Slackware/bootstrap
1
0
Fork 0
Code Releases Wiki Activity

Initial commit.

Browse source
This commit is contained in:
Darren 'Tadgy' Austin 2020-09-29 16:40:13 +01:00
commit 3d665e5e11
72 changed files with 3200 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

161
base-files/.gitignore vendored Normal file
View file

@ -0,0 +1,161 @@
# Files which should never be tracked, for security.
gshadow
shadow
ssh/*_key
# Temporary, backup, sample and dist files.
*.swp
.pwd.lock
group-
gshadow-
passwd-
shadow-
*.example
*-example
*_example
*.sample
*-sample
*_sample
*.dist
# Dynamically created files.
adjtime
ca-certificates.conf
ld.so.cache
random-seed
# Files that don't need to be tracked.
DIR_COLORS
X11/
bind.keys
bindresvport.blacklist
cgconfig.conf
cgred.conf
cgrules.conf
cgsnapshot_blacklist.conf
cron.daily/certwatch
cron.daily/logrotate
cron.daily/man-db
cron.daily/mlocate
dbus-1/
default/cpufreq
default/crond
default/kadmind
default/kpropd
default/krb5kdc
default/lxc
default/sshd
default/useradd
dhcpcd.conf
dnsmasq.conf
e2scrub.conf
ethertypes
fail2ban/*.conf
fail2ban/action.d/*.conf
fail2ban/action.d/*.py
fail2ban/filter.d/ignorecommands
fail2ban/filter.d/*.conf
fb.modes
file/
host.conf
hosts.allow
hosts.deny
hosts.equiv
init.d
inputrc
iproute2/
issue
issue.net
ld.so.conf
libnl/
localtime
localtime-copied-from
login.access
lxc/default.conf
lynx.cfg
lynx.lss
man_db.conf
mcelog/mcelog.conf
mcelog/*-trigger
misc
mke2fs.conf
modprobe.d/README
mtab
named.conf
nanorc
netconfig
nntpserver
nsswitch.conf
ntp.keys
os-release
profile.d/coreutils-dircolors.*
profile.d/gawk.*
profile.d/glibc.*
profile.d/man-db.*
profile.d/z-dot-in-non-root-path.*
protocols
!rc.d/init.d/
rc.d/init.d/README.functions
rc.d/init.d/functions
rc.d/rc.0
rc.d/rc.4
rc.d/rc.6
rc.d/rc.K
rc.d/rc.M
rc.d/rc.S
rc.d/rc.bind
rc.d/rc.cgconfig
rc.d/rc.cgmanager
rc.d/rc.cgproxy
rc.d/rc.cgred
rc.d/rc.cpufreq
rc.d/rc.crond
rc.d/rc.dnsmasq
rc.d/rc.fail2ban
rc.d/rc.font
rc.d/rc.haveged
rc.d/rc.inet1
rc.d/rc.inet2
rc.d/rc.ip_forward
rc.d/rc.kadmind
rc.d/rc.kpropd
rc.d/rc.krb5kdc
rc.d/rc.libvirt
rc.d/rc.loop
rc.d/rc.lxc
rc.d/rc.mcelog
rc.d/rc.messagebus
rc.d/rc.modules
rc.d/rc.ntpd
rc.d/rc.qemu-ga
rc.d/rc.saslauthd
rc.d/rc.serial
rc.d/rc.setterm
rc.d/rc.smartd
rc.d/rc.sshd
rc.d/rc.sysstat
rc.d/rc.sysvinit
rc.d/rc.udev
rc.d/rc.vnstat
rc?.d
!rc.d/rc?.d/
request-key.conf
rmt
screenrc
sensors3.conf
serial.conf
services
shells
skel/.screenrc
slackware-version
smartd_warning.sh
ssh/moduli
ssl/
sudoers
sysstat/
termcap
udev/
updatedb.conf
vi.exrc
wgetrc
xattr.conf

3
base-files/cron.daily/update-slackpkg-template Executable file
View file

@ -0,0 +1,3 @@
#!/bin/bash
slackpkg -batch=on -default_answer=y generate-template "$HOSTNAME" >/dev/null

9
base-files/cron.daily/warn-git-status Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
source /etc/mail.conf "etc-git" || exit 1
cd /etc
OUTPUT="$(git status | egrep -ve "^(On branch|Your branch|No commits|nothing|$)" -e "\(use")"
[[ ! -z "$OUTPUT" ]] && mailx "${MAILX_ARGS[@]}" -r "$EMAIL_FROM" -s "/etc git status" "${EMAIL_TO[@]}" <<< "$OUTPUT"

24
base-files/cron.hourly/log-acls Executable file
View file

@ -0,0 +1,24 @@
#!/bin/bash
# Sleep for a couple of minutes to prevent a race condition with other cron jobs.
sleep 120
# Secure /var/log
# Set standard access perms for directories
setfacl -m user::rwx,group::rx,other::x /var/log/
find /var/log/*/ -type d -exec setfacl -m user::rwx,group::rx,other::- {} \;
# Set standard access perms for files
find /var/log -type f -exec setfacl -Rm user::rw,group::r,other::- {} \;
# Allow group 'admin' read access to all directories/files
find /var/log -type d -exec setfacl -m group:admin:rX {} \;
find /var/log -type f -exec setfacl -m group:admin:r {} \;
# Set default access for new files in directories.
find /var/log -type d -exec setfacl -dm user::rwX,group::rX,other::- {} \;
find /var/log -type d -exec setfacl -dm group:admin:rX {} \;
# /var/log/wtmp needs to be readable by everyone
setfacl -m user::rw,group::r,other::r /var/log/wtmp
# To clear above ACL settings:
# setfacl -Rk /path
# setfacl -Rx group:admin: /path
# setfacl -Rx mask:: /path

45
base-files/csh.login Normal file
View file

@ -0,0 +1,45 @@
# System wide set up for the csh and tcsh shells.
# The default search path.
set path = ( /usr/bin /bin /usr/local/bin )
# Add sbin paths for root users.
if ( { [ "`id -u`" = "0" -o "`id -g`" = "0" ] } ) \
set path = ( /usr/sbin /sbin /usr/local/sbin $path )
# Set path to include a user's private bin if it exists.
if ( -d ~/bin ) set path = ( ~/bin $path )
# Append /usr/games to path if it exists.
if ( -d /usr/games ) set path = ( $path /usr/games )
# Set a default terminal type if none was detected.
if ! $?TERM setenv TERM linux
if ( "$TERM" == "" ) setenv TERM linux
if ( "$TERM" == "unknown" ) setenv TERM linux
# Use the system inputrc if the user does not have their own.
if ( ! -r ~/.inputrc ) setenv INPUTRC /etc/inputrc
# Set an empty MANPATH if none exists (this prevents some profile.d scripts from exiting from trying to access an unset variable):
if ! $?MANPATH setenv MANPATH ""
# Set the HOSTNAME environment variable.
setenv HOSTNAME "`cat /etc/HOSTNAME`"
# Shell prompt.
set prompt = "%n@%m:%~%# "
# Use a reasonable create mask.
umask 022
# Set up any further environment from files in /etc/profile.d/.
if ( -d /etc/profile.d ) then
set nonomatch
foreach file ( /etc/profile.d/*.csh )
if ( -x $file ) then
source $file
endif
end
unset file nonomatch
endif

4
base-files/default/syslogd Normal file
View file

@ -0,0 +1,4 @@
# Options for the syslog daemon.
# Default is "-s" to run in secure mode - not accepting network connections.
# For other options, see syslog(8).
SYSLOGD_OPTS="-s -k -m 0"

1
base-files/dialogrc Normal file
View file

@ -0,0 +1 @@
# This file is intentionally empty.

75
base-files/fail2ban/fail2ban.local Normal file
View file

@ -0,0 +1,75 @@
[DEFAULT]
# Option: loglevel
# Notes.: Set the log level output.
# CRITICAL
# ERROR
# WARNING
# NOTICE
# INFO
# DEBUG
# Values: [ LEVEL ] Default: ERROR
#
loglevel = INFO
# Option: logtarget
# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
# Only one log target can be specified.
# If you change logtarget from the default value and you are
# using logrotate -- also adjust or disable rotation in the
# corresponding configuration file
# (e.g. /etc/logrotate.d/fail2ban on Debian systems)
# Values: [ STDOUT | STDERR | SYSLOG | SYSOUT | FILE ] Default: STDERR
#
logtarget = syslog[facility=LOCAL0]
# Option: syslogsocket
# Notes: Set the syslog socket file. Only used when logtarget is SYSLOG
# auto uses platform.system() to determine predefined paths
# Values: [ auto | FILE ] Default: auto
#syslogsocket = auto
# Option: socket
# Notes.: Set the socket file. This is used to communicate with the daemon. Do
# not remove this file when Fail2ban runs. It will not be possible to
# communicate with the server afterwards.
# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.sock
#
socket = /var/run/fail2ban.sock
# Option: pidfile
# Notes.: Set the PID file. This is used to store the process ID of the
# fail2ban server.
# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.pid
#
pidfile = /var/run/fail2ban.pid
# Options: dbfile
# Notes.: Set the file for the fail2ban persistent data to be stored.
# A value of ":memory:" means database is only stored in memory
# and data is lost when fail2ban is stopped.
# A value of "None" disables the database.
# Values: [ None :memory: FILE ] Default: /var/lib/fail2ban/fail2ban.sqlite3
# dbfile = /var/lib/fail2ban/fail2ban.sqlite3
# Options: dbpurgeage
# Notes.: Sets age at which bans should be purged from the database
# Values: [ SECONDS ] Default: 86400 (24hours)
#dbpurgeage = 1d
# Options: dbmaxmatches
# Notes.: Number of matches stored in database per ticket (resolvable via
# tags <ipmatches>/<ipjailmatches> in actions)
# Values: [ INT ] Default: 10
#dbmaxmatches = 10
[Definition]
[Thread]
# Options: stacksize
# Notes.: Specifies the stack size (in KiB) to be used for subsequently created threads,
# and must be 0 or a positive integer value of at least 32.
# Values: [ SIZE ] Default: 0 (use platform or configured default)
#stacksize = 0

61
base-files/fail2ban/jail.local Normal file
View file

@ -0,0 +1,61 @@
[DEFAULT]
#
# MISCELLANEOUS OPTIONS
#
# "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban
# will not ban a host which matches an address in this list. Several addresses
# can be defined using space (and/or comma) separator.
ignoreip = 127.0.0.1/8 91.109.244.0/24 ::1 2a02:2498:1:227::/64 afterdark.org.uk
# "bantime" is the number of seconds that a host is banned.
bantime = 12h
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 2h
# "maxretry" is the number of failures before a host get banned.
maxretry = 3
# "usedns" specifies if jails should trust hostnames in logs,
# warn when DNS lookups are performed, or ignore all hostnames in logs
#
# yes: if a hostname is encountered, a DNS lookup will be performed.
# warn: if a hostname is encountered, a DNS lookup will be performed,
# but it will be logged as a warning.
# no: if a hostname is encountered, will not be used for banning,
# but it will be logged as info.
# raw: use raw value (no hostname), allow use it for no-host filters/actions (example user)
usedns = warn
#
# ACTIONS
#
# Some options used for actions
# Destination email address used solely for the interpolations in
# jail.{conf,local,d/*} configuration files.
destemail = root@localhost
# Sender email address used solely for some actions
sender = root@<fq-hostname>
#
# JAILS
#
[sshd]
# To use more aggressive sshd modes set filter parameter "mode" in jail.local:
# normal (default), ddos, extra or aggressive (combines all).
# See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.
#mode = normal
enabled = yes
port = 9922
#[apache-auth]
#enabled = yes
#

25
base-files/fail2ban/paths-overrides.local Normal file
View file

@ -0,0 +1,25 @@
[DEFAULT]
syslog_mail = /var/log/smtpd
syslog_mail_warn = /var/log/smtpd
syslog_authpriv = /var/log/messages
syslog_auth = /var/log/messages
syslog_user = /var/log/messages
syslog_ftp = /var/log/ftpd
syslog_daemon = /var/log/messages
syslog_local0 = /var/log/messages
apache_error_log = /var/log/httpd/*error.log
apache_access_log = /var/log/httpd/*access.log
# Default for Slackware provided below,
# please change according to your proftpd config file.
proftpd_log = /var/log/ftpd

15
base-files/filesystems Normal file
View file

@ -0,0 +1,15 @@
ext4
ext3
ext2
iso9660
vfat
ntfs
msdos
reiserfs
btrfs
jfs
xfs
romfs
udf
minix
*

6
base-files/hardwareclock Normal file
View file

@ -0,0 +1,6 @@
# /etc/hardwareclock
#
# Tells how the hardware clock time is stored.
# You should run timeconfig to edit this file.
UTC

7
base-files/initscript Executable file
View file

@ -0,0 +1,7 @@
PATH="/opt/sbin:/usr/local/sbin:/usr/sbin:/sbin:/opt/bin:/usr/local/bin:/usr/bin:/bin"
PERL5LIB="/opt/lib64/perl5:/opt/lib64/perl5/site_perl"
PYTHONPATH="/opt/lib64/python2.7/site-packages"
export PATH PERL5LIB PYTHONPATH
eval exec "$4"

63
base-files/inittab Normal file
View file

@ -0,0 +1,63 @@
# These are the default runlevels in Slackware:
# 0 = halt
# 1 = single user mode
# 2 = unused (but configured the same as runlevel 3)
# 3 = multiuser mode (default Slackware runlevel)
# 4 = X11 with KDM/GDM/XDM (session managers)
# 5 = unused (but configured the same as runlevel 3)
# 6 = reboot
# Default runlevel. Do not set to 0 or 6.
id:3:initdefault:
# System initialization (runs when system boots).
si:S:sysinit:/etc/rc.d/rc.S
# Script to run when going single user (runlevel 1).
su:1S:wait:/etc/rc.d/rc.K
# Script to run when going multi user.
rc:2345:wait:/etc/rc.d/rc.M
# What to do at the "Three Finger Salute".
ca::ctrlaltdel:/sbin/shutdown -t5 -r now
# Runlevel 0 halts the system.
l0:0:wait:/etc/rc.d/rc.0
# Runlevel 6 reboots the system.
l6:6:wait:/etc/rc.d/rc.6
# What to do when power fails.
pf::powerfail:/sbin/genpowerfail start
# FIXME: If running in a LXC container, use this.
# pf::powerfail:/sbin/shutdown -h now
# If power is back, cancel the running shutdown.
pg::powerokwait:/sbin/genpowerfail stop
# FIXME: If running in a LXC container, use this.
# pg::powerokwait:/sbin/shutdown -c
# These are the standard console login getties in multiuser mode.
c1:12345:respawn:/sbin/agetty --noclear 38400 tty1 linux
c2:12345:respawn:/sbin/agetty 38400 tty2 linux
#c3:12345:respawn:/sbin/agetty 38400 tty3 linux
#c4:12345:respawn:/sbin/agetty 38400 tty4 linux
#c5:12345:respawn:/sbin/agetty 38400 tty5 linux
#c6:12345:respawn:/sbin/agetty 38400 tty6 linux
#c7:12345:respawn:/sbin/agetty 38400 tty7 linux
#c8:12345:respawn:/sbin/agetty 38400 tty8 linux
#c9:12345:respawn:/sbin/agetty 38400 tty9 linux
#c10:12345:respawn:/sbin/agetty 38400 tty10 linux
# Local serial lines.
#s1:12345:respawn:/sbin/agetty -L ttyS0 9600 vt100
#s2:12345:respawn:/sbin/agetty -L ttyS1 9600 vt100
# Dialup lines.
#d1:12345:respawn:/sbin/agetty -mt60 38400,19200,9600,2400,1200 ttyS0 vt100
#d2:12345:respawn:/sbin/agetty -mt60 38400,19200,9600,2400,1200 ttyS1 vt100
# Runlevel 4 also starts /etc/rc.d/rc.4 to run a display manager for X.
# Display managers are preferred in this order: gdm, kdm, xdm.
x1:4:respawn:/etc/rc.d/rc.4

1
base-files/ld.so.conf.d/opt.conf Normal file
View file

@ -0,0 +1 @@
/opt/lib64

287
base-files/login.defs Normal file
View file

@ -0,0 +1,287 @@
#
# /etc/login.defs - Configuration control definitions for the shadow package.
#
# $Id: login.defs 3038 2009-07-23 20:41:35Z nekral-guest $
#
#
# Delay in seconds before being allowed another attempt after a login failure
#
FAIL_DELAY 1
#
# Enable display of unknown usernames when login failures are recorded.
#
LOG_UNKFAIL_ENAB yes
#
# Enable logging of successful logins
#
LOG_OK_LOGINS no
#
# Enable "syslog" logging of su activity - in addition to sulog file logging.
# SYSLOG_SG_ENAB does the same for newgrp and sg.
#
SYSLOG_SU_ENAB yes
SYSLOG_SG_ENAB yes
#
# If defined, either full pathname of a file containing device names or
# a ":" delimited list of device names. Root logins will be allowed only
# upon these devices.
#
CONSOLE /etc/securetty
#CONSOLE console:tty01:tty02:tty03:tty04
#
# If defined, all su activity is logged to this file.
#
SULOG_FILE /var/log/sulog
#
# If defined, file which maps tty line to TERM environment parameter.
# Each line of the file is in a format something like "vt100 tty01".
#
#TTYTYPE_FILE /etc/ttytype
#
# If defined, the command name to display when running "su -". For
# example, if this is defined as "su" then a "ps" will display the
# command is "-su". If not defined, then "ps" would display the
# name of the shell actually being run, e.g. something like "-sh".
#
SU_NAME su
#
# *REQUIRED*
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you _do_ define both, MAIL_DIR takes precedence.
#
MAIL_DIR /var/spool/mail
#MAIL_FILE .mail
#
# If defined, file which inhibits all the usual chatter during the login
# sequence. If a full pathname, then hushed mode will be enabled if the
# user's name or shell are found in the file. If not a full pathname, then
# hushed mode will be enabled if the file exists in the user's home directory.
#
HUSHLOGIN_FILE .hushlogin
#HUSHLOGIN_FILE /etc/hushlogins
#
# *REQUIRED* The default PATH settings, for superuser and normal users.
#
# (they are minimal, add the rest in the shell startup files)
ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin
ENV_PATH PATH=/usr/local/bin:/bin:/usr/bin
#
# Terminal permissions
#
# TTYGROUP Login tty will be assigned this group ownership.
# TTYPERM Login tty will be set to this permission.
#
# If you have a "write" program which is "setgid" to a special group
# which owns the terminals, define TTYGROUP to the group number and
# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
# TTYPERM to either 622 or 600.
#
TTYGROUP tty
TTYPERM 0620
#
# Login configuration initializations:
#
# ERASECHAR Terminal ERASE character ('\010' = backspace).
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
#
# The ERASECHAR and KILLCHAR are used only on System V machines.
# (now it works with setrlimit too; ulimit is in 512-byte units)
#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR 0177
KILLCHAR 025
#
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
# Default "umask" value for pam_umask(8) on PAM enabled systems.
# UMASK is also used by useradd(8) and newusers(8) to set the mode for new
# home directories if HOME_MODE is not set.
# 022 is the default value, but 027, or even 077, could be considered
# for increased privacy. There is no One True Answer here: each sysadmin
# must make up their mind.
UMASK 022
#
# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new
# home directories.
# If HOME_MODE is not set, the value of UMASK is used to create the mode.
#HOME_MODE 0700
#
# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
#
# Min/max values for automatic uid selection in useradd
#
UID_MIN 1000
UID_MAX 60000
# System accounts
SYS_UID_MIN 101
SYS_UID_MAX 999
#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN 1000
GID_MAX 60000
# System accounts
SYS_GID_MIN 101
SYS_GID_MAX 999
#
# Max number of login retries if password is bad
#
LOGIN_RETRIES 5
#
# Max time in seconds for login
#
LOGIN_TIMEOUT 60
#
# Which fields may be changed by regular users using chfn - use
# any combination of letters "frwh" (full name, room number, work
# phone, home phone). If not defined, no changes are allowed.
# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
#
CHFN_RESTRICT rwh
#
# Only works if compiled with MD5_CRYPT defined:
# If set to "yes", new passwords will be encrypted using the MD5-based
# algorithm compatible with the one used by recent releases of FreeBSD.
# It supports passwords of unlimited length and longer salt strings.
# Set to "no" if you need to copy encrypted passwords to other systems
# which don't understand the new algorithm. Default is "no".
#
# This variable is deprecated. You should use ENCRYPT_METHOD.
#
#MD5_CRYPT_ENAB no
#
# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
# If set to MD5 , MD5-based algorithm will be used for encrypting password
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password
# If set to DES, DES-based algorithm will be used for encrypting password (default)
# Overrides the MD5_CRYPT_ENAB option
#
ENCRYPT_METHOD SHA512
#
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
#
# Define the number of SHA rounds.
# With a lot of rounds, it is more difficult to brute forcing the password.
# But note also that it more CPU resources will be needed to authenticate
# users.
#
# If not specified, the libc will choose the default number of rounds (5000).
# The values must be inside the 1000-999999999 range.
# If only one of the MIN or MAX values is set, then this value will be used.
# If MIN > MAX, the highest value will be used.
#
#SHA_CRYPT_MIN_ROUNDS 5000
#SHA_CRYPT_MAX_ROUNDS 5000
#
# Only works if ENCRYPT_METHOD is set to BCRYPT.
#
# Define the number of BCRYPT rounds.
# With a lot of rounds, it is more difficult to brute-force the password.
# However, more CPU resources will be needed to authenticate users if
# this value is increased.
#
# If not specified, 13 rounds will be attempted.
# If only one of the MIN or MAX values is set, then this value will be used.
# If MIN > MAX, the highest value will be used.
#
#BCRYPT_MIN_ROUNDS 13
#BCRYPT_MAX_ROUNDS 13
#
# List of groups to add to the user's supplementary group set
# when logging in on the console (as determined by the CONSOLE
# setting). Default is none.
#
# Use with caution - it is possible for users to gain permanent
# access to these groups, even when not logged in on the console.
# How to do it is left as an exercise for the reader...
#
# Most of these groups are self-explanatory, but in the case of
# "lp", it is because group lp is needed to use a scanner that
# is part of a multifunction printer.
#
# Note that users are added to these default groups only when
# logging into a shell with /bin/login, not when using a login
# manager such as kdm. In that case, users who should have
# hardware access must be added to the appropriate groups
# when the user is added with adduser or useradd, or by editing
# /etc/group directly, preferably using "vigr"
#
CONSOLE_GROUPS floppy:audio:cdrom:video:lp:scanner
#
# Should login be allowed if we can't cd to the home directory?
# Default in no.
#
DEFAULT_HOME yes
#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD /usr/sbin/userdel_local
#
# Enable setting of the umask group bits to be the same as owner bits
# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
# the same as gid, and username is the same as the primary group name.
#
# This also enables userdel to remove user groups if no members exist.
#
USERGROUPS_ENAB yes
#
# If set to a non-nul number, the shadow utilities will make sure that
# groups never have more than this number of users on one line.
# This permit to support split groups (groups split into multiple lines,
# with the same group ID, to avoid limitation of the line length in the
# group file).
#
# 0 is the default value and disables this feature.
#
#MAX_MEMBERS_PER_GROUP 0
#
# If useradd should create home directories for users by default (non
# system users only)
# This option is overridden with the -M or -m flags on the useradd command
# line.
#
#CREATE_HOME yes

25
base-files/logrotate.conf Normal file
View file

@ -0,0 +1,25 @@
# Rotate log files on a monthly basis.
monthly
# Name files based upon the year/month they are rotated.
dateext
dateformat -%Y-%m
dateyesterday
# Compress rotated logs.
compress
# Keep 5 years of old logs (just to be sure).
rotate 60
# Move rotated logs to this directory.
olddir /var/log/Archived
# After rotating, create new (empty) files with the same owner/perms.
create
# E-mail logs which are about to be deleted to this address.
# mail root@example.com
# Read log specific configurations.
include /etc/logrotate.d

6
base-files/logrotate.d/btmp Normal file
View file

@ -0,0 +1,6 @@
# The btmp login failure records are not rotated by default.
# Uncomment the lines below to enable rotation of btmp.
# /var/log/btmp {
# # No specific options.
# }

2
base-files/logrotate.d/lastlog Normal file
View file

@ -0,0 +1,2 @@
# This file is for information only.
# /var/log/lastlog should not be rotated as it is a database, not a log file.

7
base-files/logrotate.d/ntp Normal file
View file

@ -0,0 +1,7 @@
/var/log/ntp {
notifempty
missingok
postrotate
[ -x /etc/rc.d/rc.ntpd ] && /etc/rc.d/rc.ntpd restart || true
endscript
}

3
base-files/logrotate.d/sulog Normal file
View file

@ -0,0 +1,3 @@
/var/log/sulog {
# No specific options.
}

6
base-files/logrotate.d/syslog Normal file
View file

@ -0,0 +1,6 @@
/var/log/messages /var/log/fail2ban {
sharedscripts
postrotate
/bin/kill -HUP $(cat /var/run/syslogd.pid) >/dev/null 2>&1 || true
endscript
}

6
base-files/logrotate.d/wtmp Normal file
View file

@ -0,0 +1,6 @@
# The wtmp login records are not rotated by default.
# Uncomment the lines below to enable rotation of wtmp.
# /var/log/wtmp {
# # No specific options.
# }

24
base-files/mail.conf Normal file
View file

@ -0,0 +1,24 @@
# This file is sourced by various scripts that need to send emails.
case "${HOSTNAME#*.}" in
slackware.uk)
EMAIL_DOMAIN="slackware.uk"
;;
*)
EMAIL_DOMAIN="opensourcerers.uk"
;;
esac
EMAIL_FROM="${HOSTNAME%%.*} <noreply@$EMAIL_DOMAIN>"
case "$1" in
sbosrcarch)
EMAIL_TO=("Systems Administrator <sysadmin@$EMAIL_DOMAIN>")
MAILX_ARGS=("-c" "Urchlay <yalhcru@gmail.com>")
;;
*)
EMAIL_TO=("Systems Administrator <sysadmin@$EMAIL_DOMAIN>")
;;
esac
true

101
base-files/motd Normal file
View file

@ -0,0 +1,101 @@
# FIXME: choose correct motd banner.
____ _
| __ ) ___ _ __ __| | ___ _ __
| _ \ / _ \| '_ \ / _` | / _ \| '__|
| |_) || __/| | | || (_| || __/| |
|____/ \___||_| |_| \__,_| \___||_|
_____
| ___|_ __ _ _
| |_ | '__|| | | |
| _| | | | |_| |
|_| |_| \__, |
|___/
_ _
| | ___ ___ | | __ _
| | / _ \ / _ \| | / _` |
| |___| __/| __/| || (_| |
|_____|\___| \___||_| \__,_|
_
/ \ _ __ ___ _ _
/ _ \ | '_ ` _ \ | | | |
/ ___ \ | | | | | || |_| |
/_/ \_\|_| |_| |_| \__, |
|___/
____ __
| _ \ _ __ ___ / _| ___ ___ ___ ___ _ __
| |_) || '__|/ _ \ | |_ / _ \/ __|/ __| / _ \ | '__|
| __/ | | | (_) || _|| __/\__ \\__ \| (_) || |
|_| |_| \___/ |_| \___||___/|___/ \___/ |_|
_____ _ _ _
|__ / ___ (_) __| || |__ ___ _ __ __ _
/ / / _ \ | | / _` || '_ \ / _ \| '__|/ _` |
/ /_| (_) || || (_| || |_) || __/| | | (_| |
/____|\___/ |_| \__,_||_.__/ \___||_| \__, |
|___/
_ _
| | | | ___ _ __ _ __ ___ ___ ___
| |_| | / _ \| '__|| '_ ` _ \ / _ \/ __|
| _ || __/| | | | | | | || __/\__ \
|_| |_| \___||_| |_| |_| |_| \___||___/
_____
|__ / __ _ _ __ _ __
/ / / _` || '_ \ | '_ \
/ /_| (_| || |_) || |_) |
/____|\__,_|| .__/ | .__/
|_| |_|
_ __ _ __
| |/ /(_) / _|
| ' / | || |_
| . \ | || _|
|_|\_\|_||_|
_ _ _ _ _ _
| \ | |(_)| |__ | |__ | | ___ _ __
| \| || || '_ \ | '_ \ | | / _ \| '__|
| |\ || || |_) || |_) || || __/| |
|_| \_||_||_.__/ |_.__/ |_| \___||_|
____ __ __
/ ___| ___ _ __ _ _ / _| / _| _ _
\___ \ / __|| '__|| | | || |_ | |_ | | | |
___) || (__ | | | |_| || _|| _|| |_| |
|____/ \___||_| \__,_||_| |_| \__, |
|___/
_ _
__ |``: __ ___. | , __ __ __ _ ___
(__` |`` __) / ` |.( | | __) |'` /___)
| .__) _|_ (__|_ '.__. _| \_ \_/\_/ (__|_ _|_ '.__.
|
|__________________________________________________ | | |_/
\_/ | \
_ _
__ |``: __ ___. | , __ __ __ _ ___
(__` |`` __) / ` |.( | | __) |'` /___)
| .__) _|_ (__|_ '.__. _| \_ \_/\_/ (__|_ _|_ '.__.
| _ _ _ _ _ _ _ _
|___________________________________ |V| | |_) |_) / \ |_)
| | _|_ | \ | \ \_/ | \
_ _
__ |``: __ ___. | , __ __ __ _ ___
(__` |`` __) / ` |.( | | __) |'` /___)
| .__) _|_ (__|_ '.__. _| \_ \_/\_/ (__|_ _|_ '.__.
| __ __ __ _ _ _
|_______________________________ (_ |_ |_ | \ |_) / \ \_/
__} |__ |__ |_/ |_) \_/ / \
_ _
__ |``: __ ___. | , __ __ __ _ ___
(__` |`` __) / ` |.( | | __) |'` /___)
| .__) _|_ (__|_ '.__. _| \_ \_/\_/ (__|_ _|_ '.__.
| _ _ _ _
|____________________________________ |_) /_\ / |_/ | | |_)
|_) | | \_ | \ \_/ |

1
base-files/msmtp/aliases Normal file
View file

@ -0,0 +1 @@
default: sysadmin@opensourcerers.uk

16
base-files/msmtp/msmtprc Normal file
View file

@ -0,0 +1,16 @@
account default
host mail.opensourcerers.net
timeout 300
# FIXME: Set domain
domain host.opensourcerers.net
# FIXME: Enable TLS.
# tls on
# tls_starttls on
# tls_trust_file /path/to/ca-certificate.pem
# tls_cert_file /path/to/server-certificate.pem
# tls_key_file /path/to/server-key.pem
# tls_certcheck on
auto_from on
maildomain opensourcerers.uk
syslog LOG_MAIL
aliases /etc/msmtp/aliases

110
base-files/nail.rc Normal file
View file

@ -0,0 +1,110 @@
# Configuration file for Mailx (formerly "nail").
# See mailx(1) for further options.
# Do not move messages from the system mailbox to a local mbox.
set hold
# Messages will be appended (rather than prepended) to mboxes.
# This should usually always be set.
# This has no effect unless 'hold' is unset again.
set append
# Always ask for a subject when composing a message interactively.
set ask
# Assume a CRT-like terminal and invoke a pager.
set crt
# Messages may be terminated by a dot.
set dot
# Do not remove empty mail folders in the spool directory.
# This may be relevant for privacy since other users could
# otherwise create them with different permissions.
set keep
# Do not remove empty mail folders.
set emptybox
# Quote the original message in replies by "> " as usual on the Internet.
set indentprefix="> "
# Automatically quote the text of the message that is responded to.
set quote
# Outgoing messages are sent in UTF-8 if possible, otherwise LATIN1.
set sendcharsets=utf-8,iso-8859-1
# Display sender's real names in header summaries.
set showname
# Display the recipients of messages sent by the user himself in
# header summaries.
set showto
# Automatically check for new messages at each prompt, but avoid polling
# of IMAP servers or maildir folders.
set newmail=nopoll
# If threaded mode is activated, automatically collapse thread.
set autocollapse
# Mark messages that have been answered.
set markanswered
# Hide some header fields which are uninteresting for most human readers.
ignore received in-reply-to message-id references
ignore mime-version content-transfer-encoding
# Only include selected header fields when forwarding messages.
headerpick forward retain subject date from to cc
# Use a directory named 'mail' in the users homedir to hold mailboxes.
set folder=mail/
# Keep the comment/name part of email addresses when replying.
set fullnames
# Use 'less' for paged output.
set PAGER=/usr/bin/less
# When spawning an editor in compose mode, allow editing of headers.
set editheaders
# Startup into interactive mode even if the (given) mailbox is empty.
set emptystart
# Add more entries to the history as is done by default.
# The latter will cause the built-in editor to save those entries, too.
set history-gabby all history-gabby-persist
# Try to circumvent false or missing MIME Content-Type descriptions.
# Do set a value for extended behaviour (see the manual).
#set mime-counter-evidence
set mime-counter-evidence=0b1111
# Do not move `save'd or `write'n message to $MBOX by default since this is
# likely to be irritating for most users today.
set keepsave
# When replying, do not merge From: and To: of the original message
# into To:. Instead old From: -> new To:, old To: -> merge Cc:.
set recipients-in-cc
# Whether a Mail-Followup-To: header is honoured when group-replying.
set followup-to-honour=ask-yes
# Whether a Reply-To: header is honoured when replying.
set reply-to-honour=ask-yes
# When sending a message, wait until the MTA (including the built-in SMTP one)
# exits before accepting further commands. Only with this variable set are
# errors reported by the MTA recognised!
set sendwait
# Only include these selected header fields when printing messages.
retain date sender from to cc subject message-id mail-followup-to reply-to
# Use an SMTP server rather than 'sendmail' to deliver mail.
# Set to the IP/Name of an SMTP server which will accept mail from this host.
# set smtp=mail.example.com

34
base-files/ntp.conf Normal file
View file

@ -0,0 +1,34 @@
# NTP servers to sync to.
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
server 3.pool.ntp.org iburst
# Sync to local clock if no servers are available.
server 127.127.1.0
fudge 127.127.1.0 stratum 10
# By default, restrict access to the service.
restrict -4 default limited nomodify noquery nopeer notrap kod
restrict -6 default limited nomodify noquery nopeer notrap kod
# Allow localhost to query the service, but nothing else.
restrict -4 127.0.0.1 limited nomodify nopeer notrap kod
restrict -6 ::1 limited nomodify nopeer notrap kod
# Allow local networks to sync with us.
# Edit the network address and mask below, and uncomment.
# restrict 192.168.1.0 mask 255.255.255.0 limited nomodify nopeer notrap kod
# Where to store the drift calculation.
driftfile /var/lib/ntp/drift
# Stats should be written here.
statsdir /var/lib/ntp/stats
# PID file location.
pidfile /var/run/ntpd.pid
# Disable the ntpdc -c monlist command, which is insecure and can be used
# to cause a denial of service attack (CVE-2013-5211).
disable monitor

52
base-files/profile Normal file
View file

@ -0,0 +1,52 @@
# System wide environment set up for the ash, bash, ksh and zsh shells.
# The default search path.
PATH=/usr/bin:/bin:/usr/local/bin
# Add sbin paths for root users.
[ "$(id -u)" = "0" -o "$(id -g)" = "0" ] && \
PATH=/usr/sbin:/sbin:/usr/local/sbin:$PATH
# Set PATH to include a user's private bin if it exists.
[ -d "~/bin" ] && PATH="~/bin:$PATH"
# Append /usr/games to PATH if it exists.
[ -d /usr/games ] && PATH=$PATH:/usr/games
# Set a default terminal type if none was detected.
[ "$TERM" = "" -o "$TERM" = "unknown" ] && TERM=linux
# Use the system inputrc if the user does not have their own.
[ ! -r ~/.inputrc ] && INPUTRC=/etc/inputrc
# Set the HOSTNAME environment variable.
HOSTNAME="$(cat /etc/HOSTNAME)"
# Shell prompts.
PS2='> '
PS3='#? '
PS4='+ '
# Custom setup for specific shells.
if [ -n "$ZSH_VERSION" ]; then # Zsh
PS1='%n@%m:%~%# '
elif ([ -n "${.sh.version}" ]) 2>/dev/null; then # Ksh
PS1='! ${PWD/#$HOME/~}$ '
alias hash='whence'
elif [ -n "$BASH_VERSION" ]; then # Bash
PS1='\u@\h:\w\$ '
else # Anything else
PS1='$ '
fi
# Use a reasonable create mask.
umask 022
# Set up any further environment from files in /etc/profile.d/.
for FILE in /etc/profile.d/*.sh; do
[ -x $FILE ] && . $FILE
done
unset FILE
# Export the environment just set up.
export PATH TERM INPUTRC MANPATH HOSTNAME PS1 PS2 PS3 PS4

1
base-files/profile.d/biff.csh Executable file
View file

@ -0,0 +1 @@
if ( -X biff ) biff y

3
base-files/profile.d/biff.sh Executable file
View file

@ -0,0 +1,3 @@
hash biff >/dev/null 2>&1 && {
biff y 2>/dev/null
}

28
base-files/profile.d/lang.csh Executable file
View file

@ -0,0 +1,28 @@
#!/bin/csh
# Set the system locale. (no, we don't have a menu for this ;-)
# For a list of locales which are supported by this machine, type:
# locale -a
# en_US.UTF-8 is the Slackware default locale. If you're looking for
# a different UTF-8 locale, be aware that some of them do not include
# UTF-8 or utf8 in the name. To test if a locale is UTF-8, use this
# command:
# LANG=<locale> locale -k charmap
# UTF-8 locales will include "UTF-8" in the output.
# If there are problems with certain programs and a UTF-8 locale, you
# can set LANG=C before starting them.
if ( "$LANG" == "" ) setenv LANG "en_GB-UTF8"
# 'C' is the old Slackware (and UNIX) default, which is 127-bit
# ASCII with a charmap setting of ANSI_X3.4-1968. These days,
# it's better to use en_US or another modern $LANG setting to
# support extended character sets.
# if ( "$LANG" == "" ) setenv LANG "C"
# One side effect of the newer locales is that the sort order
# is no longer according to ASCII values, so the sort order will
# change in many places. Since this isn't usually expected and
# can break scripts, we'll stick with traditional ASCII sorting.
# If you'd prefer the sort algorithm that goes with your $LANG
# setting, comment this out.
if ( "$LC_COLLATE" == "" ) setenv LC_COLLATE "C"

28
base-files/profile.d/lang.sh Executable file
View file

@ -0,0 +1,28 @@
#!/bin/sh
# Set the system locale. (no, we don't have a menu for this ;-)
# For a list of locales which are supported by this machine, type:
# locale -a
# en_US.UTF-8 is the Slackware default locale. If you're looking for
# a different UTF-8 locale, be aware that some of them do not include
# UTF-8 or utf8 in the name. To test if a locale is UTF-8, use this
# command:
# LANG=<locale> locale -k charmap
# UTF-8 locales will include "UTF-8" in the output.
# If there are problems with certain programs and a UTF-8 locale, you
# can set LANG=C before starting them.
export LANG="${LANG:-en_GB.UTF-8}"
# 'C' is the old Slackware (and UNIX) default, which is 127-bit
# ASCII with a charmap setting of ANSI_X3.4-1968. These days,
# it's better to use en_US or another modern $LANG setting to
# support extended character sets.
# export LANG=${LANG:-C}
# One side effect of the newer locales is that the sort order
# is no longer according to ASCII values, so the sort order will
# change in many places. Since this isn't usually expected and
# can break scripts, we'll stick with traditional ASCII sorting.
# If you'd prefer the sort algorithm that goes with your $LANG
# setting, comment this out.
export LC_COLLATE="${LC_COLLATE:-C}"

10
base-files/profile.d/less.csh Executable file
View file

@ -0,0 +1,10 @@
if ( -X less ) then
# Default options for less.
setenv LESS "-M"
# Pre-process some files for less to display them correctly.
setenv LESSOPEN "|lesspipe.sh %s"
# Use less as the man page viewer.
setenv MANPAGER "less -M"
endif

10
base-files/profile.d/less.sh Executable file
View file

@ -0,0 +1,10 @@
hash less >/dev/null 2>&1 && {
# Default options for less.
export LESS="-M"
# Pre-process some files for less to display them correctly.
export LESSOPEN="|lesspipe.sh %s"
# Use less as the man page viewer.
export MANPAGER="less -M"
}

35
base-files/profile.d/optpaths.csh Executable file
View file

@ -0,0 +1,35 @@
if ( { [ "`id -u`" = "0" -o "`id -g`" = "0" ] } ) then
set path = ( $path /opt/sbin /opt/bin )
else
set path = ( $path /opt/bin )
endif
if ( ! $?CPATH ) then
setenv CPATH "/opt/include"
else
setenv CPATH "/opt/include:$CPATH"
endif
if ( ! $?INFOPATH ) then
setenv INFOPATH "/opt/info"
else
setenv INFOPATH "/opt/info:$INFOPATH"
endif
if ( ! $?PERL5LIB ) then
setenv PERL5LIB "/opt/lib64/perl5:/opt/lib64/perl5/site_perl"
else
setenv PERL5LIB "/opt/lib64/perl5:/opt/lib64/perl5/site_perl:$PERL5LIB"
endif
if ( ! $?PKG_CONFIG_PATH ) then
setenv PKG_CONFIG_PATH "/opt/lib64/pkgconfig:/opt/share/pkgconfig"
else
setenv PKG_CONFIG_PATH "/opt/lib64/pkgconfig:/opt/share/pkgconfig:$PKG_CONFIG_PATH"
endif
if ( ! $?PYTHONPATH ) then
setenv PYTHONPATH "/opt/lib64/python2.7/site-packages"
else
setenv PYTHONPATH "/opt/lib64/python2.7/site-packages:$PYTHONPATH"
endif

37
base-files/profile.d/optpaths.sh Executable file
View file

@ -0,0 +1,37 @@
if [ "$(id -u)" = "0" -o "$(id -g)" = "0" ]; then
PATH="$PATH:/opt/sbin:/opt/bin"
else
PATH="$PATH:/opt/bin"
fi
if [ ! -n "$CPATH" ]; then
CPATH="/opt/include"
else
CPATH="/opt/include:$CPATH"
fi
if [ ! -n "$INFOPATH" ]; then
INFOPATH="/opt/info"
else
INFOPATH="/opt/info:$INFOPATH"
fi
if [ ! -n "$PERL5LIB" ]; then
PERL5LIB="/opt/lib64/perl5:/opt/lib64/perl5/site_perl"
else
PERL5LIB="/opt/lib64/perl5:/opt/lib64/perl5/site_perl:$PERL5LIB"
fi
if [ ! -n "$PKG_CONFIG_PATH" ]; then
PKG_CONFIG_PATH="/opt/lib64/pkgconfig:/opt/share/pkgconfig"
else
PKG_CONFIG_PATH="/opt/lib64/pkgconfig:/opt/share/pkgconfig:$PKG_CONFIG_PATH"
fi
if [ ! -n "$PYTHONPATH" ]; then
PYTHONPATH="/opt/lib64/python2.7/site-packages"
else
PYTHONPATH="/opt/lib64/python2.7/site-packages:$PYTHONPATH"
fi
export PATH CPATH INFOPATH PERL5LIB PKG_CONFIG_PATH PYTHONPATH

8
base-files/resolv.conf Normal file
View file

@ -0,0 +1,8 @@
options timeout:1 edns0
search opensourcerers.net
nameserver 91.109.244.8
nameserver 2a02:2498:1:227::8
nameserver 91.109.244.239
nameserver 2a02:2498:1:227::239
nameserver 185.176.90.169
nameserver 2a07:4580:b0d:57f::169

25
base-files/securetty Normal file
View file

@ -0,0 +1,25 @@
# Console tty's:
console
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
# Pseudo TTYs (not recommended):
# pts/0
# pts/1
# pts/2
# pts/3
# pts/4
# pts/5
# pts/6
# pts/7
# pts/8
# pts/9
# pts/10

11
base-files/skel/.bash_logout Normal file
View file

@ -0,0 +1,11 @@
if (( $SHLVL == 1 )); then
if [ -x /usr/bin/clear_console ]; then
/usr/bin/clear_console -q
elif [ -x /usr/bin/clear ]; then
/usr/bin/clear
elif [ -x /usr/bin/tput ]; then
/usr/bin/tput clear
else
echo -ne "\E[2J"
fi
fi

4
base-files/skel/.bash_profile Normal file
View file

@ -0,0 +1,4 @@
# Source the personal bash set up.
[ -e ~/.bashrc ] && . ~/.bashrc
# Add general environment set up here.

1
base-files/skel/.bashrc Normal file
View file

@ -0,0 +1 @@
# Add bash personalisation set up here.

45
base-files/slackpkg/blacklist Normal file
View file

@ -0,0 +1,45 @@
# /etc/slackpkg/blacklist
#
# This is a blacklist file. Any packages listed here won't be
# upgraded, removed, or installed by slackpkg.
# aaa_elflibs should NOT be blacklisted!
#
# You can blacklist using regular expressions.
#
# Don't use *full* regex here, because all of the following will be checked
# for the regex: series, name, version, arch, build, and fullname.
# When blacklisting packages, you can use extended regex on package names
# (such as xorg-.* instead of xorg-server, xorg-docs, etc), and a trailing
# slash for package series ("n/", "ap/", "xap/", etc).
#
# To blacklist *only* the "xorg-server" package, use this:
# xorg-server
#
# To blacklist *all* of the "xorg-server-*" packages, use this:
# xorg-server.*
#
# To blacklist the entire KDE package set, use this:
# kde/
#
# You will need to escape any special characters that are present in the
# package name. For example, to blacklist the gcc-g++ package, use this:
# gcc-g\+\+
#
# DON'T put any space(s) before or after the package name or regex.
# Automated upgrade of kernel packages may not be wanted in some situations;
# uncomment the lines below if that fits your circumstances:
kernel-generic
kernel-huge
kernel-modules
kernel-source
# This one will blacklist all SBo packages:
[0-9]+_SBo
# This will blacklist Robby's testing packages:
[0-9]+_rlw
# This will blacklist Tadgy's custom packages:
[0-9]+_tadgy

360
base-files/slackpkg/mirrors Normal file
View file

@ -0,0 +1,360 @@
# mirrors - List of Slackware Linux mirrors.
#
# SlackPkg - An Automated packaging tool for Slackware Linux
# Copyright (C) 2003-2011 Roberto F. Batista, Evaldo Gardenali
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# Project Page: http://slackpkg.org/
# Roberto F. Batista (aka PiterPunk) piterpunk@slackware.com
# Evaldo Gardenali (aka UdontKnow) evaldogardenali@fasternet.com.br
#
# END OF LEGAL NOTICE
#
#
# You only need to select one mirror and uncomment it.
# ONLY ONE mirror can be uncommented.
#
# You can use a mirror not included in this file. Many people have mirrors
# in their local networks. A list of all official Slackware mirrors
# (not version-specific, so some mirrors may not have all files) is here:
# https://mirrors.slackware.com/mirrorlist/
#
# Slackpkg only needs to point to the directory that contains
# "ChangeLog.txt", and don't forget the trailing slash.
#
#----------------------------------------------------------------
# Local CD/DVD drive
#----------------------------------------------------------------
# cdrom://media/cdrom/
#
#----------------------------------------------------------------
# Local Directory
#----------------------------------------------------------------
# file://path/to/some/directory/
#
#----------------------------------------------------------------
# Slackware64-14.2
#----------------------------------------------------------------
# USE MIRRORS.SLACKWARE.COM (DO NOT USE FTP - ONLY HTTP FINDS A NEARBY MIRROR)
# https://mirrors.slackware.com/slackware/slackware64-14.2/
#
#
# Here are some individual mirrors that can be used instead of the
# redirector at mirrors.slackware.com if necessary ; note that this
# list is not guaranteed to be up-to-date
#
# AUSTRALIA (AU)
# ftp://ftp.cc.swin.edu.au/slackware/slackware64-14.2/
# http://ftp.cc.swin.edu.au/slackware/slackware64-14.2/
# ftp://ftp.iinet.net.au/pub/slackware/slackware64-14.2/
# http://ftp.iinet.net.au/pub/slackware/slackware64-14.2/
# ftp://mirror.as24220.net/pub/slackware/slackware64-14.2/
# http://mirror.as24220.net/pub/slackware/slackware64-14.2/
# ftp://mirror.internode.on.net/.pub2/slackware/slackware64-14.2/
# http://mirror.internode.on.net/pub/slackware/slackware64-14.2/
# AUSTRIA (AT)
# http://gd.tuwien.ac.at/opsys/linux/freesoftware.com/slackware64-14.2/
# BELARUS (BY)
# ftp://mirror.datacenter.by/pub/slackware/slackware64-14.2/
# http://mirror.datacenter.by/pub/slackware/slackware64-14.2/
# BRAZIL (BR)
# ftp://ftp.slackware-brasil.com.br/slackware64-14.2/
# http://ftp.slackware-brasil.com.br/slackware64-14.2/
# BULGARIA (BG)
# ftp://mirrors.unixsol.org/slackware/slackware64-14.2/
# http://mirrors.unixsol.org/slackware/slackware64-14.2/
# CANADA (CA)
# ftp://mirror.csclub.uwaterloo.ca/slackware/slackware64-14.2/
# http://mirror.csclub.uwaterloo.ca/slackware/slackware64-14.2/
# ftp://mirror.its.dal.ca/slackware/slackware64-14.2/
# http://mirror.its.dal.ca/slackware/slackware64-14.2/
# CHINA (CN)
# http://mirrors.163.com/slackware/slackware64-14.2/
# http://mirrors.ustc.edu.cn/slackware/slackware64-14.2/
# COSTA RICA (CR)
# ftp://mirrors.ucr.ac.cr/slackware/pub/slackware/slackware64-14.2/
# http://mirrors.ucr.ac.cr/slackware/pub/slackware/slackware64-14.2/
# CZECH REPUBLIC (CZ)
# ftp://odysseus.linux.cz/pub/linux/slackware/slackware64-14.2/
# http://odysseus.linux.cz/pub/linux/slackware/slackware64-14.2/
# DENMARK (DK)
# ftp://mirrors.dotsrc.org/slackware/slackware64-14.2/
# https://mirrors.dotsrc.org/slackware/slackware64-14.2/
# FINLAND (FI)
# ftp://elektroni.phys.tut.fi/slackware64-14.2/
# FRANCE (FR)
# ftp://nephtys.lip6.fr/pub/linux/distributions/slackware/slackware64-14.2/
# http://nephtys.lip6.fr/pub/linux/distributions/slackware/slackware64-14.2/
# GERMANY (DE)
# ftp://ftp.gwdg.de/pub/linux/slackware/slackware64-14.2/
# http://ftp.gwdg.de/pub/linux/slackware/slackware64-14.2/
# ftp://ftp.tu-chemnitz.de/pub/linux/slackware/slackware64-14.2/
# http://ftp.tu-chemnitz.de/pub/linux/slackware/slackware64-14.2/
# ftp://sunsite.informatik.rwth-aachen.de/pub/comp/Linux/slackware/slackware64-14.2/
# http://sunsite.informatik.rwth-aachen.de/ftp/pub/comp/Linux/slackware/slackware64-14.2/
# GREECE (GR)
# ftp://ftp.cc.uoc.gr/mirrors/linux/slackware/slackware64-14.2/
# http://ftp.cc.uoc.gr/mirrors/linux/slackware/slackware64-14.2/
# ftp://ftp.otenet.gr/pub/linux/slackware/slackware64-14.2/
# http://ftp.otenet.gr/linux/slackware/slackware64-14.2/
# ftp://patroklos.noc.ntua.gr/pub/linux/slackware/slackware64-14.2/
# http://patroklos.noc.ntua.gr/pub/linux/slackware/slackware64-14.2/
# INDONESIA (ID)
# http://kambing.ui.ac.id/slackware/slackware64-14.2/
# https://repo.ukdw.ac.id/slackware/slackware64-14.2/
# IRELAND (IE)
# ftp://ftp.heanet.ie/mirrors/ftp.slackware.com/pub/slackware/slackware64-14.2/
# http://ftp.heanet.ie/mirrors/ftp.slackware.com/pub/slackware/slackware64-14.2/
# ITALY (IT)
# ftp://ba.mirror.garr.it/mirrors/Slackware/slackware64-14.2/
# http://ba.mirror.garr.it/mirrors/Slackware/slackware64-14.2/
# JAPAN (JP)
# ftp://ftp.nara.wide.ad.jp/pub/Linux/slackware/slackware64-14.2/
# http://ftp.nara.wide.ad.jp/pub/Linux/slackware/slackware64-14.2/
# ftp://ftp.kddilabs.jp/Linux/distributions/Slackware/slackware64-14.2/
# http://ftp.kddilabs.jp/Linux/distributions/Slackware/slackware64-14.2/
# ftp://riksun.riken.go.jp/Linux/slackware/slackware64-14.2/
# http://riksun.riken.go.jp/Linux/slackware/slackware64-14.2/
# NETHERLANDS (NL)
# ftp://ftp.nluug.nl/pub/os/Linux/distr/slackware/slackware64-14.2/
# http://ftp.nluug.nl/os/Linux/distr/slackware/slackware64-14.2/
# ftp://mirror.nl.leaseweb.net/slackware/slackware64-14.2/
# http://mirror.nl.leaseweb.net/slackware/slackware64-14.2/
# NORWAY (NO)
# ftp://ftp.slackware.no/slackware/slackware64-14.2/
# http://ftp.slackware.no/slackware/slackware64-14.2/
# POLAND (PL)
# ftp://ftp.pwr.wroc.pl/pub/linux/slackware/slackware64-14.2/
# http://ftp.pwr.wroc.pl/pub/linux/slackware/slackware64-14.2/
# ftp://ftp.slackware.pl/pub/slackware/slackware64-14.2/
# http://ftp.slackware.pl/pub/slackware/slackware64-14.2/
# ftp://sunsite.icm.edu.pl/vol/rzm1/linux-slackware/slackware64-14.2/
# http://sunsite.icm.edu.pl/packages/linux-slackware/slackware64-14.2/
# ftp://z-ftp.wcss.wroc.pl/pub/linux/slackware/slackware64-14.2/
# http://z-ftp.wcss.wroc.pl/pub/linux/slackware/slackware64-14.2/
# RUSSIA (RU)
# http://mirror.rol.ru/slackware/slackware64-14.2/
# ftp://mirror.yandex.ru/slackware/slackware64-14.2/
# http://mirror.yandex.ru/slackware/slackware64-14.2/
# SOUTH AFRICA (ZA)
# ftp://ftp.is.co.za/mirror/ftp.slackware.com/pub/slackware64-14.2/
# http://ftp.is.co.za/mirror/ftp.slackware.com/pub/slackware64-14.2/
# ftp://ftp.wa.co.za/pub/slackware/slackware64-14.2/
# http://ftp.wa.co.za/pub/slackware/slackware64-14.2/
# ftp://slackware.mirror.ac.za/slackware64-14.2/
# http://slackware.mirror.ac.za/slackware64-14.2/
# SWEDEN (SE)
# ftp://ftp.sunet.se/mirror/slackware.com/slackware64-14.2/
# http://ftp.sunet.se/mirror/slackware.com/slackware64-14.2/
# TAIWAN (TW)
# ftp://ftp.isu.edu.tw/pub/Linux/Slackware/slackware64-14.2/
# http://ftp.isu.edu.tw/pub/Linux/Slackware/slackware64-14.2/
# ftp://ftp.twaren.net/pub/Linux/Slackware/slackware64-14.2/
# http://ftp.twaren.net/Linux/Slackware/slackware64-14.2/
# TURKEY (TR)
# ftp://ftp.linux.org.tr/slackware/slackware64-14.2/
# http://ftp.linux.org.tr/slackware/slackware64-14.2/
# UKRAINE (UA)
# ftp://mirrors.mithril.org.ua/linux/slackware/slackware64-14.2/
# http://mirrors.mithril.org.ua/linux/slackware/slackware64-14.2/
# UNITED KINGDOM (UK)
# http://slackware.uk/slackware/slackware64-14.2/
# ftp://slackware.uk/slackware/slackware64-14.2/
# ftp://ftp.mirrorservice.org/sites/ftp.slackware.com/pub/slackware/slackware64-14.2/
# http://ftp.mirrorservice.org/sites/ftp.slackware.com/pub/slackware/slackware64-14.2/
# ftp://mirror.bytemark.co.uk/slackware/slackware64-14.2/
# http://mirror.bytemark.co.uk/slackware/slackware64-14.2/
# UNITED STATES (US)
# ftp://ftp.gtlib.gatech.edu/nv/ao2/lxmirror/ftp.slackware.com/slackware64-14.2/
# ftp://mirror.cs.princeton.edu/pub/mirrors/slackware/slackware64-14.2/
# ftp://mirrors.easynews.com/linux/slackware/slackware64-14.2/
# http://mirrors.easynews.com/linux/slackware/slackware64-14.2/
# ftp://mirrors.us.kernel.org/slackware/slackware64-14.2/
# http://mirrors.us.kernel.org/slackware/slackware64-14.2/
# ftp://mirrors.xmission.com/slackware/slackware64-14.2/
# http://mirrors.xmission.com/slackware/slackware64-14.2/
# https://mirror.slackbuilds.org/slackware/slackware64-14.2/
# http://slackware.cs.utah.edu/pub/slackware/slackware64-14.2/
# http://slackware.mirrors.pair.com/slackware64-14.2/
# ftp://slackware.mirrors.tds.net/pub/slackware/slackware64-14.2/
# http://slackware.mirrors.tds.net/pub/slackware/slackware64-14.2/
# ftp://spout.ussg.indiana.edu/linux/slackware/slackware64-14.2/
# http://spout.ussg.indiana.edu/linux/slackware/slackware64-14.2/
# ftp://teewurst.cc.columbia.edu/pub/linux/slackware/slackware64-14.2/
# http://teewurst.cc.columbia.edu/pub/linux/slackware/slackware64-14.2/
#
#----------------------------------------------------------------
# Slackware64-current
#----------------------------------------------------------------
# USE MIRRORS.SLACKWARE.COM (DO NOT USE FTP - ONLY HTTP FINDS A NEARBY MIRROR)
# https://mirrors.slackware.com/slackware/slackware64-current/
#
#
# Here are some individual mirrors that can be used instead of the
# redirector at mirrors.slackware.com if necessary ; note that this
# list is not guaranteed to be up-to-date
#
# AUSTRALIA (AU)
# ftp://ftp.cc.swin.edu.au/slackware/slackware64-current/
# http://ftp.cc.swin.edu.au/slackware/slackware64-current/
# ftp://ftp.iinet.net.au/pub/slackware/slackware64-current/
# http://ftp.iinet.net.au/pub/slackware/slackware64-current/
# ftp://mirror.aarnet.edu.au/pub/slackware/slackware64-current/
# http://mirror.aarnet.edu.au/pub/slackware/slackware64-current/
# ftp://mirror.as24220.net/pub/slackware/slackware64-current/
# http://mirror.as24220.net/pub/slackware/slackware64-current/
# ftp://mirror.internode.on.net/.pub2/slackware/slackware64-current/
# http://mirror.internode.on.net/pub/slackware/slackware64-current/
# http://mirror.primusdatacentre.com.au/slackware/slackware64-current/
# AUSTRIA (AT)
# ftp://ftp.slackware.at/slackware64-current/
# http://ftp.slackware.at/data/slackware64-current/
# ftp://gd.tuwien.ac.at/opsys/linux/freesoftware.com/slackware64-current/
# http://gd.tuwien.ac.at/opsys/linux/freesoftware.com/slackware64-current/
# BELARUS (BY)
# ftp://mirror.datacenter.by/pub/slackware/slackware64-current/
# http://mirror.datacenter.by/pub/slackware/slackware64-current/
# BRAZIL (BR)
# ftp://ftp.slackware-brasil.com.br/slackware64-current/
# http://ftp.slackware-brasil.com.br/slackware64-current/
# BULGARIA (BG)
# ftp://mirrors.unixsol.org/slackware/slackware64-current/
# http://mirrors.unixsol.org/slackware/slackware64-current/
# CANADA (CA)
# ftp://mirror.csclub.uwaterloo.ca/slackware/slackware64-current/
# http://mirror.csclub.uwaterloo.ca/slackware/slackware64-current/
# ftp://mirror.its.dal.ca/slackware/slackware64-current/
# http://mirror.its.dal.ca/slackware/slackware64-current/
# CHINA (CN)
# http://mirrors.163.com/slackware/slackware64-current/
# http://mirrors.ustc.edu.cn/slackware/slackware64-current/
# COSTA RICA (CR)
# ftp://mirrors.ucr.ac.cr/slackware/pub/slackware/slackware64-current/
# http://mirrors.ucr.ac.cr/slackware/pub/slackware/slackware64-current/
# CZECH REPUBLIC (CZ)
# ftp://odysseus.linux.cz/pub/linux/slackware/slackware64-current/
# http://odysseus.linux.cz/pub/linux/slackware/slackware64-current/
# DENMARK (DK)
# ftp://mirrors.dotsrc.org/slackware/slackware64-current/
# https://mirrors.dotsrc.org/slackware/slackware64-current/
# FINLAND (FI)
# ftp://elektroni.phys.tut.fi/slackware64-current/
# FRANCE (FR)
# ftp://mirror.ovh.net/mirrors/ftp.slackware.com/slackware64-current/
# http://mirror.ovh.net/mirrors/ftp.slackware.com/slackware64-current/
# ftp://nephtys.lip6.fr/pub/linux/distributions/slackware/slackware64-current/
# http://nephtys.lip6.fr/pub/linux/distributions/slackware/slackware64-current/
# GERMANY (DE)
# ftp://ftp.fu-berlin.de/unix/linux/slackware/slackware64-current/
# ftp://ftp.gwdg.de/pub/linux/slackware/slackware64-current/
# http://ftp.gwdg.de/pub/linux/slackware/slackware64-current/
# ftp://ftp.tu-chemnitz.de/pub/linux/slackware/slackware64-current/
# http://ftp.tu-chemnitz.de/pub/linux/slackware/slackware64-current/
# ftp://sunsite.informatik.rwth-aachen.de/pub/comp/Linux/slackware/slackware64-current/
# http://sunsite.informatik.rwth-aachen.de/ftp/pub/comp/Linux/slackware/slackware64-current/
# ftp://wrz1013.rz.uni-wuerzburg.de/pub/MIRROR/slackware/slackware64-current/
# http://wrz1013.rz.uni-wuerzburg.de/pub/MIRROR/slackware/slackware64-current/
# GREECE (GR)
# ftp://ftp.cc.uoc.gr/mirrors/linux/slackware/slackware64-current/
# http://ftp.cc.uoc.gr/mirrors/linux/slackware/slackware64-current/
# ftp://ftp.otenet.gr/pub/linux/slackware/slackware64-current/
# http://ftp.otenet.gr/linux/slackware/slackware64-current/
# ftp://patroklos.noc.ntua.gr/pub/linux/slackware/slackware64-current/
# http://patroklos.noc.ntua.gr/pub/linux/slackware/slackware64-current/
# INDONESIA (ID)
# http://kambing.ui.ac.id/slackware/slackware64-current/
# https://repo.ukdw.ac.id/slackware/slackware64-current/
# IRELAND (IE)
# ftp://ftp.heanet.ie/mirrors/ftp.slackware.com/pub/slackware/slackware64-current/
# http://ftp.heanet.ie/mirrors/ftp.slackware.com/pub/slackware/slackware64-current/
# ITALY (IT)
# ftp://ba.mirror.garr.it/mirrors/Slackware/slackware64-current/
# http://ba.mirror.garr.it/mirrors/Slackware/slackware64-current/
# JAPAN (JP)
# ftp://ftp.nara.wide.ad.jp/pub/Linux/slackware/slackware64-current/
# http://ftp.nara.wide.ad.jp/pub/Linux/slackware/slackware64-current/
# ftp://ftp.kddilabs.jp/Linux/distributions/Slackware/slackware64-current/
# http://ftp.kddilabs.jp/Linux/distributions/Slackware/slackware64-current/
# ftp://riksun.riken.go.jp/Linux/slackware/slackware64-current/
# http://riksun.riken.go.jp/Linux/slackware/slackware64-current/
# NETHERLANDS (NL)
# ftp://ftp.nluug.nl/pub/os/Linux/distr/slackware/slackware64-current/
# http://ftp.nluug.nl/os/Linux/distr/slackware/slackware64-current/
# ftp://mirror.nl.leaseweb.net/slackware/slackware64-current/
# http://mirror.nl.leaseweb.net/slackware/slackware64-current/
# NORWAY (NO)
# ftp://ftp.slackware.no/slackware/slackware64-current/
# http://ftp.slackware.no/slackware/slackware64-current/
# POLAND (PL)
# ftp://ftp.pwr.wroc.pl/pub/linux/slackware/slackware64-current/
# http://ftp.pwr.wroc.pl/pub/linux/slackware/slackware64-current/
# ftp://ftp.slackware.pl/pub/slackware/slackware64-current/
# http://ftp.slackware.pl/pub/slackware/slackware64-current/
# ftp://sunsite.icm.edu.pl/vol/rzm1/linux-slackware/slackware64-current/
# http://sunsite.icm.edu.pl/packages/linux-slackware/slackware64-current/
# ftp://z-ftp.wcss.wroc.pl/pub/linux/slackware/slackware64-current/
# http://z-ftp.wcss.wroc.pl/pub/linux/slackware/slackware64-current/
# RUSSIA (RU)
# http://mirror.rol.ru/slackware/slackware64-current/
# ftp://mirror.yandex.ru/slackware/slackware64-current/
# http://mirror.yandex.ru/slackware/slackware64-current/
# SOUTH AFRICA (ZA)
# ftp://ftp.is.co.za/mirror/ftp.slackware.com/pub/slackware64-current/
# http://ftp.is.co.za/mirror/ftp.slackware.com/pub/slackware64-current/
# ftp://ftp.wa.co.za/pub/slackware/slackware64-current/
# http://ftp.wa.co.za/pub/slackware/slackware64-current/
# ftp://slackware.mirror.ac.za/slackware64-current/
# http://slackware.mirror.ac.za/slackware64-current/
# SWEDEN (SE)
# ftp://ftp.sunet.se/mirror/slackware.com/slackware64-current/
# http://ftp.sunet.se/mirror/slackware.com/slackware64-current/
# TAIWAN (TW)
# ftp://ftp.isu.edu.tw/pub/Linux/Slackware/slackware64-current/
# http://ftp.isu.edu.tw/pub/Linux/Slackware/slackware64-current/
# ftp://ftp.twaren.net/pub/Linux/Slackware/slackware64-current/
# http://ftp.twaren.net/Linux/Slackware/slackware64-current/
# TURKEY (TR)
# ftp://ftp.linux.org.tr/slackware/slackware64-current/
# http://ftp.linux.org.tr/slackware/slackware64-current/
# UKRAINE (UA)
# ftp://mirrors.mithril.org.ua/linux/slackware/slackware64-current/
# http://mirrors.mithril.org.ua/linux/slackware/slackware64-current/
# UNITED KINGDOM (UK)
# http://slackware.uk/slackware/slackware64-current/
# ftp://slackware.uk/slackware/slackware64-current/
# ftp://ftp.mirrorservice.org/sites/ftp.slackware.com/pub/slackware/slackware64-current/
# http://ftp.mirrorservice.org/sites/ftp.slackware.com/pub/slackware/slackware64-current/
# ftp://mirror.bytemark.co.uk/slackware/slackware64-current/
# http://mirror.bytemark.co.uk/slackware/slackware64-current/
# UNITED STATES (US)
# ftp://ftp.gtlib.gatech.edu/nv/ao2/lxmirror/ftp.slackware.com/slackware64-current/
# ftp://mirror.cs.princeton.edu/pub/mirrors/slackware/slackware64-current/
# ftp://mirrors.easynews.com/linux/slackware/slackware64-current/
# http://mirrors.easynews.com/linux/slackware/slackware64-current/
# ftp://mirrors.us.kernel.org/slackware/slackware64-current/
# http://mirrors.us.kernel.org/slackware/slackware64-current/
# ftp://mirrors.xmission.com/slackware/slackware64-current/
# http://mirrors.xmission.com/slackware/slackware64-current/
# https://mirror.slackbuilds.org/slackware/slackware64-current/
# http://slackware.cs.utah.edu/pub/slackware/slackware64-current/
# http://slackware.mirrors.pair.com/slackware64-current/
# ftp://slackware.mirrors.tds.net/pub/slackware/slackware64-current/
# http://slackware.mirrors.tds.net/pub/slackware/slackware64-current/
# ftp://spout.ussg.indiana.edu/linux/slackware/slackware64-current/
# http://spout.ussg.indiana.edu/linux/slackware/slackware64-current/
# ftp://teewurst.cc.columbia.edu/pub/linux/slackware/slackware64-current/
# http://teewurst.cc.columbia.edu/pub/linux/slackware/slackware64-current/
https://slackware.uk/slackware/slackware64-current/

156
base-files/slackpkg/slackpkg.conf Normal file
View file

@ -0,0 +1,156 @@
#
# /etc/slackpkg/slackpkg.conf
# Configuration for SlackPkg
# v2.8
#
# SlackPkg - An Automated packaging tool for Slackware Linux
# Copyright (C) 2003-2011 Roberto F. Batista, Evaldo Gardenali
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# Project Page: http://slackpkg.org/
# Roberto F. Batista (aka PiterPunk) piterpunk@slackware.com
# Evaldo Gardenali (aka UdontKnow) evaldogardenali@fasternet.com.br
# For configuration options that have only two states, possible values are
# either "on" or "off"
# Remember, the only official Slackware ports are x86, s390, and arm, and
# slackpkg developers don't have s390 boxes for testing. If you are
# testing/using other architectures and have suggestions or patches,
# please let us know (email rworkman@slackware.com)
#
# Select the architecture of your system. Valid values are:
# i#86 (where # is 3, 4, 5 or 6)
# x86_64
# s390
# arm* (* can be v4, v5tejl, and other ARM versions)
# powerpc
#
# The line is commented because slackpkg will try to find your
# architecture automagically. If you want to override what slackpkg
# finds, put the value after the = and uncomment this line
#ARCH=
# The default PKGMAIN is "slackware", but some derived distros use other
# names as the main directory. PKGMAIN is the place with the slackware
# package series (a, ap, n, ... ).
#
# Usually slackpkg can automagically discover this variable. If you want
# to override the discovered variable, then uncomment this line and change
# it to reflect the correct value of PKGMAIN
#PKGMAIN=slackware
# Slackware packages are signed by project key. Slackpkg uses this key
# to check if the packages downloaded are valid, so remember to set
# CHECKGPG to "on".
#
# Usually slackpkg can automagically discover this variable. If you want
# to override the discovered variable, then uncomment this line and edit
# as needed
#SLACKKEY="Slackware Linux Project <security@slackware.com>"
# Downloaded files will be in the TEMP directory:
TEMP=/var/cache/packages
# Package lists, file lists, and others will be stored in WORKDIR:
WORKDIR=/var/lib/slackpkg
# Special options for wget (default is WGETFLAGS="--passive-ftp")
WGETFLAGS="--passive-ftp"
# If DELALL is "on", all downloaded files will be removed after install.
DELALL=on
# If CHECKMD5 is "on", the system will check the md5sums of all packages before
# install/upgrade/reinstall is performed.
CHECKMD5=on
# If CHECKGPG is "on", the system will verify the GPG signature of each package
# before install/upgrade/reinstall is performed.
CHECKGPG=on
# If CHECKSIZE is "on", the system will check if we have sufficient disk
# space to install selected package. This make upgrade/install safer, but
# will also slow down the upgrade/install process.
CHECKSIZE=off
# PRIORITY sets the download priority. slackpkg will try to found the
# package first in the first value, then the second one, through all
# values in list.
#
# Default value: patches %PKGMAIN extra pasture testing
PRIORITY=( patches %PKGMAIN extra pasture testing )
# Enables (on) or disables (off) slackpkg's post-installation features, such
# as checking for new (*.new) configuration files and new kernel images, and
# prompts you for what it should do. Default=on
POSTINST=on
# Post-installation features, by default, search all of /etc and a few other
# predefined locations for .new files. This is the safe option: with it,
# you won't have any unmerged .new files to cause problems. Even so, some
# people prefer that only the .new files installed by the current slackpkg
# session be checked. If this is your case, change ONLY_NEW_DOTNEW to "on".
# Default=off
ONLY_NEW_DOTNEW=off
# Whether to backup files overwritten by their .new counterparts with a
# .orig extension.
ORIG_BACKUPS=off
# The ONOFF variable sets the initial behavior of the dialog interface.
# If you set this to "on" then all packages will be selected by default.
# If you prefer the opposite option (all unchecked), then set this to "off".
ONOFF=on
# If this variable is set to "on", all files will be downloaded before the
# requested operation (install or upgrade) is performed. If set to "off",
# then the files will be downloaded and the operation (install/upgrade)
# performed one by one. Default=on
DOWNLOAD_ALL=on
# Enables (on) or disables (off) the dialog interface in slackpkg. Default=on
DIALOG=on
# Enables (on) or disables (off) the non-interactive mode. If set to "on",
# slackpkg will run without asking the user anything, and answer all questions
# with DEFAULT_ANSWER. If you do any upgrades using this mode, you'll need to
# run "slackpkg new-config" later to find and merge any .new files.
BATCH=off
# Default answer to slackpkg questions. Can be "y" or "n".
DEFAULT_ANSWER=n
# Slackpkg allows a template to "include" the packages specified in another
# template. This option enables (on) or disables (off) the parsing of
# any "#include" directives in template files. Default=on
USE_INCLUDES=on
# Enables a spinning bar as visual feedback when slackpkg is making its
# internal lists and some other operations. Default=on
SPINNING=on
# Max number of characters that "dialog" command can handle.
# If unset, this variable will be 19500 (the number that works on
# Slackware 10.2)
DIALOG_MAXARGS=139000
#
# The MIRROR is set from /etc/slackpkg/mirrors
# You only need to uncomment the selected mirror.
# Uncomment one mirror only.
#

5
base-files/ssh/ssh_config Normal file
View file

@ -0,0 +1,5 @@
Host *
ControlPath ~/.ssh/%u@%l->%r@%h:%p
SendEnv LANG LC_*
VerifyHostKeyDNS yes
VisualHostKey yes

17
base-files/ssh/sshd_config Normal file
View file

@ -0,0 +1,17 @@
# FIXME: Set sshd IP addresses.
# ListenAddress 91.109.244.X
# ListenAddress [2a02:2498:1:227::X]
Port 9922
AcceptEnv LANG LC_*
LoginGraceTime 30
MaxStartups 5
# FIXME: Change PermitRootLogin to 'prohibit-password' once a key is in place.
PermitRootLogin yes
Subsystem sftp /usr/libexec/sftp-server
UsePAM yes
X11Forwarding no
Match Address 10.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16
PermitRootLogin yes
X11Forwarding yes

2
base-files/sudoers.d/defaults Normal file
View file

@ -0,0 +1,2 @@
## Set the password prompting timeout to 30 mins.
Defaults timestamp_timeout = 30

2
base-files/sysctl.d/fs.conf Normal file
View file

@ -0,0 +1,2 @@
# Increase the maximum number of file handles (2^18).
fs.file-max = 262144

15
base-files/sysctl.d/kernel.conf Normal file
View file

@ -0,0 +1,15 @@
# Append the PID to a 'core' dump's filename.
kernel.core_uses_pid = 1
# The contents of /proc/<pid>/{maps,smaps} should only visible to processes
# that are allowed to ptrace() the process.
kernel.maps_protect = 1
# Reboot after 10 seconds when the kernel panics.
kernel.panic = 10
# Allow more PIDs (2^17).
kernel.pid_max = 131072
# Disable 'magic' SysRq functionallity.
kernel.sysrq = 0

3
base-files/sysctl.d/vm.conf Normal file
View file

@ -0,0 +1,3 @@
# Do a minimal amount of swapping.
# See: https://en.wikipedia.org/wiki/Swappiness
vm.swappiness = 10

42
base-files/syslog.conf Normal file
View file

@ -0,0 +1,42 @@
# Notes:
# When changing log file options, remember to:
# * 'touch' the logfile into existance
# * Set the correct ownership+permissions on the file
# * Update /etc/logrotate.d/syslog with the changes
auth.* /var/log/messages
authpriv.* /var/log/messages
cron.* /var/log/messages
daemon.* /var/log/messages
ftp.* /var/log/messages
kern.* /var/log/messages
lpr.* /var/log/messages
mail.* /var/log/messages
news.* /var/log/messages
syslog.* /var/log/messages
# lumberjack uses user by default.
user.* /var/log/messages
uucp.* /var/log/messages
# fail2ban (custom configuration) uses local0.
local0.* /var/log/fail2ban
# named (custom configuration) uses local1.
local1.* /var/log/messages
# spamd is started with '-s local2'.
local2.* /var/log/messages
# dovecot (custom configuration) uses local3.
local3.* /var/log/messages
# Unused. Note: slapd (from OpenLDAP) uses local4 by default.
local4.* /var/log/messages
# rsyncd (custom configuration) uses local5.
local5.* /var/log/messages
# php-fpm (custom configuration) uses local6.
local6.* /var/log/messages
# httpd (custom configuration) uses local7.
local7.* /var/log/messages
# *.* /dev/tty12
# *.* /var/log/all
# Include all config files in /etc/syslog.d/:
include /etc/syslog.d/*.conf

186
base-files/vnstat.conf Normal file
View file

@ -0,0 +1,186 @@
# vnStat 2.6 config file
##
# default interface (leave empty for automatic selection)
Interface "eth0"
# location of the database directory
DatabaseDir "/var/lib/vnstat"
# locale (LC_ALL) ("-" = use system locale)
Locale "-"
# date output formats for -d, -m, -t and -w
DayFormat "%Y-%m-%d"
MonthFormat "%Y-%m"
TopFormat "%Y-%m-%d"
# characters used for visuals
RXCharacter "%"
TXCharacter ":"
RXHourCharacter "r"
TXHourCharacter "t"
# how units are prefixed when traffic is shown
# 0 = IEC standard prefixes (KiB/MiB/GiB...)
# 1 = old style binary prefixes (KB/MB/GB...)
# 2 = SI decimal prefixes (kB/MB/GB...)
UnitMode 0
# used rate unit (0 = bytes, 1 = bits)
RateUnit 1
# how units are prefixed when traffic rate is shown in bits
# 0 = IEC binary prefixes (Kibit/s...)
# 1 = SI decimal prefixes (kbit/s...)
RateUnitMode 1
# output style
# 0 = minimal & narrow, 1 = bar column visible
# 2 = same as 1 except rate in summary
# 3 = rate column visible
OutputStyle 3
# number of decimals to use in outputs
DefaultDecimals 2
HourlyDecimals 1
# spacer for separating hourly sections (0 = none, 1 = '|', 2 = '][', 3 = '[ ]')
HourlySectionStyle 2
# how many seconds should sampling for -tr take by default
Sampletime 5
# default query mode
# 0 = normal, 1 = days, 2 = months, 3 = top, 5 = short
# 7 = hours, 8 = xml, 9 = one line, 10 = json
QueryMode 0
# default list output entry limits (0 = all)
List5Mins 24
ListHours 24
ListDays 30
ListMonths 12
ListYears 0
ListTop 10
# vnstatd
##
# switch to given user when started as root (leave empty to disable)
DaemonUser ""
# switch to given group when started as root (leave empty to disable)
DaemonGroup ""
# try to detect interface maximum bandwidth, 0 = disable feature
# MaxBandwidth will be used as fallback value when enabled
BandwidthDetection 1
# maximum bandwidth (Mbit) for all interfaces, 0 = disable feature
# (unless interface specific limit is given)
MaxBandwidth 1000
# interface specific limits
# example 8Mbit limit for eth0 (remove # to activate):
#MaxBWeth0 8
# data retention durations (-1 = unlimited, 0 = feature disabled)
5MinuteHours 48
HourlyDays 4
DailyDays 62
MonthlyMonths 25
YearlyYears -1
TopDayEntries 20
# how often (in seconds) interface data is updated
UpdateInterval 20
# how often (in seconds) interface status changes are checked
PollInterval 5
# how often (in minutes) data is saved to database
SaveInterval 5
# how often (in minutes) data is saved when all interface are offline
OfflineSaveInterval 30
# on which day should months change
MonthRotate 1
MonthRotateAffectsYears 0
# filesystem disk space check (1 = enabled, 0 = disabled)
CheckDiskSpace 1
# how much the boot time can variate between updates (seconds)
BootVariation 15
# create database entries even when there is no traffic (1 = enabled, 0 = disabled)
TrafficlessEntries 1
# how many minutes to wait during daemon startup for system clock to
# sync time if most recent database update appears to be in the future
TimeSyncWait 5
# how often (in minutes) bandwidth detection is done when
# BandwidthDetection is enabled (0 = disabled)
BandwidthDetectionInterval 5
# force data save when interface status changes (1 = enabled, 0 = disabled)
SaveOnStatusChange 1
# enable / disable logging (0 = disabled, 1 = logfile, 2 = syslog)
UseLogging 2
# create dirs if needed (1 = enabled, 0 = disabled)
CreateDirs 1
# update ownership of files if needed (1 = enabled, 0 = disabled)
UpdateFileOwner 1
# file used for logging if UseLogging is set to 1
LogFile "/var/log/vnstat.log"
# file used as daemon pid / lock file
PidFile "/var/run/vnstat.pid"
# 1 = 64-bit, 0 = 32-bit, -1 = old style logic, -2 = automatic detection
64bitInterfaceCounters -2
# use SQLite Write-Ahead Logging mode (1 = enabled, 0 = disabled)
DatabaseWriteAheadLogging 0
# change the setting of the SQLite "synchronous" flag
# (-1 = auto, 0 = off, 1, = normal, 2 = full, 3 = extra)
DatabaseSynchronous -1
# vnstati
##
# title timestamp format
HeaderFormat "%Y-%m-%d %H:%M"
# show hours with rate (1 = enabled, 0 = disabled)
HourlyRate 1
# show rate in summary (1 = enabled, 0 = disabled)
SummaryRate 1
# transparent background (1 = enabled, 0 = disabled)
TransparentBg 0
# image colors
CBackground "FFFFFF"
CEdge "AEAEAE"
CHeader "606060"
CHeaderTitle "FFFFFF"
CHeaderDate "FFFFFF"
CText "000000"
CLine "B0B0B0"
CLineL "-"
CRx "92CF00"
CTx "606060"
CRxD "-"
CTxD "-"