maybe chmod 0644 './config-archive/etc/apache2/modules.d/00_apache_manual.conf.1'
maybe chmod 0644 './config-archive/etc/apache2/modules.d/00_apache_manual.conf.2'
maybe chmod 0644 './config-archive/etc/apache2/modules.d/00_apache_manual.conf.3'
+maybe chmod 0644 './config-archive/etc/apache2/modules.d/00_apache_manual.conf.4'
maybe chmod 0644 './config-archive/etc/apache2/modules.d/00_apache_manual.conf.dist'
maybe chmod 0755 './config-archive/etc/bash'
maybe chmod 0644 './config-archive/etc/bash/bashrc'
maybe chmod 0755 './config-archive/etc/logrotate.d'
maybe chmod 0644 './config-archive/etc/logrotate.d/clamav'
maybe chmod 0644 './config-archive/etc/logrotate.d/clamav.dist'
+maybe chmod 0644 './config-archive/etc/logrotate.d/syslog-ng'
+maybe chmod 0644 './config-archive/etc/logrotate.d/syslog-ng.dist.new'
maybe chmod 0644 './config-archive/etc/logrotate.d/ulogd'
maybe chmod 0644 './config-archive/etc/logrotate.d/ulogd.1'
maybe chmod 0644 './config-archive/etc/logrotate.d/ulogd.dist'
maybe chmod 0644 './config-archive/etc/postfix/main.cf.4'
maybe chmod 0644 './config-archive/etc/postfix/main.cf.5'
maybe chmod 0644 './config-archive/etc/postfix/main.cf.6'
+maybe chmod 0644 './config-archive/etc/postfix/main.cf.7'
maybe chmod 0644 './config-archive/etc/postfix/main.cf.dist'
maybe chmod 0644 './config-archive/etc/profile'
maybe chmod 0755 './config-archive/etc/profile.d'
maybe chmod 0600 './config-archive/etc/ssh/sshd_config'
maybe chmod 0600 './config-archive/etc/ssh/sshd_config.1'
maybe chmod 0600 './config-archive/etc/ssh/sshd_config.2'
+maybe chmod 0600 './config-archive/etc/ssh/sshd_config.3'
maybe chmod 0600 './config-archive/etc/ssh/sshd_config.dist'
maybe chmod 0755 './config-archive/etc/stunnel'
maybe chmod 0644 './config-archive/etc/stunnel/stunnel.conf'
maybe chmod 0644 './highlight/filetypes.conf'
maybe chmod 0644 './host.conf'
maybe chmod 0644 './hosts'
+maybe chmod 0644 './hosts.allow'
maybe chmod 0644 './idn.conf'
maybe chmod 0644 './idn.conf.sample'
maybe chmod 0644 './idnalias.conf'
maybe chmod 0644 './ssh/ssh_host_dsa_key.pub'
maybe chmod 0600 './ssh/ssh_host_ecdsa_key'
maybe chmod 0644 './ssh/ssh_host_ecdsa_key.pub'
+maybe chmod 0600 './ssh/ssh_host_ed25519_key'
+maybe chmod 0644 './ssh/ssh_host_ed25519_key.pub'
maybe chmod 0600 './ssh/ssh_host_key'
maybe chmod 0644 './ssh/ssh_host_key.pub'
maybe chmod 0600 './ssh/ssh_host_rsa_key'
<delegate decode="html" command=""html2ps" -U -o "%o" "%i""/>
<delegate decode="https" command=""curl" -s -k -L -o "%o" "https:%M""/>
<delegate decode="ilbm" command=""ilbmtoppm" "%i" > "%o""/>
- <delegate decode="jxr" command="mv "%i" "%i.jxr"; "JxrDecApp" -i "%i.jxr" -o "%o.pnm"; mv "%i.jxr" "%i"; mv "%o.pnm" "%o""/>
+ <delegate decode="jxr" command="mv "%i" "%i.jxr"; "JxrDecApp" -i "%i.jxr" -o "%o.bmp" -c 0; mv "%i.jxr" "%i"; mv "%o.bmp" "%o""/>
<delegate decode="man" command=""groff" -man -Tps "%i" > "%o""/>
<delegate decode="miff" encode="show" spawn="True" command=""display" -delay 0 -window-group %[group] -title "%l " "ephemeral:%i""/>
<delegate decode="miff" encode="win" stealth="True" spawn="True" command=""display" -immutable -delay 0 -window-group %[group] -title "%l " "ephemeral:%i""/>
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.25/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.27/manual$1"
-<Directory "/usr/share/doc/apache-2.2.25/manual">
+<Directory "/usr/share/doc/apache-2.2.27/manual">
Options Indexes
AllowOverride None
Order allow,deny
-# Automatically generated by app-misc/ca-certificates-20130906
-# Mon Feb 24 09:10:38 UTC 2014
+# Automatically generated by app-misc/ca-certificates-20130906-r1
+# Tue Apr 1 20:45:18 UTC 2014
# Do not edit.
cacert.org/cacert.org_class3.crt
cacert.org/cacert.org_root.crt
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.24/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.25/manual$1"
-<Directory "/usr/share/doc/apache-2.2.24/manual">
+<Directory "/usr/share/doc/apache-2.2.25/manual">
Options Indexes
AllowOverride None
Order allow,deny
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.23/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.24/manual$1"
-<Directory "/usr/share/doc/apache-2.2.23/manual">
+<Directory "/usr/share/doc/apache-2.2.24/manual">
Options Indexes
AllowOverride None
Order allow,deny
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.22/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.23/manual$1"
-<Directory "/usr/share/doc/apache-2.2.22/manual">
+<Directory "/usr/share/doc/apache-2.2.23/manual">
Options Indexes
AllowOverride None
Order allow,deny
SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1
RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2
- LanguagePriority en de es fr ja ko pt-br
+ LanguagePriority de en es fr ja ko pt-br
ForceLanguagePriority Prefer Fallback
</Directory>
</IfDefine>
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.21-r1/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.22/manual$1"
-<Directory "/usr/share/doc/apache-2.2.21-r1/manual">
+<Directory "/usr/share/doc/apache-2.2.22/manual">
Options Indexes
AllowOverride None
Order allow,deny
--- /dev/null
+# Provide access to the documentation on your server as
+# http://yourserver.example.com/manual/
+# The documentation is always available at
+# http://httpd.apache.org/docs/2.2/
+<IfDefine MANUAL>
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.21-r1/manual$1"
+
+<Directory "/usr/share/doc/apache-2.2.21-r1/manual">
+ Options Indexes
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+
+ <Files *.html>
+ SetHandler type-map
+ </Files>
+
+ SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br)/ prefer-language=$1
+ RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br)){2,}(/.*)?$ /manual/$1$2
+
+ LanguagePriority en de es fr ja ko pt-br
+ ForceLanguagePriority Prefer Fallback
+</Directory>
+</IfDefine>
+
+# vim: ts=4 filetype=apache
# The documentation is always available at
# http://httpd.apache.org/docs/2.2/
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.25/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.27/manual$1"
-<Directory "/usr/share/doc/apache-2.2.25/manual">
+<Directory "/usr/share/doc/apache-2.2.27/manual">
Options Indexes
AllowOverride None
Order allow,deny
--- /dev/null
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.logrotate,v 1.3 2008/10/15 20:46:12 mr_bones_ Exp $
+#
+# Syslog-ng logrotate snippet for Gentoo Linux
+# contributed by Michael Sterrett
+#
+
+#/var/log/messages {
+# missingok
+# sharedscripts
+# postrotate
+# /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
+# endscript
+#}
+
+script syslog-reload
+ /etc/init.d/syslog-ng reload >/dev/null || true
+endscript
+
+/var/log/messages {
+ daily
+ olddir /var/log/.old/%Y-%m
+ size 1024K
+ postrotate syslog-reload
+}
+
+/var/log/syslog.d/* {
+ daily
+ olddir /var/log/syslog.d/.old/%Y-%m
+ size 1024K
+ postrotate syslog-reload
+ maxage 1y
+}
+
+/var/log/debug.log {
+ daily
+ olddir /var/log/.old/%Y-%m
+ size 4M
+ postrotate syslog-reload
+ maxage 6m
+}
+
+/var/log/mail/authdaemond /var/log/mail/amavis* /var/log/mail/imapd* /var/log/mail/pop3d* /var/log/mail/postgrey /var/log/mail/spam* {
+ daily
+ olddir /var/log/mail/.old/%Y-%m
+ size 1024K
+ postrotate syslog-reload
+ maxage 1y
+}
+
+/var/log/mail/postfix/* {
+ daily
+ olddir /var/log/mail/.old/postfix/%Y-%m
+ size 1024K
+ postrotate syslog-reload
+ maxage 1y
+}
+
+# vim: ts=4 filetype=conf
--- /dev/null
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.logrotate.in,v 1.1 2014/01/22 04:25:35 mr_bones_ Exp $
+#
+# Syslog-ng logrotate snippet for Gentoo Linux
+# contributed by Michael Sterrett
+#
+
+/var/log/messages {
+ missingok
+ sharedscripts
+ postrotate
+ /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
+ endscript
+}
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.1/html
+html_directory = /usr/share/doc/postfix-2.10.2/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.1/readme
+readme_directory = /usr/share/doc/postfix-2.10.2/readme
home_mailbox = .maildir/
broken_sasl_auth_clients = yes
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.0/html
+html_directory = /usr/share/doc/postfix-2.10.1/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.0/readme
+readme_directory = /usr/share/doc/postfix-2.10.1/readme
home_mailbox = .maildir/
broken_sasl_auth_clients = yes
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.9.5/html
+html_directory = /usr/share/doc/postfix-2.10.0/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.9.5/readme
+readme_directory = /usr/share/doc/postfix-2.10.0/readme
home_mailbox = .maildir/
broken_sasl_auth_clients = yes
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.9.4/html
+html_directory = /usr/share/doc/postfix-2.9.5/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.9.4/readme
+readme_directory = /usr/share/doc/postfix-2.9.5/readme
home_mailbox = .maildir/
broken_sasl_auth_clients = yes
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.9.3/html
+html_directory = /usr/share/doc/postfix-2.9.4/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.9.3/readme
+readme_directory = /usr/share/doc/postfix-2.9.4/readme
home_mailbox = .maildir/
broken_sasl_auth_clients = yes
# daemon programs (i.e. programs listed in the master.cf file). This
# directory must be owned by root.
#
-daemon_directory = /usr/lib64/postfix
+daemon_directory = /usr/libexec/postfix
# The data_directory parameter specifies the location of Postfix-writable
# data files (caches, random numbers). This directory must be owned
# the main.cf file, otherwise the SMTP server will reject mail for
# non-UNIX accounts with "User unknown in local recipient table".
#
-#mailbox_transport = lmtp:unix:/file/name
+# Cyrus IMAP over LMTP. Specify ``lmtpunix cmd="lmtpd"
+# listen="/var/imap/socket/lmtp" prefork=0'' in cyrus.conf.
+#mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
+#
+# Cyrus IMAP via command line. Uncomment the "cyrus...pipe" and
+# subsequent line in master.cf.
#mailbox_transport = cyrus
# The fallback_transport specifies the optional transport in master.cf
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.8.9/html
+html_directory = /usr/share/doc/postfix-2.9.3/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.8.9/readme
+readme_directory = /usr/share/doc/postfix-2.9.3/readme
home_mailbox = .maildir/
broken_sasl_auth_clients = yes
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.8.7/html
+html_directory = /usr/share/doc/postfix-2.8.9/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.8.7/readme
+readme_directory = /usr/share/doc/postfix-2.8.9/readme
home_mailbox = .maildir/
broken_sasl_auth_clients = yes
--- /dev/null
+# Global Postfix configuration file. This file lists only a subset
+# of all parameters. For the syntax, and for a complete parameter
+# list, see the postconf(5) manual page (command: "man 5 postconf").
+#
+# For common configuration examples, see BASIC_CONFIGURATION_README
+# and STANDARD_CONFIGURATION_README. To find these documents, use
+# the command "postconf html_directory readme_directory", or go to
+# http://www.postfix.org/.
+#
+# For best results, change no more than 2-3 parameters at a time,
+# and test if Postfix still works after every change.
+
+# SOFT BOUNCE
+#
+# The soft_bounce parameter provides a limited safety net for
+# testing. When soft_bounce is enabled, mail will remain queued that
+# would otherwise bounce. This parameter disables locally-generated
+# bounces, and prevents the SMTP server from rejecting mail permanently
+# (by changing 5xx replies into 4xx replies). However, soft_bounce
+# is no cure for address rewriting mistakes or mail routing mistakes.
+#
+#soft_bounce = no
+
+# LOCAL PATHNAME INFORMATION
+#
+# The queue_directory specifies the location of the Postfix queue.
+# This is also the root directory of Postfix daemons that run chrooted.
+# See the files in examples/chroot-setup for setting up Postfix chroot
+# environments on different UNIX systems.
+#
+queue_directory = /var/spool/postfix
+
+# The command_directory parameter specifies the location of all
+# postXXX commands.
+#
+command_directory = /usr/sbin
+
+# The daemon_directory parameter specifies the location of all Postfix
+# daemon programs (i.e. programs listed in the master.cf file). This
+# directory must be owned by root.
+#
+daemon_directory = /usr/lib64/postfix
+
+# The data_directory parameter specifies the location of Postfix-writable
+# data files (caches, random numbers). This directory must be owned
+# by the mail_owner account (see below).
+#
+data_directory = /var/lib/postfix
+
+# QUEUE AND PROCESS OWNERSHIP
+#
+# The mail_owner parameter specifies the owner of the Postfix queue
+# and of most Postfix daemon processes. Specify the name of a user
+# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
+# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In
+# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
+# USER.
+#
+mail_owner = postfix
+
+# The default_privs parameter specifies the default rights used by
+# the local delivery agent for delivery to external file or command.
+# These rights are used in the absence of a recipient user context.
+# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
+#
+#default_privs = nobody
+
+# INTERNET HOST AND DOMAIN NAMES
+#
+# The myhostname parameter specifies the internet hostname of this
+# mail system. The default is to use the fully-qualified domain name
+# from gethostname(). $myhostname is used as a default value for many
+# other configuration parameters.
+#
+#myhostname = host.domain.tld
+#myhostname = virtual.domain.tld
+
+# The mydomain parameter specifies the local internet domain name.
+# The default is to use $myhostname minus the first component.
+# $mydomain is used as a default value for many other configuration
+# parameters.
+#
+#mydomain = domain.tld
+
+# SENDING MAIL
+#
+# The myorigin parameter specifies the domain that locally-posted
+# mail appears to come from. The default is to append $myhostname,
+# which is fine for small sites. If you run a domain with multiple
+# machines, you should (1) change this to $mydomain and (2) set up
+# a domain-wide alias database that aliases each user to
+# user@that.users.mailhost.
+#
+# For the sake of consistency between sender and recipient addresses,
+# myorigin also specifies the default domain name that is appended
+# to recipient addresses that have no @domain part.
+#
+#myorigin = $myhostname
+#myorigin = $mydomain
+
+# RECEIVING MAIL
+
+# The inet_interfaces parameter specifies the network interface
+# addresses that this mail system receives mail on. By default,
+# the software claims all active interfaces on the machine. The
+# parameter also controls delivery of mail to user@[ip.address].
+#
+# See also the proxy_interfaces parameter, for network addresses that
+# are forwarded to us via a proxy or network address translator.
+#
+# Note: you need to stop/start Postfix when this parameter changes.
+#
+#inet_interfaces = all
+#inet_interfaces = $myhostname
+#inet_interfaces = $myhostname, localhost
+
+# The proxy_interfaces parameter specifies the network interface
+# addresses that this mail system receives mail on by way of a
+# proxy or network address translation unit. This setting extends
+# the address list specified with the inet_interfaces parameter.
+#
+# You must specify your proxy/NAT addresses when your system is a
+# backup MX host for other domains, otherwise mail delivery loops
+# will happen when the primary MX host is down.
+#
+#proxy_interfaces =
+#proxy_interfaces = 1.2.3.4
+
+# The mydestination parameter specifies the list of domains that this
+# machine considers itself the final destination for.
+#
+# These domains are routed to the delivery agent specified with the
+# local_transport parameter setting. By default, that is the UNIX
+# compatible delivery agent that lookups all recipients in /etc/passwd
+# and /etc/aliases or their equivalent.
+#
+# The default is $myhostname + localhost.$mydomain. On a mail domain
+# gateway, you should also include $mydomain.
+#
+# Do not specify the names of virtual domains - those domains are
+# specified elsewhere (see VIRTUAL_README).
+#
+# Do not specify the names of domains that this machine is backup MX
+# host for. Specify those names via the relay_domains settings for
+# the SMTP server, or use permit_mx_backup if you are lazy (see
+# STANDARD_CONFIGURATION_README).
+#
+# The local machine is always the final destination for mail addressed
+# to user@[the.net.work.address] of an interface that the mail system
+# receives mail on (see the inet_interfaces parameter).
+#
+# Specify a list of host or domain names, /file/name or type:table
+# patterns, separated by commas and/or whitespace. A /file/name
+# pattern is replaced by its contents; a type:table is matched when
+# a name matches a lookup key (the right-hand side is ignored).
+# Continue long lines by starting the next line with whitespace.
+#
+# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
+#
+#mydestination = $myhostname, localhost.$mydomain, localhost
+#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
+#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
+# mail.$mydomain, www.$mydomain, ftp.$mydomain
+
+# REJECTING MAIL FOR UNKNOWN LOCAL USERS
+#
+# The local_recipient_maps parameter specifies optional lookup tables
+# with all names or addresses of users that are local with respect
+# to $mydestination, $inet_interfaces or $proxy_interfaces.
+#
+# If this parameter is defined, then the SMTP server will reject
+# mail for unknown local users. This parameter is defined by default.
+#
+# To turn off local recipient checking in the SMTP server, specify
+# local_recipient_maps = (i.e. empty).
+#
+# The default setting assumes that you use the default Postfix local
+# delivery agent for local delivery. You need to update the
+# local_recipient_maps setting if:
+#
+# - You define $mydestination domain recipients in files other than
+# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
+# For example, you define $mydestination domain recipients in
+# the $virtual_mailbox_maps files.
+#
+# - You redefine the local delivery agent in master.cf.
+#
+# - You redefine the "local_transport" setting in main.cf.
+#
+# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
+# feature of the Postfix local delivery agent (see local(8)).
+#
+# Details are described in the LOCAL_RECIPIENT_README file.
+#
+# Beware: if the Postfix SMTP server runs chrooted, you probably have
+# to access the passwd file via the proxymap service, in order to
+# overcome chroot restrictions. The alternative, having a copy of
+# the system passwd file in the chroot jail is just not practical.
+#
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify a bare username, an @domain.tld
+# wild-card, or specify a user@domain.tld address.
+#
+#local_recipient_maps = unix:passwd.byname $alias_maps
+#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
+#local_recipient_maps =
+
+# The unknown_local_recipient_reject_code specifies the SMTP server
+# response code when a recipient domain matches $mydestination or
+# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty
+# and the recipient address or address local-part is not found.
+#
+# The default setting is 550 (reject mail) but it is safer to start
+# with 450 (try again later) until you are certain that your
+# local_recipient_maps settings are OK.
+#
+unknown_local_recipient_reject_code = 550
+
+# TRUST AND RELAY CONTROL
+
+# The mynetworks parameter specifies the list of "trusted" SMTP
+# clients that have more privileges than "strangers".
+#
+# In particular, "trusted" SMTP clients are allowed to relay mail
+# through Postfix. See the smtpd_recipient_restrictions parameter
+# in postconf(5).
+#
+# You can specify the list of "trusted" network addresses by hand
+# or you can let Postfix do it for you (which is the default).
+#
+# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
+# clients in the same IP subnetworks as the local machine.
+# On Linux, this does works correctly only with interfaces specified
+# with the "ifconfig" command.
+#
+# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
+# clients in the same IP class A/B/C networks as the local machine.
+# Don't do this with a dialup site - it would cause Postfix to "trust"
+# your entire provider's network. Instead, specify an explicit
+# mynetworks list by hand, as described below.
+#
+# Specify "mynetworks_style = host" when Postfix should "trust"
+# only the local machine.
+#
+#mynetworks_style = class
+#mynetworks_style = subnet
+#mynetworks_style = host
+
+# Alternatively, you can specify the mynetworks list by hand, in
+# which case Postfix ignores the mynetworks_style setting.
+#
+# Specify an explicit list of network/netmask patterns, where the
+# mask specifies the number of bits in the network part of a host
+# address.
+#
+# You can also specify the absolute pathname of a pattern file instead
+# of listing the patterns here. Specify type:table for table-based lookups
+# (the value on the table right-hand side is not used).
+#
+#mynetworks = 168.100.189.0/28, 127.0.0.0/8
+#mynetworks = $config_directory/mynetworks
+#mynetworks = hash:/etc/postfix/network_table
+
+# The relay_domains parameter restricts what destinations this system will
+# relay mail to. See the smtpd_recipient_restrictions description in
+# postconf(5) for detailed information.
+#
+# By default, Postfix relays mail
+# - from "trusted" clients (IP address matches $mynetworks) to any destination,
+# - from "untrusted" clients to destinations that match $relay_domains or
+# subdomains thereof, except addresses with sender-specified routing.
+# The default relay_domains value is $mydestination.
+#
+# In addition to the above, the Postfix SMTP server by default accepts mail
+# that Postfix is final destination for:
+# - destinations that match $inet_interfaces or $proxy_interfaces,
+# - destinations that match $mydestination
+# - destinations that match $virtual_alias_domains,
+# - destinations that match $virtual_mailbox_domains.
+# These destinations do not need to be listed in $relay_domains.
+#
+# Specify a list of hosts or domains, /file/name patterns or type:name
+# lookup tables, separated by commas and/or whitespace. Continue
+# long lines by starting the next line with whitespace. A file name
+# is replaced by its contents; a type:name table is matched when a
+# (parent) domain appears as lookup key.
+#
+# NOTE: Postfix will not automatically forward mail for domains that
+# list this system as their primary or backup MX host. See the
+# permit_mx_backup restriction description in postconf(5).
+#
+#relay_domains = $mydestination
+
+# INTERNET OR INTRANET
+
+# The relayhost parameter specifies the default host to send mail to
+# when no entry is matched in the optional transport(5) table. When
+# no relayhost is given, mail is routed directly to the destination.
+#
+# On an intranet, specify the organizational domain name. If your
+# internal DNS uses no MX records, specify the name of the intranet
+# gateway host instead.
+#
+# In the case of SMTP, specify a domain, host, host:port, [host]:port,
+# [address] or [address]:port; the form [host] turns off MX lookups.
+#
+# If you're connected via UUCP, see also the default_transport parameter.
+#
+#relayhost = $mydomain
+#relayhost = [gateway.my.domain]
+#relayhost = [mailserver.isp.tld]
+#relayhost = uucphost
+#relayhost = [an.ip.add.ress]
+
+# REJECTING UNKNOWN RELAY USERS
+#
+# The relay_recipient_maps parameter specifies optional lookup tables
+# with all addresses in the domains that match $relay_domains.
+#
+# If this parameter is defined, then the SMTP server will reject
+# mail for unknown relay users. This feature is off by default.
+#
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify an @domain.tld wild-card, or specify
+# a user@domain.tld address.
+#
+#relay_recipient_maps = hash:/etc/postfix/relay_recipients
+
+# INPUT RATE CONTROL
+#
+# The in_flow_delay configuration parameter implements mail input
+# flow control. This feature is turned on by default, although it
+# still needs further development (it's disabled on SCO UNIX due
+# to an SCO bug).
+#
+# A Postfix process will pause for $in_flow_delay seconds before
+# accepting a new message, when the message arrival rate exceeds the
+# message delivery rate. With the default 100 SMTP server process
+# limit, this limits the mail inflow to 100 messages a second more
+# than the number of messages delivered per second.
+#
+# Specify 0 to disable the feature. Valid delays are 0..10.
+#
+#in_flow_delay = 1s
+
+# ADDRESS REWRITING
+#
+# The ADDRESS_REWRITING_README document gives information about
+# address masquerading or other forms of address rewriting including
+# username->Firstname.Lastname mapping.
+
+# ADDRESS REDIRECTION (VIRTUAL DOMAIN)
+#
+# The VIRTUAL_README document gives information about the many forms
+# of domain hosting that Postfix supports.
+
+# "USER HAS MOVED" BOUNCE MESSAGES
+#
+# See the discussion in the ADDRESS_REWRITING_README document.
+
+# TRANSPORT MAP
+#
+# See the discussion in the ADDRESS_REWRITING_README document.
+
+# ALIAS DATABASE
+#
+# The alias_maps parameter specifies the list of alias databases used
+# by the local delivery agent. The default list is system dependent.
+#
+# On systems with NIS, the default is to search the local alias
+# database, then the NIS alias database. See aliases(5) for syntax
+# details.
+#
+# If you change the alias database, run "postalias /etc/aliases" (or
+# wherever your system stores the mail alias file), or simply run
+# "newaliases" to build the necessary DBM or DB file.
+#
+# It will take a minute or so before changes become visible. Use
+# "postfix reload" to eliminate the delay.
+#
+#alias_maps = dbm:/etc/aliases
+#alias_maps = hash:/etc/aliases
+#alias_maps = hash:/etc/aliases, nis:mail.aliases
+#alias_maps = netinfo:/aliases
+
+# The alias_database parameter specifies the alias database(s) that
+# are built with "newaliases" or "sendmail -bi". This is a separate
+# configuration parameter, because alias_maps (see above) may specify
+# tables that are not necessarily all under control by Postfix.
+#
+#alias_database = dbm:/etc/aliases
+#alias_database = dbm:/etc/mail/aliases
+#alias_database = hash:/etc/aliases
+#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
+
+# ADDRESS EXTENSIONS (e.g., user+foo)
+#
+# The recipient_delimiter parameter specifies the separator between
+# user names and address extensions (user+foo). See canonical(5),
+# local(8), relocated(5) and virtual(5) for the effects this has on
+# aliases, canonical, virtual, relocated and .forward file lookups.
+# Basically, the software tries user+foo and .forward+foo before
+# trying user and .forward.
+#
+#recipient_delimiter = +
+
+# DELIVERY TO MAILBOX
+#
+# The home_mailbox parameter specifies the optional pathname of a
+# mailbox file relative to a user's home directory. The default
+# mailbox file is /var/spool/mail/user or /var/mail/user. Specify
+# "Maildir/" for qmail-style delivery (the / is required).
+#
+#home_mailbox = Mailbox
+#home_mailbox = Maildir/
+
+# The mail_spool_directory parameter specifies the directory where
+# UNIX-style mailboxes are kept. The default setting depends on the
+# system type.
+#
+#mail_spool_directory = /var/mail
+#mail_spool_directory = /var/spool/mail
+
+# The mailbox_command parameter specifies the optional external
+# command to use instead of mailbox delivery. The command is run as
+# the recipient with proper HOME, SHELL and LOGNAME environment settings.
+# Exception: delivery for root is done as $default_user.
+#
+# Other environment variables of interest: USER (recipient username),
+# EXTENSION (address extension), DOMAIN (domain part of address),
+# and LOCAL (the address localpart).
+#
+# Unlike other Postfix configuration parameters, the mailbox_command
+# parameter is not subjected to $parameter substitutions. This is to
+# make it easier to specify shell syntax (see example below).
+#
+# Avoid shell meta characters because they will force Postfix to run
+# an expensive shell process. Procmail alone is expensive enough.
+#
+# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN
+# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER.
+#
+#mailbox_command = /some/where/procmail
+#mailbox_command = /some/where/procmail -a "$EXTENSION"
+
+# The mailbox_transport specifies the optional transport in master.cf
+# to use after processing aliases and .forward files. This parameter
+# has precedence over the mailbox_command, fallback_transport and
+# luser_relay parameters.
+#
+# Specify a string of the form transport:nexthop, where transport is
+# the name of a mail delivery transport defined in master.cf. The
+# :nexthop part is optional. For more details see the sample transport
+# configuration file.
+#
+# NOTE: if you use this feature for accounts not in the UNIX password
+# file, then you must update the "local_recipient_maps" setting in
+# the main.cf file, otherwise the SMTP server will reject mail for
+# non-UNIX accounts with "User unknown in local recipient table".
+#
+#mailbox_transport = lmtp:unix:/file/name
+#mailbox_transport = cyrus
+
+# The fallback_transport specifies the optional transport in master.cf
+# to use for recipients that are not found in the UNIX passwd database.
+# This parameter has precedence over the luser_relay parameter.
+#
+# Specify a string of the form transport:nexthop, where transport is
+# the name of a mail delivery transport defined in master.cf. The
+# :nexthop part is optional. For more details see the sample transport
+# configuration file.
+#
+# NOTE: if you use this feature for accounts not in the UNIX password
+# file, then you must update the "local_recipient_maps" setting in
+# the main.cf file, otherwise the SMTP server will reject mail for
+# non-UNIX accounts with "User unknown in local recipient table".
+#
+#fallback_transport = lmtp:unix:/file/name
+#fallback_transport = cyrus
+#fallback_transport =
+
+# The luser_relay parameter specifies an optional destination address
+# for unknown recipients. By default, mail for unknown@$mydestination,
+# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned
+# as undeliverable.
+#
+# The following expansions are done on luser_relay: $user (recipient
+# username), $shell (recipient shell), $home (recipient home directory),
+# $recipient (full recipient address), $extension (recipient address
+# extension), $domain (recipient domain), $local (entire recipient
+# localpart), $recipient_delimiter. Specify ${name?value} or
+# ${name:value} to expand value only when $name does (does not) exist.
+#
+# luser_relay works only for the default Postfix local delivery agent.
+#
+# NOTE: if you use this feature for accounts not in the UNIX password
+# file, then you must specify "local_recipient_maps =" (i.e. empty) in
+# the main.cf file, otherwise the SMTP server will reject mail for
+# non-UNIX accounts with "User unknown in local recipient table".
+#
+#luser_relay = $user@other.host
+#luser_relay = $local@other.host
+#luser_relay = admin+$local
+
+# JUNK MAIL CONTROLS
+#
+# The controls listed here are only a very small subset. The file
+# SMTPD_ACCESS_README provides an overview.
+
+# The header_checks parameter specifies an optional table with patterns
+# that each logical message header is matched against, including
+# headers that span multiple physical lines.
+#
+# By default, these patterns also apply to MIME headers and to the
+# headers of attached messages. With older Postfix versions, MIME and
+# attached message headers were treated as body text.
+#
+# For details, see "man header_checks".
+#
+#header_checks = regexp:/etc/postfix/header_checks
+
+# FAST ETRN SERVICE
+#
+# Postfix maintains per-destination logfiles with information about
+# deferred mail, so that mail can be flushed quickly with the SMTP
+# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld".
+# See the ETRN_README document for a detailed description.
+#
+# The fast_flush_domains parameter controls what destinations are
+# eligible for this service. By default, they are all domains that
+# this server is willing to relay mail to.
+#
+#fast_flush_domains = $relay_domains
+
+# SHOW SOFTWARE VERSION OR NOT
+#
+# The smtpd_banner parameter specifies the text that follows the 220
+# code in the SMTP server's greeting banner. Some people like to see
+# the mail version advertised. By default, Postfix shows no version.
+#
+# You MUST specify $myhostname at the start of the text. That is an
+# RFC requirement. Postfix itself does not care.
+#
+#smtpd_banner = $myhostname ESMTP $mail_name
+#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
+
+# PARALLEL DELIVERY TO THE SAME DESTINATION
+#
+# How many parallel deliveries to the same user or domain? With local
+# delivery, it does not make sense to do massively parallel delivery
+# to the same user, because mailbox updates must happen sequentially,
+# and expensive pipelines in .forward files can cause disasters when
+# too many are run at the same time. With SMTP deliveries, 10
+# simultaneous connections to the same domain could be sufficient to
+# raise eyebrows.
+#
+# Each message delivery transport has its XXX_destination_concurrency_limit
+# parameter. The default is $default_destination_concurrency_limit for
+# most delivery transports. For the local delivery agent the default is 2.
+
+#local_destination_concurrency_limit = 2
+#default_destination_concurrency_limit = 20
+
+# DEBUGGING CONTROL
+#
+# The debug_peer_level parameter specifies the increment in verbose
+# logging level when an SMTP client or server host name or address
+# matches a pattern in the debug_peer_list parameter.
+#
+debug_peer_level = 2
+
+# The debug_peer_list parameter specifies an optional list of domain
+# or network patterns, /file/name patterns or type:name tables. When
+# an SMTP client or server host name or address matches a pattern,
+# increase the verbose logging level by the amount specified in the
+# debug_peer_level parameter.
+#
+#debug_peer_list = 127.0.0.1
+#debug_peer_list = some.domain
+
+# The debugger_command specifies the external command that is executed
+# when a Postfix daemon program is run with the -D option.
+#
+# Use "command .. & sleep 5" so that the debugger can attach before
+# the process marches on. If you use an X-based debugger, be sure to
+# set up your XAUTHORITY environment variable before starting Postfix.
+#
+debugger_command =
+ PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+ ddd $daemon_directory/$process_name $process_id & sleep 5
+
+# If you can't use X, use this to capture the call stack when a
+# daemon crashes. The result is in a file in the configuration
+# directory, and is named after the process name and the process ID.
+#
+# debugger_command =
+# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;
+# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1
+# >$config_directory/$process_name.$process_id.log & sleep 5
+#
+# Another possibility is to run gdb under a detached screen session.
+# To attach to the screen sesssion, su root and run "screen -r
+# <id_string>" where <id_string> uniquely matches one of the detached
+# sessions (from "screen -list").
+#
+# debugger_command =
+# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen
+# -dmS $process_name gdb $daemon_directory/$process_name
+# $process_id & sleep 1
+
+# INSTALL-TIME CONFIGURATION INFORMATION
+#
+# The following parameters are used when installing a new Postfix version.
+#
+# sendmail_path: The full pathname of the Postfix sendmail command.
+# This is the Sendmail-compatible mail posting interface.
+#
+sendmail_path = /usr/sbin/sendmail
+
+# newaliases_path: The full pathname of the Postfix newaliases command.
+# This is the Sendmail-compatible command to build alias databases.
+#
+newaliases_path = /usr/bin/newaliases
+
+# mailq_path: The full pathname of the Postfix mailq command. This
+# is the Sendmail-compatible mail queue listing command.
+#
+mailq_path = /usr/bin/mailq
+
+# setgid_group: The group for mail submission and queue management
+# commands. This must be a group name with a numerical group ID that
+# is not shared with other accounts, not even with the Postfix account.
+#
+setgid_group = postdrop
+
+# html_directory: The location of the Postfix HTML documentation.
+#
+html_directory = /usr/share/doc/postfix-2.8.7/html
+
+# manpage_directory: The location of the Postfix on-line manual pages.
+#
+manpage_directory = /usr/share/man
+
+# sample_directory: The location of the Postfix sample configuration files.
+# This parameter is obsolete as of Postfix 2.1.
+#
+sample_directory = /etc/postfix
+
+# readme_directory: The location of the Postfix README files.
+#
+readme_directory = /usr/share/doc/postfix-2.8.7/readme
+home_mailbox = .maildir/
+broken_sasl_auth_clients = yes
+
+inet_protocols = all
+
+mydomain = uhu-banane.de
+
+# default: mynetworks = 127.0.0.0/8 46.16.73.175/32 [::1]/128 [fe80::%eth0]/64
+mynetworks = 127.0.0.0/8 46.16.73.175/32 [::1]/128
+
+myorigin = $mydomain
+recipient_delimiter = +
+relayhost = [mail.brehm-online.com]
+smtp_sasl_auth_enable = yes
+smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
+smtp_sasl_security_options = noanonymous
+smtp_tls_cert_file = /etc/postfix/postfix.pem
+smtp_tls_enforce_peername = no
+smtp_tls_key_file = /etc/postfix/postfix.pem
+smtp_use_tls = yes
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_local_domain = $myhostname
+smtpd_sasl_security_options = noanonymous
+smtpd_tls_cert_file = /etc/postfix/postfix.pem
+smtpd_tls_key_file = /etc/postfix/postfix.pem
+smtpd_tls_loglevel = 1
+smtpd_tls_received_header = yes
+smtpd_tls_session_cache_timeout = 3600s
+smtpd_use_tls = yes
+tls_random_source = dev:/dev/urandom
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.2/html
+html_directory = /usr/share/doc/postfix-2.10.3/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.2/readme
+readme_directory = /usr/share/doc/postfix-2.10.3/readme
home_mailbox = .maildir/
# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
-#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1
+#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
# "key type names" for X.509 certificates with DSA key
# Note first defined is used in signature operations!
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
+# Ciphers and keying
+#RekeyLimit default none
+
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
# but this is overridden so installations will only check .ssh/authorized_keys
#AuthorizedKeysFile .ssh/authorized_keys
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
-#UsePrivilegeSeparation yes
+UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
-#MaxStartups 10
+#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
+#VersionAddendum none
# no default banner path
#Banner none
# tcp receive buffer polling. disable in non autotuning kernels
#TcpRcvBufPoll yes
-# allow the use of the none cipher
-#NoneEnabled no
-
-# disable hpn performance boosts.
+# disable hpn performance boosts
#HPNDisabled no
# buffer size for hpn to non-hpn connections
#HPNBufferSize 2048
+# allow the use of the none cipher
+#NoneEnabled no
+
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
+
+# Allow client to pass locale environment variables #367017
+AcceptEnv LANG LC_*
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options change a
+# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
# Authentication:
#LoginGraceTime 2m
-#PermitRootLogin yes
-PermitRootLogin no
+PermitRootLogin yes
+#PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
+
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
+# but this is overridden so installations will only check .ssh/authorized_keys
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# no default banner path
#Banner none
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
-# $OpenBSD: sshd_config,v 1.82 2010/09/06 17:10:19 naddy Exp $
+# $OpenBSD$
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
+# "key type names" for X.509 certificates with RSA key
+# Note first defined is used in signature operations!
+#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
+#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1
+
+# "key type names" for X.509 certificates with DSA key
+# Note first defined is used in signature operations!
+#X509KeyAlgorithm x509v3-sign-dss,dss-asn1
+#X509KeyAlgorithm x509v3-sign-dss,dss-raw
+
+# The intended use for the X509 client certificate. Without this option
+# no chain verification will be done. Currently accepted uses are case
+# insensitive:
+# - "sslclient", "SSL client", "SSL_client" or "client"
+# - "any", "Any Purpose", "Any_Purpose" or "AnyPurpose"
+# - "skip" or ""(empty): don`t check purpose.
+#AllowedCertPurpose sslclient
+
+# Specifies whether self-issued(self-signed) X.509 certificate can be
+# allowed only by entry in AutorizedKeysFile that contain matching
+# public key or certificate blob.
+#KeyAllowSelfIssued no
+
+# Specifies whether CRL must present in store for all certificates in
+# certificate chain with atribute "cRLDistributionPoints"
+#MandatoryCRL no
+
+# A file with multiple certificates of certificate signers
+# in PEM format concatenated together.
+#CACertificateFile /etc/ssh/ca/ca-bundle.crt
+
+# A directory with certificates of certificate signers.
+# The certificates should have name of the form: [HASH].[NUMBER]
+# or have symbolic links to them of this form.
+#CACertificatePath /etc/ssh/ca/crt
+
+# A file with multiple CRL of certificate signers
+# in PEM format concatenated together.
+#CARevocationFile /etc/ssh/ca/ca-bundle.crl
+
+# A directory with CRL of certificate signers.
+# The CRL should have name of the form: [HASH].r[NUMBER]
+# or have symbolic links to them of this form.
+#CARevocationPath /etc/ssh/ca/crl
+
+# LDAP protocol version.
+# Example:
+# CAldapVersion 2
+
+# Note because of OpenSSH options parser limitation
+# use %3D instead of = !
+# LDAP initialization may require URL to be escaped, i.e.
+# use %2C instead of ,(comma). Escaped URL don't depend from
+# LDAP initialization method.
+# Example:
+# CAldapURL ldap://localhost:389/dc%3Dexample%2Cdc%3Dcom
+
+# SSH can use "Online Certificate Status Protocol"(OCSP)
+# to validate certificate. Set VAType to
+# - none : do not use OCSP to validate certificates;
+# - ocspcert: validate only certificates that specify `OCSP
+# Service Locator' URL;
+# - ocspspec: use specified in the configuration 'OCSP Responder'
+# to validate all certificates.
+#VAType none
+
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
--- /dev/null
+# $OpenBSD: sshd_config,v 1.82 2010/09/06 17:10:19 naddy Exp $
+
+# This is the sshd server system-wide configuration file. See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented. Uncommented options change a
+# default value.
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# The default requires explicit activation of protocol 1
+#Protocol 2
+
+# HostKey for protocol version 1
+#HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_dsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+
+# Lifetime and size of ephemeral version 1 server key
+#KeyRegenerationInterval 1h
+#ServerKeyBits 1024
+
+# Logging
+# obsoletes QuietMode and FascistLogging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+#PermitRootLogin yes
+PermitRootLogin no
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#RSAAuthentication yes
+#PubkeyAuthentication yes
+#AuthorizedKeysFile .ssh/authorized_keys
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#RhostsRSAAuthentication no
+# similar for protocol version 2
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+#PasswordAuthentication no
+PasswordAuthentication no
+#PermitEmptyPasswords no
+
+# Change to no to disable s/key passwords
+#ChallengeResponseAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+#X11Forwarding no
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+PrintMotd no
+PrintLastLog no
+#TCPKeepAlive yes
+#UseLogin no
+#UsePrivilegeSeparation yes
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#UseDNS yes
+#PidFile /var/run/sshd.pid
+#MaxStartups 10
+#PermitTunnel no
+#ChrootDirectory none
+
+# no default banner path
+#Banner none
+
+# override default of no subsystems
+Subsystem sftp /usr/lib64/misc/sftp-server
+
+# the following are HPN related configuration options
+# tcp receive buffer polling. disable in non autotuning kernels
+#TcpRcvBufPoll yes
+
+# allow the use of the none cipher
+#NoneEnabled no
+
+# disable hpn performance boosts.
+#HPNDisabled no
+
+# buffer size for hpn to non-hpn connections
+#HPNBufferSize 2048
+
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+# X11Forwarding no
+# AllowTcpForwarding no
+# ForceCommand cvs server
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
+#PermitTTY yes
PrintMotd no
PrintLastLog no
#TCPKeepAlive yes
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
+# PermitTTY no
# ForceCommand cvs server
# Allow client to pass locale environment variables #367017
setenv GUILE_LOAD_PATH '/usr/share/guile/1.8'
setenv HG '/usr/bin/hg'
setenv INFOPATH '/usr/share/info:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.7.3/info:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.23.2/info'
-setenv LANG 'de_DE.UTF-8'
-setenv LC_ADDRESS 'de_DE.utf8'
-setenv LC_COLLATE 'de_DE.utf8'
-setenv LC_CTYPE 'de_DE.utf8'
-setenv LC_IDENTIFICATION 'de_DE.utf8'
-setenv LC_MEASUREMENT 'de_DE.utf8'
-setenv LC_MESSAGES 'de_DE.utf8'
-setenv LC_MONETARY 'de_DE.utf8'
-setenv LC_NAME 'de_DE.utf8'
-setenv LC_NUMERIC 'de_DE.utf8'
-setenv LC_PAPER 'de_DE.utf8'
-setenv LC_TELEPHONE 'de_DE.utf8'
-setenv LC_TIME 'de_DE.utf8'
+setenv LANG 'en_US.UTF-8'
+setenv LC_ADDRESS 'en_US.utf8'
+setenv LC_COLLATE 'en_US.utf8'
+setenv LC_CTYPE 'en_US.utf8'
+setenv LC_IDENTIFICATION 'en_US.utf8'
+setenv LC_MEASUREMENT 'en_US.utf8'
+setenv LC_MESSAGES 'en_US.utf8'
+setenv LC_MONETARY 'en_US.utf8'
+setenv LC_NAME 'en_US.utf8'
+setenv LC_NUMERIC 'en_US.utf8'
+setenv LC_PAPER 'en_US.utf8'
+setenv LC_TELEPHONE 'en_US.utf8'
+setenv LC_TIME 'en_US.utf8'
setenv LESS '-R -M --shift 5'
setenv LESSOPEN '|lesspipe %s'
setenv MANPATH '/usr/local/share/man:/usr/share/man:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.7.3/man:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.23.2/man:/etc/java-config-2/current-system-vm/man/:/usr/lib64/php5.3/man/:/usr/lib64/php5.5/man/:/usr/share/postgresql/man/:/usr/share/postgresql-9.3/man/'
--- /dev/null
+# For more information, please see the hosts.allow(5) manpage
+
+# Rule format:
+# daemon : client list
+# The value for 'daemon' is determined by the name of the binary.
+# OpenSSH runs as 'sshd' so you would use 'sshd' for 'daemon'.
+# Client list can be a list of ip's or hostnames.
+
+# Allow only sshd connections from ips matching 192.168.0.*
+#sshd: 192.168.0.
+
+# Only allow sendmail connections from the localhost
+#sendmail: localhost
+
+# Allow everyone from foobar.edu to access everything except for
+# the terminalserver
+#ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
# Use start stop daemon to apply system limits #347301
start-stop-daemon --start -- ${APACHE2} ${APACHE2_OPTS} -k start
- i=0
- while [ ! -e "${PIDFILE}" ] && [ $i -lt ${TIMEOUT} ]; do
+ local i=0 retval=1
+ while [ $i -lt ${TIMEOUT} ] ; do
+ if [ -e "${PIDFILE}" ] ; then
+ retval=0
+ break
+ fi
sleep 1 && i=$(expr $i + 1)
done
- eend $(test $i -lt ${TIMEOUT})
+ eend ${retval}
}
stop() {
ebegin "Stopping ${SVCNAME}"
${APACHE2} ${APACHE2_OPTS} -k stop
- i=0
+ local i=0 retval=0
while ( test -f "${PIDFILE}" && pgrep -P ${PID} apache2 >/dev/null ) \
&& [ $i -lt ${TIMEOUT} ]; do
sleep 1 && i=$(expr $i + 1)
done
+ [ -e "${PIDFILE}" ] && retval=1
- eend $(test $i -lt ${TIMEOUT})
+ eend ${retval}
}
reload() {
#!/sbin/runscript
-# Copyright 1999-2013 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nrpe/files/nrpe.init,v 1.3 2013/01/25 17:43:36 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nrpe/files/nrpe.init,v 1.4 2014/04/19 17:18:03 robbat2 Exp $
: ${CFGFILE:=/etc/nagios/nrpe.cfg}
config ${CFGFILE}
}
+
+start()
+{
+ mkdir -p $(dirname $pidfile)
+ local _background=
+ ebegin "Starting ${name:-$RC_SVCNAME}"
+ eval start-stop-daemon --start \
+ --exec $command \
+ ${procname:+--name} $procname \
+ ${pidfile:+--pidfile} $pidfile \
+ $_background $start_stop_daemon_args \
+ -- $command_args
+ if eend $? "Failed to start $RC_SVCNAME"; then
+ service_set_value "command" "${command}"
+ [ -n "${pidfile}" ] && service_set_value "pidfile" "${pidfile}"
+ [ -n "${procname}" ] && service_set_value "procname" "${procname}"
+ return 0
+ fi
+ return 1
+}
+
#!/sbin/runscript
-# Copyright 1999-2011 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License, v2 or later
-# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.6/samba.initd,v 1.3 2011/09/14 22:52:33 polynomial-c Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.6/samba.initd,v 1.4 2014/03/14 09:30:41 polynomial-c Exp $
extra_started_commands="reload"
+piddir="/var/run/samba"
depend() {
after slapd
}
mkdir_sambadirs() {
- [ -d /var/run/samba ] || mkdir -p /var/run/samba
+ [ -d "${piddir}" ] || mkdir -p ${piddir}
}
start() {
"call urlview to extract URLs out of a message"
# Show documentation when pressing F1
-macro generic,pager <F1> "<shell-escape> less /usr/share/doc/mutt-1.5.21-r12/manual.txt<Enter>" "show Mutt documentation"
+macro generic,pager <F1> "<shell-escape> less /usr/share/doc/mutt-1.5.22-r3/manual.txt<Enter>" "show Mutt documentation"
# show the incoming mailboxes list (just like "mutt -y") and back when pressing "y"
macro index,pager y "<change-folder>?<toggle-mailboxes>" "show incoming mailboxes list"
# It defaults to the value of the $VISUAL, or $EDITOR, environment
# variable, or to the string ``vi'' if neither of those are set.
#
+# The $editor string may contain a %s escape, which will be replaced by the name
+# of the file to be edited. If the %s escape does not appear in $editor, a
+# space and the name to be edited are appended.
+#
+# The resulting string is then executed by running
+# sh -c 'string'
+#
+# where string is the expansion of $editor described above.
+#
#
# set encode_from=no
#
# up periodically, try unsetting this.
#
#
-# set imap_keepalive=900
+# set imap_keepalive=300
#
# Name: imap_keepalive
# Type: number
-# Default: 900
+# Default: 300
#
#
# This variable specifies the maximum amount of time in seconds that mutt
# Default: ""
#
#
-# This command is invoked whenever mutt will need public key information.
-# Of the sequences supported by $pgp_decode_command, %r is the only
-# printf(3)-like sequence used with this format.
+# This command is invoked whenever Mutt needs to fetch the public key associated with
+# an email address. Of the sequences supported by $pgp_decode_command, %r is
+# the only printf(3)-like sequence used with this format. Note that
+# in this case, %r expands to the email address, not the public key ID (the key ID is
+# unknown, which is why Mutt is invoking this command).
# (PGP only)
#
#
#
# This command is used to list the public key ring's contents. The
# output format must be analogous to the one used by
-# gpg --list-keys --with-colons.
+# gpg --list-keys --with-colons
#
# This format is also generated by the pgpring utility which comes
# with mutt.
#
# This command is used to list the secret key ring's contents. The
# output format must be analogous to the one used by:
-# gpg --list-keys --with-colons.
+# gpg --list-keys --with-colons
#
# This format is also generated by the pgpring utility which comes
# with mutt.
# $save_name variables, and the ``fcc-hook'' command.
#
#
+# set reflow_text=yes
+#
+# Name: reflow_text
+# Type: boolean
+# Default: yes
+#
+#
+# When set, Mutt will reformat paragraphs in text/plain
+# parts marked format=flowed. If unset, Mutt will display paragraphs
+# unaltered from how they appear in the message body. See RFC3676 for
+# details on the format=flowed format.
+#
+# Also see $reflow_wrap, and $wrap.
+#
+#
+# set reflow_wrap=78
+#
+# Name: reflow_wrap
+# Type: number
+# Default: 78
+#
+#
+# This variable controls the maximum paragraph width when reformatting text/plain
+# parts when $reflow_text is set. When the value is 0, paragraphs will
+# be wrapped at the terminal's right margin. A positive value sets the
+# paragraph width relative to the left margin. A negative value set the
+# paragraph width relative to the right margin.
+#
+# Also see $wrap.
+#
+#
# set reply_regexp="^(re([\\[0-9\\]+])*|aw):[ \t]*"
#
# Name: reply_regexp
# Default: yes
#
#
-# This variable specifies whether to attempt to use TLSv1 in the
+# This variable specifies whether to attempt to use TLSv1.0 in the
+# SSL authentication process.
+#
+#
+# set ssl_use_tlsv1_1=yes
+#
+# Name: ssl_use_tlsv1_1
+# Type: boolean
+# Default: yes
+#
+#
+# This variable specifies whether to attempt to use TLSv1.1 in the
+# SSL authentication process.
+#
+#
+# set ssl_use_tlsv1_2=yes
+#
+# Name: ssl_use_tlsv1_2
+# Type: boolean
+# Default: yes
+#
+#
+# This variable specifies whether to attempt to use TLSv1.2 in the
# SSL authentication process.
#
#
# characters of empty space on the right side of the terminal. Setting it
# to zero makes mutt wrap at the terminal width.
#
+# Also see $reflow_wrap.
+#
#
# set wrap_headers=78
#
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.2/html
+html_directory = /usr/share/doc/postfix-2.10.3/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.2/readme
+readme_directory = /usr/share/doc/postfix-2.10.3/readme
home_mailbox = .maildir/
broken_sasl_auth_clients = yes
export GUILE_LOAD_PATH='/usr/share/guile/1.8'
export HG='/usr/bin/hg'
export INFOPATH='/usr/share/info:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.7.3/info:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.23.2/info'
-export LANG='de_DE.UTF-8'
-export LC_ADDRESS='de_DE.utf8'
-export LC_COLLATE='de_DE.utf8'
-export LC_CTYPE='de_DE.utf8'
-export LC_IDENTIFICATION='de_DE.utf8'
-export LC_MEASUREMENT='de_DE.utf8'
-export LC_MESSAGES='de_DE.utf8'
-export LC_MONETARY='de_DE.utf8'
-export LC_NAME='de_DE.utf8'
-export LC_NUMERIC='de_DE.utf8'
-export LC_PAPER='de_DE.utf8'
-export LC_TELEPHONE='de_DE.utf8'
-export LC_TIME='de_DE.utf8'
+export LANG='en_US.UTF-8'
+export LC_ADDRESS='en_US.utf8'
+export LC_COLLATE='en_US.utf8'
+export LC_CTYPE='en_US.utf8'
+export LC_IDENTIFICATION='en_US.utf8'
+export LC_MEASUREMENT='en_US.utf8'
+export LC_MESSAGES='en_US.utf8'
+export LC_MONETARY='en_US.utf8'
+export LC_NAME='en_US.utf8'
+export LC_NUMERIC='en_US.utf8'
+export LC_PAPER='en_US.utf8'
+export LC_TELEPHONE='en_US.utf8'
+export LC_TIME='en_US.utf8'
export LESS='-R -M --shift 5'
export LESSOPEN='|lesspipe %s'
export MANPATH='/usr/local/share/man:/usr/share/man:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.7.3/man:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.23.2/man:/etc/java-config-2/current-system-vm/man/:/usr/lib64/php5.3/man/:/usr/lib64/php5.5/man/:/usr/share/postgresql/man/:/usr/share/postgresql-9.3/man/'
--- /dev/null
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCghQiD0zcCfpRlaOv7XFKCSuhPmI6+5HMtmhw6Qbso4AAAAJCKc6PbinOj
+2wAAAAtzc2gtZWQyNTUxOQAAACCghQiD0zcCfpRlaOv7XFKCSuhPmI6+5HMtmhw6Qbso4A
+AAAECk9Ixsrc/yV2TYlS9dX5YZoMSAlKMtYKuMQ6iQDTj5SqCFCIPTNwJ+lGVo6/tcUoJK
+6E+Yjr7kcy2aHDpBuyjgAAAACXJvb3RAdWh1MQECAwQ=
+-----END OPENSSH PRIVATE KEY-----
--- /dev/null
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKCFCIPTNwJ+lGVo6/tcUoJK6E+Yjr7kcy2aHDpBuyjg root@uhu1
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
+#PermitTTY yes
PrintMotd no
PrintLastLog no
#TCPKeepAlive yes
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
+# PermitTTY no
# ForceCommand cvs server
# Allow client to pass locale environment variables #367017
+++ /dev/null
-Equifax_Secure_eBusiness_CA_2.pem
\ No newline at end of file
+++ /dev/null
-ca.pem
\ No newline at end of file
+++ /dev/null
-TC_TrustCenter_Universal_CA_III.pem
\ No newline at end of file
+++ /dev/null
-spi-ca-2003.pem
\ No newline at end of file
projects / config / uhu1 / etc.git / commitdiff