fix_pathinfo=0 +d850 2 +a851 1 +; fastcgi.impersonate = 1; +d853 3 +a855 2 +; Disable logging through FastCGI connection +; fastcgi.logging = 0 +d862 1 +a864 1 + +d870 1 +d875 1 +d879 1 +a881 1 + +d890 1 +d894 1 +d897 3 +a899 1 +; Define the anonymous ftp password (your email address) +d901 1 +d903 3 +a905 2 +; Define the User-Agent string +; user_agent="PHP" +d908 1 +d916 2 +a917 2 +; auto_detect_line_endings = Off + +d922 1 +a922 1 +; +d936 7 +a942 5 +; Note that it should be the name of the module only; no directory information +; needs to go here. Specify the location of the extension with the +; extension_dir directive above. + + +d948 1 +a948 1 + +a951 1 +;extension=php_dbase.dll +d953 1 +a953 1 +;extension=php_fdf.dll +d957 1 +a957 1 +;extension=php_ifx.dll +a961 3 +;extension=php_mcrypt.dll +;extension=php_mhash.dll +;extension=php_mime_magic.dll +a962 1 +;extension=php_msql.dll +d966 2 +a967 1 +;extension=php_oci8.dll +a968 1 +;extension=php_pdo.dll +a972 1 +;extension=php_pdo_oci8.dll +d977 1 +d984 1 +d997 1 +d1000 1 +d1002 2 +d1006 1 +d1008 2 +d1013 1 +d1015 2 +d1024 7 +d1032 1 +d1035 3 +d1040 1 +d1043 3 +a1045 3 +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +d1047 1 +d1050 26 +d1080 1 +d1085 1 +d1087 1 +d1091 1 +d1095 1 +d1103 6 +d1110 1 +d1114 1 +d1116 2 +d1119 2 +d1123 4 +d1128 1 +d1132 1 +d1136 1 +d1140 1 +d1145 1 +d1150 2 +a1151 1 +; of uodbc.defaultlrl and uodbc.defaultbinmode +d1154 33 +d1188 4 +d1193 1 +d1196 4 +d1201 1 +d1205 1 +d1212 1 +d1217 1 +d1221 2 +a1222 1 +mysql.default_host = +d1225 1 +d1233 1 +d1237 1 +d1242 1 +d1247 12 +d1260 1 +d1263 4 +d1271 1 +d1276 1 +d1280 2 +a1281 1 +mysqli.default_host = +d1284 1 +d1292 1 +d1298 19 +a1316 3 +[mSQL] +; Allow or prevent persistent links. +msql.allow_persistent = On +d1318 1 +a1318 5 +; Maximum number of persistent links. -1 means no limit. +msql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +msql.max_links = -1 +d1320 3 +a1322 2 +[OCI8] +; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA) +d1327 1 +d1333 1 +d1340 1 +d1343 13 +d1358 1 +d1363 2 +a1364 1 +;oci8.default_prefetch = 10 +d1368 1 +d1373 1 +d1378 1 +d1382 1 +d1386 1 +d1391 1 +d1396 1 +a1398 25 +[Sybase] +; Allow or prevent persistent links. +sybase.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybase.max_links = -1 + +;sybase.interface_file = "/usr/sybase/interfaces" + +; Minimum error severity to display. +sybase.min_error_severity = 10 + +; Minimum message severity to display. +sybase.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +; If on, this will cause PHP to automatically assign types to results according +; to their Sybase type, instead of treating them all as strings. This +; compatibility mode will probably not stay around forever, so try applying +; whatever necessary changes to your code, and turn it off. +sybase.compatability_mode = Off + +d1401 1 +d1405 1 +d1409 1 +d1413 1 +d1417 1 +d1420 18 +d1440 1 +d1444 1 +a1446 37 +[Informix] +; Default host for ifx_connect() (doesn't apply in safe mode). +ifx.default_host = + +; Default user for ifx_connect() (doesn't apply in safe mode). +ifx.default_user = + +; Default password for ifx_connect() (doesn't apply in safe mode). +ifx.default_password = + +; Allow or prevent persistent links. +ifx.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +ifx.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ifx.max_links = -1 + +; If on, select statements return the contents of a text blob instead of its id. +ifx.textasvarchar = 0 + +; If on, select statements return the contents of a byte blob instead of its id. +ifx.byteasvarchar = 0 + +; Trailing blanks are stripped from fixed-length char columns. May help the +; life of Informix SE users. +ifx.charasvarchar = 0 + +; If on, the contents of text and byte blobs are dumped to a file instead of +; keeping them in memory. +ifx.blobinfile = 0 + +; NULL's are returned as empty strings, unless this is set to 1. In that case, +; NULL's are returned as string 'NULL'. +ifx.nullformat = 0 + +d1449 1 +d1456 1 +a1456 1 +; As of PHP 4.0.1, you can define the path as: +d1478 1 +d1482 1 +d1485 2 +a1486 1 +;session.cookie_secure = +d1488 6 +a1493 3 +; This option enables administrators to make their users invulnerable to +; attacks which involve passing session ids in URLs; defaults to 0. +; session.use_only_cookies = 1 +d1496 2 +a1497 1 +session.name = PHPSESSID +d1500 1 +d1504 1 +d1508 1 +d1512 1 +d1516 2 +a1517 1 +session.cookie_httponly = +d1520 1 +d1523 11 +a1533 5 +; Define the probability that the 'garbage collection' process is started +; on every session initialization. +; The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts +; on each request. +d1535 13 +a1547 2 +session.gc_probability = 1 +session.gc_divisor = 100 +d1551 1 +d1563 1 +a1563 1 +; to initialize a session variable in the global scope, albeit register_globals +d1566 20 +a1585 4 +; the warning is only displayed, if bug_compat_42 is enabled. + +session.bug_compat_42 = 1 +session.bug_compat_warn = 1 +d1590 1 +d1594 1 +d1598 4 +a1601 4 +session.entropy_file = + +;session.entropy_length = 16 + +d1606 1 +d1610 1 +d1622 1 +d1625 8 +a1632 3 +; Select a hash function +; 0: MD5 (128 bits) +; 1: SHA-1 (160 bits) +d1637 9 +a1645 5 +; +; 4 bits: 0-9, a-f +; 5 bits: 0-9, a-v +; 6 bits: 0-9, a-z, A-Z, "-", "," +session.hash_bits_per_character = 4 +d1652 5 +a1656 1 +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" +d1705 1 +a1705 1 +; Specify client character set. +d1712 1 +d1716 1 +d1720 1 +d1724 1 +d1729 1 +d1734 1 +d1736 1 +d1738 1 +d1740 1 +d1742 1 +d1744 1 +d1746 1 +d1748 1 +d1750 1 +d1753 4 +d1759 1 +d1765 1 +d1769 1 +d1774 1 +d1782 1 +d1787 1 +d1792 1 +d1803 1 +d1806 11 +a1816 14 +[FrontBase] +;fbsql.allow_persistent = On +;fbsql.autocommit = On +;fbsql.show_timestamp_decimals = Off +;fbsql.default_database = +;fbsql.default_database_password = +;fbsql.default_host = +;fbsql.default_password = +;fbsql.default_user = "_SYSTEM" +;fbsql.generate_warnings = Off +;fbsql.max_connections = 128 +;fbsql.max_links = 128 +;fbsql.max_persistent = -1 +;fbsql.max_results = 128 +d1819 1 +a1819 1 +; Tell the jpeg decode to libjpeg warnings and try to create +d1822 1 +d1831 1 +d1833 2 +d1836 2 +d1839 2 +d1842 2 +d1845 2 +d1851 1 +d1857 1 +d1862 1 +d1864 1 +d1866 1 +d1868 2 +a1869 1 +; (time to live) Sets the number of second while cached file will be used +d1871 1 +d1874 25 +a1901 5 + +; MySQL extensions default connection charset settings +;mysql.connect_charset = utf8 +;mysqli.connect_charset = utf8 +;pdo_mysql.connect_charset = utf8 +@ diff --git a/php/apache2-php5/.rcs/php.ini.orig,v b/php/apache2-php5/.rcs/php.ini.orig,v new file mode 100644 index 0000000..54cfe8f --- /dev/null +++ b/php/apache2-php5/.rcs/php.ini.orig,v @@ -0,0 +1,1923 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.29.22.18.51; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_exif.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ diff --git a/php/apache2-php5/ext/apc.ini b/php/apache2-php5/ext/apc.ini new file mode 100644 index 0000000..f1fac9c --- /dev/null +++ b/php/apache2-php5/ext/apc.ini @@ -0,0 +1,26 @@ +extension=apc.so +apc.enabled="1" +apc.shm_segments="1" +apc.shm_size="30" +apc.num_files_hint="1024" +apc.ttl="7200" +apc.user_ttl="7200" +apc.gc_ttl="3600" +apc.cache_by_default="1" +;apc.filters="" +apc.mmap_file_mask="/tmp/apcphp5.XXXXXX" +apc.slam_defense="0" +apc.file_update_protection="2" +apc.enable_cli="0" +apc.max_file_size="1M" +apc.stat="1" +apc.write_lock="1" +apc.report_autofilter="0" +apc.include_once_override="0" +apc.rfc1867="0" +apc.rfc1867_prefix="upload_" +apc.rfc1867_name="APC_UPLOAD_PROGRESS" +apc.rfc1867_freq="0" +apc.localcache="0" +apc.localcache.size="512" +apc.coredump_unmap="0" diff --git a/php/apache2-php5/php.ini b/php/apache2-php5/php.ini new file mode 100644 index 0000000..c300e19 --- /dev/null +++ b/php/apache2-php5/php.ini @@ -0,0 +1,1901 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +;output_buffering = 4096 +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" +from="frank@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_exif.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/apache2-php5/php.ini.orig b/php/apache2-php5/php.ini.orig new file mode 100644 index 0000000..7578935 --- /dev/null +++ b/php/apache2-php5/php.ini.orig @@ -0,0 +1,1899 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_exif.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/cgi-php5.3/ext-active/apc.ini b/php/cgi-php5.3/ext-active/apc.ini new file mode 120000 index 0000000..4a1574c --- /dev/null +++ b/php/cgi-php5.3/ext-active/apc.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/apc.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/bcmath.ini b/php/cgi-php5.3/ext-active/bcmath.ini new file mode 120000 index 0000000..c5482f6 --- /dev/null +++ b/php/cgi-php5.3/ext-active/bcmath.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/bcmath.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/bz2.ini b/php/cgi-php5.3/ext-active/bz2.ini new file mode 120000 index 0000000..1cd67c8 --- /dev/null +++ b/php/cgi-php5.3/ext-active/bz2.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/bz2.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/calendar.ini b/php/cgi-php5.3/ext-active/calendar.ini new file mode 120000 index 0000000..8ea0ad9 --- /dev/null +++ b/php/cgi-php5.3/ext-active/calendar.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/calendar.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/crack.ini b/php/cgi-php5.3/ext-active/crack.ini new file mode 120000 index 0000000..0365d7b --- /dev/null +++ b/php/cgi-php5.3/ext-active/crack.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/crack.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/curl.ini b/php/cgi-php5.3/ext-active/curl.ini new file mode 120000 index 0000000..cebfa0d --- /dev/null +++ b/php/cgi-php5.3/ext-active/curl.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/curl.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/dba.ini b/php/cgi-php5.3/ext-active/dba.ini new file mode 120000 index 0000000..13459e2 --- /dev/null +++ b/php/cgi-php5.3/ext-active/dba.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/dba.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/enchant.ini b/php/cgi-php5.3/ext-active/enchant.ini new file mode 120000 index 0000000..b3b44b6 --- /dev/null +++ b/php/cgi-php5.3/ext-active/enchant.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/enchant.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/exif.ini b/php/cgi-php5.3/ext-active/exif.ini new file mode 120000 index 0000000..0b57b92 --- /dev/null +++ b/php/cgi-php5.3/ext-active/exif.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/exif.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/ftp.ini b/php/cgi-php5.3/ext-active/ftp.ini new file mode 120000 index 0000000..812cf09 --- /dev/null +++ b/php/cgi-php5.3/ext-active/ftp.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/ftp.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/gd.ini b/php/cgi-php5.3/ext-active/gd.ini new file mode 120000 index 0000000..8e6cc7d --- /dev/null +++ b/php/cgi-php5.3/ext-active/gd.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/gd.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/gettext.ini b/php/cgi-php5.3/ext-active/gettext.ini new file mode 120000 index 0000000..3303fbc --- /dev/null +++ b/php/cgi-php5.3/ext-active/gettext.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/gettext.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/gmp.ini b/php/cgi-php5.3/ext-active/gmp.ini new file mode 120000 index 0000000..e11f744 --- /dev/null +++ b/php/cgi-php5.3/ext-active/gmp.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/gmp.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/http.ini b/php/cgi-php5.3/ext-active/http.ini new file mode 120000 index 0000000..e6bfd70 --- /dev/null +++ b/php/cgi-php5.3/ext-active/http.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/http.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/imagick.ini b/php/cgi-php5.3/ext-active/imagick.ini new file mode 120000 index 0000000..1b595f8 --- /dev/null +++ b/php/cgi-php5.3/ext-active/imagick.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/imagick.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/imap.ini b/php/cgi-php5.3/ext-active/imap.ini new file mode 120000 index 0000000..0475992 --- /dev/null +++ b/php/cgi-php5.3/ext-active/imap.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/imap.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/intl.ini b/php/cgi-php5.3/ext-active/intl.ini new file mode 120000 index 0000000..92edbcc --- /dev/null +++ b/php/cgi-php5.3/ext-active/intl.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/intl.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/ldap.ini b/php/cgi-php5.3/ext-active/ldap.ini new file mode 120000 index 0000000..dee6822 --- /dev/null +++ b/php/cgi-php5.3/ext-active/ldap.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/ldap.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/mailparse.ini b/php/cgi-php5.3/ext-active/mailparse.ini new file mode 120000 index 0000000..0b1c250 --- /dev/null +++ b/php/cgi-php5.3/ext-active/mailparse.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/mailparse.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/mbstring.ini b/php/cgi-php5.3/ext-active/mbstring.ini new file mode 120000 index 0000000..91e625f --- /dev/null +++ b/php/cgi-php5.3/ext-active/mbstring.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/mbstring.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/mcrypt.ini b/php/cgi-php5.3/ext-active/mcrypt.ini new file mode 120000 index 0000000..e23bdee --- /dev/null +++ b/php/cgi-php5.3/ext-active/mcrypt.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/mcrypt.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/mysql.ini b/php/cgi-php5.3/ext-active/mysql.ini new file mode 120000 index 0000000..a7233e5 --- /dev/null +++ b/php/cgi-php5.3/ext-active/mysql.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/mysql.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/mysqli.ini b/php/cgi-php5.3/ext-active/mysqli.ini new file mode 120000 index 0000000..d5405d2 --- /dev/null +++ b/php/cgi-php5.3/ext-active/mysqli.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/mysqli.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/odbc.ini b/php/cgi-php5.3/ext-active/odbc.ini new file mode 120000 index 0000000..864c5b0 --- /dev/null +++ b/php/cgi-php5.3/ext-active/odbc.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/odbc.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/pcntl.ini b/php/cgi-php5.3/ext-active/pcntl.ini new file mode 120000 index 0000000..95f496e --- /dev/null +++ b/php/cgi-php5.3/ext-active/pcntl.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/pcntl.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/pspell.ini b/php/cgi-php5.3/ext-active/pspell.ini new file mode 120000 index 0000000..e7d5cb7 --- /dev/null +++ b/php/cgi-php5.3/ext-active/pspell.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/pspell.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/snmp.ini b/php/cgi-php5.3/ext-active/snmp.ini new file mode 120000 index 0000000..1cc15d7 --- /dev/null +++ b/php/cgi-php5.3/ext-active/snmp.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/snmp.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/soap.ini b/php/cgi-php5.3/ext-active/soap.ini new file mode 120000 index 0000000..3d96d18 --- /dev/null +++ b/php/cgi-php5.3/ext-active/soap.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/soap.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/sockets.ini b/php/cgi-php5.3/ext-active/sockets.ini new file mode 120000 index 0000000..f6c2b48 --- /dev/null +++ b/php/cgi-php5.3/ext-active/sockets.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/sockets.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/sysvmsg.ini b/php/cgi-php5.3/ext-active/sysvmsg.ini new file mode 120000 index 0000000..8f47e0f --- /dev/null +++ b/php/cgi-php5.3/ext-active/sysvmsg.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/sysvmsg.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/sysvsem.ini b/php/cgi-php5.3/ext-active/sysvsem.ini new file mode 120000 index 0000000..a8aafdf --- /dev/null +++ b/php/cgi-php5.3/ext-active/sysvsem.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/sysvsem.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/sysvshm.ini b/php/cgi-php5.3/ext-active/sysvshm.ini new file mode 120000 index 0000000..bff669a --- /dev/null +++ b/php/cgi-php5.3/ext-active/sysvshm.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/sysvshm.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/tidy.ini b/php/cgi-php5.3/ext-active/tidy.ini new file mode 120000 index 0000000..f883069 --- /dev/null +++ b/php/cgi-php5.3/ext-active/tidy.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/tidy.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/wddx.ini b/php/cgi-php5.3/ext-active/wddx.ini new file mode 120000 index 0000000..9f70415 --- /dev/null +++ b/php/cgi-php5.3/ext-active/wddx.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/wddx.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/xmlrpc.ini b/php/cgi-php5.3/ext-active/xmlrpc.ini new file mode 120000 index 0000000..04f9efc --- /dev/null +++ b/php/cgi-php5.3/ext-active/xmlrpc.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/xmlrpc.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/xsl.ini b/php/cgi-php5.3/ext-active/xsl.ini new file mode 120000 index 0000000..73fce9c --- /dev/null +++ b/php/cgi-php5.3/ext-active/xsl.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/xsl.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/zip.ini b/php/cgi-php5.3/ext-active/zip.ini new file mode 120000 index 0000000..5c6d322 --- /dev/null +++ b/php/cgi-php5.3/ext-active/zip.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/zip.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext-active/zlib.ini b/php/cgi-php5.3/ext-active/zlib.ini new file mode 120000 index 0000000..57a6803 --- /dev/null +++ b/php/cgi-php5.3/ext-active/zlib.ini @@ -0,0 +1 @@ +/etc/php/cgi-php5.3/ext/zlib.ini \ No newline at end of file diff --git a/php/cgi-php5.3/ext/apc.ini b/php/cgi-php5.3/ext/apc.ini new file mode 100644 index 0000000..119e167 --- /dev/null +++ b/php/cgi-php5.3/ext/apc.ini @@ -0,0 +1,26 @@ +extension=apc.so +apc.enabled="1" +apc.shm_segments="1" +apc.shm_size="30M" +apc.num_files_hint="1024" +apc.ttl="7200" +apc.user_ttl="7200" +apc.gc_ttl="3600" +apc.cache_by_default="1" +;apc.filters="" +;apc.mmap_file_mask="/tmp/apcphp5.XXXXXX" +apc.slam_defense="0" +apc.file_update_protection="2" +apc.enable_cli="0" +apc.max_file_size="1M" +apc.stat="1" +apc.write_lock="1" +apc.report_autofilter="0" +apc.include_once_override="0" +apc.rfc1867="0" +apc.rfc1867_prefix="upload_" +apc.rfc1867_name="APC_UPLOAD_PROGRESS" +apc.rfc1867_freq="0" +apc.localcache="0" +apc.localcache.size="512" +apc.coredump_unmap="0" diff --git a/php/cgi-php5.3/ext/bcmath.ini b/php/cgi-php5.3/ext/bcmath.ini new file mode 100644 index 0000000..7e0ae9a --- /dev/null +++ b/php/cgi-php5.3/ext/bcmath.ini @@ -0,0 +1 @@ +extension=bcmath.so diff --git a/php/cgi-php5.3/ext/bz2.ini b/php/cgi-php5.3/ext/bz2.ini new file mode 100644 index 0000000..f9d67d2 --- /dev/null +++ b/php/cgi-php5.3/ext/bz2.ini @@ -0,0 +1 @@ +extension=bz2.so diff --git a/php/cgi-php5.3/ext/calendar.ini b/php/cgi-php5.3/ext/calendar.ini new file mode 100644 index 0000000..9106f44 --- /dev/null +++ b/php/cgi-php5.3/ext/calendar.ini @@ -0,0 +1 @@ +extension=calendar.so diff --git a/php/cgi-php5.3/ext/crack.ini b/php/cgi-php5.3/ext/crack.ini new file mode 100644 index 0000000..25bab90 --- /dev/null +++ b/php/cgi-php5.3/ext/crack.ini @@ -0,0 +1 @@ +extension=crack.so diff --git a/php/cgi-php5.3/ext/curl.ini b/php/cgi-php5.3/ext/curl.ini new file mode 100644 index 0000000..3ed40f6 --- /dev/null +++ b/php/cgi-php5.3/ext/curl.ini @@ -0,0 +1 @@ +extension=curl.so diff --git a/php/cgi-php5.3/ext/dba.ini b/php/cgi-php5.3/ext/dba.ini new file mode 100644 index 0000000..3058911 --- /dev/null +++ b/php/cgi-php5.3/ext/dba.ini @@ -0,0 +1 @@ +extension=dba.so diff --git a/php/cgi-php5.3/ext/enchant.ini b/php/cgi-php5.3/ext/enchant.ini new file mode 100644 index 0000000..f9b3244 --- /dev/null +++ b/php/cgi-php5.3/ext/enchant.ini @@ -0,0 +1 @@ +extension=enchant.so diff --git a/php/cgi-php5.3/ext/exif.ini b/php/cgi-php5.3/ext/exif.ini new file mode 100644 index 0000000..0688bbe --- /dev/null +++ b/php/cgi-php5.3/ext/exif.ini @@ -0,0 +1 @@ +extension=exif.so diff --git a/php/cgi-php5.3/ext/ftp.ini b/php/cgi-php5.3/ext/ftp.ini new file mode 100644 index 0000000..d4c6f43 --- /dev/null +++ b/php/cgi-php5.3/ext/ftp.ini @@ -0,0 +1 @@ +extension=ftp.so diff --git a/php/cgi-php5.3/ext/gd.ini b/php/cgi-php5.3/ext/gd.ini new file mode 100644 index 0000000..1941c0d --- /dev/null +++ b/php/cgi-php5.3/ext/gd.ini @@ -0,0 +1 @@ +extension=gd.so diff --git a/php/cgi-php5.3/ext/gettext.ini b/php/cgi-php5.3/ext/gettext.ini new file mode 100644 index 0000000..1b2e930 --- /dev/null +++ b/php/cgi-php5.3/ext/gettext.ini @@ -0,0 +1 @@ +extension=gettext.so diff --git a/php/cgi-php5.3/ext/gmp.ini b/php/cgi-php5.3/ext/gmp.ini new file mode 100644 index 0000000..16d339e --- /dev/null +++ b/php/cgi-php5.3/ext/gmp.ini @@ -0,0 +1 @@ +extension=gmp.so diff --git a/php/cgi-php5.3/ext/http.ini b/php/cgi-php5.3/ext/http.ini new file mode 100644 index 0000000..7c994f1 --- /dev/null +++ b/php/cgi-php5.3/ext/http.ini @@ -0,0 +1,22 @@ +extension=http.so +http.etag.mode=MD5 +http.force_exit=1 +http.log.allowed_methods= +http.log.cache= +http.log.composite= +http.log.not_found= +http.log.redirect= +http.only_exceptions=0 +http.persistent.handles.ident=GLOBAL +http.persistent.handles.limit=-1 +http.request.datashare.connect=0 +http.request.datashare.cookie=0 +http.request.datashare.dns=1 +http.request.datashare.ssl=0 +http.request.methods.allowed= +http.request.methods.custom= +http.send.inflate.start_auto=0 +http.send.inflate.start_flags=0 +http.send.deflate.start_auto=0 +http.send.deflate.start_flags=0 +http.send.not_found_404=1 diff --git a/php/cgi-php5.3/ext/imagick.ini b/php/cgi-php5.3/ext/imagick.ini new file mode 100644 index 0000000..d7513f1 --- /dev/null +++ b/php/cgi-php5.3/ext/imagick.ini @@ -0,0 +1 @@ +extension=imagick.so diff --git a/php/cgi-php5.3/ext/imap.ini b/php/cgi-php5.3/ext/imap.ini new file mode 100644 index 0000000..a70747f --- /dev/null +++ b/php/cgi-php5.3/ext/imap.ini @@ -0,0 +1 @@ +extension=imap.so diff --git a/php/cgi-php5.3/ext/intl.ini b/php/cgi-php5.3/ext/intl.ini new file mode 100644 index 0000000..b334e92 --- /dev/null +++ b/php/cgi-php5.3/ext/intl.ini @@ -0,0 +1 @@ +extension=intl.so diff --git a/php/cgi-php5.3/ext/ldap.ini b/php/cgi-php5.3/ext/ldap.ini new file mode 100644 index 0000000..00825a2 --- /dev/null +++ b/php/cgi-php5.3/ext/ldap.ini @@ -0,0 +1 @@ +extension=ldap.so diff --git a/php/cgi-php5.3/ext/mailparse.ini b/php/cgi-php5.3/ext/mailparse.ini new file mode 100644 index 0000000..cb7ebda --- /dev/null +++ b/php/cgi-php5.3/ext/mailparse.ini @@ -0,0 +1 @@ +extension=mailparse.so diff --git a/php/cgi-php5.3/ext/mbstring.ini b/php/cgi-php5.3/ext/mbstring.ini new file mode 100644 index 0000000..772b052 --- /dev/null +++ b/php/cgi-php5.3/ext/mbstring.ini @@ -0,0 +1 @@ +extension=mbstring.so diff --git a/php/cgi-php5.3/ext/mcrypt.ini b/php/cgi-php5.3/ext/mcrypt.ini new file mode 100644 index 0000000..547ebdd --- /dev/null +++ b/php/cgi-php5.3/ext/mcrypt.ini @@ -0,0 +1 @@ +extension=mcrypt.so diff --git a/php/cgi-php5.3/ext/mysql.ini b/php/cgi-php5.3/ext/mysql.ini new file mode 100644 index 0000000..da09c40 --- /dev/null +++ b/php/cgi-php5.3/ext/mysql.ini @@ -0,0 +1 @@ +extension=mysql.so diff --git a/php/cgi-php5.3/ext/mysqli.ini b/php/cgi-php5.3/ext/mysqli.ini new file mode 100644 index 0000000..9d0502f --- /dev/null +++ b/php/cgi-php5.3/ext/mysqli.ini @@ -0,0 +1 @@ +extension=mysqli.so diff --git a/php/cgi-php5.3/ext/odbc.ini b/php/cgi-php5.3/ext/odbc.ini new file mode 100644 index 0000000..96a0730 --- /dev/null +++ b/php/cgi-php5.3/ext/odbc.ini @@ -0,0 +1 @@ +extension=odbc.so diff --git a/php/cgi-php5.3/ext/pcntl.ini b/php/cgi-php5.3/ext/pcntl.ini new file mode 100644 index 0000000..f0a7145 --- /dev/null +++ b/php/cgi-php5.3/ext/pcntl.ini @@ -0,0 +1 @@ +extension=pcntl.so diff --git a/php/cgi-php5.3/ext/pspell.ini b/php/cgi-php5.3/ext/pspell.ini new file mode 100644 index 0000000..b4d0a8c --- /dev/null +++ b/php/cgi-php5.3/ext/pspell.ini @@ -0,0 +1 @@ +extension=pspell.so diff --git a/php/cgi-php5.3/ext/snmp.ini b/php/cgi-php5.3/ext/snmp.ini new file mode 100644 index 0000000..15acf38 --- /dev/null +++ b/php/cgi-php5.3/ext/snmp.ini @@ -0,0 +1 @@ +extension=snmp.so diff --git a/php/cgi-php5.3/ext/soap.ini b/php/cgi-php5.3/ext/soap.ini new file mode 100644 index 0000000..1deef9c --- /dev/null +++ b/php/cgi-php5.3/ext/soap.ini @@ -0,0 +1 @@ +extension=soap.so diff --git a/php/cgi-php5.3/ext/sockets.ini b/php/cgi-php5.3/ext/sockets.ini new file mode 100644 index 0000000..327228b --- /dev/null +++ b/php/cgi-php5.3/ext/sockets.ini @@ -0,0 +1 @@ +extension=sockets.so diff --git a/php/cgi-php5.3/ext/sysvmsg.ini b/php/cgi-php5.3/ext/sysvmsg.ini new file mode 100644 index 0000000..639950e --- /dev/null +++ b/php/cgi-php5.3/ext/sysvmsg.ini @@ -0,0 +1 @@ +extension=sysvmsg.so diff --git a/php/cgi-php5.3/ext/sysvsem.ini b/php/cgi-php5.3/ext/sysvsem.ini new file mode 100644 index 0000000..dd2c343 --- /dev/null +++ b/php/cgi-php5.3/ext/sysvsem.ini @@ -0,0 +1 @@ +extension=sysvsem.so diff --git a/php/cgi-php5.3/ext/sysvshm.ini b/php/cgi-php5.3/ext/sysvshm.ini new file mode 100644 index 0000000..4c26779 --- /dev/null +++ b/php/cgi-php5.3/ext/sysvshm.ini @@ -0,0 +1 @@ +extension=sysvshm.so diff --git a/php/cgi-php5.3/ext/tidy.ini b/php/cgi-php5.3/ext/tidy.ini new file mode 100644 index 0000000..834babc --- /dev/null +++ b/php/cgi-php5.3/ext/tidy.ini @@ -0,0 +1 @@ +extension=tidy.so diff --git a/php/cgi-php5.3/ext/wddx.ini b/php/cgi-php5.3/ext/wddx.ini new file mode 100644 index 0000000..95571ae --- /dev/null +++ b/php/cgi-php5.3/ext/wddx.ini @@ -0,0 +1 @@ +extension=wddx.so diff --git a/php/cgi-php5.3/ext/xmlrpc.ini b/php/cgi-php5.3/ext/xmlrpc.ini new file mode 100644 index 0000000..b03d93c --- /dev/null +++ b/php/cgi-php5.3/ext/xmlrpc.ini @@ -0,0 +1 @@ +extension=xmlrpc.so diff --git a/php/cgi-php5.3/ext/xsl.ini b/php/cgi-php5.3/ext/xsl.ini new file mode 100644 index 0000000..3223510 --- /dev/null +++ b/php/cgi-php5.3/ext/xsl.ini @@ -0,0 +1 @@ +extension=xsl.so diff --git a/php/cgi-php5.3/ext/zip.ini b/php/cgi-php5.3/ext/zip.ini new file mode 100644 index 0000000..bb70997 --- /dev/null +++ b/php/cgi-php5.3/ext/zip.ini @@ -0,0 +1 @@ +extension=zip.so diff --git a/php/cgi-php5.3/ext/zlib.ini b/php/cgi-php5.3/ext/zlib.ini new file mode 100644 index 0000000..3d29bce --- /dev/null +++ b/php/cgi-php5.3/ext/zlib.ini @@ -0,0 +1 @@ +extension=zlib.so diff --git a/php/cgi-php5.3/php.ini b/php/cgi-php5.3/php.ini new file mode 100644 index 0000000..26ecfb2 --- /dev/null +++ b/php/cgi-php5.3/php.ini @@ -0,0 +1,1894 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 17 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/cli-php5.3/.rcs/php.ini,v b/php/cli-php5.3/.rcs/php.ini,v new file mode 100644 index 0000000..1401b74 --- /dev/null +++ b/php/cli-php5.3/.rcs/php.ini,v @@ -0,0 +1,1964 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.01.09.11.02.44; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2011.01.08.23.47.46; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +;error_reporting = E_ALL | E_STRICT +error_reporting = E_ALL + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +;log_errors = On +log_errors = stderr + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = On + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" +from="frank@@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1 +log +@Initial revision +@ +text +@d262 1 +a262 1 +output_buffering = 4096 +d431 1 +a431 1 +expose_php = Off +d514 2 +a515 1 +error_reporting = E_ALL | E_STRICT +d532 1 +a532 1 +display_errors = On +d553 2 +a554 1 +log_errors = On +d703 1 +a703 1 +register_long_arrays = Off +d718 1 +a718 1 +register_argc_argv = Off +d817 1 +a817 1 +enable_dl = Off +d902 1 +d1221 1 +a1221 1 +mysql.default_host = +d1272 1 +a1272 1 +mysqli.default_host = +d1488 1 +a1488 1 +session.name = PHPSESSID +@ diff --git a/php/cli-php5.3/.rcs/php.ini.orig,v b/php/cli-php5.3/.rcs/php.ini.orig,v new file mode 100644 index 0000000..aadbd1e --- /dev/null +++ b/php/cli-php5.3/.rcs/php.ini.orig,v @@ -0,0 +1,1914 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2011.01.08.23.47.46; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ diff --git a/php/cli-php5.3/ext-active/apc.ini b/php/cli-php5.3/ext-active/apc.ini new file mode 120000 index 0000000..56e9bdf --- /dev/null +++ b/php/cli-php5.3/ext-active/apc.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/apc.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/bcmath.ini b/php/cli-php5.3/ext-active/bcmath.ini new file mode 120000 index 0000000..826548f --- /dev/null +++ b/php/cli-php5.3/ext-active/bcmath.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/bcmath.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/bz2.ini b/php/cli-php5.3/ext-active/bz2.ini new file mode 120000 index 0000000..a130aa6 --- /dev/null +++ b/php/cli-php5.3/ext-active/bz2.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/bz2.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/calendar.ini b/php/cli-php5.3/ext-active/calendar.ini new file mode 120000 index 0000000..40cc0f6 --- /dev/null +++ b/php/cli-php5.3/ext-active/calendar.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/calendar.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/crack.ini b/php/cli-php5.3/ext-active/crack.ini new file mode 120000 index 0000000..8166a50 --- /dev/null +++ b/php/cli-php5.3/ext-active/crack.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/crack.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/curl.ini b/php/cli-php5.3/ext-active/curl.ini new file mode 120000 index 0000000..d7500d2 --- /dev/null +++ b/php/cli-php5.3/ext-active/curl.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/curl.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/dba.ini b/php/cli-php5.3/ext-active/dba.ini new file mode 120000 index 0000000..46e4bdf --- /dev/null +++ b/php/cli-php5.3/ext-active/dba.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/dba.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/enchant.ini b/php/cli-php5.3/ext-active/enchant.ini new file mode 120000 index 0000000..6d625df --- /dev/null +++ b/php/cli-php5.3/ext-active/enchant.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/enchant.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/exif.ini b/php/cli-php5.3/ext-active/exif.ini new file mode 120000 index 0000000..0cba204 --- /dev/null +++ b/php/cli-php5.3/ext-active/exif.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/exif.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/ftp.ini b/php/cli-php5.3/ext-active/ftp.ini new file mode 120000 index 0000000..17bdf23 --- /dev/null +++ b/php/cli-php5.3/ext-active/ftp.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/ftp.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/gd.ini b/php/cli-php5.3/ext-active/gd.ini new file mode 120000 index 0000000..01dbef2 --- /dev/null +++ b/php/cli-php5.3/ext-active/gd.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/gd.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/gettext.ini b/php/cli-php5.3/ext-active/gettext.ini new file mode 120000 index 0000000..a544cfb --- /dev/null +++ b/php/cli-php5.3/ext-active/gettext.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/gettext.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/gmp.ini b/php/cli-php5.3/ext-active/gmp.ini new file mode 120000 index 0000000..44bab54 --- /dev/null +++ b/php/cli-php5.3/ext-active/gmp.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/gmp.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/http.ini b/php/cli-php5.3/ext-active/http.ini new file mode 120000 index 0000000..a18f900 --- /dev/null +++ b/php/cli-php5.3/ext-active/http.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/http.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/imagick.ini b/php/cli-php5.3/ext-active/imagick.ini new file mode 120000 index 0000000..f0f5017 --- /dev/null +++ b/php/cli-php5.3/ext-active/imagick.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/imagick.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/imap.ini b/php/cli-php5.3/ext-active/imap.ini new file mode 120000 index 0000000..9a3c358 --- /dev/null +++ b/php/cli-php5.3/ext-active/imap.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/imap.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/intl.ini b/php/cli-php5.3/ext-active/intl.ini new file mode 120000 index 0000000..1e184e2 --- /dev/null +++ b/php/cli-php5.3/ext-active/intl.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/intl.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/ldap.ini b/php/cli-php5.3/ext-active/ldap.ini new file mode 120000 index 0000000..b5c5d4f --- /dev/null +++ b/php/cli-php5.3/ext-active/ldap.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/ldap.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/mailparse.ini b/php/cli-php5.3/ext-active/mailparse.ini new file mode 120000 index 0000000..8a352d2 --- /dev/null +++ b/php/cli-php5.3/ext-active/mailparse.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/mailparse.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/mbstring.ini b/php/cli-php5.3/ext-active/mbstring.ini new file mode 120000 index 0000000..2e699be --- /dev/null +++ b/php/cli-php5.3/ext-active/mbstring.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/mbstring.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/mcrypt.ini b/php/cli-php5.3/ext-active/mcrypt.ini new file mode 120000 index 0000000..8ebd2d2 --- /dev/null +++ b/php/cli-php5.3/ext-active/mcrypt.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/mcrypt.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/mysql.ini b/php/cli-php5.3/ext-active/mysql.ini new file mode 120000 index 0000000..cb764a7 --- /dev/null +++ b/php/cli-php5.3/ext-active/mysql.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/mysql.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/mysqli.ini b/php/cli-php5.3/ext-active/mysqli.ini new file mode 120000 index 0000000..5d16f5f --- /dev/null +++ b/php/cli-php5.3/ext-active/mysqli.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/mysqli.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/odbc.ini b/php/cli-php5.3/ext-active/odbc.ini new file mode 120000 index 0000000..43d276a --- /dev/null +++ b/php/cli-php5.3/ext-active/odbc.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/odbc.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/pcntl.ini b/php/cli-php5.3/ext-active/pcntl.ini new file mode 120000 index 0000000..8e5122d --- /dev/null +++ b/php/cli-php5.3/ext-active/pcntl.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/pcntl.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/pspell.ini b/php/cli-php5.3/ext-active/pspell.ini new file mode 120000 index 0000000..75928e4 --- /dev/null +++ b/php/cli-php5.3/ext-active/pspell.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/pspell.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/snmp.ini b/php/cli-php5.3/ext-active/snmp.ini new file mode 120000 index 0000000..d160f8e --- /dev/null +++ b/php/cli-php5.3/ext-active/snmp.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/snmp.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/soap.ini b/php/cli-php5.3/ext-active/soap.ini new file mode 120000 index 0000000..8fbd6e0 --- /dev/null +++ b/php/cli-php5.3/ext-active/soap.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/soap.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/sockets.ini b/php/cli-php5.3/ext-active/sockets.ini new file mode 120000 index 0000000..3af21f9 --- /dev/null +++ b/php/cli-php5.3/ext-active/sockets.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/sockets.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/sysvmsg.ini b/php/cli-php5.3/ext-active/sysvmsg.ini new file mode 120000 index 0000000..b279a8e --- /dev/null +++ b/php/cli-php5.3/ext-active/sysvmsg.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/sysvmsg.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/sysvsem.ini b/php/cli-php5.3/ext-active/sysvsem.ini new file mode 120000 index 0000000..e7d5192 --- /dev/null +++ b/php/cli-php5.3/ext-active/sysvsem.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/sysvsem.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/sysvshm.ini b/php/cli-php5.3/ext-active/sysvshm.ini new file mode 120000 index 0000000..1b62420 --- /dev/null +++ b/php/cli-php5.3/ext-active/sysvshm.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/sysvshm.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/tidy.ini b/php/cli-php5.3/ext-active/tidy.ini new file mode 120000 index 0000000..cec5a06 --- /dev/null +++ b/php/cli-php5.3/ext-active/tidy.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/tidy.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/wddx.ini b/php/cli-php5.3/ext-active/wddx.ini new file mode 120000 index 0000000..92a9c95 --- /dev/null +++ b/php/cli-php5.3/ext-active/wddx.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/wddx.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/xmlrpc.ini b/php/cli-php5.3/ext-active/xmlrpc.ini new file mode 120000 index 0000000..1424232 --- /dev/null +++ b/php/cli-php5.3/ext-active/xmlrpc.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/xmlrpc.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/xsl.ini b/php/cli-php5.3/ext-active/xsl.ini new file mode 120000 index 0000000..0c6cdb7 --- /dev/null +++ b/php/cli-php5.3/ext-active/xsl.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/xsl.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/zip.ini b/php/cli-php5.3/ext-active/zip.ini new file mode 120000 index 0000000..435b3ca --- /dev/null +++ b/php/cli-php5.3/ext-active/zip.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/zip.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext-active/zlib.ini b/php/cli-php5.3/ext-active/zlib.ini new file mode 120000 index 0000000..3407a19 --- /dev/null +++ b/php/cli-php5.3/ext-active/zlib.ini @@ -0,0 +1 @@ +/etc/php/cli-php5.3/ext/zlib.ini \ No newline at end of file diff --git a/php/cli-php5.3/ext/apc.ini b/php/cli-php5.3/ext/apc.ini new file mode 100644 index 0000000..119e167 --- /dev/null +++ b/php/cli-php5.3/ext/apc.ini @@ -0,0 +1,26 @@ +extension=apc.so +apc.enabled="1" +apc.shm_segments="1" +apc.shm_size="30M" +apc.num_files_hint="1024" +apc.ttl="7200" +apc.user_ttl="7200" +apc.gc_ttl="3600" +apc.cache_by_default="1" +;apc.filters="" +;apc.mmap_file_mask="/tmp/apcphp5.XXXXXX" +apc.slam_defense="0" +apc.file_update_protection="2" +apc.enable_cli="0" +apc.max_file_size="1M" +apc.stat="1" +apc.write_lock="1" +apc.report_autofilter="0" +apc.include_once_override="0" +apc.rfc1867="0" +apc.rfc1867_prefix="upload_" +apc.rfc1867_name="APC_UPLOAD_PROGRESS" +apc.rfc1867_freq="0" +apc.localcache="0" +apc.localcache.size="512" +apc.coredump_unmap="0" diff --git a/php/cli-php5.3/ext/bcmath.ini b/php/cli-php5.3/ext/bcmath.ini new file mode 100644 index 0000000..7e0ae9a --- /dev/null +++ b/php/cli-php5.3/ext/bcmath.ini @@ -0,0 +1 @@ +extension=bcmath.so diff --git a/php/cli-php5.3/ext/bz2.ini b/php/cli-php5.3/ext/bz2.ini new file mode 100644 index 0000000..f9d67d2 --- /dev/null +++ b/php/cli-php5.3/ext/bz2.ini @@ -0,0 +1 @@ +extension=bz2.so diff --git a/php/cli-php5.3/ext/calendar.ini b/php/cli-php5.3/ext/calendar.ini new file mode 100644 index 0000000..9106f44 --- /dev/null +++ b/php/cli-php5.3/ext/calendar.ini @@ -0,0 +1 @@ +extension=calendar.so diff --git a/php/cli-php5.3/ext/crack.ini b/php/cli-php5.3/ext/crack.ini new file mode 100644 index 0000000..25bab90 --- /dev/null +++ b/php/cli-php5.3/ext/crack.ini @@ -0,0 +1 @@ +extension=crack.so diff --git a/php/cli-php5.3/ext/curl.ini b/php/cli-php5.3/ext/curl.ini new file mode 100644 index 0000000..3ed40f6 --- /dev/null +++ b/php/cli-php5.3/ext/curl.ini @@ -0,0 +1 @@ +extension=curl.so diff --git a/php/cli-php5.3/ext/dba.ini b/php/cli-php5.3/ext/dba.ini new file mode 100644 index 0000000..3058911 --- /dev/null +++ b/php/cli-php5.3/ext/dba.ini @@ -0,0 +1 @@ +extension=dba.so diff --git a/php/cli-php5.3/ext/enchant.ini b/php/cli-php5.3/ext/enchant.ini new file mode 100644 index 0000000..f9b3244 --- /dev/null +++ b/php/cli-php5.3/ext/enchant.ini @@ -0,0 +1 @@ +extension=enchant.so diff --git a/php/cli-php5.3/ext/exif.ini b/php/cli-php5.3/ext/exif.ini new file mode 100644 index 0000000..0688bbe --- /dev/null +++ b/php/cli-php5.3/ext/exif.ini @@ -0,0 +1 @@ +extension=exif.so diff --git a/php/cli-php5.3/ext/ftp.ini b/php/cli-php5.3/ext/ftp.ini new file mode 100644 index 0000000..d4c6f43 --- /dev/null +++ b/php/cli-php5.3/ext/ftp.ini @@ -0,0 +1 @@ +extension=ftp.so diff --git a/php/cli-php5.3/ext/gd.ini b/php/cli-php5.3/ext/gd.ini new file mode 100644 index 0000000..1941c0d --- /dev/null +++ b/php/cli-php5.3/ext/gd.ini @@ -0,0 +1 @@ +extension=gd.so diff --git a/php/cli-php5.3/ext/gettext.ini b/php/cli-php5.3/ext/gettext.ini new file mode 100644 index 0000000..1b2e930 --- /dev/null +++ b/php/cli-php5.3/ext/gettext.ini @@ -0,0 +1 @@ +extension=gettext.so diff --git a/php/cli-php5.3/ext/gmp.ini b/php/cli-php5.3/ext/gmp.ini new file mode 100644 index 0000000..16d339e --- /dev/null +++ b/php/cli-php5.3/ext/gmp.ini @@ -0,0 +1 @@ +extension=gmp.so diff --git a/php/cli-php5.3/ext/http.ini b/php/cli-php5.3/ext/http.ini new file mode 100644 index 0000000..7c994f1 --- /dev/null +++ b/php/cli-php5.3/ext/http.ini @@ -0,0 +1,22 @@ +extension=http.so +http.etag.mode=MD5 +http.force_exit=1 +http.log.allowed_methods= +http.log.cache= +http.log.composite= +http.log.not_found= +http.log.redirect= +http.only_exceptions=0 +http.persistent.handles.ident=GLOBAL +http.persistent.handles.limit=-1 +http.request.datashare.connect=0 +http.request.datashare.cookie=0 +http.request.datashare.dns=1 +http.request.datashare.ssl=0 +http.request.methods.allowed= +http.request.methods.custom= +http.send.inflate.start_auto=0 +http.send.inflate.start_flags=0 +http.send.deflate.start_auto=0 +http.send.deflate.start_flags=0 +http.send.not_found_404=1 diff --git a/php/cli-php5.3/ext/imagick.ini b/php/cli-php5.3/ext/imagick.ini new file mode 100644 index 0000000..d7513f1 --- /dev/null +++ b/php/cli-php5.3/ext/imagick.ini @@ -0,0 +1 @@ +extension=imagick.so diff --git a/php/cli-php5.3/ext/imap.ini b/php/cli-php5.3/ext/imap.ini new file mode 100644 index 0000000..a70747f --- /dev/null +++ b/php/cli-php5.3/ext/imap.ini @@ -0,0 +1 @@ +extension=imap.so diff --git a/php/cli-php5.3/ext/intl.ini b/php/cli-php5.3/ext/intl.ini new file mode 100644 index 0000000..b334e92 --- /dev/null +++ b/php/cli-php5.3/ext/intl.ini @@ -0,0 +1 @@ +extension=intl.so diff --git a/php/cli-php5.3/ext/ldap.ini b/php/cli-php5.3/ext/ldap.ini new file mode 100644 index 0000000..00825a2 --- /dev/null +++ b/php/cli-php5.3/ext/ldap.ini @@ -0,0 +1 @@ +extension=ldap.so diff --git a/php/cli-php5.3/ext/mailparse.ini b/php/cli-php5.3/ext/mailparse.ini new file mode 100644 index 0000000..cb7ebda --- /dev/null +++ b/php/cli-php5.3/ext/mailparse.ini @@ -0,0 +1 @@ +extension=mailparse.so diff --git a/php/cli-php5.3/ext/mbstring.ini b/php/cli-php5.3/ext/mbstring.ini new file mode 100644 index 0000000..772b052 --- /dev/null +++ b/php/cli-php5.3/ext/mbstring.ini @@ -0,0 +1 @@ +extension=mbstring.so diff --git a/php/cli-php5.3/ext/mcrypt.ini b/php/cli-php5.3/ext/mcrypt.ini new file mode 100644 index 0000000..547ebdd --- /dev/null +++ b/php/cli-php5.3/ext/mcrypt.ini @@ -0,0 +1 @@ +extension=mcrypt.so diff --git a/php/cli-php5.3/ext/mysql.ini b/php/cli-php5.3/ext/mysql.ini new file mode 100644 index 0000000..da09c40 --- /dev/null +++ b/php/cli-php5.3/ext/mysql.ini @@ -0,0 +1 @@ +extension=mysql.so diff --git a/php/cli-php5.3/ext/mysqli.ini b/php/cli-php5.3/ext/mysqli.ini new file mode 100644 index 0000000..9d0502f --- /dev/null +++ b/php/cli-php5.3/ext/mysqli.ini @@ -0,0 +1 @@ +extension=mysqli.so diff --git a/php/cli-php5.3/ext/odbc.ini b/php/cli-php5.3/ext/odbc.ini new file mode 100644 index 0000000..96a0730 --- /dev/null +++ b/php/cli-php5.3/ext/odbc.ini @@ -0,0 +1 @@ +extension=odbc.so diff --git a/php/cli-php5.3/ext/pcntl.ini b/php/cli-php5.3/ext/pcntl.ini new file mode 100644 index 0000000..f0a7145 --- /dev/null +++ b/php/cli-php5.3/ext/pcntl.ini @@ -0,0 +1 @@ +extension=pcntl.so diff --git a/php/cli-php5.3/ext/pspell.ini b/php/cli-php5.3/ext/pspell.ini new file mode 100644 index 0000000..b4d0a8c --- /dev/null +++ b/php/cli-php5.3/ext/pspell.ini @@ -0,0 +1 @@ +extension=pspell.so diff --git a/php/cli-php5.3/ext/snmp.ini b/php/cli-php5.3/ext/snmp.ini new file mode 100644 index 0000000..15acf38 --- /dev/null +++ b/php/cli-php5.3/ext/snmp.ini @@ -0,0 +1 @@ +extension=snmp.so diff --git a/php/cli-php5.3/ext/soap.ini b/php/cli-php5.3/ext/soap.ini new file mode 100644 index 0000000..1deef9c --- /dev/null +++ b/php/cli-php5.3/ext/soap.ini @@ -0,0 +1 @@ +extension=soap.so diff --git a/php/cli-php5.3/ext/sockets.ini b/php/cli-php5.3/ext/sockets.ini new file mode 100644 index 0000000..327228b --- /dev/null +++ b/php/cli-php5.3/ext/sockets.ini @@ -0,0 +1 @@ +extension=sockets.so diff --git a/php/cli-php5.3/ext/sysvmsg.ini b/php/cli-php5.3/ext/sysvmsg.ini new file mode 100644 index 0000000..639950e --- /dev/null +++ b/php/cli-php5.3/ext/sysvmsg.ini @@ -0,0 +1 @@ +extension=sysvmsg.so diff --git a/php/cli-php5.3/ext/sysvsem.ini b/php/cli-php5.3/ext/sysvsem.ini new file mode 100644 index 0000000..dd2c343 --- /dev/null +++ b/php/cli-php5.3/ext/sysvsem.ini @@ -0,0 +1 @@ +extension=sysvsem.so diff --git a/php/cli-php5.3/ext/sysvshm.ini b/php/cli-php5.3/ext/sysvshm.ini new file mode 100644 index 0000000..4c26779 --- /dev/null +++ b/php/cli-php5.3/ext/sysvshm.ini @@ -0,0 +1 @@ +extension=sysvshm.so diff --git a/php/cli-php5.3/ext/tidy.ini b/php/cli-php5.3/ext/tidy.ini new file mode 100644 index 0000000..834babc --- /dev/null +++ b/php/cli-php5.3/ext/tidy.ini @@ -0,0 +1 @@ +extension=tidy.so diff --git a/php/cli-php5.3/ext/wddx.ini b/php/cli-php5.3/ext/wddx.ini new file mode 100644 index 0000000..95571ae --- /dev/null +++ b/php/cli-php5.3/ext/wddx.ini @@ -0,0 +1 @@ +extension=wddx.so diff --git a/php/cli-php5.3/ext/xmlrpc.ini b/php/cli-php5.3/ext/xmlrpc.ini new file mode 100644 index 0000000..b03d93c --- /dev/null +++ b/php/cli-php5.3/ext/xmlrpc.ini @@ -0,0 +1 @@ +extension=xmlrpc.so diff --git a/php/cli-php5.3/ext/xsl.ini b/php/cli-php5.3/ext/xsl.ini new file mode 100644 index 0000000..3223510 --- /dev/null +++ b/php/cli-php5.3/ext/xsl.ini @@ -0,0 +1 @@ +extension=xsl.so diff --git a/php/cli-php5.3/ext/zip.ini b/php/cli-php5.3/ext/zip.ini new file mode 100644 index 0000000..bb70997 --- /dev/null +++ b/php/cli-php5.3/ext/zip.ini @@ -0,0 +1 @@ +extension=zip.so diff --git a/php/cli-php5.3/ext/zlib.ini b/php/cli-php5.3/ext/zlib.ini new file mode 100644 index 0000000..3d29bce --- /dev/null +++ b/php/cli-php5.3/ext/zlib.ini @@ -0,0 +1 @@ +extension=zlib.so diff --git a/php/cli-php5.3/php.ini b/php/cli-php5.3/php.ini new file mode 100644 index 0000000..38067fd --- /dev/null +++ b/php/cli-php5.3/php.ini @@ -0,0 +1,1897 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +;error_reporting = E_ALL | E_STRICT +error_reporting = E_ALL + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +;log_errors = On +log_errors = stderr + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = On + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" +from="frank@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/cli-php5.3/php.ini.orig b/php/cli-php5.3/php.ini.orig new file mode 100644 index 0000000..8f4eac8 --- /dev/null +++ b/php/cli-php5.3/php.ini.orig @@ -0,0 +1,1890 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/cli-php5/.rcs/php.ini,v b/php/cli-php5/.rcs/php.ini,v new file mode 100644 index 0000000..91e1cdf --- /dev/null +++ b/php/cli-php5/.rcs/php.ini,v @@ -0,0 +1,2644 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2010.10.30.19.29.52; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2010.08.19.20.48.48; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.2 +log +@Checked in. +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = Off + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = On + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" +from="frank@@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_exif.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = "localhost" + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ + + +1.1 +log +@Initial revision +@ +text +@a2 11 +;;;;;;;;;;; +; WARNING ; +;;;;;;;;;;; +; This is the default settings file for new PHP installations. +; By default, PHP installs itself with a configuration suitable for +; development purposes, and *NOT* for production purposes. +; For several security-oriented considerations that should be taken +; before going online with your site, please consult php.ini-recommended +; and http://php.net/manual/en/security.php. + + +d6 16 +a21 8 +; This file controls many aspects of PHP's behavior. In order for PHP to +; read it, it must be named 'php.ini'. PHP looks for it in the current +; working directory, in the path designated by the environment variable +; PHPRC, and in the path that was defined in compile time (in that order). +; Under Windows, the compile-time path is the Windows directory. The +; path in which the php.ini file is looked for can be overridden using +; the -c argument in command line mode. +; +d26 10 +a35 1 +; +d39 4 +a42 1 +; +d45 3 +a47 2 +; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). +; +d49 6 +a54 5 +; | bitwise OR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT +; +d57 1 +a57 1 +; +d60 1 +a60 1 +; +d62 3 +a64 3 +; foo = none ; sets foo to an empty string +; foo = "none" ; sets foo to the string 'none' +; +d68 1 +a68 2 +; +; +d72 13 +a84 3 +; All the values in the php.ini-dist file correspond to the builtin +; defaults (that is, if no php.ini is used, or if you delete these lines, +; the builtin defaults will be identical). +d86 119 +d211 1 +d214 13 +a226 10 +; Enable compatibility mode with Zend Engine 1 (PHP 4.x) +zend.ze1_compatibility_mode = Off + +; Allow the tags are recognized. +; NOTE: Using short tags should be avoided when developing applications or +; libraries that are meant for redistribution, or deployment on PHP +; servers which are not under your control, because short tags may not +; be supported on the target server. For portable, redistributable code, +; be sure not to use short tags. +short_open_tag = On +d229 1 +d233 2 +a234 1 +precision = 12 +d237 1 +d240 23 +a262 8 +; Output buffering allows you to send header lines (including cookies) even +; after you send body content, at the price of slowing PHP's output layer a +; bit. You can enable output buffering during runtime by calling the output +; buffering functions. You can also enable output buffering for all files by +; setting this directive to On. If you wish to limit the size of the buffer +; to a certain size - you can use a maximum number of bytes instead of 'On', as +; a value for this directive (e.g., output_buffering=4096). +output_buffering = Off +d269 3 +a271 3 +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +d273 1 +a273 1 +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +d275 2 +a276 1 +; Instead you must use zlib.output_handler. +d283 3 +a285 3 +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +d287 2 +a288 1 +; output_handler, or otherwise the output will be corrupted. +d290 2 +d297 1 +d305 2 +d311 2 +a312 3 +; which should be instantiated. +; A warning appears if the specified function is not defined, or if the +; function doesn't include/implement the missing class. +d315 1 +a315 1 +unserialize_callback_func= +d322 13 +a334 10 +; Whether to enable the ability to force arguments to be passed by reference +; at function call time. This method is deprecated and is likely to be +; unsupported in future versions of PHP/Zend. The encouraged method of +; specifying which arguments should be passed by reference is in the function +; declaration. You're encouraged to try and turn this option Off and make +; sure your scripts work properly with it in order to ensure they will work +; with future versions of the language (you will receive a warning each time +; you use this feature, and the argument will be passed by value instead of by +; reference). +allow_call_time_pass_reference = On +a335 1 +; +d337 1 +a337 1 +; +d343 1 +d350 1 +d355 1 +a362 1 +; +d364 2 +a365 1 +; environment variable! +d371 1 +d378 1 +d384 1 +d390 1 +d395 1 +d404 5 +a408 3 +; the request. Consider enabling it if executing long request, which may end up +; being interrupted by the user or a browser timing out. +; ignore_user_abort = On +d413 2 +a414 1 +; realpath_cache_size=16k +d419 6 +a424 1 +; realpath_cache_ttl=120 +a425 3 +; +; Misc +; +d430 1 +a432 1 + +d437 22 +a458 5 +max_execution_time = 30 ; Maximum execution time of each script, in seconds +max_input_time = 60 ; Maximum amount of time each script may spend parsing request data +;max_input_nesting_level = 64 ; Maximum input variable nesting level +memory_limit = 128M ; Maximum amount of memory a script may consume (128MB) + +d464 17 +a480 3 +; error_reporting is a bit-field. Or each number up to get desired error +; reporting level +; E_ALL - All errors and warnings (doesn't include E_STRICT) +d501 41 +a541 39 +; +; Examples: +; +; - Show all errors, except for notices and coding standards warnings +; +;error_reporting = E_ALL & ~E_NOTICE +; +; - Show all errors, except for notices +; +;error_reporting = E_ALL & ~E_NOTICE | E_STRICT +; +; - Show only errors +; +;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR +; +; - Show all errors except for notices and coding standards warnings +; +error_reporting = E_ALL & ~E_NOTICE + +; Print out errors (as a part of the output). For production web sites, +; you're strongly encouraged to turn this feature off, and use error logging +; instead (see below). Keeping display_errors enabled on a production web site +; may reveal security information to end users, such as file paths on your Web +; server, your database schema or other information. +; +; possible values for display_errors: +; +; Off - Do not display any errors +; stderr - Display errors to STDERR (affects only CGI/CLI binaries!) +; +;display_errors = "stderr" +; +; stdout (On) - Display errors to STDOUT +; +display_errors = On + +; Even when display_errors is on, errors that occur during PHP's startup +; sequence are not displayed. It's strongly recommended to keep +; display_startup_errors off, except for when debugging. +d544 8 +a551 3 +; Log errors into a log file (server-specific log, stderr, or error_log (below)) +; As stated above, you're strongly advised to use error logging in place of +; error displaying on production web sites. +d556 1 +d561 1 +d567 1 +d573 1 +d576 1 +d579 7 +a585 1 +; Store the last error/warning message in $php_errormsg (boolean). +d589 1 +d591 1 +d595 10 +a604 3 +; Disable the inclusion of HTML tags in error messages. +; Note: Never use this feature for production boxes. +;html_errors = Off +d608 1 +a608 1 +; You can download a copy of the PHP manual from http://www.php.net/docs.php +d611 1 +a611 1 +; the dot. +d613 2 +d616 2 +d620 4 +a623 1 +; String to output before an error message. +d626 4 +a629 1 +; String to output after an error message. +d632 5 +a636 3 +; Log errors to specified file. +;error_log = filename + +a639 1 + +a642 2 +; +; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 +d645 3 +a647 1 +; Default is "&". +d651 1 +a651 1 +; Default is "&". +d653 2 +d657 26 +a682 5 +; This directive describes the order in which PHP registers GET, POST, Cookie, +; Environment and Built-in variables (G, P, C, E & S respectively, often +; referred to as EGPCS or GPC). Registration is done from left to right, newer +; values override older values. +variables_order = "EGPCS" +d686 1 +a686 4 +; with user data. This makes most sense when coupled with track_vars - in which +; case you can access all of the GPC variables through the $HTTP_*_VARS[], +; variables. +; +d690 1 +d693 8 +a700 3 +; Whether or not to register the old-style input arrays, HTTP_GET_VARS +; and friends. If you're not using them, it's recommended to turn them off, +; for performance reasons. +d703 13 +a715 3 +; This directive tells PHP whether to declare the argv&argc variables (that +; would contain the GET information). If you don't use these variables, you +; should turn it off for increased performance. +d723 1 +d727 1 +d730 15 +a744 5 +; Magic quotes +; + +; Magic quotes for incoming GET/POST/Cookie data. +magic_quotes_gpc = On +d747 1 +d751 1 +d754 2 +a755 1 +; Automatically add files before or after any PHP document. +d757 3 +d762 1 +a762 1 +; As of 4.0b4, PHP always outputs a character encoding by default in +d767 1 +d769 3 +d774 3 +a776 1 +; Always populate the $HTTP_RAW_POST_DATA variable. +a778 1 + +d788 3 +d797 1 +d802 1 +d806 4 +a809 1 +extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 +d814 1 +d821 2 +a822 1 +; cgi.force_redirect = 1 +d825 2 +a826 2 +; every request. +; cgi.nph = 1 +d832 2 +a833 1 +; cgi.redirect_status_env = ; +d838 1 +a838 1 +; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting +d841 2 +a842 1 +; cgi.fix_pathinfo=0 +d849 2 +a850 1 +; fastcgi.impersonate = 1; +d852 3 +a854 2 +; Disable logging through FastCGI connection +; fastcgi.logging = 0 +d861 1 +a863 1 + +d869 1 +d874 1 +d878 1 +a880 1 + +d889 1 +d893 1 +d896 3 +a898 1 +; Define the anonymous ftp password (your email address) +d900 1 +d902 3 +a904 2 +; Define the User-Agent string +; user_agent="PHP" +d907 1 +d915 2 +a916 2 +; auto_detect_line_endings = Off + +d921 1 +a921 1 +; +d935 7 +a941 5 +; Note that it should be the name of the module only; no directory information +; needs to go here. Specify the location of the extension with the +; extension_dir directive above. + + +d947 1 +a947 1 + +a950 1 +;extension=php_dbase.dll +d952 1 +a952 1 +;extension=php_fdf.dll +d956 1 +a956 1 +;extension=php_ifx.dll +a960 3 +;extension=php_mcrypt.dll +;extension=php_mhash.dll +;extension=php_mime_magic.dll +a961 1 +;extension=php_msql.dll +d965 2 +a966 1 +;extension=php_oci8.dll +a967 1 +;extension=php_pdo.dll +a971 1 +;extension=php_pdo_oci8.dll +d976 1 +d983 1 +d996 1 +d999 1 +d1001 2 +d1005 1 +d1007 2 +d1012 1 +d1014 2 +d1023 7 +d1031 1 +d1034 3 +d1039 1 +d1042 3 +a1044 3 +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +d1046 1 +d1049 26 +d1079 1 +d1084 1 +d1086 1 +d1090 1 +d1094 1 +d1102 6 +d1109 1 +d1113 1 +d1115 2 +d1118 2 +d1122 4 +d1127 1 +d1131 1 +d1135 1 +d1139 1 +d1144 1 +d1149 2 +a1150 1 +; of uodbc.defaultlrl and uodbc.defaultbinmode +d1153 33 +d1187 4 +d1192 1 +d1195 4 +d1200 1 +d1204 1 +d1211 1 +d1216 1 +d1220 2 +a1221 1 +mysql.default_host = +d1224 1 +d1232 1 +d1236 1 +d1241 1 +d1246 12 +d1259 1 +d1262 4 +d1270 1 +d1275 1 +d1279 2 +a1280 1 +mysqli.default_host = +d1283 1 +d1291 1 +d1297 19 +a1315 6 +[mSQL] +; Allow or prevent persistent links. +msql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +msql.max_persistent = -1 +d1317 1 +a1317 2 +; Maximum number of links (persistent+non persistent). -1 means no limit. +msql.max_links = -1 +d1319 3 +a1321 2 +[OCI8] +; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA) +d1326 1 +d1332 1 +d1339 1 +d1342 13 +d1357 1 +d1362 2 +a1363 1 +;oci8.default_prefetch = 10 +d1367 1 +d1372 1 +d1377 1 +d1381 1 +d1385 1 +d1390 1 +d1395 1 +a1397 25 +[Sybase] +; Allow or prevent persistent links. +sybase.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybase.max_links = -1 + +;sybase.interface_file = "/usr/sybase/interfaces" + +; Minimum error severity to display. +sybase.min_error_severity = 10 + +; Minimum message severity to display. +sybase.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +; If on, this will cause PHP to automatically assign types to results according +; to their Sybase type, instead of treating them all as strings. This +; compatibility mode will probably not stay around forever, so try applying +; whatever necessary changes to your code, and turn it off. +sybase.compatability_mode = Off + +d1400 1 +d1404 1 +d1408 1 +d1412 1 +d1416 1 +d1419 18 +d1439 1 +d1443 1 +a1445 37 +[Informix] +; Default host for ifx_connect() (doesn't apply in safe mode). +ifx.default_host = + +; Default user for ifx_connect() (doesn't apply in safe mode). +ifx.default_user = + +; Default password for ifx_connect() (doesn't apply in safe mode). +ifx.default_password = + +; Allow or prevent persistent links. +ifx.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +ifx.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ifx.max_links = -1 + +; If on, select statements return the contents of a text blob instead of its id. +ifx.textasvarchar = 0 + +; If on, select statements return the contents of a byte blob instead of its id. +ifx.byteasvarchar = 0 + +; Trailing blanks are stripped from fixed-length char columns. May help the +; life of Informix SE users. +ifx.charasvarchar = 0 + +; If on, the contents of text and byte blobs are dumped to a file instead of +; keeping them in memory. +ifx.blobinfile = 0 + +; NULL's are returned as empty strings, unless this is set to 1. In that case, +; NULL's are returned as string 'NULL'. +ifx.nullformat = 0 + +d1448 1 +d1455 1 +a1455 1 +; As of PHP 4.0.1, you can define the path as: +d1477 1 +d1481 1 +d1484 2 +a1485 1 +;session.cookie_secure = +d1487 6 +a1492 3 +; This option enables administrators to make their users invulnerable to +; attacks which involve passing session ids in URLs; defaults to 0. +; session.use_only_cookies = 1 +d1495 2 +a1496 1 +session.name = PHPSESSID +d1499 1 +d1503 1 +d1507 1 +d1511 1 +d1515 2 +a1516 1 +session.cookie_httponly = +d1519 1 +d1522 11 +a1532 5 +; Define the probability that the 'garbage collection' process is started +; on every session initialization. +; The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts +; on each request. +d1534 13 +a1546 2 +session.gc_probability = 1 +session.gc_divisor = 100 +d1550 1 +d1562 1 +a1562 1 +; to initialize a session variable in the global scope, albeit register_globals +d1565 20 +a1584 4 +; the warning is only displayed, if bug_compat_42 is enabled. + +session.bug_compat_42 = 1 +session.bug_compat_warn = 1 +d1589 1 +d1593 1 +d1597 4 +a1600 4 +session.entropy_file = + +;session.entropy_length = 16 + +d1605 1 +d1609 1 +d1621 1 +d1624 8 +a1631 3 +; Select a hash function +; 0: MD5 (128 bits) +; 1: SHA-1 (160 bits) +d1636 9 +a1644 5 +; +; 4 bits: 0-9, a-f +; 5 bits: 0-9, a-v +; 6 bits: 0-9, a-z, A-Z, "-", "," +session.hash_bits_per_character = 4 +d1651 5 +a1655 1 +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" +d1704 1 +a1704 1 +; Specify client character set. +d1711 1 +d1715 1 +d1719 1 +d1723 1 +d1728 1 +d1733 1 +d1735 1 +d1737 1 +d1739 1 +d1741 1 +d1743 1 +d1745 1 +d1747 1 +d1749 1 +d1752 4 +d1758 1 +d1764 1 +d1768 1 +d1773 1 +d1781 1 +d1786 1 +d1791 1 +d1802 1 +d1805 11 +a1815 14 +[FrontBase] +;fbsql.allow_persistent = On +;fbsql.autocommit = On +;fbsql.show_timestamp_decimals = Off +;fbsql.default_database = +;fbsql.default_database_password = +;fbsql.default_host = +;fbsql.default_password = +;fbsql.default_user = "_SYSTEM" +;fbsql.generate_warnings = Off +;fbsql.max_connections = 128 +;fbsql.max_links = 128 +;fbsql.max_persistent = -1 +;fbsql.max_results = 128 +d1818 1 +a1818 1 +; Tell the jpeg decode to libjpeg warnings and try to create +d1821 1 +d1830 1 +d1832 2 +d1835 2 +d1838 2 +d1841 2 +d1844 2 +d1850 1 +d1856 1 +d1861 1 +d1863 1 +d1865 1 +d1867 2 +a1868 1 +; (time to live) Sets the number of second while cached file will be used +d1870 1 +d1873 25 +@ diff --git a/php/cli-php5/.rcs/php.ini.orig,v b/php/cli-php5/.rcs/php.ini.orig,v new file mode 100644 index 0000000..1f5b46e --- /dev/null +++ b/php/cli-php5/.rcs/php.ini.orig,v @@ -0,0 +1,1923 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2010.10.29.22.18.48; author root; state Exp; +branches; +next ; + + +desc +@Initialising repository +@ + + +1.1 +log +@Initial revision +@ +text +@[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_exif.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: +@ diff --git a/php/cli-php5/php.ini b/php/cli-php5/php.ini new file mode 100644 index 0000000..c83227e --- /dev/null +++ b/php/cli-php5/php.ini @@ -0,0 +1,1900 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = stderr + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = Off + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = On + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = On + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" +from="frank@brehm-online.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_exif.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = "localhost" + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = localhost + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHP_SESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/cli-php5/php.ini.orig b/php/cli-php5/php.ini.orig new file mode 100644 index 0000000..7578935 --- /dev/null +++ b/php/cli-php5/php.ini.orig @@ -0,0 +1,1899 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 100 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_dba.dll +;extension=php_exif.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; cd /path/to/sessions; find -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = Off + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = Off + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/embed-php5.3/ext-active/bcmath.ini b/php/embed-php5.3/ext-active/bcmath.ini new file mode 120000 index 0000000..56a12f4 --- /dev/null +++ b/php/embed-php5.3/ext-active/bcmath.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/bcmath.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/bz2.ini b/php/embed-php5.3/ext-active/bz2.ini new file mode 120000 index 0000000..ce77108 --- /dev/null +++ b/php/embed-php5.3/ext-active/bz2.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/bz2.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/calendar.ini b/php/embed-php5.3/ext-active/calendar.ini new file mode 120000 index 0000000..7c90b0c --- /dev/null +++ b/php/embed-php5.3/ext-active/calendar.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/calendar.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/curl.ini b/php/embed-php5.3/ext-active/curl.ini new file mode 120000 index 0000000..771b0a1 --- /dev/null +++ b/php/embed-php5.3/ext-active/curl.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/curl.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/dba.ini b/php/embed-php5.3/ext-active/dba.ini new file mode 120000 index 0000000..248949f --- /dev/null +++ b/php/embed-php5.3/ext-active/dba.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/dba.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/enchant.ini b/php/embed-php5.3/ext-active/enchant.ini new file mode 120000 index 0000000..c7a4a8d --- /dev/null +++ b/php/embed-php5.3/ext-active/enchant.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/enchant.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/exif.ini b/php/embed-php5.3/ext-active/exif.ini new file mode 120000 index 0000000..8ada06b --- /dev/null +++ b/php/embed-php5.3/ext-active/exif.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/exif.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/ftp.ini b/php/embed-php5.3/ext-active/ftp.ini new file mode 120000 index 0000000..cbf996b --- /dev/null +++ b/php/embed-php5.3/ext-active/ftp.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/ftp.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/gd.ini b/php/embed-php5.3/ext-active/gd.ini new file mode 120000 index 0000000..82d8a45 --- /dev/null +++ b/php/embed-php5.3/ext-active/gd.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/gd.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/gettext.ini b/php/embed-php5.3/ext-active/gettext.ini new file mode 120000 index 0000000..5ebd3fa --- /dev/null +++ b/php/embed-php5.3/ext-active/gettext.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/gettext.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/gmp.ini b/php/embed-php5.3/ext-active/gmp.ini new file mode 120000 index 0000000..8d75d0f --- /dev/null +++ b/php/embed-php5.3/ext-active/gmp.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/gmp.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/imap.ini b/php/embed-php5.3/ext-active/imap.ini new file mode 120000 index 0000000..b5de9ad --- /dev/null +++ b/php/embed-php5.3/ext-active/imap.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/imap.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/intl.ini b/php/embed-php5.3/ext-active/intl.ini new file mode 120000 index 0000000..e3293da --- /dev/null +++ b/php/embed-php5.3/ext-active/intl.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/intl.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/ldap.ini b/php/embed-php5.3/ext-active/ldap.ini new file mode 120000 index 0000000..ca4e5a0 --- /dev/null +++ b/php/embed-php5.3/ext-active/ldap.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/ldap.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/mbstring.ini b/php/embed-php5.3/ext-active/mbstring.ini new file mode 120000 index 0000000..718e6e5 --- /dev/null +++ b/php/embed-php5.3/ext-active/mbstring.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/mbstring.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/mcrypt.ini b/php/embed-php5.3/ext-active/mcrypt.ini new file mode 120000 index 0000000..b42a636 --- /dev/null +++ b/php/embed-php5.3/ext-active/mcrypt.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/mcrypt.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/mysql.ini b/php/embed-php5.3/ext-active/mysql.ini new file mode 120000 index 0000000..ad1ee4b --- /dev/null +++ b/php/embed-php5.3/ext-active/mysql.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/mysql.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/mysqli.ini b/php/embed-php5.3/ext-active/mysqli.ini new file mode 120000 index 0000000..26ba5c6 --- /dev/null +++ b/php/embed-php5.3/ext-active/mysqli.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/mysqli.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/odbc.ini b/php/embed-php5.3/ext-active/odbc.ini new file mode 120000 index 0000000..704cdd6 --- /dev/null +++ b/php/embed-php5.3/ext-active/odbc.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/odbc.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/pcntl.ini b/php/embed-php5.3/ext-active/pcntl.ini new file mode 120000 index 0000000..9b5628b --- /dev/null +++ b/php/embed-php5.3/ext-active/pcntl.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/pcntl.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/pspell.ini b/php/embed-php5.3/ext-active/pspell.ini new file mode 120000 index 0000000..f8e6ffe --- /dev/null +++ b/php/embed-php5.3/ext-active/pspell.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/pspell.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/snmp.ini b/php/embed-php5.3/ext-active/snmp.ini new file mode 120000 index 0000000..f971521 --- /dev/null +++ b/php/embed-php5.3/ext-active/snmp.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/snmp.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/soap.ini b/php/embed-php5.3/ext-active/soap.ini new file mode 120000 index 0000000..0bb20b6 --- /dev/null +++ b/php/embed-php5.3/ext-active/soap.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/soap.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/sockets.ini b/php/embed-php5.3/ext-active/sockets.ini new file mode 120000 index 0000000..b40c169 --- /dev/null +++ b/php/embed-php5.3/ext-active/sockets.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/sockets.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/sysvmsg.ini b/php/embed-php5.3/ext-active/sysvmsg.ini new file mode 120000 index 0000000..4cc4fbf --- /dev/null +++ b/php/embed-php5.3/ext-active/sysvmsg.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/sysvmsg.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/sysvsem.ini b/php/embed-php5.3/ext-active/sysvsem.ini new file mode 120000 index 0000000..6039be1 --- /dev/null +++ b/php/embed-php5.3/ext-active/sysvsem.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/sysvsem.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/sysvshm.ini b/php/embed-php5.3/ext-active/sysvshm.ini new file mode 120000 index 0000000..925021f --- /dev/null +++ b/php/embed-php5.3/ext-active/sysvshm.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/sysvshm.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/tidy.ini b/php/embed-php5.3/ext-active/tidy.ini new file mode 120000 index 0000000..2245444 --- /dev/null +++ b/php/embed-php5.3/ext-active/tidy.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/tidy.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/wddx.ini b/php/embed-php5.3/ext-active/wddx.ini new file mode 120000 index 0000000..e41c4ca --- /dev/null +++ b/php/embed-php5.3/ext-active/wddx.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/wddx.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/xmlrpc.ini b/php/embed-php5.3/ext-active/xmlrpc.ini new file mode 120000 index 0000000..49562fa --- /dev/null +++ b/php/embed-php5.3/ext-active/xmlrpc.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/xmlrpc.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/xsl.ini b/php/embed-php5.3/ext-active/xsl.ini new file mode 120000 index 0000000..7df11c2 --- /dev/null +++ b/php/embed-php5.3/ext-active/xsl.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/xsl.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/zip.ini b/php/embed-php5.3/ext-active/zip.ini new file mode 120000 index 0000000..9964b65 --- /dev/null +++ b/php/embed-php5.3/ext-active/zip.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/zip.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/zlib.ini b/php/embed-php5.3/ext-active/zlib.ini new file mode 120000 index 0000000..90e98da --- /dev/null +++ b/php/embed-php5.3/ext-active/zlib.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/zlib.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext/bcmath.ini b/php/embed-php5.3/ext/bcmath.ini new file mode 100644 index 0000000..7e0ae9a --- /dev/null +++ b/php/embed-php5.3/ext/bcmath.ini @@ -0,0 +1 @@ +extension=bcmath.so diff --git a/php/embed-php5.3/ext/bz2.ini b/php/embed-php5.3/ext/bz2.ini new file mode 100644 index 0000000..f9d67d2 --- /dev/null +++ b/php/embed-php5.3/ext/bz2.ini @@ -0,0 +1 @@ +extension=bz2.so diff --git a/php/embed-php5.3/ext/calendar.ini b/php/embed-php5.3/ext/calendar.ini new file mode 100644 index 0000000..9106f44 --- /dev/null +++ b/php/embed-php5.3/ext/calendar.ini @@ -0,0 +1 @@ +extension=calendar.so diff --git a/php/embed-php5.3/ext/curl.ini b/php/embed-php5.3/ext/curl.ini new file mode 100644 index 0000000..3ed40f6 --- /dev/null +++ b/php/embed-php5.3/ext/curl.ini @@ -0,0 +1 @@ +extension=curl.so diff --git a/php/embed-php5.3/ext/dba.ini b/php/embed-php5.3/ext/dba.ini new file mode 100644 index 0000000..3058911 --- /dev/null +++ b/php/embed-php5.3/ext/dba.ini @@ -0,0 +1 @@ +extension=dba.so diff --git a/php/embed-php5.3/ext/enchant.ini b/php/embed-php5.3/ext/enchant.ini new file mode 100644 index 0000000..f9b3244 --- /dev/null +++ b/php/embed-php5.3/ext/enchant.ini @@ -0,0 +1 @@ +extension=enchant.so diff --git a/php/embed-php5.3/ext/exif.ini b/php/embed-php5.3/ext/exif.ini new file mode 100644 index 0000000..0688bbe --- /dev/null +++ b/php/embed-php5.3/ext/exif.ini @@ -0,0 +1 @@ +extension=exif.so diff --git a/php/embed-php5.3/ext/ftp.ini b/php/embed-php5.3/ext/ftp.ini new file mode 100644 index 0000000..d4c6f43 --- /dev/null +++ b/php/embed-php5.3/ext/ftp.ini @@ -0,0 +1 @@ +extension=ftp.so diff --git a/php/embed-php5.3/ext/gd.ini b/php/embed-php5.3/ext/gd.ini new file mode 100644 index 0000000..1941c0d --- /dev/null +++ b/php/embed-php5.3/ext/gd.ini @@ -0,0 +1 @@ +extension=gd.so diff --git a/php/embed-php5.3/ext/gettext.ini b/php/embed-php5.3/ext/gettext.ini new file mode 100644 index 0000000..1b2e930 --- /dev/null +++ b/php/embed-php5.3/ext/gettext.ini @@ -0,0 +1 @@ +extension=gettext.so diff --git a/php/embed-php5.3/ext/gmp.ini b/php/embed-php5.3/ext/gmp.ini new file mode 100644 index 0000000..16d339e --- /dev/null +++ b/php/embed-php5.3/ext/gmp.ini @@ -0,0 +1 @@ +extension=gmp.so diff --git a/php/embed-php5.3/ext/imap.ini b/php/embed-php5.3/ext/imap.ini new file mode 100644 index 0000000..a70747f --- /dev/null +++ b/php/embed-php5.3/ext/imap.ini @@ -0,0 +1 @@ +extension=imap.so diff --git a/php/embed-php5.3/ext/intl.ini b/php/embed-php5.3/ext/intl.ini new file mode 100644 index 0000000..b334e92 --- /dev/null +++ b/php/embed-php5.3/ext/intl.ini @@ -0,0 +1 @@ +extension=intl.so diff --git a/php/embed-php5.3/ext/ldap.ini b/php/embed-php5.3/ext/ldap.ini new file mode 100644 index 0000000..00825a2 --- /dev/null +++ b/php/embed-php5.3/ext/ldap.ini @@ -0,0 +1 @@ +extension=ldap.so diff --git a/php/embed-php5.3/ext/mbstring.ini b/php/embed-php5.3/ext/mbstring.ini new file mode 100644 index 0000000..772b052 --- /dev/null +++ b/php/embed-php5.3/ext/mbstring.ini @@ -0,0 +1 @@ +extension=mbstring.so diff --git a/php/embed-php5.3/ext/mcrypt.ini b/php/embed-php5.3/ext/mcrypt.ini new file mode 100644 index 0000000..547ebdd --- /dev/null +++ b/php/embed-php5.3/ext/mcrypt.ini @@ -0,0 +1 @@ +extension=mcrypt.so diff --git a/php/embed-php5.3/ext/mysql.ini b/php/embed-php5.3/ext/mysql.ini new file mode 100644 index 0000000..da09c40 --- /dev/null +++ b/php/embed-php5.3/ext/mysql.ini @@ -0,0 +1 @@ +extension=mysql.so diff --git a/php/embed-php5.3/ext/mysqli.ini b/php/embed-php5.3/ext/mysqli.ini new file mode 100644 index 0000000..9d0502f --- /dev/null +++ b/php/embed-php5.3/ext/mysqli.ini @@ -0,0 +1 @@ +extension=mysqli.so diff --git a/php/embed-php5.3/ext/odbc.ini b/php/embed-php5.3/ext/odbc.ini new file mode 100644 index 0000000..96a0730 --- /dev/null +++ b/php/embed-php5.3/ext/odbc.ini @@ -0,0 +1 @@ +extension=odbc.so diff --git a/php/embed-php5.3/ext/pcntl.ini b/php/embed-php5.3/ext/pcntl.ini new file mode 100644 index 0000000..f0a7145 --- /dev/null +++ b/php/embed-php5.3/ext/pcntl.ini @@ -0,0 +1 @@ +extension=pcntl.so diff --git a/php/embed-php5.3/ext/pspell.ini b/php/embed-php5.3/ext/pspell.ini new file mode 100644 index 0000000..b4d0a8c --- /dev/null +++ b/php/embed-php5.3/ext/pspell.ini @@ -0,0 +1 @@ +extension=pspell.so diff --git a/php/embed-php5.3/ext/snmp.ini b/php/embed-php5.3/ext/snmp.ini new file mode 100644 index 0000000..15acf38 --- /dev/null +++ b/php/embed-php5.3/ext/snmp.ini @@ -0,0 +1 @@ +extension=snmp.so diff --git a/php/embed-php5.3/ext/soap.ini b/php/embed-php5.3/ext/soap.ini new file mode 100644 index 0000000..1deef9c --- /dev/null +++ b/php/embed-php5.3/ext/soap.ini @@ -0,0 +1 @@ +extension=soap.so diff --git a/php/embed-php5.3/ext/sockets.ini b/php/embed-php5.3/ext/sockets.ini new file mode 100644 index 0000000..327228b --- /dev/null +++ b/php/embed-php5.3/ext/sockets.ini @@ -0,0 +1 @@ +extension=sockets.so diff --git a/php/embed-php5.3/ext/sysvmsg.ini b/php/embed-php5.3/ext/sysvmsg.ini new file mode 100644 index 0000000..639950e --- /dev/null +++ b/php/embed-php5.3/ext/sysvmsg.ini @@ -0,0 +1 @@ +extension=sysvmsg.so diff --git a/php/embed-php5.3/ext/sysvsem.ini b/php/embed-php5.3/ext/sysvsem.ini new file mode 100644 index 0000000..dd2c343 --- /dev/null +++ b/php/embed-php5.3/ext/sysvsem.ini @@ -0,0 +1 @@ +extension=sysvsem.so diff --git a/php/embed-php5.3/ext/sysvshm.ini b/php/embed-php5.3/ext/sysvshm.ini new file mode 100644 index 0000000..4c26779 --- /dev/null +++ b/php/embed-php5.3/ext/sysvshm.ini @@ -0,0 +1 @@ +extension=sysvshm.so diff --git a/php/embed-php5.3/ext/tidy.ini b/php/embed-php5.3/ext/tidy.ini new file mode 100644 index 0000000..834babc --- /dev/null +++ b/php/embed-php5.3/ext/tidy.ini @@ -0,0 +1 @@ +extension=tidy.so diff --git a/php/embed-php5.3/ext/wddx.ini b/php/embed-php5.3/ext/wddx.ini new file mode 100644 index 0000000..95571ae --- /dev/null +++ b/php/embed-php5.3/ext/wddx.ini @@ -0,0 +1 @@ +extension=wddx.so diff --git a/php/embed-php5.3/ext/xmlrpc.ini b/php/embed-php5.3/ext/xmlrpc.ini new file mode 100644 index 0000000..b03d93c --- /dev/null +++ b/php/embed-php5.3/ext/xmlrpc.ini @@ -0,0 +1 @@ +extension=xmlrpc.so diff --git a/php/embed-php5.3/ext/xsl.ini b/php/embed-php5.3/ext/xsl.ini new file mode 100644 index 0000000..3223510 --- /dev/null +++ b/php/embed-php5.3/ext/xsl.ini @@ -0,0 +1 @@ +extension=xsl.so diff --git a/php/embed-php5.3/ext/zip.ini b/php/embed-php5.3/ext/zip.ini new file mode 100644 index 0000000..bb70997 --- /dev/null +++ b/php/embed-php5.3/ext/zip.ini @@ -0,0 +1 @@ +extension=zip.so diff --git a/php/embed-php5.3/ext/zlib.ini b/php/embed-php5.3/ext/zlib.ini new file mode 100644 index 0000000..3d29bce --- /dev/null +++ b/php/embed-php5.3/ext/zlib.ini @@ -0,0 +1 @@ +extension=zlib.so diff --git a/php/embed-php5.3/php.ini b/php/embed-php5.3/php.ini new file mode 100644 index 0000000..26ecfb2 --- /dev/null +++ b/php/embed-php5.3/php.ini @@ -0,0 +1,1894 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 17 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/php/fpm-php5.3/ext-active/apc.ini b/php/fpm-php5.3/ext-active/apc.ini new file mode 120000 index 0000000..50d4b8c --- /dev/null +++ b/php/fpm-php5.3/ext-active/apc.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/apc.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/bcmath.ini b/php/fpm-php5.3/ext-active/bcmath.ini new file mode 120000 index 0000000..50920b1 --- /dev/null +++ b/php/fpm-php5.3/ext-active/bcmath.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/bcmath.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/bz2.ini b/php/fpm-php5.3/ext-active/bz2.ini new file mode 120000 index 0000000..65d899b --- /dev/null +++ b/php/fpm-php5.3/ext-active/bz2.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/bz2.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/calendar.ini b/php/fpm-php5.3/ext-active/calendar.ini new file mode 120000 index 0000000..4b59a3d --- /dev/null +++ b/php/fpm-php5.3/ext-active/calendar.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/calendar.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/crack.ini b/php/fpm-php5.3/ext-active/crack.ini new file mode 120000 index 0000000..c7ef564 --- /dev/null +++ b/php/fpm-php5.3/ext-active/crack.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/crack.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/curl.ini b/php/fpm-php5.3/ext-active/curl.ini new file mode 120000 index 0000000..95a83d2 --- /dev/null +++ b/php/fpm-php5.3/ext-active/curl.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/curl.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/dba.ini b/php/fpm-php5.3/ext-active/dba.ini new file mode 120000 index 0000000..36bda47 --- /dev/null +++ b/php/fpm-php5.3/ext-active/dba.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/dba.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/enchant.ini b/php/fpm-php5.3/ext-active/enchant.ini new file mode 120000 index 0000000..bbd5ea7 --- /dev/null +++ b/php/fpm-php5.3/ext-active/enchant.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/enchant.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/exif.ini b/php/fpm-php5.3/ext-active/exif.ini new file mode 120000 index 0000000..5c667e5 --- /dev/null +++ b/php/fpm-php5.3/ext-active/exif.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/exif.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/ftp.ini b/php/fpm-php5.3/ext-active/ftp.ini new file mode 120000 index 0000000..2cdac08 --- /dev/null +++ b/php/fpm-php5.3/ext-active/ftp.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/ftp.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/gd.ini b/php/fpm-php5.3/ext-active/gd.ini new file mode 120000 index 0000000..ae4e8f2 --- /dev/null +++ b/php/fpm-php5.3/ext-active/gd.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/gd.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/gettext.ini b/php/fpm-php5.3/ext-active/gettext.ini new file mode 120000 index 0000000..c0a0fae --- /dev/null +++ b/php/fpm-php5.3/ext-active/gettext.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/gettext.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/gmp.ini b/php/fpm-php5.3/ext-active/gmp.ini new file mode 120000 index 0000000..e21cfdc --- /dev/null +++ b/php/fpm-php5.3/ext-active/gmp.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/gmp.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/http.ini b/php/fpm-php5.3/ext-active/http.ini new file mode 120000 index 0000000..189df42 --- /dev/null +++ b/php/fpm-php5.3/ext-active/http.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/http.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/imagick.ini b/php/fpm-php5.3/ext-active/imagick.ini new file mode 120000 index 0000000..daba6db --- /dev/null +++ b/php/fpm-php5.3/ext-active/imagick.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/imagick.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/imap.ini b/php/fpm-php5.3/ext-active/imap.ini new file mode 120000 index 0000000..b6cbab2 --- /dev/null +++ b/php/fpm-php5.3/ext-active/imap.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/imap.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/intl.ini b/php/fpm-php5.3/ext-active/intl.ini new file mode 120000 index 0000000..18e9890 --- /dev/null +++ b/php/fpm-php5.3/ext-active/intl.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/intl.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/ldap.ini b/php/fpm-php5.3/ext-active/ldap.ini new file mode 120000 index 0000000..10a6aba --- /dev/null +++ b/php/fpm-php5.3/ext-active/ldap.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/ldap.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/mailparse.ini b/php/fpm-php5.3/ext-active/mailparse.ini new file mode 120000 index 0000000..adac61c --- /dev/null +++ b/php/fpm-php5.3/ext-active/mailparse.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/mailparse.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/mbstring.ini b/php/fpm-php5.3/ext-active/mbstring.ini new file mode 120000 index 0000000..9704708 --- /dev/null +++ b/php/fpm-php5.3/ext-active/mbstring.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/mbstring.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/mcrypt.ini b/php/fpm-php5.3/ext-active/mcrypt.ini new file mode 120000 index 0000000..9e3f027 --- /dev/null +++ b/php/fpm-php5.3/ext-active/mcrypt.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/mcrypt.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/mysql.ini b/php/fpm-php5.3/ext-active/mysql.ini new file mode 120000 index 0000000..225057d --- /dev/null +++ b/php/fpm-php5.3/ext-active/mysql.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/mysql.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/mysqli.ini b/php/fpm-php5.3/ext-active/mysqli.ini new file mode 120000 index 0000000..549ef0f --- /dev/null +++ b/php/fpm-php5.3/ext-active/mysqli.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/mysqli.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/odbc.ini b/php/fpm-php5.3/ext-active/odbc.ini new file mode 120000 index 0000000..5d5f29f --- /dev/null +++ b/php/fpm-php5.3/ext-active/odbc.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/odbc.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/pcntl.ini b/php/fpm-php5.3/ext-active/pcntl.ini new file mode 120000 index 0000000..0059a95 --- /dev/null +++ b/php/fpm-php5.3/ext-active/pcntl.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/pcntl.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/pspell.ini b/php/fpm-php5.3/ext-active/pspell.ini new file mode 120000 index 0000000..9b62f58 --- /dev/null +++ b/php/fpm-php5.3/ext-active/pspell.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/pspell.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/snmp.ini b/php/fpm-php5.3/ext-active/snmp.ini new file mode 120000 index 0000000..7cda956 --- /dev/null +++ b/php/fpm-php5.3/ext-active/snmp.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/snmp.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/soap.ini b/php/fpm-php5.3/ext-active/soap.ini new file mode 120000 index 0000000..87d5857 --- /dev/null +++ b/php/fpm-php5.3/ext-active/soap.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/soap.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/sockets.ini b/php/fpm-php5.3/ext-active/sockets.ini new file mode 120000 index 0000000..dc448ca --- /dev/null +++ b/php/fpm-php5.3/ext-active/sockets.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/sockets.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/sysvmsg.ini b/php/fpm-php5.3/ext-active/sysvmsg.ini new file mode 120000 index 0000000..05f5bce --- /dev/null +++ b/php/fpm-php5.3/ext-active/sysvmsg.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/sysvmsg.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/sysvsem.ini b/php/fpm-php5.3/ext-active/sysvsem.ini new file mode 120000 index 0000000..0307f3f --- /dev/null +++ b/php/fpm-php5.3/ext-active/sysvsem.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/sysvsem.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/sysvshm.ini b/php/fpm-php5.3/ext-active/sysvshm.ini new file mode 120000 index 0000000..ab9dfd9 --- /dev/null +++ b/php/fpm-php5.3/ext-active/sysvshm.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/sysvshm.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/tidy.ini b/php/fpm-php5.3/ext-active/tidy.ini new file mode 120000 index 0000000..b0ec2b7 --- /dev/null +++ b/php/fpm-php5.3/ext-active/tidy.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/tidy.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/wddx.ini b/php/fpm-php5.3/ext-active/wddx.ini new file mode 120000 index 0000000..1be22ef --- /dev/null +++ b/php/fpm-php5.3/ext-active/wddx.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/wddx.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/xmlrpc.ini b/php/fpm-php5.3/ext-active/xmlrpc.ini new file mode 120000 index 0000000..33ee22d --- /dev/null +++ b/php/fpm-php5.3/ext-active/xmlrpc.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/xmlrpc.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/xsl.ini b/php/fpm-php5.3/ext-active/xsl.ini new file mode 120000 index 0000000..f13b375 --- /dev/null +++ b/php/fpm-php5.3/ext-active/xsl.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/xsl.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/zip.ini b/php/fpm-php5.3/ext-active/zip.ini new file mode 120000 index 0000000..fcba933 --- /dev/null +++ b/php/fpm-php5.3/ext-active/zip.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/zip.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext-active/zlib.ini b/php/fpm-php5.3/ext-active/zlib.ini new file mode 120000 index 0000000..e898e36 --- /dev/null +++ b/php/fpm-php5.3/ext-active/zlib.ini @@ -0,0 +1 @@ +/etc/php/fpm-php5.3/ext/zlib.ini \ No newline at end of file diff --git a/php/fpm-php5.3/ext/apc.ini b/php/fpm-php5.3/ext/apc.ini new file mode 100644 index 0000000..119e167 --- /dev/null +++ b/php/fpm-php5.3/ext/apc.ini @@ -0,0 +1,26 @@ +extension=apc.so +apc.enabled="1" +apc.shm_segments="1" +apc.shm_size="30M" +apc.num_files_hint="1024" +apc.ttl="7200" +apc.user_ttl="7200" +apc.gc_ttl="3600" +apc.cache_by_default="1" +;apc.filters="" +;apc.mmap_file_mask="/tmp/apcphp5.XXXXXX" +apc.slam_defense="0" +apc.file_update_protection="2" +apc.enable_cli="0" +apc.max_file_size="1M" +apc.stat="1" +apc.write_lock="1" +apc.report_autofilter="0" +apc.include_once_override="0" +apc.rfc1867="0" +apc.rfc1867_prefix="upload_" +apc.rfc1867_name="APC_UPLOAD_PROGRESS" +apc.rfc1867_freq="0" +apc.localcache="0" +apc.localcache.size="512" +apc.coredump_unmap="0" diff --git a/php/fpm-php5.3/ext/bcmath.ini b/php/fpm-php5.3/ext/bcmath.ini new file mode 100644 index 0000000..7e0ae9a --- /dev/null +++ b/php/fpm-php5.3/ext/bcmath.ini @@ -0,0 +1 @@ +extension=bcmath.so diff --git a/php/fpm-php5.3/ext/bz2.ini b/php/fpm-php5.3/ext/bz2.ini new file mode 100644 index 0000000..f9d67d2 --- /dev/null +++ b/php/fpm-php5.3/ext/bz2.ini @@ -0,0 +1 @@ +extension=bz2.so diff --git a/php/fpm-php5.3/ext/calendar.ini b/php/fpm-php5.3/ext/calendar.ini new file mode 100644 index 0000000..9106f44 --- /dev/null +++ b/php/fpm-php5.3/ext/calendar.ini @@ -0,0 +1 @@ +extension=calendar.so diff --git a/php/fpm-php5.3/ext/crack.ini b/php/fpm-php5.3/ext/crack.ini new file mode 100644 index 0000000..25bab90 --- /dev/null +++ b/php/fpm-php5.3/ext/crack.ini @@ -0,0 +1 @@ +extension=crack.so diff --git a/php/fpm-php5.3/ext/curl.ini b/php/fpm-php5.3/ext/curl.ini new file mode 100644 index 0000000..3ed40f6 --- /dev/null +++ b/php/fpm-php5.3/ext/curl.ini @@ -0,0 +1 @@ +extension=curl.so diff --git a/php/fpm-php5.3/ext/dba.ini b/php/fpm-php5.3/ext/dba.ini new file mode 100644 index 0000000..3058911 --- /dev/null +++ b/php/fpm-php5.3/ext/dba.ini @@ -0,0 +1 @@ +extension=dba.so diff --git a/php/fpm-php5.3/ext/enchant.ini b/php/fpm-php5.3/ext/enchant.ini new file mode 100644 index 0000000..f9b3244 --- /dev/null +++ b/php/fpm-php5.3/ext/enchant.ini @@ -0,0 +1 @@ +extension=enchant.so diff --git a/php/fpm-php5.3/ext/exif.ini b/php/fpm-php5.3/ext/exif.ini new file mode 100644 index 0000000..0688bbe --- /dev/null +++ b/php/fpm-php5.3/ext/exif.ini @@ -0,0 +1 @@ +extension=exif.so diff --git a/php/fpm-php5.3/ext/ftp.ini b/php/fpm-php5.3/ext/ftp.ini new file mode 100644 index 0000000..d4c6f43 --- /dev/null +++ b/php/fpm-php5.3/ext/ftp.ini @@ -0,0 +1 @@ +extension=ftp.so diff --git a/php/fpm-php5.3/ext/gd.ini b/php/fpm-php5.3/ext/gd.ini new file mode 100644 index 0000000..1941c0d --- /dev/null +++ b/php/fpm-php5.3/ext/gd.ini @@ -0,0 +1 @@ +extension=gd.so diff --git a/php/fpm-php5.3/ext/gettext.ini b/php/fpm-php5.3/ext/gettext.ini new file mode 100644 index 0000000..1b2e930 --- /dev/null +++ b/php/fpm-php5.3/ext/gettext.ini @@ -0,0 +1 @@ +extension=gettext.so diff --git a/php/fpm-php5.3/ext/gmp.ini b/php/fpm-php5.3/ext/gmp.ini new file mode 100644 index 0000000..16d339e --- /dev/null +++ b/php/fpm-php5.3/ext/gmp.ini @@ -0,0 +1 @@ +extension=gmp.so diff --git a/php/fpm-php5.3/ext/http.ini b/php/fpm-php5.3/ext/http.ini new file mode 100644 index 0000000..7c994f1 --- /dev/null +++ b/php/fpm-php5.3/ext/http.ini @@ -0,0 +1,22 @@ +extension=http.so +http.etag.mode=MD5 +http.force_exit=1 +http.log.allowed_methods= +http.log.cache= +http.log.composite= +http.log.not_found= +http.log.redirect= +http.only_exceptions=0 +http.persistent.handles.ident=GLOBAL +http.persistent.handles.limit=-1 +http.request.datashare.connect=0 +http.request.datashare.cookie=0 +http.request.datashare.dns=1 +http.request.datashare.ssl=0 +http.request.methods.allowed= +http.request.methods.custom= +http.send.inflate.start_auto=0 +http.send.inflate.start_flags=0 +http.send.deflate.start_auto=0 +http.send.deflate.start_flags=0 +http.send.not_found_404=1 diff --git a/php/fpm-php5.3/ext/imagick.ini b/php/fpm-php5.3/ext/imagick.ini new file mode 100644 index 0000000..d7513f1 --- /dev/null +++ b/php/fpm-php5.3/ext/imagick.ini @@ -0,0 +1 @@ +extension=imagick.so diff --git a/php/fpm-php5.3/ext/imap.ini b/php/fpm-php5.3/ext/imap.ini new file mode 100644 index 0000000..a70747f --- /dev/null +++ b/php/fpm-php5.3/ext/imap.ini @@ -0,0 +1 @@ +extension=imap.so diff --git a/php/fpm-php5.3/ext/intl.ini b/php/fpm-php5.3/ext/intl.ini new file mode 100644 index 0000000..b334e92 --- /dev/null +++ b/php/fpm-php5.3/ext/intl.ini @@ -0,0 +1 @@ +extension=intl.so diff --git a/php/fpm-php5.3/ext/ldap.ini b/php/fpm-php5.3/ext/ldap.ini new file mode 100644 index 0000000..00825a2 --- /dev/null +++ b/php/fpm-php5.3/ext/ldap.ini @@ -0,0 +1 @@ +extension=ldap.so diff --git a/php/fpm-php5.3/ext/mailparse.ini b/php/fpm-php5.3/ext/mailparse.ini new file mode 100644 index 0000000..cb7ebda --- /dev/null +++ b/php/fpm-php5.3/ext/mailparse.ini @@ -0,0 +1 @@ +extension=mailparse.so diff --git a/php/fpm-php5.3/ext/mbstring.ini b/php/fpm-php5.3/ext/mbstring.ini new file mode 100644 index 0000000..772b052 --- /dev/null +++ b/php/fpm-php5.3/ext/mbstring.ini @@ -0,0 +1 @@ +extension=mbstring.so diff --git a/php/fpm-php5.3/ext/mcrypt.ini b/php/fpm-php5.3/ext/mcrypt.ini new file mode 100644 index 0000000..547ebdd --- /dev/null +++ b/php/fpm-php5.3/ext/mcrypt.ini @@ -0,0 +1 @@ +extension=mcrypt.so diff --git a/php/fpm-php5.3/ext/mysql.ini b/php/fpm-php5.3/ext/mysql.ini new file mode 100644 index 0000000..da09c40 --- /dev/null +++ b/php/fpm-php5.3/ext/mysql.ini @@ -0,0 +1 @@ +extension=mysql.so diff --git a/php/fpm-php5.3/ext/mysqli.ini b/php/fpm-php5.3/ext/mysqli.ini new file mode 100644 index 0000000..9d0502f --- /dev/null +++ b/php/fpm-php5.3/ext/mysqli.ini @@ -0,0 +1 @@ +extension=mysqli.so diff --git a/php/fpm-php5.3/ext/odbc.ini b/php/fpm-php5.3/ext/odbc.ini new file mode 100644 index 0000000..96a0730 --- /dev/null +++ b/php/fpm-php5.3/ext/odbc.ini @@ -0,0 +1 @@ +extension=odbc.so diff --git a/php/fpm-php5.3/ext/pcntl.ini b/php/fpm-php5.3/ext/pcntl.ini new file mode 100644 index 0000000..f0a7145 --- /dev/null +++ b/php/fpm-php5.3/ext/pcntl.ini @@ -0,0 +1 @@ +extension=pcntl.so diff --git a/php/fpm-php5.3/ext/pspell.ini b/php/fpm-php5.3/ext/pspell.ini new file mode 100644 index 0000000..b4d0a8c --- /dev/null +++ b/php/fpm-php5.3/ext/pspell.ini @@ -0,0 +1 @@ +extension=pspell.so diff --git a/php/fpm-php5.3/ext/snmp.ini b/php/fpm-php5.3/ext/snmp.ini new file mode 100644 index 0000000..15acf38 --- /dev/null +++ b/php/fpm-php5.3/ext/snmp.ini @@ -0,0 +1 @@ +extension=snmp.so diff --git a/php/fpm-php5.3/ext/soap.ini b/php/fpm-php5.3/ext/soap.ini new file mode 100644 index 0000000..1deef9c --- /dev/null +++ b/php/fpm-php5.3/ext/soap.ini @@ -0,0 +1 @@ +extension=soap.so diff --git a/php/fpm-php5.3/ext/sockets.ini b/php/fpm-php5.3/ext/sockets.ini new file mode 100644 index 0000000..327228b --- /dev/null +++ b/php/fpm-php5.3/ext/sockets.ini @@ -0,0 +1 @@ +extension=sockets.so diff --git a/php/fpm-php5.3/ext/sysvmsg.ini b/php/fpm-php5.3/ext/sysvmsg.ini new file mode 100644 index 0000000..639950e --- /dev/null +++ b/php/fpm-php5.3/ext/sysvmsg.ini @@ -0,0 +1 @@ +extension=sysvmsg.so diff --git a/php/fpm-php5.3/ext/sysvsem.ini b/php/fpm-php5.3/ext/sysvsem.ini new file mode 100644 index 0000000..dd2c343 --- /dev/null +++ b/php/fpm-php5.3/ext/sysvsem.ini @@ -0,0 +1 @@ +extension=sysvsem.so diff --git a/php/fpm-php5.3/ext/sysvshm.ini b/php/fpm-php5.3/ext/sysvshm.ini new file mode 100644 index 0000000..4c26779 --- /dev/null +++ b/php/fpm-php5.3/ext/sysvshm.ini @@ -0,0 +1 @@ +extension=sysvshm.so diff --git a/php/fpm-php5.3/ext/tidy.ini b/php/fpm-php5.3/ext/tidy.ini new file mode 100644 index 0000000..834babc --- /dev/null +++ b/php/fpm-php5.3/ext/tidy.ini @@ -0,0 +1 @@ +extension=tidy.so diff --git a/php/fpm-php5.3/ext/wddx.ini b/php/fpm-php5.3/ext/wddx.ini new file mode 100644 index 0000000..95571ae --- /dev/null +++ b/php/fpm-php5.3/ext/wddx.ini @@ -0,0 +1 @@ +extension=wddx.so diff --git a/php/fpm-php5.3/ext/xmlrpc.ini b/php/fpm-php5.3/ext/xmlrpc.ini new file mode 100644 index 0000000..b03d93c --- /dev/null +++ b/php/fpm-php5.3/ext/xmlrpc.ini @@ -0,0 +1 @@ +extension=xmlrpc.so diff --git a/php/fpm-php5.3/ext/xsl.ini b/php/fpm-php5.3/ext/xsl.ini new file mode 100644 index 0000000..3223510 --- /dev/null +++ b/php/fpm-php5.3/ext/xsl.ini @@ -0,0 +1 @@ +extension=xsl.so diff --git a/php/fpm-php5.3/ext/zip.ini b/php/fpm-php5.3/ext/zip.ini new file mode 100644 index 0000000..bb70997 --- /dev/null +++ b/php/fpm-php5.3/ext/zip.ini @@ -0,0 +1 @@ +extension=zip.so diff --git a/php/fpm-php5.3/ext/zlib.ini b/php/fpm-php5.3/ext/zlib.ini new file mode 100644 index 0000000..3d29bce --- /dev/null +++ b/php/fpm-php5.3/ext/zlib.ini @@ -0,0 +1 @@ +extension=zlib.so diff --git a/php/fpm-php5.3/php-fpm.conf b/php/fpm-php5.3/php-fpm.conf new file mode 100644 index 0000000..0b0a7f8 --- /dev/null +++ b/php/fpm-php5.3/php-fpm.conf @@ -0,0 +1,311 @@ +;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; + +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr/lib/php5.3). This prefix can be dynamicaly changed by using the +; '-p' argument from the command line. + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p arguement) +; - /usr/lib/php5.3 otherwise +;include=/etc/php/fpm-php5.3/fpm.d/*.conf + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /var/lib +; Default Value: none +; Warning: pid file is overriden by the Gentoo init script. +; FPM will refuse to start if you uncomment this settingi and make use of the +; init script. +; pid = /var/run/php-fpm.pid + +; Error log file +; Note: the default prefix is /var/lib +; Default Value: log/php-fpm.log +error_log = /var/log/php-fpm.log + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Start a new pool named 'www'. +; the variable $pool can we used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr/lib/php5.3) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. A value of '-1' means unlimited. +; Default Value: 128 (-1 on FreeBSD and OpenBSD) +;listen.backlog = -1 + +; List of ipv4 addresses of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0666 +;listen.owner = nobody +;listen.group = nobody +;listen.mode = 0666 + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = nobody +group = nobody + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives: +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes to be created when pm is set to 'dynamic'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. +; Note: Used when pm is set to either 'static' or 'dynamic' +; Note: This value is mandatory. +pm.max_children = 50 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +;pm.start_servers = 20 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 5 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 35 + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. By default, the status page shows the following +; information: +; accepted conn - the number of request accepted by the pool; +; pool - the name of the pool; +; process manager - static or dynamic; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes. +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic') +; The values of 'idle processes', 'active processes' and 'total processes' are +; updated each second. The value of 'accepted conn' is updated in real time. +; Example output: +; accepted conn: 12073 +; pool: www +; process manager: static +; idle processes: 35 +; active processes: 65 +; total processes: 100 +; max children reached: 1 +; By default the status page output is formatted as text/plain. Passing either +; 'html' or 'json' as a query string will return the corresponding output +; syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = /var/log/php-fpm-$pool.log.slow + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/lib/php5.3) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/php/fpm-php5.3/php.ini b/php/fpm-php5.3/php.ini new file mode 100644 index 0000000..26ecfb2 --- /dev/null +++ b/php/fpm-php5.3/php.ini @@ -0,0 +1,1894 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and Lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it's +; much more verbose when it comes to errors. We recommending using the +; development version only in development environments as errors shown to +; application users can inadvertently leak otherwise secure information. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; allow_call_time_pass_reference +; Default Value: On +; Development Value: Off +; Production Value: Off + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED + +; html_errors +; Default Value: On +; Development Value: On +; Production value: Off + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; magic_quotes_gpc +; Default Value: On +; Development Value: Off +; Production Value: Off + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; register_long_arrays +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.bug_compat_42 +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.bug_compat_warn +; Default Value: On +; Development Value: On +; Production Value: Off + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It's been +; recommended for several years that you not use the short tag "short cut" and +; instead to use the full tag combination. With the wide spread use +; of XML and use of these tags by other languages, the server can become easily +; confused and end up parsing the wrong code in the wrong context. But because +; this short cut has been a feature for such a long time, it's currently still +; supported for backwards compatibility, but we recommend you don't use them. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/short-open-tag +short_open_tag = Off + +; Allow ASP-style <% %> tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Enforce year 2000 compliance (will cause problems with non-compliant browsers) +; http://php.net/y2k-compliance +y2k_compliance = On + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 17 + +; This directive allows you to enable and disable warnings which PHP will issue +; if you pass a value by reference at function call time. Passing values by +; reference at function call time is a deprecated feature which will be removed +; from PHP at some point in the near future. The acceptable method for passing a +; value by reference to a function is by declaring the reference in the functions +; definition, not at call time. This directive does not disable this feature, it +; only determines whether PHP will warn you about it or not. These warnings +; should enabled in development environments only. +; Default Value: On (Suppress warnings) +; Development Value: Off (Issue warnings) +; Production Value: Off (Issue warnings) +; http://php.net/allow-call-time-pass-reference +allow_call_time_pass_reference = Off + +; Safe Mode +; http://php.net/safe-mode +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +; http://php.net/safe-mode-gid +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +; http://php.net/safe-mode-include-dir +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +; http://php.net/safe-mode-exec-dir +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +; http://php.net/safe-mode-allowed-env-vars +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +; http://php.net/safe-mode-protected-env-vars +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) +; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) +; Default Value: E_ALL & ~E_NOTICE +; Development Value: E_ALL | E_STRICT +; Production Value: E_ALL & ~E_DEPRECATED +; http://php.net/error-reporting +error_reporting = E_ALL | E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; It's recommended that errors be logged on production servers rather than +; having the errors sent to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. But, it's strongly recommended that you +; leave this setting off on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of inserting html +; links to documentation related to that error. This directive controls whether +; those HTML links appear in error messages or not. For performance and security +; reasons, it's recommended you disable this on production servers. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: Off +; http://php.net/html-errors +html_errors = On + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. If the register_globals directive is enabled, it also determines +; what order variables are populated into the global space. G,P,C,E & S are +; abbreviations for the following respective super globals: GET, POST, COOKIE, +; ENV and SERVER. There is a performance penalty paid for the registration of +; these arrays and because ENV is not as commonly used as the others, ENV is +; is not recommended on productions servers. You can still get access to +; the environment variables through getenv() should you need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P,C,E & S) should +; be registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive are +; specified in the same manner as the variables_order directive, EXCEPT one. +; Leaving this value empty will cause PHP to use the value set in the +; variables_order directive. It does not mean it will leave the super globals +; array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +; http://php.net/register-globals +register_globals = Off + +; Determines whether the deprecated long $HTTP_*_VARS type predefined variables +; are registered by PHP or not. As they are deprecated, we obviously don't +; recommend you use them. They are on by default for compatibility reasons but +; they are not recommended on production servers. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-long-arrays +register_long_arrays = Off + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the SERVER and ENV variables are created when they're first +; used (Just In Time) instead of when the script starts. If these variables +; are not used within a script, having this directive on will result in a +; performance gain. The PHP directives register_globals, register_long_arrays, +; and register_argc_argv must be disabled for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Maximum size of POST data that PHP will accept. +; http://php.net/post-max-size +post_max_size = 8M + +; Magic quotes are a preprocessing feature of PHP where PHP will attempt to +; escape any character sequences in GET, POST, COOKIE and ENV data which might +; otherwise corrupt data being placed in resources such as databases before +; making that data available to you. Because of character encoding issues and +; non-standard SQL implementations across many databases, it's not currently +; possible for this feature to be 100% accurate. PHP's default behavior is to +; enable the feature. We strongly recommend you use the escaping mechanisms +; designed specifically for the database your using instead of relying on this +; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is +; scheduled for removal in PHP 6. +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/magic-quotes-gpc +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +; http://php.net/magic-quotes-runtime +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +; http://php.net/magic-quotes-sybase +magic_quotes_sybase = Off + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a character encoding using +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to empty. +; http://php.net/default-charset +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +include_path = ".:/usr/share/php5:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1; + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = Off + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client +;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mssql.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_phar.dll +;extension=php_pspell.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll +;extension=php_zip.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +;iconv.input_encoding = ISO-8859-1 +;iconv.internal_encoding = ISO-8859-1 +;iconv.output_encoding = ISO-8859-1 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING + +[sqlite] +; http://php.net/sqlite.assoc-case +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +; http://php.net/define-syslog-variables +define_syslog_variables = Off + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(), even in safe mode. +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statstics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgresSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if you +; or your OS have problems with lots of files in one directory, and is +; a more efficient layout for servers that handle lots of sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combatting +; session hijacking when not specifying and managing your own session id. It is +; not the end all be all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 | xargs rm + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, even when register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning separately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. This feature +; introduces some serious security problems if not handled correctly. It's +; recommended that you do not use this feature on production servers. But you +; should enable this on development servers and enable the warning as well. If you +; do not enable the feature on development servers, you won't be warned when it's +; used and debugging errors caused by this can be difficult to track down. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-42 +session.bug_compat_42 = On + +; This setting controls whether or not you are warned by PHP when initializing a +; session value into the global space. session.bug_compat_42 must be enabled before +; these warnings can be issued by PHP. See the directive above for more information. +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/session.bug-compat-warn +session.bug_compat_warn = On + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +session.entropy_length = 0 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; On systems that don't have /dev/urandom /dev/arandom can be used +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom +session.entropy_file = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.comf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +; http://php.net/mbstring.internal-encoding +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +; http://php.net/mbstring.http-input +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +; http://php.net/mbstring.http-output +;mbstring.http_output = SJIS + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte +; Default: "" +;mbstring.script_encoding= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/postfix/.orig/main.cf b/postfix/.orig/main.cf new file mode 100644 index 0000000..2ec6401 --- /dev/null +++ b/postfix/.orig/main.cf @@ -0,0 +1,652 @@ +# Global Postfix configuration file. This file lists only a subset +# of all parameters. For the syntax, and for a complete parameter +# list, see the postconf(5) manual page (command: "man 5 postconf"). +# +# For common configuration examples, see BASIC_CONFIGURATION_README +# and STANDARD_CONFIGURATION_README. To find these documents, use +# the command "postconf html_directory readme_directory", or go to +# http://www.postfix.org/. +# +# For best results, change no more than 2-3 parameters at a time, +# and test if Postfix still works after every change. + +# SOFT BOUNCE +# +# The soft_bounce parameter provides a limited safety net for +# testing. When soft_bounce is enabled, mail will remain queued that +# would otherwise bounce. This parameter disables locally-generated +# bounces, and prevents the SMTP server from rejecting mail permanently +# (by changing 5xx replies into 4xx replies). However, soft_bounce +# is no cure for address rewriting mistakes or mail routing mistakes. +# +#soft_bounce = no + +# LOCAL PATHNAME INFORMATION +# +# The queue_directory specifies the location of the Postfix queue. +# This is also the root directory of Postfix daemons that run chrooted. +# See the files in examples/chroot-setup for setting up Postfix chroot +# environments on different UNIX systems. +# +queue_directory = /var/spool/postfix + +# The command_directory parameter specifies the location of all +# postXXX commands. +# +command_directory = /usr/sbin + +# The daemon_directory parameter specifies the location of all Postfix +# daemon programs (i.e. programs listed in the master.cf file). This +# directory must be owned by root. +# +daemon_directory = //usr/lib64/postfix + +# The data_directory parameter specifies the location of Postfix-writable +# data files (caches, random numbers). This directory must be owned +# by the mail_owner account (see below). +# +data_directory = /var/lib/postfix + +# QUEUE AND PROCESS OWNERSHIP +# +# The mail_owner parameter specifies the owner of the Postfix queue +# and of most Postfix daemon processes. Specify the name of a user +# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS +# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In +# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED +# USER. +# +mail_owner = postfix + +# The default_privs parameter specifies the default rights used by +# the local delivery agent for delivery to external file or command. +# These rights are used in the absence of a recipient user context. +# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. +# +#default_privs = nobody + +# INTERNET HOST AND DOMAIN NAMES +# +# The myhostname parameter specifies the internet hostname of this +# mail system. The default is to use the fully-qualified domain name +# from gethostname(). $myhostname is used as a default value for many +# other configuration parameters. +# +#myhostname = host.domain.tld +#myhostname = virtual.domain.tld + +# The mydomain parameter specifies the local internet domain name. +# The default is to use $myhostname minus the first component. +# $mydomain is used as a default value for many other configuration +# parameters. +# +#mydomain = domain.tld + +# SENDING MAIL +# +# The myorigin parameter specifies the domain that locally-posted +# mail appears to come from. The default is to append $myhostname, +# which is fine for small sites. If you run a domain with multiple +# machines, you should (1) change this to $mydomain and (2) set up +# a domain-wide alias database that aliases each user to +# user@that.users.mailhost. +# +# For the sake of consistency between sender and recipient addresses, +# myorigin also specifies the default domain name that is appended +# to recipient addresses that have no @domain part. +# +#myorigin = $myhostname +#myorigin = $mydomain + +# RECEIVING MAIL + +# The inet_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on. By default, +# the software claims all active interfaces on the machine. The +# parameter also controls delivery of mail to user@[ip.address]. +# +# See also the proxy_interfaces parameter, for network addresses that +# are forwarded to us via a proxy or network address translator. +# +# Note: you need to stop/start Postfix when this parameter changes. +# +#inet_interfaces = all +#inet_interfaces = $myhostname +#inet_interfaces = $myhostname, localhost + +# The proxy_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on by way of a +# proxy or network address translation unit. This setting extends +# the address list specified with the inet_interfaces parameter. +# +# You must specify your proxy/NAT addresses when your system is a +# backup MX host for other domains, otherwise mail delivery loops +# will happen when the primary MX host is down. +# +#proxy_interfaces = +#proxy_interfaces = 1.2.3.4 + +# The mydestination parameter specifies the list of domains that this +# machine considers itself the final destination for. +# +# These domains are routed to the delivery agent specified with the +# local_transport parameter setting. By default, that is the UNIX +# compatible delivery agent that lookups all recipients in /etc/passwd +# and /etc/aliases or their equivalent. +# +# The default is $myhostname + localhost.$mydomain. On a mail domain +# gateway, you should also include $mydomain. +# +# Do not specify the names of virtual domains - those domains are +# specified elsewhere (see VIRTUAL_README). +# +# Do not specify the names of domains that this machine is backup MX +# host for. Specify those names via the relay_domains settings for +# the SMTP server, or use permit_mx_backup if you are lazy (see +# STANDARD_CONFIGURATION_README). +# +# The local machine is always the final destination for mail addressed +# to user@[the.net.work.address] of an interface that the mail system +# receives mail on (see the inet_interfaces parameter). +# +# Specify a list of host or domain names, /file/name or type:table +# patterns, separated by commas and/or whitespace. A /file/name +# pattern is replaced by its contents; a type:table is matched when +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. +# +# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". +# +#mydestination = $myhostname, localhost.$mydomain, localhost +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, +# mail.$mydomain, www.$mydomain, ftp.$mydomain + +# REJECTING MAIL FOR UNKNOWN LOCAL USERS +# +# The local_recipient_maps parameter specifies optional lookup tables +# with all names or addresses of users that are local with respect +# to $mydestination, $inet_interfaces or $proxy_interfaces. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown local users. This parameter is defined by default. +# +# To turn off local recipient checking in the SMTP server, specify +# local_recipient_maps = (i.e. empty). +# +# The default setting assumes that you use the default Postfix local +# delivery agent for local delivery. You need to update the +# local_recipient_maps setting if: +# +# - You define $mydestination domain recipients in files other than +# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. +# For example, you define $mydestination domain recipients in +# the $virtual_mailbox_maps files. +# +# - You redefine the local delivery agent in master.cf. +# +# - You redefine the "local_transport" setting in main.cf. +# +# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" +# feature of the Postfix local delivery agent (see local(8)). +# +# Details are described in the LOCAL_RECIPIENT_README file. +# +# Beware: if the Postfix SMTP server runs chrooted, you probably have +# to access the passwd file via the proxymap service, in order to +# overcome chroot restrictions. The alternative, having a copy of +# the system passwd file in the chroot jail is just not practical. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify a bare username, an @domain.tld +# wild-card, or specify a user@domain.tld address. +# +#local_recipient_maps = unix:passwd.byname $alias_maps +#local_recipient_maps = proxy:unix:passwd.byname $alias_maps +#local_recipient_maps = + +# The unknown_local_recipient_reject_code specifies the SMTP server +# response code when a recipient domain matches $mydestination or +# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty +# and the recipient address or address local-part is not found. +# +# The default setting is 550 (reject mail) but it is safer to start +# with 450 (try again later) until you are certain that your +# local_recipient_maps settings are OK. +# +unknown_local_recipient_reject_code = 550 + +# TRUST AND RELAY CONTROL + +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in postconf(5). +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# On Linux, this does works correctly only with interfaces specified +# with the "ifconfig" command. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +#mynetworks_style = class +#mynetworks_style = subnet +#mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. Specify type:table for table-based lookups +# (the value on the table right-hand side is not used). +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks +#mynetworks = hash:/etc/postfix/network_table + +# The relay_domains parameter restricts what destinations this system will +# relay mail to. See the smtpd_recipient_restrictions description in +# postconf(5) for detailed information. +# +# By default, Postfix relays mail +# - from "trusted" clients (IP address matches $mynetworks) to any destination, +# - from "untrusted" clients to destinations that match $relay_domains or +# subdomains thereof, except addresses with sender-specified routing. +# The default relay_domains value is $mydestination. +# +# In addition to the above, the Postfix SMTP server by default accepts mail +# that Postfix is final destination for: +# - destinations that match $inet_interfaces or $proxy_interfaces, +# - destinations that match $mydestination +# - destinations that match $virtual_alias_domains, +# - destinations that match $virtual_mailbox_domains. +# These destinations do not need to be listed in $relay_domains. +# +# Specify a list of hosts or domains, /file/name patterns or type:name +# lookup tables, separated by commas and/or whitespace. Continue +# long lines by starting the next line with whitespace. A file name +# is replaced by its contents; a type:name table is matched when a +# (parent) domain appears as lookup key. +# +# NOTE: Postfix will not automatically forward mail for domains that +# list this system as their primary or backup MX host. See the +# permit_mx_backup restriction description in postconf(5). +# +#relay_domains = $mydestination + +# INTERNET OR INTRANET + +# The relayhost parameter specifies the default host to send mail to +# when no entry is matched in the optional transport(5) table. When +# no relayhost is given, mail is routed directly to the destination. +# +# On an intranet, specify the organizational domain name. If your +# internal DNS uses no MX records, specify the name of the intranet +# gateway host instead. +# +# In the case of SMTP, specify a domain, host, host:port, [host]:port, +# [address] or [address]:port; the form [host] turns off MX lookups. +# +# If you're connected via UUCP, see also the default_transport parameter. +# +#relayhost = $mydomain +#relayhost = [gateway.my.domain] +#relayhost = [mailserver.isp.tld] +#relayhost = uucphost +#relayhost = [an.ip.add.ress] + +# REJECTING UNKNOWN RELAY USERS +# +# The relay_recipient_maps parameter specifies optional lookup tables +# with all addresses in the domains that match $relay_domains. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown relay users. This feature is off by default. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify an @domain.tld wild-card, or specify +# a user@domain.tld address. +# +#relay_recipient_maps = hash:/etc/postfix/relay_recipients + +# INPUT RATE CONTROL +# +# The in_flow_delay configuration parameter implements mail input +# flow control. This feature is turned on by default, although it +# still needs further development (it's disabled on SCO UNIX due +# to an SCO bug). +# +# A Postfix process will pause for $in_flow_delay seconds before +# accepting a new message, when the message arrival rate exceeds the +# message delivery rate. With the default 100 SMTP server process +# limit, this limits the mail inflow to 100 messages a second more +# than the number of messages delivered per second. +# +# Specify 0 to disable the feature. Valid delays are 0..10. +# +#in_flow_delay = 1s + +# ADDRESS REWRITING +# +# The ADDRESS_REWRITING_README document gives information about +# address masquerading or other forms of address rewriting including +# username->Firstname.Lastname mapping. + +# ADDRESS REDIRECTION (VIRTUAL DOMAIN) +# +# The VIRTUAL_README document gives information about the many forms +# of domain hosting that Postfix supports. + +# "USER HAS MOVED" BOUNCE MESSAGES +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# TRANSPORT MAP +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# ALIAS DATABASE +# +# The alias_maps parameter specifies the list of alias databases used +# by the local delivery agent. The default list is system dependent. +# +# On systems with NIS, the default is to search the local alias +# database, then the NIS alias database. See aliases(5) for syntax +# details. +# +# If you change the alias database, run "postalias /etc/aliases" (or +# wherever your system stores the mail alias file), or simply run +# "newaliases" to build the necessary DBM or DB file. +# +# It will take a minute or so before changes become visible. Use +# "postfix reload" to eliminate the delay. +# +#alias_maps = dbm:/etc/aliases +#alias_maps = hash:/etc/aliases +#alias_maps = hash:/etc/aliases, nis:mail.aliases +#alias_maps = netinfo:/aliases + +# The alias_database parameter specifies the alias database(s) that +# are built with "newaliases" or "sendmail -bi". This is a separate +# configuration parameter, because alias_maps (see above) may specify +# tables that are not necessarily all under control by Postfix. +# +#alias_database = dbm:/etc/aliases +#alias_database = dbm:/etc/mail/aliases +#alias_database = hash:/etc/aliases +#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases + +# ADDRESS EXTENSIONS (e.g., user+foo) +# +# The recipient_delimiter parameter specifies the separator between +# user names and address extensions (user+foo). See canonical(5), +# local(8), relocated(5) and virtual(5) for the effects this has on +# aliases, canonical, virtual, relocated and .forward file lookups. +# Basically, the software tries user+foo and .forward+foo before +# trying user and .forward. +# +#recipient_delimiter = + + +# DELIVERY TO MAILBOX +# +# The home_mailbox parameter specifies the optional pathname of a +# mailbox file relative to a user's home directory. The default +# mailbox file is /var/spool/mail/user or /var/mail/user. Specify +# "Maildir/" for qmail-style delivery (the / is required). +# +#home_mailbox = Mailbox +#home_mailbox = Maildir/ + +# The mail_spool_directory parameter specifies the directory where +# UNIX-style mailboxes are kept. The default setting depends on the +# system type. +# +#mail_spool_directory = /var/mail +#mail_spool_directory = /var/spool/mail + +# The mailbox_command parameter specifies the optional external +# command to use instead of mailbox delivery. The command is run as +# the recipient with proper HOME, SHELL and LOGNAME environment settings. +# Exception: delivery for root is done as $default_user. +# +# Other environment variables of interest: USER (recipient username), +# EXTENSION (address extension), DOMAIN (domain part of address), +# and LOCAL (the address localpart). +# +# Unlike other Postfix configuration parameters, the mailbox_command +# parameter is not subjected to $parameter substitutions. This is to +# make it easier to specify shell syntax (see example below). +# +# Avoid shell meta characters because they will force Postfix to run +# an expensive shell process. Procmail alone is expensive enough. +# +# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN +# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. +# +#mailbox_command = /some/where/procmail +#mailbox_command = /some/where/procmail -a "$EXTENSION" + +# The mailbox_transport specifies the optional transport in master.cf +# to use after processing aliases and .forward files. This parameter +# has precedence over the mailbox_command, fallback_transport and +# luser_relay parameters. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#mailbox_transport = lmtp:unix:/file/name +#mailbox_transport = cyrus + +# The fallback_transport specifies the optional transport in master.cf +# to use for recipients that are not found in the UNIX passwd database. +# This parameter has precedence over the luser_relay parameter. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#fallback_transport = lmtp:unix:/file/name +#fallback_transport = cyrus +#fallback_transport = + +# The luser_relay parameter specifies an optional destination address +# for unknown recipients. By default, mail for unknown@$mydestination, +# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned +# as undeliverable. +# +# The following expansions are done on luser_relay: $user (recipient +# username), $shell (recipient shell), $home (recipient home directory), +# $recipient (full recipient address), $extension (recipient address +# extension), $domain (recipient domain), $local (entire recipient +# localpart), $recipient_delimiter. Specify ${name?value} or +# ${name:value} to expand value only when $name does (does not) exist. +# +# luser_relay works only for the default Postfix local delivery agent. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must specify "local_recipient_maps =" (i.e. empty) in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#luser_relay = $user@other.host +#luser_relay = $local@other.host +#luser_relay = admin+$local + +# JUNK MAIL CONTROLS +# +# The controls listed here are only a very small subset. The file +# SMTPD_ACCESS_README provides an overview. + +# The header_checks parameter specifies an optional table with patterns +# that each logical message header is matched against, including +# headers that span multiple physical lines. +# +# By default, these patterns also apply to MIME headers and to the +# headers of attached messages. With older Postfix versions, MIME and +# attached message headers were treated as body text. +# +# For details, see "man header_checks". +# +#header_checks = regexp:/etc/postfix/header_checks + +# FAST ETRN SERVICE +# +# Postfix maintains per-destination logfiles with information about +# deferred mail, so that mail can be flushed quickly with the SMTP +# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". +# See the ETRN_README document for a detailed description. +# +# The fast_flush_domains parameter controls what destinations are +# eligible for this service. By default, they are all domains that +# this server is willing to relay mail to. +# +#fast_flush_domains = $relay_domains + +# SHOW SOFTWARE VERSION OR NOT +# +# The smtpd_banner parameter specifies the text that follows the 220 +# code in the SMTP server's greeting banner. Some people like to see +# the mail version advertised. By default, Postfix shows no version. +# +# You MUST specify $myhostname at the start of the text. That is an +# RFC requirement. Postfix itself does not care. +# +#smtpd_banner = $myhostname ESMTP $mail_name +#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) + +# PARALLEL DELIVERY TO THE SAME DESTINATION +# +# How many parallel deliveries to the same user or domain? With local +# delivery, it does not make sense to do massively parallel delivery +# to the same user, because mailbox updates must happen sequentially, +# and expensive pipelines in .forward files can cause disasters when +# too many are run at the same time. With SMTP deliveries, 10 +# simultaneous connections to the same domain could be sufficient to +# raise eyebrows. +# +# Each message delivery transport has its XXX_destination_concurrency_limit +# parameter. The default is $default_destination_concurrency_limit for +# most delivery transports. For the local delivery agent the default is 2. + +#local_destination_concurrency_limit = 2 +#default_destination_concurrency_limit = 20 + +# DEBUGGING CONTROL +# +# The debug_peer_level parameter specifies the increment in verbose +# logging level when an SMTP client or server host name or address +# matches a pattern in the debug_peer_list parameter. +# +debug_peer_level = 2 + +# The debug_peer_list parameter specifies an optional list of domain +# or network patterns, /file/name patterns or type:name tables. When +# an SMTP client or server host name or address matches a pattern, +# increase the verbose logging level by the amount specified in the +# debug_peer_level parameter. +# +#debug_peer_list = 127.0.0.1 +#debug_peer_list = some.domain + +# The debugger_command specifies the external command that is executed +# when a Postfix daemon program is run with the -D option. +# +# Use "command .. & sleep 5" so that the debugger can attach before +# the process marches on. If you use an X-based debugger, be sure to +# set up your XAUTHORITY environment variable before starting Postfix. +# +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + +# If you can't use X, use this to capture the call stack when a +# daemon crashes. The result is in a file in the configuration +# directory, and is named after the process name and the process ID. +# +# debugger_command = +# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; +# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 +# >$config_directory/$process_name.$process_id.log & sleep 5 +# +# Another possibility is to run gdb under a detached screen session. +# To attach to the screen sesssion, su root and run "screen -r +# " where uniquely matches one of the detached +# sessions (from "screen -list"). +# +# debugger_command = +# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen +# -dmS $process_name gdb $daemon_directory/$process_name +# $process_id & sleep 1 + +# INSTALL-TIME CONFIGURATION INFORMATION +# +# The following parameters are used when installing a new Postfix version. +# +# sendmail_path: The full pathname of the Postfix sendmail command. +# This is the Sendmail-compatible mail posting interface. +# +sendmail_path = /usr/sbin/sendmail + +# newaliases_path: The full pathname of the Postfix newaliases command. +# This is the Sendmail-compatible command to build alias databases. +# +newaliases_path = /usr/bin/newaliases + +# mailq_path: The full pathname of the Postfix mailq command. This +# is the Sendmail-compatible mail queue listing command. +# +mailq_path = /usr/bin/mailq + +# setgid_group: The group for mail submission and queue management +# commands. This must be a group name with a numerical group ID that +# is not shared with other accounts, not even with the Postfix account. +# +setgid_group = postdrop + +# html_directory: The location of the Postfix HTML documentation. +# +html_directory = /usr/share/doc/postfix-2.7.1/html + +# manpage_directory: The location of the Postfix on-line manual pages. +# +manpage_directory = /usr/share/man + +# sample_directory: The location of the Postfix sample configuration files. +# This parameter is obsolete as of Postfix 2.1. +# +sample_directory = /etc/postfix + +# readme_directory: The location of the Postfix README files. +# +readme_directory = /usr/share/doc/postfix-2.7.1/readme +home_mailbox = .maildir/ diff --git a/postfix/.orig/master.cf b/postfix/.orig/master.cf new file mode 100644 index 0000000..ec30d4a --- /dev/null +++ b/postfix/.orig/master.cf @@ -0,0 +1,115 @@ +# +# Postfix master process configuration file. For details on the format +# of the file, see the master(5) manual page (command: "man 5 master"). +# +# Do not forget to execute "postfix reload" after editing this file. +# +# ========================================================================== +# service type private unpriv chroot wakeup maxproc command + args +# (yes) (yes) (yes) (never) (100) +# ========================================================================== +smtp inet n - n - - smtpd +#submission inet n - n - - smtpd +# -o smtpd_tls_security_level=encrypt +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +#smtps inet n - n - - smtpd +# -o smtpd_tls_wrappermode=yes +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +#628 inet n - n - - qmqpd +pickup fifo n - n 60 1 pickup +cleanup unix n - n - 0 cleanup +qmgr fifo n - n 300 1 qmgr +#qmgr fifo n - n 300 1 oqmgr +tlsmgr unix - - n 1000? 1 tlsmgr +rewrite unix - - n - - trivial-rewrite +bounce unix - - n - 0 bounce +defer unix - - n - 0 bounce +trace unix - - n - 0 bounce +verify unix - - n - 1 verify +flush unix n - n 1000? 0 flush +proxymap unix - - n - - proxymap +proxywrite unix - - n - 1 proxymap +smtp unix - - n - - smtp +# When relaying mail as backup MX, disable fallback_relay to avoid MX loops +relay unix - - n - - smtp + -o smtp_fallback_relay= +# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 +showq unix n - n - - showq +error unix - - n - - error +retry unix - - n - - error +discard unix - - n - - discard +local unix - n n - - local +virtual unix - n n - - virtual +lmtp unix - - n - - lmtp +anvil unix - - n - 1 anvil +scache unix - - n - 1 scache +# +# ==================================================================== +# Interfaces to non-Postfix software. Be sure to examine the manual +# pages of the non-Postfix software to find out what options it wants. +# +# Many of the following services use the Postfix pipe(8) delivery +# agent. See the pipe(8) man page for information about ${recipient} +# and other message envelope options. +# ==================================================================== +# +# maildrop. See the Postfix MAILDROP_README file for details. +# Also specify in main.cf: maildrop_destination_recipient_limit=1 +# +#maildrop unix - n n - - pipe +# flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} +# +# ==================================================================== +# +# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +# +# Specify in cyrus.conf: +# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +# +# Specify in main.cf one or more of the following: +# mailbox_transport = lmtp:inet:localhost +# virtual_transport = lmtp:inet:localhost +# +# ==================================================================== +# +# Cyrus 2.1.5 (Amos Gouaux) +# Also specify in main.cf: cyrus_destination_recipient_limit=1 +# +#cyrus unix - n n - - pipe +# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +# +# ==================================================================== +# +# Old example of delivery via Cyrus. +# +#old-cyrus unix - n n - - pipe +# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +# +# ==================================================================== +# +# See the Postfix UUCP_README file for configuration details. +# +#uucp unix - n n - - pipe +# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +# +# ==================================================================== +# +# Other external delivery methods. +# +#ifmail unix - n n - - pipe +# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +# +#bsmtp unix - n n - - pipe +# flags=Fq. user=bsmtp argv=/usr/sbin/bsmtp -f $sender $nexthop $recipient +# +#scalemail-backend unix - n n - 2 pipe +# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store +# ${nexthop} ${user} ${extension} +# +#mailman unix - n n - - pipe +# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py +# ${nexthop} ${user} diff --git a/postfix/.orig/postgrey_whitelist_clients b/postfix/.orig/postgrey_whitelist_clients new file mode 100644 index 0000000..ab8d49d --- /dev/null +++ b/postfix/.orig/postgrey_whitelist_clients @@ -0,0 +1,194 @@ +# postgrey whitelist for mail client hostnames +# -------------------------------------------- +# put this file in /etc/postfix or specify its path +# with --whitelist-clients=xxx + +# greylisting.org: Southwest Airlines (unique sender, no retry) +southwest.com +# greylisting.org: isp.belgacom.be (wierd retry pattern) +isp.belgacom.be +# greylisting.org: Ameritrade (no retry) +ameritradeinfo.com +# greylisting.org: Amazon.com (unique sender with letters) +amazon.com +# 2004-05-20: Linux kernel mailing-list (unique sender with letters) +vger.kernel.org +# 2004-06-02: karger.ch, no retry +karger.ch +# 2004-06-02: lilys.ch, (slow: 4 hours) +server-x001.hostpoint.ch +# 2004-06-09: roche.com (no retry) +gw.bas.roche.com +# 2004-06-09: newsletter (no retry) +mail.hhlaw.com +# 2004-06-09: no retry (reported by Ralph Hildebrandt) +prd051.appliedbiosystems.com +# 2004-06-17: swissre.com (no retry) +swissre.com +# 2004-06-17: dowjones.com newsletter (unique sender with letters) +returns.dowjones.com +# 2004-06-18: switch.ch (works but personnel is confused by the error) +domin.switch.ch +# 2004-06-23: accor-hotels.com (slow: 6 hours) +accor-hotels.com +# 2004-06-29: rr.com (no retry, reported by Duncan Hill) +/^ms-smtp.*\.rr\.com$/ +# 2004-06-29: cox.net (no retry, reported by Duncan Hill) +/^lake.*mta.*\.cox\.net$/ +# 2004-06-29: motorola.com (no retry) +mot.com +# 2004-07-01: nic.fr (address verification, reported by Arnaud Launay) +nic.fr +# 2004-07-01: verizon.net (address verification, reported by Bill Moran and Eric, adapted by Adam C. Mathews) +/^s[cv]\d+pub\.verizon\.net$/ +# 2004-07-02: cs.columbia.edu (no retry) +cs.columbia.edu +# 2004-07-02: papersinvited.com (no retry) +66.216.126.174 +# 2004-07-02: telekom.de (slow: 6 hours) +/^mail\d+\.telekom\.de$/ +# 2004-07-04: tiscali.dk (slow: 12 hours, reported by Klaus Alexander Seistrup) +/^smtp\d+\.tiscali\.dk$/ +# 2004-07-04: freshmeat.net (address verification) +freshmeat.net +# 2004-07-11: zd-swx.com (unique sender with letters, reported by Bill Landry) +zd-swx.com +# 2004-07-11: lockergnome.wc09.net (unique sender with letters, reported by Bill Landry) +lockergnome.wc09.net +# 2004-07-19: mxlogic.net (no retry, reported by Eric) +p01m168.mxlogic.net +p02m169.mxlogic.net +# 2004-09-08: intel.com (pool on different subnets) +/^fmr\d+\.intel\.com$/ +# 2004-09-17: cox-internet.com (no retry, reported by Rod Roark) +/^fe\d+\.cox-internet\.com$/ +# 2004-10-11: logismata.ch (no retry) +logismata.ch +# 2004-11-25: brief.cw.reum.de (no retry, reported by Manuel Oetiker) +brief.cw.reum.de +# 2004-12-03: ingeno.ch (no retry) +qmail.ingeno.ch +# 2004-12-06: rein.ch (no retry) +mail1.thurweb.ch +# 2005-01-26: tu-ilmenau.de (no retry) +piggy.rz.tu-ilmenau.de +# 2005-04-06: polymed.ch (no retry) +mail.polymed.ch +# 2005-06-08: hu-berlin.de (slow: 6 hours, reported by Joachim Schoenberg) +rz.hu-berlin.de +# 2005-06-17: gmail.com (big pool, reported by Beat Mueller) +proxy.gmail.com +# 2005-06-23: cacert.org (address verification, reported by Martin Lohmeier) +cacert.org +# 2005-07-27: polytech.univ-mrs.fr (no retry, reported by Giovanni Mandorino) +polytech.univ-mrs.fr +# 2005-08-05: gnu.org (address verification, reported by Martin Lohmeier) +gnu.org +# 2005-08-17: ciphirelabs.com (needs fast responses, reported by Sven Mueller) +cs.ciphire.net +# 2005-11-11: lufthansa (no retry, reported by Peter Bieringer) +/^gateway\d+\.np4\.de$/ +# 2005-11-23: arcor-online.net (slow: 12 hours, reported by Bernd Zeimetz) +/^mail-in-\d+\.arcor-online\.net$/ +# 2005-12-29: netsolmail.com (no retry, reported by Gareth Greenaway) +netsolmail.com +# mail.likopris.si (no retry, reported by Vito Robar) +193.77.153.67 +# jcsw.nato.int (several servers, no retry, reported by Vito Robar) +195.235.39 +# tesla.vtszg.hr (no retry, reported by Vito Robar) +tesla.vtszg.hr +# mailgw*.iai.co.il (pool of several servers, reported by Vito Robar) +/^mailgw.*\.iai\.co\.il$/ +# gw.stud-serv-mb.si (no retry, reported by Vito Robar) +gw.stud-serv-mb.si +# mail.commandtech.com (no retry, reported by Vito Robar) +216.238.112.99 +# duropack.co.at (no retry, reported by Vito Robar) +193.81.20.195 +# mail.esimit-tech.si (no retry, reported by Vito Robar) +193.77.126.208 +# mail.resotel.be (ocasionally no retry, reported by Vito Robar) +80.200.249.216 +# mail2.alliancefr.be (ocasionally no retry, reported by Vito Robar) +mail2.alliancefr.be +# webserver.turboinstitut.si (no retry, reported by Vito Robar) +webserver.turboinstitut.si +# mil.be (pool of different servers, reported by Vito Robar) +193.191.218.141 +193.191.218.142 +193.191.218.143 +194.7.234.141 +194.7.234.142 +194.7.234.143 +# mail*.usafisnews.org (no retry, reported by Vito Robar) +/^mail\d+\.usafisnews\.org$/ +# odk.fdv.uni-lj.si (no retry, reported by Vito Robar) +/^odk.fdv.uni-lj.si$/ +# rak-gentoo-1.nameserver.de (no retry, reported by Vito Robar) +rak-gentoo-1.nameserver.de +# dars.si (ocasionally no retry, reported by Vito Robar) +mx.dars.si +# cosis.si (no retry, reported by Vito Robar) +213.143.66.210 +# mta?.siol.net (sometimes no or slow retry; they use intermail, reported by Vito Robar) +/^mta[12].siol.net$/ +# pim-N-N.quickinspirationsmail.com (unique sender, reported by Vito Robar) +/^pim-\d+-\d+\.quickinspirationsmail\.com$/ +# flymonarch (no retry, reported by Marko Djukic) +flymonarch.com +# wxs.nl (no retry, reported by Johannes Fehr) +/^p?smtp.*\.wxs\.nl$/ +# ibm.com (big pool, reported by Casey Peel) +ibm.com +# messagelabs.com (big pool, reported by John Tobin) +/^mail\d+\.messagelabs\.com$/ +# ptb.de (slow, reported by Joachim Schoenberg) +berlin.ptb.de +# registrarmail.net (unique sender names, reported by Simon Waters) +registrarmail.net +# google.com (big pool, reported by Matthias Dyer) +/^.*-out-.*\.google\.com$/ +# orange.fr (big pool, reported by Loïc Le Loarer) +/^smtp\d+\.orange\.fr$/ +# citigroup.com (slow retry, reported by Michael Monnerie) +/^smtp\d+.citigroup.com$/ +# cruisingclub.ch (no retry) +mail.ccs-cruising.ch +# digg.com (no retry, Debian #406774) +diggstage01.digg.com +# liberal.ca (retries only during 270 seconds, Debian #406774) +smtp.liberal.ca +# pi.ws (pool + long retry, Debian #409851) +/^mail[12]\.pi\.ws$/ +# rambler.ru (big pool, reported by Michael Monnerie) +rambler.ru +# free.fr (big pool, reported by Denis Sacchet) +/^smtp[0-9]+-g[0-9]+\.free\.fr$/ +/^postfix[0-9]+-g[0-9]+\.free\.fr$/ +# thehartford.com (pool + long retry, reported by Jacob Leifman) +/^netmail\d+\.thehartford\.com$/ +# abb.com (only one retry, reported by Roman Plessl) +/^nse\d+\.abb\.com$/ +# 2007-07-27: sourceforge.net (sender verification) +lists.sourceforge.net +# 2007-08-06: polytec.de (no retry, reported by Patrick McLean) +polytec.de +# 2007-09-06: qualiflow.com (no retry, reported by Alex Beckert) +/^mail\d+\.msg\.oleane\.net$/ +# 2007-09-07: nrl.navy.mil (no retry, reported by Axel Beckert) +nrl.navy.mil +# 2007-10-18: aliplast.com (long retry, reported by Johannes Feigl) +mail.aliplast.com +# 2007-10-18: inode.at (long retry, reported by Johannes Feigl) +/^mx\d+\..*\.inode\.at$/ +# 2008-02-01: bol.com (no retry, reported by Frank Breedijk) +/^.*?.server.arvato-systems.de$/ +# 2008-06-05: registeredsite.com (no retry, reported by Fred Kilbourn) +/^(?:mail|fallback-mx)\d+.atl.registeredsite.com$/ +# 2008-07-17: mahidol.ac.th (no retry, reported by Alex Beckert) +saturn.mahidol.ac.th +# 2008-07-18: ebay.com (big pool, reported by Peter Samuelson) +ebay.com +# 2008-07-22: yahoo.com (big pool, reported by Juan Alonso) +yahoo.com diff --git a/postfix/.orig/postgrey_whitelist_recipients b/postfix/.orig/postgrey_whitelist_recipients new file mode 100644 index 0000000..68e4c80 --- /dev/null +++ b/postfix/.orig/postgrey_whitelist_recipients @@ -0,0 +1,7 @@ +# postgrey whitelist for mail recipients +# -------------------------------------- +# put this file in /etc/postfix or specify its path +# with --whitelist-recipients=xxx + +postmaster@ +abuse@ diff --git a/postfix/.orig/saslpass b/postfix/.orig/saslpass new file mode 100644 index 0000000..3ccf36d --- /dev/null +++ b/postfix/.orig/saslpass @@ -0,0 +1,3 @@ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.pass,v 1.2 2004/07/18 03:26:56 dragonheart Exp $ +# +# remotehost user:password diff --git a/postfix/.rcs/access_client,v b/postfix/.rcs/access_client,v new file mode 100644 index 0000000..4d7a55c --- /dev/null +++ b/postfix/.rcs/access_client,v @@ -0,0 +1,448 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.10.19.19.00.32; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# ACCESS(5) ACCESS(5) +# +# NAME +# access - Postfix SMTP server access table +# +# SYNOPSIS +# postmap /etc/postfix/access +# +# postmap -q "string" /etc/postfix/access +# +# postmap -q - /etc/postfix/access as the lookup key for such addresses. The value is +# specified with the smtpd_null_access_lookup_key parameter +# in the Postfix main.cf file. +# +# EMAIL ADDRESS EXTENSION +# When a mail address localpart contains the optional recip- +# ient delimiter (e.g., user+foo@@domain), the lookup order +# becomes: user+foo@@domain, user@@domain, domain, user+foo@@, +# and user@@. +# +# HOST NAME/ADDRESS PATTERNS +# With lookups from indexed files such as DB or DBM, or from +# networked tables such as NIS, LDAP or SQL, the following +# lookup patterns are examined in the order as listed: +# +# domain.tld +# Matches domain.tld. +# +# The pattern domain.tld also matches subdomains, but +# only when the string smtpd_access_maps is listed in +# the Postfix parent_domain_matches_subdomains con- +# figuration setting. Otherwise, specify .domain.tld +# (note the initial dot) in order to match subdo- +# mains. +# +# net.work.addr.ess +# +# net.work.addr +# +# net.work +# +# net Matches the specified IPv4 host address or subnet- +# work. An IPv4 host address is a sequence of four +# decimal octets separated by ".". +# +# Subnetworks are matched by repeatedly truncating +# the last ".octet" from the remote IPv4 host address +# string until a match is found in the access table, +# or until further truncation is not possible. +# +# NOTE 1: The access map lookup key must be in canon- +# ical form: do not specify unnecessary null charac- +# ters, and do not enclose network address informa- +# tion with "[]" characters. +# +# NOTE 2: use the cidr lookup table type to specify +# network/netmask patterns. See cidr_table(5) for +# details. +# +# net:work:addr:ess +# +# net:work:addr +# +# net:work +# +# net Matches the specified IPv6 host address or subnet- +# work. An IPv6 host address is a sequence of three +# to eight hexadecimal octet pairs separated by ":". +# +# Subnetworks are matched by repeatedly truncating +# the last ":octetpair" from the remote IPv6 host +# address string until a match is found in the access +# table, or until further truncation is not possible. +# +# NOTE 1: the truncation and comparison are done with +# the string representation of the IPv6 host address. +# Thus, not all the ":" subnetworks will be tried. +# +# NOTE 2: The access map lookup key must be in canon- +# ical form: do not specify unnecessary null charac- +# ters, and do not enclose network address informa- +# tion with "[]" characters. +# +# NOTE 3: use the cidr lookup table type to specify +# network/netmask patterns. See cidr_table(5) for +# details. +# +# IPv6 support is available in Postfix 2.2 and later. +# +# ACCEPT ACTIONS +# OK Accept the address etc. that matches the pattern. +# +# all-numerical +# An all-numerical result is treated as OK. This for- +# mat is generated by address-based relay authoriza- +# tion schemes such as pop-before-smtp. +# +# REJECT ACTIONS +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When no code is specified +# at the beginning of the text below, Postfix inserts a +# default enhanced status code of "5.7.1" in the case of +# reject actions, and "4.7.1" in the case of defer actions. +# See "ENHANCED STATUS CODES" below. +# +# 4NN text +# +# 5NN text +# Reject the address etc. that matches the pattern, +# and respond with the numerical three-digit code and +# text. 4NN means "try again later", while 5NN means +# "do not try again". +# +# The reply code "421" causes Postfix to disconnect +# immediately (Postfix version 2.3 and later). +# +# REJECT optional text... +# Reject the address etc. that matches the pattern. +# Reply with $reject_code optional text... when the +# optional text is specified, otherwise reply with a +# generic error response message. +# +# DEFER_IF_REJECT optional text... +# Defer the request if some later restriction would +# result in a REJECT action. Reply with "450 4.7.1 +# optional text... when the optional text is speci- +# fied, otherwise reply with a generic error response +# message. +# +# This feature is available in Postfix 2.1 and later. +# +# DEFER_IF_PERMIT optional text... +# Defer the request if some later restriction would +# result in a an explicit or implicit PERMIT action. +# Reply with "450 4.7.1 optional text... when the +# optional text is specified, otherwise reply with a +# generic error response message. +# +# This feature is available in Postfix 2.1 and later. +# +# OTHER ACTIONS +# restriction... +# Apply the named UCE restriction(s) (permit, reject, +# reject_unauth_destination, and so on). +# +# BCC user@@domain +# Send one copy of the message to the specified +# recipient. +# +# If multiple BCC actions are specified within the +# same SMTP MAIL transaction, only the last action +# will be used. +# +# This feature is not part of the stable Postfix +# release. +# +# DISCARD optional text... +# Claim successful delivery and silently discard the +# message. Log the optional text if specified, oth- +# erwise log a generic message. +# +# Note: this action currently affects all recipients +# of the message. To discard only one recipient +# without discarding the entire message, use the +# transport(5) table to direct mail to the discard(8) +# service. +# +# This feature is available in Postfix 2.0 and later. +# +# DUNNO Pretend that the lookup key was not found. This +# prevents Postfix from trying substrings of the +# lookup key (such as a subdomain name, or a network +# address subnetwork). +# +# This feature is available in Postfix 2.0 and later. +# +# FILTER transport:destination +# After the message is queued, send the entire mes- +# sage through the specified external content filter. +# The transport:destination syntax is described in +# the transport(5) manual page. More information +# about external content filters is in the Postfix +# FILTER_README file. +# +# Note: this action overrides the content_filter set- +# ting, and currently affects all recipients of the +# message. +# +# This feature is available in Postfix 2.0 and later. +# +# HOLD optional text... +# Place the message on the hold queue, where it will +# sit until someone either deletes it or releases it +# for delivery. Log the optional text if specified, +# otherwise log a generic message. +# +# Mail that is placed on hold can be examined with +# the postcat(1) command, and can be destroyed or +# released with the postsuper(1) command. +# +# Note: use "postsuper -r" to release mail that was +# kept on hold for a significant fraction of $maxi- +# mal_queue_lifetime or $bounce_queue_lifetime, or +# longer. Use "postsuper -H" only for mail that will +# not expire within a few delivery attempts. +# +# Note: this action currently affects all recipients +# of the message. +# +# This feature is available in Postfix 2.0 and later. +# +# PREPEND headername: headervalue +# Prepend the specified message header to the mes- +# sage. When more than one PREPEND action executes, +# the first prepended header appears before the sec- +# ond etc. prepended header. +# +# Note: this action must execute before the message +# content is received; it cannot execute in the con- +# text of smtpd_end_of_data_restrictions. +# +# This feature is available in Postfix 2.1 and later. +# +# REDIRECT user@@domain +# After the message is queued, send the message to +# the specified address instead of the intended +# recipient(s). +# +# Note: this action overrides the FILTER action, and +# currently affects all recipients of the message. +# +# This feature is available in Postfix 2.1 and later. +# +# WARN optional text... +# Log a warning with the optional text, together with +# client information and if available, with helo, +# sender, recipient and protocol information. +# +# This feature is available in Postfix 2.1 and later. +# +# ENHANCED STATUS CODES +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When an enhanced status +# code is specified in an access table, it is subject to +# modification. The following transformations are needed +# when the same access table is used for client, helo, +# sender, or recipient access restrictions; they happen +# regardless of whether Postfix replies to a MAIL FROM, RCPT +# TO or other SMTP command. +# +# o When a sender address matches a REJECT action, the +# Postfix SMTP server will transform a recipient DSN +# status (e.g., 4.1.1-4.1.6) into the corresponding +# sender DSN status, and vice versa. +# +# o When non-address information matches a REJECT +# action (such as the HELO command argument or the +# client hostname/address), the Postfix SMTP server +# will transform a sender or recipient DSN status +# into a generic non-address DSN status (e.g., +# 4.0.0). +# +# REGULAR EXPRESSION TABLES +# This section describes how the table lookups change when +# the table is given in the form of regular expressions. For +# a description of regular expression lookup table syntax, +# see regexp_table(5) or pcre_table(5). +# +# Each pattern is a regular expression that is applied to +# the entire string being looked up. Depending on the appli- +# cation, that string is an entire client hostname, an +# entire client IP address, or an entire mail address. Thus, +# no parent domain or parent network search is done, +# user@@domain mail addresses are not broken up into their +# user@@ and domain constituent parts, nor is user+foo broken +# up into user and foo. +# +# Patterns are applied in the order as specified in the ta- +# ble, until a pattern is found that matches the search +# string. +# +# Actions are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from +# the pattern can be interpolated as $1, $2 and so on. +# +# TCP-BASED TABLES +# This section describes how the table lookups change when +# lookups are directed to a TCP-based server. For a descrip- +# tion of the TCP client/server lookup protocol, see tcp_ta- +# ble(5). This feature is not available up to and including +# Postfix version 2.4. +# +# Each lookup operation uses the entire query string once. +# Depending on the application, that string is an entire +# client hostname, an entire client IP address, or an entire +# mail address. Thus, no parent domain or parent network +# search is done, user@@domain mail addresses are not broken +# up into their user@@ and domain constituent parts, nor is +# user+foo broken up into user and foo. +# +# Actions are the same as with indexed file lookups. +# +# EXAMPLE +# The following example uses an indexed file, so that the +# order of table entries does not matter. The example per- +# mits access by the client at address 1.2.3.4 but rejects +# all other clients in 1.2.3.0/24. Instead of hash lookup +# tables, some systems use dbm. Use the command "postconf +# -m" to find out what lookup tables Postfix supports on +# your system. +# +# /etc/postfix/main.cf: +# smtpd_client_restrictions = +# check_client_access hash:/etc/postfix/access +# +# /etc/postfix/access: +# 1.2.3 REJECT +# 1.2.3.4 OK +# +# Execute the command "postmap /etc/postfix/access" after +# editing the file. +# +# BUGS +# The table format does not understand quoting conventions. +# +# SEE ALSO +# postmap(1), Postfix lookup table manager +# smtpd(8), SMTP server +# postconf(5), configuration parameters +# transport(5), transport:nexthop syntax +# +# README FILES +# Use "postconf readme_directory" or "postconf html_direc- +# tory" to locate this information. +# SMTPD_ACCESS_README, built-in SMTP server access control +# DATABASE_README, Postfix lookup table overview +# +# LICENSE +# The Secure Mailer license must be distributed with this +# software. +# +# AUTHOR(S) +# Wietse Venema +# IBM T.J. Watson Research +# P.O. Box 704 +# Yorktown Heights, NY 10598, USA +# +# ACCESS(5) +@ diff --git a/postfix/.rcs/access_helo,v b/postfix/.rcs/access_helo,v new file mode 100644 index 0000000..2cf4f6e --- /dev/null +++ b/postfix/.rcs/access_helo,v @@ -0,0 +1,448 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.10.19.19.01.34; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# ACCESS(5) ACCESS(5) +# +# NAME +# access - Postfix SMTP server access table +# +# SYNOPSIS +# postmap /etc/postfix/access +# +# postmap -q "string" /etc/postfix/access +# +# postmap -q - /etc/postfix/access as the lookup key for such addresses. The value is +# specified with the smtpd_null_access_lookup_key parameter +# in the Postfix main.cf file. +# +# EMAIL ADDRESS EXTENSION +# When a mail address localpart contains the optional recip- +# ient delimiter (e.g., user+foo@@domain), the lookup order +# becomes: user+foo@@domain, user@@domain, domain, user+foo@@, +# and user@@. +# +# HOST NAME/ADDRESS PATTERNS +# With lookups from indexed files such as DB or DBM, or from +# networked tables such as NIS, LDAP or SQL, the following +# lookup patterns are examined in the order as listed: +# +# domain.tld +# Matches domain.tld. +# +# The pattern domain.tld also matches subdomains, but +# only when the string smtpd_access_maps is listed in +# the Postfix parent_domain_matches_subdomains con- +# figuration setting. Otherwise, specify .domain.tld +# (note the initial dot) in order to match subdo- +# mains. +# +# net.work.addr.ess +# +# net.work.addr +# +# net.work +# +# net Matches the specified IPv4 host address or subnet- +# work. An IPv4 host address is a sequence of four +# decimal octets separated by ".". +# +# Subnetworks are matched by repeatedly truncating +# the last ".octet" from the remote IPv4 host address +# string until a match is found in the access table, +# or until further truncation is not possible. +# +# NOTE 1: The access map lookup key must be in canon- +# ical form: do not specify unnecessary null charac- +# ters, and do not enclose network address informa- +# tion with "[]" characters. +# +# NOTE 2: use the cidr lookup table type to specify +# network/netmask patterns. See cidr_table(5) for +# details. +# +# net:work:addr:ess +# +# net:work:addr +# +# net:work +# +# net Matches the specified IPv6 host address or subnet- +# work. An IPv6 host address is a sequence of three +# to eight hexadecimal octet pairs separated by ":". +# +# Subnetworks are matched by repeatedly truncating +# the last ":octetpair" from the remote IPv6 host +# address string until a match is found in the access +# table, or until further truncation is not possible. +# +# NOTE 1: the truncation and comparison are done with +# the string representation of the IPv6 host address. +# Thus, not all the ":" subnetworks will be tried. +# +# NOTE 2: The access map lookup key must be in canon- +# ical form: do not specify unnecessary null charac- +# ters, and do not enclose network address informa- +# tion with "[]" characters. +# +# NOTE 3: use the cidr lookup table type to specify +# network/netmask patterns. See cidr_table(5) for +# details. +# +# IPv6 support is available in Postfix 2.2 and later. +# +# ACCEPT ACTIONS +# OK Accept the address etc. that matches the pattern. +# +# all-numerical +# An all-numerical result is treated as OK. This for- +# mat is generated by address-based relay authoriza- +# tion schemes such as pop-before-smtp. +# +# REJECT ACTIONS +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When no code is specified +# at the beginning of the text below, Postfix inserts a +# default enhanced status code of "5.7.1" in the case of +# reject actions, and "4.7.1" in the case of defer actions. +# See "ENHANCED STATUS CODES" below. +# +# 4NN text +# +# 5NN text +# Reject the address etc. that matches the pattern, +# and respond with the numerical three-digit code and +# text. 4NN means "try again later", while 5NN means +# "do not try again". +# +# The reply code "421" causes Postfix to disconnect +# immediately (Postfix version 2.3 and later). +# +# REJECT optional text... +# Reject the address etc. that matches the pattern. +# Reply with $reject_code optional text... when the +# optional text is specified, otherwise reply with a +# generic error response message. +# +# DEFER_IF_REJECT optional text... +# Defer the request if some later restriction would +# result in a REJECT action. Reply with "450 4.7.1 +# optional text... when the optional text is speci- +# fied, otherwise reply with a generic error response +# message. +# +# This feature is available in Postfix 2.1 and later. +# +# DEFER_IF_PERMIT optional text... +# Defer the request if some later restriction would +# result in a an explicit or implicit PERMIT action. +# Reply with "450 4.7.1 optional text... when the +# optional text is specified, otherwise reply with a +# generic error response message. +# +# This feature is available in Postfix 2.1 and later. +# +# OTHER ACTIONS +# restriction... +# Apply the named UCE restriction(s) (permit, reject, +# reject_unauth_destination, and so on). +# +# BCC user@@domain +# Send one copy of the message to the specified +# recipient. +# +# If multiple BCC actions are specified within the +# same SMTP MAIL transaction, only the last action +# will be used. +# +# This feature is not part of the stable Postfix +# release. +# +# DISCARD optional text... +# Claim successful delivery and silently discard the +# message. Log the optional text if specified, oth- +# erwise log a generic message. +# +# Note: this action currently affects all recipients +# of the message. To discard only one recipient +# without discarding the entire message, use the +# transport(5) table to direct mail to the discard(8) +# service. +# +# This feature is available in Postfix 2.0 and later. +# +# DUNNO Pretend that the lookup key was not found. This +# prevents Postfix from trying substrings of the +# lookup key (such as a subdomain name, or a network +# address subnetwork). +# +# This feature is available in Postfix 2.0 and later. +# +# FILTER transport:destination +# After the message is queued, send the entire mes- +# sage through the specified external content filter. +# The transport:destination syntax is described in +# the transport(5) manual page. More information +# about external content filters is in the Postfix +# FILTER_README file. +# +# Note: this action overrides the content_filter set- +# ting, and currently affects all recipients of the +# message. +# +# This feature is available in Postfix 2.0 and later. +# +# HOLD optional text... +# Place the message on the hold queue, where it will +# sit until someone either deletes it or releases it +# for delivery. Log the optional text if specified, +# otherwise log a generic message. +# +# Mail that is placed on hold can be examined with +# the postcat(1) command, and can be destroyed or +# released with the postsuper(1) command. +# +# Note: use "postsuper -r" to release mail that was +# kept on hold for a significant fraction of $maxi- +# mal_queue_lifetime or $bounce_queue_lifetime, or +# longer. Use "postsuper -H" only for mail that will +# not expire within a few delivery attempts. +# +# Note: this action currently affects all recipients +# of the message. +# +# This feature is available in Postfix 2.0 and later. +# +# PREPEND headername: headervalue +# Prepend the specified message header to the mes- +# sage. When more than one PREPEND action executes, +# the first prepended header appears before the sec- +# ond etc. prepended header. +# +# Note: this action must execute before the message +# content is received; it cannot execute in the con- +# text of smtpd_end_of_data_restrictions. +# +# This feature is available in Postfix 2.1 and later. +# +# REDIRECT user@@domain +# After the message is queued, send the message to +# the specified address instead of the intended +# recipient(s). +# +# Note: this action overrides the FILTER action, and +# currently affects all recipients of the message. +# +# This feature is available in Postfix 2.1 and later. +# +# WARN optional text... +# Log a warning with the optional text, together with +# client information and if available, with helo, +# sender, recipient and protocol information. +# +# This feature is available in Postfix 2.1 and later. +# +# ENHANCED STATUS CODES +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When an enhanced status +# code is specified in an access table, it is subject to +# modification. The following transformations are needed +# when the same access table is used for client, helo, +# sender, or recipient access restrictions; they happen +# regardless of whether Postfix replies to a MAIL FROM, RCPT +# TO or other SMTP command. +# +# o When a sender address matches a REJECT action, the +# Postfix SMTP server will transform a recipient DSN +# status (e.g., 4.1.1-4.1.6) into the corresponding +# sender DSN status, and vice versa. +# +# o When non-address information matches a REJECT +# action (such as the HELO command argument or the +# client hostname/address), the Postfix SMTP server +# will transform a sender or recipient DSN status +# into a generic non-address DSN status (e.g., +# 4.0.0). +# +# REGULAR EXPRESSION TABLES +# This section describes how the table lookups change when +# the table is given in the form of regular expressions. For +# a description of regular expression lookup table syntax, +# see regexp_table(5) or pcre_table(5). +# +# Each pattern is a regular expression that is applied to +# the entire string being looked up. Depending on the appli- +# cation, that string is an entire client hostname, an +# entire client IP address, or an entire mail address. Thus, +# no parent domain or parent network search is done, +# user@@domain mail addresses are not broken up into their +# user@@ and domain constituent parts, nor is user+foo broken +# up into user and foo. +# +# Patterns are applied in the order as specified in the ta- +# ble, until a pattern is found that matches the search +# string. +# +# Actions are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from +# the pattern can be interpolated as $1, $2 and so on. +# +# TCP-BASED TABLES +# This section describes how the table lookups change when +# lookups are directed to a TCP-based server. For a descrip- +# tion of the TCP client/server lookup protocol, see tcp_ta- +# ble(5). This feature is not available up to and including +# Postfix version 2.4. +# +# Each lookup operation uses the entire query string once. +# Depending on the application, that string is an entire +# client hostname, an entire client IP address, or an entire +# mail address. Thus, no parent domain or parent network +# search is done, user@@domain mail addresses are not broken +# up into their user@@ and domain constituent parts, nor is +# user+foo broken up into user and foo. +# +# Actions are the same as with indexed file lookups. +# +# EXAMPLE +# The following example uses an indexed file, so that the +# order of table entries does not matter. The example per- +# mits access by the client at address 1.2.3.4 but rejects +# all other clients in 1.2.3.0/24. Instead of hash lookup +# tables, some systems use dbm. Use the command "postconf +# -m" to find out what lookup tables Postfix supports on +# your system. +# +# /etc/postfix/main.cf: +# smtpd_client_restrictions = +# check_client_access hash:/etc/postfix/access +# +# /etc/postfix/access: +# 1.2.3 REJECT +# 1.2.3.4 OK +# +# Execute the command "postmap /etc/postfix/access" after +# editing the file. +# +# BUGS +# The table format does not understand quoting conventions. +# +# SEE ALSO +# postmap(1), Postfix lookup table manager +# smtpd(8), SMTP server +# postconf(5), configuration parameters +# transport(5), transport:nexthop syntax +# +# README FILES +# Use "postconf readme_directory" or "postconf html_direc- +# tory" to locate this information. +# SMTPD_ACCESS_README, built-in SMTP server access control +# DATABASE_README, Postfix lookup table overview +# +# LICENSE +# The Secure Mailer license must be distributed with this +# software. +# +# AUTHOR(S) +# Wietse Venema +# IBM T.J. Watson Research +# P.O. Box 704 +# Yorktown Heights, NY 10598, USA +# +# ACCESS(5) +@ diff --git a/postfix/.rcs/access_recipient,v b/postfix/.rcs/access_recipient,v new file mode 100644 index 0000000..cc2f540 --- /dev/null +++ b/postfix/.rcs/access_recipient,v @@ -0,0 +1,466 @@ +head 1.2; +access; +symbols; +locks; strict; +comment @# @; + + +1.2 +date 2011.04.08.09.38.02; author root; state Exp; +branches; +next 1.1; + +1.1 +date 2008.10.19.19.01.27; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.2 +log +@Checked in. +@ +text +@# ACCESS(5) ACCESS(5) +# +# NAME +# access - Postfix SMTP server access table +# +# SYNOPSIS +# postmap /etc/postfix/access +# +# postmap -q "string" /etc/postfix/access +# +# postmap -q - /etc/postfix/access as the lookup key for such addresses. The value is +# specified with the smtpd_null_access_lookup_key parameter +# in the Postfix main.cf file. +# +# EMAIL ADDRESS EXTENSION +# When a mail address localpart contains the optional recip- +# ient delimiter (e.g., user+foo@@domain), the lookup order +# becomes: user+foo@@domain, user@@domain, domain, user+foo@@, +# and user@@. +# +# HOST NAME/ADDRESS PATTERNS +# With lookups from indexed files such as DB or DBM, or from +# networked tables such as NIS, LDAP or SQL, the following +# lookup patterns are examined in the order as listed: +# +# domain.tld +# Matches domain.tld. +# +# The pattern domain.tld also matches subdomains, but +# only when the string smtpd_access_maps is listed in +# the Postfix parent_domain_matches_subdomains con- +# figuration setting. Otherwise, specify .domain.tld +# (note the initial dot) in order to match subdo- +# mains. +# +# net.work.addr.ess +# +# net.work.addr +# +# net.work +# +# net Matches the specified IPv4 host address or subnet- +# work. An IPv4 host address is a sequence of four +# decimal octets separated by ".". +# +# Subnetworks are matched by repeatedly truncating +# the last ".octet" from the remote IPv4 host address +# string until a match is found in the access table, +# or until further truncation is not possible. +# +# NOTE 1: The access map lookup key must be in canon- +# ical form: do not specify unnecessary null charac- +# ters, and do not enclose network address informa- +# tion with "[]" characters. +# +# NOTE 2: use the cidr lookup table type to specify +# network/netmask patterns. See cidr_table(5) for +# details. +# +# net:work:addr:ess +# +# net:work:addr +# +# net:work +# +# net Matches the specified IPv6 host address or subnet- +# work. An IPv6 host address is a sequence of three +# to eight hexadecimal octet pairs separated by ":". +# +# Subnetworks are matched by repeatedly truncating +# the last ":octetpair" from the remote IPv6 host +# address string until a match is found in the access +# table, or until further truncation is not possible. +# +# NOTE 1: the truncation and comparison are done with +# the string representation of the IPv6 host address. +# Thus, not all the ":" subnetworks will be tried. +# +# NOTE 2: The access map lookup key must be in canon- +# ical form: do not specify unnecessary null charac- +# ters, and do not enclose network address informa- +# tion with "[]" characters. +# +# NOTE 3: use the cidr lookup table type to specify +# network/netmask patterns. See cidr_table(5) for +# details. +# +# IPv6 support is available in Postfix 2.2 and later. +# +# ACCEPT ACTIONS +# OK Accept the address etc. that matches the pattern. +# +# all-numerical +# An all-numerical result is treated as OK. This for- +# mat is generated by address-based relay authoriza- +# tion schemes such as pop-before-smtp. +# +# REJECT ACTIONS +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When no code is specified +# at the beginning of the text below, Postfix inserts a +# default enhanced status code of "5.7.1" in the case of +# reject actions, and "4.7.1" in the case of defer actions. +# See "ENHANCED STATUS CODES" below. +# +# 4NN text +# +# 5NN text +# Reject the address etc. that matches the pattern, +# and respond with the numerical three-digit code and +# text. 4NN means "try again later", while 5NN means +# "do not try again". +# +# The reply code "421" causes Postfix to disconnect +# immediately (Postfix version 2.3 and later). +# +# REJECT optional text... +# Reject the address etc. that matches the pattern. +# Reply with $reject_code optional text... when the +# optional text is specified, otherwise reply with a +# generic error response message. +# +# DEFER_IF_REJECT optional text... +# Defer the request if some later restriction would +# result in a REJECT action. Reply with "450 4.7.1 +# optional text... when the optional text is speci- +# fied, otherwise reply with a generic error response +# message. +# +# This feature is available in Postfix 2.1 and later. +# +# DEFER_IF_PERMIT optional text... +# Defer the request if some later restriction would +# result in a an explicit or implicit PERMIT action. +# Reply with "450 4.7.1 optional text... when the +# optional text is specified, otherwise reply with a +# generic error response message. +# +# This feature is available in Postfix 2.1 and later. +# +# OTHER ACTIONS +# restriction... +# Apply the named UCE restriction(s) (permit, reject, +# reject_unauth_destination, and so on). +# +# BCC user@@domain +# Send one copy of the message to the specified +# recipient. +# +# If multiple BCC actions are specified within the +# same SMTP MAIL transaction, only the last action +# will be used. +# +# This feature is not part of the stable Postfix +# release. +# +# DISCARD optional text... +# Claim successful delivery and silently discard the +# message. Log the optional text if specified, oth- +# erwise log a generic message. +# +# Note: this action currently affects all recipients +# of the message. To discard only one recipient +# without discarding the entire message, use the +# transport(5) table to direct mail to the discard(8) +# service. +# +# This feature is available in Postfix 2.0 and later. +# +# DUNNO Pretend that the lookup key was not found. This +# prevents Postfix from trying substrings of the +# lookup key (such as a subdomain name, or a network +# address subnetwork). +# +# This feature is available in Postfix 2.0 and later. +# +# FILTER transport:destination +# After the message is queued, send the entire mes- +# sage through the specified external content filter. +# The transport:destination syntax is described in +# the transport(5) manual page. More information +# about external content filters is in the Postfix +# FILTER_README file. +# +# Note: this action overrides the content_filter set- +# ting, and currently affects all recipients of the +# message. +# +# This feature is available in Postfix 2.0 and later. +# +# HOLD optional text... +# Place the message on the hold queue, where it will +# sit until someone either deletes it or releases it +# for delivery. Log the optional text if specified, +# otherwise log a generic message. +# +# Mail that is placed on hold can be examined with +# the postcat(1) command, and can be destroyed or +# released with the postsuper(1) command. +# +# Note: use "postsuper -r" to release mail that was +# kept on hold for a significant fraction of $maxi- +# mal_queue_lifetime or $bounce_queue_lifetime, or +# longer. Use "postsuper -H" only for mail that will +# not expire within a few delivery attempts. +# +# Note: this action currently affects all recipients +# of the message. +# +# This feature is available in Postfix 2.0 and later. +# +# PREPEND headername: headervalue +# Prepend the specified message header to the mes- +# sage. When more than one PREPEND action executes, +# the first prepended header appears before the sec- +# ond etc. prepended header. +# +# Note: this action must execute before the message +# content is received; it cannot execute in the con- +# text of smtpd_end_of_data_restrictions. +# +# This feature is available in Postfix 2.1 and later. +# +# REDIRECT user@@domain +# After the message is queued, send the message to +# the specified address instead of the intended +# recipient(s). +# +# Note: this action overrides the FILTER action, and +# currently affects all recipients of the message. +# +# This feature is available in Postfix 2.1 and later. +# +# WARN optional text... +# Log a warning with the optional text, together with +# client information and if available, with helo, +# sender, recipient and protocol information. +# +# This feature is available in Postfix 2.1 and later. +# +# ENHANCED STATUS CODES +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When an enhanced status +# code is specified in an access table, it is subject to +# modification. The following transformations are needed +# when the same access table is used for client, helo, +# sender, or recipient access restrictions; they happen +# regardless of whether Postfix replies to a MAIL FROM, RCPT +# TO or other SMTP command. +# +# o When a sender address matches a REJECT action, the +# Postfix SMTP server will transform a recipient DSN +# status (e.g., 4.1.1-4.1.6) into the corresponding +# sender DSN status, and vice versa. +# +# o When non-address information matches a REJECT +# action (such as the HELO command argument or the +# client hostname/address), the Postfix SMTP server +# will transform a sender or recipient DSN status +# into a generic non-address DSN status (e.g., +# 4.0.0). +# +# REGULAR EXPRESSION TABLES +# This section describes how the table lookups change when +# the table is given in the form of regular expressions. For +# a description of regular expression lookup table syntax, +# see regexp_table(5) or pcre_table(5). +# +# Each pattern is a regular expression that is applied to +# the entire string being looked up. Depending on the appli- +# cation, that string is an entire client hostname, an +# entire client IP address, or an entire mail address. Thus, +# no parent domain or parent network search is done, +# user@@domain mail addresses are not broken up into their +# user@@ and domain constituent parts, nor is user+foo broken +# up into user and foo. +# +# Patterns are applied in the order as specified in the ta- +# ble, until a pattern is found that matches the search +# string. +# +# Actions are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from +# the pattern can be interpolated as $1, $2 and so on. +# +# TCP-BASED TABLES +# This section describes how the table lookups change when +# lookups are directed to a TCP-based server. For a descrip- +# tion of the TCP client/server lookup protocol, see tcp_ta- +# ble(5). This feature is not available up to and including +# Postfix version 2.4. +# +# Each lookup operation uses the entire query string once. +# Depending on the application, that string is an entire +# client hostname, an entire client IP address, or an entire +# mail address. Thus, no parent domain or parent network +# search is done, user@@domain mail addresses are not broken +# up into their user@@ and domain constituent parts, nor is +# user+foo broken up into user and foo. +# +# Actions are the same as with indexed file lookups. +# +# EXAMPLE +# The following example uses an indexed file, so that the +# order of table entries does not matter. The example per- +# mits access by the client at address 1.2.3.4 but rejects +# all other clients in 1.2.3.0/24. Instead of hash lookup +# tables, some systems use dbm. Use the command "postconf +# -m" to find out what lookup tables Postfix supports on +# your system. +# +# /etc/postfix/main.cf: +# smtpd_client_restrictions = +# check_client_access hash:/etc/postfix/access +# +# /etc/postfix/access: +# 1.2.3 REJECT +# 1.2.3.4 OK +# +# Execute the command "postmap /etc/postfix/access" after +# editing the file. +# +# BUGS +# The table format does not understand quoting conventions. +# +# SEE ALSO +# postmap(1), Postfix lookup table manager +# smtpd(8), SMTP server +# postconf(5), configuration parameters +# transport(5), transport:nexthop syntax +# +# README FILES +# Use "postconf readme_directory" or "postconf html_direc- +# tory" to locate this information. +# SMTPD_ACCESS_README, built-in SMTP server access control +# DATABASE_README, Postfix lookup table overview +# +# LICENSE +# The Secure Mailer license must be distributed with this +# software. +# +# AUTHOR(S) +# Wietse Venema +# IBM T.J. Watson Research +# P.O. Box 704 +# Yorktown Heights, NY 10598, USA +# +# ACCESS(5) + +postmaster@@ OK +hostmaster@@ OK +abuse@@ OK +@ + + +1.1 +log +@Initial revision +@ +text +@d425 4 +@ diff --git a/postfix/.rcs/access_sender,v b/postfix/.rcs/access_sender,v new file mode 100644 index 0000000..02a3eb8 --- /dev/null +++ b/postfix/.rcs/access_sender,v @@ -0,0 +1,449 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2009.11.12.17.21.43; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# ACCESS(5) ACCESS(5) +# +# NAME +# access - Postfix SMTP server access table +# +# SYNOPSIS +# postmap /etc/postfix/access +# +# postmap -q "string" /etc/postfix/access +# +# postmap -q - /etc/postfix/access as the lookup key for such addresses. The value is +# specified with the smtpd_null_access_lookup_key parameter +# in the Postfix main.cf file. +# +# EMAIL ADDRESS EXTENSION +# When a mail address localpart contains the optional recip- +# ient delimiter (e.g., user+foo@@domain), the lookup order +# becomes: user+foo@@domain, user@@domain, domain, user+foo@@, +# and user@@. +# +# HOST NAME/ADDRESS PATTERNS +# With lookups from indexed files such as DB or DBM, or from +# networked tables such as NIS, LDAP or SQL, the following +# lookup patterns are examined in the order as listed: +# +# domain.tld +# Matches domain.tld. +# +# The pattern domain.tld also matches subdomains, but +# only when the string smtpd_access_maps is listed in +# the Postfix parent_domain_matches_subdomains con- +# figuration setting. Otherwise, specify .domain.tld +# (note the initial dot) in order to match subdo- +# mains. +# +# net.work.addr.ess +# +# net.work.addr +# +# net.work +# +# net Matches the specified IPv4 host address or subnet- +# work. An IPv4 host address is a sequence of four +# decimal octets separated by ".". +# +# Subnetworks are matched by repeatedly truncating +# the last ".octet" from the remote IPv4 host address +# string until a match is found in the access table, +# or until further truncation is not possible. +# +# NOTE 1: The access map lookup key must be in canon- +# ical form: do not specify unnecessary null charac- +# ters, and do not enclose network address informa- +# tion with "[]" characters. +# +# NOTE 2: use the cidr lookup table type to specify +# network/netmask patterns. See cidr_table(5) for +# details. +# +# net:work:addr:ess +# +# net:work:addr +# +# net:work +# +# net Matches the specified IPv6 host address or subnet- +# work. An IPv6 host address is a sequence of three +# to eight hexadecimal octet pairs separated by ":". +# +# Subnetworks are matched by repeatedly truncating +# the last ":octetpair" from the remote IPv6 host +# address string until a match is found in the access +# table, or until further truncation is not possible. +# +# NOTE 1: the truncation and comparison are done with +# the string representation of the IPv6 host address. +# Thus, not all the ":" subnetworks will be tried. +# +# NOTE 2: The access map lookup key must be in canon- +# ical form: do not specify unnecessary null charac- +# ters, and do not enclose network address informa- +# tion with "[]" characters. +# +# NOTE 3: use the cidr lookup table type to specify +# network/netmask patterns. See cidr_table(5) for +# details. +# +# IPv6 support is available in Postfix 2.2 and later. +# +# ACCEPT ACTIONS +# OK Accept the address etc. that matches the pattern. +# +# all-numerical +# An all-numerical result is treated as OK. This for- +# mat is generated by address-based relay authoriza- +# tion schemes such as pop-before-smtp. +# +# REJECT ACTIONS +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When no code is specified +# at the beginning of the text below, Postfix inserts a +# default enhanced status code of "5.7.1" in the case of +# reject actions, and "4.7.1" in the case of defer actions. +# See "ENHANCED STATUS CODES" below. +# +# 4NN text +# +# 5NN text +# Reject the address etc. that matches the pattern, +# and respond with the numerical three-digit code and +# text. 4NN means "try again later", while 5NN means +# "do not try again". +# +# The reply code "421" causes Postfix to disconnect +# immediately (Postfix version 2.3 and later). +# +# REJECT optional text... +# Reject the address etc. that matches the pattern. +# Reply with $reject_code optional text... when the +# optional text is specified, otherwise reply with a +# generic error response message. +# +# DEFER_IF_REJECT optional text... +# Defer the request if some later restriction would +# result in a REJECT action. Reply with "450 4.7.1 +# optional text... when the optional text is speci- +# fied, otherwise reply with a generic error response +# message. +# +# This feature is available in Postfix 2.1 and later. +# +# DEFER_IF_PERMIT optional text... +# Defer the request if some later restriction would +# result in a an explicit or implicit PERMIT action. +# Reply with "450 4.7.1 optional text... when the +# optional text is specified, otherwise reply with a +# generic error response message. +# +# This feature is available in Postfix 2.1 and later. +# +# OTHER ACTIONS +# restriction... +# Apply the named UCE restriction(s) (permit, reject, +# reject_unauth_destination, and so on). +# +# BCC user@@domain +# Send one copy of the message to the specified +# recipient. +# +# If multiple BCC actions are specified within the +# same SMTP MAIL transaction, only the last action +# will be used. +# +# This feature is not part of the stable Postfix +# release. +# +# DISCARD optional text... +# Claim successful delivery and silently discard the +# message. Log the optional text if specified, oth- +# erwise log a generic message. +# +# Note: this action currently affects all recipients +# of the message. To discard only one recipient +# without discarding the entire message, use the +# transport(5) table to direct mail to the discard(8) +# service. +# +# This feature is available in Postfix 2.0 and later. +# +# DUNNO Pretend that the lookup key was not found. This +# prevents Postfix from trying substrings of the +# lookup key (such as a subdomain name, or a network +# address subnetwork). +# +# This feature is available in Postfix 2.0 and later. +# +# FILTER transport:destination +# After the message is queued, send the entire mes- +# sage through the specified external content filter. +# The transport:destination syntax is described in +# the transport(5) manual page. More information +# about external content filters is in the Postfix +# FILTER_README file. +# +# Note: this action overrides the content_filter set- +# ting, and currently affects all recipients of the +# message. +# +# This feature is available in Postfix 2.0 and later. +# +# HOLD optional text... +# Place the message on the hold queue, where it will +# sit until someone either deletes it or releases it +# for delivery. Log the optional text if specified, +# otherwise log a generic message. +# +# Mail that is placed on hold can be examined with +# the postcat(1) command, and can be destroyed or +# released with the postsuper(1) command. +# +# Note: use "postsuper -r" to release mail that was +# kept on hold for a significant fraction of $maxi- +# mal_queue_lifetime or $bounce_queue_lifetime, or +# longer. Use "postsuper -H" only for mail that will +# not expire within a few delivery attempts. +# +# Note: this action currently affects all recipients +# of the message. +# +# This feature is available in Postfix 2.0 and later. +# +# PREPEND headername: headervalue +# Prepend the specified message header to the mes- +# sage. When more than one PREPEND action executes, +# the first prepended header appears before the sec- +# ond etc. prepended header. +# +# Note: this action must execute before the message +# content is received; it cannot execute in the con- +# text of smtpd_end_of_data_restrictions. +# +# This feature is available in Postfix 2.1 and later. +# +# REDIRECT user@@domain +# After the message is queued, send the message to +# the specified address instead of the intended +# recipient(s). +# +# Note: this action overrides the FILTER action, and +# currently affects all recipients of the message. +# +# This feature is available in Postfix 2.1 and later. +# +# WARN optional text... +# Log a warning with the optional text, together with +# client information and if available, with helo, +# sender, recipient and protocol information. +# +# This feature is available in Postfix 2.1 and later. +# +# ENHANCED STATUS CODES +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When an enhanced status +# code is specified in an access table, it is subject to +# modification. The following transformations are needed +# when the same access table is used for client, helo, +# sender, or recipient access restrictions; they happen +# regardless of whether Postfix replies to a MAIL FROM, RCPT +# TO or other SMTP command. +# +# o When a sender address matches a REJECT action, the +# Postfix SMTP server will transform a recipient DSN +# status (e.g., 4.1.1-4.1.6) into the corresponding +# sender DSN status, and vice versa. +# +# o When non-address information matches a REJECT +# action (such as the HELO command argument or the +# client hostname/address), the Postfix SMTP server +# will transform a sender or recipient DSN status +# into a generic non-address DSN status (e.g., +# 4.0.0). +# +# REGULAR EXPRESSION TABLES +# This section describes how the table lookups change when +# the table is given in the form of regular expressions. For +# a description of regular expression lookup table syntax, +# see regexp_table(5) or pcre_table(5). +# +# Each pattern is a regular expression that is applied to +# the entire string being looked up. Depending on the appli- +# cation, that string is an entire client hostname, an +# entire client IP address, or an entire mail address. Thus, +# no parent domain or parent network search is done, +# user@@domain mail addresses are not broken up into their +# user@@ and domain constituent parts, nor is user+foo broken +# up into user and foo. +# +# Patterns are applied in the order as specified in the ta- +# ble, until a pattern is found that matches the search +# string. +# +# Actions are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from +# the pattern can be interpolated as $1, $2 and so on. +# +# TCP-BASED TABLES +# This section describes how the table lookups change when +# lookups are directed to a TCP-based server. For a descrip- +# tion of the TCP client/server lookup protocol, see tcp_ta- +# ble(5). This feature is not available up to and including +# Postfix version 2.4. +# +# Each lookup operation uses the entire query string once. +# Depending on the application, that string is an entire +# client hostname, an entire client IP address, or an entire +# mail address. Thus, no parent domain or parent network +# search is done, user@@domain mail addresses are not broken +# up into their user@@ and domain constituent parts, nor is +# user+foo broken up into user and foo. +# +# Actions are the same as with indexed file lookups. +# +# EXAMPLE +# The following example uses an indexed file, so that the +# order of table entries does not matter. The example per- +# mits access by the client at address 1.2.3.4 but rejects +# all other clients in 1.2.3.0/24. Instead of hash lookup +# tables, some systems use dbm. Use the command "postconf +# -m" to find out what lookup tables Postfix supports on +# your system. +# +# /etc/postfix/main.cf: +# smtpd_client_restrictions = +# check_client_access hash:/etc/postfix/access +# +# /etc/postfix/access: +# 1.2.3 REJECT +# 1.2.3.4 OK +# +# Execute the command "postmap /etc/postfix/access" after +# editing the file. +# +# BUGS +# The table format does not understand quoting conventions. +# +# SEE ALSO +# postmap(1), Postfix lookup table manager +# smtpd(8), SMTP server +# postconf(5), configuration parameters +# transport(5), transport:nexthop syntax +# +# README FILES +# Use "postconf readme_directory" or "postconf html_direc- +# tory" to locate this information. +# SMTPD_ACCESS_README, built-in SMTP server access control +# DATABASE_README, Postfix lookup table overview +# +# LICENSE +# The Secure Mailer license must be distributed with this +# software. +# +# AUTHOR(S) +# Wietse Venema +# IBM T.J. Watson Research +# P.O. Box 704 +# Yorktown Heights, NY 10598, USA +# +# ACCESS(5) +rheya.technik.berlin.strato.de OK +@ diff --git a/postfix/.rcs/body_checks,v b/postfix/.rcs/body_checks,v new file mode 100644 index 0000000..6123a11 --- /dev/null +++ b/postfix/.rcs/body_checks,v @@ -0,0 +1,653 @@ +head 1.1; +access; +symbols; +locks; strict; +comment @# @; + + +1.1 +date 2008.10.01.14.37.41; author root; state Exp; +branches; +next ; + + +desc +@Initial +@ + + +1.1 +log +@Initial revision +@ +text +@# Version 3.14 / 8.8.2008 +# +# Das Postfix-Buch - Sichere Mailserver mit Linux +# http://www.postfixbuch.de +# +# Heinlein Professional Linux Support GmbH +# http://www.heinlein-support.de +# +# Downloadquelle dieser Datei: http://www.postfixbuch.de/web/service/checks/ +# +# +# Verwendung der Filtersammlung auf eigene Gefahr. +# +# Es handelt sich dabei um einen tagesaktuellen Auszug der beim +# ISP "JPBerlin.de" genutzten Filterregeln. Bitte pruefen Sie vor einem +# Einsatz bei Ihnen ganz genau, ob diese Regeln noch aktuell und sinnvoll +# sind und ob Sie sie einsetzen moechten! +# +# +# Setzen Sie in /etc/postfix/main.cf einfach +# +# body_checks = pcre:/etc/postfix/body_checks oder +# oder +# body_checks = regexp:/etc/postfix/body_checks +# +# und fuehren Sie "rcpostfix reload" aus. +# +# Tipp: pcre ist ein Drittel schneller als regexp! +# +# + +# +# Die Nummern hinter dem REJECT tauchen spaeter iM SMTP-Error oder im Log +# auf, um die Filter-Regel wiederzufinden, die den Block ausgeloest hat. +# Es kann stattdessen auch einfacher Text benutzt werden. +# + +# +# +# Tagesaktuelle, nur voruebergehende Regelungen: +# =============================================== +# [Immer mit Timestamp (!) und ggf. Ticket-Nummer eintragen!] +# + +/Subject:.*Mittel gegen Impotenz/ REJECT You are a stupid backscatter. Please learn how to manage your mailsserver. +/Subject:.*Potenzschwache - wir haben die Losung/ REJECT You are a stupid backscatter. Please learn how to manage your mailsserver. +/Subject:.*Endlich wieder Spass am Leben/ REJECT You are a stupid backscatter. Please learn how to manage your mailsserver. +/by hefe.heinlein-support.de; Fri, 18/ REJECT You are a stupid backscatter. Please learn how to manage your mailsserver. +/Subject:.*Belebt Geist und Korper/ REJECT You are a stupid backscatter. Please learn how to manage your mailsserver. +/Subject:.* Viiiiiiaaaaaaagra/ REJECT You are a stupid backscatter. Please learn how to manage your mailserver. + +# +# +# Dauerhaft genutzte Regelungen: +# =============================================== +# [Immer mit aufsteiger Nummer sauber eintragen!] +# +# + +/respublica@@gaucherepublicaine.org/ Body-Spamschutz 1072 +/NEU - Vi Super Active/ REJECT Body-Spamschutz 1071 +/anhaltende Versagensangste und wiederholte peinliche Situationen/ REJECT Body-Spamschutz 1070 +/anhaltende Versagensangste und wiederholte peinliche Situationen/ REJECT Body-Spamschutz 1069 +/Schulfreunde Vermittlungs Service AG/ REJECT Body-Spamschutz 1068 +/Multimedia Telegramm/ REJECT Body-Spamschutz 1067 +/http.*\.fdub\.biz/ REJECT Body-Spamschutz 1066 +/TanjaGuenther/ REJECT Body-Spamschutz 1065 +/www.bestnetz24.de\/letter\/ausgabe.php/ REJECT Body-Spamschutz 1064 +/www.db.?adressen.(com|net|org|info)/ REJECT Body-Spamschutz 1063 +/thomas@@jthomas.es/ REJECT Body-Spamschutz 1062 +/Ihre Marketing Agentur Espa/ REJECT Body-Spamschutz 1061 +/www.pakandu.com/ REJECT Body-Spamschutz 1060 +/Glob.?(C|K)ontact.?Team/ REJECT Body-Spamschutz 1059 +/www.gc.?datenbaken.(com|net|org|info)/ REJECT Body-Spamschutz 1058 +/www.glc-?data.(com|net|org|info)/ REJECT Body-Spamschutz 1057 +/Global.?(C|K)ontact/i REJECT Body-Spamschutz 1056 +/www.imarketing.com.br.remove/ REJECT Body-Spamschutz 1055 +/Bestellen Sie jetzt und vergessen Sie Ihre Enttauschungen/ REJECT Body-Spamschutz 1054 +/Online Apotheke - original Qualitaet/ REJECT Body-Spamschutz 1053 +/Wir wissen was Frauen wollern/ REJECT Body-Spamschutz 1052 +/Viiiiaaaaaagra/ REJECT Body-Spamschutz 1051 +/Web: www.eurasianpages. com/ REJECT Body-Spamschutz 1050 +/^Firma Global Contact bietet Ihnen/ REJECT Body-Spamschutz 1049 +/www.g-adressen.net/ REJECT Body-Spamschutz 1048 +/NIEMALS geben Sie Ihre Passw.rter an niemanden NUR und melden Sie sich/ REJECT Body-Spamschutzregel 1047 Haspa-Pishing +/www.loteria.es/ REJECT Body-Spamschutzregel 1046 +/Girls!  Deveelop your sexual reelationship and get even MORE pleasurre!/ REJECT Body-Spamschutzregel 1045 +# Nigeria-Spam / phei 20080209 +/Ich bin bei einer routinen Überprüfung in meiner Bank/ REJECT Body-Spamschutzregel 1044 +/Ich vermute das diese E-Mail eine Überraschung für Sie sein wird/ REJECT Body-Spamschutzregel 1043 +/Ich bin bei einer routinen Überprüfung in meiner Bank / REJECT Body-Spamschutzregel 1042 +# Versendet UBE/UCE unter verbraucher@@wichtig.ms +/^Ein Dienst der IT4YOU AG, Friedrichstrasse 171, Berlin - Mitte als/ REJECT Body-Spamschutzregel 1041 +# Versendet KlickTel UBE/UCE: / phei 20080204 +/^www.cdtophit.org/ REJECT Body-Spamschutzregel 1040 +/http:\/\/www\.doenertreff\.de/ REJECT Body-Spamschutzregel 1039 +/Brauchen Sie noch einen Grund um zu Vegas VIP Casino/ REJECT Body-Spamschutzregel 1038 +/glob-contact.net$/ REJECT Body-Spamschutzregel 1037: glob-contact +/^Ihr Glob-Kontakt-Team$/ REJECT Body-Spamschutzregel 1036: glob-contact +/www.feilervision.de/ REJECT Body-Spamschutzregel 1035: feilervision +/DER INVESTORALARM!/i REJECT Body-Spamschutzregel 1034 +/ES IST EIN UNGLAUBLICHES PROFITPOTENTIAL! VERLIERE DIESE CHANCE NICHT!/i REJECT Body-Spamschutzregel 1033 +/LOTTERY AND GAMING INTERNET MESSAGE CENTRE/ REJECT Body-Spamschutzregel 1033 +/I work very hard every day to be able to buy necessities for my mother/ REJECT Body-Spamschutzregel 1032 +/THE FREELOTTO COMPANY/ REJECT Body-Spamschutzregel 1031 +/BreakingMrktNews/ REJECT Body-Spamschutzregel 1030 +/China Media Crop OTC.BB CHMD/ REJECT Body-Spamschutzregel 1029 +/Weltweit gilt das nummerierte TAN-Verfahren als eines der sicherste/ REJECT Body-Spamschutzregel 1028: Postbank-Pishing +/^Marion Beckera/ REJECT Body-Spamschutzregel 1027 +/Zwecks abschließende Zustimmung für deine Verhandlung zur/ REJECT Body-Spamschutzregel 1026 +/annullieren deine on-line Übertragung® Dienstleistungen./ REJECT Body-Spamschutzregel 1025 +/www.internetloginuser.info/ REJECT Body-Spamschutzregel 1024 +/realsevgi.com/ REJECT Body-Spamschutzregel 1023 +/Um mich zu entlasten, schicke ich Ihnen das (...) Foto wieder zurück./ REJECT Body-Spamschutzregel 1022 +/Oder Ihr Provider hat die Mail falsch weiter geleitet!?/ REJECT Body-Spamschutzregel 1021 +/Versatel-Attachment-Warning.txt/ REJECT Body-Spamschutzregel 1020 +/www=2Eanaforturizm=2Ecom/ REJECT Body-Spamschutzregel 1019 +/www.anaforturizm.com/ REJECT Body-Spamschutzregel 1018 +/The Jpberlin Support Team/ REJECT Body-Spamschutzregel 1017: Pishing-Mails +/^jpberlin.de support team\./ REJECT Body-Spamschutzregel 1016: Pishing-Mails +/You have successfully updated the password of your Jpberlin account/ REJECT Body-Spamschutzregel 1015 +/www.ru4mailnow.com/ REJECT Body-Spamschutzregel 1014 +/EXPLOSIVE PICK FOR OUR MEMBERS/ REJECT Body-Spamschutzregel 1013 +/AntiVirus-System: Kein Virus erkannt/ REJECT Body-Spamschutzregel 1012 +/--- FIFA Fussball-Weltmeisterschaft 2006/ REJECT Body-Spamschutzregel 1011 +/ankara@@ankararentacar.de/ REJECT Body-Spamschutzregel 1010 +/Replica Watch Models/ REJECT Body-Spamschutzregel 1009 +/Diadem Travel/ REJECT Body-Spamschutzregel 1008 +/Let the search engine experts compete/ REJECT Body-Spamschutzregel 1007 +/Wenn du sonst noch helfen willst, dann verschick diese Nachricht einfach so oft du willst./ REJECT Body-Spamschutzregel 1006 +/http:\/\/www.ehmig.net\/web_mailer/ REJECT Body-Spamschutzregel 1005 +/http:\/\/real.slon.biz/ REJECT Body-Spamschutzregel 1004 +#/im Zusammenhang mit dem Arbeitslosengeld II/ REJECT Body-Spamschutzregel 1003 +/www.inverz.org/ REJECT Body-Spamschutzregel 1002 +/www.inverz.net/ REJECT Body-Spamschutzregel 1001 + + + + + + +/We recommend you to follow the instructions in order to keep your computer safe./ REJECT Body-Spamschutzregel 1 +/Sieh Dir einfach mal ein Video an und mach dann gleich ein Treffen/ REJECT Body-Spamschutzregel 2 +/money.*back.*guarant/ REJECT Body-Spamschutzregel 3 +/ CIALIS / REJECT Body-Spamschutzregel 4 +/www.galamed.biz/ REJECT Body-Spamschutzregel 5 +/Starts working in less than 15 min./ REJECT Body-Spamschutzregel 6 +/Adipren720/ REJECT Body-Spamschutzregel 7 +/www.lending-home.com/ REJECT Body-Spamschutzregel 8 +/bigbonus-casino.com/ REJECT Body-Spamschutzregel 9 +/Ich hab die ultimative Seite.*dich, klick doch mal an!/ REJECT Body-Spamschutzregel 10 +/www.server42.com/ REJECT Body-Spamschutzregel 11 +/seo-profits.com/ REJECT Body-Spamschutzregel 12 +/Have a great web site, but no one knows it even/ REJECT Body-Spamschutzregel 13 +/REVERZ.*D-INFO/ REJECT Body-Spamschutzregel 14 +/D-INFO.*REVERZ/ REJECT Body-Spamschutzregel 15 +/greatmaleenhancement.biz/ REJECT Body-Spamschutzregel 16 +/ Xanax / REJECT Body-Spamschutzregel 17 +/Vic(o|0)din/ REJECT Body-Spamschutzregel 18 +/Hydr(o|0)c(o|0)d(o|0)ne/ REJECT Body-Spamschutzregel 19 +/ V1agra / REJECT Body-Spamschutzregel 20 +/warehousefull.com/ REJECT Body-Spamschutzregel 21 +/No doctor visit needed/ REJECT Body-Spamschutzregel 22 +/KLICKTEL KENNT SIE!/ REJECT Body-Spamschutzregel 23 +/^www.femo-online.de/ REJECT Body-Spamschutzregel 24 +/www.land-ua.com/ REJECT Body-Spamschutzregel 25 +/Come to Loqozine/ REJECT Body-Spamschutzregel 26 +/^
<.*a href=.*img src=.*border.*><\/a><\/center>$/ REJECT Body-Spamschutzregel Check 27 +/www.gord.us/ REJECT Body-Spamschutzregel 28 +/www.reverz.org/ REJECT Body-Spamschutzregel 29 +/wonderfulaction.com/ REJECT Body-Spamschutzregel 30 +/At our pharmacy we offer/ REJECT Body-Spamschutzregel 31 +/Was ist besser als eine fette Ladung Sahne/ REJECT Body-Spamschutzregel 32 +/www.surerxmed.com/ REJECT Body-Spamschutzregel 33 +/www.surerxpills.com/ REJECT Body-Spamschutzregel 34 +/www.stifyems.com/ REJECT Body-Spamschutzregel 35 +/www.diatrus.com/ REJECT Body-Spamschutzregel 36 +/CITYNETT-NEWSLETTER/i REJECT Body-Spamschutzregel 37 +/Note: *Use *password/ REJECT Body-Spamschutzregel 38 +/ will be disabled because of improper using/ REJECT Body-Spamschutzregel 39 +/i.*don.*like.*the*.plaintext/ REJECT Body-Spamschutzregel 40 +/archive *password/ REJECT Body-Spamschutzregel 41 +# /The *Attac..* *team/ REJECT Body-Spamschutzregel 42 +/The *Attac.org *team/ REJECT Body-Spamschutzregel 43 +/The *Attac.de *team/ REJECT Body-Spamschutzregel 44 +/The *Attac-netzwerk.de *team/ REJECT Body-Spamschutzregel 45 +/The *Jpberlin.de *team/ REJECT Body-Spamschutzregel 46 +/Our main mailing server/ REJECT Body-Spamschutzregel 47 +/please update your profile at Billing Center/ REJECT Body-Spamschutzregel 48 +/WSEAS will reply to you/ REJECT Body-Spamschutzregel 49 +/de.componentsengine.net/ REJECT Body-Spamschutzregel 50 +/List von Components Engine eingetragen/ REJECT Body-Spamschutzregel 51 +/The Weekend Pill - Xialis is safer, quicker, lasts longers/ REJECT Body-Spamschutzregel +/Muzenda der �teste Sohn von Paul Muzenda bin , einem Farmer in Simba/ REJECT Body-Spamschutzregel 53 +/Alles fr die Autorennbahn/ REJECT Body-Spamschutzregel 54 +/Der Wurm nennt sich selbst "ODIN" und konnte sich bist jetzt/ REJECT Body-Spamschutzregel 55 +/NICHT ABHEBEN, SONDERN SOFORT ABWEISEN/ REJECT Body-Spamschutzregel Das ist ein HOAX, eine Falschmeldung. http://www.hoax-info.de 56 +/Es ist ein Virus, welcher alle IMEI und IMSI Daten/ REJECT Body-Spamschutzregel Das ist ein HOAX, eine Falschmeldung. http://www.hoax-info.de 57 +/Der Meister unter den Druckprogrammen: PRINTMASTER 8 GOLD/ REJECT Body-Spamschutzregel 58 +/Stellen Sie sich vor, Sie kaufen ein Produkt oder eine Dienstleistung im/ REJECT Body-Spamschutzregel 59 +/So finden Sie blitzschnell den NAMEN und ADRESS-EINTRAG zu jeder/ REJECT Body-Spamschutzregel 60 +/^TVqQAAMAAAAEAAAA\/\/8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA$/ REJECT Body-Spamschutzregel Due to recent virus attacks, we temporarily block all Win32 executable files. Please re-send your attachment in a compressed (tar, zip, rar, etc.) form. Your message has NOT been delivered. 61 +/eptember 2003, Cumulative Patch/ REJECT Body-Spamschutzregel 62 +/Ich bin gerade vor einem neuen.*sehr gef�rlichen V.rus gewarnt/ REJECT Body-Spamschutzregel 63 +/^RSLxwtYBDB6FCv8ybBcS0zp9VU5of3K4BXuwyehTM0RI9IrSjVuwP94xfn0wgOjouKWzGXHVk3qg$/ REJECT Body-Spamschutzregel This is a Sobig-Worm! 64 +/exklusives virtuelles Gratis-Rubbellos welches Sie gleich jetzt live mit/ REJECT Body-Spamschutzregel 65 +/Willkommen beim Lucky7Casino/ REJECT Body-Spamschutzregel 66 +/heutzutage spielen Kontakte und Adressdaten eine immer wichtigere Rolle./ REJECT Body-Spamschutzregel 67 +/REVERZ anhand des Datenbestands der D-Info den gesuchten/ REJECT Body-Spamschutzregel 68 +/www.privatseitennetz.com/ REJECT Body-Spamschutzregel 69 +/Outlook and Outlook Express as well as five newly/ REJECT Body-Spamschutzregel 70 +/delog@@cip.informatik.uni-wuerzburg.de/ REJECT Body-Spamschutzregel 71 +/credit.hostfree2003.com/ REJECT Body-Spamschutzregel 72 +/www.mediabiz.de.ewmail/ REJECT Body-Spamschutzregel 73 +/Want to boost your sales with Internet/ REJECT Body-Spamschutzregel 74 +/talente.tripod.com.br/ REJECT Body-Spamschutzregel 75 +/schlechte Schufa-Auskunft? Bonit�sprobleme? Dann w�len Sie doch/ REJECT Body-Spamschutzregel 76 +/Diese Liste von Banken, Sparkassen Volks- und Raiffeisenbanken OHNE Schufa-Anschluss finden Sie nicht/ REJECT Body-Spamschutzregel 77 +/Gute Nachrichten. Gerade habe ich die geile \"FickShow\" gefunden:/ REJECT Body-Spamschutzregel 78 +/Gute Nachrichten. Gerade habe ich die geile "FickShow" gefunden:/ REJECT Body-Spamschutzregel 79 +/Create Professional 3D Page-Tuning/ REJECT Body-Spamschutzregel 80 +/SEXKONTAKTE ONLINE/ REJECT Body-Spamschutzregel 81 +/FREE Access to.*adult.*sites/i REJECT Body-Spamschutzregel 82 +/web-supermarket.com/i REJECT Body-Spamschutzregel 83 +/Wir haben ihre Adresse durch eines unserer Partnerunternehmen/ REJECT Body-Spamschutzregel 84 +/Wir haben ihre Adresse.*Partnerunternehmen/i REJECT 85 +/herbal-place.com/ REJECT Body-Spamschutzregel 86 +/GIO DIET-CAPS greifen hier ein durch:/ REJECT Body-Spamschutzregel 87 +/These are Free Cash Grants That you NEVER have to repay/ REJECT Body-Spamschutzregel 88 +/Wir haben unseren Zugang neu upgedadet/ REJECT Body-Spamschutzregel 89 +/Jemand der Dich sehr gut kennt wuerde gern ein Treffen mit Dir/i REJECT Body-Spamschutzregel 90 +/Wenn Du wissen willst wer Dich treffen moechte/i REJECT Body-Spamschutzregel 91 +/You Have Won a FREEE/i REJECT Body-Spamschutzregel 93 +/Click Here For All Your Favorite Pornstars/i REJECT Body-Spamschutzregel 94 +/Year the U.S. Government Gives away BILLIONS in cash grants/i REJECT Body-Spamschutzregel 95 +/Banken ohne Schufa-Auskunft/i REJECT Body-Spamschutzregel 96 +/Probleme mit der Schufa/i REJECT Body-Spamschutzregel 97 +/Laden Sie sich jetzt unsere kostenlose Zugangssoftware runter/ REJECT Body-Spamschutzregel 98 +/Genocide Is A Black-And-White Concept/ REJECT Body-Spamschutzregel 99 +/So viele Wuensche auf einmal/ REJECT Body-Spamschutzregel 100 +/diese Mail ist kein SPAM/i REJECT Body-Spamschutzregel 101 +/Sch.*ne Gr.*e von Lucky Casino/ REJECT Body-Spamschutzregel 102 +/Weil Sie oder ein anderer bei Lucky Casino/i REJECT Body-Spamschutzregel 103 +/Endlich habe ich Deine E-Mail Adresse wieder gefunden, das hat aber/i REJECT Body-Spamschutzregel 104 +/galerie kurt im hirsch/ REJECT Body-Spamschutzregel +/X-MS_Scanner: Kein Virus erkannt/ REJECT Body-Spamschutzregel Sober-Wurmsignatur +/Anti_Virus Service/ REJECT Body-Spamschutzregel Sober-Wurmsignatur + +# +# Checks gesammelt aus dem Netz von +# http://www.hispalinux.es/~data/postfix/ +# +/.*www\.removeyou\.com.*/ REJECT Body-Spamschutzregel 110 +/.*waterforge\.com.*/ REJECT Body-Spamschutzregel 111 +/.*capitalwave\.com\?subject=Please*/ REJECT Body-Spamschutzregel 112 +/\.virtmundo\.com/ REJECT Body-Spamschutzregel 113 +/Accept Credit Cards/ REJECT Body-Spamschutzregel 114 +/Nude Celebrities/ REJECT Body-Spamschutzregel 115 +/PRODUCT or SERVICE/i REJECT Body-Spamschutzregel 116 +/GUARANTEED!/ REJECT Body-Spamschutzregel 117 +/Amateur Girls/ REJECT Body-Spamschutzregel 118 +/FREE MEMBERSHIP/ REJECT Body-Spamschutzregel 119 +/bizinfo/ REJECT Body-Spamschutzregel 120 +# block iframe hack 122 +/