if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
-exit 0
+exit $EXITVALUE
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/files/grub.default-3,v 1.5 2015/03/25 01:58:00 floppym Exp $
+# $Id$
#
# To populate all changes in this file you need to regenerate your
# grub configuration file afterwards:
-# Copyright 1999-2014 Gentoo Foundation
+# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/files/grub.default-3,v 1.4 2014/10/16 04:04:02 floppym Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/files/grub.default-3,v 1.5 2015/03/25 01:58:00 floppym Exp $
#
# To populate all changes in this file you need to regenerate your
# grub configuration file afterwards:
# Uncomment to disable generation of recovery mode menu entries
#GRUB_DISABLE_RECOVERY=true
+
+# Uncomment to disable generation of the submenu and put all choices on
+# the top-level menu.
+# Besides the visual affect of no sub menu, this makes navigation of the
+# menu easier for a user who can't see the screen.
+#GRUB_DISABLE_SUBMENU=y
+
+# Uncomment to play a tone when the main menu is displayed.
+# This is useful, for example, to allow users who can't see the screen
+# to know when they can make a choice on the menu.
+#GRUB_INIT_TUNE="60 800 1"
-# Copyright 1999-2013 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/files/grub.default-2,v 1.4 2013/09/21 18:10:55 floppym Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/files/grub.default-3,v 1.4 2014/10/16 04:04:02 floppym Exp $
#
# To populate all changes in this file you need to regenerate your
# grub configuration file afterwards:
# 'grub2-mkconfig -o /boot/grub/grub.cfg'
#
# See the grub info page for documentation on possible variables and
-# their associated values.
+# their associated values.
GRUB_DISTRIBUTOR="Bruni (Gentoo)"
+# Default menu entry
GRUB_DEFAULT=0
-GRUB_HIDDEN_TIMEOUT=5
-GRUB_HIDDEN_TIMEOUT_QUIET=true
+
+# Boot the default entry this many seconds after the menu is displayed
+#GRUB_TIMEOUT=5
GRUB_TIMEOUT=10
+#GRUB_TIMEOUT_STYLE=menu
# Append parameters to the linux kernel command line
-# GRUB_CMDLINE_LINUX=""
+#GRUB_CMDLINE_LINUX=""
+#
+# Examples:
+#
+# Boot with network interface renaming disabled
+# GRUB_CMDLINE_LINUX="net.ifnames=0"
+#
+# Boot with systemd instead of sysvinit (openrc)
+# GRUB_CMDLINE_LINUX="init=/usr/lib/systemd/systemd"
# Append parameters to the linux kernel command line for non-recovery entries
#GRUB_CMDLINE_LINUX_DEFAULT=""
#GRUB_GFXMODE=640x480
GRUB_GFXMODE=800x600
+# Set to 'text' to force the Linux kernel to boot in normal text
+# mode, 'keep' to preserve the graphics mode set using
+# 'GRUB_GFXMODE', 'WIDTHxHEIGHT'['xDEPTH'] to set a particular
+# graphics mode, or a sequence of these separated by commas or
+# semicolons to try several modes in sequence.
+#GRUB_GFXPAYLOAD_LINUX=
+
# Path to theme spec txt file.
# The starfield is by default provided with use truetype.
# NOTE: when enabling custom theme, ensure you have required font/etc.
--- /dev/null
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/files/grub.default-2,v 1.4 2013/09/21 18:10:55 floppym Exp $
+#
+# To populate all changes in this file you need to regenerate your
+# grub configuration file afterwards:
+# 'grub2-mkconfig -o /boot/grub/grub.cfg'
+#
+# See the grub info page for documentation on possible variables and
+# their associated values.
+
+GRUB_DISTRIBUTOR="Bruni (Gentoo)"
+
+GRUB_DEFAULT=0
+GRUB_HIDDEN_TIMEOUT=5
+GRUB_HIDDEN_TIMEOUT_QUIET=true
+GRUB_TIMEOUT=10
+
+# Append parameters to the linux kernel command line
+# GRUB_CMDLINE_LINUX=""
+
+# Append parameters to the linux kernel command line for non-recovery entries
+#GRUB_CMDLINE_LINUX_DEFAULT=""
+
+# Uncomment to disable graphical terminal (grub-pc only)
+#GRUB_TERMINAL=console
+
+# The resolution used on graphical terminal.
+# Note that you can use only modes which your graphic card supports via VBE.
+# You can see them in real GRUB with the command `vbeinfo'.
+#GRUB_GFXMODE=640x480
+GRUB_GFXMODE=800x600
+
+# Path to theme spec txt file.
+# The starfield is by default provided with use truetype.
+# NOTE: when enabling custom theme, ensure you have required font/etc.
+#GRUB_THEME="/boot/grub/themes/starfield/theme.txt"
+
+# Background image used on graphical terminal.
+# Can be in various bitmap formats.
+#GRUB_BACKGROUND="/boot/grub/mybackground.png"
+
+# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to kernel
+GRUB_DISABLE_LINUX_UUID=true
+
+# Uncomment to disable generation of recovery mode menu entries
+#GRUB_DISABLE_RECOVERY=true
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Id$
#
# To populate all changes in this file you need to regenerate your
# grub configuration file afterwards:
-# $Header: /var/cvsroot/gentoo-x86/app-admin/logrotate/files/logrotate.conf,v 1.5 2013/05/18 09:41:04 nimiux Exp $
+# $Id$
#
-# Logrotate default configuration file for Gentoo Linux
-#
-# See "man logrotate" for details
+# Default logrotate(8) configuration file for Gentoo Linux.
+# See "man logrotate" for details.
-# rotate log files weekly
+# rotate log files weekly.
weekly
#daily
rotate 10
maxage 2y
-# create new (empty) log files after rotating old ones
+# create new (empty) log files after rotating old ones.
create
tabooprefix \.
-# use date as a suffix of the rotated file
+# use date as a suffix of the rotated file.
dateext
# do not rotate, if the file is empty
#nomail
noolddir
-# packages can drop log rotation information into this directory
+# packages can drop log rotation information into this directory.
include /etc/logrotate.d
-# no packages own wtmp and btmp -- we'll rotate them here
+# no packages own wtmp and btmp -- we'll rotate them here.
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 12
size=4096K
}
-
/var/log/btmp {
missingok
monthly
-# $Header: /var/cvsroot/gentoo-x86/app-admin/logrotate/files/logrotate.conf,v 1.3 2008/12/24 20:49:10 dang Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/logrotate/files/logrotate.conf,v 1.5 2013/05/18 09:41:04 nimiux Exp $
#
# Logrotate default configuration file for Gentoo Linux
#
# packages can drop log rotation information into this directory
include /etc/logrotate.d
-# no packages own lastlog or wtmp -- we'll rotate them here
+# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
--- /dev/null
+# $Header: /var/cvsroot/gentoo-x86/app-admin/logrotate/files/logrotate.conf,v 1.3 2008/12/24 20:49:10 dang Exp $
+#
+# Logrotate default configuration file for Gentoo Linux
+#
+# See "man logrotate" for details
+
+# rotate log files weekly
+weekly
+#daily
+
+# keep 4 weeks worth of backlogs
+rotate 10
+maxage 2y
+
+# create new (empty) log files after rotating old ones
+create
+
+tabooprefix \.
+
+# use date as a suffix of the rotated file
+dateext
+
+# do not rotate, if the file is empty
+notifempty
+
+# uncomment this if you want your log files compressed
+compress
+
+# is it okay, if a logfile doesn't exists ?
+missingok
+
+#nomail
+noolddir
+
+# packages can drop log rotation information into this directory
+include /etc/logrotate.d
+
+# no packages own lastlog or wtmp -- we'll rotate them here
+/var/log/wtmp {
+ monthly
+ create 0664 root utmp
+ rotate 12
+ size=4096K
+}
+
+/var/log/btmp {
+ missingok
+ monthly
+ create 0600 root utmp
+ rotate 1
+}
+
+# system-specific logs may be also be configured here.
-# $Id$
#
# Default logrotate(8) configuration file for Gentoo Linux.
# See "man logrotate" for details.
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.1.2-r1/html
+html_directory = /usr/share/doc/postfix-3.1.2-r2/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.1.2-r1/readme
+readme_directory = /usr/share/doc/postfix-3.1.2-r2/readme
# inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.1.0-r1/html
+html_directory = /usr/share/doc/postfix-3.1.2-r1/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.1.0-r1/readme
+readme_directory = /usr/share/doc/postfix-3.1.2-r1/readme
# inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.1.0/html
+html_directory = /usr/share/doc/postfix-3.1.0-r1/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.1.0/readme
+readme_directory = /usr/share/doc/postfix-3.1.0-r1/readme
# inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
#
-# The default is $myhostname + localhost.$mydomain. On a mail domain
-# gateway, you should also include $mydomain.
+# The default is $myhostname + localhost.$mydomain + localhost. On
+# a mail domain gateway, you should also include $mydomain.
#
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.3-r1/html
+html_directory = /usr/share/doc/postfix-3.1.0/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.3-r1/readme
-
+readme_directory = /usr/share/doc/postfix-3.1.0/readme
# inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
smtp_sasl_security_options = noanonymous
-relayhost = [mail.brehm-online.com]
+relayhost = [mail.uhu-banane.net]:submission
#relayhost = [helga-six.brehm-online.com]
smtpd_use_tls = yes
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.2/html
+html_directory = /usr/share/doc/postfix-3.0.3-r1/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.2/readme
+readme_directory = /usr/share/doc/postfix-3.0.3-r1/readme
+
# inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.1-r1/html
+html_directory = /usr/share/doc/postfix-3.0.2/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.1-r1/readme
+readme_directory = /usr/share/doc/postfix-3.0.2/readme
# inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.0.0/html
+html_directory = /usr/share/doc/postfix-3.0.1-r1/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.0.0/readme
+readme_directory = /usr/share/doc/postfix-3.0.1-r1/readme
+# inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
home_mailbox = .maildir/
# For best results, change no more than 2-3 parameters at a time,
# and test if Postfix still works after every change.
+# COMPATIBILITY
+#
+# The compatibility_level determines what default settings Postfix
+# will use for main.cf and master.cf settings. These defaults will
+# change over time.
+#
+# To avoid breaking things, Postfix will use backwards-compatible
+# default settings and log where it uses those old backwards-compatible
+# default settings, until the system administrator has determined
+# if any backwards-compatible default settings need to be made
+# permanent in main.cf or master.cf.
+#
+# When this review is complete, update the compatibility_level setting
+# below as recommended in the RELEASE_NOTES file.
+#
+# The level below is what should be used with new (not upgrade) installs.
+#
+#compatibility_level = 2
+
# SOFT BOUNCE
#
# The soft_bounce parameter provides a limited safety net for
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.11.3/html
+html_directory = /usr/share/doc/postfix-3.0.0/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.11.3/readme
+readme_directory = /usr/share/doc/postfix-3.0.0/readme
+meta_directory = /etc/postfix
+shlib_directory = /usr/lib64/postfix/${mail_version}
home_mailbox = .maildir/
smtpd_sasl_auth_enable = yes
# For common configuration examples, see BASIC_CONFIGURATION_README
# and STANDARD_CONFIGURATION_README. To find these documents, use
# the command "postconf html_directory readme_directory", or go to
-# http://www.postfix.org/.
+# http://www.postfix.org/BASIC_CONFIGURATION_README.html etc.
#
# For best results, change no more than 2-3 parameters at a time,
# and test if Postfix still works after every change.
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.3/html
+html_directory = /usr/share/doc/postfix-2.11.3/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.3/readme
+readme_directory = /usr/share/doc/postfix-2.11.3/readme
home_mailbox = .maildir/
smtpd_sasl_auth_enable = yes
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-2.10.2/html
+html_directory = /usr/share/doc/postfix-2.10.3/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-2.10.2/readme
+readme_directory = /usr/share/doc/postfix-2.10.3/readme
home_mailbox = .maildir/
smtpd_sasl_auth_enable = yes
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.1.2-r2/html
+html_directory = /usr/share/doc/postfix-3.1.6/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.1.2-r2/readme
+readme_directory = /usr/share/doc/postfix-3.1.6/readme
inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
-# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
+# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
#RekeyLimit default none
# Logging
-# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
+# the following are HPN related configuration options
+# tcp receive buffer polling. disable in non autotuning kernels
+#TcpRcvBufPoll yes
+
+# disable hpn performance boosts
+#HPNDisabled no
+
+# buffer size for hpn to non-hpn connections
+#HPNBufferSize 2048
+
+
+# allow the use of the none cipher
+#NoneEnabled no
+
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
-# $OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $
+# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
-UsePrivilegeSeparation sandbox # Default for new installations.
+#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
-# the following are HPN related configuration options
-# tcp receive buffer polling. disable in non autotuning kernels
-#TcpRcvBufPoll yes
-
-# disable hpn performance boosts
-#HPNDisabled no
-
-# buffer size for hpn to non-hpn connections
-#HPNBufferSize 2048
-
-
-# allow the use of the none cipher
-#NoneEnabled no
-
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
-# $OpenBSD: sshd_config,v 1.95 2015/04/27 21:42:48 djm Exp $
+# $OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
#LoginGraceTime 2m
#PermitRootLogin no
+#PermitRootLogin prohibit-password
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
-# $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $
+# $OpenBSD: sshd_config,v 1.95 2015/04/27 21:42:48 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
-#UseDNS yes
-#PidFile /var/run/sshd.pid
+#UseDNS no
+#PidFile /run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
-# $OpenBSD$
+# $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
-# "key type names" for X.509 certificates with RSA key
-# Note first defined is used in signature operations!
-#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1
-#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
-
-# "key type names" for X.509 certificates with DSA key
-# Note first defined is used in signature operations!
-#X509KeyAlgorithm x509v3-sign-dss,dss-asn1
-#X509KeyAlgorithm x509v3-sign-dss,dss-raw
-
-# The intended use for the X509 client certificate. Without this option
-# no chain verification will be done. Currently accepted uses are case
-# insensitive:
-# - "sslclient", "SSL client", "SSL_client" or "client"
-# - "any", "Any Purpose", "Any_Purpose" or "AnyPurpose"
-# - "skip" or ""(empty): don`t check purpose.
-#AllowedCertPurpose sslclient
-
-# Specifies whether self-issued(self-signed) X.509 certificate can be
-# allowed only by entry in AutorizedKeysFile that contain matching
-# public key or certificate blob.
-#KeyAllowSelfIssued no
-
-# Specifies whether CRL must present in store for all certificates in
-# certificate chain with atribute "cRLDistributionPoints"
-#MandatoryCRL no
-
-# A file with multiple certificates of certificate signers
-# in PEM format concatenated together.
-#CACertificateFile /etc/ssh/ca/ca-bundle.crt
-
-# A directory with certificates of certificate signers.
-# The certificates should have name of the form: [HASH].[NUMBER]
-# or have symbolic links to them of this form.
-#CACertificatePath /etc/ssh/ca/crt
-
-# A file with multiple CRL of certificate signers
-# in PEM format concatenated together.
-#CARevocationFile /etc/ssh/ca/ca-bundle.crl
-
-# A directory with CRL of certificate signers.
-# The CRL should have name of the form: [HASH].r[NUMBER]
-# or have symbolic links to them of this form.
-#CARevocationPath /etc/ssh/ca/crl
-
-# LDAP protocol version.
-# Example:
-# CAldapVersion 2
-
-# Note because of OpenSSH options parser limitation
-# use %3D instead of = !
-# LDAP initialization may require URL to be escaped, i.e.
-# use %2C instead of ,(comma). Escaped URL don't depend from
-# LDAP initialization method.
-# Example:
-# CAldapURL ldap://localhost:389/dc%3Dexample%2Cdc%3Dcom
-
-# SSH can use "Online Certificate Status Protocol"(OCSP)
-# to validate certificate. Set VAType to
-# - none : do not use OCSP to validate certificates;
-# - ocspcert: validate only certificates that specify `OCSP
-# Service Locator' URL;
-# - ocspspec: use specified in the configuration 'OCSP Responder'
-# to validate all certificates.
-#VAType none
-
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
-#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
+# here are the new patched ldap related tokens
+# entries in your LDAP must have posixAccount & ldapPublicKey objectclass
+#UseLPK yes
+#LpkLdapConf /etc/ldap.conf
+#LpkServers ldap://10.1.7.1/ ldap://10.1.7.2/
+#LpkUserDN ou=users,dc=phear,dc=org
+#LpkGroupDN ou=groups,dc=phear,dc=org
+#LpkBindDN cn=Manager,dc=phear,dc=org
+#LpkBindPw secret
+#LpkServerGroup mail
+#LpkFilter (hostAccess=master.phear.org)
+#LpkForceTLS no
+#LpkSearchTimelimit 3
+#LpkBindTimelimit 3
+#LpkPubKeyAttr sshPublicKey
+
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
# the following are HPN related configuration options
# tcp receive buffer polling. disable in non autotuning kernels
#TcpRcvBufPoll yes
-
+
# disable hpn performance boosts
#HPNDisabled no
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
+#PermitTTY yes
PrintMotd no
PrintLastLog no
#TCPKeepAlive yes
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
+# PermitTTY no
# ForceCommand cvs server
# Allow client to pass locale environment variables #367017
# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
-#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1
+#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
# "key type names" for X.509 certificates with DSA key
# Note first defined is used in signature operations!
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
+# Ciphers and keying
+#RekeyLimit default none
+
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
# but this is overridden so installations will only check .ssh/authorized_keys
#AuthorizedKeysFile .ssh/authorized_keys
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
-#UsePrivilegeSeparation yes
+UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
-#MaxStartups 10
+#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
+#VersionAddendum none
# no default banner path
#Banner none
# tcp receive buffer polling. disable in non autotuning kernels
#TcpRcvBufPoll yes
-# allow the use of the none cipher
-#NoneEnabled no
-
-# disable hpn performance boosts.
+# disable hpn performance boosts
#HPNDisabled no
# buffer size for hpn to non-hpn connections
#HPNBufferSize 2048
+# allow the use of the none cipher
+#NoneEnabled no
+
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
+
+# Allow client to pass locale environment variables #367017
+AcceptEnv LANG LC_*
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options change a
+# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
# Authentication:
#LoginGraceTime 2m
-PermitRootLogin no
+#PermitRootLogin no
+PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
+
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
+# but this is overridden so installations will only check .ssh/authorized_keys
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# no default banner path
#Banner none
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
-# $OpenBSD: sshd_config,v 1.82 2010/09/06 17:10:19 naddy Exp $
+# $OpenBSD$
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# no default banner path
#Banner none
-# here are the new patched ldap related tokens
-# entries in your LDAP must have posixAccount & ldapPublicKey objectclass
-#UseLPK yes
-#LpkLdapConf /etc/ldap.conf
-#LpkServers ldap://10.1.7.1/ ldap://10.1.7.2/
-#LpkUserDN ou=users,dc=phear,dc=org
-#LpkGroupDN ou=groups,dc=phear,dc=org
-#LpkBindDN cn=Manager,dc=phear,dc=org
-#LpkBindPw secret
-#LpkServerGroup mail
-#LpkFilter (hostAccess=master.phear.org)
-#LpkForceTLS no
-#LpkSearchTimelimit 3
-#LpkBindTimelimit 3
-#LpkPubKeyAttr sshPublicKey
-
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
-# $OpenBSD$
+# $OpenBSD: sshd_config,v 1.82 2010/09/06 17:10:19 naddy Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# no default banner path
#Banner none
+# here are the new patched ldap related tokens
+# entries in your LDAP must have posixAccount & ldapPublicKey objectclass
+#UseLPK yes
+#LpkLdapConf /etc/ldap.conf
+#LpkServers ldap://10.1.7.1/ ldap://10.1.7.2/
+#LpkUserDN ou=users,dc=phear,dc=org
+#LpkGroupDN ou=groups,dc=phear,dc=org
+#LpkBindDN cn=Manager,dc=phear,dc=org
+#LpkBindPw secret
+#LpkServerGroup mail
+#LpkFilter (hostAccess=master.phear.org)
+#LpkForceTLS no
+#LpkSearchTimelimit 3
+#LpkBindTimelimit 3
+#LpkPubKeyAttr sshPublicKey
+
# override default of no subsystems
-Subsystem sftp /usr/lib/misc/sftp-server
+Subsystem sftp /usr/lib64/misc/sftp-server
# the following are HPN related configuration options
# tcp receive buffer polling. disable in non autotuning kernels
-# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $
+# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
#ListenAddress 0.0.0.0
#ListenAddress ::
-# The default requires explicit activation of protocol 1
-#Protocol 2
-
-# HostKey for protocol version 1
-#HostKey /etc/ssh/ssh_host_key
-# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
-# Lifetime and size of ephemeral version 1 server key
-#KeyRegenerationInterval 1h
-#ServerKeyBits 1024
-
# Ciphers and keying
#RekeyLimit default none
#MaxAuthTries 6
#MaxSessions 10
-#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#RhostsRSAAuthentication no
-# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
-# RhostsRSAAuthentication and HostbasedAuthentication
+# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
-#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
# buffer size for hpn to non-hpn connections
#HPNBufferSize 2048
-
# allow the use of the none cipher
#NoneEnabled no
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Id$
#
# To populate all changes in this file you need to regenerate your
# grub configuration file afterwards:
-# $Id$
#
# Default logrotate(8) configuration file for Gentoo Linux.
# See "man logrotate" for details.
dev-perl/Task-Moose cli async declare instancetype logging other strict traits types utilroles utils
dev-perl/Template-Toolkit latex
+dev-python/backports-functools-lru-cache -doc
dev-python/cffi -doc
dev-python/ipython -doc gnuplot smp wxwidgets
dev-python/jinja -doc i18n
# html_directory: The location of the Postfix HTML documentation.
#
-html_directory = /usr/share/doc/postfix-3.1.2-r2/html
+html_directory = /usr/share/doc/postfix-3.1.6/html
# manpage_directory: The location of the Postfix on-line manual pages.
#
# readme_directory: The location of the Postfix README files.
#
-readme_directory = /usr/share/doc/postfix-3.1.2-r2/readme
# inet_protocols = ipv4
+readme_directory = /usr/share/doc/postfix-3.1.6/readme
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix/${mail_version}
home_mailbox = .maildir/
-# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $
+# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
#ListenAddress 0.0.0.0
#ListenAddress ::
-# The default requires explicit activation of protocol 1
-#Protocol 2
-
-# HostKey for protocol version 1
-#HostKey /etc/ssh/ssh_host_key
-# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
-# Lifetime and size of ephemeral version 1 server key
-#KeyRegenerationInterval 1h
-#ServerKeyBits 1024
-
# Ciphers and keying
#RekeyLimit default none
#MaxAuthTries 6
#MaxSessions 10
-#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#RhostsRSAAuthentication no
-# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
-# RhostsRSAAuthentication and HostbasedAuthentication
+# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
-#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
# buffer size for hpn to non-hpn connections
#HPNBufferSize 2048
-
# allow the use of the none cipher
#NoneEnabled no
projects / config / bruni / etc.git / commitdiff