diff options
-rw-r--r-- | COPYING | 4 | ||||
-rw-r--r-- | Makefile | 23 | ||||
-rw-r--r-- | aliases | 96 | ||||
-rw-r--r-- | bashrc | 83 | ||||
-rw-r--r-- | csh.cshrc | 72 | ||||
-rw-r--r-- | csh.login | 32 | ||||
-rw-r--r-- | exports | 0 | ||||
-rw-r--r-- | filesystems | 8 | ||||
-rw-r--r-- | group | 156 | ||||
-rw-r--r-- | host.conf | 2 | ||||
-rw-r--r-- | hosts | 2 | ||||
-rw-r--r-- | hosts.allow | 10 | ||||
-rw-r--r-- | hosts.deny | 13 | ||||
-rw-r--r-- | inputrc | 42 | ||||
-rw-r--r-- | motd | 0 | ||||
-rw-r--r-- | packaging/0001-Prevent-marking-shadow-at-passwd-group.patch | 26 | ||||
-rw-r--r-- | packaging/setup.changes | 84 | ||||
-rw-r--r-- | packaging/setup.spec | 123 | ||||
-rw-r--r-- | passwd | 34 | ||||
-rw-r--r-- | printcap | 7 | ||||
-rw-r--r-- | profile | 15 | ||||
-rw-r--r-- | protocols | 148 | ||||
-rw-r--r-- | securetty | 10 | ||||
-rw-r--r-- | services | 507 | ||||
-rwxr-xr-x | serviceslint | 119 | ||||
-rw-r--r-- | setup.spec | 760 | ||||
-rwxr-xr-x | shadowconvert.sh | 18 | ||||
-rw-r--r-- | shells | 3 | ||||
-rw-r--r-- | uidgid | 123 | ||||
-rwxr-xr-x | uidgidlint | 24 |
30 files changed, 2544 insertions, 0 deletions
@@ -0,0 +1,4 @@ +Setup package is public domain. + +You are free to use, copy, distribute or modify included files +without restrictions. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..8b6861b --- /dev/null +++ b/Makefile @@ -0,0 +1,23 @@ +NAME=setup +VERSION := $(shell awk '/Version:/ { print $$2 }' $(NAME).spec) +TAG=$(NAME)-$(VERSION) + + +check: + @echo Sanity checking selected files.... + bash -n bashrc + bash -n profile + ./uidgidlint ./uidgid + ./serviceslint ./services + +tag-archive: check + @git tag -a -m "Tag as $(TAG)" -f $(TAG) + +create-archive: + @git-archive --format=tar --prefix=$(NAME)-$(VERSION)/ HEAD | bzip2 > $(NAME)-$(VERSION).tar.bz2 + @echo "The archive is at $(NAME)-$(VERSION).tar.bz2" + +archive: tag-archive create-archive + +clean: + rm -f *.bz2 @@ -0,0 +1,96 @@ +# +# Aliases in this file will NOT be expanded in the header from +# Mail, but WILL be visible over networks or from /bin/mail. +# +# >>>>>>>>>> The program "newaliases" must be run after +# >> NOTE >> this file is updated for any changes to +# >>>>>>>>>> show through to sendmail. +# + +# Basic system aliases -- these MUST be present. +mailer-daemon: postmaster +postmaster: root + +# General redirections for pseudo accounts. +bin: root +daemon: root +adm: root +lp: root +sync: root +shutdown: root +halt: root +mail: root +news: root +uucp: root +operator: root +games: root +gopher: root +ftp: root +nobody: root +radiusd: root +nut: root +dbus: root +vcsa: root +canna: root +wnn: root +rpm: root +nscd: root +pcap: root +apache: root +webalizer: root +dovecot: root +fax: root +quagga: root +radvd: root +pvm: root +amanda: root +privoxy: root +ident: root +named: root +xfs: root +gdm: root +mailnull: root +postgres: root +sshd: root +smmsp: root +postfix: root +netdump: root +ldap: root +squid: root +ntp: root +mysql: root +desktop: root +rpcuser: root +rpc: root +nfsnobody: root + +ingres: root +system: root +toor: root +manager: root +dumper: root +abuse: root + +newsadm: news +newsadmin: news +usenet: news +ftpadm: ftp +ftpadmin: ftp +ftp-adm: ftp +ftp-admin: ftp +www: webmaster +webmaster: root +noc: root +security: root +hostmaster: root +info: postmaster +marketing: postmaster +sales: postmaster +support: postmaster + + +# trap decode to catch security attacks +decode: root + +# Person who should get root's mail +#root: marc @@ -0,0 +1,83 @@ +# /etc/bashrc + +# System wide functions and aliases +# Environment stuff goes in /etc/profile + +# It's NOT good idea to change this file unless you know what you +# are doing. Much better way is to create custom.sh shell script in +# /etc/profile.d/ to make custom changes to environment. This will +# prevent need for merging in future updates. + +# By default, we want this to get set. +# Even for non-interactive, non-login shells. +# Current threshold for system reserved uid/gids is 200 +# You could check uidgid reservation validity in +# /usr/share/doc/setup-*/uidgid file +if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then + umask 002 +else + umask 022 +fi + +# are we an interactive shell? +if [ "$PS1" ]; then + case $TERM in + xterm*) + if [ -e /etc/sysconfig/bash-prompt-xterm ]; then + PROMPT_COMMAND=/etc/sysconfig/bash-prompt-xterm + else + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}"; echo -ne "\007"' + fi + ;; + screen) + if [ -e /etc/sysconfig/bash-prompt-screen ]; then + PROMPT_COMMAND=/etc/sysconfig/bash-prompt-screen + else + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}"; echo -ne "\033\\"' + fi + ;; + *) + [ -e /etc/sysconfig/bash-prompt-default ] && PROMPT_COMMAND=/etc/sysconfig/bash-prompt-default + ;; + esac + # Turn on checkwinsize + shopt -s checkwinsize + [ "$PS1" = "\\s-\\v\\\$ " ] && PS1="[\u@\h \W]\\$ " + # You might want to have e.g. tty in prompt (e.g. more virtual machines) + # and console windows + # If you want to do so, just add e.g. + # if [ "$PS1" ]; then + # PS1="[\u@\h:\l \W]\\$ " + # fi + # to your custom modification shell script in /etc/profile.d/ directory +fi + +if ! shopt -q login_shell ; then # We're not a login shell + # Need to redefine pathmunge, it get's undefined at the end of /etc/profile + # Ok to use faster bashism here as /etc/bashrc is used only by bash + pathmunge () { + if [[ ! "$PATH" =~ "(^|:)$1(:|$)" ]];then + if [ "$2" = "after" ] ; then + PATH=$PATH:$1 + else + PATH=$1:$PATH + fi + fi + } + + # Only display echos from profile.d scripts if we are no login shell + # and interactive - otherwise just process them to set envvars + for i in /etc/profile.d/*.sh; do + if [ -r "$i" ]; then + if [ "$PS1" ]; then + . $i + else + . $i >/dev/null 2>&1 + fi + fi + done + + unset i + unset pathmunge +fi +# vim:ts=4:sw=4 diff --git a/csh.cshrc b/csh.cshrc new file mode 100644 index 0000000..af6843e --- /dev/null +++ b/csh.cshrc @@ -0,0 +1,72 @@ +# /etc/cshrc +# +# csh configuration for all shell invocations. + +# By default, we want this to get set. +# Even for non-interactive, non-login shells. +# Current threshold for system reserved uid/gids is 200 +# You could check uidgid reservation validity in +# /usr/share/doc/setup-*/uidgid file +if ($uid > 199 && "`id -gn`" == "`id -un`") then + umask 002 +else + umask 022 +endif + +if ($?prompt) then + if ($?tcsh) then + set promptchars='$#' + set prompt='[%n@%m %c]%# ' + # make completion work better by default + set autolist + else + set prompt=\[$user@`hostname -s`\]\$\ + endif +endif + +if ( $?tcsh ) then + bindkey "^[[3~" delete-char +endif + +bindkey "^R" i-search-back +set echo_style = both +set histdup = erase +set savehist = (1024 merge) + +if ($?prompt) then + if ($?TERM) then + switch($TERM) + case xterm*: + if ($?tcsh) then + set prompt='%{\033]0;%n@%m:%c\007%}[%n@%m %c]%# ' + endif + breaksw + case screen: + if ($?tcsh) then + set prompt='%{\033_%n@%m:%c\033\\%}[%n@%m %c]%# ' + endif + breaksw + default: + breaksw + endsw + endif +endif + +setenv MAIL "/var/spool/mail/$USER" + +# Check if we aren't a loginshell and do stuff if we aren't +if (! $?loginsh) then + if ( -d /etc/profile.d ) then + set nonomatch + foreach i ( /etc/profile.d/*.csh ) + if ( -r $i ) then + if ($?prompt) then + source $i + else + source $i >&/dev/null + endif + endif + end + unset i nonomatch + endif +endif diff --git a/csh.login b/csh.login new file mode 100644 index 0000000..a1d6df9 --- /dev/null +++ b/csh.login @@ -0,0 +1,32 @@ +# /etc/csh.login + +# System wide environment and startup programs, for login setup + +if ($?PATH) then + if ( "${path}" !~ */usr/X11R6/bin* ) then + setenv PATH "${PATH}:/usr/X11R6/bin" + endif +else + if ( $uid == 0 ) then + setenv PATH "/sbin:/usr/sbin:/usr/local/sbin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin" + else + setenv PATH "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin:/usr/X11R6/bin" + endif +endif + +setenv HOSTNAME `/bin/hostname` +set history=1000 + +if ( -d /etc/profile.d ) then + set nonomatch + foreach i ( /etc/profile.d/*.csh ) + if ( -r $i ) then + if ($?prompt) then + source $i + else + source $i >& /dev/null + endif + endif + end + unset i nonomatch +endif diff --git a/filesystems b/filesystems new file mode 100644 index 0000000..e31fe90 --- /dev/null +++ b/filesystems @@ -0,0 +1,8 @@ +ext3 +ext2 +nodev proc +nodev devpts +iso9660 +vfat +hfs +hfsplus @@ -0,0 +1,156 @@ +root:*:0: +daemon:*:1: +bin:*:2: +sys:*:3: +adm:*:4: +tty:*:5: +disk:*:6: +lp:*:7: +mail:*:8: +news:*:9: +uucp:*:10: +man:*:12: +proxy:*:13: +kmem:*:15: +dialout:*:20:app +fax:*:21: +voice:*:22: +cdrom:*:24: +floppy:*:25: +tape:*:26: +sudo:*:27: +audio:*:29:root,app,pulse,media +dip:*:30: +www-data:*:33: +backup:*:34: +operator:*:37: +list:*:38: +irc:*:39: +src:*:40: +gnats:*:41: +shadow:*:42: +utmp:*:43: +video:*:44:app,media +sasl:*:45: +plugdev:*:46: +staff:*:50: +games:*:60: +dbus:*:81: +users:*:100: +nogroup:*:65534: +app:x:5000: +developer:x:5100: +db_alarm:x:6001:app +db_browser:x:6002:app +db_calendar:x:6003:app +db_cc_list:x:6004:app +db_contact:x:6005:app +db_email_service:x:6006:app +db_java_runtime:x:6007:app +db_logs:x:6008:app +db_memo:x:6009:app +db_menu:x:6010:app +db_msg_service:x:6011:app +db_mtp:x:6012:app +db_spkmgr:x:6013:app +db_t9buffer:x:6014:app +db_worldclock:x:6015:app +db_sns:x:6016:app +db_filemanager:x:6017:app +db_daily_briefing:x:6018:app +db_always:x:6019:app +db_media_browser:x:6020:app +db_music:x:6021:app +db_drm:x:6022:app +db_lbs_landmark:x:6023:app +db_comm:x:6024:app +db_quickpanel:x:6025:app +db_wrt:x:6026:app +camera:x:6501:app,media +message:x:6502:app +myfiles:x:6503:app +admin:x:6504: +pulse:x:6507: +pulse-access:x:6505:root,app,media +pulse-rt:x:6506:root,app,media +app_logging:x:6509:app,media,developer +sys_logging:x:6527:app,media +hwcodec:x:6510:app,media +recording:x:6508:app,pulse,media +java:x:6511:app +radio:x:6512:app +installer:x:6513:app +nfc-manager:x:6517:app +use_cert:x:6524:app +usb_device:x:6525:app +keytone:x:6526:app +video_tel:x:6528:app +vconf_setting:x:6514:app +vconf_hib:x:6515:app +vconf_seven:x:6516:app +vconf_sndprof:x:6518:app +vconf_wifi:x:6519:app +vconf_bt:x:6520:app +vconf_callstate:x:6521:app +vconf_idlelock:x:6522:app +vconf_sync:x:6523:app +ss_drmkey:x:6601:app +ss_ssaccount:x:6602:app +ss_activesync:x:6603:app +ss_privatekey:x:6604:app +system_time:x:6701:app +system_bklight:x:6702:app +system_torch:x:6703:app +lbs:x:6801:app,system +alarm:x:6802:app +dnet_use:x:6803:app +dnet_setting:x:6804:app +tel_call:x:6805:app +tel_call_info:x:6806:app +tel_msg:x:6807:app +tel_msg_info:x:6808:app +tel_net:x:6809:app +tel_net_info:x:6810:app +tel_gprs:x:6811:app +tel_gprs_info:x:6812:app +tel_sim:x:6813:app +tel_sim_info:x:6814:app +tel_sap:x:6815:app +tel_ss:x:6816:app +tel_ss_info:x:6817:app +tel_sat:x:6826:app +task_mgr:x:6818:app +power_mgr:x:6819:app +permanent:x:6820:app +oom_adj:x:6821:app +soundpath:x:6822:app +asm:x:6823:app +message_sync:x:6824:app +message_lbs:x:6825:app +bt_use:x:6827:app,pulse,system +crash:x:6828:app,system,media,developer,pulse +system:x:1000: +bluetooth:x:1002: +graphics:x:1003: +input:x:1004:developer +log:x:1007: +compass:x:1008: +mount:x:1009: +wifi:x:1010: +adb:x:1011: +install:x:1012: +media:x:1013: +dhcp:x:1014: +sdcard_rw:x:1015: +vpn:x:1016: +keystore:x:1017: +shell:x:2000: +cache:x:2001: +diag:x:2002: +net_bt_admin:x:3001: +net_bt:x:3002: +inet:x:3003: +net_raw:x:3004: +net_admin:x:3005: +misc:x:9998: +systemd-journal:x:190: diff --git a/host.conf b/host.conf new file mode 100644 index 0000000..6cdfa5b --- /dev/null +++ b/host.conf @@ -0,0 +1,2 @@ +multi on +order hosts,bind @@ -0,0 +1,2 @@ +127.0.0.1 localhost +127.0.0.1 aquila diff --git a/hosts.allow b/hosts.allow new file mode 100644 index 0000000..6d99ba3 --- /dev/null +++ b/hosts.allow @@ -0,0 +1,10 @@ +# +# hosts.allow This file contains access rules which are used to +# allow or deny connections to network services that +# either use the tcp_wrappers library or that have been +# started through a tcp_wrappers-enabled xinetd. +# +# See 'man 5 hosts_options' and 'man 5 hosts_access' +# for information on rule syntax. +# See 'man tcpd' for information on tcp_wrappers +# diff --git a/hosts.deny b/hosts.deny new file mode 100644 index 0000000..c9bde8e --- /dev/null +++ b/hosts.deny @@ -0,0 +1,13 @@ +# +# hosts.deny This file contains access rules which are used to +# deny connections to network services that either use +# the tcp_wrappers library or that have been +# started through a tcp_wrappers-enabled xinetd. +# +# The rules in this file can also be set up in +# /etc/hosts.allow with a 'deny' option instead. +# +# See 'man 5 hosts_options' and 'man 5 hosts_access' +# for information on rule syntax. +# See 'man tcpd' for information on tcp_wrappers +# @@ -0,0 +1,42 @@ +# do not bell on tab-completion +#set bell-style none + +set meta-flag on +set input-meta on +set convert-meta off +set output-meta on + +# Completed names which are symbolic links to +# directories have a slash appended. +set mark-symlinked-directories on + +$if mode=emacs + +# for linux console and RH/Debian xterm +"\e[1~": beginning-of-line +"\e[4~": end-of-line +# commented out keymappings for pgup/pgdown to reach begin/end of history +#"\e[5~": beginning-of-history +#"\e[6~": end-of-history +"\e[5~": history-search-backward +"\e[6~": history-search-forward +"\e[3~": delete-char +"\e[2~": quoted-insert +"\e[5C": forward-word +"\e[5D": backward-word +"\e[1;5C": forward-word +"\e[1;5D": backward-word + +# for rxvt +"\e[8~": end-of-line +"\eOc": forward-word +"\eOd": backward-word + +# for non RH/Debian xterm, can't hurt for RH/DEbian xterm +"\eOH": beginning-of-line +"\eOF": end-of-line + +# for freebsd console +"\e[H": beginning-of-line +"\e[F": end-of-line +$endif diff --git a/packaging/0001-Prevent-marking-shadow-at-passwd-group.patch b/packaging/0001-Prevent-marking-shadow-at-passwd-group.patch new file mode 100644 index 0000000..8416f03 --- /dev/null +++ b/packaging/0001-Prevent-marking-shadow-at-passwd-group.patch @@ -0,0 +1,26 @@ +From 069db1ebb786d75813112d08e9979940a799f7ca Mon Sep 17 00:00:00 2001 +From: "walyong.cho" <walyong.cho@samsung.com> +Date: Thu, 17 Jan 2013 12:09:37 +0900 +Subject: [PATCH] Prevent marking shadow at passwd, group. + +Change-Id: Ife51362b8e38fe5bedfef545a90bfc112177d29e +--- + shadowconvert.sh | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/shadowconvert.sh b/shadowconvert.sh +index 4be13b6..006046d 100755 +--- a/shadowconvert.sh ++++ b/shadowconvert.sh +@@ -11,8 +11,5 @@ sed -e "s/:.*/:*:`expr $(date +%s) / 86400`:0:99999:7:::/" passwd >shadow + #make prototype for /etc/gshadow + sed -e 's/:[0-9]\+:/::/g' group >gshadow + +-#mark passwd and group files entries shadowed +-sed -i -e 's/^\([^:]\+\):[^:]*:/\1:x:/' passwd group +- + echo Converted successfully. + exit 0 +-- +1.7.9.5 + diff --git a/packaging/setup.changes b/packaging/setup.changes new file mode 100644 index 0000000..f8d20c2 --- /dev/null +++ b/packaging/setup.changes @@ -0,0 +1,84 @@ +* Wed Jun 01 2011 Marko Saukko <marko.saukko@cybercom.com> - 2.8.15 +- Add ttyO2 to setup-2.8.9-securetty.patch (used in N900 for example) + +* Sat May 21 2011 Anas Nashif <anas.nashif@intel.com> - 2.8.15 +- Remove dependency on perl and tcsh + +* Wed Aug 18 2010 Jan-Simon Moeller <jsmoeller@linuxfoundation.org> - 2.8.15 +- Don't include cflags in this way into the build environment. Never ever! +- Preparing split of this into a file included in /etc/profile.d/ only on target + and keep it in sync with prjconf. prjconf is master! +- Better pull from prjconf and embed ! + +* Wed Aug 18 2010 Austin Zhang <austin.zhang@linux.intel.com> - 2.8.15 +- Don't omit frame pointer in building. + +* Mon Jul 19 2010 Marko Saukko <marko.saukko@cybercom.com> - 2.8.15 +- Added ttyS2 to securetty. + +* Thu Jul 08 2010 Austin Zhang <austin.zhang@linux.intel.com> - 2.8.15 +- Added additional flags for relocation and RO PLT + +* Fri Mar 05 2010 Austin Zhang <austin.zhang@linux.intel.com> - 2.8.15 +- Remove loop optimization compiler options, which will lead to + some unexpected compiling failure. + +* Wed Feb 10 2010 Austin Zhang <austin.zhang@linux.intel.com> - 2.8.15 +- Rename version to 2.8.15 (source had been updated, but changelog not) + and remove obsoleted stuffs +- Correct cmov_fast to fast_cmov +- Add new compiler optimization flags + +* Sun Feb 7 2010 Arjan van de Ven <arjan@linux.intel.com> - 2.8.9 +- some older configure scripts don't understand "atom" and as a result + don't think the CPU supports CMOV. Help these configure scripts by + setting the appropriate environment variable. + +* Tue Nov 24 2009 Arjan van de Ven <arjan@linux.intel.com> - 2.8.9 +- use -mtune=atom for the CFLAGS env var + +* Mon Oct 05 2009 Anas Nashif <anas.nashif@intel.com> - 2.8.9 +- Assign polkit user to polkit package + +* Tue Sep 15 2009 Anas Nashif <anas.nashif@intel.com> - 2.8.9 +- Rebase to 2.8.9 + +* Thu Apr 30 2009 Arjan van de Ven <arjan@linux.intel.com> 2.6.14 +- reinstate the CFLAGS environment variable + +* Tue Apr 28 2009 Anas Nashif <anas.nashif@intel.com> 2.6.14 +- Do not set CFLAGS in profile + +* Wed Apr 01 2009 Arjan van de Ven <arjan@linux.intel.com> 2.6.14 +- set the CFLAGS environment variable + +* Sat Feb 28 2009 Peter Zhu <peter.j.zhu@intel.com> 2.6.14 +- add ttyS0 into securetty + +* Mon Feb 09 2009 Vivian Zhang <vivian.zhang@intel.com> 2.6.14 +- Set i18n stuff in /etc/profile + +* Wed Jan 14 2009 Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com> 2.6.14 +- Fix misformatted entry for audio group (add empty password field) + +* Tue Jan 13 2009 Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com> 2.6.14 +- Add an audio group as an stop gap sollution until policy kit is fixed + +* Fri Jan 09 2009 Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com> 2.6.14 +- Add missing patch to add groups needed by udev + +* Thu Jan 08 2009 Anas Nashif <anas.nashif@intel.com> 2.6.14 +- Disable missing patch for now + +* Fri Dec 19 2008 Arjan van de Ven <arjan@linux.intel.com> 2.6.14 +- Enable coredumps by default + +* Tue Dec 16 2008 Anas Nashif <anas.nashif@intel.com> 2.6.14 +- Fixed rpmlint errors in Summary tag + +* Thu Dec 11 2008 Anas Nashif <anas.nashif@intel.com> 2.6.14 +- Remove dependency on tcsh + +* Fri Dec 5 2008 Auke Kok <auke-jan.h.kok@intel.com> +- add vcsa and floppy user/group ids + diff --git a/packaging/setup.spec b/packaging/setup.spec new file mode 100644 index 0000000..0a3703a --- /dev/null +++ b/packaging/setup.spec @@ -0,0 +1,123 @@ +Summary: A set of system configuration and setup files +Name: setup +Version: 0.1 +Release: 4 +License: Public Domain +Group: System/Base +URL: https://fedorahosted.org/setup/ +Source0: https://fedorahosted.org/releases/s/e/%{name}/%{name}-0.1.tar.bz2 +Patch101: 0001-Prevent-marking-shadow-at-passwd-group.patch +BuildArch: noarch +BuildRequires: bash +Requires: filesystem + +%description +The setup package contains a set of important system configuration and +setup files, such as passwd, group, and profile. + +%prep +%setup -q +%patch101 -p1 +./shadowconvert.sh + +%build + +%check +# Run any sanity checks. +#make check + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}/etc/profile.d +cp -ar * %{buildroot}/etc +rm -f %{buildroot}/etc/uidgid +rm -f %{buildroot}/etc/COPYING +mkdir -p %{buildroot}/var/log +touch %{buildroot}/var/log/lastlog +touch %{buildroot}/etc/environment +chmod 0644 %{buildroot}/etc/environment +chmod 0400 %{buildroot}/etc/{shadow,gshadow} +chmod 0644 %{buildroot}/var/log/lastlog +touch %{buildroot}/etc/fstab +touch %{buildroot}/etc/mtab + +# remove unpackaged files from the buildroot +rm -f %{buildroot}/etc/Makefile +rm -f %{buildroot}/etc/serviceslint +rm -f %{buildroot}/etc/uidgidlint +rm -f %{buildroot}/etc/shadowconvert.sh +rm -f %{buildroot}/etc/setup.spec +rm -rf %{buildroot}/etc/packaging + +mkdir -p %{buildroot}/opt/etc +#mv %{buildroot}/etc/{passwd,group,shadow,gshadow} %{buildroot}/opt/etc +%if "%{_repository}" == "wearable" +mv %{buildroot}/etc/{passwd,group} %{buildroot}/opt/etc +%endif +pushd %{buildroot}/etc +rm -f passwd shadow group gshadow +%if "%{_repository}" == "wearable" +ln -s ../opt/etc/passwd +#ln -s ../opt/etc/shadow +ln -s ../opt/etc/group +#ln -s ../opt/etc/gshadow +%endif +popd +mkdir -p $RPM_BUILD_ROOT%{_datadir}/license +cat COPYING > $RPM_BUILD_ROOT%{_datadir}/license/setup + +%clean +rm -rf %{buildroot} + +#throw away useless and dangerous update stuff until rpm will be able to +#handle it ( http://rpm.org/ticket/6 ) +#%post -p <lua> +#for i, name in ipairs({"passwd", "shadow", "group", "gshadow"}) do +# os.remove("/etc/"..name..".rpmnew") +#end + +%files +%defattr(-,root,root,-) +%{_datadir}/license/setup +%if "%{_repository}" == "wearable" +/etc/passwd +/etc/group +%endif +#/etc/shadow +#/etc/gshadow +%if "%{_repository}" == "wearable" +%config(noreplace) /opt/etc/passwd +%config(noreplace) /opt/etc/group +%endif +#%config(noreplace,missingok) /opt/etc/shadow +#%config(noreplace,missingok) /opt/etc/gshadow + +%if "%{_repository}" == "wearable" +%verify(not md5 size mtime) %config(noreplace) /opt/etc/passwd +%verify(not md5 size mtime) %config(noreplace) /opt/etc/group +%endif +#%verify(not md5 size mtime) %attr(0000,root,root) %config(noreplace,missingok) /opt/etc/shadow +#%verify(not md5 size mtime) %attr(0000,root,root) %config(noreplace,missingok) /opt/etc/gshadow +%verify(not md5 size mtime) %config(noreplace) /etc/services +%verify(not md5 size mtime) %config(noreplace) /etc/exports +%config(noreplace) /etc/aliases +%config(noreplace) /etc/environment +%config(noreplace) /etc/filesystems +%config(noreplace) /etc/host.conf +%verify(not md5 size mtime) %config(noreplace) /etc/hosts +%verify(not md5 size mtime) %config(noreplace) /etc/hosts.allow +%verify(not md5 size mtime) %config(noreplace) /etc/hosts.deny +%verify(not md5 size mtime) %config(noreplace) /etc/motd +%config(noreplace) /etc/printcap +%verify(not md5 size mtime) %config(noreplace) /etc/inputrc +%config(noreplace) /etc/bashrc +%config(noreplace) /etc/profile +%verify(not md5 size mtime) %config(noreplace) /etc/protocols +%attr(0600,root,root) %config(noreplace,missingok) /etc/securetty +%config(noreplace) /etc/csh.login +%config(noreplace) /etc/csh.cshrc +%dir /etc/profile.d +%config(noreplace) %verify(not md5 size mtime) /etc/shells +%ghost %attr(0644,root,root) %verify(not md5 size mtime) /var/log/lastlog +%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/fstab +%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/mtab @@ -0,0 +1,34 @@ +root::0:0:root:/root:/bin/sh +bin:*:1:1:bin:/bin: +daemon:*:2:2:daemon:/sbin: +ftp:*:14:50:FTP User:/home/ftp: +dbus:*:81:81:D-Bus:/var/run/dbus:/bin/false +system:x:1000:1000:system:/home/system:/bin/sh +bluetooth:x:1002:1002:bluetooth:/home/bluetooth:/bin/false +graphics:x:1003:1003:graphics:/home/graphics:/bin/false +input:x:1004:1004:input:/home/input:/bin/false +log:x:1007:1007:log:/home/log:/bin/false +compass:x:1008:1008:compass:/home/compass:/bin/false +mount:x:1009:1009:mount:/home/mount:/bin/false +wifi:x:1010:1010:wifi:/home/wifi:/bin/false +adb:x:1011:1011:adb:/home/adb:/bin/false +install:x:1012:1012:install:/home/install:/bin/false +media:x:1013:1013:media:/home/media:/bin/false +dhcp:x:1014:1014:dhcp:/home/dhcp:/bin/false +sdcard_rw:x:1015:1015:sdcard_rw:/home/sdcard_rw:/bin/false +vpn:x:1016:1016:vpn:/home/vpn:/bin/false +keystore:x:1017:1017:keystore:/home/keystore:/bin/false +shell:x:2000:2000:shell:/home/shell:/bin/false +cache:x:2001:2001:cache:/home/cache:/bin/false +diag:x:2002:2002:diag:/home/diag:/bin/false +net_bt_admin:x:3001:3001:net_bt_admin:/home/net_bt_admin:/bin/false +net_bt:x:3002:3002:net_bt:/home/net_bt:/bin/false +inet:x:3003:3003:inet:/home/inet:/bin/false +net_raw:x:3004:3004:net_raw:/home/net_raw:/bin/false +net_admin:x:3005:3005:net_admin:/home/net_admin:/bin/false +app:x:5000:5000:In-house application:/home/app:/bin/sh +developer::5100:5100:developer with SDK:/home/developer:/bin/false +pulse:x:6507:6507:PulseAudio daemon:/var/run/pulse:/bin/false +misc:x:9998:9998:misc:/home/misc:/bin/false +sshd:x:112:65534::/var/run/sshd:/usr/sbin/nologin + diff --git a/printcap b/printcap new file mode 100644 index 0000000..9f88f82 --- /dev/null +++ b/printcap @@ -0,0 +1,7 @@ +# /etc/printcap +# +# Please don't edit this file directly unless you know what you are doing! +# This file will be automatically generated by cupsd(8) from the +# /etc/cups/printers.conf file. All changes to this file +# will be lost. + @@ -0,0 +1,15 @@ +# /etc/profile + +# System wide environment and startup programs +# Functions and aliases go in /etc/bashrc + +HOSTNAME=`/bin/hostname` +HISTSIZE=1000 + +export PATH HOSTNAME HISTSIZE + +for i in /etc/profile.d/*.sh ; do + if [ -r "$i" ]; then + . $i + fi +done diff --git a/protocols b/protocols new file mode 100644 index 0000000..295fb8a --- /dev/null +++ b/protocols @@ -0,0 +1,148 @@ +# /etc/protocols: +# $Id: protocols,v 1.1.1.1 2007/05/21 11:30:37 khoonk Exp $ +# +# Internet (IP) protocols +# +# from: @(#)protocols 5.1 (Berkeley) 4/17/89 +# +# Updated for NetBSD based on RFC 1340, Assigned Numbers (July 1992). +# +# See also http://www.isi.edu/in-notes/iana/assignments/protocol-numbers + +ip 0 IP # internet protocol, pseudo protocol number +#hopopt 0 HOPOPT # hop-by-hop options for ipv6 +icmp 1 ICMP # internet control message protocol +igmp 2 IGMP # internet group management protocol +ggp 3 GGP # gateway-gateway protocol +ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'') +st 5 ST # ST datagram mode +tcp 6 TCP # transmission control protocol +cbt 7 CBT # CBT, Tony Ballardie <A.Ballardie@cs.ucl.ac.uk> +egp 8 EGP # exterior gateway protocol +igp 9 IGP # any private interior gateway (Cisco: for IGRP) +bbn-rcc 10 BBN-RCC-MON # BBN RCC Monitoring +nvp 11 NVP-II # Network Voice Protocol +pup 12 PUP # PARC universal packet protocol +argus 13 ARGUS # ARGUS +emcon 14 EMCON # EMCON +xnet 15 XNET # Cross Net Debugger +chaos 16 CHAOS # Chaos +udp 17 UDP # user datagram protocol +mux 18 MUX # Multiplexing protocol +dcn 19 DCN-MEAS # DCN Measurement Subsystems +hmp 20 HMP # host monitoring protocol +prm 21 PRM # packet radio measurement protocol +xns-idp 22 XNS-IDP # Xerox NS IDP +trunk-1 23 TRUNK-1 # Trunk-1 +trunk-2 24 TRUNK-2 # Trunk-2 +leaf-1 25 LEAF-1 # Leaf-1 +leaf-2 26 LEAF-2 # Leaf-2 +rdp 27 RDP # "reliable datagram" protocol +irtp 28 IRTP # Internet Reliable Transaction Protocol +iso-tp4 29 ISO-TP4 # ISO Transport Protocol Class 4 +netblt 30 NETBLT # Bulk Data Transfer Protocol +mfe-nsp 31 MFE-NSP # MFE Network Services Protocol +merit-inp 32 MERIT-INP # MERIT Internodal Protocol +sep 33 SEP # Sequential Exchange Protocol +3pc 34 3PC # Third Party Connect Protocol +idpr 35 IDPR # Inter-Domain Policy Routing Protocol +xtp 36 XTP # Xpress Tranfer Protocol +ddp 37 DDP # Datagram Delivery Protocol +idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport Proto +tp++ 39 TP++ # TP++ Transport Protocol +il 40 IL # IL Transport Protocol +ipv6 41 IPv6 # IPv6 +sdrp 42 SDRP # Source Demand Routing Protocol +ipv6-route 43 IPv6-Route # Routing Header for IPv6 +ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6 +idrp 45 IDRP # Inter-Domain Routing Protocol +rsvp 46 RSVP # Resource ReSerVation Protocol +gre 47 GRE # Generic Routing Encapsulation +mhrp 48 MHRP # Mobile Host Routing Protocol +bna 49 BNA # BNA +ipv6-crypt 50 IPv6-Crypt # Encryption Header for IPv6 +ipv6-auth 51 IPv6-Auth # Authentication Header for IPv6 +i-nlsp 52 I-NLSP # Integrated Net Layer Security TUBA +swipe 53 SWIPE # IP with Encryption +narp 54 NARP # NBMA Address Resolution Protocol +mobile 55 MOBILE # IP Mobility +tlsp 56 TLSP # Transport Layer Security Protocol +skip 57 SKIP # SKIP +ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6 +ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6 +ipv6-opts 60 IPv6-Opts # Destination Options for IPv6 +# 61 # any host internal protocol +cftp 62 CFTP # CFTP +# 63 # any local network +sat-expak 64 SAT-EXPAK # SATNET and Backroom EXPAK +kryptolan 65 KRYPTOLAN # Kryptolan +rvd 66 RVD # MIT Remote Virtual Disk Protocol +ippc 67 IPPC # Internet Pluribus Packet Core +# 68 # any distributed file system +sat-mon 69 SAT-MON # SATNET Monitoring +visa 70 VISA # VISA Protocol +ipcv 71 IPCV # Internet Packet Core Utility +cpnx 72 CPNX # Computer Protocol Network Executive +cphb 73 CPHB # Computer Protocol Heart Beat +wsn 74 WSN # Wang Span Network +pvp 75 PVP # Packet Video Protocol +br-sat-mon 76 BR-SAT-MON # Backroom SATNET Monitoring +sun-nd 77 SUN-ND # SUN ND PROTOCOL-Temporary +wb-mon 78 WB-MON # WIDEBAND Monitoring +wb-expak 79 WB-EXPAK # WIDEBAND EXPAK +iso-ip 80 ISO-IP # ISO Internet Protocol +vmtp 81 VMTP # Versatile Message Transport +secure-vmtp 82 SECURE-VMTP # SECURE-VMTP +vines 83 VINES # VINES +ttp 84 TTP # TTP +nsfnet-igp 85 NSFNET-IGP # NSFNET-IGP +dgp 86 DGP # Dissimilar Gateway Protocol +tcf 87 TCF # TCF +eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco) +ospf 89 OSPFIGP # Open Shortest Path First IGP +sprite-rpc 90 Sprite-RPC # Sprite RPC Protocol +larp 91 LARP # Locus Address Resolution Protocol +mtp 92 MTP # Multicast Transport Protocol +ax.25 93 AX.25 # AX.25 Frames +ipip 94 IPIP # Yet Another IP encapsulation +micp 95 MICP # Mobile Internetworking Control Pro. +scc-sp 96 SCC-SP # Semaphore Communications Sec. Pro. +etherip 97 ETHERIP # Ethernet-within-IP Encapsulation +encap 98 ENCAP # Yet Another IP encapsulation +# 99 # any private encryption scheme +gmtp 100 GMTP # GMTP +ifmp 101 IFMP # Ipsilon Flow Management Protocol +pnni 102 PNNI # PNNI over IP +pim 103 PIM # Protocol Independent Multicast +aris 104 ARIS # ARIS +scps 105 SCPS # SCPS +qnx 106 QNX # QNX +a/n 107 A/N # Active Networks +ipcomp 108 IPComp # IP Payload Compression Protocol +snp 109 SNP # Sitara Networks Protocol +compaq-peer 110 Compaq-Peer # Compaq Peer Protocol +ipx-in-ip 111 IPX-in-IP # IPX in IP +vrrp 112 VRRP # Virtual Router Redundancy Protocol +pgm 113 PGM # PGM Reliable Transport Protocol +# 114 # any 0-hop protocol +l2tp 115 L2TP # Layer Two Tunneling Protocol +ddx 116 DDX # D-II Data Exchange +iatp 117 IATP # Interactive Agent Transfer Protocol +st 118 ST # Schedule Transfer +srp 119 SRP # SpectraLink Radio Protocol +uti 120 UTI # UTI +smp 121 SMP # Simple Message Protocol +sm 122 SM # SM +ptp 123 PTP # Performance Transparency Protocol +isis 124 ISIS # ISIS over IPv4 +fire 125 FIRE +crtp 126 CRTP # Combat Radio Transport Protocol +crdup 127 CRUDP # Combat Radio User Datagram +sscopmce 128 SSCOPMCE +iplt 129 IPLT +sps 130 SPS # Secure Packet Shield +pipe 131 PIPE # Private IP Encapsulation within IP +sctp 132 SCTP # Stream Control Transmission Protocol +fc 133 FC # Fibre Channel +# 134-254 # Unassigned +# 255 # Reserved diff --git a/securetty b/securetty new file mode 100644 index 0000000..36c6555 --- /dev/null +++ b/securetty @@ -0,0 +1,10 @@ +console +ttyS0 +ttyS1 +pts/0 +pts/1 +pts/2 +pts/3 +ttygs0 +ttySAC2 +ttyO3 diff --git a/services b/services new file mode 100644 index 0000000..25d229a --- /dev/null +++ b/services @@ -0,0 +1,507 @@ +# /etc/services: +# $Id: services,v 1.1.1.1 2007/05/21 11:30:37 khoonk Exp $ +# +# Network services, Internet style +# +# Note that it is presently the policy of IANA to assign a single well-known +# port number for both TCP and UDP; hence, most entries here have two entries +# even if the protocol doesn't support UDP operations. +# Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports +# are included, only the more common ones. +# +# The latest IANA port assignments can be gotten from +# http://www.isi.edu/in-notes/iana/assignments/port-numbers +# The Well Known Ports are those from 0 through 1023. +# The Registered Ports are those from 1024 through 49151 +# The Dynamic and/or Private Ports are those from 49152 through 65535 +# +# Each line describes one service, and is of the form: +# +# service-name port/protocol [aliases ...] [# comment] + +tcpmux 1/tcp # TCP port service multiplexer +tcpmux 1/udp # TCP port service multiplexer +rje 5/tcp # Remote Job Entry +rje 5/udp # Remote Job Entry +echo 7/tcp +echo 7/udp +discard 9/tcp sink null +discard 9/udp sink null +systat 11/tcp users +systat 11/udp users +daytime 13/tcp +daytime 13/udp +qotd 17/tcp quote +qotd 17/udp quote +msp 18/tcp # message send protocol +msp 18/udp # message send protocol +chargen 19/tcp ttytst source +chargen 19/udp ttytst source +ftp-data 20/tcp +ftp-data 20/udp +ftp 21/tcp +ftp 21/udp +ssh 22/tcp # SSH Remote Login Protocol +ssh 22/udp # SSH Remote Login Protocol +telnet 23/tcp +telnet 23/udp +# 24 - private mail system +smtp 25/tcp mail +smtp 25/udp mail +time 37/tcp timserver +time 37/udp timserver +rlp 39/tcp resource # resource location +rlp 39/udp resource # resource location +nameserver 42/tcp name # IEN 116 +nameserver 42/udp name # IEN 116 +nicname 43/tcp whois +nicname 43/udp whois +tacacs 49/tcp # Login Host Protocol (TACACS) +tacacs 49/udp # Login Host Protocol (TACACS) +re-mail-ck 50/tcp # Remote Mail Checking Protocol +re-mail-ck 50/udp # Remote Mail Checking Protocol +domain 53/tcp nameserver # name-domain server +domain 53/udp nameserver +whois++ 63/tcp +whois++ 63/udp +bootps 67/tcp # BOOTP server +bootps 67/udp +bootpc 68/tcp # BOOTP client +bootpc 68/udp +tftp 69/tcp +tftp 69/udp +gopher 70/tcp # Internet Gopher +gopher 70/udp +netrjs-1 71/tcp # Remote Job Service +netrjs-1 71/udp # Remote Job Service +netrjs-2 72/tcp # Remote Job Service +netrjs-2 72/udp # Remote Job Service +netrjs-3 73/tcp # Remote Job Service +netrjs-3 73/udp # Remote Job Service +netrjs-4 74/tcp # Remote Job Service +netrjs-4 74/udp # Remote Job Service +finger 79/tcp +finger 79/udp +http 80/tcp www www-http # WorldWideWeb HTTP +http 80/udp www www-http # HyperText Transfer Protocol +kerberos 88/tcp kerberos5 krb5 # Kerberos v5 +kerberos 88/udp kerberos5 krb5 # Kerberos v5 +supdup 95/tcp +supdup 95/udp +hostname 101/tcp hostnames # usually from sri-nic +hostname 101/udp hostnames # usually from sri-nic +iso-tsap 102/tcp tsap # part of ISODE. +csnet-ns 105/tcp cso # also used by CSO name server +csnet-ns 105/udp cso +# unfortunately the poppassd (Eudora) uses a port which has already +# been assigned to a different service. We list the poppassd as an +# alias here. This should work for programs asking for this service. +# (due to a bug in inetd the 3com-tsmux line is disabled) +#3com-tsmux 106/tcp poppassd +#3com-tsmux 106/udp poppassd +rtelnet 107/tcp # Remote Telnet +rtelnet 107/udp +pop2 109/tcp pop-2 postoffice # POP version 2 +pop2 109/udp pop-2 +pop3 110/tcp pop-3 # POP version 3 +pop3 110/udp pop-3 +sunrpc 111/tcp portmapper # RPC 4.0 portmapper TCP +sunrpc 111/udp portmapper # RPC 4.0 portmapper UDP +auth 113/tcp authentication tap ident +auth 113/udp authentication tap ident +sftp 115/tcp +sftp 115/udp +uucp-path 117/tcp +uucp-path 117/udp +nntp 119/tcp readnews untp # USENET News Transfer Protocol +nntp 119/udp readnews untp # USENET News Transfer Protocol +ntp 123/tcp +ntp 123/udp # Network Time Protocol +netbios-ns 137/tcp # NETBIOS Name Service +netbios-ns 137/udp +netbios-dgm 138/tcp # NETBIOS Datagram Service +netbios-dgm 138/udp +netbios-ssn 139/tcp # NETBIOS session service +netbios-ssn 139/udp +imap 143/tcp imap2 # Interim Mail Access Proto v2 +imap 143/udp imap2 +snmp 161/tcp # Simple Net Mgmt Proto +snmp 161/udp # Simple Net Mgmt Proto +snmptrap 162/udp snmp-trap # Traps for SNMP +cmip-man 163/tcp # ISO mgmt over IP (CMOT) +cmip-man 163/udp +cmip-agent 164/tcp +smip-agent 164/udp +mailq 174/tcp # MAILQ +mailq 174/udp # MAILQ +xdmcp 177/tcp # X Display Mgr. Control Proto +xdmcp 177/udp +nextstep 178/tcp NeXTStep NextStep # NeXTStep window +nextstep 178/udp NeXTStep NextStep # server +bgp 179/tcp # Border Gateway Proto. +bgp 179/udp +prospero 191/tcp # Cliff Neuman's Prospero +prospero 191/udp +irc 194/tcp # Internet Relay Chat +irc 194/udp +smux 199/tcp # SNMP Unix Multiplexer +smux 199/udp +at-rtmp 201/tcp # AppleTalk routing +at-rtmp 201/udp +at-nbp 202/tcp # AppleTalk name binding +at-nbp 202/udp +at-echo 204/tcp # AppleTalk echo +at-echo 204/udp +at-zis 206/tcp # AppleTalk zone information +at-zis 206/udp +qmtp 209/tcp # Quick Mail Transfer Protocol +qmtp 209/udp # Quick Mail Transfer Protocol +z39.50 210/tcp z3950 wais # NISO Z39.50 database +z39.50 210/udp z3950 wais +ipx 213/tcp # IPX +ipx 213/udp +imap3 220/tcp # Interactive Mail Access +imap3 220/udp # Protocol v3 +link 245/tcp ttylink +link 245/ucp ttylink +rsvp_tunnel 363/tcp +rsvp_tunnel 363/udp +rpc2portmap 369/tcp +rpc2portmap 369/udp # Coda portmapper +codaauth2 370/tcp +codaauth2 370/udp # Coda authentication server +ulistproc 372/tcp ulistserv # UNIX Listserv +ulistproc 372/udp ulistserv +ldap 389/tcp +ldap 389/udp +svrloc 427/tcp # Server Location Protocl +svrloc 427/udp # Server Location Protocl +mobileip-agent 434/tcp +mobileip-agent 434/udp +mobilip-mn 435/tcp +mobilip-mn 435/udp +https 443/tcp # MCom +https 443/udp # MCom +snpp 444/tcp # Simple Network Paging Protocol +snpp 444/udp # Simple Network Paging Protocol +microsoft-ds 445/tcp +microsoft-ds 445/udp +kpasswd 464/tcp kpwd # Kerberos "passwd" +kpasswd 464/udp kpwd # Kerberos "passwd" +photuris 468/tcp +photuris 468/udp +saft 487/tcp # Simple Asynchronous File Transfer +saft 487/udp # Simple Asynchronous File Transfer +gss-http 488/tcp +gss-http 488/udp +pim-rp-disc 496/tcp +pim-rp-disc 496/udp +isakmp 500/tcp +isakmp 500/udp +gdomap 538/tcp # GNUstep distributed objects +gdomap 538/udp # GNUstep distributed objects +iiop 535/tcp +iiop 535/udp +dhcpv6-client 546/tcp +dhcpv6-client 546/udp +dhcpv6-server 547/tcp +dhcpv6-server 547/udp +rtsp 554/tcp # Real Time Stream Control Protocol +rtsp 554/udp # Real Time Stream Control Protocol +nntps 563/tcp # NNTP over SSL +nntps 563/udp # NNTP over SSL +whoami 565/tcp +whoami 565/udp +submission 587/tcp msa # mail message submission +submission 587/udp msa # mail message submission +npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS +npmp-local 610/udp dqs313_qmaster # npmp-local / DQS +npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS +npmp-gui 611/udp dqs313_execd # npmp-gui / DQS +hmmp-ind 612/tcp dqs313_intercell # HMMP Indication / DQS +hmmp-ind 612/udp dqs313_intercell # HMMP Indication / DQS +ldaps 636/tcp # LDAP over SSL +ldaps 636/udp # LDAP over SSL +acap 674/tcp +acap 674/udp +ha-cluster 694/tcp # Heartbeat HA-cluster +ha-cluster 694/udp # Heartbeat HA-cluster +kerberos-adm 749/tcp # Kerberos `kadmin' (v5) +kerberos-iv 750/udp kerberos4 kerberos-sec kdc +kerberos-iv 750/tcp kerberos4 kerberos-sec kdc +webster 765/tcp # Network dictionary +webster 765/udp +phonebook 767/tcp # Network phonebook +phonebook 767/udp +rsync 873/tcp # rsync +rsync 873/udp # rsync +telnets 992/tcp +telnets 992/udp +imaps 993/tcp # IMAP over SSL +imaps 993/udp # IMAP over SSL +ircs 994/tcp +ircs 994/udp +pop3s 995/tcp # POP-3 over SSL +pop3s 995/udp # POP-3 over SSL + +# +# UNIX specific services +# +exec 512/tcp +biff 512/udp comsat +login 513/tcp +who 513/udp whod +shell 514/tcp cmd # no passwords used +syslog 55514/udp +printer 515/tcp spooler # line printer spooler +printer 515/udp spooler # line printer spooler +talk 517/udp +ntalk 518/udp +utime 519/tcp unixtime +utime 519/udp unixtime +efs 520/tcp +router 520/udp route routed # RIP +ripng 521/tcp +ripng 521/udp +timed 525/tcp timeserver +timed 525/udp timeserver +tempo 526/tcp newdate +courier 530/tcp rpc +conference 531/tcp chat +netnews 532/tcp readnews +netwall 533/udp # -for emergency broadcasts +uucp 540/tcp uucpd # uucp daemon +klogin 543/tcp # Kerberized `rlogin' (v5) +kshell 544/tcp krcmd # Kerberized `rsh' (v5) +afpovertcp 548/tcp # AFP over TCP +afpovertcp 548/udp # AFP over TCP +remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem + +# +# From ``PORT NUMBERS'': +# +#>REGISTERED PORT NUMBERS +#> +#>The Registered Ports are listed by the IANA and on most systems can be +#>used by ordinary user processes or programs executed by ordinary +#>users. +#> +#>Ports are used in the TCP [RFC793] to name the ends of logical +#>connections which carry long term conversations. For the purpose of +#>providing services to unknown callers, a service contact port is +#>defined. This list specifies the port used by the server process as +#>its contact port. +#> +#>The IANA registers uses of these ports as a convienence to the +#>community. +# +socks 1080/tcp # socks proxy server +socks 1080/udp # socks proxy server +skkserv 1178/tcp # SKK Japanese input method +h323hostcallsc 1300/tcp # H323 Host Call Secure +h323hostcallsc 1300/udp # H323 Host Call Secure +ms-sql-s 1433/tcp # Microsoft-SQL-Server +ms-sql-s 1433/udp # Microsoft-SQL-Server +ms-sql-m 1434/tcp # Microsoft-SQL-Monitor +ms-sql-m 1434/udp # Microsoft-SQL-Monitor +ica 1494/tcp # Citrix ICA Client +ica 1494/udp # Citrix ICA Client +wins 1512/tcp # Microsoft's Windows Internet Name Service +wins 1512/udp # Microsoft's Windows Internet Name Service +ingreslock 1524/tcp +ingreslock 1524/udp +prospero-np 1525/tcp # Prospero non-privileged +prospero-np 1525/udp +support 1529/tcp prmsd gnatsd # cygnus bug tracker +datametrics 1645/tcp old-radius # datametrics / old radius entry +datametrics 1645/udp old-radius # datametrics / old radius entry +sa-msg-port 1646/tcp old-radacct # sa-msg-port / old radacct entry +sa-msg-port 1646/udp old-radacct # sa-msg-port / old radacct entry +kermit 1649/tcp +kermit 1649/udp +l2tp 1701/tcp +l2tp 1701/udp +h323gatedisc 1718/tcp +h323gatedisc 1718/udp +h323gatestat 1719/tcp +h323gatestat 1719/udp +h323hostcall 1720/tcp +h323hostcall 1720/udp +tftp-mcast 1758/tcp +tftp-mcast 1758/udp +hello 1788/tcp +hello 1788/udp +radius 1812/tcp # Radius +radius 1812/udp # Radius +radius-acct 1813/tcp radacct # Radius Accounting +radius-acct 1813/udp radacct # Radius Accounting +mtp 1911/tcp # +mtp 1911/udp # +hsrp 1985/tcp # Cisco Hot Standby Router Protocol +hsrp 1985/udp # Cisco Hot Standby Router Protocol +licensedaemon 1986/tcp +licensedaemon 1986/udp +gdp-port 1997/tcp # Cisco Gateway Discovery Protocol +gdp-port 1997/udp # Cisco Gateway Discovery Protocol +nfs 2049/tcp nfsd +nfs 2049/udp nfsd +zephyr-srv 2102/tcp # Zephyr server +zephyr-srv 2102/udp # Zephyr server +zephyr-clt 2103/tcp # Zephyr serv-hm connection +zephyr-clt 2103/udp # Zephyr serv-hm connection +zephyr-hm 2104/tcp # Zephyr hostmanager +zephyr-hm 2104/udp # Zephyr hostmanager +cvspserver 2401/tcp # CVS client/server operations +cvspserver 2401/udp # CVS client/server operations +venus 2430/tcp # codacon port +venus 2430/udp # Venus callback/wbc interface +venus-se 2431/tcp # tcp side effects +venus-se 2431/udp # udp sftp side effect +codasrv 2432/tcp # not used +codasrv 2432/udp # server port +codasrv-se 2433/tcp # tcp side effects +codasrv-se 2433/udp # udp sftp side effectQ +corbaloc 2809/tcp # CORBA naming service locator +icpv2 3130/tcp # Internet Cache Protocol V2 (Squid) +icpv2 3130/udp # Internet Cache Protocol V2 (Squid) +mysql 3306/tcp # MySQL +mysql 3306/udp # MySQL +trnsprntproxy 3346/tcp # Trnsprnt Proxy +trnsprntproxy 3346/udp # Trnsprnt Proxy +prsvp 3455/tcp # RSVP Port +prsvp 3455/udp # RSVP Port +rwhois 4321/tcp # Remote Who Is +rwhois 4321/udp # Remote Who Is +krb524 4444/tcp # Kerberos 5 to 4 ticket xlator +krb524 4444/udp # Kerberos 5 to 4 ticket xlator +rfe 5002/tcp # Radio Free Ethernet +rfe 5002/udp # Actually uses UDP only +cfengine 5308/tcp # CFengine +cfengine 5308/udp # CFengine +cvsup 5999/tcp CVSup # CVSup file transfer/John Polstra/FreeBSD +cvsup 5999/udp CVSup # CVSup file transfer/John Polstra/FreeBSD +x11 6000/tcp X # the X Window System +afs3-fileserver 7000/tcp # file server itself +afs3-fileserver 7000/udp # file server itself +afs3-callback 7001/tcp # callbacks to cache managers +afs3-callback 7001/udp # callbacks to cache managers +afs3-prserver 7002/tcp # users & groups database +afs3-prserver 7002/udp # users & groups database +afs3-vlserver 7003/tcp # volume location database +afs3-vlserver 7003/udp # volume location database +afs3-kaserver 7004/tcp # AFS/Kerberos authentication service +afs3-kaserver 7004/udp # AFS/Kerberos authentication service +afs3-volser 7005/tcp # volume managment server +afs3-volser 7005/udp # volume managment server +afs3-errors 7006/tcp # error interpretation service +afs3-errors 7006/udp # error interpretation service +afs3-bos 7007/tcp # basic overseer process +afs3-bos 7007/udp # basic overseer process +afs3-update 7008/tcp # server-to-server updater +afs3-update 7008/udp # server-to-server updater +afs3-rmtsys 7009/tcp # remote cache manager service +afs3-rmtsys 7009/udp # remote cache manager service +sd 9876/tcp # Session Director +sd 9876/udp # Session Director +amanda 10080/tcp # amanda backup services +amanda 10080/udp # amanda backup services +h323callsigalt 11720/tcp # H323 Call Signal Alternate +h323callsigalt 11720/udp # H323 Call Signal Alternate +quake 26000/tcp +quake 26000/udp +wnn6-ds 26208/tcp +wnn6-ds 26208/udp +traceroute 33434/tcp +traceroute 33434/udp + +# +# Datagram Delivery Protocol services +# +rtmp 1/ddp # Routing Table Maintenance Protocol +nbp 2/ddp # Name Binding Protocol +echo 4/ddp # AppleTalk Echo Protocol +zip 6/ddp # Zone Information Protocol +# +# Kerberos (Project Athena/MIT) services +# Note that these are for Kerberos v4, and are unofficial. Sites running +# v4 should uncomment these and comment out the v5 entries above. +# +kerberos_master 751/udp # Kerberos authentication +kerberos_master 751/tcp # Kerberos authentication +passwd_server 752/udp # Kerberos passwd server +krbupdate 760/tcp kreg # Kerberos registration +kpop 1109/tcp # Pop with Kerberos +knetd 2053/tcp # Kerberos de-multiplexor +# +# Kerberos 5 services, also not registered with IANA +# +krb5_prop 754/tcp # Kerberos slave propagation +eklogin 2105/tcp # Kerberos encrypted rlogin +# +# Unofficial but necessary (for NetBSD) services +# +supfilesrv 871/tcp # SUP server +supfiledbg 1127/tcp # SUP debugging +# +# Unofficial but useful/necessary other services +# +netstat 15/tcp # (was once asssigned, no more) +fsp 21/udp fspd # +linuxconf 98/tcp # Linuxconf HTML access +poppassd 106/tcp # Eudora +poppassd 106/udp # Eudora +smtps 465/tcp # SMTP over SSL (TLS) +gii 616/tcp # gated interactive interface +omirr 808/tcp omirrd # online mirror +omirr 808/udp omirrd # online mirror +swat 901/tcp # Samba Web Administration Tool +rmtcfg 1236/tcp # Gracilis Packeten remote config server +xtel 1313/tcp # french minitel +support 1529/tcp # GNATS +cfinger 2003/tcp # GNU Finger +ninstall 2150/tcp # ninstall service +ninstall 2150/udp # ninstall service +afbackup 2988/tcp # Afbackup system +afbackup 2988/udp # Afbackup system +squid 3128/tcp # squid web proxy +postgres 5432/tcp # POSTGRES +postgres 5432/udp # POSTGRES +fax 4557/tcp # FAX transmission service (old) +hylafax 4559/tcp # HylaFAX client-server protocol (new) +sgi-dgl 5232/tcp # SGI Distributed Graphics +sgi-dgl 5232/udp +noclog 5354/tcp # noclogd with TCP (nocol) +noclog 5354/udp # noclogd with UDP (nocol) +hostmon 5355/tcp # hostmon uses TCP (nocol) +hostmon 5355/udp # hostmon uses TCP (nocol) +ircd 6667/tcp # Internet Relay Chat +ircd 6667/udp # Internet Relay Chat +xfs 7100/tcp # X font server +tircproxy 7666/tcp # Tircproxy +http-alt 8008/tcp +http-alt 8008/udp +webcache 8080/tcp # WWW caching service +webcache 8080/udp # WWW caching service +tproxy 8081/tcp # Transparent Proxy +tproxy 8081/udp # Transparent Proxy +jetdirect 9100/tcp laserjet hplj # +mandelspawn 9359/udp mandelbrot # network mandelbrot +kamanda 10081/tcp # amanda backup services (Kerberos) +kamanda 10081/udp # amanda backup services (Kerberos) +amandaidx 10082/tcp # amanda backup services +amidxtape 10083/tcp # amanda backup services +isdnlog 20011/tcp # isdn logging system +isdnlog 20011/udp # isdn logging system +vboxd 20012/tcp # voice box system +vboxd 20012/udp # voice box system +binkp 24554/tcp # Binkley +binkp 24554/udp # Binkley +asp 27374/tcp # Address Search Protocol +asp 27374/udp # Address Search Protocol +tfido 60177/tcp # Ifmail +tfido 60177/udp # Ifmail +fido 60179/tcp # Ifmail +fido 60179/udp # Ifmail + +# Local services + diff --git a/serviceslint b/serviceslint new file mode 100755 index 0000000..b602455 --- /dev/null +++ b/serviceslint @@ -0,0 +1,119 @@ +#!/usr/bin/perl +# +# Perform sanity checks on the services file, supplied as argument. +# Based on an earlier shell script of the same name, but much faster, +# and it also detects actual errors in the current services file :) +# +# This program includes a manual, run "perldoc serviceslint" to see it. +# + +use strict; +use warnings; + +die "Usage: $0 /etc/services\n" unless $#ARGV == 0; + +# Build a hash of known protocols +my %protocol; +open FH, "protocols" or die "cannot open protocols: $!\n"; +while (<FH>) { + chomp; + s/#.*$//; + my ($name, $port) = m/([\S]+)\s+(\d+)/ or next; + $protocol{$name} = $port; +} +close FH; + +# Parse the supplied services file +my $retval = 0; +my $line = 0; +my %service; +open FH, $ARGV[0] or die "cannot open $ARGV[0]: $!\n"; +while (<FH>) { + $line++; # Keep a line count + chomp; # Remove CR/LF chars + if (m/^\s+/) { + print "Malformed line $line\n"; # No leading whitespace + $retval = 1; + next; + } + s/\s*#.*$//; # Strip out comments + next if m/^$/; # Skip empty lines + my ($name, $port, $proto, $aliases) = # Primary pattern match + m/^([\S]+)\s+(\d+)\/(\w+)\s*(.*)/ + or die "Malformed line: $line\n"; + if (not exists $protocol{$proto}) { + print "Bad protocol at line $line: $proto\n"; + $retval = 1; + } + if (exists $service{$proto}{$port}) { + print "Duplicate port at line $line: $port/$proto\n"; + $retval = 1; + } + $service{$proto}{$port} = $name; + foreach ($name, split /\s+/, $aliases) { + if (exists $service{$proto}{$_}) { + print "Duplicate name at line $line: $_/$proto\n"; + $retval = 1; + } + $service{$proto}{$_} = $port; + }; + +} +close FH; +exit $retval; + +__END__ + +=head1 NAME + +serviceslint - perform verification on the /etc/services file + +=head1 SYNOPSIS + +B<serviceslint> I<filename> + +=head1 DESCRIPTION + +The B<serviceslint> command performs syntax and content checks on the +given filename, normally a copy of the I</etc/services> file. + +Syntax checking consists of a regular expression applied to +non-empty, non-comment lines. If the syntax check fails, then +the program prints a message and aborts with non-zero status code. + +Content checking detects various kinds of duplicate entries. +Currently, warnings are printed for duplicate entries, but execution +continues, and the program I<exits with status code zero> (eg. success). + +=over + +=item B<Malformed line> I<NNN> + +The specified line has invalid syntax. Note that leading whitespace +is not permitted. Non-empty lines must begin with a comment, or with +a service name followed by a port number / protocol pair. + +=item B<Duplicate port at line> I<NNN> + +Occurs when a port number / protocol pair is found more than once +in the services file. The warning is flagged on the second (and any +subsequent) occurrences. These entries will not be found via the +B<getservbyport()> function. + +=item B<Duplicate name at line> I<NNN> + +Occurs when a service name, or alias, occurs more than once in the +services file. The warning is flagged on the second (and subsequent) +occurrence. These entries will not be returned by the B<getservbyname()> +function. + +=back + +=head1 SEE ALSO + +The services(5) man page describes the file format. + +=head1 AUTHOR + +Ralph Siemsen & Phil Knirsch + diff --git a/setup.spec b/setup.spec new file mode 100644 index 0000000..31c4bce --- /dev/null +++ b/setup.spec @@ -0,0 +1,760 @@ +Summary: A set of system configuration and setup files +Name: setup +Version: 2.8.15 +Release: 1%{?dist} +License: Public Domain +Group: System Environment/Base +URL: https://fedorahosted.org/setup/ +Source0: https://fedorahosted.org/releases/s/e/%{name}/%{name}-%{version}.tar.bz2 +Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildArch: noarch +BuildRequires: bash tcsh perl +Conflicts: initscripts < 4.26, bash <= 2.0.4-21 + +%description +The setup package contains a set of important system configuration and +setup files, such as passwd, group, and profile. + +%prep +%setup -q +./shadowconvert.sh + +%build + +%check +# Run any sanity checks. +make check + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}/etc/profile.d +cp -ar * %{buildroot}/etc +rm -f %{buildroot}/etc/uidgid +rm -f %{buildroot}/etc/COPYING +mkdir -p %{buildroot}/var/log +touch %{buildroot}/var/log/lastlog +touch %{buildroot}/etc/environment +chmod 0644 %{buildroot}/etc/environment +chmod 0400 %{buildroot}/etc/{shadow,gshadow} +chmod 0644 %{buildroot}/var/log/lastlog +touch %{buildroot}/etc/fstab +touch %{buildroot}/etc/mtab + +# remove unpackaged files from the buildroot +rm -f %{buildroot}/etc/Makefile +rm -f %{buildroot}/etc/serviceslint +rm -f %{buildroot}/etc/uidgidlint +rm -f %{buildroot}/etc/shadowconvert.sh +rm -f %{buildroot}/etc/setup.spec + +%clean +rm -rf %{buildroot} + +#throw away useless and dangerous update stuff until rpm will be able to +#handle it ( http://rpm.org/ticket/6 ) +%post -p <lua> +for i, name in ipairs({"passwd", "shadow", "group", "gshadow"}) do + os.remove("/etc/"..name..".rpmnew") +end + +%files +%defattr(-,root,root,-) +%doc uidgid COPYING +%verify(not md5 size mtime) %config(noreplace) /etc/passwd +%verify(not md5 size mtime) %config(noreplace) /etc/group +%verify(not md5 size mtime) %attr(0000,root,root) %config(noreplace,missingok) /etc/shadow +%verify(not md5 size mtime) %attr(0000,root,root) %config(noreplace,missingok) /etc/gshadow +%verify(not md5 size mtime) %config(noreplace) /etc/services +%verify(not md5 size mtime) %config(noreplace) /etc/exports +%config(noreplace) /etc/aliases +%config(noreplace) /etc/environment +%config(noreplace) /etc/filesystems +%config(noreplace) /etc/host.conf +%verify(not md5 size mtime) %config(noreplace) /etc/hosts +%verify(not md5 size mtime) %config(noreplace) /etc/hosts.allow +%verify(not md5 size mtime) %config(noreplace) /etc/hosts.deny +%verify(not md5 size mtime) %config(noreplace) /etc/motd +%config(noreplace) /etc/printcap +%verify(not md5 size mtime) %config(noreplace) /etc/inputrc +%config(noreplace) /etc/bashrc +%config(noreplace) /etc/profile +%verify(not md5 size mtime) %config(noreplace) /etc/protocols +%attr(0600,root,root) %config(noreplace,missingok) /etc/securetty +%config(noreplace) /etc/csh.login +%config(noreplace) /etc/csh.cshrc +%dir /etc/profile.d +%config(noreplace) %verify(not md5 size mtime) /etc/shells +%ghost %attr(0644,root,root) %verify(not md5 size mtime) /var/log/lastlog +%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/fstab +%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/mtab + +%changelog +* Thu Jan 21 2010 Ondrej Vasik <ovasik@redhat.com> 2.8.15-1 +- reserve uidgid pair 155:155 for stap-server(#555813) +- reserve uidgid pair 113:113 for usbmuxd(#556525) + +* Tue Jan 12 2010 Ondrej Vasik <ovasik@redhat.com> 2.8.14-1 +- reserve uidgid pair 133:133 for bacula(#554705) + +* Tue Jan 05 2010 Ondrej Vasik <ovasik@redhat.com> 2.8.13-1 +- update services to latest IANA +- avoid one /usr/bin/id stat call in /etc/profile(#549056) + +* Thu Dec 17 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.12-1 +- speed up pathmunge inside bashrc (#544652) +- do not use deprecated egrep in profile + +* Thu Dec 03 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.11-1 +- don't have HISTCONTROL ignorespace by default (#520632), + but do not override it when it is already set +- add csync alias for port 2005 / tcp, udp + +* Wed Nov 11 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.10-1 +- reserve uidgid pair 112:112 for vhostmd (#534110) +- update /etc/services to latest IANA + +* Tue Sep 08 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.9-1 +- reserve uidgid pair 108:108 for ovirt from libvirt (#513261) +- reserve uidgid pair 111:111 for saned from sane-backends + (#520634) + +* Mon Aug 17 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.8-1 +- change permissions on /etc/shadow and /etc/gshadow to 0000 and + use capabilities for them(#517577) + +* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Tue Jul 21 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.7-1 +- increase threshold for uidgid reservations to 200 +- reserve uidgid pair 107:107 for qemu (libvirt,#511957) +- reflect threshold in profile and bashrc, do inform about + uidgid file existence there +- remove old remnants about portmap from hosts.deny(#509919) + +* Mon Jun 29 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.6-1 +- update protocols and services to latest IANA +- add example for tty in prompt(#503304) + +* Wed May 20 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.5-1 +- use history-search-backward/forward for pageup/pagedown + mapping in inputrc (#500989) +- add HISTCONTROL="ignoreboth" to /etc/profile to not include + duplicities and lines starting with space into the history + (#500819) + +* Tue May 12 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.4-1 +- add oprofile (16:16) to uidgid +- use os.remove instead of os.execute in lua post + - no dependency on /bin/sh (thanks Panu Matilainen) + +* Wed Apr 22 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.3-2 +- rewrite postun scriptlet to <lua> to prevent /bin/sh + dependency + +* Fri Apr 10 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.3-1 +- do not disable coredumps in profile/csh.cshrc scripts, + coredumps already disabled in rawhide's RLIMIT_CORE(#495035) + +* Wed Mar 25 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.2-2 +- reserve uid 65 for nslcd (will share group 55 ldap, #491899) + +* Tue Mar 24 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.2-1 +- ship COPYING file, update protocols and services + to latest IANA + +* Mon Mar 23 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.1-2 +- fix sources syntax, add sources URL (#226412) + +* Thu Feb 26 2009 Ondrej Vasik <ovasik@redhat.com> 2.8.1-1 +- do ship/generate /etc/{shadow,gshadow} files(#483251) +- do ship default /etc/hosts with setup (#483244) +- activate multi on (required for IPv6 only localhost + recognition out-of-the-box) (#486461) +- added postun section for cleaning of dangerous .rpmnew + files after updates +- make profile and bashrc more portable (ksh, #487419) + +* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Mon Feb 02 2009 Ondrej Vasik <ovasik@redhat.com> 2.7.7-4 +- drop <lua> scriptlet completely(audio/video group + temporarily created by packages which use it for + updates(#477769)) + +* Fri Jan 30 2009 Ondrej Vasik <ovasik@redhat.com> 2.7.7-3 +- add support for ctrl+arrow shortcut in rxvt(#474110) + +* Thu Jan 29 2009 Ondrej Vasik <ovasik@redhat.com> 2.7.7-2 +- reserve 87 gid for polkituser (just uid was reserved), + reserve 18 gid for dialout(to prevent conflicts with + polkituser gid) + +* Thu Jan 22 2009 Ondrej Vasik <ovasik@redhat.com> 2.7.7-1 +- synchronize /etc/services with latest IANA, do not use + tabs in that file to have consistent output +- fix indentation in /etc/profile and /etc/bashrc + (#481074) +- assign uid 36 for vdsm, gid 36 for kvm + (#346151,#481021) + +* Tue Jan 20 2009 Ondrej Vasik <ovasik@redhat.com> 2.7.6-1 +- make uidgid file better parsable (synchronize tabs) +- reserve gid 11 for group cdrom (udev,MAKEDEV) +- reserve gid 33 for group tape (udev,MAKEDEV) +- reserve gid 87 for group dialout (udev,MAKEDEV) + +* Tue Jan 06 2009 Ondrej Vasik <ovasik@redhat.com> 2.7.5-4 +- use lua language in post to prevent additional + dependencies + +* Thu Dec 18 2008 Ondrej Vasik <ovasik@redhat.com> 2.7.5-3 +- add pkiuser (17:17) to uidgid +- temporarily create video/audio group in post section + (#476886) + +* Wed Dec 10 2008 Ondrej Vasik <ovasik@redhat.com> 2.7.5-2 +- do not export PATH twice(#449286 NOTABUG revert) +- do not export INPUTRC(to respect just created ~/.inputrc) + (#443717) + +* Thu Nov 27 2008 Ondrej Vasik <ovasik@redhat.com> 2.7.5-1 +- Modified upstream URL, synchronized with upstream git + +* Wed Nov 19 2008 Ondrej Vasik <ovasik@redhat.com> 2.7.4-3 +- update protocols to latest IANA list (2008-04-18) +- update services to latest IANA list (2008-11-17) +- mark /etc/protocols and /etc/inputrc %%config(noreplace) +- added URL, fixed few rpmlint warnings +- do own audio and video group (#458843), create it in default + /etc/group + +* Tue Nov 18 2008 Ondrej Vasik <ovasik@redhat.com> 2.7.4-2 +- again process profile.d scripts in noninteractive shells, + but do not display stderr/stdout messages(#457243) +- fix wrong prompt for csh/tcsh (#443854) +- don't show error message about missing hostname in profile + (#301481) +- reserve rquotad port 875 in /etc/services (#455859) +- export PATH after processing profile.d scripts (#449286) +- assign gid's for audio (:63) and video (:39) group(#458843), + assign uidgid pair (52:52) for puppet (#471918) +- fix /etc/services duplicities to pass serviceslint + +* Thu Oct 09 2008 Phil Knirsch <pknirsch@redhat.com> 2.7.4-1 +- Include new serviceslint for speedup (#465642) +- Cleaned up services due to newly discovered bugs in it with new serviceslint + +* Wed Sep 03 2008 Phil Knirsch <pknirsch@redhat.com> 2.7.3-1 +- Added SBinSanity patch as an approved feature (#458176) + +* Wed Aug 06 2008 Phil Knirsch <pknirsch@redhat.com> 2.7.2-1 +- Added uidgid pair for condor +- Added uidgid pair for trousers + +* Fri Jul 25 2008 Phil Knirsch <pknirsch@redhat.com> 2.7.1-1 +- Bump to 2.7.1 to avoid version problems with F-9 +- Removed group news as well (#437462) + +* Tue Jun 17 2008 Phil Knirsch <pknirsch@redhat.com> 2.6.16-1 +- Dropped user news from default /etc/passwd (#437462) + +* Thu Jun 05 2008 Phil Knirsch <pknirsch@redhat.com> 2.6.15-1 +- Added prelude-manager and snortd to uidgid list + +* Mon Apr 07 2008 Phil Knirsch <pknirsch@redhat.com> 2.6.14-1 +- Updated /etc/services to latest IANA version (#315571) + +* Fri Apr 04 2008 Phil Knirsch <pknirsch@redhat.com> +- Fixed a problem with the new prompt for tcsh and screen terminal (#438550) + +* Thu Mar 20 2008 Phil Knirsch <pknirsch@redhat.com> 2.6.13-1 +- Drop the wrong precmd for csh for xterm and screen terminals + +* Tue Feb 26 2008 Phil Knirsch <pknirsch@redhat.com> 2.6.12-1 +- Corrected wrong /etc/profile.d behaviour for non-interactive bash and tcsh + +* Fri Feb 22 2008 Phil Knirsch <pknirsch@redhat.com> 2.6.11-1 +- Fixed problem with /etc/profile.d/* and non-interactive tcsh (#299221) +- Fixed xterm -title problem (#387581) +- Fixed problem with /etc/profile.d/*.csh not being executed for none loginshells anymore + (#381631, #429838) +- Corrected missing shell for news user in uidgid and passwd + +* Thu Aug 16 2007 Phil Knirsch <pknirsch@redhat.com> 2.6.10-1 +- License review and update + +* Tue Jul 24 2007 Phil Knirsch <pknirsch@redhat.com> 2.6.9-1 +- Assigned uid 87 for PolicyKit package (#244950) +- Fixed precmd fix if TERM isn't set (#242732) + +* Wed Jun 06 2007 Phil Knirsch <pknirsch@redhat.com> 2.6.7-1 +- Fixed precmd setting to behave like bash for (t)csh (#242732) + +* Thu May 24 2007 Phil Knirsch <pknirsch@redhat.com> 2.6.6-1 +- Added another set of proposed changes to /etc/csh.cshrc (#199817) +- Added missing documentation in /etc/hosts.[allow|deny] (#157053) + +* Wed May 23 2007 Phil Knirsch <pknirsch@redhat.com> 2.6.5-1 +- Fixed tcsh behaviour for non login shells (#191233) +- Fixed umask setting for tcsh to behave identical to bash logins (#199817) +- Added ipv6-crypt and ipv6-auth for backwards compatibility (#210546) + +* Wed Apr 18 2007 Phil Knirsch <pknirsch@redhat.com> 2.6.4-1 +- Modified the 111/[tcp/udp] entries to work with rpcbind (#236639) + +* Mon Mar 12 2007 Phil Knirsch <pknirsch@redhat.com> 2.6.3-1 +- Changed winbind_auth to wbpriv by request of the samba maintainer + +* Tue Dec 12 2006 Phil Knirsch <pknirsch@redhat.com> 2.6.2-1.fc7 +- Updated uidgid for split of pcap into arpwatcher and tcpdump. + +* Tue Nov 28 2006 Phil Knirsch <pknirsch@redhat.com> 2.6.1-1.fc7 +- Update version and rebuilt + +* Tue Nov 28 2006 Phil Knirsch <pknirsch@redhat.com> 2.5.57-1 +- Revert change for umask in /etc/bashrc (#217523) + +* Thu Nov 16 2006 Phil Knirsch <pknirsch@redhat.com> 2.5.56-1 +- Added an entry for samba and winbind_auth + +* Wed Oct 11 2006 Phil Knirsch <pknirsch@redhat.com> 2.5.55-1 +- Extended the protocols to include the missing hopopt (#209191) + +* Tue Oct 10 2006 Phil Knirsch <pknirsch@redhat.com> 2.5.54-1 +- Update /etc/protocols to latest officiall IANA version (#209191) + +* Thu Jul 27 2006 Phil Knirsch <pknirsch@redhat.com> 2.5.53-1 +- Added utempter gid for new libutempter package (#200240) + +* Mon Jun 19 2006 Phil Knirsch <pknirsch@redhat.com> 2.5.52-1 +- Lock password for root account by default (#182206) + +* Wed May 03 2006 Karsten Hopp <karsten@redhat.de> +- remove gkrellmd from the reserved uid/gid list (#186974) + +* Tue Mar 21 2006 Florian La Roche <laroche@redhat.com> 2.5.50-1 +- use stricter umask of 022 for all logins + +* Thu Feb 23 2006 Phil Knirsch <pknirsch@redhat.com> 2.5.49-1 +- Really switch to new /etc/services file +- Added /etc/fstab and /etc/mtab to ownership of setup (#177061) + +* Tue Jan 31 2006 Phil Knirsch <pknirsch@redhat.com> 2.5.48-1 +- Switched to the new large /etc/services file which fixes #112298, #133683, + #166443, #168872, #171228. +- Fixed pathmunge problem with bashrc (#123621) +- Removed /usr/X11R6/bin from default PATH (#173856) + +* Tue Jan 24 2006 Phil Knirsch <pknirsch@redhat.com> +- Fixed bug with PROMPT_COMMAND being broken for wierd dirs (#142125) +- Added hfsplus to know filesystems (#172820) + +* Mon Oct 17 2005 Bill Nottingham <notting@redhat.com> +- make motd noreplace (#170539) + +* Tue Sep 6 2005 Bill Nottingham <notting@redhat.com> 2.5.47-1 +- make lastlog 0644 (#167200) + +* Mon Jun 20 2005 Bill Nottingham <notting@redhat.com> 2.5.46-1 +- add buildrequires on bash, tcsh (#161016) +- move core dump size setting from csh.login to csh.cshrc (#156914) + +* Fri Jun 17 2005 Bill Nottingham <notting@redhat.com> 2.5.45-1 +- ksh doesn't implement EUID/UID. Work around that. (#160731) + +* Thu May 19 2005 Bill Nottingham <notting@redhat.com> 2.5.44-1 +- fix csh.cshrc when -e is used (#158265) + +* Mon Apr 25 2005 Bill Nottingham <notting@redhat.com> 2.5.43-1 +- remove mailman aliases (#155841) + +* Mon Apr 18 2005 Bill Nottingham <notting@redhat.com> 2.5.42-1 +- fix lastlog conflict (#155256) + +* Fri Apr 15 2005 Bill Nottingham <notting@redhat.com> 2.5.41-1 +- get rid of 'id' error messages if there is no /usr (#142707) + +* Mon Jan 31 2005 Bill Nottingham <notting@redhat.com> 2.5.40-1 +- have similar prompt changes for su to root in tcsh as in bash (#143826) + +* Tue Nov 23 2004 Bill Nottingham <notting@redhat.com> 2.5.39-1 +- ghost lastlog (#139539) + +* Thu Nov 18 2004 Bill Nottingham <notting@redhat.com> 2.5.38-1 +- fix bash/tcsh coredump size inconsistency (#139821) + +* Wed Oct 27 2004 Bill Nottingham <notting@redhat.com> 2.5.37-1 +- fix inconsistency in profile.d handling (#136859, <agrajag@dragaera.net>) + +* Fri Oct 8 2004 Bill Nottingham <notting@redhat.com> 2.5.36-1 +- fix duplicate alias + +* Tue Sep 28 2004 Bill Nottingham <notting@redhat.com> 2.5.35-1 +- add /etc/environment + +* Mon Sep 27 2004 Rik van Riel <riel@redhat.com> 2.5.34-2 +- mark /etc/services config(noreplace) (#133683) + +* Thu Sep 23 2004 Bill Nottingham <notting@redhat.com> 2.5.34-1 +- add dict (#107807) +- add cyrus services (#118832) +- move delete-char binding for csh (#113682) +- do the same path munging for csh as for bash (#57708) +- add postfix aliases (#117661) +- fix bashrc login shell check (#104491) +- add odmr to services (#101098) +- add distcc to services (#91535) +- add xterm forware/backward word bindings (#80860) + +* Mon May 24 2004 Bill Nottingham <notting@redhat.com> +- make pathmunge available for profile.d scripts (#123621) + +* Wed May 19 2004 Joe Orton <jorton@redhat.com> 2.5.33-2 +- add IANA Register Port for svn to /etc/services (#122863) + +* Wed May 5 2004 Nalin Dahyabhai <nalin@redhat.com> 2.5.33-1 +- fix syntax error in csh.cshrc + +* Tue May 4 2004 Bill Nottingham <notting@redhat.com> 2.5.32-1 +- set MAIL in csh.cshrc (#115376) +- fix inputrc check in csh.login (#115073) + +* Mon Jan 26 2004 Bill Nottingham <notting@redhat.com> 2.5.31-1 +- move /etc/aliases here + +* Mon Dec 8 2003 Bill Nottingham <notting@redhat.com> 2.5.30-1 +- remove stty `tput kbs` section (#91357) + +* Tue Sep 2 2003 Bill Nottingham <notting@redhat.com> 2.5.27-1 +- securetty should be noreplace (#103585) + +* Fri Mar 14 2003 Bill Nottingham <notting@redhat.com> 2.5.26-1 +- clean up some typos in /etc/services (#86129) + +* Mon Feb 17 2003 Florian La Roche <Florian.LaRoche@redhat.de> +- add "console" to /etc/securetty for mainframe + +* Mon Jan 20 2003 Nalin Dahyabhai <nalin@redhat.com> 2.5.24-1 +- allocate uid/gid for mgetty + +* Thu Jan 9 2003 Dan Walsh <dwalsh@redhat.com> 2.5.23-1 +- added PXE to /etc/services + +* Wed Jan 1 2003 Bill Nottingham <notting@redhat.com> 2.5.22-1 +- remove bogus entries from inputrc (#80652) + +* Fri Nov 29 2002 Tim Powers <timp@redhat.com> 2.5.21-1 +- remove unpackaged files from the buildroot + +* Thu Aug 29 2002 Bill Nottingham <notting@redhat.com> 2.5.20-1 +- shopt -s checkwinsize everywhere + +* Wed Aug 28 2002 Preston Brown <pbrown@redhat.com> 2.5.19-1 +- fix bug #61129 (~ substitution) + +* Wed Aug 15 2002 Jens Petersen <petersen@redhat.com> 2.5.18-1 +- bring back the screen case in /etc/bashrc, since /etc/screenrc no + longer sets defhstatus (#60596, #60597) + +* Sun Aug 11 2002 Florian La Roche <Florian.LaRoche@redhat.de> 2.5.17-1 +- add "set mark-symlinked-directories on" to /etc/inputrc + +* Mon Jul 22 2002 Phil Knirsch <pknirsch@redhat.com> 2.5.16-2 +- Added shopt -s checkwinsize to /etc/bashrc for xterm resizing + +* Fri Jul 19 2002 Jens Petersen <petersen@redhat.com> 2.5.16-1 +- dont special case screen in /etc/bashrc, since it overrides the user's + screenrc title setting (#60596) + +* Thu Jul 18 2002 Florian La Roche <Florian.LaRoche@redhat.de> 2.5.14-1 +- move home dir of "news" to /etc/news + +* Tue May 28 2002 Nalin Dahyabhai <nalin@redhat.com> 2.5.13-1 +- allocate uid/gid for privilege-separated sshd + +* Thu May 23 2002 Tim Powers <timp@redhat.com> 2.5.12-2 +- automated rebuild + +* Wed Apr 3 2002 Bill Nottingham <notting@redhat.com> 2.5.12-1 +- fix misformatted comment in /etc/services, allocate uid/gid for + frontpage + +* Thu Mar 28 2002 Bill Nottingham <notting@redhat.com> 2.5.11-1 +- add newline in /etc/shells (#62271) + +* Thu Mar 28 2002 Nalin Dahyabhai <nalin@redhat.com> 2.5.10-1 +- allocate uid for the vcsa user + +* Tue Mar 12 2002 Bill Nottingham <notting@redhat.com> 2.5.9-1 +- re-add ext3 to /etc/filesystems + +* Mon Mar 11 2002 Bill Nottingham <notting@redhat.com> 2.5.8-1 +- add nologin to /etc/shells (#53963) +- fix some quoting issues (#59627) +- fix screen status line (#60596) +- fix path regexps (#59624) +- move profile.d stuff to csh.cshrc (#59946) + +* Fri Mar 8 2002 Nalin Dahyabhai <nalin@redhat.com> +- add bprd, bpdbm, bpjava-msvc, vnetd, bpcd, and vopied to /etc/services + +* Tue Sep 25 2001 Nalin Dahyabhai <nalin@redhat.com> +- change rmtcfg to an alias for bvcontrol, which is a registered name + +* Mon Sep 17 2001 Nalin Dahyabhai <nalin@redhat.com> 2.5.7-1 +- add entries to services (ipp, wnn4, and so on) +- try to remove duplicates in services (remove nameserver as alias for domain, + and readnews as alias for netnews) + +* Mon Aug 20 2001 Bill Nottingham <notting@redhat.com> +- change FTP user's home dir to /var/ftp (#52091) +- %%ghost /etc/shadow, /etc/gshadow + +* Fri Aug 17 2001 Bill Nottingham <notting@redhat.com> +- add /etc/shells to filelist (#51813) + +* Mon Aug 13 2001 Bill Nottingham <notting@redhat.com> +- put lock in /etc/group (#51654) + +* Wed Aug 8 2001 Bill Nottingham <notting@redhat.com> +- lock only needs to be a gid +- don't set dspmbyte=euc here; do it in lang.csh, and only if necessary (#50318) + +* Mon Aug 6 2001 Jeff Johnson <jbj@redhat.com> +- add lock.lock uid/gid 54 to own /var/lock directory. + +* Thu Jul 19 2001 Bill Nottingham <notting@redhat.com> +- add forward/backward-word mappings (#48783) +- add pgpkeyserver port to /etc/services (#49407) + +* Thu Jul 19 2001 Preston Brown <pbrown@redhat.com> +- core files disabled by default. Developers can enable them. + +* Fri Jul 13 2001 Bill Nottingham <notting@redhat.com> 2.5.1-1 +- revert news user back to no shell (#48701) + +* Tue Jul 10 2001 Bill Nottingham <notting@redhat.com> 2.5.0-1 +- move profile.d parsing from csh.cshrc to csh.login (#47417) + +* Sat Jul 7 2001 Nalin Dahyabhai <nalin@redhat.com> 2.4.15-1 +- reorder /etc/services to match comments again +- protocol 118 is stp, not st +- update URLs in /etc/protocols and /etc/services + +* Thu Jul 5 2001 Preston Brown <pbrown@redhat.com> 2.4.14-1 +- put */sbin in path if user ID is 0. + +* Mon Jun 25 2001 Bill Nottingham <notting@redhat.com> +- add an entry to /etc/services for ssh X11 forwarding (#44944) + +* Wed Jun 13 2001 Bill Nottingham <notting@redhat.com> +- take ttyS0 out of securetty on main tree + +* Tue Jun 12 2001 Philip Copeland <bryce@redhat.com> +- added ttyS0 to securetty for serial console usage + +* Tue Jun 12 2001 Bill Nottingham <notting@redhat.com> +- add rndc to /etc/services (#40265) +- test for read bit, not execute bit, for profile.d (#35714) + +* Sun Jun 03 2001 Florian La Roche <Florian.LaRoche@redhat.de> +- add "canna" entry to /etc/services + +* Mon May 21 2001 Bernhard Rosenkraenzer <bero@redhat.com> 2.4.10-1 +- Fix bugs #24159 and #30634 again; whoever moved bashrc from bash + to setup used an old version. :(( + +* Wed May 2 2001 Preston Brown <pbrown@redhat.com> 2.4.9-1 +- bashrc moved here from bash package +- set umask in bashrc, so it applies for ALL shells. + +* Fri Apr 27 2001 Preston Brown <pbrown@redhat.com> 2.4.8-1 +- /sbin/nologin for accounts that aren't "real." + +* Sat Apr 7 2001 Preston Brown <pbrown@redhat.com> +- revert control-arrow forward/backward word (broken) + +* Tue Mar 27 2001 Preston Brown <pbrown@redhat.com> +- fix japanese input with tcsh (#33211) + +* Tue Mar 6 2001 Bill Nottingham <notting@redhat.com> +- fix some weirdness with rxvt (#30799) + +* Wed Feb 28 2001 Bill Nottingham <notting@redhat.com> +- add SKK input method (#29759) + +* Fri Feb 23 2001 Preston Brown <pbrown@redhat.com> + +* Wed Feb 21 2001 Bill Nottingham <notting@redhat.com> +- fix inputrc, Yet Again. (#28617) + +* Thu Feb 15 2001 Bill Nottingham <notting@redhat.com> +- add in uidgid file, put it in %%doc + +* Wed Feb 7 2001 Adrian Havill <havill@redhat.com> +- bindkey for delete in the case of tcsh + +* Wed Feb 7 2001 Bill Nottingham <notting@redhat.com> +- add some more stuff to /etc/services (#25396, patch from + <pekkas@netcore.fi>) + +* Tue Feb 6 2001 Nalin Dahyabhai <nalin@redhat.com> +- add gii/tcp = 616 for gated + +* Tue Jan 30 2001 Bill Nottingham <notting@redhat.com> +- wrap some inputrc settings with tests for mode, term (#24117) + +* Mon Jan 29 2001 Bill Nottingham <notting@redhat.com> +- overhaul /etc/protocols (#18530) +- add port 587 to /etc/services (#25001) +- add corbaloc (#19581) +- don't set /usr/X11R6/bin in $PATH if it's already set (#19968) + +* Fri Dec 1 2000 Nalin Dahyabhai <nalin@redhat.com> +- Clean up /etc/services, separating registered numbers from unregistered + ("squatted") numbers, and adding some. + +* Mon Nov 20 2000 Bernhard Rosenkraenzer <bero@redhat.com> +- Add smtps (465/tcp) and submission (587/tcp) to /etc/services for TLS + support (postfix >= 20001030-2) + +* Sun Aug 6 2000 Bill Nottingham <notting@redhat.com> +- /var/log/lastlog is %%config(noreplace) (#15412) +- some of the various %%verify changes (#14819) + +* Thu Aug 3 2000 Nalin Dahyabhai <nalin@redhat.com> +- linuxconf should be 98, not 99 + +* Tue Jul 25 2000 Bill Nottingham <notting@redhat.com> +- fix some of the csh stuff (#14622) + +* Sun Jul 23 2000 Nalin Dahyabhai <nalin@redhat.com> +- stop setting "multi on" in /etc/host.conf + +* Wed Jul 12 2000 Prospector <bugzilla@redhat.com> +- automatic rebuild + +* Tue Jun 27 2000 Bill Nottingham <notting@redhat.com> +- add hfs filesystem + +* Wed Jun 21 2000 Preston Brown <pbrown@redhat.com> +- printcap is a noreplace file now + +* Sun Jun 18 2000 Bill Nottingham <notting@redhat.com> +- fix typo + +* Tue Jun 13 2000 Nalin Dahyabhai <nalin@redhat.com> +- add linuxconf/tcp = 99 to /etc/services + +* Sat Jun 10 2000 Bill Nottingham <notting@redhat.com> +- add some stuff to /etc/services +- tweak ulimit call again + +* Tue Jun 6 2000 Bernhard Rosenkraenzer <bero@redhat.com> +- homedir of ftp is now /var/ftp + +* Sun May 14 2000 Nalin Dahyabhai <nalin@redhat.com> +- move profile.d logic in csh.login to csh.cshrc + +* Tue Apr 18 2000 Nalin Dahyabhai <nalin@redhat.com> +- redirect ulimit -S -c to /dev/null to avoid clutter + +* Thu Apr 13 2000 Bernhard Rosenkraenzer <bero@redhat.com> +- s/ulimit -c/ulimit -S -c/ - bash 2.x adaption + +* Mon Apr 03 2000 Nalin Dahyabhai <nalin@redhat.com> +- Add more of the kerberos-related services from IANA's registry and krb5 + +* Wed Mar 29 2000 Bernhard Rosenkraenzer <bero@redhat.com> +- Add 2.4'ish vc/* devices to securetty + +* Thu Feb 17 2000 Preston Brown <pbrown@redhat.com> +- add /etc/filesystems with sane defaults + +* Wed Feb 16 2000 Bill Nottingham <notting@redhat.com> +- don't set prompt in /etc/profile (it's done in /etc/bashrc) + +* Fri Feb 5 2000 Bill Nottingham <notting@redhat.com> +- yet more inputrc tweaks from Hans de Goede (hans@highrise.nl) + +* Sun Jan 30 2000 Bill Nottingham <notting@redhat.com> +- yet more inputrc tweaks from Hans de Goede (hans@highrise.nl) + +* Sun Jan 23 2000 Bill Nottingham <notting@redhat.com> +- fix mailq line. (#7140) + +* Fri Jan 21 2000 Bill Nottingham <notting@redhat.com> +- add ldap to /etc/services + +* Tue Jan 18 2000 Bill Nottingham <notting@redhat.com> +- kill HISTFILESIZE, it's broken + +* Tue Jan 18 2000 Preston Brown <pbrown@redhat.com> +- some inputrc tweaks + +* Wed Jan 12 2000 Bill Nottingham <notting@redhat.com> +- make some more stuff noreplace + +* Fri Nov 19 1999 Bill Nottingham <notting@redhat.com> +- fix mailq line. (#7140) + +* Fri Oct 29 1999 Bill Nottingham <notting@redhat.com> +- split csh.login into csh.login and csh.cshrc (#various) +- fix pop service names (#6206) +- fix ipv6 protocols entries (#6219) + +* Thu Sep 2 1999 Jeff Johnson <jbj@redhat.com> +- rename /etc/csh.cshrc to /etc/csh.login (#2931). +- (note: modified /etc/csh.cshrc should end up in /etc/csh.cshrc.rpmsave) + +* Fri Aug 20 1999 Jeff Johnson <jbj@redhat.com> +- add defattr. +- fix limit command in /etc/csh.cshrc (#4582). + +* Thu Jul 8 1999 Bill Nottingham <notting@redhat.com> +- move /etc/inputrc here. + +* Mon Apr 19 1999 Bill Nottingham <notting@redhat.com> +- always use /etc/inputrc + +* Wed Mar 31 1999 Preston Brown <pbrown@redhat.com> +- added alias pointing to imap from imap2 + +* Tue Mar 23 1999 Preston Brown <pbrown@redhat.com> +- updated protocols/services from debian to comply with more modern +- IETF/RFC standards + +* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> +- auto rebuild in the new build environment (release 4) + +* Thu Feb 18 1999 Jeff Johnson <jbj@redhat.com> +- unset variables used in /etc/csh.cshrc (#1212) + +* Mon Jan 18 1999 Jeff Johnson <jbj@redhat.com> +- compile for Raw Hide. + +* Tue Oct 13 1998 Cristian Gafton <gafton@redhat.com> +- fix the csh.cshrc re: ${PATH} undefined + +* Mon Apr 27 1998 Prospector System <bugs@redhat.com> +- translations modified for de, fr, tr + +* Fri Dec 05 1997 Erik Troan <ewt@redhat.com> +- /etc/profile uses $i, which needs to be unset + +* Mon Nov 03 1997 Donnie Barnes <djb@redhat.com> +- made /etc/passwd and /etc/group %%config(noreplace) + +* Mon Oct 20 1997 Erik Troan <ewt@redhat.com> +- removed /etc/inetd.conf, /etc/rpc +- flagged /etc/securetty as missingok +- fixed buildroot stuff in spec file + +* Thu Jul 31 1997 Erik Troan <ewt@redhat.com> +- made a noarch package + +* Wed Apr 16 1997 Erik Troan <ewt@redhat.com> +- Don't verify md5sum, size, or timestamp of /var/log/lastlog, /etc/passwd, + or /etc/group. diff --git a/shadowconvert.sh b/shadowconvert.sh new file mode 100755 index 0000000..4be13b6 --- /dev/null +++ b/shadowconvert.sh @@ -0,0 +1,18 @@ +#!/bin/bash +if [ x`pwd` = "x/etc" ] +then + echo Cannot operate directly on \"/etc\". >&2 + exit 1 +fi + +#make prototype for /etc/shadow +sed -e "s/:.*/:*:`expr $(date +%s) / 86400`:0:99999:7:::/" passwd >shadow + +#make prototype for /etc/gshadow +sed -e 's/:[0-9]\+:/::/g' group >gshadow + +#mark passwd and group files entries shadowed +sed -i -e 's/^\([^:]\+\):[^:]*:/\1:x:/' passwd group + +echo Converted successfully. +exit 0 @@ -0,0 +1,3 @@ +/bin/sh +/bin/bash +/sbin/nologin @@ -0,0 +1,123 @@ +NAME UID GID HOME SHELL PACKAGES +root 0 0 /root /bin/bash setup +bin 1 1 /bin /sbin/nologin setup +daemon 2 2 /sbin /sbin/nologin setup +sys - 3 - - setup +adm 3 4 /var/adm /bin/bash setup +tty - 5 - - setup +disk - 6 - - setup +lp 4 7 /var/spool/lpd /sbin/nologin setup +mem - 8 - - setup +kmem - 9 - - setup +wheel - 10 - - setup +cdrom - 11 - - udev,MAKEDEV +sync 5 (0) /sbin /bin/sync setup +shutdown 6 (0) /sbin /sbin/shutdown setup +halt 7 (0) /sbin /sbin/halt setup +mail 8 12 /var/spool/mail /sbin/nologin setup +news 9 13 /var/spool/news /sbin/nologin setup +uucp 10 14 /var/spool/uucp /sbin/nologin setup +operator 11 (0) /root /sbin/nologin setup +games 12 (100) /usr/games /sbin/nologin setup +gopher 13 30 /usr/lib/gopher-data /sbin/nologin setup +ftp 14 50 /var/ftp /sbin/nologin setup +man - 15 - - setup +oprofile 16 16 /home/oprofile /sbin/nologin oprofile +pkiuser 17 17 /usr/share/pki /sbin/nologin pki-ca,rhpki-ca +dialout - 18 - - udev,MAKEDEV +floppy - 19 - - dev,MAKEDEV +games - 20 - - setup +slocate - 21 - - slocate +utmp - 22 - - initscripts,libutempter +squid 23 23 /var/spool/squid /dev/null squid +pvm 24 24 /usr/share/pvm3 /bin/bash pvm +named 25 25 /var/named /bin/false bind +postgres 26 26 /var/lib/pgsql /bin/bash postgresql-server +mysql 27 27 /var/lib/mysql /bin/bash mysql +nscd 28 28 / /bin/false nscd +rpcuser 29 29 /var/lib/nfs /bin/false nfs-utils +console - 31 - - dev +rpc 32 32 / /bin/false portmap +amanda 33 (6) /var/lib/amanda /bin/false amanda +tape - 33 - - udev,MAKEDEV +netdump 34 34 /var/crash /bin/bash netdump-client, netdump-server +utempter - 35 - - libutempter +vdsm 36 - / /bin/bash kvm, vdsm +kvm - 36 - - kvm, vdsm, libvirt +rpm 37 37 /var/lib/rpm /bin/bash rpm +ntp 38 38 /etc/ntp /sbin/nologin ntp +video - 39 - - setup +dip - 40 - - setup +mailman 41 41 /var/mailman /bin/false mailman +gdm 42 42 /var/gdm /bin/bash gdm +xfs 43 43 /etc/X11/fs /bin/false XFree86-xfs +pppusers - 44 - - linuxconf +popusers - 45 - - linuxconf +slipusers - 46 - - linuxconf +mailnull 47 47 /var/spool/mqueue /dev/null sendmail +apache 48 48 /var/www /bin/false apache +wnn 49 49 /home/wnn /bin/bash FreeWnn +smmsp 51 51 /var/spool/mqueue /dev/null sendmail +puppet 52 52 /var/lib/puppet /sbin/nologin puppet +tomcat 53 53 /var/lib/tomcat /sbin/nologin tomcat +lock - 54 - - lockdev +ldap 55 55 /var/lib/ldap /bin/false openldap-servers +frontpage 56 56 /var/www /bin/false mod_frontpage +nut 57 57 /var/lib/ups /bin/false nut +beagleindex 58 58 /var/cache/beagle /bin/false beagle +tss 59 59 - /sbin/nologin trousers +piranha 60 60 /etc/sysconfig/ha /dev/null piranha +prelude-manager 61 61 - /sbin/nologin prelude-manager +snortd 62 62 - /sbin/nologin snortd +audio - 63 - - setup +condor 64 64 /var/lib/condor /sbin/nologin condord +nslcd 65 (55) / /sbin/nologin nslcd +wine - 66 - - wine +pegasus 66 65 /var/lib/Pegasus /sbin/nologin tog-pegasus +webalizer 67 67 /var/www/html/usage /sbin/nologin webalizer +haldaemon 68 68 / /sbin/nologin hal +vcsa 69 69 - /sbin/nologin dev,MAKEDEV +avahi 70 70 / /sbin/nologin avahi +realtime - 71 - - - +tcpdump 72 72 / /sbin/nologin tcpdump +privoxy 73 73 /etc/privoxy /bin/bash privoxy +sshd 74 74 /var/empty/sshd /sbin/nologin openssh-server +radvd 75 75 / /bin/false radvd +cyrus 76 (12) /var/imap /bin/bash cyrus-imapd +shadow - 76 - - cyrus-imapd +arpwatch 77 77 /var/lib/arpwatch /sbin/nologin arpwatch +fax 78 78 /var/spool/fax /sbin/nologin mgetty +nocpulse 79 79 /etc/sysconfig/nocpulse /bin/bash nocpulse +desktop 80 80 - /sbin/nologin desktop-file-utils +dbus 81 81 / /sbin/nologin dbus +jonas 82 82 /var/lib/jonas /sbin/nologin jonas +clamav 83 83 /tmp /sbin/nologin clamav +screen - 84 - - screen +quaggavt - 85 - - quagga +sabayon 86 86 - /sbin/nologin sabayon +polkituser 87 87 / /sbin/nologin polkit +wbpriv - 88 - - samba-common +postfix 89 89 /var/spool/postfix /bin/true postfix +postdrop - 90 - - postfix +majordomo 91 91 /usr/lib/majordomo /bin/bash majordomo +quagga 92 92 / /sbin/nologin quagga +exim 93 93 /var/spool/exim /sbin/nologin exim +distcache 94 94 / /sbin/nologin distcache +radiusd 95 95 / /bin/false freeradius +hsqldb 96 96 /var/lib/hsqldb /sbin/nologin hsqldb +dovecot 97 97 /usr/libexec/dovecot /sbin/nologin dovecot +ident 98 98 / /sbin/nologin ident +nobody 99 99 / /sbin/nologin setup +users - 100 - - setup +qemu 107 107 / /sbin/nologin libvirt +ovirt 108 108 / /sbin/nologin libvirt +saned 111 111 / /sbin/nologin sane-backends +vhostmd 112 112 /usr/share/vhostmd /sbin/nologin vhostmd +usbmuxd 113 113 / /sbin/nologin usbmuxd +bacula 133 133 /var/spool/bacula /sbin/nologin bacula +stap-server 155 155 /var/lib/stap-server /sbin/nologin systemtap +gnats ? ? ? ? gnats, gnats-db +listar ? ? ? ? listar +nfsnobody 65534 65534 /var/lib/nfs /sbin/nologin nfs-utils + +# Note: nfsnobdy is 4294967294 on 64-bit platforms (-2) diff --git a/uidgidlint b/uidgidlint new file mode 100755 index 0000000..adbb158 --- /dev/null +++ b/uidgidlint @@ -0,0 +1,24 @@ +#!/bin/sh +# We need a file to look at. +if [ -z "$*" ] ; then + echo Usage: `basename $0` uidgid + exit 1 +fi +# The format of the file is (currently) +for infile in "$@" ; do + uidlist=`tail -n +2 "$infile" | awk '{print $2}' | grep -v '?' | grep -v -e - | sort -nu` + gidlist=`tail -n +2 "$infile" | awk '{print $3}' | grep -v '?' | grep -v -e - | sort -nu` + for uid in $uidlist ; do + if test `tail -n +2 "$infile" | awk '{print $2}' | grep '^'"$uid"'$' | wc -l` -ne 1 ; then + echo Duplicate UID: $uid + exit 1 + fi + done + for gid in $gidlist ; do + if test `tail -n +2 "$infile" | awk '{print $3}' | grep '^'"$uid"'$' | wc -l` -ne 1 ; then + echo Duplicate GID: $gid + exit 1 + fi + done +done +exit 0 |