From: Frank Brehm Date: Tue, 8 Aug 2017 19:49:42 +0000 (+0200) Subject: Initial commit X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=5b09c82dc352c85673305fe6f64d9ff48932b562;p=config%2Fns3%2Fetc.git Initial commit --- diff --git a/.etckeeper b/.etckeeper new file mode 100755 index 0000000..df8ca09 --- /dev/null +++ b/.etckeeper @@ -0,0 +1,1437 @@ +# Generated by etckeeper. Do not edit. + +mkdir -p './X11/xkb' +mkdir -p './apm/event.d' +mkdir -p './apparmor.d/force-complain' +mkdir -p './apt/preferences.d' +mkdir -p './binfmt.d' +mkdir -p './ca-certificates/update.d' +mkdir -p './dbus-1/session.d' +mkdir -p './dpkg/dpkg.cfg.d' +mkdir -p './fail2ban/fail2ban.d' +mkdir -p './initramfs-tools/hooks' +mkdir -p './initramfs-tools/scripts/init-bottom' +mkdir -p './initramfs-tools/scripts/init-premount' +mkdir -p './initramfs-tools/scripts/init-top' +mkdir -p './initramfs-tools/scripts/local-bottom' +mkdir -p './initramfs-tools/scripts/local-premount' +mkdir -p './initramfs-tools/scripts/local-top' +mkdir -p './initramfs-tools/scripts/nfs-bottom' +mkdir -p './initramfs-tools/scripts/nfs-premount' +mkdir -p './initramfs-tools/scripts/nfs-top' +mkdir -p './initramfs-tools/scripts/panic' +mkdir -p './insserv/overrides' +mkdir -p './kernel/install.d' +mkdir -p './logwatch/scripts/services' +mkdir -p './modprobe.d' +mkdir -p './network/if-pre-up.d' +mkdir -p './network/interfaces.d' +mkdir -p './opt' +mkdir -p './perl/CPAN' +mkdir -p './postfix/dynamicmaps.cf.d' +mkdir -p './postfix/sasl' +mkdir -p './salt/pki/master/minions_autosign' +mkdir -p './salt/pki/master/minions_denied' +mkdir -p './salt/pki/master/minions_pre' +mkdir -p './salt/pki/master/minions_rejected' +mkdir -p './salt/proxy.d' +mkdir -p './security/limits.d' +mkdir -p './security/namespace.d' +mkdir -p './skel/bin' +mkdir -p './systemd/user' +mkdir -p './tmpfiles.d' +mkdir -p './udev/hwdb.d' +maybe chmod 0755 '.' +maybe chmod 0700 '.etckeeper' +maybe chmod 0600 '.gitignore' +maybe chmod 0755 'NetworkManager' +maybe chmod 0755 'NetworkManager/dispatcher.d' +maybe chmod 0755 'NetworkManager/dispatcher.d/20-chrony' +maybe chmod 0755 'X11' +maybe chmod 0755 'X11/Xsession.d' +maybe chmod 0644 'X11/Xsession.d/90gpg-agent' +maybe chmod 0755 'X11/xkb' +maybe chmod 0755 'acpi' +maybe chmod 0755 'acpi/events' +maybe chmod 0644 'acpi/events/powerbtn-acpi-support' +maybe chmod 0755 'acpi/powerbtn-acpi-support.sh' +maybe chmod 0644 'adduser.conf' +maybe chmod 0644 'aliases' +maybe chmod 0644 'aliases.db' +maybe chmod 0755 'alternatives' +maybe chmod 0644 'alternatives/README' +maybe chmod 0755 'apache2' +maybe chmod 0644 'apache2/apache2.conf' +maybe chmod 0644 'apache2/apache2.conf.dpkg-dist' +maybe chmod 0755 'apache2/conf-available' +maybe chmod 0644 'apache2/conf-available/charset.conf' +maybe chmod 0644 'apache2/conf-available/custom-log.conf' +maybe chmod 0644 'apache2/conf-available/gitweb.conf' +maybe chmod 0644 'apache2/conf-available/javascript-common.conf' +maybe chmod 0644 'apache2/conf-available/localized-error-pages.conf' +maybe chmod 0644 'apache2/conf-available/other-vhosts-access-log.conf' +maybe chmod 0644 'apache2/conf-available/security.conf' +maybe chmod 0644 'apache2/conf-available/serve-cgi-bin.conf' +maybe chmod 0755 'apache2/conf-enabled' +maybe chmod 0644 'apache2/envvars' +maybe chmod 0644 'apache2/info_users_passwd' +maybe chmod 0644 'apache2/magic' +maybe chmod 0755 'apache2/mods-available' +maybe chmod 0644 'apache2/mods-available/access_compat.load' +maybe chmod 0644 'apache2/mods-available/actions.conf' +maybe chmod 0644 'apache2/mods-available/actions.load' +maybe chmod 0644 'apache2/mods-available/alias.conf' +maybe chmod 0644 'apache2/mods-available/alias.load' +maybe chmod 0644 'apache2/mods-available/allowmethods.load' +maybe chmod 0644 'apache2/mods-available/asis.load' +maybe chmod 0644 'apache2/mods-available/auth_basic.load' +maybe chmod 0644 'apache2/mods-available/auth_digest.load' +maybe chmod 0644 'apache2/mods-available/auth_form.load' +maybe chmod 0644 'apache2/mods-available/authn_anon.load' +maybe chmod 0644 'apache2/mods-available/authn_core.load' +maybe chmod 0644 'apache2/mods-available/authn_dbd.load' +maybe chmod 0644 'apache2/mods-available/authn_dbm.load' +maybe chmod 0644 'apache2/mods-available/authn_file.load' +maybe chmod 0644 'apache2/mods-available/authn_socache.load' +maybe chmod 0644 'apache2/mods-available/authnz_fcgi.load' +maybe chmod 0644 'apache2/mods-available/authnz_ldap.load' +maybe chmod 0644 'apache2/mods-available/authz_core.load' +maybe chmod 0644 'apache2/mods-available/authz_dbd.load' +maybe chmod 0644 'apache2/mods-available/authz_dbm.load' +maybe chmod 0644 'apache2/mods-available/authz_groupfile.load' +maybe chmod 0644 'apache2/mods-available/authz_host.load' +maybe chmod 0644 'apache2/mods-available/authz_owner.load' +maybe chmod 0644 'apache2/mods-available/authz_user.load' +maybe chmod 0644 'apache2/mods-available/autoindex.conf' +maybe chmod 0644 'apache2/mods-available/autoindex.load' +maybe chmod 0644 'apache2/mods-available/buffer.load' +maybe chmod 0644 'apache2/mods-available/cache.load' +maybe chmod 0644 'apache2/mods-available/cache_disk.conf' +maybe chmod 0644 'apache2/mods-available/cache_disk.load' +maybe chmod 0644 'apache2/mods-available/cache_socache.load' +maybe chmod 0644 'apache2/mods-available/cern_meta.load' +maybe chmod 0644 'apache2/mods-available/cgi.load' +maybe chmod 0644 'apache2/mods-available/cgid.conf' +maybe chmod 0644 'apache2/mods-available/cgid.load' +maybe chmod 0644 'apache2/mods-available/charset_lite.load' +maybe chmod 0644 'apache2/mods-available/data.load' +maybe chmod 0644 'apache2/mods-available/dav.load' +maybe chmod 0644 'apache2/mods-available/dav_fs.conf' +maybe chmod 0644 'apache2/mods-available/dav_fs.load' +maybe chmod 0644 'apache2/mods-available/dav_lock.load' +maybe chmod 0644 'apache2/mods-available/dbd.load' +maybe chmod 0644 'apache2/mods-available/deflate.conf' +maybe chmod 0644 'apache2/mods-available/deflate.load' +maybe chmod 0644 'apache2/mods-available/dialup.load' +maybe chmod 0644 'apache2/mods-available/dir.conf' +maybe chmod 0644 'apache2/mods-available/dir.load' +maybe chmod 0644 'apache2/mods-available/dump_io.load' +maybe chmod 0644 'apache2/mods-available/echo.load' +maybe chmod 0644 'apache2/mods-available/env.load' +maybe chmod 0644 'apache2/mods-available/expires.load' +maybe chmod 0644 'apache2/mods-available/ext_filter.load' +maybe chmod 0644 'apache2/mods-available/file_cache.load' +maybe chmod 0644 'apache2/mods-available/filter.load' +maybe chmod 0644 'apache2/mods-available/headers.load' +maybe chmod 0644 'apache2/mods-available/heartbeat.load' +maybe chmod 0644 'apache2/mods-available/heartmonitor.load' +maybe chmod 0644 'apache2/mods-available/http2.load' +maybe chmod 0644 'apache2/mods-available/ident.load' +maybe chmod 0644 'apache2/mods-available/imagemap.load' +maybe chmod 0644 'apache2/mods-available/include.load' +maybe chmod 0644 'apache2/mods-available/info.conf' +maybe chmod 0644 'apache2/mods-available/info.load' +maybe chmod 0644 'apache2/mods-available/lbmethod_bybusyness.load' +maybe chmod 0644 'apache2/mods-available/lbmethod_byrequests.load' +maybe chmod 0644 'apache2/mods-available/lbmethod_bytraffic.load' +maybe chmod 0644 'apache2/mods-available/lbmethod_heartbeat.load' +maybe chmod 0644 'apache2/mods-available/ldap.conf' +maybe chmod 0644 'apache2/mods-available/ldap.load' +maybe chmod 0644 'apache2/mods-available/log_debug.load' +maybe chmod 0644 'apache2/mods-available/log_forensic.load' +maybe chmod 0644 'apache2/mods-available/lua.load' +maybe chmod 0644 'apache2/mods-available/macro.load' +maybe chmod 0644 'apache2/mods-available/mime.conf' +maybe chmod 0644 'apache2/mods-available/mime.load' +maybe chmod 0644 'apache2/mods-available/mime_magic.conf' +maybe chmod 0644 'apache2/mods-available/mime_magic.load' +maybe chmod 0644 'apache2/mods-available/mpm_event.conf' +maybe chmod 0644 'apache2/mods-available/mpm_event.load' +maybe chmod 0644 'apache2/mods-available/mpm_prefork.conf' +maybe chmod 0644 'apache2/mods-available/mpm_prefork.load' +maybe chmod 0644 'apache2/mods-available/mpm_worker.conf' +maybe chmod 0644 'apache2/mods-available/mpm_worker.load' +maybe chmod 0644 'apache2/mods-available/negotiation.conf' +maybe chmod 0644 'apache2/mods-available/negotiation.load' +maybe chmod 0644 'apache2/mods-available/php7.0.conf' +maybe chmod 0644 'apache2/mods-available/php7.0.load' +maybe chmod 0644 'apache2/mods-available/proxy.conf' +maybe chmod 0644 'apache2/mods-available/proxy.load' +maybe chmod 0644 'apache2/mods-available/proxy_ajp.load' +maybe chmod 0644 'apache2/mods-available/proxy_balancer.conf' +maybe chmod 0644 'apache2/mods-available/proxy_balancer.load' +maybe chmod 0644 'apache2/mods-available/proxy_connect.load' +maybe chmod 0644 'apache2/mods-available/proxy_express.load' +maybe chmod 0644 'apache2/mods-available/proxy_fcgi.load' +maybe chmod 0644 'apache2/mods-available/proxy_fdpass.load' +maybe chmod 0644 'apache2/mods-available/proxy_ftp.conf' +maybe chmod 0644 'apache2/mods-available/proxy_ftp.load' +maybe chmod 0644 'apache2/mods-available/proxy_hcheck.load' +maybe chmod 0644 'apache2/mods-available/proxy_html.conf' +maybe chmod 0644 'apache2/mods-available/proxy_html.load' +maybe chmod 0644 'apache2/mods-available/proxy_http.load' +maybe chmod 0644 'apache2/mods-available/proxy_http2.load' +maybe chmod 0644 'apache2/mods-available/proxy_scgi.load' +maybe chmod 0644 'apache2/mods-available/proxy_wstunnel.load' +maybe chmod 0644 'apache2/mods-available/ratelimit.load' +maybe chmod 0644 'apache2/mods-available/reflector.load' +maybe chmod 0644 'apache2/mods-available/remoteip.load' +maybe chmod 0644 'apache2/mods-available/reqtimeout.conf' +maybe chmod 0644 'apache2/mods-available/reqtimeout.load' +maybe chmod 0644 'apache2/mods-available/request.load' +maybe chmod 0644 'apache2/mods-available/rewrite.load' +maybe chmod 0644 'apache2/mods-available/sed.load' +maybe chmod 0644 'apache2/mods-available/session.load' +maybe chmod 0644 'apache2/mods-available/session_cookie.load' +maybe chmod 0644 'apache2/mods-available/session_crypto.load' +maybe chmod 0644 'apache2/mods-available/session_dbd.load' +maybe chmod 0644 'apache2/mods-available/setenvif.conf' +maybe chmod 0644 'apache2/mods-available/setenvif.load' +maybe chmod 0644 'apache2/mods-available/slotmem_plain.load' +maybe chmod 0644 'apache2/mods-available/slotmem_shm.load' +maybe chmod 0644 'apache2/mods-available/socache_dbm.load' +maybe chmod 0644 'apache2/mods-available/socache_memcache.load' +maybe chmod 0644 'apache2/mods-available/socache_shmcb.load' +maybe chmod 0644 'apache2/mods-available/speling.load' +maybe chmod 0644 'apache2/mods-available/ssl.conf' +maybe chmod 0644 'apache2/mods-available/ssl.load' +maybe chmod 0644 'apache2/mods-available/status.conf' +maybe chmod 0644 'apache2/mods-available/status.load' +maybe chmod 0644 'apache2/mods-available/substitute.load' +maybe chmod 0644 'apache2/mods-available/suexec.load' +maybe chmod 0644 'apache2/mods-available/unique_id.load' +maybe chmod 0644 'apache2/mods-available/userdir.conf' +maybe chmod 0644 'apache2/mods-available/userdir.load' +maybe chmod 0644 'apache2/mods-available/usertrack.load' +maybe chmod 0644 'apache2/mods-available/vhost_alias.load' +maybe chmod 0644 'apache2/mods-available/xml2enc.load' +maybe chmod 0755 'apache2/mods-enabled' +maybe chmod 0644 'apache2/ports.conf' +maybe chmod 0755 'apache2/sites-available' +maybe chmod 0644 'apache2/sites-available/000-default-ssl.conf' +maybe chmod 0644 'apache2/sites-available/000-default.conf' +maybe chmod 0644 'apache2/sites-available/default-include.conf' +maybe chmod 0644 'apache2/sites-available/default-ssl.conf' +maybe chmod 0644 'apache2/sites-available/default-ssl.conf.dpkg-dist' +maybe chmod 0644 'apache2/sites-available/gitweb-le-ssl.conf' +maybe chmod 0644 'apache2/sites-available/gitweb.conf' +maybe chmod 0755 'apache2/sites-enabled' +maybe chmod 0755 'apm' +maybe chmod 0755 'apm/event.d' +maybe chmod 0755 'apparmor.d' +maybe chmod 0755 'apparmor.d/force-complain' +maybe chmod 0755 'apparmor.d/local' +maybe chmod 0644 'apparmor.d/local/usr.sbin.haveged' +maybe chmod 0644 'apparmor.d/local/usr.sbin.named' +maybe chmod 0644 'apparmor.d/usr.sbin.haveged' +maybe chmod 0644 'apparmor.d/usr.sbin.named' +maybe chmod 0755 'apt' +maybe chmod 0644 'apt/SALTSTACK-GPG-KEY.pub' +maybe chmod 0755 'apt/apt.conf.d' +maybe chmod 0644 'apt/apt.conf.d/00CDMountPoint' +maybe chmod 0644 'apt/apt.conf.d/00recommends' +maybe chmod 0644 'apt/apt.conf.d/00trustcdrom' +maybe chmod 0644 'apt/apt.conf.d/01autoremove' +maybe chmod 0444 'apt/apt.conf.d/01autoremove-kernels' +maybe chmod 0644 'apt/apt.conf.d/05etckeeper' +maybe chmod 0644 'apt/apt.conf.d/20listchanges' +maybe chmod 0644 'apt/apt.conf.d/70debconf' +maybe chmod 0644 'apt/listchanges.conf' +maybe chmod 0755 'apt/preferences.d' +maybe chmod 0644 'apt/repo.uhu-banane.de.gpg-key.pub' +maybe chmod 0644 'apt/repo.uhu-banane.de.gpg-key2.pub' +maybe chmod 0644 'apt/sources.list' +maybe chmod 0644 'apt/sources.list.bak' +maybe chmod 0644 'apt/sources.list.bak.1' +maybe chmod 0755 'apt/sources.list.d' +maybe chmod 0644 'apt/sources.list.d/fbrehm.list' +maybe chmod 0644 'apt/sources.list.d/fbrehm.list.bak' +maybe chmod 0644 'apt/sources.list.d/salt.list' +maybe chmod 0644 'apt/sources.list.d/salt.list.bak' +maybe chmod 0644 'apt/trusted.gpg' +maybe chmod 0755 'apt/trusted.gpg.d' +maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg' +maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg' +maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-stable.gpg' +maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg' +maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg' +maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-stretch-stable.gpg' +maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg' +maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg' +maybe chmod 0755 'apticron' +maybe chmod 0644 'apticron/apticron.conf' +maybe chgrp 'daemon' 'at.deny' +maybe chmod 0640 'at.deny' +maybe chmod 0644 'bash.bashrc' +maybe chmod 0644 'bash_completion' +maybe chmod 0755 'bash_completion.d' +maybe chmod 0644 'bash_completion.d/fail2ban' +maybe chmod 0644 'bash_completion.d/git-prompt' +maybe chmod 0644 'bash_completion.d/grub' +maybe chmod 0644 'bash_completion.d/insserv' +maybe chmod 0644 'bash_completion.d/salt-common' +maybe chgrp 'bind' 'bind' +maybe chmod 2755 'bind' +maybe chmod 0644 'bind/bind.keys' +maybe chmod 0644 'bind/db.0' +maybe chmod 0644 'bind/db.127' +maybe chmod 0644 'bind/db.255' +maybe chmod 0644 'bind/db.empty' +maybe chmod 0644 'bind/db.local' +maybe chmod 0644 'bind/db.root' +maybe chmod 0700 'bind/dnssec' +maybe chmod 0600 'bind/dnssec/Kdns-uhu-banane.+157+21915.key' +maybe chmod 0600 'bind/dnssec/Kdns-uhu-banane.+157+21915.private' +maybe chmod 0600 'bind/dnssec/Kdyn-dns-updater.+157+29290.key' +maybe chmod 0600 'bind/dnssec/Kdyn-dns-updater.+157+29290.private' +maybe chown 'bind' 'bind/dyn' +maybe chgrp 'bind' 'bind/dyn' +maybe chmod 0770 'bind/dyn' +maybe chmod 0644 'bind/dyn/dyn.brehm-online.com.zone' +maybe chmod 0644 'bind/dyn/dyn.brehm-online.com.zone.default' +maybe chmod 0644 'bind/dyn/dyn.uhu-banane.de.zone' +maybe chmod 0644 'bind/dyn/dyn.uhu-banane.de.zone.default' +maybe chmod 0644 'bind/named-acl.conf' +maybe chmod 0644 'bind/named-dyn.conf' +maybe chmod 0644 'bind/named-log.conf' +maybe chmod 0644 'bind/named-pri.conf' +maybe chmod 0644 'bind/named-sec.conf' +maybe chmod 0644 'bind/named.conf' +maybe chmod 0644 'bind/named.conf.default-zones' +maybe chmod 0644 'bind/named.conf.local' +maybe chmod 0644 'bind/named.conf.options' +maybe chown 'bind' 'bind/rndc.key' +maybe chgrp 'bind' 'bind/rndc.key' +maybe chmod 0640 'bind/rndc.key' +maybe chgrp 'bind' 'bind/zones' +maybe chmod 0755 'bind/zones' +maybe chmod 0644 'bind/zones.rfc1918' +maybe chmod 0644 'bind/zones/brehm-berlin.de.zone' +maybe chmod 0644 'bind/zones/brehm-online.com.zone' +maybe chmod 0644 'bind/zones/brehm-online.eu.zone' +maybe chmod 0644 'bind/zones/frankepedia.eu.zone' +maybe chmod 0644 'bind/zones/hennig-berlin.org.zone' +maybe chmod 0644 'bind/zones/home.brehm-online.com.zone' +maybe chmod 0644 'bind/zones/rev.10.12.11.zone' +maybe chmod 0644 'bind/zones/rev.10.12.20.zone' +maybe chmod 0644 'bind/zones/rev.2001-6f8-1db7-0.zone' +maybe chmod 0644 'bind/zones/rev.2001-6f8-1db7.zone' +maybe chmod 0644 'bind/zones/uhu-banane.com.zone' +maybe chmod 0644 'bind/zones/uhu-banane.de.zone' +maybe chmod 0644 'bind/zones/uhu-banane.eu.zone' +maybe chmod 0644 'bind/zones/uhu-banane.net.zone' +maybe chmod 0644 'bind/zones/uhu-banane.org.zone' +maybe chmod 0644 'bindresvport.blacklist' +maybe chmod 0755 'binfmt.d' +maybe chmod 0755 'ca-certificates' +maybe chmod 0644 'ca-certificates.conf' +maybe chmod 0644 'ca-certificates.conf.dpkg-old' +maybe chmod 0755 'ca-certificates/update.d' +maybe chmod 0755 'calendar' +maybe chmod 0644 'calendar/default' +maybe chmod 0755 'chrony' +maybe chmod 0644 'chrony/chrony.conf' +maybe chmod 0644 'chrony/chrony.conf.ucf-dist' +maybe chmod 0640 'chrony/chrony.keys' +maybe chmod 0644 'colordiffrc' +maybe chmod 0755 'console-setup' +maybe chmod 0644 'console-setup/cached_Lat15-Fixed16.psf.gz' +maybe chmod 0644 'console-setup/cached_UTF-8_del.kmap.gz' +maybe chmod 0755 'console-setup/cached_setup_font.sh' +maybe chmod 0755 'console-setup/cached_setup_keyboard.sh' +maybe chmod 0755 'console-setup/cached_setup_terminal.sh' +maybe chmod 0644 'console-setup/compose.ARMSCII-8.inc' +maybe chmod 0644 'console-setup/compose.CP1251.inc' +maybe chmod 0644 'console-setup/compose.CP1255.inc' +maybe chmod 0644 'console-setup/compose.CP1256.inc' +maybe chmod 0644 'console-setup/compose.GEORGIAN-ACADEMY.inc' +maybe chmod 0644 'console-setup/compose.GEORGIAN-PS.inc' +maybe chmod 0644 'console-setup/compose.IBM1133.inc' +maybe chmod 0644 'console-setup/compose.ISIRI-3342.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-1.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-10.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-11.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-13.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-14.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-15.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-16.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-2.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-3.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-4.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-5.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-6.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-7.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-8.inc' +maybe chmod 0644 'console-setup/compose.ISO-8859-9.inc' +maybe chmod 0644 'console-setup/compose.KOI8-R.inc' +maybe chmod 0644 'console-setup/compose.KOI8-U.inc' +maybe chmod 0644 'console-setup/compose.TIS-620.inc' +maybe chmod 0644 'console-setup/compose.VISCII.inc' +maybe chmod 0644 'console-setup/remap.inc' +maybe chmod 0755 'cron.d' +maybe chmod 0644 'cron.d/.placeholder' +maybe chmod 0644 'cron.d/apticron' +maybe chmod 0644 'cron.d/certbot' +maybe chmod 0644 'cron.d/greetings' +maybe chmod 0644 'cron.d/php' +maybe chmod 0755 'cron.daily' +maybe chmod 0644 'cron.daily/.placeholder' +maybe chmod 0755 'cron.daily/00logwatch' +maybe chmod 0755 'cron.daily/apache2' +maybe chmod 0755 'cron.daily/apt-compat' +maybe chmod 0755 'cron.daily/aptitude' +maybe chmod 0755 'cron.daily/bsdmainutils' +maybe chmod 0755 'cron.daily/dpkg' +maybe chmod 0755 'cron.daily/etckeeper' +maybe chmod 0755 'cron.daily/logrotate' +maybe chmod 0755 'cron.daily/man-db' +maybe chmod 0755 'cron.daily/mlocate' +maybe chmod 0755 'cron.daily/passwd' +maybe chmod 0755 'cron.hourly' +maybe chmod 0644 'cron.hourly/.placeholder' +maybe chmod 0755 'cron.monthly' +maybe chmod 0644 'cron.monthly/.placeholder' +maybe chmod 0755 'cron.weekly' +maybe chmod 0644 'cron.weekly/.placeholder' +maybe chmod 0755 'cron.weekly/man-db' +maybe chmod 0644 'crontab' +maybe chmod 0755 'cruft' +maybe chmod 0755 'cruft/filters-unex' +maybe chmod 0644 'cruft/filters-unex/etckeeper' +maybe chmod 0755 'dbus-1' +maybe chmod 0755 'dbus-1/session.d' +maybe chmod 0755 'dbus-1/system.d' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.hostname1.conf' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.locale1.conf' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.login1.conf' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.network1.conf' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.resolve1.conf' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.systemd1.conf' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.timedate1.conf' +maybe chmod 0644 'debconf.conf' +maybe chmod 0644 'debian_version' +maybe chmod 0755 'default' +maybe chmod 0644 'default/acpid' +maybe chmod 0644 'default/apache-htcacheclean' +maybe chmod 0644 'default/bind9' +maybe chmod 0644 'default/bsdmainutils' +maybe chmod 0644 'default/chrony' +maybe chmod 0644 'default/console-setup' +maybe chmod 0644 'default/cron' +maybe chmod 0644 'default/dbus' +maybe chmod 0644 'default/devpts' +maybe chmod 0644 'default/fail2ban' +maybe chmod 0644 'default/grub' +maybe chmod 0644 'default/grub.ucf-dist' +maybe chmod 0644 'default/halt' +maybe chmod 0644 'default/haveged' +maybe chmod 0644 'default/hwclock' +maybe chmod 0644 'default/keyboard' +maybe chmod 0644 'default/locale' +maybe chmod 0644 'default/locale.bak' +maybe chmod 0644 'default/netfilter-persistent' +maybe chmod 0644 'default/networking' +maybe chmod 0644 'default/nss' +maybe chmod 0644 'default/rcS' +maybe chmod 0644 'default/rsync' +maybe chmod 0644 'default/rsyslog' +maybe chmod 0644 'default/salt-master.environment' +maybe chmod 0644 'default/salt-minion.environment' +maybe chmod 0644 'default/slapd' +maybe chmod 0644 'default/ssh' +maybe chmod 0644 'default/tmpfs' +maybe chmod 0644 'default/useradd' +maybe chmod 0644 'deluser.conf' +maybe chmod 0755 'dhcp' +maybe chmod 0755 'dhcp/dhclient-enter-hooks.d' +maybe chmod 0644 'dhcp/dhclient-enter-hooks.d/nodnsupdate' +maybe chmod 0644 'dhcp/dhclient-enter-hooks.d/resolvconf' +maybe chmod 0755 'dhcp/dhclient-exit-hooks.d' +maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/timesyncd' +maybe chmod 0644 'dhcpcd.conf' +maybe chmod 0644 'dhcpcd.conf.bak' +maybe chmod 0644 'dhcpcd.conf.dpkg-dist' +maybe chmod 0644 'dhcpcd.duid' +maybe chmod 0755 'dictionaries-common' +maybe chmod 0644 'discover-modprobe.conf' +maybe chmod 0755 'discover.conf.d' +maybe chmod 0644 'discover.conf.d/00discover' +maybe chmod 0755 'dpkg' +maybe chmod 0644 'dpkg/dpkg.cfg' +maybe chmod 0755 'dpkg/dpkg.cfg.d' +maybe chmod 0755 'dpkg/origins' +maybe chmod 0644 'dpkg/origins/debian' +maybe chmod 0755 'elinks' +maybe chmod 0644 'elinks/elinks.conf' +maybe chmod 0755 'emacs' +maybe chmod 0755 'emacs/site-start.d' +maybe chmod 0644 'emacs/site-start.d/00debian-vars.el' +maybe chmod 0644 'emacs/site-start.d/50dictionaries-common.el' +maybe chmod 0644 'emacs/site-start.d/50psvn.el' +maybe chmod 0644 'emacs/site-start.el' +maybe chmod 0644 'environment' +maybe chmod 0755 'etckeeper' +maybe chmod 0755 'etckeeper/commit.d' +maybe chmod 0755 'etckeeper/commit.d/10vcs-test' +maybe chmod 0755 'etckeeper/commit.d/30bzr-add' +maybe chmod 0755 'etckeeper/commit.d/30darcs-add' +maybe chmod 0755 'etckeeper/commit.d/30git-add' +maybe chmod 0755 'etckeeper/commit.d/30hg-addremove' +maybe chmod 0755 'etckeeper/commit.d/50vcs-commit' +maybe chmod 0755 'etckeeper/commit.d/99push' +maybe chmod 0644 'etckeeper/commit.d/README' +maybe chmod 0755 'etckeeper/daily' +maybe chmod 0644 'etckeeper/etckeeper.conf' +maybe chmod 0755 'etckeeper/init.d' +maybe chmod 0755 'etckeeper/init.d/10restore-metadata' +maybe chmod 0755 'etckeeper/init.d/20restore-etckeeper' +maybe chmod 0755 'etckeeper/init.d/40vcs-init' +maybe chmod 0755 'etckeeper/init.d/50vcs-ignore' +maybe chmod 0755 'etckeeper/init.d/50vcs-perm' +maybe chmod 0755 'etckeeper/init.d/50vcs-pre-commit-hook' +maybe chmod 0755 'etckeeper/init.d/60darcs-deleted-symlinks' +maybe chmod 0755 'etckeeper/init.d/70vcs-add' +maybe chmod 0644 'etckeeper/init.d/README' +maybe chmod 0755 'etckeeper/list-installed.d' +maybe chmod 0755 'etckeeper/list-installed.d/50list-installed' +maybe chmod 0755 'etckeeper/post-install.d' +maybe chmod 0755 'etckeeper/post-install.d/50vcs-commit' +maybe chmod 0644 'etckeeper/post-install.d/README' +maybe chmod 0755 'etckeeper/pre-commit.d' +maybe chmod 0755 'etckeeper/pre-commit.d/20warn-problem-files' +maybe chmod 0755 'etckeeper/pre-commit.d/30store-metadata' +maybe chmod 0644 'etckeeper/pre-commit.d/README' +maybe chmod 0755 'etckeeper/pre-install.d' +maybe chmod 0755 'etckeeper/pre-install.d/10packagelist' +maybe chmod 0755 'etckeeper/pre-install.d/50uncommitted-changes' +maybe chmod 0644 'etckeeper/pre-install.d/README' +maybe chmod 0755 'etckeeper/unclean.d' +maybe chmod 0755 'etckeeper/unclean.d/50test' +maybe chmod 0644 'etckeeper/unclean.d/README' +maybe chmod 0755 'etckeeper/uninit.d' +maybe chmod 0755 'etckeeper/uninit.d/01prompt' +maybe chmod 0755 'etckeeper/uninit.d/50remove-metadata' +maybe chmod 0755 'etckeeper/uninit.d/50vcs-uninit' +maybe chmod 0644 'etckeeper/uninit.d/README' +maybe chmod 0755 'etckeeper/update-ignore.d' +maybe chmod 0755 'etckeeper/update-ignore.d/01update-ignore' +maybe chmod 0644 'etckeeper/update-ignore.d/README' +maybe chmod 0755 'etckeeper/vcs.d' +maybe chmod 0755 'etckeeper/vcs.d/50vcs-cmd' +maybe chmod 0755 'fail2ban' +maybe chmod 0755 'fail2ban/action.d' +maybe chmod 0644 'fail2ban/action.d/apf.conf' +maybe chmod 0644 'fail2ban/action.d/badips.conf' +maybe chmod 0644 'fail2ban/action.d/badips.py' +maybe chmod 0644 'fail2ban/action.d/blocklist_de.conf' +maybe chmod 0644 'fail2ban/action.d/bsd-ipfw.conf' +maybe chmod 0644 'fail2ban/action.d/cloudflare.conf' +maybe chmod 0644 'fail2ban/action.d/complain.conf' +maybe chmod 0644 'fail2ban/action.d/dshield.conf' +maybe chmod 0644 'fail2ban/action.d/dummy.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-allports.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-ipset.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-multiport.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-new.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-rich-logging.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-rich-rules.conf' +maybe chmod 0644 'fail2ban/action.d/hostsdeny.conf' +maybe chmod 0644 'fail2ban/action.d/ipfilter.conf' +maybe chmod 0644 'fail2ban/action.d/ipfw.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-allports.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-blocktype.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-common.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto4.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto6-allports.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto6.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-multiport-log.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-multiport.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-new.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-xt_recent-echo.conf' +maybe chmod 0644 'fail2ban/action.d/iptables.conf' +maybe chmod 0644 'fail2ban/action.d/mail-buffered.conf' +maybe chmod 0644 'fail2ban/action.d/mail-whois-common.conf' +maybe chmod 0644 'fail2ban/action.d/mail-whois-lines.conf' +maybe chmod 0644 'fail2ban/action.d/mail-whois.conf' +maybe chmod 0644 'fail2ban/action.d/mail.conf' +maybe chmod 0644 'fail2ban/action.d/mynetwatchman.conf' +maybe chmod 0644 'fail2ban/action.d/nftables-allports.conf' +maybe chmod 0644 'fail2ban/action.d/nftables-common.conf' +maybe chmod 0644 'fail2ban/action.d/nftables-multiport.conf' +maybe chmod 0644 'fail2ban/action.d/npf.conf' +maybe chmod 0644 'fail2ban/action.d/nsupdate.conf' +maybe chmod 0644 'fail2ban/action.d/osx-afctl.conf' +maybe chmod 0644 'fail2ban/action.d/osx-ipfw.conf' +maybe chmod 0644 'fail2ban/action.d/pf.conf' +maybe chmod 0644 'fail2ban/action.d/route.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-buffered.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-common.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-common.conf.dpkg-dist' +maybe chmod 0644 'fail2ban/action.d/sendmail-geoip-lines.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois-ipjailmatches.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois-ipmatches.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois-lines.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois-matches.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois.conf.dpkg-dist' +maybe chmod 0644 'fail2ban/action.d/sendmail.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail.conf.dpkg-dist' +maybe chmod 0644 'fail2ban/action.d/shorewall-ipset-proto6.conf' +maybe chmod 0644 'fail2ban/action.d/shorewall.conf' +maybe chmod 0644 'fail2ban/action.d/smtp.py' +maybe chmod 0644 'fail2ban/action.d/symbiosis-blacklist-allports.conf' +maybe chmod 0644 'fail2ban/action.d/ufw.conf' +maybe chmod 0644 'fail2ban/action.d/xarf-login-attack.conf' +maybe chmod 0644 'fail2ban/fail2ban.conf' +maybe chmod 0644 'fail2ban/fail2ban.conf.dpkg-dist' +maybe chmod 0755 'fail2ban/fail2ban.d' +maybe chmod 0755 'fail2ban/filter.d' +maybe chmod 0644 'fail2ban/filter.d/3proxy.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-badbots.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-botsearch.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-common.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-fakegooglebot.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-modsecurity.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-nohome.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-noscript.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-overflows.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-pass.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-shellshock.conf' +maybe chmod 0644 'fail2ban/filter.d/assp.conf' +maybe chmod 0644 'fail2ban/filter.d/asterisk.conf' +maybe chmod 0644 'fail2ban/filter.d/botsearch-common.conf' +maybe chmod 0644 'fail2ban/filter.d/common.conf' +maybe chmod 0644 'fail2ban/filter.d/counter-strike.conf' +maybe chmod 0644 'fail2ban/filter.d/courier-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/courier-smtp.conf' +maybe chmod 0644 'fail2ban/filter.d/cyrus-imap.conf' +maybe chmod 0644 'fail2ban/filter.d/directadmin.conf' +maybe chmod 0644 'fail2ban/filter.d/dovecot.conf' +maybe chmod 0644 'fail2ban/filter.d/dropbear.conf' +maybe chmod 0644 'fail2ban/filter.d/drupal-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/ejabberd-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/exim-common.conf' +maybe chmod 0644 'fail2ban/filter.d/exim-spam.conf' +maybe chmod 0644 'fail2ban/filter.d/exim.conf' +maybe chmod 0644 'fail2ban/filter.d/freeswitch.conf' +maybe chmod 0644 'fail2ban/filter.d/froxlor-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/groupoffice.conf' +maybe chmod 0644 'fail2ban/filter.d/gssftpd.conf' +maybe chmod 0644 'fail2ban/filter.d/guacamole.conf' +maybe chmod 0644 'fail2ban/filter.d/haproxy-http-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/horde.conf' +maybe chmod 0755 'fail2ban/filter.d/ignorecommands' +maybe chmod 0755 'fail2ban/filter.d/ignorecommands/apache-fakegooglebot' +maybe chmod 0644 'fail2ban/filter.d/kerio.conf' +maybe chmod 0644 'fail2ban/filter.d/lighttpd-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/mongodb-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/monit.conf' +maybe chmod 0644 'fail2ban/filter.d/murmur.conf' +maybe chmod 0644 'fail2ban/filter.d/mysqld-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/nagios.conf' +maybe chmod 0644 'fail2ban/filter.d/named-refused.conf' +maybe chmod 0644 'fail2ban/filter.d/nginx-botsearch.conf' +maybe chmod 0644 'fail2ban/filter.d/nginx-http-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/nginx-limit-req.conf' +maybe chmod 0644 'fail2ban/filter.d/nsd.conf' +maybe chmod 0644 'fail2ban/filter.d/openhab.conf' +maybe chmod 0644 'fail2ban/filter.d/openwebmail.conf' +maybe chmod 0644 'fail2ban/filter.d/oracleims.conf' +maybe chmod 0644 'fail2ban/filter.d/pam-generic.conf' +maybe chmod 0644 'fail2ban/filter.d/perdition.conf' +maybe chmod 0644 'fail2ban/filter.d/php-url-fopen.conf' +maybe chmod 0644 'fail2ban/filter.d/portsentry.conf' +maybe chmod 0644 'fail2ban/filter.d/postfix-rbl.conf' +maybe chmod 0644 'fail2ban/filter.d/postfix-sasl.conf' +maybe chmod 0644 'fail2ban/filter.d/postfix.conf' +maybe chmod 0644 'fail2ban/filter.d/proftpd.conf' +maybe chmod 0644 'fail2ban/filter.d/pure-ftpd.conf' +maybe chmod 0644 'fail2ban/filter.d/qmail.conf' +maybe chmod 0644 'fail2ban/filter.d/recidive.conf' +maybe chmod 0644 'fail2ban/filter.d/roundcube-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/screensharingd.conf' +maybe chmod 0644 'fail2ban/filter.d/selinux-common.conf' +maybe chmod 0644 'fail2ban/filter.d/selinux-ssh.conf' +maybe chmod 0644 'fail2ban/filter.d/sendmail-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/sendmail-reject.conf' +maybe chmod 0644 'fail2ban/filter.d/sieve.conf' +maybe chmod 0644 'fail2ban/filter.d/slapd.conf' +maybe chmod 0644 'fail2ban/filter.d/sogo-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/solid-pop3d.conf' +maybe chmod 0644 'fail2ban/filter.d/squid.conf' +maybe chmod 0644 'fail2ban/filter.d/squirrelmail.conf' +maybe chmod 0644 'fail2ban/filter.d/sshd-ddos.conf' +maybe chmod 0644 'fail2ban/filter.d/sshd.conf' +maybe chmod 0644 'fail2ban/filter.d/stunnel.conf' +maybe chmod 0644 'fail2ban/filter.d/suhosin.conf' +maybe chmod 0644 'fail2ban/filter.d/tine20.conf' +maybe chmod 0644 'fail2ban/filter.d/uwimap-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/vsftpd.conf' +maybe chmod 0644 'fail2ban/filter.d/webmin-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/wuftpd.conf' +maybe chmod 0644 'fail2ban/filter.d/xinetd-fail.conf' +maybe chmod 0644 'fail2ban/jail.conf' +maybe chmod 0644 'fail2ban/jail.conf.bak' +maybe chmod 0644 'fail2ban/jail.conf.dpkg-dist' +maybe chmod 0755 'fail2ban/jail.d' +maybe chmod 0644 'fail2ban/jail.d/apache-jail.conf' +maybe chmod 0644 'fail2ban/jail.d/defaults-debian.conf' +maybe chmod 0644 'fail2ban/jail.d/postfix.conf' +maybe chmod 0644 'fail2ban/jail.d/ssh.conf' +maybe chmod 0644 'fail2ban/paths-common.conf' +maybe chmod 0644 'fail2ban/paths-debian.conf' +maybe chmod 0644 'fail2ban/paths-opensuse.conf' +maybe chmod 0755 'fonts' +maybe chmod 0755 'fonts/conf.avail' +maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-lgc-sans-mono.conf' +maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-lgc-sans.conf' +maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-lgc-serif.conf' +maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-sans-mono.conf' +maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-sans.conf' +maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-serif.conf' +maybe chmod 0644 'fonts/conf.avail/57-dejavu-sans-mono.conf' +maybe chmod 0644 'fonts/conf.avail/57-dejavu-sans.conf' +maybe chmod 0644 'fonts/conf.avail/57-dejavu-serif.conf' +maybe chmod 0644 'fonts/conf.avail/58-dejavu-lgc-sans-mono.conf' +maybe chmod 0644 'fonts/conf.avail/58-dejavu-lgc-sans.conf' +maybe chmod 0644 'fonts/conf.avail/58-dejavu-lgc-serif.conf' +maybe chmod 0755 'fonts/conf.d' +maybe chmod 0644 'fonts/conf.d/README' +maybe chmod 0644 'fonts/fonts.conf' +maybe chmod 0644 'fstab' +maybe chmod 0755 'ftp-backup' +maybe chmod 0644 'ftp-backup/backup-per-ftp.cfg' +maybe chown 'frank' 'ftp-backup/backup-per-sftp.cfg' +maybe chgrp 'users' 'ftp-backup/backup-per-sftp.cfg' +maybe chmod 0644 'ftp-backup/backup-per-sftp.cfg' +maybe chown 'frank' 'ftp-backup/id_rsa' +maybe chgrp 'users' 'ftp-backup/id_rsa' +maybe chmod 0600 'ftp-backup/id_rsa' +maybe chown 'frank' 'ftp-backup/id_rsa.pub' +maybe chgrp 'users' 'ftp-backup/id_rsa.pub' +maybe chmod 0644 'ftp-backup/id_rsa.pub' +maybe chmod 0644 'gai.conf' +maybe chmod 0644 'gitweb.conf' +maybe chmod 0755 'groff' +maybe chmod 0644 'groff/man.local' +maybe chmod 0644 'groff/mdoc.local' +maybe chmod 0644 'group' +maybe chmod 0600 'group-' +maybe chmod 0755 'grub.d' +maybe chmod 0755 'grub.d/00_header' +maybe chmod 0755 'grub.d/05_debian_theme' +maybe chmod 0755 'grub.d/10_linux' +maybe chmod 0755 'grub.d/20_linux_xen' +maybe chmod 0755 'grub.d/30_os-prober' +maybe chmod 0755 'grub.d/30_uefi-firmware' +maybe chmod 0755 'grub.d/40_custom' +maybe chmod 0755 'grub.d/41_custom' +maybe chmod 0644 'grub.d/README' +maybe chgrp 'shadow' 'gshadow' +maybe chmod 0640 'gshadow' +maybe chmod 0600 'gshadow-' +maybe chmod 0755 'gss' +maybe chmod 0755 'gss/mech.d' +maybe chmod 0644 'gss/mech.d/README' +maybe chmod 0644 'host.conf' +maybe chmod 0644 'hostname' +maybe chmod 0644 'hosts' +maybe chmod 0644 'hosts.allow' +maybe chmod 0644 'hosts.deny' +maybe chmod 0755 'init' +maybe chmod 0755 'init.d' +maybe chmod 0644 'init.d/README' +maybe chmod 0755 'init.d/acpid' +maybe chmod 0755 'init.d/apache-htcacheclean' +maybe chmod 0755 'init.d/apache2' +maybe chmod 0755 'init.d/atd' +maybe chmod 0755 'init.d/bind9' +maybe chmod 0755 'init.d/bootlogs' +maybe chmod 0755 'init.d/bootmisc.sh' +maybe chmod 0755 'init.d/cgmanager' +maybe chmod 0755 'init.d/cgproxy' +maybe chmod 0755 'init.d/checkfs.sh' +maybe chmod 0755 'init.d/checkroot-bootclean.sh' +maybe chmod 0755 'init.d/checkroot.sh' +maybe chmod 0755 'init.d/chrony' +maybe chmod 0755 'init.d/console-setup.sh' +maybe chmod 0755 'init.d/cron' +maybe chmod 0755 'init.d/dbus' +maybe chmod 0755 'init.d/dhcpcd' +maybe chmod 0755 'init.d/fail2ban' +maybe chmod 0755 'init.d/halt' +maybe chmod 0755 'init.d/haveged' +maybe chmod 0755 'init.d/hostname.sh' +maybe chmod 0755 'init.d/hwclock.sh' +maybe chmod 0755 'init.d/keyboard-setup.sh' +maybe chmod 0755 'init.d/killprocs' +maybe chmod 0755 'init.d/kmod' +maybe chmod 0755 'init.d/lvm2' +maybe chmod 0755 'init.d/lvm2-lvmetad' +maybe chmod 0755 'init.d/lvm2-lvmpolld' +maybe chmod 0755 'init.d/mountall-bootclean.sh' +maybe chmod 0755 'init.d/mountall.sh' +maybe chmod 0755 'init.d/mountdevsubfs.sh' +maybe chmod 0755 'init.d/mountkernfs.sh' +maybe chmod 0755 'init.d/mountnfs-bootclean.sh' +maybe chmod 0755 'init.d/mountnfs.sh' +maybe chmod 0755 'init.d/netfilter-persistent' +maybe chmod 0755 'init.d/networking' +maybe chmod 0755 'init.d/postfix' +maybe chmod 0755 'init.d/procps' +maybe chmod 0755 'init.d/rc' +maybe chmod 0755 'init.d/rc.local' +maybe chmod 0755 'init.d/rcS' +maybe chmod 0755 'init.d/reboot' +maybe chmod 0755 'init.d/resolvconf' +maybe chmod 0755 'init.d/rmnologin' +maybe chmod 0755 'init.d/rsync' +maybe chmod 0755 'init.d/rsyslog' +maybe chmod 0755 'init.d/salt-master' +maybe chmod 0755 'init.d/salt-minion' +maybe chmod 0755 'init.d/sendsigs' +maybe chmod 0755 'init.d/single' +maybe chmod 0644 'init.d/skeleton' +maybe chmod 0755 'init.d/slapd' +maybe chmod 0755 'init.d/ssh' +maybe chmod 0755 'init.d/sudo' +maybe chmod 0755 'init.d/udev' +maybe chmod 0755 'init.d/ulogd2' +maybe chmod 0755 'init.d/umountfs' +maybe chmod 0755 'init.d/umountnfs.sh' +maybe chmod 0755 'init.d/umountroot' +maybe chmod 0755 'init.d/urandom' +maybe chmod 0644 'init/cgmanager.conf' +maybe chmod 0644 'init/cgproxy.conf' +maybe chmod 0644 'init/network-interface-container.conf' +maybe chmod 0644 'init/network-interface-security.conf' +maybe chmod 0644 'init/network-interface.conf' +maybe chmod 0644 'init/networking.conf' +maybe chmod 0644 'init/resolvconf.conf' +maybe chmod 0644 'init/salt-master.conf' +maybe chmod 0644 'init/salt-minion.conf' +maybe chmod 0644 'init/ssh.conf' +maybe chmod 0644 'init/startpar-bridge.conf' +maybe chmod 0644 'init/udev.conf' +maybe chmod 0644 'init/udevmonitor.conf' +maybe chmod 0644 'init/udevtrigger.conf' +maybe chmod 0644 'init/ulogd2.conf' +maybe chmod 0755 'initramfs-tools' +maybe chmod 0755 'initramfs-tools/conf.d' +maybe chmod 0644 'initramfs-tools/conf.d/driver-policy' +maybe chmod 0755 'initramfs-tools/hooks' +maybe chmod 0644 'initramfs-tools/initramfs.conf' +maybe chmod 0644 'initramfs-tools/modules' +maybe chmod 0755 'initramfs-tools/scripts' +maybe chmod 0755 'initramfs-tools/scripts/init-bottom' +maybe chmod 0755 'initramfs-tools/scripts/init-premount' +maybe chmod 0755 'initramfs-tools/scripts/init-top' +maybe chmod 0755 'initramfs-tools/scripts/local-bottom' +maybe chmod 0755 'initramfs-tools/scripts/local-premount' +maybe chmod 0755 'initramfs-tools/scripts/local-top' +maybe chmod 0755 'initramfs-tools/scripts/nfs-bottom' +maybe chmod 0755 'initramfs-tools/scripts/nfs-premount' +maybe chmod 0755 'initramfs-tools/scripts/nfs-top' +maybe chmod 0755 'initramfs-tools/scripts/panic' +maybe chmod 0644 'initramfs-tools/update-initramfs.conf' +maybe chmod 0644 'inittab' +maybe chmod 0644 'inittabminion' +maybe chmod 0644 'inputrc' +maybe chmod 0755 'insserv' +maybe chmod 0644 'insserv.conf' +maybe chmod 0755 'insserv.conf.d' +maybe chmod 0644 'insserv.conf.d/postfix' +maybe chmod 0755 'insserv/overrides' +maybe chmod 0755 'iproute2' +maybe chmod 0644 'iproute2/bpf_pinning' +maybe chmod 0644 'iproute2/ematch_map' +maybe chmod 0644 'iproute2/group' +maybe chmod 0644 'iproute2/nl_protos' +maybe chmod 0644 'iproute2/rt_dsfield' +maybe chmod 0644 'iproute2/rt_protos' +maybe chmod 0644 'iproute2/rt_realms' +maybe chmod 0644 'iproute2/rt_scopes' +maybe chmod 0644 'iproute2/rt_tables' +maybe chmod 0755 'iproute2/rt_tables.d' +maybe chmod 0644 'iproute2/rt_tables.d/README' +maybe chmod 0755 'iptables' +maybe chmod 0640 'iptables/rules.v4' +maybe chmod 0640 'iptables/rules.v6' +maybe chmod 0755 'iscsi' +maybe chmod 0600 'iscsi/iscsid.conf' +maybe chmod 0644 'issue' +maybe chmod 0644 'issue.net' +maybe chmod 0755 'kernel' +maybe chmod 0644 'kernel-img.conf' +maybe chmod 0755 'kernel/install.d' +maybe chmod 0755 'kernel/postinst.d' +maybe chmod 0755 'kernel/postinst.d/apt-auto-removal' +maybe chmod 0755 'kernel/postinst.d/initramfs-tools' +maybe chmod 0755 'kernel/postinst.d/zz-update-grub' +maybe chmod 0755 'kernel/postrm.d' +maybe chmod 0755 'kernel/postrm.d/initramfs-tools' +maybe chmod 0755 'kernel/postrm.d/zz-update-grub' +maybe chmod 0644 'ld.so.conf' +maybe chmod 0755 'ld.so.conf.d' +maybe chmod 0644 'ld.so.conf.d/libc.conf' +maybe chmod 0644 'ld.so.conf.d/x86_64-linux-gnu.conf' +maybe chmod 0755 'ldap' +maybe chmod 0644 'ldap/ldap.conf' +maybe chown 'openldap' 'ldap/sasl2' +maybe chgrp 'openldap' 'ldap/sasl2' +maybe chmod 0755 'ldap/sasl2' +maybe chown 'openldap' 'ldap/sasl2/ca-certificates.crt' +maybe chgrp 'openldap' 'ldap/sasl2/ca-certificates.crt' +maybe chmod 0644 'ldap/sasl2/ca-certificates.crt' +maybe chown 'openldap' 'ldap/sasl2/server.crt' +maybe chgrp 'openldap' 'ldap/sasl2/server.crt' +maybe chmod 0400 'ldap/sasl2/server.crt' +maybe chown 'openldap' 'ldap/sasl2/server.key' +maybe chgrp 'openldap' 'ldap/sasl2/server.key' +maybe chmod 0400 'ldap/sasl2/server.key' +maybe chmod 0755 'ldap/schema' +maybe chmod 0644 'ldap/schema/README' +maybe chmod 0644 'ldap/schema/collective.ldif' +maybe chmod 0644 'ldap/schema/collective.schema' +maybe chmod 0644 'ldap/schema/corba.ldif' +maybe chmod 0644 'ldap/schema/corba.schema' +maybe chmod 0644 'ldap/schema/core.ldif' +maybe chmod 0644 'ldap/schema/core.schema' +maybe chmod 0644 'ldap/schema/cosine.ldif' +maybe chmod 0644 'ldap/schema/cosine.schema' +maybe chmod 0644 'ldap/schema/duaconf.ldif' +maybe chmod 0644 'ldap/schema/duaconf.schema' +maybe chmod 0644 'ldap/schema/dyngroup.ldif' +maybe chmod 0644 'ldap/schema/dyngroup.schema' +maybe chmod 0644 'ldap/schema/inetorgperson.ldif' +maybe chmod 0644 'ldap/schema/inetorgperson.schema' +maybe chmod 0644 'ldap/schema/java.ldif' +maybe chmod 0644 'ldap/schema/java.schema' +maybe chmod 0644 'ldap/schema/misc.ldif' +maybe chmod 0644 'ldap/schema/misc.schema' +maybe chmod 0644 'ldap/schema/nis.ldif' +maybe chmod 0644 'ldap/schema/nis.schema' +maybe chmod 0644 'ldap/schema/openldap.ldif' +maybe chmod 0644 'ldap/schema/openldap.schema' +maybe chmod 0644 'ldap/schema/pmi.ldif' +maybe chmod 0644 'ldap/schema/pmi.schema' +maybe chmod 0644 'ldap/schema/ppolicy.ldif' +maybe chmod 0644 'ldap/schema/ppolicy.schema' +maybe chown 'openldap' 'ldap/slapd.d' +maybe chgrp 'openldap' 'ldap/slapd.d' +maybe chmod 0755 'ldap/slapd.d' +maybe chown 'openldap' 'ldap/slapd.d/cn=config' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config' +maybe chmod 0750 'ldap/slapd.d/cn=config' +maybe chown 'openldap' 'ldap/slapd.d/cn=config.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/cn=module{0}.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/cn=module{0}.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/cn=module{0}.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/cn=schema' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/cn=schema' +maybe chmod 0750 'ldap/slapd.d/cn=config/cn=schema' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/cn=schema.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/cn=schema.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/cn=schema.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/cn=schema/cn={0}core.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/cn=schema/cn={0}core.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/cn=schema/cn={0}core.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/cn=schema/cn={2}nis.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/cn=schema/cn={2}nis.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/cn=schema/cn={2}nis.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/cn=schema/cn={3}inetorgperson.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/cn=schema/cn={3}inetorgperson.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/cn=schema/cn={3}inetorgperson.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/olcBackend={0}mdb.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/olcBackend={0}mdb.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/olcBackend={0}mdb.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/olcDatabase={0}config.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/olcDatabase={0}config.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/olcDatabase={0}config.ldif' +maybe chown 'openldap' 'ldap/slapd.d/cn=config/olcDatabase={1}mdb.ldif' +maybe chgrp 'openldap' 'ldap/slapd.d/cn=config/olcDatabase={1}mdb.ldif' +maybe chmod 0600 'ldap/slapd.d/cn=config/olcDatabase={1}mdb.ldif' +maybe chmod 0755 'letsencrypt' +maybe chmod 0700 'letsencrypt/accounts' +maybe chmod 0700 'letsencrypt/accounts/acme-staging.api.letsencrypt.org' +maybe chmod 0700 'letsencrypt/accounts/acme-staging.api.letsencrypt.org/directory' +maybe chmod 0700 'letsencrypt/accounts/acme-staging.api.letsencrypt.org/directory/4fee9b4c205a4c1554f17b4b26ab41ad' +maybe chmod 0644 'letsencrypt/accounts/acme-staging.api.letsencrypt.org/directory/4fee9b4c205a4c1554f17b4b26ab41ad/meta.json' +maybe chmod 0400 'letsencrypt/accounts/acme-staging.api.letsencrypt.org/directory/4fee9b4c205a4c1554f17b4b26ab41ad/private_key.json' +maybe chmod 0644 'letsencrypt/accounts/acme-staging.api.letsencrypt.org/directory/4fee9b4c205a4c1554f17b4b26ab41ad/regr.json' +maybe chmod 0700 'letsencrypt/accounts/acme-v01.api.letsencrypt.org' +maybe chmod 0700 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory' +maybe chmod 0700 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/e561072b5115f341fae4d1213e11ea49' +maybe chmod 0644 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/e561072b5115f341fae4d1213e11ea49/meta.json' +maybe chmod 0400 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/e561072b5115f341fae4d1213e11ea49/private_key.json' +maybe chmod 0644 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/e561072b5115f341fae4d1213e11ea49/regr.json' +maybe chmod 0700 'letsencrypt/archive' +maybe chmod 0755 'letsencrypt/archive/git.uhu-banane.net' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/cert1.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/cert2.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/cert3.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/cert4.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/cert5.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/chain1.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/chain2.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/chain3.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/chain4.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/chain5.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/fullchain1.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/fullchain2.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/fullchain3.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/fullchain4.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/fullchain5.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/privkey1.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/privkey2.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/privkey3.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/privkey4.pem' +maybe chmod 0644 'letsencrypt/archive/git.uhu-banane.net/privkey5.pem' +maybe chmod 0755 'letsencrypt/csr' +maybe chmod 0644 'letsencrypt/csr/0000_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/0001_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/0002_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/0003_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/0004_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/0005_csr-certbot.pem' +maybe chmod 0700 'letsencrypt/keys' +maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/0001_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/0002_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/0003_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/0004_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/0005_key-certbot.pem' +maybe chmod 0700 'letsencrypt/live' +maybe chmod 0755 'letsencrypt/live/git.uhu-banane.net' +maybe chmod 0644 'letsencrypt/options-ssl-apache.conf' +maybe chmod 0755 'letsencrypt/renewal' +maybe chmod 0644 'letsencrypt/renewal/git.uhu-banane.net.conf' +maybe chmod 0644 'lftp.conf' +maybe chmod 0644 'libaudit.conf' +maybe chmod 0755 'lighttpd' +maybe chmod 0755 'lighttpd/conf-available' +maybe chmod 0644 'lighttpd/conf-available/90-javascript-alias.conf' +maybe chmod 0755 'lighttpd/conf-enabled' +maybe chmod 0644 'locale.alias' +maybe chmod 0644 'locale.gen' +maybe chmod 0755 'logcheck' +maybe chmod 0755 'logcheck/ignore.d.server' +maybe chmod 0644 'logcheck/ignore.d.server/libsasl2-modules' +maybe chmod 0644 'logcheck/ignore.d.server/rsyslog' +maybe chmod 0644 'login.defs' +maybe chmod 0644 'logrotate.conf' +maybe chmod 0755 'logrotate.d' +maybe chmod 0644 'logrotate.d/apache2' +maybe chmod 0644 'logrotate.d/apt' +maybe chmod 0644 'logrotate.d/aptitude' +maybe chmod 0644 'logrotate.d/bind' +maybe chmod 0644 'logrotate.d/chrony' +maybe chmod 0644 'logrotate.d/chrony.dpkg-dist' +maybe chmod 0644 'logrotate.d/dpkg' +maybe chmod 0644 'logrotate.d/fail2ban' +maybe chmod 0644 'logrotate.d/rsyslog' +maybe chmod 0644 'logrotate.d/salt-common' +maybe chmod 0644 'logrotate.d/ulogd2' +maybe chmod 0755 'logwatch' +maybe chmod 0755 'logwatch/conf' +maybe chmod 0755 'logwatch/conf/logfiles' +maybe chmod 0644 'logwatch/conf/logfiles/cron.conf' +maybe chmod 0644 'logwatch/conf/logfiles/daemon.conf' +maybe chmod 0644 'logwatch/conf/logfiles/fail2ban.conf' +maybe chmod 0644 'logwatch/conf/logfiles/iptables.conf' +maybe chmod 0644 'logwatch/conf/logfiles/maillog.conf' +maybe chmod 0644 'logwatch/conf/logfiles/named.conf' +maybe chmod 0644 'logwatch/conf/logfiles/secure.conf' +maybe chmod 0644 'logwatch/conf/logfiles/syslog.conf' +maybe chmod 0644 'logwatch/conf/logwatch.conf' +maybe chmod 0755 'logwatch/conf/services' +maybe chmod 0644 'logwatch/conf/services/iptables.conf' +maybe chmod 0644 'logwatch/conf/services/named.conf' +maybe chmod 0755 'logwatch/scripts' +maybe chmod 0755 'logwatch/scripts/services' +maybe chmod 0755 'lvm' +maybe chmod 0700 'lvm/backup' +maybe chmod 0600 'lvm/backup/vg00' +maybe chmod 0644 'lvm/lvm.conf' +maybe chmod 0444 'machine-id' +maybe chmod 0644 'magic' +maybe chmod 0644 'magic.mime' +maybe chmod 0644 'mailcap' +maybe chmod 0644 'mailcap.order' +maybe chmod 0644 'mailname' +maybe chmod 0644 'manpath.config' +maybe chmod 0644 'mime.types' +maybe chmod 0644 'mke2fs.conf' +maybe chmod 0755 'modprobe.d' +maybe chmod 0644 'modules' +maybe chmod 0755 'modules-load.d' +maybe chmod 0755 'monit' +maybe chmod 0755 'monit/monitrc.d' +maybe chmod 0644 'monit/monitrc.d/fail2ban' +maybe chmod 0644 'motd.tail' +maybe chmod 0755 'mysql' +maybe chmod 0755 'mysql/conf.d' +maybe chmod 0644 'mysql/conf.d/mysql.cnf' +maybe chmod 0644 'mysql/conf.d/mysqldump.cnf' +maybe chmod 0644 'mysql/my.cnf.fallback' +maybe chmod 0644 'nail.rc' +maybe chmod 0644 'nanorc' +maybe chmod 0755 'network' +maybe chmod 0755 'network/if-down.d' +maybe chmod 0755 'network/if-down.d/bind9' +maybe chmod 0755 'network/if-down.d/postfix' +maybe chmod 0755 'network/if-down.d/resolvconf' +maybe chmod 0755 'network/if-down.d/upstart' +maybe chmod 0755 'network/if-post-down.d' +maybe chmod 0755 'network/if-post-down.d/chrony' +maybe chmod 0755 'network/if-pre-up.d' +maybe chmod 0755 'network/if-up.d' +maybe chmod 0755 'network/if-up.d/000resolvconf' +maybe chmod 0755 'network/if-up.d/bind9' +maybe chmod 0755 'network/if-up.d/chrony' +maybe chmod 0755 'network/if-up.d/mountnfs' +maybe chmod 0755 'network/if-up.d/openssh-server' +maybe chmod 0755 'network/if-up.d/postfix' +maybe chmod 0755 'network/if-up.d/upstart' +maybe chmod 0644 'network/interfaces' +maybe chmod 0755 'network/interfaces.d' +maybe chmod 0644 'networks' +maybe chmod 0755 'newt' +maybe chmod 0644 'newt/palette.original' +maybe chmod 0644 'nsswitch.conf' +maybe chmod 0755 'opt' +maybe chmod 0644 'pam.conf' +maybe chmod 0755 'pam.d' +maybe chmod 0644 'pam.d/atd' +maybe chmod 0644 'pam.d/chfn' +maybe chmod 0644 'pam.d/chpasswd' +maybe chmod 0644 'pam.d/chsh' +maybe chmod 0644 'pam.d/common-account' +maybe chmod 0644 'pam.d/common-auth' +maybe chmod 0644 'pam.d/common-password' +maybe chmod 0644 'pam.d/common-session' +maybe chmod 0644 'pam.d/common-session-noninteractive' +maybe chmod 0644 'pam.d/cron' +maybe chmod 0644 'pam.d/login' +maybe chmod 0644 'pam.d/newusers' +maybe chmod 0644 'pam.d/other' +maybe chmod 0644 'pam.d/passwd' +maybe chmod 0644 'pam.d/runuser' +maybe chmod 0644 'pam.d/runuser-l' +maybe chmod 0644 'pam.d/sshd' +maybe chmod 0644 'pam.d/su' +maybe chmod 0644 'pam.d/sudo' +maybe chmod 0644 'pam.d/systemd-user' +maybe chmod 0644 'passwd' +maybe chmod 0600 'passwd-' +maybe chmod 0755 'perl' +maybe chmod 0755 'perl/CPAN' +maybe chmod 0755 'perl/Net' +maybe chmod 0644 'perl/Net/libnet.cfg' +maybe chmod 0644 'perl/sitecustomize.pl' +maybe chmod 0755 'php' +maybe chmod 0755 'php/7.0' +maybe chmod 0755 'php/7.0/apache2' +maybe chmod 0755 'php/7.0/apache2/conf.d' +maybe chmod 0644 'php/7.0/apache2/php.ini' +maybe chmod 0755 'php/7.0/cli' +maybe chmod 0755 'php/7.0/cli/conf.d' +maybe chmod 0644 'php/7.0/cli/php.ini' +maybe chmod 0755 'php/7.0/mods-available' +maybe chmod 0644 'php/7.0/mods-available/calendar.ini' +maybe chmod 0644 'php/7.0/mods-available/ctype.ini' +maybe chmod 0644 'php/7.0/mods-available/exif.ini' +maybe chmod 0644 'php/7.0/mods-available/fileinfo.ini' +maybe chmod 0644 'php/7.0/mods-available/ftp.ini' +maybe chmod 0644 'php/7.0/mods-available/gd.ini' +maybe chmod 0644 'php/7.0/mods-available/gettext.ini' +maybe chmod 0644 'php/7.0/mods-available/iconv.ini' +maybe chmod 0644 'php/7.0/mods-available/json.ini' +maybe chmod 0644 'php/7.0/mods-available/ldap.ini' +maybe chmod 0644 'php/7.0/mods-available/mcrypt.ini' +maybe chmod 0644 'php/7.0/mods-available/opcache.ini' +maybe chmod 0644 'php/7.0/mods-available/pdo.ini' +maybe chmod 0644 'php/7.0/mods-available/phar.ini' +maybe chmod 0644 'php/7.0/mods-available/posix.ini' +maybe chmod 0644 'php/7.0/mods-available/readline.ini' +maybe chmod 0644 'php/7.0/mods-available/shmop.ini' +maybe chmod 0644 'php/7.0/mods-available/sockets.ini' +maybe chmod 0644 'php/7.0/mods-available/sysvmsg.ini' +maybe chmod 0644 'php/7.0/mods-available/sysvsem.ini' +maybe chmod 0644 'php/7.0/mods-available/sysvshm.ini' +maybe chmod 0644 'php/7.0/mods-available/tokenizer.ini' +maybe chmod 0755 'postfix' +maybe chmod 0644 'postfix/dynamicmaps.cf' +maybe chmod 0755 'postfix/dynamicmaps.cf.d' +maybe chmod 0644 'postfix/main-new.cf' +maybe chmod 0644 'postfix/main.cf' +maybe chmod 0644 'postfix/main.cf.bak' +maybe chmod 0644 'postfix/main.cf.proto' +maybe chmod 0644 'postfix/makedefs.out' +maybe chmod 0644 'postfix/master.cf' +maybe chmod 0644 'postfix/master.cf.proto' +maybe chmod 0744 'postfix/mkpostfixcert' +maybe chmod 0755 'postfix/post-install' +maybe chmod 0644 'postfix/postfix-cert.cnf' +maybe chmod 0644 'postfix/postfix-cert.cnf.bak' +maybe chmod 0644 'postfix/postfix-files' +maybe chmod 0755 'postfix/postfix-files.d' +maybe chmod 0644 'postfix/postfix-files.d/pcre.files' +maybe chmod 0644 'postfix/postfix-files.d/sqlite.files' +maybe chmod 0755 'postfix/postfix-script' +maybe chmod 0600 'postfix/postfix.pem' +maybe chmod 0755 'postfix/sasl' +maybe chmod 0600 'postfix/smtp_auth' +maybe chmod 0644 'postfix/smtp_auth.db' +maybe chmod 0755 'ppp' +maybe chmod 0755 'ppp/ip-down.d' +maybe chmod 0755 'ppp/ip-down.d/000resolvconf' +maybe chmod 0755 'ppp/ip-down.d/bind9' +maybe chmod 0755 'ppp/ip-down.d/chrony' +maybe chmod 0755 'ppp/ip-down.d/postfix' +maybe chmod 0755 'ppp/ip-up.d' +maybe chmod 0755 'ppp/ip-up.d/000resolvconf' +maybe chmod 0755 'ppp/ip-up.d/bind9' +maybe chmod 0755 'ppp/ip-up.d/chrony' +maybe chmod 0755 'ppp/ip-up.d/postfix' +maybe chmod 0644 'profile' +maybe chmod 0755 'profile.d' +maybe chmod 0644 'profile.d/bash_completion.sh' +maybe chmod 0644 'profile.d/fbrehm.sh' +maybe chmod 0644 'protocols' +maybe chmod 0755 'python' +maybe chmod 0644 'python/debian_config' +maybe chmod 0755 'python2.7' +maybe chmod 0644 'python2.7/sitecustomize.py' +maybe chmod 0755 'python3' +maybe chmod 0755 'python3.4' +maybe chmod 0644 'python3.4/sitecustomize.py' +maybe chmod 0755 'python3.5' +maybe chmod 0644 'python3.5/sitecustomize.py' +maybe chmod 0644 'python3/debian_config' +maybe chmod 0755 'rc.local' +maybe chmod 0755 'rc0.d' +maybe chmod 0644 'rc0.d/README' +maybe chmod 0755 'rc1.d' +maybe chmod 0644 'rc1.d/README' +maybe chmod 0755 'rc2.d' +maybe chmod 0644 'rc2.d/README' +maybe chmod 0755 'rc3.d' +maybe chmod 0644 'rc3.d/README' +maybe chmod 0755 'rc4.d' +maybe chmod 0644 'rc4.d/README' +maybe chmod 0755 'rc5.d' +maybe chmod 0644 'rc5.d/README' +maybe chmod 0755 'rc6.d' +maybe chmod 0644 'rc6.d/README' +maybe chmod 0755 'rcS.d' +maybe chmod 0644 'rcS.d/README' +maybe chmod 0644 'resolv.conf' +maybe chmod 0644 'resolv.conf.bak' +maybe chmod 0755 'resolvconf' +maybe chmod 0644 'resolvconf/interface-order' +maybe chmod 0755 'resolvconf/resolv.conf.d' +maybe chmod 0644 'resolvconf/resolv.conf.d/base' +maybe chmod 0644 'resolvconf/resolv.conf.d/head' +maybe chmod 0644 'resolvconf/resolv.conf.d/original' +maybe chmod 0644 'resolvconf/resolv.conf.d/tail' +maybe chmod 0755 'resolvconf/update-libc.d' +maybe chmod 0755 'resolvconf/update-libc.d/postfix' +maybe chmod 0755 'resolvconf/update.d' +maybe chmod 0755 'resolvconf/update.d/libc' +maybe chmod 0755 'rmt' +maybe chmod 0644 'rpc' +maybe chmod 0644 'rsyslog.conf' +maybe chmod 0644 'rsyslog.conf.dpkg-dist' +maybe chmod 0755 'rsyslog.d' +maybe chmod 0644 'rsyslog.d/60-default.conf' +maybe chmod 0644 'rsyslog.d/70-pb.conf' +maybe chmod 0644 'rsyslog.d/postfix.conf' +maybe chmod 0644 's-nail.rc' +maybe chmod 0755 'salt' +maybe chmod 0644 'salt/master' +maybe chmod 0755 'salt/master.d' +maybe chmod 0644 'salt/master.d/my.conf' +maybe chmod 0644 'salt/minion' +maybe chmod 0755 'salt/minion.d' +maybe chmod 0644 'salt/minion.d/_schedule.conf' +maybe chmod 0644 'salt/minion_id' +maybe chmod 0755 'salt/pki' +maybe chmod 0700 'salt/pki/master' +maybe chmod 0400 'salt/pki/master/master.pem' +maybe chmod 0644 'salt/pki/master/master.pub' +maybe chmod 0755 'salt/pki/master/minions' +maybe chmod 0644 'salt/pki/master/minions/be.nexunus.net' +maybe chmod 0644 'salt/pki/master/minions/doc.nexunus.net' +maybe chmod 0644 'salt/pki/master/minions/lena.home.brehm-online.com' +maybe chmod 0644 'salt/pki/master/minions/liz.nexunus.net' +maybe chmod 0644 'salt/pki/master/minions/mx.nexunus.net' +maybe chmod 0644 'salt/pki/master/minions/ns1.uhu-banane.de' +maybe chmod 0644 'salt/pki/master/minions/ns2.uhu-banane.de' +maybe chmod 0644 'salt/pki/master/minions/ns3.uhu-banane.de' +maybe chmod 0644 'salt/pki/master/minions/sarah.uhu-banane.de' +maybe chmod 0644 'salt/pki/master/minions/vera.home.brehm-online.com' +maybe chmod 0755 'salt/pki/master/minions_autosign' +maybe chmod 0755 'salt/pki/master/minions_denied' +maybe chmod 0755 'salt/pki/master/minions_pre' +maybe chmod 0755 'salt/pki/master/minions_rejected' +maybe chmod 0700 'salt/pki/minion' +maybe chmod 0400 'salt/pki/minion/minion.pem' +maybe chmod 0644 'salt/pki/minion/minion.pub' +maybe chmod 0644 'salt/pki/minion/minion_master.pub' +maybe chmod 0644 'salt/proxy' +maybe chmod 0755 'salt/proxy.d' +maybe chmod 0644 'salt/roster' +maybe chmod 0644 'securetty' +maybe chmod 0755 'security' +maybe chmod 0644 'security/access.conf' +maybe chmod 0644 'security/group.conf' +maybe chmod 0644 'security/limits.conf' +maybe chmod 0755 'security/limits.d' +maybe chmod 0644 'security/namespace.conf' +maybe chmod 0755 'security/namespace.d' +maybe chmod 0755 'security/namespace.init' +maybe chmod 0600 'security/opasswd' +maybe chmod 0644 'security/pam_env.conf' +maybe chmod 0644 'security/sepermit.conf' +maybe chmod 0644 'security/time.conf' +maybe chmod 0755 'selinux' +maybe chmod 0644 'selinux/semanage.conf' +maybe chmod 0644 'services' +maybe chmod 0755 'sgml' +maybe chmod 0644 'sgml/xml-core.cat' +maybe chmod 0640 'shadow' +maybe chmod 0600 'shadow-' +maybe chmod 0644 'shells' +maybe chmod 0755 'skel' +maybe chmod 0644 'skel/.bash_logout' +maybe chmod 0644 'skel/.bashrc' +maybe chmod 0644 'skel/.bashrc.dpkg-dist' +maybe chmod 0644 'skel/.profile' +maybe chmod 0755 'skel/bin' +maybe chmod 0755 'ssh' +maybe chmod 0644 'ssh/moduli' +maybe chmod 0644 'ssh/ssh_config' +maybe chmod 0644 'ssh/ssh_config.dpkg-dist' +maybe chmod 0600 'ssh/ssh_host_dsa_key' +maybe chmod 0644 'ssh/ssh_host_dsa_key.pub' +maybe chmod 0600 'ssh/ssh_host_ecdsa_key' +maybe chmod 0644 'ssh/ssh_host_ecdsa_key.pub' +maybe chmod 0600 'ssh/ssh_host_ed25519_key' +maybe chmod 0644 'ssh/ssh_host_ed25519_key.pub' +maybe chmod 0600 'ssh/ssh_host_rsa_key' +maybe chmod 0644 'ssh/ssh_host_rsa_key.pub' +maybe chmod 0644 'ssh/sshd_config' +maybe chmod 0755 'ssl' +maybe chmod 0755 'ssl/certs' +maybe chmod 0644 'ssl/certs/ca-certificates.crt' +maybe chmod 0644 'ssl/certs/ssl-cert-snakeoil.pem' +maybe chmod 0644 'ssl/openssl.cnf' +maybe chgrp 'ssl-cert' 'ssl/private' +maybe chmod 0710 'ssl/private' +maybe chgrp 'ssl-cert' 'ssl/private/server.crt' +maybe chmod 0400 'ssl/private/server.crt' +maybe chgrp 'ssl-cert' 'ssl/private/server.csr' +maybe chmod 0400 'ssl/private/server.csr' +maybe chgrp 'ssl-cert' 'ssl/private/server.key' +maybe chmod 0400 'ssl/private/server.key' +maybe chgrp 'ssl-cert' 'ssl/private/ssl-cert-snakeoil.key' +maybe chmod 0640 'ssl/private/ssl-cert-snakeoil.key' +maybe chown 'openldap' 'ssl/slapd' +maybe chgrp 'openldap' 'ssl/slapd' +maybe chmod 0750 'ssl/slapd' +maybe chmod 0644 'ssl/slapd/ca-certificates.crt' +maybe chmod 0400 'ssl/slapd/server.crt' +maybe chmod 0400 'ssl/slapd/server.key' +maybe chmod 0750 'ssl/webserver' +maybe chmod 0644 'ssl/webserver/server.crt' +maybe chmod 0600 'ssl/webserver/server.key' +maybe chmod 0644 'staff-group-for-usr-local' +maybe chmod 0644 'subgid' +maybe chmod 0600 'subgid-' +maybe chmod 0644 'subuid' +maybe chmod 0600 'subuid-' +maybe chmod 0755 'subversion' +maybe chmod 0644 'subversion/config' +maybe chmod 0644 'subversion/servers' +maybe chmod 0440 'sudoers' +maybe chmod 0755 'sudoers.d' +maybe chmod 0440 'sudoers.d/README' +maybe chmod 0644 'sysctl.conf' +maybe chmod 0755 'sysctl.d' +maybe chmod 0644 'sysctl.d/README.sysctl' +maybe chmod 0755 'systemd' +maybe chmod 0644 'systemd/journald.conf' +maybe chmod 0644 'systemd/logind.conf' +maybe chmod 0755 'systemd/network' +maybe chmod 0644 'systemd/network/50-virtio-kernel-names.link' +maybe chmod 0644 'systemd/network/99-default.link' +maybe chmod 0644 'systemd/resolved.conf' +maybe chmod 0755 'systemd/system' +maybe chmod 0644 'systemd/system.conf' +maybe chmod 0755 'systemd/system/default.target.wants' +maybe chmod 0755 'systemd/system/getty.target.wants' +maybe chmod 0755 'systemd/system/multi-user.target.wants' +maybe chmod 0755 'systemd/system/network-online.target.wants' +maybe chmod 0755 'systemd/system/paths.target.wants' +maybe chmod 0755 'systemd/system/sockets.target.wants' +maybe chmod 0755 'systemd/system/sysinit.target.wants' +maybe chmod 0755 'systemd/system/timers.target.wants' +maybe chmod 0644 'systemd/timesyncd.conf' +maybe chmod 0755 'systemd/user' +maybe chmod 0644 'systemd/user.conf' +maybe chmod 0755 'terminfo' +maybe chmod 0644 'terminfo/README' +maybe chmod 0644 'timezone' +maybe chmod 0755 'tmpfiles.d' +maybe chmod 0644 'ucf.conf' +maybe chmod 0755 'udev' +maybe chmod 0755 'udev/hwdb.d' +maybe chmod 0755 'udev/rules.d' +maybe chmod 0644 'udev/rules.d/80-hotplug_cpu_mem.rules' +maybe chmod 0644 'udev/udev.conf' +maybe chmod 0755 'ufw' +maybe chmod 0755 'ufw/applications.d' +maybe chmod 0644 'ufw/applications.d/bind9' +maybe chmod 0644 'ufw/applications.d/openssh-server' +maybe chmod 0644 'ufw/applications.d/postfix' +maybe chmod 0600 'ulogd.conf' +maybe chmod 0755 'update-motd.d' +maybe chmod 0755 'update-motd.d/10-uname' +maybe chmod 0644 'updatedb.conf' +maybe chmod 0755 'vim' +maybe chmod 0644 'vim/vimrc' +maybe chmod 0644 'vim/vimrc.local' +maybe chmod 0644 'vim/vimrc.tiny' +maybe chmod 0644 'wgetrc' +maybe chmod 0755 'xdg' +maybe chmod 0755 'xdg/systemd' +maybe chmod 0755 'xml' +maybe chmod 0644 'xml/catalog' +maybe chmod 0644 'xml/xml-core.xml' +maybe chmod 0755 'zsh' +maybe chmod 0644 'zsh/newuser.zshrc.recommended' +maybe chmod 0644 'zsh/zlogin' +maybe chmod 0644 'zsh/zlogout' +maybe chmod 0644 'zsh/zprofile' +maybe chmod 0644 'zsh/zshenv' +maybe chmod 0644 'zsh/zshrc' diff --git a/.gitignore b/.gitignore index 5023253..71aca6a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,13 +1,13 @@ # begin section managed by etckeeper (do not edit this section by hand) -# new and old versions of conffiles, stored by emerge -*.ebuild* +# new and old versions of conffiles, stored by dpkg +*.dpkg-* +# new and old versions of conffiles, stored by ucf +*.ucf-* # old versions of files *.old -motd - # mount(8) records system state here, no need to store these blkid.tab blkid.tab.old @@ -23,7 +23,6 @@ mtab.fuselock network/run adjtime lvm/cache -lvm/backup lvm/archive X11/xdm/authdir/authfiles/* ntp.conf.dhcp @@ -40,6 +39,10 @@ sv/*/log/supervise/* *.pyo init.d/.depend.* openvpn/openvpn-status.log +cups/subscriptions.conf +cups/subscriptions.conf.O +fake-hwclock.data +check_mk/logwatch.state # editor temp files *~ diff --git a/apt/apt.conf.d/05etckeeper b/apt/apt.conf.d/05etckeeper new file mode 100644 index 0000000..5e690a2 --- /dev/null +++ b/apt/apt.conf.d/05etckeeper @@ -0,0 +1,5 @@ +DPkg::Pre-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi"; }; +DPkg::Post-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi"; }; + +RPM::Pre-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi"; }; +RPM::Post-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi"; }; diff --git a/cron.daily/etckeeper b/cron.daily/etckeeper new file mode 100755 index 0000000..eb74401 --- /dev/null +++ b/cron.daily/etckeeper @@ -0,0 +1,8 @@ +#!/bin/sh +set -e +if [ -e /etc/etckeeper/daily ] && [ -e /etc/etckeeper/etckeeper.conf ]; then + . /etc/etckeeper/etckeeper.conf + if [ "$AVOID_DAILY_AUTOCOMMITS" != "1" ]; then + /etc/etckeeper/daily + fi +fi diff --git a/cruft/filters-unex/etckeeper b/cruft/filters-unex/etckeeper new file mode 100644 index 0000000..edd5f33 --- /dev/null +++ b/cruft/filters-unex/etckeeper @@ -0,0 +1,13 @@ +/etc/.etckeeper +/etc/.gitignore +/etc/.git +/etc/.git/** +/etc/.hgignore +/etc/.hg +/etc/.hg/** +/etc/.bzrignore +/etc/.bzr +/etc/.bzr/** +/etc/.darcsignore +/etc/_darcs +/etc/_darcs/** diff --git a/etckeeper/commit.d/10vcs-test b/etckeeper/commit.d/10vcs-test new file mode 100755 index 0000000..e33d734 --- /dev/null +++ b/etckeeper/commit.d/10vcs-test @@ -0,0 +1,17 @@ +#!/bin/sh +set -e + +not_enabled_warning() { + echo "etckeeper warning: etckeeper is not yet enabled for $(pwd)" >&2 + echo "etckeeper warning: run etckeeper init to enable it" >&2 +} + +if [ "$VCS" = git ] && [ ! -d .git ]; then + not_enabled_warning +elif [ "$VCS" = hg ] && [ ! -d .hg ]; then + not_enabled_warning +elif [ "$VCS" = bzr ] && [ ! -d .bzr ]; then + not_enabled_warning +elif [ "$VCS" = darcs ] && [ ! -d _darcs ]; then + not_enabled_warning +fi diff --git a/etckeeper/commit.d/20store-metadata b/etckeeper/commit.d/20store-metadata new file mode 120000 index 0000000..5698d64 --- /dev/null +++ b/etckeeper/commit.d/20store-metadata @@ -0,0 +1 @@ +../pre-commit.d/30store-metadata \ No newline at end of file diff --git a/etckeeper/commit.d/30bzr-add b/etckeeper/commit.d/30bzr-add new file mode 100755 index 0000000..3e7e95d --- /dev/null +++ b/etckeeper/commit.d/30bzr-add @@ -0,0 +1,8 @@ +#!/bin/sh +set -e + +if [ "$VCS" = bzr ] && [ -d .bzr ]; then + if ! bzr add -q .; then + echo "etckeeper warning: bzr add failed" >&2 + fi +fi diff --git a/etckeeper/commit.d/30darcs-add b/etckeeper/commit.d/30darcs-add new file mode 100755 index 0000000..98be4bf --- /dev/null +++ b/etckeeper/commit.d/30darcs-add @@ -0,0 +1,14 @@ +#!/bin/sh +set -e + +if [ "$VCS" = darcs ] && [ -d _darcs ]; then + rc=0 + res=$( darcs add -qr . 2>&1 ) || rc=$? + if test $rc -ne 0; then + if ! test $rc -eq 2 -a "${res%No files were added}" != "$res"; then + printf "%s" "$res" + echo "etckeeper warning: darcs add failed" >&2 + fi + fi + unset rc res +fi diff --git a/etckeeper/commit.d/30git-add b/etckeeper/commit.d/30git-add new file mode 100755 index 0000000..b08b583 --- /dev/null +++ b/etckeeper/commit.d/30git-add @@ -0,0 +1,8 @@ +#!/bin/sh +set -e + +if [ "$VCS" = git ] && [ -d .git ]; then + if ! git add --all; then + echo "etckeeper warning: git add --all" >&2 + fi +fi diff --git a/etckeeper/commit.d/30hg-addremove b/etckeeper/commit.d/30hg-addremove new file mode 100755 index 0000000..1b999bb --- /dev/null +++ b/etckeeper/commit.d/30hg-addremove @@ -0,0 +1,8 @@ +#!/bin/sh +set -e + +if [ "$VCS" = hg ] && [ -d .hg ]; then + if ! hg addremove .; then + echo "etckeeper warning: hg addremove failed" >&2 + fi +fi diff --git a/etckeeper/commit.d/50vcs-commit b/etckeeper/commit.d/50vcs-commit new file mode 100755 index 0000000..55f0db2 --- /dev/null +++ b/etckeeper/commit.d/50vcs-commit @@ -0,0 +1,128 @@ +#!/bin/sh +set -e + +cleanup () { + if [ -n "$logfile" ]; then + rm -f "$logfile" + fi +} +if [ -n "$1" ]; then + trap cleanup EXIT + logfile="$(mktemp -t etckeeper-$VCS.XXXXXXXXXX)" + if [ "x$1" = "x--stdin" ]; then + cat > "$logfile" + else + if [ "x$1" = "x-m" ]; then + shift 1 + fi + echo "$1" > "$logfile" + fi +else + logfile="" +fi + +hostname=`hostname` +hostname="${hostname%%.*}" +dnsdomainname=`dnsdomainname 2>/dev/null || true` +if [ -n "$dnsdomainname" ]; then + hostname="$hostname.$dnsdomainname" +fi + +ORIG_USER=$USER +USER= +if [ -n "$SUDO_USER" ]; then + USER="$SUDO_USER" +else + # try to check tty ownership, in case user su'd to root + TTY="$(tty 2>/dev/null || true)" + if [ -n "$TTY" ] && [ -c "$TTY" ]; then + USER="$(find "$TTY" -printf "%u")" + fi +fi + +if [ "$VCS" = git ] && [ -d .git ]; then + if [ -n "$USER" ]; then + # Use user.name and user.email from the gitconfig belonging + # to the user who became root. + USER_HOME="$(getent passwd "$USER" | cut -d: -f6)" + if [ -n "$USER_HOME" ] && [ -e "$USER_HOME/.gitconfig" ]; then + if [ -z "$GIT_AUTHOR_NAME" ]; then + GIT_AUTHOR_NAME="$(git config -f "$USER_HOME/.gitconfig" user.name)" || true + export GIT_AUTHOR_NAME + fi + if [ -z "$GIT_AUTHOR_EMAIL" ]; then + GIT_AUTHOR_EMAIL="$(git config -f "$USER_HOME/.gitconfig" user.email)" || true + export GIT_AUTHOR_EMAIL + fi + fi + if [ -z "$GIT_AUTHOR_NAME" ] || [ -z "$GIT_AUTHOR_EMAIL" ]; then + if [ -n "$USER_HOME" ] && [ -e "$USER_HOME/.config/git/config" ]; then + if [ -z "$GIT_AUTHOR_NAME" ]; then + GIT_AUTHOR_NAME="$(git config -f "$USER_HOME/.config/git/config" user.name)" || true + export GIT_AUTHOR_NAME + fi + if [ -z "$GIT_AUTHOR_EMAIL" ]; then + GIT_AUTHOR_EMAIL="$(git config -f "$USER_HOME/.config/git/config" user.email)" || true + export GIT_AUTHOR_EMAIL + fi + fi + fi + + if [ -z "$GIT_COMMITTER_EMAIL" ]; then + GIT_COMMITTER_EMAIL="$(git config --global user.email)" || true + export GIT_COMMITTER_EMAIL + fi + if [ -z "$GIT_AUTHOR_NAME" ]; then + GIT_AUTHOR_NAME="$USER" + export GIT_AUTHOR_NAME + fi + if [ -z "$GIT_AUTHOR_EMAIL" ]; then + GIT_AUTHOR_EMAIL="$USER@$hostname" + export GIT_AUTHOR_EMAIL + fi + if [ -z "$GIT_COMMITTER_EMAIL" ]; then + GIT_COMMITTER_EMAIL=`whoami`"@$hostname" + export GIT_COMMITTER_EMAIL + fi + fi + if [ -n "$logfile" ]; then + git commit $GIT_COMMIT_OPTIONS -F "$logfile" + else + git commit $GIT_COMMIT_OPTIONS + fi +elif [ "$VCS" = hg ] && [ -d .hg ]; then + if [ -n "$USER" ]; then + LOGNAME="$USER" + export LOGNAME + fi + if [ -z "$HGUSER" ]; then + HGUSER="$USER@$hostname" + export HGUSER + fi + if [ -n "$logfile" ]; then + hg commit $HG_COMMIT_OPTIONS -l "$logfile" + else + hg commit $HG_COMMIT_OPTIONS + fi +elif [ "$VCS" = bzr ] && [ -d .bzr ]; then + if [ -z "$EMAIL" ] && [ -n "$USER" ]; then + EMAIL="$USER <$USER@$hostname>" + export EMAIL + else + bzr whoami >/dev/null 2>&1 || export EMAIL="$ORIG_USER <$ORIG_USER@$hostname>" + fi + if [ -n "$logfile" ]; then + bzr commit $BZR_COMMIT_OPTIONS -F "$logfile" + else + bzr commit $BZR_COMMIT_OPTIONS + fi +elif [ "$VCS" = darcs ] && [ -d _darcs ]; then + if [ -z "$USER" ]; then + USER=root + fi + if [ -n "$logfile" ]; then + darcs record --author="$USER" $DARCS_COMMIT_OPTIONS --logfile="$logfile" + else + darcs record --author="$USER" $DARCS_COMMIT_OPTIONS + fi +fi diff --git a/etckeeper/commit.d/99push b/etckeeper/commit.d/99push new file mode 100755 index 0000000..b5418f7 --- /dev/null +++ b/etckeeper/commit.d/99push @@ -0,0 +1,14 @@ +#!/bin/sh +if [ -n "$PUSH_REMOTE" ]; then + if [ "$VCS" = git ] && [ -d .git ]; then + for REMOTE in $PUSH_REMOTE; do + git push "$REMOTE" master || true + done + elif [ "$VCS" = hg ] && [ -d .hg ]; then + for REMOTE in $PUSH_REMOTE; do + hg push "$REMOTE" || true + done + else + echo "PUSH_REMOTE not yet supported for $VCS" >&2 + fi +fi diff --git a/etckeeper/commit.d/README b/etckeeper/commit.d/README new file mode 100644 index 0000000..25d0d45 --- /dev/null +++ b/etckeeper/commit.d/README @@ -0,0 +1,3 @@ +Files in this directory are run when there might be changes to commit. +(Before and after packages are installed, upgraded, etc.) +They should commit changes and new files in /etc to repository. diff --git a/etckeeper/daily b/etckeeper/daily new file mode 100755 index 0000000..f98c6ad --- /dev/null +++ b/etckeeper/daily @@ -0,0 +1,17 @@ +#!/bin/sh +# Script that can be run daily to autocommit /etc changes. +set -e +if [ -x /usr/bin/etckeeper ] && [ -e /etc/etckeeper/etckeeper.conf ]; then + # avoid autocommit if an install run is in progress + lockfile=/var/cache/etckeeper/packagelist.pre-install + if [ -e "$lockfile" ] && [ -n "$(find "$lockfile" -mtime +1)" ]; then + rm -f "$lockfile" # stale + fi + if [ ! -e "$lockfile" ]; then + AVOID_SPECIAL_FILE_WARNING=1 + export AVOID_SPECIAL_FILE_WARNING + if etckeeper unclean; then + etckeeper commit "daily autocommit" >/dev/null + fi + fi +fi diff --git a/etckeeper/etckeeper.conf b/etckeeper/etckeeper.conf new file mode 100644 index 0000000..0fb660b --- /dev/null +++ b/etckeeper/etckeeper.conf @@ -0,0 +1,45 @@ +# The VCS to use. +#VCS="hg" +VCS="git" +#VCS="bzr" +#VCS="darcs" + +# Options passed to git commit when run by etckeeper. +GIT_COMMIT_OPTIONS="" + +# Options passed to hg commit when run by etckeeper. +HG_COMMIT_OPTIONS="" + +# Options passed to bzr commit when run by etckeeper. +BZR_COMMIT_OPTIONS="" + +# Options passed to darcs record when run by etckeeper. +DARCS_COMMIT_OPTIONS="-a" + +# Etckeeper includes both a cron job and a systemd timer, which each +# can commit exiting changes to /etc automatically once per day. +# To enable the systemd timer, run: systemctl enable etckeeper.timer +# The cron job is enabled by default; to disable it, uncomment this next line. +#AVOID_DAILY_AUTOCOMMITS=1 + +# Uncomment the following to avoid special file warning +# (the option is enabled automatically for daily autocommits regardless). +#AVOID_SPECIAL_FILE_WARNING=1 + +# Uncomment to avoid etckeeper committing existing changes to +# /etc before installation. It will cancel the installation, +# so you can commit the changes by hand. +#AVOID_COMMIT_BEFORE_INSTALL=1 + +# The high-level package manager that's being used. +# (apt, pacman, pacman-g2, yum, dnf, zypper etc) +HIGHLEVEL_PACKAGE_MANAGER=apt + +# The low-level package manager that's being used. +# (dpkg, rpm, pacman, pacmatic, pacman-g2, etc) +LOWLEVEL_PACKAGE_MANAGER=dpkg + +# To push each commit to a remote, put the name of the remote here. +# (eg, "origin" for git). Space-separated lists of multiple remotes +# also work (eg, "origin gitlab github" for git). +PUSH_REMOTE="" diff --git a/etckeeper/init.d/10restore-metadata b/etckeeper/init.d/10restore-metadata new file mode 100755 index 0000000..9c2bf65 --- /dev/null +++ b/etckeeper/init.d/10restore-metadata @@ -0,0 +1,14 @@ +#!/bin/sh +set -e + +# Note that metastore doesn't check that the .metastore file only changes +# perms of files in the current directory. It's ok to trust the .metastore +# file won't do anything shady, because, as documented, etckeeper-init +# should only be run on repositories you trust. +if [ -e .metadata ]; then + if which metastore >/dev/null; then + metastore --apply --mtime + else + echo "etckeeper warning: legacy .metastore file is present but metastore is not installed" >&2 + fi +fi diff --git a/etckeeper/init.d/20restore-etckeeper b/etckeeper/init.d/20restore-etckeeper new file mode 100755 index 0000000..0485e63 --- /dev/null +++ b/etckeeper/init.d/20restore-etckeeper @@ -0,0 +1,22 @@ +#!/bin/sh +set -e + +# Used by .etckeeper to run a command if the file it acts on +# (the last parameter) exists. +maybe () { + command="$1" + shift 1 + + if eval [ -e "\"\$$#\"" ]; then + "$command" "$@" + fi +} + +# Yes, this runs code from the repository. As documented, etckeeper-init +# should only be run on repositories you trust. +if [ -e .etckeeper ]; then + . ./.etckeeper +else + touch .etckeeper + chmod 600 .etckeeper +fi diff --git a/etckeeper/init.d/40vcs-init b/etckeeper/init.d/40vcs-init new file mode 100755 index 0000000..3c7a3bb --- /dev/null +++ b/etckeeper/init.d/40vcs-init @@ -0,0 +1,17 @@ +#!/bin/sh +set -e + +if [ "$VCS" = git ] && [ ! -e .git ]; then + git init + echo "$(hostname) /etc repository" > .git/description +elif [ "$VCS" = hg ] && [ ! -e .hg ]; then + hg init + echo "[web]" > .hg/hgrc + echo "description = $(hostname) /etc repository" >> .hg/hgrc +elif [ "$VCS" = bzr ] && [ ! -e .bzr ]; then + bzr init + bzr nick "$(hostname) /etc repository" +elif [ "$VCS" = darcs ] && [ ! -e _darcs ]; then + darcs initialize + echo "$(hostname) /etc repository" > _darcs/prefs/motd +fi diff --git a/etckeeper/init.d/50vcs-ignore b/etckeeper/init.d/50vcs-ignore new file mode 100755 index 0000000..33d79d3 --- /dev/null +++ b/etckeeper/init.d/50vcs-ignore @@ -0,0 +1,4 @@ +#!/bin/sh +set -e + +etckeeper update-ignore -a || true diff --git a/etckeeper/init.d/50vcs-perm b/etckeeper/init.d/50vcs-perm new file mode 100755 index 0000000..4dd080b --- /dev/null +++ b/etckeeper/init.d/50vcs-perm @@ -0,0 +1,12 @@ +#!/bin/sh +set -e + +if [ "$VCS" = git ]; then + chmod 700 .git +elif [ "$VCS" = hg ]; then + chmod 700 .hg +elif [ "$VCS" = bzr ]; then + chmod 700 .bzr +elif [ "$VCS" = darcs ]; then + chmod 700 _darcs +fi diff --git a/etckeeper/init.d/50vcs-pre-commit-hook b/etckeeper/init.d/50vcs-pre-commit-hook new file mode 100755 index 0000000..6045981 --- /dev/null +++ b/etckeeper/init.d/50vcs-pre-commit-hook @@ -0,0 +1,49 @@ +#!/bin/sh +set -e + +case "$VCS" in + git) + if [ -x .git/hooks/pre-commit ]; then + if ! grep -q "etckeeper pre-commit" .git/hooks/pre-commit; then + echo "etckeeper warning: .git/hooks/pre-commit needs to be manually modified to run: etckeeper pre-commit -d `pwd`" >&2 + fi + else + cat >.git/hooks/pre-commit <&2 + fi + else + touch .hg/hgrc + cat >>.hg/hgrc <&2 + fi + else + cat >_darcs/prefs/defaults < "$patternsfile" || true + grep -Evf "$patternsfile" + rm -f "$patternsfile" + unset patternsfile + else + cat - + fi +} + + +if [ "$VCS" = darcs ];then + NOVCS='. -path ./.git -prune -o -path ./.bzr -prune -o -path ./.hg -prune -o -path ./_darcs -prune -o' + + # We assume that if .etckeeper is empty this is the first run + if [ -s .etckeeper ]; then + linksindex="$( mktemp -t etckeeper-$VCS.XXXXXXXXXX )" + grep '^ln -s' .etckeeper | while IFS="'" read n n n link n; do + printf "%s\n" "$link" >> "$linksindex" + done + + # Warn about symbolic links that shouldn't exist + if links=$( find $NOVCS -type l -print | filter_ignore | grep -vFf "$linksindex" ); then + printf "%s\n%s\n" \ + "The following symbolic links should not exist:" \ + "$links" >&2 + fi + + rm -f "$linksindex" + unset links linksindex + fi + +fi diff --git a/etckeeper/init.d/70vcs-add b/etckeeper/init.d/70vcs-add new file mode 100755 index 0000000..9a9ec45 --- /dev/null +++ b/etckeeper/init.d/70vcs-add @@ -0,0 +1,27 @@ +#!/bin/sh +set -e + +if [ "$VCS" = git ]; then + if ! git add .; then + echo "etckeeper warning: git add failed" >&2 + fi +elif [ "$VCS" = hg ]; then + if ! hg add .; then + echo "etckeeper warning: hg add failed" >&2 + fi +elif [ "$VCS" = bzr ]; then + if ! bzr add .; then + echo "etckeeper warning: bzr add failed" >&2 + fi +elif [ "$VCS" = darcs ]; then + # Don't warn if all the files were already added. + rc=0 + res=$( darcs add -qr . 2>&1 ) || rc=$? + if test $rc -ne 0; then + if ! test $rc -eq 2 -a "${res%No files were added}" != "$res"; then + printf "%s" "$res" + echo "etckeeper warning: darcs add failed" >&2 + fi + fi + unset rc res +fi diff --git a/etckeeper/init.d/README b/etckeeper/init.d/README new file mode 100644 index 0000000..90aec67 --- /dev/null +++ b/etckeeper/init.d/README @@ -0,0 +1,13 @@ +Executable files in this directory are run to initialise the working directory +for use by etckeeper. If the working directory is not already in version +control, that includes setting up the version control, but not actually +committing anything. If the working directory is in version control, +it includes applying stored metadata to the checked out files in the +working directory. + +Please be careful to *never* overwrite existing files/directories +in the working directory (or use absolute care when doing so). If a file +you need to write already exists, check if its contents are sane, and +if not, emit a warning on stderr. + +If initialisation fails, exit nonzero and no later files will be run. diff --git a/etckeeper/list-installed.d/50list-installed b/etckeeper/list-installed.d/50list-installed new file mode 100755 index 0000000..129447f --- /dev/null +++ b/etckeeper/list-installed.d/50list-installed @@ -0,0 +1,25 @@ +#!/bin/sh +if [ "$1" = fmt ]; then + # If the list format changes, change the fmt + if [ "$LOWLEVEL_PACKAGE_MANAGER" = dpkg ]; then + echo 2 + else + echo "" + fi +else + # Output to stdout a *sorted* list of all currently installed + # (or removed but still with config-files) packages, in the + # format "package version\n" (or something similar). + if [ "$LOWLEVEL_PACKAGE_MANAGER" = dpkg ]; then + dpkg-query -W -f '${Status}\t${Package} ${Version} ${Architecture}\n' | \ + egrep '(ok installed|ok config-files)' | cut -f2,3 + elif [ "$LOWLEVEL_PACKAGE_MANAGER" = rpm ]; then + rpm -qa --qf "%|epoch?{%{epoch}}:{0}|:%{name}-%{version}-%{release}.%{arch}\n" | sort + elif [ "$LOWLEVEL_PACKAGE_MANAGER" = pacman ]; then + pacman -Q + elif [ "$LOWLEVEL_PACKAGE_MANAGER" = pacmatic ]; then + pacmatic -Q + elif [ "$LOWLEVEL_PACKAGE_MANAGER" = pkgng ]; then + pkg info -E "*" + fi +fi diff --git a/etckeeper/post-install.d/50vcs-commit b/etckeeper/post-install.d/50vcs-commit new file mode 100755 index 0000000..53138c8 --- /dev/null +++ b/etckeeper/post-install.d/50vcs-commit @@ -0,0 +1,28 @@ +#!/bin/sh +set -e + +pl="/var/cache/etckeeper/packagelist" + +if etckeeper unclean; then + message="committing changes in /etc after $HIGHLEVEL_PACKAGE_MANAGER run" + + set +e + if [ -e $pl.pre-install ] && [ "$(cat $pl.fmt 2>/dev/null || true)" = "$(etckeeper list-installed fmt)" ]; then + ( + echo "$message" + echo + echo "Package changes:" + etckeeper list-installed | diff -U0 $pl.pre-install - | tail -n+4 | egrep '^[-+]' || true + ) | etckeeper commit --stdin + else + etckeeper commit "$(printf "$message")" + fi + status=$? + set -e + + if [ "$status" != 0 ]; then + echo "warning: etckeeper failed to commit changes in /etc using $VCS" >&2 + fi +fi + +rm -f $pl.pre-install $pl.fmt diff --git a/etckeeper/post-install.d/README b/etckeeper/post-install.d/README new file mode 100644 index 0000000..62f4f9c --- /dev/null +++ b/etckeeper/post-install.d/README @@ -0,0 +1,2 @@ +Files in this directory are run after packages are installed, upgraded, etc. +They should commit changes and new files in /etc to repository. diff --git a/etckeeper/pre-commit.d/20warn-problem-files b/etckeeper/pre-commit.d/20warn-problem-files new file mode 100755 index 0000000..4ffbfd1 --- /dev/null +++ b/etckeeper/pre-commit.d/20warn-problem-files @@ -0,0 +1,30 @@ +#!/bin/sh +set -e + +exclude_internal () { + egrep -v '(^|/)(.git|.hg|.bzr|_darcs)/' +} + +if [ "$VCS" = bzr ] || [ "$VCS" = darcs ]; then + special=$(find . ! -type d ! -type f ! -type l | exclude_internal) || true + hardlinks=$(find . -type f ! -links 1 | exclude_internal ) || true +elif [ "$VCS" = hg ]; then + special=$(find . ! -type d ! -type f ! -type l | exclude_internal) || true + hardlinks=$(find . -type f ! -links 1 -exec hg status {} \; | exclude_internal ) || true +elif [ "$VCS" = git ]; then + special=$(find . ! -type d ! -type f ! -type l -exec git ls-files --exclude-standard --cached --others {} + | exclude_internal) || true + hardlinks=$(find . -type f ! -links 1 -exec git ls-files --exclude-standard --cached --others {} + | exclude_internal) || true +else + special="" +fi + +if [ -n "$special" ] && [ -z "$AVOID_SPECIAL_FILE_WARNING" ]; then + echo "etckeeper warning: special files could cause problems with $VCS:" >&2 + echo "$special" >&2 +fi +if [ -n "$hardlinks" ] && [ -z "$AVOID_SPECIAL_FILE_WARNING" ]; then + echo "etckeeper warning: hardlinked files could cause problems with $VCS:" >&2 + echo "$hardlinks" >&2 +fi + +true diff --git a/etckeeper/pre-commit.d/30store-metadata b/etckeeper/pre-commit.d/30store-metadata new file mode 100755 index 0000000..2b77c8e --- /dev/null +++ b/etckeeper/pre-commit.d/30store-metadata @@ -0,0 +1,140 @@ +#!/bin/sh +set -e + +filter_ignore() { + case "$VCS" in + darcs) ignorefile=.darcsignore ;; + git) ignorefile=.gitignore ;; + esac + + if [ -n "$ignorefile" ] && [ -e "$ignorefile" ]; then + listfile="$( mktemp -t etckeeper-$VCS.XXXXXXXXXX )" + case "$VCS" in + darcs) + grep -v '^[[:space:]]*\(#\|$\)' "$ignorefile" > "$listfile" || true + grep -Evf "$listfile" + ;; + git) + (git ls-files -oi --exclude-standard; git ls-files -oi --exclude-standard --directory) | sort | uniq > "$listfile" || true + sed 's/^\.\///' | grep -xFvf "$listfile" + ;; + esac + rm -f "$listfile" + unset listfile + else + cat - + fi +} + +shellquote() { + # Single quotes text, escaping existing single quotes. + sed -e "s/'/'\"'\"'/g" -e "s/^/'/" -e "s/$/'/" +} + +generate_metadata() { + # This function generates the script commands to fix any file + # ownerships that aren't owner=root, group=root, as well as to + # store the permissions of files. + # The script is produced on stdout. Errors go to stderr. + # + # The script can use a 'maybe' function, which only runs a command + # if the file in its last argument exists. + + # We want files in the directory containing VCS data + # but we want find to ignore the VCS files themselves. + # + # (Note that when using this, the find expression must end with + # -print or -exec, else the excluded directories will actually be + # printed!) + NOVCS='. -path ./.git -prune -o -path ./.bzr -prune -o -path ./.hg -prune -o -path ./_darcs -prune -o' + + # Keep the sort order the same at all times. + LC_COLLATE=C + export LC_COLLATE + + if [ "$VCS" = git ] || [ "$VCS" = hg ]; then + # These version control systems do not track directories, + # so empty directories must be stored specially. + find $NOVCS -type d -empty -print | + sort | shellquote | sed -e "s/^/mkdir -p /" + fi + + if [ "$VCS" = darcs ]; then + # This version control system does not track symlinks, + # so they must be stored specially. + find $NOVCS -type l -print | sort | filter_ignore | while read link; do + dest=$( readlink "$link" ) + printf "ln -sf '%s' '%s'\n" "$(echo "$dest" | shellquote)" "$(echo "$link" | shellquote)" + done + fi + + # Store things that don't have the default user or group. + # Store all file modes, in case the user has an unusual umask. + find $NOVCS \( -type f -or -type d \) -print | filter_ignore | sort | perl -ne ' + BEGIN { $q=chr(39) } + sub uidname { + my $want=shift; + if (exists $uidcache{$want}) { + return $uidcache{$want}; + } + my $name=scalar getpwuid($want); + return $uidcache{$want}=defined $name ? $name : $want; + } + sub gidname { + my $want=shift; + if (exists $gidcache{$want}) { + return $gidcache{$want}; + } + my $name=scalar getgrgid($want); + return $gidcache{$want}=defined $name ? $name : $want; + } + chomp; + my @stat=stat($_); + my $mode = $stat[2]; + my $uid = $stat[4]; + my $gid = $stat[5]; + s/$q/$q"$q"$q/g; # escape single quotes + s/^/$q/; + s/$/$q/; + if ($uid != $>) { + printf "maybe chown $q%s$q %s\n", uidname($uid), $_; + } + if ($gid != $)) { + printf "maybe chgrp $q%s$q %s\n", gidname($gid), $_; + } + printf "maybe chmod %04o %s\n", $mode & 07777, $_; + ' + + # We don't handle xattrs. + # Maybe check for getfattr/setfattr and use them if they're available? +} + +if [ "$VCS" = git ] || [ "$VCS" = hg ] || [ "$VCS" = bzr ] || [ "$VCS" = darcs ]; then + if [ -f .metadata ]; then + # remove obsolete .metadata file + # git allows fully deleting it at this point, other VCS + # may not (the repo is locked for hg). + if [ "$VCS" = git ]; then + $VCS rm .metadata + else + rm -f .metadata + fi + fi + + echo "# Generated by etckeeper. Do not edit." > .etckeeper + echo >> .etckeeper + + # Make sure the file is not readable by others, since it can leak + # information about contents of non-readable directories in /etc. + chmod 700 .etckeeper + + generate_metadata >> .etckeeper + + # stage the file as part of the current commit + if [ "$VCS" = git ]; then + # this will do nothing if the metadata file is unchanged. + git add .etckeeper + fi + # hg, bzr and darcs add not done, they will automatically + # include the file in the current commit +fi diff --git a/etckeeper/pre-commit.d/README b/etckeeper/pre-commit.d/README new file mode 100644 index 0000000..051d094 --- /dev/null +++ b/etckeeper/pre-commit.d/README @@ -0,0 +1,2 @@ +This is run by a git pre-commit hook before committing changes to the +repository. This can be used for storing metadata, and for sanity checks. diff --git a/etckeeper/pre-install.d/10packagelist b/etckeeper/pre-install.d/10packagelist new file mode 100755 index 0000000..fbd4ac3 --- /dev/null +++ b/etckeeper/pre-install.d/10packagelist @@ -0,0 +1,5 @@ +#!/bin/sh +# This list will be later used when committing. +mkdir -p /var/cache/etckeeper/ +etckeeper list-installed > /var/cache/etckeeper/packagelist.pre-install +etckeeper list-installed fmt > /var/cache/etckeeper/packagelist.fmt diff --git a/etckeeper/pre-install.d/50uncommitted-changes b/etckeeper/pre-install.d/50uncommitted-changes new file mode 100755 index 0000000..969d341 --- /dev/null +++ b/etckeeper/pre-install.d/50uncommitted-changes @@ -0,0 +1,15 @@ +#!/bin/sh +set -e + +if etckeeper unclean; then + if [ "$AVOID_COMMIT_BEFORE_INSTALL" = 1 ]; then + echo "" >&2 + echo "** etckeeper detected uncommitted changes in /etc prior to $HIGHLEVEL_PACKAGE_MANAGER run" >&2 + echo "** Aborting $HIGHLEVEL_PACKAGE_MANAGER run. Manually commit and restart." >&2 + echo "" >&2 + exit 1 + fi + if ! etckeeper commit "saving uncommitted changes in /etc prior to $HIGHLEVEL_PACKAGE_MANAGER run"; then + echo "warning: etckeeper failed to commit changes in /etc using $VCS" >&2 + fi +fi diff --git a/etckeeper/pre-install.d/README b/etckeeper/pre-install.d/README new file mode 100644 index 0000000..a3b5a57 --- /dev/null +++ b/etckeeper/pre-install.d/README @@ -0,0 +1,3 @@ +Files in this directory are run before packages are installed, upgraded, +etc. This is mostly used for sanity checks, ie, does /etc have any +uncommitted changes? diff --git a/etckeeper/unclean.d/50test b/etckeeper/unclean.d/50test new file mode 100755 index 0000000..e52003f --- /dev/null +++ b/etckeeper/unclean.d/50test @@ -0,0 +1,12 @@ +#!/bin/sh +set -e + +if [ "$VCS" = git ]; then + [ -d .git ] && [ -n "`git status --porcelain`" ] +elif [ "$VCS" = hg ]; then + [ -d .hg ] && ! hg status 2>&1 | wc -l | grep -q "^0$" +elif [ "$VCS" = bzr ]; then + [ -d .bzr ] && ! bzr version-info --custom --template="{clean}\n" | grep -q "^1$" +elif [ "$VCS" = darcs ]; then + [ -d _darcs ] && darcs whatsnew -l >/dev/null +fi diff --git a/etckeeper/unclean.d/README b/etckeeper/unclean.d/README new file mode 100644 index 0000000..74bfbdd --- /dev/null +++ b/etckeeper/unclean.d/README @@ -0,0 +1,2 @@ +Files in this directory are used to test if the working copy has +uncommitted changes. diff --git a/etckeeper/uninit.d/01prompt b/etckeeper/uninit.d/01prompt new file mode 100755 index 0000000..8b43937 --- /dev/null +++ b/etckeeper/uninit.d/01prompt @@ -0,0 +1,20 @@ +#!/bin/sh +set -e + +if [ "$1" != "-f" ]; then + echo "** Warning: This will DESTROY all recorded history for $ETCKEEPER_DIR," + echo "** including the $VCS repository." + echo "" + printf "Are you sure you want to do this? [yN] " + read answer + case "$answer" in + [Yy]*) + echo "Proceeding.." + exit 0 + ;; + *) + echo "Aborting etckeeper uninit." + exit 1 + ;; + esac +fi diff --git a/etckeeper/uninit.d/50remove-metadata b/etckeeper/uninit.d/50remove-metadata new file mode 100755 index 0000000..0be8d36 --- /dev/null +++ b/etckeeper/uninit.d/50remove-metadata @@ -0,0 +1,6 @@ +#!/bin/sh +set -e + +# Files generated by etckeeper to store metadata the VCS cannot preserve. +rm -f .etckeeper +rm -f .metadata # only generated by old versions diff --git a/etckeeper/uninit.d/50vcs-uninit b/etckeeper/uninit.d/50vcs-uninit new file mode 100755 index 0000000..06317c5 --- /dev/null +++ b/etckeeper/uninit.d/50vcs-uninit @@ -0,0 +1,54 @@ +#!/bin/sh +set -e + +if [ "$VCS" = git ]; then + rm -rf .git + file=.gitignore +elif [ "$VCS" = hg ]; then + rm -rf .hg + file=.hgignore +elif [ "$VCS" = bzr ]; then + rm -rf .bzr + file=.bzrignore +elif [ "$VCS" = darcs ]; then + rm -rf _darcs + file=.darcsignore +fi + +managed_by_etckeeper="managed by etckeeper" + +if ! grep -q "$managed_by_etckeeper" "$file"; then + exit 0 +else + realfile="$file" + if which tempfile >/dev/null 2>&1 || type tempfile >/dev/null 2>&1; then + tempfile="tempfile" + elif which mktemp >/dev/null 2>&1 || type mktemp >/dev/null 2>&1; then + tempfile="mktemp" + else + echo "etckeeper warning: can't find tempfile or mktemp" >&2 + exit 1 + fi + file=$($tempfile) + otherentries= + skipping= + while read -r line; do + if echo "$line" | grep -q "$managed_by_etckeeper"; then + if [ ! "$skipping" ]; then + skipping=1 + else + skipping= + fi + elif [ ! "$skipping" ]; then + echo "$line" >> "$file" + otherentries=1 + fi + done <"$realfile" + + if [ "$otherentries" ]; then + mv -f "$file" "$realfile" + else + rm -f "$file" + rm -f "$realfile" + fi +fi diff --git a/etckeeper/uninit.d/README b/etckeeper/uninit.d/README new file mode 100644 index 0000000..d1a4eaa --- /dev/null +++ b/etckeeper/uninit.d/README @@ -0,0 +1,2 @@ +Executable files in this directory are run to uninitialise the working +directory, removing files added by `etckeeper init`. diff --git a/etckeeper/update-ignore.d/01update-ignore b/etckeeper/update-ignore.d/01update-ignore new file mode 100755 index 0000000..7347287 --- /dev/null +++ b/etckeeper/update-ignore.d/01update-ignore @@ -0,0 +1,205 @@ +#!/bin/sh +set -e + +if [ "$VCS" = git ]; then + dir=.git + file=.gitignore +elif [ "$VCS" = hg ]; then + dir=.hg + file=.hgignore +elif [ "$VCS" = bzr ]; then + dir=.bzr + file=.bzrignore +elif [ "$VCS" = darcs ]; then + dir=_darcs + file=.darcsignore +else + echo "etckeeper: unsupported VCS $VCS" >&2 + exit 1 +fi + +if [ ! -d "$dir" ]; then + exit 0 +fi + +managed_by_etckeeper="managed by etckeeper" + +nl() { + echo >>"$file" +} + +comment() { + comment="$1" + echo "# $comment" >>"$file" +} + +ignore() { + glob="$1" + + case "$VCS" in + git) + # escape "#" in ignores, as otherwise it may + # be considered a comment + echo "$glob" | sed 's/#/\\#/g' >>"$file" + ;; + bzr) + echo "$glob" >>"$file" + ;; + hg) + # rather than converting the glob to a regexp, just + # configure hg to use globs + if [ -z "$hg_syntax_printed" ]; then + comment "use glob syntax" + echo "syntax: glob" >>"$file" + nl + hg_syntax_printed=1 + fi + echo "$glob" | sed 's/#/\\#/g' >>"$file" + ;; + darcs) + # darcs doesn't understand globs, so we need to + # translate them into regexs. Not a complete converter, + # but suitable for given globs. + if [ "${glob%\*}" != "$glob" ]; then + glob="${glob%\*}" + else + glob="$glob"'($|/)' + fi + if [ "${glob#\*}" != "$glob" ]; then + glob="${glob#\*}" + else + glob='(^|/)'"$glob" + fi + glob="$( printf %s $glob | sed -e 's/\./\\./g;s/\*/[^\/]*/g;s/\?/[^\/]/g' )" + echo "$glob" >>"$file" + esac +} + +writefile () { + comment "begin section $managed_by_etckeeper (do not edit this section by hand)" + nl + + if [ "$VCS" = darcs ]; then + darcs setpref boringfile .darcsignore + fi + + if [ "$LOWLEVEL_PACKAGE_MANAGER" = dpkg ]; then + comment "new and old versions of conffiles, stored by dpkg" + ignore "*.dpkg-*" + comment "new and old versions of conffiles, stored by ucf" + ignore "*.ucf-*" + nl + elif [ "$LOWLEVEL_PACKAGE_MANAGER" = "rpm" ]; then + comment "new and old versions of conffiles, stored by apt/rpm" + ignore "*.rpm*" + nl + elif [ "$LOWLEVEL_PACKAGE_MANAGER" = "pacman-g2" -o "$LOWLEVEL_PACKAGE_MANAGER" = "pacman" -o "$LOWLEVEL_PACKAGE_MANAGER" = "pacmatic" ]; then + comment "new and old versions of conffiles, stored by pacman" + ignore "*.pacnew" + ignore "*.pacorig" + ignore "*.pacsave" + nl + fi + + comment "old versions of files" + ignore "*.old" + # Not currently ignored as admins tend to rely on these files. + #ignore "passwd-" + #ignore "group-" + #ignore "shadow-" + #ignore "gshadow-" + nl + + comment "mount(8) records system state here, no need to store these" + ignore blkid.tab + ignore blkid.tab.old + nl + + comment "some other files in /etc that typically do not need to be tracked" + ignore nologin + ignore ld.so.cache + ignore prelink.cache + ignore mtab + ignore mtab.fuselock + ignore .pwd.lock + ignore "*.LOCK" + ignore network/run + ignore adjtime + ignore lvm/cache + ignore lvm/archive + ignore "X11/xdm/authdir/authfiles/*" + ignore ntp.conf.dhcp + ignore .initctl + ignore "webmin/fsdump/*.status" + ignore "webmin/webmin/oscache" + ignore "apparmor.d/cache/*" + ignore "service/*/supervise/*" + ignore "service/*/log/supervise/*" + ignore "sv/*/supervise/*" + ignore "sv/*/log/supervise/*" + ignore "*.elc" + ignore "*.pyc" + ignore "*.pyo" + ignore "init.d/.depend.*" + ignore "openvpn/openvpn-status.log" + ignore "cups/subscriptions.conf" + ignore "cups/subscriptions.conf.O" + ignore "fake-hwclock.data" + ignore "check_mk/logwatch.state" + nl + + comment "editor temp files" + ignore "*~" + ignore ".*.sw?" + ignore ".sw?" + ignore "#*#" + ignore DEADJOE + + nl + comment "end section $managed_by_etckeeper" +} + +if [ -e "$file" ]; then + if ! grep -q "$managed_by_etckeeper" "$file"; then + if [ "$1" != "-a" ]; then + echo "etckeeper: "$file" does not contain \"$managed_by_etckeeper\" comment; not updating" + exit 1 + else + echo "etckeeper: "$file" exists but does not contain \"$managed_by_etckeeper\" comment; updating" + writefile + exit 0 + fi + fi + realfile="$file" + if which tempfile >/dev/null 2>&1 || type tempfile >/dev/null 2>&1; then + tempfile="tempfile" + elif which mktemp >/dev/null 2>&1 || type mktemp >/dev/null 2>&1; then + tempfile="mktemp" + else + echo "etckeeper warning: can't find tempfile or mktemp" >&2 + fi + file=$($tempfile) + ( + skipping= + while read -r line; do + if echo "$line" | grep -q "$managed_by_etckeeper"; then + if [ ! "$skipping" ]; then + skipping=1 + else + skipping= + writefile + fi + elif [ ! "$skipping" ]; then + echo "$line" >> "$file" + fi + done + if [ "$skipping" ]; then + # reached end of file w/o ending block + writefile + fi + ) <"$realfile" + + mv -f "$file" "$realfile" +else + writefile +fi diff --git a/etckeeper/update-ignore.d/README b/etckeeper/update-ignore.d/README new file mode 100644 index 0000000..a573135 --- /dev/null +++ b/etckeeper/update-ignore.d/README @@ -0,0 +1,2 @@ +Executable files in this directory are run to update the VCS ignore file, +or create it if it does not exist. diff --git a/etckeeper/vcs.d/50vcs-cmd b/etckeeper/vcs.d/50vcs-cmd new file mode 100755 index 0000000..f515abb --- /dev/null +++ b/etckeeper/vcs.d/50vcs-cmd @@ -0,0 +1,11 @@ +#!/bin/sh +set -e + +# check whether we can locate the vcs binary +if [ -n "$VCS" ] && which "$VCS" > /dev/null; then + # pass commands to the VCS application + $VCS "$@" +else + echo "error: VCS ($VCS) not set or not in PATH" >&2 + exit 1 +fi diff --git a/lvm/backup/vg00 b/lvm/backup/vg00 new file mode 100644 index 0000000..bb8afec --- /dev/null +++ b/lvm/backup/vg00 @@ -0,0 +1,123 @@ +# Generated by LVM2 version 2.02.168(2) (2016-11-30): Tue Jul 18 22:43:09 2017 + +contents = "Text Format Volume Group" +version = 1 + +description = "Created *after* executing 'vgcfgbackup'" + +creation_host = "ns3" # Linux ns3 4.1.6-gridscale #1 SMP Fri Sep 11 13:13:25 CEST 2015 x86_64 +creation_time = 1500410589 # Tue Jul 18 22:43:09 2017 + +vg00 { + id = "JepAFT-Qvz3-A30x-OAuH-gKtZ-sybB-thTeYw" + seqno = 5 + format = "lvm2" # informational + status = ["RESIZEABLE", "READ", "WRITE"] + flags = [] + extent_size = 8192 # 4 Megabytes + max_lv = 0 + max_pv = 0 + metadata_copies = 0 + + physical_volumes { + + pv0 { + id = "z6yebQ-p7ie-Ewj0-BwBh-MFBP-RySr-ufMqWz" + device = "/dev/sdb1" # Hint only + + status = ["ALLOCATABLE"] + flags = [] + dev_size = 41940992 # 19,999 Gigabytes + pe_start = 2048 + pe_count = 5119 # 19,9961 Gigabytes + } + } + + logical_volumes { + + swap { + id = "iX71sk-RR8D-D0iG-hcs7-jroH-GQUW-zgc3n2" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + creation_time = 1456232018 # 2016-02-23 13:53:38 +0100 + creation_host = "uhu3" + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 512 # 2 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 0 + ] + } + } + + tmp { + id = "I4vwVL-IYs2-mK2M-RlpQ-gLmM-hgSl-Zdsk2d" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + creation_time = 1456232189 # 2016-02-23 13:56:29 +0100 + creation_host = "uhu3" + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 512 # 2 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 512 + ] + } + } + + home { + id = "A6UMWx-wpuS-vDzd-Ei4E-wyoJ-isHn-WOucCZ" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + creation_time = 1456232255 # 2016-02-23 13:57:35 +0100 + creation_host = "uhu3" + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 768 # 3 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 1024 + ] + } + } + + var { + id = "UlEVFT-rmQS-xB46-9bZu-PWWQ-Sxbg-WushWf" + status = ["READ", "WRITE", "VISIBLE"] + flags = [] + creation_time = 1456232271 # 2016-02-23 13:57:51 +0100 + creation_host = "uhu3" + segment_count = 1 + + segment1 { + start_extent = 0 + extent_count = 2560 # 10 Gigabytes + + type = "striped" + stripe_count = 1 # linear + + stripes = [ + "pv0", 1792 + ] + } + } + } + +}