Relocated some packages to repo 'config-files'
List of relocated subdirectories: base/centos-release-config base/dhcp-config base/dnsmasq-config base/haproxy-config base/initscripts-config base/lighttpd-config base/net-snmp-config base/openssh-config base/setup-config base/systemd-config config-files/audit-config config-files/docker-config config-files/io-scheduler config-files/iptables-config config-files/memcached-custom config-files/ntp-config config-files/pam-config config-files/rsync-config config-files/shadow-utils-config config-files/sudo-config config-files/syslog-ng-config config-files/util-linux-config filesystem/filesystem-scripts filesystem/iscsi-initiator-utils-config filesystem/nfs-utils-config ldap/openldap-config logging/logrotate-config networking/mellanox/mlx4-config networking/openvswitch-config Story: 2006166 Task: 35687 Depends-On: I665dc7fabbfffc798ad57843eb74dca16e7647a3 Change-Id: I3dc0fc9f88931c5e0963d00274408ff7a16fae3a Signed-off-by: Scott Little <scott.little@windriver.com> Depends-On: I761b0f76150881c765b70b2ccd255244c754bd5d
This commit is contained in:
parent
3637d66ae4
commit
e80813bb81
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=1
|
|
@ -1,48 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: centos-release-config
|
|
||||||
Name: centos-release-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: centos-release
|
|
||||||
Summary: package StarlingX configuration files of centos-release to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of centos-release to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
# Overwrite default issue files with cgcs related files.
|
|
||||||
install -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
install -m 0644 issue %{buildroot}%{_datadir}/starlingx/stx.issue
|
|
||||||
install -m 0644 issue.net %{buildroot}%{_datadir}/starlingx/stx.issue.net
|
|
||||||
sed -i -e "s/@PLATFORM_RELEASE@/%{platform_release}/g" \
|
|
||||||
%{buildroot}%{_datadir}/starlingx/stx.issue \
|
|
||||||
%{buildroot}%{_datadir}/starlingx/stx.issue.net
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
# Initial installation
|
|
||||||
cp -f %{_datadir}/starlingx/stx.issue %{_sysconfdir}/issue
|
|
||||||
cp -f %{_datadir}/starlingx/stx.issue.net %{_sysconfdir}/issue.net
|
|
||||||
chmod 644 %{_sysconfdir}/issue
|
|
||||||
chmod 644 %{_sysconfdir}/issue.net
|
|
||||||
fi
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root,-)
|
|
||||||
%{_datadir}/starlingx/stx.issue
|
|
||||||
%{_datadir}/starlingx/stx.issue.net
|
|
@ -1,22 +0,0 @@
|
|||||||
[H[2J
|
|
||||||
Release @PLATFORM_RELEASE@ \n \l
|
|
||||||
------------------------------------------------------------------------
|
|
||||||
W A R N I N G *** W A R N I N G *** W A R N I N G *** W A R N I N G ***
|
|
||||||
------------------------------------------------------------------------
|
|
||||||
THIS IS A PRIVATE COMPUTER SYSTEM.
|
|
||||||
This computer system including all related equipment, network devices
|
|
||||||
(specifically including Internet access), are provided only for authorized use.
|
|
||||||
All computer systems may be monitored for all lawful purposes, including to
|
|
||||||
ensure that their use is authorized, for management of the system, to
|
|
||||||
facilitate protection against unauthorized access, and to verify security
|
|
||||||
procedures, survivability and operational security. Monitoring includes active
|
|
||||||
attacks by authorized personnel and their entities to test or verify the
|
|
||||||
security of the system. During monitoring, information may be examined,
|
|
||||||
recorded, copied and used for authorized purposes. All information including
|
|
||||||
personal information, placed on or sent over this system may be monitored. Uses
|
|
||||||
of this system, authorized or unauthorized, constitutes consent to monitoring
|
|
||||||
of this system. Unauthorized use may subject you to criminal prosecution.
|
|
||||||
Evidence of any such unauthorized use collected during monitoring may be used
|
|
||||||
for administrative, criminal or other adverse action. Use of this system
|
|
||||||
constitutes consent to monitoring for these purposes.
|
|
||||||
|
|
@ -1,21 +0,0 @@
|
|||||||
Release @PLATFORM_RELEASE@
|
|
||||||
------------------------------------------------------------------------
|
|
||||||
W A R N I N G *** W A R N I N G *** W A R N I N G *** W A R N I N G ***
|
|
||||||
------------------------------------------------------------------------
|
|
||||||
THIS IS A PRIVATE COMPUTER SYSTEM.
|
|
||||||
This computer system including all related equipment, network devices
|
|
||||||
(specifically including Internet access), are provided only for authorized use.
|
|
||||||
All computer systems may be monitored for all lawful purposes, including to
|
|
||||||
ensure that their use is authorized, for management of the system, to
|
|
||||||
facilitate protection against unauthorized access, and to verify security
|
|
||||||
procedures, survivability and operational security. Monitoring includes active
|
|
||||||
attacks by authorized personnel and their entities to test or verify the
|
|
||||||
security of the system. During monitoring, information may be examined,
|
|
||||||
recorded, copied and used for authorized purposes. All information including
|
|
||||||
personal information, placed on or sent over this system may be monitored. Uses
|
|
||||||
of this system, authorized or unauthorized, constitutes consent to monitoring
|
|
||||||
of this system. Unauthorized use may subject you to criminal prosecution.
|
|
||||||
Evidence of any such unauthorized use collected during monitoring may be used
|
|
||||||
for administrative, criminal or other adverse action. Use of this system
|
|
||||||
constitutes consent to monitoring for these purposes.
|
|
||||||
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=2
|
|
@ -1,42 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
# Where dhcp configuration files are stored
|
|
||||||
%global dhcpconfdir %{_sysconfdir}/dhcp
|
|
||||||
|
|
||||||
Summary: dhcp-config
|
|
||||||
Name: dhcp-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: dhclient
|
|
||||||
Summary: package StarlingX configuration files of dhcp to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of dhcp to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d %{buildroot}%{dhcpconfdir}
|
|
||||||
%{__install} -p -m 0755 dhclient-enter-hooks %{buildroot}%{dhcpconfdir}/dhclient-enter-hooks
|
|
||||||
%{__install} -p -m 0644 dhclient.conf %{buildroot}%{dhcpconfdir}/dhclient.conf
|
|
||||||
ln -s %{dhcpconfdir}/dhclient-enter-hooks %{buildroot}%{_sysconfdir}/dhclient-enter-hooks
|
|
||||||
|
|
||||||
%post
|
|
||||||
|
|
||||||
%files
|
|
||||||
%config(noreplace) %{dhcpconfdir}/dhclient.conf
|
|
||||||
%{dhcpconfdir}/dhclient-enter-hooks
|
|
||||||
%{_sysconfdir}/dhclient-enter-hooks
|
|
@ -1,32 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
#
|
|
||||||
# /etc/dhclient-enter-hooks
|
|
||||||
#
|
|
||||||
# This file is sourced by /sbin/dhclient-script.
|
|
||||||
#
|
|
||||||
|
|
||||||
# Select wrs-install-uuid from ipv4 or ipv6
|
|
||||||
if [ -n "$new_dhcp6_wrs_install_uuid" ]; then
|
|
||||||
wrs_install_uuid=$new_dhcp6_wrs_install_uuid
|
|
||||||
else
|
|
||||||
wrs_install_uuid=$new_wrs_install_uuid
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Enforce wrs-install-uuid on management and infrastrucure interfaces
|
|
||||||
source /etc/platform/platform.conf
|
|
||||||
if [ -n "$wrs_install_uuid" ]; then
|
|
||||||
if [ "$nodetype" == "controller" ]; then
|
|
||||||
source /etc/build.info
|
|
||||||
file="/www/pages/feed/rel-$SW_VERSION/install_uuid"
|
|
||||||
INSTALL_UUID=$(cat "$file")
|
|
||||||
fi
|
|
||||||
if [ "$INSTALL_UUID" != "$wrs_install_uuid" ]; then
|
|
||||||
exit_status=1
|
|
||||||
fi
|
|
||||||
elif [ "$interface" == "$management_interface" -o \
|
|
||||||
"$interface" == "$infrastructure_interface" ]; then
|
|
||||||
if [ "$nodetype" != "controller" -o \
|
|
||||||
-e "/etc/platform/.initial_config_complete" ]; then
|
|
||||||
exit_status=1
|
|
||||||
fi
|
|
||||||
fi
|
|
@ -1,21 +0,0 @@
|
|||||||
# Default dhclient.conf file
|
|
||||||
#
|
|
||||||
option wrs-install-uuid code 224 = string;
|
|
||||||
option dhcp6.wrs-install-uuid code 224 = string;
|
|
||||||
request subnet-mask, broadcast-address, time-offset, routers,
|
|
||||||
domain-name, domain-name-servers, host-name,
|
|
||||||
interface-mtu, fqdn, dhcp6.fqdn, wrs-install-uuid,
|
|
||||||
dhcp6.wrs-install-uuid, netbios-name-servers, netbios-scope,
|
|
||||||
dhcp6.domain-name-servers;
|
|
||||||
|
|
||||||
timeout 30;
|
|
||||||
|
|
||||||
#Changed for CGCS to improve Dead office recovery (DOR behavior)
|
|
||||||
# retry: every 30 seconds
|
|
||||||
retry 5;
|
|
||||||
|
|
||||||
# By default, use a hardware address based client-id for both IPv4 and IPv6.
|
|
||||||
# We change this via puppet to ensure that interfaces that share the same MAC
|
|
||||||
# are not using the same client-id value.
|
|
||||||
send dhcp6.client-id = concat(00:03:00, hardware);
|
|
||||||
send dhcp-client-identifier = concat(00:03:00, hardware);
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=1
|
|
@ -1,35 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: dnsmasq-config
|
|
||||||
Name: dnsmasq-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: dnsmasq
|
|
||||||
Summary: package StarlingX configuration files of dnsmasq to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of dnsmasq to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
mkdir -p %{buildroot}%{_sysconfdir}/init.d
|
|
||||||
install -m 755 init %{buildroot}%{_sysconfdir}/init.d/dnsmasq
|
|
||||||
|
|
||||||
%post
|
|
||||||
|
|
||||||
%files
|
|
||||||
%{_sysconfdir}/init.d/dnsmasq
|
|
@ -1,59 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
if [ -f /etc/centos-release ]; then
|
|
||||||
DAEMON=/usr/sbin/dnsmasq
|
|
||||||
else
|
|
||||||
DAEMON=/usr/bin/dnsmasq
|
|
||||||
fi
|
|
||||||
NAME=dnsmasq
|
|
||||||
DESC="DNS forwarder and DHCP server"
|
|
||||||
PIDFILE="/var/run/dnsmasq.pid"
|
|
||||||
|
|
||||||
test -f $DAEMON || exit 0
|
|
||||||
|
|
||||||
case "$1" in
|
|
||||||
start)
|
|
||||||
echo -n "starting $DESC: $NAME... "
|
|
||||||
test -d /var/lib/misc/ || mkdir /var/lib/misc/
|
|
||||||
start-stop-daemon -S -x $DAEMON --pidfile $PIDFILE -- $ARGS
|
|
||||||
echo "done."
|
|
||||||
echo -n "Refresh hosts cache"
|
|
||||||
nscd -i hosts
|
|
||||||
echo "done."
|
|
||||||
;;
|
|
||||||
stop)
|
|
||||||
echo -n "stopping $DESC: $NAME... "
|
|
||||||
start-stop-daemon -K -x $DAEMON --pidfile $PIDFILE
|
|
||||||
rm -f $PIDFILE
|
|
||||||
echo "done."
|
|
||||||
;;
|
|
||||||
status)
|
|
||||||
echo -n "dnsmasq "
|
|
||||||
start-stop-daemon -q -K -t -x $DAEMON --pidfile $PIDFILE
|
|
||||||
RET=$?
|
|
||||||
if [ "$RET" = "0" ]; then
|
|
||||||
PID=`cat $PIDFILE`
|
|
||||||
echo "($PID) is running"
|
|
||||||
else
|
|
||||||
echo "is not running"
|
|
||||||
# For lsb compliance return 3 if process not running
|
|
||||||
exit 3
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
restart)
|
|
||||||
echo "restarting $DESC: $NAME... "
|
|
||||||
$0 stop
|
|
||||||
$0 start
|
|
||||||
echo "done."
|
|
||||||
;;
|
|
||||||
reload)
|
|
||||||
echo -n "reloading $DESC: $NAME... "
|
|
||||||
killall -HUP $(basename ${DAEMON})
|
|
||||||
echo "done."
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Usage: $0 {start|stop|status|restart|reload}"
|
|
||||||
exit 1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
exit 0
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=1
|
|
@ -1,49 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: haproxy-config
|
|
||||||
Name: haproxy-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: haproxy
|
|
||||||
Summary: package StarlingX configuration files of haproxy to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of haproxy to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d 755 %{buildroot}%{_sysconfdir}/haproxy/errors/
|
|
||||||
%{__install} -m 755 503.http %{buildroot}%{_sysconfdir}/haproxy/errors/503.http
|
|
||||||
|
|
||||||
%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system
|
|
||||||
%{__install} -m 644 haproxy.service %{buildroot}%{_sysconfdir}/systemd/system
|
|
||||||
|
|
||||||
mkdir -p %{_sysconfdir}/init.d
|
|
||||||
%{__install} -p -D -m 0755 haproxy.sh %{buildroot}%{_sysconfdir}/init.d/haproxy
|
|
||||||
|
|
||||||
%post
|
|
||||||
/bin/systemctl disable haproxy.service
|
|
||||||
if test -s %{_sysconfdir}/logrotate.d/haproxy ; then
|
|
||||||
echo '#See /etc/logrotate.d/syslog for haproxy rules' > %{_sysconfdir}/logrotate.d/haproxy
|
|
||||||
fi
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root,-)
|
|
||||||
%dir %{_sysconfdir}/haproxy/errors/
|
|
||||||
%{_sysconfdir}/haproxy/errors/*
|
|
||||||
%{_sysconfdir}/init.d/haproxy
|
|
||||||
%{_sysconfdir}/systemd/system/haproxy.service
|
|
@ -1,9 +0,0 @@
|
|||||||
HTTP/1.0 503 Service Unavailable
|
|
||||||
Cache-Control: no-cache
|
|
||||||
Connection: close
|
|
||||||
Content-Type: text/html
|
|
||||||
|
|
||||||
<html><body><h1>503 Service Unavailable</h1>
|
|
||||||
No server is available to handle this request.
|
|
||||||
</body></html>
|
|
||||||
|
|
@ -1,13 +0,0 @@
|
|||||||
[Unit]
|
|
||||||
Description=HAProxy Load Balancer
|
|
||||||
After=syslog.target network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
EnvironmentFile=/etc/sysconfig/haproxy
|
|
||||||
ExecStart=/etc/init.d/haproxy start
|
|
||||||
ExecStop=/etc/init.d/haproxy stop
|
|
||||||
ExecReload=/bin/kill -USR2 $MAINPID
|
|
||||||
KillMode=mixed
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,121 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
|
|
||||||
### BEGIN INIT INFO
|
|
||||||
# Provides: HA-Proxy
|
|
||||||
# Required-Start: networking
|
|
||||||
# Required-Stop: networking
|
|
||||||
# Default-Start: 2 3 4 5
|
|
||||||
# Default-Stop: 0 1 6
|
|
||||||
# Short-Description: HA-Proxy TCP/HTTP reverse proxy
|
|
||||||
# Description: HA-Proxy is a TCP/HTTP reverse proxy
|
|
||||||
### END INIT INFO
|
|
||||||
|
|
||||||
PATH=/sbin:/bin:/usr/sbin:/usr/bin
|
|
||||||
DAEMON=/usr/sbin/haproxy
|
|
||||||
NAME=haproxy
|
|
||||||
DESC="HA-Proxy TCP/HTTP reverse proxy"
|
|
||||||
PIDFILE="/var/run/$NAME.pid"
|
|
||||||
TPM_DATA_DIR="/var/run/TPM_haproxy/"
|
|
||||||
OPTS="-D -f /etc/haproxy/haproxy.cfg -p $PIDFILE"
|
|
||||||
RETVAL=0
|
|
||||||
|
|
||||||
# This is only needed till TPM In-Kernel
|
|
||||||
# ResourceMgr comes in
|
|
||||||
remove_TPM_transients () {
|
|
||||||
_HANDLES=`find $TPM_DATA_DIR -type f -name "hp*.bin" -printf "%f "`
|
|
||||||
for handle in $_HANDLES; do
|
|
||||||
handle_addr=`echo $handle | sed 's/hp\([0-9]*\)\.bin/\1/g'`
|
|
||||||
tss2_flushcontext -ha $handle_addr &> /dev/null
|
|
||||||
done
|
|
||||||
rm -f $TPM_DATA_DIR/*
|
|
||||||
}
|
|
||||||
|
|
||||||
start() {
|
|
||||||
if [ -e $PIDFILE ]; then
|
|
||||||
PIDDIR=/proc/$(cat $PIDFILE)
|
|
||||||
if [ -d $PIDDIR ]; then
|
|
||||||
echo "$DESC already running."
|
|
||||||
return
|
|
||||||
else
|
|
||||||
echo "Removing stale PID file $PIDFILE"
|
|
||||||
rm -f $PIDFILE
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
# TODO: This is a temporary workaround till
|
|
||||||
# we eventually add a resource manager for TPM
|
|
||||||
mkdir -p $TPM_DATA_DIR
|
|
||||||
|
|
||||||
echo -n "Starting $NAME: "
|
|
||||||
|
|
||||||
TPM_DATA_DIR=$TPM_DATA_DIR start-stop-daemon --start --pidfile $PIDFILE -x "$DAEMON" -- $OPTS
|
|
||||||
RETVAL=$?
|
|
||||||
if [ $RETVAL -eq 0 ]; then
|
|
||||||
echo "done."
|
|
||||||
else
|
|
||||||
remove_TPM_transients
|
|
||||||
echo "failed."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
stop() {
|
|
||||||
if [ ! -e $PIDFILE ]; then
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo -n "Stopping $DESC..."
|
|
||||||
|
|
||||||
start-stop-daemon --stop --quiet --retry 3 --oknodo --pidfile $PIDFILE -x "$DAEMON"
|
|
||||||
if [ -n "`pidof $DAEMON`" ] ; then
|
|
||||||
pkill -KILL -f $DAEMON
|
|
||||||
fi
|
|
||||||
echo "done."
|
|
||||||
rm -f $PIDFILE
|
|
||||||
rm -f /var/lock/subsys/$NAME
|
|
||||||
remove_TPM_transients
|
|
||||||
}
|
|
||||||
|
|
||||||
status() {
|
|
||||||
pid=`cat $PIDFILE 2>/dev/null`
|
|
||||||
if [ -n "$pid" ]; then
|
|
||||||
if ps -p $pid &>/dev/null ; then
|
|
||||||
echo "$DESC is running"
|
|
||||||
RETVAL=0
|
|
||||||
return
|
|
||||||
else
|
|
||||||
RETVAL=1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
echo "$DESC is not running"
|
|
||||||
RETVAL=1
|
|
||||||
}
|
|
||||||
|
|
||||||
check() {
|
|
||||||
/usr/sbin/$NAME -c -q -V -f /etc/$NAME/$NAME.cfg
|
|
||||||
}
|
|
||||||
|
|
||||||
# See how we were called.
|
|
||||||
case "$1" in
|
|
||||||
start)
|
|
||||||
start
|
|
||||||
;;
|
|
||||||
stop)
|
|
||||||
stop
|
|
||||||
;;
|
|
||||||
restart|force-reload|reload)
|
|
||||||
stop
|
|
||||||
start
|
|
||||||
;;
|
|
||||||
status)
|
|
||||||
status
|
|
||||||
;;
|
|
||||||
check)
|
|
||||||
check
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Usage: $0 {start|stop|force-reload|restart|reload|status|check}"
|
|
||||||
RETVAL=1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
exit $RETVAL
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,52 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: initscripts-config
|
|
||||||
Name: initscripts-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: %{_bindir}/systemctl
|
|
||||||
Requires: initscripts
|
|
||||||
Summary: package StarlingX configuration files of initscripts to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of initscripts to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d 644 %{buildroot}%{_datadir}/starlingx/
|
|
||||||
%{__install} -d 644 %{buildroot}%{_sysconfdir}/sysconfig
|
|
||||||
%{__install} -d 755 %{buildroot}%{_initddir}
|
|
||||||
%{__install} -d 644 %{buildroot}%{_unitdir}
|
|
||||||
|
|
||||||
%{__install} -m 644 sysctl.conf %{buildroot}%{_datadir}/starlingx/stx.sysctl.conf
|
|
||||||
%{__install} -m 644 sysconfig-network.conf %{buildroot}%{_sysconfdir}/sysconfig/network
|
|
||||||
%{__install} -m 755 mountnfs.sh %{buildroot}%{_initddir}/mountnfs
|
|
||||||
%{__install} -m 644 mountnfs.service %{buildroot}%{_unitdir}/mountnfs.service
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
# Initial installation
|
|
||||||
cp -f %{_datadir}/starlingx/stx.sysctl.conf %{_sysconfdir}/sysctl.conf
|
|
||||||
chmod 644 %{_sysconfdir}/sysctl.conf
|
|
||||||
fi
|
|
||||||
%{_bindir}/systemctl enable mountnfs.service > /dev/null 2>&1 || :
|
|
||||||
|
|
||||||
%files
|
|
||||||
%{_datadir}/starlingx/stx.sysctl.conf
|
|
||||||
%{_sysconfdir}/sysconfig/network
|
|
||||||
%{_initddir}/mountnfs
|
|
||||||
%{_unitdir}/mountnfs.service
|
|
@ -1,13 +0,0 @@
|
|||||||
[Unit]
|
|
||||||
Description=StarlingX Cloud Filesystem Auto-mounter
|
|
||||||
After=network.target nfscommon.service
|
|
||||||
Before=uexportfs.service
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=oneshot
|
|
||||||
RemainAfterExit=yes
|
|
||||||
ExecStart=/etc/init.d/mountnfs start
|
|
||||||
ExecStop=/etc/init.d/mountnfs stop
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,100 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
### BEGIN INIT INFO
|
|
||||||
# Provides: mountnfs
|
|
||||||
# Required-Start: $local_fs $network $rpcbind
|
|
||||||
# Required-Stop:
|
|
||||||
# Default-Start: S
|
|
||||||
# Default-Stop:
|
|
||||||
### END INIT INFO
|
|
||||||
|
|
||||||
# . /etc/default/rcS
|
|
||||||
|
|
||||||
if [ "$1" = "stop" ]; then
|
|
||||||
# Avoid mounting if we're shutting down
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
#
|
|
||||||
# Run in a subshell because of I/O redirection.
|
|
||||||
#
|
|
||||||
test -f /etc/fstab && (
|
|
||||||
|
|
||||||
#
|
|
||||||
# Read through fstab line by line. If it is NFS, set the flag
|
|
||||||
# for mounting NFS filesystems. If any NFS partition is found and it
|
|
||||||
# not mounted with the nolock option, we start the rpcbind.
|
|
||||||
#
|
|
||||||
rpcbind=no
|
|
||||||
mount_nfs=no
|
|
||||||
mount_smb=no
|
|
||||||
mount_ncp=no
|
|
||||||
mount_cifs=no
|
|
||||||
while read device mountpt fstype options; do
|
|
||||||
case "$device" in
|
|
||||||
""|\#*)
|
|
||||||
continue
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
case "$options" in
|
|
||||||
*noauto*)
|
|
||||||
continue
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
if test "$fstype" = nfs
|
|
||||||
then
|
|
||||||
mount_nfs=yes
|
|
||||||
case "$options" in
|
|
||||||
*nolock*)
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
rpcbind=yes
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
fi
|
|
||||||
if test "$fstype" = smbfs
|
|
||||||
then
|
|
||||||
mount_smb=yes
|
|
||||||
fi
|
|
||||||
if test "$fstype" = ncpfs
|
|
||||||
then
|
|
||||||
mount_ncp=yes
|
|
||||||
fi
|
|
||||||
if test "$fstype" = cifs
|
|
||||||
then
|
|
||||||
mount_cifs=yes
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
exec 0>&1
|
|
||||||
|
|
||||||
if test "$rpcbind" = yes; then
|
|
||||||
# WRL: Centos precheck: Dont start rpcbind in this init script.
|
|
||||||
# It is started by a systemd service file.
|
|
||||||
if test "/etc/centos-release" = no
|
|
||||||
then
|
|
||||||
if test -x /usr/sbin/rpcbind
|
|
||||||
then
|
|
||||||
service rpcbind status > /dev/null
|
|
||||||
if [ $? != 0 ]; then
|
|
||||||
echo -n "Starting rpcbind..."
|
|
||||||
start-stop-daemon --start --quiet --exec /usr/sbin/rpcbind
|
|
||||||
sleep 2
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test "$mount_nfs" = yes || test "$mount_smb" = yes || test "$mount_ncp" = yes || test "$mount_cifs" = yes; then
|
|
||||||
echo "Mounting remote filesystems..."
|
|
||||||
test "$mount_nfs" = yes && mount -a -t nfs
|
|
||||||
test "$mount_smb" = yes && mount -a -t smbfs
|
|
||||||
test "$mount_ncp" = yes && mount -a -t ncpfs
|
|
||||||
test "$mount_cifs" = yes && mount -a -t cifs
|
|
||||||
fi
|
|
||||||
|
|
||||||
) < /etc/fstab
|
|
||||||
|
|
||||||
: exit 0
|
|
||||||
|
|
@ -1 +0,0 @@
|
|||||||
ZEROCONF=yes
|
|
@ -1,87 +0,0 @@
|
|||||||
# This configuration file is taken from Debian.
|
|
||||||
#
|
|
||||||
# /etc/sysctl.conf - Configuration file for setting system variables
|
|
||||||
# See sysctl.conf (5) for information.
|
|
||||||
#
|
|
||||||
|
|
||||||
#kernel.domainname = example.com
|
|
||||||
|
|
||||||
# Uncomment the following to stop low-level messages on console
|
|
||||||
kernel.printk = 4 4 1 7
|
|
||||||
|
|
||||||
# Reboot X seconds after a kernel panic
|
|
||||||
kernel.panic = 5
|
|
||||||
|
|
||||||
##############################################################3
|
|
||||||
# Functions previously found in netbase
|
|
||||||
#
|
|
||||||
|
|
||||||
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
|
|
||||||
# Turn on Source Address Verification in all interfaces to
|
|
||||||
# prevent some spoofing attacks
|
|
||||||
net.ipv4.conf.default.rp_filter=1
|
|
||||||
net.ipv4.conf.all.rp_filter=1
|
|
||||||
|
|
||||||
# Uncomment the next line to enable TCP/IP SYN cookies
|
|
||||||
#net.ipv4.tcp_syncookies=1
|
|
||||||
|
|
||||||
# Uncomment the next line to enable packet forwarding for IPv4
|
|
||||||
#net.ipv4.ip_forward=1
|
|
||||||
|
|
||||||
# Uncomment the next line to enable packet forwarding for IPv6
|
|
||||||
#net.ipv6.conf.all.forwarding=1
|
|
||||||
|
|
||||||
|
|
||||||
###################################################################
|
|
||||||
# Additional settings - these settings can improve the network
|
|
||||||
# security of the host and prevent against some network attacks
|
|
||||||
# including spoofing attacks and man in the middle attacks through
|
|
||||||
# redirection. Some network environments, however, require that these
|
|
||||||
# settings are disabled so review and enable them as needed.
|
|
||||||
#
|
|
||||||
# Ignore ICMP broadcasts
|
|
||||||
#net.ipv4.icmp_echo_ignore_broadcasts = 1
|
|
||||||
#
|
|
||||||
# Ignore bogus ICMP errors
|
|
||||||
#net.ipv4.icmp_ignore_bogus_error_responses = 1
|
|
||||||
#
|
|
||||||
# Do not accept ICMP redirects (prevent MITM attacks)
|
|
||||||
#net.ipv4.conf.all.accept_redirects = 0
|
|
||||||
#net.ipv6.conf.all.accept_redirects = 0
|
|
||||||
# _or_
|
|
||||||
# Accept ICMP redirects only for gateways listed in our default
|
|
||||||
# gateway list (enabled by default)
|
|
||||||
# net.ipv4.conf.all.secure_redirects = 1
|
|
||||||
#
|
|
||||||
# Do not send ICMP redirects (we are not a router)
|
|
||||||
#net.ipv4.conf.all.send_redirects = 0
|
|
||||||
#
|
|
||||||
# Do not accept IP source route packets (we are not a router)
|
|
||||||
#net.ipv4.conf.all.accept_source_route = 0
|
|
||||||
#net.ipv6.conf.all.accept_source_route = 0
|
|
||||||
#
|
|
||||||
# Log Martian Packets
|
|
||||||
#net.ipv4.conf.all.log_martians = 1
|
|
||||||
#
|
|
||||||
|
|
||||||
#kernel.shmmax = 141762560
|
|
||||||
|
|
||||||
# Limit local port range
|
|
||||||
net.ipv4.ip_local_port_range = 49216 61000
|
|
||||||
net.ipv4.tcp_tw_reuse = 1
|
|
||||||
# Fix https://bugs.launchpad.net/starlingx/+bug/1817936
|
|
||||||
net.ipv4.tcp_tw_recycle = 1
|
|
||||||
# WRL
|
|
||||||
# set max socket memory ; default was 212992
|
|
||||||
net.core.rmem_max=425984
|
|
||||||
|
|
||||||
# WRS
|
|
||||||
# The following kernel parameters help alleviate some RabbitMQ
|
|
||||||
# connection issues. These values need to be set here to ensure sysinv-agent
|
|
||||||
# remains connected to rabbitmq. Sysinv-agent starts before packstack and the
|
|
||||||
# long default values allowed the connection to be lost for 2 hours.
|
|
||||||
# Note the ipv4 vlaues are also applied to ipv6 connections.
|
|
||||||
net.ipv4.tcp_keepalive_intvl = 1
|
|
||||||
net.ipv4.tcp_keepalive_probes = 5
|
|
||||||
net.ipv4.tcp_keepalive_time = 5
|
|
||||||
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=1
|
|
@ -1,69 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: StarlingX lighttpd Configuration File
|
|
||||||
Name: lighttpd-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: config-files
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
Requires: lighttpd
|
|
||||||
|
|
||||||
%define debug_package %{nil}
|
|
||||||
|
|
||||||
%description
|
|
||||||
StarlingX lighttpd configuration file
|
|
||||||
|
|
||||||
%prep
|
|
||||||
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
|
|
||||||
CONFDIR=%{buildroot}%{_sysconfdir}/lighttpd
|
|
||||||
ROOTDIR=%{buildroot}/www
|
|
||||||
|
|
||||||
install -d -m 1777 ${ROOTDIR}/tmp
|
|
||||||
install -d ${CONFDIR}/ssl
|
|
||||||
install -d ${ROOTDIR}/pages/dav
|
|
||||||
install -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
install -m640 lighttpd.conf %{buildroot}%{_datadir}/starlingx/lighttpd.conf
|
|
||||||
install -m755 lighttpd.init %{buildroot}%{_datadir}/starlingx/lighttpd.init
|
|
||||||
install -m644 lighttpd-inc.conf ${CONFDIR}/lighttpd-inc.conf
|
|
||||||
install -m644 index.html.lighttpd ${ROOTDIR}/pages/index.html
|
|
||||||
|
|
||||||
install -d %{buildroot}%{_sysconfdir}/logrotate.d
|
|
||||||
install -m644 lighttpd.logrotate %{buildroot}%{_datadir}/starlingx/lighttpd.logrotate
|
|
||||||
|
|
||||||
chmod 02770 %{buildroot}%{_sysconfdir}/lighttpd
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.conf %{_sysconfdir}/lighttpd/lighttpd.conf
|
|
||||||
chmod 640 %{_sysconfdir}/lighttpd/lighttpd.conf
|
|
||||||
cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.init %{_sysconfdir}/rc.d/init.d/lighttpd
|
|
||||||
chmod 755 %{_sysconfdir}/rc.d/init.d/lighttpd
|
|
||||||
cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.logrotate %{_sysconfdir}/logrotate.d/lighttpd
|
|
||||||
chmod 644 %{_sysconfdir}/logrotate.d/lighttpd
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root)
|
|
||||||
%license LICENSE
|
|
||||||
%{_datadir}/starlingx/lighttpd.conf
|
|
||||||
%{_datadir}/starlingx/lighttpd.logrotate
|
|
||||||
%{_datadir}/starlingx/lighttpd.init
|
|
||||||
%dir /www/pages/
|
|
||||||
/www/pages/*
|
|
||||||
%config(noreplace) %{_sysconfdir}/lighttpd/lighttpd-inc.conf
|
|
||||||
/www/pages/index.html
|
|
@ -1,202 +0,0 @@
|
|||||||
|
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
@ -1 +0,0 @@
|
|||||||
<html><body><h1>Welcome to StarlingX</h1></body></html>
|
|
@ -1,3 +0,0 @@
|
|||||||
# default management network access
|
|
||||||
var.management_ip_network = "127.0.0.1"
|
|
||||||
var.pxeboot_ip_network = ""
|
|
@ -1,365 +0,0 @@
|
|||||||
# lighttpd configuration file
|
|
||||||
#
|
|
||||||
# use it as a base for lighttpd 1.0.0 and above
|
|
||||||
#
|
|
||||||
# $Id: lighttpd.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $
|
|
||||||
|
|
||||||
############ Options you really have to take care of ####################
|
|
||||||
|
|
||||||
## modules to load
|
|
||||||
# at least mod_access and mod_accesslog should be loaded
|
|
||||||
# all other module should only be loaded if really neccesary
|
|
||||||
# - saves some time
|
|
||||||
# - saves memory
|
|
||||||
server.modules = (
|
|
||||||
# "mod_rewrite",
|
|
||||||
# "mod_redirect",
|
|
||||||
# "mod_alias",
|
|
||||||
"mod_access",
|
|
||||||
# "mod_cml",
|
|
||||||
# "mod_trigger_b4_dl",
|
|
||||||
# "mod_auth",
|
|
||||||
# "mod_status",
|
|
||||||
# "mod_setenv",
|
|
||||||
# "mod_fastcgi",
|
|
||||||
"mod_proxy",
|
|
||||||
# "mod_simple_vhost",
|
|
||||||
# "mod_evhost",
|
|
||||||
# "mod_userdir",
|
|
||||||
# "mod_cgi",
|
|
||||||
# "mod_compress",
|
|
||||||
# "mod_ssi",
|
|
||||||
# "mod_usertrack",
|
|
||||||
# "mod_expire",
|
|
||||||
# "mod_secdownload",
|
|
||||||
# "mod_rrdtool",
|
|
||||||
# "mod_webdav",
|
|
||||||
"mod_setenv",
|
|
||||||
"mod_accesslog" )
|
|
||||||
|
|
||||||
## a static document-root, for virtual-hosting take look at the
|
|
||||||
## server.virtual-* options
|
|
||||||
server.document-root = "/www/pages/"
|
|
||||||
|
|
||||||
## where to send error-messages to
|
|
||||||
server.errorlog = "/var/log/lighttpd-error.log"
|
|
||||||
|
|
||||||
# files to check for if .../ is requested
|
|
||||||
index-file.names = ( "index.php", "index.html",
|
|
||||||
"index.htm", "default.htm" )
|
|
||||||
|
|
||||||
## set the event-handler (read the performance section in the manual)
|
|
||||||
# server.event-handler = "freebsd-kqueue" # needed on OS X
|
|
||||||
|
|
||||||
# mimetype mapping
|
|
||||||
mimetype.assign = (
|
|
||||||
".pdf" => "application/pdf",
|
|
||||||
".sig" => "application/pgp-signature",
|
|
||||||
".spl" => "application/futuresplash",
|
|
||||||
".class" => "application/octet-stream",
|
|
||||||
".ps" => "application/postscript",
|
|
||||||
".torrent" => "application/x-bittorrent",
|
|
||||||
".dvi" => "application/x-dvi",
|
|
||||||
".gz" => "application/x-gzip",
|
|
||||||
".pac" => "application/x-ns-proxy-autoconfig",
|
|
||||||
".swf" => "application/x-shockwave-flash",
|
|
||||||
".tar.gz" => "application/x-tgz",
|
|
||||||
".tgz" => "application/x-tgz",
|
|
||||||
".tar" => "application/x-tar",
|
|
||||||
".zip" => "application/zip",
|
|
||||||
".mp3" => "audio/mpeg",
|
|
||||||
".m3u" => "audio/x-mpegurl",
|
|
||||||
".wma" => "audio/x-ms-wma",
|
|
||||||
".wax" => "audio/x-ms-wax",
|
|
||||||
".ogg" => "application/ogg",
|
|
||||||
".wav" => "audio/x-wav",
|
|
||||||
".gif" => "image/gif",
|
|
||||||
".jpg" => "image/jpeg",
|
|
||||||
".jpeg" => "image/jpeg",
|
|
||||||
".png" => "image/png",
|
|
||||||
".svg" => "image/svg+xml",
|
|
||||||
".xbm" => "image/x-xbitmap",
|
|
||||||
".xpm" => "image/x-xpixmap",
|
|
||||||
".xwd" => "image/x-xwindowdump",
|
|
||||||
".css" => "text/css",
|
|
||||||
".html" => "text/html",
|
|
||||||
".htm" => "text/html",
|
|
||||||
".js" => "text/javascript",
|
|
||||||
".asc" => "text/plain",
|
|
||||||
".c" => "text/plain",
|
|
||||||
".cpp" => "text/plain",
|
|
||||||
".log" => "text/plain",
|
|
||||||
".conf" => "text/plain",
|
|
||||||
".text" => "text/plain",
|
|
||||||
".txt" => "text/plain",
|
|
||||||
".dtd" => "text/xml",
|
|
||||||
".xml" => "text/xml",
|
|
||||||
".mpeg" => "video/mpeg",
|
|
||||||
".mpg" => "video/mpeg",
|
|
||||||
".mov" => "video/quicktime",
|
|
||||||
".qt" => "video/quicktime",
|
|
||||||
".avi" => "video/x-msvideo",
|
|
||||||
".asf" => "video/x-ms-asf",
|
|
||||||
".asx" => "video/x-ms-asf",
|
|
||||||
".wmv" => "video/x-ms-wmv",
|
|
||||||
".bz2" => "application/x-bzip",
|
|
||||||
".tbz" => "application/x-bzip-compressed-tar",
|
|
||||||
".tar.bz2" => "application/x-bzip-compressed-tar",
|
|
||||||
".rpm" => "application/x-rpm",
|
|
||||||
".cfg" => "text/plain"
|
|
||||||
)
|
|
||||||
|
|
||||||
# Use the "Content-Type" extended attribute to obtain mime type if possible
|
|
||||||
#mimetype.use-xattr = "enable"
|
|
||||||
|
|
||||||
|
|
||||||
## send a different Server: header
|
|
||||||
## be nice and keep it at lighttpd
|
|
||||||
# server.tag = "lighttpd"
|
|
||||||
|
|
||||||
#### accesslog module
|
|
||||||
accesslog.filename = "/var/log/lighttpd-access.log"
|
|
||||||
|
|
||||||
|
|
||||||
## deny access the file-extensions
|
|
||||||
#
|
|
||||||
# ~ is for backupfiles from vi, emacs, joe, ...
|
|
||||||
# .inc is often used for code includes which should in general not be part
|
|
||||||
# of the document-root
|
|
||||||
url.access-deny = ( "~", ".inc" )
|
|
||||||
|
|
||||||
$HTTP["url"] =~ "\.pdf$" {
|
|
||||||
server.range-requests = "disable"
|
|
||||||
}
|
|
||||||
|
|
||||||
##
|
|
||||||
# which extensions should not be handle via static-file transfer
|
|
||||||
#
|
|
||||||
# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
|
|
||||||
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
|
|
||||||
|
|
||||||
######### Options that are good to be but not neccesary to be changed #######
|
|
||||||
|
|
||||||
## bind to port 8080
|
|
||||||
server.port = 8080
|
|
||||||
|
|
||||||
## bind to localhost (default: all interfaces)
|
|
||||||
#server.bind = "grisu.home.kneschke.de"
|
|
||||||
|
|
||||||
## error-handler for status 404
|
|
||||||
#server.error-handler-404 = "/error-handler.html"
|
|
||||||
#server.error-handler-404 = "/error-handler.php"
|
|
||||||
|
|
||||||
## to help the rc.scripts
|
|
||||||
server.pid-file = "/var/run/lighttpd.pid"
|
|
||||||
|
|
||||||
|
|
||||||
###### virtual hosts
|
|
||||||
##
|
|
||||||
## If you want name-based virtual hosting add the next three settings and load
|
|
||||||
## mod_simple_vhost
|
|
||||||
##
|
|
||||||
## document-root =
|
|
||||||
## virtual-server-root + virtual-server-default-host + virtual-server-docroot
|
|
||||||
## or
|
|
||||||
## virtual-server-root + http-host + virtual-server-docroot
|
|
||||||
##
|
|
||||||
#simple-vhost.server-root = "/home/weigon/wwwroot/servers/"
|
|
||||||
#simple-vhost.default-host = "grisu.home.kneschke.de"
|
|
||||||
#simple-vhost.document-root = "/pages/"
|
|
||||||
|
|
||||||
|
|
||||||
##
|
|
||||||
## Format: <errorfile-prefix><status-code>.html
|
|
||||||
## -> ..../status-404.html for 'File not found'
|
|
||||||
#server.errorfile-prefix = "/home/weigon/projects/lighttpd/doc/status-"
|
|
||||||
|
|
||||||
## virtual directory listings
|
|
||||||
##
|
|
||||||
## disabled as per Nessus scan CVE: 5.0 40984
|
|
||||||
## Please do NOT enable as this is a security
|
|
||||||
## vulnerability. If you want dir listing for
|
|
||||||
## our dir path then a) either add a dir index (index.html)
|
|
||||||
## file within your dir path, or b) add your path as an exception
|
|
||||||
## rule (see the one for feeds/ dir below)
|
|
||||||
dir-listing.activate = "disable"
|
|
||||||
|
|
||||||
## enable debugging
|
|
||||||
#debug.log-request-header = "enable"
|
|
||||||
#debug.log-response-header = "enable"
|
|
||||||
#debug.log-request-handling = "enable"
|
|
||||||
#debug.log-file-not-found = "enable"
|
|
||||||
|
|
||||||
### only root can use these options
|
|
||||||
#
|
|
||||||
# chroot() to directory (default: no chroot() )
|
|
||||||
#server.chroot = "/"
|
|
||||||
|
|
||||||
## change uid to <uid> (default: don't care)
|
|
||||||
#server.username = "wwwrun"
|
|
||||||
|
|
||||||
## change uid to <uid> (default: don't care)
|
|
||||||
#server.groupname = "wwwrun"
|
|
||||||
|
|
||||||
## defaults to /var/tmp
|
|
||||||
server.upload-dirs = ( "/tmp" )
|
|
||||||
|
|
||||||
## change max-keep-alive-idle (default: 5 secs)
|
|
||||||
#server.max-keep-alive-idle = 5
|
|
||||||
|
|
||||||
#### compress module
|
|
||||||
#compress.cache-dir = "/tmp/lighttpd/cache/compress/"
|
|
||||||
#compress.filetype = ("text/plain", "text/html")
|
|
||||||
|
|
||||||
#### proxy module
|
|
||||||
## read proxy.txt for more info
|
|
||||||
|
|
||||||
# Proxy all non-static content to the local horizon dashboard
|
|
||||||
$HTTP["url"] !~ "^/(rel-[^/]*|feed|updates|static)/" {
|
|
||||||
proxy.server = ( "" =>
|
|
||||||
( "localhost" =>
|
|
||||||
(
|
|
||||||
"host" => "127.0.0.1",
|
|
||||||
"port" => 8008
|
|
||||||
)
|
|
||||||
)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
#### fastcgi module
|
|
||||||
## read fastcgi.txt for more info
|
|
||||||
## for PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini
|
|
||||||
#fastcgi.server = ( ".php" =>
|
|
||||||
# ( "localhost" =>
|
|
||||||
# (
|
|
||||||
# "socket" => "/tmp/php-fastcgi.socket",
|
|
||||||
# "bin-path" => "/usr/local/bin/php"
|
|
||||||
# )
|
|
||||||
# )
|
|
||||||
# )
|
|
||||||
|
|
||||||
#### CGI module
|
|
||||||
#cgi.assign = ( ".pl" => "/usr/bin/perl",
|
|
||||||
# ".cgi" => "/usr/bin/perl" )
|
|
||||||
#
|
|
||||||
|
|
||||||
#### Listen to IPv6
|
|
||||||
$SERVER["socket"] == "[::]:8080" { }
|
|
||||||
|
|
||||||
#### status module
|
|
||||||
#status.status-url = "/server-status"
|
|
||||||
#status.config-url = "/server-config"
|
|
||||||
|
|
||||||
#### auth module
|
|
||||||
## read authentication.txt for more info
|
|
||||||
#auth.backend = "plain"
|
|
||||||
#auth.backend.plain.userfile = "lighttpd.user"
|
|
||||||
#auth.backend.plain.groupfile = "lighttpd.group"
|
|
||||||
|
|
||||||
#auth.backend.ldap.hostname = "localhost"
|
|
||||||
#auth.backend.ldap.base-dn = "dc=my-domain,dc=com"
|
|
||||||
#auth.backend.ldap.filter = "(uid=$)"
|
|
||||||
|
|
||||||
#auth.require = ( "/server-status" =>
|
|
||||||
# (
|
|
||||||
# "method" => "digest",
|
|
||||||
# "realm" => "download archiv",
|
|
||||||
# "require" => "user=jan"
|
|
||||||
# ),
|
|
||||||
# "/server-config" =>
|
|
||||||
# (
|
|
||||||
# "method" => "digest",
|
|
||||||
# "realm" => "download archiv",
|
|
||||||
# "require" => "valid-user"
|
|
||||||
# )
|
|
||||||
# )
|
|
||||||
|
|
||||||
#### url handling modules (rewrite, redirect, access)
|
|
||||||
#url.rewrite = ( "^/$" => "/server-status" )
|
|
||||||
#url.redirect = ( "^/wishlist/(.+)" => "http://www.123.org/$1" )
|
|
||||||
|
|
||||||
#### both rewrite/redirect support back reference to regex conditional using %n
|
|
||||||
#$HTTP["host"] =~ "^www\.(.*)" {
|
|
||||||
# url.redirect = ( "^/(.*)" => "http://%1/$1" )
|
|
||||||
#}
|
|
||||||
|
|
||||||
#
|
|
||||||
# define a pattern for the host url finding
|
|
||||||
# %% => % sign
|
|
||||||
# %0 => domain name + tld
|
|
||||||
# %1 => tld
|
|
||||||
# %2 => domain name without tld
|
|
||||||
# %3 => subdomain 1 name
|
|
||||||
# %4 => subdomain 2 name
|
|
||||||
#
|
|
||||||
#evhost.path-pattern = "/home/storage/dev/www/%3/htdocs/"
|
|
||||||
|
|
||||||
#### expire module
|
|
||||||
#expire.url = ( "/buggy/" => "access 2 hours", "/asdhas/" => "access plus 1 seconds 2 minutes")
|
|
||||||
|
|
||||||
#### ssi
|
|
||||||
#ssi.extension = ( ".shtml" )
|
|
||||||
|
|
||||||
#### rrdtool
|
|
||||||
#rrdtool.binary = "/usr/bin/rrdtool"
|
|
||||||
#rrdtool.db-name = "/var/www/lighttpd.rrd"
|
|
||||||
|
|
||||||
#### setenv
|
|
||||||
#setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" )
|
|
||||||
#setenv.add-response-header = ( "X-Secret-Message" => "42" )
|
|
||||||
|
|
||||||
## for mod_trigger_b4_dl
|
|
||||||
# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db"
|
|
||||||
# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" )
|
|
||||||
# trigger-before-download.trigger-url = "^/trigger/"
|
|
||||||
# trigger-before-download.download-url = "^/download/"
|
|
||||||
# trigger-before-download.deny-url = "http://127.0.0.1/index.html"
|
|
||||||
# trigger-before-download.trigger-timeout = 10
|
|
||||||
|
|
||||||
## for mod_cml
|
|
||||||
## don't forget to add index.cml to server.indexfiles
|
|
||||||
# cml.extension = ".cml"
|
|
||||||
# cml.memcache-hosts = ( "127.0.0.1:11211" )
|
|
||||||
|
|
||||||
#### variable usage:
|
|
||||||
## variable name without "." is auto prefixed by "var." and becomes "var.bar"
|
|
||||||
#bar = 1
|
|
||||||
#var.mystring = "foo"
|
|
||||||
|
|
||||||
## integer add
|
|
||||||
#bar += 1
|
|
||||||
## string concat, with integer cast as string, result: "www.foo1.com"
|
|
||||||
#server.name = "www." + mystring + var.bar + ".com"
|
|
||||||
## array merge
|
|
||||||
#index-file.names = (foo + ".php") + index-file.names
|
|
||||||
#index-file.names += (foo + ".php")
|
|
||||||
|
|
||||||
#### include
|
|
||||||
#include /etc/lighttpd/lighttpd-inc.conf
|
|
||||||
## same as above if you run: "lighttpd -f /etc/lighttpd/lighttpd.conf"
|
|
||||||
#include "lighttpd-inc.conf"
|
|
||||||
|
|
||||||
#### include_shell
|
|
||||||
#include_shell "echo var.a=1"
|
|
||||||
## the above is same as:
|
|
||||||
#var.a=1
|
|
||||||
|
|
||||||
# deny access to feed directories for external connections.
|
|
||||||
# Only enable access to dir listing for feed directory if on internal network
|
|
||||||
# (i.e. mgmt or pxeboot networks)
|
|
||||||
include "/etc/lighttpd/lighttpd-inc.conf"
|
|
||||||
$HTTP["remoteip"] != "127.0.0.1" {
|
|
||||||
$HTTP["url"] =~ "^/(rel-[^/]*|feed|updates)/" {
|
|
||||||
dir-listing.activate = "enable"
|
|
||||||
}
|
|
||||||
$HTTP["remoteip"] != var.management_ip_network {
|
|
||||||
$HTTP["remoteip"] != var.pxeboot_ip_network {
|
|
||||||
$HTTP["url"] =~ "^/(rel-[^/]*|feed|updates)/" {
|
|
||||||
url.access-deny = ( "" )
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$HTTP["scheme"] == "https" {
|
|
||||||
setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=63072000; includeSubdomains; ")
|
|
||||||
}
|
|
@ -1,124 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
|
|
||||||
### BEGIN INIT INFO
|
|
||||||
# Provides: Web Server
|
|
||||||
# Required-Start: networking
|
|
||||||
# Required-Stop: networking
|
|
||||||
# Default-Start: 2 3 4 5
|
|
||||||
# Default-Stop: 0 1 6
|
|
||||||
# Short-Description: Lighttpd Web Server
|
|
||||||
# Description: Web service to serve static files and proxy
|
|
||||||
### END INIT INFO
|
|
||||||
|
|
||||||
PATH=/sbin:/bin:/usr/sbin:/usr/bin
|
|
||||||
DAEMON=/usr/sbin/lighttpd
|
|
||||||
NAME=lighttpd
|
|
||||||
DESC="Lighttpd Web Server"
|
|
||||||
OPTS="-f /etc/lighttpd/lighttpd.conf"
|
|
||||||
PIDFILE="/var/run/$NAME.pid"
|
|
||||||
PORT="80"
|
|
||||||
|
|
||||||
start()
|
|
||||||
{
|
|
||||||
|
|
||||||
if lsof -t -i:${PORT} 1> /dev/null 2>&1; then
|
|
||||||
kill $(lsof -t -i:${PORT}) > /dev/null 2>&1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -e $PIDFILE ]; then
|
|
||||||
PIDDIR=/proc/$(cat $PIDFILE)
|
|
||||||
if [ -d ${PIDDIR} ]; then
|
|
||||||
echo "$DESC already running."
|
|
||||||
return
|
|
||||||
else
|
|
||||||
echo "Removing stale PID file $PIDFILE"
|
|
||||||
rm -f $PIDFILE
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo -n "Checking scratch filesystem..."
|
|
||||||
let -i COUNT=0
|
|
||||||
while [ ! -e /scratch ]
|
|
||||||
do
|
|
||||||
if [ $COUNT -ge 15 ]
|
|
||||||
then
|
|
||||||
echo "failed to find /scratch."
|
|
||||||
exit -1
|
|
||||||
fi
|
|
||||||
let COUNT=COUNT+1
|
|
||||||
sleep 1
|
|
||||||
done
|
|
||||||
|
|
||||||
echo -n "Mounting scratch filesystem to chroot tmp..."
|
|
||||||
umount /www/tmp >& /dev/null
|
|
||||||
rm -r /scratch/lighttpd >& /dev/null
|
|
||||||
mkdir -p /scratch/lighttpd
|
|
||||||
mount --bind /scratch/lighttpd /www/tmp/
|
|
||||||
chown www /www/tmp/
|
|
||||||
|
|
||||||
echo -n "Starting $DESC..."
|
|
||||||
|
|
||||||
start-stop-daemon --start --pidfile ${PIDFILE} -x "$DAEMON" -- $OPTS
|
|
||||||
RETVAL=$?
|
|
||||||
if [ $RETVAL -eq 0 ]; then
|
|
||||||
echo "done."
|
|
||||||
else
|
|
||||||
echo "failed."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
stop()
|
|
||||||
{
|
|
||||||
if [ ! -e $PIDFILE ]; then return; fi
|
|
||||||
|
|
||||||
echo -n "Stopping $DESC..."
|
|
||||||
|
|
||||||
start-stop-daemon --stop --quiet --pidfile ${PIDFILE} -x "$DAEMON"
|
|
||||||
RETVAL=$?
|
|
||||||
if [ $RETVAL -eq 0 ]; then
|
|
||||||
echo "done."
|
|
||||||
else
|
|
||||||
echo "failed."
|
|
||||||
fi
|
|
||||||
rm -f $PIDFILE
|
|
||||||
echo -n "Unmounting scratch filesystem from chroot tmp..."
|
|
||||||
umount /www/tmp
|
|
||||||
}
|
|
||||||
|
|
||||||
status()
|
|
||||||
{
|
|
||||||
pid=`cat $PIDFILE 2>/dev/null`
|
|
||||||
if [ -n "$pid" ]; then
|
|
||||||
if ps -p $pid &>/dev/null ; then
|
|
||||||
echo "$DESC is running"
|
|
||||||
RETVAL=0
|
|
||||||
return
|
|
||||||
else
|
|
||||||
RETVAL=1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
echo "$DESC is not running"
|
|
||||||
RETVAL=3
|
|
||||||
}
|
|
||||||
|
|
||||||
case "$1" in
|
|
||||||
start)
|
|
||||||
start
|
|
||||||
;;
|
|
||||||
stop)
|
|
||||||
stop
|
|
||||||
;;
|
|
||||||
restart|force-reload|reload)
|
|
||||||
stop
|
|
||||||
start
|
|
||||||
;;
|
|
||||||
status)
|
|
||||||
status
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Usage: $0 {start|stop|force-reload|restart|reload|status}"
|
|
||||||
RETVAL=1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
exit $RETVAL
|
|
@ -1,14 +0,0 @@
|
|||||||
/var/log/lighttpd-access.log
|
|
||||||
/var/log/lighttpd-error.log
|
|
||||||
/www/var/log/lighttpd-access.log
|
|
||||||
/www/var/log/lighttpd-error.log {
|
|
||||||
nodateext
|
|
||||||
size 10M
|
|
||||||
start 1
|
|
||||||
rotate 10
|
|
||||||
missingok
|
|
||||||
notifempty
|
|
||||||
compress
|
|
||||||
delaycompress
|
|
||||||
copytruncate
|
|
||||||
}
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,53 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: net-snmp-config
|
|
||||||
Name: net-snmp-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: net-snmp
|
|
||||||
Summary: package StarlingX configuration files of net-snmp to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of net-snmp to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
%{__install} -d %{buildroot}%{_datadir}/snmp
|
|
||||||
%{__install} -d %{buildroot}%{_initrddir}
|
|
||||||
%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system
|
|
||||||
|
|
||||||
%{__install} -m 644 stx.snmpd.conf %{buildroot}%{_datadir}/starlingx/stx.snmpd.conf
|
|
||||||
%{__install} -m 755 stx.snmpd %{buildroot}%{_initddir}/snmpd
|
|
||||||
%{__install} -m 660 stx.snmp.conf %{buildroot}%{_datadir}/snmp/snmp.conf
|
|
||||||
%{__install} -m 644 snmpd.service %{buildroot}%{_sysconfdir}/systemd/system/snmpd.service
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
# Initial installation
|
|
||||||
cp -f %{_datadir}/starlingx/stx.snmpd.conf %{_sysconfdir}/snmp/snmpd.conf
|
|
||||||
chmod 640 %{_sysconfdir}/snmp/snmpd.conf
|
|
||||||
chmod 640 %{_sysconfdir}/snmp/snmptrapd.conf
|
|
||||||
fi
|
|
||||||
%{_bindir}/systemctl disable snmpd.service
|
|
||||||
|
|
||||||
%files
|
|
||||||
%{_datadir}/starlingx/stx.snmpd.conf
|
|
||||||
%{_initddir}/snmpd
|
|
||||||
%config(noreplace) %attr(0660,snmpd,snmpd) %{_datadir}/snmp/snmp.conf
|
|
||||||
%{_sysconfdir}/systemd/system/snmpd.service
|
|
||||||
|
|
@ -1,14 +0,0 @@
|
|||||||
[Unit]
|
|
||||||
Description=Simple Network Management Protocol (SNMP) Daemon.
|
|
||||||
After=syslog.target network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=notify
|
|
||||||
Environment=OPTIONS="oamcontroller -u snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid"
|
|
||||||
EnvironmentFile=-/etc/sysconfig/snmpd
|
|
||||||
ExecStart=/etc/init.d/snmpd start
|
|
||||||
ExecStop=/etc/init.d/snmpd stop
|
|
||||||
ExecReload=/bin/kill -HUP $MAINPID
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,4 +0,0 @@
|
|||||||
# Configuration file for the Net-SNMP applications
|
|
||||||
|
|
||||||
# Specifies the source address to be used by snmptrap application when sending SNMP traps
|
|
||||||
clientaddr oamcontroller
|
|
@ -1,95 +0,0 @@
|
|||||||
#! /bin/sh
|
|
||||||
# /etc/init.d/snmpd: start snmp daemon.
|
|
||||||
. /etc/init.d/functions
|
|
||||||
|
|
||||||
# Linux Standard Base (LSB) Error Codes
|
|
||||||
RETVAL=0
|
|
||||||
GENERIC_ERROR=1
|
|
||||||
INVALID_ARGS=2
|
|
||||||
NOT_RUNNING=3
|
|
||||||
NOT_INSTALLED=5
|
|
||||||
|
|
||||||
#set environment variables
|
|
||||||
export SNMPCONFPATH=/etc/snmp
|
|
||||||
export MIBDIRS=/usr/share/snmp/mibs
|
|
||||||
|
|
||||||
SNMPDOPTS='oamcontroller -u snmpd -LS6d -Lf /dev/null -p /var/run/snmpd.pid'
|
|
||||||
PIDFILE=/var/run/snmpd.pid
|
|
||||||
SNMPTRAPDCONFIG=${SNMPCONFPATH}/snmpdtrapd.conf
|
|
||||||
SNMPDCONFIG=${SNMPCONFPATH}/snmpd.conf
|
|
||||||
SNMPDNAME=snmpd
|
|
||||||
SNMPD="/usr/sbin/${SNMPDNAME}"
|
|
||||||
|
|
||||||
test -x ${SNMPD} || exit ${NOT_INSTALLED}
|
|
||||||
|
|
||||||
# Reads config file (will override defaults above)
|
|
||||||
[ -r /etc/default/snmpd ] && . /etc/default/snmpd
|
|
||||||
|
|
||||||
case "$1" in
|
|
||||||
start)
|
|
||||||
echo -n "Starting network management services: "
|
|
||||||
status ${SNMPD} >/dev/null
|
|
||||||
if [ $? -eq 0 ]; then
|
|
||||||
echo -n "is already running "
|
|
||||||
RETVAL=0
|
|
||||||
elif [ -f ${SNMPDCONFIG} ]; then
|
|
||||||
start-stop-daemon -o --start --quiet --name ${SNMPDNAME} --pidfile "$PIDFILE" \
|
|
||||||
--exec ${SNMPD} -- ${SNMPDOPTS}
|
|
||||||
RETVAL=$?
|
|
||||||
else
|
|
||||||
logger "${SNMPDCONFIG} is missing"
|
|
||||||
RETVAL=${GENERIC_ERROR}
|
|
||||||
fi
|
|
||||||
if [ ${RETVAL} -eq 0 ] ; then
|
|
||||||
pid=`pidof ${SNMPDNAME}`
|
|
||||||
echo "OK"
|
|
||||||
logger "${SNMPDNAME} (${pid})"
|
|
||||||
else
|
|
||||||
echo "FAIL"
|
|
||||||
RETVAL=${GENERIC_ERROR}
|
|
||||||
fi
|
|
||||||
|
|
||||||
;;
|
|
||||||
stop)
|
|
||||||
status ${SNMPD} >/dev/null
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
echo "$SNMPDNAME is not running"
|
|
||||||
RETVAL=0
|
|
||||||
else
|
|
||||||
echo -n "Stopping network management services "
|
|
||||||
killproc ${SNMPDNAME}
|
|
||||||
if [ -n "`pidof ${SNMPDNAME}`" ] ; then
|
|
||||||
logger "Going to SIGKILL ${SNMPDNAME}"
|
|
||||||
killproc -KILL ${SNMPDNAME}
|
|
||||||
fi
|
|
||||||
/bin/rm -rf $PIDFILE
|
|
||||||
status ${SNMPD} >/dev/null
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
echo "Stopped"
|
|
||||||
RETVAL=0
|
|
||||||
else
|
|
||||||
echo "Failed"
|
|
||||||
RETVAL=${GENERIC_ERROR}
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
status)
|
|
||||||
status ${SNMPD} >/dev/null
|
|
||||||
RETVAL=$?
|
|
||||||
if [ ! ${RETVAL} -eq 0 ] ; then
|
|
||||||
RETVAL=${NOT_RUNNING}
|
|
||||||
fi
|
|
||||||
|
|
||||||
;;
|
|
||||||
restart|reload|force-reload)
|
|
||||||
$0 stop
|
|
||||||
sleep 1
|
|
||||||
$0 start
|
|
||||||
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Usage: /etc/init.d/snmpd {start|stop|status|restart|reload|force-reload}"
|
|
||||||
exit ${GENERIC_ERROR}
|
|
||||||
esac
|
|
||||||
|
|
||||||
exit $RETVAL
|
|
@ -1,24 +0,0 @@
|
|||||||
###########################################################################
|
|
||||||
#
|
|
||||||
# snmpd.conf
|
|
||||||
#
|
|
||||||
# - created by the snmpconf configuration program
|
|
||||||
#
|
|
||||||
###########################################################################
|
|
||||||
# incl/excl subtree mask
|
|
||||||
view all included .1 80
|
|
||||||
|
|
||||||
sysDescr ?
|
|
||||||
sysObjectID 1.3.6.1.4.1.731.3
|
|
||||||
sysContact ?
|
|
||||||
sysName ?
|
|
||||||
sysLocation ?
|
|
||||||
sysServices 72
|
|
||||||
|
|
||||||
[snmp] clientaddr oamcontroller
|
|
||||||
dlmod cgtsAgentPlugin /usr/lib64/libcgtsAgentPlugin.so.1
|
|
||||||
dlmod snmpAuditPlugin /usr/lib64/libsnmpAuditPlugin.so.1
|
|
||||||
|
|
||||||
# Insert the snmpAudit hander into specific sections of the mib tree
|
|
||||||
injectHandler snmpAudit null
|
|
||||||
injectHandler snmpAudit bulk_to_next
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,48 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: openssh-config
|
|
||||||
Name: openssh-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: %{_bindir}/systemctl
|
|
||||||
Requires: openssh-clients
|
|
||||||
Requires: openssh-server
|
|
||||||
|
|
||||||
Summary: package StarlingX configuration files of openssh to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of openssh to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system
|
|
||||||
%{__install} -m 644 sshd.service %{buildroot}%{_sysconfdir}/systemd/system/sshd.service
|
|
||||||
%{__install} -m 644 ssh_config %{buildroot}%{_datadir}/starlingx/ssh_config
|
|
||||||
%{__install} -m 600 sshd_config %{buildroot}%{_datadir}/starlingx/sshd_config
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
# Initial installation
|
|
||||||
cp -f %{_datadir}/starlingx/ssh_config %{_sysconfdir}/ssh/ssh_config
|
|
||||||
cp -f %{_datadir}/starlingx/sshd_config %{_sysconfdir}/ssh/sshd_config
|
|
||||||
fi
|
|
||||||
|
|
||||||
%files
|
|
||||||
%{_sysconfdir}/systemd/system/sshd.service
|
|
||||||
%{_datadir}/starlingx/ssh_config
|
|
||||||
%{_datadir}/starlingx/sshd_config
|
|
@ -1,71 +0,0 @@
|
|||||||
# $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $
|
|
||||||
|
|
||||||
# This is the ssh client system-wide configuration file. See
|
|
||||||
# ssh_config(5) for more information. This file provides defaults for
|
|
||||||
# users, and the values can be changed in per-user configuration files
|
|
||||||
# or on the command line.
|
|
||||||
|
|
||||||
# Configuration data is parsed as follows:
|
|
||||||
# 1. command line options
|
|
||||||
# 2. user-specific file
|
|
||||||
# 3. system-wide file
|
|
||||||
# Any configuration value is only changed the first time it is set.
|
|
||||||
# Thus, host-specific definitions should be at the beginning of the
|
|
||||||
# configuration file, and defaults at the end.
|
|
||||||
|
|
||||||
# Site-wide defaults for some commonly used options. For a comprehensive
|
|
||||||
# list of available options, their meanings and defaults, please see the
|
|
||||||
# ssh_config(5) man page.
|
|
||||||
|
|
||||||
# Host *
|
|
||||||
# ForwardAgent no
|
|
||||||
# ForwardX11 no
|
|
||||||
# RhostsRSAAuthentication no
|
|
||||||
# RSAAuthentication yes
|
|
||||||
# PasswordAuthentication yes
|
|
||||||
# HostbasedAuthentication no
|
|
||||||
# GSSAPIAuthentication no
|
|
||||||
# GSSAPIDelegateCredentials no
|
|
||||||
# GSSAPIKeyExchange no
|
|
||||||
# GSSAPITrustDNS no
|
|
||||||
# BatchMode no
|
|
||||||
# CheckHostIP yes
|
|
||||||
# AddressFamily any
|
|
||||||
# ConnectTimeout 0
|
|
||||||
# StrictHostKeyChecking ask
|
|
||||||
# IdentityFile ~/.ssh/identity
|
|
||||||
# IdentityFile ~/.ssh/id_rsa
|
|
||||||
# IdentityFile ~/.ssh/id_dsa
|
|
||||||
# IdentityFile ~/.ssh/id_ecdsa
|
|
||||||
# IdentityFile ~/.ssh/id_ed25519
|
|
||||||
# Port 22
|
|
||||||
# Protocol 2
|
|
||||||
# Cipher 3des
|
|
||||||
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
|
|
||||||
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
|
|
||||||
# EscapeChar ~
|
|
||||||
# Tunnel no
|
|
||||||
# TunnelDevice any:any
|
|
||||||
# PermitLocalCommand no
|
|
||||||
# VisualHostKey no
|
|
||||||
# ProxyCommand ssh -q -W %h:%p gateway.example.com
|
|
||||||
# RekeyLimit 1G 1h
|
|
||||||
#
|
|
||||||
# Uncomment this if you want to use .local domain
|
|
||||||
# Host *.local
|
|
||||||
# CheckHostIP no
|
|
||||||
|
|
||||||
Host *
|
|
||||||
GSSAPIAuthentication yes
|
|
||||||
# If this option is set to yes then remote X11 clients will have full access
|
|
||||||
# to the original X11 display. As virtually no X11 client supports the untrusted
|
|
||||||
# mode correctly we set this to yes.
|
|
||||||
ForwardX11Trusted yes
|
|
||||||
# Send locale-related environment variables
|
|
||||||
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
|
|
||||||
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
|
|
||||||
SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
|
|
||||||
SendEnv XMODIFIERS
|
|
||||||
|
|
||||||
# Filtered key exchange algorithm list
|
|
||||||
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
|
|
@ -1,18 +0,0 @@
|
|||||||
[Unit]
|
|
||||||
Description=OpenSSH server daemon
|
|
||||||
Documentation=man:sshd(8) man:sshd_config(5)
|
|
||||||
After=network.target sshd-keygen.service
|
|
||||||
Wants=sshd-keygen.service
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
EnvironmentFile=/etc/sysconfig/sshd
|
|
||||||
ExecStart=/etc/init.d/sshd start
|
|
||||||
ExecStop=/etc/init.d/sshd stop
|
|
||||||
ExecReload=/bin/kill -HUP $MAINPID
|
|
||||||
PIDFile=/var/run/sshd.pid
|
|
||||||
KillMode=none
|
|
||||||
#Restart=on-failure
|
|
||||||
#RestartSec=42s
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,148 +0,0 @@
|
|||||||
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
|
|
||||||
|
|
||||||
# This is the sshd server system-wide configuration file. See
|
|
||||||
# sshd_config(5) for more information.
|
|
||||||
|
|
||||||
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
|
|
||||||
|
|
||||||
# The strategy used for options in the default sshd_config shipped with
|
|
||||||
# OpenSSH is to specify options with their default value where
|
|
||||||
# possible, but leave them commented. Uncommented options override the
|
|
||||||
# default value.
|
|
||||||
|
|
||||||
# If you want to change the port on a SELinux system, you have to tell
|
|
||||||
# SELinux about this change.
|
|
||||||
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
|
|
||||||
#
|
|
||||||
#Port 22
|
|
||||||
#AddressFamily any
|
|
||||||
#ListenAddress 0.0.0.0
|
|
||||||
#ListenAddress ::
|
|
||||||
|
|
||||||
HostKey /etc/ssh/ssh_host_rsa_key
|
|
||||||
#HostKey /etc/ssh/ssh_host_dsa_key
|
|
||||||
HostKey /etc/ssh/ssh_host_ecdsa_key
|
|
||||||
HostKey /etc/ssh/ssh_host_ed25519_key
|
|
||||||
|
|
||||||
# Ciphers and keying
|
|
||||||
RekeyLimit default 1h
|
|
||||||
|
|
||||||
# Logging
|
|
||||||
#SyslogFacility AUTH
|
|
||||||
#SyslogFacility AUTHPRIV
|
|
||||||
LogLevel INFO
|
|
||||||
|
|
||||||
# Authentication:
|
|
||||||
|
|
||||||
LoginGraceTime 1m
|
|
||||||
PermitRootLogin no
|
|
||||||
#StrictModes yes
|
|
||||||
MaxAuthTries 4
|
|
||||||
#MaxSessions 10
|
|
||||||
|
|
||||||
#PubkeyAuthentication yes
|
|
||||||
|
|
||||||
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
|
|
||||||
# but this is overridden so installations will only check .ssh/authorized_keys
|
|
||||||
AuthorizedKeysFile .ssh/authorized_keys
|
|
||||||
|
|
||||||
#AuthorizedPrincipalsFile none
|
|
||||||
|
|
||||||
#AuthorizedKeysCommand none
|
|
||||||
#AuthorizedKeysCommandUser nobody
|
|
||||||
|
|
||||||
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
|
|
||||||
#HostbasedAuthentication no
|
|
||||||
# Change to yes if you don't trust ~/.ssh/known_hosts for
|
|
||||||
# HostbasedAuthentication
|
|
||||||
#IgnoreUserKnownHosts no
|
|
||||||
# Don't read the user's ~/.rhosts and ~/.shosts files
|
|
||||||
#IgnoreRhosts yes
|
|
||||||
|
|
||||||
# To disable tunneled clear text passwords, change to no here!
|
|
||||||
#PasswordAuthentication yes
|
|
||||||
#PermitEmptyPasswords no
|
|
||||||
PasswordAuthentication yes
|
|
||||||
|
|
||||||
# Change to no to disable s/key passwords
|
|
||||||
#ChallengeResponseAuthentication yes
|
|
||||||
ChallengeResponseAuthentication no
|
|
||||||
|
|
||||||
# Kerberos options
|
|
||||||
#KerberosAuthentication no
|
|
||||||
#KerberosOrLocalPasswd yes
|
|
||||||
#KerberosTicketCleanup yes
|
|
||||||
#KerberosGetAFSToken no
|
|
||||||
#KerberosUseKuserok yes
|
|
||||||
|
|
||||||
# GSSAPI options
|
|
||||||
GSSAPIAuthentication no
|
|
||||||
GSSAPICleanupCredentials yes
|
|
||||||
#GSSAPIStrictAcceptorCheck yes
|
|
||||||
#GSSAPIKeyExchange no
|
|
||||||
#GSSAPIEnablek5users no
|
|
||||||
|
|
||||||
# Set this to 'yes' to enable PAM authentication, account processing,
|
|
||||||
# and session processing. If this is enabled, PAM authentication will
|
|
||||||
# be allowed through the ChallengeResponseAuthentication and
|
|
||||||
# PasswordAuthentication. Depending on your PAM configuration,
|
|
||||||
# PAM authentication via ChallengeResponseAuthentication may bypass
|
|
||||||
# the setting of "PermitRootLogin without-password".
|
|
||||||
# If you just want the PAM account and session checks to run without
|
|
||||||
# PAM authentication, then enable this but set PasswordAuthentication
|
|
||||||
# and ChallengeResponseAuthentication to 'no'.
|
|
||||||
# WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several
|
|
||||||
# problems.
|
|
||||||
UsePAM yes
|
|
||||||
|
|
||||||
AllowAgentForwarding no
|
|
||||||
AllowTcpForwarding no
|
|
||||||
#GatewayPorts no
|
|
||||||
X11Forwarding no
|
|
||||||
#X11DisplayOffset 10
|
|
||||||
#X11UseLocalhost yes
|
|
||||||
#PermitTTY yes
|
|
||||||
#PrintMotd yes
|
|
||||||
#PrintLastLog yes
|
|
||||||
#TCPKeepAlive yes
|
|
||||||
#UseLogin no
|
|
||||||
UsePrivilegeSeparation yes
|
|
||||||
#PermitUserEnvironment no
|
|
||||||
Compression no
|
|
||||||
ClientAliveInterval 15
|
|
||||||
ClientAliveCountMax 4
|
|
||||||
#ShowPatchLevel no
|
|
||||||
# Make SSH connect faster on bootup
|
|
||||||
UseDNS no
|
|
||||||
#PidFile /var/run/sshd.pid
|
|
||||||
#MaxStartups 10:30:100
|
|
||||||
#PermitTunnel no
|
|
||||||
#ChrootDirectory none
|
|
||||||
#VersionAddendum none
|
|
||||||
|
|
||||||
# default banner path
|
|
||||||
Banner /etc/issue.net
|
|
||||||
|
|
||||||
# Accept locale-related environment variables
|
|
||||||
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
|
|
||||||
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
|
|
||||||
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
|
|
||||||
AcceptEnv XMODIFIERS
|
|
||||||
|
|
||||||
# override default of no subsystems
|
|
||||||
Subsystem sftp /usr/libexec/openssh/sftp-server
|
|
||||||
|
|
||||||
# Example of overriding settings on a per-user basis
|
|
||||||
#Match User anoncvs
|
|
||||||
# X11Forwarding no
|
|
||||||
# AllowTcpForwarding no
|
|
||||||
# PermitTTY no
|
|
||||||
# ForceCommand cvs server
|
|
||||||
DenyUsers admin secadmin operator
|
|
||||||
# Filtered cipher, MAC and key exchange algorithm list, defaults can be
|
|
||||||
# obtained by ssh -Q cipher, ssh -Q mac and ssh -Q kex
|
|
||||||
# TODO (aning): once openssh is updated to 7.5, an explicit exclusion list
|
|
||||||
# using "-" should be used for cipher, MAC and kex excluded suites.
|
|
||||||
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
|
|
||||||
MACs hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com
|
|
||||||
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,46 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: setup-config
|
|
||||||
Name: setup-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: setup
|
|
||||||
Summary: package StarlingX configuration files of setup to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of setup to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d %{buildroot}%{_sysconfdir}/profile.d
|
|
||||||
%{__install} -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
%{__install} -m 644 motd %{buildroot}%{_datadir}/starlingx/stx.motd
|
|
||||||
%{__install} -m 644 prompt.sh %{buildroot}%{_sysconfdir}/profile.d/prompt.sh
|
|
||||||
%{__install} -m 644 custom.sh %{buildroot}%{_sysconfdir}/profile.d/custom.sh
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
# Initial installation
|
|
||||||
cp -f %{_datadir}/starlingx/stx.motd %{_sysconfdir}/motd
|
|
||||||
chmod 600 %{_sysconfdir}/{exports,fstab}
|
|
||||||
fi
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root,-)
|
|
||||||
%{_datadir}/starlingx/stx.motd
|
|
||||||
%{_sysconfdir}/profile.d/prompt.sh
|
|
||||||
%{_sysconfdir}/profile.d/custom.sh
|
|
@ -1 +0,0 @@
|
|||||||
export TMOUT=900
|
|
@ -1,5 +0,0 @@
|
|||||||
[H[2J
|
|
||||||
WARNING: Unauthorized access to this system is forbidden and will be
|
|
||||||
prosecuted by law. By accessing this system, you agree that your
|
|
||||||
actions may be monitored if unauthorized usage is suspected.
|
|
||||||
|
|
@ -1,4 +0,0 @@
|
|||||||
if [ "$PS1" ]; then
|
|
||||||
PS1='\h:\w\$ '
|
|
||||||
fi
|
|
||||||
export PS1
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,60 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: StarlingX systemd Configuration File
|
|
||||||
Name: systemd-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: config-files
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
BuildRequires: systemd = 219-62.el7_6.5
|
|
||||||
Requires: systemd
|
|
||||||
|
|
||||||
%define debug_package %{nil}
|
|
||||||
|
|
||||||
%description
|
|
||||||
StarlingX systemd configuration file
|
|
||||||
|
|
||||||
%prep
|
|
||||||
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
install -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
install -m644 60-persistent-storage.rules %{buildroot}%{_datadir}/starlingx/60-persistent-storage.rules
|
|
||||||
install -m644 journald.conf %{buildroot}%{_datadir}/starlingx/journald.conf
|
|
||||||
install -m644 systemd.conf.tmpfiles.d %{buildroot}%{_datadir}/starlingx/systemd.conf.tmpfiles.d
|
|
||||||
install -m644 tmp.conf.tmpfiles.d %{buildroot}%{_datadir}/starlingx/tmp.conf.tmpfiles.d
|
|
||||||
install -m644 tmp.mount %{buildroot}%{_datadir}/starlingx/tmp.mount
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
cp -f %{_datadir}/starlingx/60-persistent-storage.rules %{_udevrulesdir}/
|
|
||||||
chmod 644 %{_udevrulesdir}/60-persistent-storage.rules
|
|
||||||
cp -f %{_datadir}/starlingx/journald.conf %{_sysconfdir}/systemd
|
|
||||||
chmod 644 %{_sysconfdir}/systemd/journald.conf
|
|
||||||
cp -f %{_datadir}/starlingx/systemd.conf.tmpfiles.d %{_usr}/lib/tmpfiles.d/systemd.conf
|
|
||||||
chmod 644 %{_usr}/lib/tmpfiles.d/systemd.conf
|
|
||||||
cp -f %{_datadir}/starlingx/tmp.conf.tmpfiles.d %{_usr}/lib/tmpfiles.d/tmp.conf
|
|
||||||
chmod 644 %{_usr}/lib/tmpfiles.d/tmp.conf
|
|
||||||
cp -f %{_datadir}/starlingx/tmp.mount %{_unitdir}/
|
|
||||||
chmod 644 %{_unitdir}/tmp.mount
|
|
||||||
fi
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root)
|
|
||||||
%license LICENSE
|
|
||||||
%{_datadir}/starlingx/60-persistent-storage.rules
|
|
||||||
%{_datadir}/starlingx/journald.conf
|
|
||||||
%{_datadir}/starlingx/systemd.conf.tmpfiles.d
|
|
||||||
%{_datadir}/starlingx/tmp.conf.tmpfiles.d
|
|
||||||
%{_datadir}/starlingx/tmp.mount
|
|
@ -1,105 +0,0 @@
|
|||||||
# do not edit this file, it will be overwritten on update
|
|
||||||
|
|
||||||
# persistent storage links: /dev/disk/{by-id,by-uuid,by-label,by-path}
|
|
||||||
# scheme based on "Linux persistent device names", 2004, Hannes Reinecke <hare@suse.de>
|
|
||||||
|
|
||||||
# forward scsi device event to corresponding block device
|
|
||||||
ACTION=="change", SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST=="block", ATTR{block/*/uevent}="change"
|
|
||||||
|
|
||||||
ACTION=="remove", GOTO="persistent_storage_end"
|
|
||||||
|
|
||||||
# enable in-kernel media-presence polling
|
|
||||||
ACTION=="add", SUBSYSTEM=="module", KERNEL=="block", ATTR{parameters/events_dfl_poll_msecs}=="0", ATTR{parameters/events_dfl_poll_msecs}="2000"
|
|
||||||
|
|
||||||
SUBSYSTEM!="block", GOTO="persistent_storage_end"
|
|
||||||
|
|
||||||
# skip rules for inappropriate block devices
|
|
||||||
KERNEL=="fd*|mtd*|nbd*|gnbd*|btibm*|dm-*|md*|zram*|mmcblk[0-9]*rpmb", GOTO="persistent_storage_end"
|
|
||||||
|
|
||||||
# ignore partitions that span the entire disk
|
|
||||||
TEST=="whole_disk", GOTO="persistent_storage_end"
|
|
||||||
|
|
||||||
# for partitions import parent information
|
|
||||||
ENV{DEVTYPE}=="partition", IMPORT{parent}="ID_*"
|
|
||||||
|
|
||||||
# NVMe
|
|
||||||
KERNEL=="nvme*[0-9]n*[0-9]", ATTR{wwid}=="?*", SYMLINK+="disk/by-id/nvme-$attr{wwid}"
|
|
||||||
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{wwid}=="?*", SYMLINK+="disk/by-id/nvme-$attr{wwid}-part%n"
|
|
||||||
|
|
||||||
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{serial}=="?*", ENV{ID_SERIAL_SHORT}="$attr{serial}"
|
|
||||||
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{wwid}=="?*", ENV{ID_WWN}="$attr{wwid}"
|
|
||||||
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{model}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_SERIAL}="$attr{model}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}", OPTIONS="string_escape=replace"
|
|
||||||
|
|
||||||
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{serial}=="?*", ENV{ID_SERIAL_SHORT}="$attr{serial}"
|
|
||||||
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{model}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_SERIAL}="$attr{model}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}-part%n", OPTIONS="string_escape=replace"
|
|
||||||
|
|
||||||
# virtio-blk
|
|
||||||
KERNEL=="vd*[!0-9]", ATTRS{serial}=="?*", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/virtio-$env{ID_SERIAL}"
|
|
||||||
KERNEL=="vd*[0-9]", ATTRS{serial}=="?*", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/virtio-$env{ID_SERIAL}-part%n"
|
|
||||||
|
|
||||||
# ATA devices using the "scsi" subsystem
|
|
||||||
KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", SUBSYSTEMS=="scsi", ATTRS{vendor}=="ATA", IMPORT{program}="ata_id --export $devnode"
|
|
||||||
# ATA/ATAPI devices (SPC-3 or later) using the "scsi" subsystem
|
|
||||||
KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", SUBSYSTEMS=="scsi", ATTRS{type}=="5", ATTRS{scsi_level}=="[6-9]*", IMPORT{program}="ata_id --export $devnode"
|
|
||||||
|
|
||||||
# Run ata_id on non-removable USB Mass Storage (SATA/PATA disks in enclosures)
|
|
||||||
KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", ATTR{removable}=="0", SUBSYSTEMS=="usb", IMPORT{program}="ata_id --export $devnode"
|
|
||||||
# Otherwise, fall back to using usb_id for USB devices
|
|
||||||
KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", SUBSYSTEMS=="usb", IMPORT{builtin}="usb_id"
|
|
||||||
|
|
||||||
# scsi devices
|
|
||||||
KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", IMPORT{program}="scsi_id --export --whitelisted -d $devnode", ENV{ID_BUS}="scsi"
|
|
||||||
KERNEL=="cciss*", ENV{DEVTYPE}=="disk", ENV{ID_SERIAL}!="?*", IMPORT{program}="scsi_id --export --whitelisted -d $devnode", ENV{ID_BUS}="cciss"
|
|
||||||
KERNEL=="sd*|sr*|cciss*", ENV{DEVTYPE}=="disk", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/$env{ID_BUS}-$env{ID_SERIAL}"
|
|
||||||
KERNEL=="sd*|cciss*", ENV{DEVTYPE}=="partition", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/$env{ID_BUS}-$env{ID_SERIAL}-part%n"
|
|
||||||
|
|
||||||
# firewire
|
|
||||||
KERNEL=="sd*[!0-9]|sr*", ATTRS{ieee1394_id}=="?*", SYMLINK+="disk/by-id/ieee1394-$attr{ieee1394_id}"
|
|
||||||
KERNEL=="sd*[0-9]", ATTRS{ieee1394_id}=="?*", SYMLINK+="disk/by-id/ieee1394-$attr{ieee1394_id}-part%n"
|
|
||||||
|
|
||||||
KERNEL=="mmcblk[0-9]", SUBSYSTEMS=="mmc", ATTRS{name}=="?*", ATTRS{serial}=="?*", ENV{ID_NAME}="$attr{name}", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/mmc-$env{ID_NAME}_$env{ID_SERIAL}"
|
|
||||||
KERNEL=="mmcblk[0-9]p[0-9]", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/mmc-$env{ID_NAME}_$env{ID_SERIAL}-part%n"
|
|
||||||
KERNEL=="mspblk[0-9]", SUBSYSTEMS=="memstick", ATTRS{name}=="?*", ATTRS{serial}=="?*", ENV{ID_NAME}="$attr{name}", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/memstick-$env{ID_NAME}_$env{ID_SERIAL}"
|
|
||||||
KERNEL=="mspblk[0-9]p[0-9]", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/memstick-$env{ID_NAME}_$env{ID_SERIAL}-part%n"
|
|
||||||
|
|
||||||
# by-path (parent device path)
|
|
||||||
ENV{DEVTYPE}=="disk", DEVPATH!="*/virtual/*", IMPORT{builtin}="path_id"
|
|
||||||
ENV{DEVTYPE}=="disk", ENV{ID_PATH}=="?*", SYMLINK+="disk/by-path/$env{ID_PATH}"
|
|
||||||
ENV{DEVTYPE}=="partition", ENV{ID_PATH}=="?*", SYMLINK+="disk/by-path/$env{ID_PATH}-part%n"
|
|
||||||
|
|
||||||
# skip unpartitioned removable media devices from drivers which do not send "change" events
|
|
||||||
ENV{DEVTYPE}=="disk", KERNEL!="sd*|sr*", ATTR{removable}=="1", GOTO="persistent_storage_end"
|
|
||||||
|
|
||||||
# legacy virtio-pci by-path links (deprecated)
|
|
||||||
KERNEL=="vd*[!0-9]", ENV{ID_PATH}=="pci-*", SYMLINK+="disk/by-path/virtio-$env{ID_PATH}"
|
|
||||||
KERNEL=="vd*[0-9]", ENV{ID_PATH}=="pci-*", SYMLINK+="disk/by-path/virtio-$env{ID_PATH}-part%n"
|
|
||||||
|
|
||||||
# probe filesystem metadata of optical drives which have a media inserted
|
|
||||||
KERNEL=="sr*", ENV{DISK_EJECT_REQUEST}!="?*", ENV{ID_CDROM_MEDIA_TRACK_COUNT_DATA}=="?*", ENV{ID_CDROM_MEDIA_SESSION_LAST_OFFSET}=="?*", \
|
|
||||||
IMPORT{builtin}="blkid --offset=$env{ID_CDROM_MEDIA_SESSION_LAST_OFFSET}"
|
|
||||||
# single-session CDs do not have ID_CDROM_MEDIA_SESSION_LAST_OFFSET
|
|
||||||
KERNEL=="sr*", ENV{DISK_EJECT_REQUEST}!="?*", ENV{ID_CDROM_MEDIA_TRACK_COUNT_DATA}=="?*", ENV{ID_CDROM_MEDIA_SESSION_LAST_OFFSET}=="", \
|
|
||||||
IMPORT{builtin}="blkid --noraid"
|
|
||||||
|
|
||||||
# probe filesystem metadata of disks
|
|
||||||
KERNEL!="sr*", IMPORT{builtin}="blkid"
|
|
||||||
|
|
||||||
# watch metadata changes by tools closing the device after writing
|
|
||||||
KERNEL!="sr*", OPTIONS+="watch"
|
|
||||||
|
|
||||||
# by-label/by-uuid links (filesystem metadata)
|
|
||||||
ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{ID_FS_UUID_ENC}=="?*", SYMLINK+="disk/by-uuid/$env{ID_FS_UUID_ENC}"
|
|
||||||
ENV{ID_FS_USAGE}=="filesystem|other", ENV{ID_FS_LABEL_ENC}=="?*", SYMLINK+="disk/by-label/$env{ID_FS_LABEL_ENC}"
|
|
||||||
|
|
||||||
# by-id (World Wide Name)
|
|
||||||
ENV{DEVTYPE}=="disk", ENV{ID_WWN_WITH_EXTENSION}=="?*", SYMLINK+="disk/by-id/wwn-$env{ID_WWN_WITH_EXTENSION}"
|
|
||||||
ENV{DEVTYPE}=="partition", ENV{ID_WWN_WITH_EXTENSION}=="?*", SYMLINK+="disk/by-id/wwn-$env{ID_WWN_WITH_EXTENSION}-part%n"
|
|
||||||
|
|
||||||
# by-partlabel/by-partuuid links (partition metadata)
|
|
||||||
ENV{ID_PART_ENTRY_SCHEME}=="gpt", ENV{ID_PART_ENTRY_UUID}=="?*", SYMLINK+="disk/by-partuuid/$env{ID_PART_ENTRY_UUID}"
|
|
||||||
ENV{ID_PART_ENTRY_SCHEME}=="gpt", ENV{ID_PART_ENTRY_NAME}=="?*", SYMLINK+="disk/by-partlabel/$env{ID_PART_ENTRY_NAME}"
|
|
||||||
|
|
||||||
# add symlink to GPT root disk
|
|
||||||
ENV{ID_PART_ENTRY_SCHEME}=="gpt", ENV{ID_PART_GPT_AUTO_ROOT}=="1", SYMLINK+="gpt-auto-root"
|
|
||||||
|
|
||||||
LABEL="persistent_storage_end"
|
|
@ -1,202 +0,0 @@
|
|||||||
|
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
@ -1,40 +0,0 @@
|
|||||||
# This file is part of systemd.
|
|
||||||
#
|
|
||||||
# systemd is free software; you can redistribute it and/or modify it
|
|
||||||
# under the terms of the GNU Lesser General Public License as published by
|
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
#
|
|
||||||
# Entries in this file show the compile time defaults.
|
|
||||||
# You can change settings by editing this file.
|
|
||||||
# Defaults can be restored by simply deleting this file.
|
|
||||||
#
|
|
||||||
# See journald.conf(5) for details.
|
|
||||||
|
|
||||||
[Journal]
|
|
||||||
Storage=none
|
|
||||||
#Compress=yes
|
|
||||||
#Seal=yes
|
|
||||||
#SplitMode=uid
|
|
||||||
#SyncIntervalSec=5m
|
|
||||||
RateLimitInterval=30s
|
|
||||||
RateLimitBurst=5000
|
|
||||||
#SystemMaxUse=
|
|
||||||
#SystemKeepFree=
|
|
||||||
#SystemMaxFileSize=
|
|
||||||
#RuntimeMaxUse=
|
|
||||||
#RuntimeKeepFree=
|
|
||||||
#RuntimeMaxFileSize=
|
|
||||||
#MaxRetentionSec=
|
|
||||||
#MaxFileSec=1month
|
|
||||||
ForwardToSyslog=yes
|
|
||||||
#ForwardToKMsg=no
|
|
||||||
#ForwardToConsole=no
|
|
||||||
#ForwardToWall=yes
|
|
||||||
#TTYPath=/dev/console
|
|
||||||
#MaxLevelStore=debug
|
|
||||||
#MaxLevelSyslog=debug
|
|
||||||
#MaxLevelKMsg=notice
|
|
||||||
#MaxLevelConsole=info
|
|
||||||
#MaxLevelWall=emerg
|
|
||||||
#LineMax=48K
|
|
@ -1,42 +0,0 @@
|
|||||||
# This file is part of systemd.
|
|
||||||
#
|
|
||||||
# systemd is free software; you can redistribute it and/or modify it
|
|
||||||
# under the terms of the GNU Lesser General Public License as published by
|
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
|
||||||
|
|
||||||
d /run/user 0755 root root -
|
|
||||||
F! /run/utmp 0664 root utmp -
|
|
||||||
|
|
||||||
d /run/systemd/ask-password 0755 root root -
|
|
||||||
d /run/systemd/seats 0755 root root -
|
|
||||||
d /run/systemd/sessions 0755 root root -
|
|
||||||
d /run/systemd/users 0755 root root -
|
|
||||||
d /run/systemd/machines 0755 root root -
|
|
||||||
d /run/systemd/shutdown 0755 root root -
|
|
||||||
d /run/systemd/netif 0755 systemd-network systemd-network -
|
|
||||||
d /run/systemd/netif/links 0755 systemd-network systemd-network -
|
|
||||||
d /run/systemd/netif/leases 0755 systemd-network systemd-network -
|
|
||||||
|
|
||||||
d /run/log 0755 root root -
|
|
||||||
|
|
||||||
z /run/log/journal 2755 root systemd-journal - -
|
|
||||||
Z /run/log/journal/%m ~2750 root systemd-journal - -
|
|
||||||
|
|
||||||
a+ /run/log/journal/%m - - - - d:group:sys_protected:r-x,d:group:wheel:r-x
|
|
||||||
A+ /run/log/journal/%m - - - - group:sys_protected:r-x,group:wheel:r-x
|
|
||||||
|
|
||||||
z /var/log/journal 2755 root systemd-journal - -
|
|
||||||
z /var/log/journal/%m 2755 root systemd-journal - -
|
|
||||||
z /var/log/journal/%m/system.journal 0640 root systemd-journal - -
|
|
||||||
|
|
||||||
a+ /var/log/journal - - - - d:group:sys_protected:r-x,d:group:wheel:r-x
|
|
||||||
a+ /var/log/journal - - - - group:sys_protected:r-x,group:wheel:r-x
|
|
||||||
a+ /var/log/journal/%m - - - - d:group:sys_protected:r-x,d:group:wheel:r-x
|
|
||||||
a+ /var/log/journal/%m - - - - group:sys_protected:r-x,group:wheel:r-x
|
|
||||||
a+ /var/log/journal/%m/system.journal - - - - group:sys_protected:r--,group:wheel:r--
|
|
||||||
|
|
||||||
d /var/lib/systemd 0755 root root -
|
|
||||||
d /var/lib/systemd/coredump 0755 root root 3d
|
|
@ -1,20 +0,0 @@
|
|||||||
# This file is part of systemd.
|
|
||||||
#
|
|
||||||
# systemd is free software; you can redistribute it and/or modify it
|
|
||||||
# under the terms of the GNU Lesser General Public License as published by
|
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
|
||||||
|
|
||||||
# Clear tmp directories separately, to make them easier to override
|
|
||||||
v /tmp 1777 root root 10d
|
|
||||||
v /tmp/var.tmp 1777 root root 30d
|
|
||||||
L+ /var/tmp - - - - /tmp/var.tmp
|
|
||||||
|
|
||||||
# Exclude namespace mountpoints created with PrivateTmp=yes
|
|
||||||
x /tmp/systemd-private-%b-*
|
|
||||||
X /tmp/systemd-private-%b-*/tmp
|
|
||||||
x /var/tmp/systemd-private-%b-*
|
|
||||||
X /var/tmp/systemd-private-%b-*/tmp
|
|
||||||
X /tmp/var.tmp
|
|
@ -1,25 +0,0 @@
|
|||||||
# This file is part of systemd.
|
|
||||||
#
|
|
||||||
# systemd is free software; you can redistribute it and/or modify it
|
|
||||||
# under the terms of the GNU Lesser General Public License as published by
|
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
|
|
||||||
[Unit]
|
|
||||||
Description=Temporary Directory
|
|
||||||
Documentation=man:hier(7)
|
|
||||||
Documentation=http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
|
|
||||||
ConditionPathIsSymbolicLink=!/tmp
|
|
||||||
DefaultDependencies=no
|
|
||||||
Conflicts=umount.target
|
|
||||||
Before=local-fs.target umount.target
|
|
||||||
|
|
||||||
[Mount]
|
|
||||||
What=tmpfs
|
|
||||||
Where=/tmp
|
|
||||||
Type=tmpfs
|
|
||||||
Options=mode=1777,strictatime,size=1G
|
|
||||||
|
|
||||||
# Make 'systemctl enable tmp.mount' work:
|
|
||||||
[Install]
|
|
||||||
WantedBy=local-fs.target
|
|
@ -1,45 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: StarlingX audit Configuration File
|
|
||||||
Name: audit-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: config-files
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
Requires: audit
|
|
||||||
Requires: audit-libs
|
|
||||||
Requires: audit-libs-python
|
|
||||||
|
|
||||||
%define debug_package %{nil}
|
|
||||||
|
|
||||||
%description
|
|
||||||
StarlingX audit configuration file
|
|
||||||
|
|
||||||
%prep
|
|
||||||
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
install -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
install -m640 syslog.conf %{buildroot}%{_datadir}/starlingx/syslog.conf
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
cp -f %{_datadir}/starlingx/syslog.conf %{_sysconfdir}/audisp/plugins.d/syslog.conf
|
|
||||||
chmod 640 %{_sysconfdir}/audisp/plugins.d/syslog.conf
|
|
||||||
fi
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root)
|
|
||||||
%license LICENSE
|
|
||||||
%{_datadir}/starlingx/syslog.conf
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,202 +0,0 @@
|
|||||||
|
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
@ -1,14 +0,0 @@
|
|||||||
# This file controls the configuration of the syslog plugin.
|
|
||||||
# It simply takes events and writes them to syslog. The
|
|
||||||
# arguments provided can be the default priority that you
|
|
||||||
# want the events written with. And optionally, you can give
|
|
||||||
# a second argument indicating the facility that you want events
|
|
||||||
# logged to. Valid options are LOG_LOCAL0 through 7, LOG_AUTH,
|
|
||||||
# LOG_AUTHPRIV, LOG_DAEMON, LOG_SYSLOG, and LOG_USER.
|
|
||||||
|
|
||||||
active = yes
|
|
||||||
direction = out
|
|
||||||
path = builtin_syslog
|
|
||||||
type = builtin
|
|
||||||
args = LOG_INFO LOG_AUTH
|
|
||||||
format = string
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="$PKG_BASE/files"
|
|
||||||
TIS_PATCH_VER=2
|
|
@ -1,32 +0,0 @@
|
|||||||
Summary: StarlingX Docker Configuration File
|
|
||||||
Name: docker-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: config-files
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
|
|
||||||
Source0: %{name}-%{version}.tar.gz
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
Requires: docker-ce
|
|
||||||
|
|
||||||
%define debug_package %{nil}
|
|
||||||
|
|
||||||
%description
|
|
||||||
StarlingX docker configuration file
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%install
|
|
||||||
make DATADIR=%{buildroot}%{_datadir} SYSCONFDIR=%{buildroot}%{_sysconfdir} install
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root)
|
|
||||||
%license LICENSE
|
|
||||||
%dir %{_sysconfdir}/systemd/system/docker.service.d
|
|
||||||
%{_sysconfdir}/pmon.d/docker.conf
|
|
||||||
%{_sysconfdir}/systemd/system/docker.service.d/docker-stx-override.conf
|
|
||||||
%{_sysconfdir}/logrotate.d/docker.logrotate
|
|
@ -1,202 +0,0 @@
|
|||||||
|
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
@ -1,13 +0,0 @@
|
|||||||
#
|
|
||||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
|
|
||||||
install:
|
|
||||||
install -d -m 0755 $(SYSCONFDIR)/pmon.d
|
|
||||||
install -D -m 644 docker-pmond.conf $(SYSCONFDIR)/pmon.d/docker.conf
|
|
||||||
install -d -m 0755 $(SYSCONFDIR)/systemd/system/docker.service.d
|
|
||||||
install -D -m 644 docker-stx-override.conf $(SYSCONFDIR)/systemd/system/docker.service.d/docker-stx-override.conf
|
|
||||||
install -d -m 0755 $(SYSCONFDIR)/logrotate.d
|
|
||||||
install -D -m 644 docker.logrotate $(SYSCONFDIR)/logrotate.d/docker.logrotate
|
|
@ -1,15 +0,0 @@
|
|||||||
;
|
|
||||||
; Copyright (c) 2019 Wind River Systems, Inc.
|
|
||||||
;
|
|
||||||
; SPDX-License-Identifier: Apache-2.0
|
|
||||||
;
|
|
||||||
[process]
|
|
||||||
process = dockerd
|
|
||||||
service = docker
|
|
||||||
pidfile = /var/run/dockerd.pid
|
|
||||||
style = lsb ; lsb
|
|
||||||
severity = critical ; minor, major, critical
|
|
||||||
restarts = 3 ; restarts before error assertion
|
|
||||||
startuptime = 5 ; seconds to wait after process start
|
|
||||||
interval = 5 ; number of seconds to wait between restarts
|
|
||||||
debounce = 20 ; number of seconds to wait before degrade clear
|
|
@ -1,6 +0,0 @@
|
|||||||
[Service]
|
|
||||||
ExecStartPost=/bin/bash -c 'echo $MAINPID > /var/run/dockerd.pid;'
|
|
||||||
ExecStopPost=/bin/rm -f /var/run/dockerd.pid
|
|
||||||
|
|
||||||
# pmond monitors docker service
|
|
||||||
Restart=no
|
|
@ -1,42 +0,0 @@
|
|||||||
#
|
|
||||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
#
|
|
||||||
|
|
||||||
# copytruncate: Truncate the original log file in place after creating a copy,
|
|
||||||
# instead of moving the old log file and optionally creating a new one. It is
|
|
||||||
# used when some program can not be told to close its logfile and thus might
|
|
||||||
# continue writing (appending) to the previous log file forever. This prevents
|
|
||||||
# having to possibly reset the file handle of the log file.
|
|
||||||
|
|
||||||
/var/lib/docker/containers/*/*-json.log
|
|
||||||
{
|
|
||||||
nodateext
|
|
||||||
size 50M
|
|
||||||
start 1
|
|
||||||
rotate 20
|
|
||||||
missingok
|
|
||||||
notifempty
|
|
||||||
compress
|
|
||||||
delaycompress
|
|
||||||
copytruncate
|
|
||||||
}
|
|
||||||
|
|
||||||
/var/lib/docker/overlay2/*/diff/var/log/apt/history.log
|
|
||||||
/var/lib/docker/overlay2/*/diff/var/log/bootstrap.log
|
|
||||||
/var/lib/docker/overlay2/*/diff/var/log/apt/term.log
|
|
||||||
/var/lib/docker/overlay2/*/diff/var/log/dpkg.log
|
|
||||||
/var/lib/docker/overlay2/*/diff/var/log/alternatives.log
|
|
||||||
{
|
|
||||||
nodateext
|
|
||||||
size 10M
|
|
||||||
start 1
|
|
||||||
rotate 20
|
|
||||||
missingok
|
|
||||||
notifempty
|
|
||||||
compress
|
|
||||||
delaycompress
|
|
||||||
copytruncate
|
|
||||||
}
|
|
@ -1,2 +0,0 @@
|
|||||||
COPY_LIST="$FILES_BASE/*"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,28 +0,0 @@
|
|||||||
# This file contains the rules to customize io scheduler.
|
|
||||||
|
|
||||||
# Heuristics:
|
|
||||||
# 'deadline' io-scheduler tuned settings
|
|
||||||
# - deadline generally recommended for databases, servers, and SSDs,
|
|
||||||
# and for more deterministic latency
|
|
||||||
# - note that read_expire is a key tuning parameter here
|
|
||||||
# - the following is recommended by DRBD user guide
|
|
||||||
# front_merges: 0 (from 1)
|
|
||||||
# read_expire: 150 (from 500)
|
|
||||||
# write_expire: 1500 (from 5000)
|
|
||||||
#
|
|
||||||
# 'noop' io scheduler for variants of HW-RAID.
|
|
||||||
# - RAID controller will do its own separate scheduling
|
|
||||||
#
|
|
||||||
# Overall:
|
|
||||||
# - We prefer to guarantee latency more than fairness for all platform services,
|
|
||||||
# especially under extreme read and write load, e.g, when creating/deleting
|
|
||||||
# multiple heat stacks, or running disk intensive operations.
|
|
||||||
|
|
||||||
ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTR{queue/scheduler}="deadline"
|
|
||||||
ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTR{queue/iosched/front_merges}="0"
|
|
||||||
ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTR{queue/iosched/read_expire}="150"
|
|
||||||
ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTR{queue/iosched/write_expire}="1500"
|
|
||||||
|
|
||||||
# Set noop io scheduler for variants of HW-RAID.
|
|
||||||
# HP ProLiant DL360p Gen8; HP ProLiant DL380p Gen8
|
|
||||||
ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTRS{raid_level}=="*RAID*", ATTR{queue/scheduler}="noop"
|
|
@ -1,202 +0,0 @@
|
|||||||
|
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
@ -1,29 +0,0 @@
|
|||||||
Summary: CGCS IO Scheduler Configuration
|
|
||||||
Name: io-scheduler
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: Wind River <info@windriver.com>
|
|
||||||
URL: unknown
|
|
||||||
|
|
||||||
Source0: 60-io-scheduler.rules
|
|
||||||
Source1: LICENSE
|
|
||||||
|
|
||||||
%define udev_rules_d %{_sysconfdir}/udev/rules.d
|
|
||||||
|
|
||||||
%description
|
|
||||||
CGCS io scheduler configuration and tuning.
|
|
||||||
|
|
||||||
%install
|
|
||||||
mkdir -p %{buildroot}%{udev_rules_d}
|
|
||||||
install -m 644 %{SOURCE0} %{buildroot}%{udev_rules_d}/60-io-scheduler.rules
|
|
||||||
|
|
||||||
%post
|
|
||||||
/bin/udevadm control --reload-rules
|
|
||||||
/bin/udevadm trigger --type=devices --subsystem-match=block
|
|
||||||
|
|
||||||
%files
|
|
||||||
%license ../SOURCES/LICENSE
|
|
||||||
%defattr(-,root,root,-)
|
|
||||||
%{_sysconfdir}/udev/rules.d
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,53 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: StarlingX iptables Configuration File
|
|
||||||
Name: iptables-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: config-files
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
Requires: iptables
|
|
||||||
Requires: iptables-services
|
|
||||||
Requires: iptables-utils
|
|
||||||
|
|
||||||
%define debug_package %{nil}
|
|
||||||
|
|
||||||
%description
|
|
||||||
StarlingX iptables configuration file
|
|
||||||
|
|
||||||
%prep
|
|
||||||
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
install -d -m 755 %{buildroot}%{_sysconfdir}/sysconfig
|
|
||||||
install -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
install -m 600 iptables.rules %{buildroot}%{_datadir}/starlingx/iptables.rules
|
|
||||||
install -m 600 ip6tables.rules %{buildroot}%{_datadir}/starlingx/ip6tables.rules
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
cp -f %{_datadir}/starlingx/iptables.rules %{_sysconfdir}/sysconfig/iptables
|
|
||||||
chmod 600 %{_sysconfdir}/sysconfig/iptables
|
|
||||||
cp -f %{_datadir}/starlingx/ip6tables.rules %{_sysconfdir}/sysconfig/ip6tables
|
|
||||||
chmod 600 %{_sysconfdir}/sysconfig/ip6tables
|
|
||||||
fi
|
|
||||||
|
|
||||||
%{_bindir}/systemctl enable iptables.service ip6tables.service >/dev/null 2>&1
|
|
||||||
exit 0
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root)
|
|
||||||
%license LICENSE
|
|
||||||
%{_datadir}/starlingx/iptables.rules
|
|
||||||
%{_datadir}/starlingx/ip6tables.rules
|
|
@ -1,202 +0,0 @@
|
|||||||
|
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
@ -1,8 +0,0 @@
|
|||||||
# system default rules
|
|
||||||
*filter
|
|
||||||
:INPUT ACCEPT [0:0]
|
|
||||||
:FORWARD ACCEPT [0:0]
|
|
||||||
:OUTPUT ACCEPT [0:0]
|
|
||||||
:INPUT-custom-pre - [0:0]
|
|
||||||
:INPUT-custom-post - [0:0]
|
|
||||||
COMMIT
|
|
@ -1,8 +0,0 @@
|
|||||||
# system default rules
|
|
||||||
*filter
|
|
||||||
:INPUT ACCEPT [0:0]
|
|
||||||
:FORWARD ACCEPT [0:0]
|
|
||||||
:OUTPUT ACCEPT [0:0]
|
|
||||||
:INPUT-custom-pre - [0:0]
|
|
||||||
:INPUT-custom-post - [0:0]
|
|
||||||
COMMIT
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=1
|
|
@ -1,36 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: memcached-custom
|
|
||||||
Name: memcached-custom
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Summary: package memcached service files to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package memcached service files to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system
|
|
||||||
%{__install} -m 644 -p memcached.service %{buildroot}%{_sysconfdir}/systemd/system/memcached.service
|
|
||||||
|
|
||||||
%post
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root,-)
|
|
||||||
%{_sysconfdir}/systemd/system/memcached.service
|
|
||||||
|
|
@ -1,55 +0,0 @@
|
|||||||
#
|
|
||||||
# This service file is a customized version in platform-util package from
|
|
||||||
# openstack/stx-integ project
|
|
||||||
|
|
||||||
[Unit]
|
|
||||||
Description=memcached daemon
|
|
||||||
Before=httpd.service
|
|
||||||
After=network-online.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
EnvironmentFile=/etc/sysconfig/memcached
|
|
||||||
ExecStart=/usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS
|
|
||||||
|
|
||||||
# Set up a new file system namespace and mounts private /tmp and /var/tmp directories
|
|
||||||
# so this service cannot access the global directories and other processes cannot
|
|
||||||
# access this service's directories.
|
|
||||||
PrivateTmp=true
|
|
||||||
|
|
||||||
# Mounts the /usr, /boot, and /etc directories read-only for processes invoked by this unit.
|
|
||||||
ProtectSystem=full
|
|
||||||
|
|
||||||
# Ensures that the service process and all its children can never gain new privileges
|
|
||||||
NoNewPrivileges=true
|
|
||||||
|
|
||||||
# Sets up a new /dev namespace for the executed processes and only adds API pseudo devices
|
|
||||||
# such as /dev/null, /dev/zero or /dev/random (as well as the pseudo TTY subsystem) to it,
|
|
||||||
# but no physical devices such as /dev/sda.
|
|
||||||
PrivateDevices=true
|
|
||||||
|
|
||||||
# Required for dropping privileges and running as a different user
|
|
||||||
CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE
|
|
||||||
LimitNOFILE=16384
|
|
||||||
|
|
||||||
# Attempts to create memory mappings that are writable and executable at the same time,
|
|
||||||
# or to change existing memory mappings to become executable are prohibited.
|
|
||||||
# XXX: this property is supported with systemd 231+ which is not yet on EL7
|
|
||||||
# MemoryDenyWriteExecute=true
|
|
||||||
|
|
||||||
# Restricts the set of socket address families accessible to the processes of this unit.
|
|
||||||
# Protects against vulnerabilities such as CVE-2016-8655
|
|
||||||
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
|
|
||||||
|
|
||||||
# These service parameters are commented out since they are incompatible with
|
|
||||||
# Centos 7 and generate warning messages when included.
|
|
||||||
#ProtectKernelModules=true
|
|
||||||
#ProtectKernelTunables=true
|
|
||||||
#ProtectControlGroups=true
|
|
||||||
#RestrictRealtime=true
|
|
||||||
#RestrictNamespaces=true
|
|
||||||
|
|
||||||
Restart=always
|
|
||||||
RestartSec=10
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,2 +0,0 @@
|
|||||||
COPY_LIST="files/*"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,50 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: StarlingX ntp Configuration File
|
|
||||||
Name: ntp-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: config-files
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
|
|
||||||
Source0: LICENSE
|
|
||||||
Source1: ntpd.sysconfig
|
|
||||||
Source2: ntp.conf
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
Requires: ntp
|
|
||||||
Requires: ntpdate
|
|
||||||
Requires: ntp-perl
|
|
||||||
|
|
||||||
%define debug_package %{nil}
|
|
||||||
|
|
||||||
%description
|
|
||||||
StarlingX ntp configuration file
|
|
||||||
|
|
||||||
%install
|
|
||||||
install -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
install -D -m644 %{SOURCE1} %{buildroot}%{_datadir}/starlingx/ntpd.sysconfig
|
|
||||||
install -D -m644 %{SOURCE2} %{buildroot}%{_datadir}/starlingx/ntp.conf
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
cp -f %{_datadir}/starlingx/ntpd.sysconfig %{_sysconfdir}/sysconfig/ntpd
|
|
||||||
cp -f %{_datadir}/starlingx/ntp.conf %{_sysconfdir}/ntp.conf
|
|
||||||
chmod 644 %{_sysconfdir}/sysconfig/ntpd
|
|
||||||
chmod 644 %{_sysconfdir}/ntp.conf
|
|
||||||
fi
|
|
||||||
|
|
||||||
%preun
|
|
||||||
|
|
||||||
%postun
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root)
|
|
||||||
%license ../SOURCES/LICENSE
|
|
||||||
%{_datadir}/starlingx/ntpd.sysconfig
|
|
||||||
%{_datadir}/starlingx/ntp.conf
|
|
@ -1,202 +0,0 @@
|
|||||||
|
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
@ -1,14 +0,0 @@
|
|||||||
# This is the most basic ntp configuration file
|
|
||||||
# The driftfile must remain in a place specific to this
|
|
||||||
# machine - it records the machine specific clock error
|
|
||||||
#driftfile /etc/ntp.drift
|
|
||||||
# This obtains a random server which will be close
|
|
||||||
# (in IP terms) to the machine. Add other servers
|
|
||||||
# as required, or change this.
|
|
||||||
#server time.server.example.com
|
|
||||||
# Using local hardware clock as fallback
|
|
||||||
# Disable this when using ntpd -q -g -x as ntpdate or it will sync to itself
|
|
||||||
#server 127.127.1.0
|
|
||||||
#fudge 127.127.1.0 stratum 14
|
|
||||||
# Defining a default security setting - lock everything down
|
|
||||||
restrict default ignore
|
|
@ -1,2 +0,0 @@
|
|||||||
# Command line options for ntpd
|
|
||||||
OPTIONS="-p /var/run/ntp.pid"
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=1
|
|
@ -1,56 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: pam-config
|
|
||||||
Name: pam-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: pam
|
|
||||||
Requires: openssh
|
|
||||||
Summary: package StarlingX configuration files of pam to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of pam to system folder.
|
|
||||||
|
|
||||||
%define _pamconfdir %{_sysconfdir}/pam.d
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d %{buildroot}%{_pamconfdir}
|
|
||||||
%{__install} -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
%{__install} -m 644 sshd.pam %{buildroot}%{_datadir}/starlingx/sshd.pam
|
|
||||||
%{__install} -m 644 common-account %{buildroot}%{_pamconfdir}/common-account
|
|
||||||
%{__install} -m 644 common-auth %{buildroot}%{_pamconfdir}/common-auth
|
|
||||||
%{__install} -m 644 common-password %{buildroot}%{_pamconfdir}/common-password
|
|
||||||
%{__install} -m 644 common-session %{buildroot}%{_pamconfdir}/common-session
|
|
||||||
%{__install} -m 644 common-session-noninteractive %{buildroot}%{_pamconfdir}/common-session-noninteractive
|
|
||||||
%{__install} -m 644 system-auth.pamd %{buildroot}%{_datadir}/starlingx/stx.system-auth
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
# Initial installation
|
|
||||||
cp -f %{_datadir}/starlingx/stx.system-auth %{_pamconfdir}/system-auth
|
|
||||||
cp -f %{_datadir}/starlingx/sshd.pam %{_pamconfdir}/sshd
|
|
||||||
fi
|
|
||||||
|
|
||||||
%files
|
|
||||||
%{_datadir}/starlingx/stx.system-auth
|
|
||||||
%{_datadir}/starlingx/sshd.pam
|
|
||||||
%config(noreplace) %{_pamconfdir}/common-account
|
|
||||||
%config(noreplace) %{_pamconfdir}/common-auth
|
|
||||||
%config(noreplace) %{_pamconfdir}/common-password
|
|
||||||
%config(noreplace) %{_pamconfdir}/common-session
|
|
||||||
%config(noreplace) %{_pamconfdir}/common-session-noninteractive
|
|
@ -1,27 +0,0 @@
|
|||||||
#
|
|
||||||
# /etc/pam.d/common-account - authorization settings common to all services
|
|
||||||
#
|
|
||||||
# This file is included from other service-specific PAM config files,
|
|
||||||
# and should contain a list of the authorization modules that define
|
|
||||||
# the central access policy for use on the system. The default is to
|
|
||||||
# only deny service to users whose accounts are expired in /etc/shadow.
|
|
||||||
#
|
|
||||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
|
|
||||||
# To take advantage of this, it is recommended that you configure any
|
|
||||||
# local modules either before or after the default block, and use
|
|
||||||
# pam-auth-update to manage selection of other modules. See
|
|
||||||
# pam-auth-update(8) for details.
|
|
||||||
#
|
|
||||||
|
|
||||||
# here are the per-package modules (the "Primary" block)
|
|
||||||
account required pam_tally2.so
|
|
||||||
account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
|
|
||||||
account [success=1 new_authtok_reqd=done default=ignore] pam_ldap.so
|
|
||||||
# here's the fallback if no module succeeds
|
|
||||||
account requisite pam_deny.so
|
|
||||||
# prime the stack with a positive return value if there isn't one already;
|
|
||||||
# this avoids us returning an error just because nothing sets a success code
|
|
||||||
# since the modules above will each just jump around
|
|
||||||
account required pam_permit.so
|
|
||||||
# and here are more per-package modules (the "Additional" block)
|
|
||||||
# end of pam-auth-update config
|
|
@ -1,22 +0,0 @@
|
|||||||
#
|
|
||||||
# /etc/pam.d/common-auth - authentication settings common to all services
|
|
||||||
#
|
|
||||||
# This file is included from other service-specific PAM config files,
|
|
||||||
# and should contain a list of the authentication modules that define
|
|
||||||
# the central authentication scheme for use on the system
|
|
||||||
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
|
|
||||||
# traditional Unix authentication mechanisms.
|
|
||||||
|
|
||||||
# here are the per-package modules (the "Primary" block)
|
|
||||||
# auth [success=1 default=ignore] pam_unix.so nullok_secure
|
|
||||||
# auth sufficient pam_ldap.so use_first_pass
|
|
||||||
auth required pam_tally2.so deny=5 unlock_time=300 audit
|
|
||||||
auth [success=2 default=ignore] pam_unix.so nullok_secure
|
|
||||||
auth [success=1 default=ignore] pam_ldap.so use_first_pass debug
|
|
||||||
# here's the fallback if no module succeeds
|
|
||||||
auth requisite pam_deny.so
|
|
||||||
# prime the stack with a positive return value if there isn't one already;
|
|
||||||
# this avoids us returning an error just because nothing sets a success code
|
|
||||||
# since the modules above will each just jump around
|
|
||||||
auth required pam_permit.so
|
|
||||||
# and here are more per-package modules (the "Additional" block)
|
|
@ -1,38 +0,0 @@
|
|||||||
#
|
|
||||||
# /etc/pam.d/common-password - password-related modules common to all services
|
|
||||||
#
|
|
||||||
# This file is included from other service-specific PAM config files,
|
|
||||||
# and should contain a list of modules that define the services to be
|
|
||||||
# used to change user passwords. The default is pam_unix.
|
|
||||||
|
|
||||||
# Explanation of pam_unix options:
|
|
||||||
#
|
|
||||||
# The "sha512" option enables salted SHA512 passwords. Without this option,
|
|
||||||
# the default is Unix crypt. Prior releases used the option "md5".
|
|
||||||
#
|
|
||||||
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
|
|
||||||
# login.defs.
|
|
||||||
#
|
|
||||||
# See the pam_unix manpage for other options.
|
|
||||||
|
|
||||||
# here are the per-package modules (the "Primary" block)
|
|
||||||
|
|
||||||
################## Titanium Cloud Password Rules #######################
|
|
||||||
## Enforce a password containing atleast 1 lower case, 1 upper case, #
|
|
||||||
## 1 digit and 1 special character. Such a password will have a #
|
|
||||||
## minimum length of 7 characters. A user may not re-use the last most #
|
|
||||||
## recent password and every password must differ from its previous #
|
|
||||||
## one by atleast 3 characters #
|
|
||||||
## - Added enforce_for_root for pam_pwquality.so #
|
|
||||||
########################################################################
|
|
||||||
|
|
||||||
password required pam_pwquality.so try_first_pass retry=3 authtok_type= difok=3 minlen=7 lcredit=-1 ucredit=-1 ocredit=-1 dcredit=-1 enforce_for_root debug
|
|
||||||
password required pam_pwhistory.so use_authtok enforce_for_root remember=2 retry=3 debug
|
|
||||||
|
|
||||||
password sufficient pam_unix.so sha512 use_authtok debug
|
|
||||||
password [success=done authtok_err=die perm_denied=die default=ignore] pam_ldap.so use_authtok debug
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# If we got this far then its clearly a DENY
|
|
||||||
password requisite pam_deny.so
|
|
@ -1,21 +0,0 @@
|
|||||||
#
|
|
||||||
# /etc/pam.d/common-session - session-related modules common to all services
|
|
||||||
#
|
|
||||||
# This file is included from other service-specific PAM config files,
|
|
||||||
# and should contain a list of modules that define tasks to be performed
|
|
||||||
# at the start and end of sessions of *any* kind (both interactive and
|
|
||||||
# non-interactive).
|
|
||||||
#
|
|
||||||
|
|
||||||
# here are the per-package modules (the "Primary" block)
|
|
||||||
session [default=1] pam_permit.so
|
|
||||||
# here's the fallback if no module succeeds
|
|
||||||
session requisite pam_deny.so
|
|
||||||
# prime the stack with a positive return value if there isn't one already;
|
|
||||||
# this avoids us returning an error just because nothing sets a success code
|
|
||||||
# since the modules above will each just jump around
|
|
||||||
session required pam_permit.so
|
|
||||||
# and here are more per-package modules (the "Additional" block)
|
|
||||||
session [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
|
|
||||||
session [success=ok new_authtok_reqd=done default=bad] pam_ldap.so
|
|
||||||
session required pam_mkhomedir.so umask=0022 skel=/etc/skel
|
|
@ -1,20 +0,0 @@
|
|||||||
#
|
|
||||||
# /etc/pam.d/common-session-noninteractive - session-related modules
|
|
||||||
# common to all non-interactive services
|
|
||||||
#
|
|
||||||
# This file is included from other service-specific PAM config files,
|
|
||||||
# and should contain a list of modules that define tasks to be performed
|
|
||||||
# at the start and end of all non-interactive sessions.
|
|
||||||
#
|
|
||||||
|
|
||||||
# here are the per-package modules (the "Primary" block)
|
|
||||||
session [default=1] pam_permit.so
|
|
||||||
# here's the fallback if no module succeeds
|
|
||||||
session requisite pam_deny.so
|
|
||||||
# prime the stack with a positive return value if there isn't one already;
|
|
||||||
# this avoids us returning an error just because nothing sets a success code
|
|
||||||
# since the modules above will each just jump around
|
|
||||||
session required pam_permit.so
|
|
||||||
# and here are more per-package modules (the "Additional" block)
|
|
||||||
session [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
|
|
||||||
session [success=ok new_authtok_reqd=done default=bad] pam_ldap.so
|
|
@ -1,24 +0,0 @@
|
|||||||
# WRSM-1.0
|
|
||||||
|
|
||||||
auth include common-auth
|
|
||||||
account required pam_nologin.so
|
|
||||||
|
|
||||||
# SELinux needs to be the first session rule. This ensures that any
|
|
||||||
# lingering context has been cleared. Without out this it is possible
|
|
||||||
# that a module could execute code in the wrong domain.
|
|
||||||
# When the module is present, "required" would be sufficient (When SELinux
|
|
||||||
# is disabled, this returns success.)
|
|
||||||
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
|
|
||||||
|
|
||||||
account include common-account
|
|
||||||
password include common-password
|
|
||||||
session optional pam_keyinit.so force revoke
|
|
||||||
session include common-session
|
|
||||||
session required pam_loginuid.so
|
|
||||||
|
|
||||||
# SELinux needs to intervene at login time to ensure that the process
|
|
||||||
# starts in the proper default security context. Only sessions which are
|
|
||||||
# intended to run in the user's context should be run after this.
|
|
||||||
# When the module is present, "required" would be sufficient (When SELinux
|
|
||||||
# is disabled, this returns success.)
|
|
||||||
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
|
|
@ -1,31 +0,0 @@
|
|||||||
#%PAM-1.0
|
|
||||||
auth required pam_env.so
|
|
||||||
auth sufficient pam_unix.so nullok try_first_pass
|
|
||||||
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
|
|
||||||
auth required pam_deny.so
|
|
||||||
|
|
||||||
account required pam_unix.so
|
|
||||||
account sufficient pam_localuser.so
|
|
||||||
account sufficient pam_succeed_if.so uid < 1000 quiet
|
|
||||||
account required pam_permit.so
|
|
||||||
|
|
||||||
################# StarlingX Cloud Password Rules #######################
|
|
||||||
# Enforce a password containing atleast 1 lower case, 1 upper case, #
|
|
||||||
# 1 digit and 1 special character. Such a password will have a #
|
|
||||||
# minimum length of 7 characters. A user may not re-use the last most #
|
|
||||||
# recent password and every password must differ from its previous #
|
|
||||||
# one by atleast 3 characters #
|
|
||||||
# - Added enforce_for_root for pam_pwquality.so #
|
|
||||||
#######################################################################
|
|
||||||
|
|
||||||
password requisite pam_pwquality.so try_first_pass retry=3 authtok_type= difok=3 minlen=7 lcredit=-1 ucredit=-1 ocredit=-1 dcredit=-1 enforce_for_root debug
|
|
||||||
password requisite pam_pwhistory.so use_authtok enforce_for_root remember=2
|
|
||||||
|
|
||||||
password [success=2 default=ignore] pam_unix.so sha512 shadow nullok try_first_pass use_authtok
|
|
||||||
password [success=1 default=ignore] pam_ldap.so use_authtok
|
|
||||||
|
|
||||||
session optional pam_keyinit.so revoke
|
|
||||||
session required pam_limits.so
|
|
||||||
-session optional pam_systemd.so
|
|
||||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
|
||||||
session required pam_unix.so
|
|
@ -1,2 +0,0 @@
|
|||||||
SRC_DIR="files"
|
|
||||||
TIS_PATCH_VER=1
|
|
@ -1,39 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: rsync-config
|
|
||||||
Name: rsync-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
BuildArch: noarch
|
|
||||||
Source: %name-%version.tar.gz
|
|
||||||
|
|
||||||
Requires: rsync
|
|
||||||
Summary: package StarlingX configuration files of rsync to system folder.
|
|
||||||
|
|
||||||
%description
|
|
||||||
package StarlingX configuration files of rsync to system folder.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
%install
|
|
||||||
%{__install} -d %{buildroot}%{_datadir}/starlingx/
|
|
||||||
%{__install} -m 644 rsyncd.conf %{buildroot}%{_datadir}/starlingx/stx.rsyncd.conf
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
# Initial installation
|
|
||||||
cp -f %{_datadir}/starlingx/stx.rsyncd.conf %{_sysconfdir}/rsyncd.conf
|
|
||||||
fi
|
|
||||||
|
|
||||||
%files
|
|
||||||
%{_datadir}/starlingx/stx.rsyncd.conf
|
|
@ -1,57 +0,0 @@
|
|||||||
# /etc/rsyncd.conf
|
|
||||||
|
|
||||||
# Configuration file for rsync daemon
|
|
||||||
# See rsync(1) and rsyncd.conf(5) man pages for help
|
|
||||||
|
|
||||||
# This file is required by rsync --daemon
|
|
||||||
pid file = /var/run/rsyncd.pid
|
|
||||||
use chroot = yes
|
|
||||||
read only = yes
|
|
||||||
|
|
||||||
# Simple example for enabling your own local rsync server
|
|
||||||
#[everything]
|
|
||||||
# path = /
|
|
||||||
# comment = Everything except /etc exposed
|
|
||||||
# exclude = /etc
|
|
||||||
|
|
||||||
[patching]
|
|
||||||
path = /opt/patching
|
|
||||||
comment = Patching filesystem
|
|
||||||
uid = root
|
|
||||||
read only = no
|
|
||||||
|
|
||||||
[repo]
|
|
||||||
path = /www/pages/updates
|
|
||||||
comment = Patching repo
|
|
||||||
uid = root
|
|
||||||
read only = no
|
|
||||||
|
|
||||||
[platform]
|
|
||||||
path = /etc/platform
|
|
||||||
comment = Platform configuration
|
|
||||||
uid = root
|
|
||||||
read only = no
|
|
||||||
|
|
||||||
[certificate]
|
|
||||||
path = /etc/ssl/private
|
|
||||||
comment = SSL certificate
|
|
||||||
uid = root
|
|
||||||
read only = no
|
|
||||||
|
|
||||||
[instances]
|
|
||||||
path = /etc/nova/instances
|
|
||||||
comment = Nova instances data
|
|
||||||
uid = root
|
|
||||||
read only = no
|
|
||||||
|
|
||||||
[cacert]
|
|
||||||
path = /etc/ssl/certs
|
|
||||||
comment = SSL ca certificate
|
|
||||||
uid = root
|
|
||||||
read only = no
|
|
||||||
|
|
||||||
[helm_charts]
|
|
||||||
path = /www/pages/helm_charts
|
|
||||||
comment = Helm chart repo
|
|
||||||
uid = root
|
|
||||||
read only = no
|
|
@ -1,2 +0,0 @@
|
|||||||
COPY_LIST="files/*"
|
|
||||||
TIS_PATCH_VER=0
|
|
@ -1,55 +0,0 @@
|
|||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# Copyright (C) 2019 Intel Corporation
|
|
||||||
#
|
|
||||||
Summary: StarlingX shadow-utils Configuration File
|
|
||||||
Name: shadow-utils-config
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: config-files
|
|
||||||
Packager: StarlingX
|
|
||||||
URL: unknown
|
|
||||||
|
|
||||||
Source0: LICENSE
|
|
||||||
Source1: login.defs
|
|
||||||
Source2: clear_shadow_locks.service
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
# systemd provides %{_unitdir}
|
|
||||||
BuildRequires: systemd
|
|
||||||
Requires: setup
|
|
||||||
Requires: shadow-utils
|
|
||||||
|
|
||||||
%define debug_package %{nil}
|
|
||||||
|
|
||||||
%description
|
|
||||||
StarlingX shadow-utils configuration file
|
|
||||||
|
|
||||||
%install
|
|
||||||
install -d %{buildroot}%{_sysconfdir}
|
|
||||||
install -d %{buildroot}%{_datadir}/starlingx
|
|
||||||
install -D -m644 %{SOURCE1} %{buildroot}%{_datadir}/starlingx/login.defs
|
|
||||||
|
|
||||||
install -d -m 755 %{buildroot}%{_sysconfdir}/init.d
|
|
||||||
install -D -m644 %{SOURCE2} %{buildroot}%{_unitdir}/clear_shadow_locks.service
|
|
||||||
|
|
||||||
%post
|
|
||||||
if [ $1 -eq 1 ] ; then
|
|
||||||
cp -f %{_datadir}/starlingx/login.defs %{_sysconfdir}/
|
|
||||||
chmod 644 %{_sysconfdir}/login.defs
|
|
||||||
fi
|
|
||||||
%systemd_post clear_shadow_locks.service
|
|
||||||
|
|
||||||
%preun
|
|
||||||
%systemd_preun clear_shadow_locks.service
|
|
||||||
|
|
||||||
%postun
|
|
||||||
%systemd_postun_with_restart clear_shadow_locks.service
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root)
|
|
||||||
%license ../SOURCES/LICENSE
|
|
||||||
%{_unitdir}/clear_shadow_locks.service
|
|
||||||
%{_datadir}/starlingx/login.defs
|
|
@ -1,202 +0,0 @@
|
|||||||
|
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
@ -1,11 +0,0 @@
|
|||||||
[Unit]
|
|
||||||
Description=Remove stale shadow lockfiles
|
|
||||||
After=local-fs.target systemd-tmpfiles-setup.service
|
|
||||||
Before=sysinit.target shutdown.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
ExecStart=/usr/bin/rm -f /etc/gshadow.lock /etc/shadow.lock /etc/passwd.lock /etc/group.lock
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,386 +0,0 @@
|
|||||||
#
|
|
||||||
# /etc/login.defs - Configuration control definitions for the shadow package.
|
|
||||||
#
|
|
||||||
# $Id: login.defs 3038 2009-07-23 20:41:35Z nekral-guest $
|
|
||||||
#
|
|
||||||
|
|
||||||
#
|
|
||||||
# Delay in seconds before being allowed another attempt after a login failure
|
|
||||||
# Note: When PAM is used, some modules may enfore a minimal delay (e.g.
|
|
||||||
# pam_unix enforces a 2s delay)
|
|
||||||
#
|
|
||||||
FAIL_DELAY 3
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable logging and display of /var/log/faillog login failure info.
|
|
||||||
#
|
|
||||||
#FAILLOG_ENAB yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable display of unknown usernames when login failures are recorded.
|
|
||||||
#
|
|
||||||
LOG_UNKFAIL_ENAB no
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable logging of successful logins
|
|
||||||
#
|
|
||||||
LOG_OK_LOGINS no
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable logging and display of /var/log/lastlog login time info.
|
|
||||||
#
|
|
||||||
#LASTLOG_ENAB yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable checking and display of mailbox status upon login.
|
|
||||||
#
|
|
||||||
# Disable if the shell startup files already check for mail
|
|
||||||
# ("mailx -e" or equivalent).
|
|
||||||
#
|
|
||||||
#MAIL_CHECK_ENAB yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable additional checks upon password changes.
|
|
||||||
#
|
|
||||||
#OBSCURE_CHECKS_ENAB yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable checking of time restrictions specified in /etc/porttime.
|
|
||||||
#
|
|
||||||
#PORTTIME_CHECKS_ENAB yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable setting of ulimit, umask, and niceness from passwd gecos field.
|
|
||||||
#
|
|
||||||
#QUOTAS_ENAB yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable "syslog" logging of su activity - in addition to sulog file logging.
|
|
||||||
# SYSLOG_SG_ENAB does the same for newgrp and sg.
|
|
||||||
#
|
|
||||||
SYSLOG_SU_ENAB yes
|
|
||||||
SYSLOG_SG_ENAB yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, either full pathname of a file containing device names or
|
|
||||||
# a ":" delimited list of device names. Root logins will be allowed only
|
|
||||||
# upon these devices.
|
|
||||||
#
|
|
||||||
CONSOLE /etc/securetty
|
|
||||||
#CONSOLE console:tty01:tty02:tty03:tty04
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, all su activity is logged to this file.
|
|
||||||
#
|
|
||||||
#SULOG_FILE /var/log/sulog
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, ":" delimited list of "message of the day" files to
|
|
||||||
# be displayed upon login.
|
|
||||||
#
|
|
||||||
#MOTD_FILE /etc/motd
|
|
||||||
#MOTD_FILE /etc/motd:/usr/lib/news/news-motd
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, this file will be output before each login prompt.
|
|
||||||
#
|
|
||||||
#ISSUE_FILE /etc/issue
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, file which maps tty line to TERM environment parameter.
|
|
||||||
# Each line of the file is in a format something like "vt100 tty01".
|
|
||||||
#
|
|
||||||
#TTYTYPE_FILE /etc/ttytype
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, login failures will be logged here in a utmp format.
|
|
||||||
# last, when invoked as lastb, will read /var/log/btmp, so...
|
|
||||||
#
|
|
||||||
#FTMP_FILE /var/log/btmp
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, name of file whose presence which will inhibit non-root
|
|
||||||
# logins. The contents of this file should be a message indicating
|
|
||||||
# why logins are inhibited.
|
|
||||||
#
|
|
||||||
#NOLOGINS_FILE /etc/nologin
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, the command name to display when running "su -". For
|
|
||||||
# example, if this is defined as "su" then a "ps" will display the
|
|
||||||
# command is "-su". If not defined, then "ps" would display the
|
|
||||||
# name of the shell actually being run, e.g. something like "-sh".
|
|
||||||
#
|
|
||||||
SU_NAME su
|
|
||||||
|
|
||||||
#
|
|
||||||
# *REQUIRED*
|
|
||||||
# Directory where mailboxes reside, _or_ name of file, relative to the
|
|
||||||
# home directory. If you _do_ define both, #MAIL_DIR takes precedence.
|
|
||||||
#
|
|
||||||
#MAIL_DIR /var/spool/mail
|
|
||||||
MAIL_FILE .mail
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, file which inhibits all the usual chatter during the login
|
|
||||||
# sequence. If a full pathname, then hushed mode will be enabled if the
|
|
||||||
# user's name or shell are found in the file. If not a full pathname, then
|
|
||||||
# hushed mode will be enabled if the file exists in the user's home directory.
|
|
||||||
#
|
|
||||||
HUSHLOGIN_FILE .hushlogin
|
|
||||||
#HUSHLOGIN_FILE /etc/hushlogins
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, either a TZ environment parameter spec or the
|
|
||||||
# fully-rooted pathname of a file containing such a spec.
|
|
||||||
#
|
|
||||||
#ENV_TZ TZ=CST6CDT
|
|
||||||
#ENV_TZ /etc/tzname
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, an HZ environment parameter spec.
|
|
||||||
#
|
|
||||||
# for Linux/x86
|
|
||||||
#ENV_HZ HZ=100
|
|
||||||
# For Linux/Alpha...
|
|
||||||
#ENV_HZ HZ=1024
|
|
||||||
|
|
||||||
#
|
|
||||||
# *REQUIRED* The default PATH settings, for superuser and normal users.
|
|
||||||
#
|
|
||||||
# (they are minimal, add the rest in the shell startup files)
|
|
||||||
ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
|
|
||||||
ENV_PATH PATH=/bin:/usr/bin
|
|
||||||
|
|
||||||
#
|
|
||||||
# Terminal permissions
|
|
||||||
#
|
|
||||||
# TTYGROUP Login tty will be assigned this group ownership.
|
|
||||||
# TTYPERM Login tty will be set to this permission.
|
|
||||||
#
|
|
||||||
# If you have a "write" program which is "setgid" to a special group
|
|
||||||
# which owns the terminals, define TTYGROUP to the group number and
|
|
||||||
# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
|
|
||||||
# TTYPERM to either 622 or 600.
|
|
||||||
#
|
|
||||||
TTYGROUP tty
|
|
||||||
TTYPERM 0600
|
|
||||||
|
|
||||||
#
|
|
||||||
# Login configuration initializations:
|
|
||||||
#
|
|
||||||
# ERASECHAR Terminal ERASE character ('\010' = backspace).
|
|
||||||
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
|
|
||||||
# ULIMIT Default "ulimit" value.
|
|
||||||
#
|
|
||||||
# The ERASECHAR and KILLCHAR are used only on System V machines.
|
|
||||||
# The ULIMIT is used only if the system supports it.
|
|
||||||
# (now it works with setrlimit too; ulimit is in 512-byte units)
|
|
||||||
#
|
|
||||||
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
|
|
||||||
#
|
|
||||||
ERASECHAR 0177
|
|
||||||
KILLCHAR 025
|
|
||||||
#ULIMIT 2097152
|
|
||||||
|
|
||||||
# Default initial "umask" value for non-PAM enabled systems.
|
|
||||||
# UMASK is also used by useradd and newusers to set the mode of new home
|
|
||||||
# directories.
|
|
||||||
# 022 is the default value, but 027, or even 077, could be considered
|
|
||||||
# better for privacy. There is no One True Answer here: each sysadmin
|
|
||||||
# must make up her mind.
|
|
||||||
UMASK 022
|
|
||||||
|
|
||||||
#
|
|
||||||
# Password aging controls:
|
|
||||||
#
|
|
||||||
# PASS_MAX_DAYS Maximum number of days a password may be used.
|
|
||||||
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
|
|
||||||
# PASS_MIN_LEN Minimum acceptable password length.
|
|
||||||
# PASS_WARN_AGE Number of days warning given before a password expires.
|
|
||||||
#
|
|
||||||
PASS_MAX_DAYS 99999
|
|
||||||
PASS_MIN_DAYS 0
|
|
||||||
#PASS_MIN_LEN 5
|
|
||||||
PASS_WARN_AGE 7
|
|
||||||
|
|
||||||
#
|
|
||||||
# If "yes", the user must be listed as a member of the first gid 0 group
|
|
||||||
# in /etc/group (called "root" on most Linux systems) to be able to "su"
|
|
||||||
# to uid 0 accounts. If the group doesn't exist or is empty, no one
|
|
||||||
# will be able to "su" to uid 0.
|
|
||||||
#
|
|
||||||
#SU_WHEEL_ONLY no
|
|
||||||
|
|
||||||
#
|
|
||||||
# If compiled with cracklib support, where are the dictionaries
|
|
||||||
#
|
|
||||||
#CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict
|
|
||||||
|
|
||||||
#
|
|
||||||
# Min/max values for automatic uid selection in useradd
|
|
||||||
#
|
|
||||||
UID_MIN 1000
|
|
||||||
UID_MAX 60000
|
|
||||||
# System accounts
|
|
||||||
SYS_UID_MIN 101
|
|
||||||
SYS_UID_MAX 999
|
|
||||||
|
|
||||||
#
|
|
||||||
# Min/max values for automatic gid selection in groupadd
|
|
||||||
#
|
|
||||||
GID_MIN 1000
|
|
||||||
GID_MAX 60000
|
|
||||||
# System accounts
|
|
||||||
SYS_GID_MIN 101
|
|
||||||
SYS_GID_MAX 999
|
|
||||||
|
|
||||||
#
|
|
||||||
# Max number of login retries if password is bad
|
|
||||||
#
|
|
||||||
LOGIN_RETRIES 5
|
|
||||||
|
|
||||||
#
|
|
||||||
# Max time in seconds for login
|
|
||||||
#
|
|
||||||
LOGIN_TIMEOUT 60
|
|
||||||
|
|
||||||
#
|
|
||||||
# Maximum number of attempts to change password if rejected (too easy)
|
|
||||||
#
|
|
||||||
#PASS_CHANGE_TRIES 5
|
|
||||||
|
|
||||||
#
|
|
||||||
# Warn about weak passwords (but still allow them) if you are root.
|
|
||||||
#
|
|
||||||
#PASS_ALWAYS_WARN yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# Number of significant characters in the password for crypt().
|
|
||||||
# Default is 8, don't change unless your crypt() is better.
|
|
||||||
# Ignored if MD5_CRYPT_ENAB set to "yes".
|
|
||||||
#
|
|
||||||
#PASS_MAX_LEN 8
|
|
||||||
|
|
||||||
#
|
|
||||||
# Require password before chfn/chsh can make any changes.
|
|
||||||
#
|
|
||||||
#CHFN_AUTH yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# Which fields may be changed by regular users using chfn - use
|
|
||||||
# any combination of letters "frwh" (full name, room number, work
|
|
||||||
# phone, home phone). If not defined, no changes are allowed.
|
|
||||||
# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
|
|
||||||
#
|
|
||||||
CHFN_RESTRICT rwh
|
|
||||||
|
|
||||||
#
|
|
||||||
# Password prompt (%s will be replaced by user name).
|
|
||||||
#
|
|
||||||
# XXX - it doesn't work correctly yet, for now leave it commented out
|
|
||||||
# to use the default which is just "Password: ".
|
|
||||||
#LOGIN_STRING "%s's Password: "
|
|
||||||
|
|
||||||
#
|
|
||||||
# Only works if compiled with MD5_CRYPT defined:
|
|
||||||
# If set to "yes", new passwords will be encrypted using the MD5-based
|
|
||||||
# algorithm compatible with the one used by recent releases of FreeBSD.
|
|
||||||
# It supports passwords of unlimited length and longer salt strings.
|
|
||||||
# Set to "no" if you need to copy encrypted passwords to other systems
|
|
||||||
# which don't understand the new algorithm. Default is "no".
|
|
||||||
#
|
|
||||||
# Note: If you use PAM, it is recommended to use a value consistent with
|
|
||||||
# the PAM modules configuration.
|
|
||||||
#
|
|
||||||
# This variable is deprecated. You should use ENCRYPT_METHOD.
|
|
||||||
#
|
|
||||||
#MD5_CRYPT_ENAB no
|
|
||||||
|
|
||||||
#
|
|
||||||
# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
|
|
||||||
# If set to MD5 , MD5-based algorithm will be used for encrypting password
|
|
||||||
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
|
|
||||||
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
|
|
||||||
# If set to DES, DES-based algorithm will be used for encrypting password (default)
|
|
||||||
# Overrides the MD5_CRYPT_ENAB option
|
|
||||||
#
|
|
||||||
# Note: If you use PAM, it is recommended to use a value consistent with
|
|
||||||
# the PAM modules configuration.
|
|
||||||
#
|
|
||||||
#ENCRYPT_METHOD DES
|
|
||||||
|
|
||||||
#
|
|
||||||
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
|
|
||||||
#
|
|
||||||
# Define the number of SHA rounds.
|
|
||||||
# With a lot of rounds, it is more difficult to brute forcing the password.
|
|
||||||
# But note also that it more CPU resources will be needed to authenticate
|
|
||||||
# users.
|
|
||||||
#
|
|
||||||
# If not specified, the libc will choose the default number of rounds (5000).
|
|
||||||
# The values must be inside the 1000-999999999 range.
|
|
||||||
# If only one of the MIN or MAX values is set, then this value will be used.
|
|
||||||
# If MIN > MAX, the highest value will be used.
|
|
||||||
#
|
|
||||||
# SHA_CRYPT_MIN_ROUNDS 5000
|
|
||||||
# SHA_CRYPT_MAX_ROUNDS 5000
|
|
||||||
|
|
||||||
#
|
|
||||||
# List of groups to add to the user's supplementary group set
|
|
||||||
# when logging in on the console (as determined by the CONSOLE
|
|
||||||
# setting). Default is none.
|
|
||||||
#
|
|
||||||
# Use with caution - it is possible for users to gain permanent
|
|
||||||
# access to these groups, even when not logged in on the console.
|
|
||||||
# How to do it is left as an exercise for the reader...
|
|
||||||
#
|
|
||||||
#CONSOLE_GROUPS floppy:audio:cdrom
|
|
||||||
|
|
||||||
#
|
|
||||||
# Should login be allowed if we can't cd to the home directory?
|
|
||||||
# Default in no.
|
|
||||||
#
|
|
||||||
DEFAULT_HOME yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# If this file exists and is readable, login environment will be
|
|
||||||
# read from it. Every line should be in the form name=value.
|
|
||||||
#
|
|
||||||
#ENVIRON_FILE /etc/environment
|
|
||||||
|
|
||||||
#
|
|
||||||
# If defined, this command is run when removing a user.
|
|
||||||
# It should remove any at/cron/print jobs etc. owned by
|
|
||||||
# the user to be removed (passed as the first argument).
|
|
||||||
#
|
|
||||||
#USERDEL_CMD /usr/sbin/userdel_local
|
|
||||||
|
|
||||||
#
|
|
||||||
# Enable setting of the umask group bits to be the same as owner bits
|
|
||||||
# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
|
|
||||||
# the same as gid, and username is the same as the primary group name.
|
|
||||||
#
|
|
||||||
# This also enables userdel to remove user groups if no members exist.
|
|
||||||
#
|
|
||||||
USERGROUPS_ENAB yes
|
|
||||||
|
|
||||||
#
|
|
||||||
# If set to a non-nul number, the shadow utilities will make sure that
|
|
||||||
# groups never have more than this number of users on one line.
|
|
||||||
# This permit to support split groups (groups split into multiple lines,
|
|
||||||
# with the same group ID, to avoid limitation of the line length in the
|
|
||||||
# group file).
|
|
||||||
#
|
|
||||||
# 0 is the default value and disables this feature.
|
|
||||||
#
|
|
||||||
#MAX_MEMBERS_PER_GROUP 0
|
|
||||||
|
|
||||||
#
|
|
||||||
# If useradd should create home directories for users by default (non
|
|
||||||
# system users only)
|
|
||||||
# This option is overridden with the -M or -m flags on the useradd command
|
|
||||||
# line.
|
|
||||||
#
|
|
||||||
CREATE_HOME yes
|
|
||||||
|
|
@ -1,2 +0,0 @@
|
|||||||
COPY_LIST="files/*"
|
|
||||||
TIS_PATCH_VER=1
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user