From: Frank Brehm Date: Tue, 19 Dec 2017 00:52:29 +0000 (+0100) Subject: committing changes in /etc after apt run X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=45a70b3a666d5045e2632b78fd91db45282bef8e;p=config%2Fvera%2Fetc.git committing changes in /etc after apt run Package changes: -ack 2.18-2 all -ack-grep 2.18-2 all +ack 2.20-1 all +ack-grep 2.20-1 all -bind9-host 1:9.10.6+dfsg-5 amd64 -binutils 2.29.1-8 amd64 -binutils-common 2.29.1-8 amd64 -binutils-x86-64-linux-gnu 2.29.1-8 amd64 +bind9-host 1:9.11.2+dfsg-5 amd64 +binutils 2.29.1-12 amd64 +binutils-common 2.29.1-12 amd64 +binutils-x86-64-linux-gnu 2.29.1-12 amd64 -busybox 1:1.27.2-1 amd64 +busybox 1:1.27.2-2 amd64 -console-setup 1.170 all -console-setup-linux 1.170 all +console-setup 1.173 all +console-setup-linux 1.173 all -cpio 2.11+dfsg-6 amd64 +cpio 2.12+dfsg-6 amd64 -cpp-7 7.2.0-16 amd64 +cpp-7 7.2.0-17 amd64 -dbus 1.12.0-1 amd64 +dbus 1.12.2-1 amd64 -dirmngr 2.2.2-1 amd64 +dirmngr 2.2.3-1 amd64 -dmeventd 2:1.02.145-4 amd64 +dmeventd 2:1.02.145-4.1 amd64 -dmsetup 2:1.02.145-4 amd64 +dmsetup 2:1.02.145-4.1 amd64 -dnsutils 1:9.10.6+dfsg-5 amd64 +dnsutils 1:9.11.2+dfsg-5 amd64 -etckeeper 1.18.5-1 all +etckeeper 1.18.7-1 all -g++-7 7.2.0-16 amd64 +g++-7 7.2.0-17 amd64 -gcc-6-base 6.4.0-10 amd64 -gcc-7 7.2.0-16 amd64 -gcc-7-base 7.2.0-16 amd64 +gcc-6-base 6.4.0-11 amd64 +gcc-7 7.2.0-17 amd64 +gcc-7-base 7.2.0-17 amd64 -git 1:2.15.0-1 amd64 -git-email 1:2.15.0-1 all -git-man 1:2.15.0-1 all -gnupg 2.2.2-1 amd64 +git 1:2.15.1-1 amd64 +git-email 1:2.15.1-1 all +git-man 1:2.15.1-1 all +gnupg 2.2.3-1 amd64 -gnupg-l10n 2.2.2-1 all -gnupg-utils 2.2.2-1 amd64 -gpg 2.2.2-1 amd64 -gpg-agent 2.2.2-1 amd64 -gpg-wks-client 2.2.2-1 amd64 -gpg-wks-server 2.2.2-1 amd64 -gpgconf 2.2.2-1 amd64 -gpgsm 2.2.2-1 amd64 -gpgv 2.2.2-1 amd64 +gnupg-l10n 2.2.3-1 all +gnupg-utils 2.2.3-1 amd64 +gpg 2.2.3-1 amd64 +gpg-agent 2.2.3-1 amd64 +gpg-wks-client 2.2.3-1 amd64 +gpg-wks-server 2.2.3-1 amd64 +gpgconf 2.2.3-1 amd64 +gpgsm 2.2.3-1 amd64 +gpgv 2.2.3-1 amd64 -installation-report 2.63 all -iproute2 4.9.0-2 amd64 +installation-report 2.65 all +iproute2 4.9.0-2.1 amd64 -isc-dhcp-client 4.3.5-3+b1 amd64 -isc-dhcp-common 4.3.5-3+b1 amd64 -iso-codes 3.76-1 all +isc-dhcp-client 4.3.5-3+b2 amd64 +isc-dhcp-common 4.3.5-3+b2 amd64 +iso-codes 3.77-1 all -keyboard-configuration 1.170 all +keyboard-configuration 1.173 all -less 481-2.1 amd64 +less 487-0.1 amd64 -libapparmor1 2.11.1-3 amd64 +libapparmor1 2.11.1-4 amd64 -libasan4 7.2.0-16 amd64 +libasan4 7.2.0-17 amd64 -libassuan0 2.4.3-3 amd64 -libatomic1 7.2.0-16 amd64 +libassuan0 2.5.1-1 amd64 +libatomic1 7.2.0-17 amd64 -libbinutils 2.29.1-8 amd64 +libbind9-160 1:9.11.2+dfsg-5 amd64 +libbinutils 2.29.1-12 amd64 -libc-bin 2.24-17 amd64 -libc-dev-bin 2.24-17 amd64 -libc-l10n 2.24-17 all -libc6 2.24-17 amd64 -libc6-dev 2.24-17 amd64 +libc-bin 2.25-3 amd64 +libc-dev-bin 2.25-3 amd64 +libc-l10n 2.25-3 all +libc6 2.25-3 amd64 +libc6-dev 2.25-3 amd64 -libcap2 1:2.25-1.1 amd64 -libcap2-bin 1:2.25-1.1 amd64 -libcc1-0 7.2.0-16 amd64 -libcilkrts5 7.2.0-16 amd64 +libcap2 1:2.25-1.2 amd64 +libcap2-bin 1:2.25-1.2 amd64 +libcc1-0 7.2.0-17 amd64 +libcilkrts5 7.2.0-17 amd64 -libcurl3-gnutls 7.56.1-1 amd64 +libcurl3-gnutls 7.57.0-1 amd64 -libdb5.3 5.3.28-13.1 amd64 -libdbus-1-3 1.12.0-1 amd64 +libdb5.3 5.3.28-13.1+b1 amd64 +libdbus-1-3 1.12.2-1 amd64 -libdevmapper-event1.02.1 2:1.02.145-4 amd64 -libdevmapper1.02.1 2:1.02.145-4 amd64 +libdevmapper-event1.02.1 2:1.02.145-4.1 amd64 +libdevmapper1.02.1 2:1.02.145-4.1 amd64 +libdns-export169 1:9.11.2+dfsg-5 amd64 +libdns169 1:9.11.2+dfsg-5 amd64 -libffi6 3.2.1-6 amd64 +libffi6 3.2.1-7 amd64 -libfribidi0 0.19.7-1+b1 amd64 +libfribidi0 0.19.7-2 amd64 -libgcc-7-dev 7.2.0-16 amd64 -libgcc1 1:7.2.0-16 amd64 +libgcc-7-dev 7.2.0-17 amd64 +libgcc1 1:7.2.0-17 amd64 -libgomp1 7.2.0-16 amd64 +libgomp1 7.2.0-17 amd64 -libidn2-0 2.0.2-5 amd64 +libidn2-0 2.0.4-1.1 amd64 +libisc-export166 1:9.11.2+dfsg-5 amd64 +libisc166 1:9.11.2+dfsg-5 amd64 +libisccc160 1:9.11.2+dfsg-5 amd64 +libisccfg160 1:9.11.2+dfsg-5 amd64 -libitm1 7.2.0-16 amd64 +libitm1 7.2.0-17 amd64 -libjim0.77 0.77-2 amd64 +libjim0.77 0.77+dfsg0-1 amd64 -libkeyutils1 1.5.9-9 amd64 +libkeyutils1 1.5.9-9.2 amd64 -liblsan0 7.2.0-16 amd64 +liblsan0 7.2.0-17 amd64 -liblvm2app2.2 2.02.176-4 amd64 -liblvm2cmd2.02 2.02.176-4 amd64 +liblvm2app2.2 2.02.176-4.1 amd64 +liblvm2cmd2.02 2.02.176-4.1 amd64 +liblwres160 1:9.11.2+dfsg-5 amd64 -libmailutils5 1:3.2-1 amd64 -libmariadbclient18 10.1.26-1 amd64 -libmbim-glib4 1.14.2-2 amd64 -libmbim-proxy 1.14.2-2 amd64 +libmailutils5 1:3.4-1 amd64 +libmariadbclient18 1:10.1.29-6 amd64 +libmbim-glib4 1.14.2-2.1 amd64 +libmbim-proxy 1.14.2-2.1 amd64 -libmpx2 7.2.0-16 amd64 -libncurses5 6.0+20170902-1 amd64 -libncursesw5 6.0+20170902-1 amd64 +libmpx2 7.2.0-17 amd64 +libncurses5 6.0+20171125-1 amd64 +libncursesw5 6.0+20171125-1 amd64 -libnghttp2-14 1.27.0-1 amd64 +libnghttp2-14 1.28.0-1 amd64 -libnm0 1.10.0-1 amd64 +libnm0 1.10.2-1 amd64 -libpam-cap 1:2.25-1.1 amd64 +libpam-cap 1:2.25-1.2 amd64 -libpcre2-8-0 10.22-3 amd64 -libpcre3 2:8.39-4 amd64 +libpcre2-8-0 10.22-5 amd64 +libpcre3 2:8.39-8 amd64 -libperl5.26 5.26.1-2 amd64 +libperl5.26 5.26.1-3 amd64 -libpsl5 0.19.1-3 amd64 -libpython-stdlib 2.7.14-1 amd64 -libpython2.7 2.7.14-2 amd64 -libpython2.7-minimal 2.7.14-2 amd64 -libpython2.7-stdlib 2.7.14-2 amd64 +libpsl5 0.19.1-4 amd64 +libpython-stdlib 2.7.14-3 amd64 +libpython2.7 2.7.14-4 amd64 +libpython2.7-minimal 2.7.14-4 amd64 +libpython2.7-stdlib 2.7.14-4 amd64 -libpython3.6-minimal 3.6.3-1 amd64 -libpython3.6-stdlib 3.6.3-1 amd64 +libpython3.6-minimal 3.6.4~rc1-1 amd64 +libpython3.6-stdlib 3.6.4~rc1-1 amd64 -libquadmath0 7.2.0-16 amd64 +libquadmath0 7.2.0-17 amd64 -libstdc++-7-dev 7.2.0-16 amd64 -libstdc++6 7.2.0-16 amd64 +libstdc++-7-dev 7.2.0-17 amd64 +libstdc++6 7.2.0-17 amd64 -libtasn1-6 4.12-2.1 amd64 +libtasn1-6 4.12-3 amd64 -libtinfo5 6.0+20170902-1 amd64 +libtinfo5 6.0+20171125-1 amd64 -libtsan0 7.2.0-16 amd64 -libubsan0 7.2.0-16 amd64 +libtsan0 7.2.0-17 amd64 +libubsan0 7.2.0-17 amd64 -libunistring2 0.9.7-2 amd64 +libunistring2 0.9.8-1 amd64 -libxml2 2.9.4+dfsg1-5+b1 amd64 +libxml2 2.9.4+dfsg1-5.1 amd64 -locales 2.24-17 all +locales 2.25-3 all -lvm2 2.02.176-4 amd64 -mailutils 1:3.2-1 amd64 -mailutils-common 1:3.2-1 all +lvm2 2.02.176-4.1 amd64 +mailutils 1:3.4-1 amd64 +mailutils-common 1:3.4-1 all -man-db 2.7.6.1-2 amd64 -manpages 4.13-3 all -manpages-de 2.2-1 all -manpages-dev 4.13-3 all +man-db 2.7.6.1-4 amd64 +manpages 4.14-1 all +manpages-de 2.3-1 all +manpages-dev 4.14-1 all -multiarch-support 2.24-17 amd64 +multiarch-support 2.25-3 amd64 -nano 2.8.7-1 amd64 -ncurses-base 6.0+20170902-1 all -ncurses-bin 6.0+20170902-1 amd64 -ncurses-term 6.0+20170902-1 all +nano 2.9.1-1 amd64 +ncurses-base 6.0+20171125-1 all +ncurses-bin 6.0+20171125-1 amd64 +ncurses-term 6.0+20171125-1 all -network-manager 1.10.0-1 amd64 +network-manager 1.10.2-1 amd64 -perl 5.26.1-2 amd64 -perl-base 5.26.1-2 amd64 +perl 5.26.1-3 amd64 +perl-base 5.26.1-3 amd64 -perl-modules-5.26 5.26.1-2 all +perl-modules-5.26 5.26.1-3 all -python 2.7.14-1 amd64 +python 2.7.14-3 amd64 -python-concurrent.futures 3.1.1-1 all +python-concurrent.futures 3.2.0-1 all -python-cryptography 1.9-1 amd64 +python-cryptography 2.1.4-1 amd64 -python-enum34 1.1.6-1 all +python-enum34 1.1.6-2 all -python-jinja2 2.9.6-1 all +python-jinja2 2.10-1 all -python-minimal 2.7.14-1 amd64 +python-minimal 2.7.14-3 amd64 -python-openssl 16.2.0-1 all +python-openssl 17.5.0-1 all -python-pkg-resources 36.7.1-1 all +python-pkg-resources 38.2.4-1 all -python-setuptools 36.7.1-1 all +python-setuptools 38.2.4-1 all -python2.7 2.7.14-2 amd64 -python2.7-minimal 2.7.14-2 amd64 +python2.7 2.7.14-4 amd64 +python2.7-minimal 2.7.14-4 amd64 -python3-cryptography 1.9-1 amd64 +python3-cryptography 2.1.4-1 amd64 -python3-pkg-resources 36.7.1-1 all +python3-pkg-resources 38.2.4-1 all -python3-setuptools 36.7.1-1 all +python3-setuptools 38.2.4-1 all -python3.6 3.6.3-1 amd64 -python3.6-minimal 3.6.3-1 amd64 +python3.6 3.6.4~rc1-1 amd64 +python3.6-minimal 3.6.4~rc1-1 amd64 -rsyslog 8.29.0-2 amd64 -s-nail 14.9.5-1 amd64 -salt-common 2016.11.5+ds-1 all -salt-minion 2016.11.5+ds-1 all +rsyslog 8.31.0-1 amd64 +s-nail 14.9.6-1 amd64 +salt-common 2016.11.8+dfsg1-1 all +salt-minion 2016.11.8+dfsg1-1 all -vim 2:8.0.1144-1+b1 amd64 -vim-common 2:8.0.1144-1 all -vim-runtime 2:8.0.1144-1 all -vim-tiny 2:8.0.1144-1+b1 amd64 +vim 2:8.0.1257-2 amd64 +vim-common 2:8.0.1257-2 all +vim-runtime 2:8.0.1257-2 all +vim-tiny 2:8.0.1257-2 amd64 -whois 5.2.18 amd64 +whois 5.2.19 amd64 -xauth 1:1.0.9-1+b2 amd64 +xauth 1:1.0.10-1 amd64 -xxd 2:8.0.1144-1+b1 amd64 +xxd 2:8.0.1257-2 amd64 --- diff --git a/.etckeeper b/.etckeeper index 3365c44..e2c0a57 100755 --- a/.etckeeper +++ b/.etckeeper @@ -76,7 +76,9 @@ maybe chmod 0755 'apm/event.d' maybe chmod 0755 'apm/event.d/20hdparm' maybe chmod 0755 'apparmor.d' maybe chmod 0755 'apparmor.d/local' +maybe chmod 0644 'apparmor.d/local/usr.bin.man' maybe chmod 0644 'apparmor.d/local/usr.sbin.haveged' +maybe chmod 0644 'apparmor.d/usr.bin.man' maybe chmod 0644 'apparmor.d/usr.sbin.haveged' maybe chmod 0755 'apt' maybe chmod 0644 'apt/SALTSTACK-GPG-KEY.pub' diff --git a/apparmor.d/local/usr.bin.man b/apparmor.d/local/usr.bin.man new file mode 100644 index 0000000..6eae318 --- /dev/null +++ b/apparmor.d/local/usr.bin.man @@ -0,0 +1,2 @@ +# Site-specific additions and overrides for usr.bin.man. +# For more details, please see /etc/apparmor.d/local/README. diff --git a/apparmor.d/usr.bin.man b/apparmor.d/usr.bin.man new file mode 100644 index 0000000..8619911 --- /dev/null +++ b/apparmor.d/usr.bin.man @@ -0,0 +1,83 @@ +# vim:syntax=apparmor + +#include + +/usr/bin/man { + #include + + # Use a special profile when man calls anything groff-related. We only + # include the programs that actually parse input data in a non-trivial + # way, not wrappers such as groff and nroff, since the latter would need a + # broader profile. + /usr/bin/eqn rmCx -> groff, + /usr/bin/grap rmCx -> groff, + /usr/bin/pic rmCx -> groff, + /usr/bin/preconv rmCx -> groff, + /usr/bin/refer rmCx -> groff, + /usr/bin/tbl rmCx -> groff, + /usr/bin/troff rmCx -> groff, + /usr/bin/vgrind rmCx -> groff, + + # Similarly, use a special profile when man calls decompressors and other + # simple filters. + /bin/bzip2 rmCx -> filter, + /bin/gzip rmCx -> filter, + /usr/bin/col rmCx -> filter, + /usr/bin/compress rmCx -> filter, + /usr/bin/iconv rmCx -> filter, + /usr/bin/lzip.lzip rmCx -> filter, + /usr/bin/tr rmCx -> filter, + /usr/bin/xz rmCx -> filter, + + # Allow basically anything in terms of file system access, subject to DAC. + # The purpose of this profile isn't to confine man itself (that might be + # nice in the future, but is tricky since it's quite configurable), but to + # confine the processes it calls that parse untrusted data. + /** mrixwlk, + + capability setuid, + capability setgid, + + profile groff { + #include + # Recent kernels revalidate open FDs, and there are often some still + # open on TTYs. This is temporary until man learns to close irrelevant + # open FDs before execve. + #include + # man always runs its groff pipeline with the input file open on stdin, + # so we can skip . + + /usr/bin/eqn rm, + /usr/bin/grap rm, + /usr/bin/pic rm, + /usr/bin/preconv rm, + /usr/bin/refer rm, + /usr/bin/tbl rm, + /usr/bin/troff rm, + /usr/bin/vgrind rm, + + /etc/groff/** r, + /usr/lib/groff/site-tmac/** r, + /usr/share/groff/** r, + } + + profile filter { + #include + # Recent kernels revalidate open FDs, and there are often some still + # open on TTYs. This is temporary until man learns to close irrelevant + # open FDs before execve. + #include + + /bin/bzip2 rm, + /bin/gzip rm, + /usr/bin/col rm, + /usr/bin/compress rm, + /usr/bin/iconv rm, + /usr/bin/lzip.lzip rm, + /usr/bin/tr rm, + /usr/bin/xz rm, + } + + # Site-specific additions and overrides. See local/README for details. + #include +} diff --git a/console-setup/cached_setup_keyboard.sh b/console-setup/cached_setup_keyboard.sh index e57d96d..0535814 100755 --- a/console-setup/cached_setup_keyboard.sh +++ b/console-setup/cached_setup_keyboard.sh @@ -10,4 +10,4 @@ kbd_mode '-u' < '/dev/tty3' kbd_mode '-u' < '/dev/tty4' kbd_mode '-u' < '/dev/tty5' kbd_mode '-u' < '/dev/tty6' -loadkeys '/tmp/tmpkbd.MJz2Gs' > '/dev/null' +loadkeys '/tmp/tmpkbd.SDQJzK' > '/dev/null' diff --git a/etckeeper/etckeeper.conf b/etckeeper/etckeeper.conf index 0fb660b..f13de1c 100644 --- a/etckeeper/etckeeper.conf +++ b/etckeeper/etckeeper.conf @@ -32,11 +32,11 @@ DARCS_COMMIT_OPTIONS="-a" #AVOID_COMMIT_BEFORE_INSTALL=1 # The high-level package manager that's being used. -# (apt, pacman, pacman-g2, yum, dnf, zypper etc) +# (apt, pacman, pacman-g2, yum, dnf, zypper, apk etc) HIGHLEVEL_PACKAGE_MANAGER=apt # The low-level package manager that's being used. -# (dpkg, rpm, pacman, pacmatic, pacman-g2, etc) +# (dpkg, rpm, pacman, pacmatic, pacman-g2, apk etc) LOWLEVEL_PACKAGE_MANAGER=dpkg # To push each commit to a remote, put the name of the remote here. diff --git a/etckeeper/list-installed.d/50list-installed b/etckeeper/list-installed.d/50list-installed index 129447f..d89b8ce 100755 --- a/etckeeper/list-installed.d/50list-installed +++ b/etckeeper/list-installed.d/50list-installed @@ -21,5 +21,7 @@ else pacmatic -Q elif [ "$LOWLEVEL_PACKAGE_MANAGER" = pkgng ]; then pkg info -E "*" + elif [ "$LOWLEVEL_PACKAGE_MANAGER" = apk ]; then + apk info -v | sort fi fi diff --git a/etckeeper/pre-commit.d/20warn-problem-files b/etckeeper/pre-commit.d/20warn-problem-files index 4ffbfd1..6bd5c2b 100755 --- a/etckeeper/pre-commit.d/20warn-problem-files +++ b/etckeeper/pre-commit.d/20warn-problem-files @@ -2,7 +2,7 @@ set -e exclude_internal () { - egrep -v '(^|/)(.git|.hg|.bzr|_darcs)/' + egrep -v '(^|/)(\.git|\.hg|\.bzr|_darcs)/' } if [ "$VCS" = bzr ] || [ "$VCS" = darcs ]; then diff --git a/etckeeper/pre-commit.d/30store-metadata b/etckeeper/pre-commit.d/30store-metadata index 2b77c8e..ce014d1 100755 --- a/etckeeper/pre-commit.d/30store-metadata +++ b/etckeeper/pre-commit.d/30store-metadata @@ -1,6 +1,10 @@ #!/bin/sh set -e +# Make sure sort always sorts in same order. +LANG=C +export LANG + filter_ignore() { case "$VCS" in darcs) ignorefile=.darcsignore ;; @@ -16,7 +20,11 @@ filter_ignore() { ;; git) (git ls-files -oi --exclude-standard; git ls-files -oi --exclude-standard --directory) | sort | uniq > "$listfile" || true - sed 's/^\.\///' | grep -xFvf "$listfile" + if [ -s "$listfile" ]; then + sed 's/^\.\///' | grep -xFvf "$listfile" + else + cat - + fi ;; esac rm -f "$listfile" @@ -51,6 +59,7 @@ generate_metadata() { # Keep the sort order the same at all times. LC_COLLATE=C export LC_COLLATE + unset LC_ALL if [ "$VCS" = git ] || [ "$VCS" = hg ]; then # These version control systems do not track directories, @@ -70,45 +79,71 @@ generate_metadata() { # Store things that don't have the default user or group. # Store all file modes, in case the user has an unusual umask. - find $NOVCS \( -type f -or -type d \) -print | filter_ignore | sort | perl -ne ' - BEGIN { $q=chr(39) } - sub uidname { - my $want=shift; - if (exists $uidcache{$want}) { - return $uidcache{$want}; - } - my $name=scalar getpwuid($want); - return $uidcache{$want}=defined $name ? $name : $want; - } - sub gidname { - my $want=shift; - if (exists $gidcache{$want}) { - return $gidcache{$want}; - } - my $name=scalar getgrgid($want); - return $gidcache{$want}=defined $name ? $name : $want; - } - chomp; - my @stat=stat($_); - my $mode = $stat[2]; - my $uid = $stat[4]; - my $gid = $stat[5]; - s/$q/$q"$q"$q/g; # escape single quotes - s/^/$q/; - s/$/$q/; - if ($uid != $>) { - printf "maybe chown $q%s$q %s\n", uidname($uid), $_; - } - if ($gid != $)) { - printf "maybe chgrp $q%s$q %s\n", gidname($gid), $_; - } - printf "maybe chmod %04o %s\n", $mode & 07777, $_; - ' + find $NOVCS \( -type f -or -type d \) -print | filter_ignore | sort | maybe_chmod_chown # We don't handle xattrs. # Maybe check for getfattr/setfattr and use them if they're available? } +maybe_chmod_chown() { + if [ "$(which perl 2>/dev/null)" != "" ]; then + perl -ne ' + BEGIN { $q=chr(39) } + sub uidname { + my $want=shift; + if (exists $uidcache{$want}) { + return $uidcache{$want}; + } + my $name=scalar getpwuid($want); + return $uidcache{$want}=defined $name ? $name : $want; + } + sub gidname { + my $want=shift; + if (exists $gidcache{$want}) { + return $gidcache{$want}; + } + my $name=scalar getgrgid($want); + return $gidcache{$want}=defined $name ? $name : $want; + } + chomp; + my @stat=stat($_); + my $mode = $stat[2]; + my $uid = $stat[4]; + my $gid = $stat[5]; + s/$q/$q"$q"$q/g; # escape single quotes + s/^/$q/; + s/$/$q/; + if ($uid != $>) { + printf "maybe chown $q%s$q %s\n", uidname($uid), $_; + } + if ($gid != $)) { + printf "maybe chgrp $q%s$q %s\n", gidname($gid), $_; + } + printf "maybe chmod %04o %s\n", $mode & 07777, $_; + ' + return $? + else + # fallback if perl isn't present + euid=$(id -u) + egid=$(id -g) + q="'" + while read x; do + stat=$(stat -c "%f:%u:%g:%a:%U:%G" $x) + IFS=":" read mode uid gid perm uname gname <]}" will match ## ", ', ), >, ], and }. -## Silently ignore problems with unknown directives in the nanorc file. -## Useful when your nanorc file might be read on systems with multiple -## versions of nano installed (e.g. your home directory is on NFS). -# set quiet - ## When soft line wrapping is enabled, make it wrap lines at blanks ## (tabs and spaces) instead of always at the edge of the screen. # set atblanks @@ -33,9 +28,6 @@ ## The directory to put unique backup files in. # set backupdir "" -## Do backwards searches by default. -# set backwards - ## Use bold text instead of reverse video text. # set boldtext @@ -269,9 +261,8 @@ include "/usr/share/nano/*.nanorc" ## Key bindings. ## See nanorc(5) (section REBINDING KEYS) for more details on this. ## -## The following three functions are not bound to any key by default. -## You may wish to choose different keys than the ones suggested here. -# bind ^S savefile main +## The following two functions are not bound to any key by default. +## You may wish to choose other keys than the ones suggested here. # bind M-B cutwordleft main # bind M-N cutwordright main diff --git a/s-nail.rc b/s-nail.rc index 13fb08d..1839646 100644 --- a/s-nail.rc +++ b/s-nail.rc @@ -1,5 +1,5 @@ #@ s-nail.rc -#@ Configuration file for S-nail v14.9.5 +#@ Configuration file for S-nail v14.9.6 #@ The syntax of this file is interpreted as follows: #@ - Leading and trailing " \t\n" + *ifs* whitespace is removed. #@ - Empty lines are ignored. @@ -10,7 +10,7 @@ #@ the escaped newline is not. #@ - The number sign # is the comment-command and causes the (joined) line #@ (content) to be ignored. -#@ S-nail v14.9.5 / 2017-10-21 +#@ S-nail v14.9.6 / 2017-12-05 ## Variables @@ -82,8 +82,8 @@ set history-gabby history-gabby-persist # is likely to be irritating for most users today; also see *keepsave*. set hold -# Quote the original message in replies by "> " as usual on the Internet -# Historically this was a tabulator, as in "wysh set indentprefix=$'\t'". +# Quote the original message in replies by "> " as usual on the Internet. +# POSIX mandates tabulator ("wysh set indentprefix=$'\t'") as default. set indentprefix="> " # Mark messages that have been answered. @@ -92,7 +92,7 @@ set markanswered # Try to circumvent false or missing MIME Content-Type descriptions. # Do set a value for extended behaviour (see the manual). #set mime-counter-evidence -set mime-counter-evidence=0xE +set mime-counter-evidence=0b1111 # Control loading of mime.types(5) file, "s"ystem and/or "u"ser, etc. # Builtin types exist and may be sufficient. The default equals "us". diff --git a/salt/minion b/salt/minion index bc1644f..ed2cfde 100644 --- a/salt/minion +++ b/salt/minion @@ -151,7 +151,11 @@ # Set the default outputter used by the salt-call command. The default is # "nested". #output: nested -# + +# To set a list of additional directories to search for salt outputters, set the +# outputter_dirs option. +#outputter_dirs: [] + # By default output is colored. To disable colored output, set the color value # to False. #color: True @@ -231,7 +235,7 @@ # cause sub minion process to restart. #auth_safemode: False -# Ping Master to ensure connection is alive (minutes). +# Ping Master to ensure connection is alive (seconds). #ping_interval: 0 # To auto recover minions if master changes IP address (DDNS) @@ -369,6 +373,9 @@ # interface: eth0 # cidr: '10.0.0.0/8' +# The number of seconds a mine update runs. +#mine_interval: 60 + # Windows platforms lack posix IPC and must rely on slower TCP based inter- # process communications. Set ipc_mode to 'tcp' on such systems #ipc_mode: ipc @@ -578,14 +585,11 @@ #fileserver_limit_traversal: False # The hash_type is the hash to use when discovering the hash of a file on -# the local fileserver. The default is md5, but sha1, sha224, sha256, sha384 +# the local fileserver. The default is sha256, but md5, sha1, sha224, sha384 # and sha512 are also supported. # -# WARNING: While md5 and sha1 are also supported, do not use it due to the high chance -# of possible collisions and thus security breach. -# -# WARNING: While md5 is also supported, do not use it due to the high chance -# of possible collisions and thus security breach. +# WARNING: While md5 and sha1 are also supported, do not use them due to the +# high chance of possible collisions and thus security breach. # # Warning: Prior to changing this value, the minion should be stopped and all # Salt caches should be cleared. @@ -611,6 +615,9 @@ # you do so at your own risk! #open_mode: False +# The size of key that should be generated when creating new keys. +#keysize: 2048 + # Enable permissive access to the salt keys. This allows you to run the # master or minion as root, but have a non-root group be given access to # your pki_dir. To make the access explicit, root must belong to the group @@ -652,6 +659,21 @@ # ssl_version: PROTOCOL_TLSv1_2 +###### Reactor Settings ##### +########################################### +# Define a salt reactor. See https://docs.saltstack.com/en/latest/topics/reactor/ +#reactor: [] + +#Set the TTL for the cache of the reactor configuration. +#reactor_refresh_interval: 60 + +#Configure the number of workers for the runner/wheel in the reactor. +#reactor_worker_threads: 10 + +#Define the queue size for workers in the reactor. +#reactor_worker_hwm: 10000 + + ###### Thread settings ##### ########################################### # Disable multiprocessing support, by default when a minion receives a diff --git a/systemd/system/multi-user.target.wants/etckeeper.timer b/systemd/system/multi-user.target.wants/etckeeper.timer new file mode 120000 index 0000000..67b75d6 --- /dev/null +++ b/systemd/system/multi-user.target.wants/etckeeper.timer @@ -0,0 +1 @@ +/lib/systemd/system/etckeeper.timer \ No newline at end of file