From 93955729b0d7a2161a16e3cb1c0452d61c2e5b05 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Tue, 8 Aug 2017 21:28:57 +0200 Subject: [PATCH] Current state --- NetworkManager/dispatcher.d/20-chrony | 17 + X11/Xsession.d/90gpg-agent | 22 + aliases.db | Bin 12288 -> 12288 bytes alternatives/Mail | 1 - alternatives/Mail.1.gz | 1 - alternatives/dotlock | 1 + alternatives/dotlock.1.gz | 1 + alternatives/frm | 1 + alternatives/frm.1.gz | 1 + alternatives/from | 2 +- alternatives/from.1.gz | 2 +- alternatives/libblas.so.3gf | 1 - alternatives/mail | 2 +- alternatives/mail.1.gz | 2 +- alternatives/mailx | 2 +- alternatives/mailx.1.gz | 2 +- alternatives/messages | 1 + alternatives/messages.1.gz | 1 + alternatives/movemail | 1 + alternatives/movemail.1.gz | 1 + alternatives/my.cnf | 1 + alternatives/netrc.5.gz | 1 + alternatives/pftp | 1 + alternatives/pftp.1.gz | 1 + alternatives/phar | 2 +- alternatives/phar.1.gz | 2 +- alternatives/phar.phar | 1 + alternatives/phar.phar.1.gz | 1 + alternatives/php | 2 +- alternatives/php.1.gz | 2 +- alternatives/pinentry | 1 + alternatives/pinentry.1.gz | 1 + alternatives/readmsg | 1 + alternatives/readmsg.1.gz | 1 + alternatives/rzsh | 1 - alternatives/rzsh.1.gz | 1 - alternatives/updatedb.8.gz | 1 + alternatives/zsh | 1 - alternatives/zsh-usrbin | 1 - apache2/apache2.conf.dpkg-dist | 227 ++ apache2/conf-available/custom-log.conf | 0 apache2/conf-available/gitweb.conf | 12 +- apache2/conf-available/phpldapadmin.conf | 1 - apache2/conf-available/security.conf | 3 +- apache2/conf-enabled/phpldapadmin.conf | 1 - apache2/envvars | 2 +- apache2/info_users_passwd | 3 + apache2/mods-available/cern_meta.load | 1 + apache2/mods-available/http2.load | 1 + apache2/mods-available/imagemap.load | 1 + apache2/mods-available/info.conf | 11 +- apache2/mods-available/php5.load | 1 - .../mods-available/{php5.conf => php7.0.conf} | 4 +- apache2/mods-available/php7.0.load | 3 + apache2/mods-available/proxy_hcheck.load | 2 + apache2/mods-available/proxy_html.load | 2 +- apache2/mods-available/proxy_http2.load | 2 + apache2/mods-available/status.conf | 12 +- apache2/mods-available/userdir.conf | 7 +- apache2/mods-enabled/info.conf | 1 + apache2/mods-enabled/info.load | 1 + apache2/mods-enabled/php5.conf | 1 - apache2/mods-enabled/php5.load | 1 - apache2/mods-enabled/php7.0.conf | 1 + apache2/mods-enabled/php7.0.load | 1 + apache2/mods-enabled/reqtimeout.conf | 1 + apache2/mods-enabled/reqtimeout.load | 1 + apache2/sites-available/000-default-ssl.conf | 48 + .../default-ssl.conf.dpkg-dist | 134 + apache2/sites-enabled/000-default-ssl.conf | 1 + apm/event.d/01chrony | 17 - apparmor.d/local/usr.sbin.haveged | 2 + apparmor.d/usr.sbin.haveged | 23 + apparmor.d/usr.sbin.named | 18 +- apt/apt.conf.d/01autoremove | 8 + apt/apt.conf.d/01autoremove-kernels | 50 +- apt/apt.conf.d/20listchanges | 3 + apt/listchanges.conf | 7 + apt/sources.list | 30 +- apt/sources.list.bak | 19 + apt/sources.list.bak.1 | 25 + apt/sources.list.d/fbrehm.list | 4 +- apt/sources.list.d/fbrehm.list.bak | 6 + apt/sources.list.d/salt.list | 2 +- apt/sources.list.d/salt.list.bak | 1 + .../debian-archive-squeeze-automatic.gpg | Bin 4084 -> 0 bytes .../debian-archive-squeeze-stable.gpg | Bin 2853 -> 0 bytes .../debian-archive-stretch-automatic.gpg | Bin 0 -> 7483 bytes ...ian-archive-stretch-security-automatic.gpg | Bin 0 -> 7492 bytes .../debian-archive-stretch-stable.gpg | Bin 0 -> 2275 bytes at.deny | 24 + bash_completion.d/apache2 | 89 - bash_completion.d/debconf | 12 - bash_completion.d/fail2ban | 43 +- bash_completion.d/initramfs-tools | 26 - bash_completion.d/isoquery | 45 - bash_completion.d/subversion | 1514 -------- bash_completion.d/whiptail | 6 - bind/db.root | 28 +- bind/named-pri.conf | 28 +- bind/named-sec.conf | 44 + bind/zones/brehm-online.com.zone | 4 +- bind/zones/frankepedia.eu.zone | 13 +- bind/zones/home.brehm-online.com.zone | 14 +- bind/zones/rev.10.12.11.zone | 4 +- bind/zones/rev.2001-6f8-1db7-0.zone | 6 +- bind/zones/uhu-banane.de.zone | 18 +- bind/zones/uhu-banane.net.zone | 2 +- bind/zones/uhu-banane.org.zone | 3 +- ca-certificates.conf | 46 +- ca-certificates.conf.dpkg-old | 85 +- chrony/chrony.conf.ucf-dist | 32 + chrony/chrony.keys | 11 +- colordiffrc | 8 +- console-setup/cached_UTF-8_del.kmap.gz | Bin 4352 -> 4352 bytes console-setup/cached_setup_font.sh | 19 + console-setup/cached_setup_keyboard.sh | 13 + console-setup/cached_setup_terminal.sh | 5 + console-setup/compose.ISO-8859-1.inc | 26 +- console-setup/compose.ISO-8859-13.inc | 18 +- console-setup/compose.ISO-8859-14.inc | 9 +- console-setup/compose.ISO-8859-15.inc | 8 +- console-setup/compose.ISO-8859-2.inc | 41 - console-setup/compose.ISO-8859-3.inc | 27 +- console-setup/compose.ISO-8859-4.inc | 6 +- console-setup/compose.ISO-8859-7.inc | 41 +- console-setup/compose.ISO-8859-9.inc | 22 +- cron.d/{php5 => php} | 4 +- cron.daily/apache2 | 13 +- cron.daily/apt | 507 --- cron.daily/apt-compat | 55 + cron.daily/man-db | 8 +- cron.daily/mlocate | 8 +- cron.weekly/man-db | 4 +- dbus-1/session.conf | 1 + dbus-1/system.conf | 1 + dbus-1/system.d/org.freedesktop.login1.conf | 88 + dbus-1/system.d/org.freedesktop.machine1.conf | 66 - dbus-1/system.d/org.freedesktop.network1.conf | 42 + dbus-1/system.d/org.freedesktop.resolve1.conf | 27 + dbus-1/system.d/org.freedesktop.systemd1.conf | 156 + debian_version | 2 +- default/{apache2 => apache-htcacheclean} | 12 +- default/chrony | 5 + default/dbus | 7 + default/grub | 3 +- default/grub.ucf-dist | 32 + default/rcS | 3 + default/rsync | 6 + default/tmpfs | 4 + dhcp/dhclient-exit-hooks.d/timesyncd | 42 + dhcpcd.conf | 15 +- dhcpcd.conf.bak | 40 + dhcpcd.conf.dpkg-dist | 49 + fail2ban/action.d/badips.conf | 4 +- fail2ban/action.d/badips.py | 377 ++ fail2ban/action.d/blocklist_de.conf | 8 +- fail2ban/action.d/bsd-ipfw.conf | 4 +- fail2ban/action.d/cloudflare.conf | 68 + fail2ban/action.d/complain.conf | 2 +- fail2ban/action.d/firewallcmd-allports.conf | 53 + fail2ban/action.d/firewallcmd-ipset.conf | 18 +- fail2ban/action.d/firewallcmd-multiport.conf | 63 + fail2ban/action.d/firewallcmd-new.conf | 38 +- .../action.d/firewallcmd-rich-logging.conf | 65 + fail2ban/action.d/firewallcmd-rich-rules.conf | 57 + fail2ban/action.d/iptables-allports.conf | 35 +- fail2ban/action.d/iptables-common.conf | 64 + fail2ban/action.d/iptables-ipset-proto4.conf | 31 +- .../iptables-ipset-proto6-allports.conf | 23 +- fail2ban/action.d/iptables-ipset-proto6.conf | 35 +- fail2ban/action.d/iptables-multiport-log.conf | 57 +- fail2ban/action.d/iptables-multiport.conf | 41 +- fail2ban/action.d/iptables-new.conf | 42 +- .../action.d/iptables-xt_recent-echo.conf | 28 +- fail2ban/action.d/iptables.conf | 41 +- fail2ban/action.d/mail-whois-common.conf | 28 + fail2ban/action.d/mail-whois-lines.conf | 14 +- fail2ban/action.d/mail-whois.conf | 8 +- fail2ban/action.d/mynetwatchman.conf | 8 +- fail2ban/action.d/nftables-allports.conf | 22 + fail2ban/action.d/nftables-common.conf | 119 + fail2ban/action.d/nftables-multiport.conf | 22 + fail2ban/action.d/npf.conf | 61 + fail2ban/action.d/nsupdate.conf | 114 + fail2ban/action.d/route.conf | 3 + .../action.d/sendmail-common.conf.dpkg-dist | 73 + fail2ban/action.d/sendmail-geoip-lines.conf | 53 + .../sendmail-whois-ipjailmatches.conf | 37 + .../action.d/sendmail-whois-ipmatches.conf | 37 + fail2ban/action.d/sendmail-whois-lines.conf | 49 +- fail2ban/action.d/sendmail-whois-matches.conf | 37 + .../action.d/sendmail-whois.conf.dpkg-dist | 36 + fail2ban/action.d/sendmail.conf.dpkg-dist | 34 + fail2ban/action.d/shorewall-ipset-proto6.conf | 85 + fail2ban/action.d/shorewall.conf | 4 +- fail2ban/action.d/smtp.py | 225 ++ .../symbiosis-blacklist-allports.conf | 55 + fail2ban/action.d/ufw.conf | 14 +- fail2ban/action.d/xarf-login-attack.conf | 124 + fail2ban/fail2ban.conf | 35 +- fail2ban/fail2ban.conf.dpkg-dist | 69 + fail2ban/filter.d/apache-auth.conf | 2 +- fail2ban/filter.d/apache-badbots.conf | 4 +- fail2ban/filter.d/apache-botsearch.conf | 40 + fail2ban/filter.d/apache-common.conf | 2 +- fail2ban/filter.d/apache-fakegooglebot.conf | 14 + fail2ban/filter.d/apache-modsecurity.conf | 3 +- fail2ban/filter.d/apache-noscript.conf | 10 +- fail2ban/filter.d/apache-pass.conf | 20 + fail2ban/filter.d/apache-shellshock.conf | 26 + fail2ban/filter.d/assp.conf | 33 +- fail2ban/filter.d/asterisk.conf | 25 +- fail2ban/filter.d/botsearch-common.conf | 19 + fail2ban/filter.d/common.conf | 14 +- fail2ban/filter.d/counter-strike.conf | 17 + .../{courierlogin.conf => courier-auth.conf} | 0 .../{couriersmtp.conf => courier-smtp.conf} | 3 +- fail2ban/filter.d/cyrus-imap.conf | 4 +- fail2ban/filter.d/directadmin.conf | 23 + fail2ban/filter.d/dovecot.conf | 18 +- fail2ban/filter.d/drupal-auth.conf | 26 + fail2ban/filter.d/ejabberd-auth.conf | 20 +- fail2ban/filter.d/exim-common.conf | 4 +- fail2ban/filter.d/exim-spam.conf | 28 +- fail2ban/filter.d/exim.conf | 12 +- fail2ban/filter.d/freeswitch.conf | 2 +- fail2ban/filter.d/froxlor-auth.conf | 37 + fail2ban/filter.d/groupoffice.conf | 2 +- fail2ban/filter.d/guacamole.conf | 22 + fail2ban/filter.d/haproxy-http-auth.conf | 37 + .../ignorecommands/apache-fakegooglebot | 35 + fail2ban/filter.d/kerio.conf | 20 + fail2ban/filter.d/mongodb-auth.conf | 49 + fail2ban/filter.d/monit.conf | 21 + fail2ban/filter.d/murmur.conf | 28 + fail2ban/filter.d/mysqld-auth.conf | 2 +- fail2ban/filter.d/named-refused.conf | 10 +- fail2ban/filter.d/nginx-botsearch.conf | 20 + fail2ban/filter.d/nginx-http-auth.conf | 2 +- fail2ban/filter.d/nginx-limit-req.conf | 45 + fail2ban/filter.d/nsd.conf | 6 +- fail2ban/filter.d/openhab.conf | 16 + fail2ban/filter.d/oracleims.conf | 61 + fail2ban/filter.d/pam-generic.conf | 2 +- fail2ban/filter.d/portsentry.conf | 12 + fail2ban/filter.d/postfix-rbl.conf | 19 + fail2ban/filter.d/postfix-sasl.conf | 11 +- fail2ban/filter.d/postfix.conf | 9 +- fail2ban/filter.d/proftpd.conf | 3 + fail2ban/filter.d/pure-ftpd.conf | 14 +- fail2ban/filter.d/recidive.conf | 10 +- fail2ban/filter.d/roundcube-auth.conf | 9 +- fail2ban/filter.d/screensharingd.conf | 31 + fail2ban/filter.d/sendmail-reject.conf | 22 +- fail2ban/filter.d/sieve.conf | 2 +- fail2ban/filter.d/slapd.conf | 25 + fail2ban/filter.d/solid-pop3d.conf | 2 +- fail2ban/filter.d/squid.conf | 2 +- fail2ban/filter.d/squirrelmail.conf | 14 + fail2ban/filter.d/sshd-ddos.conf | 4 + fail2ban/filter.d/sshd.conf | 29 +- fail2ban/filter.d/stunnel.conf | 13 + fail2ban/filter.d/tine20.conf | 21 + fail2ban/filter.d/vsftpd.conf | 4 +- fail2ban/filter.d/wuftpd.conf | 2 +- fail2ban/jail.conf | 971 +++-- fail2ban/jail.conf.dpkg-dist | 855 +++++ fail2ban/jail.d/defaults-debian.conf | 2 + fail2ban/paths-common.conf | 81 + fail2ban/paths-debian.conf | 37 + fail2ban/paths-opensuse.conf | 50 + .../20-unhint-small-dejavu-lgc-sans-mono.conf | 26 + .../20-unhint-small-dejavu-lgc-sans.conf | 26 + .../20-unhint-small-dejavu-lgc-serif.conf | 26 + .../20-unhint-small-dejavu-sans-mono.conf | 26 + .../20-unhint-small-dejavu-sans.conf | 26 + .../20-unhint-small-dejavu-serif.conf | 26 + fonts/conf.avail/57-dejavu-sans-mono.conf | 62 + fonts/conf.avail/57-dejavu-sans.conf | 87 + fonts/conf.avail/57-dejavu-serif.conf | 69 + fonts/conf.avail/58-dejavu-lgc-sans-mono.conf | 62 + fonts/conf.avail/58-dejavu-lgc-sans.conf | 87 + fonts/conf.avail/58-dejavu-lgc-serif.conf | 69 + fonts/conf.d/10-scale-bitmap-fonts.conf | 1 + fonts/conf.d/11-lcdfilter-default.conf | 1 + .../20-unhint-small-dejavu-lgc-sans-mono.conf | 1 + .../20-unhint-small-dejavu-lgc-sans.conf | 1 + .../20-unhint-small-dejavu-lgc-serif.conf | 1 + .../20-unhint-small-dejavu-sans-mono.conf | 1 + fonts/conf.d/20-unhint-small-dejavu-sans.conf | 1 + .../conf.d/20-unhint-small-dejavu-serif.conf | 1 + fonts/conf.d/20-unhint-small-vera.conf | 1 + fonts/conf.d/30-metric-aliases.conf | 1 + fonts/conf.d/30-urw-aliases.conf | 1 + fonts/conf.d/40-nonlatin.conf | 1 + fonts/conf.d/45-latin.conf | 1 + fonts/conf.d/49-sansserif.conf | 1 + fonts/conf.d/50-user.conf | 1 + fonts/conf.d/51-local.conf | 1 + fonts/conf.d/57-dejavu-sans-mono.conf | 1 + fonts/conf.d/57-dejavu-sans.conf | 1 + fonts/conf.d/57-dejavu-serif.conf | 1 + fonts/conf.d/58-dejavu-lgc-sans-mono.conf | 1 + fonts/conf.d/58-dejavu-lgc-sans.conf | 1 + fonts/conf.d/58-dejavu-lgc-serif.conf | 1 + fonts/conf.d/60-latin.conf | 1 + fonts/conf.d/65-fonts-persian.conf | 1 + fonts/conf.d/65-nonlatin.conf | 1 + fonts/conf.d/69-unifont.conf | 1 + fonts/conf.d/70-no-bitmaps.conf | 1 + fonts/conf.d/80-delicious.conf | 1 + fonts/conf.d/90-synthetic.conf | 1 + fonts/conf.d/README | 23 + fonts/fonts.conf | 169 + groff/man.local | 12 + groff/mdoc.local | 12 + group | 2 + group- | 9 +- grub.d/00_header | 31 +- grub.d/05_debian_theme | 5 + grub.d/10_linux | 20 +- grub.d/20_linux_xen | 20 +- grub.d/30_os-prober | 21 +- grub.d/30_uefi-firmware | 2 +- gshadow | 2 + gshadow- | 9 +- init.d/acpid | 8 +- init.d/apache-htcacheclean | 64 + init.d/apache2 | 83 +- init.d/atd | 48 + init.d/bind9 | 10 +- init.d/cgmanager | 138 + init.d/cgproxy | 135 + init.d/checkfs.sh | 4 +- init.d/checkroot.sh | 6 + init.d/chrony | 41 +- init.d/console-setup | 62 - init.d/console-setup.sh | 46 + init.d/dbus | 122 + init.d/dhcpcd | 4 +- init.d/fail2ban | 10 +- init.d/hwclock.sh | 7 +- init.d/kbd | 278 -- init.d/keyboard-setup | 66 - init.d/keyboard-setup.sh | 50 + init.d/kmod | 2 +- init.d/lvm2-lvmetad | 21 + init.d/lvm2-lvmpolld | 22 + init.d/mountall.sh | 9 +- init.d/networking | 9 +- init.d/postfix | 136 +- init.d/procps | 2 +- init.d/rc | 4 +- init.d/rsyslog | 5 +- init.d/slapd | 23 +- init.d/ssh | 22 +- init.d/udev | 59 +- init.d/udev-finish | 22 - init.d/ulogd2 | 2 +- init.d/umountfs | 2 +- init.d/umountroot | 19 +- init/cgmanager.conf | 41 + init/cgproxy.conf | 36 + init/ssh.conf | 2 +- init/udev-fallback-graphics.conf | 21 - init/udev-finish.conf | 24 - init/udevmonitor.conf | 2 +- initramfs-tools/initramfs.conf | 8 +- iproute2/bpf_pinning | 6 + iproute2/nl_protos | 23 + iproute2/rt_dsfield | 27 +- iproute2/rt_protos | 1 + iproute2/rt_tables.d/README | 3 + iptables/rules.v4 | 47 +- iptables/rules.v6 | 10 +- issue | 2 +- issue.net | 2 +- kbd/config | 70 - kbd/remap | 5 - kernel/postinst.d/apt-auto-removal | 106 +- kernel/postinst.d/initramfs-tools | 2 +- kernel/postinst.d/zz-update-grub | 4 +- kernel/postrm.d/zz-update-grub | 4 +- ldap/schema/README | 2 +- ldap/schema/collective.ldif | 2 +- ldap/schema/corba.ldif | 2 +- ldap/schema/cosine.ldif | 2 +- ldap/schema/duaconf.ldif | 2 +- ldap/schema/dyngroup.ldif | 2 +- ldap/schema/dyngroup.schema | 2 +- ldap/schema/inetorgperson.ldif | 2 +- ldap/schema/java.ldif | 2 +- ldap/schema/misc.ldif | 2 +- ldap/schema/misc.schema | 2 +- ldap/schema/nis.ldif | 2 +- ldap/schema/nis.schema | 2 +- ldap/schema/openldap.ldif | 2 +- ldap/schema/openldap.schema | 2 +- ldap/schema/pmi.ldif | 2 +- ldap/schema/ppolicy.ldif | 7 +- ldap/schema/ppolicy.schema | 12 +- .../archive/git.uhu-banane.net/cert2.pem | 31 + .../archive/git.uhu-banane.net/cert3.pem | 31 + .../archive/git.uhu-banane.net/cert4.pem | 31 + .../archive/git.uhu-banane.net/cert5.pem | 31 + .../archive/git.uhu-banane.net/chain2.pem | 27 + .../archive/git.uhu-banane.net/chain3.pem | 27 + .../archive/git.uhu-banane.net/chain4.pem | 27 + .../archive/git.uhu-banane.net/chain5.pem | 27 + .../archive/git.uhu-banane.net/fullchain2.pem | 58 + .../archive/git.uhu-banane.net/fullchain3.pem | 58 + .../archive/git.uhu-banane.net/fullchain4.pem | 58 + .../archive/git.uhu-banane.net/fullchain5.pem | 58 + .../archive/git.uhu-banane.net/privkey2.pem | 28 + .../archive/git.uhu-banane.net/privkey3.pem | 28 + .../archive/git.uhu-banane.net/privkey4.pem | 28 + .../archive/git.uhu-banane.net/privkey5.pem | 28 + letsencrypt/csr/0002_csr-certbot.pem | 18 + letsencrypt/csr/0003_csr-certbot.pem | 18 + letsencrypt/csr/0004_csr-certbot.pem | 18 + letsencrypt/csr/0005_csr-certbot.pem | 18 + letsencrypt/keys/0002_key-certbot.pem | 28 + letsencrypt/keys/0003_key-certbot.pem | 28 + letsencrypt/keys/0004_key-certbot.pem | 28 + letsencrypt/keys/0005_key-certbot.pem | 28 + letsencrypt/live/git.uhu-banane.net/cert.pem | 2 +- letsencrypt/live/git.uhu-banane.net/chain.pem | 2 +- .../live/git.uhu-banane.net/fullchain.pem | 2 +- .../live/git.uhu-banane.net/privkey.pem | 2 +- letsencrypt/renewal/git.uhu-banane.net.conf | 3 +- lftp.conf | 1 - locale.alias | 15 +- locale.gen | 12 + localtime | Bin 2309 -> 33 bytes logcheck/ignore.d.server/libsasl2-modules | 0 login.defs | 2 +- logrotate.d/chrony | 2 +- logrotate.d/chrony.dpkg-dist | 8 + logrotate.d/salt-common | 2 +- logwatch/conf/logfiles/cron.conf | 21 + logwatch/conf/logfiles/daemon.conf | 18 + logwatch/conf/logfiles/fail2ban.conf | 32 + logwatch/conf/logfiles/iptables.conf | 24 + logwatch/conf/logfiles/maillog.conf | 23 + logwatch/conf/logfiles/named.conf | 24 + logwatch/conf/logfiles/secure.conf | 26 + logwatch/conf/logfiles/syslog.conf | 19 + logwatch/conf/logwatch.conf | 24 + logwatch/conf/services/iptables.conf | 41 + logwatch/conf/services/named.conf | 37 + lvm/lvm.conf | 3263 +++++++++++------ mailcap | 15 + manpath.config | 4 +- mime.types | 5 +- mke2fs.conf | 7 +- modprobe.d/fbdev-blacklist.conf | 20 - modules-load.d/modules.conf | 1 + monit/monitrc.d/fail2ban | 9 + mysql/conf.d/mysql.cnf | 1 + mysql/conf.d/mysqldump.cnf | 4 + mysql/my.cnf | 1 + mysql/my.cnf.fallback | 23 + nanorc | 199 +- network/if-down.d/postfix | 4 +- network/if-post-down.d/chrony | 13 + network/if-up.d/chrony | 14 + network/if-up.d/openssh-server | 9 +- network/if-up.d/postfix | 4 +- network/interfaces | 6 +- pam.d/atd | 10 + pam.d/common-session | 1 + pam.d/login | 39 +- pam.d/systemd-user | 13 +- passwd | 3 + passwd- | 4 + perl/sitecustomize.pl | 19 +- php/7.0/apache2/conf.d/10-opcache.ini | 1 + php/7.0/apache2/conf.d/10-pdo.ini | 1 + php/7.0/apache2/conf.d/20-calendar.ini | 1 + php/7.0/apache2/conf.d/20-ctype.ini | 1 + php/7.0/apache2/conf.d/20-exif.ini | 1 + php/7.0/apache2/conf.d/20-fileinfo.ini | 1 + php/7.0/apache2/conf.d/20-ftp.ini | 1 + php/7.0/apache2/conf.d/20-gd.ini | 1 + php/7.0/apache2/conf.d/20-gettext.ini | 1 + php/7.0/apache2/conf.d/20-iconv.ini | 1 + php/7.0/apache2/conf.d/20-json.ini | 1 + php/7.0/apache2/conf.d/20-ldap.ini | 1 + php/7.0/apache2/conf.d/20-mcrypt.ini | 1 + php/7.0/apache2/conf.d/20-phar.ini | 1 + php/7.0/apache2/conf.d/20-posix.ini | 1 + php/7.0/apache2/conf.d/20-readline.ini | 1 + php/7.0/apache2/conf.d/20-shmop.ini | 1 + php/7.0/apache2/conf.d/20-sockets.ini | 1 + php/7.0/apache2/conf.d/20-sysvmsg.ini | 1 + php/7.0/apache2/conf.d/20-sysvsem.ini | 1 + php/7.0/apache2/conf.d/20-sysvshm.ini | 1 + php/7.0/apache2/conf.d/20-tokenizer.ini | 1 + .../7.0/apache2/php.ini | 298 +- php/7.0/cli/conf.d/10-opcache.ini | 1 + php/7.0/cli/conf.d/10-pdo.ini | 1 + php/7.0/cli/conf.d/20-calendar.ini | 1 + php/7.0/cli/conf.d/20-ctype.ini | 1 + php/7.0/cli/conf.d/20-exif.ini | 1 + php/7.0/cli/conf.d/20-fileinfo.ini | 1 + php/7.0/cli/conf.d/20-ftp.ini | 1 + php/7.0/cli/conf.d/20-gd.ini | 1 + php/7.0/cli/conf.d/20-gettext.ini | 1 + php/7.0/cli/conf.d/20-iconv.ini | 1 + php/7.0/cli/conf.d/20-json.ini | 1 + php/7.0/cli/conf.d/20-ldap.ini | 1 + php/7.0/cli/conf.d/20-mcrypt.ini | 1 + php/7.0/cli/conf.d/20-phar.ini | 1 + php/7.0/cli/conf.d/20-posix.ini | 1 + php/7.0/cli/conf.d/20-readline.ini | 1 + php/7.0/cli/conf.d/20-shmop.ini | 1 + php/7.0/cli/conf.d/20-sockets.ini | 1 + php/7.0/cli/conf.d/20-sysvmsg.ini | 1 + php/7.0/cli/conf.d/20-sysvsem.ini | 1 + php/7.0/cli/conf.d/20-sysvshm.ini | 1 + php/7.0/cli/conf.d/20-tokenizer.ini | 1 + {php5 => php/7.0}/cli/php.ini | 296 +- php/7.0/mods-available/calendar.ini | 3 + php/7.0/mods-available/ctype.ini | 3 + php/7.0/mods-available/exif.ini | 3 + php/7.0/mods-available/fileinfo.ini | 3 + php/7.0/mods-available/ftp.ini | 3 + php/7.0/mods-available/gd.ini | 3 + php/7.0/mods-available/gettext.ini | 3 + php/7.0/mods-available/iconv.ini | 3 + {php5 => php/7.0}/mods-available/json.ini | 0 php/7.0/mods-available/ldap.ini | 3 + php/7.0/mods-available/mcrypt.ini | 3 + php/7.0/mods-available/opcache.ini | 3 + php/7.0/mods-available/pdo.ini | 3 + php/7.0/mods-available/phar.ini | 3 + php/7.0/mods-available/posix.ini | 3 + {php5 => php/7.0}/mods-available/readline.ini | 0 php/7.0/mods-available/shmop.ini | 3 + php/7.0/mods-available/sockets.ini | 3 + php/7.0/mods-available/sysvmsg.ini | 3 + php/7.0/mods-available/sysvsem.ini | 3 + php/7.0/mods-available/sysvshm.ini | 3 + php/7.0/mods-available/tokenizer.ini | 3 + php5/apache2/conf.d/05-opcache.ini | 1 - php5/apache2/conf.d/10-pdo.ini | 1 - php5/apache2/conf.d/20-json.ini | 1 - php5/apache2/conf.d/20-ldap.ini | 1 - php5/apache2/conf.d/20-readline.ini | 1 - php5/apache2/php.ini | 1948 ---------- php5/cli/conf.d/05-opcache.ini | 1 - php5/cli/conf.d/10-pdo.ini | 1 - php5/cli/conf.d/20-json.ini | 1 - php5/cli/conf.d/20-ldap.ini | 1 - php5/cli/conf.d/20-readline.ini | 1 - php5/mods-available/ldap.ini | 3 - php5/mods-available/opcache.ini | 3 - php5/mods-available/pdo.ini | 3 - phpldapadmin/apache.conf | 51 - phpldapadmin/config.php | 577 --- phpldapadmin/templates/creation/alias.xml | 32 - .../templates/creation/courierMailAccount.xml | 91 - .../templates/creation/courierMailAlias.xml | 42 - phpldapadmin/templates/creation/dNSDomain.xml | 32 - phpldapadmin/templates/creation/example.xml | 38 - .../templates/creation/inetOrgPerson.xml | 96 - .../templates/creation/kolabPerson.xml | 109 - .../templates/creation/mozillaOrgPerson.xml | 161 - .../templates/creation/organizationalRole.xml | 77 - phpldapadmin/templates/creation/ou.xml | 27 - .../templates/creation/posixAccount.xml | 95 - .../templates/creation/posixGroup.xml | 42 - .../templates/creation/sambaDomain.xml | 33 - .../templates/creation/sambaGroupMapping.xml | 70 - .../templates/creation/sambaMachine.xml | 67 - .../templates/creation/sambaSamAccount.xml | 133 - .../creation/sendmailMTAAliasObject.xml | 48 - .../templates/creation/sendmailMTAClass.xml | 42 - .../templates/creation/sendmailMTACluster.xml | 26 - .../creation/sendmailMTAMapObject.xml | 53 - .../creation/sendmailVirtualDomain.xml | 42 - .../creation/sendmailVirtualUser.xml | 54 - .../creation/simpleSecurityObject.xml | 37 - .../templates/modification/inetOrgPerson.xml | 85 - .../templates/modification/posixGroup.xml | 43 - phpldapadmin/templates/template.dtd | 71 - postfix/dynamicmaps.cf | 5 +- postfix/main.cf | 3 +- postfix/main.cf.proto | 684 ++++ postfix/makedefs.out | 64 + postfix/master.cf | 38 +- postfix/master.cf.proto | 124 + postfix/post-install | 77 +- postfix/postfix-files | 443 +-- postfix/postfix-files.d/pcre.files | 3 + postfix/postfix-files.d/sqlite.files | 2 + postfix/postfix-script | 103 +- ppp/ip-down.d/chrony | 10 +- ppp/ip-down.d/postfix | 4 +- ppp/ip-up.d/chrony | 10 +- ppp/ip-up.d/postfix | 4 +- profile | 4 +- profile.d/fbrehm.sh | 30 +- python3.5/sitecustomize.py | 7 + rc0.d/K01apache-htcacheclean | 1 + rc0.d/K01atd | 1 + rc0.d/K01cgmanager | 1 + rc0.d/K01cgproxy | 1 + rc0.d/K01lvm2-lvmetad | 1 + rc0.d/K01lvm2-lvmpolld | 1 + rc1.d/K01apache-htcacheclean | 1 + rc1.d/K01atd | 1 + rc1.d/K01cgmanager | 1 + rc1.d/K01cgproxy | 1 + rc1.d/K01lvm2-lvmetad | 1 + rc1.d/K01lvm2-lvmpolld | 1 + rc1.d/{S01motd => S02motd} | 0 rc1.d/{S04bootlogs => S05bootlogs} | 0 rc1.d/{S05single => S06single} | 0 rc2.d/K01apache-htcacheclean | 1 + rc2.d/S01console-setup.sh | 1 + rc2.d/S02cgmanager | 1 + rc2.d/S02lvm2-lvmetad | 1 + rc2.d/S02lvm2-lvmpolld | 1 + rc2.d/{S01motd => S02motd} | 0 rc2.d/{S01rsyslog => S02rsyslog} | 0 rc2.d/{S01salt-master => S02salt-master} | 0 rc2.d/{S01salt-minion => S02salt-minion} | 0 rc2.d/{S02acpid => S03acpid} | 0 rc2.d/S03atd | 1 + rc2.d/{S02bind9 => S03bind9} | 0 rc2.d/S03cgproxy | 1 + rc2.d/S03dbus | 1 + rc2.d/{S02haveged => S03haveged} | 0 rc2.d/{S02slapd => S03slapd} | 0 rc2.d/{S02ssh => S03ssh} | 0 rc2.d/{S02ulogd2 => S03ulogd2} | 0 rc2.d/{S03apache2 => S04apache2} | 0 rc2.d/{S04bootlogs => S05bootlogs} | 0 rc2.d/{S04chrony => S05chrony} | 0 rc2.d/{S04cron => S05cron} | 0 rc2.d/{S02fail2ban => S05fail2ban} | 0 rc2.d/{S04postfix => S05postfix} | 0 rc2.d/{S04rsync => S05rsync} | 0 rc2.d/{S05rc.local => S06rc.local} | 0 rc2.d/{S05rmnologin => S06rmnologin} | 0 rc3.d/K01apache-htcacheclean | 1 + rc3.d/S01console-setup.sh | 1 + rc3.d/S02cgmanager | 1 + rc3.d/S02lvm2-lvmetad | 1 + rc3.d/S02lvm2-lvmpolld | 1 + rc3.d/{S01motd => S02motd} | 0 rc3.d/{S01rsyslog => S02rsyslog} | 0 rc3.d/{S01salt-master => S02salt-master} | 0 rc3.d/{S01salt-minion => S02salt-minion} | 0 rc3.d/{S02acpid => S03acpid} | 0 rc3.d/S03atd | 1 + rc3.d/{S02bind9 => S03bind9} | 0 rc3.d/S03cgproxy | 1 + rc3.d/S03dbus | 1 + rc3.d/{S02haveged => S03haveged} | 0 rc3.d/{S02slapd => S03slapd} | 0 rc3.d/{S02ssh => S03ssh} | 0 rc3.d/{S02ulogd2 => S03ulogd2} | 0 rc3.d/{S03apache2 => S04apache2} | 0 rc3.d/{S04bootlogs => S05bootlogs} | 0 rc3.d/{S04chrony => S05chrony} | 0 rc3.d/{S04cron => S05cron} | 0 rc3.d/{S02fail2ban => S05fail2ban} | 0 rc3.d/{S04postfix => S05postfix} | 0 rc3.d/{S04rsync => S05rsync} | 0 rc3.d/{S05rc.local => S06rc.local} | 0 rc3.d/{S05rmnologin => S06rmnologin} | 0 rc4.d/K01apache-htcacheclean | 1 + rc4.d/S01console-setup.sh | 1 + rc4.d/S02cgmanager | 1 + rc4.d/S02lvm2-lvmetad | 1 + rc4.d/S02lvm2-lvmpolld | 1 + rc4.d/{S01motd => S02motd} | 0 rc4.d/{S01rsyslog => S02rsyslog} | 0 rc4.d/{S01salt-master => S02salt-master} | 0 rc4.d/{S01salt-minion => S02salt-minion} | 0 rc4.d/{S02acpid => S03acpid} | 0 rc4.d/S03atd | 1 + rc4.d/{S02bind9 => S03bind9} | 0 rc4.d/S03cgproxy | 1 + rc4.d/S03dbus | 1 + rc4.d/{S02haveged => S03haveged} | 0 rc4.d/{S02slapd => S03slapd} | 0 rc4.d/{S02ssh => S03ssh} | 0 rc4.d/{S02ulogd2 => S03ulogd2} | 0 rc4.d/{S03apache2 => S04apache2} | 0 rc4.d/{S04bootlogs => S05bootlogs} | 0 rc4.d/{S04chrony => S05chrony} | 0 rc4.d/{S04cron => S05cron} | 0 rc4.d/{S02fail2ban => S05fail2ban} | 0 rc4.d/{S04postfix => S05postfix} | 0 rc4.d/{S04rsync => S05rsync} | 0 rc4.d/{S05rc.local => S06rc.local} | 0 rc4.d/{S05rmnologin => S06rmnologin} | 0 rc5.d/K01apache-htcacheclean | 1 + rc5.d/S01console-setup.sh | 1 + rc5.d/S02cgmanager | 1 + rc5.d/S02lvm2-lvmetad | 1 + rc5.d/S02lvm2-lvmpolld | 1 + rc5.d/{S01motd => S02motd} | 0 rc5.d/{S01rsyslog => S02rsyslog} | 0 rc5.d/{S01salt-master => S02salt-master} | 0 rc5.d/{S01salt-minion => S02salt-minion} | 0 rc5.d/{S02acpid => S03acpid} | 0 rc5.d/S03atd | 1 + rc5.d/{S02bind9 => S03bind9} | 0 rc5.d/S03cgproxy | 1 + rc5.d/S03dbus | 1 + rc5.d/{S02haveged => S03haveged} | 0 rc5.d/{S02slapd => S03slapd} | 0 rc5.d/{S02ssh => S03ssh} | 0 rc5.d/{S02ulogd2 => S03ulogd2} | 0 rc5.d/{S03apache2 => S04apache2} | 0 rc5.d/{S04bootlogs => S05bootlogs} | 0 rc5.d/{S04chrony => S05chrony} | 0 rc5.d/{S04cron => S05cron} | 0 rc5.d/{S02fail2ban => S05fail2ban} | 0 rc5.d/{S04postfix => S05postfix} | 0 rc5.d/{S04rsync => S05rsync} | 0 rc5.d/{S05rc.local => S06rc.local} | 0 rc5.d/{S05rmnologin => S06rmnologin} | 0 rc6.d/K01apache-htcacheclean | 1 + rc6.d/K01atd | 1 + rc6.d/K01cgmanager | 1 + rc6.d/K01cgproxy | 1 + rc6.d/K01lvm2-lvmetad | 1 + rc6.d/K01lvm2-lvmpolld | 1 + rcS.d/S03keyboard-setup | 1 - rcS.d/S03keyboard-setup.sh | 1 + rcS.d/S11udev-finish | 1 - rcS.d/{S17bootmisc.sh => S15bootmisc.sh} | 0 rcS.d/S15kbd | 1 - ...ter-persistent => S15netfilter-persistent} | 0 rcS.d/S16console-setup | 1 - resolvconf/interface-order | 10 +- resolvconf/update-libc.d/postfix | 6 +- rsyslog.conf | 49 +- rsyslog.conf.dpkg-dist | 92 + s-nail.rc | 167 + salt/master | 324 +- salt/master.d/my.conf | 9 + salt/minion | 98 +- .../master/minions/vera.home.brehm-online.com | 9 + salt/proxy | 31 +- securetty | 17 + security/namespace.init | 2 +- selinux/semanage.conf | 4 + services | 31 +- shadow | 3 + shadow- | 4 + skel/.bashrc.dpkg-dist | 113 + ssh/moduli | 689 ++-- ssh/ssh_config.dpkg-dist | 55 + ssh/sshd_config | 143 +- ssl/certs/02756ea4.0 | 1 + ssl/certs/03f2b8cf.0 | 1 - ssl/certs/1ec4d31a.0 | 1 - ssl/certs/262ba90f.0 | 1 - ssl/certs/26eaad2f.0 | 1 - ssl/certs/2ab3b959.0 | 1 - ssl/certs/2c11d503.0 | 1 + ssl/certs/32888f65.0 | 1 + ssl/certs/33815e15.0 | 1 - ssl/certs/33815e15.1 | 1 - ssl/certs/3929ec9f.0 | 1 + ssl/certs/40193066.0 | 1 + ssl/certs/4042bcee.0 | 1 + ssl/certs/415660c1.0 | 2 +- ssl/certs/415660c1.1 | 1 - ssl/certs/451b5485.0 | 1 + ssl/certs/559f7c71.0 | 1 + ssl/certs/56e29e75.0 | 1 - ssl/certs/5a5372fc.0 | 1 - ssl/certs/5d63b0ae.0 | 1 - ssl/certs/608a55ad.0 | 1 + ssl/certs/6187b673.0 | 1 + ssl/certs/635ccfd5.0 | 1 - ssl/certs/67d559d1.0 | 1 - ssl/certs/72fa7371.0 | 1 - ssl/certs/755f7420.0 | 1 - ssl/certs/7651b327.0 | 2 +- ssl/certs/7651b327.1 | 1 - ssl/certs/7719f463.0 | 1 + ssl/certs/8096d0a9.0 | 1 - ssl/certs/8317b10c.0 | 1 - ssl/certs/861e0100.0 | 1 - ssl/certs/87229d21.0 | 1 + ssl/certs/876f1e28.0 | 1 - ssl/certs/9168f543.0 | 1 + ssl/certs/9479c8c3.0 | 1 + ssl/certs/961f5451.0 | 1 - ssl/certs/9c3323d4.0 | 1 + ssl/certs/CA_Disig.pem | 1 - ssl/certs/CA_WoSign_ECC_Root.pem | 1 - .../Certification_Authority_of_WoSign_G2.pem | 1 - ssl/certs/Certplus_Root_CA_G1.pem | 1 + ssl/certs/Certplus_Root_CA_G2.pem | 1 + ssl/certs/Certum_Trusted_Network_CA_2.pem | 1 + ..._Research_Institutions_ECC_RootCA_2015.pem | 1 + ..._and_Research_Institutions_RootCA_2015.pem | 1 + ssl/certs/ISRG_Root_X1.pem | 1 + ssl/certs/NetLock_Business_=Class_B=_Root.pem | 1 - ssl/certs/NetLock_Express_=Class_C=_Root.pem | 1 - ssl/certs/NetLock_Notary_=Class_A=_Root.pem | 1 - .../NetLock_Qualified_=Class_QA=_Root.pem | 1 - ssl/certs/OpenTrust_Root_CA_G1.pem | 1 + ssl/certs/OpenTrust_Root_CA_G2.pem | 1 + ssl/certs/OpenTrust_Root_CA_G3.pem | 1 + ssl/certs/SZAFIR_ROOT_CA2.pem | 1 + ssl/certs/Sonera_Class_1_Root_CA.pem | 1 - ssl/certs/Staat_der_Nederlanden_Root_CA.pem | 1 - .../StartCom_Certification_Authority.pem | 1 - .../StartCom_Certification_Authority_2.pem | 1 - .../StartCom_Certification_Authority_G2.pem | 1 - ...c_Primary_Certification_Authority_-_G2.pem | 1 - ...c_Primary_Certification_Authority_-_G2.pem | 1 - ...blic_Primary_Certification_Authority_2.pem | 1 - ssl/certs/WoSign.pem | 1 - ssl/certs/WoSign_China.pem | 1 - ssl/certs/a81e292b.0 | 1 + ssl/certs/add67345.0 | 1 - ssl/certs/ae8153b9.0 | 1 - ssl/certs/ae8153b9.1 | 1 - ssl/certs/b42ff584.0 | 1 - ssl/certs/b6c5745d.0 | 1 - ssl/certs/b7e7231a.0 | 1 - ssl/certs/b8e83700.0 | 1 - ssl/certs/c19d42c7.0 | 1 - ssl/certs/ca-certificates.crt | 777 ++-- ssl/certs/cb1c3204.0 | 1 + ssl/certs/cdaebb72.0 | 1 - ssl/certs/d5727d6a.0 | 1 - ssl/certs/d64f06f3.0 | 1 - ssl/certs/d8317ada.0 | 1 + ssl/certs/d9d12c58.0 | 1 - ssl/certs/dc99f41e.0 | 1 + ssl/certs/ec87c655.0 | 1 - ssl/certs/ee90b008.0 | 1 - ssl/certs/f38a011e.0 | 1 - ssl/certs/fe8a2cd8.0 | 1 + ssl/certs/spi-cacert-2008.pem | 1 - ssl/openssl.cnf | 16 +- subgid | 1 + subgid- | 1 + subuid | 1 + subuid- | 1 + subversion/config | 17 +- sudoers | 1 + sysctl.conf | 17 + sysctl.d/99-sysctl.conf | 1 + systemd/bootchart.conf | 21 - systemd/journald.conf | 10 +- systemd/logind.conf | 11 +- systemd/network/50-virtio-kernel-names.link | 10 + systemd/network/99-default.link | 6 + systemd/resolved.conf | 10 + systemd/system.conf | 17 +- systemd/system/chronyd.service | 1 + .../halt.target.wants/hwclock-save.service | 1 - .../lvm2-activation-early.service | 1 - .../lvm2-activation.service | 1 - .../multi-user.target.wants/apache2.service | 1 + .../multi-user.target.wants/atd.service | 1 + .../multi-user.target.wants/chrony.service | 1 + .../console-setup.service | 1 + .../multi-user.target.wants/fail2ban.service | 1 + .../networking.service | 1 + .../multi-user.target.wants/postfix.service | 1 + .../multi-user.target.wants/rsync.service | 1 + .../networking.service | 1 + .../hwclock-save.service | 1 - .../reboot.target.wants/hwclock-save.service | 1 - .../keyboard-setup.service | 1 + .../sysinit.target.wants/lvm2-lvmpolld.socket | 1 + .../systemd-timesyncd.service | 1 + .../apt-daily-upgrade.timer | 1 + .../timers.target.wants/apt-daily.timer | 1 + .../timers.target.wants/phpsessionclean.timer | 1 + systemd/timesyncd.conf | 9 +- systemd/user.conf | 5 +- udev/udev.conf | 2 +- update-motd.d/10-uname | 2 + updatedb.conf | 4 +- vim/vimrc | 7 + vim/vimrc.local | 19 +- vim/vimrc.tiny | 2 +- wgetrc | 5 +- xdg/systemd/user | 1 + xml/catalog | 4 +- xml/xml-core.xml | 2 +- zsh/zshrc | 2 +- 898 files changed, 15190 insertions(+), 12040 deletions(-) create mode 100755 NetworkManager/dispatcher.d/20-chrony create mode 100644 X11/Xsession.d/90gpg-agent delete mode 120000 alternatives/Mail delete mode 120000 alternatives/Mail.1.gz create mode 120000 alternatives/dotlock create mode 120000 alternatives/dotlock.1.gz create mode 120000 alternatives/frm create mode 120000 alternatives/frm.1.gz delete mode 120000 alternatives/libblas.so.3gf create mode 120000 alternatives/messages create mode 120000 alternatives/messages.1.gz create mode 120000 alternatives/movemail create mode 120000 alternatives/movemail.1.gz create mode 120000 alternatives/my.cnf create mode 120000 alternatives/netrc.5.gz create mode 120000 alternatives/pftp create mode 120000 alternatives/pftp.1.gz create mode 120000 alternatives/phar.phar create mode 120000 alternatives/phar.phar.1.gz create mode 120000 alternatives/pinentry create mode 120000 alternatives/pinentry.1.gz create mode 120000 alternatives/readmsg create mode 120000 alternatives/readmsg.1.gz delete mode 120000 alternatives/rzsh delete mode 120000 alternatives/rzsh.1.gz create mode 120000 alternatives/updatedb.8.gz delete mode 120000 alternatives/zsh delete mode 120000 alternatives/zsh-usrbin create mode 100644 apache2/apache2.conf.dpkg-dist mode change 100755 => 100644 apache2/conf-available/custom-log.conf delete mode 120000 apache2/conf-available/phpldapadmin.conf delete mode 120000 apache2/conf-enabled/phpldapadmin.conf create mode 100644 apache2/info_users_passwd create mode 100644 apache2/mods-available/cern_meta.load create mode 100644 apache2/mods-available/http2.load create mode 100644 apache2/mods-available/imagemap.load delete mode 100644 apache2/mods-available/php5.load rename apache2/mods-available/{php5.conf => php7.0.conf} (90%) create mode 100644 apache2/mods-available/php7.0.load create mode 100644 apache2/mods-available/proxy_hcheck.load create mode 100644 apache2/mods-available/proxy_http2.load create mode 120000 apache2/mods-enabled/info.conf create mode 120000 apache2/mods-enabled/info.load delete mode 120000 apache2/mods-enabled/php5.conf delete mode 120000 apache2/mods-enabled/php5.load create mode 120000 apache2/mods-enabled/php7.0.conf create mode 120000 apache2/mods-enabled/php7.0.load create mode 120000 apache2/mods-enabled/reqtimeout.conf create mode 120000 apache2/mods-enabled/reqtimeout.load create mode 100644 apache2/sites-available/000-default-ssl.conf create mode 100644 apache2/sites-available/default-ssl.conf.dpkg-dist create mode 120000 apache2/sites-enabled/000-default-ssl.conf delete mode 100755 apm/event.d/01chrony create mode 100644 apparmor.d/local/usr.sbin.haveged create mode 100644 apparmor.d/usr.sbin.haveged create mode 100644 apt/apt.conf.d/20listchanges create mode 100644 apt/listchanges.conf create mode 100644 apt/sources.list.bak create mode 100644 apt/sources.list.bak.1 create mode 100644 apt/sources.list.d/fbrehm.list.bak create mode 100644 apt/sources.list.d/salt.list.bak delete mode 100644 apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg delete mode 100644 apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg create mode 100644 apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg create mode 100644 apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg create mode 100644 apt/trusted.gpg.d/debian-archive-stretch-stable.gpg create mode 100644 at.deny delete mode 100644 bash_completion.d/apache2 delete mode 100644 bash_completion.d/debconf delete mode 100644 bash_completion.d/initramfs-tools delete mode 100644 bash_completion.d/isoquery delete mode 100644 bash_completion.d/subversion delete mode 100644 bash_completion.d/whiptail create mode 100644 chrony/chrony.conf.ucf-dist create mode 100755 console-setup/cached_setup_font.sh create mode 100755 console-setup/cached_setup_keyboard.sh create mode 100755 console-setup/cached_setup_terminal.sh rename cron.d/{php5 => php} (73%) delete mode 100755 cron.daily/apt create mode 100755 cron.daily/apt-compat create mode 120000 dbus-1/session.conf create mode 120000 dbus-1/system.conf delete mode 100644 dbus-1/system.d/org.freedesktop.machine1.conf create mode 100644 dbus-1/system.d/org.freedesktop.network1.conf create mode 100644 dbus-1/system.d/org.freedesktop.resolve1.conf rename default/{apache2 => apache-htcacheclean} (62%) create mode 100644 default/chrony create mode 100644 default/dbus create mode 100644 default/grub.ucf-dist create mode 100644 dhcp/dhclient-exit-hooks.d/timesyncd create mode 100644 dhcpcd.conf.bak create mode 100644 dhcpcd.conf.dpkg-dist create mode 100644 fail2ban/action.d/badips.py create mode 100644 fail2ban/action.d/cloudflare.conf create mode 100644 fail2ban/action.d/firewallcmd-allports.conf create mode 100644 fail2ban/action.d/firewallcmd-multiport.conf create mode 100644 fail2ban/action.d/firewallcmd-rich-logging.conf create mode 100644 fail2ban/action.d/firewallcmd-rich-rules.conf create mode 100644 fail2ban/action.d/iptables-common.conf create mode 100644 fail2ban/action.d/mail-whois-common.conf create mode 100644 fail2ban/action.d/nftables-allports.conf create mode 100644 fail2ban/action.d/nftables-common.conf create mode 100644 fail2ban/action.d/nftables-multiport.conf create mode 100644 fail2ban/action.d/npf.conf create mode 100644 fail2ban/action.d/nsupdate.conf create mode 100644 fail2ban/action.d/sendmail-common.conf.dpkg-dist create mode 100644 fail2ban/action.d/sendmail-geoip-lines.conf create mode 100644 fail2ban/action.d/sendmail-whois-ipjailmatches.conf create mode 100644 fail2ban/action.d/sendmail-whois-ipmatches.conf create mode 100644 fail2ban/action.d/sendmail-whois-matches.conf create mode 100644 fail2ban/action.d/sendmail-whois.conf.dpkg-dist create mode 100644 fail2ban/action.d/sendmail.conf.dpkg-dist create mode 100644 fail2ban/action.d/shorewall-ipset-proto6.conf create mode 100644 fail2ban/action.d/smtp.py create mode 100644 fail2ban/action.d/symbiosis-blacklist-allports.conf create mode 100644 fail2ban/action.d/xarf-login-attack.conf create mode 100644 fail2ban/fail2ban.conf.dpkg-dist create mode 100644 fail2ban/filter.d/apache-botsearch.conf create mode 100644 fail2ban/filter.d/apache-fakegooglebot.conf create mode 100644 fail2ban/filter.d/apache-pass.conf create mode 100644 fail2ban/filter.d/apache-shellshock.conf create mode 100644 fail2ban/filter.d/botsearch-common.conf create mode 100644 fail2ban/filter.d/counter-strike.conf rename fail2ban/filter.d/{courierlogin.conf => courier-auth.conf} (100%) rename fail2ban/filter.d/{couriersmtp.conf => courier-smtp.conf} (56%) create mode 100644 fail2ban/filter.d/directadmin.conf create mode 100644 fail2ban/filter.d/drupal-auth.conf create mode 100644 fail2ban/filter.d/froxlor-auth.conf create mode 100644 fail2ban/filter.d/guacamole.conf create mode 100644 fail2ban/filter.d/haproxy-http-auth.conf create mode 100755 fail2ban/filter.d/ignorecommands/apache-fakegooglebot create mode 100644 fail2ban/filter.d/kerio.conf create mode 100644 fail2ban/filter.d/mongodb-auth.conf create mode 100644 fail2ban/filter.d/monit.conf create mode 100644 fail2ban/filter.d/murmur.conf create mode 100644 fail2ban/filter.d/nginx-botsearch.conf create mode 100644 fail2ban/filter.d/nginx-limit-req.conf create mode 100644 fail2ban/filter.d/openhab.conf create mode 100644 fail2ban/filter.d/oracleims.conf create mode 100644 fail2ban/filter.d/portsentry.conf create mode 100644 fail2ban/filter.d/postfix-rbl.conf create mode 100644 fail2ban/filter.d/screensharingd.conf create mode 100644 fail2ban/filter.d/slapd.conf create mode 100644 fail2ban/filter.d/squirrelmail.conf create mode 100644 fail2ban/filter.d/stunnel.conf create mode 100644 fail2ban/filter.d/tine20.conf create mode 100644 fail2ban/jail.conf.dpkg-dist create mode 100644 fail2ban/jail.d/defaults-debian.conf create mode 100644 fail2ban/paths-common.conf create mode 100644 fail2ban/paths-debian.conf create mode 100644 fail2ban/paths-opensuse.conf create mode 100644 fonts/conf.avail/20-unhint-small-dejavu-lgc-sans-mono.conf create mode 100644 fonts/conf.avail/20-unhint-small-dejavu-lgc-sans.conf create mode 100644 fonts/conf.avail/20-unhint-small-dejavu-lgc-serif.conf create mode 100644 fonts/conf.avail/20-unhint-small-dejavu-sans-mono.conf create mode 100644 fonts/conf.avail/20-unhint-small-dejavu-sans.conf create mode 100644 fonts/conf.avail/20-unhint-small-dejavu-serif.conf create mode 100644 fonts/conf.avail/57-dejavu-sans-mono.conf create mode 100644 fonts/conf.avail/57-dejavu-sans.conf create mode 100644 fonts/conf.avail/57-dejavu-serif.conf create mode 100644 fonts/conf.avail/58-dejavu-lgc-sans-mono.conf create mode 100644 fonts/conf.avail/58-dejavu-lgc-sans.conf create mode 100644 fonts/conf.avail/58-dejavu-lgc-serif.conf create mode 120000 fonts/conf.d/10-scale-bitmap-fonts.conf create mode 120000 fonts/conf.d/11-lcdfilter-default.conf create mode 120000 fonts/conf.d/20-unhint-small-dejavu-lgc-sans-mono.conf create mode 120000 fonts/conf.d/20-unhint-small-dejavu-lgc-sans.conf create mode 120000 fonts/conf.d/20-unhint-small-dejavu-lgc-serif.conf create mode 120000 fonts/conf.d/20-unhint-small-dejavu-sans-mono.conf create mode 120000 fonts/conf.d/20-unhint-small-dejavu-sans.conf create mode 120000 fonts/conf.d/20-unhint-small-dejavu-serif.conf create mode 120000 fonts/conf.d/20-unhint-small-vera.conf create mode 120000 fonts/conf.d/30-metric-aliases.conf create mode 120000 fonts/conf.d/30-urw-aliases.conf create mode 120000 fonts/conf.d/40-nonlatin.conf create mode 120000 fonts/conf.d/45-latin.conf create mode 120000 fonts/conf.d/49-sansserif.conf create mode 120000 fonts/conf.d/50-user.conf create mode 120000 fonts/conf.d/51-local.conf create mode 120000 fonts/conf.d/57-dejavu-sans-mono.conf create mode 120000 fonts/conf.d/57-dejavu-sans.conf create mode 120000 fonts/conf.d/57-dejavu-serif.conf create mode 120000 fonts/conf.d/58-dejavu-lgc-sans-mono.conf create mode 120000 fonts/conf.d/58-dejavu-lgc-sans.conf create mode 120000 fonts/conf.d/58-dejavu-lgc-serif.conf create mode 120000 fonts/conf.d/60-latin.conf create mode 120000 fonts/conf.d/65-fonts-persian.conf create mode 120000 fonts/conf.d/65-nonlatin.conf create mode 120000 fonts/conf.d/69-unifont.conf create mode 120000 fonts/conf.d/70-no-bitmaps.conf create mode 120000 fonts/conf.d/80-delicious.conf create mode 120000 fonts/conf.d/90-synthetic.conf create mode 100644 fonts/conf.d/README create mode 100644 fonts/fonts.conf create mode 100755 init.d/apache-htcacheclean create mode 100755 init.d/atd create mode 100755 init.d/cgmanager create mode 100755 init.d/cgproxy delete mode 100755 init.d/console-setup create mode 100755 init.d/console-setup.sh create mode 100755 init.d/dbus delete mode 100755 init.d/kbd delete mode 100755 init.d/keyboard-setup create mode 100755 init.d/keyboard-setup.sh create mode 100755 init.d/lvm2-lvmetad create mode 100755 init.d/lvm2-lvmpolld delete mode 100755 init.d/udev-finish create mode 100644 init/cgmanager.conf create mode 100644 init/cgproxy.conf delete mode 100644 init/udev-fallback-graphics.conf delete mode 100644 init/udev-finish.conf create mode 100644 iproute2/bpf_pinning create mode 100644 iproute2/nl_protos create mode 100644 iproute2/rt_tables.d/README delete mode 100644 kbd/config delete mode 100644 kbd/remap create mode 100644 letsencrypt/archive/git.uhu-banane.net/cert2.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/cert3.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/cert4.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/cert5.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/chain2.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/chain3.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/chain4.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/chain5.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/fullchain2.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/fullchain3.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/fullchain4.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/fullchain5.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/privkey2.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/privkey3.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/privkey4.pem create mode 100644 letsencrypt/archive/git.uhu-banane.net/privkey5.pem create mode 100644 letsencrypt/csr/0002_csr-certbot.pem create mode 100644 letsencrypt/csr/0003_csr-certbot.pem create mode 100644 letsencrypt/csr/0004_csr-certbot.pem create mode 100644 letsencrypt/csr/0005_csr-certbot.pem create mode 100644 letsencrypt/keys/0002_key-certbot.pem create mode 100644 letsencrypt/keys/0003_key-certbot.pem create mode 100644 letsencrypt/keys/0004_key-certbot.pem create mode 100644 letsencrypt/keys/0005_key-certbot.pem mode change 100755 => 100644 letsencrypt/renewal/git.uhu-banane.net.conf mode change 100644 => 120000 localtime mode change 100755 => 100644 logcheck/ignore.d.server/libsasl2-modules create mode 100644 logrotate.d/chrony.dpkg-dist create mode 100644 logwatch/conf/logfiles/cron.conf create mode 100644 logwatch/conf/logfiles/daemon.conf create mode 100644 logwatch/conf/logfiles/fail2ban.conf create mode 100644 logwatch/conf/logfiles/iptables.conf create mode 100644 logwatch/conf/logfiles/maillog.conf create mode 100644 logwatch/conf/logfiles/named.conf create mode 100644 logwatch/conf/logfiles/secure.conf create mode 100644 logwatch/conf/logfiles/syslog.conf create mode 100644 logwatch/conf/logwatch.conf create mode 100644 logwatch/conf/services/iptables.conf create mode 100644 logwatch/conf/services/named.conf delete mode 100644 modprobe.d/fbdev-blacklist.conf create mode 120000 modules-load.d/modules.conf create mode 100644 monit/monitrc.d/fail2ban create mode 100644 mysql/conf.d/mysql.cnf create mode 100644 mysql/conf.d/mysqldump.cnf create mode 120000 mysql/my.cnf create mode 100644 mysql/my.cnf.fallback create mode 100755 network/if-post-down.d/chrony create mode 100755 network/if-up.d/chrony create mode 100644 pam.d/atd create mode 120000 php/7.0/apache2/conf.d/10-opcache.ini create mode 120000 php/7.0/apache2/conf.d/10-pdo.ini create mode 120000 php/7.0/apache2/conf.d/20-calendar.ini create mode 120000 php/7.0/apache2/conf.d/20-ctype.ini create mode 120000 php/7.0/apache2/conf.d/20-exif.ini create mode 120000 php/7.0/apache2/conf.d/20-fileinfo.ini create mode 120000 php/7.0/apache2/conf.d/20-ftp.ini create mode 120000 php/7.0/apache2/conf.d/20-gd.ini create mode 120000 php/7.0/apache2/conf.d/20-gettext.ini create mode 120000 php/7.0/apache2/conf.d/20-iconv.ini create mode 120000 php/7.0/apache2/conf.d/20-json.ini create mode 120000 php/7.0/apache2/conf.d/20-ldap.ini create mode 120000 php/7.0/apache2/conf.d/20-mcrypt.ini create mode 120000 php/7.0/apache2/conf.d/20-phar.ini create mode 120000 php/7.0/apache2/conf.d/20-posix.ini create mode 120000 php/7.0/apache2/conf.d/20-readline.ini create mode 120000 php/7.0/apache2/conf.d/20-shmop.ini create mode 120000 php/7.0/apache2/conf.d/20-sockets.ini create mode 120000 php/7.0/apache2/conf.d/20-sysvmsg.ini create mode 120000 php/7.0/apache2/conf.d/20-sysvsem.ini create mode 120000 php/7.0/apache2/conf.d/20-sysvshm.ini create mode 120000 php/7.0/apache2/conf.d/20-tokenizer.ini rename php5/apache2/php.ini.ucf-dist => php/7.0/apache2/php.ini (92%) create mode 120000 php/7.0/cli/conf.d/10-opcache.ini create mode 120000 php/7.0/cli/conf.d/10-pdo.ini create mode 120000 php/7.0/cli/conf.d/20-calendar.ini create mode 120000 php/7.0/cli/conf.d/20-ctype.ini create mode 120000 php/7.0/cli/conf.d/20-exif.ini create mode 120000 php/7.0/cli/conf.d/20-fileinfo.ini create mode 120000 php/7.0/cli/conf.d/20-ftp.ini create mode 120000 php/7.0/cli/conf.d/20-gd.ini create mode 120000 php/7.0/cli/conf.d/20-gettext.ini create mode 120000 php/7.0/cli/conf.d/20-iconv.ini create mode 120000 php/7.0/cli/conf.d/20-json.ini create mode 120000 php/7.0/cli/conf.d/20-ldap.ini create mode 120000 php/7.0/cli/conf.d/20-mcrypt.ini create mode 120000 php/7.0/cli/conf.d/20-phar.ini create mode 120000 php/7.0/cli/conf.d/20-posix.ini create mode 120000 php/7.0/cli/conf.d/20-readline.ini create mode 120000 php/7.0/cli/conf.d/20-shmop.ini create mode 120000 php/7.0/cli/conf.d/20-sockets.ini create mode 120000 php/7.0/cli/conf.d/20-sysvmsg.ini create mode 120000 php/7.0/cli/conf.d/20-sysvsem.ini create mode 120000 php/7.0/cli/conf.d/20-sysvshm.ini create mode 120000 php/7.0/cli/conf.d/20-tokenizer.ini rename {php5 => php/7.0}/cli/php.ini (92%) create mode 100644 php/7.0/mods-available/calendar.ini create mode 100644 php/7.0/mods-available/ctype.ini create mode 100644 php/7.0/mods-available/exif.ini create mode 100644 php/7.0/mods-available/fileinfo.ini create mode 100644 php/7.0/mods-available/ftp.ini create mode 100644 php/7.0/mods-available/gd.ini create mode 100644 php/7.0/mods-available/gettext.ini create mode 100644 php/7.0/mods-available/iconv.ini rename {php5 => php/7.0}/mods-available/json.ini (100%) create mode 100644 php/7.0/mods-available/ldap.ini create mode 100644 php/7.0/mods-available/mcrypt.ini create mode 100644 php/7.0/mods-available/opcache.ini create mode 100644 php/7.0/mods-available/pdo.ini create mode 100644 php/7.0/mods-available/phar.ini create mode 100644 php/7.0/mods-available/posix.ini rename {php5 => php/7.0}/mods-available/readline.ini (100%) create mode 100644 php/7.0/mods-available/shmop.ini create mode 100644 php/7.0/mods-available/sockets.ini create mode 100644 php/7.0/mods-available/sysvmsg.ini create mode 100644 php/7.0/mods-available/sysvsem.ini create mode 100644 php/7.0/mods-available/sysvshm.ini create mode 100644 php/7.0/mods-available/tokenizer.ini delete mode 120000 php5/apache2/conf.d/05-opcache.ini delete mode 120000 php5/apache2/conf.d/10-pdo.ini delete mode 120000 php5/apache2/conf.d/20-json.ini delete mode 120000 php5/apache2/conf.d/20-ldap.ini delete mode 120000 php5/apache2/conf.d/20-readline.ini delete mode 100644 php5/apache2/php.ini delete mode 120000 php5/cli/conf.d/05-opcache.ini delete mode 120000 php5/cli/conf.d/10-pdo.ini delete mode 120000 php5/cli/conf.d/20-json.ini delete mode 120000 php5/cli/conf.d/20-ldap.ini delete mode 120000 php5/cli/conf.d/20-readline.ini delete mode 100644 php5/mods-available/ldap.ini delete mode 100644 php5/mods-available/opcache.ini delete mode 100644 php5/mods-available/pdo.ini delete mode 100644 phpldapadmin/apache.conf delete mode 100644 phpldapadmin/config.php delete mode 100644 phpldapadmin/templates/creation/alias.xml delete mode 100644 phpldapadmin/templates/creation/courierMailAccount.xml delete mode 100644 phpldapadmin/templates/creation/courierMailAlias.xml delete mode 100644 phpldapadmin/templates/creation/dNSDomain.xml delete mode 100644 phpldapadmin/templates/creation/example.xml delete mode 100644 phpldapadmin/templates/creation/inetOrgPerson.xml delete mode 100644 phpldapadmin/templates/creation/kolabPerson.xml delete mode 100644 phpldapadmin/templates/creation/mozillaOrgPerson.xml delete mode 100644 phpldapadmin/templates/creation/organizationalRole.xml delete mode 100644 phpldapadmin/templates/creation/ou.xml delete mode 100644 phpldapadmin/templates/creation/posixAccount.xml delete mode 100644 phpldapadmin/templates/creation/posixGroup.xml delete mode 100644 phpldapadmin/templates/creation/sambaDomain.xml delete mode 100644 phpldapadmin/templates/creation/sambaGroupMapping.xml delete mode 100644 phpldapadmin/templates/creation/sambaMachine.xml delete mode 100644 phpldapadmin/templates/creation/sambaSamAccount.xml delete mode 100644 phpldapadmin/templates/creation/sendmailMTAAliasObject.xml delete mode 100644 phpldapadmin/templates/creation/sendmailMTAClass.xml delete mode 100644 phpldapadmin/templates/creation/sendmailMTACluster.xml delete mode 100644 phpldapadmin/templates/creation/sendmailMTAMapObject.xml delete mode 100644 phpldapadmin/templates/creation/sendmailVirtualDomain.xml delete mode 100644 phpldapadmin/templates/creation/sendmailVirtualUser.xml delete mode 100644 phpldapadmin/templates/creation/simpleSecurityObject.xml delete mode 100644 phpldapadmin/templates/modification/inetOrgPerson.xml delete mode 100644 phpldapadmin/templates/modification/posixGroup.xml delete mode 100644 phpldapadmin/templates/template.dtd create mode 100644 postfix/main.cf.proto create mode 100644 postfix/makedefs.out create mode 100644 postfix/master.cf.proto create mode 100644 postfix/postfix-files.d/pcre.files create mode 100644 postfix/postfix-files.d/sqlite.files create mode 100644 python3.5/sitecustomize.py create mode 120000 rc0.d/K01apache-htcacheclean create mode 120000 rc0.d/K01atd create mode 120000 rc0.d/K01cgmanager create mode 120000 rc0.d/K01cgproxy create mode 120000 rc0.d/K01lvm2-lvmetad create mode 120000 rc0.d/K01lvm2-lvmpolld create mode 120000 rc1.d/K01apache-htcacheclean create mode 120000 rc1.d/K01atd create mode 120000 rc1.d/K01cgmanager create mode 120000 rc1.d/K01cgproxy create mode 120000 rc1.d/K01lvm2-lvmetad create mode 120000 rc1.d/K01lvm2-lvmpolld rename rc1.d/{S01motd => S02motd} (100%) rename rc1.d/{S04bootlogs => S05bootlogs} (100%) rename rc1.d/{S05single => S06single} (100%) create mode 120000 rc2.d/K01apache-htcacheclean create mode 120000 rc2.d/S01console-setup.sh create mode 120000 rc2.d/S02cgmanager create mode 120000 rc2.d/S02lvm2-lvmetad create mode 120000 rc2.d/S02lvm2-lvmpolld rename rc2.d/{S01motd => S02motd} (100%) rename rc2.d/{S01rsyslog => S02rsyslog} (100%) rename rc2.d/{S01salt-master => S02salt-master} (100%) rename rc2.d/{S01salt-minion => S02salt-minion} (100%) rename rc2.d/{S02acpid => S03acpid} (100%) create mode 120000 rc2.d/S03atd rename rc2.d/{S02bind9 => S03bind9} (100%) create mode 120000 rc2.d/S03cgproxy create mode 120000 rc2.d/S03dbus rename rc2.d/{S02haveged => S03haveged} (100%) rename rc2.d/{S02slapd => S03slapd} (100%) rename rc2.d/{S02ssh => S03ssh} (100%) rename rc2.d/{S02ulogd2 => S03ulogd2} (100%) rename rc2.d/{S03apache2 => S04apache2} (100%) rename rc2.d/{S04bootlogs => S05bootlogs} (100%) rename rc2.d/{S04chrony => S05chrony} (100%) rename rc2.d/{S04cron => S05cron} (100%) rename rc2.d/{S02fail2ban => S05fail2ban} (100%) rename rc2.d/{S04postfix => S05postfix} (100%) rename rc2.d/{S04rsync => S05rsync} (100%) rename rc2.d/{S05rc.local => S06rc.local} (100%) rename rc2.d/{S05rmnologin => S06rmnologin} (100%) create mode 120000 rc3.d/K01apache-htcacheclean create mode 120000 rc3.d/S01console-setup.sh create mode 120000 rc3.d/S02cgmanager create mode 120000 rc3.d/S02lvm2-lvmetad create mode 120000 rc3.d/S02lvm2-lvmpolld rename rc3.d/{S01motd => S02motd} (100%) rename rc3.d/{S01rsyslog => S02rsyslog} (100%) rename rc3.d/{S01salt-master => S02salt-master} (100%) rename rc3.d/{S01salt-minion => S02salt-minion} (100%) rename rc3.d/{S02acpid => S03acpid} (100%) create mode 120000 rc3.d/S03atd rename rc3.d/{S02bind9 => S03bind9} (100%) create mode 120000 rc3.d/S03cgproxy create mode 120000 rc3.d/S03dbus rename rc3.d/{S02haveged => S03haveged} (100%) rename rc3.d/{S02slapd => S03slapd} (100%) rename rc3.d/{S02ssh => S03ssh} (100%) rename rc3.d/{S02ulogd2 => S03ulogd2} (100%) rename rc3.d/{S03apache2 => S04apache2} (100%) rename rc3.d/{S04bootlogs => S05bootlogs} (100%) rename rc3.d/{S04chrony => S05chrony} (100%) rename rc3.d/{S04cron => S05cron} (100%) rename rc3.d/{S02fail2ban => S05fail2ban} (100%) rename rc3.d/{S04postfix => S05postfix} (100%) rename rc3.d/{S04rsync => S05rsync} (100%) rename rc3.d/{S05rc.local => S06rc.local} (100%) rename rc3.d/{S05rmnologin => S06rmnologin} (100%) create mode 120000 rc4.d/K01apache-htcacheclean create mode 120000 rc4.d/S01console-setup.sh create mode 120000 rc4.d/S02cgmanager create mode 120000 rc4.d/S02lvm2-lvmetad create mode 120000 rc4.d/S02lvm2-lvmpolld rename rc4.d/{S01motd => S02motd} (100%) rename rc4.d/{S01rsyslog => S02rsyslog} (100%) rename rc4.d/{S01salt-master => S02salt-master} (100%) rename rc4.d/{S01salt-minion => S02salt-minion} (100%) rename rc4.d/{S02acpid => S03acpid} (100%) create mode 120000 rc4.d/S03atd rename rc4.d/{S02bind9 => S03bind9} (100%) create mode 120000 rc4.d/S03cgproxy create mode 120000 rc4.d/S03dbus rename rc4.d/{S02haveged => S03haveged} (100%) rename rc4.d/{S02slapd => S03slapd} (100%) rename rc4.d/{S02ssh => S03ssh} (100%) rename rc4.d/{S02ulogd2 => S03ulogd2} (100%) rename rc4.d/{S03apache2 => S04apache2} (100%) rename rc4.d/{S04bootlogs => S05bootlogs} (100%) rename rc4.d/{S04chrony => S05chrony} (100%) rename rc4.d/{S04cron => S05cron} (100%) rename rc4.d/{S02fail2ban => S05fail2ban} (100%) rename rc4.d/{S04postfix => S05postfix} (100%) rename rc4.d/{S04rsync => S05rsync} (100%) rename rc4.d/{S05rc.local => S06rc.local} (100%) rename rc4.d/{S05rmnologin => S06rmnologin} (100%) create mode 120000 rc5.d/K01apache-htcacheclean create mode 120000 rc5.d/S01console-setup.sh create mode 120000 rc5.d/S02cgmanager create mode 120000 rc5.d/S02lvm2-lvmetad create mode 120000 rc5.d/S02lvm2-lvmpolld rename rc5.d/{S01motd => S02motd} (100%) rename rc5.d/{S01rsyslog => S02rsyslog} (100%) rename rc5.d/{S01salt-master => S02salt-master} (100%) rename rc5.d/{S01salt-minion => S02salt-minion} (100%) rename rc5.d/{S02acpid => S03acpid} (100%) create mode 120000 rc5.d/S03atd rename rc5.d/{S02bind9 => S03bind9} (100%) create mode 120000 rc5.d/S03cgproxy create mode 120000 rc5.d/S03dbus rename rc5.d/{S02haveged => S03haveged} (100%) rename rc5.d/{S02slapd => S03slapd} (100%) rename rc5.d/{S02ssh => S03ssh} (100%) rename rc5.d/{S02ulogd2 => S03ulogd2} (100%) rename rc5.d/{S03apache2 => S04apache2} (100%) rename rc5.d/{S04bootlogs => S05bootlogs} (100%) rename rc5.d/{S04chrony => S05chrony} (100%) rename rc5.d/{S04cron => S05cron} (100%) rename rc5.d/{S02fail2ban => S05fail2ban} (100%) rename rc5.d/{S04postfix => S05postfix} (100%) rename rc5.d/{S04rsync => S05rsync} (100%) rename rc5.d/{S05rc.local => S06rc.local} (100%) rename rc5.d/{S05rmnologin => S06rmnologin} (100%) create mode 120000 rc6.d/K01apache-htcacheclean create mode 120000 rc6.d/K01atd create mode 120000 rc6.d/K01cgmanager create mode 120000 rc6.d/K01cgproxy create mode 120000 rc6.d/K01lvm2-lvmetad create mode 120000 rc6.d/K01lvm2-lvmpolld delete mode 120000 rcS.d/S03keyboard-setup create mode 120000 rcS.d/S03keyboard-setup.sh delete mode 120000 rcS.d/S11udev-finish rename rcS.d/{S17bootmisc.sh => S15bootmisc.sh} (100%) delete mode 120000 rcS.d/S15kbd rename rcS.d/{S17netfilter-persistent => S15netfilter-persistent} (100%) delete mode 120000 rcS.d/S16console-setup create mode 100644 rsyslog.conf.dpkg-dist create mode 100644 s-nail.rc create mode 100644 salt/master.d/my.conf create mode 100644 salt/pki/master/minions/vera.home.brehm-online.com create mode 100644 skel/.bashrc.dpkg-dist create mode 100644 ssh/ssh_config.dpkg-dist create mode 120000 ssl/certs/02756ea4.0 delete mode 120000 ssl/certs/03f2b8cf.0 delete mode 120000 ssl/certs/1ec4d31a.0 delete mode 120000 ssl/certs/262ba90f.0 delete mode 120000 ssl/certs/26eaad2f.0 delete mode 120000 ssl/certs/2ab3b959.0 create mode 120000 ssl/certs/2c11d503.0 create mode 120000 ssl/certs/32888f65.0 delete mode 120000 ssl/certs/33815e15.0 delete mode 120000 ssl/certs/33815e15.1 create mode 120000 ssl/certs/3929ec9f.0 create mode 120000 ssl/certs/40193066.0 create mode 120000 ssl/certs/4042bcee.0 delete mode 120000 ssl/certs/415660c1.1 create mode 120000 ssl/certs/451b5485.0 create mode 120000 ssl/certs/559f7c71.0 delete mode 120000 ssl/certs/56e29e75.0 delete mode 120000 ssl/certs/5a5372fc.0 delete mode 120000 ssl/certs/5d63b0ae.0 create mode 120000 ssl/certs/608a55ad.0 create mode 120000 ssl/certs/6187b673.0 delete mode 120000 ssl/certs/635ccfd5.0 delete mode 120000 ssl/certs/67d559d1.0 delete mode 120000 ssl/certs/72fa7371.0 delete mode 120000 ssl/certs/755f7420.0 delete mode 120000 ssl/certs/7651b327.1 create mode 120000 ssl/certs/7719f463.0 delete mode 120000 ssl/certs/8096d0a9.0 delete mode 120000 ssl/certs/8317b10c.0 delete mode 120000 ssl/certs/861e0100.0 create mode 120000 ssl/certs/87229d21.0 delete mode 120000 ssl/certs/876f1e28.0 create mode 120000 ssl/certs/9168f543.0 create mode 120000 ssl/certs/9479c8c3.0 delete mode 120000 ssl/certs/961f5451.0 create mode 120000 ssl/certs/9c3323d4.0 delete mode 120000 ssl/certs/CA_Disig.pem delete mode 120000 ssl/certs/CA_WoSign_ECC_Root.pem delete mode 120000 ssl/certs/Certification_Authority_of_WoSign_G2.pem create mode 120000 ssl/certs/Certplus_Root_CA_G1.pem create mode 120000 ssl/certs/Certplus_Root_CA_G2.pem create mode 120000 ssl/certs/Certum_Trusted_Network_CA_2.pem create mode 120000 ssl/certs/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem create mode 120000 ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem create mode 120000 ssl/certs/ISRG_Root_X1.pem delete mode 120000 ssl/certs/NetLock_Business_=Class_B=_Root.pem delete mode 120000 ssl/certs/NetLock_Express_=Class_C=_Root.pem delete mode 120000 ssl/certs/NetLock_Notary_=Class_A=_Root.pem delete mode 120000 ssl/certs/NetLock_Qualified_=Class_QA=_Root.pem create mode 120000 ssl/certs/OpenTrust_Root_CA_G1.pem create mode 120000 ssl/certs/OpenTrust_Root_CA_G2.pem create mode 120000 ssl/certs/OpenTrust_Root_CA_G3.pem create mode 120000 ssl/certs/SZAFIR_ROOT_CA2.pem delete mode 120000 ssl/certs/Sonera_Class_1_Root_CA.pem delete mode 120000 ssl/certs/Staat_der_Nederlanden_Root_CA.pem delete mode 120000 ssl/certs/StartCom_Certification_Authority.pem delete mode 120000 ssl/certs/StartCom_Certification_Authority_2.pem delete mode 120000 ssl/certs/StartCom_Certification_Authority_G2.pem delete mode 120000 ssl/certs/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem delete mode 120000 ssl/certs/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem delete mode 120000 ssl/certs/Verisign_Class_3_Public_Primary_Certification_Authority_2.pem delete mode 120000 ssl/certs/WoSign.pem delete mode 120000 ssl/certs/WoSign_China.pem create mode 120000 ssl/certs/a81e292b.0 delete mode 120000 ssl/certs/add67345.0 delete mode 120000 ssl/certs/ae8153b9.0 delete mode 120000 ssl/certs/ae8153b9.1 delete mode 120000 ssl/certs/b42ff584.0 delete mode 120000 ssl/certs/b6c5745d.0 delete mode 120000 ssl/certs/b7e7231a.0 delete mode 120000 ssl/certs/b8e83700.0 delete mode 120000 ssl/certs/c19d42c7.0 create mode 120000 ssl/certs/cb1c3204.0 delete mode 120000 ssl/certs/cdaebb72.0 delete mode 120000 ssl/certs/d5727d6a.0 delete mode 120000 ssl/certs/d64f06f3.0 create mode 120000 ssl/certs/d8317ada.0 delete mode 120000 ssl/certs/d9d12c58.0 create mode 120000 ssl/certs/dc99f41e.0 delete mode 120000 ssl/certs/ec87c655.0 delete mode 120000 ssl/certs/ee90b008.0 delete mode 120000 ssl/certs/f38a011e.0 create mode 120000 ssl/certs/fe8a2cd8.0 delete mode 120000 ssl/certs/spi-cacert-2008.pem create mode 120000 sysctl.d/99-sysctl.conf delete mode 100644 systemd/bootchart.conf create mode 100644 systemd/network/50-virtio-kernel-names.link create mode 100644 systemd/network/99-default.link create mode 120000 systemd/system/chronyd.service delete mode 120000 systemd/system/halt.target.wants/hwclock-save.service delete mode 120000 systemd/system/local-fs.target.wants/lvm2-activation-early.service delete mode 120000 systemd/system/local-fs.target.wants/lvm2-activation.service create mode 120000 systemd/system/multi-user.target.wants/apache2.service create mode 120000 systemd/system/multi-user.target.wants/atd.service create mode 120000 systemd/system/multi-user.target.wants/chrony.service create mode 120000 systemd/system/multi-user.target.wants/console-setup.service create mode 120000 systemd/system/multi-user.target.wants/fail2ban.service create mode 120000 systemd/system/multi-user.target.wants/networking.service create mode 120000 systemd/system/multi-user.target.wants/postfix.service create mode 120000 systemd/system/multi-user.target.wants/rsync.service create mode 120000 systemd/system/network-online.target.wants/networking.service delete mode 120000 systemd/system/poweroff.target.wants/hwclock-save.service delete mode 120000 systemd/system/reboot.target.wants/hwclock-save.service create mode 120000 systemd/system/sysinit.target.wants/keyboard-setup.service create mode 120000 systemd/system/sysinit.target.wants/lvm2-lvmpolld.socket create mode 120000 systemd/system/sysinit.target.wants/systemd-timesyncd.service create mode 120000 systemd/system/timers.target.wants/apt-daily-upgrade.timer create mode 120000 systemd/system/timers.target.wants/apt-daily.timer create mode 120000 systemd/system/timers.target.wants/phpsessionclean.timer create mode 100755 update-motd.d/10-uname create mode 120000 xdg/systemd/user diff --git a/NetworkManager/dispatcher.d/20-chrony b/NetworkManager/dispatcher.d/20-chrony new file mode 100755 index 0000000..084aed6 --- /dev/null +++ b/NetworkManager/dispatcher.d/20-chrony @@ -0,0 +1,17 @@ +#!/bin/sh +# This is a NetworkManager dispatcher script for chronyd to set its NTP sources +# online/offline when a default route is configured/removed on the system. + +export LC_ALL=C + +if [ "$2" = "up" ]; then + /sbin/ip route list dev "$1" | grep -q '^default' && + /usr/bin/chronyc online > /dev/null 2>&1 +fi + +if [ "$2" = "down" ]; then + /sbin/ip route list | grep -q '^default' || + /usr/bin/chronyc offline > /dev/null 2>&1 +fi + +exit 0 diff --git a/X11/Xsession.d/90gpg-agent b/X11/Xsession.d/90gpg-agent new file mode 100644 index 0000000..8b45b05 --- /dev/null +++ b/X11/Xsession.d/90gpg-agent @@ -0,0 +1,22 @@ +# On systems with systemd running, we expect the agent to be launched +# via systemd's user mode (see +# /usr/lib/systemd/user/gpg-agent.{socket,service} and +# systemd.unit(5)). This allows systemd to clean up the agent +# automatically at logout. + +# If systemd is absent from your system, or you do not permit it to +# run in user mode, then you may need to manually launch gpg-agent +# from your session initialization with something like "gpgconf +# --launch gpg-agent" + +# Nonetheless, ssh and older versions of gpg require environment +# variables to be set in order to find the agent, so we will set those +# here. + +agent_sock=$(gpgconf --list-dirs agent-socket) +export GPG_AGENT_INFO=${agent_sock}:0:1 +if [ -n "$(gpgconf --list-options gpg-agent | \ + awk -F: '/^enable-ssh-support:/{ print $10 }')" ]; then + export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) +fi + diff --git a/aliases.db b/aliases.db index 049d72760a19d703bbe9b3bf68aa4076a703976c..9c50ba22150be4719e80928f4805a7477d8b309d 100644 GIT binary patch delta 74 zcmZojXh@h~!l%H%z`)4Cz~KI8^{M`glmGFHZH&m0S1-*d)lEvwOUz5vOG#yn42bu2 c3=VM(iuZH$b!9X(H83zS1R}%DFXhDr0FiDNM*si- delta 74 zcmZojXh@h~!ewn2x@VU4WD1LA!h egF{?{;{6); +# you will save yourself a lot of trouble. +# +# Do NOT add a slash at the end of the directory path. +# +#ServerRoot "/etc/apache2" + +# +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +# +#Mutex file:${APACHE_LOCK_DIR} default + +# +# The directory where shm and other runtime files will be stored. +# + +DefaultRuntimeDir ${APACHE_RUN_DIR} + +# +# PidFile: The file in which the server should record its process +# identification number when it starts. +# This needs to be set in /etc/apache2/envvars +# +PidFile ${APACHE_PID_FILE} + +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 300 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 5 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} + +# +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +# +HostnameLookups Off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog ${APACHE_LOG_DIR}/error.log + +# +# LogLevel: Control the severity of messages logged to the error_log. +# Available values: trace8, ..., trace1, debug, info, notice, warn, +# error, crit, alert, emerg. +# It is also possible to configure the log level for particular modules, e.g. +# "LogLevel info ssl:warn" +# +LogLevel warn + +# Include module configuration: +IncludeOptional mods-enabled/*.load +IncludeOptional mods-enabled/*.conf + +# Include list of ports to listen on +Include ports.conf + + +# Sets the default security model of the Apache2 HTTPD server. It does +# not allow access to the root filesystem outside of /usr/share and /var/www. +# The former is used by web applications packaged in Debian, +# the latter may be used for local directories served by the web server. If +# your system is serving content from a sub-directory in /srv you must allow +# access here, or in any related virtual host. + + Options FollowSymLinks + AllowOverride None + Require all denied + + + + AllowOverride None + Require all granted + + + + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + +# +# Options Indexes FollowSymLinks +# AllowOverride None +# Require all granted +# + + + + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +# +AccessFileName .htaccess + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + + +# +# The following directives define some format nicknames for use with +# a CustomLog directive. +# +# These deviate from the Common Log Format definitions in that they use %O +# (the actual bytes sent including headers) instead of %b (the size of the +# requested file), because the latter makes it impossible to detect partial +# requests. +# +# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. +# Use mod_remoteip instead. +# +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent + +# Include of directories ignores editors' and dpkg's backup files, +# see README.Debian for details. + +# Include generic snippets of statements +IncludeOptional conf-enabled/*.conf + +# Include the virtual host configurations: +IncludeOptional sites-enabled/*.conf + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/apache2/conf-available/custom-log.conf b/apache2/conf-available/custom-log.conf old mode 100755 new mode 100644 diff --git a/apache2/conf-available/gitweb.conf b/apache2/conf-available/gitweb.conf index abd288a..cb914bc 100644 --- a/apache2/conf-available/gitweb.conf +++ b/apache2/conf-available/gitweb.conf @@ -1,9 +1,11 @@ - - Define ENABLE_GITWEB - - - Define ENABLE_GITWEB + + + Define ENABLE_GITWEB + + + Define ENABLE_GITWEB + diff --git a/apache2/conf-available/phpldapadmin.conf b/apache2/conf-available/phpldapadmin.conf deleted file mode 120000 index 3742074..0000000 --- a/apache2/conf-available/phpldapadmin.conf +++ /dev/null @@ -1 +0,0 @@ -/etc/phpldapadmin/apache.conf \ No newline at end of file diff --git a/apache2/conf-available/security.conf b/apache2/conf-available/security.conf index 599333b..f9f69d4 100644 --- a/apache2/conf-available/security.conf +++ b/apache2/conf-available/security.conf @@ -7,8 +7,7 @@ # # # AllowOverride None -# Order Deny,Allow -# Deny from all +# Require all denied # diff --git a/apache2/conf-enabled/phpldapadmin.conf b/apache2/conf-enabled/phpldapadmin.conf deleted file mode 120000 index 6888fa5..0000000 --- a/apache2/conf-enabled/phpldapadmin.conf +++ /dev/null @@ -1 +0,0 @@ -../conf-available/phpldapadmin.conf \ No newline at end of file diff --git a/apache2/envvars b/apache2/envvars index 91328ac..708d170 100644 --- a/apache2/envvars +++ b/apache2/envvars @@ -16,7 +16,7 @@ fi export APACHE_RUN_USER=www-data export APACHE_RUN_GROUP=www-data # temporary state file location. This might be changed to /run in Wheezy+1 -export APACHE_PID_FILE=/var/run/apache2/apache2$SUFFIX.pid +export APACHE_PID_FILE=/var/run/apache2$SUFFIX/apache2.pid export APACHE_RUN_DIR=/var/run/apache2$SUFFIX export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX # Only /var/log/apache2 is handled by /etc/logrotate.d/apache2. diff --git a/apache2/info_users_passwd b/apache2/info_users_passwd new file mode 100644 index 0000000..a9cf5ab --- /dev/null +++ b/apache2/info_users_passwd @@ -0,0 +1,3 @@ +monitoring:$apr1$rq/i6DzS$Qk6YAABQSeIgXe5Z0cc7K0 +uhu:$apr1$cFagqyiq$T2azAWwszStOUz/mmfONd/ +frank:$apr1$q0RMdmRi$5egjyB4c32Ts/swS3hkuN0 diff --git a/apache2/mods-available/cern_meta.load b/apache2/mods-available/cern_meta.load new file mode 100644 index 0000000..bcc7546 --- /dev/null +++ b/apache2/mods-available/cern_meta.load @@ -0,0 +1 @@ +LoadModule cern_meta_module /usr/lib/apache2/modules/mod_cern_meta.so diff --git a/apache2/mods-available/http2.load b/apache2/mods-available/http2.load new file mode 100644 index 0000000..e5c769f --- /dev/null +++ b/apache2/mods-available/http2.load @@ -0,0 +1 @@ +LoadModule http2_module /usr/lib/apache2/modules/mod_http2.so diff --git a/apache2/mods-available/imagemap.load b/apache2/mods-available/imagemap.load new file mode 100644 index 0000000..0fd55f8 --- /dev/null +++ b/apache2/mods-available/imagemap.load @@ -0,0 +1 @@ +LoadModule imagemap_module /usr/lib/apache2/modules/mod_imagemap.so diff --git a/apache2/mods-available/info.conf b/apache2/mods-available/info.conf index 78a0649..b3e5f59 100644 --- a/apache2/mods-available/info.conf +++ b/apache2/mods-available/info.conf @@ -2,12 +2,17 @@ # Allow remote server configuration reports, with the URL of # http://servername/server-info (requires that mod_info.c be loaded). - # Uncomment and change the "192.0.2.0/24" to allow access from other hosts. # SetHandler server-info - Require local - #Require ip 192.0.2.0/24 + AuthName "Server Status Access" + AuthType Basic + AuthBasicProvider file + AuthUserFile /etc/apache2/info_users_passwd + + Require local + Require valid-user + diff --git a/apache2/mods-available/php5.load b/apache2/mods-available/php5.load deleted file mode 100644 index 653695f..0000000 --- a/apache2/mods-available/php5.load +++ /dev/null @@ -1 +0,0 @@ -LoadModule php5_module /usr/lib/apache2/modules/libphp5.so diff --git a/apache2/mods-available/php5.conf b/apache2/mods-available/php7.0.conf similarity index 90% rename from apache2/mods-available/php5.conf rename to apache2/mods-available/php7.0.conf index 2b2b42b..41b48f9 100644 --- a/apache2/mods-available/php5.conf +++ b/apache2/mods-available/php7.0.conf @@ -1,4 +1,4 @@ - + SetHandler application/x-httpd-php @@ -9,7 +9,7 @@ Require all denied # Deny access to files without filename (e.g. '.php') - + Require all denied diff --git a/apache2/mods-available/php7.0.load b/apache2/mods-available/php7.0.load new file mode 100644 index 0000000..b539a0e --- /dev/null +++ b/apache2/mods-available/php7.0.load @@ -0,0 +1,3 @@ +# Conflicts: php5 +# Depends: mpm_prefork +LoadModule php7_module /usr/lib/apache2/modules/libphp7.0.so diff --git a/apache2/mods-available/proxy_hcheck.load b/apache2/mods-available/proxy_hcheck.load new file mode 100644 index 0000000..b70f421 --- /dev/null +++ b/apache2/mods-available/proxy_hcheck.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_hcheck_module /usr/lib/apache2/modules/mod_proxy_hcheck.so diff --git a/apache2/mods-available/proxy_html.load b/apache2/mods-available/proxy_html.load index d8b248e..50f1a2c 100644 --- a/apache2/mods-available/proxy_html.load +++ b/apache2/mods-available/proxy_html.load @@ -1,2 +1,2 @@ -# Depends: proxy +# Depends: proxy xml2enc LoadModule proxy_html_module /usr/lib/apache2/modules/mod_proxy_html.so diff --git a/apache2/mods-available/proxy_http2.load b/apache2/mods-available/proxy_http2.load new file mode 100644 index 0000000..b251d0c --- /dev/null +++ b/apache2/mods-available/proxy_http2.load @@ -0,0 +1,2 @@ +# Depends: proxy http2 +LoadModule proxy_http2_module /usr/lib/apache2/modules/mod_proxy_http2.so diff --git a/apache2/mods-available/status.conf b/apache2/mods-available/status.conf index 5f53ba7..b61bb58 100644 --- a/apache2/mods-available/status.conf +++ b/apache2/mods-available/status.conf @@ -1,12 +1,18 @@ # Allow server status reports generated by mod_status, # with the URL of http://servername/server-status - # Uncomment and change the "192.0.2.0/24" to allow access from other hosts. SetHandler server-status - Require local - #Require ip 192.0.2.0/24 + AuthName "Server Status Access" + AuthType Basic + AuthBasicProvider file + AuthUserFile /etc/apache2/info_users_passwd + + Require local + Require valid-user + + # Keep track of extended status information for each request diff --git a/apache2/mods-available/userdir.conf b/apache2/mods-available/userdir.conf index a6c0da6..2c334ec 100644 --- a/apache2/mods-available/userdir.conf +++ b/apache2/mods-available/userdir.conf @@ -5,12 +5,7 @@ AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec - - Require all granted - - - Require all denied - + Require method GET POST OPTIONS diff --git a/apache2/mods-enabled/info.conf b/apache2/mods-enabled/info.conf new file mode 120000 index 0000000..432cc88 --- /dev/null +++ b/apache2/mods-enabled/info.conf @@ -0,0 +1 @@ +../mods-available/info.conf \ No newline at end of file diff --git a/apache2/mods-enabled/info.load b/apache2/mods-enabled/info.load new file mode 120000 index 0000000..982891d --- /dev/null +++ b/apache2/mods-enabled/info.load @@ -0,0 +1 @@ +../mods-available/info.load \ No newline at end of file diff --git a/apache2/mods-enabled/php5.conf b/apache2/mods-enabled/php5.conf deleted file mode 120000 index ce1dd2e..0000000 --- a/apache2/mods-enabled/php5.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/php5.conf \ No newline at end of file diff --git a/apache2/mods-enabled/php5.load b/apache2/mods-enabled/php5.load deleted file mode 120000 index dae39ce..0000000 --- a/apache2/mods-enabled/php5.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/php5.load \ No newline at end of file diff --git a/apache2/mods-enabled/php7.0.conf b/apache2/mods-enabled/php7.0.conf new file mode 120000 index 0000000..11c4a99 --- /dev/null +++ b/apache2/mods-enabled/php7.0.conf @@ -0,0 +1 @@ +../mods-available/php7.0.conf \ No newline at end of file diff --git a/apache2/mods-enabled/php7.0.load b/apache2/mods-enabled/php7.0.load new file mode 120000 index 0000000..58e0a2f --- /dev/null +++ b/apache2/mods-enabled/php7.0.load @@ -0,0 +1 @@ +../mods-available/php7.0.load \ No newline at end of file diff --git a/apache2/mods-enabled/reqtimeout.conf b/apache2/mods-enabled/reqtimeout.conf new file mode 120000 index 0000000..093b41d --- /dev/null +++ b/apache2/mods-enabled/reqtimeout.conf @@ -0,0 +1 @@ +../mods-available/reqtimeout.conf \ No newline at end of file diff --git a/apache2/mods-enabled/reqtimeout.load b/apache2/mods-enabled/reqtimeout.load new file mode 120000 index 0000000..979fab9 --- /dev/null +++ b/apache2/mods-enabled/reqtimeout.load @@ -0,0 +1 @@ +../mods-available/reqtimeout.load \ No newline at end of file diff --git a/apache2/sites-available/000-default-ssl.conf b/apache2/sites-available/000-default-ssl.conf new file mode 100644 index 0000000..69e985f --- /dev/null +++ b/apache2/sites-available/000-default-ssl.conf @@ -0,0 +1,48 @@ + + + + + + Include sites-available/default-include.conf + + SSLEngine on + + SSLCertificateFile /etc/letsencrypt/live/git.uhu-banane.net/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/git.uhu-banane.net/privkey.pem + + Include /etc/letsencrypt/options-ssl-apache.conf + + #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt + + #SSLCACertificatePath /etc/ssl/certs/ + #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt + + #SSLCARevocationPath /etc/apache2/ssl.crl/ + #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl + + #SSLVerifyClient require + #SSLVerifyDepth 10 + + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + + BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + # MSIE 7 and newer should be able to use keepalive + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + + ServerName ns3.uhu-banane.de + ServerAlias ns3 + ServerAlias ns3.brehm-online.com + + + + +# vim: filetype=apache ts=8 sw=4 sts=4 sr noet diff --git a/apache2/sites-available/default-ssl.conf.dpkg-dist b/apache2/sites-available/default-ssl.conf.dpkg-dist new file mode 100644 index 0000000..7e37a9c --- /dev/null +++ b/apache2/sites-available/default-ssl.conf.dpkg-dist @@ -0,0 +1,134 @@ + + + ServerAdmin webmaster@localhost + + DocumentRoot /var/www/html + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + # For most configuration files from conf-available/, which are + # enabled or disabled at a global level, it is possible to + # include a line for only one particular virtual host. For example the + # following line enables the CGI configuration for this host only + # after it has been globally disabled with "a2disconf". + #Include conf-available/serve-cgi-bin.conf + + # SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + # A self-signed (snakeoil) certificate can be created by installing + # the ssl-cert package. See + # /usr/share/doc/apache2/README.Debian.gz for more info. + # If both key and certificate are stored in the same file, only the + # SSLCertificateFile directive is needed. + SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem + SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key + + # Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the + # concatenation of PEM encoded CA certificates which form the + # certificate chain for the server certificate. Alternatively + # the referenced file can be the same as SSLCertificateFile + # when the CA certificates are directly appended to the server + # certificate for convinience. + #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt + + # Certificate Authority (CA): + # Set the CA certificate verification path where to find CA + # certificates for client authentication or alternatively one + # huge file containing all of them (file must be PEM encoded) + # Note: Inside SSLCACertificatePath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCACertificatePath /etc/ssl/certs/ + #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt + + # Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client + # authentication or alternatively one huge file containing all + # of them (file must be PEM encoded) + # Note: Inside SSLCARevocationPath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCARevocationPath /etc/apache2/ssl.crl/ + #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl + + # Client Authentication (Type): + # Client certificate verification type and depth. Types are + # none, optional, require and optional_no_ca. Depth is a + # number which specifies how deeply to verify the certificate + # issuer chain before deciding the certificate is not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + # SSL Engine Options: + # Set various options for the SSL engine. + # o FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that + # the standard Auth/DBMAuth methods can be used for access control. The + # user name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + # o ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the + # server (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates + # into CGI scripts. + # o StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the + # exportation for CGI and SSI requests only. + # o OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + + # SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait for + # the close notify alert from client. When you need a different shutdown + # approach you can use one of the following variables: + # o ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates + # the SSL/TLS standard but is needed for some brain-dead browsers. Use + # this when you receive I/O errors because of the standard approach where + # mod_ssl sends the close notify alert. + # o ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation + # works correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + # BrowserMatch "MSIE [2-6]" \ + # nokeepalive ssl-unclean-shutdown \ + # downgrade-1.0 force-response-1.0 + + + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/apache2/sites-enabled/000-default-ssl.conf b/apache2/sites-enabled/000-default-ssl.conf new file mode 120000 index 0000000..596612a --- /dev/null +++ b/apache2/sites-enabled/000-default-ssl.conf @@ -0,0 +1 @@ +../sites-available/000-default-ssl.conf \ No newline at end of file diff --git a/apm/event.d/01chrony b/apm/event.d/01chrony deleted file mode 100755 index df52908..0000000 --- a/apm/event.d/01chrony +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -# Placed in /etc/apm/event.d by the chrony package at the instruction of -# the apmd maintainer. If you don't have apm and don't intend to install -# apmd you may remove it. It needs to run after 00hwclock but before any -# other scripts. - - -[ -x /usr/sbin/chronyd ] || exit 0 - -if [ "$1" = suspend ]; then - invoke-rc.d chrony stop -elif [ "$1" = standby ]; then - invoke-rc.d chrony stop -elif [ "$1" = resume ]; then - invoke-rc.d chrony start -fi diff --git a/apparmor.d/local/usr.sbin.haveged b/apparmor.d/local/usr.sbin.haveged new file mode 100644 index 0000000..07c2960 --- /dev/null +++ b/apparmor.d/local/usr.sbin.haveged @@ -0,0 +1,2 @@ +# Site-specific additions and overrides for usr.sbin.haveged. +# For more details, please see /etc/apparmor.d/local/README. diff --git a/apparmor.d/usr.sbin.haveged b/apparmor.d/usr.sbin.haveged new file mode 100644 index 0000000..0e61138 --- /dev/null +++ b/apparmor.d/usr.sbin.haveged @@ -0,0 +1,23 @@ +# Last Modified: Fri Aug 21 15:23:17 2015 +#include + +/usr/sbin/haveged { + #include + + # Required for ioctl RNDADDENTROPY + capability sys_admin, + + owner @{PROC}/@{pid}/status r, + + @{PROC}/sys/kernel/osrelease r, + @{PROC}/sys/kernel/random/poolsize r, + @{PROC}/sys/kernel/random/write_wakeup_threshold w, + /dev/random w, + + /sys/devices/system/cpu/ r, + /sys/devices/system/cpu/cpu*/cache/ r, + /sys/devices/system/cpu/cpu*/cache/index*/{type,size,level} r, + /usr/sbin/haveged mr, + + #include +} diff --git a/apparmor.d/usr.sbin.named b/apparmor.d/usr.sbin.named index 35df558..43e27c0 100644 --- a/apparmor.d/usr.sbin.named +++ b/apparmor.d/usr.sbin.named @@ -35,8 +35,9 @@ # dnscvsutil package /var/lib/dnscvsutil/compiled/** rw, - /proc/net/if_inet6 r, - /proc/*/net/if_inet6 r, + @{PROC}/net/if_inet6 r, + @{PROC}/*/net/if_inet6 r, + @{PROC}/sys/net/ipv4/ip_local_port_range r, /usr/sbin/named mr, /{,var/}run/named/named.pid w, /{,var/}run/named/session.key w, @@ -48,6 +49,19 @@ /var/log/named/** rw, /var/log/named/ rw, + # gssapi + /var/lib/sss/pubconf/krb5.include.d/** r, + /var/lib/sss/pubconf/krb5.include.d/ r, + /var/lib/sss/mc/initgroups r, + /etc/gss/mech.d/ r, + + # ldap + /etc/ldap/ldap.conf r, + /{,var/}run/slapd-*.socket rw, + + # dynamic updates + /var/tmp/DNS_* rw, + # Site-specific additions and overrides. See local/README for details. #include } diff --git a/apt/apt.conf.d/01autoremove b/apt/apt.conf.d/01autoremove index fc02350..3609ca4 100644 --- a/apt/apt.conf.d/01autoremove +++ b/apt/apt.conf.d/01autoremove @@ -29,10 +29,18 @@ APT Never-MarkAuto-Sections { "metapackages"; + "contrib/metapackages"; + "non-free/metapackages"; "restricted/metapackages"; "universe/metapackages"; "multiverse/metapackages"; + }; + + Move-Autobit-Sections + { "oldlibs"; + "contrib/oldlibs"; + "non-free/oldlibs"; "restricted/oldlibs"; "universe/oldlibs"; "multiverse/oldlibs"; diff --git a/apt/apt.conf.d/01autoremove-kernels b/apt/apt.conf.d/01autoremove-kernels index 3555efb..776cfdd 100644 --- a/apt/apt.conf.d/01autoremove-kernels +++ b/apt/apt.conf.d/01autoremove-kernels @@ -1,26 +1,32 @@ // DO NOT EDIT! File autogenerated by /etc/kernel/postinst.d/apt-auto-removal APT::NeverAutoRemove { - "^linux-image-3\.16\.0-4-amd64$"; - "^linux-image-4\.1\.6-gridscale$"; - "^linux-headers-3\.16\.0-4-amd64$"; - "^linux-headers-4\.1\.6-gridscale$"; - "^linux-image-extra-3\.16\.0-4-amd64$"; - "^linux-image-extra-4\.1\.6-gridscale$"; - "^linux-signed-image-3\.16\.0-4-amd64$"; - "^linux-signed-image-4\.1\.6-gridscale$"; - "^kfreebsd-image-3\.16\.0-4-amd64$"; - "^kfreebsd-image-4\.1\.6-gridscale$"; - "^kfreebsd-headers-3\.16\.0-4-amd64$"; - "^kfreebsd-headers-4\.1\.6-gridscale$"; - "^gnumach-image-3\.16\.0-4-amd64$"; - "^gnumach-image-4\.1\.6-gridscale$"; - "^.*-modules-3\.16\.0-4-amd64$"; - "^.*-modules-4\.1\.6-gridscale$"; - "^.*-kernel-3\.16\.0-4-amd64$"; - "^.*-kernel-4\.1\.6-gridscale$"; - "^linux-backports-modules-.*-3\.16\.0-4-amd64$"; - "^linux-backports-modules-.*-4\.1\.6-gridscale$"; - "^linux-tools-3\.16\.0-4-amd64$"; - "^linux-tools-4\.1\.6-gridscale$"; + "^linux-image-4\.9\.0-3-amd64$"; + "^linux-headers-4\.9\.0-3-amd64$"; + "^linux-image-extra-4\.9\.0-3-amd64$"; + "^linux-signed-image-4\.9\.0-3-amd64$"; + "^kfreebsd-image-4\.9\.0-3-amd64$"; + "^kfreebsd-headers-4\.9\.0-3-amd64$"; + "^gnumach-image-4\.9\.0-3-amd64$"; + "^.*-modules-4\.9\.0-3-amd64$"; + "^.*-kernel-4\.9\.0-3-amd64$"; + "^linux-backports-modules-.*-4\.9\.0-3-amd64$"; + "^linux-tools-4\.9\.0-3-amd64$"; }; +/* Debug information: +# dpkg list: +iF linux-image-4.9.0-3-amd64 4.9.30-2+deb9u3 amd64 Linux 4.9 for 64-bit PCs +ii linux-image-amd64 4.9+80+deb9u1 amd64 Linux for 64-bit PCs (meta-package) +# list of installed kernel packages: +4.9.0-3-amd64 4.9.30-2+deb9u3 +# list of different kernel versions: +4.9.30-2+deb9u3 +# Installing kernel: 4.9.30-2+deb9u3 (4.9.0-3-amd64) +# Running kernel: 4.9.30-2+deb9u3 (4.9.0-3-amd64) +# Last kernel: 4.9.30-2+deb9u3 +# Previous kernel: +# Kernel versions list to keep: +4.9.30-2+deb9u3 +# Kernel packages (version part) to protect: +4\.9\.0-3-amd64 +*/ diff --git a/apt/apt.conf.d/20listchanges b/apt/apt.conf.d/20listchanges new file mode 100644 index 0000000..1768735 --- /dev/null +++ b/apt/apt.conf.d/20listchanges @@ -0,0 +1,3 @@ +DPkg::Pre-Install-Pkgs { "/usr/bin/apt-listchanges --apt || test $? -lt 10"; }; +DPkg::Tools::Options::/usr/bin/apt-listchanges::Version "2"; +DPkg::Tools::Options::/usr/bin/apt-listchanges::InfoFD "20"; diff --git a/apt/listchanges.conf b/apt/listchanges.conf new file mode 100644 index 0000000..28cb19a --- /dev/null +++ b/apt/listchanges.conf @@ -0,0 +1,7 @@ +[apt] +frontend=pager +confirm=false +email_address=root +save_seen=/var/lib/apt/listchanges.db +which=news + diff --git a/apt/sources.list b/apt/sources.list index b4aab5b..9633872 100644 --- a/apt/sources.list +++ b/apt/sources.list @@ -1,19 +1,23 @@ -# deb http://ftp.plusline.de/debian jessie main +# -# main jessie repositories -deb http://ftp.plusline.de/debian jessie main contrib non-free -deb-src http://ftp.plusline.de/debian jessie main contrib non-free +# deb cdrom:[Debian GNU/Linux stretch-DI-alpha7 _Stretch_ - Official Snapshot amd64 NETINST Binary-1 20160630-14:29]/ stretch main -# jessie security updates -deb http://security.debian.org/ jessie/updates main contrib non-free -deb-src http://security.debian.org/ jessie/updates main contrib non-free +# deb http://ftp.plusline.de/debian stretch main -# jessie-updates, previously known as 'volatile' -deb http://ftp.plusline.de/debian jessie-updates main contrib non-free -deb-src http://ftp.plusline.de/debian jessie-updates main contrib non-free +# main stretch repositories +deb http://ftp.plusline.de/debian stretch main contrib non-free +deb-src http://ftp.plusline.de/debian stretch main contrib non-free -# jessie-backports, previously on backports.debian.org -deb http://ftp.plusline.de/debian/ jessie-backports main contrib non-free -deb-src http://ftp.plusline.de/debian/ jessie-backports main contrib non-free +# stretch security updates +deb http://security.debian.org/ stretch/updates main contrib non-free +deb-src http://security.debian.org/ stretch/updates main contrib non-free + +# stretch-updates, previously known as 'volatile' +deb http://ftp.plusline.de/debian stretch-updates main contrib non-free +deb-src http://ftp.plusline.de/debian stretch-updates main contrib non-free + +# stretch-backports, previously on backports.debian.org +deb http://ftp.plusline.de/debian/ stretch-backports main contrib non-free +deb-src http://ftp.plusline.de/debian/ stretch-backports main contrib non-free # vim: noet ts=8 diff --git a/apt/sources.list.bak b/apt/sources.list.bak new file mode 100644 index 0000000..b4aab5b --- /dev/null +++ b/apt/sources.list.bak @@ -0,0 +1,19 @@ +# deb http://ftp.plusline.de/debian jessie main + +# main jessie repositories +deb http://ftp.plusline.de/debian jessie main contrib non-free +deb-src http://ftp.plusline.de/debian jessie main contrib non-free + +# jessie security updates +deb http://security.debian.org/ jessie/updates main contrib non-free +deb-src http://security.debian.org/ jessie/updates main contrib non-free + +# jessie-updates, previously known as 'volatile' +deb http://ftp.plusline.de/debian jessie-updates main contrib non-free +deb-src http://ftp.plusline.de/debian jessie-updates main contrib non-free + +# jessie-backports, previously on backports.debian.org +deb http://ftp.plusline.de/debian/ jessie-backports main contrib non-free +deb-src http://ftp.plusline.de/debian/ jessie-backports main contrib non-free + +# vim: noet ts=8 diff --git a/apt/sources.list.bak.1 b/apt/sources.list.bak.1 new file mode 100644 index 0000000..73cea58 --- /dev/null +++ b/apt/sources.list.bak.1 @@ -0,0 +1,25 @@ +# deb http://ftp.plusline.de/debian jessie main + +# main jessie repositories +deb http://ftp.plusline.de/debian jessie main contrib non-free +deb-src http://ftp.plusline.de/debian jessie main contrib non-free + +# jessie security updates +deb http://security.debian.org/ jessie/updates main contrib non-free +deb-src http://security.debian.org/ jessie/updates main contrib non-free + +# jessie-updates, previously known as 'volatile' +#deb http://ftp.plusline.de/debian jessie-updates main contrib non-free +#deb-src http://ftp.plusline.de/debian jessie-updates main contrib non-free +deb http://ftp-stud.hs-esslingen.de/debian jessie-updates main contrib non-free +deb-src http://ftp-stud.hs-esslingen.de/debian jessie-updates main contrib non-free + + +# jessie-backports, previously on backports.debian.org +#deb http://ftp.plusline.de/debian/ jessie-backports main contrib non-free +#deb-src http://ftp.plusline.de/debian/ jessie-backports main contrib non-free +deb http://ftp-stud.hs-esslingen.de/debian/ jessie-backports main contrib non-free +deb-src http://ftp-stud.hs-esslingen.de/debian/ jessie-backports main contrib non-free + + +# vim: noet ts=8 diff --git a/apt/sources.list.d/fbrehm.list b/apt/sources.list.d/fbrehm.list index d773712..7e43b75 100644 --- a/apt/sources.list.d/fbrehm.list +++ b/apt/sources.list.d/fbrehm.list @@ -1,6 +1,6 @@ # Packages Frank Brehm # --------------------- -#deb http://www.brehm-online.com/debian/jessie ./ -deb http://repo.uhu-banane.de/Debian/jessie ./ +#deb http://www.brehm-online.com/debian/stretch ./ +deb http://repo.uhu-banane.de/Debian/stretch ./ deb-src http://repo.uhu-banane.de/Sources ./ diff --git a/apt/sources.list.d/fbrehm.list.bak b/apt/sources.list.d/fbrehm.list.bak new file mode 100644 index 0000000..d773712 --- /dev/null +++ b/apt/sources.list.d/fbrehm.list.bak @@ -0,0 +1,6 @@ +# Packages Frank Brehm +# --------------------- + +#deb http://www.brehm-online.com/debian/jessie ./ +deb http://repo.uhu-banane.de/Debian/jessie ./ +deb-src http://repo.uhu-banane.de/Sources ./ diff --git a/apt/sources.list.d/salt.list b/apt/sources.list.d/salt.list index 846108d..9383dc2 100644 --- a/apt/sources.list.d/salt.list +++ b/apt/sources.list.d/salt.list @@ -1 +1 @@ -deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main +deb http://repo.saltstack.com/apt/debian/9/amd64/latest stretch main diff --git a/apt/sources.list.d/salt.list.bak b/apt/sources.list.d/salt.list.bak new file mode 100644 index 0000000..846108d --- /dev/null +++ b/apt/sources.list.d/salt.list.bak @@ -0,0 +1 @@ +deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main diff --git a/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg b/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg deleted file mode 100644 index 02fbddc9a4e0fc0474e1befeb52d27e284ce715c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 4084 zcmZA4g;x|>9>DQor~!!qk?s&dT0$ua=>~@eX&8h7hEeHGNokN6N~H$|q@}xa=toJ3 zw4}hw+qY-;>>qHy_ndn^_x{dJ2NL6`doYe*fdLzS_CkcoZilzk$!7{y>uNu>hu&sq zw5jk~A4OU1`iJmx>Oqv=$fBF=9&EPQQa%ImVcO{S^^1IHDcy_KXvIXn$_(l3jz?>F z)ogC?naO5KIpZoqYU#$pMyp1ca0ykL6;nAww&G-lf3_)VU}W+1W}n!lgBYGOI39OV zP)6`pob;Ho1~t#(wU6wPuK~3j zpi1XPNKg@Z3LXuLW%18dmt-7v#(%Ml%tDi@3z)JS^(ffDeT=u`UzR7{;(kjCCuR;B z{Kb^NrCBWz8w^H!O;L0}MR1-bU3t3kg6CEI>=hS-4#}mX;-yMVRJ2}M{UF?%3H%+w z?`|Az(&4S63#2|}@N>J3U5|7d;dhLPaieEcl9{@$Oyvx8H&}3&tr{@uiwy|hmGU6J z*=ZXpqHSCv#Ka0ok2;5YWav+bhS#I9mTAcvL#EUMYt^xMBV2BL$Af8V)2p|^dP?$Zlnyn}EBT+s9es{MwwzgijT+EVo2v=uIcZ4lm#^&$Ud@gW%=}4dy&V4K( zfD=fEjY~kn5fK1n!~#+U-~!b>n3i$x5rFWqaUXyP2=C!i0Y?KjpD}1c09sytwdXIwTo=~+ znjt;2`0WAWD?Bx^kh}5qU+w4<1_jsjQ_O4b*9yW<%==awc8t!31jgdZP7ab9Do)5ASxUKgUD7Prf54AaS&Q!!;LI1si4?B{d-b;8A(WvL6u*- zpk{{~F5z)L;>Ii_$G0J`_d4~vZa5rKAG#6We})er6(+E;iYWJLIbiTSHdN8 z?IVJpcr=~!sJ2l`l3H2)X#paEe`0?;3j7`8#iw;g!2ft=p>;qYT*dkM?OpBp>@8t1 zTRS^G8(V%?7bmE-Cm+HCakuR}<%mfo2S=xc5*RQ}_G}~~)nnuL5H`fbMNimm1TTh5 zs(syve`1;3HqDcvw8_I;TmE4CE5UT)qq)y{#0fOc`M>AO7dqlyem#mt>H=F(LiqQMbWhAq-P{V0hd;&kn;`}{cEh|5{Mr~Zw z+ne>t-O$}+7qYXhsT=0xGI@+Em7wI0NG%7cSKxg#%U|*8gEEuDK~_l~46VP>!N2Ne zP4W4qx^7Yy1M#eQvzY2z?e*l=2ucP#K|-VnHZkw^*o1+HJiiok(Qh=Vw_zKlDf4Q6 zbkz?1Z-F!1K26i)NDg5s?Pp4)|Jztnvob7T$ zqzPR|1U35m<6q7kFHTyEQnML*HLfq(avcw;&T@#)0sz>zw&37NV0h;V?_Rps=*vhM zr*6n*KgghH^N5JusF-QZN7u(@fUkB-XyKGk0xE%*oAw@u!;{=|(2Qh!+HzDQKB(7- z#7mDI;&gI@B9^nHq+{*!nR&`cMcsaf>3?CevEB(04s8I9?&7mKy$2wJ$EMF%jM0b3 z%KQ8pYsvY&nV!l3@2ReqnMh5KF_{aKaREtQ|a+UL?j#uBRV*>UX!bx>*2O&D^;lE;)~fMNWX;- zbjzoT?`n>S10`poktL$)ehW@ftw)%o*s`3d=MQ%Y#uVsaef@29gpn>{W^EP|Rvnz! zT0Y&<)I7Nlu6jV6z`{;0YoE`4Mb%vXDqkVe9bHmQT3-ekY*atN#cKvgN}577GOe%1 zLr#`Yl$zwhGgCtOAgtV-5A7ij1LJQ-ZgvTRa%|)-0*E49lCw1rtIZlKEF>e}QeCw)V;_F>J2Kql%HVBPYit?AH%vso$LF{HY;(czX9#p^dNG6z=Q}{q$ zR2aTp83eRC|~Q++WS~~!qNU?dvV#Wm5{5k0BG47JSGQ|eSyYz_0CjRcL$ZsgQnlg{*!bs<`#6MqxI z`X3?&4tGS%`>z1`>h~#MSfq6Lognx8%0wS8@vP>nT!hb=hiwTP%0?F{?FRTje zZnR)8CW5>Q*;d}x<2qKDRw0Uel1i&ywM}O|Z==)f8{k6Y^3Gy45>de9#jnp^He0r| zy%W5Z=(}h%ImkE+|LODN|8Jy;=-mn7Qz4cCGeeY$j(}|T1u>aLGHd097xPtd8h_F7 zqj_NfWP+aG>ZQnN7h;7c&QHXuh1?9Vgiqv@5} z_1L`})mRkVn$H2qvB&4t!rruqA$`3<#);yb?tt9C|KHpF&kQr|yoN`CIpPIR_;h2Dmy^Xu zh7}dRvydPbdg>jzr}L|#LT?N#Q+3HYscC)%Vv;PC9VoAR+}V9B{EDBaWUX9>B);z0 z@+-q*Y6+K04-bS!!$YQo%t%<*6&#OVDC`Vy(%IOdrZZ8I;MBsISV~} z7m+~kD)0>teoy_8GR%^~bdOv9;1YW;)VxcbZ6oZ{NQuyV#Qh6Qj9U&_7+YkD{nUYS zi@|r)IM8*Zf<|WfOi_5hn(J&$B-b=~t&^2sJcy$*{P_JZpTi5L`?Ksw^=_WD)t~+oO<5voS`nGAIi5}E>I+mC*#ct+2kiULp!Ui!furX zK<+rT)ZBoD8|=?`a($hdGauixf10lFQXnDP&$fRbR&>!+Uw0c}=|WdUzeSYqyg~eU zhIX0gA};2j_$ z3vyC`G4N&>$j}RPIEmrY|HfplFgAR^{+x(Pp;67AKjJ%OKKM8uT-L|OuDiN`7J5pH zGGK~2wGdNe=JOqNH(ZZX+@_M)5?}d*hK2=`Hct6!)Y(&Q0c>Q0?B_mE`vA8zDi z|GfX}=XXMUV-_PjM`Anbd;vNBLA6@cH0Fwx5<#=&QM@&Wlt$}-9KQ>m&4PqFoH_rW zc=dG`urprlzXww!kRFHpKf`2w_b#@>WpgWVOd9Ey$6yi}6^ zv2my#&CuU3=C*P{acLqhXr1krp8*vF+LzP?h}vP%U6$5dY_RGJGBq2&W*%G1%TCZp zfbIChP&{E}sW|B>>*vnV^>uv0?}!(Q+t;)6c)TwLc(_0a0_RLp$%u9}c|9SPJVY*> z6W=`ij044Rl{aR&T_OLeC5UzsG`dN2xR-ZJ>g`!uc59JLf4P$v^DNoZrkP7!a0;S z+I7+>?E04vH?fUo-zKVVKb}~t7bEzY)@O3;7-L|sP4xZUsZfQGJ2IByrrzj`5C5mL z%?A-xcf&Is{fCSW8BX{|Zt>jd1ajz zLi0gSJh&S1Z2#1)FDJb(ucoX$46!lWT-FDZWN{N<9Nj(#T`7Bn>yersPtMY$)Vx&L zz7S@dkbSSyWnf*Xll7hM(42A@pom)+?~7^OKJc&hM!pD8D*(v`3>bV@*)tAH+R;rP zbhDty(+R?>T9Jl+U&jPknI7J+tpusNOO%fDa$WOx&}jYny1lN7>7pV^^qRtMZCK8n hWJ&NSaK)HZT~m7e*wg^b?E>A diff --git a/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg b/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg deleted file mode 100644 index ca93dba3f6f562562c6ff0598709dde9f47df40f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2853 zcmV+=3)=LV0u2OAT&C>-5CF}=NzghcKfx8X>VUUhZUoau3uZrD!#Vqw*j;?34=;pV z@Es12&?^8!*a}MdB0z?Kz$vdZKvsx@Iscp zAcwJI6P3M$ISNF%oS?ZNTBNb4M7q_{fInR(>t0$ceYyRNcwl@XIC6!kt_Ec4ckATG zG18tfCj}aj2o*$&16S+7iIJZ-TLI5naj?V*S-IDDxuZ&Exa;h9Z9Q3;@OB{^%po#;!By+~$MqX@D*v+3dZFXAy z!AwEKE?XJ8cGNAsS6#cSl*^H}UNXe@_w?-Ym=~=4SMK*9rSz`&W!4)S?k7pc$B44A zqkzEWuFAAe)2uoM4Iz*5^<~@`#TIc)JY_AXn#DzS!-Z#K+7YHu#q7Hw526#Elw^pH z98G@@WgOvA_RsF4zId`JJ{WLZUR8M_Nqlhi-|E51ljLe(c97&=nzwUWMRcz2I_0!k ztq^fPB|Z^Xi9eT3xuSSj)zzGmk+!;rBvS~IzkiD*xCF2+5scT6&NSgc@;*&e*GvM) ze?9gDFWpc0K!*Sk0RRECJX3LXWo3G0AX9W9~I~ax#m_SwD{Np7tj2T3%y6IOzMl;>N$lRt}wlEy^cnMawvFTjl@J(P7E#bcL z%&%%+2U@Sig$u~;$#QW%^?9hJ!*xTEQfz4@&aoxccF_|U5fPg2-Aw{lFz|Y5-L;$= zRW5~;XIXliR<(;}d@bi|T*#4?$U|&47BL9#bSnUy!md1XlB2(vZe}jJ4>XB(qNT$( zi5^GOqA<_~?bvPf1_P-;#Pi2zs#ePHDVnmaR$ZIeHiK0~l4r@NR~!JCirkF8h5s^T zYyAXcxW0X8&)#xI#nhx!yZ%gPcceT32H3%S00ecZOlRWQ!S95IM0B$Eo6KuSWQZo9 zJ9F>&@u*`@r$1w~Boi1=i)nk%+-JkuK`dbL)6t~{PFwjhPIh3LM*mnloVq71YjsOF zk4!ufBuc=-l!xBM={1*fNudc5Cd1SqJ;|#g`)X$sxISdH0SpgpzDL(7C7KAnTDPuA z=m6YwuIR z5KzNoO*$zY`OV26|5=sVLav*JQsYJp`A7O~yJYl!b9c=~>3J;3ikk}7v%Z6`eN|@h zx3)g3yDj?JH>ric=*Qz{Fx!Z`yng?4!Aj2Kg=}1P-LHcv}XT$#FI9s>*!S zayK$}r;8q5Q#jHsKdq?bL_pXz-d}sRry0od>tL&jwAXn2=>r|J7fH4Z2k`2~T5R=} z1*lc*L^3(d1A%r@oKfCT~p+0f$N-yUO=~XA3#i1s< z-n_a@GijcJF5vr-%|Qqh-^eOrf6ZiYf)w@*Mp5aN8xh zn1AK?T0>q0GNb`TA;GnGeOG(Pi)?^}nt6w1W5;IHD zsKb2Re9lnfB*pkhyHya&Xgj~!p*p=)IGG2_*aju9v=zr1vAD51iZCv}aIv`A#Rx!JcT)TjTI(W;i!WziHVyBQZQR1dwY{#1uS%LqjOw9WeE~4d_hfC6q&kkP1 z{4{92X?-}>)WM}vDdPJ^2aqB{OR;eCdZP?aW(sX6rV5A`9Zpu21JgWO*X7ukA<;3D za_E$(jS0#UFmo#la3(WrIfcAe%JPX6HZRB+t2V~rFp4ygS z7z(D%Zw`O5yTb(f_CAy1KQC|^XCjuLbV;66WfPz;Kt;B_i^wHGpHK{8<@u2jX3YBM z6z|D*HeFBogXWvpE0(v^8DtBe_#d6=88W)c61^5-R7g<>n{7fz-k3KxZQzP1A6IGA zhqr+hL?T?oR-P@lqN5d}NAYDRO9Kd>)Ua`13Jl{h`ayBvXUL_lKdHlZPeo-=SW-o5c#fH4M*wMO02A~8>$ch0z zu95G_3BJ=*)flrSimsyU7Z761?IQXe1n@ibL@g^)0brp5ya*D{%&C2oth-&S=DhM_ z!u8z!ZPV&P(71iwZdn%C+q+pTycp?qEGLY^LPaJ97$S}I(&`%Y#U8^xj4s2V;;;e$ z0Ek8e5D^Ff1_c64T*QBUTWK-2%q8pf&WNI?3}D%b2{$yhtx+zo$vnC+n9e~ zshg(pP^X=n~-Ux zA^QmEaCObiL$Qbk!*ZLlUZHU5TUD_&#byibxDaBKESII#ko*qPahq7MqFkI`0Y6Ro zZVO67deLq7{D~dOz32p7M*Q*tc~rhA#GzN-c(S=Qu_u%Bs|)aUGj-Isa!e!2CpjUU z;8WcU(Py`*qyf0&XIv+7YGAJH|C!l?5rTSjaJEh5<_JagcYT~^Q#w3|tkprkDaM#a$U+%I)xbNGH=H10?Z*z3T8P zD)IijWBuRaMi+wIU0!QT64HxPvK#e2&+vSbz`u*xgDqwnxl5?nmJ9xNn2|Cy<3$Xw ztMKF8)<9)cK<>5{4Mu3f@!rb}hIvtKgI+NY1M~$wwzRx~sh*-!vG#p9@IDqtq{!6?`Qp$Y#NY?SR;l12s4Voya z`V^F68ZqeOK_>xn+06Ea>yI;0+!vNkBQ~S12DLpA{P?3|-CiLpq#E4bW8oj`Y>xfP zCgKLZ;ZB>v2+Wv~P(x)53Ds4DHSh>SmW^ltIHX1g0-foyda{_#*b1N@kqKkH4@^ic zH=(&`@PSvh87x&b?mLyS0~{-Fyp3`)ie+6%RD5KqbL&+O1i9}ZLS|Or<67dY1}u}> zl|9schwC#TQYy==-B$Qu_7Che6@N;JX-Ia9&doD# zwmfoeifsy?mvmiQ?$8*Sk1OmfP2IoieUsO`eR{;&I(_r*cokQMCYr=V4O-qi!fnmf zy#suK$z9yzM>4g`{P9>YGu-ZtVl~UC4^oQ{Ce|nPyDj@b8rAlNUZ$&IwwF2s$=6jM z^vcOeN=HdrJJ=lZvWMk<`L?Di_pSqJRrRk2+w!_%Zhj@Lhb1n+7YC1YDOsG}Ypx(9M7R_RE}ESnFQ)mvw=c>a~&VOZABIAavGx z5V4UB9bCo#9b7pKvH9+!)mwyugiK!mE&>1{5>W}60s#{MC8R>$_)fXOI*Uht6=qpcNIZNhN&e*CTef8ZoKyoN6+cBa1BC;an`TjY;&-G_~w78M#Gm}r3uTToVT+SBCorS{4RFsPr3+; zUtnNbMhC}J6gd-_jj1x2$4Ctd?AzmRviC1rRU0@=wb!R(3s~oc7PSL-X#)j#^GzZm z%*P%BSu*6BWQKqRo7J1OwN{=LqYTUbEpgy0|AX)CDzTrLG+leY9jxkzkI%QntP*dT zuQZ|)sdjd6Nfa;=6ys-;*xIbv-#IYT^N zM@49CBD(Pie>|t8D%+rM(S2{Tz?WY$2w&%`<67nmsTty${9nX7U2{At)HC4#Szm~bk(}(GZrxA83p>xT%h4pYZGW@0o5cEyKUKHgY#@ll1iIhq>h6O%g|cvUGUX)6}~G zYijeu^9*9Cvfl9Yi>-em_uD}`I1L|G(Cxw+K z$Yj1}6G#M{Jl4*qI8ZCzx5>SR;t~`t8&8v&&cRr0dQrdnRoVchWTsWq=!}!xp$o1veT34PMT0b@yW5$rwhd|UC z$=ie)>v$p~4?T|P2Xgz=xDo1d=4Y^Lzg6jYo0x9J5Do6Nh(N!+Z5N&l1#wapjh74QD{Z^zP3?NU#n{nS1XH`Ok&t5v2^Q>x|S;mI&oBchAMl~{AIG_3x2Fa zV<+1U&jXE3C_$`uU)->0E%XaRw#;w^Ba(okP_fe3xWT743)W*5A`Xg`2keZiHb32t zc?ELX+cJvw#zEQeflAmV;!OFxs$d=(NeJHgXXC6mGb|sm^DEBi^k>35dZUeYIglzQ z4nquUCJs3gjk*&tO4$={VN~+2nNdgji0%Im6-OFwM~TG*oI@R18@GPvnV|YHjZk@w~$Rl ze_S|(b6;7^iB2gVVHCw8CKYAHVq_SVz=XsY=(K@Ps~JwuI_=#XJ}S)KgiyO*hLaTQ zb;|D=8nR19@HdygruX-F>qOyLf3?bddH;=(zS)=T_U(>~&8jKek|IMXR8Um*l{p64 z13;5;O_wz)Saac}-*eBB5ToYubb)wq*&qUcAuy2{G(NL)G)y&FBJv!la>m-;Vf6IB$YDM%yb>&C^@@!wY6e+FnU3+;=8(6Sp8^BlaF8y|+1W7!NK zr$48jM|6_s0>{Of$7D-{6;))P^wtx~20v#_CizSX>d`cv7_ug5#~3^L863fAi9)+L zC%-+_DP-T{uGh{ByV0KNAMi5}7j(g3VkYs}GtCmeeo~7X`L?E604JWPmM6@G&E!L8 z8xwB%nQ-J8%-^6?<*kV0wpX#L*ge10tAo;kWowZ+7D)M6ygp4gzRBZ4;?wjbq@^7GD3^Ts6Y3*HuGE}3!ccjhZT2ySB8ecKo_4_`AcUQ!U)ro=&V#Qn=o zhy_2pRHJwW?w~MVHPyPqCL!jXs?$asHpRQSKkQ6)q&Boqt~#%BNu5Ca_z355U?109G$h=_y$KzxOO zNEGycrYWN?=<$_FEQe}hi+GaYMnbxKf$}n49e{l0?J4=2NE*+~H(wW*y(|>Zv|OL( zG9r0lHF{r(zlyhe_mc=&B} z=%nr8f~UTa_Ar8YimmHF+o<=eILZF)+MS!nmQp@zyEN~)=Cuc#`Q#q^gRINb1)Pq}srap8Gktn!ZdZ2`Im2ZP^{X<-z zhyUWo6k>I>62*3HcAn}x)V2~-oRI598YaCTFvX_v=fmH>()k*6MIyAWc<7av)1Wk7 zp{Q|S6)DmxQtTElUKZ^hvEX~@lZ_E?ONqzdb<2wfHDpnW;0-s&p?9fe&HKc1O_;^{ z%*b$yLj4g7i(yL+&I0$Y`kI#(lenlx$W-uM0ZrgOy@cmHriBZ_*%=!`B?piENot5* z+(7{=lzDtqP2_Oq1U}eJL&Haoz$3;nW#P7UcD%w~3eflfy)ymPCPk8ZVNE}xzel4w zbCmMUE8mjkf|n_r@rzv2^v^zmk$NdA6ph|HS8U({fMqu3Q9nUa-S?h)Z_?Zw!WI~D zV2Jjw!KaCggMbbY`9tf!%F90$jW)}jiqy)@%}Icr-O|aD%@Xe5U~XZ-W@gUrdofn<@VRsKN&kM0($nN+a=BGI(<#v%lgL63fdiyY^}|Ao@^&yDo7Z!scDvf$V>wL z;%(26P;~was*cZ*5-lg^UKxGPC#d}kCr6=7`|B}bq^+acM`lBPO+g4#?G)|FqZX1s zMv86csM@R^`aWIf@nN-vrKvH~ciAd_<(yni8=Od|Z zE|1*vu7}4{vD3k%mruAqwfuJ7K<#^C&ZD5q@3H3;HFqgmge-4=iLDn7dhMdi?&+m~ zHLg^`=#5#>6T4Jixg<035iju(>sfpny- zy{UJ0{XcAGQ1eOBQ9DJgoNCpq=Qi=C_yKj4 z=DU!7voyD`j!fAe#}%jLo|*--uGR?A0z6;f2hU%|emGZ3QE5Fs*`9rBUS)IL`FLJ~ zIv4i*5U39;1xpl8-B6`EvW*Za6qu?LAb-U4$DSE%$a+Q%e5Ky4Y%2*nMav=ANnbu{ zk&1MNhSu-mkk(QJ$qU=J38t#O$L17*7FnBGTmMzT|7$Ba@~@o#UHQX7_o!$+1?yOg)@8B+q>xx~ zRXs>=Zjx;k<%>80B;9X@70bo3a@4}+JlQegY`QlDY!A(D8Hr=ZUsW!TAQi_NBry`7 z!^vj4?busxSC)PVFq~=2jJdEqb>GjN49V&|;3l4y-h77CtgC*ug|K0)eJPTA)UAvD zhG4`&&IM++?vJDrqy#&cB8=EILkewr)BT0i+Ksm;zbjqtrwej0*YLLEI>&_}SB_%z zS{JskH&$@vfis@(okkyWb*6>#SV}&iDKpE&o@g89F7C&`V$vj?(ORvv)(6S5ecvlK zd_!X(*r#>dNJ}!M#bUjPSh$#;lkJ05rYb1>>L1fmQ@F;=-pPm)KD!E7i$Nnr4@hMW zabBGw9&HVko9VoxJ|K!Uq|Z|L02D+B5x2B$Y0G|y;}IKDpWE=Z`R$#zfY*N<*}^lF zPnN5JKl^(9^1Hvzz4O$Fi>qQKonHh^r1F-fe%L3rn0lhQ6Y!A7c~r1tD^cqBb#e!- z1DD(faYB`!Pt7TmqeDZ&d^yrG>LeCpJN#*xSajdQc|$rYt_)$m$ZL=UX1sR1oh>7I zhQk}mu*PBQJzE-aRpX?0wrf($IkiGmAEtKHtH405^4-QA8K8j(HJY3OIv;`k1k}8c zRQ6Rag+sgr(#gh*^Yxvy$s)U?zwHYOjhL~_<&1yH0ss3{Lj6O8?x_7Qk$<|D)iMqs z2G>M3q5qufMhr{)tpTot{PU1$`?fcUJLJbR<(MCZmvMu*Tw$o+$%Ic_*a98X)^4y{ z;Y&58a!Oj@Ph>t&{=Q5d$cEZqJe>L{NuW@~Ik{1i>H+bY*QIEn7uKD@uAn2l)7R37 zyC1}Yu6kY%h>|D5M=jfTv;baThKU!tmaTB=;S<*c)+8QiBe<_p36aGjU*Q$k@yUNS z`2lakT*F(fqRV(4s1fzV!47;RazE~qzSbM~?^|Ns?bl13 zI#-#U_83}h8ruz#A0q)(Aa++}S8bC0-cOhtT+Z*X+k{E^ADv%r9*Buc2957?Knn>z za->_xJTkSsKI&}-MZdvH?FVHr*1mhTs=Lf2EekWhXACzi5#9ZXT2=pk`@lksGX+M< zE(OcaXmV$GQJy_fNeRd1=1~pxRm*cri_d8y*G=`{p1%INIpI>7Im#fueQ?pL5b|1c zx6d6nE@)c0BnorNr(B*^@KE61FBT21-FbjA(|M>a_~f3!&V=l%yhsiWJAqyF*DX_# zK_gYlCe=XYPo2!6*Kg4%vcnC+e-#0jxD?)I+E zJH%3255wSQxDEk1(j2@vG`n!RwxfcCC@DIZz?8iD(a=?;L$wX8la%i*v0(IcgLKtw zF?pTW^=&^xy5vXDjq=LoJVLF>ie#1s|M}%t7(-)(TFGV(PBa&8g4LGS@9F`ixH$Fz zX?ty!PF!CoeS_8`^3^P_JLz|B373k%H0?v135Fz!pvqT`mtq3T)=sWVV`cno##kmv z0_3A-DG5t`NLEN|YS%$5jmD3(B`3OIa@9jteZniQiO4{aNEZ&0MsJ?9={27jIi?g@ zAji3+g;@2%;VqQh$yOZTv4@}(SL#~g{6H_1zIJo~C+L3|+H)T9p+&=b_%y4``ZNreVO(>NMJ6$^{0_)I!W;FN5$f_sZC>yUzIZNG2Y z63&D4rlghPi}N_ePd}8T&ZcV`QX(dNW}SBD$+@rwW*N=#t|m2Vokz?-KsRpE-eOSk z1a#Y@#BDZY27f;mewt|6dd~BSLR_qDiD?&+`MnDsTfVRem8d*}*sx7E#i8ljY2z|je0q?ViceyjixRzO8+YGMmAP5H!Mn?o<#Ucx{S zwAI3ickBNm60Y-?NT&Tq+d=Ii)Ep!nKnG4k)uLxNg%Bn9IaUL$3Co%pP&r7-E}hYMfUXxbEP9_Z(v@<+tkdF)&b zhHUJdZj%!&QRfy4w49iQJ>W}rWlz&9aM@iiA+lLEmyzF7IMw}bs@{P0H2PS5)Gl4= zm)AjcZN&TnyO1#g-Him02t~jqFO5g9oe8KoGM+z~r-2%Th|*Q7#igc#b13=su_M#r z%b5$%2Lk%WxrTt}THOlh@uS$5e$EScRl^r$kA`NS68Q?Rz8Jfy9zvqtVeL%iX6Z~Y zo2J6&kjS3xZ7F2^%}nY}#@HY@kcHtJKB1*gFs@^ zQ+*sgGbf|l-7&w8f>L^DEXgbLGp_SbQUU172m~^D#mEfowAPan>)hE|&A*@K zWk#m2u_)=^*p92b(fIN5==Lv>=Kt7O4#q~rto(3yxl8xE_8)4 z5;K4AbZ>d|FWY;yq}aFN=Y@yfBS9&yA_L#k2V-nxk%fqq@f<9SE~@(M+Cp8cXV-Pf z^D`%Y57!C*2y_eh&Apq5#GSvKzXqBkORf%Juy9|$yy0&=6&w90x&059NXweAu;&r-SaV&Oe2bMFc8S3M@Sk+Ltgb zfG7l>MPo#4Cat6b9#ieX+(^)JSPaVN;MYvdP)54bFK4 z3^YeDAWq!#z>$NbPuNXT4R@W0-%pCs;X`b1i9o^1nH0wL^8K#4ibM%T|w_h$lORq0fO z=qG$4zo|u>M5^olG`}sz^RJCHvI{ctpH!j$A8y)+|GH@-ivGuby4#HsndE=9UBZ2! z$eQ`_R%sxo5b}u&U*nAW(Vv|9^EC2z2>tWLQO4Ua%4%z$vzKzh&{n*rIQpUUsW7|lbxw&`Eppa{+i%E4 zHB{BTk-=XgBV^rG+(|{{*-p3aiB8j)X;CMF(delSh?*?HczoFUYxPpRclG$ufqTmz zt=6Oiz!o82Hak6)Wuj#Ct}Y%QPpTsE9@Sx|2A*Rp(poTCK&(`7TX7^`v`32CfMe3N z|85Z~^Jk4_a@GKYBBjAgSrOWgqS*ci{0v|=OqyF4k$&Kt>9Cche z`);R2?c!4!LJuNB>`^TJri-z`bXk?ZqFz{zZ)Q;EhmM`w;3%WSK;5fD_s+Nx*NmBbkSU3A(Ppc}QcH~3(N%1vv;m0%#E_#~e=H%+|B1Ng6$T~?3K-HsY zcsQT2fD&J*wm|C$W1^#}8WTfxW$BCW{(=Jt4ktHQ6_}{6Slmtb^3bPT#aT5GVwojt zZ;X!M-Orias1zLU^q#KoW>ruSN)$+awVB=xe(O28HQFUrMFU~Hw;|e~sxax3eeJr+ z2Yh)LeMabqu^0LnZJhFF0nif4|_T3?~BxHUaJ#QHLCYXMHAr*ct-tn3i`%^?R< zS@wYHfz|_J|9*ssB;T?e9Ajd?7HC&kkw&^&MR0iwr8n+jTAOI>8!A3^F~`*3QTyQ| z+iLNUlg#@7Pky>RMk6#-H}ectj3ZLnCM?7r_m{~mowO}CgFAD8h5wg9^9n~?(Xi;G!oq13BeQGB|xBYXgnmiJHed*!5xAGm}I_r zYo=zVemULs)IPfEUTfb^7Ca`3*NWbN^KBT76b7#9T_EL^YPh4o@?vsx0@~^1Lr&V1M6L0 zO<%SK7K*Unodf;P)nu+z#))*5)@tsuoQL*1K5*gbY zU-DAh8lN3z^m)wSFtKQI~0|PostU)123C=;{oOZTRUauL(%QsuZ}2+tl)1dQqLC8~DK<2_>*8 zB8>=h`(m6-M@(YR^yTINY-ffazlScJhmjRYP0R3Jt~s*W_&!?K!$mm;&UA!b8#1Y~ zCe4G=>asn(KtLBwH3f8%6#+MV)qwnbFzI|aAWhs=+iu-}x)TfPK6HdF;la14+c0Wt zwW@TT*8@r~6)xJpeV7JjOlF><@Q&M#1FIOF2Ssw$C4Am-oDpE0Wwd^@wc5N$TEipt ze&Ynj@}NTypcyu_GBl}^xqLOAng<5{?%y2OBmYj*ad92evi$TR^Q6Kvv}*6%@>>I^ z%bc~iN{3k;{m%*E zif{a+A|>N=N2?QANPP4!HA$r?A2cvtmrISwSr9<-wy7Wi;aE~BNxZ&hbVuKrBxb1D zbT5pvZTS_AEKSa>*UOKuaaa`@Y(^#Iw14q*7i)ETdCA`*-o>Jn)oHVD>=-RXn;bHB zhdip}n~5FZI>^Zm9*-(N1IgxYM{;bV%z|hDO-UV)82Oh6#}B`g^-ejYz3XV=-F0HD zdEyRfnWPv;)7w6x?lcZM1+%IIY25FkAEpUH3mbC2dyuN$y-N0D8%*xx*@yb~Z8?7k(4Dp5vOTNd~Qn$GzNMD%ddq*+)sD4Hrb_eB@sR4p$S zGj^;xlbLm^ThBfR|IV@*YZoF*^ImctCMwLAb@6^=sKd-A_6)ra9)R%wj_UEDvq`dP zHO+Xb-Fby*(zu?1q3^$;+JIue=*6IPgu!FGR1GA|SU^!*d1mAY?KB9y_rsvb6RJeW zM2@jF-{1Z|WOYfNj}Y|a{ur&Qja=;T@um~TgbgO84Y*V_R5l-L{jR)wH>N|+JN@pw zUm(tY(%tw(dpwiYTQyx=@B)nwiMkbEr#nw_WjDx{zt@4+pi>~x@Wp7O@ivgFlU*L- zokz};tsnf5)HV3ylHp;9MKjNBqu>ay59wxi8ADDbKI1<2sG*47-eR7Vm4hLdYL24I zncF=)dl#RgND@Copm6Hg3i5J^!`>Cx&!{bl2V`6x*qM8nAZSYqg zjrmHsIa~8iykya+pI*ic-sFb~zj(7xN2hhsoDrz|UH4<1$L@kM&Gc)#jb3AQ!qV^V zSi&~%%JsZC<_(@@`={G68Aj+m*Rk!Nq!D<(L~Tfs4a*+wn}R=Vb&QpYTfQpwEeTY& z?p!KqEzbX@3gSxYNg7RNnh-+zs>VhUzLoOJV1VFzUqq!)WjrfJR>e6byrr_v4-<9E zo>WQu@SwfnDjdEO>bn0wR9soOUn^{yn{)W7c@U@iFtpvkw$PZ{2xT!}>a+N5P8%gR08M~C zep>bUw3D@&`iuQ-UU2iQe({dIHv6z||m zFyL7LvKigCl72g=%*d-Q!24$W@$ADR+wkDV{KF|)m^!wYF>#A`WFR~VI|i=nP&ViGrDmbi2m-1*s4Xs6nlTUy{lnQ!Ul+c$t8KBlM& z4z;$aV#y0|9Z9Ka{az- z;w@_5IB1DME-F-Wa(*dO|5MYakh7cP%DG|sF{U1Jv`mPp4N6O)S|YYu1=O7 zo?v$gn}5HA!^IsU_8wjbi2o;0#r_Y0%5?!xj(~`YjhYKUL`OwIMnEJ)Lq$PHB!WkP z1He{_L{tQX6ecQe=_5 zkv5Rrn%1KHo}g>T9oK_h82Ib(b^G_ed!4i}OKO&8|+!U66C z~L8os$;QA89=$^-*X5#%w0stpX zIdOno2FLYS@YR=x_mVE|P7Gyq-obejOyA1wy8}kJ3K;8#Ro&(a)>=p!BLXl&*0FK| zNpZnXD-DZp!p$xAY;Dk)c&&wgN`AMMv`l|Fzl^l_o+C;)X%#-faEkc z`c3b4h0s1jMDiS)Ux9QD_|1CKGbT#?{V;V9$Pfu47PELp`gacyf>z}X{F~tFN8$NEUtQuEMWBVyGS_$ZQZ`Al?UvkQ%yLoIl3Y8b0 z^$*tVNqJZ&rEpU(M|mOFR>i(um_*BS|Y?qXIBcv1G1rcdTo26S9mu>C|eKXBe_ z;L^Nt{`JP=mgC%IZ{^`ES%%hyidl;YcKz97mhOI@rev+KU0sqfZsNSiIFx<4ecXWp zMYo!mbH=Zj$wz9z(Jy**UUXv%zKsKU1nSQ^{_Gqskk2qH*1iICcsjoo;8Jj<49#b^ zP*&Nc|CY%bbnziaayvA#mkwI5b-f4cg0MTj#`Dy9a($N%cJf(LJyi;H69>G{_ZDVI z*ttd@J@m>pyzVtjKiJaKqL94+G5PfSld$*o1B#>gkn^z7OosO+#T1Xw8oZI}=L^E8 z98@!=MntK+yLkpM5(4BTs(1L|`0$U^j%DJdB_C6QSb(?ZLrd?M?xK}1Om-#&7o&03 zT~^+&(aw~WR@taF?|I!TUqXfu0_&+e^P(ToxXnA74a#UswG#*q{g+}!E3Q5?f!>Go z*$x{@U@%n9MRJswL>}o2p2(pZen3Fj#RK^!{8HH0O{0B-U*app-;OA+ncCPv6*fk- zi%IHYAcb<`lr%mA`_^AzEc9s|Y<%}D7ls6MwN($nelZO3Ki8j?jx4Q|JL;rG6^Ze3 zn)zIAEgoYBywpqnV+-&ep7)O}GyugPTmM_r|7$A@_E*k7-5>W0_KOs`L=*y0bH z*p*Ot1B~J>r|+57#oJAX9KAg7=tRifLKq?hiBZGkd-mN{I&{N2==M;&VfrQS@NtW| zIpP(pe8nOnmEd!%{f~KZMNLCzzWzXYZc0-BGPco2*QXzp>4j=Tc3upjZQMpd8t`L| z1NPwck2_6^*cC}H@v;bk)#0?0C-*+>S_}r-SfzKhSP^bNuQq58@6B1>OKzYWQLJ_; zQH)AgE7Te@Kso(*S>L7Y%8a=8NFnpM3F41ds-h=M+OvL6!}68ZLiqIoeJ0 zHHvVt`g03cH0Iu6NtabaCL1QF463!xM0z%>9@!7KYJH)2p5gHcr{{N)-z%%2vgdOoC%ny&7?xzunf%7q@G;Clbl>%2?9M^q;7F^2g0cwU|&C z(+(jYx~qC86&BNGmGF9p$e*#TR5X7h&qXv0)0*cftc))n$RV~rY(>_cscH+9u@}~q z*C&bd!>?lzakCdq$4N*|r^elZ${#CwL03urWThY2LsV95q)r@>Xj-##o`YxL? zqcV$lfloiXJ}jS>AdD$qK{43`!g!PqNA)Y{AeY!=fp4eg1PSHHz!lL=GC5kJm0g?K zwqXOyZ$H?i{|HXnG_eCXp&igB#nM{Zm;`~S z_}6ZZ42u2AZ+vbEp0k_@qoOIxZm3}x{0owg7YH@6$fMv zq6r>aQOv^np>`@N5p9#;9e_jWcoU{wq#ZX<-wZKQVl%XUQL96&o$#_8 zmgLtJL7BA@%MmwU(aA!yufHy|M65A-DEe1obS+8AyFib#t@ur#*xP-cPO>6HOa@3| zg1a{{iE5gKIU$4ZO*Uy#Rx#%USW<3c{B$C(nF1we54&fp2~GQ&3j5L1!-Aw5ek_JD zwbIl|BEmoRnZSR1fAKO-Rp*m1|0UkM3eI-T6p;05KI`Ldxkm)50t@&}a6m!5-y;l2 zL_Q_oEV58XZJJt)#&4Cb6*QM&grHj*&s`wbA-7Wkdg;RAq(CleZpfeZnaNWnIswuK z(#*-4*|frHb>0l+_Sb{WoZ&EAZZsNs8sdhOW`?SAcsBPN<=K?#Ttuc~blMR*b=o_Q z%7-T->JiHNtC%*>jPNx72azb=zeMt!k{pNhhmkVfv0r=w#?T53&EV-%5YIwl#m)N$|Ba2Cia_8Wer?1^A% z2S>3}#QC$-pcBE5t%v`ZfQrMn*)6M0kPGJWXP1k#GnpU_BYwuPEKU{KR6H9mo1Fzx z17%g1vO40n66U>|Ri>FO8hfM*yZc2_X-zfX??GwWP)EL>79<)~$snS1?3D$vc+XFC z2%pQQcEaGp@qt!n%w$Vn#S$Xj`Zl7n4=gI+u%)(essRbqPef+_XHDjtu zI@uy6pmDEz{Mq?dO~|F(7SN38=79ZVbvbQd)PTHQ52>V!7u{F=a2%BsKx+MM=FbGQ zFJidfEa*apM111h=9X)9je(W?+R@-!@nS5s$dC~I^1CI?u@_tgva_O`H78{+1W zPOa!9ls`1oG1atjvS=C#)GtDN`x|DKMzlwf8wJyYzTve^88@ktEAd~OBZP^`4u1`$ z&DHbjh4q8N*%wfMBY4F38JnrBl3oB36aEru`_I+&A&YK9sjFB;s6#z&hlJL!zj7z) zR{Yj*FNC~1^L;}CEBm#$cU!ulU?$_Q+sQPisqy9RA`ai$+ufzS=R@!XHYS}xa+Jhi zfInW(c*~jwdfW5C)FVY^x?SR}{MmFAmH;6Sej0JpNpz*D;6n)Dz4pQefX!itDl(~X zAUU%j5t71L&$rP<48tc>wkHjFRRSV@T|e;?Be3LKriqrCQan{O&%wu$-3F#%c|18( z*d~$BB#n>s4Q~7@CUs>wy^h%r6Ez=YJvN>dzf3eU# zjG5CDTy1=M%*ZQKT-c&S1({^Zo3ee)`LM9zx}eeYJ-%> zdci^7kq=E@bt}KPNoUj_xZJdvbnH*yb2_4rGRL>?KeAt^JwC!hKmG1&eVQeY*Ba7+1Nm7 zP$QEy563JEZMl}`nww7s{Hb48F`NUa^yvLW+uwb^$dB}et}Oae9a@OI;pd6UFG ztvix26J&b6$V3^fybMv@P~Mag7Th3Y5Mq19Y^}Ye*>ym1RSkC!D$rbZv>QGPEo9&f ztyZEQ4^vw?v9Ph-jor`JEB%br{d6#6**n|C0n>uElr1|H+;07dIOS z$Mir)$kDmb=bmGmqH$3{7Rq|2AzV7bQ=`c$53f0)jzWaWAG`s&enu=?{Q+}WvZIMR z^|g0pB(hL4+ANV=UTveJox_48)fWLj3Ys!-yi+zzwuVw;t|$AGWw0U41HsDx$!0Rl zMO}HFoWDsi>crhQ2ySUA#=TLmEEd%MXY+~6Q)rqCkxb+eF!`FZk$cs#zE%mqb?a!k z+NNE`Y6D}5Y<8-1Z|=a{KFU-Z%Gkdaf_-pU>b96i+OU;BtTrKf$p&`|OhJ1{C zlih-cctJ$!-D_03!Cx$;akoe_K+uqKqK?l~DY(n7%v$nl?BHrhcI>88baFoie^%EV zhwmiUi7e|>R+9h`0RRECM?_^}X<=?4Q*>csY-J!)Wo%_(b7de)WqBYdIWKc`a%FU5 zXel5(WMyJ$VQwvQWo%_(b7eqmX>)XQE@Wk5X<=?IZ*pfoi2^+Y69EVSCj|moAc@@q z8v_Li4+)$A1q%rX2LlBa3JC}c1r`DW0RRFX0Rk6*0162Z?+-XC8hd2`k3A3mBC?pE z`*FYG27Zqc)Xhjx;t+_?rDk+aVtTDp2};_gF|qW>xyICXo^$DmXQcFt<5xSN;0;0W zFU}kRk*bXCM`E#LULI;XW4v`15R-#|?A|RjDi64=jxD3cLtZQpX@=Gp!Y7 z{QwS&FboPPV3|t;>R0e=Cno)gdv8^1%dI>DjAWVXypw}=p>%U>NZa|KSeUph6p~k8 zM_8od9sa+V22w3UGVLq2Tk=DegX}M%q|mGUU`1T1nw!rkj{zVr7TF$Z=Mw|J$%M=> zCjIYM(ydC_iGd0F)@2Nmz3zy9dTYEQr+EWZN@|=wmLo&Xzl=r9$eNUiZAbM+DZ=(2 zg82pA(nCR`iZHv;Mc(^FJ3)C*IDuLlyVmmZ%X+Wu(i2V67YE#f#9&)>9Q>WG2`Une zfvJ6*1r-?BceJLdbtX##sn4tcA!`385)m1qhmra^50-vwVJazN_Zw6-FAumS)Bi2@u15CI4P z1_c6HCHg-A3JDM~0e}Sw1>_8oI1m8i-jTyh=xO*9w+6f&(lco2G<2(MWQC5o$RvEE!$6Bl2@9OpnQiL-6(rKm? z-nE#ICebq&<>uB8zGY7n4@q=kqbg=i9=Ql#-~Tv{99n!^PFkAzHmjP5JH|NIPGB)l zhn&|O1ZCj*8sm0;oy^g_E z=nJ|U`>z|t8!T5XctXZ%PNSw?u)P(6@diPa{Ha#*V+;MMeqe-cBs%y2idhyUhK?y( zp-${QYHgmWV8}7X5p?oTc@H93rvz_xmReZacB;^SS@6%ydKR4Uig+jHBbJc!sGZCz zpv#qsmQLj{2c?5$2S}N)0ssJs0vrSo0SEvF1p-+o7W)7S2@u83UBbme%~_AZ5C2@b z832iZbT2L<%2*=Mq6BqjDQ^Ndgk(5cYH zR!|t2S08!-5!z+gtT2NQ#I;A`QJ_|g6_ld8v~Qqlo??r6=?o*1SDi@9hYMuP=!)R5 z%TjXv&T4FX*h6iM@SGF@ab47c-Uwvt3KMB7IKecqR4(|yJjNtLCBK_)Jc}sum8D#+ z4IV3q=&OO5$F!5`*n_a0b5t*jeW&aKULN*@4dJ9Vfd`KW5yBNS!Ee6imrk@k8$aG!U*svdTc1IRiK zF5(}o30vTGl{;*;W#;a|>1S5FgZhU_BE_>#QZFHv96J-KI71PfQM?6OD9!k(o*7wJ xSkjaNs>Q-6L51!sIRW-*@Uv0iG^w%#p06`x`}%gF>-*mv*6h%KZQ`&3000OsE~5Yd literal 0 HcmV?d00001 diff --git a/at.deny b/at.deny new file mode 100644 index 0000000..0d5a382 --- /dev/null +++ b/at.deny @@ -0,0 +1,24 @@ +alias +backup +bin +daemon +ftp +games +gnats +guest +irc +lp +mail +man +nobody +operator +proxy +qmaild +qmaill +qmailp +qmailq +qmailr +qmails +sync +sys +www-data diff --git a/bash_completion.d/apache2 b/bash_completion.d/apache2 deleted file mode 100644 index e57c100..0000000 --- a/bash_completion.d/apache2 +++ /dev/null @@ -1,89 +0,0 @@ -# bash completion for Debian apache2 configuration tools - -_apache2_allcomp() -{ - command ls /etc/apache2/$1 2>/dev/null -} - -_apache2_mods() -{ - COMPREPLY=( $( compgen -W '$( _apache2_allcomp $1 \ - | sed -e 's/[.]load$//' -e 's/[.]conf$//' )' -- $cur ) ) -} - -_apache2_sites() -{ - COMPREPLY=( $( compgen -W '$( _apache2_allcomp $1 )' -- $cur ) ) -} - -_apache2_conf() -{ - COMPREPLY=( $( compgen -W '$( _apache2_allcomp $1 \ - | sed -e 's/[.]conf$//' )' -- $cur ) ) -} - -_a2enmod() -{ - local cur - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - _apache2_mods mods-available -} -complete -F _a2enmod a2enmod - -_a2ensite() -{ - local cur - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - _apache2_sites sites-available -} -complete -F _a2ensite a2ensite - -_a2enconf() -{ - local cur - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - _apache2_conf conf-available -} -complete -F _a2enconf a2enconf - -_a2dismod() -{ - local cur - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - _apache2_mods mods-enabled -} -complete -F _a2dismod a2dismod - -_a2dissite() -{ - local cur - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - _apache2_sites sites-enabled -} -complete -F _a2dissite a2dissite - -_a2disconf() -{ - local cur - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - _apache2_conf conf-enabled -} -complete -F _a2disconf a2disconf diff --git a/bash_completion.d/debconf b/bash_completion.d/debconf deleted file mode 100644 index 1880689..0000000 --- a/bash_completion.d/debconf +++ /dev/null @@ -1,12 +0,0 @@ -have debconf-show && -_debconf_show() -{ - local cur - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - COMPREPLY=($( compgen -W '--listowners --listdbs --db=' -- $cur ) \ - $( apt-cache pkgnames -- $cur ) ) -} -complete -F _debconf_show debconf-show - diff --git a/bash_completion.d/fail2ban b/bash_completion.d/fail2ban index 7a42bd1..36e0cbb 100644 --- a/bash_completion.d/fail2ban +++ b/bash_completion.d/fail2ban @@ -19,10 +19,19 @@ __fail2ban_jails () { "$1" status 2>/dev/null | awk -F"\t+" '/Jail list/{print $2}' | sed 's/, / /g' } +__fail2ban_jail_actions () { + "$1" get "$2" actions 2>/dev/null | sed -n '$s/\([^,]\+\),\?/\1/gp' +} +__fail2ban_jail_action_properties () { + "$1" get "$2" actionproperties "$3" 2>/dev/null | sed -n '$s/\([^,]\+\),\?/\1/gp' +} +__fail2ban_jail_action_methods () { + "$1" get "$2" actionmethods "$3" 2>/dev/null | sed -n '$s/\([^,]\+\),\?/\1/gp' +} _fail2ban () { local cur prev words cword - _init_completion || return + _init_completion || return case $prev in -V|--version|-h|--help) @@ -50,7 +59,7 @@ _fail2ban () { _filedir return 0 elif [[ "$1" == *"fail2ban-client" ]];then - local cmd jail + local cmd jail action case $prev in "$1") COMPREPLY=( $( compgen -W \ @@ -71,7 +80,7 @@ _fail2ban () { ;; *) if [[ "${words[$cword-2]}" == "add" ]];then - COMPREPLY=( $( compgen -W "auto polling gamin pyinotify" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "auto polling gamin pyinotify systemd" -- "$cur" ) ) return 0 elif [[ "${words[$cword-2]}" == "set" || "${words[$cword-2]}" == "get" ]];then cmd="${words[cword-2]}" @@ -80,6 +89,11 @@ _fail2ban () { cmd="${words[$cword-3]}" jail="${words[$cword-2]}" # Handle in section below + elif [[ "${words[$cword-4]}" == "set" || "${words[$cword-4]}" == "get" && ${words[$cword-2]} == action* ]];then + cmd="${words[$cword-4]}" + jail="${words[$cword-3]}" + action="${words[$cword-1]}" + # Handle in section below fi ;; esac @@ -88,7 +102,7 @@ _fail2ban () { case $prev in loglevel) if [[ "$cmd" == "set" ]];then - COMPREPLY=( $( compgen -W "0 1 2 3 4" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "CRITICAL ERROR WARNING NOTICE INFO DEBUG" -- "$cur" ) ) fi return 0 ;; @@ -106,6 +120,25 @@ _fail2ban () { return 0 ;; esac + elif [[ -n "$jail" && -n "$action" ]];then + case ${words[$cwords-3]} in + action) + COMPREPLY=( $( compgen -W \ + "$( __fail2ban_jail_action_properties "$1" "$jail" "$action")" \ + -- "$cur" ) ) + if [[ "$cmd" == "set" ]];then + COMPREPLY+=( $(compgen -W "$(__fail2ban_jail_action_methods "$1" "$jail" "$action")" -- "$cur" ) ) + fi + return 0 + ;; + esac + elif [[ -n "$jail" && $prev == action* ]];then + case $prev in + action|actionproperties|actionmethods) + COMPREPLY=( $(compgen -W "$(__fail2ban_jail_actions "$1" "$jail")" -- "$cur" ) ) + return 0 + ;; + esac elif [[ -n "$jail" && "$cmd" == "set" ]];then case $prev in addlogpath) @@ -121,7 +154,7 @@ _fail2ban () { fi return 0 ;; - delfailregex|delignoregex) + delfailregex|delignoreregex) COMPREPLY=( $( compgen -W \ "$( "$1" get "$jail" "${prev/del/}" 2>/dev/null | awk -F"[][]" '{print $2}')" \ -- "$cur" ) ) diff --git a/bash_completion.d/initramfs-tools b/bash_completion.d/initramfs-tools deleted file mode 100644 index a52074f..0000000 --- a/bash_completion.d/initramfs-tools +++ /dev/null @@ -1,26 +0,0 @@ -# update-initramfs(8) completion - -_update_initramfs() -{ - local cur prev valid_options - - # TODO: this can be "_get_comp_words_by_ref cur prev" once - # bash-completion >= 1.2 is available, see #537139 - cur=$(_get_cword) - prev=${COMP_WORDS[COMP_CWORD-1]} - - # The only option that takes an argument is -k - if [[ "$prev" == '-k' ]]; then - # Complete with kernel versions - _kernel_versions - COMPREPLY=( $( compgen -W '${COMPREPLY[@]} all' -- "$cur" ) ) - return; - fi - - # Complete with available options (obtained from -h) - valid_options=$( update-initramfs -h 2>&1 | \ - sed -e '/^ -/!d;s/^ \(-\w\+\).*/\1/' ) - COMPREPLY=( $( compgen -W "$valid_options" -- $cur ) ) -} - -complete -F _update_initramfs update-initramfs diff --git a/bash_completion.d/isoquery b/bash_completion.d/isoquery deleted file mode 100644 index c27ed05..0000000 --- a/bash_completion.d/isoquery +++ /dev/null @@ -1,45 +0,0 @@ -# /etc/bash_completion.d/isoquery -# Programmable Bash command completion for the ‘isoquery’ command. - -shopt -s progcomp - -_isoquery_completion () { - local cur prev opts - - COMPREPLY=() - cur="${COMP_WORDS[COMP_CWORD]}" - prev="${COMP_WORDS[COMP_CWORD-1]}" - - opts="-h --help -v --version" - opts="${opts} -i --iso -x --xmlfile -l --locale -0 --null" - opts="${opts} -n --name -o --official_name -c --common_name" - - case "${prev}" in - -i|--iso) - local standards=(639 639-3 639-5 3166 3166-2 4217 15924) - COMPREPLY=( $(compgen -W "${standards[*]}" -- ${cur}) ) - ;; - - -x|--xmlfile) - COMPREPLY=( $(compgen -A file -- ${cur}) ) - ;; - - -l|--locale) - local locale_names=$(locale --all-locales) - COMPREPLY=( $(compgen -W "${locale_names}" -- ${cur}) ) - ;; - - *) - COMPREPLY=($(compgen -W "${opts}" -- ${cur})) - ;; - esac -} - -complete -F _isoquery_completion isoquery - - -# Local variables: -# coding: utf-8 -# mode: shell-script -# End: -# vim: fileencoding=utf-8 filetype=bash : diff --git a/bash_completion.d/subversion b/bash_completion.d/subversion deleted file mode 100644 index eabc15c..0000000 --- a/bash_completion.d/subversion +++ /dev/null @@ -1,1514 +0,0 @@ -# ------------------------------------------------------------ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# ------------------------------------------------------------ - -# Programmable completion for the Subversion svn command under bash. Source -# this file (or on some systems add it to ~/.bash_completion and start a new -# shell) and bash's completion mechanism will know all about svn's options! -# Provides completion for the svnadmin, svndumpfilter, svnlook and svnsync -# commands as well. Who wants to read man pages/help text... - -# Known to work with bash 3.* with programmable completion and extended -# pattern matching enabled (use 'shopt -s extglob progcomp' to enable -# these if they are not already enabled). - -shopt -s extglob - -# Tree helper functions which only use bash, to ease readability. - -# look for value associated to key from stdin in K/V hash file format -# val=$(_svn_read_hashfile svn:realmstring < some/file) -function _svn_read_hashfile() -{ - local tkey=$1 key= val= - while true; do - read tag len - [ $tag = 'END' ] && break - [ $tag != 'K' ] && { - #echo "unexpected tag '$tag' instead of 'K'" >&2 - return - } - read -r -n $len key ; read - read tag len - [ $tag != 'V' ] && { - #echo "unexpected tag '$tag' instead of 'V'" >&2 - return - } - read -r -n $len val ; read - if [[ $key = $tkey ]] ; then - echo "$val" - return - fi - done - #echo "target key '$tkey' not found" >&2 -} - -# _svn_grcut shell-regular-expression -# extract filenames from 'svn status' output -function _svn_grcut() -{ - local re=$1 line= old_IFS - # fix IFS, so that leading spaces are not ignored by next read. - # (there is a leading space in svn status output if only a prop is changed) - old_IFS="$IFS" - IFS=$'\n' - while read -r line ; do - [[ ! $re || $line == $re ]] && echo "${line/????????/}" - done - IFS="$old_IFS" -} - -# extract stuff from svn info output -# _svn_info (URL|Repository Root) -function _svn_info() -{ - local what=$1 line= - LANG=C LC_MESSAGES=C svn info --non-interactive 2> /dev/null | \ - while read line ; do - [[ $line == *"$what: "* ]] && echo ${line#*: } - done -} - -# _svn_lls (dir|file|all) files... -# list svn-managed files from list -# some 'svn status --all-files' would be welcome here? -function _svn_lls() -{ - local opt=$1 f= - shift - for f in "$@" ; do - # could try to check in .svn/entries? hmmm... - if [[ $opt == @(dir|all) && -d "$f" ]] ; then - echo "$f/" - elif [[ $opt == @(file|all) ]] ; then - # split f in directory/file names - local dn= fn="$f" - [[ "$f" == */* ]] && dn=${f%\/*}/ fn=${f##*\/} - # ??? this does not work for just added files, because they - # do not have a content reference yet... - [ -f "${dn}.svn/text-base/${fn}.svn-base" ] && echo "$f" - fi - done -} - -# This completion guides the command/option order along the one suggested -# by "svn help", although other syntaxes are allowed. -# -# - there is a "real" parser to check for what is available and deduce what -# can be suggested further. -# - the syntax should be coherent with subversion/svn/{cl.h,main.c} -# - although it is not a good practice, mixed options and arguments -# is supported by the completion as it is by the svn command. -# - the completion works in the middle of a line, -# but not really in the middle of an argument or option. -# - property names are completed: see comments about issues related to handling -# ":" within property names although it is a word completion separator. -# - unknown properties are assumed to be simple file properties. -# - --revprop and --revision options are forced to revision properties -# as they are mandatory in this case. -# - argument values are suggested to some other options, eg directory names -# for --config-dir. -# - values for some options can be extended with environment variables: -# SVN_BASH_FILE_PROPS: other properties on files/directories -# SVN_BASH_REV_PROPS: other properties on revisions -# SVN_BASH_ENCODINGS: encodings to be suggested -# SVN_BASH_MIME_TYPE: mime types to be suggested -# SVN_BASH_KEYWORDS: "svn:keywords" substitutions to be suggested -# SVN_BASH_USERNAME: usernames suggested for --username -# SVN_BASH_COMPL_EXT: completion extensions for file arguments, based on the -# current subcommand, so that for instance only modified files are -# suggested for 'revert', only not svn-managed files for 'add', and so on. -# Possible values are: -# - username: guess usernames from ~/.subversion/auth/... -# - urls: guess urls from ~/.subversion/auth/... or others -# - svnstatus: use 'svn status' for completion -# - recurse: allow recursion (expensive) -# - externals: recurse into externals (very expensive) -# Former options are reasonable, but beware that both later options -# may be unadvisable if used on large working copies. -# None of these costly completions are activated by default. -# Argument completion outside a working copy results in an error message. -# Filenames with spaces are not completed properly. -# -# TODO -# - other options? -# - obsolete options could be removed from auto-comp? (e.g. -N) -# - obsolete commands could be removed? (e.g. resolved) -# - completion does not work properly when editing in the middle of the line -# status/previous are those at the end of the line, not at the entry position -# - url completion should select more cases where it is relevant -# - url completion of http:// schemas could suggest sub directories? -# - add completion for experimental 'obliterate' feature? -_svn() -{ - local cur cmds cmdOpts pOpts mOpts rOpts qOpts nOpts optsParam opt - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - # Possible expansions, without pure-prefix abbreviations such as "up". - cmds='add blame annotate praise cat changelist cl checkout co cleanup' - cmds="$cmds commit ci copy cp delete remove rm diff export help import" - cmds="$cmds info list ls lock log merge mergeinfo mkdir move mv rename" - cmds="$cmds patch propdel pdel propedit pedit propget pget proplist" - cmds="$cmds plist propset pset relocate resolve resolved revert status" - cmds="$cmds switch unlock update upgrade" - - # help options have a strange command status... - local helpOpts='--help -h' - # all special options that have a command status - local specOpts="--version $helpOpts" - - # options that require a parameter - # note: continued lines must end '|' continuing lines must start '|' - optsParam="-r|--revision|--username|--password|--targets" - optsParam="$optsParam|-x|--extensions|-m|--message|-F|--file" - optsParam="$optsParam|--encoding|--diff-cmd|--diff3-cmd|--editor-cmd" - optsParam="$optsParam|--old|--new|--config-dir|--config-option" - optsParam="$optsParam|--native-eol|-l|--limit|-c|--change" - optsParam="$optsParam|--depth|--set-depth|--with-revprop" - optsParam="$optsParam|--cl|--changelist|--accept|--show-revs" - - # svn:* and other (env SVN_BASH_*_PROPS) properties - local svnProps revProps allProps psCmds propCmds - - # svn and user configured "file" (or directory) properties - # the "svn:mergeinfo" prop is not included by default because it is - # managed automatically, so there should be no need to edit it by hand. - svnProps="svn:keywords svn:executable svn:needs-lock svn:externals - svn:ignore svn:eol-style svn:mime-type $SVN_BASH_FILE_PROPS" - - # svn and user configured revision properties - revProps="svn:author svn:log svn:date $SVN_BASH_REV_PROPS" - - # all properties as an array variable - allProps=( $svnProps $revProps ) - - # subcommands that expect property names - psCmds='propset|pset|ps' - propCmds="$psCmds|propget|pget|pg|propedit|pedit|pe|propdel|pdel|pd" - - # possible URL schemas to access a subversion server - local urlSchemas='file:/// http:// https:// svn:// svn+ssh://' - - # Parse arguments and set various variables about what was found. - # - # cmd: the current command if available - # isPropCmd: whether it expects a property name argument - # isPsCmd: whether it also expects a property value argument - # isHelpCmd: whether it is about help - # nExpectArgs: how many arguments are expected by the command - # help: help requested about this command (if cmd=='help') - # prop: property name (if appropriate) - # isRevProp: is it a special revision property - # val: property value (if appropriate, under pset) - # options: all options encountered - # hasRevPropOpt: is --revprop set - # hasRevisionOpt: is --revision set - # hasRelocateOpt: is --relocate set - # hasReintegrateOpt: is --reintegrate set - # acceptOpt: the value of --accept - # nargs: how many arguments were found - # stat: status of parsing at the 'current' word - # - # prev: previous command in the loop - # last: status of last parameter analyzed - # i: index - local cmd= isPropCmd= isPsCmd= isHelpCmd= nExpectArgs= isCur= i=0 - local prev= help= prop= val= isRevProp= last='none' nargs=0 stat= - local options= hasRevPropOpt= hasRevisionOpt= hasRelocateOpt= - local acceptOpt= URL= hasReintegrateOpt= - - for opt in "${COMP_WORDS[@]}" - do - # get status of current word (from previous iteration) - [[ $isCur ]] && stat=$last - - # are we processing the current word - isCur= - [[ $i -eq $COMP_CWORD ]] && isCur=1 - let i++ - - # FIRST must be the "svn" command - [ $last = 'none' ] && { last='first'; continue ; } - - # SKIP option arguments - if [[ $prev == @($optsParam) ]] ; then - - # record accept value - [[ $prev = '--accept' ]] && acceptOpt=$opt - - prev='' - last='skip' - continue ; - fi - - # Argh... This looks like a bash bug... - # Redirections are passed to the completion function - # although it is managed by the shell directly... - # It matters because we want to tell the user when no more - # completion is available, so it does not necessary - # fallback to the default case. - if [[ $prev == @(<|>|>>|[12]>|[12]>>) ]] ; then - prev='' - last='skip' - continue ; - fi - prev=$opt - - # get the subCoMmanD - if [[ ! $cmd && $opt \ - && ( $opt != -* || $opt == @(${specOpts// /|}) ) ]] - then - cmd=$opt - [[ $cmd == @($propCmds) ]] && isPropCmd=1 - [[ $cmd == @($psCmds) ]] && isPsCmd=1 - [[ $cmd == @(${helpOpts// /|}) ]] && cmd='help' - [[ $cmd = 'help' ]] && isHelpCmd=1 - # HELP about a command asked with an option - if [[ $isHelpCmd && $cmd && $cmd != 'help' && ! $help ]] - then - help=$cmd - cmd='help' - fi - last='cmd' - continue - fi - - # HELP about a command - if [[ $isHelpCmd && ! $help && $opt && $opt != -* ]] - then - help=$opt - last='help' - continue - fi - - # PROPerty name - if [[ $isPropCmd && ! $prop && $opt && $opt != -* ]] - then - prop=$opt - [[ $prop == @(${revProps// /|}) ]] && isRevProp=1 - last='prop' - continue - fi - - # property VALue - if [[ $isPsCmd && $prop && ! $val && $opt != -* ]] ; - then - val=$opt - last='val' - continue - fi - - if [[ $last != 'onlyarg' ]] - then - # more OPTions - case $opt in - -r|--revision|--revision=*) - hasRevisionOpt=1 - ;; - --revprop) - hasRevPropOpt=1 - # restrict to revision properties! - allProps=( $revProps ) - # on revprops, only one URL is expected - nExpectArgs=1 - ;; - -h|--help) - isHelpCmd=1 - ;; - -F|--file) - val='-F' - ;; - --relocate) - hasRelocateOpt=1 - ;; - --reintegrate) - hasReintegrateOpt=1 - ;; - esac - - # no more options, only arguments, whatever they look like. - if [[ $opt = '--' && ! $isCur ]] ; then - last='onlyarg' - continue - fi - - # options are recorded... - if [[ $opt == -* ]] ; then - # but not the current one! - [[ ! $isCur ]] && options="$options $opt " - last='opt' - continue - fi - else - # onlyarg - let nargs++ - continue - fi - - # then we have an argument - if [[ $cmd = 'merge' && ! $URL ]] ; then - # fist argument is the source URL for the merge - URL=$opt - fi - - last='arg' - let nargs++ - done - # end opt option processing... - [[ $stat ]] || stat=$last - - # suggest all subcommands, including special help - if [[ ! $cmd || $stat = 'cmd' ]] - then - COMPREPLY=( $( compgen -W "$cmds $specOpts" -- $cur ) ) - return 0 - fi - - # suggest all subcommands - if [[ $stat = 'help' || ( $isHelpCmd && ! $help ) ]] - then - COMPREPLY=( $( compgen -W "$cmds" -- $cur ) ) - return 0 - fi - - # URL completion - if [[ $cmd == @(co|checkout|ls|list) && $stat = 'arg' && \ - $SVN_BASH_COMPL_EXT == *urls* ]] - then - # see about COMP_WORDBREAKS workaround in prop completion - if [[ $cur == file:* ]] - then - # file completion for file:// urls - local where=${cur/file:/} - COMPREPLY=( $(compgen -d -S '/' -X '*/.*' -- $where ) ) - return - elif [[ $cur == *:* ]] - then - # get known urls - local urls= file= - for file in ~/.subversion/auth/svn.simple/* ; do - if [ -r $file ] ; then - local url=$(_svn_read_hashfile svn:realmstring < $file) - url=${url/**/} - urls="$urls $url" - fi - done - - # only suggest/show possible suffixes - local prefix=${cur%:*} suffix=${cur#*:} c= choices= - for c in $urls ; do - [[ $c == $prefix:* ]] && choices="$choices ${c#*:}" - done - - COMPREPLY=( $(compgen -W "$choices" -- $suffix ) ) - return - else - # show schemas - COMPREPLY=( $(compgen -W "$urlSchemas" -- $cur) ) - return - fi - fi - - if [[ $cmd = 'merge' || $cmd = 'mergeinfo' ]] - then - local here=$(_svn_info URL) - # suggest a possible URL for merging - if [[ ! $URL && $stat = 'arg' ]] ; then - # we assume a 'standard' repos with branches and trunk - if [[ "$here" == */branches/* ]] ; then - # we guess that it is a merge from the trunk - COMPREPLY=( $(compgen -W ${here/\/branches\/*/\/trunk} -- $cur ) ) - return 0 - elif [[ "$here" == */trunk* ]] ; then - # we guess that it is a merge from a branch - COMPREPLY=( $(compgen -W ${here/\/trunk*/\/branches\/} -- $cur ) ) - return 0 - else - # no se, let us suggest the repository root... - COMPREPLY=( $(compgen -W $(_svn_info Root) -- $cur ) ) - return 0 - fi - elif [[ $URL == */branches/* && $here == */trunk* && \ - ! $hasReintegrateOpt && $cur = '' && $stat = 'arg' ]] ; then - # force --reintegrate only if the current word is empty - COMPREPLY=( $(compgen -W '--reintegrate' -- $cur ) ) - return 0 - fi - fi - - # help about option arguments - if [[ $stat = 'skip' ]] - then - local previous=${COMP_WORDS[COMP_CWORD-1]} - local values= dirs= beep= exes= - - [[ $previous = '--config-dir' ]] && dirs=1 - - # external editor, diff, diff3... - [[ $previous = --*-cmd ]] && exes=1 - - [[ $previous = '--native-eol' ]] && values='LF CR CRLF' - - # just to suggest that a number is expected. hummm. - [[ $previous = '--limit' ]] && values='0 1 2 3 4 5 6 7 8 9' - - # some special partial help about --revision option. - [[ $previous = '--revision' || $previous = '-r' ]] && \ - values='HEAD BASE PREV COMMITTED 0 {' - - [[ $previous = '--encoding' ]] && \ - values="latin1 utf8 $SVN_BASH_ENCODINGS" - - [[ $previous = '--extensions' || $previous = '-x' ]] && \ - values="--unified --ignore-space-change \ - --ignore-all-space --ignore-eol-style --show-c-functions" - - [[ $previous = '--depth' ]] && \ - values='empty files immediates infinity' - - [[ $previous = '--set-depth' ]] && \ - values='empty exclude files immediates infinity' - - [[ $previous = '--accept' ]] && \ - { - # the list is different for 'resolve' - if [[ $cmd = 'resolve' ]] ; then - # from svn help resolve - values='base working mine-full theirs-full' - else # checkout merge switch update - values="postpone base mine-full theirs-full edit launch \ - mine-conflict theirs-conflict" - fi - } - - [[ $previous = '--show-revs' ]] && values='merged eligible' - - if [[ $previous = '--username' ]] ; then - values="$SVN_BASH_USERNAME" - if [[ $SVN_BASH_COMPL_EXT == *username* ]] ; then - local file= - # digest? others? - for file in ~/.subversion/auth/svn.simple/* ; do - if [ -r $file ] ; then - values="$values $(_svn_read_hashfile username < $file)" - fi - done - fi - [[ ! "$values" ]] && beep=1 - fi - - # could look at ~/.subversion/ ? - # hmmm... this option should not exist - [[ $previous = '--password' ]] && beep=1 - - # TODO: provide help about other options such as: - # --old --new --with-revprop - - # if the previous option required a parameter, do something - # or fallback on ordinary filename expansion - [[ $values ]] && COMPREPLY=( $( compgen -W "$values" -- $cur ) ) - [[ $dirs ]] && COMPREPLY=( $( compgen -o dirnames -- $cur ) ) - [[ $exes ]] && COMPREPLY=( $( compgen -c -- $cur ) ) - [[ $beep ]] && - { - # 'no known completion'. hummm. - echo -en "\a" - COMPREPLY=( '' ) - } - return 0 - fi - - # provide allowed property names after property commands - if [[ $isPropCmd && ( ! $prop || $stat = 'prop' ) && $cur != -* ]] - then - # - # Ok, this part is pretty ugly. - # - # The issue is that ":" is a completion word separator, - # which is a good idea for file:// urls but not within - # property names... - # - # The first idea was to remove locally ":" from COMP_WORDBREAKS - # and then put it back in all cases but in property name - # completion. It does not always work. There is a strange bug - # where one may get "svn:svn:xxx" in some unclear cases. - # - # Thus the handling is reprogrammed here... - # The code assumes that property names look like *:*, - # but it also works reasonably well with simple names. - # - # This hack is broken in bash4... not sure what to do about it, - # especially while keeping the bash3 compatibility:-( - local choices= - - if [[ $cur == *:* ]] - then - # only suggest/show possible suffixes - local prefix=${cur%:*} suffix=${cur#*:} c= - for c in ${allProps[@]} ; do - [[ $c == $prefix:* ]] && choices="$choices ${c#*:}" - done - # everything will be appended to the prefix because ':' is - # a separator, so cur is restricted to the suffix part. - cur=$suffix - else - # only one choice is fine - COMPREPLY=( $( compgen -W "${allProps[*]}" -- $cur ) ) - [ ${#COMPREPLY[@]} -eq 1 ] && return 0 - - # no ':' so only suggest prefixes? - local seen= n=0 last= c= - for c in ${allProps[@]%:*} ; do - # do not put the same prefix twice... - if [[ $c == $cur* && ( ! $seen || $c != @($seen) ) ]] - then - let n++ - last=$c - choices="$choices $c:" - if [[ $seen ]] - then - seen="$seen|$c*" - else - seen="$c*" - fi - fi - done - - # supply two choices to force a partial completion and a beep - [[ $n -eq 1 ]] && choices="$last:1 $last:2" - fi - - COMPREPLY=( $( compgen -W "$choices" -- $cur ) ) - return 0 - fi - - # force mandatory --revprop option on revision properties - if [[ $isRevProp && ! $hasRevPropOpt ]] - then - COMPREPLY=( $( compgen -W '--revprop' -- $cur ) ) - return 0 - fi - - # force mandatory --revision option on revision properties - if [[ $isRevProp && $hasRevPropOpt && ! $hasRevisionOpt ]] - then - COMPREPLY=( $( compgen -W '--revision' -- $cur ) ) - return 0 - fi - - # possible completion when setting property values - if [[ $isPsCmd && $prop && ( ! $val || $stat = 'val' ) ]] - then - # ' is a reminder for an arbitrary value - local values="\' --file" - case $prop in - svn:keywords) - # just a subset? - values="Id Rev URL Date Author Header \' $SVN_BASH_KEYWORDS" - ;; - svn:executable|svn:needs-lock) - # hmmm... canonical value * is special to the shell. - values='\\*' - ;; - svn:eol-style) - values='native LF CR CRLF' - ;; - svn:mime-type) - # could read /etc/mime.types if available. overkill. - values="text/ text/plain text/html text/xml text/rtf - image/ image/png image/gif image/jpeg image/tiff - audio/ audio/midi audio/mpeg - video/ video/mpeg video/mp4 - application/ application/octet-stream - $SVN_BASH_MIME_TYPE" - ;; - esac - - COMPREPLY=( $( compgen -W "$values" -- $cur ) ) - # special case for --file... return even if within an option - [[ ${COMPREPLY} ]] && return 0 - fi - - # maximum number of additional arguments expected in various forms - case $cmd in - merge) - nExpectArgs=3 - ;; - mergeinfo) - nExpectArgs=1 - ;; - copy|cp|move|mv|rename|ren|export|import) - nExpectArgs=2 - ;; - switch|sw) - [[ ! $hasRelocateOpt ]] && nExpectArgs=2 - ;; - help|h) - nExpectArgs=0 - ;; - --version) - nExpectArgs=0 - ;; - esac - - # the maximum number of arguments is reached for a command - if [[ $nExpectArgs && $nargs -gt $nExpectArgs ]] - then - # some way to tell 'no completion at all'... is there a better one? - # Do not say 'file completion' here. - echo -en "\a" - COMPREPLY=( '' ) - return 0 - fi - - # if not typing an option, - # then fallback on filename expansion... - if [[ $cur != -* || $stat = 'onlyarg' ]] ; then - - # do we allow possible expensive completion here? - if [[ $SVN_BASH_COMPL_EXT == *svnstatus* ]] ; then - - # build status command and options - # "--quiet" removes 'unknown' files - local status='svn status --non-interactive' - - [[ $SVN_BASH_COMPL_EXT == *recurse* ]] || \ - status="$status --non-recursive" - - # I'm not sure that it can work with externals in call cases - # the output contains translatable sentences (even with quiet) - [[ $SVN_BASH_COMPL_EXT == *externals* ]] || \ - status="$status --ignore-externals" - - local cs= files= - # subtlety: must not set $cur* if $cur is empty in some cases - [[ $cur ]] && cs=$cur* - - # 'files' is set according to the current subcommand - case $cmd in - st*) # status completion must include all files - files=$cur* - ;; - ci|commit|revert|di*) # anything edited - files=$($status $cs| _svn_grcut '@([MADR!]*| M*|_M*)') - ;; - add) # unknown files - files=$($status $cs| _svn_grcut '\?*') - ;; - unlock) # unlock locked files - files=$($status $cs| _svn_grcut '@(??L*|?????[KOTB]*)') - ;; - resolve*) # files in conflict - files=$($status $cs| _svn_grcut '@(?C*|C*)') - ;; - praise|blame|ann*) # any svn file but added - files=$( _svn_lls all $cur* ) - ;; - p*) # prop commands - if [[ $cmd == @($propCmds) && \ - $prop == @(svn:ignore|svn:externals) ]] ; then - # directory specific props - files=$( _svn_lls dir . $cur* ) - else - # ??? added directories appear twice: foo foo/ - files="$( _svn_lls all $cur* ) - $($status $cs | _svn_grcut 'A*' )" - fi - ;; - info) # information on any file - files="$( _svn_lls all $cur* ) - $($status $cs | _svn_grcut 'A*' )" - ;; - remove|rm|del*|move|mv|rename) # changing existing files - files=$( _svn_lls all $cur* ) - ;; - mkdir) # completion in mkdir can only be for subdirs? - files=$( _svn_lls dir $cur* ) - ;; - log|lock|up*|cl*|switch) # misc, all but added files - files=$( _svn_lls all $cur* ) - ;; - merge) # may do a better job? URL/WCPATH - files=$( _svn_lls all $cur* ) - ;; - ls|list) # better job? what about URLs? - files=$( _svn_lls all $cur* ) - ;; - *) # other commands: changelist export import cat mergeinfo - local fallback=1 - ;; - esac - - # when not recursive, some relevant files may exist - # within subdirectories, so they are added here. - # should it be restricted to svn-managed subdirs? no?? - if [[ $SVN_BASH_COMPL_EXT != *recurse* ]] ; then - files="$files $( _svn_lls dir $cur* )" - fi - - # set completion depending on computed 'files' - if [[ $files ]] ; then - COMPREPLY=( $( compgen -W "$files" -- $cur ) ) - # if empty, set to nope? - [[ "${COMPREPLY[*]}" ]] || COMPREPLY=( '' ) - elif [[ ! $fallback ]] ; then - # this suggests no completion... - echo -en "\a" - COMPREPLY=( '' ) - fi - fi - # else fallback to ordinary filename completion... - return 0 - fi - - # otherwise build possible options for the command - pOpts="--username --password --no-auth-cache --non-interactive \ - --trust-server-cert --force-interactive" - mOpts="-m --message -F --file --encoding --force-log --with-revprop" - rOpts="-r --revision" - qOpts="-q --quiet" - nOpts="-N --non-recursive --depth" - gOpts="-g --use-merge-history" - cOpts="--cl --changelist" - - cmdOpts= - case $cmd in - --version) - cmdOpts="$qOpts" - ;; - add) - cmdOpts="--auto-props --no-auto-props --force --targets \ - --no-ignore --parents $nOpts $qOpts $pOpts" - ;; - blame|annotate|ann|praise) - cmdOpts="$rOpts $pOpts -v --verbose --incremental --xml \ - -x --extensions --force $gOpts" - ;; - cat) - cmdOpts="$rOpts $pOpts" - ;; - changelist|cl) - cmdOpts="--targets $pOpts $qOpts $cOpts \ - -R --recursive --depth --remove" - ;; - checkout|co) - cmdOpts="$rOpts $qOpts $nOpts $pOpts --ignore-externals \ - --force" - ;; - cleanup) - cmdOpts="--diff3-cmd $pOpts" - ;; - commit|ci) - cmdOpts="$mOpts $qOpts $nOpts --targets --editor-cmd $pOpts \ - --no-unlock $cOpts --keep-changelists \ - --include-externals" - ;; - copy|cp) - cmdOpts="$mOpts $rOpts $qOpts --editor-cmd $pOpts --parents \ - --ignore-externals" - ;; - delete|del|remove|rm) - cmdOpts="--force $mOpts $qOpts --targets --editor-cmd $pOpts \ - --keep-local" - ;; - diff|di) - cmdOpts="$rOpts -x --extensions --diff-cmd --no-diff-deleted \ - $nOpts $pOpts --force --old --new --notice-ancestry \ - -c --change --summarize $cOpts --xml --git \ - --internal-diff --show-copies-as-adds \ - --ignore-properties --properties-only --no-diff-added \ - --patch-compatible" - ;; - export) - cmdOpts="$rOpts $qOpts $pOpts $nOpts --force --native-eol \ - --ignore-externals --ignore-keywords" - ;; - help|h|\?) - cmdOpts= - ;; - import) - cmdOpts="--auto-props --no-auto-props $mOpts $qOpts $nOpts \ - --no-ignore --editor-cmd $pOpts --force" - ;; - info) - cmdOpts="$pOpts $rOpts --targets -R --recursive --depth \ - --incremental --xml $cOpts" - ;; - list|ls) - cmdOpts="$rOpts -v --verbose -R --recursive $pOpts \ - --incremental --xml --depth --include-externals" - ;; - lock) - cmdOpts="-m --message -F --file --encoding --force-log \ - --targets --force $pOpts" - ;; - log) - cmdOpts="$rOpts -v --verbose --targets $pOpts --stop-on-copy \ - --incremental --xml $qOpts -l --limit -c --change \ - $gOpts --with-all-revprops --with-revprop --depth \ - --diff --diff-cmd -x --extensions --internal-diff \ - --with-no-revprops --search --search-and" - ;; - merge) - cmdOpts="$rOpts $nOpts $qOpts --force --dry-run --diff3-cmd \ - $pOpts --ignore-ancestry -c --change -x --extensions \ - --record-only --accept --reintegrate \ - --allow-mixed-revisions -v --verbose" - ;; - mergeinfo) - cmdOpts="$rOpts $pOpts --depth --show-revs -R --recursive" - ;; - mkdir) - cmdOpts="$mOpts $qOpts --editor-cmd $pOpts --parents" - ;; - move|mv|rename|ren) - cmdOpts="$mOpts $rOpts $qOpts --force --editor-cmd $pOpts \ - --parents --allow-mixed-revisions" - ;; - patch) - cmdOpts="$qOpts $pOpts --dry-run --ignore-whitespace \ - --reverse-diff --strip" - ;; - propdel|pdel|pd) - cmdOpts="$qOpts -R --recursive $rOpts $pOpts $cOpts \ - --depth" - [[ $isRevProp || ! $prop ]] && cmdOpts="$cmdOpts --revprop" - ;; - propedit|pedit|pe) - cmdOpts="--editor-cmd $pOpts $mOpts --force" - [[ $isRevProp || ! $prop ]] && \ - cmdOpts="$cmdOpts --revprop $rOpts" - ;; - propget|pget|pg) - cmdOpts="-v --verbose -R --recursive $rOpts --strict \ - $pOpts $cOpts --depth --xml --show-inherited-props" - [[ $isRevProp || ! $prop ]] && cmdOpts="$cmdOpts --revprop" - ;; - proplist|plist|pl) - cmdOpts="-v --verbose -R --recursive $rOpts --revprop $qOpts \ - $pOpts $cOpts --depth --xml --show-inherited-props" - ;; - propset|pset|ps) - cmdOpts="$qOpts --targets -R --recursive \ - --encoding $pOpts --force $cOpts --depth" - [[ $isRevProp || ! $prop ]] && \ - cmdOpts="$cmdOpts --revprop $rOpts" - [[ $val ]] || cmdOpts="$cmdOpts -F --file" - ;; - relocate) - cmdOpts="--ignore-externals $pOpts" - ;; - resolve) - cmdOpts="--targets -R --recursive $qOpts $pOpts --accept \ - --depth" - ;; - resolved) - cmdOpts="--targets -R --recursive $qOpts $pOpts --depth" - ;; - revert) - cmdOpts="--targets -R --recursive $qOpts $cOpts \ - --depth $pOpts" - ;; - status|stat|st) - cmdOpts="-u --show-updates -v --verbose $nOpts $qOpts $pOpts \ - --no-ignore --ignore-externals --incremental --xml \ - $cOpts" - ;; - switch|sw) - cmdOpts="--relocate $rOpts $nOpts $qOpts $pOpts --diff3-cmd \ - --force --accept --ignore-externals --set-depth \ - --ignore-ancestry" - ;; - unlock) - cmdOpts="--targets --force $pOpts" - ;; - update|up) - cmdOpts="$rOpts $nOpts $qOpts $pOpts --diff3-cmd \ - --ignore-externals --force --accept $cOpts \ - --parents --editor-cmd --set-depth" - ;; - upgrade) - cmdOpts="$qOpts $pOpts" - ;; - *) - ;; - esac - - # add options that are nearly always available - [[ "$cmd" != "--version" ]] && cmdOpts="$cmdOpts $helpOpts" - cmdOpts="$cmdOpts --config-dir --config-option" - - # --accept (edit|launch) incompatible with --non-interactive - if [[ $acceptOpt == @(edit|launch) ]] ; - then - cmdOpts=${cmdOpts/ --non-interactive / } - fi - - # take out options already given - for opt in $options - do - local optBase - - # remove leading dashes and arguments - case $opt in - --*) optBase=${opt/=*/} ;; - -*) optBase=${opt:0:2} ;; - esac - - cmdOpts=" $cmdOpts " - cmdOpts=${cmdOpts/ ${optBase} / } - - # take out alternatives and mutually exclusives - case $optBase in - -v) cmdOpts=${cmdOpts/ --verbose / } ;; - --verbose) cmdOpts=${cmdOpts/ -v / } ;; - -N) cmdOpts=${cmdOpts/ --non-recursive / } ;; - --non-recursive) cmdOpts=${cmdOpts/ -N / } ;; - -R) cmdOpts=${cmdOpts/ --recursive / } ;; - --recursive) cmdOpts=${cmdOpts/ -R / } ;; - -x) cmdOpts=${cmdOpts/ --extensions / } ;; - --extensions) cmdOpts=${cmdOpts/ -x / } ;; - -q) cmdOpts=${cmdOpts/ --quiet / } ;; - --quiet) cmdOpts=${cmdOpts/ -q / } ;; - -h) cmdOpts=${cmdOpts/ --help / } ;; - --help) cmdOpts=${cmdOpts/ -h / } ;; - -l) cmdOpts=${cmdOpts/ --limit / } ;; - --limit) cmdOpts=${cmdOpts/ -l / } ;; - -r) cmdOpts=${cmdOpts/ --revision / } ;; - --revision) cmdOpts=${cmdOpts/ -r / } ;; - -c) cmdOpts=${cmdOpts/ --change / } ;; - --change) cmdOpts=${cmdOpts/ -c / } ;; - --auto-props) cmdOpts=${cmdOpts/ --no-auto-props / } ;; - --no-auto-props) cmdOpts=${cmdOpts/ --auto-props / } ;; - -g) cmdOpts=${cmdOpts/ --use-merge-history / } ;; - --use-merge-history) - cmdOpts=${cmdOpts/ -g / } ;; - -m|--message|-F|--file) - cmdOpts=${cmdOpts/ --message / } - cmdOpts=${cmdOpts/ -m / } - cmdOpts=${cmdOpts/ --file / } - cmdOpts=${cmdOpts/ -F / } - ;; - esac - - # remove help options within help subcommand - if [ $isHelpCmd ] ; then - cmdOpts=${cmdOpts/ -h / } - cmdOpts=${cmdOpts/ --help / } - fi - done - - # provide help about available options - COMPREPLY=( $( compgen -W "$cmdOpts" -- $cur ) ) - return 0 -} -complete -F _svn -o default -X '@(*/.svn|*/.svn/|.svn|.svn/)' svn - -_svnadmin () -{ - local cur cmds cmdOpts optsParam opt helpCmds optBase i - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - # Possible expansions, without pure-prefix abbreviations such as "h". - cmds='crashtest create deltify dump freeze help hotcopy list-dblogs \ - list-unused-dblogs load lock lslocks lstxns pack recover rmlocks \ - rmtxns setlog setrevprop setuuid unlock upgrade verify --version' - - if [[ $COMP_CWORD -eq 1 ]] ; then - COMPREPLY=( $( compgen -W "$cmds" -- $cur ) ) - return 0 - fi - - # options that require a parameter - # note: continued lines must end '|' continuing lines must start '|' - optsParam="-r|--revision|--parent-dir|--fs-type|-M|--memory-cache-size" - optsParam="$optsParam|-F|--file" - - # if not typing an option, or if the previous option required a - # parameter, then fallback on ordinary filename expansion - helpCmds='help|--help|h|\?' - if [[ ${COMP_WORDS[1]} != @($helpCmds) ]] && \ - [[ "$cur" != -* ]] || \ - [[ ${COMP_WORDS[COMP_CWORD-1]} == @($optsParam) ]] ; then - return 0 - fi - - cmdOpts= - case ${COMP_WORDS[1]} in - create) - cmdOpts="--bdb-txn-nosync --bdb-log-keep --config-dir \ - --fs-type --pre-1.4-compatible --pre-1.5-compatible \ - --pre-1.6-compatible --compatible-version" - ;; - deltify) - cmdOpts="-r --revision -q --quiet" - ;; - dump) - cmdOpts="-r --revision --incremental -q --quiet --deltas \ - -M --memory-cache-size" - ;; - freeze) - cmdOpts="-F --file" - ;; - help|h|\?) - cmdOpts="$cmds" - ;; - hotcopy) - cmdOpts="--clean-logs" - ;; - load) - cmdOpts="--ignore-uuid --force-uuid --parent-dir -q --quiet \ - --use-pre-commit-hook --use-post-commit-hook \ - --bypass-prop-validation -M --memory-cache-size" - ;; - lock|unlock) - cmdOpts="--bypass-hooks" - ;; - recover) - cmdOpts="--wait" - ;; - rmtxns) - cmdOpts="-q --quiet" - ;; - setlog) - cmdOpts="-r --revision --bypass-hooks" - ;; - setrevprop) - cmdOpts="-r --revision --use-pre-revprop-change-hook \ - --use-post-revprop-change-hook" - ;; - verify) - cmdOpts="-r --revision -q --quiet" - ;; - *) - ;; - esac - - cmdOpts="$cmdOpts --help -h" - - # take out options already given - for (( i=2; i<=$COMP_CWORD-1; ++i )) ; do - opt=${COMP_WORDS[$i]} - - case $opt in - --*) optBase=${opt/=*/} ;; - -*) optBase=${opt:0:2} ;; - esac - - cmdOpts=" $cmdOpts " - cmdOpts=${cmdOpts/ ${optBase} / } - - # take out alternatives - case $optBase in - -q) cmdOpts=${cmdOpts/ --quiet / } ;; - --quiet) cmdOpts=${cmdOpts/ -q / } ;; - -h) cmdOpts=${cmdOpts/ --help / } ;; - --help) cmdOpts=${cmdOpts/ -h / } ;; - -r) cmdOpts=${cmdOpts/ --revision / } ;; - --revision) cmdOpts=${cmdOpts/ -r / } ;; - -F) cmdOpts=${cmdOpts/ --file / } ;; - --file) cmdOpts=${cmdOpts/ -F / } ;; - -M) cmdOpts=${cmdOpts/ --memory-cache-size / } ;; - --memory-cache-size) cmdOpts=${cmdOpts/ --M / } ;; - esac - - # skip next option if this one requires a parameter - if [[ $opt == @($optsParam) ]] ; then - ((++i)) - fi - done - - COMPREPLY=( $( compgen -W "$cmdOpts" -- $cur ) ) - - return 0 -} -complete -F _svnadmin -o default svnadmin - -_svndumpfilter () -{ - local cur cmds cmdOpts optsParam opt helpCmds optBase i - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - # Possible expansions, without pure-prefix abbreviations such as "h". - cmds='exclude help include --version' - - if [[ $COMP_CWORD -eq 1 ]] ; then - COMPREPLY=( $( compgen -W "$cmds" -- $cur ) ) - return 0 - fi - - # options that require a parameter - # note: continued lines must end '|' continuing lines must start '|' - optsParam="--targets" - - # if not typing an option, or if the previous option required a - # parameter, then fallback on ordinary filename expansion - helpCmds='help|--help|h|\?' - if [[ ${COMP_WORDS[1]} != @($helpCmds) ]] && \ - [[ "$cur" != -* ]] || \ - [[ ${COMP_WORDS[COMP_CWORD-1]} == @($optsParam) ]] ; then - return 0 - fi - - cmdOpts= - case ${COMP_WORDS[1]} in - exclude|include) - cmdOpts="--drop-empty-revs --renumber-revs - --skip-missing-merge-sources --targets - --preserve-revprops --quiet" - ;; - help|h|\?) - cmdOpts="$cmds" - ;; - *) - ;; - esac - - cmdOpts="$cmdOpts --help -h" - - # take out options already given - for (( i=2; i<=$COMP_CWORD-1; ++i )) ; do - opt=${COMP_WORDS[$i]} - - case $opt in - --*) optBase=${opt/=*/} ;; - -*) optBase=${opt:0:2} ;; - esac - - cmdOpts=" $cmdOpts " - cmdOpts=${cmdOpts/ ${optBase} / } - - # take out alternatives - case $optBase in - -h) cmdOpts=${cmdOpts/ --help / } ;; - --help) cmdOpts=${cmdOpts/ -h / } ;; - esac - - # skip next option if this one requires a parameter - if [[ $opt == @($optsParam) ]] ; then - ((++i)) - fi - done - - COMPREPLY=( $( compgen -W "$cmdOpts" -- $cur ) ) - - return 0 -} -complete -F _svndumpfilter -o default svndumpfilter - -_svnlook () -{ - local cur cmds cmdOpts optsParam opt helpCmds optBase i - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - # Possible expansions, without pure-prefix abbreviations such as "h". - cmds='author cat changed date diff dirs-changed help history info \ - lock log propget proplist tree uuid youngest --version' - - if [[ $COMP_CWORD -eq 1 ]] ; then - COMPREPLY=( $( compgen -W "$cmds" -- $cur ) ) - return 0 - fi - - # options that require a parameter - # note: continued lines must end '|' continuing lines must start '|' - optsParam="-r|--revision|-t|--transaction|-l|--limit|-x|--extensions" - - # if not typing an option, or if the previous option required a - # parameter, then fallback on ordinary filename expansion - helpCmds='help|--help|h|\?' - if [[ ${COMP_WORDS[1]} != @($helpCmds) ]] && \ - [[ "$cur" != -* ]] || \ - [[ ${COMP_WORDS[COMP_CWORD-1]} == @($optsParam) ]] ; then - return 0 - fi - - cmdOpts= - case ${COMP_WORDS[1]} in - author) - cmdOpts="-r --revision -t --transaction" - ;; - cat) - cmdOpts="-r --revision -t --transaction" - ;; - changed) - cmdOpts="-r --revision -t --transaction --copy-info" - ;; - date) - cmdOpts="-r --revision -t --transaction" - ;; - diff) - cmdOpts="-r --revision -t --transaction --diff-copy-from \ - --no-diff-added --no-diff-deleted -x --extensions" - ;; - dirs-changed) - cmdOpts="-r --revision -t --transaction" - ;; - help|h|\?) - cmdOpts="$cmds" - ;; - history) - cmdOpts="-r --revision -l --limit --show-ids" - ;; - info) - cmdOpts="-r --revision -t --transaction" - ;; - lock) - cmdOpts= - ;; - log) - cmdOpts="-r --revision -t --transaction" - ;; - propget|pget|pg) - cmdOpts="-r --revision -t --transaction --revprop" - ;; - proplist|plist|pl) - cmdOpts="-r --revision -t --transaction --revprop -v --verbose --xml" - ;; - tree) - cmdOpts="-r --revision -t --transaction --full-paths -N --non-recursive --show-ids" - ;; - uuid) - cmdOpts= - ;; - youngest) - cmdOpts= - ;; - *) - ;; - esac - - cmdOpts="$cmdOpts --help -h" - - # take out options already given - for (( i=2; i<=$COMP_CWORD-1; ++i )) ; do - opt=${COMP_WORDS[$i]} - - case $opt in - --*) optBase=${opt/=*/} ;; - -*) optBase=${opt:0:2} ;; - esac - - cmdOpts=" $cmdOpts " - cmdOpts=${cmdOpts/ ${optBase} / } - - # take out alternatives - case $optBase in - -N) cmdOpts=${cmdOpts/ --non-recursive / } ;; - --non-recursive) cmdOpts=${cmdOpts/ -N / } ;; - -h) cmdOpts=${cmdOpts/ --help / } ;; - --help) cmdOpts=${cmdOpts/ -h / } ;; - -l) cmdOpts=${cmdOpts/ --limit / } ;; - --limit) cmdOpts=${cmdOpts/ -l / } ;; - -r) cmdOpts=${cmdOpts/ --revision / } ;; - --revision) cmdOpts=${cmdOpts/ -r / } ;; - -t) cmdOpts=${cmdOpts/ --transaction / } ;; - --transaction) cmdOpts=${cmdOpts/ -t / } ;; - -v) cmdOpts=${cmdOpts/ --verbose / } ;; - --verbose) cmdOpts=${cmdOpts/ -v / } ;; - -x) cmdOpts=${cmdOpts/ --extensions / } ;; - --extensions) cmdOpts=${cmdOpts/ -x / } ;; - esac - - # skip next option if this one requires a parameter - if [[ $opt == @($optsParam) ]] ; then - ((++i)) - fi - done - - COMPREPLY=( $( compgen -W "$cmdOpts" -- $cur ) ) - - return 0 -} -complete -F _svnlook -o default svnlook - -_svnsync () -{ - local cur cmds cmdOpts optsParam opt helpCmds optBase i - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - - # Possible expansions, without pure-prefix abbreviations such as "h". - cmds='copy-revprops help info initialize synchronize --version' - - if [[ $COMP_CWORD -eq 1 ]] ; then - COMPREPLY=( $( compgen -W "$cmds" -- $cur ) ) - return 0 - fi - - # options that require a parameter - # note: continued lines must end '|' continuing lines must start '|' - optsParam="--config-dir|--config-option|--source-username|--source-password" - optsParam="$optsParam|--sync-username|--sync-password" - - # if not typing an option, or if the previous option required a - # parameter, then fallback on ordinary filename expansion - helpCmds='help|--help|h|\?' - if [[ ${COMP_WORDS[1]} != @($helpCmds) ]] && \ - [[ "$cur" != -* ]] || \ - [[ ${COMP_WORDS[COMP_CWORD-1]} == @($optsParam) ]] ; then - return 0 - fi - - cmdOpts= - case ${COMP_WORDS[1]} in - copy-revprops|initialize|init|synchronize|sync) - cmdOpts="--non-interactive --no-auth-cache --trust-server-cert \ - --source-username --source-password --sync-username \ - --sync-password --config-dir --config-option -q --quiet" - ;; - help|h|\?) - cmdOpts="$cmds" - ;; - info) - cmdOpts="--non-interactive --no-auth-cache --trust-server-cert \ - --source-username --source-password --sync-username \ - --sync-password --config-dir --config-option" - ;; - *) - ;; - esac - - cmdOpts="$cmdOpts --help -h" - - # take out options already given - for (( i=2; i<=$COMP_CWORD-1; ++i )) ; do - opt=${COMP_WORDS[$i]} - - case $opt in - --*) optBase=${opt/=*/} ;; - -*) optBase=${opt:0:2} ;; - esac - - cmdOpts=" $cmdOpts " - cmdOpts=${cmdOpts/ ${optBase} / } - - # take out alternatives - case $optBase in - -h) cmdOpts=${cmdOpts/ --help / } ;; - --help) cmdOpts=${cmdOpts/ -h / } ;; - -q) cmdOpts=${cmdOpts/ --quiet / } ;; - --quiet) cmdOpts=${cmdOpts/ -q / } ;; - esac - - # skip next option if this one requires a parameter - if [[ $opt == @($optsParam) ]] ; then - ((++i)) - fi - done - - COMPREPLY=( $( compgen -W "$cmdOpts" -- $cur ) ) - - return 0 -} -complete -F _svnsync -o default svnsync - -# reasonable completion for 'svnversion' -_svnversion () -{ - local cmdOpts=" -n --no-newline -c --committed -h --help --version " - local cur=${COMP_WORDS[COMP_CWORD]} - - COMPREPLY=() - - # parse current options - local options= wcpath= trailurl= last='none' stat= opt= i=-1 isCur= - for opt in ${COMP_WORDS[@]} - do - [[ $i -eq $COMP_CWORD ]] && stat=$last - let i++ - - # are we processing the current word? - isCur= - [[ $i -eq $COMP_CWORD ]] && isCur=1 - - # skip first command, should be 'svnversion' - if [ $last = 'none' ] ; then - last='first' - continue - fi - - # get options - if [[ $last != 'arg' && $opt == -* ]] - then - # if '--' is at the current position, it means that we are looking - # for '--*' options, and not the end of option processing. - if [[ $opt = '--' && ! $isCur ]] - then - last='arg' - else - options="$options $opt " - last='opt' - fi - continue - fi - # get arguments - if [[ $opt != -* ]] - then - last='arg' - if [[ ! $wcpath ]] - then - wcpath=$opt - elif [[ ! $trailurl ]] - then - trailurl=$opt - fi - fi - done - [[ $stat ]] || stat=$last - - # argument part - if [[ $cur != -* || $stat = 'arg' ]] - then - [[ $wcpath && $trailurl ]] && COMPREPLY=( '' ) - return 0 - fi - - # suggest options, and take out already given options - for opt in $options - do - # take out options - cmdOpts=${cmdOpts/ $opt / } - - # take out alternatives - case $opt in - -n) cmdOpts=${cmdOpts/ --no-newline / } ;; - --no-newline) cmdOpts=${cmdOpts/ -n / } ;; - -h) cmdOpts=${cmdOpts/ --help / } ;; - --help) cmdOpts=${cmdOpts/ -h / } ;; - -c) cmdOpts=${cmdOpts/ --committed / } ;; - --committed) cmdOpts=${cmdOpts/ -c / } ;; - esac - done - - COMPREPLY=( $( compgen -W "$cmdOpts" -- $cur ) ) - - return 0 -} -# -X option does not seem to work? -complete -F _svnversion -o dirnames -X '*.svn*' svnversion diff --git a/bash_completion.d/whiptail b/bash_completion.d/whiptail deleted file mode 100644 index 6826e56..0000000 --- a/bash_completion.d/whiptail +++ /dev/null @@ -1,6 +0,0 @@ -complete -W "--msgbox --yesno --infobox --inputbox --passwordbox --textbox --menu --checklist \ - --radiochecklist --gauge --clear --defaultno --default-item \ - --fb --nocancel --yes-button --no-button --ok-button \ - --cancel-button -noitem --separate-output --output-fd \ - --title --backtitle -scrolltext --toplefti \ - --help" -f whiptail diff --git a/bind/db.root b/bind/db.root index 6c19741..f0b79d2 100644 --- a/bind/db.root +++ b/bind/db.root @@ -9,30 +9,32 @@ ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; -; last update: Jan 3, 2013 -; related version of root zone: 2013010300 +; last update: February 17, 2016 +; related version of root zone: 2016021701 ; ; formerly NS.INTERNIC.NET ; -. 3600000 IN NS A.ROOT-SERVERS.NET. +. 3600000 NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 -A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 ; ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b ; ; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c ; ; FORMERLY TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 -D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d ; ; FORMERLY NS.NASA.GOV ; @@ -43,7 +45,7 @@ E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 -F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f ; ; FORMERLY NS.NIC.DDN.MIL ; @@ -53,26 +55,26 @@ G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 ; FORMERLY AOS.ARL.ARMY.MIL ; . 3600000 NS H.ROOT-SERVERS.NET. -H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 -H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235 +H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 ; ; FORMERLY NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 -I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 ; ; OPERATED BY VERISIGN, INC. ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 -J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 ; ; OPERATED BY RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 -K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 ; ; OPERATED BY ICANN ; @@ -84,5 +86,5 @@ L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 -M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35 -; End of File +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file diff --git a/bind/named-pri.conf b/bind/named-pri.conf index c6f79ae..d8e43e7 100644 --- a/bind/named-pri.conf +++ b/bind/named-pri.conf @@ -24,6 +24,20 @@ zone "uhu-banane.de" { }; }; +zone "brehm-online.com" { + type master; + file "/etc/bind/zones/brehm-online.com.zone"; + allow-update { none; }; + allow-transfer { + common-allow-transfer; + }; + also-notify { + 195.50.185.7; + 46.189.56.7; + 85.199.64.7; + }; +}; + zone "uhu-banane.eu" { type master; file "/etc/bind/zones/uhu-banane.eu.zone"; @@ -76,20 +90,6 @@ zone "0.0.0.0.7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa" { }; }; -zone "brehm-online.com" { - type master; - file "/etc/bind/zones/brehm-online.com.zone"; - allow-update { none; }; - allow-transfer { - common-allow-transfer; - }; - also-notify { - 195.50.185.7; - 46.189.56.7; - 85.199.64.7; - }; -}; - zone "11.12.10.in-addr.arpa" { type master; file "/etc/bind/zones/rev.10.12.11.zone"; diff --git a/bind/named-sec.conf b/bind/named-sec.conf index c9a8c2a..dc59d73 100644 --- a/bind/named-sec.conf +++ b/bind/named-sec.conf @@ -21,6 +21,17 @@ zone "0.0.0.1.6.0.0.3.1.7.1.0.8.f.4.0.1.0.a.2.ip6.arpa" { }; }; +zone "0.0.0.2.6.0.0.3.1.7.1.0.8.f.4.0.1.0.a.2.ip6.arpa" { + type slave; + file "rev.2a01-4f8-171-3006-2000.zone"; + masters { + 138.201.28.135; + }; + allow-transfer { + common-allow-transfer; + }; +}; + zone "0.29.172.in-addr.arpa" { type slave; file "rev.172.29.0.zone"; @@ -43,6 +54,17 @@ zone "0.31.172.in-addr.arpa" { }; }; +zone "0.32.172.in-addr.arpa" { + type slave; + file "rev.172.32.0.zone"; + masters { + 138.201.28.135; + }; + allow-transfer { + common-allow-transfer; + }; +}; + zone "acwain.com" { type slave; file "acwain.com.zone"; @@ -417,6 +439,28 @@ zone "planetec.de" { }; }; +zone "pontilus.com" { + type slave; + file "pontilus.com.zone"; + masters { + 138.201.28.135; + }; + allow-transfer { + common-allow-transfer; + }; +}; + +zone "pontilus.de" { + type slave; + file "pontilus.de.zone"; + masters { + 138.201.28.135; + }; + allow-transfer { + common-allow-transfer; + }; +}; + zone "saeger.cc" { type slave; file "saeger.cc.zone"; diff --git a/bind/zones/brehm-online.com.zone b/bind/zones/brehm-online.com.zone index 5d1754a..6edb2e7 100644 --- a/bind/zones/brehm-online.com.zone +++ b/bind/zones/brehm-online.com.zone @@ -4,7 +4,7 @@ $TTL 86400 ; 1 day ;$TTL 900 brehm-online.com SOA ns.uhu-banane.de. hostmaster.uhu-banane.de. ( - 2016112000 ; serial + 2017070100 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) @@ -15,7 +15,7 @@ brehm-online.com SOA ns.uhu-banane.de. hostmaster.uhu-banane.de. ( NS ns2.boreus.de. NS ns3.boreus.de. A 185.48.118.128 - AAAA 2001:6f8:1db7::2 +; AAAA 2001:6f8:1db7::2 MX 10 mail.uhu-banane.net. ; for Google Postmaster tools TXT "google-site-verification=RQ0rHiqHL1SeWtYts7eFurSGrodkzRNPQegXqZlfMck" diff --git a/bind/zones/frankepedia.eu.zone b/bind/zones/frankepedia.eu.zone index f6f503c..17902f8 100644 --- a/bind/zones/frankepedia.eu.zone +++ b/bind/zones/frankepedia.eu.zone @@ -2,7 +2,7 @@ $ORIGIN . ;$TTL 86400 ; 1 day $TTL 900 frankepedia.eu IN SOA ns3.uhu-banane.de. hostmaster.uhu-banane.de. ( - 2016072100 ; serial + 2017050400 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) @@ -16,12 +16,13 @@ frankepedia.eu IN SOA ns3.uhu-banane.de. hostmaster.uhu-banane.de. ( MX 10 mail.uhu-banane.net. $ORIGIN frankepedia.eu. -dkim._domainkey 3600 TXT ( +dkim._domainkey 3600 TXT "v=DKIM1; p=" +mail-2017-04-05._domainkey 3600 TXT ( "v=DKIM1; p=" - "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvzNfcyDG3NIYIXRZVUizrJsxR" - "Xb0g+M90EyYkEi4p4JXLrthZlzOLO4wC+urMJRnSUkc2FrKbx4Ii6lHkeDyjdWA0" - "0BDeL4iC8qHT+w8lDBRXWZTy3Ef3/iSFC3JfE19Ef9QTuqua/2V9Nhwe0f+JP1ld" - "SHGp123fDfwE75USMwIDAQAB") + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWFPIGYglWzHGTE9PSLYx7JnrZ" + "AuSw98rV36JS/1WKgIFpTk8XKzN+OAK+yMddwtVm3zDEnY0tbH09jeh6TsR0QOCm" + "oCFwcPpJX+44+pllWlKkt0Ci78EGZ5aWlIcFCCaGgc3byLIsNm8ka7xSCN6jZJ6R" + "0vT05f/4OVUjd/m/wwIDAQAB") git CNAME git.uhu-banane.de. mail CNAME mail.uhu-banane.net. www CNAME www.uhu-banane.de. diff --git a/bind/zones/home.brehm-online.com.zone b/bind/zones/home.brehm-online.com.zone index 63031a7..c121a57 100644 --- a/bind/zones/home.brehm-online.com.zone +++ b/bind/zones/home.brehm-online.com.zone @@ -3,7 +3,7 @@ $TTL 86400 ; 1 day ;$TTL 900 home SOA ns3.uhu-banane.de. hostmaster.brehm-online.com. ( - 2016100502 ; Serial + 2017080300 ; Serial 28800 ; Refresh 14400 ; Retry 604800 ; Expire - 1 week @@ -18,10 +18,15 @@ home SOA ns3.uhu-banane.de. hostmaster.brehm-online.com. ( $ORIGIN home.brehm-online.com. bruni A 10.12.11.2 - AAAA 2a02:8109:9300:488:5604:a6ff:fe38:99f9 + AAAA 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9 +; AAAA 2a02:8109:9300:488:5604:a6ff:fe38:99f9 TXT "Franks Linux-Buechse@home" else A 10.12.11.22 FranksGalaxy A 10.12.11.10 +fritzbox 300 A 91.65.124.33 + 300 AAAA 2a02:8109:8000:5c:31b6:7361:7b89:d14b +fritzbox-intern A 10.12.11.254 + AAAA 2a02:8109:ae3f:fa04:a96:d7ff:fe55:4821 gunner A 10.12.11.9 gw A 10.12.11.1 TXT "Der Buffalo-Router" @@ -42,7 +47,8 @@ lena A 10.12.11.28 karla A 10.12.11.29 AAAA 2a02:8109:ae3f:fa04:5054:ff:fe87:da41 ; AAAA 2001:6f8:1db7::29 - TXT "Wheezy-VM auf Bruni" + TXT "Debian stable VM auf Bruni" +mail CNAME bruni olga A 10.12.11.3 A 10.12.11.4 AAAA 2a02:8109:9300:488:4a5b:39ff:fe9b:d309 @@ -60,6 +66,8 @@ olga-wifi A 10.12.11.4 ;PatricksWildfire A 10.12.11.11 ps-kyocera A 10.12.11.32 TXT "Der Printserver fuer den Kyocera-Drucker" +vera A 10.12.11.25 + TXT "Debian unstable VM auf Bruni" xanthippe A 10.12.11.33 AAAA 2001:6f8:1db7:0:f66d:4ff:fe2f:621b TXT "Heikos neue Spiele-Buechse" diff --git a/bind/zones/rev.10.12.11.zone b/bind/zones/rev.10.12.11.zone index e41c0df..3b6173d 100644 --- a/bind/zones/rev.10.12.11.zone +++ b/bind/zones/rev.10.12.11.zone @@ -3,7 +3,7 @@ $ORIGIN 12.10.in-addr.arpa. $TTL 7200 11 SOA ns3.uhu-banane.de. hostmaster.brehm-online.com. ( - 2016031300 ; serial + 2017070400 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) @@ -43,7 +43,7 @@ $ORIGIN 11.12.10.in-addr.arpa. 22 PTR else.home.brehm-online.com. ;23 PTR g.home.brehm-online.com. ;24 PTR g.home.brehm-online.com. -;25 PTR g.home.brehm-online.com. +25 PTR vera.home.brehm-online.com. ;26 PTR g.home.brehm-online.com. ;27 PTR g.home.brehm-online.com. 28 PTR lena.home.brehm-online.com. diff --git a/bind/zones/rev.2001-6f8-1db7-0.zone b/bind/zones/rev.2001-6f8-1db7-0.zone index ad2606e..2a5c924 100644 --- a/bind/zones/rev.2001-6f8-1db7-0.zone +++ b/bind/zones/rev.2001-6f8-1db7-0.zone @@ -2,7 +2,7 @@ $ORIGIN 0.0.0.7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa. $TTL 7200 0 SOA ns3.uhu-banane.de. hostmaster.brehm-online.com. ( - 2016072000 ; serial + 2017070100 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) @@ -19,10 +19,10 @@ $ORIGIN 0.0.0.0.7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa. ;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR bruni.home.brehm-online.com. ; 2001:6f8:1db7::2 -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR ns1.uhu-banane.de. +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR ns1-v6.uhu-banane.de. ; 2001:6f8:1db7::5 -5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR sarah.uhu-banane.de. +5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR sarah-v6.uhu-banane.de. ; 2001:6f8:1db7::28 ;8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR lena.home.brehm-online.com. diff --git a/bind/zones/uhu-banane.de.zone b/bind/zones/uhu-banane.de.zone index be90616..c109ce4 100644 --- a/bind/zones/uhu-banane.de.zone +++ b/bind/zones/uhu-banane.de.zone @@ -2,7 +2,7 @@ $ORIGIN . $TTL 86400 ; 1 day ;$TTL 900 uhu-banane.de SOA ns.uhu-banane.de. hostmaster.uhu-banane.de. ( - 2016112000 ; serial + 2017070100 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) @@ -13,7 +13,7 @@ uhu-banane.de SOA ns.uhu-banane.de. hostmaster.uhu-banane.de. ( NS ns2.boreus.de. NS ns3.boreus.de. A 185.48.118.128 - AAAA 2001:6f8:1db7::2 +; AAAA 2001:6f8:1db7::2 MX 10 mail.uhu-banane.net. ; for Google Postmaster tools TXT "google-site-verification=atrQiTw6OVfLu9GBiA3b8pxfv0r6wyBeBrau86gb4Lg" @@ -52,20 +52,26 @@ mx CNAME mail.uhu-banane.net. ns A 185.102.95.107 AAAA 2a06:2380:0:1::3a ns1 A 185.48.118.128 - AAAA 2001:6f8:1db7::2 +; AAAA 2001:6f8:1db7::2 ns1-local A 10.12.20.2 +ns1-v4 A 185.48.118.128 +ns1-v6 AAAA 2001:6f8:1db7::2 ns2 A 162.254.24.33 ; AAAA 2a01:238:4225:6e00:8f8c:808a:7fb8:88df ns3 A 185.102.95.107 AAAA 2a06:2380:0:1::3a +ns3-v4 A 185.102.95.107 +ns3-v6 AAAA 2a06:2380:0:1::3a online CNAME uhu-banane.de. repo CNAME ns1 repo1 CNAME ns1 repo2 CNAME ns2 -salt CNAME ns3 -salt-master CNAME ns3 +salt CNAME ns3-v4 +salt-master CNAME ns3-v4 sarah A 185.48.118.130 - AAAA 2001:6f8:1db7::5 +; AAAA 2001:6f8:1db7::5 +sarah-v4 A 185.48.118.130 +sarah-v6 AAAA 2001:6f8:1db7::5 sarah-local A 10.12.20.5 ;uhu1 A 46.16.73.175 ; AAAA 2001:4dd0:ff00:cd3::2 diff --git a/bind/zones/uhu-banane.net.zone b/bind/zones/uhu-banane.net.zone index 9b2746b..9cd682d 100644 --- a/bind/zones/uhu-banane.net.zone +++ b/bind/zones/uhu-banane.net.zone @@ -2,7 +2,7 @@ $ORIGIN . ;$TTL 86400 ; 1 day $TTL 900 uhu-banane.net IN SOA ns3.uhu-banane.de. hostmaster.uhu-banane.de. ( - 2016102600 ; serial + 2017040500 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) diff --git a/bind/zones/uhu-banane.org.zone b/bind/zones/uhu-banane.org.zone index 73d0fa2..1e36d0a 100644 --- a/bind/zones/uhu-banane.org.zone +++ b/bind/zones/uhu-banane.org.zone @@ -2,7 +2,7 @@ $ORIGIN . ;$TTL 86400 ; 1 day $TTL 900 uhu-banane.org IN SOA ns3.uhu-banane.de. hostmaster.uhu-banane.de. ( - 2016102600 ; serial + 2017022100 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) @@ -34,4 +34,5 @@ repo CNAME ns1.uhu-banane.de. repo1 CNAME ns1.uhu-banane.de. repo2 CNAME ns2.uhu-banane.de. sarah CNAME sarah.uhu-banane.de. +test-0000 TXT "Test TXT record" www CNAME www.uhu-banane.de. diff --git a/ca-certificates.conf b/ca-certificates.conf index 8bad138..358bc59 100644 --- a/ca-certificates.conf +++ b/ca-certificates.conf @@ -32,7 +32,7 @@ mozilla/Buypass_Class_2_CA_1.crt mozilla/Buypass_Class_2_Root_CA.crt !mozilla/Buypass_Class_3_CA_1.crt mozilla/Buypass_Class_3_Root_CA.crt -mozilla/CA_Disig.crt +!mozilla/CA_Disig.crt mozilla/CA_Disig_Root_R1.crt mozilla/CA_Disig_Root_R2.crt mozilla/Camerfirma_Chambers_of_Commerce_Root.crt @@ -102,10 +102,10 @@ mozilla/Juur-SK.crt mozilla/Microsec_e-Szigno_Root_CA_2009.crt mozilla/Microsec_e-Szigno_Root_CA.crt mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt -mozilla/NetLock_Business_=Class_B=_Root.crt -mozilla/NetLock_Express_=Class_C=_Root.crt -mozilla/NetLock_Notary_=Class_A=_Root.crt -mozilla/NetLock_Qualified_=Class_QA=_Root.crt +!mozilla/NetLock_Business_=Class_B=_Root.crt +!mozilla/NetLock_Express_=Class_C=_Root.crt +!mozilla/NetLock_Notary_=Class_A=_Root.crt +!mozilla/NetLock_Qualified_=Class_QA=_Root.crt mozilla/Network_Solutions_Certificate_Authority.crt mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt mozilla/PSCProcert.crt @@ -124,16 +124,16 @@ mozilla/Security_Communication_EV_RootCA1.crt mozilla/Security_Communication_RootCA2.crt mozilla/Security_Communication_Root_CA.crt !mozilla/SG_TRUST_SERVICES_RACINE.crt -mozilla/Sonera_Class_1_Root_CA.crt +!mozilla/Sonera_Class_1_Root_CA.crt mozilla/Sonera_Class_2_Root_CA.crt -mozilla/Staat_der_Nederlanden_Root_CA.crt +!mozilla/Staat_der_Nederlanden_Root_CA.crt mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt mozilla/Starfield_Class_2_CA.crt mozilla/Starfield_Root_Certificate_Authority_-_G2.crt mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt -mozilla/StartCom_Certification_Authority_2.crt -mozilla/StartCom_Certification_Authority.crt -mozilla/StartCom_Certification_Authority_G2.crt +!mozilla/StartCom_Certification_Authority_2.crt +!mozilla/StartCom_Certification_Authority.crt +!mozilla/StartCom_Certification_Authority_G2.crt mozilla/S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt mozilla/Swisscom_Root_CA_1.crt mozilla/Swisscom_Root_CA_2.crt @@ -164,13 +164,13 @@ mozilla/TWCA_Root_Certification_Authority.crt mozilla/UTN_USERFirst_Email_Root_CA.crt mozilla/UTN_USERFirst_Hardware_Root_CA.crt mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt -mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt +!mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt -mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt +!mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt -mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt +!mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt @@ -178,12 +178,12 @@ mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt mozilla/VeriSign_Universal_Root_Certification_Authority.crt mozilla/Visa_eCommerce_Root.crt mozilla/WellsSecure_Public_Root_Certificate_Authority.crt -mozilla/WoSign_China.crt -mozilla/WoSign.crt +!mozilla/WoSign_China.crt +!mozilla/WoSign.crt mozilla/XRamp_Global_CA_Root.crt -spi-inc.org/spi-cacert-2008.crt -mozilla/CA_WoSign_ECC_Root.crt -mozilla/Certification_Authority_of_WoSign_G2.crt +!spi-inc.org/spi-cacert-2008.crt +!mozilla/CA_WoSign_ECC_Root.crt +!mozilla/Certification_Authority_of_WoSign_G2.crt mozilla/Certinomis_-_Root_CA.crt mozilla/CFCA_EV_ROOT.crt mozilla/COMODO_RSA_Certification_Authority.crt @@ -201,3 +201,13 @@ mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.crt mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.crt mozilla/USERTrust_ECC_Certification_Authority.crt mozilla/USERTrust_RSA_Certification_Authority.crt +mozilla/Certplus_Root_CA_G1.crt +mozilla/Certplus_Root_CA_G2.crt +mozilla/Certum_Trusted_Network_CA_2.crt +mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt +mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt +mozilla/ISRG_Root_X1.crt +mozilla/OpenTrust_Root_CA_G1.crt +mozilla/OpenTrust_Root_CA_G2.crt +mozilla/OpenTrust_Root_CA_G3.crt +mozilla/SZAFIR_ROOT_CA2.crt diff --git a/ca-certificates.conf.dpkg-old b/ca-certificates.conf.dpkg-old index 9e08541..ef16bf1 100644 --- a/ca-certificates.conf.dpkg-old +++ b/ca-certificates.conf.dpkg-old @@ -21,18 +21,18 @@ mozilla/AffirmTrust_Commercial.crt mozilla/AffirmTrust_Networking.crt mozilla/AffirmTrust_Premium.crt mozilla/AffirmTrust_Premium_ECC.crt -mozilla/America_Online_Root_Certification_Authority_1.crt -mozilla/America_Online_Root_Certification_Authority_2.crt +!mozilla/America_Online_Root_Certification_Authority_1.crt +!mozilla/America_Online_Root_Certification_Authority_2.crt mozilla/ApplicationCA_-_Japanese_Government.crt mozilla/Atos_TrustedRoot_2011.crt -mozilla/A-Trust-nQual-03.crt +!mozilla/A-Trust-nQual-03.crt mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt mozilla/Baltimore_CyberTrust_Root.crt mozilla/Buypass_Class_2_CA_1.crt mozilla/Buypass_Class_2_Root_CA.crt -mozilla/Buypass_Class_3_CA_1.crt +!mozilla/Buypass_Class_3_CA_1.crt mozilla/Buypass_Class_3_Root_CA.crt -mozilla/CA_Disig.crt +!mozilla/CA_Disig.crt mozilla/CA_Disig_Root_R1.crt mozilla/CA_Disig_Root_R2.crt mozilla/Camerfirma_Chambers_of_Commerce_Root.crt @@ -52,7 +52,7 @@ mozilla/COMODO_ECC_Certification_Authority.crt mozilla/Comodo_Secure_Services_root.crt mozilla/Comodo_Trusted_Services_root.crt mozilla/ComSign_CA.crt -mozilla/ComSign_Secured_CA.crt +!mozilla/ComSign_Secured_CA.crt mozilla/Cybertrust_Global_Root.crt mozilla/Deutsche_Telekom_Root_CA_2.crt mozilla/DigiCert_Assured_ID_Root_CA.crt @@ -63,8 +63,8 @@ mozilla/DigiCert_Global_Root_G2.crt mozilla/DigiCert_Global_Root_G3.crt mozilla/DigiCert_High_Assurance_EV_Root_CA.crt mozilla/DigiCert_Trusted_Root_G4.crt -mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt -mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt +!mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt +!mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt mozilla/DST_ACES_CA_X6.crt mozilla/DST_Root_CA_X3.crt mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt @@ -72,7 +72,7 @@ mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt mozilla/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt mozilla/EC-ACC.crt mozilla/EE_Certification_Centre_Root_CA.crt -mozilla/E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.crt +!mozilla/E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.crt mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt mozilla/Entrust_Root_Certification_Authority.crt mozilla/ePKI_Root_Certification_Authority.crt @@ -93,7 +93,7 @@ mozilla/GlobalSign_Root_CA_-_R2.crt mozilla/GlobalSign_Root_CA_-_R3.crt mozilla/Go_Daddy_Class_2_CA.crt mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt -mozilla/GTE_CyberTrust_Global_Root.crt +!mozilla/GTE_CyberTrust_Global_Root.crt mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt mozilla/Hongkong_Post_Root_CA_1.crt mozilla/IGC_A.crt @@ -102,10 +102,10 @@ mozilla/Juur-SK.crt mozilla/Microsec_e-Szigno_Root_CA_2009.crt mozilla/Microsec_e-Szigno_Root_CA.crt mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt -mozilla/NetLock_Business_=Class_B=_Root.crt -mozilla/NetLock_Express_=Class_C=_Root.crt -mozilla/NetLock_Notary_=Class_A=_Root.crt -mozilla/NetLock_Qualified_=Class_QA=_Root.crt +!mozilla/NetLock_Business_=Class_B=_Root.crt +!mozilla/NetLock_Express_=Class_C=_Root.crt +!mozilla/NetLock_Notary_=Class_A=_Root.crt +!mozilla/NetLock_Qualified_=Class_QA=_Root.crt mozilla/Network_Solutions_Certificate_Authority.crt mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt mozilla/PSCProcert.crt @@ -123,10 +123,10 @@ mozilla/SecureTrust_CA.crt mozilla/Security_Communication_EV_RootCA1.crt mozilla/Security_Communication_RootCA2.crt mozilla/Security_Communication_Root_CA.crt -mozilla/SG_TRUST_SERVICES_RACINE.crt -mozilla/Sonera_Class_1_Root_CA.crt +!mozilla/SG_TRUST_SERVICES_RACINE.crt +!mozilla/Sonera_Class_1_Root_CA.crt mozilla/Sonera_Class_2_Root_CA.crt -mozilla/Staat_der_Nederlanden_Root_CA.crt +!mozilla/Staat_der_Nederlanden_Root_CA.crt mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt mozilla/Starfield_Class_2_CA.crt mozilla/Starfield_Root_Certificate_Authority_-_G2.crt @@ -142,39 +142,39 @@ mozilla/SwissSign_Gold_CA_-_G2.crt mozilla/SwissSign_Platinum_CA_-_G2.crt mozilla/SwissSign_Silver_CA_-_G2.crt mozilla/Taiwan_GRCA.crt -mozilla/TC_TrustCenter_Class_2_CA_II.crt +!mozilla/TC_TrustCenter_Class_2_CA_II.crt mozilla/TC_TrustCenter_Class_3_CA_II.crt -mozilla/TC_TrustCenter_Universal_CA_I.crt +!mozilla/TC_TrustCenter_Universal_CA_I.crt mozilla/TeliaSonera_Root_CA_v1.crt -mozilla/Thawte_Premium_Server_CA.crt +!mozilla/Thawte_Premium_Server_CA.crt mozilla/thawte_Primary_Root_CA.crt mozilla/thawte_Primary_Root_CA_-_G2.crt mozilla/thawte_Primary_Root_CA_-_G3.crt -mozilla/Thawte_Server_CA.crt +!mozilla/Thawte_Server_CA.crt mozilla/Trustis_FPS_Root_CA.crt mozilla/T-TeleSec_GlobalRoot_Class_2.crt mozilla/T-TeleSec_GlobalRoot_Class_3.crt mozilla/TÜBÄ°TAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt -mozilla/TURKTRUST_Certificate_Services_Provider_Root_1.crt +!mozilla/TURKTRUST_Certificate_Services_Provider_Root_1.crt mozilla/TURKTRUST_Certificate_Services_Provider_Root_2007.crt -mozilla/TURKTRUST_Certificate_Services_Provider_Root_2.crt +!mozilla/TURKTRUST_Certificate_Services_Provider_Root_2.crt mozilla/TWCA_Global_Root_CA.crt mozilla/TWCA_Root_Certification_Authority.crt -mozilla/UTN_DATACorp_SGC_Root_CA.crt +!mozilla/UTN_DATACorp_SGC_Root_CA.crt mozilla/UTN_USERFirst_Email_Root_CA.crt mozilla/UTN_USERFirst_Hardware_Root_CA.crt mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt -mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt +!mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt -mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt +!mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt -mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt +!mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt -mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.crt +!mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.crt mozilla/VeriSign_Universal_Root_Certification_Authority.crt mozilla/Visa_eCommerce_Root.crt mozilla/WellsSecure_Public_Root_Certificate_Authority.crt @@ -182,3 +182,32 @@ mozilla/WoSign_China.crt mozilla/WoSign.crt mozilla/XRamp_Global_CA_Root.crt spi-inc.org/spi-cacert-2008.crt +mozilla/CA_WoSign_ECC_Root.crt +mozilla/Certification_Authority_of_WoSign_G2.crt +mozilla/Certinomis_-_Root_CA.crt +mozilla/CFCA_EV_ROOT.crt +mozilla/COMODO_RSA_Certification_Authority.crt +mozilla/Entrust_Root_Certification_Authority_-_EC1.crt +mozilla/Entrust_Root_Certification_Authority_-_G2.crt +mozilla/GlobalSign_ECC_Root_CA_-_R4.crt +mozilla/GlobalSign_ECC_Root_CA_-_R5.crt +mozilla/IdenTrust_Commercial_Root_CA_1.crt +mozilla/IdenTrust_Public_Sector_Root_CA_1.crt +mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt +mozilla/Staat_der_Nederlanden_EV_Root_CA.crt +mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt +mozilla/S-TRUST_Universal_Root_CA.crt +mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.crt +mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.crt +mozilla/USERTrust_ECC_Certification_Authority.crt +mozilla/USERTrust_RSA_Certification_Authority.crt +mozilla/Certplus_Root_CA_G1.crt +mozilla/Certplus_Root_CA_G2.crt +mozilla/Certum_Trusted_Network_CA_2.crt +mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt +mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt +mozilla/ISRG_Root_X1.crt +mozilla/OpenTrust_Root_CA_G1.crt +mozilla/OpenTrust_Root_CA_G2.crt +mozilla/OpenTrust_Root_CA_G3.crt +mozilla/SZAFIR_ROOT_CA2.crt diff --git a/chrony/chrony.conf.ucf-dist b/chrony/chrony.conf.ucf-dist new file mode 100644 index 0000000..c9ffc4b --- /dev/null +++ b/chrony/chrony.conf.ucf-dist @@ -0,0 +1,32 @@ +# Welcome to the chrony configuration file. See chrony.conf(5) for more +# information about usuable directives. +pool 2.debian.pool.ntp.org iburst + +# This directive specify the location of the file containing ID/key pairs for +# NTP authentication. +keyfile /etc/chrony/chrony.keys + +# This directive specify the file into which chronyd will store the rate +# information. +driftfile /var/lib/chrony/chrony.drift + +# Uncomment the following line to turn logging on. +#log tracking measurements statistics + +# Log files location. +logdir /var/log/chrony + +# Stop bad estimates upsetting machine clock. +maxupdateskew 100.0 + +# This directive tells 'chronyd' to parse the 'adjtime' file to find out if the +# real-time clock keeps local time or UTC. It overrides the 'rtconutc' directive. +hwclockfile /etc/adjtime + +# This directive enables kernel synchronisation (every 11 minutes) of the +# real-time clock. Note that it can’t be used along with the 'rtcfile' directive. +rtcsync + +# Step the system clock instead of slewing it if the adjustment is larger than +# one second, but only in the first three clock updates. +makestep 1 3 diff --git a/chrony/chrony.keys b/chrony/chrony.keys index 1792d4e..cee70b3 100644 --- a/chrony/chrony.keys +++ b/chrony/chrony.keys @@ -1 +1,10 @@ -1 UpV4JSTs +# This file is solely used for NTP authentication with symmetric keys +# as defined by RFC 1305 and RFC 5905. +# +# It can contain ID/key pairs which can be generated using the “keygen” option +# from “chronyc”; for example: +# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys +# would generate a 256-bit SHA-256 key using ID 1. +# +# A list of supported hash functions and output encoding can be found in +# the "keyfile" section from the "/usr/share/doc/chrony/chrony.txt.gz" file. diff --git a/colordiffrc b/colordiffrc index 4bcb02d..1ac1a17 100644 --- a/colordiffrc +++ b/colordiffrc @@ -23,7 +23,7 @@ diff_cmd=diff # this, use the default output colour" # plain=off -newtext=blue -oldtext=red -diffstuff=magenta -cvsstuff=green +newtext=darkgreen +oldtext=darkred +diffstuff=darkcyan +cvsstuff=cyan diff --git a/console-setup/cached_UTF-8_del.kmap.gz b/console-setup/cached_UTF-8_del.kmap.gz index 485f86fe872414d967cf35c6a607bda373959ecb..631a40afa55ad29406bc29ecdc20f9bced599f5f 100644 GIT binary patch delta 17 VcmZorYEa^k@8)0tfsGtL1OOop1Hb?P delta 17 YcmZorYEa^k@8)2Tky#kJk>iH|04N~@?f?J) diff --git a/console-setup/cached_setup_font.sh b/console-setup/cached_setup_font.sh new file mode 100755 index 0000000..3939676 --- /dev/null +++ b/console-setup/cached_setup_font.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +setfont '/etc/console-setup/cached_Lat15-Fixed16.psf.gz' + +if ls /dev/fb* >/dev/null 2>/dev/null; then + for i in /dev/vcs[0-9]*; do + { : + setfont '/etc/console-setup/cached_Lat15-Fixed16.psf.gz' + } < /dev/tty${i#/dev/vcs} > /dev/tty${i#/dev/vcs} + done +fi + +mkdir -p /run/console-setup +> /run/console-setup/font-loaded +for i in /dev/vcs[0-9]*; do + { : +printf '\033%%G' + } < /dev/tty${i#/dev/vcs} > /dev/tty${i#/dev/vcs} +done diff --git a/console-setup/cached_setup_keyboard.sh b/console-setup/cached_setup_keyboard.sh new file mode 100755 index 0000000..30b46c1 --- /dev/null +++ b/console-setup/cached_setup_keyboard.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +if [ -f /run/console-setup/keymap_loaded ]; then + rm /run/console-setup/keymap_loaded + exit 0 +fi +kbd_mode '-u' < '/dev/tty1' +kbd_mode '-u' < '/dev/tty2' +kbd_mode '-u' < '/dev/tty3' +kbd_mode '-u' < '/dev/tty4' +kbd_mode '-u' < '/dev/tty5' +kbd_mode '-u' < '/dev/tty6' +loadkeys '/etc/console-setup/cached_UTF-8_del.kmap.gz' > '/dev/null' diff --git a/console-setup/cached_setup_terminal.sh b/console-setup/cached_setup_terminal.sh new file mode 100755 index 0000000..494e363 --- /dev/null +++ b/console-setup/cached_setup_terminal.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +{ : +printf '\033%%G' +} < /dev/tty${1#vcs} > /dev/tty${1#vcs} diff --git a/console-setup/compose.ISO-8859-1.inc b/console-setup/compose.ISO-8859-1.inc index c568ba8..a285ddf 100644 --- a/console-setup/compose.ISO-8859-1.inc +++ b/console-setup/compose.ISO-8859-1.inc @@ -56,13 +56,8 @@ compose '/' '^' to '|' compose '/' 'c' to '¢' compose '/' 'o' to 'ø' compose '/' 'u' to 'µ' -compose '0' 'c' to '©' -compose '0' 's' to '§' -compose '0' 'x' to '¤' compose '1' '2' to '½' compose '1' '4' to '¼' -compose '1' 's' to '¹' -compose '2' 's' to '²' compose '3' '4' to '¾' compose ':' '-' to '÷' compose '<' '/' to '\\' @@ -135,21 +130,21 @@ compose '`' 'u' to ' compose 'a' 'e' to 'æ' compose 'a' 'o' to 'å' compose 'a' 't' to '@' -compose 'b' 'v' to '¦' compose 'c' '0' to '©' compose 'c' 'o' to '©' -compose 'l' 'v' to '|' compose 'o' 'c' to '©' -compose 'o' 'r' to '®' -compose 'o' 's' to '§' compose 'o' 'x' to '¤' +compose 'r' 'o' to '®' compose 's' '0' to '§' +compose 's' '1' to '¹' compose 's' '2' to '²' compose 's' '3' to '³' compose 's' 'o' to '§' compose 't' 'h' to 'þ' compose 'v' 'b' to '¦' +compose 'v' 'l' to '|' compose 'x' '0' to '¤' +compose 'x' 'o' to '¤' compose '|' 'c' to '¢' compose '|' '|' to '¦' compose '~' 'A' to 'Ã' @@ -158,16 +153,3 @@ compose '~' 'O' to ' compose '~' 'a' to 'ã' compose '~' 'n' to 'ñ' compose '~' 'o' to 'õ' -compose '¨' 'A' to 'Ä' -compose '¨' 'E' to 'Ë' -compose '¨' 'I' to 'Ï' -compose '¨' 'O' to 'Ö' -compose '¨' 'U' to 'Ü' -compose '¨' 'a' to 'ä' -compose '¨' 'e' to 'ë' -compose '¨' 'i' to 'ï' -compose '¨' 'o' to 'ö' -compose '¨' 'u' to 'ü' -compose '¨' 'y' to 'ÿ' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' diff --git a/console-setup/compose.ISO-8859-13.inc b/console-setup/compose.ISO-8859-13.inc index a867a9e..5b45a26 100644 --- a/console-setup/compose.ISO-8859-13.inc +++ b/console-setup/compose.ISO-8859-13.inc @@ -76,12 +76,8 @@ compose '/' 'c' to ' compose '/' 'l' to 'ù' compose '/' 'o' to '¸' compose '/' 'u' to 'µ' -compose '0' 'c' to '©' -compose '0' 's' to '§' -compose '0' 'x' to '¤' compose '1' '2' to '½' compose '1' '4' to '¼' -compose '2' 's' to '²' compose '3' '4' to '¾' compose ':' '-' to '÷' compose ';' 'A' to 'À' @@ -145,25 +141,21 @@ compose '_' 'u' to ' compose 'a' 'e' to '¿' compose 'a' 'o' to 'å' compose 'a' 't' to '@' -compose 'b' 'v' to '¦' +compose 'c' '0' to '©' compose 'c' 'o' to '©' compose 'm' 'u' to 'µ' compose 'o' 'c' to '©' -compose 'o' 'r' to '®' -compose 'o' 's' to '§' +compose 'o' 'x' to '¤' +compose 'r' 'o' to '®' compose 's' '0' to '§' compose 's' '1' to '¹' compose 's' '2' to '²' compose 's' '3' to '³' +compose 's' 'o' to '§' +compose 'v' 'b' to '¦' compose 'x' '0' to '¤' compose 'x' 'o' to '¤' compose '|' 'c' to '¢' compose '|' '|' to '¦' compose '~' 'O' to 'Õ' compose '~' 'o' to 'õ' -compose '°' 'A' to 'Å' -compose '°' 'E' to 'Ë' -compose '°' 'Z' to 'Ý' -compose '°' 'a' to 'å' -compose '°' 'e' to 'ë' -compose '°' 'z' to 'ý' diff --git a/console-setup/compose.ISO-8859-14.inc b/console-setup/compose.ISO-8859-14.inc index 21f29ee..e2835df 100644 --- a/console-setup/compose.ISO-8859-14.inc +++ b/console-setup/compose.ISO-8859-14.inc @@ -56,9 +56,6 @@ compose '/' '<' to '\\' compose '/' 'O' to 'Ø' compose '/' '^' to '|' compose '/' 'o' to 'ø' -compose '0' 'c' to '©' -compose '0' 'r' to '®' -compose '0' 's' to '§' compose '<' '/' to '\\' compose '=' 'l' to '£' compose '>' 'A' to 'Â' @@ -117,14 +114,14 @@ compose '`' 'w' to ' compose '`' 'y' to '¼' compose 'a' 'e' to 'æ' compose 'a' 't' to '@' +compose 'c' '0' to '©' compose 'c' 'o' to '©' -compose 'l' 'v' to '|' compose 'o' 'c' to '©' -compose 'o' 'r' to '®' -compose 'o' 's' to '§' compose 'r' '0' to '®' +compose 'r' 'o' to '®' compose 's' '0' to '§' compose 's' 'o' to '§' +compose 'v' 'l' to '|' compose '~' 'A' to 'Ã' compose '~' 'N' to 'Ñ' compose '~' 'O' to 'Õ' diff --git a/console-setup/compose.ISO-8859-15.inc b/console-setup/compose.ISO-8859-15.inc index 63c89db..79c92ed 100644 --- a/console-setup/compose.ISO-8859-15.inc +++ b/console-setup/compose.ISO-8859-15.inc @@ -55,9 +55,6 @@ compose '/' '^' to '|' compose '/' 'c' to '¢' compose '/' 'o' to 'ø' compose '/' 'u' to 'µ' -compose '0' 'c' to '©' -compose '0' 's' to '§' -compose '1' 's' to '¹' compose ':' '-' to '÷' compose '<' '/' to '\\' compose '<' '<' to '«' @@ -139,8 +136,7 @@ compose 'c' 'o' to ' compose 'e' '=' to '¤' compose 'o' 'c' to '©' compose 'o' 'e' to '½' -compose 'o' 'r' to '®' -compose 'o' 's' to '§' +compose 'r' 'o' to '®' compose 's' '0' to '§' compose 's' '1' to '¹' compose 's' '2' to '²' @@ -155,5 +151,3 @@ compose '~' 'O' to ' compose '~' 'a' to 'ã' compose '~' 'n' to 'ñ' compose '~' 'o' to 'õ' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' diff --git a/console-setup/compose.ISO-8859-2.inc b/console-setup/compose.ISO-8859-2.inc index 40734c3..6692ee3 100644 --- a/console-setup/compose.ISO-8859-2.inc +++ b/console-setup/compose.ISO-8859-2.inc @@ -46,13 +46,9 @@ compose '.' 'e' to ' compose '.' 'i' to '¹' compose '.' 'u' to 'ù' compose '.' 'z' to '¿' -compose '.' ' ' to 'ÿ' -compose '.' 'ÿ' to 'ÿ' compose '/' '/' to '\\' compose '/' '<' to '\\' compose '/' '^' to '|' -compose '0' 's' to '§' -compose '0' 'x' to '¤' compose ':' '-' to '÷' compose '<' '/' to '\\' compose '<' '<' to '·' @@ -116,7 +112,6 @@ compose '^' 'O' to ' compose '^' 'a' to 'â' compose '^' 'i' to 'î' compose '^' 'o' to 'ô' -compose '_' ' ' to '¯' compose 'a' 'U' to 'ã' compose 'l' '-' to '³' compose 'o' 'e' to '½' @@ -127,39 +122,3 @@ compose 'v' 'l' to '|' compose 'x' '0' to '¤' compose 'x' 'o' to '¤' compose 'z' '.' to '¿' -compose '¢' 'A' to 'Ã' -compose '¢' 'a' to 'ã' -compose '°' 'A' to 'Å' -compose '°' 'U' to 'Ù' -compose '°' 'a' to 'å' -compose '°' 'u' to 'ù' -compose '°' ' ' to '°' -compose '°' '°' to '°' -compose '²' 'A' to '¡' -compose '²' 'E' to 'Ê' -compose '²' 'a' to '±' -compose '²' 'e' to 'ê' -compose '·' 'C' to 'È' -compose '·' 'D' to 'Ï' -compose '·' 'E' to 'Ì' -compose '·' 'L' to '¥' -compose '·' 'N' to 'Ò' -compose '·' 'R' to 'Ø' -compose '·' 'S' to '©' -compose '·' 'T' to '«' -compose '·' 'Z' to '®' -compose '·' 'c' to 'è' -compose '·' 'd' to 'ï' -compose '·' 'e' to 'ì' -compose '·' 'l' to 'µ' -compose '·' 'n' to 'ò' -compose '·' 'r' to 'ø' -compose '·' 's' to '¹' -compose '·' 't' to '»' -compose '·' 'z' to '¾' -compose '¸' 'C' to 'Ç' -compose '¸' 'S' to 'ª' -compose '¸' 'T' to 'Þ' -compose '¸' 'c' to 'ç' -compose '¸' 's' to 'º' -compose '¸' 't' to 'þ' diff --git a/console-setup/compose.ISO-8859-3.inc b/console-setup/compose.ISO-8859-3.inc index 5e0daef..7e50b6c 100644 --- a/console-setup/compose.ISO-8859-3.inc +++ b/console-setup/compose.ISO-8859-3.inc @@ -57,9 +57,6 @@ compose '/' '/' to '\\' compose '/' '<' to '\\' compose '/' '^' to '|' compose '/' 'u' to 'µ' -compose '0' 's' to '§' -compose '2' 's' to '²' -compose '3' 's' to '³' compose ':' '-' to '÷' compose '<' '/' to '\\' compose '=' 'c' to '¤' @@ -136,8 +133,10 @@ compose '`' 'i' to ' compose '`' 'o' to 'ò' compose '`' 'u' to 'ù' compose 'g' 'U' to '»' -compose 'o' 'r' to '®' +compose 'r' 'o' to '®' compose 's' '0' to '§' +compose 's' '2' to '²' +compose 's' '3' to '³' compose 's' 'o' to '§' compose 'u' 'u' to 'ý' compose 'v' 'l' to '|' @@ -145,23 +144,3 @@ compose '~' 'A' to ' compose '~' 'O' to 'Õ' compose '~' 'a' to 'ã' compose '~' 'o' to 'õ' -compose '¢' 'G' to '«' -compose '¢' 'U' to 'Ý' -compose '¢' 'g' to '»' -compose '¢' 'u' to 'ý' -compose '¨' 'A' to 'Ä' -compose '¨' 'E' to 'Ë' -compose '¨' 'I' to 'Ï' -compose '¨' 'O' to 'Ö' -compose '¨' 'U' to 'Ü' -compose '¨' 'Y' to '¾' -compose '¨' 'a' to 'ä' -compose '¨' 'e' to 'ë' -compose '¨' 'i' to 'ï' -compose '¨' 'o' to 'ö' -compose '¨' 'u' to 'ü' -compose '¨' 'y' to 'ÿ' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' -compose '¸' 'S' to 'ª' -compose '¸' 's' to 'º' diff --git a/console-setup/compose.ISO-8859-4.inc b/console-setup/compose.ISO-8859-4.inc index c95e946..4598a22 100644 --- a/console-setup/compose.ISO-8859-4.inc +++ b/console-setup/compose.ISO-8859-4.inc @@ -49,12 +49,10 @@ compose '-' 'u' to ' compose '.' '.' to 'ÿ' compose '.' 'E' to 'Ì' compose '.' 'e' to 'ì' -compose '.' 'ÿ' to 'ÿ' compose '/' 'O' to 'Ø' compose '/' 'T' to '¬' compose '/' 'o' to 'ø' compose '/' 't' to '¼' -compose '0' 's' to '§' compose ':' '-' to '÷' compose '<' '<' to '·' compose '<' 'C' to 'È' @@ -105,10 +103,10 @@ compose '_' 'e' to ' compose '_' 'i' to 'ï' compose '_' 'o' to 'ò' compose '_' 'u' to 'þ' -compose '_' '¯' to '¯' compose 'a' 'e' to 'æ' compose 'n' 'g' to '¿' compose 'o' 'x' to '¤' +compose 's' '0' to '§' compose 's' 'o' to '§' compose 't' '-' to '¼' compose 'x' '0' to '¤' @@ -121,5 +119,3 @@ compose '~' 'a' to ' compose '~' 'i' to 'µ' compose '~' 'o' to 'õ' compose '~' 'u' to 'ý' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' diff --git a/console-setup/compose.ISO-8859-7.inc b/console-setup/compose.ISO-8859-7.inc index 6142e6c..1aa936a 100644 --- a/console-setup/compose.ISO-8859-7.inc +++ b/console-setup/compose.ISO-8859-7.inc @@ -2,10 +2,6 @@ compose '!' '^' to '¦' compose '!' 's' to '§' compose '"' '"' to '¨' -compose '"' 'É' to 'Ú' -compose '"' 'Õ' to 'Û' -compose '"' 'é' to 'ú' -compose '"' 'õ' to 'û' compose '(' '(' to '[' compose '(' '-' to '{' compose '(' 'c' to '©' @@ -26,9 +22,7 @@ compose '.' '^' to ' compose '/' '/' to '\\' compose '/' '<' to '\\' compose '/' '^' to '|' -compose '0' 's' to '§' compose '1' '2' to '½' -compose '2' 's' to '²' compose '<' '/' to '\\' compose '<' '<' to '«' compose '<' '\'' to '¡' @@ -38,20 +32,6 @@ compose '>' '\'' to ' compose '\'' '<' to '¡' compose '\'' '>' to '¢' compose '\'' '\'' to '´' -compose '\'' 'Á' to '¶' -compose '\'' 'Å' to '¸' -compose '\'' 'Ç' to '¹' -compose '\'' 'É' to 'º' -compose '\'' 'Ï' to '¼' -compose '\'' 'Õ' to '¾' -compose '\'' 'Ù' to '¿' -compose '\'' 'á' to 'Ü' -compose '\'' 'å' to 'Ý' -compose '\'' 'ç' to 'Þ' -compose '\'' 'é' to 'ß' -compose '\'' 'ï' to 'ü' -compose '\'' 'õ' to 'ý' -compose '\'' 'ù' to 'þ' compose '^' '!' to '¦' compose '^' '.' to '·' compose '^' '/' to '|' @@ -59,33 +39,14 @@ compose '^' '0' to ' compose '^' '2' to '²' compose '^' '3' to '³' compose 'a' 't' to '@' -compose 'b' 'v' to '¦' compose 'c' '0' to '©' compose 'c' 'o' to '©' compose 'o' 'c' to '©' -compose 'o' 's' to '§' compose 's' '0' to '§' +compose 's' '2' to '²' compose 's' '3' to '³' compose 's' 'o' to '§' compose 'v' 'b' to '¦' compose 'v' 'l' to '|' compose '|' '|' to '¦' compose '~' '~' to '¯' -compose 'Á' '\'' to '¶' -compose 'Å' '\'' to '¸' -compose 'Ç' '\'' to '¹' -compose 'É' '"' to 'Ú' -compose 'É' '\'' to 'º' -compose 'Ï' '\'' to '¼' -compose 'Õ' '"' to 'Û' -compose 'Õ' '\'' to '¾' -compose 'Ù' '\'' to '¿' -compose 'á' '\'' to 'Ü' -compose 'å' '\'' to 'Ý' -compose 'ç' '\'' to 'Þ' -compose 'é' '"' to 'ú' -compose 'é' '\'' to 'ß' -compose 'ï' '\'' to 'ü' -compose 'õ' '"' to 'û' -compose 'õ' '\'' to 'ý' -compose 'ù' '\'' to 'þ' diff --git a/console-setup/compose.ISO-8859-9.inc b/console-setup/compose.ISO-8859-9.inc index 54738d7..e642e1b 100644 --- a/console-setup/compose.ISO-8859-9.inc +++ b/console-setup/compose.ISO-8859-9.inc @@ -62,9 +62,6 @@ compose '/' '^' to '|' compose '/' 'c' to '¢' compose '/' 'o' to 'ø' compose '/' 'u' to 'µ' -compose '0' 'c' to '©' -compose '0' 's' to '§' -compose '3' 's' to '³' compose ':' '-' to '÷' compose '<' '/' to '\\' compose '<' '<' to '«' @@ -138,12 +135,13 @@ compose 'a' 'e' to ' compose 'c' '0' to '©' compose 'c' 'o' to '©' compose 'g' 'U' to 'ð' -compose 'l' 'v' to '|' compose 'o' 'c' to '©' compose 'o' 'e' to '¼' compose 'r' 'o' to '®' +compose 's' '0' to '§' compose 's' '1' to '¹' compose 's' '2' to '²' +compose 's' '3' to '³' compose 's' 'o' to '§' compose 't' 'h' to 'þ' compose 'v' 'Z' to '´' @@ -156,19 +154,3 @@ compose '~' 'O' to ' compose '~' 'a' to 'ã' compose '~' 'n' to 'ñ' compose '~' 'o' to 'õ' -compose '¨' 'A' to 'Ä' -compose '¨' 'E' to 'Ë' -compose '¨' 'I' to 'Ï' -compose '¨' 'O' to 'Ö' -compose '¨' 'U' to 'Ü' -compose '¨' 'Y' to '¾' -compose '¨' 'a' to 'ä' -compose '¨' 'e' to 'ë' -compose '¨' 'i' to 'ï' -compose '¨' 'o' to 'ö' -compose '¨' 'u' to 'ü' -compose '¨' 'y' to 'ÿ' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' -compose '¸' 'S' to 'Þ' -compose '¸' 's' to 'þ' diff --git a/cron.d/php5 b/cron.d/php similarity index 73% rename from cron.d/php5 rename to cron.d/php index e918149..84e5d10 100644 --- a/cron.d/php5 +++ b/cron.d/php @@ -1,4 +1,4 @@ -# /etc/cron.d/php5: crontab fragment for php5 +# /etc/cron.d/php@PHP_VERSION@: crontab fragment for PHP # This purges session files in session.save_path older than X, # where X is defined in seconds as the largest value of # session.gc_maxlifetime from all your SAPI php.ini files @@ -11,4 +11,4 @@ # sessions yourself. # Look for and purge old sessions every 30 minutes -09,39 * * * * root [ -x /usr/lib/php5/sessionclean ] && /usr/lib/php5/sessionclean +09,39 * * * * root [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi diff --git a/cron.daily/apache2 b/cron.daily/apache2 index d5f9cbc..6461f07 100755 --- a/cron.daily/apache2 +++ b/cron.daily/apache2 @@ -1,30 +1,25 @@ #!/bin/sh -# run htcacheclean +# run htcacheclean if set to 'cron' mode set -e set -u type htcacheclean > /dev/null 2>&1 || exit 0 -[ -e /etc/default/apache2 ] || exit 0 +[ -e /etc/default/apache-htcacheclean ] || exit 0 -# edit /etc/default/apache2 to change this +# edit /etc/default/apache-htcacheclean to change this HTCACHECLEAN_MODE=daemon HTCACHECLEAN_RUN=auto HTCACHECLEAN_SIZE=300M HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk HTCACHECLEAN_OPTIONS="" -. /etc/default/apache2 +. /etc/default/apache-htcacheclean [ "$HTCACHECLEAN_MODE" = "cron" ] || exit 0 -[ "$HTCACHECLEAN_RUN" = "yes" ] || -( [ "$HTCACHECLEAN_RUN" = "auto" ] && \ - [ -e /etc/apache2/mods-enabled/cache_disk.load ] ) || exit 0 - htcacheclean ${HTCACHECLEAN_OPTIONS} \ -p${HTCACHECLEAN_PATH} \ -l${HTCACHECLEAN_SIZE} - diff --git a/cron.daily/apt b/cron.daily/apt deleted file mode 100755 index ee0761b..0000000 --- a/cron.daily/apt +++ /dev/null @@ -1,507 +0,0 @@ -#!/bin/sh -#set -e -# -# This file understands the following apt configuration variables: -# Values here are the default. -# Create /etc/apt/apt.conf.d/02periodic file to set your preference. -# -# Dir "/"; -# - RootDir for all configuration files -# -# Dir::Cache "var/cache/apt/"; -# - Set apt package cache directory -# -# Dir::Cache::Archives "archives/"; -# - Set package archive directory -# -# APT::Periodic::Enable "1"; -# - Enable the update/upgrade script (0=disable) -# -# APT::Periodic::BackupArchiveInterval "0"; -# - Backup after n-days if archive contents changed.(0=disable) -# -# APT::Periodic::BackupLevel "3"; -# - Backup level.(0=disable), 1 is invalid. -# -# Dir::Cache::Backup "backup/"; -# - Set periodic package backup directory -# -# APT::Archives::MaxAge "0"; (old, deprecated) -# APT::Periodic::MaxAge "0"; (new) -# - Set maximum allowed age of a cache package file. If a cache -# package file is older it is deleted (0=disable) -# -# APT::Archives::MinAge "2"; (old, deprecated) -# APT::Periodic::MinAge "2"; (new) -# - Set minimum age of a package file. If a file is younger it -# will not be deleted (0=disable). Useful to prevent races -# and to keep backups of the packages for emergency. -# -# APT::Archives::MaxSize "0"; (old, deprecated) -# APT::Periodic::MaxSize "0"; (new) -# - Set maximum size of the cache in MB (0=disable). If the cache -# is bigger, cached package files are deleted until the size -# requirement is met (the oldest packages will be deleted -# first). -# -# APT::Periodic::Update-Package-Lists "0"; -# - Do "apt-get update" automatically every n-days (0=disable) -# -# APT::Periodic::Download-Upgradeable-Packages "0"; -# - Do "apt-get upgrade --download-only" every n-days (0=disable) -# -# APT::Periodic::Download-Upgradeable-Packages-Debdelta "1"; -# - Use debdelta-upgrade to download updates if available (0=disable) -# -# APT::Periodic::Unattended-Upgrade "0"; -# - Run the "unattended-upgrade" security upgrade script -# every n-days (0=disabled) -# Requires the package "unattended-upgrades" and will write -# a log in /var/log/unattended-upgrades -# -# APT::Periodic::AutocleanInterval "0"; -# - Do "apt-get autoclean" every n-days (0=disable) -# -# APT::Periodic::Verbose "0"; -# - Send report mail to root -# 0: no report (or null string) -# 1: progress report (actually any string) -# 2: + command outputs (remove -qq, remove 2>/dev/null, add -d) -# 3: + trace on - -check_stamp() -{ - stamp="$1" - interval="$2" - - if [ $interval -eq 0 ]; then - debug_echo "check_stamp: interval=0" - # treat as no time has passed - return 1 - fi - - if [ ! -f $stamp ]; then - debug_echo "check_stamp: missing time stamp file: $stamp." - # treat as enough time has passed - return 0 - fi - - # compare midnight today to midnight the day the stamp was updated - stamp_file="$stamp" - stamp=$(date --date=$(date -r $stamp_file --iso-8601) +%s 2>/dev/null) - if [ "$?" != "0" ]; then - # Due to some timezones returning 'invalid date' for midnight on - # certain dates (e.g. America/Sao_Paulo), if date returns with error - # remove the stamp file and return 0. See coreutils bug: - # http://lists.gnu.org/archive/html/bug-coreutils/2007-09/msg00176.html - rm -f "$stamp_file" - return 0 - fi - - now=$(date --date=$(date --iso-8601) +%s 2>/dev/null) - if [ "$?" != "0" ]; then - # As above, due to some timezones returning 'invalid date' for midnight - # on certain dates (e.g. America/Sao_Paulo), if date returns with error - # return 0. - return 0 - fi - - delta=$(($now-$stamp)) - - # interval is in days, convert to sec. - interval=$(($interval*60*60*24)) - debug_echo "check_stamp: interval=$interval, now=$now, stamp=$stamp, delta=$delta (sec)" - - # remove timestamps a day (or more) in the future and force re-check - if [ $stamp -gt $(($now+86400)) ]; then - echo "WARNING: file $stamp_file has a timestamp in the future: $stamp" - rm -f "$stamp_file" - return 0 - fi - - if [ $delta -ge $interval ]; then - return 0 - fi - - return 1 -} - -update_stamp() -{ - stamp="$1" - touch $stamp -} - -# we check here if autoclean was enough sizewise -check_size_constraints() -{ - MaxAge=0 - eval $(apt-config shell MaxAge APT::Archives::MaxAge) - eval $(apt-config shell MaxAge APT::Periodic::MaxAge) - - MinAge=2 - eval $(apt-config shell MinAge APT::Archives::MinAge) - eval $(apt-config shell MinAge APT::Periodic::MinAge) - - MaxSize=0 - eval $(apt-config shell MaxSize APT::Archives::MaxSize) - eval $(apt-config shell MaxSize APT::Periodic::MaxSize) - - Cache="/var/cache/apt/archives/" - eval $(apt-config shell Cache Dir::Cache::archives/d) - - # sanity check - if [ -z "$Cache" ]; then - echo "empty Dir::Cache::archives, exiting" - exit - fi - - # check age - if [ ! $MaxAge -eq 0 ] && [ ! $MinAge -eq 0 ]; then - debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge and ctime>$MinAge and mtime>$MinAge" - find $Cache -name "*.deb" \( -mtime +$MaxAge -and -ctime +$MaxAge \) -and -not \( -mtime -$MinAge -or -ctime -$MinAge \) -print0 | xargs -r -0 rm -f - elif [ ! $MaxAge -eq 0 ]; then - debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge only" - find $Cache -name "*.deb" -ctime +$MaxAge -and -mtime +$MaxAge -print0 | xargs -r -0 rm -f - else - debug_echo "skip aging since MaxAge is 0" - fi - - # check size - if [ ! $MaxSize -eq 0 ]; then - # maxSize is in MB - MaxSize=$(($MaxSize*1024)) - - #get current time - now=$(date --date=$(date --iso-8601) +%s) - MinAge=$(($MinAge*24*60*60)) - - # reverse-sort by mtime - for file in $(ls -rt $Cache/*.deb 2>/dev/null); do - du=$(du -s $Cache) - size=${du%%/*} - # check if the cache is small enough - if [ $size -lt $MaxSize ]; then - debug_echo "end remove by archive size: size=$size < $MaxSize" - break - fi - - # check for MinAge of the file - if [ $MinAge -ne 0 ]; then - # check both ctime and mtime - mtime=$(stat -c %Y $file) - ctime=$(stat -c %Z $file) - if [ $mtime -gt $ctime ]; then - delta=$(($now-$mtime)) - else - delta=$(($now-$ctime)) - fi - if [ $delta -le $MinAge ]; then - debug_echo "skip remove by archive size: $file, delta=$delta < $MinAge" - break - else - # delete oldest file - debug_echo "remove by archive size: $file, delta=$delta >= $MinAge (sec), size=$size >= $MaxSize" - rm -f $file - fi - fi - done - fi -} - -# deal with the Apt::Periodic::BackupArchiveInterval -do_cache_backup() -{ - BackupArchiveInterval="$1" - if [ $BackupArchiveInterval -eq 0 ]; then - return - fi - - # Set default values and normalize - CacheDir="/var/cache/apt" - eval $(apt-config shell CacheDir Dir::Cache/d) - CacheDir=${CacheDir%/} - if [ -z "$CacheDir" ]; then - debug_echo "practically empty Dir::Cache, exiting" - return 0 - fi - - Cache="${CacheDir}/archives/" - eval $(apt-config shell Cache Dir::Cache::Archives/d) - if [ -z "$Cache" ]; then - debug_echo "practically empty Dir::Cache::archives, exiting" - return 0 - fi - - BackupLevel=3 - eval $(apt-config shell BackupLevel APT::Periodic::BackupLevel) - if [ $BackupLevel -le 1 ]; then - BackupLevel=2 ; - fi - - Back="${CacheDir}/backup/" - eval $(apt-config shell Back Dir::Cache::Backup/d) - if [ -z "$Back" ]; then - echo "practically empty Dir::Cache::Backup, exiting" 1>&2 - return - fi - - CacheArchive="$(basename "${Cache}")" - test -n "${CacheArchive}" || CacheArchive="archives" - BackX="${Back}${CacheArchive}/" - for x in $(seq 0 1 $((${BackupLevel}-1))); do - eval "Back${x}=${Back}${x}/" - done - - # backup after n-days if archive contents changed. - # (This uses hardlink to save disk space) - BACKUP_ARCHIVE_STAMP=/var/lib/apt/periodic/backup-archive-stamp - if check_stamp $BACKUP_ARCHIVE_STAMP $BackupArchiveInterval; then - if [ $({(cd $Cache 2>/dev/null; find . -name "*.deb"); (cd $Back0 2>/dev/null;find . -name "*.deb") ;}| sort|uniq -u|wc -l) -ne 0 ]; then - mkdir -p $Back - rm -rf $Back$((${BackupLevel}-1)) - for y in $(seq $((${BackupLevel}-1)) -1 1); do - eval BackY=${Back}$y - eval BackZ=${Back}$(($y-1)) - if [ -e $BackZ ]; then - mv -f $BackZ $BackY ; - fi - done - cp -la $Cache $Back ; mv -f $BackX $Back0 - update_stamp $BACKUP_ARCHIVE_STAMP - debug_echo "backup with hardlinks. (success)" - else - debug_echo "skip backup since same content." - fi - else - debug_echo "skip backup since too new." - fi -} - -# sleep for a random interval of time (default 30min) -# (some code taken from cron-apt, thanks) -random_sleep() -{ - RandomSleep=1800 - eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep) - if [ $RandomSleep -eq 0 ]; then - return - fi - if [ -z "$RANDOM" ] ; then - # A fix for shells that do not have this bash feature. - RANDOM=$(( $(dd if=/dev/urandom bs=2 count=1 2> /dev/null | cksum | cut -d' ' -f1) % 32767 )) - fi - TIME=$(($RANDOM % $RandomSleep)) - debug_echo "sleeping for $TIME seconds" - sleep $TIME -} - - -debug_echo() -{ - # Display message if $VERBOSE >= 1 - if [ "$VERBOSE" -ge 1 ]; then - echo $1 1>&2 - fi -} - -check_power(){ - # laptop check, on_ac_power returns: - # 0 (true) System is on main power - # 1 (false) System is not on main power - # 255 (false) Power status could not be determined - # Desktop systems always return 255 it seems - if which on_ac_power >/dev/null; then - on_ac_power - POWER=$? - if [ $POWER -eq 1 ]; then - debug_echo "exit: system NOT on main power" - return 1 - elif [ $POWER -ne 0 ]; then - debug_echo "power status ($POWER) undetermined, continuing" - fi - debug_echo "system is on main power." - fi - return 0 -} - -# ------------------------ main ---------------------------- - -if test -r /var/lib/apt/extended_states; then - # Backup the 7 last versions of APT's extended_states file - # shameless copy from dpkg cron - if cd /var/backups ; then - if ! cmp -s apt.extended_states.0 /var/lib/apt/extended_states; then - cp -p /var/lib/apt/extended_states apt.extended_states - savelog -c 7 apt.extended_states >/dev/null - fi - fi -fi - -# check apt-config existence -if ! which apt-config >/dev/null ; then - exit 0 -fi - -# check if the user really wants to do something -AutoAptEnable=1 # default is yes -eval $(apt-config shell AutoAptEnable APT::Periodic::Enable) - -if [ $AutoAptEnable -eq 0 ]; then - exit 0 -fi - -# Set VERBOSE mode from apt-config (or inherit from environment) -VERBOSE=0 -eval $(apt-config shell VERBOSE APT::Periodic::Verbose) -debug_echo "verbose level $VERBOSE" -if [ "$VERBOSE" -le 2 ]; then - # quiet for 0,1,2 - XSTDOUT=">/dev/null" - XSTDERR="2>/dev/null" - XAPTOPT="-qq" - XUUPOPT="" -else - XSTDOUT="" - XSTDERR="" - XAPTOPT="" - XUUPOPT="-d" -fi -if [ "$VERBOSE" -ge 3 ]; then - # trace output - set -x -fi - -check_power || exit 0 - -# check if we can lock the cache and if the cache is clean -if which apt-get >/dev/null && ! eval apt-get check $XAPTOPT $XSTDERR ; then - debug_echo "error encountered in cron job with \"apt-get check\"." - exit 0 -fi - -# Global current time in seconds since 1970-01-01 00:00:00 UTC -now=$(date +%s) - -# Support old Archive for compatibility. -# Document only Periodic for all controlling parameters of this script. - -UpdateInterval=0 -eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists) - -DownloadUpgradeableInterval=0 -eval $(apt-config shell DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages) - -UnattendedUpgradeInterval=0 -eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade) - -AutocleanInterval=0 -eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval) - -BackupArchiveInterval=0 -eval $(apt-config shell BackupArchiveInterval APT::Periodic::BackupArchiveInterval) - -Debdelta=1 -eval $(apt-config shell Debdelta APT::Periodic::Download-Upgradeable-Packages-Debdelta) - -# check if we actually have to do anything that requires locking the cache -if [ $UpdateInterval -eq 0 ] && - [ $DownloadUpgradeableInterval -eq 0 ] && - [ $UnattendedUpgradeInterval -eq 0 ] && - [ $BackupArchiveInterval -eq 0 ] && - [ $AutocleanInterval -eq 0 ]; then - - # check cache size - check_size_constraints - - exit 0 -fi - -# deal with BackupArchiveInterval -do_cache_backup $BackupArchiveInterval - -# sleep random amount of time to avoid hitting the -# mirrors at the same time -random_sleep -check_power || exit 0 - -# include default system language so that "apt-get update" will -# fetch the right translated package descriptions -if [ -r /etc/default/locale ]; then - . /etc/default/locale - export LANG LANGUAGE LC_MESSAGES LC_ALL -fi - -# update package lists -UPDATED=0 -UPDATE_STAMP=/var/lib/apt/periodic/update-stamp -if check_stamp $UPDATE_STAMP $UpdateInterval; then - if eval apt-get $XAPTOPT -y update $XSTDERR; then - debug_echo "download updated metadata (success)." - if which dbus-send >/dev/null && pidof dbus-daemon >/dev/null; then - if dbus-send --system / app.apt.dbus.updated boolean:true ; then - debug_echo "send dbus signal (success)" - else - debug_echo "send dbus signal (error)" - fi - else - debug_echo "dbus signal not send (command not available)" - fi - update_stamp $UPDATE_STAMP - UPDATED=1 - else - debug_echo "download updated metadata (error)" - fi -else - debug_echo "download updated metadata (not run)." -fi - -# download all upgradeable packages (if it is requested) -DOWNLOAD_UPGRADEABLE_STAMP=/var/lib/apt/periodic/download-upgradeable-stamp -if [ $UPDATED -eq 1 ] && check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then - if [ $Debdelta -eq 1 ]; then - debdelta-upgrade >/dev/null 2>&1 || true - fi - if eval apt-get $XAPTOPT -y -d dist-upgrade $XSTDERR; then - update_stamp $DOWNLOAD_UPGRADEABLE_STAMP - debug_echo "download upgradable (success)" - else - debug_echo "download upgradable (error)" - fi -else - debug_echo "download upgradable (not run)" -fi - -# auto upgrade all upgradeable packages -UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp -if which unattended-upgrade >/dev/null && check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then - if unattended-upgrade $XUUPOPT; then - update_stamp $UPGRADE_STAMP - debug_echo "unattended-upgrade (success)" - else - debug_echo "unattended-upgrade (error)" - fi -else - debug_echo "unattended-upgrade (not run)" -fi - -# autoclean package archive -AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp -if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then - if eval apt-get $XAPTOPT -y autoclean $XSTDERR; then - debug_echo "autoclean (success)." - update_stamp $AUTOCLEAN_STAMP - else - debug_echo "autoclean (error)" - fi -else - debug_echo "autoclean (not run)" -fi - -# check cache size -check_size_constraints - -# -# vim: set sts=4 ai : -# - diff --git a/cron.daily/apt-compat b/cron.daily/apt-compat new file mode 100755 index 0000000..095a44c --- /dev/null +++ b/cron.daily/apt-compat @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +# Systemd systems use a systemd timer unit which is preferable to +# run. We want to randomize the apt update and unattended-upgrade +# runs as much as possible to avoid hitting the mirrors all at the +# same time. The systemd time is better at this than the fixed +# cron.daily time +if [ -d /run/systemd/system ]; then + exit 0 +fi + +check_power() +{ + # laptop check, on_ac_power returns: + # 0 (true) System is on main power + # 1 (false) System is not on main power + # 255 (false) Power status could not be determined + # Desktop systems always return 255 it seems + if which on_ac_power >/dev/null 2>&1; then + on_ac_power + POWER=$? + if [ $POWER -eq 1 ]; then + return 1 + fi + fi + return 0 +} + +# sleep for a random interval of time (default 30min) +# (some code taken from cron-apt, thanks) +random_sleep() +{ + RandomSleep=1800 + eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep) + if [ $RandomSleep -eq 0 ]; then + return + fi + if [ -z "$RANDOM" ] ; then + # A fix for shells that do not have this bash feature. + RANDOM=$(( $(dd if=/dev/urandom bs=2 count=1 2> /dev/null | cksum | cut -d' ' -f1) % 32767 )) + fi + TIME=$(($RANDOM % $RandomSleep)) + sleep $TIME +} + +# delay the job execution by a random amount of time +random_sleep + +# ensure we don't do this on battery +check_power || exit 0 + +# run daily job +exec /usr/lib/apt/apt.systemd.daily diff --git a/cron.daily/man-db b/cron.daily/man-db index c374604..0aeb8a5 100755 --- a/cron.daily/man-db +++ b/cron.daily/man-db @@ -13,18 +13,12 @@ fi if ! [ -d /var/cache/man ]; then # Recover from deletion, per FHS. - mkdir -p /var/cache/man - chown man:root /var/cache/man || true - chmod 2755 /var/cache/man + install -d -o man -g man -m 0755 /var/cache/man fi # expunge old catman pages which have not been read in a week if [ ! -d /run/systemd/system ] && [ -d /var/cache/man ]; then cd / - if ! dpkg-statoverride --list /var/cache/man >/dev/null 2>&1; then - find /var/cache/man -ignore_readdir_race ! -user man -print0 | \ - xargs -r0 chown -f man || true - fi start-stop-daemon --start --pidfile /dev/null --startas /bin/sh \ --oknodo --chuid man $iosched_idle -- -c \ "find /var/cache/man -type f -name '*.gz' -atime +6 -print0 | \ diff --git a/cron.daily/mlocate b/cron.daily/mlocate index aeb1a88..331d063 100755 --- a/cron.daily/mlocate +++ b/cron.daily/mlocate @@ -18,4 +18,10 @@ if [ -x /usr/bin/ionice ] && IONICE="/usr/bin/ionice -c3" fi -flock --nonblock /run/mlocate.daily.lock $IONICE /usr/bin/updatedb.mlocate +# See nocache(1) +NOCACHE= +if [ -x /usr/bin/nocache ]; then + NOCACHE="/usr/bin/nocache" +fi + +flock --nonblock /run/mlocate.daily.lock $NOCACHE $IONICE /usr/bin/updatedb.mlocate diff --git a/cron.weekly/man-db b/cron.weekly/man-db index b890d38..87da3b8 100755 --- a/cron.weekly/man-db +++ b/cron.weekly/man-db @@ -13,9 +13,7 @@ fi if ! [ -d /var/cache/man ]; then # Recover from deletion, per FHS. - mkdir -p /var/cache/man - chown man:root /var/cache/man || true - chmod 2755 /var/cache/man + install -d -o man -g man -m 0755 /var/cache/man fi # regenerate man database diff --git a/dbus-1/session.conf b/dbus-1/session.conf new file mode 120000 index 0000000..b4a3252 --- /dev/null +++ b/dbus-1/session.conf @@ -0,0 +1 @@ +/usr/share/dbus-1/session.conf \ No newline at end of file diff --git a/dbus-1/system.conf b/dbus-1/system.conf new file mode 120000 index 0000000..f22bf8f --- /dev/null +++ b/dbus-1/system.conf @@ -0,0 +1 @@ +/usr/share/dbus-1/system.conf \ No newline at end of file diff --git a/dbus-1/system.d/org.freedesktop.login1.conf b/dbus-1/system.d/org.freedesktop.login1.conf index 1318328..c89e404 100644 --- a/dbus-1/system.d/org.freedesktop.login1.conf +++ b/dbus-1/system.d/org.freedesktop.login1.conf @@ -88,6 +88,42 @@ send_interface="org.freedesktop.login1.Manager" send_member="ActivateSessionOnSeat"/> + + + + + + + + + + + + + + + + + + @@ -128,6 +164,26 @@ send_interface="org.freedesktop.login1.Manager" send_member="CanHybridSleep"/> + + + + + + + + + + @@ -136,6 +192,10 @@ send_interface="org.freedesktop.login1.Manager" send_member="FlushDevices"/> + + @@ -152,14 +212,34 @@ send_interface="org.freedesktop.login1.Seat" send_member="SwitchToNext"/> + + + + + + + + + + @@ -180,6 +260,14 @@ send_interface="org.freedesktop.login1.Session" send_member="PauseDeviceComplete"/> + + + + diff --git a/dbus-1/system.d/org.freedesktop.machine1.conf b/dbus-1/system.d/org.freedesktop.machine1.conf deleted file mode 100644 index 3a77c70..0000000 --- a/dbus-1/system.d/org.freedesktop.machine1.conf +++ /dev/null @@ -1,66 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dbus-1/system.d/org.freedesktop.network1.conf b/dbus-1/system.d/org.freedesktop.network1.conf new file mode 100644 index 0000000..52dad33 --- /dev/null +++ b/dbus-1/system.d/org.freedesktop.network1.conf @@ -0,0 +1,42 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/dbus-1/system.d/org.freedesktop.resolve1.conf b/dbus-1/system.d/org.freedesktop.resolve1.conf new file mode 100644 index 0000000..25b0977 --- /dev/null +++ b/dbus-1/system.d/org.freedesktop.resolve1.conf @@ -0,0 +1,27 @@ + + + + + + + + + + + + + + + + + + + diff --git a/dbus-1/system.d/org.freedesktop.systemd1.conf b/dbus-1/system.d/org.freedesktop.systemd1.conf index 9dfca81..a61677e 100644 --- a/dbus-1/system.d/org.freedesktop.systemd1.conf +++ b/dbus-1/system.d/org.freedesktop.systemd1.conf @@ -28,6 +28,8 @@ + + @@ -50,6 +52,10 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="GetUnitByPID"/> + + @@ -66,14 +72,30 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="ListUnitsFiltered"/> + + + + + + + + @@ -94,6 +116,140 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="GetDefaultTarget"/> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/debian_version b/debian_version index 48c26da..28a2186 100644 --- a/debian_version +++ b/debian_version @@ -1 +1 @@ -8.6 +9.1 diff --git a/default/apache2 b/default/apache-htcacheclean similarity index 62% rename from default/apache2 rename to default/apache-htcacheclean index 020f079..73637fc 100644 --- a/default/apache2 +++ b/default/apache-htcacheclean @@ -1,16 +1,12 @@ -### htcacheclean settings ### - -## run htcacheclean: yes, no, auto -## auto means run if /etc/apache2/mods-enabled/cache_disk.load exists -## default: auto -HTCACHECLEAN_RUN=auto +# This file must only contain KEY=VALUE lines. Do not use advanced +# shell script constructs! ## run mode: cron, daemon ## run in daemon mode or as daily cron job ## default: daemon HTCACHECLEAN_MODE=daemon -## cache size +## cache size HTCACHECLEAN_SIZE=300M ## interval: if in daemon mode, clean cache every x minutes @@ -18,7 +14,7 @@ HTCACHECLEAN_DAEMON_INTERVAL=120 ## path to cache ## must be the same as in CacheRoot directive -HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk +#HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk ## additional options: ## -n : be nice diff --git a/default/chrony b/default/chrony new file mode 100644 index 0000000..929dea0 --- /dev/null +++ b/default/chrony @@ -0,0 +1,5 @@ +# This is a configuration file for /etc/init.d/chrony; it allows you to +# pass various options to the chrony daemon without editing the init script. + +# Options to pass to chrony. +DAEMON_OPTS="" diff --git a/default/dbus b/default/dbus new file mode 100644 index 0000000..4bc8e1b --- /dev/null +++ b/default/dbus @@ -0,0 +1,7 @@ +# This is a configuration file for /etc/init.d/dbus; it allows you to +# perform common modifications to the behavior of the dbus daemon +# startup without editing the init script (and thus getting prompted +# by dpkg on upgrades). We all love dpkg prompts. + +# Parameters to pass to dbus. +PARAMS="" diff --git a/default/grub b/default/grub index b3a3467..74eccbe 100644 --- a/default/grub +++ b/default/grub @@ -6,7 +6,8 @@ GRUB_DEFAULT=0 GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` -GRUB_CMDLINE_LINUX_DEFAULT="quiet" +#GRUB_CMDLINE_LINUX_DEFAULT="quiet" +GRUB_CMDLINE_LINUX_DEFAULT="" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs diff --git a/default/grub.ucf-dist b/default/grub.ucf-dist new file mode 100644 index 0000000..93f810b --- /dev/null +++ b/default/grub.ucf-dist @@ -0,0 +1,32 @@ +# If you change this file, run 'update-grub' afterwards to update +# /boot/grub/grub.cfg. +# For full documentation of the options in this file, see: +# info -f grub -n 'Simple configuration' + +GRUB_DEFAULT=0 +GRUB_TIMEOUT=5 +GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` +GRUB_CMDLINE_LINUX_DEFAULT="" +GRUB_CMDLINE_LINUX="" + +# Uncomment to enable BadRAM filtering, modify to suit your needs +# This works with Linux (no patch required) and with any kernel that obtains +# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) +#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" + +# Uncomment to disable graphical terminal (grub-pc only) +#GRUB_TERMINAL=console + +# The resolution used on graphical terminal +# note that you can use only modes which your graphic card supports via VBE +# you can see them in real GRUB with the command `vbeinfo' +#GRUB_GFXMODE=640x480 + +# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux +#GRUB_DISABLE_LINUX_UUID=true + +# Uncomment to disable generation of recovery mode menu entries +#GRUB_DISABLE_RECOVERY="true" + +# Uncomment to get a beep at grub start +#GRUB_INIT_TUNE="480 440 1" diff --git a/default/rcS b/default/rcS index 694ffc7..b60cf6b 100644 --- a/default/rcS +++ b/default/rcS @@ -1,3 +1,6 @@ +################################################################## +# NOTE: This file is ignored when systemd is used as init system # +################################################################## # # /etc/default/rcS # diff --git a/default/rsync b/default/rsync index 13780c2..424b1c0 100644 --- a/default/rsync +++ b/default/rsync @@ -1,4 +1,10 @@ # defaults file for rsync daemon mode +# +# This file is only used for init.d based systems! +# If this system uses systemd, you can specify options etc. for rsync +# in daemon mode by copying /lib/systemd/system/rsync.service to +# /etc/systemd/system/rsync.service and modifying the copy; add required +# options to the ExecStart line. # start rsync in daemon mode from init.d script? # only allowed values are "true", "false", and "inetd" diff --git a/default/tmpfs b/default/tmpfs index a19ba71..80e60a6 100644 --- a/default/tmpfs +++ b/default/tmpfs @@ -1,3 +1,7 @@ +################################################################## +# NOTE: This file is ignored when systemd is used as init system # +################################################################## +# # Configuration for tmpfs filesystems mounted in early boot, before # filesystems from /etc/fstab are mounted. For information about # these variables see the tmpfs(5) manual page. diff --git a/dhcp/dhclient-exit-hooks.d/timesyncd b/dhcp/dhclient-exit-hooks.d/timesyncd new file mode 100644 index 0000000..3cde992 --- /dev/null +++ b/dhcp/dhclient-exit-hooks.d/timesyncd @@ -0,0 +1,42 @@ +TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf + +timesyncd_servers_setup_remove() { + if [ -e $TIMESYNCD_CONF ]; then + rm -f $TIMESYNCD_CONF + systemctl try-restart systemd-timesyncd.service || true + fi +} + +timesyncd_servers_setup_add() { + if [ ! -d /run/systemd/system ]; then + return + fi + + if [ -e $TIMESYNCD_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then + return + fi + + if [ -z "$new_ntp_servers" ]; then + timesyncd_servers_setup_remove + return + fi + + mkdir -p $(dirname $TIMESYNCD_CONF) + cat < ${TIMESYNCD_CONF}.new +# NTP server entries received from DHCP server +[Time] +NTP=$new_ntp_servers +EOF + mv ${TIMESYNCD_CONF}.new ${TIMESYNCD_CONF} + systemctl try-restart systemd-timesyncd.service || true +} + + +case $reason in + BOUND|RENEW|REBIND|REBOOT) + timesyncd_servers_setup_add + ;; + EXPIRE|FAIL|RELEASE|STOP) + timesyncd_servers_setup_remove + ;; +esac diff --git a/dhcpcd.conf b/dhcpcd.conf index c77d5c7..1121fcf 100644 --- a/dhcpcd.conf +++ b/dhcpcd.conf @@ -6,6 +6,9 @@ noipv4ll #background reboot 0 +# Allow users of this group to interact with dhcpcd via the control socket. +#controlgroup wheel + # Inform the DHCP server of our hostname for DDNS. hostname @@ -13,8 +16,13 @@ hostname #clientid # or # Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361. +# Some non-RFC compliant DHCP servers do not reply with this set. +# In this case, comment out duid and enable clientid above. duid +# Persist interface configuration when dhcpcd exits. +persistent + # Rapid commit support. # Safe to enable by default because it requires the equivalent option set # on the server to actually work. @@ -25,13 +33,14 @@ option domain_name_servers, domain_name, domain_search, host_name option classless_static_routes # Most distributions have NTP support. option ntp_servers -# Respect the network MTU. -# Some interface drivers reset when changing the MTU so disabled by default. -#option interface_mtu +# Respect the network MTU. This is applied to DHCP routes. +option interface_mtu # A ServerID is required by RFC2131. require dhcp_server_identifier +# Generate Stable Private IPv6 Addresses instead of hardware based ones +slaac private # A hook script is provided to lookup the hostname if not set by the DHCP # server, but it should not be run by default. nohook lookup-hostname diff --git a/dhcpcd.conf.bak b/dhcpcd.conf.bak new file mode 100644 index 0000000..c77d5c7 --- /dev/null +++ b/dhcpcd.conf.bak @@ -0,0 +1,40 @@ +# A sample configuration for dhcpcd. +# See dhcpcd.conf(5) for details. + +# Gridscale Modifications +noipv4ll +#background +reboot 0 + +# Inform the DHCP server of our hostname for DDNS. +hostname + +# Use the hardware address of the interface for the Client ID. +#clientid +# or +# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361. +duid + +# Rapid commit support. +# Safe to enable by default because it requires the equivalent option set +# on the server to actually work. +option rapid_commit + +# A list of options to request from the DHCP server. +option domain_name_servers, domain_name, domain_search, host_name +option classless_static_routes +# Most distributions have NTP support. +option ntp_servers +# Respect the network MTU. +# Some interface drivers reset when changing the MTU so disabled by default. +#option interface_mtu + +# A ServerID is required by RFC2131. +require dhcp_server_identifier + +# A hook script is provided to lookup the hostname if not set by the DHCP +# server, but it should not be run by default. +nohook lookup-hostname + +# Don't touch /etc/resolv.conf +nohook resolv.conf diff --git a/dhcpcd.conf.dpkg-dist b/dhcpcd.conf.dpkg-dist new file mode 100644 index 0000000..1121fcf --- /dev/null +++ b/dhcpcd.conf.dpkg-dist @@ -0,0 +1,49 @@ +# A sample configuration for dhcpcd. +# See dhcpcd.conf(5) for details. + +# Gridscale Modifications +noipv4ll +#background +reboot 0 + +# Allow users of this group to interact with dhcpcd via the control socket. +#controlgroup wheel + +# Inform the DHCP server of our hostname for DDNS. +hostname + +# Use the hardware address of the interface for the Client ID. +#clientid +# or +# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361. +# Some non-RFC compliant DHCP servers do not reply with this set. +# In this case, comment out duid and enable clientid above. +duid + +# Persist interface configuration when dhcpcd exits. +persistent + +# Rapid commit support. +# Safe to enable by default because it requires the equivalent option set +# on the server to actually work. +option rapid_commit + +# A list of options to request from the DHCP server. +option domain_name_servers, domain_name, domain_search, host_name +option classless_static_routes +# Most distributions have NTP support. +option ntp_servers +# Respect the network MTU. This is applied to DHCP routes. +option interface_mtu + +# A ServerID is required by RFC2131. +require dhcp_server_identifier + +# Generate Stable Private IPv6 Addresses instead of hardware based ones +slaac private +# A hook script is provided to lookup the hostname if not set by the DHCP +# server, but it should not be run by default. +nohook lookup-hostname + +# Don't touch /etc/resolv.conf +nohook resolv.conf diff --git a/fail2ban/action.d/badips.conf b/fail2ban/action.d/badips.conf index 4a5c0f9..6f9513f 100644 --- a/fail2ban/action.d/badips.conf +++ b/fail2ban/action.d/badips.conf @@ -1,6 +1,6 @@ # Fail2ban reporting to badips.com # -# Note: This reports and IP only and does not actually ban traffic. Use +# Note: This reports an IP only and does not actually ban traffic. Use # another action in the same jail if you want bans to occur. # # Set the category to the appropriate value before use. @@ -10,7 +10,7 @@ [Definition] -actionban = curl --fail --user-agent "fail2ban v0.8.12" http://www.badips.com/add// +actionban = curl --fail --user-agent "" http://www.badips.com/add// [Init] diff --git a/fail2ban/action.d/badips.py b/fail2ban/action.d/badips.py new file mode 100644 index 0000000..4bc879a --- /dev/null +++ b/fail2ban/action.d/badips.py @@ -0,0 +1,377 @@ +# emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*- +# vi: set ft=python sts=4 ts=4 sw=4 noet : + +# This file is part of Fail2Ban. +# +# Fail2Ban is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# Fail2Ban is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Fail2Ban; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +import sys +if sys.version_info < (2, 7): + raise ImportError("badips.py action requires Python >= 2.7") +import json +import threading +import logging +if sys.version_info >= (3, ): + from urllib.request import Request, urlopen + from urllib.parse import urlencode + from urllib.error import HTTPError +else: + from urllib2 import Request, urlopen, HTTPError + from urllib import urlencode + +from fail2ban.server.actions import ActionBase + + +class BadIPsAction(ActionBase): + """Fail2Ban action which reports bans to badips.com, and also + blacklist bad IPs listed on badips.com by using another action's + ban method. + + Parameters + ---------- + jail : Jail + The jail which the action belongs to. + name : str + Name assigned to the action. + category : str + Valid badips.com category for reporting failures. + score : int, optional + Minimum score for bad IPs. Default 3. + age : str, optional + Age of last report for bad IPs, per badips.com syntax. + Default "24h" (24 hours) + key : str, optional + Key issued by badips.com to report bans, for later retrieval + of personalised content. + banaction : str, optional + Name of banaction to use for blacklisting bad IPs. If `None`, + no blacklist of IPs will take place. + Default `None`. + bancategory : str, optional + Name of category to use for blacklisting, which can differ + from category used for reporting. e.g. may want to report + "postfix", but want to use whole "mail" category for blacklist. + Default `category`. + bankey : str, optional + Key issued by badips.com to blacklist IPs reported with the + associated key. + updateperiod : int, optional + Time in seconds between updating bad IPs blacklist. + Default 900 (15 minutes) + agent : str, optional + User agent transmitted to server. + Default `Fail2Ban/ver.` + + Raises + ------ + ValueError + If invalid `category`, `score`, `banaction` or `updateperiod`. + """ + + TIMEOUT = 10 + _badips = "http://www.badips.com" + def _Request(self, url, **argv): + return Request(url, headers={'User-Agent': self.agent}, **argv) + + def __init__(self, jail, name, category, score=3, age="24h", key=None, + banaction=None, bancategory=None, bankey=None, updateperiod=900, agent="Fail2Ban", + timeout=TIMEOUT): + super(BadIPsAction, self).__init__(jail, name) + + self.timeout = timeout + self.agent = agent + self.category = category + self.score = score + self.age = age + self.key = key + self.banaction = banaction + self.bancategory = bancategory or category + self.bankey = bankey + self.updateperiod = updateperiod + + self._bannedips = set() + # Used later for threading.Timer for updating badips + self._timer = None + + def getCategories(self, incParents=False): + """Get badips.com categories. + + Returns + ------- + set + Set of categories. + + Raises + ------ + HTTPError + Any issues with badips.com request. + ValueError + If badips.com response didn't contain necessary information + """ + try: + response = urlopen( + self._Request("/".join([self._badips, "get", "categories"])), timeout=self.timeout) + except HTTPError as response: + messages = json.loads(response.read().decode('utf-8')) + self._logSys.error( + "Failed to fetch categories. badips.com response: '%s'", + messages['err']) + raise + else: + response_json = json.loads(response.read().decode('utf-8')) + if not 'categories' in response_json: + err = "badips.com response lacked categories specification. Response was: %s" \ + % (response_json,) + self._logSys.error(err) + raise ValueError(err) + categories = response_json['categories'] + categories_names = set( + value['Name'] for value in categories) + if incParents: + categories_names.update(set( + value['Parent'] for value in categories + if "Parent" in value)) + return categories_names + + def getList(self, category, score, age, key=None): + """Get badips.com list of bad IPs. + + Parameters + ---------- + category : str + Valid badips.com category. + score : int + Minimum score for bad IPs. + age : str + Age of last report for bad IPs, per badips.com syntax. + key : str, optional + Key issued by badips.com to fetch IPs reported with the + associated key. + + Returns + ------- + set + Set of bad IPs. + + Raises + ------ + HTTPError + Any issues with badips.com request. + """ + try: + url = "?".join([ + "/".join([self._badips, "get", "list", category, str(score)]), + urlencode({'age': age})]) + if key: + url = "&".join([url, urlencode({'key': key})]) + response = urlopen(self._Request(url), timeout=self.timeout) + except HTTPError as response: + messages = json.loads(response.read().decode('utf-8')) + self._logSys.error( + "Failed to fetch bad IP list. badips.com response: '%s'", + messages['err']) + raise + else: + return set(response.read().decode('utf-8').split()) + + @property + def category(self): + """badips.com category for reporting IPs. + """ + return self._category + + @category.setter + def category(self, category): + if category not in self.getCategories(): + self._logSys.error("Category name '%s' not valid. " + "see badips.com for list of valid categories", + category) + raise ValueError("Invalid category: %s" % category) + self._category = category + + @property + def bancategory(self): + """badips.com bancategory for fetching IPs. + """ + return self._bancategory + + @bancategory.setter + def bancategory(self, bancategory): + if bancategory not in self.getCategories(incParents=True): + self._logSys.error("Category name '%s' not valid. " + "see badips.com for list of valid categories", + bancategory) + raise ValueError("Invalid bancategory: %s" % bancategory) + self._bancategory = bancategory + + @property + def score(self): + """badips.com minimum score for fetching IPs. + """ + return self._score + + @score.setter + def score(self, score): + score = int(score) + if 0 <= score <= 5: + self._score = score + else: + raise ValueError("Score must be 0-5") + + @property + def banaction(self): + """Jail action to use for banning/unbanning. + """ + return self._banaction + + @banaction.setter + def banaction(self, banaction): + if banaction is not None and banaction not in self._jail.actions: + self._logSys.error("Action name '%s' not in jail '%s'", + banaction, self._jail.name) + raise ValueError("Invalid banaction") + self._banaction = banaction + + @property + def updateperiod(self): + """Period in seconds between banned bad IPs will be updated. + """ + return self._updateperiod + + @updateperiod.setter + def updateperiod(self, updateperiod): + updateperiod = int(updateperiod) + if updateperiod > 0: + self._updateperiod = updateperiod + else: + raise ValueError("Update period must be integer greater than 0") + + def _banIPs(self, ips): + for ip in ips: + try: + self._jail.actions[self.banaction].ban({ + 'ip': ip, + 'failures': 0, + 'matches': "", + 'ipmatches': "", + 'ipjailmatches': "", + }) + except Exception as e: + self._logSys.error( + "Error banning IP %s for jail '%s' with action '%s': %s", + ip, self._jail.name, self.banaction, e, + exc_info=self._logSys.getEffectiveLevel()<=logging.DEBUG) + else: + self._bannedips.add(ip) + self._logSys.info( + "Banned IP %s for jail '%s' with action '%s'", + ip, self._jail.name, self.banaction) + + def _unbanIPs(self, ips): + for ip in ips: + try: + self._jail.actions[self.banaction].unban({ + 'ip': ip, + 'failures': 0, + 'matches': "", + 'ipmatches': "", + 'ipjailmatches': "", + }) + except Exception as e: + self._logSys.info( + "Error unbanning IP %s for jail '%s' with action '%s': %s", + ip, self._jail.name, self.banaction, e, + exc_info=self._logSys.getEffectiveLevel()<=logging.DEBUG) + else: + self._logSys.info( + "Unbanned IP %s for jail '%s' with action '%s'", + ip, self._jail.name, self.banaction) + finally: + self._bannedips.remove(ip) + + def start(self): + """If `banaction` set, blacklists bad IPs. + """ + if self.banaction is not None: + self.update() + + def update(self): + """If `banaction` set, updates blacklisted IPs. + + Queries badips.com for list of bad IPs, removing IPs from the + blacklist if no longer present, and adds new bad IPs to the + blacklist. + """ + if self.banaction is not None: + if self._timer: + self._timer.cancel() + self._timer = None + + try: + ips = self.getList( + self.bancategory, self.score, self.age, self.bankey) + # Remove old IPs no longer listed + self._unbanIPs(self._bannedips - ips) + # Add new IPs which are now listed + self._banIPs(ips - self._bannedips) + + self._logSys.info( + "Updated IPs for jail '%s'. Update again in %i seconds", + self._jail.name, self.updateperiod) + finally: + self._timer = threading.Timer(self.updateperiod, self.update) + self._timer.start() + + def stop(self): + """If `banaction` set, clears blacklisted IPs. + """ + if self.banaction is not None: + if self._timer: + self._timer.cancel() + self._timer = None + self._unbanIPs(self._bannedips.copy()) + + def ban(self, aInfo): + """Reports banned IP to badips.com. + + Parameters + ---------- + aInfo : dict + Dictionary which includes information in relation to + the ban. + + Raises + ------ + HTTPError + Any issues with badips.com request. + """ + try: + url = "/".join([self._badips, "add", self.category, aInfo['ip']]) + if self.key: + url = "?".join([url, urlencode({'key': self.key})]) + response = urlopen(self._Request(url), timeout=self.timeout) + except HTTPError as response: + messages = json.loads(response.read().decode('utf-8')) + self._logSys.error( + "Response from badips.com report: '%s'", + messages['err']) + raise + else: + messages = json.loads(response.read().decode('utf-8')) + self._logSys.info( + "Response from badips.com report: '%s'", + messages['suc']) + +Action = BadIPsAction diff --git a/fail2ban/action.d/blocklist_de.conf b/fail2ban/action.d/blocklist_de.conf index d4170ca..2f31d8b 100644 --- a/fail2ban/action.d/blocklist_de.conf +++ b/fail2ban/action.d/blocklist_de.conf @@ -7,13 +7,13 @@ # Action to report IP address to blocklist.de # Blocklist.de must be signed up to at www.blocklist.de # Once registered, one or more servers can be added. -# This action requires the server 'email address' and the assoicate apikey. +# This action requires the server 'email address' and the associated apikey. # # From blocklist.de: # www.blocklist.de is a free and voluntary service provided by a # Fraud/Abuse-specialist, whose servers are often attacked on SSH-, # Mail-Login-, FTP-, Webserver- and other services. -# The mission is to report all attacks to the abuse deparments of the +# The mission is to report all attacks to the abuse departments of the # infected PCs/servers to ensure that the responsible provider can inform # the customer about the infection and disable them # @@ -25,7 +25,7 @@ # * The recidive where the IP has been banned multiple times # * Where maxretry has been set quite high, beyond the normal user typing # password incorrectly. -# * For filters that have a low likelyhood of receiving human errors +# * For filters that have a low likelihood of receiving human errors # [Definition] @@ -54,7 +54,7 @@ actioncheck = # Tags: See jail.conf(5) man page # Values: CMD # -actionban = curl --fail --data-urlencode 'server=' --data 'apikey=' --data 'service=' --data 'ip=' --data-urlencode 'logs=' --data 'format=text' --user-agent "fail2ban v0.8.12" "https://www.blocklist.de/en/httpreports.html" +actionban = curl --fail --data-urlencode 'server=' --data 'apikey=' --data 'service=' --data 'ip=' --data-urlencode 'logs=' --data 'format=text' --user-agent "" "https://www.blocklist.de/en/httpreports.html" # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the diff --git a/fail2ban/action.d/bsd-ipfw.conf b/fail2ban/action.d/bsd-ipfw.conf index 1285361..8b0a51a 100644 --- a/fail2ban/action.d/bsd-ipfw.conf +++ b/fail2ban/action.d/bsd-ipfw.conf @@ -38,7 +38,7 @@ actioncheck = # Values: CMD # # requires an ipfw rule like "deny ip from table(1) to me" -actionban = ipfw table add +actionban = e=`ipfw table
add 2>&1`; x=$?; [ $x -eq 0 -o "$e" = 'ipfw: setsockopt(IP_FW_TABLE_XADD): File exists' ] || { echo "$e" 1>&2; exit $x; } # Option: actionunban @@ -47,7 +47,7 @@ actionban = ipfw table
add # Tags: See jail.conf(5) man page # Values: CMD # -actionunban = ipfw table
delete +actionunban = e=`ipfw table
delete 2>&1`; x=$?; [ $x -eq 0 -o "$e" = 'ipfw: setsockopt(IP_FW_TABLE_XDEL): No such process' ] || { echo "$e" 1>&2; exit $x; } [Init] # Option: table diff --git a/fail2ban/action.d/cloudflare.conf b/fail2ban/action.d/cloudflare.conf new file mode 100644 index 0000000..aa87163 --- /dev/null +++ b/fail2ban/action.d/cloudflare.conf @@ -0,0 +1,68 @@ +# +# Author: Mike Rushton +# +# IMPORTANT +# +# Please set jail.local's permission to 640 because it contains your CF API key. +# +# This action depends on curl. +# Referenced from http://www.normyee.net/blog/2012/02/02/adding-cloudflare-support-to-fail2ban by NORM YEE +# +# To get your CloudFlare API Key: https://www.cloudflare.com/a/account/my-account +# +# CloudFlare API error codes: https://www.cloudflare.com/docs/host-api.html#s4.2 + +[Definition] + +# Option: actionstart +# Notes.: command executed once at the start of Fail2Ban. +# Values: CMD +# +actionstart = + +# Option: actionstop +# Notes.: command executed once at the end of Fail2Ban +# Values: CMD +# +actionstop = + +# Option: actioncheck +# Notes.: command executed once before each actionban command +# Values: CMD +# +actioncheck = + +# Option: actionban +# Notes.: command executed when banning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Tags: IP address +# number of failures +#