Slackware/system-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: Slackware:core
Branches Tags
Slackware:master
Slackware:core
..
compare: Slackware:master
Branches Tags
Slackware:core
Slackware:master

No commits in common. "core" and "master" have entirely different histories.
core ... master

175 changed files with 16 additions and 8775 deletions
Download patch file Download diff file Expand all files Collapse all files

189
.gitattributesdb
View file

@ -1,186 +1,9 @@
# This is the gitattributesdb database file. # This is the gitattributesdb database file.
# Do not manually edit this file - any changes will be overwritten. # Do not manually edit this file - any changes will be overwritten.
LmdpdGhvb2tzL2dpdGF0dHJpYnV0ZXNkYg== 1757608819.000000000 1757608819.000000000 root:root 0755 - - LmdpdGhvb2tzL2dpdGF0dHJpYnV0ZXNkYg== 1757518619.432797732 1757518618.466836488 tadgy:users 0755 - -
LmdpdGhvb2tzL3Bvc3QtY2hlY2tvdXQ= 1757519106.000000000 1757519106.000000000 root:root 0755 - - LmdpdGhvb2tzL3Bvc3QtY2hlY2tvdXQ= 1757518719.301790744 1757518850.675522371 tadgy:users 0755 - -
LmdpdGhvb2tzL3Bvc3QtbWVyZ2U= 1757519106.000000000 1757519106.000000000 root:root 0755 - - LmdpdGhvb2tzL3Bvc3QtbWVyZ2U= 1757518766.485897550 1757518850.675522371 tadgy:users 0755 - -
LmdpdGhvb2tzL3ByZS1jb21taXQ= 1757519106.000000000 1757519106.000000000 root:root 0755 - - LmdpdGhvb2tzL3ByZS1jb21taXQ= 1757518781.005315169 1757518850.675522371 tadgy:users 0755 - -
LmdpdGlnbm9yZQ== 1762025173.020942279 1757593248.000000000 root:root 0644 - - LmdpdG1vZHVsZXM= 1757518619.436797572 1757518619.438797492 tadgy:users 0644 - -
LmdpdG1vZHVsZXM= 1757607701.000000000 1757607701.000000000 root:root 0644 - - UkVBRE1FLm1k 1757518519.971788195 1757518530.954347573 tadgy:users 0644 - -
ZXRjLy5naXRpZ25vcmU= 1762626742.156358716 1757611781.000000000 root:root 0644 - -
ZXRjL2FwYWNoZTIvLmdpdGlnbm9yZQ== 1766069108.043264156 1757775932.000000000 root:root 0644 - -
ZXRjL2FwYWNoZTIvYXBhY2hlMi5jb25m 1766155394.332589865 1757785514.000000000 root:root 0644 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2FsaWFzLmxvYWQ= 1762021735.493652772 1762021735.493652772 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2FsbG93bWV0aG9kcy5sb2Fk 1766073519.503025374 1766073519.503025374 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGhuX2NvcmUubG9hZA== 1762021735.381654619 1762021735.381654619 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGhuX2ZpbGUubG9hZA== 1762021735.437653696 1762021735.437653696 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGh6X2NvcmUubG9hZA== 1762021735.349655147 1762021735.349655147 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGh6X2hvc3QubG9hZA== 1766070527.231989855 1766070527.231989855 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGh6X3VzZXIubG9hZA== 1762021735.469653168 1762021735.469653168 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2NnaWQubG9hZA== 1766080747.085077197 1766080747.085077197 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2RlZmxhdGUubG9hZA== 1762021735.721649011 1762021735.721649011 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2Rpci5sb2Fk 1762021735.525652244 1762021735.525652244 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2Vudi5sb2Fk 1762021735.577651386 1762021735.577651386 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2ZpbHRlci5sb2Fk 1762021735.689649539 1762021735.689649539 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2h0dHAyLmxvYWQ= 1766079814.224337175 1766079814.224337175 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2luY2x1ZGUubG9hZA== 1766070423.145696881 1766070423.145696881 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL21pbWUubG9hZA== 1762021735.609650859 1762021735.609650859 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL21pbWVfbWFnaWMubG9hZA== 1766077359.436502219 1766077359.436502219 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL21wbV9ldmVudC5sb2Fk 1766077495.230282186 1766077495.230282186 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL3Byb3h5LmxvYWQ= 1766080867.035115479 1766080867.035115479 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL3Byb3h5X2ZjZ2kubG9hZA== 1766080921.386226594 1766080921.386226594 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL3Jld3JpdGUubG9hZA== 1766081010.864763229 1766081010.864763229 root:root 0777 - -
ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL3NldGVudmlmLmxvYWQ= 1762021735.661650000 1762021735.661650000 root:root 0777 - -
ZXRjL2FwYWNoZTIvc2l0ZXMtYXZhaWxhYmxlLy5naXRpZ25vcmU= 1766069274.068541443 1766069263.648712326 root:root 0644 - -
ZXRjL2FwYWNoZTIvc2l0ZXMtYXZhaWxhYmxlL2NvcmUuc2xhY2t3YXJlLnVrLm5ldC5jb25m 1758817141.000000000 1757785113.000000000 root:root 0644 - -
ZXRjL2FwYWNoZTIvc2l0ZXMtZW5hYmxlZC8wMDAtY29yZS5zbGFja3dhcmUudWsubmV0LmNvbmY= 1762529451.292078041 1762529451.292078041 root:root 0777 - -
ZXRjL2FwdC8uZ2l0aWdub3Jl 1762532662.236312315 1762532566.409854495 root:root 0644 - -
ZXRjL2FwdC9wcmVmZXJlbmNlcy5kL3N1cnk= 1762021809.456432672 1762021809.456432672 root:root 0644 - -
ZXRjL2FwdC9zb3VyY2VzLmxpc3QuZC9mZC5saXN0 1762021706.378133066 1762021706.374133133 root:root 0644 - -
ZXRjL2FwdC9zb3VyY2VzLmxpc3QuZC9zdXJ5Lmxpc3Q= 1762021706.378133066 1762021706.378133066 root:root 0644 - -
ZXRjL2Nyb24uMTVtaW4vLmdpdGlnbm9yZQ== 1762535468.567176697 1762535289.358058790 root:root 0644 - -
ZXRjL2Nyb24uZC8uZ2l0aWdub3Jl 1762535453.203423781 1762535289.358058790 root:root 0644 - -
ZXRjL2Nyb24uZGFpbHkvLmdpdGlnbm9yZQ== 1762538383.748288196 1762535499.146684944 root:root 0644 - -
ZXRjL2Nyb24uZGFpbHkvMC1yb3RhdGUtbG9ncy1zeW1saW5rcw== 1762022637.182797762 1762022637.182797762 root:root 0777 - -
ZXRjL2Nyb24uZGFpbHkvMTAtZGVoeWRyYXRlZA== 1762022637.182797762 1762022637.182797762 root:root 0777 - -
ZXRjL2Nyb24uZGFpbHkvNS11cGRhdGUtcGFja2FnZXMtbGlzdA== 1762022637.182797762 1762022637.182797762 root:root 0777 - -
ZXRjL2Nyb24uZGFpbHkvNy13YXJuLWdpdC1zdGF0dXM= 1762022637.182797762 1762022637.182797762 root:root 0777 - -
ZXRjL2Nyb24uaG91cmx5Ly5naXRpZ25vcmU= 1762535518.534373147 1762535518.534373147 root:root 0644 - -
ZXRjL2Nyb24ubW9udGhseS8uZ2l0aWdub3Jl 1762535548.045898541 1762535548.045898541 root:root 0644 - -
ZXRjL2Nyb24ud2Vla2x5Ly5naXRpZ25vcmU= 1762628453.620630321 1762535530.470181196 root:root 0644 - -
ZXRjL2Nyb24ud2Vla2x5L2NsZWFuLXBocA== 1762628439.836853762 1762628439.836853762 root:root 0777 - -
ZXRjL2Nyb24ueWVhcmx5Ly5naXRpZ25vcmU= 1762535568.001577608 1762535568.001577608 root:root 0644 - -
ZXRjL2Nyb250YWI= 1762534976.223094581 1757593504.000000000 root:root 0600 - -
ZXRjL2RlZmF1bHQvLmdpdGlnbm9yZQ== 1762624179.585857684 1762624148.166366444 root:root 0644 - -
ZXRjL2RlZmF1bHQvcHJvbWV0aGV1cy1ub2RlLWV4cG9ydGVy 1771504260.677940581 1762023153.000000000 root:root 0644 - -
ZXRjL2RlZmF1bHQvcm90YXRlLWxvZ3Mtc3ltbGlua3M= 1758555243.000000000 1758552192.000000000 root:root 0644 - -
ZXRjL2RlZmF1bHQvdGVycmFmb3JtLWh0dHAtYmFja2VuZA== 1771507048.704791655 1757595391.000000000 root:root 0600 - -
ZXRjL2RlaHlkcmF0ZWQvLmdpdGlnbm9yZQ== 1758038054.000000000 1758038054.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvYWNjb3VudHMvLmdpdGlnbm9yZQ== 1757873230.000000000 1757873230.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvYWNjb3VudHMvYUhSMGNITTZMeTloWTIxbExYWXdNaTVoY0drdWJHVjBjMlZ1WTNKNWNIUXViM0puTDJScGNtVmpkRzl5ZVFvLnRhci5ncGc= 1761052714.000000000 1757873275.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvYXJjaGl2ZS8uZ2l0aWdub3Jl 1757874259.000000000 1757873451.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvY2VydHMvLmdpdGlnbm9yZQ== 1757874303.000000000 1757873537.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvY29uZmln 1758044465.000000000 1757862077.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvZG9tYWlucw== 1757862328.000000000 1757862077.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvZG9tYWlucy5kL19leGFtcGxlXw== 1757863238.000000000 1757862077.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvZG9tYWlucy5kL2NvcmUuc2xhY2t3YXJlLnVrLm5ldA== 1757863250.000000000 1757863250.000000000 root:root 0644 - -
ZXRjL2RlaHlkcmF0ZWQvaG9va3MvZGVmYXVsdA== 1758045829.000000000 1757862077.000000000 root:root 0755 - -
ZXRjL2Z1c2lvbmRpcmVjdG9yeS9mdXNpb25kaXJlY3RvcnktYXBhY2hlLmNvbmY= 1740415693.000000000 1762022137.000000000 root:root 0644 - -
ZXRjL2Z1c2lvbmRpcmVjdG9yeS9mdXNpb25kaXJlY3RvcnkuY29uZg== 1771459200.000000000 1771459200.000000000 root:root 0644 - -
ZXRjL2Z1c2lvbmRpcmVjdG9yeS9mdXNpb25kaXJlY3RvcnkuY29uZi5vcmln 1760207207.000000000 1760207207.000000000 root:root 0644 - -
ZXRjL2dyb3Vw 1762530431.632238190 1762530431.632238190 root:root 0644 - -
ZXRjL2dzaGFkb3cuZ3Bn 1762628156.813441524 1762447499.282711556 root:root 0644 - -
ZXRjL2hvc3RuYW1l 1757594311.000000000 1757594311.000000000 root:root 0644 - -
ZXRjL2hvc3Rz 1762446715.371577485 1757594362.000000000 root:root 0644 - -
ZXRjL2luaXQuZC8uZ2l0aWdub3Jl 1771459200.000000000 1771459200.000000000 root:root 0644 - -
ZXRjL2luaXQuZC90ZXJyYWZvcm0taHR0cC1iYWNrZW5k 1771459200.000000000 1771459200.000000000 root:root 0755 - -
ZXRjL2tyYjUuY29uZg== 1762447367.132883171 1583171707.000000000 root:root 0644 - -
ZXRjL2xkYXAvbGRhcC5jb25m 1758374529.000000000 1730112559.000000000 root:root 0644 - -
ZXRjL2xkYXAvc2NoZW1hLy5naXRpZ25vcmU= 1762628549.507075969 1762628549.507075969 root:root 0644 - -
ZXRjL2xkYXAvc2NoZW1hL3JmYzIzMDdiaXMuc2NoZW1h 1759835660.000000000 1759835660.000000000 root:root 0644 - -
ZXRjL2xvZ2luLmRlZnM= 1771509215.801996599 1745058028.000000000 root:root 0644 - -
ZXRjL21vdGQ= 1762625944.389278724 1756052400.000000000 root:root 0644 - -
ZXRjL21zbXRwLmFsaWFzZXM= 1758035451.000000000 1758035451.000000000 root:root 0644 - -
ZXRjL21zbXRwcmMuZ3Bn 1761052674.000000000 1758049424.000000000 root:root 0644 - -
ZXRjL25ldHdvcmsvLmdpdGlnbm9yZQ== 1757596572.000000000 1757596572.000000000 root:root 0644 - -
ZXRjL25ldHdvcmsvaW50ZXJmYWNlcw== 1762449437.502802342 1762449437.502802342 root:root 0644 - -
ZXRjL25ldHdvcmsvaW50ZXJmYWNlcy5kL2V0aDA= 1762449591.864258045 1762449559.040799058 root:root 0644 - -
ZXRjL25ldHdvcmsvaW50ZXJmYWNlcy5kL2V0aDE= 1762449602.376084790 1762449560.312778093 root:root 0644 - -
ZXRjL3Bhc3N3ZA== 1762449439.234773795 1762449439.234773795 root:root 0644 - -
ZXRjL3BocGxkYXBhZG1pbi8uZ2l0aWdub3Jl 1762628720.800299329 1762628701.308615289 root:root 0644 - -
ZXRjL3BocGxkYXBhZG1pbi9jb25maWcucGhwLmdwZw== 1761052640.000000000 1758539944.000000000 root:root 0644 - -
ZXRjL3BrZ2xpc3Q= 1766102401.840579350 1762560002.068536774 root:root 0644 - -
ZXRjL3BsYS9jb25maWcucGhwLmdwZw== 1771459200.000000000 1771459200.000000000 root:root 0644 - -
ZXRjL3B1c2hvdmVyLWNsaWVudC8uZ2l0aWdub3Jl 1762628624.365862525 1762448145.464092595 root:root 0644 - -
ZXRjL3B1c2hvdmVyLWNsaWVudC9kZWZhdWx0LmdwZw== 1762448163.991787320 1762448163.979787518 root:root 0644 - -
ZXRjL3Jlc29sdi5jb25m 1757611605.000000000 1757611605.000000000 root:root 0644 - -
ZXRjL3JzeXNsb2cuY29uZg== 1757785113.000000000 1757785113.000000000 root:root 0644 - -
ZXRjL3NhbWJhL3NtYi5jb25m 1762447904.392054475 1758208516.000000000 root:root 0644 - -
ZXRjL3NhbWJhL3NtYnVzZXJz 1758121825.000000000 1758121586.000000000 root:root 0644 - -
ZXRjL3NoYWRvdy5ncGc= 1762628180.969049967 1762447484.598952854 root:root 0644 - -
ZXRjL3NzaC8uZ2l0aWdub3Jl 1762628843.382312260 1757606957.000000000 root:root 0644 - -
ZXRjL3NzaC9zc2hfY29uZmln 1757606630.000000000 1757606630.000000000 root:root 0644 - -
ZXRjL3NzaC9zc2hkX2NvbmZpZw== 1758202229.000000000 1757606896.000000000 root:root 0644 - -
ZXRjL3NzaGd1YXJkL3NzaGd1YXJkLmNvbmY= 1758050700.000000000 1758050700.000000000 root:root 0644 - -
ZXRjL3NzaGd1YXJkL3doaXRlbGlzdA== 1758050235.000000000 1758050235.000000000 root:root 0644 - -
ZXRjL3N1ZG9lcnMuZC8uZ2l0aWdub3Jl 1762026765.566662574 1762026765.566662574 root:root 0644 - -
ZXRjL3N1ZG9lcnMuZC9kZWZhdWx0cw== 1757599359.000000000 1757599359.000000000 root:root 0640 - -
ZXRjL3N1ZG9lcnMuZC9yb290LWFjY2Vzcw== 1757600157.000000000 1757600157.000000000 root:root 0640 - -
aG9tZS8uZ2l0aWdub3Jl 1757762052.000000000 1757762052.000000000 root:root 0644 - -
aG9tZS9zeXNhZG1pbi8uYmFzaF9sb2dvdXQ= 1757582867.000000000 1757582867.000000000 sysadmin:users 0644 - -
aG9tZS9zeXNhZG1pbi8uYmFzaF9wcm9maWxl 1757861225.000000000 1757584711.000000000 sysadmin:users 0644 - -
aG9tZS9zeXNhZG1pbi8uYmFzaHJj 1758887092.000000000 1757586493.000000000 sysadmin:users 0644 - -
aG9tZS9zeXNhZG1pbi8uZ2l0Y29uZmln 1757582738.000000000 1757582738.000000000 sysadmin:users 0644 - -
aG9tZS9zeXNhZG1pbi8uZ2l0aWdub3Jl 1757600312.000000000 1757600312.000000000 sysadmin:users 0644 - -
aG9tZS9zeXNhZG1pbi8ubG9jYWwvc2hhcmUvbmFuby8uZ2l0aWdub3Jl 1757586210.000000000 1757586210.000000000 sysadmin:users 0644 - -
aG9tZS9zeXNhZG1pbi8ubmFub3Jj 1757585756.000000000 1757585756.000000000 sysadmin:users 0644 - -
aG9tZS9zeXNhZG1pbi8uc3NoLy5naXRpZ25vcmU= 1757593349.000000000 1757593349.000000000 sysadmin:users 0644 - -
aG9tZS9zeXNhZG1pbi8uc3NoL2F1dGhvcml6ZWRfa2V5cw== 1757763178.000000000 1757587611.000000000 sysadmin:users 0644 - -
b3B0L3NiaW4vY3JvbmpvYi1jbGVhbi1waHA= 1762538240.962584934 1758289390.000000000 root:root 0755 - -
b3B0L3NiaW4vY3JvbmpvYi1kZWh5ZHJhdGVk 1758033093.000000000 1757531685.000000000 root:root 0755 - -
b3B0L3NiaW4vY3JvbmpvYi1yb3RhdGUtbG9ncy1zeW1saW5rcw== 1758555302.000000000 1758224324.000000000 root:root 0755 - -
b3B0L3NiaW4vY3JvbmpvYi11cGRhdGUtcGFja2FnZXMtbGlzdA== 1757531121.000000000 1757531121.000000000 root:root 0755 - -
b3B0L3NiaW4vY3JvbmpvYi13YXJuLWdpdC1zdGF0dXM= 1758221607.000000000 1757591137.000000000 root:root 0755 - -
b3B0L3NiaW4vZGVoeWRyYXRlZA== 1757531557.000000000 1757531557.000000000 root:root 0755 - -
b3B0L3NiaW4vcHVzaG92ZXItY2xpZW50 1758224526.000000000 1758224526.000000000 root:root 0755 - -
b3B0L3NiaW4vdGVycmFmb3JtLWh0dHAtYmFja2VuZA== 1757590543.000000000 1757590543.000000000 root:root 0755 - -
cm9vdC8uYmFzaF9sb2dvdXQ= 1757582867.000000000 1757582867.000000000 root:root 0644 - -
cm9vdC8uYmFzaF9wcm9maWxl 1757584711.000000000 1757584711.000000000 root:root 0644 - -
cm9vdC8uYmFzaHJj 1758887027.000000000 1757586493.000000000 root:root 0644 - -
cm9vdC8uZ2l0Y29uZmln 1757582738.000000000 1757582738.000000000 root:root 0644 - -
cm9vdC8uZ2l0aWdub3Jl 1771509562.912369370 1757600312.000000000 root:root 0644 - -
cm9vdC8ubG9jYWwvc2hhcmUvbmFuby8uZ2l0aWdub3Jl 1757586210.000000000 1757586210.000000000 root:root 0644 - -
cm9vdC8ubmFub3Jj 1757585756.000000000 1757585756.000000000 root:root 0644 - -
cm9vdC8uc3NoLy5naXRpZ25vcmU= 1757593349.000000000 1757593349.000000000 root:root 0644 - -
cm9vdC8uc3NoL2F1dGhvcml6ZWRfa2V5cw== 1757587611.000000000 1757587611.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NsZWFuLWZk 1758994151.000000000 1758992264.000000000 root:root 0755 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9iY21hdGguaW5p 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9iejIuaW5p 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9jdXJsLmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9nZC5pbmk= 1758756479.000000000 1758756479.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9nZXR0ZXh0LmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9nbXAuaW5p 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9pY29udi5pbmk= 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9pbWFwLmluaQ== 1758756479.000000000 1758756479.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9pbnRsLmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9sZGFwLmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9tYnN0cmluZy5pbmk= 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9vcGNhY2hlLmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9vcGVuc3NsLmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9wb3NpeC5pbmk= 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9zZXNzaW9uLmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9zaW1wbGV4bWwuaW5p 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9zb2RpdW0uaW5p 1758756479.000000000 1758756479.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF9zcWxpdGUzLmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF94bWwuaW5p 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMF96aXAuaW5p 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC8wMV9waGFyLmluaQ== 1754432591.000000000 1754432591.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV9wZG8uaW5p 1758566165.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV9wZG9fbXlzcWwuaW5p 1758566165.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV9wZ3NxbC5pbmk= 1758566165.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV9waGFyLmluaQ== 1758566165.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV9zZXNzaW9uLmluaQ== 1760206689.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV9zb2FwLmluaQ== 1758566165.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV9zcWxpdGUzLmluaQ== 1758566165.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV9zeXN2c2htLmluaQ== 1758566165.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC85OV90aWR5LmluaQ== 1758566165.000000000 1758566165.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2NvbmYuZC9pbWFnaWNrLmluaQ== 1755096904.000000000 1755096904.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2R1bW15LWRlZmF1bHQtbXRh 1762020478.278412865 1762020215.034844513 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL2R1bW15LWRlZmF1bHQtbXRhXzAuMC4xX2FsbC5kZWI= 1762020499.466056182 1762020499.458056317 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL3BocC1mcG0uY29uZg== 1758566251.000000000 1758566184.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL3BocC1mcG0uZC93d3cuY29uZg== 1758566277.000000000 1758566199.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL3BocC5pbmk= 1759845481.000000000 1758566175.000000000 root:root 0644 - -
cm9vdC9zdHVmZi10by1rZWVwL3B1c2hvdmVyLWFsZXJ0LnN0YXJ0 1758225142.000000000 1758225089.000000000 root:root 0755 - -
cm9vdC9zdHVmZi10by1rZWVwL3B1c2hvdmVyLWFsZXJ0LnN0b3A= 1758225254.000000000 1758225155.000000000 root:root 0755 - -
dmFyLy5naXRpZ25vcmU= 1762537544.845782317 1758288560.000000000 root:root 0644 - -
dmFyL2xpYi8uZ2l0aWdub3Jl 1762025492.611669032 1758288764.000000000 root:root 0644 - -
dmFyL2xpYi90ZXJyYWZvcm0taHR0cC1iYWNrZW5kLy5naXRrZWVwZGly 1762024627.173956151 1762024627.173956151 root:root 0644 - -
dmFyL3RtcC8uZ2l0aWdub3Jl 1771459200.000000000 1771459200.000000000 root:root 0644 - -
dmFyL3RtcC9waHAtdXBsb2Fkcy8uZ2l0aWdub3Jl 1771459200.000000000 1771459200.000000000 root:root 0644 - -
ZXRjL3NoYWRvdw== 1762449439.206774257 1762449439.206774257 root:shadow 0640 - -
ZXRjL3NoYWRvdy0= 1762023813.000000000 1762023813.000000000 root:shadow 0640 - -
ZXRjL3N1ZG9lcnM= 1751262933.000000000 1751262933.000000000 root:root 0440 - -
ZXRjL3N1ZG9lcnMuZC9SRUFETUU= 1751262933.000000000 1751262933.000000000 root:root 0440 - -
ZXRjL3N1ZG9lcnMuZC9kZWZhdWx0cw== 1757599359.000000000 1757599359.000000000 root:root 0640 - -
ZXRjL3N1ZG9lcnMuZC9yb290LWFjY2Vzcw== 1757600157.000000000 1757600157.000000000 root:root 0640 - -
aG9tZS9zeXNhZG1pbg== 1758887092.000000000 1757761412.000000000 sysadmin:users 0711 - -

7
.gitattributesdb-extra
View file

@ -1,7 +0,0 @@
ZXRjL2RvYXMuY29uZg==
ZXRjL2RvYXMuZA==
ZXRjL3NoYWRvdw==
ZXRjL3NoYWRvdy0=
ZXRjL3N1ZG9lcnM=
ZXRjL3N1ZG9lcnMuZC8q
aG9tZS9zeXNhZG1pbg==

2
.githooks/gitattributesdb

@ -1 +1 @@
Subproject commit 6f956ff56af0a65b6dd8f84aa845031c22998c61 Subproject commit aa17af467452849b2204472c8c16d9d3757824af

20
.gitignore vendored
View file

@ -1,20 +0,0 @@
*~
*.save
.*.swp
/bin
/boot/
/data/
/dev/
/lib
/lib64
/media/
/mnt/
/proc/
/run/
/sbin
/srv/
/sys/
/tmp/
/usr/

9
README.md Normal file
View file

@ -0,0 +1,9 @@
README
======
System configurations are stored in a seperate branch for each host or purpose.
List available branches:
* git branch -avv
Check out specific branch:
* git checkout <branch name>

119
etc/.gitignore vendored
View file

@ -1,119 +0,0 @@
/.pwd.lock
/.updated
/ImageMagick-7/
/X11/
/adduser.conf
/alternatives/
/apparmor.d/
/bash.bashrc
/bash_completion
/bash_completion.d/
/bindresvport.blacklist
/binfmt.d/
/ca-certificates/
/ca-certificates.conf
/credstore/
/credstore.encrypted/
/certificates/
/dbus-1/
/debconf.conf
/debian_version
/deluser.conf
/depmod.d/
/dhcpcd.conf
/dpkg/
/environment
/ethertypes
/fonts/
/freeipmi/
/fstab
/gai.conf
/ghostscript/
/gprofng.rc
/groff/
/group-
/gshadow
/gshadow-
/gss/
/gssapi_mech.conf
/host.conf
/hosts.*
/inputrc
/ipmi/
/issue
/issue.net
/kernel/
/ld.so.*
/libaudit.conf
/lighttpd/
/locale.*
/localtime
/logcheck/
/lynx/
/machine-id
/magic
/magic.mime
/mail.rc
/mailcap
/mailcap.order
/manpath.config
/mime.types
/modprobe.d/
/modules
/modules-load.d/
/msmtprc
/mtab
/nanorc
/netconfig
/networks
/nftables.conf
/nsswitch.conf
/nvme/
/opt/
/os-release
/pam.conf
/pam.d/
/paperspecs
/passwd-
/perl/
/polkit-1/
/profile
/profile.d/
/protocols
/python3/
/python3.13/
/rc?.d/
/rmt
/rpc
/runit/
/security/
/selinux/
/sensors.d/
/sensors3.conf
/services
/sgml/
/shadow
/shadow-
/shells
/skel/
/snmp/
/ssl/
/subgid
/subuid
/sudo.conf
/sudoers
/sudo_logsrvd.conf
/supercat/
/sv/
/sysctl.d/
/terminfo/
/tmpfiles.d/
/ucf.conf
/udev/
/ufw/
/update-motd.d/
/vconsole.conf
/vim/
/xattr.conf
/xdg
/xml

5
etc/apache2/.gitignore vendored
View file

@ -1,5 +0,0 @@
/conf-*/
/envvars
/magic
/mods-available/
/ports.conf

238
etc/apache2/apache2.conf
View file

@ -1,238 +0,0 @@
# These modules are required for the basic configuration directives used in this file.
# They *must* be loaded to use this configuration with httpd.
LoadModule alias_module /usr/lib/apache2/modules/mod_alias.so
LoadModule allowmethods_module /usr/lib/apache2/modules/mod_allowmethods.so
LoadModule authz_host_module /usr/lib/apache2/modules/mod_authz_host.so
LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so
LoadModule env_module /usr/lib/apache2/modules/mod_env.so
#LoadModule log_config_module /usr/lib/apache2/mod_log_config.so
LoadModule mime_module /usr/lib/apache2/modules/mod_mime.so
LoadModule mime_magic_module /usr/lib/apache2/modules/mod_mime_magic.so
LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so
LoadModule setenvif_module /usr/lib/apache2/modules/mod_setenvif.so
#LoadModule unixd_module /usr/lib/apache2/mod_unixd.so
# Load extra modules.
IncludeOptional /etc/apache2/mods-enabled/*.load
# IP addresses and ports to listen on.
Listen 5.101.171.215:80
Listen [2a01:a500:2981:1::d7]:80
<IfModule ssl_module>
Listen 5.101.171.215:25443
Listen [2a01:a500:2981:1::d7]:25443
</IfModule>
# Main server configuration.
# Note: A DocumentRoot (and a Directory block granting access) is required in order for RedirectMatch to work in VirtualHosts.
DocumentRoot /var/www/html
ServerAdmin "sysadmin(at)slackware.uk"
ServerName core.slackware.uk.net
ServerSignature Email
ServerTokens Major
User www-data
Group www-data
DefaultRuntimeDir /var/run/apache2
PidFile /var/run/apache2/apache2.pid
ScriptSock /var/run/apache2/cgid.sock
Mutex pthread
# Logging.
LogFormat "%h %l %u %t \"%r\" %>s %b" Common
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" Combined
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" VHostCombined
CustomLog "|/usr/bin/logger -p local1.info -t httpd" VHostCombined env=!no_log
LogLevel warn allowmethods:crit authz_core:crit
<IfModule include_module>
LogLevel include:crit
</IfModule>
<IfModule ssl_module>
LogLevel ssl:crit
</IfModule>
ErrorLog syslog:local0
# Resource limits for event MPM.
# MaxConnectionsPerChild: maximum number of requests a server process serves
# MaxRequestWorkers: maximum number of worker threads
# MaxSpareThreads: maximum number of worker threads which are kept spare
# MinSpareThreads: minimum number of worker threads which are kept spare
# StartServers: initial number of server processes to start
# ThreadLimit: maximum limit of threads for ThreadsPerChild setting
# ThreadsPerChild: constant number of worker threads in each server process
MaxConnectionsPerChild 10240
MaxRequestWorkers 128
MaxSpareThreads 16
MinSpareThreads 2
StartServers 1
ThreadLimit 64
ThreadsPerChild 32
# Timeouts.
TimeOut 30
GracefulShutDownTimeout 1
# Browser handling.
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "MSIE [2-5]" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "^WebDAVFS/1\.[012]" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^gnome-vfs/1\.0" redirect-carefully
BrowserMatch "^gvfs/1" redirect-carefully
BrowserMatch "Konqueror/4" redirect-carefully
# HTTP2.
<IfModule http2_module>
Protocols h2 h2c http/1.1
H2Push On
H2PushPriority application/javascript interleaved
H2PushPriority image/jpeg after 32
H2PushPriority image/png after 32
H2PushPriority text/css before
H2PushPriority * after
</IfModule>
# SSL configuration.
<IfModule ssl_module>
SSLCipherSuite HIGH:!SSLv3:!TLS1:!aNULL:!MD5
SSLHonorCipherOrder On
SSLOptions +FakeBasicAuth
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLRandomSeed startup builtin
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/urandom 512
SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_session_cache(512000)
SSLSessionCacheTimeout 300
SSLSessionTickets Off
BrowserMatch "MSIE [2-5]" ssl-unclean-shutdown
</IfModule>
# PHP.
<IfModule proxy_fcgi_module>
DirectoryIndex index.php index.phtml
<If "-f %{REQUEST_FILENAME} && %{REQUEST_URI} =~ /.+\.ph(ar|p|tml)$/">
SetHandler proxy:unix:/run/php-fpm83/php-fpm.sock|fcgi://localhost/
</If>
</IfModule>
# Filters and Handlers.
<IfModule filter_module>
<IfModule deflate_module>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/wasm
AddOutputFilterByType DEFLATE application/xml
</IfModule>
<IfModule include_module>
AddOutputFilter INCLUDES .shtml .html
</IfModule>
</IfModule>
#This isn't needed except where CGI scripts are placed outside of ScriptAlias dirs. ExecCGI is required in Options for the dir.
#<IfModule cgid_module>
# AddHandler cgi-script .cgi .pl .py .sh
#</IfModule>
# Mime type mappings.
TypesConfig /etc/mime.types
AddEncoding x-compress .tz .z .Z
AddEncoding x-gzip .gz .tgz
AddEncoding x-bzip2 .bz2 .tbz
AddType application/octet-stream .deb .dpkg .flac .flp .img .lz .lzma .mkv .rpm .run .srpm .tlz .txz .vob .xz
AddType application/pkcs8 .key
AddType application/pkcs10 .csr
AddType application/pkix-crl .crl
AddType application/x-pem-file .pem
AddType application/x-x509-user-cert .crt
AddType text/html .shtml
AddType text/markdown .md
AddType text/plain .csh .diff .ksh .md5 .md5sum .meta .patch .pl .pm .py .rb .sh .sha .shasum .sha1 .sha1sum .sha256 .sha256sum .sha512 .sha512sum .slackbuild .tcl .url
MIMEMagicFile /etc/apache2/magic
# Lets Encrypt validation.
Alias /.well-known/acme-challenge/ /srv/dehydrated/
# Access control.
<FilesMatch ^\.(ht.*|ph(?:ar|p|ps|tml))$>
Require all denied
</FilesMatch>
<Directory />
Options SymLinksIfOwnerMatch
AllowOverride None
Require all denied
</Directory>
<Directory /var/empty/>
Options None
AllowOverride None
Require all granted
</Directory>
<Directory /srv/dehydrated/>
Options None
AllowOverride None
Require all granted
</Directory>
<Directory /data/sites/*/html/>
Options Includes MultiViews SymLinksIfOwnerMatch
AllowOverride AuthConfig FileInfo Indexes Limit
Require all granted
AllowMethods GET POST OPTIONS
DirectoryIndex index.html index.xhtml
<IfModule include_module>
DirectoryIndex index.shtml
</IfModule>
<IfModule ssl_module>
<FilesMatch "\.(shtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
</IfModule>
</Directory>
<IfModule cgid_module>
<Directory /data/sites/*/cgi-bin/>
Options ExecCGI Includes MultiViews SymLinksIfOwnerMatch
AllowOverride AuthConfig FileInfo Limit
Require all granted
AllowMethods GET POST OPTIONS
DirectoryIndex disabled
<IfModule ssl_module>
SSLOptions +StdEnvVars
</IfModule>
</Directory>
</IfModule>
# Include extra configurations.
IncludeOptional /etc/apache2/sites-enabled/*.conf

1
etc/apache2/mods-enabled/alias.load
View file

@ -1 +0,0 @@
../mods-available/alias.load

1
etc/apache2/mods-enabled/allowmethods.load
View file

@ -1 +0,0 @@
../mods-available/allowmethods.load

1
etc/apache2/mods-enabled/authn_core.load
View file

@ -1 +0,0 @@
../mods-available/authn_core.load

1
etc/apache2/mods-enabled/authn_file.load
View file

@ -1 +0,0 @@
../mods-available/authn_file.load

1
etc/apache2/mods-enabled/authz_core.load
View file

@ -1 +0,0 @@
../mods-available/authz_core.load

1
etc/apache2/mods-enabled/authz_host.load
View file

@ -1 +0,0 @@
../mods-available/authz_host.load

1
etc/apache2/mods-enabled/authz_user.load
View file

@ -1 +0,0 @@
../mods-available/authz_user.load

1
etc/apache2/mods-enabled/cgid.load
View file

@ -1 +0,0 @@
../mods-available/cgid.load

1
etc/apache2/mods-enabled/deflate.load
View file

@ -1 +0,0 @@
../mods-available/deflate.load

1
etc/apache2/mods-enabled/dir.load
View file

@ -1 +0,0 @@
../mods-available/dir.load

1
etc/apache2/mods-enabled/env.load
View file

@ -1 +0,0 @@
../mods-available/env.load

1
etc/apache2/mods-enabled/filter.load
View file

@ -1 +0,0 @@
../mods-available/filter.load

1
etc/apache2/mods-enabled/http2.load
View file

@ -1 +0,0 @@
../mods-available/http2.load

1
etc/apache2/mods-enabled/include.load
View file

@ -1 +0,0 @@
../mods-available/include.load

1
etc/apache2/mods-enabled/mime.load
View file

@ -1 +0,0 @@
../mods-available/mime.load

1
etc/apache2/mods-enabled/mime_magic.load
View file

@ -1 +0,0 @@
../mods-available/mime_magic.load

1
etc/apache2/mods-enabled/mpm_event.load
View file

@ -1 +0,0 @@
../mods-available/mpm_event.load

1
etc/apache2/mods-enabled/proxy.load
View file

@ -1 +0,0 @@
../mods-available/proxy.load

1
etc/apache2/mods-enabled/proxy_fcgi.load
View file

@ -1 +0,0 @@
../mods-available/proxy_fcgi.load

1
etc/apache2/mods-enabled/rewrite.load
View file

@ -1 +0,0 @@
../mods-available/rewrite.load

1
etc/apache2/mods-enabled/setenvif.load
View file

@ -1 +0,0 @@
../mods-available/setenvif.load

2
etc/apache2/sites-available/.gitignore vendored
View file

@ -1,2 +0,0 @@
/000-default.conf
/default-ssl.conf

44
etc/apache2/sites-available/core.slackware.uk.net.conf
View file

@ -1,44 +0,0 @@
<Directory /srv/pla/>
Options FollowSymlinks
AllowOverride None
Require all granted
</Directory>
<Directory /srv/fusiondirectory>
# include /etc/fusiondirectory/fusiondirectory.secrets
AllowOverride None
Require all granted
AddType application/wasm .wasm
</Directory>
<VirtualHost 5.101.171.215:80 [2a01:a500:2981:1::d7]:80>
ServerName core.slackware.uk.net
SetEnvIf REQUEST_URI ^/robots\.txt$ no_log
SetEnvIf REQUEST_URI ^/favicon\.ico$ no_log
SetEnvIf REQUEST_URI ^/\.well-known/.*$ no_log
RedirectMatch 403 ^/(?!(\.well-known|httpd-errordocs)/)(.*)
</VirtualHost>
<IfModule ssl_module>
<VirtualHost 5.101.171.215:25443 [2a01:a500:2981:1::d7]:25443>
ServerName core.slackware.uk.net
SSLEngine On
SSLCertificateFile /etc/certificates/core.slackware.uk.net_cert.pem
SSLCertificateKeyFile /etc/certificates/core.slackware.uk.net_key.pem
SSLCertificateChainFile /etc/certificates/core.slackware.uk.net_chain.pem
SetEnvIf REQUEST_URI ^/robots\.txt$ no_log
SetEnvIf REQUEST_URI ^/favicon\.ico$ no_log
ScriptAlias /cgi-bin/ /data/sites/core.slackware.uk.net/cgi-bin/
DocumentRoot /data/sites/core.slackware.uk.net/html
Alias /fd /srv/fusiondirectory/html
Alias /pla /srv/pla
</VirtualHost>
</IfModule>

1
etc/apache2/sites-enabled/000-core.slackware.uk.net.conf
View file

@ -1 +0,0 @@
../sites-available/core.slackware.uk.net.conf

5
etc/apt/.gitignore vendored
View file

@ -1,5 +0,0 @@
/apt.conf.d/
/auth.conf.d/
/keyrings/
/sources.list
/trusted.gpg.d/

3
etc/apt/preferences.d/sury
View file

@ -1,3 +0,0 @@
Package: *
Pin: release o=deb.sury.org
Pin-Priority: 1000

4
etc/apt/sources.list.d/fd.list
View file

@ -1,4 +0,0 @@
deb [trusted=yes] https://public.fusiondirectory.org/debian/fusiondirectory-integrator/ bullseye main
deb [trusted=yes] https://public.fusiondirectory.org/debian/fusiondirectory-tools/ bullseye main
deb [trusted=yes] https://public.fusiondirectory.org/debian/fusiondirectory-external-libraries/ bullseye main
deb [trusted=yes] https://public.fusiondirectory.org/debian/bullseye-fusiondirectory-release/ bullseye main

1
etc/apt/sources.list.d/sury.list
View file

@ -1 +0,0 @@
deb [trusted=yes] https://packages.sury.org/php/ trixie main

2
etc/cron.15min/.gitignore vendored
View file

@ -1,2 +0,0 @@
/*
!/.gitignore

2
etc/cron.d/.gitignore vendored
View file

@ -1,2 +0,0 @@
/*
!/.gitignore

6
etc/cron.daily/.gitignore vendored
View file

@ -1,6 +0,0 @@
/*
!/.gitignore
!/0-rotate-logs-symlinks
!/5-update-packages-list
!/7-warn-git-status
!/10-dehydrated

1
etc/cron.daily/0-rotate-logs-symlinks
View file

@ -1 +0,0 @@
/opt/sbin/cronjob-rotate-logs-symlinks

1
etc/cron.daily/10-dehydrated
View file

@ -1 +0,0 @@
/opt/sbin/cronjob-dehydrated

1
etc/cron.daily/5-update-packages-list
View file

@ -1 +0,0 @@
/opt/sbin/cronjob-update-packages-list

1
etc/cron.daily/7-warn-git-status
View file

@ -1 +0,0 @@
/opt/sbin/cronjob-warn-git-status

2
etc/cron.hourly/.gitignore vendored
View file

@ -1,2 +0,0 @@
/*
!/.gitignore

2
etc/cron.monthly/.gitignore vendored
View file

@ -1,2 +0,0 @@
/*
!/.gitignore

3
etc/cron.weekly/.gitignore vendored
View file

@ -1,3 +0,0 @@
/*
!/.gitignore
!/clean-php

1
etc/cron.weekly/clean-php
View file

@ -1 +0,0 @@
/opt/sbin/cronjob-clean-php

2
etc/cron.yearly/.gitignore vendored
View file

@ -1,2 +0,0 @@
/*
!/.gitignore

8
etc/crontab
View file

@ -1,8 +0,0 @@
# do daily/weekly/monthly maintenance
# min hour day month weekday user command
0,15,30,45 * * * * root cd / && [ -d /etc/cron.15min ] && run-parts --report /etc/cron.15min
0 * * * * root cd / && [ -d /etc/cron.hourly ] && run-parts --report /etc/cron.hourly
0 0 * * * root cd / && [ -d /etc/cron.daily ] && run-parts --report /etc/cron.daily
0 0 * * 6 root cd / && [ -d /etc/cron.weekly ] && run-parts --report /etc/cron.weekly
0 0 1 * * root cd / && [ -d /etc/cron.monthly ] && run-parts --report /etc/cron.monthly
0 0 1 1 * root cd / && [ -d /etc/cron.yearly ] && run-parts --report /etc/cron.yearly

10
etc/default/.gitignore vendored
View file

@ -1,10 +0,0 @@
/apache-htcacheclean
/cron
/dbus
/locale
/networking
/nss
/openipmi
/ssh
/useradd
/winbind

5
etc/default/prometheus-node-exporter
View file

@ -1,5 +0,0 @@
# Set the command-line arguments to pass to the server.
# Due to shell escaping, to pass backslashes for regexes, you need to double
# them (\\d for \d). If running under systemd, you need to double them again
# (\\\\d to mean \d), and escape newlines too.
ARGS="--web.listen-address=5.101.171.215:9100"

1
etc/default/rotate-logs-symlinks
View file

@ -1 +0,0 @@
CREATE_DIRS['core.slackware.uk.net']="fusiondirectory samba"

7
etc/default/terraform-http-backend
View file

@ -1,7 +0,0 @@
TF_USER="thb"
TF_IP="5.101.171.215"
TF_PORT="25480"
TF_STORAGE_DIR="/var/lib/terraform-http-backend"
TF_AUTH_ENABLED="true"
TF_USERNAME="sysadmin"
TF_PASSWORD="sunsa"

1
etc/dehydrated/.gitignore vendored
View file

@ -1 +0,0 @@
/chains/

2
etc/dehydrated/accounts/.gitignore vendored
View file

@ -1,2 +0,0 @@
/*/
/*.tar

BIN
etc/dehydrated/accounts/aHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2RpcmVjdG9yeQo.tar.gpg
View file

Binary file not shown.

1
etc/dehydrated/archive/.gitignore vendored
View file

@ -1 +0,0 @@
/*

1
etc/dehydrated/certs/.gitignore vendored
View file

@ -1 +0,0 @@
/*

147
etc/dehydrated/config
View file

@ -1,147 +0,0 @@
# This is the main config file for dehydrated.
# This file is looked for in the following locations:
# $SCRIPTDIR/config (next to this script)
# /usr/local/etc/dehydrated/config
# /etc/dehydrated/config
# ${PWD}/config (in current working-directory)
# Which user should dehydrated run as? This will be implictly enforced when running as root.
# Default: <unset>
#DEHYDRATED_USER=""
# Which group should dehydrated run as? This will be implictly enforced when running as root.
# Default: <unset>
#DEHYDRATED_GROUP=""
# Resolve names to addresses of IP version only, for curl.
# Supported values: 4, 6.
# Default: <unset>
#IP_VERSION=""
# Path to certificate authority.
# Default: https://acme-v02.api.letsencrypt.org/directory
#CA="https://acme-v02.api.letsencrypt.org/directory"
# Use staging server for testing:
#CA="https://acme-staging-v02.api.letsencrypt.org/directory"
# Path to old certificate authority.
# Set this value to your old CA when upgrading from ACMEv1 to ACMEv2 under a different endpoint.
# If dehydrated detects an account-key for the old CA it will automatically reuse that key
# instead of registering a new one.
# Default: https://acme-v01.api.letsencrypt.org/directory
#OLDCA="https://acme-v01.api.letsencrypt.org/directory"
# Which challenge should be used?
# Supported values: http-01, dns-01, tls-alpn-01.
# Default: http-01
#CHALLENGETYPE="http-01"
# Path to a directory containing additional config files.
# This allows overriding the defaults found in the main configuration file.
# Additional config files in this directory must be named with a '.sh' ending.
# Default: <unset>
#CONFIG_D=""
# Base directory for account key, generated certificates and list of domains.
# Default: $SCRIPTDIR
BASEDIR="/etc/dehydrated"
# File containing the list of domains for which to request certificates.
# Default: $BASEDIR/domains.txt
DOMAINS_TXT="${BASEDIR}/domains"
# Directory for per-domain configuration files.
# If not set, per-domain configurations are sourced from each certificates output directory.
# Default: <unset>
DOMAINS_D="${BASEDIR}/domains.d"
# Output directory for generated certificates.
# Default: ${BASEDIR}/certs
#CERTDIR="${BASEDIR}/certs"
# Output directory for alpn verification certificates.
# Default: ${BASEDIR}/alpn-certs
#ALPNCERTDIR="${BASEDIR}/alpn-certs"
# Directory for account keys and registration information.
# Default: ${BASEDIR}/accounts
#ACCOUNTDIR="${BASEDIR}/accounts"
# Output directory for challenge-tokens to be served by webserver, or deployed in $HOOK.
# Default: /var/www/dehydrated
WELLKNOWN="/srv/dehydrated"
# Default keysize for private keys.
# Default: 4096
#KEYSIZE="4096"
# Path to openssl config file.
# To try and figure out the system default, leave this unset.
# Default: <unset>
#OPENSSL_CNF=""
# Path to OpenSSL binary.
# Default: openssl
#OPENSSL="openssl"
# Extra options passed to the curl binary.
# Default: <unset>
#CURL_OPTS=""
# Program or function called at certain stages of processing.
# BASEDIR and WELLKNOWN variables are exported and can be used in an external program.
# Default: <unset>
HOOK="${BASEDIR}/hooks/default"
# Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate?
# Default: no
#HOOK_CHAIN="no"
# Minimum days before expiration to automatically renew certificate.
# Default: 30
#RENEW_DAYS="30"
# Regenerate private keys instead of just signing new certificates on renewal?
# Default: yes
PRIVATE_KEY_RENEW="no"
# Create an extra private key for rollover?
# Default: no
#PRIVATE_KEY_ROLLOVER="no"
# Which public key algorithm should be used?
# Supported: rsa, prime256v1, secp384r1.
# Default: rsa
KEY_ALGO="secp384r1"
# E-mail to use during the registration.
# Default: <unset>
CONTACT_EMAIL="sysadmin@slackware.uk"
# Lockfile location, to prevent concurrent execution.
# Default: $BASEDIR/lock
LOCKFILE="/run/dehydrated.lock"
# Option to add CSR-flag indicating OCSP stapling to be mandatory.
# Default: no
#OCSP_MUST_STAPLE="no"
# Fetch OCSP responses.
# Default: no
#OCSP_FETCH="no"
# OCSP refresh interval, in days.
# Default: 5
#OCSP_DAYS="5"
# Issuer chain cache directory.
# Default: $BASEDIR/chains
#CHAINCACHE="${BASEDIR}/chains"
# Automatic cleanup?
# Default: no
AUTO_CLEANUP="yes"
# ACME API version.
# Default: auto
#API=auto

32
etc/dehydrated/domains
View file

@ -1,32 +0,0 @@
# Create certificate for 'example.org' with an alternative name of
# 'www.example.org'. It will be stored in the directory ${CERT_DIR}/example.org
#example.org www.example.org
# Create certificate for 'example.com' with alternative names of
# 'www.example.com' & 'wiki.example.com'. It will be stored in the directory
# ${CERT_DIR}/example.com
#example.com www.example.com wiki.example.com
# Using the alias 'certalias' create certificate for 'example.net' with
# alternate name 'www.example.net' and store it in the directory
# ${CERTDIR}/certalias
#example.net www.example.net > certalias
# Using the alias 'service_example_com' create a wildcard certificate for
# '*.service.example.com' and store it in the directory
# ${CERTDIR}/service_example_com
# NOTE: It is NOT a certificate for 'service.example.com'
#*.service.example.com > service_example_com
# Using the alias 'star_service_example_org' create a wildcard certificate for
# '*.service.example.org' with an alternative name of `service.example.org'
# and store it in the directory ${CERTDIR}/star_service_example_org
# NOTE: It is a certificate for 'service.example.org'
#*.service.example.org service.example.org > star_service_example_org
# Create a certificate for 'service.example.net' with an alternative name of
# '*.service.example.net' (which is a wildcard domain) and store it in the
# directory ${CERTDIR}/service.example.net
#service.example.net *.service.example.net
core.slackware.uk.net

48
etc/dehydrated/domains.d/_example_
View file

@ -1,48 +0,0 @@
# The settings in this file can be used to override those in the global config file in /etc/dehydrated
# Which challenge should be used?
# Supported values: http-01, dns-01, tls-alpn-01.
# Default: http-01
#CHALLENGETYPE="http-01"
# Default keysize for private keys.
# Default: 4096
#KEYSIZE="4096"
# Program or function called at certain stages of processing.
# BASEDIR and WELLKNOWN variables are exported and can be used in an external program.
# Default: <unset>
#HOOK=""
# Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate?
# Default: no
#HOOK_CHAIN="no"
# Minimum days before expiration to automatically renew certificate.
# Default: 30
#RENEW_DAYS="30"
# Regenerate private keys instead of just signing new certificates on renewal?
# Default: yes
#PRIVATE_KEY_RENEW="yes"
# Create an extra private key for rollover?
# Default: no
#PRIVATE_KEY_ROLLOVER="no"
# Which public key algorithm should be used?
# Supported: rsa, prime256v1, secp384r1.
# Default: rsa
#KEY_ALGO="rsa"
# Option to add CSR-flag indicating OCSP stapling to be mandatory.
# Default: no
#OCSP_MUST_STAPLE="no"
# Fetch OCSP responses.
# Default: no
#OCSP_FETCH="no"
# OCSP refresh interval, in days.
# Default: 5
#OCSP_DAYS="5"

48
etc/dehydrated/domains.d/core.slackware.uk.net
View file

@ -1,48 +0,0 @@
# The settings in this file can be used to override those in the global config file in /etc/dehydrated
# Which challenge should be used?
# Supported values: http-01, dns-01, tls-alpn-01.
# Default: http-01
#CHALLENGETYPE="http-01"
# Default keysize for private keys.
# Default: 4096
#KEYSIZE="4096"
# Program or function called at certain stages of processing.
# BASEDIR and WELLKNOWN variables are exported and can be used in an external program.
# Default: <unset>
#HOOK=""
# Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate?
# Default: no
#HOOK_CHAIN="no"
# Minimum days before expiration to automatically renew certificate.
# Default: 30
#RENEW_DAYS="30"
# Regenerate private keys instead of just signing new certificates on renewal?
# Default: yes
#PRIVATE_KEY_RENEW="yes"
# Create an extra private key for rollover?
# Default: no
#PRIVATE_KEY_ROLLOVER="no"
# Which public key algorithm should be used?
# Supported: rsa, prime256v1, secp384r1.
# Default: rsa
#KEY_ALGO="rsa"
# Option to add CSR-flag indicating OCSP stapling to be mandatory.
# Default: no
#OCSP_MUST_STAPLE="no"
# Fetch OCSP responses.
# Default: no
#OCSP_FETCH="no"
# OCSP refresh interval, in days.
# Default: 5
#OCSP_DAYS="5"

436
etc/dehydrated/hooks/default
View file

@ -1,436 +0,0 @@
#!/usr/bin/env bash
# This file contains the default hook functions for dehydrated - these functions will be used when there is no overriding certificate specific hooks file.
# All but startup_hook and ext_hook can be overridden by a hooks script on a per certificate basis.
#
# shellcheck disable=SC2034,SC2317
# Configuration.
# Where the copies of the current certificates/keys should be placed. Comment for no copying.
CERTSDIR="/etc/certificates"
# The syslog facility and tag to use.
FACILITY="local3"
TAG="dehydrated"
# Where from/to to send emails.
EMAIL_FROM="\"Server: ${HOSTNAME%%.*}\" <noreply@slackware.uk>"
EMAIL_TO=("Systems' Administrator <sysadmin@slackware.uk>")
# Get the system ID.
# shellcheck disable=SC2046
declare SYSTEM_$(grep '^ID=' /etc/os-release 2>/dev/null)
# Write a message to syslog, and send a copy via email.
notify() {
local LOG_PREFIX="${LOG_PREFIX:-Certificate renewal} $1" PRIORITY
[[ -z "$1" ]] && return 1
# Select the syslog priority level.
case "$1" in
'error') PRIORITY="err" ;;
'warning') PRIORITY="warn" ;;
*) PRIORITY="info" ;;
esac
shift
# Log the message to syslog
if [[ "$ID" == "alpine" ]]; then
# BusyBox logger on Alpine's is missing the --id option.
printf "%s\\n" "$LOG_PREFIX:" "$@" "EOX" | logger -p "$FACILITY.$PRIORITY" -t "$TAG" >/dev/null 2>&1
else
printf "%s\\n" "$LOG_PREFIX:" "$@" "EOX" | logger --id="$$" -p "$FACILITY.$PRIORITY" -t "$TAG" >/dev/null 2>&1
fi
# Email the notification.
printf "%s\\n" "$@" | mail -r "$EMAIL_FROM" -s "$LOG_PREFIX" "${EMAIL_TO[@]}" >/dev/null 2>&1
return 0
}
# Service configurations (used at startup/shutdown).
services() {
local DAEMON ERR=0 LOG_PREFIX="Dehydrated configuration" PIDFILE RCFILE SANITY="$1"
# Select the service configuration based on the distribution.
# RCFILE_<service> is required for any service.
# Either DAEMON_<service> or PIDFILE_<service>, or both is required for any service.
if [[ "$SYSTEM_ID" == "slackware" ]]; then
# HTTP daemon selection.
if [[ -x "/etc/rc.d/rc.httpd" ]]; then
RCFILE_HTTPD="/etc/rc.d/rc.httpd"
DAEMON_HTTPD="httpd"
PIDFILE_HTTPD="/run/httpd.pid"
elif [[ -x "/etc/rc.d/rc.thttpd" ]]; then
RCFILE_HTTPD="/etc/rc.d/rc.thttpd"
DAEMON_HTTPD="thttpd"
PIDFILE_HTTPD="/run/thttpd.pid"
fi
# FTP daemon selection.
if [[ -x "/etc/rc.d/rc.proftpd" ]]; then
RCFILE_FTPD="/etc/rc.d/rc.proftpd"
DAEMON_FTPD="proftpd"
PIDFILE_FTPD="/run/proftpd.pid"
fi
# SMTP daemon selection.
if [[ -x "/etc/rc.d/rc.exim" ]]; then
RCFILE_SMTPD="/etc/rc.d/rc.exim"
DAEMON_SMTPD="exim"
PIDFILE_SMTPD="/run/exim.pid"
fi
elif [[ "$SYSTEM_ID" == "void" ]]; then
# HTTP daemon selection.
# thttpd on Void doesn't have a directly callable rc script, so can't be supported.
if [[ -x "/usr/sbin/apachectl" ]]; then
RCFILE_HTTPD="/usr/sbin/apachectl"
DAEMON_HTTPD="httpd"
PIDFILE_HTTPD="/run/httpd/httpd.pid"
fi
elif [[ "$SYSTEM_ID" == "alpine" ]]; then
# HTTP daemon selection.
if [[ -x "/etc/init.d/apache2" ]]; then
RCFILE_HTTPD="/etc/init.d/apache2"
DAEMON_HTTPD="httpd"
PIDFILE_HTTPD="/run/apache2/httpd.pid"
elif [[ -x "/etc/init.d/thttpd" ]]; then
RCFILE_HTTPD="/etc/init.d/thttpd"
DAEMON_HTTPD="thttpd"
PIDFILE_HTTPD="/run/thttpd.pid"
fi
# Samba daemon selection.
if [[ -x "/etc/init.d/samba" ]]; then
# FIXME:
# RCFILE_SAMBA="/etc/init.d/samba"
DAEMON_SAMBA="samba"
PIDFILE_SAMBA="/run/samba.pid"
fi
fi
# Sanity check settings.
((SANITY == 1)) && {
[[ -z "$RCFILE_HTTPD" ]] && notify "warning" "No configuration settings for an HTTP daemon - no start/restart of HTTP daemon is possible -- check configuration"
for RCFILE in "${!RCFILE_@}"; do
DAEMON="DAEMON_${RCFILE#RCFILE_}"
PIDFILE="PIDFILE_${RCFILE#RCFILE_}"
[[ -n "${!RCFILE}" ]] && [[ -z "${!DAEMON}" ]] && [[ -z "${!PIDFILE}" ]] && notify "error" "'$RCFILE' is set, but neither '$DAEMON' nor '$PIDFILE' is set - at least one setting is required -- aborting" && ERR=1
done
}
((ERR == 1)) && return 1
return 0
}
deploy_challenge() {
local DOMAIN="$1" TOKEN_FILENAME="$2" TOKEN_VALUE="$3"
# This hook is called once for every domain that needs to be
# validated, including any alternative names you may have listed.
# Parameters:
# DOMAIN - The domain name (CN or subject alternative name) being validated.
# TOKEN_FILENAME - The name of the file containing the token to be served for HTTP validation
# Should be served by your web server as /.well-known/acme-challenge/${TOKEN_FILENAME}.
# TOKEN_VALUE - The token value that needs to be served for validation.
# For DNS validation, this is what you want to put in the _acme-challenge TXT record.
# For HTTP validation it is the value that is expected be found in the $TOKEN_FILENAME file.
# Simple example: Use nsupdate with local named
# printf 'server 127.0.0.1\nupdate add _acme-challenge.%s 300 IN TXT "%s"\nsend\n' "$DOMAIN" "$TOKEN_VALUE" | nsupdate -k /var/run/named/session.key
return 0
}
clean_challenge() {
local DOMAIN="$1" TOKEN_FILENAME="$2" TOKEN_VALUE="$3"
# This hook is called after attempting to validate each domain, whether or not validation was successful. Here you can delete files or DNS records that are no longer needed.
# The parameters are the same as for deploy_challenge.
# Simple example: Use nsupdate with local named
# printf 'server 127.0.0.1\nupdate delete _acme-challenge.%s TXT "%s"\nsend\n' "$DOMAIN" "$TOKEN_VALUE" | nsupdate -k /var/run/named/session.key
return 0
}
sync_cert() {
local KEYFILE="$1" CERTFILE="$2" FULLCHAINFILE="$3" CHAINFILE="$4" REQUESTFILE="$5"
# This hook is called after the certificates have been created but before they are symlinked.
# This allows you to sync the files to disk to prevent creating a symlink to empty files on unexpected system crashes.
# This hook is not intended to be used for further processing of certificate files; see deploy_cert for that.
# Parameters:
# KEYFILE - The path of the file containing the private key.
# CERTFILE - The path of the file containing the signed certificate.
# FULLCHAINFILE - The path of the file containing the full certificate chain.
# CHAINFILE - The path of the file containing the intermediate certificate(s).
# REQUESTFILE - The path of the file containing the certificate signing request.
# Simple example: sync the files before symlinking them
# sync "$KEYFILE" "$CERTFILE" "$FULLCHAINFILE" "$CHAINFILE" "$REQUESTFILE"
return 0
}
deploy_cert() {
local DOMAIN="$1" KEYFILE="$2" CERTFILE="$3" FULLCHAINFILE="$4" CHAINFILE="$5" TIMESTAMP="$6"
# This hook is called once for each certificate that has been produced.
# Here you might, for instance, copy your new certificates to service-specific locations and reload the service.
# Parameters:
# DOMAIN - The primary domain name, i.e. the certificate common name (CN).
# KEYFILE - The path of the file containing the private key.
# CERTFILE - The path of the file containing the signed certificate.
# FULLCHAINFILE - The path of the file containing the full certificate chain.
# CHAINFILE - The path of the file containing the intermediate certificate(s).
# TIMESTAMP - Timestamp when the specified certificate was created.
local FILE LOG_PREFIX="Certificate deployment"
# Only copy the certificate if there's a CERTSDIR setting.
[[ -n "$CERTSDIR" ]] && {
# If any of the destination files are symlinks, bail out - we don't want to clobber something.
for FILE in "$CERTSDIR/${DOMAIN}_"{cert,key,chain,fullchain}.pem; do
[[ -e "$FILE" ]] && [[ -L "$FILE" ]] && {
notify "error" "Will not copy to symlink '$FILE' during '$DOMAIN' certificate deployment"
# Return 0 so that dehydrated doesn't stop - there may be some more certificates to renew.
return 0
}
done
# The first time through this will create the files readable by root only, but better to err on the side of caution.
# Subsequent runs will retain whatever permissions were set by the admin after the first run.
cmp "$CERTFILE" "$CERTSDIR/${DOMAIN}_cert.pem" >/dev/null 2>&1 || {
umask 066
# shellcheck disable=SC2015
cat "$CERTFILE" >"$CERTSDIR/${DOMAIN}_cert.pem" && cat "$KEYFILE" >"$CERTSDIR/${DOMAIN}_key.pem" && cat "$CHAINFILE" >"$CERTSDIR/${DOMAIN}_chain.pem" && cat "$FULLCHAINFILE" >"$CERTSDIR/${DOMAIN}_fullchain.pem" || {
notify "error" "Failed to copy certificates/key to '$CERTSDIR' during '$DOMAIN' certificate deployment"
# Return 0 so that dehydrated doesn't stop - there may be some more certificates to renew.
return 0
}
}
# Set a marker (used in the exit_hook function) to signal that services should be reloaded at the end of deployments.
touch /run/dehydrated-reload-marker || {
notify "warning" "Failed to create reload marker during '$DOMAIN' certificate deployment - reloading services manually may be required -- check server"
# Return 0 so that dehydrated doesn't stop - there may be some more certificates to renew.
return 0
}
}
# Notify the sysadmin of the sucessful renewal.
notify "information" "Sucessful renewal and deployment of certificate/key for '$DOMAIN'"
return 0
}
deploy_ocsp() {
local DOMAIN="$1" OCSPFILE="$2" TIMESTAMP="$3"
# This hook is called once for each updated ocsp stapling file that has been produced.
# Here you might, for instance, copy your new ocsp stapling files to service-specific locations and reload the service.
# Parameters:
# DOMAIN - The primary domain name, i.e. the certificate common name (CN).
# OCSPFILE - The path of the ocsp stapling file.
# TIMESTAMP - Timestamp when the specified ocsp stapling file was created.
# Simple example: Copy file to nginx config
# cp "$OCSPFILE" /etc/nginx/ssl/; chown -R nginx: /etc/nginx/ssl
# systemctl reload nginx
return 0
}
unchanged_cert() {
local DOMAIN="$1" KEYFILE="$2" CERTFILE="$3" FULLCHAINFILE="$4" CHAINFILE="$5"
# This hook is called once for each certificate that is still valid and therefore wasn't reissued.
# Parameters:
# DOMAIN - The primary domain name, i.e. the certificate common name (CN).
# KEYFILE - The path of the file containing the private key.
# CERTFILE - The path of the file containing the signed certificate.
# FULLCHAINFILE - The path of the file containing the full certificate chain.
# CHAINFILE - The path of the file containing the intermediate certificate(s).
return 0
}
invalid_challenge() {
local DOMAIN="$1" RESPONSE="$2"
# This hook is called if the challenge response has failed, so domain owners can be aware and act accordingly.
# Parameters:
# DOMAIN - The primary domain name, i.e. the certificate common name (CN).
# RESPONSE - The response that the verification server returned
# Notify the sysadmin.
notify "error" "Validation of '$DOMAIN' failed:" "$RESPONSE"
return 0
}
request_failure() {
local STATUSCODE="$1" REASON="$2" REQTYPE="$3" HEADERS="$4"
# This hook is called when an HTTP request fails (e.g., when the ACME server is busy, returns an error, etc).
# It will be called upon any response code that does not start with '2'. Useful to alert admins about problems with requests.
# Parameters:
# STATUSCODE - The HTML status code that originated the error.
# REASON - The specified reason for the error.
# REQTYPE - The kind of request that was made (GET, POST...)
# Notify the sysadmin.
notify "error" "HTTP $REQTYPE request failed for '$DOMAIN' with code '$STATUSCODE'" "Reason: $REASON" "Headers:" "$HEADERS"
return 0
}
generate_csr() {
local DOMAIN="$1" CERTDIR="$2" ALTNAMES="$3"
# This hook is called before any certificate signing operation takes place.
# It can be used to generate or fetch a certificate signing request with external tools.
# The output should be just the cerificate signing request formatted as PEM.
# Parameters:
# DOMAIN - The primary domain as specified in domains.txt.
# This does not need to match with the domains in the CSR, it's basically just the directory name.
# CERTDIR - Certificate output directory for this particular certificate.
# Can be used for storing additional files.
# ALTNAMES - All domain names for the current certificate as specified in domains.txt.
# Again, this doesn't need to match with the CSR, it's just there for convenience.
# Simple example: Look for pre-generated CSRs
# if [ -e "$CERTDIR/pre-generated.csr" ]; then
# cat "$CERTDIR/pre-generated.csr"
# fi
return 0
}
startup_hook() {
# This hook is called before the cron command to do some initial tasks (e.g. starting a webserver).
local LOG_PREFIX="Dehydrated startup"
# Read services configuration (with sanity check)
services 1 || return 1
# Make sure the certificates directory exists.
[[ -n "$CERTSDIR" ]] && {
umask 022
# shellcheck disable=SC2174
mkdir -p -m 0755 "$CERTSDIR" 2>/dev/null || {
notify "error" "Failed to create certificate storage directory -- aborting"
return 1
}
}
# If an HTTP daemon rc script is available and the service is not already running, start it.
[[ -n "$RCFILE_HTTPD" ]] && {
pgrep -c ${PIDFILE_HTTPD:+-F "$PIDFILE_HTTPD"} "$DAEMON_HTTPD" >/dev/null 2>&1 || {
"$RCFILE_HTTPD" start >/dev/null 2>&1
sleep 5
if pgrep -c ${PIDFILE_HTTPD:+-F "$PIDFILE_HTTPD"} "$DAEMON_HTTPD" >/dev/null 2>&1; then
# Set a marker (used in exit_hook()) to signal that the HTTP daemon should be stopped at the end of deployments.
touch /run/dehydrated-http-daemon-stop-marker 2>/dev/null || notify "warning" "Failed to create HTTP daemon stop marker - HTTP daemon will be left running -- check server"
else
notify "error" "Failure of '$RCFILE_HTTPD' to start HTTP daemon -- aborting"
return 1
fi
}
}
# Add firewall rules to allow HTTP traffic so the nonce can be validated.
{ iptables -N dehydrated && ip6tables -N dehydrated && iptables -I INPUT 1 -j dehydrated && ip6tables -I INPUT 1 -j dehydrated && iptables -I dehydrated 1 -p tcp --syn --dport 80 -m conntrack --ctstate NEW -j ACCEPT && ip6tables -I dehydrated 1 -p tcp --syn --dport 80 -m conntrack --ctstate NEW -j ACCEPT; } >/dev/null 2>&1 || {
notify "error" "Failed to insert firewall rules to allow nonce validation -- aborting"
return 1
}
return 0
}
exit_hook() {
local ERROR="$1"
# This hook is called at the end of the cron command and can be used to do some final (cleanup or other) tasks.
# Parameters:
# ERROR - Contains error message if dehydrated exits with error.
local DAEMON ERR=0 LOG_PREFIX="Dehydrated shutdown" PIDFILE RCFILE TIMEOUT=30
# Read services configuration (without sanity check - this was already done at startup)
services 0 || return 1
# Delete firewall rules that was added to allow HTTP traffic.
iptables -C INPUT -j dehydrated >/dev/null 2>&1 && iptables -D INPUT -j dehydrated >/dev/null 2>&1
ip6tables -C INPUT -j dehydrated >/dev/null 2>&1 && ip6tables -D INPUT -j dehydrated >/dev/null 2>&1
iptables -F dehydrated >/dev/null 2>&1
ip6tables -F dehydrated >/dev/null 2>&1
iptables -X dehydrated >/dev/null 2>&1
ip6tables -X dehydrated >/dev/null 2>&1
# If the reload marker was set, restart services.
[[ -e /run/dehydrated-reload-marker ]] && {
for RCFILE in "${!RCFILE_@}"; do
DAEMON="DAEMON_${RCFILE#RCFILE_}"
PIDFILE="PIDFILE_${RCFILE#RCFILE_}"
# If the HTTP daemon is going to be shut down, there's no need to restart it.
[[ "$RCFILE" == "RCFILE_HTTPD" ]] && [[ -e /run/dehydrated-http-daemon-stop-marker ]] && continue
# Restart the service.
"${!RCFILE}" restart >/dev/null 2>&1 || notify "warning" "Failed to restart service '${!DAEMON}' -- check server"
sleep "$TIMEOUT"
pgrep -c ${PIDFILE:+-F "${!PIDFILE}"} "${!DAEMON}" >/dev/null 2>&1 || {
notify "warning" "Service '${!DAEMON}' exited unexpectedly - trying to start again"
"${!RCFILE}" start >/dev/null 2>&1 || notify "warning" "Failed to start service '${!DAEMON}' -- check server"
sleep "$TIMEOUT"
pgrep -c ${PIDFILE:+-F "${!PIDFILE}"} "${!DAEMON}" >/dev/null 2>&1 || {
notify "warning" "Service '${!DAEMON}' failed to restart correctly -- check server"
ERR=1
}
}
done
}
# Remove the reload marker if all services restarted without issue. Keep the marker if any failed.
((ERR == 0)) && { rm -f /run/dehydrated-reload-marker 2>/dev/null || notify "warning" "Failed to remove services reload marker -- check server"; }
# If an HTTP daemon was started by dehydrated, stop it now.
ERR=0
[[ -e /run/dehydrated-http-daemon-stop-marker ]] && {
pgrep -c ${PIDFILE_HTTPD:+-F "$PIDFILE_HTTPD"} "$DAEMON_HTTPD" >/dev/null 2>&1 && {
"$RCFILE_HTTPD" stop >/dev/null 2>&1 || notify "warning" "Failed to gracefully stop service '$DAEMON_HTTPD' -- check server"
sleep "$TIMEOUT"
pgrep -c ${PIDFILE_HTTPD:+-F "$PIDFILE_HTTPD"} "$DAEMON_HTTPD" >/dev/null 2>&1 && {
pkill -TERM ${PIDFILE_HTTPD:+-F "$PIDFILE_HTTPD"} "$DAEMON_HTTPD" >/dev/null 2>&1 || notify "warning" "Failed to -SIGTERM service '$DAEMON_HTTPD' -- check server"
sleep "$TIMEOUT"
pgrep -c ${PIDFILE_HTTPD:+-F "$PIDFILE_HTTPD"} "$DAEMON_HTTPD" >/dev/null 2>&1 && {
pkill -KILL ${PIDFILE_HTTPD:+-F "$PIDFILE_HTTPD"} "$DAEMON_HTTPD" >/dev/null 2>&1 || notify "warning" "Failed to -SIGKILL service '$DAEMON_HTTPD' -- check server"
sleep 5
}
}
pgrep -c ${PIDFILE_HTTPD:+-F "$PIDFILE_HTTPD"} "$DAEMON_HTTPD" >/dev/null 2>&1 && notify "warning" "Failed to stop HTTP daemon that dehydrated started" && ERR=1
}
}
# If the HTTP daemon was stopped correctly, remove the stop marker.
((ERR == 0)) && { rm -f /run/dehydrated-http-daemon-stop-marker 2>/dev/null || notify "warning" "Failed to remove HTTP daemon stop marker -- check server"; }
return 0
}
# Run the correct function.
HANDLER="$1"
shift
if declare -pF "$HANDLER" >/dev/null 2>&1; then
"$HANDLER" "$@"
exit "$?"
else
exit 0
fi

8
etc/fusiondirectory/fusiondirectory-apache.conf
View file

@ -1,8 +0,0 @@
# Include FusionDirectory to your web service
Alias /fusiondirectory /usr/share/fusiondirectory/html
<Directory /usr/share/fusiondirectory/html>
# Remove the comment from the line below if you use fusiondirectory-configuration-manager --encrypt-passwords
# include /etc/fusiondirectory/fusiondirectory.secrets
</Directory>

8
etc/fusiondirectory/fusiondirectory.conf
View file

@ -1,8 +0,0 @@
<?xml version="1.0"?>
<conf>
<main default="Slackware UK LDAP Server" logging="true" displayerrors="true" debuglevel="1024" templateCompileDirectory="/var/cache/fusiondirectory/template/" theme="breezy">
<location name="Slackware UK LDAP Server" forceSSL="true">
<referral URI="ldaps://core.slackware.uk.net:636" base="dc=slackware,dc=uk,dc=net" adminDn="cn=Administrator,cn=Users,dc=slackware,dc=uk,dc=net" adminPassword="rxdnq8cksunsa$0D" />
</location>
</main>
</conf>

8
etc/fusiondirectory/fusiondirectory.conf.orig
View file

@ -1,8 +0,0 @@
<?xml version="1.0"?>
<conf>
<main default="Slackware UK LDAP Server" logging="true" displayerrors="true" debuglevel="1024" templateCompileDirectory="/var/cache/fusiondirectory/template/" theme="breezy">
<location name="Slackware UK LDAP Server" forceSSL="true">
<referral URI="ldaps://core.slackware.uk.net:636" base="dc=slackware,dc=uk,dc=net" adminDn="cn=Administrator,cn=Users,dc=slackware,dc=uk,dc=net" adminPassword="rxdnq8cksunsa$0D" />
</location>
</main>
</conf>

57
etc/group
View file

@ -1,57 +0,0 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
systemd-journal:x:999:
systemd-network:x:998:
messagebus:x:997:
systemd-resolve:x:996:
input:x:995:
sgx:x:994:
clock:x:993:
kvm:x:992:
render:x:991:
_ssh:x:101:
polkitd:x:990:
ssl-cert:x:102:
sambashare:x:989:
winbindd_priv:x:988:
prometheus:x:103:
uuidd:x:104:
thb:x:500:thb
netdev:x:105:
crontab:x:987:

BIN
etc/gshadow.gpg
View file

Binary file not shown.

1
etc/hostname
View file

@ -1 +0,0 @@
core.slackware.uk.net

5
etc/hosts
View file

@ -1,5 +0,0 @@
127.0.1.1 core core.slackware.uk.net
127.0.0.1 localhost localhost.localdomain
::1 localhost ip6-localhost ip6-loopback localhost.localdomain
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

3
etc/init.d/.gitignore vendored
View file

@ -1,3 +0,0 @@
/*
!/.gitignore
!/terraform-http-backend

49
etc/init.d/terraform-http-backend
View file

@ -1,49 +0,0 @@
#!/bin/sh
# Start/stop terraform-http-backend.
#
### BEGIN INIT INFO
# Provides: terraform-http-backend
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Terraform HTTP state backend daemon
# Description: Terraform HTTP state backend daemon
### END INIT INFO
NAME=terraform-http-backend
DAEMON=/opt/sbin/$NAME
DESC="Terraform HTTP state backend"
SCRIPT=terraform-http-backend
test -x $DAEMON || exit 0
[ -f /etc/default/terraform-http-backend ] && . /etc/default/terraform-http-backend
export TF_USER TF_IP TF_PORT TF_STORAGE_DIR TF_AUTH_ENABLED TF_USERNAME TF_PASSWORD
. /lib/lsb/init-functions
case "$1" in
(start)
log_daemon_msg "Starting $DESC" $NAME
/usr/bin/su "$TF_USER" -c "$DAEMON >/dev/null 2>&1 &"
log_end_msg $?
;;
(stop)
log_daemon_msg "Stopping $DESC" $NAME
/usr/bin/killall -TERM $DAEMON
log_end_msg $?
;;
(restart|force-reload)
$0 stop && sleep 1 && $0 start
;;
(status)
status_of_proc $DAEMON $NAME && exit 0 || exit $?
;;
(*)
echo "Usage: /etc/init.d/$SCRIPT {start|stop|restart|force-reload|status}"
exit 1
;;
esac
exit 0

28
etc/krb5.conf
View file

@ -1,28 +0,0 @@
[logging]
# FIXME:
# default = FILE:/var/log/krb5libs
# kdc = FILE:/var/log/krb5kdc
# admin_server = FILE:/var/log/kadmind
[libdefaults]
ccache_type = 4
default_realm = SLACKWARE.UK.NET
dns_lookup_realm = false
dns_lookup_kdc = false
kdc_timesync = 1
rdns = true
forwardable = true
proxiable = true
ticket_lifetime = 24h
renew_lifetime = 7d
[realms]
SLACKWARE.UK.NET = {
default_domain = slackware.uk.net
admin_server = core.slackware.uk.net
kdc = core.slackware.uk.net
}
[domain_realm]
.slackware.uk.net = SLACKWARE.UK.NET
core = SLACKWARE.UK.NET

10
etc/ldap/ldap.conf
View file

@ -1,10 +0,0 @@
# LDAP Defaults
URI ldap://core.slackware.uk.net
BASE dc=slackware,dc=uk,dc=net
VERSION 3
TLS_CACERT /etc/certificates/LetsEncrypt-CompleteCertificateStore.pem
TLS_CERT /etc/certificates/core.slackware.uk.net_cert.pem
TLS_KEY /etc/certificates/core.slackware.uk.net_key.pem
TLS_PROTOCOL_MIN 3.3

1
etc/ldap/schema/.gitignore vendored
View file

@ -1 +0,0 @@
/fusiondirectory/

288
etc/ldap/schema/rfc2307bis.schema
View file

@ -1,288 +0,0 @@
# builtin
#
#attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber'
# DESC 'An integer uniquely identifying a user in an administrative domain'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
# SINGLE-VALUE )
# builtin
#
#attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber'
# DESC 'An integer uniquely identifying a group in an
# administrative domain'
# EQUALITY integerMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
# SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
DESC 'The GECOS field; the common name'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
DESC 'The absolute path to the home directory'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
DESC 'The path to the login shell'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple'
DESC 'Netgroup triple'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort'
DESC 'Service port number'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol'
DESC 'Service protocol name'
SUP name )
attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
DESC 'IP protocol number'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber'
DESC 'ONC RPC number'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber'
DESC 'IPv4 addresses as a dotted decimal omitting leading
zeros or IPv6 addresses as defined in RFC2373'
SUP name )
attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber'
DESC 'IP network as a dotted decimal, eg. 192.168,
omitting leading zeros'
SUP name
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
DESC 'IP netmask as a dotted decimal, eg. 255.255.255.0,
omitting leading zeros'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
DESC 'MAC address in maximal, colon separated hex
notation, eg. 00:00:92:90:ee:e2'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
DESC 'rpc.bootparamd parameter'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile'
DESC 'Boot image name'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
DESC 'Name of a A generic NIS map'
SUP name )
attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry'
DESC 'A generic NIS entry'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.28 NAME 'nisPublicKey'
DESC 'NIS public key'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.29 NAME 'nisSecretKey'
DESC 'NIS secret key'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.30 NAME 'nisDomain'
DESC 'NIS domain'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.1.1.1.31 NAME 'automountMapName'
DESC 'automount Map Name'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.32 NAME 'automountKey'
DESC 'Automount Key value'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributetype ( 1.3.6.1.1.1.1.33 NAME 'automountInformation'
DESC 'Automount information'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY
DESC 'Abstraction of an account with POSIX attributes'
MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
MAY ( userPassword $ loginShell $ gecos $
description ) )
objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top AUXILIARY
DESC 'Additional attributes for shadow passwords'
MUST uid
MAY ( userPassword $ description $
shadowLastChange $ shadowMin $ shadowMax $
shadowWarning $ shadowInactive $
shadowExpire $ shadowFlag ) )
objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top AUXILIARY
DESC 'Abstraction of a group of accounts'
MUST gidNumber
MAY ( userPassword $ memberUid $
description ) )
objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL
DESC 'Abstraction an Internet Protocol service.
Maps an IP port and protocol (such as tcp or udp)
to one or more names; the distinguished value of
the cn attribute denotes the services canonical
name'
MUST ( cn $ ipServicePort $ ipServiceProtocol )
MAY description )
objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL
DESC 'Abstraction of an IP protocol. Maps a protocol number
to one or more names. The distinguished value of the cn
attribute denotes the protocols canonical name'
MUST ( cn $ ipProtocolNumber )
MAY description )
objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL
DESC 'Abstraction of an Open Network Computing (ONC)
[RFC1057] Remote Procedure Call (RPC) binding.
This class maps an ONC RPC number to a name.
The distinguished value of the cn attribute denotes
the RPC services canonical name'
MUST ( cn $ oncRpcNumber )
MAY description )
objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY
DESC 'Abstraction of a host, an IP device. The distinguished
value of the cn attribute denotes the hosts canonical
name. Device SHOULD be used as a structural class'
MUST ( cn $ ipHostNumber )
MAY ( userPassword $ l $ description $ manager ) )
objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL
DESC 'Abstraction of a network. The distinguished value of
the cn attribute denotes the networks canonical name'
MUST ipNetworkNumber
MAY ( cn $ ipNetmaskNumber $ l $ description $ manager ) )
objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL
DESC 'Abstraction of a netgroup. May refer to other netgroups'
MUST cn
MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )
objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL
DESC 'A generic abstraction of a NIS map'
MUST nisMapName
MAY description )
objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL
DESC 'An entry in a NIS map'
MUST ( cn $ nisMapEntry $ nisMapName )
MAY description )
objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top AUXILIARY
DESC 'A device with a MAC address; device SHOULD be
used as a structural class'
MAY macAddress )
objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top AUXILIARY
DESC 'A device with boot parameters; device SHOULD be
used as a structural class'
MAY ( bootFile $ bootParameter ) )
objectclass ( 1.3.6.1.1.1.2.14 NAME 'nisKeyObject' SUP top AUXILIARY
DESC 'An object with a public and secret key'
MUST ( cn $ nisPublicKey $ nisSecretKey )
MAY ( uidNumber $ description ) )
objectclass ( 1.3.6.1.1.1.2.15 NAME 'nisDomainObject' SUP top AUXILIARY
DESC 'Associates a NIS domain with a naming context'
MUST nisDomain )
objectclass ( 1.3.6.1.1.1.2.16 NAME 'automountMap' SUP top STRUCTURAL
MUST ( automountMapName )
MAY description )
objectclass ( 1.3.6.1.1.1.2.17 NAME 'automount' SUP top STRUCTURAL
DESC 'Automount information'
MUST ( automountKey $ automountInformation )
MAY description )
## namedObject is needed for groups without members
objectclass ( 1.3.6.1.4.1.5322.13.1.1 NAME 'namedObject' SUP top
STRUCTURAL MAY cn )

192
etc/login.defs
View file

@ -1,192 +0,0 @@
#
# /etc/login.defs - Configuration control definitions for the shadow package.
#
# REQUIRED for useradd/userdel/usermod
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
# MAIL_DIR takes precedence.
#
# Essentially:
# - MAIL_DIR defines the location of users mail spool files
# (for mbox use) by appending the username to MAIL_DIR as defined
# below.
# - MAIL_FILE defines the location of the users mail spool files as the
# fully-qualified filename obtained by prepending the user home
# directory before $MAIL_FILE
#
# NOTE: This is no more used for setting up users MAIL environment variable
# which is, starting from shadow 4.0.12-1 in Debian, entirely the
# job of the pam_mail PAM modules
# See default PAM configuration files provided for
# login, su, etc.
#
# This is a temporary situation: setting these variables will soon
# move to /etc/default/useradd and the variables will then be
# no more supported
MAIL_DIR /var/mail
#MAIL_FILE .mail
#
# Enable display of unknown usernames when login(1) failures are recorded.
#
# WARNING: Unknown usernames may become world readable.
# See #290803 and #298773 for details about how this could become a security
# concern
LOG_UNKFAIL_ENAB no
#
# Enable logging of successful logins
#
LOG_OK_LOGINS yes
#
# If defined, file which maps tty line to TERM environment parameter.
# Each line of the file is in a format similar to "vt100 tty01".
#
#TTYTYPE_FILE /etc/ttytype
#
# If defined, file which inhibits all the usual chatter during the login
# sequence. If a full pathname, then hushed mode will be enabled if the
# user's name or shell are found in the file. If not a full pathname, then
# hushed mode will be enabled if the file exists in the user's home directory.
#
HUSHLOGIN_FILE .hushlogin
#HUSHLOGIN_FILE /etc/hushlogins
#
# *REQUIRED* The default PATH settings, for superuser and normal users.
#
# (they are minimal, add the rest in the shell startup files)
ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
#
# Terminal permissions for terminals after login(1).
# These settings are ignored for remote and other logins.
#
# TTYGROUP Login tty will be assigned this group ownership.
# TTYPERM Login tty will be set to this permission.
#
#TTYGROUP tty
TTYPERM 0600
#
# Login configuration initializations:
#
# ERASECHAR Terminal ERASE character ('\010' = backspace).
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
#
# The ERASECHAR and KILLCHAR are used only on System V machines.
#
ERASECHAR 0177
KILLCHAR 025
# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new
# home directories.
HOME_MODE 0700
#
# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
#
# Min/max values for automatic uid selection in useradd(8)
#
UID_MIN 1000
UID_MAX 60000
# System accounts
#SYS_UID_MIN 101
#SYS_UID_MAX 999
# Extra per user uids
SUB_UID_MIN 100000
SUB_UID_MAX 600100000
SUB_UID_COUNT 65536
#
# Min/max values for automatic gid selection in groupadd(8)
#
GID_MIN 1000
GID_MAX 60000
# System accounts
#SYS_GID_MIN 101
#SYS_GID_MAX 999
# Extra per user group ids
SUB_GID_MIN 100000
SUB_GID_MAX 600100000
SUB_GID_COUNT 65536
#
# Max number of login(1) retries if password is bad
# This will most likely be overriden by PAM, since the default pam_unix module
# has it's own built in of 3 retries. However, this is a safe fallback in case
# you are using an authentication module that does not enforce PAM_MAXTRIES.
#
LOGIN_RETRIES 3
#
# Max time in seconds for login(1)
#
LOGIN_TIMEOUT 30
#
# Which fields may be changed by regular users using chfn(1) - use
# any combination of letters "frwh" (full name, room number, work
# phone, home phone). If not defined, no changes are allowed.
# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
#
CHFN_RESTRICT rwh
#
# If set to MD5, MD5-based algorithm will be used for encrypting password
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password
# If set to YESCRYPT, YESCRYPT-based algorithm will be used for encrypting password
# If set to DES, DES-based algorithm will be used for encrypting password (default)
# MD5 and DES should not be used for new hashes, see crypt(5) for recommendations.
# Overrides the MD5_CRYPT_ENAB option
#
# Note: It is recommended to use a value consistent with
# the PAM modules configuration.
#
ENCRYPT_METHOD YESCRYPT
#
# Should login be allowed if we can't cd to the home directory?
# Default is no.
#
DEFAULT_HOME yes
#
# The pwck(8) utility emits a warning for any system account with a home
# directory that does not exist. Some system accounts intentionally do
# not have a home directory. Such accounts may have this string as
# their home directory in /etc/passwd to avoid a spurious warning.
#
NONEXISTENT /nonexistent
#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD /usr/sbin/userdel_local
#
# If set to yes, userdel(8) will remove the user's group if it contains no more
# members, and useradd(8) will create by default a group with the name of the
# user.
#
# Other former uses of this variable are not used in PAM environments, such as
# Debian.
#
USERGROUPS_ENAB yes

1
etc/motd
View file

@ -1 +0,0 @@

1
etc/msmtp.aliases
View file

@ -1 +0,0 @@
default: sysadmin@slackware.uk

2
etc/msmtprc.gpg
View file

@ -1,2 +0,0 @@
Ś  
ËSč<EFBFBD>đH uńŇŔoě<>śĂ2Li6Ć0*ř„<E2809E>ę÷Č>,QD¸2fX~ŃUBŘ•“4ídîłw‡EŻ˛pâă®Ďi”n×ĐĹŘÍčéîú ˛`׎U7v<37>Ž…:ŘţOír\F¤(,7g€é^đjˇ\Čş^łáĽŇćxßš]ZŢJoÔpÇÜôĹ$»‰{N,Vđ­¨Oha~'eYꍣ¸CŹź<C5B9>"ţR­EĎ—äŢ-/ŃÝšH +Žc Ýđ@žo˝ŠĚw^<03>Ó2č^pú|dŮ+L1"Lx Ë0 —ŹîĽ^q‡žá”ŐÄ PőIŃSukóJ>´ˇ&<26>‰zoíošť¶ÍŇş¨ţŕ•R˛o8˝˙ŠvđŠgË̤jŻq55SˇęoT

6
etc/network/.gitignore vendored
View file

@ -1,6 +0,0 @@
/if-down.d/
/if-post-down.d/
/if-post-up.d/
/if-pre-down.d/
/if-pre-up.d/
/if-up.d/

3
etc/network/interfaces
View file

@ -1,3 +0,0 @@
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source /etc/network/interfaces.d/*

9
etc/network/interfaces.d/eth0
View file

@ -1,9 +0,0 @@
auto eth0
iface eth0 inet static
address 5.101.171.215/28
gateway 5.101.171.209
mtu 1500
iface eth0 inet6 static
address 2a01:a500:2981:1::d7/64
gateway 2a01:a500:2981:1:ff:ff:ff:ff
mtu 1500

4
etc/network/interfaces.d/eth1
View file

@ -1,4 +0,0 @@
auto eth1
iface eth1 inet static
address 10.254.0.215/24
mtu 1500

28
etc/passwd
View file

@ -1,28 +0,0 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
_apt:x:42:65534::/nonexistent:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-network:x:998:998:systemd Network Management:/:/usr/sbin/nologin
messagebus:x:997:997:System Message Bus:/nonexistent:/usr/sbin/nologin
systemd-resolve:x:996:996:systemd Resolver:/:/usr/sbin/nologin
polkitd:x:990:990:User for polkitd:/:/usr/sbin/nologin
sshd:x:989:65534:sshd user:/run/sshd:/usr/sbin/nologin
prometheus:x:100:103:Prometheus daemon:/var/lib/prometheus:/usr/sbin/nologin
uuidd:x:101:104::/run/uuidd:/usr/sbin/nologin
thb:x:500:500:terraform http backend:/var/lib/terraform-http-backend:/bin/bash
sysadmin:x:1000:100:Systems' Administrator:/home/sysadmin:/bin/bash
dhcpcd:x:102:65534:DHCP Client Daemon:/usr/lib/dhcpcd:/bin/false

3
etc/phpldapadmin/.gitignore vendored
View file

@ -1,3 +0,0 @@
/*
!/.gitignore
!/*.gpg

BIN
etc/phpldapadmin/config.php.gpg
View file

Binary file not shown.

581
etc/pkglist
View file

@ -1,581 +0,0 @@
adduser
apache2
apache2-bin
apache2-data
apache2-utils
apt
attr
autoconf
automake
autopoint
autotools-dev
base-files
base-passwd
bash
bash-completion
bind9-host
bind9-libs
binutils
binutils-common
binutils-x86-64-linux-gnu
bsd-mailx
bsdextrautils
bsdutils
build-essential
bzip2
ca-certificates
coreutils
cpp
cpp-14
cpp-14-x86-64-linux-gnu
cpp-x86-64-linux-gnu
cron
cron-daemon-common
cronutils
curl
dash
dbus
dbus-bin
dbus-daemon
dbus-session-bus-common
dbus-system-bus-common
dbus-user-session
debconf
debhelper
debian-archive-keyring
debianutils
dehydrated
dh-autoreconf
dh-strip-nondeterminism
dhcpcd-base
dialog
diffutils
dirmngr
distro-info-data
dpkg
dpkg-dev
dummy-default-mta
dwz
equivs
fakeroot
file
findutils
fontconfig-config
fonts-dejavu-core
fonts-dejavu-mono
fonts-droid-fallback
fonts-noto-mono
fonts-urw-base35
freeipmi-common
fusiondirectory
fusiondirectory-integrator
fusiondirectory-schema
fusiondirectory-smarty3-acl-render
fusiondirectory-theme-oxygen
fusiondirectory-tools
g++
g++-14
g++-14-x86-64-linux-gnu
g++-x86-64-linux-gnu
gcc
gcc-14
gcc-14-base
gcc-14-x86-64-linux-gnu
gcc-x86-64-linux-gnu
gettext
gettext-base
ghostscript
git
git-man
gnupg
gnupg-l10n
gnupg-utils
gpg
gpg-agent
gpg-wks-client
gpgconf
gpgsm
gpgv
grep
groff-base
gsasl-common
gzip
hicolor-icon-theme
hostname
ifupdown
imagemagick-7-common
init
init-system-helpers
intltool-debian
ipmitool
iproute2
iptables
iputils-ping
iso-codes
javascript-common
jq
kmod
krb5-config
krb5-locales
krb5-user
ldap-utils
less
libabsl20240722
libacl1
libalgorithm-diff-perl
libalgorithm-diff-xs-perl
libalgorithm-merge-perl
libaom3
libapache2-mod-php8.4
libapparmor1
libapr1t64
libaprutil1-dbd-sqlite3
libaprutil1-ldap
libaprutil1t64
libapt-pkg7.0
libarchive-cpio-perl
libarchive-zip-perl
libargon2-1
libasan8
libassuan9
libatomic1
libattr1
libaudit-common
libaudit1
libavahi-client3
libavahi-common-data
libavahi-common3
libavif16
libbinutils
libblkid1
libbpf1
libbrotli1
libbsd0
libbz2-1.0
libc-bin
libc-client2007e
libc-dev-bin
libc-l10n
libc6
libc6-dev
libcap-ng0
libcap2
libcap2-bin
libcbor0.10
libcc1-0
libcom-err2
libcrypt-dev
libcrypt1
libctf-nobfd0
libctf0
libcups2t64
libcurl3t64-gnutls
libcurl4t64
libdav1d7
libdb5.3t64
libdbus-1-3
libde265-0
libdebconfclient0
libdebhelper-perl
libdeflate0
libdialog15
libdpkg-perl
libduktape207
libedit2
libelf1t64
liberror-perl
libestr0
libexpat1
libfakeroot
libfastjson4
libffi8
libfftw3-double3
libfido2-1
libfile-fcntllock-perl
libfile-stripnondeterminism-perl
libfontconfig1
libfontenc1
libfreeipmi17
libfreetype6
libfstrm0
libgav1-1
libgcc-14-dev
libgcc-s1
libgcrypt20
libgd3
libgdbm-compat4t64
libgdbm6t64
libglib2.0-0t64
libglib2.0-data
libgmp10
libgnutls30t64
libgomp1
libgpg-error-l10n
libgpg-error0
libgpgme11t64
libgpm2
libgprofng0
libgs-common
libgs10
libgs10-common
libgsasl18
libgssapi-krb5-2
libgssglue1
libgssrpc4t64
libheif-plugin-aomenc
libheif-plugin-dav1d
libheif-plugin-libde265
libheif-plugin-x265
libheif1
libhogweed6t64
libhwasan0
libice6
libicu76
libidn12
libidn2-0
libijs-0.35
libimagequant0
libio-pty-perl
libip4tc2
libip6tc2
libipc-run-perl
libisl23
libitm1
libjansson4
libjbig0
libjbig2dec0
libjemalloc2
libjpeg62-turbo
libjq1
libjs-prototype
libjs-scriptaculous
libjson-c5
libk5crypto3
libkadm5clnt-mit12
libkadm5srv-mit12
libkdb5-10t64
libkeyutils1
libkmod2
libkrb5-3
libkrb5support0
libksba8
liblastlog2-2
liblcms2-2
libldap-common
libldap2
libldb2
liblerc4
liblmdb0
liblocale-gettext-perl
liblockfile-bin
liblockfile1
liblognorm5
liblqr-1-0
liblsan0
libltdl-dev
libltdl7
liblua5.4-0
liblz4-1
liblzma5
libmagic-mgc
libmagic1t64
libmagickcore-7.q16-10
libmagickwand-7.q16-10
libmail-sendmail-perl
libmaxminddb0
libmd0
libmnl0
libmount1
libmpc3
libmpfr6
libncurses6
libncursesw6
libnetfilter-conntrack3
libnettle8t64
libnfnetlink0
libnftables1
libnftnl11
libnghttp2-14
libnghttp3-9
libngtcp2-16
libngtcp2-crypto-gnutls8
libnpth0t64
libnss-systemd
libnss-winbind
libntlm0
libnuma1
libnvme1t64
libonig5
libopenipmi0t64
libopenjp2-7
libp11-kit0
libpam-cap
libpam-modules
libpam-modules-bin
libpam-runtime
libpam-systemd
libpam-winbind
libpam0g
libpaper-utils
libpaper2
libpci3
libpcre2-8-0
libperl5.40
libpipeline1
libpng16-16t64
libpolkit-agent-1-0
libpolkit-gobject-1-0
libpopt0
libproc2-0
libprotobuf-c1
libpsl5t64
libpython3-stdlib
libpython3.13
libpython3.13-minimal
libpython3.13-stdlib
libquadmath0
librav1e0.7
libraw23t64
libreadline8t64
librtmp1
libsasl2-2
libsasl2-modules
libsasl2-modules-db
libseccomp2
libsecret-1-0
libsecret-common
libselinux1
libsemanage-common
libsemanage2
libsensors-config
libsensors5
libsepol2
libsframe1
libsharpyuv0
libsm6
libsmartcols1
libsnmp-base
libsnmp40t64
libsodium23
libsqlite3-0
libss2
libssh2-1t64
libssl3t64
libstdc++-14-dev
libstdc++6
libsvtav1enc2
libsys-hostname-long-perl
libsystemd-shared
libsystemd0
libtalloc2
libtasn1-6
libtdb1
libtevent0t64
libtext-charwidth-perl
libtext-wrapi18n-perl
libtiff6
libtime-duration-perl
libtimedate-perl
libtinfo6
libtirpc-common
libtirpc3t64
libtool
libtsan2
libubsan1
libuchardet0
libudev1
libunistring5
liburcu8t64
liburing2
libuuid1
libuv1t64
libwbclient0
libwebp7
libwebpdemux2
libwebpmux3
libwrap0
libwtmpdb0
libx11-6
libx11-data
libx265-215
libxau6
libxcb1
libxdmcp6
libxext6
libxml2
libxpm4
libxslt1.1
libxt6t64
libxtables12
libxxhash0
libyaml-0-2
libyuv0
libzstd1
linux-libc-dev
linux-sysctl-defaults
locales
locales-all
login
login.defs
logrotate
lsb-release
lynx
lynx-common
m4
mailcap
make
man-db
manpages
manpages-dev
mawk
media-types
mlock
moreutils
mount
msmtp
nano
ncurses-base
ncurses-bin
ncurses-term
net-tools
netbase
nftables
nvme-cli
openipmi
openssh-client
openssh-server
openssh-sftp-server
openssl
openssl-provider-legacy
oxygen-icon-theme
passwd
patch
pci.ids
perl
perl-base
perl-modules-5.40
php
php-bcmath
php-bz2
php-cas
php-common
php-curl
php-fpdf
php-fpm
php-gd
php-gmp
php-intl
php-ldap
php-mbstring
php-sqlite3
php-xml
php-yaml
php8.4
php8.4-bcmath
php8.4-bz2
php8.4-cli
php8.4-common
php8.4-curl
php8.4-fpm
php8.4-gd
php8.4-gmp
php8.4-imagick
php8.4-imap
php8.4-intl
php8.4-ldap
php8.4-mbstring
php8.4-opcache
php8.4-readline
php8.4-sqlite3
php8.4-xml
php8.4-yaml
phpldapadmin
pinentry-curses
pkexec
po-debconf
polkitd
poppler-data
procps
prometheus-node-exporter
prometheus-node-exporter-collectors
psmisc
publicsuffix
python-apt-common
python3
python3-anyio
python3-apt
python3-bcrypt
python3-certifi
python3-cffi-backend
python3-click
python3-cryptography
python3-decorator
python3-dnspython
python3-gpg
python3-h11
python3-h2
python3-hpack
python3-httpcore
python3-httpx
python3-hyperframe
python3-idna
python3-ldb
python3-linkify-it
python3-markdown
python3-markdown-it
python3-mdurl
python3-minimal
python3-prometheus-client
python3-pygments
python3-rich
python3-samba
python3-sniffio
python3-talloc
python3-tdb
python3-uc-micro
python3-yaml
python3.13
python3.13-minimal
readline-common
rpcsvc-proto
rsyslog
runit-helper
samba
samba-ad-dc
samba-ad-provision
samba-common
samba-common-bin
samba-dsdb-modules
samba-libs
sed
sensible-utils
sgml-base
shared-mime-info
smarty-gettext
smarty3
sqv
sshguard
ssl-cert
sudo
systemd
systemd-resolved
systemd-sysv
sysvinit-utils
tar
tdb-tools
tzdata
ucf
udev
util-linux
uuid-runtime
vim
vim-common
vim-runtime
winbind
x11-common
xdg-user-dirs
xfonts-encodings
xfonts-utils
xml-core
xz-utils
zlib1g

BIN
etc/pla/config.php.gpg
View file

Binary file not shown.

3
etc/pushover-client/.gitignore vendored
View file

@ -1,3 +0,0 @@
/*
!/.gitignore
!/*.gpg

2
etc/pushover-client/default.gpg
View file

@ -1,2 +0,0 @@
Ś  
Şţ“MYQ-˙Ň›ěGR0J”‡ô¦Zý9€S\ĺPň¸ĂÚ(Ýr¬ŰvŻŇ“ §Ŕ˘<C594>Ď\Shą05!NÁŘťű´ů°ŚűoĂýĹpÄÇu ĂsKŻyŢ…I~ Üvš¦­ŁńÖ»h<C2BB>ŕ3>2=lđâ"ędŤĂę2F8t˘MiÝŃÚČ<>—äř"µ˝Qi31[,ŔN3ʞ᱉

6
etc/resolv.conf
View file

@ -1,6 +0,0 @@
options timeout:2
options edns0
search slackware.uk.net
nameserver 5.101.171.216
nameserver 5.101.171.217
nameserver 185.176.90.169

143
etc/rsyslog.conf
View file

@ -1,143 +0,0 @@
# Load modules.
module(load="imudp")
module(load="imtcp")
module(load="builtin:omfile" dirCreateMode="0750" dirOwnerNum="0" dirGroupNum="0" fileCreateMode="0640" fileOwnerNum="0" fileGroupNum="0" compression.driver="zstd")
# Global configuration.
global(
workDirectory="/var/lib/rsyslog"
#stdlog.channelspec="on"
maxMessageSize="16K"
senders.keepTrack="on"
senders.timeoutAfter="2419200"
senders.reportGoneAway="on"
senders.reportNew="on"
)
# Inputs.
input(type="imudp" port="25414" ruleset="syslog")
input(type="imudp" port="25415" ruleset="httplog")
input(type="imtcp" port="25414" ruleset="syslog")
# Rulesets.
ruleset(name="syslog") {
set $.host = tolower(field($hostname, ".", 1));
set $.domain = tolower(re_extract($hostname, '[^.]+\\.(.*)', 0, 1, "unknown_domain"));
if ($app-name != "") then {
set $.proc = $app-name;
if ($procid != "" and $procid != "-") then {
set $.proc = '[' & $procid & ']';
}
} else {
set $.proc = '-';
}
if ($msgid != "") then {
set $.id = $msgid;
} else {
set $.id = '-';
}
template(name="LogLineSingleHost" type="string" string="%timereported:::date-utc,date-rfc3339% %$.host% %pri-text% %$.proc% %$.id% :%msg:::sp-if-no-1st-sp%%msg:::escape-cc,drop-last-lf%\n")
template(name="LogLineAllHosts" type="string" string="%timereported:::date-utc,date-rfc3339% %hostname% %pri-text% %$.proc% %$.id% :%msg:::sp-if-no-1st-sp%%msg:::escape-cc,drop-last-lf%\n")
# FIXME: Log each facility to the AllHosts logs. Compression?
if prifilt("auth.*,authpriv.*") then {
action(type="omfile" file="/tmp/log/AllHosts/auth" template="LogLineAllHosts" zipLevel="6" asyncWriting="on" flushInterval="5" ioBufferSize="64k" )
} else if ... then {
template(name="LogFileeSingleHost" type="string" string="/tmp/logs/%$.host%/
%timereported:::date-utc,date-rfc3339% %$.host% %pri-text% %$.proc% %$.id% :%msg:::sp-if-no-1st-sp%%msg:::escape-cc,drop-last-lf%\n")
if prifilt("*.info") then {
action(type="omfile" file="/var/log/info.log")
}
}
#template(name="SyslogLineFormat" type="list") {
# property(name="timereported" dateFormat="rfc3339" caseConversion="lower") # Timestamp yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
# constant(value=" ")
# property(name="hostname") # Hostname
# constant(value=" ")
# property(name="syslogfacility") # Facility
# constant(value=".")
# property(name="syslogpriority") # Log priority
# constant(value=" ")
# property(name="syslogtag") # Syslog tag
# constant(value=": ")
# property(name="msg") # Message content
# constant(value="\n")
#}
#template(name="LogHostFile" type="string" string="/mnt/Data/logs/%HOSTNAME:::escape-cc,secpath-replace%/
#%TIMESTAMP:::date-utc,date-year%/%TIMESTAMP:::date-utc,date-month%/%TIMESTAMP:::date-utc,date-day%/
# %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n")
#template(name="LogAllHostsFile" type="string" string="/mnt/Data/logs/AllHosts/
#%TIMESTAMP:::date-utc,date-year%/%TIMESTAMP:::date-utc,date-month%/%TIMESTAMP:::date-utc,date-day%/
# %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n")
#VMWare: RFC 5424
# Parser.
#parser(
# name="FIXME"
# type="pmnormalize"
# rule=[
# "rule=:<%pri:number%> %fromhost-ip:ipv4% %hostname:word% %syslogtag:char-to:\\x3a%: %msg:rest%",
# "rule=:<%pri:number%> %hostname:word% %fromhost-ip:ipv4% %syslogtag:char-to:\\x3a%: %msg:rest%"
# ]
#)
# Rules
#ruleset(name="outp" parser="custom.pmnormalize") {
# action(type="omfile" File="/tmp/output")
#}
# Outputs.
action(type="omfile" file="/tmp/messages" template="LogLineSingleHost")
# Include additional configurations.
include(file="/etc/rsyslog.d/*.conf" mode="optional")
### Examples ####
# Send all logs to remote syslog via UDP.
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#*.* action(
# type="omfwd"
# target="192.168.0.1"
# port="514"
# protocol="udp"
# queue.filename="fwdRule1" # unique name prefix for spool files
# queue.type="LinkedList"
# queue.maxDiskSpace="256m"
# queue.saveOnShutdown="on"
# action.resumeRetryCount="-1"
# action.resumeInterval="30"
#)

45
etc/samba/smb.conf
View file

@ -1,45 +0,0 @@
[global]
realm = SLACKWARE.UK.NET
netbios name = CORE
workgroup = SLACKWAREUKNET
server string = "slackware.uk.net Domain Controller"
# FIXME:
# dns forwarder = 5.101.171.216 5.101.171.217 185.176.90.169
dns forwarder = 216.119.155.58 185.176.90.169
allow dns updates = no
tls cafile = /etc/ssl/certs/ca-certificates.crt
tls certfile = /etc/certificates/core.slackware.uk.net_cert.pem
tls keyfile = /etc/certificates/core.slackware.uk.net_key.pem
tls verify peer = ca_and_name_if_available
log level = 1
logging = syslog:local5
log file = /var/log/core.slackware.uk.net/today/samba/samba-debug
debug syslog format = always
debug hires timestamp = yes
enable core files = no
idmap config * : backend = tdb
# There are only 568 IDs mapped into the container by TrueNAS, so limit the number that can be used.
idmap config * : range = 10000-10500
idmap_ldb:use rfc2307 = yes
password hash userPassword schemes = CryptSHA512
server role = active directory domain controller
username map = /etc/samba/smbusers
vfs objects = dfs_samba4 posixacl acl_xattr
nfs4acl_xattr:encoding = nfs
nfs4acl_xattr:version = 41
nfs4acl_xattr:xattr_name = user.nfs4_acl
nfs4acl_xattr:default acl style = windows
acl_xattr:security_acl_name = user.NTACL
acl_xattr:default acl style = windows
# [homes]
# [printers]
[sysvol]
path = /var/lib/samba/sysvol
write list = @'Domain Admins@slackware.uk.net'
[netlogon]
path = /var/lib/samba/sysvol/slackware.uk.net/scripts
write list = @'Domain Admins@slackware.uk.net'

1
etc/samba/smbusers
View file

@ -1 +0,0 @@
root = Administrator

BIN
etc/shadow.gpg
View file

Binary file not shown.

4
etc/ssh/.gitignore vendored
View file

@ -1,4 +0,0 @@
/moduli
/sshd_config.d/
/ssh_config.d/
/ssh_host_*_key*

7
etc/ssh/ssh_config
View file

@ -1,7 +0,0 @@
Include /etc/ssh/ssh_config.d/*.conf
Host *
ControlPath ~/.ssh/%u@%l->%r@%h:%p
SendEnv LANG LC_*
VerifyHostKeyDNS yes
VisualHostKey yes

11
etc/ssh/sshd_config
View file

@ -1,11 +0,0 @@
Include /etc/ssh/sshd_config.d/*.conf
Port 25422
AcceptEnv LANG LC_*
LoginGraceTime 30
MaxStartups 5
PermitRootLogin prohibit-password
StreamLocalBindUnlink yes
Subsystem sftp internal-sftp
X11Forwarding no

54
etc/sshguard/sshguard.conf
View file

@ -1,54 +0,0 @@
#!/bin/sh
# sshguard.conf -- SSHGuard configuration
# Full path to backend executable (required, no default)
BACKEND="/usr/libexec/sshg-fw-iptables"
# Space-separated list of log files to monitor. (optional, no default)
FILES="/var/log/core.slackware.uk.net/auth"
# Shell command that provides logs on standard output. (optional, no default)
# Example 1: ssh and sendmail from systemd journal:
#LOGREADER="LANG=C /usr/bin/journalctl -afb -p info -n1 -t sshd -t sendmail -o cat"
# Example 2: ssh from os_log (macOS 10.12+)
#LOGREADER="/usr/bin/log stream --style syslog --predicate '(processImagePath contains \"sshd\")'"
# Block attackers when their cumulative attack score exceeds THRESHOLD.
# Most attacks have a score of 10. (optional, default 30)
THRESHOLD=10
# Block attackers for initially BLOCK_TIME seconds after exceeding THRESHOLD.
# Subsequent blocks increase by a factor of 1.5. (optional, default 120)
BLOCK_TIME=86400
# Remember potential attackers for up to DETECTION_TIME seconds before
# resetting their score. (optional, default 1800)
DETECTION_TIME=28800
# Size of IPv6 subnet to block. Defaults to a single address, CIDR notation. (optional, default to 128)
IPV6_SUBNET=128
# Size of IPv4 subnet to block. Defaults to a single address, CIDR notation. (optional, default to 32)
IPV4_SUBNET=32
# Full path to PID file (optional, no default)
PID_FILE=/run/sshguard.pid
# Colon-separated blacklist threshold and full path to blacklist file.
# (optional, no default)
BLACKLIST_FILE=10:/var/lib/sshguard/blacklist
# IP addresses listed in the WHITELIST_FILE are considered to be
# friendlies and will never be blocked.
WHITELIST_FILE=/etc/sshguard.whitelist
# If PARSER is unset, SSHGuard will use the installed sshg-parser as its
# parser. Setting PARSER overrides this, so that you can use your own parser.
#PARSER=
# Run POST_PARSER as a filter after the parser. POST_PARSER must read as input
# and produce as output lines in the format used by sshg-parser. This example
# implements primitive whitelisting, preventing sshg-blocker from seeing
# attacks from 1.2.3.4. Unlike whitelisting, attacks filtered by POST_PARSER
# are not logged by SSHGuard.
#POST_PARSER="grep -v 1.2.3.4"

Some files were not shown because too many files have changed in this diff Show more