From 9510d1a36075c4cf02421c71fa0921c1d136d9f6 Mon Sep 17 00:00:00 2001 From: Brian Read Date: Thu, 26 Oct 2023 11:24:52 +0100 Subject: [PATCH] initial commit of file from CVS for e-smith-base on Thu 26 Oct 11:24:52 BST 2023 --- .gitignore | 4 + Makefile | 21 + README.md | 18 +- additional/COPYING | 340 +++ additional/CVS/Entries | 1 + additional/CVS/Repository | 1 + additional/CVS/Root | 1 + additional/console_wrapper.c | 8 + additional/createlinks.orig | 672 +++++ contriborbase | 1 + createlinks | 724 ++++++ e-smith-base.spec | 2315 +++++++++++++++++ root/etc/cron.daily/conf-mod_ssl | 28 + root/etc/dhcp/dhclient-exit-hooks | 4 + root/etc/diald/device.conf | 14 + root/etc/diald/scripts/connect | 130 + root/etc/diald/scripts/disconnect | 106 + root/etc/diald/scripts/isdn | 83 + root/etc/diald/scripts/isdn.hangup | 37 + .../db/accounts/defaults/Primary/CgiBin | 1 + .../db/accounts/defaults/Primary/Group | 1 + .../db/accounts/defaults/Primary/Modifiable | 1 + .../e-smith/db/accounts/defaults/Primary/Name | 1 + .../db/accounts/defaults/Primary/PasswordSet | 1 + .../db/accounts/defaults/Primary/Passwordable | 1 + .../db/accounts/defaults/Primary/PublicAccess | 1 + .../db/accounts/defaults/Primary/Removable | 1 + .../db/accounts/defaults/Primary/UserAccess | 1 + .../e-smith/db/accounts/defaults/Primary/type | 1 + .../db/accounts/defaults/admin/FirstName | 1 + .../db/accounts/defaults/admin/LastName | 1 + .../db/accounts/defaults/admin/Lockable | 1 + .../db/accounts/defaults/admin/Removable | 1 + .../e-smith/db/accounts/defaults/admin/Shell | 1 + .../accounts/defaults/admin/VPNClientAccess | 1 + .../e-smith/db/accounts/defaults/admin/type | 1 + .../defaults/admin_raidreport/Account | 1 + .../defaults/admin_raidreport/Removable | 1 + .../defaults/admin_raidreport/Visible | 1 + .../accounts/defaults/admin_raidreport/type | 1 + .../e-smith/db/accounts/defaults/cgi-bin/type | 1 + .../db/accounts/defaults/e-smith-manager/type | 1 + .../accounts/defaults/e-smith-password/type | 1 + .../e-smith/db/accounts/defaults/files/type | 1 + .../e-smith/db/accounts/defaults/icons/type | 1 + .../e-smith/db/accounts/defaults/primary/type | 1 + .../etc/e-smith/db/accounts/defaults/root/Gid | 1 + .../etc/e-smith/db/accounts/defaults/root/Uid | 1 + .../e-smith/db/accounts/defaults/root/type | 1 + .../db/accounts/defaults/server-common/type | 1 + .../db/accounts/defaults/server-manager/type | 1 + .../db/accounts/defaults/server-manual/type | 1 + .../accounts/defaults/server-resources/type | 1 + .../db/accounts/defaults/shared/Visible | 1 + .../e-smith/db/accounts/defaults/shared/type | 1 + .../db/accounts/defaults/user-password/type | 1 + .../db/accounts/defaults/webmail/Comment | 1 + .../e-smith/db/accounts/defaults/webmail/type | 1 + root/etc/e-smith/db/accounts/force/.gitignore | 0 root/etc/e-smith/db/accounts/migrate/00openRW | 4 + .../etc/e-smith/db/accounts/migrate/10Primary | 10 + .../db/accounts/migrate/20AdminPasswordSet | 11 + .../db/accounts/migrate/30EmailForward | 6 + .../db/accounts/migrate/50VPNClientAccess | 18 + .../db/configuration/defaults/AccessType/type | 1 + .../defaults/ActiveAccounts/type | 1 + .../configuration/defaults/ConsoleMode/type | 1 + .../configuration/defaults/ContactEmail/type | 0 .../configuration/defaults/ContactName/type | 0 .../db/configuration/defaults/ContactOrg/type | 0 .../defaults/DialupConnOffice/type | 1 + .../defaults/DialupConnOutside/type | 1 + .../defaults/DialupConnWeekend/type | 1 + .../defaults/DialupFreqOffice/type | 1 + .../defaults/DialupFreqOutside/type | 1 + .../defaults/DialupFreqWeekend/type | 1 + .../defaults/DialupModemDevice/type | 1 + .../defaults/DialupPhoneNumber/type | 1 + .../defaults/DialupUserAccount/type | 1 + .../defaults/DialupUserPassword/type | 1 + .../db/configuration/defaults/DomainName/type | 1 + .../defaults/EmailUnknownUser/type | 1 + .../defaults/EthernetDriver1/type | 1 + .../defaults/EthernetDriver2/type | 1 + .../configuration/defaults/ExternalDHCP/type | 1 + .../defaults/ExternalInterface/Configuration | 1 + .../defaults/ExternalInterface/Name | 1 + .../defaults/ExternalInterface/type | 1 + .../defaults/ExternalNetmask/type | 1 + .../InternalInterface/NICBondingOptions | 1 + .../defaults/InternalInterface/Name | 1 + .../defaults/InternalInterface/Netmask | 1 + .../defaults/InternalInterface/type | 1 + .../configuration/defaults/LocalNetmask/type | 1 + .../db/configuration/defaults/MinUid/type | 1 + .../configuration/defaults/PasswordSet/type | 1 + .../configuration/defaults/SMTPSmartHost/type | 1 + .../configuration/defaults/SquidParent/type | 1 + .../defaults/SquidParentPort/type | 1 + .../configuration/defaults/StatusReports/type | 1 + .../db/configuration/defaults/SystemMode/type | 1 + .../db/configuration/defaults/SystemName/type | 1 + .../db/configuration/defaults/acpid/status | 1 + .../db/configuration/defaults/acpid/type | 1 + .../defaults/backupconsole/CompressionLevel | 1 + .../configuration/defaults/backupconsole/type | 1 + .../defaults/bootstrap-console/Restore | 1 + .../defaults/bootstrap-console/status | 1 + .../defaults/bootstrap-console/type | 1 + .../defaults/bootstrap-runlevel7/status | 1 + .../defaults/bootstrap-runlevel7/type | 1 + .../db/configuration/defaults/crond/status | 1 + .../db/configuration/defaults/crond/type | 1 + .../db/configuration/defaults/dhcpd/Bootp | 1 + .../db/configuration/defaults/dhcpd/status | 1 + .../db/configuration/defaults/dhcpd/type | 1 + .../db/configuration/defaults/ippp/status | 1 + .../db/configuration/defaults/ippp/type | 1 + .../configuration/defaults/irqbalance/status | 1 + .../db/configuration/defaults/irqbalance/type | 1 + .../db/configuration/defaults/isdn/Protocol | 1 + .../configuration/defaults/isdn/UserSyncPPP | 1 + .../db/configuration/defaults/isdn/status | 1 + .../db/configuration/defaults/isdn/type | 1 + .../db/configuration/defaults/local/status | 1 + .../db/configuration/defaults/local/type | 1 + .../defaults/maxAcctNameLength/type | 1 + .../defaults/maxGroupNameLength/type | 1 + .../db/configuration/defaults/modSSL/TCPPort | 1 + .../db/configuration/defaults/modSSL/access | 1 + .../db/configuration/defaults/modSSL/status | 1 + .../db/configuration/defaults/modSSL/type | 1 + .../db/configuration/defaults/network/status | 1 + .../db/configuration/defaults/network/type | 1 + .../db/configuration/defaults/pam_abl/status | 1 + .../db/configuration/defaults/pam_abl/type | 1 + .../configuration/defaults/pam_tally/status | 1 + .../db/configuration/defaults/pam_tally/type | 1 + .../defaults/passwordstrength/Admin | 1 + .../defaults/passwordstrength/Ibays | 1 + .../defaults/passwordstrength/Users | 1 + .../defaults/passwordstrength/type | 1 + .../db/configuration/defaults/pppoe/status | 1 + .../db/configuration/defaults/pppoe/type | 1 + .../configuration/defaults/raidmonitor/status | 1 + .../configuration/defaults/raidmonitor/type | 1 + .../db/configuration/defaults/rc-local/status | 1 + .../db/configuration/defaults/rc-local/type | 1 + .../configuration/defaults/rsyslog/LogAll2VT6 | 1 + .../db/configuration/defaults/rsyslog/status | 1 + .../db/configuration/defaults/rsyslog/type | 1 + .../defaults/serial-console/BaudRate | 1 + .../defaults/serial-console/Device | 1 + .../defaults/serial-console/status | 1 + .../defaults/serial-console/type | 1 + .../configuration/defaults/smartd/directive | 1 + .../db/configuration/defaults/smartd/email | 1 + .../db/configuration/defaults/smartd/status | 1 + .../db/configuration/defaults/smartd/type | 1 + .../db/configuration/defaults/sshd/UsePAM | 1 + .../defaults/sysconfig/PreviousSystemMode | 1 + .../defaults/sysconfig/Registration | 1 + .../db/configuration/defaults/sysconfig/type | 1 + .../configuration/defaults/vpn/AccessDefault | 1 + .../db/configuration/defaults/vpn/access | 1 + .../db/configuration/defaults/vpn/sessions | 1 + .../db/configuration/defaults/vpn/status | 1 + .../db/configuration/defaults/vpn/type | 1 + .../db/configuration/defaults/wan/status | 1 + .../db/configuration/defaults/wan/type | 1 + .../e-smith/db/configuration/force/.gitignore | 0 .../db/configuration/migrate/05sysconfig | 38 + .../db/configuration/migrate/05syslog2rsyslog | 10 + .../configuration/migrate/10SetAccessDefaults | 80 + .../db/configuration/migrate/10SystemID | 7 + .../migrate/10SystemLocalNetwork | 46 + .../migrate/10SystemPrimaryDomain | 46 + .../db/configuration/migrate/10interfaces | 167 ++ .../db/configuration/migrate/10keytable | 6 + .../migrate/20DHCPClientIdentifier | 19 + .../db/configuration/migrate/20DHCPServer | 56 + .../migrate/20EthernetDriverUpdate | 20 + .../db/configuration/migrate/20NTPServer | 12 + .../configuration/migrate/20TelnetServerMode | 18 + .../db/configuration/migrate/20TimeZone | 14 + .../db/configuration/migrate/20interfaceMac | 8 + .../configuration/migrate/25NICBondingOptions | 9 + .../configuration/migrate/25NICBondingUpdate | 8 + .../configuration/migrate/30CipherSuiteUpdate | 9 + .../migrate/50RemoveObsoleteServices | 10 + .../e-smith/db/configuration/migrate/smartd | 12 + .../e-smith/db/domains/defaults/.gitignore | 0 root/etc/e-smith/db/domains/force/.gitignore | 0 root/etc/e-smith/db/domains/migrate/00openRW | 5 + root/etc/e-smith/db/hosts/defaults/.gitignore | 0 root/etc/e-smith/db/hosts/force/.gitignore | 0 root/etc/e-smith/db/hosts/migrate/00openRW | 4 + .../e-smith/db/networks/defaults/.gitignore | 0 root/etc/e-smith/db/networks/force/.gitignore | 0 root/etc/e-smith/db/networks/migrate/00openRW | 4 + root/etc/e-smith/events/actions/conf-modules | 39 + root/etc/e-smith/events/actions/conf-routes | 69 + root/etc/e-smith/events/actions/conf-startup | 30 + .../e-smith/events/actions/copy-anaconda-logs | 43 + .../events/actions/count-active-user-accounts | 44 + .../e-smith/events/actions/create-mnt-floppy | 14 + root/etc/e-smith/events/actions/fix-startup | 39 + .../e-smith/events/actions/group-create-unix | 191 ++ .../e-smith/events/actions/group-delete-unix | 54 + .../e-smith/events/actions/group-modify-unix | 169 ++ root/etc/e-smith/events/actions/halt | 30 + root/etc/e-smith/events/actions/init-accounts | 84 + .../etc/e-smith/events/actions/init-passwords | 45 + .../e-smith/events/actions/isdn-down-notify | 46 + .../e-smith/events/actions/logrotate-migrate | 54 + .../etc/e-smith/events/actions/purge-old-logs | 73 + .../e-smith/events/actions/raidmonitor-check | 36 + root/etc/e-smith/events/actions/reboot | 30 + .../events/actions/remove-templates-custom | 25 + .../e-smith/events/actions/reset-unsavedflag | 24 + root/etc/e-smith/events/actions/rmmod-bonding | 15 + .../e-smith/events/actions/rotate_logfiles | 9 + .../e-smith/events/actions/set-external-ip | 40 + .../etc/e-smith/events/actions/set-gateway-ip | 41 + root/etc/e-smith/events/actions/set-hostname | 31 + .../e-smith/events/actions/systemd-default | 231 ++ .../e-smith/events/actions/systemd-isolate | 4 + .../e-smith/events/actions/systemd-journald | 5 + .../etc/e-smith/events/actions/systemd-reload | 2 + root/etc/e-smith/events/actions/update-ifcfg | 71 + root/etc/e-smith/events/actions/update-passwd | 58 + .../e-smith/events/actions/user-create-unix | 154 ++ .../actions/user-delete-groups-and-pseudonyms | 13 + .../e-smith/events/actions/user-delete-unix | 63 + .../e-smith/events/actions/user-group-modify | 49 + .../e-smith/events/actions/user-lock-passwd | 99 + .../e-smith/events/actions/user-modify-unix | 156 ++ root/etc/e-smith/events/actions/user-rsshd | 57 + root/etc/e-smith/events/local/.gitignore | 0 .../events/user-modify-admin/.gitignore | 0 root/etc/e-smith/licenses/.gitignore | 0 root/etc/e-smith/locale/en | 1 + root/etc/e-smith/locale/en-au | 1 + root/etc/e-smith/locale/en-gb | 1 + root/etc/e-smith/locale/en-nz | 1 + .../en-us/etc/e-smith/web/functions/groups | 105 + .../etc/e-smith/web/functions/localnetworks | 178 ++ .../en-us/etc/e-smith/web/functions/reboot | 56 + .../etc/e-smith/web/functions/remoteaccess | 259 ++ .../en-us/etc/e-smith/web/functions/review | 130 + .../etc/e-smith/web/functions/useraccounts | 335 +++ .../etc/e-smith/web/functions/userpassword | 19 + root/etc/e-smith/locale/fr-ca | 1 + root/etc/e-smith/locale/fr-fr | 1 + root/etc/e-smith/pam/.gitignore | 0 .../skel/e-smith/Maildir/cur/.gitignore | 0 .../skel/e-smith/Maildir/new/.gitignore | 0 .../skel/e-smith/Maildir/tmp/.gitignore | 0 .../e-smith/files/primary/cgi-bin/.gitignore | 0 .../e-smith/files/primary/files/.gitignore | 0 .../skel/e-smith/files/primary/html/index.htm | 9 + .../e-smith/files/users/admin/home/.gitignore | 0 root/etc/e-smith/skel/user/.ssh/.gitignore | 0 .../e-smith/skel/user/Maildir/cur/.gitignore | 0 .../e-smith/skel/user/Maildir/new/.gitignore | 0 .../e-smith/skel/user/Maildir/tmp/.gitignore | 0 root/etc/e-smith/skel/user/home/.gitignore | 0 root/etc/e-smith/templates-custom/.gitignore | 0 .../e-smith/templates-user-custom/.gitignore | 0 root/etc/e-smith/templates-user/.gitignore | 0 .../templates.metadata/etc/cpu-system.conf | 4 + .../e-smith/templates.metadata/etc/cpu.conf | 2 + .../e-smith/templates.metadata/etc/dhcpd.conf | 3 + .../etc/e-smith/pam/accounts.allow | 1 + .../etc/e-smith/pam/accounts.deny | 1 + .../etc/e-smith/pam/users.allow | 1 + root/etc/e-smith/templates.metadata/etc/fstab | 1 + .../templates.metadata/etc/pam.d/pwauth | 1 + .../templates.metadata/etc/pam_ldap.secret | 1 + .../templates.metadata/etc/ppp/chap-secrets | 3 + .../templates.metadata/etc/ppp/ip-down.local | 3 + .../templates.metadata/etc/ppp/ip-up.local | 3 + .../templates.metadata/etc/ppp/pap-secrets | 3 + .../e-smith/templates.metadata/etc/securetty | 1 + .../templates.metadata/etc/sysconfig/i18n | 1 + .../etc/sysconfig/network-scripts/ifcfg-bond0 | 3 + .../home/e-smith/ssl.crt/crt | 2 + .../home/e-smith/ssl.key/key | 2 + .../home/e-smith/ssl.pem/pem | 2 + .../var/lib/dhclient/dhclient-eth0.conf | 3 + .../var/lib/dhclient/dhclient-eth1.conf | 3 + .../var/service/wan/pppoe.pppd.conf | 1 + .../var/service/wan/run.pppoe.conf | 1 + .../e-smith/templates/etc/HOSTNAME/50hostname | 1 + .../e-smith/templates/etc/cpu.conf/00header | 3 + .../etc/e-smith/templates/etc/cpu.conf/05ldap | 4 + .../e-smith/templates/etc/cpu.conf/10bindpw | 2 + .../etc/cpu.conf/15defaultObjectClass | 10 + .../templates/etc/cpu.conf/20objectClass | 15 + .../e-smith/templates/etc/cpu.conf/25filter | 2 + .../e-smith/templates/etc/cpu.conf/30cnString | 2 + .../etc/e-smith/templates/etc/cpu.conf/35skel | 1 + .../e-smith/templates/etc/cpu.conf/40shell | 1 + .../e-smith/templates/etc/cpu.conf/45homeDir | 1 + .../e-smith/templates/etc/cpu.conf/50uidGid | 8 + .../templates/etc/cpu.conf/55passwdShadow | 2 + .../etc/e-smith/templates/etc/cpu.conf/60hash | 1 + .../e-smith/templates/etc/cpu.conf/65shadow | 7 + .../etc/e-smith/templates/etc/crontab/00setup | 4 + .../templates/etc/crontab/65_logrotate | 18 + .../templates/etc/dhcp/dhcpd.conf/10Base | 6 + .../etc/dhcpc/dhcpcd.exe/template-begin | 1 + .../templates/etc/dhcpd.conf/02setupRange | 6 + .../etc/dhcpd.conf/02setupWinsServer | 5 + .../templates/etc/dhcpd.conf/10Authoritative | 1 + .../etc/dhcpd.conf/10DDNS-Update-Style | 1 + .../etc/dhcpd.conf/20BeginLocalSubnet | 8 + .../templates/etc/dhcpd.conf/25Broadcast | 8 + .../templates/etc/dhcpd.conf/25DenyBootp | 4 + .../templates/etc/dhcpd.conf/25DomainName | 3 + .../etc/dhcpd.conf/25DomainNameServers | 17 + .../etc/dhcpd.conf/25LeaseTimeDefault | 1 + .../templates/etc/dhcpd.conf/25LeaseTimeMax | 1 + .../etc/dhcpd.conf/25NetbiosDDServer | 5 + .../etc/dhcpd.conf/25NetbiosNameServers | 5 + .../etc/dhcpd.conf/25NetbiosNodeType | 7 + .../templates/etc/dhcpd.conf/25Netmask | 1 + .../e-smith/templates/etc/dhcpd.conf/25Range | 3 + .../templates/etc/dhcpd.conf/25Routers | 21 + .../templates/etc/dhcpd.conf/29EndLocalSubnet | 1 + .../templates/etc/diald.conf/accounting-log | 1 + .../e-smith/templates/etc/diald.conf/connect | 13 + .../templates/etc/diald.conf/connect-timeout | 1 + .../e-smith/templates/etc/diald.conf/device | 12 + .../templates/etc/diald.conf/dial-fail-limit | 6 + .../templates/etc/diald.conf/disconnect | 9 + .../etc/e-smith/templates/etc/diald.conf/fifo | 1 + .../e-smith/templates/etc/diald.conf/filter | 1 + .../e-smith/templates/etc/diald.conf/linkname | 1 + .../e-smith/templates/etc/diald.conf/local | 1 + .../e-smith/templates/etc/diald.conf/options | 11 + .../templates/etc/diald.conf/pppd-options | 18 + .../etc/diald.conf/redial-backoff-limit | 1 + .../etc/diald.conf/redial-backoff-start | 1 + .../templates/etc/diald.conf/redial-timeout | 1 + .../e-smith/templates/etc/diald.conf/remote | 1 + .../templates/etc/diald.conf/retry-count | 1 + .../e-smith/templates/etc/diald.conf/speed | 1 + .../templates/etc/diald.filter/20office | 174 ++ .../templates/etc/diald.filter/40outside | 173 ++ .../templates/etc/diald.filter/60weekend | 174 ++ .../e-smith/templates/etc/diald/link/20isdn | 7 + .../etc/e-smith/pam/accounts.allow/10admin | 1 + .../e-smith/pam/accounts.allow/20userAccounts | 6 + .../pam/accounts.deny/10passwordRequired | 24 + .../pam/accounts.deny/20standardAccounts | 3 + .../etc/e-smith/pam/users.allow/10admin | 1 + .../e-smith/pam/users.allow/20userAccounts | 6 + .../web/common/foot.tmpl/template-begin | 0 .../web/common/head.tmpl/template-begin | 0 .../templates/etc/elinks.conf/10homepage | 1 + .../templates/etc/elinks.conf/10insert_mode | 1 + .../templates/etc/elinks.conf/10no_utf8 | 3 + .../etc/elinks.conf/10obey_cache_control | 1 + .../templates/etc/elinks.conf/10post_confirm | 1 + .../templates/etc/fstab/50UndoDisableTmpfs | 9 + .../e-smith/templates/etc/fstab/99writefile | 7 + .../templates/etc/fstab/template-begin | 35 + .../e-smith/templates/etc/ftpusers/00README | 1 + .../e-smith/templates/etc/hosts.allow/identd | 3 + .../templates/etc/hosts.deny/00startup | 1 + .../e-smith/templates/etc/hosts/10localhost | 1 + .../e-smith/templates/etc/hosts/20hostname | 5 + .../templates/etc/inittab/10defaultlevel | 4 + .../templates/etc/logrotate.conf/05rotate | 10 + .../templates/etc/logrotate.conf/10keep | 11 + .../templates/etc/logrotate.conf/11notifempty | 3 + .../templates/etc/logrotate.conf/20empty | 3 + .../templates/etc/logrotate.conf/30extension | 3 + .../templates/etc/logrotate.conf/35compress | 3 + .../templates/etc/logrotate.conf/37rpms | 4 + .../templates/etc/logrotate.conf/40included | 16 + .../etc/lynx.cfg/10preferredLanguage | 6 + .../e-smith/templates/etc/lynx.cfg/20helpfile | 1 + .../e-smith/templates/etc/lynx.cfg/30index | 1 + .../templates/etc/lynx.cfg/40startfile | 1 + .../e-smith/templates/etc/lynx.cfg/50forcessl | 1 + .../templates/etc/mime.types/10sample-types | 1287 +++++++++ .../etc/modprobe.d/bonding.conf/10bonding | 5 + .../templates/etc/nsswitch.conf/10files | 13 + .../templates/etc/openssl.conf/05config | 38 + .../e-smith/templates/etc/openssl.conf/40req | 10 + .../etc/openssl.conf/45req_distinguished_name | 9 + .../etc/openssl.conf/47req_attributes | 3 + .../templates/etc/openssl.conf/50v3_req | 3 + .../templates/etc/openssl.conf/60v3_ca | 5 + .../templates/etc/pam.d/imap/template-begin | 1 + .../e-smith/templates/etc/pam.d/login/20auth | 5 + .../templates/etc/pam.d/login/30account | 3 + .../templates/etc/pam.d/login/40password | 3 + .../templates/etc/pam.d/login/50session | 5 + .../templates/etc/pam.d/login/template-begin | 1 + .../e-smith/templates/etc/pam.d/passwd/10auth | 3 + .../templates/etc/pam.d/passwd/20account | 3 + .../templates/etc/pam.d/passwd/40password | 3 + .../templates/etc/pam.d/passwd/template-begin | 1 + .../e-smith/templates/etc/pam.d/pop/00README | 1 + .../e-smith/templates/etc/pam.d/pwauth/20auth | 4 + .../templates/etc/pam.d/pwauth/30account | 3 + .../templates/etc/pam.d/pwauth/template-begin | 1 + .../templates/etc/pam.d/system-auth/20auth | 19 + .../templates/etc/pam.d/system-auth/30account | 13 + .../etc/pam.d/system-auth/40password | 8 + .../templates/etc/pam.d/system-auth/50session | 7 + .../etc/pam.d/system-auth/template-begin | 1 + .../e-smith/templates/etc/pam_ldap.conf/10ssl | 2 + .../etc/pam_ldap.conf/20pam_password | 5 + .../templates/etc/pam_ldap.conf/30host | 1 + .../templates/etc/pam_ldap.conf/40base | 3 + .../etc/pam_ldap.conf/40nss_base_group | 5 + .../etc/pam_ldap.conf/40nss_base_passwd | 10 + .../etc/pam_ldap.conf/40nss_base_shadow | 10 + .../templates/etc/pam_ldap.conf/45rootbinddn | 3 + .../templates/etc/pam_ldap.conf/55bind_policy | 4 + .../etc/pam_ldap.conf/60ignore_initgroups | 1 + .../e-smith/templates/etc/pam_ldap.secret/all | 1 + .../etc/ppp/chap-secrets/05dialup-password | 8 + .../etc/ppp/chap-secrets/05pppoe-password | 8 + .../templates/etc/ppp/ioptions/00device | 1 + .../etc/ppp/ip-down.local/signal-event | 10 + .../templates/etc/ppp/ip-up.local/10setup | 11 + .../templates/etc/ppp/ip-up.local/15umask | 4 + .../etc/ppp/ip-up.local/30ipparam00startcase | 1 + .../etc/ppp/ip-up.local/30ipparam90other | 8 + .../etc/ppp/ip-up.local/30ipparam99endcase | 1 + .../etc/ppp/options/lcp-echo-options | 2 + .../etc/ppp/pap-secrets/05dialup-password | 16 + .../etc/ppp/pap-secrets/05pppoe-password | 8 + .../templates/etc/resolv.conf/10domain | 3 + .../templates/etc/resolv.conf/30timeout | 8 + .../templates/etc/rsyslog.conf/00filenames | 9 + .../templates/etc/rsyslog.conf/10modules | 14 + .../templates/etc/rsyslog.conf/11imjournal | 8 + .../templates/etc/rsyslog.conf/20rateLimit | 6 + .../templates/etc/rsyslog.conf/30global | 5 + .../templates/etc/rsyslog.conf/32dhcpd | 4 + .../templates/etc/rsyslog.conf/32systemd | 4 + .../templates/etc/rsyslog.conf/40console | 5 + .../e-smith/templates/etc/rsyslog.conf/50info | 6 + .../templates/etc/rsyslog.conf/55authpriv | 4 + .../e-smith/templates/etc/rsyslog.conf/60mail | 4 + .../e-smith/templates/etc/rsyslog.conf/65cron | 5 + .../templates/etc/rsyslog.conf/70emerg | 5 + .../e-smith/templates/etc/rsyslog.conf/75news | 4 + .../templates/etc/rsyslog.conf/80local7 | 4 + .../templates/etc/securetty/serial-console | 9 + .../templates/etc/securetty/template-begin | 8 + .../templates/etc/securetty/xenU-console | 6 + .../etc/security/pam_abl.conf/05debug | 1 + .../etc/security/pam_abl.conf/10host_db | 1 + .../etc/security/pam_abl.conf/15host_purge | 1 + .../etc/security/pam_abl.conf/20host_rule | 1 + .../etc/security/pam_abl.conf/30user_db | 1 + .../etc/security/pam_abl.conf/35user_purge | 1 + .../etc/security/pam_abl.conf/40user_rules | 1 + .../templates/etc/selinux/config/DISABLED | 1 + .../e-smith/templates/etc/services/10standard | 580 +++++ .../e-smith/templates/etc/services/20wwwproxy | 3 + root/etc/e-smith/templates/etc/shells/bash | 1 + root/etc/e-smith/templates/etc/shells/bash2 | 1 + root/etc/e-smith/templates/etc/shells/console | 1 + root/etc/e-smith/templates/etc/shells/csh | 1 + root/etc/e-smith/templates/etc/shells/false | 1 + root/etc/e-smith/templates/etc/shells/rssh | 1 + root/etc/e-smith/templates/etc/shells/sh | 1 + .../templates/etc/shells/template-begin | 0 .../etc/smartmontools/smartd.conf/10conf | 8 + .../templates/etc/smbpasswd/template-begin | 0 .../e-smith/templates/etc/sysconfig/i18n/LANG | 11 + .../templates/etc/sysconfig/i18n/SUPPORTED | 15 + .../templates/etc/sysconfig/i18n/SYSFONT | 9 + .../templates/etc/sysconfig/i18n/SYSFONTACM | 8 + .../etc/sysconfig/i18n/template-begin | 17 + .../templates/etc/sysconfig/i18n/template-end | 8 + .../network-scripts/chat-ppp0/10aborts | 6 + .../network-scripts/chat-ppp0/15reports | 1 + .../network-scripts/chat-ppp0/20reset | 1 + .../network-scripts/chat-ppp0/25init | 15 + .../network-scripts/chat-ppp0/30dialup | 1 + .../network-scripts/chat-ppp0/40connect | 1 + .../network-scripts/ifcfg-ethX/00setup | 16 + .../network-scripts/ifcfg-ethX/05TYPE | 3 + .../network-scripts/ifcfg-ethX/10DEVICE | 3 + .../network-scripts/ifcfg-ethX/10ETHTOOL | 12 + .../network-scripts/ifcfg-ethX/10MTU | 17 + .../network-scripts/ifcfg-ethX/20USERCTL | 1 + .../network-scripts/ifcfg-ethX/30ONBOOT | 3 + .../network-scripts/ifcfg-ethX/40PEERDNS | 1 + .../network-scripts/ifcfg-ethX/60IPV6 | 3 + .../network-scripts/ifcfg-ethX/70bonding | 11 + .../network-scripts/ifcfg-ethX/90otherparams | 34 + .../network-scripts/ifcfg-ppp0/00default | 21 + .../network-scripts/ifcfg-ppp0/10ETHTOOL | 12 + .../network-scripts/route-ethX/08Gateway | 7 + .../network-scripts/route-ethX/10localroutes | 39 + .../etc/sysconfig/network/10NETWORKING | 1 + .../etc/sysconfig/network/20FORWARD_IPV4 | 1 + .../etc/sysconfig/network/30HOSTNAME | 1 + .../etc/sysconfig/network/60NOZEROCONF | 1 + .../etc/sysconfig/rsyslog/10rsyslogOptions | 1 + .../templates/etc/sysctl.conf/kernel.sysrq | 2 + .../sysctl.conf/net.ipv4.conf.all.rp_filter | 2 + .../net.ipv4.conf.default.rp_filter | 2 + .../etc/sysctl.conf/net.ipv4.ip_dynaddr | 1 + .../etc/sysctl.conf/net.ipv4.ip_forward | 1 + .../sysctl.conf/net.ipv4.tcp_keepalive_time | 2 + .../etc/sysctl.conf/net.ipv4.tcp_syncookies | 1 + .../templates/etc/sysctl.conf/net.ipv6 | 10 + .../etc/systemd/journald.conf/01header | 14 + .../etc/systemd/journald.conf/05journal | 1 + .../etc/systemd/journald.conf/08dest | 1 + .../etc/systemd/journald.conf/09Compress | 1 + .../etc/systemd/journald.conf/10Seal | 1 + .../etc/systemd/journald.conf/11SplitMode | 1 + .../etc/systemd/journald.conf/20Rates | 3 + .../etc/systemd/journald.conf/30System | 8 + .../etc/systemd/journald.conf/40Forward | 5 + .../etc/systemd/journald.conf/50MaxLevel | 6 + .../system-preset/49-koozali.preset/05config | 12 + .../49-koozali.preset/20services | 20 + .../templates/etc/updatedb.conf/01conf | 4 + .../templates/etc/updatedb.conf/10conf | 7 + .../e-smith/templates/home/e-smith/ssl.crt | 120 + .../e-smith/templates/home/e-smith/ssl.key | 57 + .../templates/home/e-smith/ssl.pem/10openssl | 8 + .../templates/home/e-smith/ssl.pem/20key | 22 + .../templates/home/e-smith/ssl.pem/40crt | 21 + .../templates/home/e-smith/ssl.pem/60pem | 12 + .../usr/lib/e-smith-mdevent/mdEvent.tmpl | 23 + .../dhcpd.service.d/50koozali.conf/20unit | 3 + .../dhcpd.service.d/50koozali.conf/40service | 21 + .../dhcpd.service.d/50koozali.conf/80install | 3 + .../50koozali.conf/20services | 22 + .../lib/dhclient/dhclient.conf/00interface | 4 + .../var/lib/dhclient/dhclient.conf/50hostname | 7 + .../lib/dhclient/dhclient.conf/template-end | 3 + .../templates/var/service/ippp/config/LocalIP | 3 + .../var/service/ippp/config/ppp_options | 11 + .../var/service/wan/dhclient.config/device | 5 + .../var/service/wan/pppoe.pppd.conf/comp | 7 + .../var/service/wan/pppoe.pppd.conf/debug | 1 + .../wan/pppoe.pppd.conf/default-asyncmap | 1 + .../service/wan/pppoe.pppd.conf/defaultroute | 1 + .../service/wan/pppoe.pppd.conf/hide-password | 1 + .../service/wan/pppoe.pppd.conf/ipcp-accept | 2 + .../var/service/wan/pppoe.pppd.conf/ipparam | 1 + .../var/service/wan/pppoe.pppd.conf/lcp-echo | 2 + .../var/service/wan/pppoe.pppd.conf/linkname | 1 + .../var/service/wan/pppoe.pppd.conf/mru | 1 + .../var/service/wan/pppoe.pppd.conf/mtu | 1 + .../var/service/wan/pppoe.pppd.conf/noauth | 1 + .../var/service/wan/pppoe.pppd.conf/nodetach | 1 + .../service/wan/pppoe.pppd.conf/noipdefault | 1 + .../var/service/wan/pppoe.pppd.conf/pty | 27 + .../var/service/wan/pppoe.pppd.conf/username | 1 + .../var/service/wan/run.pppoe.conf/device | 8 + .../var/service/wan/run.pppoe.conf/mlimit | 15 + .../var/service/wan/run.pppoe.conf/timeout | 2 + .../tests/10e-smith-base/00sanity-accounts.t | 225 ++ .../e-smith/tests/10e-smith-base/10manager.t | 10 + .../tests/10e-smith-base/20interfaces.t | 102 + .../tests/10e-smith-base/accounts.conf | 83 + .../tests/10e-smith-base/configuration.conf | 99 + .../e-smith/tests/10e-smith-base/domains.conf | 6 + .../tests/10e-smith-base/networks.conf | 9 + .../tests/10e-smith-base/system_configuration | 19 + .../system_configuration.previous | 7 + root/etc/e-smith/web/common/banner-shim.gif | Bin 0 -> 882 bytes root/etc/e-smith/web/common/stop.jpg | Bin 0 -> 9305 bytes root/etc/e-smith/web/functions/groups | 149 ++ root/etc/e-smith/web/functions/localnetworks | 151 ++ root/etc/e-smith/web/functions/online-manual | 77 + root/etc/e-smith/web/functions/reboot | 110 + root/etc/e-smith/web/functions/remoteaccess | 177 ++ root/etc/e-smith/web/functions/review | 77 + root/etc/e-smith/web/functions/useraccounts | 291 +++ root/etc/e-smith/web/functions/userpassword | 151 ++ root/etc/logrotate.d/dhcpd | 11 + root/etc/logrotate.d/diald | 8 + root/etc/logrotate.d/systemd | 8 + root/etc/profile.d/e-smith.sh | 6 + root/etc/rc.d/init.d/e-smith-service | 88 + root/etc/rc.d/rc7.d/.gitignore | 0 root/etc/rc7.d | 1 + root/etc/sysconfig/modules/dummy.modules | 3 + root/etc/systemd/system-preset/.gitignore | 0 root/etc/tcprules/.gitignore | 0 root/home/e-smith/Maildir/cur/.gitignore | 0 root/home/e-smith/Maildir/new/.gitignore | 0 root/home/e-smith/Maildir/tmp/.gitignore | 0 root/home/e-smith/db/.gitignore | 0 .../e-smith/files/server-resources/.gitignore | 0 .../e-smith/files/users/admin/home/.gitignore | 0 root/home/e-smith/ssl.crt/.gitignore | 0 root/home/e-smith/ssl.key/.gitignore | 0 root/home/e-smith/ssl.pem/.gitignore | 0 root/root/.ssh/.gitignore | 0 root/sbin/e-smith/add_drive_to_raid | 126 + root/sbin/e-smith/bootstrap-console | 56 + root/sbin/e-smith/bootstrap-runlevel7 | 43 + .../e-smith/console-menu-items/configure.pl | 3 + .../e-smith/console-menu-items/manageRAID.pl | 303 +++ .../sbin/e-smith/console-menu-items/reboot.pl | 80 + .../console-menu-items/serverManager.pl | 60 + .../sbin/e-smith/console-menu-items/status.pl | 70 + root/sbin/e-smith/console.pl | 107 + root/sbin/e-smith/generate-subjectaltnames | 125 + root/sbin/e-smith/mdevent | 68 + root/sbin/e-smith/service | 57 + root/sbin/e-smith/service-status | 30 + root/sbin/e-smith/systemctl | 180 ++ root/sbin/e-smith/systemd/mdmonitor-pre | 10 + root/sbin/e-smith/systemd/rsyslog-pre | 16 + root/service/ippp | 1 + root/service/wan | 1 + .../systemd/system-preset/50-koozali.preset | 75 + .../system/acpid.service.d/51koozali.conf | 3 + .../system/basic.target.wants/.gitignore | 0 .../systemd/system/bootstrap-console.service | 28 + .../lib/systemd/system/bootstrap-fix.service | 13 + .../system/bootstrap-runlevel7.service | 28 + .../system/crond.service.d/51koozali.conf | 3 + .../systemd/system/dhcpd.service.d/.gitignore | 0 .../irqbalance.service.d/51koozali.conf | 3 + root/usr/lib/systemd/system/local.service | 13 + .../system/mdmonitor.service.d/50koozali.conf | 11 + .../usr/lib/systemd/system/networking.service | 17 + .../system/rsyslog.service.d/51koozali.conf | 8 + .../system/smartd.service.d/51koozali.conf | 3 + root/usr/lib/systemd/system/sme-server.target | 13 + .../system/sme-server.target.d/.gitignore | 0 root/usr/lib/systemd/system/wan.service | 16 + .../hal/fdi/95userpolicy/usb-rev35-drive.fdi | 12 + .../hal/fdi/95userpolicy/usb-rev70-drive.fdi | 12 + .../share/locale/en_US/LC_MESSAGES/.gitignore | 0 .../vendor_perl/esmith/ConfigDB/unsaved.pm | 59 + .../esmith/FormMagick/Panel/groups.pm | 603 +++++ .../esmith/FormMagick/Panel/localnetworks.pm | 524 ++++ .../esmith/FormMagick/Panel/reboot.pm | 136 + .../esmith/FormMagick/Panel/remoteaccess.pm | 844 ++++++ .../esmith/FormMagick/Panel/review.pm | 412 +++ .../esmith/FormMagick/Panel/useraccounts.pm | 1285 +++++++++ .../vendor_perl/esmith/console/configure.pm | 1935 ++++++++++++++ .../vendor_perl/esmith/console/quitConsole.pm | 49 + .../vendor_perl/esmith/console/save_config.pm | 33 + .../vendor_perl/esmith/console/startup.pm | 132 + .../esmith/console/system_password.pm | 148 ++ .../usr/share/perl5/vendor_perl/esmith/ssl.pm | 154 ++ root/var/log/dhcpd/.gitignore | 0 root/var/log/ippp/.gitignore | 0 root/var/log/raidmonitor/.gitignore | 0 root/var/log/wan/.gitignore | 0 root/var/service/ippp/down | 0 root/var/service/ippp/log/run | 6 + .../var/service/ippp/log/supervise/.gitignore | 0 root/var/service/ippp/run | 58 + root/var/service/ippp/supervise/.gitignore | 0 root/var/service/wan/down | 0 root/var/service/wan/log/run | 7 + root/var/service/wan/log/supervise/.gitignore | 0 root/var/service/wan/run | 12 + root/var/service/wan/run.dhclient | 31 + root/var/service/wan/run.dialup | 13 + root/var/service/wan/run.disabled | 4 + root/var/service/wan/run.pppoe | 32 + root/var/service/wan/run.static | 10 + root/var/service/wan/supervise/.gitignore | 0 root/var/state/e-smith/.gitignore | 0 678 files changed, 22721 insertions(+), 2 deletions(-) create mode 100644 .gitignore create mode 100644 Makefile create mode 100644 additional/COPYING create mode 100644 additional/CVS/Entries create mode 100644 additional/CVS/Repository create mode 100644 additional/CVS/Root create mode 100644 additional/console_wrapper.c create mode 100755 additional/createlinks.orig create mode 100644 contriborbase create mode 100755 createlinks create mode 100644 e-smith-base.spec create mode 100644 root/etc/cron.daily/conf-mod_ssl create mode 100644 root/etc/dhcp/dhclient-exit-hooks create mode 100644 root/etc/diald/device.conf create mode 100755 root/etc/diald/scripts/connect create mode 100755 root/etc/diald/scripts/disconnect create mode 100755 root/etc/diald/scripts/isdn create mode 100755 root/etc/diald/scripts/isdn.hangup create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/CgiBin create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/Group create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/Modifiable create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/Name create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/PasswordSet create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/Passwordable create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/PublicAccess create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/Removable create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/UserAccess create mode 100644 root/etc/e-smith/db/accounts/defaults/Primary/type create mode 100644 root/etc/e-smith/db/accounts/defaults/admin/FirstName create mode 100644 root/etc/e-smith/db/accounts/defaults/admin/LastName create mode 100644 root/etc/e-smith/db/accounts/defaults/admin/Lockable create mode 100644 root/etc/e-smith/db/accounts/defaults/admin/Removable create mode 100644 root/etc/e-smith/db/accounts/defaults/admin/Shell create mode 100644 root/etc/e-smith/db/accounts/defaults/admin/VPNClientAccess create mode 100644 root/etc/e-smith/db/accounts/defaults/admin/type create mode 100644 root/etc/e-smith/db/accounts/defaults/admin_raidreport/Account create mode 100644 root/etc/e-smith/db/accounts/defaults/admin_raidreport/Removable create mode 100644 root/etc/e-smith/db/accounts/defaults/admin_raidreport/Visible create mode 100644 root/etc/e-smith/db/accounts/defaults/admin_raidreport/type create mode 100644 root/etc/e-smith/db/accounts/defaults/cgi-bin/type create mode 100644 root/etc/e-smith/db/accounts/defaults/e-smith-manager/type create mode 100644 root/etc/e-smith/db/accounts/defaults/e-smith-password/type create mode 100644 root/etc/e-smith/db/accounts/defaults/files/type create mode 100644 root/etc/e-smith/db/accounts/defaults/icons/type create mode 100644 root/etc/e-smith/db/accounts/defaults/primary/type create mode 100644 root/etc/e-smith/db/accounts/defaults/root/Gid create mode 100644 root/etc/e-smith/db/accounts/defaults/root/Uid create mode 100644 root/etc/e-smith/db/accounts/defaults/root/type create mode 100644 root/etc/e-smith/db/accounts/defaults/server-common/type create mode 100644 root/etc/e-smith/db/accounts/defaults/server-manager/type create mode 100644 root/etc/e-smith/db/accounts/defaults/server-manual/type create mode 100644 root/etc/e-smith/db/accounts/defaults/server-resources/type create mode 100644 root/etc/e-smith/db/accounts/defaults/shared/Visible create mode 100644 root/etc/e-smith/db/accounts/defaults/shared/type create mode 100644 root/etc/e-smith/db/accounts/defaults/user-password/type create mode 100644 root/etc/e-smith/db/accounts/defaults/webmail/Comment create mode 100644 root/etc/e-smith/db/accounts/defaults/webmail/type create mode 100644 root/etc/e-smith/db/accounts/force/.gitignore create mode 100644 root/etc/e-smith/db/accounts/migrate/00openRW create mode 100644 root/etc/e-smith/db/accounts/migrate/10Primary create mode 100644 root/etc/e-smith/db/accounts/migrate/20AdminPasswordSet create mode 100644 root/etc/e-smith/db/accounts/migrate/30EmailForward create mode 100644 root/etc/e-smith/db/accounts/migrate/50VPNClientAccess create mode 100644 root/etc/e-smith/db/configuration/defaults/AccessType/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ActiveAccounts/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ConsoleMode/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ContactEmail/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ContactName/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ContactOrg/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupConnOffice/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupConnOutside/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupConnWeekend/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupFreqOffice/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupFreqOutside/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupFreqWeekend/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupModemDevice/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupPhoneNumber/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupUserAccount/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DialupUserPassword/type create mode 100644 root/etc/e-smith/db/configuration/defaults/DomainName/type create mode 100644 root/etc/e-smith/db/configuration/defaults/EmailUnknownUser/type create mode 100644 root/etc/e-smith/db/configuration/defaults/EthernetDriver1/type create mode 100644 root/etc/e-smith/db/configuration/defaults/EthernetDriver2/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ExternalDHCP/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ExternalInterface/Configuration create mode 100644 root/etc/e-smith/db/configuration/defaults/ExternalInterface/Name create mode 100644 root/etc/e-smith/db/configuration/defaults/ExternalInterface/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ExternalNetmask/type create mode 100644 root/etc/e-smith/db/configuration/defaults/InternalInterface/NICBondingOptions create mode 100644 root/etc/e-smith/db/configuration/defaults/InternalInterface/Name create mode 100644 root/etc/e-smith/db/configuration/defaults/InternalInterface/Netmask create mode 100644 root/etc/e-smith/db/configuration/defaults/InternalInterface/type create mode 100644 root/etc/e-smith/db/configuration/defaults/LocalNetmask/type create mode 100644 root/etc/e-smith/db/configuration/defaults/MinUid/type create mode 100644 root/etc/e-smith/db/configuration/defaults/PasswordSet/type create mode 100644 root/etc/e-smith/db/configuration/defaults/SMTPSmartHost/type create mode 100644 root/etc/e-smith/db/configuration/defaults/SquidParent/type create mode 100644 root/etc/e-smith/db/configuration/defaults/SquidParentPort/type create mode 100644 root/etc/e-smith/db/configuration/defaults/StatusReports/type create mode 100644 root/etc/e-smith/db/configuration/defaults/SystemMode/type create mode 100644 root/etc/e-smith/db/configuration/defaults/SystemName/type create mode 100644 root/etc/e-smith/db/configuration/defaults/acpid/status create mode 100644 root/etc/e-smith/db/configuration/defaults/acpid/type create mode 100644 root/etc/e-smith/db/configuration/defaults/backupconsole/CompressionLevel create mode 100644 root/etc/e-smith/db/configuration/defaults/backupconsole/type create mode 100644 root/etc/e-smith/db/configuration/defaults/bootstrap-console/Restore create mode 100644 root/etc/e-smith/db/configuration/defaults/bootstrap-console/status create mode 100644 root/etc/e-smith/db/configuration/defaults/bootstrap-console/type create mode 100644 root/etc/e-smith/db/configuration/defaults/bootstrap-runlevel7/status create mode 100644 root/etc/e-smith/db/configuration/defaults/bootstrap-runlevel7/type create mode 100644 root/etc/e-smith/db/configuration/defaults/crond/status create mode 100644 root/etc/e-smith/db/configuration/defaults/crond/type create mode 100644 root/etc/e-smith/db/configuration/defaults/dhcpd/Bootp create mode 100644 root/etc/e-smith/db/configuration/defaults/dhcpd/status create mode 100644 root/etc/e-smith/db/configuration/defaults/dhcpd/type create mode 100644 root/etc/e-smith/db/configuration/defaults/ippp/status create mode 100644 root/etc/e-smith/db/configuration/defaults/ippp/type create mode 100644 root/etc/e-smith/db/configuration/defaults/irqbalance/status create mode 100644 root/etc/e-smith/db/configuration/defaults/irqbalance/type create mode 100644 root/etc/e-smith/db/configuration/defaults/isdn/Protocol create mode 100644 root/etc/e-smith/db/configuration/defaults/isdn/UserSyncPPP create mode 100644 root/etc/e-smith/db/configuration/defaults/isdn/status create mode 100644 root/etc/e-smith/db/configuration/defaults/isdn/type create mode 100644 root/etc/e-smith/db/configuration/defaults/local/status create mode 100644 root/etc/e-smith/db/configuration/defaults/local/type create mode 100644 root/etc/e-smith/db/configuration/defaults/maxAcctNameLength/type create mode 100644 root/etc/e-smith/db/configuration/defaults/maxGroupNameLength/type create mode 100644 root/etc/e-smith/db/configuration/defaults/modSSL/TCPPort create mode 100644 root/etc/e-smith/db/configuration/defaults/modSSL/access create mode 100644 root/etc/e-smith/db/configuration/defaults/modSSL/status create mode 100644 root/etc/e-smith/db/configuration/defaults/modSSL/type create mode 100644 root/etc/e-smith/db/configuration/defaults/network/status create mode 100644 root/etc/e-smith/db/configuration/defaults/network/type create mode 100644 root/etc/e-smith/db/configuration/defaults/pam_abl/status create mode 100644 root/etc/e-smith/db/configuration/defaults/pam_abl/type create mode 100644 root/etc/e-smith/db/configuration/defaults/pam_tally/status create mode 100644 root/etc/e-smith/db/configuration/defaults/pam_tally/type create mode 100644 root/etc/e-smith/db/configuration/defaults/passwordstrength/Admin create mode 100644 root/etc/e-smith/db/configuration/defaults/passwordstrength/Ibays create mode 100644 root/etc/e-smith/db/configuration/defaults/passwordstrength/Users create mode 100644 root/etc/e-smith/db/configuration/defaults/passwordstrength/type create mode 100644 root/etc/e-smith/db/configuration/defaults/pppoe/status create mode 100644 root/etc/e-smith/db/configuration/defaults/pppoe/type create mode 100644 root/etc/e-smith/db/configuration/defaults/raidmonitor/status create mode 100644 root/etc/e-smith/db/configuration/defaults/raidmonitor/type create mode 100644 root/etc/e-smith/db/configuration/defaults/rc-local/status create mode 100644 root/etc/e-smith/db/configuration/defaults/rc-local/type create mode 100644 root/etc/e-smith/db/configuration/defaults/rsyslog/LogAll2VT6 create mode 100644 root/etc/e-smith/db/configuration/defaults/rsyslog/status create mode 100644 root/etc/e-smith/db/configuration/defaults/rsyslog/type create mode 100644 root/etc/e-smith/db/configuration/defaults/serial-console/BaudRate create mode 100644 root/etc/e-smith/db/configuration/defaults/serial-console/Device create mode 100644 root/etc/e-smith/db/configuration/defaults/serial-console/status create mode 100644 root/etc/e-smith/db/configuration/defaults/serial-console/type create mode 100644 root/etc/e-smith/db/configuration/defaults/smartd/directive create mode 100644 root/etc/e-smith/db/configuration/defaults/smartd/email create mode 100644 root/etc/e-smith/db/configuration/defaults/smartd/status create mode 100644 root/etc/e-smith/db/configuration/defaults/smartd/type create mode 100644 root/etc/e-smith/db/configuration/defaults/sshd/UsePAM create mode 100644 root/etc/e-smith/db/configuration/defaults/sysconfig/PreviousSystemMode create mode 100644 root/etc/e-smith/db/configuration/defaults/sysconfig/Registration create mode 100644 root/etc/e-smith/db/configuration/defaults/sysconfig/type create mode 100644 root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault create mode 100644 root/etc/e-smith/db/configuration/defaults/vpn/access create mode 100644 root/etc/e-smith/db/configuration/defaults/vpn/sessions create mode 100644 root/etc/e-smith/db/configuration/defaults/vpn/status create mode 100644 root/etc/e-smith/db/configuration/defaults/vpn/type create mode 100644 root/etc/e-smith/db/configuration/defaults/wan/status create mode 100644 root/etc/e-smith/db/configuration/defaults/wan/type create mode 100644 root/etc/e-smith/db/configuration/force/.gitignore create mode 100644 root/etc/e-smith/db/configuration/migrate/05sysconfig create mode 100644 root/etc/e-smith/db/configuration/migrate/05syslog2rsyslog create mode 100644 root/etc/e-smith/db/configuration/migrate/10SetAccessDefaults create mode 100644 root/etc/e-smith/db/configuration/migrate/10SystemID create mode 100644 root/etc/e-smith/db/configuration/migrate/10SystemLocalNetwork create mode 100644 root/etc/e-smith/db/configuration/migrate/10SystemPrimaryDomain create mode 100644 root/etc/e-smith/db/configuration/migrate/10interfaces create mode 100644 root/etc/e-smith/db/configuration/migrate/10keytable create mode 100644 root/etc/e-smith/db/configuration/migrate/20DHCPClientIdentifier create mode 100644 root/etc/e-smith/db/configuration/migrate/20DHCPServer create mode 100644 root/etc/e-smith/db/configuration/migrate/20EthernetDriverUpdate create mode 100644 root/etc/e-smith/db/configuration/migrate/20NTPServer create mode 100644 root/etc/e-smith/db/configuration/migrate/20TelnetServerMode create mode 100644 root/etc/e-smith/db/configuration/migrate/20TimeZone create mode 100644 root/etc/e-smith/db/configuration/migrate/20interfaceMac create mode 100644 root/etc/e-smith/db/configuration/migrate/25NICBondingOptions create mode 100644 root/etc/e-smith/db/configuration/migrate/25NICBondingUpdate create mode 100644 root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate create mode 100644 root/etc/e-smith/db/configuration/migrate/50RemoveObsoleteServices create mode 100644 root/etc/e-smith/db/configuration/migrate/smartd create mode 100644 root/etc/e-smith/db/domains/defaults/.gitignore create mode 100644 root/etc/e-smith/db/domains/force/.gitignore create mode 100644 root/etc/e-smith/db/domains/migrate/00openRW create mode 100644 root/etc/e-smith/db/hosts/defaults/.gitignore create mode 100644 root/etc/e-smith/db/hosts/force/.gitignore create mode 100644 root/etc/e-smith/db/hosts/migrate/00openRW create mode 100644 root/etc/e-smith/db/networks/defaults/.gitignore create mode 100644 root/etc/e-smith/db/networks/force/.gitignore create mode 100644 root/etc/e-smith/db/networks/migrate/00openRW create mode 100755 root/etc/e-smith/events/actions/conf-modules create mode 100644 root/etc/e-smith/events/actions/conf-routes create mode 100755 root/etc/e-smith/events/actions/conf-startup create mode 100644 root/etc/e-smith/events/actions/copy-anaconda-logs create mode 100644 root/etc/e-smith/events/actions/count-active-user-accounts create mode 100644 root/etc/e-smith/events/actions/create-mnt-floppy create mode 100644 root/etc/e-smith/events/actions/fix-startup create mode 100755 root/etc/e-smith/events/actions/group-create-unix create mode 100755 root/etc/e-smith/events/actions/group-delete-unix create mode 100755 root/etc/e-smith/events/actions/group-modify-unix create mode 100755 root/etc/e-smith/events/actions/halt create mode 100755 root/etc/e-smith/events/actions/init-accounts create mode 100755 root/etc/e-smith/events/actions/init-passwords create mode 100644 root/etc/e-smith/events/actions/isdn-down-notify create mode 100644 root/etc/e-smith/events/actions/logrotate-migrate create mode 100644 root/etc/e-smith/events/actions/purge-old-logs create mode 100644 root/etc/e-smith/events/actions/raidmonitor-check create mode 100755 root/etc/e-smith/events/actions/reboot create mode 100644 root/etc/e-smith/events/actions/remove-templates-custom create mode 100755 root/etc/e-smith/events/actions/reset-unsavedflag create mode 100644 root/etc/e-smith/events/actions/rmmod-bonding create mode 100644 root/etc/e-smith/events/actions/rotate_logfiles create mode 100644 root/etc/e-smith/events/actions/set-external-ip create mode 100644 root/etc/e-smith/events/actions/set-gateway-ip create mode 100644 root/etc/e-smith/events/actions/set-hostname create mode 100644 root/etc/e-smith/events/actions/systemd-default create mode 100644 root/etc/e-smith/events/actions/systemd-isolate create mode 100644 root/etc/e-smith/events/actions/systemd-journald create mode 100644 root/etc/e-smith/events/actions/systemd-reload create mode 100644 root/etc/e-smith/events/actions/update-ifcfg create mode 100644 root/etc/e-smith/events/actions/update-passwd create mode 100755 root/etc/e-smith/events/actions/user-create-unix create mode 100755 root/etc/e-smith/events/actions/user-delete-groups-and-pseudonyms create mode 100755 root/etc/e-smith/events/actions/user-delete-unix create mode 100755 root/etc/e-smith/events/actions/user-group-modify create mode 100644 root/etc/e-smith/events/actions/user-lock-passwd create mode 100755 root/etc/e-smith/events/actions/user-modify-unix create mode 100644 root/etc/e-smith/events/actions/user-rsshd create mode 100644 root/etc/e-smith/events/local/.gitignore create mode 100644 root/etc/e-smith/events/user-modify-admin/.gitignore create mode 100644 root/etc/e-smith/licenses/.gitignore create mode 120000 root/etc/e-smith/locale/en create mode 120000 root/etc/e-smith/locale/en-au create mode 120000 root/etc/e-smith/locale/en-gb create mode 120000 root/etc/e-smith/locale/en-nz create mode 100755 root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/groups create mode 100755 root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/localnetworks create mode 100755 root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/reboot create mode 100755 root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess create mode 100755 root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/review create mode 100755 root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/useraccounts create mode 100644 root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/userpassword create mode 120000 root/etc/e-smith/locale/fr-ca create mode 120000 root/etc/e-smith/locale/fr-fr create mode 100644 root/etc/e-smith/pam/.gitignore create mode 100644 root/etc/e-smith/skel/e-smith/Maildir/cur/.gitignore create mode 100644 root/etc/e-smith/skel/e-smith/Maildir/new/.gitignore create mode 100644 root/etc/e-smith/skel/e-smith/Maildir/tmp/.gitignore create mode 100644 root/etc/e-smith/skel/e-smith/files/primary/cgi-bin/.gitignore create mode 100644 root/etc/e-smith/skel/e-smith/files/primary/files/.gitignore create mode 100644 root/etc/e-smith/skel/e-smith/files/primary/html/index.htm create mode 100644 root/etc/e-smith/skel/e-smith/files/users/admin/home/.gitignore create mode 100644 root/etc/e-smith/skel/user/.ssh/.gitignore create mode 100644 root/etc/e-smith/skel/user/Maildir/cur/.gitignore create mode 100644 root/etc/e-smith/skel/user/Maildir/new/.gitignore create mode 100644 root/etc/e-smith/skel/user/Maildir/tmp/.gitignore create mode 100644 root/etc/e-smith/skel/user/home/.gitignore create mode 100644 root/etc/e-smith/templates-custom/.gitignore create mode 100644 root/etc/e-smith/templates-user-custom/.gitignore create mode 100644 root/etc/e-smith/templates-user/.gitignore create mode 100644 root/etc/e-smith/templates.metadata/etc/cpu-system.conf create mode 100644 root/etc/e-smith/templates.metadata/etc/cpu.conf create mode 100644 root/etc/e-smith/templates.metadata/etc/dhcpd.conf create mode 100644 root/etc/e-smith/templates.metadata/etc/e-smith/pam/accounts.allow create mode 100644 root/etc/e-smith/templates.metadata/etc/e-smith/pam/accounts.deny create mode 100644 root/etc/e-smith/templates.metadata/etc/e-smith/pam/users.allow create mode 100644 root/etc/e-smith/templates.metadata/etc/fstab create mode 100644 root/etc/e-smith/templates.metadata/etc/pam.d/pwauth create mode 100644 root/etc/e-smith/templates.metadata/etc/pam_ldap.secret create mode 100644 root/etc/e-smith/templates.metadata/etc/ppp/chap-secrets create mode 100644 root/etc/e-smith/templates.metadata/etc/ppp/ip-down.local create mode 100644 root/etc/e-smith/templates.metadata/etc/ppp/ip-up.local create mode 100644 root/etc/e-smith/templates.metadata/etc/ppp/pap-secrets create mode 100644 root/etc/e-smith/templates.metadata/etc/securetty create mode 100644 root/etc/e-smith/templates.metadata/etc/sysconfig/i18n create mode 100644 root/etc/e-smith/templates.metadata/etc/sysconfig/network-scripts/ifcfg-bond0 create mode 100644 root/etc/e-smith/templates.metadata/home/e-smith/ssl.crt/crt create mode 100644 root/etc/e-smith/templates.metadata/home/e-smith/ssl.key/key create mode 100644 root/etc/e-smith/templates.metadata/home/e-smith/ssl.pem/pem create mode 100644 root/etc/e-smith/templates.metadata/var/lib/dhclient/dhclient-eth0.conf create mode 100644 root/etc/e-smith/templates.metadata/var/lib/dhclient/dhclient-eth1.conf create mode 100644 root/etc/e-smith/templates.metadata/var/service/wan/pppoe.pppd.conf create mode 100644 root/etc/e-smith/templates.metadata/var/service/wan/run.pppoe.conf create mode 100644 root/etc/e-smith/templates/etc/HOSTNAME/50hostname create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/00header create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/05ldap create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/10bindpw create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/15defaultObjectClass create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/20objectClass create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/25filter create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/30cnString create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/35skel create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/40shell create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/45homeDir create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/50uidGid create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/55passwdShadow create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/60hash create mode 100644 root/etc/e-smith/templates/etc/cpu.conf/65shadow create mode 100644 root/etc/e-smith/templates/etc/crontab/00setup create mode 100644 root/etc/e-smith/templates/etc/crontab/65_logrotate create mode 100644 root/etc/e-smith/templates/etc/dhcp/dhcpd.conf/10Base create mode 120000 root/etc/e-smith/templates/etc/dhcpc/dhcpcd.exe/template-begin create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/02setupRange create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/02setupWinsServer create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/10Authoritative create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/10DDNS-Update-Style create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/20BeginLocalSubnet create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25Broadcast create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25DenyBootp create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25DomainName create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25DomainNameServers create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25LeaseTimeDefault create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25LeaseTimeMax create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosDDServer create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosNameServers create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosNodeType create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25Netmask create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25Range create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/25Routers create mode 100644 root/etc/e-smith/templates/etc/dhcpd.conf/29EndLocalSubnet create mode 100644 root/etc/e-smith/templates/etc/diald.conf/accounting-log create mode 100644 root/etc/e-smith/templates/etc/diald.conf/connect create mode 100644 root/etc/e-smith/templates/etc/diald.conf/connect-timeout create mode 100644 root/etc/e-smith/templates/etc/diald.conf/device create mode 100644 root/etc/e-smith/templates/etc/diald.conf/dial-fail-limit create mode 100644 root/etc/e-smith/templates/etc/diald.conf/disconnect create mode 100644 root/etc/e-smith/templates/etc/diald.conf/fifo create mode 100644 root/etc/e-smith/templates/etc/diald.conf/filter create mode 100644 root/etc/e-smith/templates/etc/diald.conf/linkname create mode 100644 root/etc/e-smith/templates/etc/diald.conf/local create mode 100644 root/etc/e-smith/templates/etc/diald.conf/options create mode 100644 root/etc/e-smith/templates/etc/diald.conf/pppd-options create mode 100644 root/etc/e-smith/templates/etc/diald.conf/redial-backoff-limit create mode 100644 root/etc/e-smith/templates/etc/diald.conf/redial-backoff-start create mode 100644 root/etc/e-smith/templates/etc/diald.conf/redial-timeout create mode 100644 root/etc/e-smith/templates/etc/diald.conf/remote create mode 100644 root/etc/e-smith/templates/etc/diald.conf/retry-count create mode 100644 root/etc/e-smith/templates/etc/diald.conf/speed create mode 100644 root/etc/e-smith/templates/etc/diald.filter/20office create mode 100644 root/etc/e-smith/templates/etc/diald.filter/40outside create mode 100644 root/etc/e-smith/templates/etc/diald.filter/60weekend create mode 100644 root/etc/e-smith/templates/etc/diald/link/20isdn create mode 100644 root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/10admin create mode 100644 root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/20userAccounts create mode 100644 root/etc/e-smith/templates/etc/e-smith/pam/accounts.deny/10passwordRequired create mode 100644 root/etc/e-smith/templates/etc/e-smith/pam/accounts.deny/20standardAccounts create mode 100644 root/etc/e-smith/templates/etc/e-smith/pam/users.allow/10admin create mode 100644 root/etc/e-smith/templates/etc/e-smith/pam/users.allow/20userAccounts create mode 100644 root/etc/e-smith/templates/etc/e-smith/web/common/foot.tmpl/template-begin create mode 100644 root/etc/e-smith/templates/etc/e-smith/web/common/head.tmpl/template-begin create mode 100644 root/etc/e-smith/templates/etc/elinks.conf/10homepage create mode 100644 root/etc/e-smith/templates/etc/elinks.conf/10insert_mode create mode 100644 root/etc/e-smith/templates/etc/elinks.conf/10no_utf8 create mode 100644 root/etc/e-smith/templates/etc/elinks.conf/10obey_cache_control create mode 100644 root/etc/e-smith/templates/etc/elinks.conf/10post_confirm create mode 100644 root/etc/e-smith/templates/etc/fstab/50UndoDisableTmpfs create mode 100644 root/etc/e-smith/templates/etc/fstab/99writefile create mode 100644 root/etc/e-smith/templates/etc/fstab/template-begin create mode 100644 root/etc/e-smith/templates/etc/ftpusers/00README create mode 100644 root/etc/e-smith/templates/etc/hosts.allow/identd create mode 100644 root/etc/e-smith/templates/etc/hosts.deny/00startup create mode 100644 root/etc/e-smith/templates/etc/hosts/10localhost create mode 100644 root/etc/e-smith/templates/etc/hosts/20hostname create mode 100644 root/etc/e-smith/templates/etc/inittab/10defaultlevel create mode 100644 root/etc/e-smith/templates/etc/logrotate.conf/05rotate create mode 100644 root/etc/e-smith/templates/etc/logrotate.conf/10keep create mode 100644 root/etc/e-smith/templates/etc/logrotate.conf/11notifempty create mode 100644 root/etc/e-smith/templates/etc/logrotate.conf/20empty create mode 100644 root/etc/e-smith/templates/etc/logrotate.conf/30extension create mode 100644 root/etc/e-smith/templates/etc/logrotate.conf/35compress create mode 100644 root/etc/e-smith/templates/etc/logrotate.conf/37rpms create mode 100644 root/etc/e-smith/templates/etc/logrotate.conf/40included create mode 100644 root/etc/e-smith/templates/etc/lynx.cfg/10preferredLanguage create mode 100644 root/etc/e-smith/templates/etc/lynx.cfg/20helpfile create mode 100644 root/etc/e-smith/templates/etc/lynx.cfg/30index create mode 100644 root/etc/e-smith/templates/etc/lynx.cfg/40startfile create mode 100644 root/etc/e-smith/templates/etc/lynx.cfg/50forcessl create mode 100644 root/etc/e-smith/templates/etc/mime.types/10sample-types create mode 100644 root/etc/e-smith/templates/etc/modprobe.d/bonding.conf/10bonding create mode 100644 root/etc/e-smith/templates/etc/nsswitch.conf/10files create mode 100644 root/etc/e-smith/templates/etc/openssl.conf/05config create mode 100644 root/etc/e-smith/templates/etc/openssl.conf/40req create mode 100644 root/etc/e-smith/templates/etc/openssl.conf/45req_distinguished_name create mode 100644 root/etc/e-smith/templates/etc/openssl.conf/47req_attributes create mode 100644 root/etc/e-smith/templates/etc/openssl.conf/50v3_req create mode 100644 root/etc/e-smith/templates/etc/openssl.conf/60v3_ca create mode 120000 root/etc/e-smith/templates/etc/pam.d/imap/template-begin create mode 100644 root/etc/e-smith/templates/etc/pam.d/login/20auth create mode 100644 root/etc/e-smith/templates/etc/pam.d/login/30account create mode 100644 root/etc/e-smith/templates/etc/pam.d/login/40password create mode 100644 root/etc/e-smith/templates/etc/pam.d/login/50session create mode 120000 root/etc/e-smith/templates/etc/pam.d/login/template-begin create mode 100644 root/etc/e-smith/templates/etc/pam.d/passwd/10auth create mode 100644 root/etc/e-smith/templates/etc/pam.d/passwd/20account create mode 100644 root/etc/e-smith/templates/etc/pam.d/passwd/40password create mode 120000 root/etc/e-smith/templates/etc/pam.d/passwd/template-begin create mode 100644 root/etc/e-smith/templates/etc/pam.d/pop/00README create mode 100644 root/etc/e-smith/templates/etc/pam.d/pwauth/20auth create mode 100644 root/etc/e-smith/templates/etc/pam.d/pwauth/30account create mode 120000 root/etc/e-smith/templates/etc/pam.d/pwauth/template-begin create mode 100644 root/etc/e-smith/templates/etc/pam.d/system-auth/20auth create mode 100644 root/etc/e-smith/templates/etc/pam.d/system-auth/30account create mode 100644 root/etc/e-smith/templates/etc/pam.d/system-auth/40password create mode 100644 root/etc/e-smith/templates/etc/pam.d/system-auth/50session create mode 120000 root/etc/e-smith/templates/etc/pam.d/system-auth/template-begin create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/10ssl create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/20pam_password create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/30host create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/40base create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_group create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_passwd create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_shadow create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/45rootbinddn create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/55bind_policy create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.conf/60ignore_initgroups create mode 100644 root/etc/e-smith/templates/etc/pam_ldap.secret/all create mode 100644 root/etc/e-smith/templates/etc/ppp/chap-secrets/05dialup-password create mode 100644 root/etc/e-smith/templates/etc/ppp/chap-secrets/05pppoe-password create mode 100644 root/etc/e-smith/templates/etc/ppp/ioptions/00device create mode 100644 root/etc/e-smith/templates/etc/ppp/ip-down.local/signal-event create mode 100644 root/etc/e-smith/templates/etc/ppp/ip-up.local/10setup create mode 100644 root/etc/e-smith/templates/etc/ppp/ip-up.local/15umask create mode 100644 root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam00startcase create mode 100644 root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam90other create mode 100644 root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam99endcase create mode 100644 root/etc/e-smith/templates/etc/ppp/options/lcp-echo-options create mode 100644 root/etc/e-smith/templates/etc/ppp/pap-secrets/05dialup-password create mode 100644 root/etc/e-smith/templates/etc/ppp/pap-secrets/05pppoe-password create mode 100644 root/etc/e-smith/templates/etc/resolv.conf/10domain create mode 100644 root/etc/e-smith/templates/etc/resolv.conf/30timeout create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/00filenames create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/10modules create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/11imjournal create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/20rateLimit create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/30global create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/32dhcpd create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/32systemd create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/40console create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/50info create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/55authpriv create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/60mail create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/65cron create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/70emerg create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/75news create mode 100644 root/etc/e-smith/templates/etc/rsyslog.conf/80local7 create mode 100644 root/etc/e-smith/templates/etc/securetty/serial-console create mode 100644 root/etc/e-smith/templates/etc/securetty/template-begin create mode 100644 root/etc/e-smith/templates/etc/securetty/xenU-console create mode 100644 root/etc/e-smith/templates/etc/security/pam_abl.conf/05debug create mode 100644 root/etc/e-smith/templates/etc/security/pam_abl.conf/10host_db create mode 100644 root/etc/e-smith/templates/etc/security/pam_abl.conf/15host_purge create mode 100644 root/etc/e-smith/templates/etc/security/pam_abl.conf/20host_rule create mode 100644 root/etc/e-smith/templates/etc/security/pam_abl.conf/30user_db create mode 100644 root/etc/e-smith/templates/etc/security/pam_abl.conf/35user_purge create mode 100644 root/etc/e-smith/templates/etc/security/pam_abl.conf/40user_rules create mode 100644 root/etc/e-smith/templates/etc/selinux/config/DISABLED create mode 100644 root/etc/e-smith/templates/etc/services/10standard create mode 100644 root/etc/e-smith/templates/etc/services/20wwwproxy create mode 100644 root/etc/e-smith/templates/etc/shells/bash create mode 100644 root/etc/e-smith/templates/etc/shells/bash2 create mode 100644 root/etc/e-smith/templates/etc/shells/console create mode 100644 root/etc/e-smith/templates/etc/shells/csh create mode 100644 root/etc/e-smith/templates/etc/shells/false create mode 100644 root/etc/e-smith/templates/etc/shells/rssh create mode 100644 root/etc/e-smith/templates/etc/shells/sh create mode 100644 root/etc/e-smith/templates/etc/shells/template-begin create mode 100644 root/etc/e-smith/templates/etc/smartmontools/smartd.conf/10conf create mode 100644 root/etc/e-smith/templates/etc/smbpasswd/template-begin create mode 100644 root/etc/e-smith/templates/etc/sysconfig/i18n/LANG create mode 100644 root/etc/e-smith/templates/etc/sysconfig/i18n/SUPPORTED create mode 100644 root/etc/e-smith/templates/etc/sysconfig/i18n/SYSFONT create mode 100644 root/etc/e-smith/templates/etc/sysconfig/i18n/SYSFONTACM create mode 100644 root/etc/e-smith/templates/etc/sysconfig/i18n/template-begin create mode 100644 root/etc/e-smith/templates/etc/sysconfig/i18n/template-end create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/10aborts create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/15reports create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/20reset create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/25init create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/30dialup create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/40connect create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/00setup create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/05TYPE create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10DEVICE create mode 100644 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10ETHTOOL create mode 100644 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10MTU create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/20USERCTL create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/30ONBOOT create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/40PEERDNS create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/60IPV6 create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/70bonding create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/90otherparams create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ppp0/00default create mode 100644 root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ppp0/10ETHTOOL create mode 100644 root/etc/e-smith/templates/etc/sysconfig/network-scripts/route-ethX/08Gateway create mode 100755 root/etc/e-smith/templates/etc/sysconfig/network-scripts/route-ethX/10localroutes create mode 100644 root/etc/e-smith/templates/etc/sysconfig/network/10NETWORKING create mode 100644 root/etc/e-smith/templates/etc/sysconfig/network/20FORWARD_IPV4 create mode 100644 root/etc/e-smith/templates/etc/sysconfig/network/30HOSTNAME create mode 100644 root/etc/e-smith/templates/etc/sysconfig/network/60NOZEROCONF create mode 100644 root/etc/e-smith/templates/etc/sysconfig/rsyslog/10rsyslogOptions create mode 100644 root/etc/e-smith/templates/etc/sysctl.conf/kernel.sysrq create mode 100644 root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.conf.all.rp_filter create mode 100644 root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.conf.default.rp_filter create mode 100644 root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.ip_dynaddr create mode 100644 root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.ip_forward create mode 100644 root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.tcp_keepalive_time create mode 100644 root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.tcp_syncookies create mode 100644 root/etc/e-smith/templates/etc/sysctl.conf/net.ipv6 create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/01header create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/05journal create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/08dest create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/09Compress create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/10Seal create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/11SplitMode create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/20Rates create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/30System create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/40Forward create mode 100644 root/etc/e-smith/templates/etc/systemd/journald.conf/50MaxLevel create mode 100644 root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/05config create mode 100644 root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/20services create mode 100644 root/etc/e-smith/templates/etc/updatedb.conf/01conf create mode 100644 root/etc/e-smith/templates/etc/updatedb.conf/10conf create mode 100644 root/etc/e-smith/templates/home/e-smith/ssl.crt create mode 100644 root/etc/e-smith/templates/home/e-smith/ssl.key create mode 100644 root/etc/e-smith/templates/home/e-smith/ssl.pem/10openssl create mode 100644 root/etc/e-smith/templates/home/e-smith/ssl.pem/20key create mode 100644 root/etc/e-smith/templates/home/e-smith/ssl.pem/40crt create mode 100644 root/etc/e-smith/templates/home/e-smith/ssl.pem/60pem create mode 100644 root/etc/e-smith/templates/usr/lib/e-smith-mdevent/mdEvent.tmpl create mode 100644 root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/20unit create mode 100644 root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/40service create mode 100644 root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/80install create mode 100644 root/etc/e-smith/templates/usr/lib/systemd/system/sme-server.target.d/50koozali.conf/20services create mode 100644 root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/00interface create mode 100644 root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/50hostname create mode 100644 root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/template-end create mode 100644 root/etc/e-smith/templates/var/service/ippp/config/LocalIP create mode 100644 root/etc/e-smith/templates/var/service/ippp/config/ppp_options create mode 100644 root/etc/e-smith/templates/var/service/wan/dhclient.config/device create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/comp create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/debug create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/default-asyncmap create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/defaultroute create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/hide-password create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/ipcp-accept create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/ipparam create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/lcp-echo create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/linkname create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/mru create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/mtu create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/noauth create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/nodetach create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/noipdefault create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/pty create mode 100644 root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/username create mode 100644 root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/device create mode 100644 root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/mlimit create mode 100644 root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/timeout create mode 100644 root/etc/e-smith/tests/10e-smith-base/00sanity-accounts.t create mode 100644 root/etc/e-smith/tests/10e-smith-base/10manager.t create mode 100644 root/etc/e-smith/tests/10e-smith-base/20interfaces.t create mode 100644 root/etc/e-smith/tests/10e-smith-base/accounts.conf create mode 100644 root/etc/e-smith/tests/10e-smith-base/configuration.conf create mode 100644 root/etc/e-smith/tests/10e-smith-base/domains.conf create mode 100644 root/etc/e-smith/tests/10e-smith-base/networks.conf create mode 100644 root/etc/e-smith/tests/10e-smith-base/system_configuration create mode 100644 root/etc/e-smith/tests/10e-smith-base/system_configuration.previous create mode 100755 root/etc/e-smith/web/common/banner-shim.gif create mode 100644 root/etc/e-smith/web/common/stop.jpg create mode 100755 root/etc/e-smith/web/functions/groups create mode 100755 root/etc/e-smith/web/functions/localnetworks create mode 100644 root/etc/e-smith/web/functions/online-manual create mode 100755 root/etc/e-smith/web/functions/reboot create mode 100755 root/etc/e-smith/web/functions/remoteaccess create mode 100755 root/etc/e-smith/web/functions/review create mode 100755 root/etc/e-smith/web/functions/useraccounts create mode 100644 root/etc/e-smith/web/functions/userpassword create mode 100644 root/etc/logrotate.d/dhcpd create mode 100644 root/etc/logrotate.d/diald create mode 100644 root/etc/logrotate.d/systemd create mode 100755 root/etc/profile.d/e-smith.sh create mode 100644 root/etc/rc.d/init.d/e-smith-service create mode 100644 root/etc/rc.d/rc7.d/.gitignore create mode 120000 root/etc/rc7.d create mode 100644 root/etc/sysconfig/modules/dummy.modules create mode 100644 root/etc/systemd/system-preset/.gitignore create mode 100644 root/etc/tcprules/.gitignore create mode 100644 root/home/e-smith/Maildir/cur/.gitignore create mode 100644 root/home/e-smith/Maildir/new/.gitignore create mode 100644 root/home/e-smith/Maildir/tmp/.gitignore create mode 100644 root/home/e-smith/db/.gitignore create mode 100644 root/home/e-smith/files/server-resources/.gitignore create mode 100644 root/home/e-smith/files/users/admin/home/.gitignore create mode 100644 root/home/e-smith/ssl.crt/.gitignore create mode 100644 root/home/e-smith/ssl.key/.gitignore create mode 100644 root/home/e-smith/ssl.pem/.gitignore create mode 100644 root/root/.ssh/.gitignore create mode 100644 root/sbin/e-smith/add_drive_to_raid create mode 100644 root/sbin/e-smith/bootstrap-console create mode 100644 root/sbin/e-smith/bootstrap-runlevel7 create mode 100755 root/sbin/e-smith/console-menu-items/configure.pl create mode 100644 root/sbin/e-smith/console-menu-items/manageRAID.pl create mode 100755 root/sbin/e-smith/console-menu-items/reboot.pl create mode 100755 root/sbin/e-smith/console-menu-items/serverManager.pl create mode 100755 root/sbin/e-smith/console-menu-items/status.pl create mode 100644 root/sbin/e-smith/console.pl create mode 100644 root/sbin/e-smith/generate-subjectaltnames create mode 100644 root/sbin/e-smith/mdevent create mode 100755 root/sbin/e-smith/service create mode 100644 root/sbin/e-smith/service-status create mode 100644 root/sbin/e-smith/systemctl create mode 100644 root/sbin/e-smith/systemd/mdmonitor-pre create mode 100644 root/sbin/e-smith/systemd/rsyslog-pre create mode 120000 root/service/ippp create mode 120000 root/service/wan create mode 100644 root/usr/lib/systemd/system-preset/50-koozali.preset create mode 100644 root/usr/lib/systemd/system/acpid.service.d/51koozali.conf create mode 100644 root/usr/lib/systemd/system/basic.target.wants/.gitignore create mode 100644 root/usr/lib/systemd/system/bootstrap-console.service create mode 100644 root/usr/lib/systemd/system/bootstrap-fix.service create mode 100644 root/usr/lib/systemd/system/bootstrap-runlevel7.service create mode 100644 root/usr/lib/systemd/system/crond.service.d/51koozali.conf create mode 100644 root/usr/lib/systemd/system/dhcpd.service.d/.gitignore create mode 100644 root/usr/lib/systemd/system/irqbalance.service.d/51koozali.conf create mode 100644 root/usr/lib/systemd/system/local.service create mode 100644 root/usr/lib/systemd/system/mdmonitor.service.d/50koozali.conf create mode 100644 root/usr/lib/systemd/system/networking.service create mode 100644 root/usr/lib/systemd/system/rsyslog.service.d/51koozali.conf create mode 100644 root/usr/lib/systemd/system/smartd.service.d/51koozali.conf create mode 100644 root/usr/lib/systemd/system/sme-server.target create mode 100644 root/usr/lib/systemd/system/sme-server.target.d/.gitignore create mode 100644 root/usr/lib/systemd/system/wan.service create mode 100644 root/usr/share/hal/fdi/95userpolicy/usb-rev35-drive.fdi create mode 100644 root/usr/share/hal/fdi/95userpolicy/usb-rev70-drive.fdi create mode 100644 root/usr/share/locale/en_US/LC_MESSAGES/.gitignore create mode 100644 root/usr/share/perl5/vendor_perl/esmith/ConfigDB/unsaved.pm create mode 100755 root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/groups.pm create mode 100755 root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/localnetworks.pm create mode 100755 root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/reboot.pm create mode 100755 root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm create mode 100755 root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/review.pm create mode 100755 root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm create mode 100644 root/usr/share/perl5/vendor_perl/esmith/console/configure.pm create mode 100644 root/usr/share/perl5/vendor_perl/esmith/console/quitConsole.pm create mode 100644 root/usr/share/perl5/vendor_perl/esmith/console/save_config.pm create mode 100644 root/usr/share/perl5/vendor_perl/esmith/console/startup.pm create mode 100644 root/usr/share/perl5/vendor_perl/esmith/console/system_password.pm create mode 100644 root/usr/share/perl5/vendor_perl/esmith/ssl.pm create mode 100644 root/var/log/dhcpd/.gitignore create mode 100644 root/var/log/ippp/.gitignore create mode 100644 root/var/log/raidmonitor/.gitignore create mode 100644 root/var/log/wan/.gitignore create mode 100644 root/var/service/ippp/down create mode 100644 root/var/service/ippp/log/run create mode 100644 root/var/service/ippp/log/supervise/.gitignore create mode 100644 root/var/service/ippp/run create mode 100644 root/var/service/ippp/supervise/.gitignore create mode 100644 root/var/service/wan/down create mode 100644 root/var/service/wan/log/run create mode 100644 root/var/service/wan/log/supervise/.gitignore create mode 100644 root/var/service/wan/run create mode 100644 root/var/service/wan/run.dhclient create mode 100644 root/var/service/wan/run.dialup create mode 100644 root/var/service/wan/run.disabled create mode 100644 root/var/service/wan/run.pppoe create mode 100644 root/var/service/wan/run.static create mode 100644 root/var/service/wan/supervise/.gitignore create mode 100644 root/var/state/e-smith/.gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e594810 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +*.rpm +*.log +*spec-20* +*.tar.xz diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..ce88370 --- /dev/null +++ b/Makefile @@ -0,0 +1,21 @@ +# Makefile for source rpm: e-smith-base +# $Id: Makefile,v 1.1 2016/02/04 23:18:11 vip-ire Exp $ +NAME := e-smith-base +SPECFILE = $(firstword $(wildcard *.spec)) + +define find-makefile-common +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +endef + +MAKEFILE_COMMON := $(shell $(find-makefile-common)) + +ifeq ($(MAKEFILE_COMMON),) +# attept a checkout +define checkout-makefile-common +test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 +endef + +MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) +endif + +include $(MAKEFILE_COMMON) diff --git a/README.md b/README.md index 44c8559..649d1ff 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,17 @@ -# e-smith-base +# e-smith-base -SMEServer Koozali developed git repo for e-smith-base smeserver \ No newline at end of file +SMEServer Koozali developed git repo for e-smith-base smeserver + +## Wiki +
https://wiki.koozali.org/ + +## Bugzilla +Show list of outstanding bugs: [here](https://bugs.koozali.org/buglist.cgi?component=e-smith-base&product=SME%20Server%2010.X&query_format=advanced&limit=0&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=CONFIRMED) + +## Description + +
*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.* +*Once it has been checked, then this comment will be deleted* +
+ +E-smith-base is a powerful software suite designed to improve the security and performance of web servers. It includes a full suite of web server applications, such as Apache, MySQL, and PHP, as well as many other tools and features. E-smith-base also includes a wide range of security features, such as an intrusion detection system, malware scanning, and a secure shell. Additionally, it is highly customizable and can be used to create and manage multiple websites on one server. E-smith-base is an ideal choice for organizations looking to improve their web server performance and security. diff --git a/additional/COPYING b/additional/COPYING new file mode 100644 index 0000000..eeb586b --- /dev/null +++ b/additional/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) 19yy + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/additional/CVS/Entries b/additional/CVS/Entries new file mode 100644 index 0000000..1784810 --- /dev/null +++ b/additional/CVS/Entries @@ -0,0 +1 @@ +D diff --git a/additional/CVS/Repository b/additional/CVS/Repository new file mode 100644 index 0000000..e52aec4 --- /dev/null +++ b/additional/CVS/Repository @@ -0,0 +1 @@ +rpms/e-smith-base/sme10/e-smith-base-5.8.0 diff --git a/additional/CVS/Root b/additional/CVS/Root new file mode 100644 index 0000000..a20ba0c --- /dev/null +++ b/additional/CVS/Root @@ -0,0 +1 @@ +:ext:jpp@shell.koozali.org:/cvs/smeserver diff --git a/additional/console_wrapper.c b/additional/console_wrapper.c new file mode 100644 index 0000000..b8e0595 --- /dev/null +++ b/additional/console_wrapper.c @@ -0,0 +1,8 @@ +#include +#define CONSOLE_PATH "/sbin/e-smith/console.pl" +int main(ac, av) +char **av; +{ + execv(CONSOLE_PATH, av); + return 0; +} diff --git a/additional/createlinks.orig b/additional/createlinks.orig new file mode 100755 index 0000000..4b9714d --- /dev/null +++ b/additional/createlinks.orig @@ -0,0 +1,672 @@ +#!/usr/bin/perl -w + +use esmith::Build::CreateLinks qw(:all); + +templates2events("/etc/sysconfig/i18n", qw(post-install post-upgrade e-smith-base-update)); + +templates2events("/etc/selinux/config", qw(post-install post-upgrade e-smith-base-update)); + +# give the correct configuration file of dhcpd.conf +templates2events("/etc/dhcp/dhcpd.conf", qw(bootstrap-console-save e-smith-base-update)); + +# ppp-conf-users + +foreach (qw(pap-secrets chap-secrets)) +{ + templates2events("/etc/ppp/$_", qw( + bootstrap-console-save + console-save + remoteaccess-update + e-smith-base-update)); +} + +foreach (qw( + /var/service/wan/pppoe.pppd.conf + /var/service/wan/run.pppoe.conf + /etc/ppp/ip-down.local + /etc/ppp/ip-up.local + )) +{ + templates2events("$_", qw( + console-save + bootstrap-console-save + e-smith-base-update + )); +} + +safe_symlink("daemontools", "root/etc/rc.d/init.d/wan"); +service_link_enhanced("wan", "S37", "7"); +service_link_enhanced("wan", "K90", "6"); +service_link_enhanced("wan", "K90", "0"); +service_link_enhanced("wan", "K90", "1"); + +# conf-dialup +foreach (qw( + /etc/sysconfig/network-scripts/ifcfg-ppp0 + /etc/sysconfig/network-scripts/chat-ppp0 + /etc/ppp/ip-up.local + /etc/ppp/ip-down.local + /etc/diald.conf + /etc/diald.filter + /etc/diald/link + /var/service/ippp/config + /etc/ppp/ioptions + )) +{ + templates2events($_, qw(console-save bootstrap-console-save e-smith-base-update)); +} + +# conf-networking + +foreach (qw( + /etc/sysconfig/network-scripts/ifcfg-bond0 + /etc/modprobe.d/bonding.conf + /etc/sysconfig/network + /etc/nsswitch.conf + /etc/HOSTNAME + /etc/hosts + /etc/resolv.conf + /etc/sysctl.conf + /var/service/wan/dhclient.config + )) +{ + templates2events($_, qw(console-save bootstrap-console-save e-smith-base-update)); +} +event_link("update-ifcfg", "console-save", "05"); +event_link("update-ifcfg", "bootstrap-console-save", "05"); + +# conf-other + +templates2events("/etc/crontab", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/mime.types", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/sysconfig/rsyslog", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/rsyslog.conf", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/updatedb.conf", qw( + bootstrap-console-save + e-smith-base-update +)); +templates2events("/etc/openssl.conf", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + domain-create + domain-delete + network-create + network-delete + ip-change + e-smith-base-update + )); + +# conf-routes +event_link("update-ifcfg", "network-create", "05"); +event_link("update-ifcfg", "network-delete", "05"); + +# conf-security + +templates2events("/etc/securetty", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +templates2events("/etc/services", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +templates2events("/etc/shells", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +templates2events("/etc/hosts.deny", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +templates2events("/etc/hosts.allow", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +foreach my $file (qw( + /etc/pam.d/login + /etc/pam.d/system-auth + /etc/pam.d/passwd + /etc/pam.d/pwauth + /etc/pam_ldap.conf + /etc/pam_ldap.secret + /etc/security/pam_abl.conf + )) +{ + templates2events($file, qw(console-save bootstrap-console-save e-smith-base-update)); +} + +foreach (qw( + /etc/cpu.conf + /etc/cpu-system.conf + )) +{ + templates2events("$_", qw( + post-upgrade + console-save + bootstrap-console-save + ldap-update + e-smith-base-update + )); +} + +# conf-userlists + +foreach (qw(users.allow accounts.allow accounts.deny)) +{ + templates2events("/etc/e-smith/pam/$_", qw( + bootstrap-console-save + ibay-create + ibay-delete + user-create + user-delete + password-modify + e-smith-base-update + )); +} + +# fstab-conf + +templates2events("/etc/fstab", qw(post-install post-upgrade e-smith-base-update)); + +# init-conf + +templates2events("/etc/inittab", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + remoteaccess-update + e-smith-base-update + )); + +# lynx-conf + +templates2events("/etc/lynx.cfg", qw(console-save bootstrap-console-save e-smith-base-update)); +templates2events("/etc/elinks.conf", qw(bootstrap-console-save e-smith-base-update)); + +# +# Set up generic logfile timestamp renaming/symlinking + +foreach (qw( + /var/log/messages + /var/log/boot.log + /var/log/secure + /var/log/cron + /var/log/spooler + /var/log/maillog + )) +{ + safe_touch "root/etc/e-smith/events/logrotate/logfiles2timestamp/$_"; + safe_touch "root/etc/e-smith/events/post-install/logfiles2timestamp/$_"; + safe_touch "root/etc/e-smith/events/post-upgrade/logfiles2timestamp/$_"; + safe_touch "root/etc/e-smith/events/e-smith-base-update/logfiles2timestamp/$_"; +} + +#-------------------------------------------------- +# functions for manager panel +#-------------------------------------------------- +my $panel = "manager"; + +panel_link("groups", $panel); +panel_link("localnetworks", $panel); +panel_link("online-manual", $panel); +panel_link("reboot", $panel); +panel_link("remoteaccess", $panel); +panel_link("review", $panel); +panel_link("useraccounts", $panel); + +#-------------------------------------------------- +# actions for e-smith-base-update event +#-------------------------------------------------- +my $event = "e-smith-base-update"; + + +templates2events("/etc/smartd.conf", $event); +templates2events("/home/e-smith/ssl.pem/pem", $event); +event_link("fix-startup", $event, "05"); +event_link("rotate_timestamped_logfiles", $event, "05"); +event_link("init-accounts", $event, "05"); +event_link("set-hostname", $event, "10"); +event_link("rmmod-bonding", $event, "10"); +event_link("conf-startup", $event, "10"); +event_link("user-lock-passwd", $event, "15"); +event_link("group-modify-unix", $event, "15"); +event_link("update-passwd", $event, "20"); +event_link("count-active-user-accounts", $event, "25"); +event_link("conf-modules", $event, "30"); +event_link("create-mnt-floppy", $event, "50"); +event_link("conf-routes", $event, "89"); +event_link("reset-unsavedflag", $event, "95") + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/wan"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/dhcpd"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/rsyslog"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/crond"); + +#-------------------------------------------------- +# actions for console-save event +#-------------------------------------------------- +my $event = "console-save"; + + +templates2events("/etc/smartd.conf", $event); +templates2events("/home/e-smith/ssl.pem/pem", $event); +event_link("set-hostname", $event, "10"); +event_link("conf-modules", $event, "30"); +event_link("conf-startup", $event, "60"); +event_link("reset-unsavedflag", $event, "95"); + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/wan"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/dhcpd"); + +#-------------------------------------------------- +# actions for bootstrap-console-save event +#-------------------------------------------------- +$event = "bootstrap-console-save"; + + +templates2events("/etc/smartd.conf", $event); +templates2events("/home/e-smith/ssl.pem/pem", $event); +event_link("rmmod-bonding", $event, "10"); +event_link("set-hostname", $event, "10"); +event_link("conf-modules", $event, "30"); +event_link("conf-startup", $event, "60"); +event_link("conf-routes", $event, "89"); +event_link("reset-unsavedflag", $event, "95"); + +#-------------------------------------------------- +# actions for bootstrap-ldap-save +#-------------------------------------------------- +$event = "bootstrap-ldap-save"; + +templates2events("/etc/nsswitch.conf", $event); +templates2events("/etc/pam.d/system-auth", $event); +event_link("user-lock-passwd", $event, "15"); +event_link("user-modify-unix", $event, "15"); + +#-------------------------------------------------- +# actions for group-create event +#-------------------------------------------------- + +$event = "group-create"; + +event_link("group-create-unix", $event, "04"); + +#-------------------------------------------------- +# actions for group-delete event +#-------------------------------------------------- + +$event = "group-delete"; + +event_link("group-delete-unix", $event, "15"); + +#-------------------------------------------------- +# actions for group-modify event +#-------------------------------------------------- + +$event = "group-modify"; + +event_link("group-modify-unix", $event, "15"); + +#-------------------------------------------------- +# actions for halt event +#-------------------------------------------------- + +$event = "halt"; + +event_link("halt", $event, "70"); + +#-------------------------------------------------- +# actions for ip-change event +#-------------------------------------------------- + +$event = "ip-change"; + +event_link("set-external-ip", $event, "03"); +event_link("update-dns", $event, "85"); + +#-------------------------------------------------- +# actions for network-create event +#-------------------------------------------------- + +$event = "network-create"; + +event_link("conf-routes", $event, "89"); + +#-------------------------------------------------- +# actions for network-delete event +#-------------------------------------------------- + +$event = "network-delete"; + +event_link("conf-routes", $event, "89"); + +#-------------------------------------------------- +# actions for post-install event +#-------------------------------------------------- + +$event = "post-install"; + +event_link("fix-startup", $event, "05"); +event_link("rotate_timestamped_logfiles", $event, "05"); +event_link("init-accounts", $event, "05"); +event_link("init-passwords", $event, "10"); +event_link("conf-startup", $event, "10"); +event_link("conf-modules", $event, "30"); +event_link("create-mnt-floppy", $event, "50"); + +#-------------------------------------------------- +# actions for post-upgrade event +#-------------------------------------------------- + +$event = "post-upgrade"; + +event_link("fix-startup", $event, "05"); +event_link("rotate_timestamped_logfiles", $event, "05"); +event_link("init-accounts", $event, "05"); +event_link("conf-startup", $event, "10"); +event_link("user-lock-passwd", $event, "15"); +event_link("group-modify-unix", $event, "15"); +event_link("update-passwd", $event, "20"); +event_link("count-active-user-accounts", $event, "25"); +event_link("conf-modules", $event, "30"); +event_link("create-mnt-floppy", $event, "50"); +event_link("copy-anaconda-logs", $event, "90"); + +#-------------------------------------------------- +# actions for reboot event +#-------------------------------------------------- + +$event = "reboot"; + +safe_symlink("stop", "root/etc/e-smith/events/$event/services2adjust/wan"); +event_link("reboot", $event, "99"); + +#-------------------------------------------------- +# actions for remoteaccess-update event +#-------------------------------------------------- + +$event = "remoteaccess-update"; + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/dhcpd"); + +#-------------------------------------------------- +# actions for user-create event +#-------------------------------------------------- + +$event = "user-create"; + +event_link("user-create-unix", $event, "04"); +event_link("count-active-user-accounts", $event, "25"); +event_link("user-group-modify", $event, "85"); + +#-------------------------------------------------- +# actions for user-delete event +#-------------------------------------------------- + +$event = "user-delete"; + +event_link("user-delete-groups-and-pseudonyms", $event, "02"); +event_link("user-delete-unix", $event, "15"); +event_link("initialize-default-databases", $event, "23"); +event_link("count-active-user-accounts", $event, "25"); + +#-------------------------------------------------- +# actions for user-modify event +#-------------------------------------------------- + +$event = "user-modify"; + +event_link("user-modify-unix", $event, "15"); +event_link("user-group-modify", $event, "85"); + +$event = "user-modify-admin"; + +event_link("user-modify-unix", $event, "15"); + +#-------------------------------------------------- +# actions for user-lock event +#-------------------------------------------------- + +$event = "user-lock"; + +event_link("user-lock-passwd", $event, "15"); +event_link("count-active-user-accounts", $event, "25"); + +#-------------------------------------------------- +# actions for password-modify event +#-------------------------------------------------- + +$event = "password-modify"; + +event_link("count-active-user-accounts", $event, "25"); + +#-------------------------------------------------- +# actions for timeserver-update event +#-------------------------------------------------- + +$event = "timeserver-update"; + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/crond"); + +#-------------------------------------------------- +# actions for ip-up event +#-------------------------------------------------- + +$event = "ip-up"; + +event_link("set-gateway-ip", $event, "55"); + +#-------------------------------------------------- +# actions for ip-down event +#-------------------------------------------------- + +$event = "ip-down"; + +event_link("isdn-down-notify", $event, "50"); + +#-------------------------------------------------- +# actions for logrotate event +#-------------------------------------------------- + +$event = "logrotate"; + +event_link("rotate_timestamped_logfiles", $event, "05"); +event_link("purge-old-logs", $event, "75"); + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/rsyslog"); + +#-------------------------------------------------- +# actions for local event +#-------------------------------------------------- + +$event = "local"; + +#-------------------------------------------------- +# actions for ldap-update event +#-------------------------------------------------- + +$event = "ldap-update"; + +templates2events("/home/e-smith/ssl.pem/pem", $event); + +#-------------------------------------------------- +# actions for ldap-update event +#-------------------------------------------------- + +$event = "ssl-update"; + +templates2events("/home/e-smith/ssl.pem/pem", $event); + + +#-------------------------------------------------- +# actions for email-update event: +# email parameters have been changed in the e-smith +# manager; update system security, rewrite email config +# files, configure other system files (crontab is the +# important one), and restart server +#-------------------------------------------------- +$event = "email-update"; + + +my %service2order = +( + # Start rsyslog up before network! + raidmonitor => "15", + network => "37", + dhcpd => "65", + 'local' => "99", +); + +foreach my $service (keys %service2order) +{ + service_link_enhanced($service, $service2order{$service}, 7); +} + +%service2order = +( + dhcpd => "K35", +); + +foreach my $service (keys %service2order) +{ + service_link_enhanced($service, $service2order{$service}, 0); + service_link_enhanced($service, $service2order{$service}, 6); + service_link_enhanced($service, $service2order{$service}, 1); +} + +# Set up links to daemontools. +safe_symlink("daemontools", "root/etc/rc.d/init.d/raidmonitor"); + +safe_symlink("run.dhclient", "root/var/service/wan/run.DHCPHostname"); +safe_symlink("run.dhclient", "root/var/service/wan/run.DHCPEthernetAddress"); + +# Local event +safe_symlink("../daemontools", "root/etc/rc.d/init.d/supervise/local"); +safe_symlink("/var/service/local" , 'root/service/local'); +safe_touch("root/var/service/local/down"); + +# no template headers for /etc/pam_ldap.secret +safe_touch("root/etc/e-smith/templates/etc/pam_ldap.secret/template-begin"); + + +system('mkdir -p root/usr/lib/systemd/system/multi-user.target.wants/'); + unlink "root/usr/lib/systemd/system/multi-user.target.wants/bootstrap-console.service"; +symlink("/usr/lib/systemd/system/bootstrap-console.service", + "root/usr/lib/systemd/system/multi-user.target.wants/bootstrap-console.service") + or die "Can't symlink to root/usr/lib/systemd/system/multi-user.target.wants/bootstrap-console.service: $!"; + +# languages links +foreach (qw(fr-be fr-lu fr-mc fr-ch)) +{ + safe_symlink("fr", "root/etc/e-smith/locale/$_"); +} +foreach (qw(en-bz en-ca en-ie en-in en-jm en-my en-ph en-sg en-tt en-za en-zw)) +{ + safe_symlink("en-us", "root/etc/e-smith/locale/$_"); +} +foreach (qw(es-ar es-bo es-cl es-co es-cr es-do es-ec es-es es-gt es-hn es-mx es-ni es-pa es-pe es-pr es-py es-sv es-us es-uy es-ve)) +{ + safe_symlink("es", "root/etc/e-smith/locale/$_"); +} +foreach (qw(de-at de-ch de-de de-li de-lu)) +{ + safe_symlink("de", "root/etc/e-smith/locale/$_"); +} +foreach (qw(it-ch it-it)) +{ + safe_symlink("it", "root/etc/e-smith/locale/$_"); +} +foreach (qw(ro-ro ro-md)) +{ + safe_symlink("ro", "root/etc/e-smith/locale/$_"); +} +foreach (qw(sv-fi sv-se)) +{ + safe_symlink("sv", "root/etc/e-smith/locale/$_"); +} +safe_symlink("zh-tw", "root/etc/e-smith/locale/zh-hk"); diff --git a/contriborbase b/contriborbase new file mode 100644 index 0000000..ef36a67 --- /dev/null +++ b/contriborbase @@ -0,0 +1 @@ +sme10 diff --git a/createlinks b/createlinks new file mode 100755 index 0000000..3321a78 --- /dev/null +++ b/createlinks @@ -0,0 +1,724 @@ +#!/usr/bin/perl -w + +use esmith::Build::CreateLinks qw(:all); + +templates2events("/etc/sysconfig/i18n", qw(post-install post-upgrade e-smith-base-update)); + +templates2events("/etc/selinux/config", qw(post-install post-upgrade e-smith-base-update)); + +templates2events("/etc/systemd/system-preset/49-koozali.preset", qw(post-install post-upgrade e-smith-base-update console-save bootstrap-console-save bootstrap-ldap-save)); + +# give the correct configuration file of dhcpd.conf +templates2events("/etc/dhcp/dhcpd.conf", qw(bootstrap-console-save e-smith-base-update)); + +# ppp-conf-users + +foreach (qw(pap-secrets chap-secrets)) +{ + templates2events("/etc/ppp/$_", qw( + bootstrap-console-save + console-save + remoteaccess-update + e-smith-base-update)); +} + +foreach (qw( + /var/service/wan/pppoe.pppd.conf + /var/service/wan/run.pppoe.conf + /etc/ppp/ip-down.local + /etc/ppp/ip-up.local + )) +{ + templates2events("$_", qw( + console-save + bootstrap-console-save + e-smith-base-update + )); +} + +# conf-dialup +foreach (qw( + /etc/sysconfig/network-scripts/ifcfg-ppp0 + /etc/sysconfig/network-scripts/chat-ppp0 + /etc/ppp/ip-up.local + /etc/ppp/ip-down.local + /etc/diald.conf + /etc/diald.filter + /etc/diald/link + /var/service/ippp/config + /etc/ppp/ioptions + )) +{ + templates2events($_, qw(console-save bootstrap-console-save e-smith-base-update)); +} + +# conf-networking + +foreach (qw( + /etc/sysconfig/network-scripts/ifcfg-bond0 + /etc/modprobe.d/bonding.conf + /etc/sysconfig/network + /etc/nsswitch.conf + /etc/HOSTNAME + /etc/hosts + /etc/resolv.conf + /etc/sysctl.conf + /var/service/wan/dhclient.config + )) +{ + templates2events($_, qw(console-save bootstrap-console-save e-smith-base-update)); +} +event_link("update-ifcfg", "console-save", "05"); +event_link("update-ifcfg", "bootstrap-console-save", "05"); + +# conf-other + +templates2events("/etc/crontab", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/mime.types", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/sysconfig/rsyslog", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/rsyslog.conf", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/logrotate.conf", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/systemd/journald.conf", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + email-update + logrotate + e-smith-base-update + )); +templates2events("/etc/updatedb.conf", qw( + bootstrap-console-save + e-smith-base-update +)); +templates2events("/etc/openssl.conf", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + domain-create + domain-delete + network-create + network-delete + ip-change + e-smith-base-update + )); + +# conf-routes +event_link("update-ifcfg", "network-create", "05"); +event_link("update-ifcfg", "network-delete", "05"); + +# conf-security + +templates2events("/etc/securetty", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +templates2events("/etc/services", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +templates2events("/etc/shells", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +templates2events("/etc/hosts.deny", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +templates2events("/etc/hosts.allow", qw( + console-save + bootstrap-console-save + ibay-create + ibay-delete + ibay-modify + ibay-modify-servers + network-create + network-delete + ip-change + email-update + remoteaccess-update + e-smith-base-update + )); +foreach my $file (qw( + /etc/pam.d/login + /etc/pam.d/system-auth + /etc/pam.d/passwd + /etc/pam.d/pwauth + /etc/pam_ldap.conf + /etc/pam_ldap.secret + /etc/security/pam_abl.conf + )) +{ + templates2events($file, qw(console-save bootstrap-console-save e-smith-base-update)); +} + +foreach (qw( + /etc/cpu.conf + /etc/cpu-system.conf + )) +{ + templates2events("$_", qw( + post-upgrade + console-save + bootstrap-console-save + ldap-update + e-smith-base-update + )); +} + +# conf-userlists + +foreach (qw(users.allow accounts.allow accounts.deny)) +{ + templates2events("/etc/e-smith/pam/$_", qw( + bootstrap-console-save + ibay-create + ibay-delete + user-create + user-delete + password-modify + e-smith-base-update + )); +} + +# fstab-conf + +templates2events("/etc/fstab", qw(post-install post-upgrade e-smith-base-update)); + +# init-conf + +templates2events("/etc/inittab", qw( + console-save + bootstrap-console-save + post-install + post-upgrade + remoteaccess-update + e-smith-base-update + )); + +# lynx-conf + +templates2events("/etc/lynx.cfg", qw(console-save bootstrap-console-save e-smith-base-update)); +templates2events("/etc/elinks.conf", qw(bootstrap-console-save e-smith-base-update)); + +#-------------------------------------------------- +# functions for manager panel +#-------------------------------------------------- +my $panel = "manager"; + +panel_link("groups", $panel); +panel_link("localnetworks", $panel); +panel_link("online-manual", $panel); +panel_link("reboot", $panel); +panel_link("remoteaccess", $panel); +panel_link("review", $panel); +panel_link("useraccounts", $panel); + +#-------------------------------------------------- +# actions for e-smith-base-update event +#-------------------------------------------------- +my $event = "e-smith-base-update"; + + +event_link("remove-templates-custom", $event, "02"); +templates2events("/etc/smartmontools/smartd.conf", $event); +templates2events("/home/e-smith/ssl.pem/pem", $event); +templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event); +event_link("systemd-journald", $event, "02"); +event_link("fix-startup", $event, "05"); +event_link("init-accounts", $event, "05"); +event_link("logrotate-migrate", $event, "06"); +event_link("rotate_logfiles", $event, "07"); +event_link("set-hostname", $event, "10"); +event_link("rmmod-bonding", $event, "10"); +event_link("conf-startup", $event, "10"); +event_link("user-lock-passwd", $event, "15"); +event_link("group-modify-unix", $event, "15"); +event_link("user-rsshd", $event, "16"); +event_link("update-passwd", $event, "20"); +event_link("count-active-user-accounts", $event, "25"); +event_link("conf-modules", $event, "30"); +event_link("create-mnt-floppy", $event, "50"); +event_link("ldap-update" , $event, "80"); +event_link("conf-routes", $event, "89"); +event_link("systemd-default", $event, "88"); +event_link("systemd-isolate", $event, "89"); +event_link("systemd-reload", $event, "89"); +event_link("raidmonitor-check", $event, "92"); + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/network"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/wan"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/dhcpd"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/rsyslog"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/crond"); + +#-------------------------------------------------- +# actions for console-save event +#-------------------------------------------------- +my $event = "console-save"; + +event_link("remove-templates-custom", $event, "02"); +templates2events("/etc/smartmontools/smartd.conf", $event); +templates2events("/home/e-smith/ssl.pem/pem", $event); +templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event); +event_link("set-hostname", $event, "10"); +event_link("user-rsshd", $event, "16"); +event_link("conf-modules", $event, "30"); +event_link("conf-startup", $event, "60"); +event_link("systemd-default", $event, "88"); +event_link("systemd-reload", $event, "89"); +event_link("raidmonitor-check", $event, "92"); +event_link("reset-unsavedflag", $event, "95"); + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/wan"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/dhcpd"); + +#-------------------------------------------------- +# actions for bootstrap-console-save event +#-------------------------------------------------- +$event = "bootstrap-console-save"; + +event_link("remove-templates-custom", $event, "02"); +templates2events("/etc/smartmontools/smartd.conf", $event); +templates2events("/home/e-smith/ssl.pem/pem", $event); +templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event); +event_link("rmmod-bonding", $event, "10"); +event_link("set-hostname", $event, "10"); +event_link("conf-modules", $event, "30"); +event_link("conf-startup", $event, "60"); +event_link("systemd-default", $event, "88"); +event_link("conf-routes", $event, "89"); +event_link("systemd-reload", $event, "89"); +event_link("reset-unsavedflag", $event, "95"); + +#-------------------------------------------------- +# actions for bootstrap-ldap-save +#-------------------------------------------------- +$event = "bootstrap-ldap-save"; + +templates2events("/etc/nsswitch.conf", $event); +templates2events("/etc/pam.d/system-auth", $event); +event_link("user-lock-passwd", $event, "15"); +event_link("user-modify-unix", $event, "15"); +event_link("systemd-default", $event, "88"); +event_link("systemd-reload", $event, "89"); + +#-------------------------------------------------- +# actions for group-create event +#-------------------------------------------------- + +$event = "group-create"; + +event_link("group-create-unix", $event, "04"); + +#-------------------------------------------------- +# actions for group-delete event +#-------------------------------------------------- + +$event = "group-delete"; + +event_link("group-delete-unix", $event, "15"); + +#-------------------------------------------------- +# actions for group-modify event +#-------------------------------------------------- + +$event = "group-modify"; + +event_link("group-modify-unix", $event, "15"); + +#-------------------------------------------------- +# actions for halt event +#-------------------------------------------------- + +$event = "halt"; + +event_link("halt", $event, "70"); + +#-------------------------------------------------- +# actions for ip-change event +#-------------------------------------------------- + +$event = "ip-change"; + +event_link("set-external-ip", $event, "03"); +#event_link("update-dns", $event, "85"); + +#-------------------------------------------------- +# actions for network-create event +#-------------------------------------------------- + +$event = "network-create"; + +event_link("conf-routes", $event, "89"); + +#-------------------------------------------------- +# actions for network-delete event +#-------------------------------------------------- + +$event = "network-delete"; + +event_link("conf-routes", $event, "89"); + +#-------------------------------------------------- +# actions for post-install event +#-------------------------------------------------- + +$event = "post-install"; + +templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event); +event_link("systemd-journald", $event, "02"); +event_link("fix-startup", $event, "05"); +event_link("init-accounts", $event, "05"); +event_link("rotate_logfiles", $event, "07"); +event_link("init-passwords", $event, "10"); +event_link("conf-startup", $event, "10"); +event_link("user-rsshd", $event, "16"); +event_link("conf-modules", $event, "30"); +event_link("create-mnt-floppy", $event, "50"); +event_link("systemd-default", $event, "88"); +event_link("systemd-reload", $event, "89"); + +#-------------------------------------------------- +# actions for post-upgrade event +#-------------------------------------------------- + +$event = "post-upgrade"; + +event_link("remove-templates-custom", $event, "02"); +templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event); +event_link("systemd-journald", $event, "02"); +event_link("fix-startup", $event, "05"); +event_link("init-accounts", $event, "05"); +event_link("logrotate-migrate", $event, "06"); +event_link("rotate_logfiles", $event, "07"); +event_link("conf-startup", $event, "10"); +event_link("user-lock-passwd", $event, "15"); +event_link("group-modify-unix", $event, "15"); +event_link("user-rsshd", $event, "16"); +event_link("update-passwd", $event, "20"); +event_link("count-active-user-accounts", $event, "25"); +event_link("conf-modules", $event, "30"); +event_link("create-mnt-floppy", $event, "50"); +event_link("copy-anaconda-logs", $event, "90"); +event_link("systemd-default", $event, "88"); +event_link("systemd-reload", $event, "89"); +event_link("raidmonitor-check", $event, "92"); + +#-------------------------------------------------- +# actions for reboot event +#-------------------------------------------------- + +$event = "reboot"; + +safe_symlink("stop", "root/etc/e-smith/events/$event/services2adjust/wan"); +event_link("reboot", $event, "99"); + +#-------------------------------------------------- +# actions for remoteaccess-update event +#-------------------------------------------------- + +$event = "remoteaccess-update"; + +event_link("remove-templates-custom", $event, "02"); +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/dhcpd"); +event_link("systemd-default", $event, "88"); +event_link("systemd-reload", $event, "89"); + +#-------------------------------------------------- +# actions for user-create event +#-------------------------------------------------- + +$event = "user-create"; + +event_link("user-create-unix", $event, "04"); +event_link("user-rsshd", $event, "16"); +event_link("count-active-user-accounts", $event, "25"); +event_link("user-group-modify", $event, "85"); + +#-------------------------------------------------- +# actions for user-delete event +#-------------------------------------------------- + +$event = "user-delete"; + +event_link("user-delete-groups-and-pseudonyms", $event, "02"); +event_link("user-delete-unix", $event, "15"); +event_link("initialize-default-databases", $event, "23"); +event_link("count-active-user-accounts", $event, "25"); + +#-------------------------------------------------- +# actions for user-modify event +#-------------------------------------------------- + +$event = "user-modify"; + +event_link("user-modify-unix", $event, "15"); +event_link("user-rsshd", $event, "16"); +event_link("user-group-modify", $event, "85"); + +$event = "user-modify-admin"; + +event_link("user-modify-unix", $event, "15"); + +#-------------------------------------------------- +# actions for user-lock event +#-------------------------------------------------- + +$event = "user-lock"; + +event_link("user-lock-passwd", $event, "15"); +event_link("count-active-user-accounts", $event, "25"); + +#-------------------------------------------------- +# actions for password-modify event +#-------------------------------------------------- + +$event = "password-modify"; + +event_link("count-active-user-accounts", $event, "25"); + +#-------------------------------------------------- +# actions for timeserver-update event +#-------------------------------------------------- + +$event = "timeserver-update"; + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/crond"); + +#-------------------------------------------------- +# actions for ip-up event +#-------------------------------------------------- + +$event = "ip-up"; + +event_link("set-gateway-ip", $event, "55"); + +#-------------------------------------------------- +# actions for ip-down event +#-------------------------------------------------- + +$event = "ip-down"; + +event_link("isdn-down-notify", $event, "50"); + +#-------------------------------------------------- +# actions for logrotate event +#-------------------------------------------------- + +$event = "logrotate"; + +event_link("logrotate-migrate", $event, "06"); +event_link("rotate_logfiles", $event, "07"); +event_link("purge-old-logs", $event, "75"); + +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/rsyslog"); + +#-------------------------------------------------- +# actions for local event +#-------------------------------------------------- + +$event = "local"; +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/rc-local"); + +#-------------------------------------------------- +# actions for ldap-update event +#-------------------------------------------------- + +$event = "ldap-update"; + +templates2events("/home/e-smith/ssl.pem/pem", $event); + +#-------------------------------------------------- +# actions for ldap-update event +#-------------------------------------------------- + +$event = "ssl-update"; + +templates2events("/home/e-smith/ssl.pem/pem", $event); + + +#-------------------------------------------------- +# actions for email-update event: +# email parameters have been changed in the e-smith +# manager; update system security, rewrite email config +# files, configure other system files (crontab is the +# important one), and restart server +#-------------------------------------------------- +$event = "email-update"; +event_link("systemd-default", $event, "88"); +event_link("systemd-reload", $event, "89"); + +#-------------------------------------------------- +# actions for webapps-update event +#-------------------------------------------------- + +$event = "webapps-update"; +event_link("systemd-default", $event, "88"); +event_link("systemd-reload", $event, "89"); + + +# Set up links to daemontools. + +safe_symlink("run.dhclient", "root/var/service/wan/run.DHCPHostname"); +safe_symlink("run.dhclient", "root/var/service/wan/run.DHCPEthernetAddress"); + + +# no template headers for /etc/pam_ldap.secret +safe_touch("root/etc/e-smith/templates/etc/pam_ldap.secret/template-begin"); + + +foreach my $target (qw(multi-user sme-server)) +{ +system('mkdir -p root/usr/lib/systemd/system/'.$target.'.target.wants/'); + unlink "root/usr/lib/systemd/system/$target.target.wants/bootstrap-console.service"; + +foreach my $unit (qw( + dbus.service + getty.target + plymouth-quit.service + plymouth-quit-wait.service + systemd-ask-password-wall.path + systemd-logind.service + systemd-update-utmp-runlevel.service + systemd-user-sessions.service + networking.service + mdmonitor.service + )) + { + symlink("../$unit", + "root/usr/lib/systemd/system/$target.target.wants/$unit") + or die "Can't symlink to root/usr/lib/systemd/system/$target.target.wants/$unit: $!"; + } +} + +foreach my $target (qw(halt reboot shutdown)) +{ + $unit="bootstrap-fix.service"; + safe_symlink("../$unit", "root/usr/lib/systemd/system/$target.target.wants/$unit"); +} + +$unit="bootstrap-console.service"; +$target="basic"; +symlink("../$unit", + "root/usr/lib/systemd/system/$target.target.wants/$unit") + or die "Can't symlink to root/usr/lib/systemd/system/$target.target.wants/$unit: $!"; + +symlink("mdmonitor.service", + "root/usr/lib/systemd/system/raidmonitor.service"); + +# languages links +foreach (qw(fr-be fr-lu fr-mc fr-ch)) +{ + safe_symlink("fr", "root/etc/e-smith/locale/$_"); +} +foreach (qw(en-bz en-ca en-ie en-in en-jm en-my en-ph en-sg en-tt en-za en-zw)) +{ + safe_symlink("en-us", "root/etc/e-smith/locale/$_"); +} +foreach (qw(es-ar es-bo es-cl es-co es-cr es-do es-ec es-es es-gt es-hn es-mx es-ni es-pa es-pe es-pr es-py es-sv es-us es-uy es-ve)) +{ + safe_symlink("es", "root/etc/e-smith/locale/$_"); +} +foreach (qw(de-at de-ch de-de de-li de-lu)) +{ + safe_symlink("de", "root/etc/e-smith/locale/$_"); +} +foreach (qw(it-ch it-it)) +{ + safe_symlink("it", "root/etc/e-smith/locale/$_"); +} +foreach (qw(ro-ro ro-md)) +{ + safe_symlink("ro", "root/etc/e-smith/locale/$_"); +} +foreach (qw(sv-fi sv-se)) +{ + safe_symlink("sv", "root/etc/e-smith/locale/$_"); +} +safe_symlink("zh-tw", "root/etc/e-smith/locale/zh-hk"); + + +# sme-server.target.d links +safe_symlink("/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/05config", "root/etc/e-smith/templates/usr/lib/systemd/system/sme-server.target.d/50koozali.conf/05config"); diff --git a/e-smith-base.spec b/e-smith-base.spec new file mode 100644 index 0000000..bcddc0e --- /dev/null +++ b/e-smith-base.spec @@ -0,0 +1,2315 @@ +# $Id: e-smith-base.spec,v 1.153 2023/08/14 18:55:09 jpp Exp $ + +Summary: e-smith server and gateway - base module +%define name e-smith-base +Name: %{name} +%define version 5.8.1 +%define release 30 +Version: %{version} +Release: %{release}%{?dist} +License: GPL +Group: Networking/Daemons +Source: %{name}-%{version}.tar.xz +#keeping this one for SME11 +# Patch: e-smith-base-5.8.1-bz11772-ellipticcert.patch + +BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot +Requires: pwauth +Requires: e-smith-lib >= 2.2.0-2 +Requires: server-manager-images, server-manager +Requires: e-smith-formmagick >= 1.4.0-12 +Requires: initscripts >= 6.67-1es17 +Requires: e-smith-daemontools >= 1.7.1-04 +Requires: perl(Locale::gettext) +Requires: perl(Crypt::Cracklib) +Requires: perl(Date::Manip) +Requires: perl(Net::IPv4Addr) +Requires: perl(Digest::SHA1) +Requires: perl(Net::Netmask) +Requires: /usr/sbin/irqbalance +Requires: /usr/sbin/smartd +Requires: dbus +Requires: acpid +Requires: rssh +Requires: bridge-utils +Requires: vconfig +Requires: e-smith-bootloader +Requires: mdadm +Requires: pv +Requires: dhcp +Requires: diald +Requires: /usr/bin/passwd +Requires: nss-pam-ldapd +Requires: uuid-perl +Requires: kbd +Requires: bash-completion +Requires: bash-completion-extras +Requires: e-smith-runit >= 2.6.0-7 +Requires: smeserver-php >= 3.0.0-22 +Requires: smeserver-yum >= 2.6.0-43 +Obsoletes: nss_ldap < 254 +Requires: cpu >= 1.4.3 +Obsoletes: rlinetd, e-smith-mod_ssl +Obsoletes: e-smith-serial-console +Obsoletes: sshell +Obsoletes: e-smith-rp-pppoe +Obsoletes: e-smith-pptpd +Obsoletes: e-smith-dynamicdns-yi +Obsoletes: e-smith-dynamicdns-tzo +Obsoletes: e-smith-dynamicdns-dyndns.org +Obsoletes: e-smith-dynamicdns-dyndns +BuildRequires: perl, perl(Test::Inline) >= 0.12 +BuildRequires: e-smith-devtools >= 1.13.1-03 +BuildRequires: gettext +Requires: gdisk + +%define dbfiles accounts configuration domains hosts networks +AutoReqProv: no + +%description +e-smith server and gateway software - base module. + +%prep +%setup + +%build + +LEXICONS=$(find root/etc/e-smith/web/functions -type f| grep -v CVS) + +for lexicon in $LEXICONS +do + /sbin/e-smith/validate-lexicon $lexicon +done + +/sbin/e-smith/generate-lexicons + +xgettext -L perl -o root/usr/share/locale/en_US/LC_MESSAGES/server-console.po root/sbin/e-smith/console.pl + +perl createlinks +/sbin/e-smith/buildtests 10e-smith-base + +gcc -o root/sbin/e-smith/console console_wrapper.c + +# Force creation of potentially empty directories +mkdir -p root/etc/e-smith/web/panels/password/cgi-bin +ln -s ../../../functions/wrapper root/etc/e-smith/web/panels/password/cgi-bin/userpassword + +%install +rm -rf $RPM_BUILD_ROOT +mkdir -p $RPM_BUILD_ROOT/etc/selinux +(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) +/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ + --file /sbin/e-smith/systemd/mdmonitor-pre 'attr(0554,root,root)' \ + --file /sbin/e-smith/systemd/rsyslog-pre 'attr(0554,root,root)' \ + --file /etc/cron.daily/conf-mod_ssl 'attr(0544,root,root)' \ + --file /etc/dhcp/dhclient-exit-hooks 'attr(0755,root,root)' \ + --dir /var/log/dhcpd 'attr(2750,smelog,smelog)' \ + --dir /etc/e-smith/pam 'attr(0700,root,root)' \ + --dir /home/e-smith/ssl.key 'attr(0700,root,root)' \ + --dir /home/e-smith/ssl.crt 'attr(0700,root,root)' \ + --dir /home/e-smith/ssl.pem 'attr(0700,root,root)' \ + --dir /var/service/wan 'attr(1755,root,root)' \ + --file /var/service/wan/down 'attr(0644,root,root)' \ + --file /var/service/wan/run 'attr(0750,root,root)' \ + --file /var/service/wan/run.dhclient 'attr(0750,root,root)' \ + --file /var/service/wan/run.pppoe 'attr(0750,root,root)' \ + --file /var/service/wan/run.static 'attr(0750,root,root)' \ + --file /var/service/wan/run.dialup 'attr(0750,root,root)' \ + --file /var/service/wan/run.disabled 'attr(0750,root,root)' \ + --dir /var/service/wan/supervise 'attr(0700,root,root)' \ + --dir /var/service/wan/log 'attr(1755,root,root)' \ + --file /var/service/wan/log/run 'attr(0750,root,root)' \ + --dir /var/service/wan/log/supervise 'attr(0700,root,root)' \ + --dir /var/log/wan 'attr(2750,smelog,smelog)' \ + --dir /var/service/ippp 'attr(1755,root,root)' \ + --file /var/service/ippp/down 'attr(0644,root,root)' \ + --file /var/service/ippp/run 'attr(0750,root,root)' \ + --dir /var/service/ippp/supervise 'attr(0700,root,root)' \ + --dir /var/service/ippp/log 'attr(1755,root,root)' \ + --file /var/service/ippp/log/run 'attr(0750,root,root)' \ + --dir /var/service/ippp/log/supervise 'attr(0700,root,root)' \ + --dir /var/log/ippp 'attr(2750,smelog,smelog)' \ + --dir /etc/e-smith/skel/user/.ssh 'attr(0700,root,root)' \ + --file /etc/sysconfig/modules/dummy.modules 'attr(0755,root,root)' \ + --dir /etc/selinux 'attr(0755,root,root)' \ + | sed -e '/\/etc\/dhcp$/d' \ + > %{name}-%{version}-%{release}-filelist + +mkdir -p $RPM_BUILD_ROOT/home/e-smith/db +for file in %{dbfiles} +do + # Create ghost file for rpm + touch $RPM_BUILD_ROOT/home/e-smith/db/$file + echo "%config(noreplace) %attr(0640,root,admin) /home/e-smith/db/$file" \ + >> %{name}-%{version}-%{release}-filelist +done +echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist + +%clean +rm -rf $RPM_BUILD_ROOT + +%files -f %{name}-%{version}-%{release}-filelist +%defattr(-,root,root) + +%pre +/sbin/e-smith/create-system-user smelastsys 2999 \ + 'sme last system user marker' /tmp /bin/false + +%post +LEXICONS=$(find /etc/e-smith/locale/*/etc/e-smith/web/panels/password/cgi-bin/userpassword -type f 2>/dev/null) + +for lexicon in $LEXICONS +do + if [ -f $lexicon ] + then + cd $(dirname "$lexicon") + mv ./userpassword ../../../functions + fi +done + +if [ -d "/var/service/dhcpd" ]; then + rm -rf /var/service/dhcpd +fi +if [ -d "/var/service/raidmonitor" ]; then + rm -rf /var/service/raidmonitor +fi +if [ -d "/var/service/local" ]; then + rm -rf /var/service/local +fi + + +%changelog +* Thu Oct 26 2023 cvs2git.sh aka Brian Read 5.8.1-30.sme +- Roll up patches and move to git repo [SME: 12338] + +* Thu Oct 26 2023 BogusDateBot +- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday, + by assuming the date is correct and changing the weekday. + +* Mon Aug 14 2023 Jean-Philippe Pialasse 5.8.1-29.sme +- fix systemd loop during bootstrap console restore [SME: 12335] + +* Thu Feb 09 2023 Jean-Philippe Pialasse 5.8.1-28.sme +- option to expand the prunepaths variable for locate [SME: 11518] + +* Wed Feb 08 2023 Zsolt Vasarhelyi 5.8.1-27.sme +- Logging stops to messages - imjournal: too many open files [SME: 12304] + +* Mon Feb 06 2023 Jean-Philippe Pialasse 5.8.1-26.sme +- ldap not available at bootstrap [SME: 12178] + +* Sun Feb 05 2023 Jean-Philippe Pialasse 5.8.1-25.sme +- fix raidmonitor not starting [SME: 12182] + +* Thu Dec 29 2022 Brianb Read 5.8.1-24.sme +- DHCPD set DNSServers [SME: 12295] + +* Mon Dec 12 2022 Terry Fage 5.8.1-23.sme +- DHCP Not working since last updates [SME: 12257] + +* Sun Dec 04 2022 Jean-Philippe Pialasse 5.8.1-22.sme +- do not launch bootstrap-runlevel7 if no sysvinit service available [SME: 12253] + +* Thu Nov 24 2022 Jean-Philippe Pialasse 5.8.1-21.sme +- fix typo [SME: 12190] + +* Tue Nov 22 2022 Jean-Philippe Pialasse 5.8.1-20.sme +- expand dropin for dhcp unit [SME: 12183] +- add PartOf=networking.service to wan.service [SME: 12195] +- reduce imjournal rate-limiting [SME: 12175] + +* Tue Nov 22 2022 Jean-Philippe Pialasse 5.8.1-19.sme +- fix smartd not running because config path has changed [SME: 12190] +- do not check disk is in standby + +* Fri Sep 09 2022 Jean-Philippe Pialasse 5.8.1-18.sme +- fix comparison operator for logrotate fix [SME: 11950] + changing also restart to reload [SME: 12164] + +* Fri Jul 29 2022 Jean-Philippe Pialasse 5.8.1-17.sme +- no new self signed cert when adding/removing non self hosts [SME: 12130] + +* Sun Jun 19 2022 Jean-Philippe Pialasse 5.8.1-16.sme +- fix /dev/log not being recreated [SME: 12073] + +* Sun Apr 17 2022 Jean-Philippe Pialasse 5.8.1-15.sme +- add rsshusers group to ldap and update it [SME: 11956] + +* Sat Apr 16 2022 Jean-Philippe Pialasse 5.8.1-14.sme +- fix symlinks preventing log rotation [SME: 11950] + +* Sat Apr 16 2022 Jean-Philippe Pialasse 5.8.1-12.sme +- remove immark module to reduce messages log activity [SME: 11813] + +* Fri Apr 15 2022 Jean-Philippe Pialasse 5.8.1-11.sme +- fix logs not rotated before 100M (size maxsize) [SME: 10484] +- reduce systemd noise in messages [SME: 11813] + +* Mon Apr 04 2022 Jean-Philippe Pialasse 5.8.1-10.sme +- fix dhcp address not propagated [SME: 11930] + +* Thu Feb 17 2022 Jean-Philippe Pialasse 5.8.1-8.sme +- make rsyslog listen journald which listen /dev/log [SME: 11813] + template for /etc/systemd/journald.conf +- properly configure /etc/logrotate.conf [SME: 10484] + template for /etc/logrotate.conf + use of size to limit max size of file and rotate earlier +- drop e-smith logrotate actions creating dangling links [SME: 946] + +* Mon Dec 20 2021 Jean-Philippe Pialasse 5.8.1-6.sme +- make journald log permanent by creating /var/log/journal [SME: 11795] + +* Tue Nov 23 2021 Jean-Philippe Pialasse 5.8.1-4.sme +- allow group-modify-unix on update event [SME: 11766] + +* Mon Nov 15 2021 Jean-Philippe Pialasse 5.8.1-3.sme +- fix typo in last patch [SME: 11722] + +* Wed Oct 27 2021 Jean-Philippe Pialasse 5.8.1-2.sme +- add support for systemd service with instance service@instance.service [SME: 11722] + +* Sun Jun 06 2021 Jean-Philippe Pialasse 5.8.1-1.sme +- add local domains in self signed cert alt subjects [SME: 11624] + add local hosts in self signed cert alt subjects + modSSL property to disable hosts domains addition : AddDomains AddHosts + default is enabled when empty + +* Fri Jun 04 2021 Jean-Philippe Pialasse 5.8.0-99.sme +- fix missing export [SME: 11620] + +* Tue Jun 01 2021 Jean-Philippe Pialasse 5.8.0-97.sme +- fix issue with adding new user to the ldap db [SME: 11607] + +* Tue Jun 01 2021 Jean-Philippe Pialasse 5.8.0-96.sme +- always renew self signed certificate [SME: 11552] + update key / crt if not signed with the right key size + default to self signed if custom cert and key are not files or not rigth type + add perl module to help handle certificates and keys + TODO: check if both key and cert are related, if not default to self signed + +* Wed Apr 21 2021 Jean-Philippe Pialasse 5.8.0-95.sme +- fix openssl.conf not generated when openldap field are empty [SME: 11569] + +* Thu Apr 08 2021 Jean-Philippe Pialasse 5.8.0-94.sme +- fix missing path to systemctl for add-wants [SME: 11537] + +* Tue Mar 30 2021 Jean-Philippe Pialasse 5.8.0-93.sme +- merge dhcpdmanager custom template fragments with core [SME: 10657] +- remove templates-custom previously owned by a contrib [SME: 11508] + they got migrated as part as normal backup restore + +* Sun Mar 21 2021 Jean-Philippe Pialasse 5.8.0-92.sme +- fix masq failing on initial boot [SME: 11479] + +* Fri Mar 19 2021 Jean-Philippe Pialasse 5.8.0-91.sme +- removing weekly cron for ddns update, targeted script has been removed [SME: 11470] + +* Thu Mar 18 2021 Jean-Philippe Pialasse 5.8.0-90.sme +- revert e-smith-service file [SME: 9692] +- add systemctl wrapper [SME: 11345] + +* Tue Mar 16 2021 Jean-Philippe Pialasse 5.8.0-89.sme +- clean rsyslog syntax for dhcpd [SME: 11422] + +* Tue Mar 16 2021 Jean-Philippe Pialasse 5.8.0-88.sme +- cleanup /etc/rc.d and /var/service [SME: 9692] + +* Wed Mar 03 2021 Jean-Philippe Pialasse 5.8.0-87.sme +- remove klogd references [SME: 11363] +- restore part of pptp code and move to generik vpn entry [SME: 11374] + +* Wed Mar 03 2021 Jean-Philippe Pialasse 5.8.0-85.sme +- drop dyndns core support [SME: 11415] + +* Thu Feb 18 2021 Jean-Philippe Pialasse 5.8.0-84.sme +- fix enabled service not started on reboot [SME: 11355] + unless a power outage, as long as you reboot, halt or shutdown systemd will + be in sync +- fix console::startup run twice [SME: 11358 ] +- improve run order in systemd-default [SME: 11356] + +* Wed Feb 17 2021 Jean-Philippe Pialasse 5.8.0-83.sme +- fix uninitialized value during post-install [SME: 11350] + +* Sun Feb 14 2021 Jean-Philippe Pialasse 5.8.0-81.sme +- fix user with rssh shell need to be member of rsshusers group [SME: 9155] + +* Fri Feb 12 2021 Jean-Philippe Pialasse 5.8.0-80.sme +- add missing /sbin/e-smith/bootstrap-runlevel7 [SME: 11318] + +* Mon Jan 11 2021 Jean-Philippe Pialasse 5.8.0-79.sme +- fix typo for isolate [SME: 11246] + +* Mon Jan 11 2021 Jean-Philippe Pialasse 5.8.0-78.sme +- separate bootstrap-console from run level service launch [SME: 11318] + +* Fri Jan 08 2021 Jean-Philippe Pialasse 5.8.0-75.sme +- only run isolate if sme-server.target is not active [SME: 11246] +- update system-preset usr/lib file [SME: 10958] + +* Wed Jan 06 2021 Jean-Philippe Pialasse 5.8.0-72.sme +- fix loss of httpd basic auth [SME: 11309] + +* Fri Dec 25 2020 Jean-Philippe Pialasse 5.8.0-71.sme +- fix services starting when they are in Wants= for sme-server.target and preset disabled [SME: 11247] + +* Wed Dec 23 2020 Chris Sansom-Ninnes 5.8.0-70.sme +- rewrite of manageRAID.pl and add_drive_to_raid for SME10 [SME:10918] +- added gdisk as a dependency to support GPT systems + +* Fri Dec 11 2020 Jean-Philippe Pialasse 5.8.0-69.sme +- fix modSSL key crt and keychain files really exist [SME: 11252] +- add ldap.init as exception for preset + +* Fri Dec 11 2020 Jean-Philippe Pialasse 5.8.0-68.sme +- fix init-accounts [SME: 9642] + +* Fri Dec 11 2020 Jean-Philippe Pialasse 5.8.0-67.sme +- validate modSSL key crt and keychain files really exist [SME: 11252] + if not we use self generated + +* Fri Dec 11 2020 Jean-Philippe Pialasse 5.8.0-66.sme +- drop pptpd support [SME: 11250] + +* Wed Dec 09 2020 Jean-Philippe Pialasse 5.8.0-65.sme +- add bash-completion [SME: 11244] +- improve local service to systemd [SME: 11119] + now run rc.local file as part of the event + +* Wed Dec 09 2020 Jean-Philippe Pialasse 5.8.0-64.sme +- move local service to systemd [SME: 11119] + make it run /etc/rc.d/rc.local + cleaning /var/service/syslog still there + +* Sat Dec 05 2020 Jean-Philippe Pialasse 5.8.0-63.sme +- workaround drop-in install section ignored by systemctl preset [SME: 11231] + some cleanup + +* Thu Dec 03 2020 Jean-Philippe Pialasse 5.8.0-61.sme +- remove S95reset-unsavedflag [SME: 11229] +- add exclusion for lpd [SME: 11006] + +* Thu Dec 03 2020 Jean-Philippe Pialasse 5.8.0-60.sme +- execute systemd-reload before service adjust in events [SME: 11228] + +* Tue Dec 01 2020 Jean-Philippe Pialasse 5.8.0-59.sme +- fix ExecStart for raidmonitor [SME: 11094] + +* Sun Nov 29 2020 Jean-Philippe Pialasse 5.8.0-58.sme +- fix permission for /sbin/e-smith/systemd/mdmonitor-pre [SME: 11094] + +* Wed Nov 25 2020 Chris Sansom-Ninnes 5.8.0-57.sme +- Don't ask for confirmation to save changes on first install configuration [SME: 11193] + +* Wed Nov 25 2020 Chris Sansom-Ninnes 5.8.0-56.sme +- Fix RAID detection regex for disk redundancy screen [SME: 10918] + +* Wed Nov 18 2020 Jean-Philippe Pialasse 5.8.0-55.sme +- add Install part of systemd unit [SME: 11100] + +* Tue Nov 17 2020 Jean-Philippe Pialasse 5.8.0-54.sme +- move dhcpd to systemd [SME: 11100] +- get dhcpd log out of message [SME: 2408] + also configure logrotate for /var/log/dhcpd/dhcpd.log and /var/log/dhcpd/current + +* Tue Nov 17 2020 Jean-Philippe Pialasse 5.8.0-53.sme +- reverte previous changes for service2adjust and util.pm [SME: 11177] + files are owned by e-smith-lib + +* Mon Nov 16 2020 Jean-Philippe Pialasse 5.8.0-52.sme +- allow more systemctl controls [SME: 11177] + convert unrecognized signals from service2adjust in events for systemd + handle unsupervised services the same way supervised were in adjust-services + make service-status only log when service disabled and not fail it + +* Sat Nov 14 2020 Jean-Philippe Pialasse 5.8.0-51.sme +- add template for /etc/systemd/system-preset/49koozali.preset [SME: 11174] + this will help systemd integration in enabling and disabling services + remove wan link + +* Wed Nov 11 2020 Jean-Philippe Pialasse 5.8.0-50.sme +- move raidmonitor to systemd [SME: 11094] + +* Tue Nov 10 2020 Jean-Philippe Pialasse 5.8.0-49.sme +- move network service to systemd [SME: 11090] +- move wan service to systemd [SME: 11091] + +* Wed Sep 30 2020 Jean-Philippe Pialasse 5.8.0-48.sme +- create e-smith-base-update event [SME: 11012] +- create sme-server.target [SME: 10957] + make sme-server.target default target + change default target on signal-event post-upgrade, post-install, e-smith-base-update + requires update or smeserver-php and e-smith-runit +- add an executable to check if service is enabled in e-smith db + +* Sat Jun 27 2020 Jean-Philippe Pialasse 5.8.0-47.sme +- validate submask on remote access panel [SME: 6536] + accept netmask bit and convert it +- validate subnet mask on local network panel [SME: 10974] + accept netmask bit and convert it + +* Tue Jun 23 2020 Jean-Philippe Pialasse 5.8.0-45.sme +- remove info.txt [SME: 9590] + +* Sun May 24 2020 Jean-Philippe Pialasse 5.8.0-44.sme +- wildcard self-signed certificate [SME: 8156] + * ip in self-signed certificate + * subject altname in self-signed certificate + * ability to define Country code and State using + modSSL{Country} and modSSL{State} properties + * /etc/openssl.conf is used now and templated for self-signed certificate + +* Sat May 23 2020 Jean-Philippe Pialasse 5.8.0-43.sme +- enable smartd for existing installation [SME: 5890] + +* Sun May 17 2020 Chris Sansom-Ninnes 5.8.0-42.sme +- Enable smartd by default [SME: 5890] +- Credit to Chris Burnat + +* Wed Dec 18 2019 Michel Begue 5.8.0-41.sme +- Add a link to manager C wrapper to execute userpassword's cgi to replace perl-suid [SME: 9677] + +* Fri Nov 22 2019 John Crisp 5.8.0-40.sme +- fix SystemName [SME: 8876] + +* Tue Jan 22 2019 Jean-Philippe Pialasse 5.8.0-39.sme +- modify the default city and company [SME: 10715] + +* Tue Feb 13 2018 Jean-Philippe Pialasse 5.8.0-38.sme +- cleaning xinetd.conf fragment out of the package [SME: 10219] + +* Wed Nov 15 2017 Jean-Philippe Pialasse 5.8.0-37.sme +- revert previous change - wrong package + +* Tue Nov 14 2017 Jean-Philippe Pialasse 5.8.0-36.sme +- added post transaction rule for ntp [SME: 10190] +- thank you to Stefano Zamboni for this work + +* Thu May 4 2017 Daniel Berteaud 5.8.0-35.sme +- Expand route-bond0 when nic bonding is enabled [SME: 10272] + +* Sat Apr 15 2017 Jean-Philippe Pialasse 5.8.0-34.sme +- improve regex to catch local [SME: 9724] + +* Wed Apr 12 2017 Jean-Philippe Pialasse 5.8.0-33.sme +- change smtpd to qpsmtpd for default service access [SME: 9478] + +* Mon Feb 27 2017 Jean-Philippe Pialasse 5.8.0-32.sme +- add translation links for manager to most language variations we support [SME: 11121] + +* Fri Feb 17 2017 Jean-Philippe Pialasse 5.8.0-31.sme +- prevent restoration from being called on regular and post-upgrade reboot [SME: 9550] +- console restoration can be launched again from console + +* Thu Feb 9 2017 Daniel Berteaud 5.8.0-30.sme +- Use ip route syntax to define routes to local network [SME: 10083] + +* Tue Sep 6 2016 Daniel Berteaud 5.8.0-29.sme +- Allow /32 masks on the external interface, in which case we don't + check if the gateway is on the correct network) [SME: 9610] + +* Thu Aug 04 2016 Jean-Philippe Pialasse 5.8.0-28.sme +- fix config db locale property [SME: 9724] + +* Sat Jul 23 2016 Jean-Philippe Pialasse 5.8.0-27.sme +- adapt e-smith service command to systemd [SME: 9672] + +* Fri Jul 22 2016 Jean-Philippe Pialasse 5.8.0-26.sme +- add systemd skip redirect to e-smith-service [SME: 9688] + +* Thu Jul 21 2016 Jean-Philippe Pialasse 5.8.0-25.sme +- fix broken link /etc/init.d/supervise/local link [SME: 9687] + +* Mon Jul 18 2016 Jean-Philippe Pialasse 5.8.0-22.sme +- fix mysqld to mariadb [SME: 9438] + +* Sat Jul 16 2016 Jean-Philippe Pialasse 5.8.0-21.sme +- fix missing path to chkconfig [SME: 9641] + +* Thu Jul 14 2016 stephane de Labrusse 5.8.0-20.sme +- Fix deprecated syntax '*' in rsyslog [SME: 9398] +- Added e-smith-base-5.8.0.bz9398.DeprecatedRsyslogSyntax.patch + +* Mon Jul 4 2016 stephane de Labrusse 5.8.0-19.sme +- Set the hostname by hostnamectl [SME: 9631] +- Stefano Zamboni + +* Sun Jun 12 2016 Jean-Philippe Pialasse 5.8.0-18.sme +- fix Lang and keyboard layout configured are not used [SME: 9539] + +* Thu Jun 2 2016 Daniel Berteaud 5.8.0-17.sme +- Fix display of email forward fields since smtpd entry has been merged + qpsmtpd [SME: 9552] + +* Sun May 29 2016 Jean-Philippe Pialasse 5.8.0-16.sme +- Allow bootstrap to start services after post-install configuration [SME: 9530] + +* Thu May 12 2016 Daniel Berteaud 5.8.0-15.sme +- Use a C wrapper for the console to replace perl-suid [SME: 9393] + +* Wed Apr 13 2016 Jean-Philippe Pialasse 5.8.0-14.sme +- fix password not asked after signal-event post-install [SME: 9445] + +* Wed Apr 13 2016 Jean-Philippe Pialasse 5.8.0-13.sme +- only start services on regular boot [SME: 9436] + +* Tue Apr 12 2016 Jean-Philippe Pialasse 5.8.0-12.sme +- fix getting locale for db configuration [SME: 9378] + +* Mon Apr 11 2016 Jean-Philippe Pialasse 5.8.0-11.sme +- rearange startup [SME: 9352] +- let systemd handle following unsupervised services: +- bootstrap-console, rsyslog, irqbalance, crond, acpid, smartd +- disable from systemd services whith link in rc7.d +- let bootstrap-console run at every reboot and handle surpevised services startup + +* Mon Apr 11 2016 Daniel Berteaud 5.8.0-9.sme +- Remove ctrlaltdel service entry [SME: 9437] + +* Mon Apr 11 2016 Daniel Berteaud 5.8.0-8.sme +- Remove obsolete services [SME: 9420] + +* Tue Mar 29 2016 Jean-Philippe Pialasse 5.8.0-7.sme +- added requires dhcp [SME: 9392] + +* Wed Mar 23 2016 Jean-Philippe Pialasse 5.8.0-6.sme +- add Requires perl(Digest::SHA1) for console [SME: 9372] + +* Fri Mar 18 2016 Jean-Philippe Pialasse 5.8.0-5.sme +- fix conflict perl-Data-UUID vs uuid-perl [SME: 9344] + +* Fri Mar 18 2016 Jean-Philippe Pialasse 5.8.0-3.sme +- remove cpuspeed Requires and support [SME: 9337] +- remove pam_abl Requires [SME: 9341] + +* Fri Mar 18 2016 Jean-Philippe Pialasse 5.8.0-2.sme +- Remove Requires: hal [SME: 9342] +- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday, + by assuming the date is correct and changing the weekday. + Sat Dec 25 2005 --> Sat Dec 24 2005 or Sun Dec 25 2005 or Sat Dec 31 2005 or .... + Mon Feb 21 2006 --> Mon Feb 20 2006 or Tue Feb 21 2006 or Mon Feb 27 2006 or .... + Sat Mar 07 2008 --> Sat Mar 01 2008 or Fri Mar 07 2008 or Sat Mar 08 2008 or .... + Sat Mar 10 2008 --> Sat Mar 08 2008 or Mon Mar 10 2008 or Sat Mar 15 2008 or .... + Mon Apr 21 2013 --> Mon Apr 15 2013 or Sun Apr 21 2013 or Mon Apr 22 2013 or .... + Tue Sep 30 2015 --> Tue Sep 29 2015 or Wed Sep 30 2015 or Tue Oct 06 2015 or .... + +* Fri Feb 5 2016 Daniel Berteaud 5.8.0-1.sme +- Roll new stream for sme10 + +* Sun Jan 31 2016 Daniel Berteaud 5.6.0-28.sme +- Add a column to display forwarding address [SME: 9174] + +* Sun Jan 31 2016 Daniel Berteaud 5.6.0-27.sme +- Correctly display http URL to the server-manager in the console [SME: 9163] + +* Sun Jan 17 2016 Daniel Berteaud 5.6.0-26.sme +- Fire ssl-update event when default cert is renewed [SME: 2257] + +* Sun Jan 17 2016 Daniel Berteaud 5.6.0-25.sme +- Expand /home/e-smith/ssl.pem/pem during ssl-update [SME: 9152] + +* Wed Sep 30 2015 Daniel Berteaud 5.6.0-24.sme + Tue Sep 30 2015 --> Tue Sep 29 2015 or Wed Sep 30 2015 or Tue Oct 06 2015 or .... +- Update /etc/mime.types templates [SME: 9078] + +* Mon Aug 24 2015 Charlie Brady 5.6.0-23.sme +- Use sha256 algorithm for signature of SSL cert. [SME: 8615] + +* Thu Jun 25 2015 Daniel Berteaud 5.6.0-22.sme +- Fix including /etc/selinux directory [SME: 8954] + +* Thu Jun 25 2015 Daniel Berteaud 5.6.0-21.sme +- Add templates for /etc/selinux/config [SME: 8954] + +* Thu Jun 11 2015 Daniel Berteaud 5.6.0-20.sme +- Add dummy NIC support as InternalInterface [SME: 7200] + +* Tue Mar 31 2015 Daniel Berteaud 5.6.0-19.sme +- Only fire the ip-change event when IP is assigned to WAN nic + (Code by Charlie Brady and John Crisp) [SME: 8896] + +* Tue Mar 31 2015 Daniel Berteaud 5.6.0-18.sme +- Only reset service access when switching to or from private server mode + (Code by Charlie Brady) [SME: 8879] + +* Sun Jan 11 2015 Stephane de Labrusse 5.6.0-17.sme +- When quiting the console app with unsaved changes set the default selected +- answer to NO Hsing-Foo Wang [SME: 8616] + +* Tue Jan 6 2015 Stephane de Labrusse 5.6.0-16.sme +- Added a comment to specify the real configuration file of dhcpd [SME: 8386] + +* Sat Jan 3 2015 Stephane de Labrusse 5.6.0-15.sme +- Modified the patch of daniel e-smith-base-5.6.0-ensure_apache_alias_www.patch +- Ensure www group exists and that apache is an alias of www [SME: 8549] + +* Sun Nov 2 2014 Daniel Berteaud 5.6.0-13.sme +- Ensure www group exists and that apache is an alias of www [SME: 8549] + +* Sun Nov 2 2014 Daniel Berteaud 5.6.0-12.sme +- Check were running runlevel 4, not 7 in service wrapper [SME: 8637] + +* Sun Sep 21 2014 Daniel Berteaud 5.6.0-11.sme +- Correctly update NIC configuration on single NIC systems [SME: 8561] + +* Wed Sep 10 2014 Daniel Berteaud 5.6.0-10.sme +- Symlink udev-post service in rc7 [SME: 8542] + +* Fri Jul 25 2014 Daniel Berteaud 5.6.0-9.sme +- Fix PPPoE after a post-upgrade [SME: 8493] + +* Thu Jul 3 2014 Ian Wells 5.6.0-8.sme +- Remove dependency on microcode_ctl [SME: 8468] + +* Sun May 11 2014 stephane de Labrusse 5.6.0-7.sme +- Prevent emailing about the normal, weekly, checks of RAID arrays, by Mark Casey +- [SME: 7748] + +* Tue May 06 2014 stephane de Labrusse 5.6.0-6.sme +- remove /etc/e-smith/templates/etc/crontab/10runparts for anacron compatibility +- [SME: 8364] + +* Wed Apr 23 2014 stephane de Labrusse 5.6.0-5.sme +- Add a verification in the console of number of pptp clients against ip allowed in dhcpd +- [SME: 8312] + +* Sun Apr 6 2014 stephane de Labrusse 5.6.0-4.sme +- Add a verification in remoteaccess panel of number of pptp clients against ip allowed in dhcpd +- [SME: 8312] + +* Sat Apr 5 2014 Ian Wells 5.6.0-3.sme +- Ensure console is run with taint checking [SME: 8311] +- Non-functional perl::Critic changes. + +* Sun Mar 23 2014 Ian Wells 5.6.0-2.sme +- Roll new stream to really remove obsolete images [SME: 7962] + +* Sun Mar 23 2014 Ian Wells 5.6.0-1.sme +- Roll new stream to remove obsolete images [SME: 7962] + +* Thu Mar 20 2014 Ian Wells 5.4.0-62.sme +- Move console backup to e-smith-backup [SME: 3324] + +* Sun Mar 16 2014 Ian Wells 5.4.0-61.sme +- Remove support.pl from e-smith-base and move to smeserver-support [SME: 8264] + +* Sat Mar 15 2014 Ian Wells 5.4.0-60.sme +- Console restore should reboot [SME: 8259] + +* Sat Mar 8 2014 Ian Wells 5.4.0-59.sme +- Boostrap console should only offer restore if no password set [SME: 8259] + +* Thu Mar 6 2014 Ian Wells 5.4.0-58.sme +- Add restore backup as a console item for freshly installed servers [SME: 8259] +- Non-code changes to perform_restore.pm + +* Sun Feb 16 2014 Ian Wells 5.4.0-57.sme +- Refer to removable media not CDROM in console restore [SME: 8214] + +* Tue Jan 28 2014 Ian Wells 5.4.0-56.sme +- Remove insecure SSL ciphers [SME: 8138] + +* Sun Dec 15 2013 Daniel Berteaud 5.4.0-55.sme +- Restart rsyslog in logrotate event [SME: 8065] + +* Sun Dec 15 2013 Daniel Berteaud 5.4.0-54.sme +- Set smb ServerName if unset (patch from Ian Wells) [SME: 8030] + +* Mon Dec 9 2013 Daniel Berteaud 5.4.0-53.sme +- Don't reload init in bootstrap-console-save and console-save [SME: 8050] + +* Mon Dec 9 2013 Daniel Berteaud 5.4.0-52.sme +- Re-add missing templates metadata for bond0 [SME: 7990] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-51.sme +- Load the bonding module if NIC bonding is enabled [SME: 7996] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-50.sme +- Define the udev-post service in the DB [SME: 7992] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-49.sme +- Remove the "swap interface" feature [SME: 7993] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-48.sme +- Do not hardcode NIC names to eth0 and eth1 [SME: 7990] +- Remove obsolete VLAN code [SME: 7994] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-47.sme +- Remove HWAddress prop from interfaces [SME: 7991] + +* Thu Nov 14 2013 Chris Burnat 5.4.0-46.sme +- Fix add_new_disk_to_raid1 (codes by Charlie Brady - patch by Terje Edseth) + [SME: 7960] + +* Wed Oct 30 2013 Charlie Brady 5.4.0-45.sme +- Fix parsing issues with "manage RAID" menu option in the console. + [SME: 7953] + +* Mon Sep 30 2013 John H. Bennett III 5.4.0-44.sme +- Patch to correct issue with not being able to access a password protected + ibay [SME: 7794] + +* Sun Jul 7 2013 Ian Wells 5.4.0-43.sme +- Improve text in console backup for success and failure [SME: 7770] + +* Fri Jul 5 2013 Ian Wells 5.4.0-42.sme +- Console USB Backup, allow user setting of compression level [SME: 7745] + Compression level of the console backup is now -6 by default + +* Fri Jul 5 2013 Ian Wells 5.4.0-41.sme +- Update ServerName (Samba netbios name) when SystemName is updated [SME: 7746] + +* Fri Jul 5 2013 Ian Wells 5.4.0-40.sme +- Remove old System Name from the Hosts DB, by Charlie Brady [SME: 7747] + +* Sun Jun 23 2013 Daniel Berteaud 5.4.0-39.sme +- Fix group creation when LDAP auth is enabled [SME: 7672] + +* Sat Jun 8 2013 Daniel Berteaud 5.4.0-38.sme +- Disable IPv6 on a default install (patch by Shad Lords) [SME: 7531] + +* Sat Jun 8 2013 Daniel Berteaud 5.4.0-37.sme +- Continue escaping control chars in rsyslog, just replace LF with space [SME: 7662] + +* Fri Jun 7 2013 Daniel Berteaud 5.4.0-36.sme +- Don't escape control characters in rsyslog [SME: 7662] + +* Thu Jun 6 2013 Daniel Berteaud 5.4.0-35.sme +- Use UTF-8 in the console [SME: 7591] + +* Sun May 19 2013 Ian Wells 5.4.0-34.sme +- Remove redundant parts of init-accounts [SME: 3550] + +* Sat May 18 2013 chris burnat 5.4.0-33.sme +- Add_template_to_ssl.pem, codes by JP Pialasse [SME: 7601] + +* Tue May 07 2013 Ian Wells 5.4.0-32.sme +- Require diald [SME: 7279] + +* Mon May 06 2013 Ian Wells 5.4.0-31.sme +- Removal of rc.e-smith now functionality is in e-smith-service [SME: 7267] + +* Sun May 05 2013 Ian Wells 5.4.0-30.sme +- Revert last change. [SME: 7227] + +* Sat May 04 2013 Ian Wells 5.4.0-29.sme +- Suppress template text from /etc/inittab [SME: 7227] + +* Mon Apr 22 2013 Ian Wells 5.4.0-28.sme +- Replacement of rc.e-smith by moving code into e-smith-service [SME: 7267] + +* Sun Apr 21 2013 chris burnat 5.4.0-27.sme + Mon Apr 21 2013 --> Mon Apr 15 2013 or Sun Apr 21 2013 or Mon Apr 22 2013 or .... +- Fix the way '.' works in bash [SME: 7532] + +* Fri Mar 22 2013 Daniel Berteaud 5.4.0-26.sme +- rename /etc/ldap.conf to /etc/pam_ldap.conf (and same for .secret) [SME: 7289] + +* Sat Mar 16 2013 Ian Wells 5.4.0-25.sme +- Always define InternalInterface NICBonding [SME: 7498] + +* Sat Mar 16 2013 Terry Fage 5.4.0-24.sme +- In the console refer to removable media instead of USB disk [SME: 7414] + +* Sat Mar 16 2013 Shad L. Lords 5.4.0-23.sme +- Fix a few more syslog => rsyslog items [SME: 7221] + +* Sat Mar 16 2013 Shad L. Lords 5.4.0-22.sme +- Remove modprobe stuff [SME: 7261] + +* Sat Mar 16 2013 Shad L. Lords 5.4.0-21.sme +- Don't be as agressive on rate limiting [SME: 7470] + +* Sat Mar 16 2013 Daniel Berteaud 5.4.0-20.sme +- Change syslog templates to rsyslog [SME: 7221] + +* Fri Mar 15 2013 Ian Wells 5.4.0-19.sme +- Ensure existing_hwaddr is always initialized [SME: 7471] + +* Thu Mar 14 2013 Ian Wells 5.4.0-18.sme +- Change System Name from mitel-networks-server to sme-server [SME: 7485] + +* Sat Mar 9 2013 Shad L. Lords 5.4.0-17.sme +- Fix user www creation in init-accounts [SME: 7319] + +* Wed Mar 6 2013 Shad L. Lords 5.4.0-16.sme +- Update package and path for pwauth [SME: 7319] +- Update init-accounts to set uid/gid correctly for pwauth + +* Thu Feb 28 2013 Shad L. Lords 5.4.0-15.sme +- Remove fragments in inittab that are no longer needed [SME: 7227] + +* Mon Feb 25 2013 Daniel Berteaud 5.4.0-14.sme +- Post-upgrades not fired after restore from console [SME: 7390] + +* Sat Feb 23 2013 Ian Wells 5.4.0-13.sme +- Remove microcode_ctl service as now udev-driven [SME: 7397] + +* Thu Feb 21 2013 Ian Wells 5.4.0-12.sme +- Increase memory limit for pppoe to 100Mb matching SME8 solution [SME: 7391] + +* Thu Feb 21 2013 Daniel Berteaud 5.4.0-11.sme +- Optimize user-modify-unix script and link it in bootstrap-ldap-save [SME: 7387] + +* Tue Feb 19 2013 Shad L. Lords 5.4.0-10.sme +- Add /usr/bin/passwd as a required package [SME: 7350] + +* Sat Feb 9 2013 Ian Wells 5.4.0-9.sme +- Update symlink to not conflict with /etc/init.d [SME: 7322] + +* Thu Feb 7 2013 Ian Wells 5.4.0-8.sme +- Add symbolic links from rsyslog to syslog to start the + the transition from syslog to rsyslog [SME: 7322] + +* Wed Feb 6 2013 Shad L. Lords 5.4.0-7.sme +- Remove apmd service and change package to noarch [SME: 7312] + +* Sun Feb 3 2013 Daniel Berteaud 5.4.0-6.sme +- Add a daemontools service to run signal-event local [SME: 7230] + +* Sat Feb 2 2013 Shad L. Lords 5.4.0-5.sme +- Obsolete nss_ldap so upgrades work [SME: 7273] + +* Sat Feb 2 2013 Shad L. Lords 5.4.0-4.sme +- Helps to spell requirements correctly + +* Sat Feb 2 2013 Shad L. Lords 5.4.0-3.sme +- Change nss_ldap to nss-pam-ldapd [SME: 7272] + +* Thu Jan 31 2013 Daniel Berteaud 5.4.0-2.sme +- Change default runlevel to 4 [SME: 7266] + +* Thu Jan 31 2013 Shad L. Lords 5.4.0-1.sme +- Roll new stream for sme9 + +* Tue Jan 22 2013 Ian Wells 5.2.0-67.sme +- Increase memory limit for pppoe to 100Mb [SME: 7000] + +* Sun Dec 30 2012 Ian Wells 5.2.0-66.sme +- Template /etc/updatedb.conf [SME: 7090] + +* Wed Jul 18 2012 Ian Wells 5.2.0-65.sme +- Make CipherSuite secure by default [SME: 7026] + +* Fri Mar 16 2012 Ian Wells 5.2.0-64.sme +- Add MAC address into console network selection [SME: 6844] + +* Sun Nov 6 2011 Shad L. Lords 5.2.0-63.sme +- Initialize ExternalInterface db structure so hwaddr in console works + [SME: 6775] + +* Mon Mar 14 2011 Daniel Berteaud 5.2.0-62.sme +- Stop using gecos attribute in LDAP [SME: 6539] + +* Mon Mar 14 2011 Jonathan Martens 5.2.0-61.sme +- Fix a typo in strings [SME: 5932] + +* Mon Mar 14 2011 Jonathan Martens 5.2.0-60.sme +- Rework text changes in console screen in previous revision [SME: 5932] + +* Mon Mar 14 2011 Jonathan Martens 5.2.0-59.sme +- Only list backup targets that are writeable [SME: 5932] + +* Sun Mar 13 2011 Jonathan Martens 5.2.0-58.sme +- Revert admin password change through user-manager [SME: 3759] + +* Sun Mar 13 2011 Jonathan Martens 5.2.0-57.sme +- Allow admin password change through user-manager [SME: 3759] + +* Wed Mar 2 2011 Jonathan Martens 5.2.0-57.sme +- Handle no network interface scenario in console and bootstrap-console [SME: 6023] + +* Mon Dec 6 2010 Daniel Berteaud 5.2.0-56.sme +- change apache uid and gid so they become aliases for www [SME: 6425] + +* Tue Nov 30 2010 Shad L. Lords 5.2.0-55.sme +- Only remove dangling symlinks in weak-updates directories [SME: 6376] + +* Tue Nov 30 2010 Shad L. Lords 5.2.0-54.sme +- Fix create user gid parameter [SME: 6416] + +* Mon Nov 29 2010 Daniel Berteaud 5.2.0-53.sme +- Fix gpasswd path [SME: 6412] + +* Mon Nov 22 2010 Shad L. Lords 5.2.0-52.sme +- Fix relocation of dhclient conf file [SME: 6385] + +* Sun Nov 7 2010 Shad L. Lords 5.2.0-51.sme +- No longer need to pass supplemental groups to cpu [SME: 6349] + +* Fri Nov 5 2010 Shad L. Lords 5.2.0-50.sme +- Allow cpu to remove empty attributes [SME: 6343] + +* Thu Nov 4 2010 Shad L. Lords 5.2.0-49.sme +- Fix maxUsers patch (again) to not break setting passwords [SME: 5537] + +* Thu Nov 4 2010 Shad L. Lords 5.2.0-48.sme +- Fix maxUsers patch to not break setting passwords [SME: 5537] + +* Thu Nov 4 2010 Shad L. Lords 5.2.0-47.sme +- Don't put empty attributes in file for cpu [SME: 6334] + +* Thu Nov 4 2010 Shad L. Lords 5.2.0-46.sme +- Add flush to tmpfile so that data is available to cpu [SME: 6334] + +* Thu Nov 4 2010 Shad L. Lords 5.2.0-45.sme +- Add extra attributes to ldap objects with cpu call [SME: 6334] + +* Wed Nov 3 2010 Shad L. Lords 5.2.0-44.sme +- Fix cpu critical patch missing ' [SME: 6330] + +* Wed Nov 3 2010 Shad L. Lords 5.2.0-43.sme +- Make cpu calls critical only with ldap{Auth} is enabled [SME: 6330] +- Add cpu.conf and cpu-system.conf to post-upgrade event [SME: 6327] + +* Tue Nov 2 2010 Shad L. Lords 5.2.0-42.sme +- Always use cpu, do unix if ldap{Auth} is disabled [SME: 6328] + +* Mon Nov 1 2010 Shad L. Lords 5.2.0-41.sme +- Switch to cpu commands if ldap is master [SME: 6328] + +* Mon Nov 1 2010 Shad L. Lords 5.2.0-40.sme +- Add templates for ldap authentication if enabled [SME: 6329] + +* Mon Nov 1 2010 Shad L. Lords 5.2.0-39.sme +- Add cpu.conf and cpu-system.conf template/program to SME [SME: 6327] + +* Thu Oct 14 2010 Daniel Berteaud 5.2.0-38.sme +- Fix empty leases file test [SME: 6274] + +* Tue Oct 12 2010 Daniel Berteaud 5.2.0-37.sme +- Relocate dhcpd leases file [SME: 6274] + +* Mon Oct 11 2010 Shad L. Lords 5.2.0-36.sme +- Add migrate script to add missing HWaddr to interface records [SME: 6267] + +* Mon Oct 11 2010 Shad L. Lords 5.2.0-35.sme +- Make lcp options configurable [SME: 6277] + +* Mon Oct 11 2010 Daniel Berteaud 5.2.0-34.sme +- Relocate dhclient conf file [SME: 5833] + +* Fri Oct 8 2010 Shad L. Lords 5.2.0-33.sme +- Disable apmd on 64-bit arch [SME: 6170] + +* Fri Oct 8 2010 Shad L. Lords 5.2.0-32.sme +- Remove check for maxUsers [SME: 5537] + +* Wed Oct 6 2010 Shad L. Lords 5.2.0-31.sme +- Try and keep same external address for pppoe connections [SME: 6263] + +* Mon Sep 27 2010 Shad L. Lords 5.2.0-30.sme +- Add ibay groups to group membership [SME: 6247] + +* Thu Sep 23 2010 Daniel Berteaud 5.2.0-29.sme +- Prepare nss_ldap [SME: 6227] + +* Sun Aug 8 2010 Ian Wells 5.2.0-28.sme +- Enable cpuspeed by default [SME: 6066] + +* Sun Jul 25 2010 Charlie Brady 5.2.0-27.sme +- Fix syntax error in last patch. [SME: 5830] + +* Mon Jul 19 2010 Charlie Brady 5.2.0-26.sme +- Don't exit 99 from e-smith-service script when called with 'condrestart' + and service is disabled. [SME: 5830] + +* Fri Jun 11 2010 Federico Simoncelli 5.2.0-25.sme +- FreeBusy patch fix (save account changes) [SME: 5941] + +* Fri Jun 11 2010 Ian Wells 5.2.0-24.sme +- Remove checkMaxUsers patch due to regression. [SME: 5537] + +* Tue Jun 8 2010 Jonathan Martens 5.2.0-23.sme +- Fix translation of local nic string in console [SME: 5571] + +* Sun Jun 6 2010 Jonathan Martens 5.2.0-22.sme +- Handle no network interface scenario in console [SME: 6023] + +* Sat Jun 5 2010 Ian Wells 5.2.0-21.sme +- Remove checkMaxUsers(). [SME: 5537] + +* Mon May 10 2010 John H. Bennett III 5.2.0-20.sme +- Patch that will remove all FreeBusy references from e-smith-base. [SME: 5941] + +* Wed Mar 3 2010 Federico Simoncelli 5.2.0-19.sme +- Restate smartd dependency. [SME: 5814] + +* Mon Mar 1 2010 Shad L. Lords 5.2.0-18.sme +- Fix gettext errors in WAN/LAN subnet error message [SME: 5501] + +* Sun Feb 14 2010 Jonathan Martens 5.2.0-17.sme +- Really fix template expansion error [SME: 4528] + +* Sun Feb 14 2010 Jonathan Martens 5.2.0-16.sme +- Fix template expansion error [SME: 4528] + +* Mon Feb 8 2010 Jonathan Martens 5.2.0-15.sme +- Improve security by using SHA1 algorithm for certificate signing [SME: 5737] + +* Fri Feb 5 2010 Stephen Noble 5.2.0-14.sme +- Fix eth? swapping [SME: 4528] + +* Sun Jan 31 2010 Stephen Noble 5.2.0-13.sme +- Fix console backup from removable media [SME: 4809] + +* Sat Jan 30 2010 Jonathan Martens 5.2.0-12.sme +- Bump certificate encryption from 1024 bits to 2048 bits [SME: 5735] + +* Thu Jan 14 2010 Filippo Carletti 5.2.0-11.sme +- Fix console restore from removable media (Federico Simoncelli) [SME: 4809] + +* Mon Nov 23 2009 Gavin Weight 5.2.0-10.sme +- Add a dummy call so xgettext can pull translated $ifName in console configuration pages. [SME: 5571] + +* Fri Nov 6 2009 Jonathan Martens 5.2.0-9.sme +- Translate $ifName in console configuration pages [SME: 5571] + +* Sat Oct 24 2009 Jonathan Martens 5.2.0-8.sme +- Prevent IP conflicts between local and external interface in server gateway mode [SME: 5501] + +* Tue Oct 20 2009 Filippo Carletti 5.2.0-7.sme +- Clean up: remove unused nonetworkdrivers [SME: 5521] + +* Sat Jun 6 2009 Shad L. Lords 5.2.0-6.sme +- Clean up stray symlinks in /lib/modules before depmod [SME: 5336] + +* Mon May 18 2009 Gavin Weight 5.2.0-5.sme +- Allow for different mdadm output formats for DeviceSize. [SME: 5230] + +* Sat Feb 14 2009 Jonathan Martens 5.2.0-4.sme +- Auto-mount USB REV70-drive as usbdisk [SME: 5006] + +* Sat Oct 25 2008 Stephen Noble 5.2.0-3.sme +- create service link for smartd [SME: 1445] + +* Mon Oct 13 2008 Shad L. Lords 5.2.0-2.sme +- Add patch to support multiple samba roles [SME: 4172] + +* Tue Oct 7 2008 Shad L. Lords 5.2.0-1.sme +- Roll new stream to separate sme7/sme8 trees [SME: 4633] + +* Tue Sep 23 2008 Stephen Noble 4.19.0-6 +- Add locale tags for email in review panel [SME: 4267] + +* Sat Sep 20 2008 Shad L. Lords 4.19.0-5 +- Correct gettext type during build process [SME: 570] + +* Mon Sep 15 2008 Shad L. Lords 4.19.0-4 +- Fix screen corruption in console [SME: 4155] + +* Sat Sep 13 2008 Shad L. Lords 4.19.0-3 +- Fix detection of xen instance against newer kernels [SME: 4555] + +* Thu Aug 28 2008 Jonathan Martens 4.19.0-2 +- Fixed warnings generated during build process [SME: 570] + +* Wed Aug 20 2008 Shad L. Lords 4.19.0-1 +- Roll new dev stream. + +* Sun Aug 17 2008 Gavin Weight 4.18.1-22 +- Add gettext to creating backup file title for localization. [SME: 4467] + +* Mon Aug 11 2008 Charlie Brady 4.18.1-21 +- Fix race condition in VPN ip-down handling which could cause loss of + LAN connectivity. [SME: 4405] + +* Sat Aug 9 2008 Shad L. Lords 4.18.1-20 +- Remove requires for whiptail. No longer needed [SME: 4491] + +* Fri Aug 8 2008 Jonathan Martens 4.18.1-19 +- Change userpassword panel to use PASSWORD_VERIFY_NEW instead of PASSWORD_NEW_VERIFY [SME: 4487] + +* Thu Aug 7 2008 Jonathan Martens 4.18.1-18 +- Revert locale key PASSWORD_RESET_TITLE to RESET_PASSWORD_TITLE and move it + to e-smith-formmagick's general [SME: 4475] +- Reverting all *PASSWORD_NO_MATCH to *PASSWORD_VERIFY_ERROR locale keys [SME: 4476] +- Remove invalid entry tag from userpassword's locale file preventing the + form from displaying properly [SME: 4479] + +* Tue Aug 5 2008 Jonathan Martens 4.18.1-17 +- Revert previous invalid locale changes (reverting to 4.18.1-15) [SME: 4472] + +* Mon Aug 4 2008 Jonathan Martens 4.18.1-16 +- Revert some locale changes + +* Tue Jul 22 2008 Gavin Weight 4.18.1-15 +- Add regex to support cciss device names in manageRAID.pl. [SME: 4455] + +* Sat Jul 5 2008 Jonathan Martens 4.18.1-14 +- Add common tags to e-smith-formmagick's general [SME: 4279] + +* Sun Apr 27 2008 Jonathan Martens 4.18.1-13 +- Add common tags to e-smith-formmagick's general [SME: 4279] + +* Wed Apr 23 2008 Shad L. Lords 4.18.1-12 +- Fix for > 5 nics detected [SME: 4232] + +* Tue Apr 22 2008 Shad L. Lords 4.18.1-11 +- Remove use of Date::Manip from ssl.crt [SME: 3155] + +* Sat Apr 19 2008 Shad L. Lords 4.18.1-10 +- Fix FreeBusy param when disabled [SME: 1806] +- Remove .orig file [SME: 4228] + +* Wed Apr 2 2008 Shad L. Lords 4.18.1-9 +- Remove quitConsole from menu [SME: 4154] + +* Wed Apr 2 2008 Shad L. Lords 4.18.1-8 +- Really fix free/busy in usermanager [SME: 4157] + +* Wed Apr 2 2008 Shad L. Lords 4.18.1-7 +- Use frames in elinks [SME: 4156] +- Set homepage for elinks [SME: 4160] + +* Wed Apr 2 2008 Shad L. Lords 4.18.1-6 +- Fix free/busy field in useraccounts [SME: 4157] + +* Tue Apr 1 2008 Shad L. Lords 4.18.1-5 +- Add free/busy URL entry to help kronolith contribs [SME: 1806] + +* Fri Mar 28 2008 Shad L. Lords 4.18.1-4 +- Fix insert_mode for elinks on el5 platform [SME: 4127] + +* Wed Mar 26 2008 Shad L. Lords 4.18.1-3 +- Set accounts to deleted before template expansion [SME: 4122] + +* Wed Mar 26 2008 Shad L. Lords 4.18.1-2 +- Fix gettext strings returned by password checks [SME: 4104] + +* Wed Mar 26 2008 Shad L. Lords 4.18.1-1 +- Roll new stable stream consolidating patches. + +* Mon Mar 24 2008 Shad L. Lords 4.18.0-104 +- Finish removing pleasewait [SME: 126] + +* Tue Mar 18 2008 Shad L. Lords 4.18.0-103 +- Add gettext to console titles. [SME: 4089] + +* Sat Mar 15 2008 Stephen Noble 4.18.0-102 +- Minor translation fixes [SME: 4058] [SME: 4059] + +* Wed Mar 12 2008 Shad L. Lords 4.18.0-101 +- Remove tests for removed FORM_TITLE's [SME: 4050] + +* Wed Mar 12 2008 Shad L. Lords 4.18.0-100 +- Cleanup SAVE/ADD tag mixup [SME: 4045] + +* Mon Mar 10 2008 Shad L. Lords 4.18-99 + Sat Mar 10 2008 --> Sat Mar 08 2008 or Mon Mar 10 2008 or Sat Mar 15 2008 or .... +- Fix dyndns custom gettext [SME: 4032] + +* Fri Mar 07 2008 Stephen Noble 4.18-98 + Sat Mar 07 2008 --> Sat Mar 01 2008 or Fri Mar 07 2008 or Sat Mar 08 2008 or .... +- revised gettext messages [SME: 631] + +* Fri Mar 07 2008 Stephen Noble 4.18-97 + Sat Mar 07 2008 --> Sat Mar 01 2008 or Fri Mar 07 2008 or Sat Mar 08 2008 or .... +- gettext messages [SME: 631] + +* Fri Mar 07 2008 Stephen Noble 4.18-96 + Sat Mar 07 2008 --> Sat Mar 01 2008 or Fri Mar 07 2008 or Sat Mar 08 2008 or .... +- remove duplicate system password has been changed [SME: 3974] + +* Fri Mar 07 2008 Stephen Noble 4.18-95 + Sat Mar 07 2008 --> Sat Mar 01 2008 or Fri Mar 07 2008 or Sat Mar 08 2008 or .... +- EthernetAssign shouldn't be translated [SME: 3947] + +* Sun Feb 17 2008 Stephen Noble 4.18-94 +- Remove pleasewait function [SME: 126] + +* Sun Feb 17 2008 Stephen Noble 4.18-93 +- fix gettext formatting in three files [SME: 3938] + +* Wed Feb 13 2008 chris burnat 4.18-92 +- Fix creation of usernames and pseudonyms with one character +- [SME: 2451] + +* Wed Feb 13 2008 Stephen Noble 4.18-91 +- Remove tags now in general [SME: 3911] + +* Sun Feb 10 2008 Stephen Noble 4.18-90 +- Remove duplicate entries [SME: 3894] + +* Sat Feb 09 2008 Stephen Noble 4.18-89 +- remove unused ROUTER_DESC token from lexicon [SME: 3879] + +* Sat Jan 12 2008 Shad L. Lords 4.18-88 +- remove default of 1400 MTU for interfaces [SME: 549] + +* Wed Jan 09 2008 Stephen Noble 4.18-87 +- db prop to dissociate admin password from root in useraccounts.pm [SME: 3117] + +* Wed Jan 09 2008 Stephen Noble 4.18-86 +- pptp connections setting mtu/mru > 1400 [SME: 549] + +* Tue Jan 08 2008 Stephen Noble 4.18-85 +- console to strength validate password choice on first entry [SME: 3131] + +* Tue Jan 08 2008 Stephen Noble 4.18-84 +- Auto-mount USB REV-drive as usbdisk [SME: 2972] + +* Sun Jan 06 2008 Stephen Noble 4.18-83 +- ignore error returns from tar [SME: 3127] + +* Sun Jan 06 2008 Stephen Noble 4.18-82 +- Use esmith::util::validatePassword on console [SME: 2173] + +* Mon Dec 24 2007 Gavin Weight 4.18.0-81 +- Link smartd.conf to bootstrap-save-console and console-save. [SME: 1445] + +* Mon Dec 24 2007 Stephen Noble 4.18-80 +- Add smartd as a disabled service with template [SME: 1445] + +* Sun Dec 16 2007 Shad L. Lords 4.18.0-79 +- Lock user accounts with usermod instead of passwd [SME: 3595] + +* Sun Dec 16 2007 Gavin Weight 4.18.0-78 +- Add symlink to fr-fr locale. [SME: 3648] + +* Mon Nov 12 2007 Shad L. Lords 4.18.0-77 +- Add fix for varying partition sizes in add_raid [SME: 3547] + +* Sun Nov 11 2007 Gavin Weight 4.18.0-76 +- Fix removal of Corporate DNS from console. [SME: 3532] + +* Fri Nov 02 2007 Gavin Weight 4.18.0-75 +- Remove previous change, applied to wrong package. [SME: 3512] + +* Fri Nov 02 2007 Gavin Weight 4.18.0-74 +- Add WPAD feature for DHCP (Thanks Hector Perez). [SME: 3512] + +* Tue Oct 16 2007 Gavin Weight 4.18.0-73 +- Make non-Removable pseudonyms point to admin when reassigned. [SME: 2214] + +* Sun Oct 14 2007 Gavin Weight 4.18.0-72 +- Adjust success text when changing admin password. [SME: 2442] + +* Thu Oct 11 2007 Charlie Brady 4.18.0-71 +- Fix comparison of expected to actual SSL cert data. Also change + truncation point for email address from 40 chars to 64. [SME: 1736]. + [Note that -70 was inadvertently skipped.] + +* Tue Sep 11 2007 Gavin Weight 4.18.0-69 +- Move httpd logrotate.d directory to e-smith-apache. [SME: 3380] + +* Tue Sep 11 2007 Gavin Weight 4.18.0-68 +- Rename in logrotate.d directory apache to httpd. [SME: 3380] + +* Fri Sep 07 2007 Charlie Brady 4.18.0-67 +- Fix pod in groups.pm file. [SME: 3379] + +* Wed Aug 22 2007 Charlie Brady 4.18.0-66 +- Relax restrictions on restore devices, to allow CDR and DVDR. + [SME: 3126] + +* Fri Aug 03 2007 Charlie Brady 4.18.0-65 +- Ensure that depmod is run for all installed kernels. [SME: 3235] + +* Wed Jul 04 2007 Charlie Brady 4.18.0-64 +- Really really clear devices variable [SME: 3116] + +* Sun Jul 1 2007 Shad L. Lords 4.18.0-63 +- Really clear devices variable [SME: 3116] + +* Sun Jul 1 2007 Shad L. Lords 4.18.0-62 +- Clean up loop var and mount point for backup/restore [SME: 3116] + +* Thu Jun 28 2007 Shad L. Lords 4.18.0-61 +- Improve usb backup error reporting [SME: 2772] + +* Tue Jun 26 2007 Gavin Weight 4.18.0-60 +- Move the pam.d ftp/proftpd templates to e-smith-proftpd. + [SME: 2762] + +* Tue Jun 19 2007 Charlie Brady 4.18.0-59 +- Have nonetworkdrivers script exit silently if kmodule bin not found. + [SME: 2549] + +* Mon Jun 11 2007 Shad L. Lords 4.18.0-58 +- Start messagebus/haldaemon so restore works [SME: 3058] + +* Sun Jun 10 2007 Stephen Noble 4.18.0-57 +- expand /etc/pam.d/login [SME: 2831] + +* Wed Jun 06 2007 Charlie Brady 4.18.0-56 +- Prevent backout from console config during initial setup. + [SME: 2540] + +* Sun Jun 3 2007 Shad L. Lords 4.18.0-55 +- Clean up some more newlines [SME: 3035] +- Make raid failures more verbose [SME: 3032] +- Fix add_drive_to_raid and partition issues [SME: 2155, 2232] + +* Wed May 30 2007 Gavin Weight 4.18.0-54 +- Update noraid text and add newline after text. [SME: 3035] + +* Thu May 24 2007 Shad L. Lords 4.18.0-53 +- Don't use cracklib in system-auth [SME: 2686] + +* Fri May 18 2007 Shad L. Lords 4.18.0-52 +- Use correct lib for modules + +* Thu May 17 2007 Shad L. Lords 4.18.0-51 +- Updates to support xenU instance + +* Wed May 9 2007 Shad L. Lords 4.18.0-50 +- Updates to support SME Server 8 + +* Sat May 05 2007 Gavin Weight 4.18.0-49 +- Fix service match RE in /sbin/e-smith/service. [SME: 2959] + +* Sun Apr 29 2007 Shad L. Lords +- Clean up spec so package can be built by koji/plague + +* Sun Apr 29 2007 Shad L. Lords 4.18.0-48 +- Change to dist for tagging release +- Only include apmd for i386 platforms + +* Fri Apr 27 2007 Charlie Brady 4.18.0-47 +- Validate GatewayIP address more carefully. [SME: 2928] + +* Sat Apr 14 2007 Stephen Noble 4.18.0-46 +- Field to change ssh port [SME: 2382] + +* Sat Apr 14 2007 Stephen Noble 4.18.0-45 +- Change fm to self in remoteaccess.pm [SME: 2382] + +* Fri Apr 13 2007 Shad L. Lords 4.18.0-44 +- Make configuration dbs config(noreplace) [SME: 2527] + +* Fri Apr 13 2007 Shad L. Lords 4.18.0-43 +- Adjust perm for dhcpd.conf again [SME: 2715] + +* Thu Apr 12 2007 Shad L. Lords 4.18.0-42 +- Put usbback patch back in. [SME: 2483] + +* Thu Apr 12 2007 Stephen Noble 4.18.0-41 +- Remove enable slocate patch [SME: 102] + +* Thu Apr 12 2007 Stephen Noble 4.18.0-40 +- Change Try Again to gettext(Back) in perform backup [SME: 2483] + +* Thu Apr 12 2007 Stephen Noble 4.18.0-39 +- Enable slocate in /etc/updatedb.conf [SME: 102] + +* Wed Apr 11 2007 Stephen Noble 4.18.0-38 +- Make console text consistent 'Please stand by' [SME: 2493] + +* Wed Apr 11 2007 Stephen Noble 4.18.0-37 +- Fix missing en-au & en-nz language noise. [SME: 2093] + +* Wed Apr 11 2007 Stephen Noble 4.18.0-36 +- Fix missing list items for console [SME: 2642] + +* Mon Apr 09 2007 Shad L. Lords 4.18.0-35 +- Don't attempt to add_raid_device if no raid [SME: 2484] + +* Fri Apr 06 2007 Shad L. Lords 4.18.0-34 +- Add fix for perms on dhcpd.conf file [SME: 2715] + +* Fri Apr 06 2007 Shad L. Lords 4.18.0-33 +- Remove fix for ftpusers. Belongs in e-smith-proftpd. [SME: 2841] + +* Fri Apr 06 2007 Shad L. Lords 4.18.0-32 +- Fix permissions on ftpusers file [SME: 2841] +- Fix permissions on pwauth file [SME: 2842] + +* Thu Apr 05 2007 Shad L. Lords 4.18.0-31 +- Simplify depmod call in conf-modules [SME: 2554] + +* Wed Apr 04 2007 Charlie Brady 4.18.0-30 +- Fix login pam configuration file. TODO - expand the template + during bootstrap-console-save. [SME: 2831] + +* Mon Mar 26 2007 Charlie Brady 4.18.0-29 +- Add rotate_timestamped_logfiles action, split from + generic_template_expand. [SME: 2795] + +* Thu Mar 22 2007 Shad L. Lords 4.18.0-28 +- Fix rc.e-smith to work with el4 and el5 [SME: 2510] + +* Mon Mar 19 2007 Shad L. Lords 4.18.0-27 +- Add missing elements in prior pam updates [SME: 2551] + +* Mon Mar 19 2007 Shad L. Lords 4.18.0-26 +- Update pam_stack to new include for el5 [SME: 2551] + +* Thu Mar 08 2007 Gavin Weight 4.18.0-25 +- Fix missing en-gb language noise. [SME: 2633] + +* Thu Mar 08 2007 Shad L. Lords 4.18.0-24 +- Call cropLeft function correctly in crt expansion [SME: 1689] + +* Wed Mar 07 2007 Shad L. Lords 4.18.0-23 +- Make elinks display correctly with xterm display [SME: 444] + +* Wed Mar 07 2007 Shad L. Lords 4.18.0-22 +- Add db override for crt common name [SME: 1689] + +* Wed Mar 07 2007 Shad L. Lords 4.18.0-21 +- Default adding drive to raid to no [SME: 2644] + +* Tue Mar 06 2007 Shad L. Lords 4.18.0-20 +- Allow nics to swap if different LAN chosen [SME: 2612] + +* Tue Mar 06 2007 Shad L. Lords 4.18.0-19 +- Default WAN NIC to the *other* NIC than the one selected for LAN [SME: 2612] + +* Tue Mar 06 2007 Charlie Brady 4.18.0-18 +- Combine two similar loops in selectEthernet and break overly + long string constant. [SME: 2612] + +* Tue Mar 06 2007 Shad L. Lords 4.18.0-17 +- Fix network selection dialog to include all drivers. [SME: 2612] + +* Thu Mar 01 2007 Charlie Brady 4.18.0-16 +- Fix run.static file in wan service directory. [SME: 2580] + +* Fri Feb 23 2007 Shad L. Lords 4.18.0-15 +- Fix glob for selecting backup devices. [SME: 2521] + +* Fri Feb 23 2007 Shad L. Lords 4.18.0-14 +- User new console infobox for console backup. [SME: 2533] + +* Thu Feb 22 2007 Charlie Brady 4.18.0-13 +- Use new esmith::console::infobox widget in console. [SME: 2533] + +* Fri Feb 16 2007 Shad L. Lords 4.18.0-12 +- Change runsvctrl to sv to support runit v1.7.x + +* Fri Feb 16 2007 Charlie Brady 4.18.0-11 +- Restate microcode_ctl/irqbalance/cpuspeed dependencies. [SME: 2490] + +* Sun Feb 11 2007 Shad L. Lords 4.18.0-10 +- Set db value for external ip before expanding templates [SME: 1977] + +* Sun Feb 11 2007 Shad L. Lords 4.18.0-9 +- Do better detection of possible devices for backup/restore [SME: 2317] + +* Sun Feb 11 2007 Shad L. Lords 4.18.0-8 +- Set ENV{HOME} so mysql dump works for backup [SME: 2412] + +* Wed Feb 07 2007 Charlie Brady 4.18.0-7 +- Remove unused remnant dhcpcd templates. [SME: 2445] + +* Wed Feb 07 2007 Charlie Brady 4.18.0-6 +- Configure elinks to obey cache control directives. I have + no idea why that would not be the default! [SME: 2443] + +* Tue Jan 30 2007 Shad L. Lords 4.18.0-5 +- Ensure gateway dev is correct for server-only [SME: 2404] + +* Mon Jan 29 2007 Shad L. Lords 4.18.0-4 +- Add cancel button to backup/restore panels [SME: 2393] + +* Mon Jan 29 2007 Shad L. Lords 4.18.0-3 +- Add console backup to USB [SME: 2317] + +* Sun Jan 28 2007 Shad L. Lords 4.18.0-2 +- Fix backtitle for saving changes [SME: 2328] + +* Fri Jan 26 2007 Shad L. Lords 4.18.0-1 +- Roll stable stream. [SME: 2328] + +* Tue Jan 23 2007 Charlie Brady 4.17.2-8 +- Remove unused ifcfg-log:0 templates. [SME: 2368] + +* Tue Jan 23 2007 Charlie Brady 4.17.2-7 +- Add template fragments to allow forcing of ethernet negotiation + parameters [SME: 2362] + +* Tue Jan 23 2007 Charlie Brady 4.17.2-6 +- Remove unused pam and abl templates (remnants of some stuff I + was prototyping). + +* Fri Jan 19 2007 Shad L. Lords 4.17.2-5 +- [Forward-ported from 4.17.0] +- Refactor console code considerably, and add restore from CDROM/USB + backup capability to console. +- Remove deprecated %conf use in console. [SME: 1856] + +* Fri Jan 19 2007 Shad L. Lords 4.17.2-4 +- [Ported from e-smith-base+ldap] +- Add support for use of pam_tally and/or pam_abl modules. Both + are disabled by default. +- Update /etc/pam.d/{ftp,passwd} templates. +- Add template for /etc/pam.d/system-auth. + +* Fri Jan 19 2007 Shad L. Lords 4.17.2-3 +- [Forward-ported from 4.17.0] +- Move masq fragments to e-smith-packetfilter rpm. + +* Fri Jan 19 2007 Shad L. Lords 4.17.2-2 +- [Forward-ported from 4.17.0] +- Remove server-manager templates and scripts - move to e-smith-manager. + [SME: 2023] + +* Fri Jan 19 2007 Shad L. Lords 4.17.2-1 +- [Forward-ported from 4.17.0] +- Combine dhcp client, pppoe, dialup and static WAN connections into + "wan" service. [SME 1795] + +* Fri Jan 19 2007 Shad L. Lords 4.17.2-0 +- Make new development stream. Based from 4.16.0-39. + +* Sun Jan 14 2007 Shad L. Lords 4.16.0-39 +- [Back-port from 4.17.0-23] +- Add admin email forwarding to modify user panel [SME: 827] + +* Sat Jan 13 2007 Shad L. Lords 4.16.0-38 +- [Back-port from 4.17.0-22] +- Fix last patch so that data is pulled correctly [SME: 1034] + +* Sat Jan 13 2007 Shad L. Lords 4.16.0-37 +- [Back-port from 4.17.0-21] +- Make purge-old-logs configurable via db [SME: 1034] + +* Wed Jan 10 2007 Shad L. Lords 4.16.0-36 +- [Back-port from 4.17.0-20] +- Don't regenerate key and only regenerate crt when expired. [SME: 2035] + +* Tue Dec 26 2006 Gordon Rowell 4.16.0-35 +- [Back-port from 4.17.0-19] +- And mark admin_raidreport as only available for local mail [SME: 2139] + +* Tue Dec 26 2006 Gordon Rowell 4.16.0-34 +- [Back-port from 4.17.0-17, 4.17.0-18] +- Send raidmonitor output to admin_raidreport pseudonym [SME: 2139] +- And mark admin_raidreport as non-Removable [SME: 2139] + +* Sat Dec 23 2006 Shad L. Lords 4.16.0-33 +- Disable raid based on /proc/partitions (which is dynamic) instead + of grub/device.map (which is static) [SME: 2131] + +* Fri Dec 22 2006 Shad L. Lords 4.16.0-32 +- Check device size after calculating space needed. [SME: 2131] + +* Fri Dec 08 2006 Shad L. Lords 4.16.0-31 +- Create partitions in order of size. This makes sure boot is first and + / is last. Also last partitions fills all available space making resizing + easier. [SME: 2131] + +* Thu Dec 07 2006 Shad L. Lords +- Update to new release naming. No functional changes. +- Make Packager generic + +* Tue Dec 05 2006 Shad L. Lords 4.16.0-30 +- Update manage raid console functions to handle all raid types [SME: 2131] + +* Tue Nov 21 2006 Charlie Brady 4.16.0-29 +- Fix warning from dhclient.conf template expansion. + +* Wed Aug 30 2006 Charlie Brady 4.16.0-28 +- Add missing LocalModule for mod_proxy_http to admin apache conf. + [SME: 1853] + +* Fri Jul 14 2006 Charlie Brady 4.16.0-27 +- Prevent daily regeneration of SSL cert if City/Company/Department are + empty. [SME: 1602] + +* Wed Jun 28 2006 Gavin Weight 4.16.0-26 +- Menu text in console is incorrect for RAID5 installs. [SME: 404] + +* Wed Jun 14 2006 Gavin Weight 4.16.0-25 +- Modify user create page to show henry:miller not henry_miller. [SME: 531] + +* Fri Jun 9 2006 Gavin Weight 4.16.0-24 +- Remove lines for creating symlink to statusreport from spec file. [SME: 450] + +* Tue Jun 6 2006 Gordon Rowell 4.16.0-23 +- Allow for admin account when locking null passwords, and perform + check in post-upgrade so that the password screen will be presented + after the reboot [SME: 1529] + +* Tue Jun 6 2006 Gordon Rowell 4.16.0-22 +- Correct argument ordering in last change [SME: 790, SME: 1541] + +* Sun May 28 2006 Charlie Brady 4.16.0-21 +- Increase cert serial number when new certificate is generated. [SME: 790] + +* Sun May 28 2006 Charlie Brady 4.16.0-20 +- Change ssl.crt template so that cert is regenerated if issuer information + has changed. [SME: 1484] + +* Thu Apr 27 2006 Gavin Weight 4.16.0-19 +- Change default shutdown value from shutdown to reboot. [SME: 1320] + +* Sun Apr 23 2006 Charlie Brady 4.16.0-18 +- Fix syntax error introduced in last change (and reuse $rc and $choice in + raidManage.pl). [SME: 1285,1300] + +* Fri Apr 21 2006 Gordon Rowell 4.16.0-17 +- Force masq service to enabled for servergateway modes, but + leave at current setting for serveronly. Revises -09 change [SME: 1209] + +* Wed Apr 19 2006 Charlie Brady 4.16.0-16 +- Add big warning about wiping disk to raid management screen. + [SME: 1285] + +* Tue Apr 18 2006 Charlie Brady 4.16.0-15 +- Ensure that rmmod-bonding doesn't return error status if + bonding is not enabled (e.g. during upgrade) [SME: 935] + +* Tue Apr 18 2006 Charlie Brady 4.16.0-14 +- Avoid warning from NICBondingOptions migrate fragment. [SME: 1271] + +* Tue Apr 18 2006 Gordon Rowell 4.16.0-13 +- Always save ssh property changes, even if sshd is disabled [SME: 1210] + +* Thu Apr 13 2006 Charlie Brady 4.16.0-12 +- Don't run kudzu at every bootup. [SME: 727] + +* Tue Apr 11 2006 Charlie Brady 4.16.0-11 +- More fixes to dhclient configuration (courtesy of Richard Schiffelers). + [SME: 881] + +* Mon Apr 10 2006 Charlie Brady 4.16.0-10 +- Fixes to dhclient configuration (courtesy of Richard Schiffelers). + [SME: 881] + +* Thu Apr 6 2006 Gordon Rowell 4.16.0-09 +- Enable the masq service to ensure that installs and upgrades + are consistent. If someone really wants to disable it, they can + add a force fragment [SME: 1209] + +* Thu Apr 6 2006 Gordon Rowell 4.16.0-08 +- Lock accounts with bad SMB passwords [SME: 1193] + +* Thu Apr 6 2006 Gordon Rowell 4.16.0-07 +- Revert password length restriction changes [SME: 1193] + +* Thu Apr 6 2006 Gordon Rowell 4.16.0-06 +- Adjust plural in page title in last patch [SME: 1193] + +* Thu Apr 6 2006 Gordon Rowell 4.16.0-05 +- Adjust console logic for 14 character password restriction [SME: 1193] + +* Wed Apr 5 2006 Gordon Rowell 4.16.0-04 +- Only process 'network' entries in route-eth0 template [SME: 1182] + +* Wed Apr 5 2006 Gordon Rowell 4.16.0-03 +- Restrict passwords to 14 characters [SME: 1193] + +* Tue Mar 14 2006 Gordon Rowell 4.16.0-02 +- Rename anaconda logs, but leave a symlink. Do nothing if the log + is already a symlink or missing [SME: 808] + +* Tue Mar 14 2006 Charlie Brady 4.16.0-01 +- Roll stable stream version. [SME: 1016] + +* Tue Mar 14 2006 Gordon Rowell 4.15.9-20 +- Ensure that each user has a Shell property in post-upgrade. + If they didn't have one before, set it to the current value in + /etc/passwd. [SME: 859] + +* Tue Mar 14 2006 Gordon Rowell 4.15.9-19 +- Copy anaconda logs instead of renaming them in post-upgrade [SME: 808] +- Adjust timestamp of copied logs to logfiles2timestamp format [SME: 808] + +* Mon Mar 13 2006 Gordon Rowell 4.15.9-18 +- Change modSSL to be private in Private Server and Gateway mode [SME: 328] + +* Mon Mar 13 2006 Gordon Rowell 4.15.9-17 +- And remove now redundant calls to wherenext [SME: 986] + +* Fri Mar 10 2006 Charlie Brady 4.15.9-16 +- Fix FM page name (FirstPage => First) in a few places. [SME: 986] + +* Tue Mar 7 2006 Gordon Rowell 4.15.9-15 +- Correct typo in -13 change which hid message [SME: 964] + +* Tue Mar 7 2006 Gordon Rowell 4.15.9-14 +- Display a message for single disk installs which catches that + case and tells people that they can add a second disk and produce + a mirrored pair [SME: 958] + +* Tue Mar 7 2006 Gordon Rowell 4.15.9-13 +- Display a nicer message when a spare disk is available to be + added to the pair [SME: 964] +- Blank line for consistency with other messages [SME: 964] + +* Tue Mar 7 2006 Gordon Rowell 4.15.9-12 +- Check whether a resync is in progress so we don't state that + intervention is required when it is not [SME: 958] + +* Tue Mar 7 2006 Gordon Rowell 4.15.9-11 +- Check whether destination drive of add_mirror is already part + of a RAID device. If so, complain and exit [SME: 870] +- Also ensure that /sbin is in the PATH + +* Sun Mar 5 2006 Charlie Brady 4.15.9-10 +- Fixes to dhclient configuration. [SME: 881] + +* Fri Mar 03 2006 Mark Knox 4.15.9-09 +- Added NIC Bonding options screen in console [SME: 935] +- Migrate old NICBondingOptions to new defaults, and added new default + options [SME: 935] +- rmmod bonding.ko in bootstrap-console-save so new options work + without extra reboot [SME: 935] + +* Wed Mar 01 2006 Mark Knox 4.15.9-08 +- Allow NICBondingOptions in 10bonding template fragment [SME: 918] + +* Wed Mar 01 2006 Charlie Brady 4.15.9-07 +- Bump pppoe run script mlimit from 10M to 25M. [SME: 907] + +* Fri Feb 24 2006 Gordon Rowell 4.15.9-06 +- Re-do -04 change as a patch so it sticks [SME: 863] + +* Thu Feb 23 2006 Charlie Brady 4.15.9-05 +- Add templates for dhclient configuration file. [SME: 881] + +* Wed Feb 22 2006 Charlie Brady 4.15.9-04 +- Remove default fragment for AdminEmail [SME: 863] + +* Tue Feb 21 2006 Gordon Rowell 4.15.9-03 + Mon Feb 21 2006 --> Mon Feb 20 2006 or Tue Feb 21 2006 or Mon Feb 27 2006 or .... +- Change 'Reconfigure' to lower case in menu [SME: 2] + +* Mon Feb 20 2006 Gordon Rowell 4.15.9-02 +- Add requires for mdadm. We use it in the console and raid monitor + and it won't get installed for 5.x upgrades [SME: 767] + +* Fri Feb 17 2006 Gordon Rowell 4.15.9-01 +- Roll patches to 4.15.8-60 +- Trim changelog before 4.15.3-01 [SME: 828] + +* Fri Feb 17 2006 Gordon Rowell 4.15.8-60 +- Also rotate /var/log/anaconda.{log,syslog} in post-upgrade [SME: 808] + +* Fri Feb 17 2006 Gordon Rowell 4.15.8-59 +- Change 'Reconfigure' to lower case in -57 change [SME: 2] + +* Fri Feb 17 2006 Gordon Rowell 4.15.8-58 +- Add /root/upgrade.log and /root/upgrade.log.syslog to + logfiles2timestamp in post-upgrade event so we preserve + them across multiple upgrades [SME: 808] + +* Fri Feb 17 2006 Gavin Weight 4.15.8-57 +- Added Reconfigure and Reboot option in console, changed + main console menu to reflect Reconfigure option [SME: 2] + +* Thu Feb 16 2006 Gordon Rowell 4.15.8-56 +- Default EmailForward to 'local' in case that part of the panel + is hidden from view [SME: 704] + +* Thu Feb 16 2006 Gordon Rowell 4.15.8-55 +- Adjust console title bar to 'SME Server' [SME: 726] +- Change title on "Choose administrator password" screens + +* Mon Feb 13 2006 Mark Knox 4.15.8-54 +- Set EthernetDriver2 property when bonding is enabled [SME: 776] + +* Mon Feb 13 2006 Gordon Rowell 4.15.8-53 +- Remove cpuspeed.contrib ClearCase droppings [SME: 754] + +* Sun Feb 12 2006 Charlie Brady 4.15.8-52 +- Start bootstrap-console earlier - in particular before raidmonitor. + Don't try to restart 'random'. [SME: 743] + +* Sun Feb 12 2006 Charlie Brady 4.15.8-51 +- Obsolete keytable service. [SME: 746] + +* Sat Feb 11 2006 Shad L. Lords 4.15.8-50 +- Run kudzu -q from inittab [SME: 727] + +* Thu Feb 9 2006 Charlie Brady 4.15.8-49 +- Make bootp support optional, defaulting to 'deny'. [SME: 660] + +* Thu Feb 9 2006 Gavin Weight 4.15.8-48 +- Removed the online-manual. [SME: 407] + +* Thu Feb 9 2006 Gordon Rowell 4.15.8-47 +- Hide email forwarding options on useraccounts page if there is + no 'smtpd' record [SME: 704] + +* Wed Feb 8 2006 Charlie Brady 4.15.8-46 +- Fix conversion of user shell from sshell to rssh. [SME: 699] + +* Tue Feb 7 2006 Gordon Rowell 4.15.8-45 +- Fix up location of 00openRW fragments from change 41 [SME: 659. 679] + +* Mon Feb 6 2006 Gordon Rowell 4.15.8-44 +- Change logic for determining RAID partitions in use [SME: 516] +- Add detailed output of the RAID state to messages log [SME: 516] + +* Mon Feb 6 2006 Gordon Rowell 4.15.8-43 +- Only say that a RAID device is clean if truly clean [SME: 516] +- Adjusted warning to say 'may be required' instead of 'is' + +* Mon Feb 6 2006 Gordon Rowell 4.15.8-42 +- Delete 'deny bootp' fragment from dhcpd.conf, reverting to + default, which is to allow bootp. [SME: 660] + +* Sun Feb 5 2006 Charlie Brady 4.15.8-41 +- Use appropriate esmith::*DB class for 00openRW migrate fragments. + [SME: 659] + +* Tue Jan 31 2006 Gavin Weight 4.15.8-40 +- Added EmailForward migrate fragment [SME: 598] + +* Tue Jan 31 2006 Gavin Weight 4.15.8-39 +- Added text periods and underscores in useraccounts [SME: 531] + +* Tue Jan 31 2006 Gavin Weight 4.15.8-38 +- Updated copyright text in server-manager [SME: 459] + +* Tue Jan 31 2006 Gavin Weight 4.15.8-37 +- The menu text incorrect for RAID5 configurations [SME: 404] + +* Tue Jan 31 2006 Shad L. Lords 4.15.8-36 +- Disable zeroconf so 169.254.0.0/16 route isn't created [SME: 613] + +* Sun Jan 29 2006 Charlie Brady 4.15.8-35 +- Fix flip of access settings to default on first post-upgrade (e.g. + sshd from public to private). [SME: 495] + +* Sun Jan 29 2006 Charlie Brady 4.15.8-34 +- Remove remnants of statustest. [SME: 450] + +* Wed Jan 25 2006 Charlie Brady 4.15.8-33 +- Add templated elinks config file. [SME: 444] + +* Mon Jan 23 2006 Shad L. Lords 4.15.8-32 +- Help raidmonitor report more than just failures [SME: 496] + +* Mon Jan 23 2006 Gordon Rowell 4.15.8-31 +- Create ~/.ssh as part of skeleton home directory [SME: 456] + +* Wed Jan 18 2006 Charlie Brady 4.15.8-30 +- Fix reboot problem when switching WAN from dynamic to static + address. [SME: 500] + +* Fri Jan 13 2006 Mark Knox 4.15.8-29 +- New migrate fragment to clean up NIC bonding property [SME: 449] + +* Fri Jan 13 2006 Gordon Rowell 4.15.8-28 +- Fix account regexp for set_password case [SME: 24] + +* Wed Jan 11 2006 Mark Knox 4.15.8-27 +- New console option for ethernet bonding [SME: 449] + +* Mon Jan 9 2006 Gordon Rowell 4.15.8-26 +- Allow dot and underscore in account names [SME: 24] +- Default maxAcctNameLength and maxGroupNameLength to 31 [SME: 24] + +* Thu Jan 5 2006 Charlie Brady 4.15.8-25 +- Avoid generating warning messages during interfaces migration + template fragment. [SME: 354] + +* Thu Jan 5 2006 Charlie Brady 4.15.8-24 +- Don't add obsolete ipsec net-pf aliases to modprobe.conf, and + remove them if found. [SME: 390] + +* Mon Jan 2 2006 Charlie Brady 4.15.8-23 +- Use regexp as well as cracklib to check admin password in console. + [SME: 335] + +* Mon Jan 2 2006 Gordon Rowell 4.15.8-22 +- Change heuristic for finding disks in manageRAID.pl [SME: 342] + +* Sun Dec 25 2005 Gordon Rowell 4.15.8-21 + Sat Dec 25 2005 --> Sat Dec 24 2005 or Sun Dec 25 2005 or Sat Dec 31 2005 or .... +- Move testInternet console menu item to smeserver-support [SME: 364] + +* Fri Dec 16 2005 Charlie Brady 4.15.8-20 +- Fix localization bug in add_mirror. [SME: 341] + +* Thu Dec 15 2005 Gordon Rowell 4.15.8-19 +- Remove the "In eight seconds" untruth from shutdown/reboot [SME: 86] + +* Thu Dec 15 2005 Gordon Rowell 4.15.8-18 +- Added modSSL{CipherSuite} default [SME: 194] + +* Wed Dec 14 2005 Gordon Rowell 4.15.8-17 +- Enable microcode_ctl service by default [SME: 74] + +* Wed Dec 14 2005 Gordon Rowell 4.15.8-16 +- Removed accounts db default for 'common' +- Added accounts db defaults for server-common and server-resources [SME: 77] + +* Wed Dec 14 2005 Gordon Rowell 4.15.8-15 +- Ensure that Nameservers==localhost is set for the primary domain [SME: 137] + +* Wed Dec 14 2005 Gordon Rowell 4.15.8-14 +- And remove db defaults for sysstat service [SME: 327] + +* Wed Dec 14 2005 Gordon Rowell 4.15.8-13 +- Remove sysstat startup symlink [SME: 327] + +* Wed Dec 14 2005 Gordon Rowell 4.15.8-12 +- Default sysconfig{PreviousSystemMode} == unknown [SME: 75] + +* Wed Dec 14 2005 Gordon Rowell 4.15.8-11 +- Remove Requires: sysstat [SME: 327] + +* Sat Dec 10 2005 Charlie Brady 4.15.8-10 +- Move code for testing internet access into menu item file. + [SME: 261] + +* Thu Dec 8 2005 Charlie Brady 4.15.8-09 +- Fix looping in console at swap ethernet choice page. [SME: 68] + +* Wed Dec 7 2005 Gordon Rowell 4.15.8-08 +- Fix taint issues with RAID management menu item [SME: 253] + +* Mon Dec 05 2005 Filippo Carletti 4.15.8-07 +- console: DHCP range (wrong path chosen for non-English) [SME: 157] + +* Fri Dec 2 2005 Gordon Rowell 4.15.8-06 +- Initial cut at console menu item to (re)add RAID-1 mirror [SME: 253] +- Needs to move to /sbin/e-smith/console-menu-items, once I work out + what I believe is a taint issue. + +* Wed Nov 30 2005 Gordon Rowell 4.15.8-05 +- Change 'standby' to 'stand by' in console [SME: 66] + +* Wed Nov 30 2005 Gordon Rowell 4.15.8-04 +- Fix routing on eth0 for multiple local networks [SME: 203] + +* Wed Nov 30 2005 Gordon Rowell 4.15.8-03 +- Bump release number only + +* Mon Nov 28 2005 Charlie Brady +- [4.15.8-02] +- Re-import head to CVS. +- Regenerate both key and cert when cert expires, not just crt. [SF: 1365965] + +* Sun Nov 20 2005 Gordon Rowell +- [4.15.8-01] +- Default cpuspeed to disabled [MN00107779] + +* Wed Nov 16 2005 Mark Knox +- [4.15.7-01] +- Imported to ClearCase +- Changed console sort order from ASCII to numeric [MN00107120] + +* Sun Nov 13 2005 Gordon Rowell +- [4.15.6-09] +- Add -f option to add_mirror to allow use of disks with existing + partition tables [MN00101667] + +* Sun Nov 13 2005 Gordon Rowell +- [4.15.6-08] +- Add reconfiguration reboot option to reboot panel [SF: 1349946] +- TODO: Cleanup so that the red warning header doesn't display since + the reboot is going to happen anyway + +* Mon Nov 7 2005 Gordon Rowell +- [4.15.6-07] +- Only signal-event ip-change on the BOUND action of dhclient [SF: 1344853] + +* Tue Nov 1 2005 Charlie Brady +- [4.15.6-06] +- Change DISABLED -> OFF in init script messages, and go back to standard + alignment. [SF: 1264702, 134543] + +* Mon Oct 24 2005 Charlie Brady +- [4.15.6-05] +- Add default value of SYSFONTACM to /etc/sysconfig/i18n. [SF: 1295293] + +* Mon Oct 24 2005 Charlie Brady +- [4.15.6-04] +- Replace grub setup commands in add_mirror with an exec of an external + script. This script will be provided by a bootloader specific package, + e.g. e-smith-lilo or e-smith-grub. That package should include a + "Provides: e-smith-bootloader" header, to satisfy a Requires in this + package. [SF: 1335937] + +* Thu Oct 20 2005 Charlie Brady +- [4.15.6-03] +- Unload network drivers immediately after rc.sysinit runs, so that + we can control the order of allocation of eth0 and eth1. [SF: 1332366] + +* Mon Oct 17 2005 Charlie Brady +- [4.15.6-02] +- Disable raid monitor if /boot/grub/device.map suggests that the system + is a single disk system. [SF: 1269091] + +* Fri Oct 14 2005 Gordon Rowell +- [4.15.6-01] +- Remove L10Ns from base packages [SF: 1309520] + +* Fri Oct 14 2005 Gordon Rowell +- [4.15.5-01] +- New dev stream before relocating L10Ns + +* Thu Oct 13 2005 Gordon Rowell +- [4.15.4-52] +- Add /sbin/e-smith/add_mirror [SF: 1325479] + +* Tue Oct 11 2005 Charlie Brady +- [4.15.4-51] +- Untaint menu choice when ethernet driver is chosen from menu. [SF: 1323270] + +* Tue Oct 11 2005 Charlie Brady +- [4.15.4-50] +- Move user-create-unix action before template expansions, so + that getpwnam can be used in template fragments. Ditto + for group-create-unix. [SF. 1322231] + +* Sun Oct 9 2005 Charlie Brady +- [4.15.4-49] +- Fix spelling mistake in useraccounts panel. [SF: 1320002] + +* Fri Sep 30 2005 Gordon Rowell +- [4.15.4-48] +- Revised translation of groups panel, reordered to match + the English lexicon - Thanks Didier Rambeau [SF: 1305184] + +* Fri Sep 30 2005 Gordon Rowell +- [4.15.4-47] +- Added foot.tmpl for Italian [SF: 1309266] + +* Fri Sep 30 2005 Gordon Rowell +- [4.15.4-46] +- Added Italian L10Ns - Thanks Filippo Carletti [SF: 1309266] + +* Fri Sep 30 2005 Gordon Rowell +- [4.15.4-45] +- Added Italian for Please wait - we should do this through gettext + or similar [SF: 1309288] + +* Thu Sep 29 2005 Gordon Rowell +- [4.15.4-44] +- Reword Master DNS Server screen as "Corporated DNS Server", in + line with domains panel [gordonr MN00096914] + +* Mon Sep 26 2005 Gordon Rowell +- [4.15.4-43] +- German L10Ns for userpassword and console - Thanks Dietmar Berteld + [SF: 1293325] + +* Sun Sep 25 2005 Gordon Rowell +- [4.15.4-42] +- Added German L10N - Thanks Dietmar Berteld [SF: 1293325] + +* Sun Sep 25 2005 Gordon Rowell +- [4.15.4-41] +- Added "de" to pleasewait ugliness case statement and + sorted the list alphabetically [SF: 1293325] + +* Fri Sep 23 2005 Gordon Rowell +- [4.15.4-40] +- Convert [s]smtpfront-qmail to [s]smtpd in migrate fragment [SF: 1291265] + +* Thu Sep 22 2005 Charlie Brady +- [4.15.4-39] +- Add preliminary support for ethernet bonding on local interface. +- Modify user-modify-unix so that usermod is not called to change + shell or GCOS field unless they need to change. + +* Mon Sep 12 2005 Charlie Brady +- [4.15.4-38] +- Update filelist entries for databases which have moved + from /home/e-smith to /home/e-smith/db [SF: 1216546] + +* Tue Sep 6 2005 Tony Clayton +- [4.15.4-37] +- Create /mnt/floppy symlink if required in post-{install,upgrade}. + [MN00095821] +- Haldaemon race conditions seem quite recalcitrant, so don't try to create + /mnt/cdrom symlink. [SF: 1260322] +- Disable CTRL-C in console [tonyc SF: 1264697] +- Catch CTRL-C in console during Test Internet [tonyc SF: 1264697] + +* Tue Sep 6 2005 Charlie Brady +- [4.15.4-36] +- Rework user-group-modify to work around perl bug in getgrent(). [SF 1276553] + +* Tue Sep 6 2005 Charlie Brady +- [4.15.4-35] +- Also create /mnt/floppy symlink if required. [MN00095821] + +* Mon Sep 5 2005 Gordon Rowell +- [4.15.4-34] +- Re-add Master DNS Server console screen [gordonr MN00096910, MN00088222] + +* Fri Sep 2 2005 Charlie Brady +- [4.15.4-33] +- Fix race condition in /mnt/cdrom symlink creation, by creating + symlink from haldaemon action. [SF: 1260322] + +* Thu Sep 1 2005 Charlie Brady +- [4.15.4-32] +- Really create /mnt/cdrom symlink if required. [SF: 1260322] + +* Tue Aug 30 2005 Shad Lords +- [4.15.4-31] +- Update services entries to conform with RHEL4 services [SF: 1276479] + +* Mon Aug 29 2005 Charlie Brady +- [4.15.4-30] +- Correctly handle multiple net specification in ValidFrom for httpd-admin. + [SF: 1273756] + +* Tue Aug 23 2005 Charlie Brady +- [4.15.4-29] +- Fix taint problem in license text in option 6 of the console menu. + [SF: 1267284] + +* Tue Aug 23 2005 Gordon Rowell +- [4.15.4-28] +- Respect Shell property of user accounts [SF: 1266706] + +* Thu Aug 18 2005 Charlie Brady +- [4.15.4-27] +- Modify /sbin/e-smith/service so that it runs /sbin/service unless + runlevel is 7. [SF: 1237968] +- Only prefix /sbin/e-smith to PATH if user is root. [SF: 1250579] + +* Tue Aug 16 2005 Charlie Brady +- [4.15.4-26] +- Add Requires for bridge-utils and vconfig. + +* Tue Aug 16 2005 Charlie Brady +- [4.15.4-25] +- Add "Requires: rssh". + +* Mon Aug 15 2005 Charlie Brady +- [4.15.4-24] +- Update %ghost filelist entries for databases which have moved + from /home/e-smith to /home/e-smith/db [SF: 1216546] + +* Mon Aug 15 2005 Charlie Brady +- [4.15.4-23] +- Create /mnt/cdrom symlink if required. [SF: 1260322] + +* Thu Aug 11 2005 Charlie Brady +- [4.15.4-22] +- Add Requires: whiptail so that the out fork of whiptail from the + newt package is installed on upgrade. + +* Tue Aug 9 2005 Charlie Brady +- [4.15.4-21] +- Add Requires: headers for all the additional standard daemons, to + ensure they are installed on upgrade. + +* Tue Aug 9 2005 Shad Lords +- [4.15.4-20] +- Change httpd-admin access from local to localhost [SF: 1246986] +- Change console to use 980 instead of https to avoid warnings [SF: 1246182] +- tie console to new httpd-admin{TCPPort} property. [SF: 1246986] + +* Tue Aug 2 2005 Shad Lords +- [4.15.4-19] +- Add TCPPort and access for httpd-admin [SF: 1246986] +- Fix UnsavedChanges in console [SF: 1245238] + +* Thu Jul 28 2005 Charlie Brady +- [4.15.4-18] +- Remove all use db_ API except in console (which will come later). + +* Wed Jul 27 2005 Shad Lords +- [4.15.4-17] +- Add systemid property to sysconfig db record. [SF: 1246367] + +* Wed Jul 27 2005 Shad Lords +- [4.15.4-16] +- Upgrade database APIs to latest standard. +- Move databases from /home/e-smith to /home/e-smith/db [SF: 1216546] + +* Wed Jul 27 2005 Shad Lords +- [4.15.4-15] +- Use https to access server-manager from console, to avoid redirect + problems. [SF: 1246182] + +* Wed Jul 27 2005 Shad Lords +- [4.15.4-14] +- Remove hwconfig db default entry. [SF: 1246180] + +* Wed Jul 27 2005 Charlie Brady +- [4.15.4-13] +- Remove checking against 32 group limit from UI. Thanks to Gordon Rowell + for the main patch. [SF: 1245421] + +* Tue Jul 26 2005 Charlie Brady +- [4.15.4-12] +- Patches from Shad Lords. +- Complete fix of user password validation started in 4.15.3-06. + [SF: 1242098] +- Change default password strength to "strong". [SF: 1246178] + +* Tue Jul 19 2005 Charlie Brady +- [4.15.4-11] +- Patches submitted by Gordon Rowell. +- Change /etc/modules.conf templates to /etc/modprobe.conf + and add templates.metadata/etc/modprobe.conf [SF: 1227251] +- Remove fragments 10appletalk and 95ModulePaths, since they are + for very old migrations of /etc/modules.conf + +* Tue Jul 19 2005 Charlie Brady +- [4.15.4-10] +- Move quota setup in fstab template into e-smith-quota, where it + belongs. + +* Tue Jul 12 2005 Charlie Brady +- [4.15.4-09] +- Add default db entries for messagebus and haldaemon. [SF: 1225899] + +* Tue Jul 12 2005 Charlie Brady +- [4.15.4-08] +- Add messagebus and haldaemon services, so that cdrom mount point + etc is created as required. [SF: 1225899] + +* Fri Jul 8 2005 Charlie Brady +- [4.15.4-07] +- Add miscelleous performance related standard RHEL/CentOS services. + +* Thu Jul 7 2005 Charlie Brady +- [4.15.4-06] +- Add RAID monitoring service. [SF: 1222143] + +* Tue Jul 5 2005 Charlie Brady +- [4.15.4-05] +- Fix log noise from DynDNS update script. [SF: 1231871] + +* Fri Jun 24 2005 Charlie Brady +- [4.15.4-04] +- Change default domain name setting - I'm sure that xxx is deprecated. + +* Tue Jun 21 2005 Charlie Brady +- [4.15.4-03] +- Deal gracefully with missing /etc/sysconfig/keyboard file. + +* Tue Jun 21 2005 Charlie Brady +- [4.15.4-02] +- Remove "random" service startup symlink - no longer required, as + prng is seeded by rc.sysinit. + +* Tue Jun 21 2005 Charlie Brady +- [4.15.4-01] +- Make new development stream - 4.15.4 + +* Mon Jun 20 2005 Charlie Brady +- [4.15.3-07] +- Move httpd-admin logging from inside /var/log/httpd to /var/log/httpd-admin. +- Remove mouseconfig hack. [MN00057145] + +* Fri Jun 17 2005 Charlie Brady +- [4.15.3-06] +- Fix password strength checking of user passwords. [SF: 1222255] + +* Thu Jun 16 2005 Charlie Brady +- [4.15.3-05] +- Prefix /sbin/e-smith to $PATH, rather than append. [SF: 1222092] + +* Tue Jun 14 2005 Charlie Brady +- [4.15.3-04] +- Fix set-external-ip in case of missing ExternalIP db record. [SF: 1217877] + +* Tue Jun 14 2005 Charlie Brady +- [4.15.3-03] +- Remove smbpasswd references from chap-secrets file. Don't re-expand + chap-secrets file during various user related events. [SF: 1215401] + +* Tue Jun 14 2005 Charlie Brady +- [4.15.3-02] +- Break up template for /etc/shells into fragments, and add + /usr/bin/rssh. [SF: 1220145] + +* Thu Jun 9 2005 Charlie Brady +- [4.15.3-01] +- Roll new development stream - 4.15.3 + diff --git a/root/etc/cron.daily/conf-mod_ssl b/root/etc/cron.daily/conf-mod_ssl new file mode 100644 index 0000000..091e978 --- /dev/null +++ b/root/etc/cron.daily/conf-mod_ssl @@ -0,0 +1,28 @@ +#!/usr/bin/perl -w + +use strict; +use esmith::ConfigDB; +use esmith::templates; +use esmith::event; +use Digest::file qw(digest_file_hex); + +my $c = esmith::ConfigDB->open_ro; +my $s = $c->get('SystemName')->value; +my $d = $c->get('DomainName')->value; +my $pem = "/home/e-smith/ssl.pem/$s.$d.pem"; + +if (!-e $pem){ + die "$pem doesn't exist. This shouldn't happen. Please report a bug\n"; +} + +my $old_hash = digest_file_hex( $pem, 'SHA-1' ); + +esmith::templates::processTemplate({ + TEMPLATE_PATH => '/home/e-smith/ssl.pem/pem', +}); + +my $new_hash = digest_file_hex( $pem, 'SHA-1' ); + +if ($old_hash ne $new_hash){ + event_signal("ssl-update"); +} diff --git a/root/etc/dhcp/dhclient-exit-hooks b/root/etc/dhcp/dhclient-exit-hooks new file mode 100644 index 0000000..c188437 --- /dev/null +++ b/root/etc/dhcp/dhclient-exit-hooks @@ -0,0 +1,4 @@ +if [ "$reason" = "BOUND" ] +then + /sbin/e-smith/signal-event ip-change "$new_ip_address" "$interface" +fi diff --git a/root/etc/diald/device.conf b/root/etc/diald/device.conf new file mode 100644 index 0000000..e4b3d74 --- /dev/null +++ b/root/etc/diald/device.conf @@ -0,0 +1,14 @@ +# This file is used by /usr/share/diald/connect to determine how +# to establish a connection using the given device. +# +# First match is used. List specific device names before generic types. +# +# Device type Dial method +# ----------- ----------- +/dev/ttyS0 modem/generic +/dev/ttyS1 modem/generic +/dev/ttyS2 modem/generic +/dev/ttyS3 modem/generic +modem modem/generic +ippp isdn +isdn isdn diff --git a/root/etc/diald/scripts/connect b/root/etc/diald/scripts/connect new file mode 100755 index 0000000..880bf65 --- /dev/null +++ b/root/etc/diald/scripts/connect @@ -0,0 +1,130 @@ +#!/bin/sh + +# $DIALD_LINK is the name of the link we are connecting. +# $DIALD_DEVICE is the device we are calling out on. + +#CFG_SCRIPTS='/usr/share/diald' +CFG_SCRIPTS='/etc/diald/scripts' +CFG_DEVICE='/etc/diald/device.conf' +CFG_LINK="/etc/diald/link" +CFG_SEQ='/var/run' + +# $DIALD_DEVTYPE is a sanitized version of $DIALD_DEVICE. +case "$DIALD_DEVICE" in + ippp*) DIALD_DEVTYPE='isdn' ;; + isdn*) DIALD_DEVTYPE='isdn' ;; + *) DIALD_DEVTYPE='modem' ;; +esac + + +connect() +{ + status=0 + + # If this device has a dial script we use it to bring up + # the physical link. + if [ -n "$dial_script" -a "$dial_script" != '-' ]; then + "$CFG_SCRIPTS/$dial_script" + status=$? + if [ $status -ne 0 ]; then + exit $status + fi + fi + + # If we need to do some form of login when connecting this + # link over this device, do it now. + if [ -n "$LOGIN" -a "$LOGIN" != '-' ]; then + "$CFG_SCRIPTS/login/$LOGIN" + status=$? + fi + + # If everything worked we start from the beginning of the + # list again next time + if [ $status -eq 0 ]; then + echo 1 > "$CFG_SEQ/dialdseq.$DIALD_LINK" + fi + + exit $status +} + + +# Save stdin, we need it later if we are dialling a modem. +exec 9<&0 + +# Find out what dial script to use on this device. +exec < "$CFG_DEVICE" +gotdev= +while read dev dial_script dial_args +do + # Ignore blank lines and comments. + case "$dev" in + '#'*|'') + continue ;; + esac + + if [ "$dev" = "$DIALD_DEVICE" -o "$dev" = "$DIALD_DEVTYPE" ]; then + gotdev=1 + break + fi +done +if [ -z "$gotdev" ]; then + echo "<3>No entry for $DIALD_DEVICE, type $DIALD_DEVTYPE in $CFG_DEVICE" + exit 1 +fi + + +seq=0 +if [ -r "$CFG_SEQ/dialdseq.$DIALD_LINK" ]; then + seq=`cat "$CFG_SEQ/dialdseq.$DIALD_LINK"` +fi +seq=`expr $seq + 1` +echo $seq > "$CFG_SEQ/dialdseq.$DIALD_LINK" + + +passes=2 +while [ $passes -gt 0 ]; do + passes=`expr $passes - 1` + + exec < "$CFG_LINK" + dev_type= + link_params= + base_params= + counted=0 + while read dev_type link_params + do + # Ignore blank lines and comments. + case "$dev_type" in + '#'*|'') + continue ;; + esac + + if [ "$dev_type" = '=' ]; then + base_params="$link_params" + elif [ "$dev_type" = '+' ]; then + base_params="$base_params $link_params" + elif [ "$dev_type" = "$DIALD_DEVICE" \ + -o "$dev_type" = "$DIALD_DEVTYPE" ]; then + counted=`expr $counted + 1` + seq=`expr $seq - 1` + if [ $seq -eq 0 ]; then + passes=0 + exec 0<&9 + eval "$dial_args $base_params $link_params connect" + exit $? + fi + fi + done + + # If no entries match there is a problem + if [ $counted -eq 0 ]; then + echo "<3>No entry for $DIALD_DEVICE, type $DIALD_DEVTYPE in $CFG_LINK" + exit 1 + fi + + # One or more entries exists, we have just run off the end + # of the list so we have to start again from the top. + echo 1 > "$CFG_SEQ/dialdseq.$DIALD_LINK" + seq=1 +done + +exit 1 diff --git a/root/etc/diald/scripts/disconnect b/root/etc/diald/scripts/disconnect new file mode 100755 index 0000000..b48e3b9 --- /dev/null +++ b/root/etc/diald/scripts/disconnect @@ -0,0 +1,106 @@ +#!/bin/sh + +# $DIALD_LINK is the name of the link we are disconnecting. +# $DIALD_DEVICE is the device we are called out on. + +#CFG_SCRIPTS='/usr/share/diald' +CFG_SCRIPTS='/etc/diald/scripts' +CFG_DEVICE='/etc/diald/device.conf' +CFG_LINK="/etc/diald/link" +CFG_SEQ='/var/run' + +# $DIALD_DEVTYPE is a sanitized version of $DIALD_DEVICE. +case "$DIALD_DEVICE" in + ippp*) DIALD_DEVTYPE='isdn' ;; + isdn*) DIALD_DEVTYPE='isdn' ;; + *) DIALD_DEVTYPE='modem' ;; +esac + + +disconnect() +{ + status=0 + + # If this device has a hangup script we use it to hang up + # the physical link. + if [ -n "$dial_script" -a "$dial_script" != '-' \ + -a -x "$CFG_SCRIPTS/$dial_script.hangup" ]; then + "$CFG_SCRIPTS/$dial_script.hangup" + status=$? + if [ $status -ne 0 ]; then + exit $status + fi + fi + + exit $status +} + + +# Save stdin, we need it later if we are dialling a modem. +exec 9<&0 + +# Find out what dial script to use on this device. +exec < "$CFG_DEVICE" +gotdev= +while read dev dial_script dial_args +do + # Ignore blank lines and comments. + case "$dev" in + '#'*|'') + continue ;; + esac + + if [ "$dev" = "$DIALD_DEVICE" -o "$dev" = "$DIALD_DEVTYPE" ]; then + gotdev=1 + break + fi +done +if [ -z "$gotdev" ]; then + echo "<3>No entry for $DIALD_DEVICE, type $DIALD_DEVTYPE in $CFG_DEVICE" + exit 1 +fi + + +seq=1 +if [ -r "$CFG_SEQ/dialdseq.$DIALD_LINK" ]; then + seq=`cat "$CFG_SEQ/dialdseq.$DIALD_LINK"` +fi + + +exec < "$CFG_LINK" +dev_type= +link_params= +base_params= +counted=0 +while read dev_type link_params +do + # Ignore blank lines and comments. + case "$dev_type" in + '#'*|'') + continue ;; + esac + + if [ "$dev_type" = '=' ]; then + base_params="$link_params" + elif [ "$dev_type" = '+' ]; then + base_params="$base_params $link_params" + elif [ "$dev_type" = "$DIALD_DEVICE" \ + -o "$dev_type" = "$DIALD_DEVTYPE" ]; then + seq=`expr $seq - 1` + counted=`expr $counted + 1` + if [ $seq -eq 0 ]; then + exec 0<&9 + eval "$dial_args $base_params $link_params disconnect" + exit $? + fi + fi +done + +# If no entries match there is a problem +if [ $counted -eq 0 ]; then + echo "<3>No entry for $DIALD_DEVICE, type $DIALD_DEVTYPE in $CFG_LINK" + exit 1 +fi + +echo "<3>Did not find entry matching sequence number $seq for $DIALD_DEVICE, type $DIALD_DEVTYPE in $CFG_LINK" +exit 1 diff --git a/root/etc/diald/scripts/isdn b/root/etc/diald/scripts/isdn new file mode 100755 index 0000000..2a7b1b9 --- /dev/null +++ b/root/etc/diald/scripts/isdn @@ -0,0 +1,83 @@ +#!/bin/sh +#exec > /tmp/isdn.log 2>&1 +#set -x + + +end_dial() { + for n in $PHONE + do + /usr/sbin/isdnctrl delphone "$DIALD_DEVICE" out "$n" + done + /usr/sbin/isdnctrl eaz "$DIALD_DEVICE" "$EAZ_IN" + if [ $status -ne 0 ]; then + # You should have specified "lock" in diald's config + # otherwise if we try and dial out on a device that + # is already connected we will hang it up. + /usr/sbin/isdnctrl hangup "$DIALD_DEVICE" + fi + exit $status +} + +trap 'end_dial' 0 + +for n in $PHONE +do + /usr/sbin/isdnctrl addphone "$DIALD_DEVICE" out "$n" +done +/usr/sbin/isdnctrl eaz "$DIALD_DEVICE" "$EAZ_OUT" + +/usr/sbin/isdnctrl dial "$DIALD_DEVICE" +status=$? + +if [ $status -eq 0 ]; then + status=1 + while true + do + msg=`/sbin/ifconfig "$DIALD_DEVICE" 2>&1` + if echo "$msg" | grep 'P-t-P:0.0.0.0' > /dev/null 2>&1 + then + # no link yet... + WAITTIME=`expr $WAITTIME - 1` + if [ $WAITTIME -ge 0 ]; then + # still waiting... + sleep 1 + else + echo "Timed out" 1>&2 + break + fi + elif echo "$msg" | grep 'P-t-P:\[NONE SET\]' > /dev/null 2>&1 + then + # no link yet... + WAITTIME=`expr $WAITTIME - 1` + if [ $WAITTIME -ge 0 ]; then + # still waiting... + sleep 1 + else + echo "Timed out" 1>&2 + break + fi + elif [ -n "$REMOTEIP" ]; then + if echo "$msg" | grep "P-t-P:$REMOTEIP" > /dev/null 2>&1 + then + echo "Interface up: remote host ok" 1>&2 + status=0 + break + fi + elif [ -z "$REMOTEIP" ]; then + # The remote has a dynamic IP so we have no way + # of knowing whether the dial succeeded or some + # incoming connection was accepted. (If diald + # is not using device locking we may even have + # dialled somewhere else!) + echo "Interface up: host indeterminate" 1>&2 + status=0 + break + else + # Dial failed and something else is using this link. + echo "Interface up: wrong host - not my link" 1>&2 + break + fi + done +fi + +exit $status diff --git a/root/etc/diald/scripts/isdn.hangup b/root/etc/diald/scripts/isdn.hangup new file mode 100755 index 0000000..cc260f6 --- /dev/null +++ b/root/etc/diald/scripts/isdn.hangup @@ -0,0 +1,37 @@ +#!/bin/sh + +/usr/sbin/isdnctrl eaz "$DIALD_DEVICE" "$EAZ_IN" +/usr/sbin/isdnctrl hangup "$DIALD_DEVICE" +status=$? + +if [ $status -eq 0 ]; then + status=1 + while true + do + msg=`/sbin/ifconfig "$DIALD_DEVICE" 2>&1` + if echo "$msg" | grep 'P-t-P:' > /dev/null 2>&1 + then + # no link yet... + WAITTIME=`expr $WAITTIME - 1` + if [ $WAITTIME -ge 0 ]; then + # still waiting... + sleep 1 + else + echo "Timed out - link still up" 1>&2 + break + fi + else + echo "Link is down" 1>&2 + status=0 + break + fi + done +else + echo "Error return $status from isdnctrl hangup command" 2>&1 +fi + +# Set fake IPs for ippp0 device, to help diald +/sbin/ifconfig "$DIALD_DEVICE" \ + $(/sbin/e-smith/db configuration get LocalIP) pointopoint 0.0.0.0 \ + || echo "Error ($?) while forcing ippp0 device down" 2>&1 +exit $status diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/CgiBin b/root/etc/e-smith/db/accounts/defaults/Primary/CgiBin new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/CgiBin @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/Group b/root/etc/e-smith/db/accounts/defaults/Primary/Group new file mode 100644 index 0000000..8a205e8 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/Group @@ -0,0 +1 @@ +shared diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/Modifiable b/root/etc/e-smith/db/accounts/defaults/Primary/Modifiable new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/Modifiable @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/Name b/root/etc/e-smith/db/accounts/defaults/Primary/Name new file mode 100644 index 0000000..61b21c1 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/Name @@ -0,0 +1 @@ +Primary i-bay diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/PasswordSet b/root/etc/e-smith/db/accounts/defaults/Primary/PasswordSet new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/PasswordSet @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/Passwordable b/root/etc/e-smith/db/accounts/defaults/Primary/Passwordable new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/Passwordable @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/PublicAccess b/root/etc/e-smith/db/accounts/defaults/Primary/PublicAccess new file mode 100644 index 0000000..b47d0eb --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/PublicAccess @@ -0,0 +1 @@ +global diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/Removable b/root/etc/e-smith/db/accounts/defaults/Primary/Removable new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/Removable @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/UserAccess b/root/etc/e-smith/db/accounts/defaults/Primary/UserAccess new file mode 100644 index 0000000..ed7d3b1 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/UserAccess @@ -0,0 +1 @@ +wr-admin-rd-group diff --git a/root/etc/e-smith/db/accounts/defaults/Primary/type b/root/etc/e-smith/db/accounts/defaults/Primary/type new file mode 100644 index 0000000..d340d7d --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/Primary/type @@ -0,0 +1 @@ +ibay diff --git a/root/etc/e-smith/db/accounts/defaults/admin/FirstName b/root/etc/e-smith/db/accounts/defaults/admin/FirstName new file mode 100644 index 0000000..7bb37ba --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin/FirstName @@ -0,0 +1 @@ +Local diff --git a/root/etc/e-smith/db/accounts/defaults/admin/LastName b/root/etc/e-smith/db/accounts/defaults/admin/LastName new file mode 100644 index 0000000..366214b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin/LastName @@ -0,0 +1 @@ +Administrator diff --git a/root/etc/e-smith/db/accounts/defaults/admin/Lockable b/root/etc/e-smith/db/accounts/defaults/admin/Lockable new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin/Lockable @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/accounts/defaults/admin/Removable b/root/etc/e-smith/db/accounts/defaults/admin/Removable new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin/Removable @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/accounts/defaults/admin/Shell b/root/etc/e-smith/db/accounts/defaults/admin/Shell new file mode 100644 index 0000000..753e00c --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin/Shell @@ -0,0 +1 @@ +/sbin/e-smith/console diff --git a/root/etc/e-smith/db/accounts/defaults/admin/VPNClientAccess b/root/etc/e-smith/db/accounts/defaults/admin/VPNClientAccess new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin/VPNClientAccess @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/accounts/defaults/admin/type b/root/etc/e-smith/db/accounts/defaults/admin/type new file mode 100644 index 0000000..bec3a35 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin/type @@ -0,0 +1 @@ +system diff --git a/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Account b/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Account new file mode 100644 index 0000000..7fbe952 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Account @@ -0,0 +1 @@ +admin diff --git a/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Removable b/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Removable new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Removable @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Visible b/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Visible new file mode 100644 index 0000000..ce83b25 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin_raidreport/Visible @@ -0,0 +1 @@ +internal diff --git a/root/etc/e-smith/db/accounts/defaults/admin_raidreport/type b/root/etc/e-smith/db/accounts/defaults/admin_raidreport/type new file mode 100644 index 0000000..46a9611 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/admin_raidreport/type @@ -0,0 +1 @@ +pseudonym diff --git a/root/etc/e-smith/db/accounts/defaults/cgi-bin/type b/root/etc/e-smith/db/accounts/defaults/cgi-bin/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/cgi-bin/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/e-smith-manager/type b/root/etc/e-smith/db/accounts/defaults/e-smith-manager/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/e-smith-manager/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/e-smith-password/type b/root/etc/e-smith/db/accounts/defaults/e-smith-password/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/e-smith-password/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/files/type b/root/etc/e-smith/db/accounts/defaults/files/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/files/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/icons/type b/root/etc/e-smith/db/accounts/defaults/icons/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/icons/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/primary/type b/root/etc/e-smith/db/accounts/defaults/primary/type new file mode 100644 index 0000000..bec3a35 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/primary/type @@ -0,0 +1 @@ +system diff --git a/root/etc/e-smith/db/accounts/defaults/root/Gid b/root/etc/e-smith/db/accounts/defaults/root/Gid new file mode 100644 index 0000000..573541a --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/root/Gid @@ -0,0 +1 @@ +0 diff --git a/root/etc/e-smith/db/accounts/defaults/root/Uid b/root/etc/e-smith/db/accounts/defaults/root/Uid new file mode 100644 index 0000000..573541a --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/root/Uid @@ -0,0 +1 @@ +0 diff --git a/root/etc/e-smith/db/accounts/defaults/root/type b/root/etc/e-smith/db/accounts/defaults/root/type new file mode 100644 index 0000000..bec3a35 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/root/type @@ -0,0 +1 @@ +system diff --git a/root/etc/e-smith/db/accounts/defaults/server-common/type b/root/etc/e-smith/db/accounts/defaults/server-common/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/server-common/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/server-manager/type b/root/etc/e-smith/db/accounts/defaults/server-manager/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/server-manager/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/server-manual/type b/root/etc/e-smith/db/accounts/defaults/server-manual/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/server-manual/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/server-resources/type b/root/etc/e-smith/db/accounts/defaults/server-resources/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/server-resources/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/shared/Visible b/root/etc/e-smith/db/accounts/defaults/shared/Visible new file mode 100644 index 0000000..ce83b25 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/shared/Visible @@ -0,0 +1 @@ +internal diff --git a/root/etc/e-smith/db/accounts/defaults/shared/type b/root/etc/e-smith/db/accounts/defaults/shared/type new file mode 100644 index 0000000..bec3a35 --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/shared/type @@ -0,0 +1 @@ +system diff --git a/root/etc/e-smith/db/accounts/defaults/user-password/type b/root/etc/e-smith/db/accounts/defaults/user-password/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/user-password/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/defaults/webmail/Comment b/root/etc/e-smith/db/accounts/defaults/webmail/Comment new file mode 100644 index 0000000..644776a --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/webmail/Comment @@ -0,0 +1 @@ +placeholder for webmail URL diff --git a/root/etc/e-smith/db/accounts/defaults/webmail/type b/root/etc/e-smith/db/accounts/defaults/webmail/type new file mode 100644 index 0000000..96cdd3b --- /dev/null +++ b/root/etc/e-smith/db/accounts/defaults/webmail/type @@ -0,0 +1 @@ +url diff --git a/root/etc/e-smith/db/accounts/force/.gitignore b/root/etc/e-smith/db/accounts/force/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/accounts/migrate/00openRW b/root/etc/e-smith/db/accounts/migrate/00openRW new file mode 100644 index 0000000..fcf0366 --- /dev/null +++ b/root/etc/e-smith/db/accounts/migrate/00openRW @@ -0,0 +1,4 @@ +{ + use esmith::AccountsDB; + $DB = esmith::AccountsDB->open; +} diff --git a/root/etc/e-smith/db/accounts/migrate/10Primary b/root/etc/e-smith/db/accounts/migrate/10Primary new file mode 100644 index 0000000..6ea1eff --- /dev/null +++ b/root/etc/e-smith/db/accounts/migrate/10Primary @@ -0,0 +1,10 @@ +{ + # Delete any pre-existing Primary=system record + my $p = $DB->get('Primary'); + return unless defined $p; + + my $type = $p->prop('type'); + return unless defined $type; + + $p->delete if $type eq 'system'; +} diff --git a/root/etc/e-smith/db/accounts/migrate/20AdminPasswordSet b/root/etc/e-smith/db/accounts/migrate/20AdminPasswordSet new file mode 100644 index 0000000..419ae8a --- /dev/null +++ b/root/etc/e-smith/db/accounts/migrate/20AdminPasswordSet @@ -0,0 +1,11 @@ +{ + use esmith::ConfigDB; + + my $conf = esmith::ConfigDB->open_ro() or return; + + my $pw_set = $conf->get_value("PasswordSet") || "no"; + + my $admin = $DB->get('admin') || return; + + $admin->set_prop('PasswordSet', $pw_set); +} diff --git a/root/etc/e-smith/db/accounts/migrate/30EmailForward b/root/etc/e-smith/db/accounts/migrate/30EmailForward new file mode 100644 index 0000000..447da3a --- /dev/null +++ b/root/etc/e-smith/db/accounts/migrate/30EmailForward @@ -0,0 +1,6 @@ +{ + foreach my $user ($DB->get_all_by_prop(EmailForward => 'procmail')) + { + $user->set_prop('EmailForward','local'); + } +} diff --git a/root/etc/e-smith/db/accounts/migrate/50VPNClientAccess b/root/etc/e-smith/db/accounts/migrate/50VPNClientAccess new file mode 100644 index 0000000..337b87f --- /dev/null +++ b/root/etc/e-smith/db/accounts/migrate/50VPNClientAccess @@ -0,0 +1,18 @@ +{ + # Migrate PPTPAccess -> VPNClientAccess and ensure a default for + # all user/admin accounts + + foreach my $account ($DB->get_all) + { + next unless ( ($account->key eq 'admin') or + ($account->prop('type') eq 'user') ); + + next if (defined $account->prop('VPNClientAccess')); + + my $access = $account->prop('PPTPAccess') || 'no'; + + $account->delete_prop('PPTPAccess'); + + $account->set_prop('VPNClientAccess', $access); + } +} diff --git a/root/etc/e-smith/db/configuration/defaults/AccessType/type b/root/etc/e-smith/db/configuration/defaults/AccessType/type new file mode 100644 index 0000000..131be62 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/AccessType/type @@ -0,0 +1 @@ +dedicated diff --git a/root/etc/e-smith/db/configuration/defaults/ActiveAccounts/type b/root/etc/e-smith/db/configuration/defaults/ActiveAccounts/type new file mode 100644 index 0000000..573541a --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ActiveAccounts/type @@ -0,0 +1 @@ +0 diff --git a/root/etc/e-smith/db/configuration/defaults/ConsoleMode/type b/root/etc/e-smith/db/configuration/defaults/ConsoleMode/type new file mode 100644 index 0000000..a46884d --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ConsoleMode/type @@ -0,0 +1 @@ +login diff --git a/root/etc/e-smith/db/configuration/defaults/ContactEmail/type b/root/etc/e-smith/db/configuration/defaults/ContactEmail/type new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/configuration/defaults/ContactName/type b/root/etc/e-smith/db/configuration/defaults/ContactName/type new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/configuration/defaults/ContactOrg/type b/root/etc/e-smith/db/configuration/defaults/ContactOrg/type new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/configuration/defaults/DialupConnOffice/type b/root/etc/e-smith/db/configuration/defaults/DialupConnOffice/type new file mode 100644 index 0000000..2988452 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupConnOffice/type @@ -0,0 +1 @@ +long diff --git a/root/etc/e-smith/db/configuration/defaults/DialupConnOutside/type b/root/etc/e-smith/db/configuration/defaults/DialupConnOutside/type new file mode 100644 index 0000000..2988452 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupConnOutside/type @@ -0,0 +1 @@ +long diff --git a/root/etc/e-smith/db/configuration/defaults/DialupConnWeekend/type b/root/etc/e-smith/db/configuration/defaults/DialupConnWeekend/type new file mode 100644 index 0000000..2988452 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupConnWeekend/type @@ -0,0 +1 @@ +long diff --git a/root/etc/e-smith/db/configuration/defaults/DialupFreqOffice/type b/root/etc/e-smith/db/configuration/defaults/DialupFreqOffice/type new file mode 100644 index 0000000..c69dae3 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupFreqOffice/type @@ -0,0 +1 @@ +every15min diff --git a/root/etc/e-smith/db/configuration/defaults/DialupFreqOutside/type b/root/etc/e-smith/db/configuration/defaults/DialupFreqOutside/type new file mode 100644 index 0000000..be58601 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupFreqOutside/type @@ -0,0 +1 @@ +everyhour diff --git a/root/etc/e-smith/db/configuration/defaults/DialupFreqWeekend/type b/root/etc/e-smith/db/configuration/defaults/DialupFreqWeekend/type new file mode 100644 index 0000000..be58601 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupFreqWeekend/type @@ -0,0 +1 @@ +everyhour diff --git a/root/etc/e-smith/db/configuration/defaults/DialupModemDevice/type b/root/etc/e-smith/db/configuration/defaults/DialupModemDevice/type new file mode 100644 index 0000000..d48f061 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupModemDevice/type @@ -0,0 +1 @@ +/dev/ttyS1 diff --git a/root/etc/e-smith/db/configuration/defaults/DialupPhoneNumber/type b/root/etc/e-smith/db/configuration/defaults/DialupPhoneNumber/type new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupPhoneNumber/type @@ -0,0 +1 @@ + diff --git a/root/etc/e-smith/db/configuration/defaults/DialupUserAccount/type b/root/etc/e-smith/db/configuration/defaults/DialupUserAccount/type new file mode 100644 index 0000000..c223417 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupUserAccount/type @@ -0,0 +1 @@ +useraccount diff --git a/root/etc/e-smith/db/configuration/defaults/DialupUserPassword/type b/root/etc/e-smith/db/configuration/defaults/DialupUserPassword/type new file mode 100644 index 0000000..a10bca0 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DialupUserPassword/type @@ -0,0 +1 @@ +userpassword diff --git a/root/etc/e-smith/db/configuration/defaults/DomainName/type b/root/etc/e-smith/db/configuration/defaults/DomainName/type new file mode 100644 index 0000000..8579257 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/DomainName/type @@ -0,0 +1 @@ +mycompany.local diff --git a/root/etc/e-smith/db/configuration/defaults/EmailUnknownUser/type b/root/etc/e-smith/db/configuration/defaults/EmailUnknownUser/type new file mode 100644 index 0000000..e38955a --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/EmailUnknownUser/type @@ -0,0 +1 @@ +returntosender diff --git a/root/etc/e-smith/db/configuration/defaults/EthernetDriver1/type b/root/etc/e-smith/db/configuration/defaults/EthernetDriver1/type new file mode 100644 index 0000000..3546645 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/EthernetDriver1/type @@ -0,0 +1 @@ +unknown diff --git a/root/etc/e-smith/db/configuration/defaults/EthernetDriver2/type b/root/etc/e-smith/db/configuration/defaults/EthernetDriver2/type new file mode 100644 index 0000000..3546645 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/EthernetDriver2/type @@ -0,0 +1 @@ +unknown diff --git a/root/etc/e-smith/db/configuration/defaults/ExternalDHCP/type b/root/etc/e-smith/db/configuration/defaults/ExternalDHCP/type new file mode 100644 index 0000000..cfb931e --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ExternalDHCP/type @@ -0,0 +1 @@ +off diff --git a/root/etc/e-smith/db/configuration/defaults/ExternalInterface/Configuration b/root/etc/e-smith/db/configuration/defaults/ExternalInterface/Configuration new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ExternalInterface/Configuration @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/ExternalInterface/Name b/root/etc/e-smith/db/configuration/defaults/ExternalInterface/Name new file mode 100644 index 0000000..621e94f --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ExternalInterface/Name @@ -0,0 +1 @@ +none diff --git a/root/etc/e-smith/db/configuration/defaults/ExternalInterface/type b/root/etc/e-smith/db/configuration/defaults/ExternalInterface/type new file mode 100644 index 0000000..b529896 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ExternalInterface/type @@ -0,0 +1 @@ +interface diff --git a/root/etc/e-smith/db/configuration/defaults/ExternalNetmask/type b/root/etc/e-smith/db/configuration/defaults/ExternalNetmask/type new file mode 100644 index 0000000..d30f9e9 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ExternalNetmask/type @@ -0,0 +1 @@ +255.255.255.0 diff --git a/root/etc/e-smith/db/configuration/defaults/InternalInterface/NICBondingOptions b/root/etc/e-smith/db/configuration/defaults/InternalInterface/NICBondingOptions new file mode 100644 index 0000000..fbd24b6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/InternalInterface/NICBondingOptions @@ -0,0 +1 @@ +miimon=200 mode=active-backup diff --git a/root/etc/e-smith/db/configuration/defaults/InternalInterface/Name b/root/etc/e-smith/db/configuration/defaults/InternalInterface/Name new file mode 100644 index 0000000..614e8de --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/InternalInterface/Name @@ -0,0 +1 @@ +eth0 diff --git a/root/etc/e-smith/db/configuration/defaults/InternalInterface/Netmask b/root/etc/e-smith/db/configuration/defaults/InternalInterface/Netmask new file mode 100644 index 0000000..d30f9e9 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/InternalInterface/Netmask @@ -0,0 +1 @@ +255.255.255.0 diff --git a/root/etc/e-smith/db/configuration/defaults/InternalInterface/type b/root/etc/e-smith/db/configuration/defaults/InternalInterface/type new file mode 100644 index 0000000..b529896 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/InternalInterface/type @@ -0,0 +1 @@ +interface diff --git a/root/etc/e-smith/db/configuration/defaults/LocalNetmask/type b/root/etc/e-smith/db/configuration/defaults/LocalNetmask/type new file mode 100644 index 0000000..d30f9e9 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/LocalNetmask/type @@ -0,0 +1 @@ +255.255.255.0 diff --git a/root/etc/e-smith/db/configuration/defaults/MinUid/type b/root/etc/e-smith/db/configuration/defaults/MinUid/type new file mode 100644 index 0000000..e9c02da --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/MinUid/type @@ -0,0 +1 @@ +5000 diff --git a/root/etc/e-smith/db/configuration/defaults/PasswordSet/type b/root/etc/e-smith/db/configuration/defaults/PasswordSet/type new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/PasswordSet/type @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/configuration/defaults/SMTPSmartHost/type b/root/etc/e-smith/db/configuration/defaults/SMTPSmartHost/type new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/SMTPSmartHost/type @@ -0,0 +1 @@ + diff --git a/root/etc/e-smith/db/configuration/defaults/SquidParent/type b/root/etc/e-smith/db/configuration/defaults/SquidParent/type new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/SquidParent/type @@ -0,0 +1 @@ + diff --git a/root/etc/e-smith/db/configuration/defaults/SquidParentPort/type b/root/etc/e-smith/db/configuration/defaults/SquidParentPort/type new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/SquidParentPort/type @@ -0,0 +1 @@ + diff --git a/root/etc/e-smith/db/configuration/defaults/StatusReports/type b/root/etc/e-smith/db/configuration/defaults/StatusReports/type new file mode 100644 index 0000000..cfb931e --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/StatusReports/type @@ -0,0 +1 @@ +off diff --git a/root/etc/e-smith/db/configuration/defaults/SystemMode/type b/root/etc/e-smith/db/configuration/defaults/SystemMode/type new file mode 100644 index 0000000..e8d2638 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/SystemMode/type @@ -0,0 +1 @@ +servergateway diff --git a/root/etc/e-smith/db/configuration/defaults/SystemName/type b/root/etc/e-smith/db/configuration/defaults/SystemName/type new file mode 100644 index 0000000..8529af5 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/SystemName/type @@ -0,0 +1 @@ +sme-server diff --git a/root/etc/e-smith/db/configuration/defaults/acpid/status b/root/etc/e-smith/db/configuration/defaults/acpid/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/acpid/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/acpid/type b/root/etc/e-smith/db/configuration/defaults/acpid/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/acpid/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/backupconsole/CompressionLevel b/root/etc/e-smith/db/configuration/defaults/backupconsole/CompressionLevel new file mode 100644 index 0000000..3cfb5ef --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/backupconsole/CompressionLevel @@ -0,0 +1 @@ +-6 diff --git a/root/etc/e-smith/db/configuration/defaults/backupconsole/type b/root/etc/e-smith/db/configuration/defaults/backupconsole/type new file mode 100644 index 0000000..f92f363 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/backupconsole/type @@ -0,0 +1 @@ +configuration diff --git a/root/etc/e-smith/db/configuration/defaults/bootstrap-console/Restore b/root/etc/e-smith/db/configuration/defaults/bootstrap-console/Restore new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/bootstrap-console/Restore @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/bootstrap-console/status b/root/etc/e-smith/db/configuration/defaults/bootstrap-console/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/bootstrap-console/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/bootstrap-console/type b/root/etc/e-smith/db/configuration/defaults/bootstrap-console/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/bootstrap-console/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/bootstrap-runlevel7/status b/root/etc/e-smith/db/configuration/defaults/bootstrap-runlevel7/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/bootstrap-runlevel7/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/bootstrap-runlevel7/type b/root/etc/e-smith/db/configuration/defaults/bootstrap-runlevel7/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/bootstrap-runlevel7/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/crond/status b/root/etc/e-smith/db/configuration/defaults/crond/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/crond/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/crond/type b/root/etc/e-smith/db/configuration/defaults/crond/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/crond/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/dhcpd/Bootp b/root/etc/e-smith/db/configuration/defaults/dhcpd/Bootp new file mode 100644 index 0000000..f9df834 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/dhcpd/Bootp @@ -0,0 +1 @@ +deny diff --git a/root/etc/e-smith/db/configuration/defaults/dhcpd/status b/root/etc/e-smith/db/configuration/defaults/dhcpd/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/dhcpd/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/dhcpd/type b/root/etc/e-smith/db/configuration/defaults/dhcpd/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/dhcpd/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/ippp/status b/root/etc/e-smith/db/configuration/defaults/ippp/status new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ippp/status @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/ippp/type b/root/etc/e-smith/db/configuration/defaults/ippp/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ippp/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/irqbalance/status b/root/etc/e-smith/db/configuration/defaults/irqbalance/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/irqbalance/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/irqbalance/type b/root/etc/e-smith/db/configuration/defaults/irqbalance/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/irqbalance/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/isdn/Protocol b/root/etc/e-smith/db/configuration/defaults/isdn/Protocol new file mode 100644 index 0000000..0cfbf08 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/isdn/Protocol @@ -0,0 +1 @@ +2 diff --git a/root/etc/e-smith/db/configuration/defaults/isdn/UserSyncPPP b/root/etc/e-smith/db/configuration/defaults/isdn/UserSyncPPP new file mode 100644 index 0000000..7cfab5b --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/isdn/UserSyncPPP @@ -0,0 +1 @@ +yes diff --git a/root/etc/e-smith/db/configuration/defaults/isdn/status b/root/etc/e-smith/db/configuration/defaults/isdn/status new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/isdn/status @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/isdn/type b/root/etc/e-smith/db/configuration/defaults/isdn/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/isdn/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/local/status b/root/etc/e-smith/db/configuration/defaults/local/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/local/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/local/type b/root/etc/e-smith/db/configuration/defaults/local/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/local/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/maxAcctNameLength/type b/root/etc/e-smith/db/configuration/defaults/maxAcctNameLength/type new file mode 100644 index 0000000..e85087a --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/maxAcctNameLength/type @@ -0,0 +1 @@ +31 diff --git a/root/etc/e-smith/db/configuration/defaults/maxGroupNameLength/type b/root/etc/e-smith/db/configuration/defaults/maxGroupNameLength/type new file mode 100644 index 0000000..e85087a --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/maxGroupNameLength/type @@ -0,0 +1 @@ +31 diff --git a/root/etc/e-smith/db/configuration/defaults/modSSL/TCPPort b/root/etc/e-smith/db/configuration/defaults/modSSL/TCPPort new file mode 100644 index 0000000..6a13cf6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/modSSL/TCPPort @@ -0,0 +1 @@ +443 diff --git a/root/etc/e-smith/db/configuration/defaults/modSSL/access b/root/etc/e-smith/db/configuration/defaults/modSSL/access new file mode 100644 index 0000000..a48cf0d --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/modSSL/access @@ -0,0 +1 @@ +public diff --git a/root/etc/e-smith/db/configuration/defaults/modSSL/status b/root/etc/e-smith/db/configuration/defaults/modSSL/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/modSSL/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/modSSL/type b/root/etc/e-smith/db/configuration/defaults/modSSL/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/modSSL/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/network/status b/root/etc/e-smith/db/configuration/defaults/network/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/network/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/network/type b/root/etc/e-smith/db/configuration/defaults/network/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/network/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/pam_abl/status b/root/etc/e-smith/db/configuration/defaults/pam_abl/status new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/pam_abl/status @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/pam_abl/type b/root/etc/e-smith/db/configuration/defaults/pam_abl/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/pam_abl/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/pam_tally/status b/root/etc/e-smith/db/configuration/defaults/pam_tally/status new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/pam_tally/status @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/pam_tally/type b/root/etc/e-smith/db/configuration/defaults/pam_tally/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/pam_tally/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/passwordstrength/Admin b/root/etc/e-smith/db/configuration/defaults/passwordstrength/Admin new file mode 100644 index 0000000..f7da562 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/passwordstrength/Admin @@ -0,0 +1 @@ +strong diff --git a/root/etc/e-smith/db/configuration/defaults/passwordstrength/Ibays b/root/etc/e-smith/db/configuration/defaults/passwordstrength/Ibays new file mode 100644 index 0000000..f7da562 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/passwordstrength/Ibays @@ -0,0 +1 @@ +strong diff --git a/root/etc/e-smith/db/configuration/defaults/passwordstrength/Users b/root/etc/e-smith/db/configuration/defaults/passwordstrength/Users new file mode 100644 index 0000000..f7da562 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/passwordstrength/Users @@ -0,0 +1 @@ +strong diff --git a/root/etc/e-smith/db/configuration/defaults/passwordstrength/type b/root/etc/e-smith/db/configuration/defaults/passwordstrength/type new file mode 100644 index 0000000..f92f363 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/passwordstrength/type @@ -0,0 +1 @@ +configuration diff --git a/root/etc/e-smith/db/configuration/defaults/pppoe/status b/root/etc/e-smith/db/configuration/defaults/pppoe/status new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/pppoe/status @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/pppoe/type b/root/etc/e-smith/db/configuration/defaults/pppoe/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/pppoe/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/raidmonitor/status b/root/etc/e-smith/db/configuration/defaults/raidmonitor/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/raidmonitor/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/raidmonitor/type b/root/etc/e-smith/db/configuration/defaults/raidmonitor/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/raidmonitor/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/rc-local/status b/root/etc/e-smith/db/configuration/defaults/rc-local/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/rc-local/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/rc-local/type b/root/etc/e-smith/db/configuration/defaults/rc-local/type new file mode 100644 index 0000000..f92f363 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/rc-local/type @@ -0,0 +1 @@ +configuration diff --git a/root/etc/e-smith/db/configuration/defaults/rsyslog/LogAll2VT6 b/root/etc/e-smith/db/configuration/defaults/rsyslog/LogAll2VT6 new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/rsyslog/LogAll2VT6 @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/configuration/defaults/rsyslog/status b/root/etc/e-smith/db/configuration/defaults/rsyslog/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/rsyslog/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/rsyslog/type b/root/etc/e-smith/db/configuration/defaults/rsyslog/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/rsyslog/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/serial-console/BaudRate b/root/etc/e-smith/db/configuration/defaults/serial-console/BaudRate new file mode 100644 index 0000000..ca5632c --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/serial-console/BaudRate @@ -0,0 +1 @@ +19200 diff --git a/root/etc/e-smith/db/configuration/defaults/serial-console/Device b/root/etc/e-smith/db/configuration/defaults/serial-console/Device new file mode 100644 index 0000000..e15eb57 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/serial-console/Device @@ -0,0 +1 @@ +ttyS1 diff --git a/root/etc/e-smith/db/configuration/defaults/serial-console/status b/root/etc/e-smith/db/configuration/defaults/serial-console/status new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/serial-console/status @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/serial-console/type b/root/etc/e-smith/db/configuration/defaults/serial-console/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/serial-console/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/smartd/directive b/root/etc/e-smith/db/configuration/defaults/smartd/directive new file mode 100644 index 0000000..174cc62 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/smartd/directive @@ -0,0 +1 @@ +-M diminishing diff --git a/root/etc/e-smith/db/configuration/defaults/smartd/email b/root/etc/e-smith/db/configuration/defaults/smartd/email new file mode 100644 index 0000000..6fead67 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/smartd/email @@ -0,0 +1 @@ +-m admin diff --git a/root/etc/e-smith/db/configuration/defaults/smartd/status b/root/etc/e-smith/db/configuration/defaults/smartd/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/smartd/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/smartd/type b/root/etc/e-smith/db/configuration/defaults/smartd/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/smartd/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/defaults/sshd/UsePAM b/root/etc/e-smith/db/configuration/defaults/sshd/UsePAM new file mode 100644 index 0000000..7cfab5b --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/sshd/UsePAM @@ -0,0 +1 @@ +yes diff --git a/root/etc/e-smith/db/configuration/defaults/sysconfig/PreviousSystemMode b/root/etc/e-smith/db/configuration/defaults/sysconfig/PreviousSystemMode new file mode 100644 index 0000000..3546645 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/sysconfig/PreviousSystemMode @@ -0,0 +1 @@ +unknown diff --git a/root/etc/e-smith/db/configuration/defaults/sysconfig/Registration b/root/etc/e-smith/db/configuration/defaults/sysconfig/Registration new file mode 100644 index 0000000..621e94f --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/sysconfig/Registration @@ -0,0 +1 @@ +none diff --git a/root/etc/e-smith/db/configuration/defaults/sysconfig/type b/root/etc/e-smith/db/configuration/defaults/sysconfig/type new file mode 100644 index 0000000..f92f363 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/sysconfig/type @@ -0,0 +1 @@ +configuration diff --git a/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault b/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault new file mode 100644 index 0000000..7ecb56e --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault @@ -0,0 +1 @@ +no diff --git a/root/etc/e-smith/db/configuration/defaults/vpn/access b/root/etc/e-smith/db/configuration/defaults/vpn/access new file mode 100644 index 0000000..a48cf0d --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/vpn/access @@ -0,0 +1 @@ +public diff --git a/root/etc/e-smith/db/configuration/defaults/vpn/sessions b/root/etc/e-smith/db/configuration/defaults/vpn/sessions new file mode 100644 index 0000000..573541a --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/vpn/sessions @@ -0,0 +1 @@ +0 diff --git a/root/etc/e-smith/db/configuration/defaults/vpn/status b/root/etc/e-smith/db/configuration/defaults/vpn/status new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/vpn/status @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/vpn/type b/root/etc/e-smith/db/configuration/defaults/vpn/type new file mode 100644 index 0000000..f92f363 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/vpn/type @@ -0,0 +1 @@ +configuration diff --git a/root/etc/e-smith/db/configuration/defaults/wan/status b/root/etc/e-smith/db/configuration/defaults/wan/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/wan/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/wan/type b/root/etc/e-smith/db/configuration/defaults/wan/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/wan/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/db/configuration/force/.gitignore b/root/etc/e-smith/db/configuration/force/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/configuration/migrate/05sysconfig b/root/etc/e-smith/db/configuration/migrate/05sysconfig new file mode 100644 index 0000000..04d60eb --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/05sysconfig @@ -0,0 +1,38 @@ +{ + open F, "/etc/locale.conf"; + my ($line) = grep(/^LANG/, ); + close F; + + my $lang = ($line =~ /^LANG="?([a-zA-Z0-9_.-]*)"?/) ? $1 : "en_US.UTF-8"; + + my $kbdtype = "pc"; + my $keytable = "us"; + + if (open F, "/etc/X11/xorg.conf.d/00-keyboard.conf") + { + my @lines = ; + close F; + + #($line) = grep(/^KEYBOARDTYPE/, @lines); + #if ($line =~ /^KEYBOARDTYPE="(.*)"/) + #{ + # $kbdtype = $1; + #} + + ($line) = grep(/^\s+Option "XkbLayout"/, @lines); + if ($line =~ /^\s+Option "XkbLayout"\s+"(.*)"/) + { + $keytable = $1; + } + } + + my $sysconfig = $DB->get('sysconfig') || + $DB->new_record('sysconfig', + { type => 'configuration'} + ); + $sysconfig->merge_props( + Language => $lang, + KeyboardType => $kbdtype, + Keytable => $keytable, + ); +} diff --git a/root/etc/e-smith/db/configuration/migrate/05syslog2rsyslog b/root/etc/e-smith/db/configuration/migrate/05syslog2rsyslog new file mode 100644 index 0000000..8cfc272 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/05syslog2rsyslog @@ -0,0 +1,10 @@ +{ + my $syslog = $DB->get("syslog") or return; + + my $rsyslog = $DB->get("rsyslog") || + $DB->new_record("rsyslog", { type => "service" }); + + $rsyslog->merge_props($syslog->props); + + $syslog->delete; +} diff --git a/root/etc/e-smith/db/configuration/migrate/10SetAccessDefaults b/root/etc/e-smith/db/configuration/migrate/10SetAccessDefaults new file mode 100644 index 0000000..1697560 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/10SetAccessDefaults @@ -0,0 +1,80 @@ +{ +=head1 NAME + +set-access-defaults -- Set services to appropriate defaults for SystemMode + +=head1 DESCRIPTION + +The SystemMode can be changed through the console. When it is changed, +console-save is called, which causes services to be reconfigured in +accordance with the new SystemMode. + +In servergateway mode, the following services are enabled on the +external interface: HTTP, HTTPS, SMTP, AUTH/IDENT + +In servergateway-private mode, all external services are disabled + +This script is a no-op if the SystemMode has not been changed. + +=cut + + my $conf = $DB; + + my $current_mode = $conf->get_value('SystemMode') or return; + + my $sysconfig = $conf->get("sysconfig") or return; + + my $previous_mode = $sysconfig->prop('PreviousSystemMode') + || "unknown"; + + if ($previous_mode eq "unknown") + { + $sysconfig->set_prop('PreviousSystemMode', $current_mode); + return; + } + + return unless ( $previous_mode eq 'servergateway-private' or + $current_mode eq 'servergateway-private' ); + + #------------------------------------------------------------ + # OK, we have a new SystemMode, go for it + #------------------------------------------------------------ + my %service2access = + ( + oidentd => "public", + 'httpd-e-smith' => "public", + 'qpsmtpd' => "public", + 'sqpsmtpd' => "public", + ftp => "private", + imap => "private", + imaps => "private", + modSSL => "public", + pop3s => "private", + popd => "private", + sshd => "private", + telnet => "private", + + ); + + if ( $current_mode eq 'servergateway-private' ) + { + foreach my $key (keys %service2access) + { + $service2access{$key} = 'private'; + } + } + + #------------------------------------------------------------ + # Enforce the default access rights + #------------------------------------------------------------ + foreach my $service ( keys %service2access ) + { + my $entry = $conf->get($service); + + next unless ($entry); + + $entry->set_prop("access", $service2access{$service}); + } + + $sysconfig->set_prop('PreviousSystemMode', $current_mode); +} diff --git a/root/etc/e-smith/db/configuration/migrate/10SystemID b/root/etc/e-smith/db/configuration/migrate/10SystemID new file mode 100644 index 0000000..530cd48 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/10SystemID @@ -0,0 +1,7 @@ +{ + use Data::UUID; + + my $sysconfig = $DB->get('sysconfig') || $DB->new_record('sysconfig', { type => 'configuration'}); + + $sysconfig->prop('SystemID') || $sysconfig->set_prop("SystemID", new Data::UUID->create_str); +} diff --git a/root/etc/e-smith/db/configuration/migrate/10SystemLocalNetwork b/root/etc/e-smith/db/configuration/migrate/10SystemLocalNetwork new file mode 100644 index 0000000..8b7999f --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/10SystemLocalNetwork @@ -0,0 +1,46 @@ +{ + use esmith::util; + use esmith::NetworksDB; + + my $LocalIP = $DB->get('LocalIP'); + return unless defined $LocalIP; # Nothing to migrate yet + $LocalIP = $LocalIP->value; + + my $LocalNetmask = $DB->get('LocalNetmask'); + return unless defined $LocalNetmask; + $LocalNetmask = $LocalNetmask->value; + + my $ndb = esmith::NetworksDB->open + || esmith::NetworksDB->create; + + # And update networks db shadow + my ($localnet) = $ndb->get_all_by_prop( SystemLocalNetwork => 'yes' ); + my ($local_network) = + esmith::util::computeNetworkAndBroadcast( $LocalIP, $LocalNetmask ); + if ( defined $localnet && $localnet->key ne $local_network ) + { + + # We need to delete the old record + $localnet->delete; + $localnet = undef; + } + if ( !defined $localnet ) + { + # We need to convert an existing local network to system network + $localnet = $ndb->get($local_network) || + # or we need to create a new system network record + $ndb->new_record( $local_network, { type => 'network', } ); + } + + # Update the netmask while we are at it + $localnet->merge_props( + SystemLocalNetwork => 'yes', + Mask => $LocalNetmask, + ); + + # Make sure that localnetwork does not have a leftover + # Router property if it was previously an additional + # local network. Will fail silently if there is no + # Router property + $localnet->delete_prop('Router'); +} diff --git a/root/etc/e-smith/db/configuration/migrate/10SystemPrimaryDomain b/root/etc/e-smith/db/configuration/migrate/10SystemPrimaryDomain new file mode 100644 index 0000000..5c546d0 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/10SystemPrimaryDomain @@ -0,0 +1,46 @@ +{ + use esmith::DomainsDB; + + my $domain = $DB->get('DomainName'); + return unless defined $domain; # Can't migrate without domain name + + my $DomainName = $domain->value; + + # Force lower case + $DomainName = lc($DomainName); + $domain->set_value($DomainName); + + # Force lower case for SystemName as well, while we are at it + my $system = $DB->get('SystemName'); + if ($system) + { + my $SystemName = lc($system->value); + $system->set_value($SystemName); + } + + my $domains = esmith::DomainsDB->open || + esmith::DomainsDB->create; + + # And update domains db shadow + ($domain) = $domains->get_all_by_prop(SystemPrimaryDomain => 'yes'); + + if (defined $domain) + { + # Nothing to do if it hasn't changed. + return if (lc($domain->key) eq "$DomainName"); + + # Otherwise we need to delete the old domain + $domain->delete; + } + + # And create the new. + $domain = $domains->get($DomainName) || + $domains->new_record($DomainName, + { + type => 'domain', + Content => 'Primary', + Description => 'Primary domain', + Nameservers => 'localhost', + }); + $domain->merge_props(SystemPrimaryDomain => 'yes', Removable => 'no'); +} diff --git a/root/etc/e-smith/db/configuration/migrate/10interfaces b/root/etc/e-smith/db/configuration/migrate/10interfaces new file mode 100644 index 0000000..982fdd2 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/10interfaces @@ -0,0 +1,167 @@ +{ +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +#---------------------------------------------------------------------- +# Migrate old config db singletons into "interface" specifications: +# +# DHCPClient=dhi ExternalInterface=...|Configuration|DHCPHostname +# DHCPClient=(d|dh| ExternalInterface=...|Configuration|DHCPEthernetAddress +# +# EthernetDriver1=eepro100 LocalInterface=...|Name|eth0|Driver|eepro100 +# EthernetDriver2=ne2k-pci ExternalInterface=...|Name|eth1|Driver|ne2k-pci +# EthernetDriver2=unknown ExternalInterface=...|Name|eth0.4094|Driver|unknown +# ExternalDHCP=off ExternalInterface=...|Configuration|static +# ExternalNetmask=255.255.255.0 ExternalInterface=...|Netmask|255.255.255.0 +# GatewayIP=192.168.116.1 ExternalInterface=...|Gateway|192.168.116.1 +# LocalIP=192.168.116.2 LocalInterface=...|IPAddress|192.168.116.2 +# LocalNetmask=255.255.255.0 LocalInterface=...|Netmask|255.255.255.0 + + use esmith::util; + + # No need to run this unless we have valid settings + return unless $DB->get_value("LocalIP"); + + my $internal = $DB->get("InternalInterface") || + $DB->new_record("InternalInterface", {type => "interface"}); + + if (my $assign = $DB->get('EthernetAssign')){ + $assign->delete; + } + my $diald = $DB->get("diald"); + $diald->delete if $diald; + + my $dhcpcd = $DB->get("dhcpcd"); + $dhcpcd->delete if $dhcpcd; + + my $wan = $DB->get("wan") || $DB->new_record("wan", {type => 'service'}); + + my $mode = $DB->get_value("SystemMode") || "servergateway"; + my $bonding = $internal->prop('NICBonding') || "disabled"; + + my %int_props = + ( + type => "interface", + Configuration => 'static', + Driver => $DB->get_value("EthernetDriver1"), + IPAddress => $DB->get_value("LocalIP"), + Netmask => $DB->get_value("LocalNetmask") + ); + + ($int_props{Network}, $int_props{Broadcast}) = + esmith::util::computeNetworkAndBroadcast($int_props{IPAddress}, + $int_props{Netmask} ); + + $internal->merge_props(%int_props); + + my $external = $DB->get("ExternalInterface") || + $DB->new_record("ExternalInterface", {type => 'interface'}); + + if ( $mode eq "serveronly" ) + { + $external->merge_props(Configuration => 'disabled', Name => 'none'); + $wan->merge_props(status => 'disabled'); + return; + } + $wan->merge_props(status => 'enabled'); + + my $pppoe_status = $DB->get_prop('pppoe', 'status') || "disabled"; + my $access_type = $DB->get_value('AccessType') || "unknown"; + + # Get the existing props + my %ext_props = $external->props; + + my $second_interface = $ext_props{'Name'}; + + # Delete ones which may no longer apply + delete $ext_props{Driver}; + delete $ext_props{Configuration}; + + # Set values which always apply + $ext_props{type} = "interface"; + $ext_props{IPAddress} = $DB->get_value("ExternalIP"); + $ext_props{Netmask} = $DB->get_value("ExternalNetmask"); + $ext_props{Gateway} = $DB->get_value("GatewayIP"); + + if (defined $ext_props{IPAddress} && defined $ext_props{Gateway}) + { + ($ext_props{Network}, $ext_props{Broadcast}) = + esmith::util::computeNetworkAndBroadcast($ext_props{IPAddress}, + $ext_props{Netmask} ); + } + + # Now determine others we need + if ($access_type eq 'dialup') + { + my $isdn = $DB->get_prop('isdn', 'status') || "disabled"; + my $sync_isdn = $DB->get_prop('isdn', 'UseSyncPPP') || "no"; + + $ext_props{Name} = ($isdn eq "enabled" and $sync_isdn eq "yes") ? + "ippp0" : "ppp0"; + + # XXX FIXME - we should probably have dialup vs. isdn here + $ext_props{Configuration} = "dialup"; + } + elsif ($pppoe_status eq 'enabled' ) + { + $ext_props{Name} = "ppp0"; + $ext_props{Configuration} = "pppoe"; + + my $pppoe = $DB->get('pppoe'); + unless ($pppoe) + { + warn "pppoe record vanished\n"; + return; + } + + # Only update PhysicalInterface + # if we just switched to pppoe + # ($second_interface is the name of the real external interface) + $pppoe->set_prop("PhysicalInterface", $second_interface) + if ($second_interface ne 'ppp0'); + } + else + { + $ext_props{Name} = $second_interface; + $ext_props{Driver} = $DB->get_value("EthernetDriver2"); + } + + my $external_dhcp = $DB->get_value("ExternalDHCP") || "off"; + + + if ($external_dhcp eq "on") + { + my $dhcp_config = $DB->get_value("DHCPClient") || "d"; + + if ($dhcp_config eq "dhi") + { + # XXX FIXME - I think this should be "dhcpcd", which + # should be a new "service" type and the Hostname/MAC + # choice should be a property of that service + $ext_props{Configuration} = "DHCPHostname"; + } + else + { + $ext_props{Configuration} = "DHCPEthernetAddress"; + } + } + + $ext_props{Configuration} ||= "static" ; + + # And write back the changes to the config db + $external->merge_props(%ext_props); +} diff --git a/root/etc/e-smith/db/configuration/migrate/10keytable b/root/etc/e-smith/db/configuration/migrate/10keytable new file mode 100644 index 0000000..6a46f19 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/10keytable @@ -0,0 +1,6 @@ +{ + unlink "/etc/rc.d/rc7.d/S75keytable"; + my $keytable = $DB->get('keytable'); + return unless $keytable; + $keytable->delete; +} diff --git a/root/etc/e-smith/db/configuration/migrate/20DHCPClientIdentifier b/root/etc/e-smith/db/configuration/migrate/20DHCPClientIdentifier new file mode 100644 index 0000000..9fcfe45 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/20DHCPClientIdentifier @@ -0,0 +1,19 @@ +{ + my $AccessType = $DB->get('AccessType'); + my $DialupUserAccount = $DB->get('DialupUserAccount'); + my $SystemName = $DB->get('SystemName'); + return unless ($AccessType && $DialupUserAccount && $SystemName); + + if ($AccessType->value eq 'dedicated' + && $DialupUserAccount->value eq 'useraccount' + && $SystemName->value ne 'e-smith') + { + # Heuristic to migrate DHCP client identifier - we used to use SystemName + # and now we use DialupUserAccount + # So we migrate SystemName to DialupUserAccount, unless DialupUserAccount + # is already set, or the SystemName appears not set (default setting) + $DialupUserAccount->merge_props(type => $SystemName->value); + } +} + + diff --git a/root/etc/e-smith/db/configuration/migrate/20DHCPServer b/root/etc/e-smith/db/configuration/migrate/20DHCPServer new file mode 100644 index 0000000..7dd0630 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/20DHCPServer @@ -0,0 +1,56 @@ +{ + # Make sure that dhcpd service is sanely set up, using + # legacy values if they are available + my $dhcpd = $DB->get('dhcpd'); + my $status = 'enabled'; + my $old = $DB->get('DHCPServer'); + if (defined $old) + { + $status = $old->value; + $old->delete; + } + # Define the dhcpd service unless it is already + # defined. Make it enabled, unless $DHCPServer + # told us otherwise. + $dhcpd ||= $DB->new_record('dhcpd', { + type => 'service', + status => $status, + }); + my $oldstart = '0.0.0.65'; + $old = $DB->get('DHCPServerStart'); + if (defined $old) + { + $oldstart = $old->value; + $old->delete; + } + my $oldend = '0.0.0.250'; + $old = $DB->get('DHCPServerEnd'); + if (defined $old) + { + $oldend = $old->value; + $old->delete; + } + my $start = $dhcpd->prop('start') || $oldstart; + my $end = $dhcpd->prop('end') || $oldend; + + $start = esmith::util::IPquadToAddr($start); + $end = esmith::util::IPquadToAddr($end); + my $netmask = esmith::util::IPquadToAddr($LocalNetmask); + my $localnet = esmith::util::IPquadToAddr($LocalIP) & $netmask; + + # AND-out the host bits from the start and end ips. + # And, OR our local network with our start and end host values. + $start = $localnet | ($start & ~$netmask); + $end = $localnet | ($end & ~$netmask); + + # Make sure that $start is less than $end (might not be if netmask has changed + if ($start > $end) + { + my $temp = $start; + $start = $end; + $end = $temp; + } + # Now save new values + $dhcpd->merge_props(start => esmith::util::IPaddrToQuad($start), + end => esmith::util::IPaddrToQuad($end)); +} diff --git a/root/etc/e-smith/db/configuration/migrate/20EthernetDriverUpdate b/root/etc/e-smith/db/configuration/migrate/20EthernetDriverUpdate new file mode 100644 index 0000000..6eb1ecb --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/20EthernetDriverUpdate @@ -0,0 +1,20 @@ +{ + my %changes = ( + rtl8139 => "8139too", + old_tulip => "tulip", + ); + foreach my $n (qw (1 2 )) + { + my $driver = $DB->get("EthernetDriver$n"); + if (defined $driver) + { + foreach my $old (keys %changes) + { + if ($driver->prop('type') eq $old) + { + $driver->merge_props(type => $changes{$old}); + } + } + } + } +} diff --git a/root/etc/e-smith/db/configuration/migrate/20NTPServer b/root/etc/e-smith/db/configuration/migrate/20NTPServer new file mode 100644 index 0000000..b4a9158 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/20NTPServer @@ -0,0 +1,12 @@ +{ + my $ntp = $DB->get('NTPServer'); + if (defined $ntp) + { + $DB->new_record('ntpd', { + type => 'service', + status => 'enabled', + NTPServer => $ntp->value, + }); + $ntp->delete; + } +} diff --git a/root/etc/e-smith/db/configuration/migrate/20TelnetServerMode b/root/etc/e-smith/db/configuration/migrate/20TelnetServerMode new file mode 100644 index 0000000..a186022 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/20TelnetServerMode @@ -0,0 +1,18 @@ +{ + my $old = $DB->get('TelnetServerMode'); + return unless defined $old; + my $status = $old->value; + $old->delete; + + my %props = ( + type => 'service', + 'status' => (($status eq 'off') ? 'disabled' : 'enabled'), + access => 'private', + ); + unless ($status =~ /off|on/) + { + # The other options are public and private. + $props{access} = $status; + } + $DB->new_record('telnet', \%props); +} diff --git a/root/etc/e-smith/db/configuration/migrate/20TimeZone b/root/etc/e-smith/db/configuration/migrate/20TimeZone new file mode 100644 index 0000000..745197c --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/20TimeZone @@ -0,0 +1,14 @@ +{ +# Add configuration database entry for TimeZone if there is not one already + return if defined $DB->get('TimeZone'); + if (-l "/etc/localtime") + { + # get timezone information from the system /etc/localtime + my $localtime = readlink "/etc/localtime" || "US/Eastern"; + # Make a relative link into an absolute one + $localtime =~ s:^\.\.::; + # Extract timezone from absolute path + $localtime =~ s:^/usr/share/zoneinfo/::; + $DB->new_record('TimeZone', {type => $localtime}); + } +} diff --git a/root/etc/e-smith/db/configuration/migrate/20interfaceMac b/root/etc/e-smith/db/configuration/migrate/20interfaceMac new file mode 100644 index 0000000..9ad5d93 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/20interfaceMac @@ -0,0 +1,8 @@ +{ + foreach my $iface ( qw(InternalInterface ExternalInterface) ) + { + my $iface = $DB->get($iface) || next; + next unless $iface->prop('HWAddress'); + $iface->delete_prop('HWAddress'); + } +} diff --git a/root/etc/e-smith/db/configuration/migrate/25NICBondingOptions b/root/etc/e-smith/db/configuration/migrate/25NICBondingOptions new file mode 100644 index 0000000..d876458 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/25NICBondingOptions @@ -0,0 +1,9 @@ +{ + # Migrate old servers to new defaults if not customized + return unless defined $InternalInterface{NICBondingOptions}; + if($InternalInterface{NICBondingOptions} eq "miimon=200") + { + $DB->get('InternalInterface')->set_prop('NICBondingOptions', + 'miimon=200 mode=active-backup'); + } +} diff --git a/root/etc/e-smith/db/configuration/migrate/25NICBondingUpdate b/root/etc/e-smith/db/configuration/migrate/25NICBondingUpdate new file mode 100644 index 0000000..4528099 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/25NICBondingUpdate @@ -0,0 +1,8 @@ +{ + # Remove NICBonding property unless conditions are met + return unless defined $InternalInterface{NICBonding}; + return if($SystemMode eq "serveronly" and + $EthernetDriver1 eq $EthernetDriver2); + + $DB->get('InternalInterface')->delete_prop('NICBonding'); +} diff --git a/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate b/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate new file mode 100644 index 0000000..a1be142 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate @@ -0,0 +1,9 @@ +{ + # Remove CipherSuite if it is the last insecure value + # Will not change CipherSuite if it has been modified from the original default, or deleted. + return unless defined $modSSL{CipherSuite}; + if($modSSL{CipherSuite} eq 'HIGH:!SSLv2') + { + $DB->get('modSSL')->delete_prop ('CipherSuite'); + } +} diff --git a/root/etc/e-smith/db/configuration/migrate/50RemoveObsoleteServices b/root/etc/e-smith/db/configuration/migrate/50RemoveObsoleteServices new file mode 100644 index 0000000..c458afa --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/50RemoveObsoleteServices @@ -0,0 +1,10 @@ +{ + + # Remove old, unused services from the configuration database + my @services = qw(haldaemon smolt udev-post messagebus ctrlaltdel pptpd klogd); + foreach my $service (@services){ + my $entry = $DB->get($service); + $entry->delete if $entry; + } + +} diff --git a/root/etc/e-smith/db/configuration/migrate/smartd b/root/etc/e-smith/db/configuration/migrate/smartd new file mode 100644 index 0000000..911c9e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/smartd @@ -0,0 +1,12 @@ +{ +# set status as enabled starting SME10 +# remove the -m option from the property email + + my $email = $DB->get_prop('smartd','email') or return; + + if ($email =~ /^-m (.*)$/) + { + $DB->set_prop('smartd','email', $1); + $DB->set_prop('smartd','status', 'enabled'); + } +} diff --git a/root/etc/e-smith/db/domains/defaults/.gitignore b/root/etc/e-smith/db/domains/defaults/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/domains/force/.gitignore b/root/etc/e-smith/db/domains/force/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/domains/migrate/00openRW b/root/etc/e-smith/db/domains/migrate/00openRW new file mode 100644 index 0000000..7b76f70 --- /dev/null +++ b/root/etc/e-smith/db/domains/migrate/00openRW @@ -0,0 +1,5 @@ +{ + use esmith::DomainsDB; + $DB = esmith::DomainsDB->open; +} + diff --git a/root/etc/e-smith/db/hosts/defaults/.gitignore b/root/etc/e-smith/db/hosts/defaults/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/hosts/force/.gitignore b/root/etc/e-smith/db/hosts/force/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/hosts/migrate/00openRW b/root/etc/e-smith/db/hosts/migrate/00openRW new file mode 100644 index 0000000..2ebd854 --- /dev/null +++ b/root/etc/e-smith/db/hosts/migrate/00openRW @@ -0,0 +1,4 @@ +{ + use esmith::HostsDB; + $DB = esmith::HostsDB->open; +} diff --git a/root/etc/e-smith/db/networks/defaults/.gitignore b/root/etc/e-smith/db/networks/defaults/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/networks/force/.gitignore b/root/etc/e-smith/db/networks/force/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/networks/migrate/00openRW b/root/etc/e-smith/db/networks/migrate/00openRW new file mode 100644 index 0000000..61d7a1c --- /dev/null +++ b/root/etc/e-smith/db/networks/migrate/00openRW @@ -0,0 +1,4 @@ +{ + use esmith::NetworksDB; + $DB = esmith::NetworksDB->open; +} diff --git a/root/etc/e-smith/events/actions/conf-modules b/root/etc/e-smith/events/actions/conf-modules new file mode 100755 index 0000000..53c9b14 --- /dev/null +++ b/root/etc/e-smith/events/actions/conf-modules @@ -0,0 +1,39 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2007 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use File::Find; + +# Remove stale symlinks from /lib/modules +finddepth({ wanted => sub{unlink if m{/weak-updates/} && ! -e $_}, no_chdir => 1}, '/lib/modules/'); + +opendir(BOOT, "/boot") or die("Can't open /boot directory: $!\n"); + +while (defined (my $file = readdir(BOOT))) +{ + next unless $file =~ /System.map-(.*)/; + system("/sbin/depmod", "-a", "-F", "/boot/System.map-$1", "$1") +} +closedir(BOOT) or die("Can't close /boot: $!\n"); + +exit (0); diff --git a/root/etc/e-smith/events/actions/conf-routes b/root/etc/e-smith/events/actions/conf-routes new file mode 100644 index 0000000..41df3ea --- /dev/null +++ b/root/etc/e-smith/events/actions/conf-routes @@ -0,0 +1,69 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 2002 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- +package esmith; + +use strict; +use Errno; +use esmith::templates; +use esmith::NetworksDB; + +my $event = $ARGV [0] || "undefined"; + +if ($event =~ /network-(create|delete)/ ) +{ + my %op = ( + 'network-create' => "add", + 'network-delete' => "delete" + ); + my %type = ( + 'network-create' => "network", + 'network-delete' => 'network-deleted' + ); + + my $network = $ARGV[1] + or die "Must provide network key\n"; + my $networks = esmith::NetworksDB->open_ro + or die "Could not open networks DB\n"; + my $rec = $networks->get($network) + or die "Could not find network record for $network\n"; + + my $expected_type = $type{$event}; + my $type = $rec->prop('type') || "undefined"; + die "Record type is $type and should be $expected_type\n" unless + ($type eq $expected_type); + + if (my $networkRouter = $rec->prop('Router')) + { + my $networkMask = $rec->prop('Mask'); + system("/sbin/route", $op{$event}, + "-net", $network, "netmask", "$networkMask", + "gateway", "$networkRouter") + and warn "Non-zero response from route command\n"; + } + else + { + warn "Network entry $network deprecated - it uses default route.\n"; + } +} + +exit (0); diff --git a/root/etc/e-smith/events/actions/conf-startup b/root/etc/e-smith/events/actions/conf-startup new file mode 100755 index 0000000..0c55d07 --- /dev/null +++ b/root/etc/e-smith/events/actions/conf-startup @@ -0,0 +1,30 @@ +#! /bin/sh +#---------------------------------------------------------------------- +# copyright (C) 2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +#---------------------------------------------------------------------- + +if [ "$1" = "post-install" ] +then + /sbin/e-smith/config setprop bootstrap-console Run yes ForceSave no + touch /var/state/e-smith/init_config +fi +if [ "$1" = "post-upgrade" ] +then + /sbin/e-smith/config setprop bootstrap-console Run yes ForceSave yes + touch /var/state/e-smith/activate_config +fi diff --git a/root/etc/e-smith/events/actions/copy-anaconda-logs b/root/etc/e-smith/events/actions/copy-anaconda-logs new file mode 100644 index 0000000..e8d50d1 --- /dev/null +++ b/root/etc/e-smith/events/actions/copy-anaconda-logs @@ -0,0 +1,43 @@ +#!/bin/sh +#---------------------------------------------------------------------- +# copyright (C) 1999-2006 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +NOW=$(date +%Y%m%d%H%M%S) +LIST=' + /root/install.log + /root/install.log.syslog + /root/upgrade.log + /root/upgrade.log.syslog + /var/log/anaconda.ifcfg.log + /var/log/anaconda.log + /var/log/anaconda.ifcfg.log + /var/log/anaconda.program.log + /var/log/anaconda.storage.log + /var/log/anaconda.syslog + /var/log/anaconda.yum.log' + +for i in $LIST +do + [ -e $i ] || continue + + [ -L $i ] && continue + + mv $i $i.$NOW + ln -s $i.$NOW $i +done + diff --git a/root/etc/e-smith/events/actions/count-active-user-accounts b/root/etc/e-smith/events/actions/count-active-user-accounts new file mode 100644 index 0000000..98da8e9 --- /dev/null +++ b/root/etc/e-smith/events/actions/count-active-user-accounts @@ -0,0 +1,44 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 2001-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::AccountsDB; +use esmith::ConfigDB; + +my $a = esmith::AccountsDB->open; +my $c = esmith::ConfigDB->open; +my $count = scalar $a->activeUsers() || 0; + +if (my $active = $c->get('ActiveAccounts')) +{ + $active->set_value($count); +} +else +{ + $c->new_record('ActiveAccounts')->set_value($count); +} + +exit (0); diff --git a/root/etc/e-smith/events/actions/create-mnt-floppy b/root/etc/e-smith/events/actions/create-mnt-floppy new file mode 100644 index 0000000..776a0cb --- /dev/null +++ b/root/etc/e-smith/events/actions/create-mnt-floppy @@ -0,0 +1,14 @@ +#! /bin/sh +# Try to make sure that /mnt/floppy can be mounted + +# If the system has been upgraded, there should be an old mount directory +if [ -d /mnt/floppy ] +then + exit 0 +fi + +# Create /mnt if required +mkdir -p /mnt + +# Let's assume that haldaemon will create /media/floppy +ln -sf /media/floppy /mnt/floppy diff --git a/root/etc/e-smith/events/actions/fix-startup b/root/etc/e-smith/events/actions/fix-startup new file mode 100644 index 0000000..a513e5d --- /dev/null +++ b/root/etc/e-smith/events/actions/fix-startup @@ -0,0 +1,39 @@ +#! /usr/bin/perl + +use strict; +use warnings; +use DirHandle; +my $d = DirHandle->new("/etc/rc7.d"); + +my @d = + sort { $a->{order} cmp $b->{order} } + map { /^S(\d+)([\w\-.]+)/ ; { name => $2 , order => $1 } } + grep { /^S/ } $d->read; + +my $equivalent = {'oidentd'=> 'identd', + 'nut'=> 'ups', + 'raidmonitor' => 'mdmonitor' + }; + + +foreach my $service (@d) +{ +my $sv=$service->{'name'}; +next if $sv eq 'bootstrap-console'; +$sv= $equivalent->{$sv} || $sv; +foreach (qw(multi-user sme-server)) +{ + if (-e "/lib/systemd/system/$_.target.wants/$sv.service") + { + system(qw(systemctl disable), $sv); + } + elsif (-e "/etc/systemd/system/$_.target.wants/$sv.service") + { + system(qw(systemctl disable), $sv); + } + elsif (-e "/etc/init.d/$sv") + { + my $dropoutput = `/usr/sbin/chkconfig $sv off 2>/dev/null`; + } +} +} diff --git a/root/etc/e-smith/events/actions/group-create-unix b/root/etc/e-smith/events/actions/group-create-unix new file mode 100755 index 0000000..5213eac --- /dev/null +++ b/root/etc/e-smith/events/actions/group-create-unix @@ -0,0 +1,191 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::ConfigDB; +use esmith::AccountsDB; +use File::Temp; + +my $conf = esmith::ConfigDB->open_ro + or die "Could not open Config DB"; +my $accounts = esmith::AccountsDB->open + or die "Could not open accounts DB"; + +my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled'; +my $x = 0; # exit value + +my $domain = $conf->get('DomainName') + || die("Couldn't determine domain name"); +$domain = $domain->value; + +my $event = $ARGV [0]; +my $groupName = $ARGV [1]; + +#------------------------------------------------------------ +# Create the group +#------------------------------------------------------------ + +die "Groupname argument missing." unless defined ($groupName); + +my $group = $accounts->get($groupName); + +unless ($group && $group->prop('type') eq 'group') +{ + die "Account $groupName is not a group account; create group failed.\n"; +} + +my $lock = undef; +my $gid; +unless ($gid = $group->prop('Gid')) +{ + use esmith::lockfile; + + $lock = esmith::lockfile::LockFileOrWait("/home/e-smith/db/accounts"); + $gid = $accounts->get_next_uid; + $group->set_prop('Gid', $gid); + unless ($group->prop('Uid')) + { + $group->set_prop('Uid', $gid); + } +} +my $uid = $group->prop('Uid'); +my $description = $group->prop('Description') || ''; + +if ($ldapauth ne 'enabled') +{ + # Create the user's unique group first + system( + "/usr/sbin/groupadd", + "-g", $gid, + $groupName + ) == 0 or ( $x = 255, warn "Failed to create (unix) group $groupName.\n" ); + + # Now create the dummy user account + system( + "/usr/sbin/useradd", + "-u", $uid, + "-g", $gid, + "-c", $description, + "-d", + "/home/e-smith", + "-s", + "/bin/false", + "$groupName" + ) == 0 or ( $x = 255, warn "Failed to create (unix) user $groupName.\n" ); +} + +# Create the user's unique group first (in ldap) +my $tmpattr = File::Temp->new(); +print $tmpattr "mail: $groupName\@$domain\n"; +print $tmpattr "description: $description\n"; +$tmpattr->flush(); +system( + "/usr/sbin/cpu", "groupadd", + "-a", "$tmpattr", + "-g", $gid, + $groupName + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $groupName.\n" ); +undef $tmpattr; + +# Now create the dummy user account (in ldap) +system( + "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "useradd", + "-u", $uid, + "-g", $gid, + "-d", + "/home/e-smith", + "-s", + "/bin/false", + "$groupName" + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) user $groupName.\n" ); + +# Set the cn of the dummy user account (in ldap) +$tmpattr = File::Temp->new(); +print $tmpattr "cn: $description\n"; +$tmpattr->flush(); +system( + "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", + "-a", $tmpattr, + "$groupName" + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to update (ldap) user $groupName.\n" ); +undef $tmpattr; + +# Release lock if we have one +$lock && esmith::lockfile::UnlockFile($lock); + +#------------------------------------------------------------ +# It would be nice if we could simply edit the line in /etc/group +# and add the list of users, but it's safer to use the "usermod" +# command. This means that for each desired group member, we have +# to fetch the current list of that member's groups, add this new +# group, and update the member's group list. +#------------------------------------------------------------ + +my $members = $group->prop('Members') || ''; +my @groupMembers = split (/,/, $members); + +# "www" and "admin" are implicit members of all groups +push @groupMembers, 'admin', 'www'; + +my $member; +foreach $member (@groupMembers) +{ + # Get a list of this member's supplementary groups, then add the + # new group to the list. Finally sort, join and run the usermod + # function to update the group list for this member. + + my $cmd = "/usr/bin/id -G -n '$member'"; + my $groups = `$cmd 2>/dev/null`; + if ($? != 0) + { + die "Failed to get supplementary group list for $member.\n"; + } + chomp ($groups); + + my @groupList = split (/\s+/, $groups); + @groupList = grep (!/^$member$/, @groupList); + # Apache is an alias for www + @groupList = map { $_ =~ s/^apache$/www/g; $_ } @groupList; + + push @groupList, $groupName; + + $groups = join (',', sort (@groupList)); + + if ($ldapauth ne 'enabled') + { + system("/usr/sbin/usermod", "-G", "$groups", "$member") == 0 + or ( $x = 255, warn "Failed to modify supplementary (unix) group list for $member.\n" ); + } + + # root user/group isn't in ldap + @groupList = grep (!/^root$/, @groupList); + $groups = join (',', sort (@groupList)); + + system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify supplementary (ldap) group list for $member.\n" ); +} + +exit ($x); diff --git a/root/etc/e-smith/events/actions/group-delete-unix b/root/etc/e-smith/events/actions/group-delete-unix new file mode 100755 index 0000000..5a6af53 --- /dev/null +++ b/root/etc/e-smith/events/actions/group-delete-unix @@ -0,0 +1,54 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::ConfigDB; + +my $conf = esmith::ConfigDB->open_ro + or die "Could not open Config DB"; + +my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled'; +my $x = 0; # exit value + +my $event = $ARGV [0]; +my $groupName = $ARGV [1] or die "Groupname argument missing."; + +if ($ldapauth ne 'enabled') +{ + system("/usr/sbin/userdel", "$groupName") == 0 + or ( $x = 255, warn "Failed to delete dummy user for (unix) group $groupName.\n" ); + + system("/usr/sbin/groupdel", "$groupName") == 0 + or ( $x = 255, warn "Failed to delete (unix) group $groupName.\n" ); +} + +system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "userdel", "$groupName") == 0 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete dummy user for (ldap) group $groupName.\n" ); + +system("/usr/sbin/cpu", "groupdel", "$groupName") == 0 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group $groupName.\n" ); + +exit ($x); diff --git a/root/etc/e-smith/events/actions/group-modify-unix b/root/etc/e-smith/events/actions/group-modify-unix new file mode 100755 index 0000000..5233f79 --- /dev/null +++ b/root/etc/e-smith/events/actions/group-modify-unix @@ -0,0 +1,169 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 2002-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::ConfigDB; +use esmith::AccountsDB; +use File::Temp; + +my $c = esmith::ConfigDB->open_ro || die "Couldn't open config db\n"; +my $a = esmith::AccountsDB->open_ro || die "Couldn't open accounts db\n"; + +my $ldapauth = $c->get('ldap')->prop('Authentication') || 'disabled'; +my $x = 0; # exit value + +my $domain = $c->get('DomainName') + || die("Couldn't determine domain name"); +$domain = $domain->value; + +my $event = shift || die "Event name arg missing\n";; +my @groups; + +if ( scalar @ARGV ) +{ + @groups = map { $a->get($_); } @ARGV; +} +else +{ + @groups = $a->groups; +} + +foreach my $group (@groups) +{ + my $groupName = $group->key; + unless ($group->prop('type') eq 'group') + { + warn "Account $groupName is not a group account.\n"; + next; + } + my %properties = $group->props; + + #------------------------------------------------------------ + # Modify the group. We do it the hard way - by removing all the + # current group members and adding the new ones (rather than + # deleting the group and recreating it). That guarantees that + # we keep the same group ID so that files associated with this + # group are unaffected. + #------------------------------------------------------------ + + my $groupDesc = $properties{'Description'} + if (defined $properties{'Description'}); + + if ($ldapauth ne 'enabled') + { + system("/usr/sbin/usermod", "-c", "$groupDesc", "$groupName") == 0 + or ( $x = 255, warn "Failed to modify (unix) group description for $groupName.\n" ); + } + + my $tmpattr = File::Temp->new(); + print $tmpattr "cn: $groupDesc\n"; + $tmpattr->flush(); + system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-a", "$tmpattr", "$groupName") == 0 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify (ldap) group description for $groupName.\n" ); + + $tmpattr = File::Temp->new(); + print $tmpattr "mail: $groupName\@$domain\n"; + print $tmpattr "description: $groupDesc\n"; + $tmpattr->flush(); + system( + "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupmod", + "-a", "$tmpattr", + "$groupName" + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify (ldap) group description/email for $groupName.\n" ); + undef $tmpattr; + + my ($name, $passwd, $gid, $members) = getgrnam ($groupName); + my @oldMembers = split (/\s+/, $members); + my @newMembers = split (/,/, $properties {'Members'}); + + # Add in ibay group membership + push @newMembers, (map { $_->key } $a->get_all_by_prop(Group => $groupName)); + + # "admin" and "www" are implicit members of all groups + push @newMembers, qw(www admin); + + my (%oldMembers, %newMembers); + + my $member; + foreach $member (@newMembers) + { + $newMembers{$member} = 1; + } + foreach $member (@oldMembers) + { + $oldMembers{$member} = 1; + } + my (@addMembers, @delMembers); + + foreach $member (@newMembers, @oldMembers) + { + # skip this member if not being added or removed + next if ($oldMembers{$member} and $newMembers{$member}); + # This next step is redundant! + next if (!$oldMembers{$member} and !$newMembers{$member}); + + # We need to add or remove this member from the group + # Get the supplementary group list for the member we are adding or + # deleting. + my $cmd = "/usr/bin/id -G -n '$member'"; + my $groups = `$cmd 2>/dev/null`; + if ($? != 0) + { + die "Failed to get supplementary group list for $member.\n"; + } + chomp ($groups); + + my @groupList = split (/\s+/, $groups); + @groupList = grep (!/^$member$/, @groupList); + # Apache is an alias for www + @groupList = map { $_ =~ s/^apache$/www/g; $_ } @groupList; + + if ($oldMembers{$member}) + { + @groupList = grep (!/^$groupName$/, @groupList); + } + else + { + push @groupList, $groupName; + } + $groups = join (',', sort (@groupList)); + + if ($ldapauth ne 'enabled') + { + system("/usr/sbin/usermod", "-G", "$groups", "$member") == 0 + or ( $x = 255, warn "Failed to modify supplementary (unix) group list for $member.\n" ); + } + + # root user/group isn't in ldap + @groupList = grep (!/^root$/, @groupList); + $groups = join (',', sort (@groupList)); + + system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-G", "$groups", "$member") == 0 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify supplementary (ldap) group list for $member.\n" ); + } +} + +exit ($x); diff --git a/root/etc/e-smith/events/actions/halt b/root/etc/e-smith/events/actions/halt new file mode 100755 index 0000000..f913ab4 --- /dev/null +++ b/root/etc/e-smith/events/actions/halt @@ -0,0 +1,30 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; + +exec ("/sbin/shutdown", qw(-h now)) or die "Can't exec shutdown: $!"; +exit (2); diff --git a/root/etc/e-smith/events/actions/init-accounts b/root/etc/e-smith/events/actions/init-accounts new file mode 100755 index 0000000..1abfa16 --- /dev/null +++ b/root/etc/e-smith/events/actions/init-accounts @@ -0,0 +1,84 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2003 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- +package esmith; + +use strict; +use Errno; +use esmith::util; +use esmith::ConfigDB; + +my $conf = esmith::ConfigDB->open_ro + or die "Could not open Config DB"; + +#create the group apache if doesn't exist +system(qw(/usr/sbin/groupadd -g 102 -r -o -f apache)) + unless getgrnam("apache"); + +# create the user apache if doesn't exist and has not the same uid/gid as www +if ( !getpwnam("apache") ) +{ + die "Error creating apache user or group" unless ( + system(qw(/usr/sbin/useradd -u 102 -g 102 -o -c 'Apache' -d /var/www -M -s /bin/nologin apache)) == 0); +} + +#set apache gid if different of 102 +my $apachegidtest = getgrnam("apache"); +if ( $apachegidtest != '102' ) +{ + die "Error changing apache gid" unless ( + system(qw(/usr/sbin/groupmod -g 102 -o apache)) == 0); +} + +#set apache uid if different of 102 +my $apacheuidtest = getpwnam("apache"); +if ( $apacheuidtest != '102' ) +{ + die "Error changing apache uid " unless ( + system(qw(/usr/sbin/usermod -u 102 -g 102 -o apache )) == 0); +} + + +# fix permissions for www and apache +# horde does not use www / apache anymore +#warn "failed to fix permissions for www" unless ( +# system("/bin/rpm --setugids horde 2> /dev/null") == 0 +# ); +# system("/bin/rpm --setperms horde 2> /dev/null") == 0 +# ); + +#order is essential there: --setugids then --setperms, or suid guid perms will be lost +warn "failed to fix user group ids for apache" unless ( + system("/bin/rpm --setugids httpd mod_auth_tkt mod_ssl php pwauth 2> /dev/null") == 0 + ); +warn "failed to fix permissions for apache" unless ( + system("/bin/rpm --setperms httpd mod_auth_tkt mod_ssl php pwauth 2> /dev/null") == 0 + ); + +# delete unwanted user accounts +foreach my $user (qw(halt shutdown sync)) +{ + `/usr/sbin/userdel $user` if getpwnam($user); +} + + +exit (0); diff --git a/root/etc/e-smith/events/actions/init-passwords b/root/etc/e-smith/events/actions/init-passwords new file mode 100755 index 0000000..d5fa37a --- /dev/null +++ b/root/etc/e-smith/events/actions/init-passwords @@ -0,0 +1,45 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2003 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- +package esmith; + +use strict; +use Errno; +use esmith::ConfigDB; + +my $c = esmith::ConfigDB->open or die "Could not open accounts db"; +my $PasswordSet = $c->get('PasswordSet'); + +#------------------------------------------------------------ +# Lock passwords for administrative accounts. +#------------------------------------------------------------ + +system("/usr/sbin/usermod", "-L", "root") and + warn("Could not lock root account"); +system("/usr/sbin/usermod", "-L", "admin") and + warn("Could not lock admin account"); +system("/usr/bin/smbpasswd", "-a", "-d", "-s", "admin") and + warn("Could not lock admin account"); + +$PasswordSet->set_value('no') or warn("Could not set PasswordSet to no"); + +exit (0); diff --git a/root/etc/e-smith/events/actions/isdn-down-notify b/root/etc/e-smith/events/actions/isdn-down-notify new file mode 100644 index 0000000..d3d23bc --- /dev/null +++ b/root/etc/e-smith/events/actions/isdn-down-notify @@ -0,0 +1,46 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- +package esmith; + +use strict; +use Errno; + +my $ipparam = $ARGV[6] || "(none)"; +exit 0 unless ("$ipparam" eq "diald"); + +use esmith::ConfigDB; + +my $c = esmith::ConfigDB->open_ro or die "Could not open config db"; + +my $isdn = $c->get('isdn') or exit 0; + +my $status = $isdn->prop('status') || 'disabled'; + +exit 0 unless ("$status" eq "enabled"); + +open(DIALD_CONTROL, ">/etc/diald/diald.ctl") + or die "Could not open diald control socket: $!\n"; + +print DIALD_CONTROL "down\n"; +close(DIALD_CONTROL) + or die "Could not close diald control socket: $!\n"; diff --git a/root/etc/e-smith/events/actions/logrotate-migrate b/root/etc/e-smith/events/actions/logrotate-migrate new file mode 100644 index 0000000..c62bfa0 --- /dev/null +++ b/root/etc/e-smith/events/actions/logrotate-migrate @@ -0,0 +1,54 @@ +#!/bin/bash +# this script is to migrate old symlink log to regular file in order +# to be handled by logrotate + +#known files that could be symlinks +FILES="/var/log/cron +/var/log/maillog +/var/log/messages +/var/log/secure +/var/log/spooler +/var/log/boot.log +/var/log/httpd/admin_access_log +/var/log/httpd/admin_error_log +/var/log/httpd/access_log +/var/log/httpd/error_log +/var/log/httpd/fpbx_error_log +/var/log/httpd/fpbx_access_log +/var/log/httpd/bkpc_access_log +/var/log/httpd/bkpc_error_log +/var/log/httpd/issoqlog_access_log +/var/log/httpd/isoqlog_access_log +/var/log/httpd/isoqlog_error_log +/var/log/httpd/pki_access_log +/var/log/httpd/pki_error_log +/var/log/pluto/pluto.log" + + +#counter +found=0 + +# could do also $(find /var/log/ -type l) +for f in $FILES +do + if [ -L "$f" ]; then + echo "Processing $f" + mylink=$(readlink "$f") + unlink $f + touch $f + if [ -f "$mylink" ]; then + cp --attributes-only "$mylink" "$f" + fi + ((found+=1)) + fi +done + +# exit if we are running bootstrap-console.service, to avoid systemd queue loop +/usr/bin/systemctl --quiet is-active bootstrap-console.service && exit 0; +# restart the needed services +if [ $found -gt 0 ] ; then + /usr/bin/systemctl daemon-reload > /dev/null 2>/dev/null + /usr/bin/systemctl --quiet is-active httpd-*.service && /usr/bin/systemctl reload httpd-*.service > /dev/null 2>/dev/null + /usr/bin/systemctl --quiet is-active rsyslog.service && /usr/bin/systemctl restart rsyslog.service > /dev/null 2>/dev/null +fi + diff --git a/root/etc/e-smith/events/actions/purge-old-logs b/root/etc/e-smith/events/actions/purge-old-logs new file mode 100644 index 0000000..80588f3 --- /dev/null +++ b/root/etc/e-smith/events/actions/purge-old-logs @@ -0,0 +1,73 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +use strict; +use Errno; +use File::Find; +use esmith::ConfigDB; + +my $cdb = esmith::ConfigDB->open_ro; + +my $rsyslog = $cdb->get('rsyslog') or die "No rsyslog db entry found"; +my $length = $rsyslog->prop('PurgeLength') || '95'; + +$ENV{'PATH'} = "/bin"; + +#---------------------------------------------------------------------- +# Find all files in /var/log/ that are: +# - real files +# - older than rsyslog{PurgeLength}, or 95 days if unset +# - matches our log naming scheme +# and eliminate them. +#---------------------------------------------------------------------- + + +chdir "/var/log/" + or die "Could not chdir to /var/log"; + +sub process +{ + #------------------------------------------------------------------ + # Files older than $length days, matching our naming scheme. + #------------------------------------------------------------------ + if ( -f and (int(-M) > $length) and /^[A-Za-z_].*\.\d{14}$/ ) + { + unlink("$_") + or die "Could not purge log $File::Find::name: $!\n"; + } + + #------------------------------------------------------------------ + # Files which are symlinks matching the naming scheme. + # They may have been left behind from older versions of the + # logrotate event. + #------------------------------------------------------------------ + if ( -l and /^[A-Za-z_].*\.\d{14}$/ ) + { + unlink("$_") + or die "Could not purge log $File::Find::name: $!\n"; + } +} + +find(\&process, glob('.')); + +exit 0; diff --git a/root/etc/e-smith/events/actions/raidmonitor-check b/root/etc/e-smith/events/actions/raidmonitor-check new file mode 100644 index 0000000..bd86c88 --- /dev/null +++ b/root/etc/e-smith/events/actions/raidmonitor-check @@ -0,0 +1,36 @@ +#!/bin/bash +#---------------------------------------------------------------------- +# copyright (C) 2013-2023 Koozali Foundation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +#---------------------------------------------------------------------- + +#exit if nothing to handle raid is installed +if [ ! -e /usr/sbin/mdadm ] ; then + exit 0; +fi +# exit if raid is already configured +if [ -e /etc/mdadm.conf ] ; then + exit 0 +fi +if [[ $(mdadm --detail --scan|wc -l) -ge 1 ]] ; then + echo "writting available raid array to /etc/mdadm.conf" + /usr/sbin/mdadm --detail --scan > /etc/mdadm.conf + # restart if enabled + if [[ $(/sbin/e-smith/config getprop raidmonitor status || echo "disabled") == "enabled" ]] ; then + /usr/bin/systemctl restart raidmonitor.service + fi +fi diff --git a/root/etc/e-smith/events/actions/reboot b/root/etc/e-smith/events/actions/reboot new file mode 100755 index 0000000..286878b --- /dev/null +++ b/root/etc/e-smith/events/actions/reboot @@ -0,0 +1,30 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; + +exec ("/sbin/shutdown", qw(-r now)) or die "Can't exec shutdown: $!"; +exit (2); diff --git a/root/etc/e-smith/events/actions/remove-templates-custom b/root/etc/e-smith/events/actions/remove-templates-custom new file mode 100644 index 0000000..41b1ff2 --- /dev/null +++ b/root/etc/e-smith/events/actions/remove-templates-custom @@ -0,0 +1,25 @@ +#!/usr/bin/perl +use Digest::MD5 qw(md5 md5_hex md5_base64); +use strict; +use warnings; + +my %files = ( + '/etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/20LoadModule80PHP' => 'f1754b2ea09ec195d816b3e6d4b044a5', #smeserver-php-scl + '/etc/e-smith/templates-custom/etc/hosts.allow/sshd' => 'd08f437bc0b38e996341f564cf446828', #smeserver-denyhosts + '/etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/35SSL00Listen443' => 'a3d1cf339126da076c1dcc2b21602bc9', #smeserver-softethervpn-server + '/etc/e-smith/templates-custom/etc/dhcpd.conf/25DomainNameServers' => 'c201caf9528713b55708173a3ef26f18', #smeserver-dhcpmanager + '/etc/e-smith/templates-custom/etc/dhcpd.conf/25LeaseTimeDefault' => 'ad4468c7b2ad8f275514e7ce61747651', #smeserver-dhcpmanager + '/etc/e-smith/templates-custom/etc/dhcpd.conf/25LeaseTimeMax' => 'a450dbc91dc0d6443b29069d829c0a51', #smeserver-dhcpmanager + '/etc/e-smith/templates-custom/etc/dhcpd.conf/25Routers' => 'd14a9b0153af3b7c608bb59eaccc24fc' #smeserver-dhcpmanager + +); + +for my $filename (keys %files) { + next unless ( -f $filename); + open (my $fh, '<', $filename) or die "Can't open '$filename': $!"; + binmode ($fh); + my $sum =Digest::MD5->new->addfile($fh)->hexdigest; + next unless $files{$filename} eq $sum; + warn "md5sum matches, deleting fragment $filename identified as owned by a previous rpm\n"; + unlink $filename or warn "failed to remove $filename\n"; +} diff --git a/root/etc/e-smith/events/actions/reset-unsavedflag b/root/etc/e-smith/events/actions/reset-unsavedflag new file mode 100755 index 0000000..650e2a3 --- /dev/null +++ b/root/etc/e-smith/events/actions/reset-unsavedflag @@ -0,0 +1,24 @@ +#!/bin/sh + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +/sbin/e-smith/config set UnsavedChanges no diff --git a/root/etc/e-smith/events/actions/rmmod-bonding b/root/etc/e-smith/events/actions/rmmod-bonding new file mode 100644 index 0000000..52c3739 --- /dev/null +++ b/root/etc/e-smith/events/actions/rmmod-bonding @@ -0,0 +1,15 @@ +#!/bin/sh + +# This is an ugly hack that removes the bonding module during +# bootstrap-console-save. We do this because we can potentially +# change modprobe.conf in the event, but bonding.ko may already +# be loaded by the time we do (by /etc/rc.sysinit). +# This means the changes don't take +# effect unless you reboot (ugh). Removing the module before +# networking is started causes the module to be reloaded using +# the new module params. + +if grep -q bonding /proc/modules +then + /sbin/rmmod bonding +fi diff --git a/root/etc/e-smith/events/actions/rotate_logfiles b/root/etc/e-smith/events/actions/rotate_logfiles new file mode 100644 index 0000000..54564b4 --- /dev/null +++ b/root/etc/e-smith/events/actions/rotate_logfiles @@ -0,0 +1,9 @@ +#!/bin/sh + +/usr/sbin/logrotate -s /var/lib/logrotate/logrotate.status /etc/logrotate.conf +EXITVALUE=$? +if [ $EXITVALUE != 0 ]; then + /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]" +fi +exit 0 + diff --git a/root/etc/e-smith/events/actions/set-external-ip b/root/etc/e-smith/events/actions/set-external-ip new file mode 100644 index 0000000..1995690 --- /dev/null +++ b/root/etc/e-smith/events/actions/set-external-ip @@ -0,0 +1,40 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- +package esmith; + +use strict; +use Errno; +use esmith::ConfigDB; + +my $db = esmith::ConfigDB->open or die "Couldn't open ConfigDB\n"; + +#------------------------------------------------------------ +# Set $ExternalIP in configuration hash, for use by templates +#------------------------------------------------------------ +my $event = $ARGV [0]; +my $newip = $ARGV[1]; + +$db->set_value('ExternalIP', $newip); +$db->set_prop('ExternalInterface', 'IPAddress', $newip); + +exit (0); diff --git a/root/etc/e-smith/events/actions/set-gateway-ip b/root/etc/e-smith/events/actions/set-gateway-ip new file mode 100644 index 0000000..f4186f9 --- /dev/null +++ b/root/etc/e-smith/events/actions/set-gateway-ip @@ -0,0 +1,41 @@ +#!/bin/sh + +#---------------------------------------------------------------------- +# copyright (C) 2001-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +#------------------------------------------------------------ +# Set $GatewayIP in configuration db, for use by templates +#------------------------------------------------------------ +# my $event = $1 + +# These params all come via pppd, via ip-up.local +# interface_name = $2 +# tty-device = $3 +# speed = $4 +# local_ip = $5 +# remote_ip = $6 +# ipparam = $7 + +if [ "$7" = "diald" ] +then + exec /sbin/e-smith/config set GatewayIP "$6" +fi +exit 0 diff --git a/root/etc/e-smith/events/actions/set-hostname b/root/etc/e-smith/events/actions/set-hostname new file mode 100644 index 0000000..ae94335 --- /dev/null +++ b/root/etc/e-smith/events/actions/set-hostname @@ -0,0 +1,31 @@ +#!/usr/bin/perl + +#---------------------------------------------------------------------- +# copyright (C) 2016 Koozali SME Server +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +#---------------------------------------------------------------------- +use esmith::ConfigDB; + +my $db = esmith::ConfigDB->open_ro() or die 'cannot open the database'; +my $SystemName = $db->get_value('SystemName'); +my $DomainName = $db->get_value('DomainName'); + +#set the command +my $command = "exec /bin/hostnamectl set-hostname $SystemName.$DomainName"; + +open EXEC, "$command |" or die "cannot set hostname: $!"; +close EXEC; diff --git a/root/etc/e-smith/events/actions/systemd-default b/root/etc/e-smith/events/actions/systemd-default new file mode 100644 index 0000000..6357d54 --- /dev/null +++ b/root/etc/e-smith/events/actions/systemd-default @@ -0,0 +1,231 @@ +#!/usr/bin/perl -w + +use strict; +use Errno; +use esmith::ConfigDB; +use File::Temp; +use esmith::templates; +use File::Basename; +use Cwd 'abs_path'; + +my $conf = esmith::ConfigDB->open_ro; + + +my $event = $ARGV [0]; +my $second = $ARGV [1]; + +my @servicedirpaths = ("/usr/lib/systemd/system/","/etc/systemd/system/"); +my @presetdirpaths = ("/usr/lib/systemd/system-preset/","/etc/systemd/system-preset/"); +my $filename = "/etc/systemd/system-preset/49-koozali.preset"; +my $filename2 = "/usr/lib/systemd/system/sme-server.target.d/50koozali.conf"; +my %services; +my %files; +my @WantedBy; + +# expand preset file +esmith::templates::processTemplate({ + MORE_DATA => { }, + TEMPLATE_PATH => $filename, + OUTPUT_FILENAME => $filename, + }); +# expand content of sme-server.target.d +esmith::templates::processTemplate({ + MORE_DATA => { }, + TEMPLATE_PATH => $filename2, + OUTPUT_FILENAME => $filename2, + }); + +# make sure our target is enabled +system("/usr/bin/systemctl enable sme-server.target"); +# force the main default target in /usr/lib +#ln -fs sme-server.target /lib/systemd/system/default.target +my $old_qfn = "sme-server.target"; +my $new_qfn = "/lib/systemd/system/default.target"; +if (!symlink($old_qfn, $new_qfn)) { + if ($!{EEXIST}) { + unlink($new_qfn) + or die("Can't remove \"$new_qfn\": $!\n"); + symlink($old_qfn, $new_qfn) + or die("Can't create symlink \"$new_qfn\": $!\n"); + } else { + die("Can't create symlink \"$new_qfn\": $!\n"); + } +} + +# we let the dedicated systemd command tryin to do what we will do later in this script +# as up to systemd 236 it is bugged see: +# https://github.com/systemd/systemd/pull/7158 and https://github.com/systemd/systemd/pull/7289 +system("/usr/bin/systemctl preset-all"); +# in case preset-all messed up with our default target +system("/usr/bin/systemctl set-default sme-server.target"); + +# list both preset directories +# seek files to be removed from usr/lib if same basename exist +foreach my $d (@presetdirpaths) { + opendir my $dir, "$d" or die "Cannot open directory: $!"; + my @dirfiles = readdir $dir; + closedir $dir; + foreach my $fi (@dirfiles) { + next unless ($fi =~ /.preset$/); + $files{$fi}="$d$fi" + } +} + +# list wanted services in the sme-server.target +#Wants=acpid.service atd.service auditd.service avahi-daemon.service brandbot.path crond.service irqbalance.service nfs-client.target remote-fs.target rhel-configure.service rsyslog.service smartd.service yum-cron.service +my $smewants = `grep -P '^Wants=' /usr/lib/systemd/system/sme-server.target -rs`; +chomp $smewants; +my @smematches = ( $smewants =~ /([a-zA-Z0-9\-_]+\.service)/g ); + + +# parse all files on reverse order : lower number take precedence +# we ignore joker lines * +# we ignore @ lines +# we ignore multiple in one line +# our default at the end is to disable if not listed +foreach my $filen (reverse sort keys %files) { +#print "==============> $filen : ".$files{$filen} ."\n"; + # parsing $filename content + # should end with hash with 2 possible value : enable and disable + # ignore lines starting with # or empty character + open(FILE, '<', $files{$filen}) or die $!; + while () { + chomp; # remove newlines + next if (/^\s+$/); + next if (/^#/); + s/^\s+//; # remove leading whitespace + s/\s+$//; # remove trailing whitespace + next unless length; # next rec unless anything left +# print $_ ."\n"; + next unless (/^(enable|disable)\s+([a-zA-Z0-9\-_.@]+\.service)/); + my $service=$2; + my $stats=$1; +# print $_ ."\n"; + #ignore service that does not exists ! + my $multiple = $service; + ($multiple = $service ) =~ s/([a-zA-Z0-9\-_.]+@)(.*)/$1.service/ if ( $service =~ /@/ ); + #print "$stats $service $multiple\n"; + next unless ( -e "/usr/lib/systemd/system/$service" or -e "/etc/lib/systemd/system/$service" or -e "/usr/lib/systemd/system/$multiple"); + # eliminate duplicates, this way we keep only the last entry of the lowest file as we do it in reverse order of file, + # but from top to bottom of file. + $services{$service}=$stats; + + # list all Services explicitely listed in preset that are also in Wants= or with WantedBy= sme-server.target + next if (/^$service$/ ~~ @WantedBy); + if ( /^$service$/ ~~ @smematches ) { + push(@WantedBy, $service); + #print "want $service \n"; + } + else { + my $wanted = `grep -P '^WantedBy=.*sme-server.target' /usr/lib/systemd/system/$service* /etc/systemd/system/$service* -rsh` ; + chomp $wanted; + push(@WantedBy , $service) unless ( $wanted eq "") ; + #print "want $service \n" unless ( $wanted eq "") ; + } + + } +} + +# then check content of /etc/systemd/system/sme-server.target.wants/ +# remove what is not in enable +my $d = "/etc/systemd/system/sme-server.target.wants/"; +opendir my $dir, "$d" or die "Cannot open directory: $!"; +my @dirfiles = readdir $dir; +closedir $dir; +foreach my $fi (@dirfiles) { + # we ignore . and .. + next if $fi =~ /\.+$/; + # for the moment we only consider service files and ignore target, mount, device, socket... + next unless ($fi =~ /.service$/); + # remove if file but not a link + unless ( -l "$d$fi") { + print "remove $d$fi : not a link\n"; + unlink "$d$fi"; + next; + } + # remove if also un /usr/lib .. not as preset-all does not care + #if ( -l "/usr/lib/systemd/system/sme-server.target.wants/$fi") { + # print "remove $d$fi : also in /usr/lib/systemd/system/sme-server.target.wants/\n"; + # unlink "$d$fi"; + # next; + #} + # remove if link is not to an existing file # we should also check if pointing to an authorized path! + my $multiple = $fi; + ($multiple = $fi ) =~ s/([a-zA-Z0-9\-_.]+@)(.*)/$1.service/ if ( $fi =~ /@/ ); + my $absFilePath = abs_path("$d$fi") ; + if ( ! -f "$absFilePath" or ( ! -f "/etc/systemd/system/$fi" and ! -f "/usr/lib/systemd/system/$fi" and ! -f "/usr/lib/systemd/system/$multiple") ) { + print "remove $d$fi target '$absFilePath' does not exist or is not regular file in expected path\n"; + unlink "$d$fi"; + next; + } + # is not enable in preset : remove + #print "==$fi \n"; + if ( ! defined $services{$fi} or $services{$fi} ne "enable") { + print "remove $d$fi as not enabled in preset\n"; + unlink "$d$fi"; + next; + } + # if not wanted remove + unless ( /^$fi$/ ~~ @WantedBy) { + print "remove $d$fi as not declared as WantedBy or in Wants for sme-server.target\n"; + unlink "$d$fi"; + } +} + +# and we add wanted enabled services +# we only do it for sme-server.target, ignoring the remaining of WantedBy +foreach my $service (sort keys %services) { + my $wanted= "not"; + $wanted = "want" if ( /^$service$/ ~~ @WantedBy ); + my $status = $services{$service}; + my $linkedU = ( -e "/usr/lib/systemd/system/sme-server.target.wants/$service" ) ? "linked" : "not"; + my $linkedE = ( -e "/etc/systemd/system/sme-server.target.wants/$service" ) ? "linked" : "not"; + my $linkedD = ( -e "/etc/systemd/system/default.target.wants/$service" or -e "/usr/lib/systemd/system/default.target.wants/$service" ) ? "linked" : "not"; + ## adding link if needed in /etc/systemd/system/sme-server.target.wants + ## readd event if present in usr/lib as preste-all does not care about that. + if ( $status eq "enable" and $linkedE eq "not" and $linkedD eq "not" and $wanted eq "want" and ( $service !~ /\@\.service$/ ) ){ + #print "systemctl add-wants sme-server.target $service\n"; + `/usr/bin/systemctl add-wants sme-server.target $service `; + } +} + +# do something about /usr/lib/systemd/system/sme-server.target.wants/ +# we check for rpm owned and not rpm owned +# we only inform there, we do not do anything else +$d = "/usr/lib/systemd/system/sme-server.target.wants/"; +opendir $dir, "$d" or die "Cannot open directory: $!"; +@dirfiles = readdir $dir; +closedir $dir; +foreach my $fi (@dirfiles) { + # we ignore . and .. + next if $fi =~ /\.+$/; + # for the moment we only consider service files and ignore target, mount, device, socket... + next unless ($fi =~ /.service$/); + # remove if file but not a link + print "$d$fi is not a link\n" unless ( -l "$d$fi"); + # remove if link is not to an existing file + my $absFilePath = abs_path("$d$fi") ; + print "$d$fi target '$absFilePath' does not exist or is not regular file\n" unless ( -f "$absFilePath"); + # check if owned by rpm + my $rpmowned = `rpm -qf $d$fi`; + chomp $rpmowned; + if ($rpmowned ne "" ) { + #print "$d$fi is owned by $rpmowned\n"; + #next; + } else { + print "$d$fi has been manually added\n"; + } + if ( ! defined $services{$fi} or $services{$fi} ne "enable") { + print "$d$fi is not enabled in preset\n"; + } + # if not wanted remove + # need to check its own files also here + my $service = $fi; + my $wanted = `grep -P '^WantedBy=.*sme-server.target' /usr/lib/systemd/system/$service* /etc/systemd/system/$service* -rsh` ; + chomp $wanted; + #unless ( /^$fi$/ ~~ @WantedBy ) { + unless (grep(/^$fi$/, @WantedBy ) ) { + print "$d$fi is not declared as WantedBy or in Wants for sme-server.target\n"; + } +} + diff --git a/root/etc/e-smith/events/actions/systemd-isolate b/root/etc/e-smith/events/actions/systemd-isolate new file mode 100644 index 0000000..f0c450c --- /dev/null +++ b/root/etc/e-smith/events/actions/systemd-isolate @@ -0,0 +1,4 @@ +#!/usr/bin/bash +/usr/bin/systemctl daemon-reload +/usr/bin/systemctl -q is-active sme-server.target || /usr/bin/systemctl isolate sme-server.target +/usr/bin/systemctl daemon-reload diff --git a/root/etc/e-smith/events/actions/systemd-journald b/root/etc/e-smith/events/actions/systemd-journald new file mode 100644 index 0000000..6297a7b --- /dev/null +++ b/root/etc/e-smith/events/actions/systemd-journald @@ -0,0 +1,5 @@ +#!/bin/bash +if [[ ! -d /var/log/journal ]]; then + mkdir -p /var/log/journal + /usr/bin/systemd-tmpfiles --create --prefix /var/log/journal +fi diff --git a/root/etc/e-smith/events/actions/systemd-reload b/root/etc/e-smith/events/actions/systemd-reload new file mode 100644 index 0000000..0401705 --- /dev/null +++ b/root/etc/e-smith/events/actions/systemd-reload @@ -0,0 +1,2 @@ +#!/usr/bin/bash +/usr/bin/systemctl daemon-reload diff --git a/root/etc/e-smith/events/actions/update-ifcfg b/root/etc/e-smith/events/actions/update-ifcfg new file mode 100644 index 0000000..5ec2014 --- /dev/null +++ b/root/etc/e-smith/events/actions/update-ifcfg @@ -0,0 +1,71 @@ +#!/usr/bin/perl -w + +use esmith::ConfigDB; +use esmith::templates; +use esmith::ethernet; +use strict; + +my $c = esmith::ConfigDB->open_ro() || + die "Couldn't open ConfigDB"; + +my @adapters = split(/\n/, esmith::ethernet::probeAdapters()); +my @nics = (); + +if (($c->get('EthernetDriver1')->value || 'unknown') eq 'dummy'){ + push @adapters, "dummy\tdummy\t10:00:01:02:03:04\tFake Network Interface\tdummy0"; +} +# If NIC bonding is enabled, we need to handle route-bond0 and ifcfg-bond0 +if (($c->get('InternalInterface')->prop('NICBonding') || 'disabled') eq 'enabled'){ + push @adapters, "bond\tbond\t10:00:01:02:03:04\tBonding virtual Interface\tbond0"; +} + +# Expand templates for every adapters found +foreach my $adapter (@adapters){ + my (undef, undef, undef, undef, $nic) = split(/\t/, $adapter, 5); + push @nics, $nic; + esmith::templates::processTemplate({ + MORE_DATA => { THIS_DEVICE => $nic }, + TEMPLATE_PATH => '/etc/sysconfig/network-scripts/ifcfg-ethX', + OUTPUT_FILENAME => "/etc/sysconfig/network-scripts/ifcfg-$nic" + }); + esmith::templates::processTemplate({ + MORE_DATA => { THIS_DEVICE => $nic }, + TEMPLATE_PATH => '/etc/sysconfig/network-scripts/route-ethX', + OUTPUT_FILENAME => "/etc/sysconfig/network-scripts/route-$nic" + }); + esmith::templates::processTemplate({ + MORE_DATA => { THIS_DEVICE => $nic }, + TEMPLATE_PATH => '/var/lib/dhclient/dhclient.conf', + OUTPUT_FILENAME => "/var/lib/dhclient/dhclient-$nic.conf" + }); +} + +# Build a list of interfaces for which we want to keep the config +foreach ($c->get_all_by_prop( type => 'interface')){ + push @nics, $_->prop('Name'); +} +push @nics, $_ foreach (qw/ppp0 lo/); +my %dedup; +@dedup{@nics} = (); +@nics = keys %dedup; + +# Now remove any ifcfg-X, route-X or dhclient-X.conf +# for NIC which have been removed +foreach my $removed (glob "/etc/sysconfig/network-scripts/ifcfg-*"){ + $removed =~ m/ifcfg\-(.*)$/; + my $interface = $1; + next if (grep { $_ eq $interface } @nics); + unlink $removed; +} +foreach my $removed (glob "/etc/sysconfig/network-scripts/route-*"){ + $removed =~ m/route\-(.*)$/; + my $interface = $1; + next if (grep { $_ eq $interface } @nics); + unlink $removed; +} +foreach my $removed (glob "/var/lib/dhclient/dhclient-*.conf"){ + $removed =~ m/dhclient\-(.*)\.conf$/; + my $interface = $1; + next if (grep { $_ eq $interface } @nics); + unlink $removed; +} diff --git a/root/etc/e-smith/events/actions/update-passwd b/root/etc/e-smith/events/actions/update-passwd new file mode 100644 index 0000000..542dba2 --- /dev/null +++ b/root/etc/e-smith/events/actions/update-passwd @@ -0,0 +1,58 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::AccountsDB; + +my $a = esmith::AccountsDB->open_ro or die "Could not open accounts db"; + +foreach my $u ($a->users) +{ + my $user = $u->key; + my $pwset = $u->prop('PasswordSet') || 'no'; + unless ($pwset eq 'yes') + { + system("/usr/bin/passwd", "-l", $user) == 0 + or warn("Problem locking password for user $user\n"); + + system("/usr/bin/smbpasswd", "-d", $user) == 0 + or warn("Problem locking smbpassword for user $user\n"); + } +} + +foreach my $i ($a->ibays) +{ + my $ibay = $i->key; + my $pwset = $i->prop('PasswordSet') || 'no'; + my $pwable = $i->prop('Passwordable') || 'yes'; + unless ($pwable eq 'no' || $pwset eq 'yes') + { + system("/usr/bin/passwd", "-l", $ibay) == 0 + or warn("Problem locking password for i-bay $ibay\n"); + } +} + +exit(0); diff --git a/root/etc/e-smith/events/actions/user-create-unix b/root/etc/e-smith/events/actions/user-create-unix new file mode 100755 index 0000000..71bc791 --- /dev/null +++ b/root/etc/e-smith/events/actions/user-create-unix @@ -0,0 +1,154 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::ConfigDB; +use esmith::AccountsDB; +use File::Temp; + +my $conf = esmith::ConfigDB->open_ro; +my $accounts = esmith::AccountsDB->open; + +my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled'; +my $x = 0; # exit value + +my $domain = $conf->get('DomainName') + || die("Couldn't determine domain name"); +$domain = $domain->value; + +my $event = $ARGV [0]; +my $userName = $ARGV [1]; + +#------------------------------------------------------------ +# Create the Unix account +#------------------------------------------------------------ + +die "username argument missing" unless defined ($userName); + +my $acct = $accounts->get($userName); +unless (defined $acct and $acct->prop('type') eq "user") +{ + die "Account $userName is not a user account; create user failed.\n"; +} + +my $lock = undef; +my $uid; +unless ($uid = $acct->prop('Uid')) +{ + use esmith::lockfile; + + $lock = esmith::lockfile::LockFileOrWait("/home/e-smith/db/accounts"); + $uid = $accounts->get_next_uid; + $acct->set_prop('Uid', $uid); +} +my $gid = $acct->prop('Gid') || $uid; +my $first = $acct->prop('FirstName') || ''; +my $last = $acct->prop('LastName') || ''; +my $phone = $acct->prop('Phone') || ''; +my $company = $acct->prop('Company') || ''; +my $dept = $acct->prop('Dept') || ''; +my $city = $acct->prop('City') || ''; +my $street = $acct->prop('Street') || ''; +my $shell = $acct->prop('Shell') || '/usr/bin/rssh'; +my $groups = "shared"; + +if ($ldapauth ne 'enabled') +{ + # Create the user's unique group first + system( + "/usr/sbin/groupadd", + "-g", + $gid, + $userName + ) == 0 or ( $x = 255, warn "Failed to create (unix) group $userName.\n" ); + + # Now create the user account + system( + "/usr/sbin/useradd", + "-u", $uid, + "-g", $gid, + "-c", "$first $last", + "-d", "/home/e-smith/files/users/$userName", + "-G", "$groups", + "-m", + "-k", "/etc/e-smith/skel/user", + "-s", "$shell", + $userName + ) == 0 or ( $x = 255, warn "Failed to create (unix) account $userName.\n" ); +} + +# Create the user's unique group first (in ldap) +system( + "/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupadd", + "-g", + $gid, + $userName + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $userName.\n" ); + +# Now create the user account (in ldap) +my $tmpattr = File::Temp->new(); +print $tmpattr "telephoneNumber: $phone\n"; +print $tmpattr "o: $company\n"; +print $tmpattr "ou: $dept\n"; +print $tmpattr "l: $city\n"; +print $tmpattr "street: $street\n"; +$tmpattr->flush(); +system( + "/usr/sbin/cpu", "useradd", + "-u", $uid, + "-g", $gid, + "-f", "$first", + "-E", "$last", + "-e", "$userName\@$domain", + "-a", "$tmpattr", + "-d", "/home/e-smith/files/users/$userName", + "-G", "$groups", + "-m", + "-k/etc/e-smith/skel/user", + "-s", "$shell", + $userName + ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) account $userName.\n" ); +undef $tmpattr; + + +# Release lock if we have one +$lock && esmith::lockfile::UnlockFile($lock); + +# Set initial permissions on user's root directory. + +chmod 0700, "/home/e-smith/files/users/$userName"; + +if ($ldapauth ne 'enabled') +{ + system("/usr/bin/passwd", "-l", "$userName") + and ( $x = 255, warn "Could not lock (unix) password for $userName\n" ); +} +system("/usr/sbin/cpu", "usermod", "-L", "$userName") + and ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Could not lock (ldap) password for $userName\n" ); +system("/usr/bin/smbpasswd", "-a", "-d", "$userName") + and ( $x = 255, warn "Could not lock (smb) password for $userName\n" ); + +exit ($x); diff --git a/root/etc/e-smith/events/actions/user-delete-groups-and-pseudonyms b/root/etc/e-smith/events/actions/user-delete-groups-and-pseudonyms new file mode 100755 index 0000000..7d9b7fb --- /dev/null +++ b/root/etc/e-smith/events/actions/user-delete-groups-and-pseudonyms @@ -0,0 +1,13 @@ +#!/usr/bin/perl -w + +use strict; +use esmith::AccountsDB; + +my $accountdb = esmith::AccountsDB->open() or + die "Unable to open accounts db"; + +my ($event, $acctName) = @ARGV; +$accountdb->remove_user_from_groups($acctName, + $accountdb->user_group_list($acctName)); +$accountdb->remove_all_user_pseudonyms($acctName); + diff --git a/root/etc/e-smith/events/actions/user-delete-unix b/root/etc/e-smith/events/actions/user-delete-unix new file mode 100755 index 0000000..a3d8b46 --- /dev/null +++ b/root/etc/e-smith/events/actions/user-delete-unix @@ -0,0 +1,63 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::util; +use esmith::ConfigDB; + +my $conf = esmith::ConfigDB->open_ro + or die "Could not open Config DB"; + +my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled'; +my $x = 0; # exit value + +my $event = $ARGV [0]; +my $userName = $ARGV [1]; + +#------------------------------------------------------------ +# Delete the Unix account. +#------------------------------------------------------------ + +die "Username argument missing." unless defined ($userName); + +if ($ldapauth ne 'enabled') +{ + esmith::util::cancelUserPassword ($userName); + + my $discard = `/usr/sbin/userdel -r '$userName'`; + if ($? != 0) + { + ( $x = 255, warn "Failed to delete (unix) account $userName.\n" ); + } +} + +system("/usr/sbin/cpu", "userdel", "-r", $userName) == 0 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) account $userName.\n" ); + +system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupdel", $userName) == 0 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group account $userName.\n" ); + +exit ($x); diff --git a/root/etc/e-smith/events/actions/user-group-modify b/root/etc/e-smith/events/actions/user-group-modify new file mode 100755 index 0000000..159d9d3 --- /dev/null +++ b/root/etc/e-smith/events/actions/user-group-modify @@ -0,0 +1,49 @@ +#!/usr/bin/perl -w +#---------------------------------------------------------------------- +# Copyright (C) 2002 Mitel Networks Corp. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks. +# For details, please visit our web site at www.mitel.com/sme/ +#---------------------------------------------------------------------- + +use strict; +use esmith::event; +use esmith::AccountsDB; +use User::grent; + +shift @ARGV; +my $userName = shift @ARGV or die "Must supply username"; + +my $acctdb = esmith::AccountsDB->open() + or die "Unable to open accounts db: $!"; + +# Make a list of system groups that this user is a member of +my ($user, $colon, @old_groups) = split(' ', `/usr/bin/groups $userName`); + +# Now add in the list of groups the user is a member of according to +# the accounts db, and remove duplicates. The do the group-modify +# actions for all these groups +my %modified_groups = map { $_, 1 } @old_groups, $acctdb->user_group_list($userName); +# but omit "shared" and user private group +foreach ('shared', $userName, 'rsshusers') +{ + delete $modified_groups{$_} if exists $modified_groups{$_}; +} + +exit 0 unless (scalar %modified_groups); + +event_signal("group-modify", keys %modified_groups); diff --git a/root/etc/e-smith/events/actions/user-lock-passwd b/root/etc/e-smith/events/actions/user-lock-passwd new file mode 100644 index 0000000..80338f6 --- /dev/null +++ b/root/etc/e-smith/events/actions/user-lock-passwd @@ -0,0 +1,99 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 2001-2006 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::AccountsDB; +use esmith::ConfigDB; +use English; + +my $a = esmith::AccountsDB->open or die "Could not open accounts db"; +my $conf = esmith::ConfigDB->open or die "Could not open configuration db"; + +my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled'; +my $x = 0; # exit value + +my $event = $ARGV [0]; + +my @users_to_lock = bad_password_users(); + +defined $ARGV[1] && push @users_to_lock, $ARGV[1]; + +for my $user (@users_to_lock) +{ + lock_user($user); +} + +exit 0; + +sub lock_user +{ + my ($userName) = @_; + #------------------------------------------------------------ + # Lock the user account in all authentication databases + #------------------------------------------------------------ + + my $u = $a->get($userName) or die "No account record for user $userName"; + + if ($ldapauth ne 'enabled') + { + system("/usr/bin/passwd", "-l", $userName) == 0 + or ( $x = 255, warn "Error locking (unix) account $userName" ); + } + system("/usr/sbin/cpu", "usermod", "-L", $userName) == 0 + or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Error locking (ldap) account $userName" ); + system("/usr/bin/smbpasswd", "-d", $userName) == 0 + or ( $x = 255, warn "Error locking (smb) account $userName" ); + $u->set_prop('PasswordSet', 'no'); + + if ($userName eq 'admin') + { + $conf->set_value('PasswordSet', 'no'); + } +} + +sub bad_password_users +{ + my @smbpasswd = `/usr/bin/pdbedit -wL` + or die "Error listing smb passwords\n"; + + my @users; + + SMBPASSWD: + foreach my $smb_entry (@smbpasswd) + { + my ($user, $uid, $lanman_hash, $nt_hash, @rest) + = split /:/, $smb_entry; + + if ( $lanman_hash eq "AAD3B435B51404EEAAD3B435B51404EE" + or $nt_hash eq "31D6CFE0D16AE931B73C59D7E0C089C0" + ) + { + push @users, $user; + next SMBPASSWD; + } + } + + return @users; +} + +exit ($x); diff --git a/root/etc/e-smith/events/actions/user-modify-unix b/root/etc/e-smith/events/actions/user-modify-unix new file mode 100755 index 0000000..5b96077 --- /dev/null +++ b/root/etc/e-smith/events/actions/user-modify-unix @@ -0,0 +1,156 @@ +#!/usr/bin/perl -w +#---------------------------------------------------------------------- +# copyright (C) 1999-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- +package esmith; + +use strict; +use Errno; +use esmith::AccountsDB; +use esmith::ConfigDB; +use Net::LDAP; +use esmith::util; + +my $conf = esmith::ConfigDB->open or die "Could not open configuration db"; + +my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled'; +my $x = 0; # exit value + +my $domain = $conf->get('DomainName') + || die("Couldn't determine domain name"); +$domain = $domain->value; + +# prepare LDAP bind +my $pw = esmith::util::LdapPassword(); +my $base = esmith::util::ldapBase ($domain); + +my $ldap = Net::LDAP->new('localhost') + or die "$@"; + +$ldap->bind( + dn => "cn=root,$base", + password => $pw +); + +my $event = $ARGV [0]; +my $userName = $ARGV [1]; + +#------------------------------------------------------------ +# Check the Unix account +#------------------------------------------------------------ + + +my $a = esmith::AccountsDB->open or die "Could not open accounts db"; + +my @users; +if ($event eq 'bootstrap-ldap-save') +{ + @users = $a->users; +} +else +{ + die "Username argument missing." unless defined ($userName); + my $u = $a->get($userName) or die "No account db record found for user $userName"; + @users = ($u); +} +foreach my $u (@users) +{ + my $type = $u->prop('type'); + my $userName = $u->key; + + die "Account $userName is not a user account; modify user failed.\n" + unless ( ($userName eq 'admin') or ($type eq 'user') ); + + setpwent; + my ($comment, $shell) = (getpwnam($userName))[6,8]; + endpwent; + my $new_shell = $u->prop('Shell') + || (($shell eq "/bin/sshell") ? "/usr/bin/rssh" : $shell); + + $u->set_prop('Shell', $new_shell) unless (not defined $u->prop('Shell') && $new_shell eq "/usr/bin/rssh" ) ; + + my $result; + #------------------------------------------------------------ + # Modify user's shell, if required, in /etc/passwd using "usermod" + #------------------------------------------------------------ + unless ($shell eq $new_shell) + { + if ($ldapauth ne 'enabled') + { + system("/usr/sbin/usermod", '-s', "$new_shell", $userName) == 0 + or ( $x = 255, warn "Failed to modify shell of (unix) account $userName.\n" ); + } + + my @new_shell = ($new_shell); + $result = $ldap->modify("uid=$userName,ou=Users,$base", + replace => { + loginShell => \@new_shell + } + ); + $result->code && ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify shell of (ldap) account $userName.\n" ); + } + + #------------------------------------------------------------ + # Modify user's first name and last name if required, + # in /etc/passwd using "usermod" + #------------------------------------------------------------ + my $first = $u->prop('FirstName') || ""; + my $last = $u->prop('LastName') || ""; + my $new_comment = "$first $last"; + + unless ($comment eq $new_comment) + { + if ($ldapauth ne 'enabled') + { + system("/usr/sbin/usermod", "-c", "$first $last", $userName) == 0 + or ( $x = 255, warn "Failed to modify comment of (unix) account $userName.\n" ); + } + + my @new_comment = ($new_comment); + my @first = ($first); + my @last = ($last); + $result = $ldap->modify("uid=$userName,ou=Users,$base", + replace => { + givenName => \@first, + sn => \@last, + cn => \@new_comment, + displayName => \@new_comment + } + ); + $result->code && ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify comment/name of (ldap) account $userName.\n" ); + } + + my @new_phone = ($u->prop('Phone')) || (); + my @new_company = ($u->prop('Company')) || (); + my @new_dept = ($u->prop('Dept')) || (); + my @new_city = ($u->prop('City')) || (); + my @new_street = ($u->prop('Street')) || (); + $result = $ldap->modify("uid=$userName,ou=Users,$base", + replace => { + telephoneNumber => \@new_phone, + o => \@new_company, + ou => \@new_dept, + l => \@new_city, + street => \@new_street + } + ); + $result->code && ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify email of (ldap) account $userName.\n" ); + +} + +$ldap->unbind; +exit ($x); diff --git a/root/etc/e-smith/events/actions/user-rsshd b/root/etc/e-smith/events/actions/user-rsshd new file mode 100644 index 0000000..5fc9917 --- /dev/null +++ b/root/etc/e-smith/events/actions/user-rsshd @@ -0,0 +1,57 @@ +#!/usr/bin/perl -w + +package esmith; + +use strict; +use Errno; +use esmith::ConfigDB; +use esmith::AccountsDB; +use File::Temp; + +sub trim { my $s = shift; $s =~ s/^\s+|\s+$//g; return $s }; + +my $conf = esmith::ConfigDB->open_ro; +my $accounts = esmith::AccountsDB->open; + +my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled'; +my $x = 0; # exit value + +my $groupName = 'rsshusers'; +my $gid = getgrnam($groupName); +my $tmpattr = File::Temp->new(); + +my $event = $ARGV[0]; +my $userName = $ARGV[1]; +# finallement get all user +my @users = (not defined $ARGV[1])? $accounts->get_all_by_prop(type => "user" ) : map { $accounts->get($_); } $userName; +my @currents=split /\n/, `/usr/sbin/lid -ng rsshusers`; +@currents=map { trim($_) } @currents; + +# here we could be emptying group, but we might want to let system user on this list. +#if ( $event ~~ ['user-modify','user-create'] ) { +# system("/usr/bin/gpasswd","-M ''", "rsshusers"); +# print "deleting rsshusers group content ..."; +#} + +foreach my $user (@users) { + my $cuser=$user->key; + # we remove users that should not be there + if ( defined $user->prop('Shell') && $user->prop('Shell') ne '/usr/bin/rssh') { + next unless ( "$cuser" ~~ @currents ) ; + system("/usr/bin/gpasswd", "-d", $cuser, "rsshusers"); + next; + } + # next if the user is already there + print $tmpattr "memberUid: $cuser\n"; + next if ( "$cuser" ~~ @currents ) ; + print "Adding user $cuser to group rsshusers"; + system("/usr/sbin/usermod", "-a", "-G", "rsshusers", $cuser); + +} + +# add all users to rsshusers +system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupmod", "-a", "$tmpattr", "$groupName") == 0 +or +system( "/usr/sbin/cpu", "groupadd", "-g", $gid, "-a", "$tmpattr", $groupName ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255 , warn "Failed to create (ldap) group $groupName.\n" ); + +exit ($x); diff --git a/root/etc/e-smith/events/local/.gitignore b/root/etc/e-smith/events/local/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/events/user-modify-admin/.gitignore b/root/etc/e-smith/events/user-modify-admin/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/licenses/.gitignore b/root/etc/e-smith/licenses/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/locale/en b/root/etc/e-smith/locale/en new file mode 120000 index 0000000..bc0aa57 --- /dev/null +++ b/root/etc/e-smith/locale/en @@ -0,0 +1 @@ +en-us \ No newline at end of file diff --git a/root/etc/e-smith/locale/en-au b/root/etc/e-smith/locale/en-au new file mode 120000 index 0000000..bc0aa57 --- /dev/null +++ b/root/etc/e-smith/locale/en-au @@ -0,0 +1 @@ +en-us \ No newline at end of file diff --git a/root/etc/e-smith/locale/en-gb b/root/etc/e-smith/locale/en-gb new file mode 120000 index 0000000..bc0aa57 --- /dev/null +++ b/root/etc/e-smith/locale/en-gb @@ -0,0 +1 @@ +en-us \ No newline at end of file diff --git a/root/etc/e-smith/locale/en-nz b/root/etc/e-smith/locale/en-nz new file mode 120000 index 0000000..bc0aa57 --- /dev/null +++ b/root/etc/e-smith/locale/en-nz @@ -0,0 +1 @@ +en-us \ No newline at end of file diff --git a/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/groups b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/groups new file mode 100755 index 0000000..3a1e36b --- /dev/null +++ b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/groups @@ -0,0 +1,105 @@ + + + + FORM_TITLE + Create, modify, or remove user groups + + + GROUP_TOO_LONG + Error: group name is too long.The maximum is {$maxLength} + characters. + + + ACCOUNT_CONFLICT + Error: the group "{$group}" can't be created because there is + already a {$type} account of that name. + + + INVALID_GROUP_DESCRIPTION + Error: unexpected or missing characters in group + description + + + NO_MEMBERS + Error: no members in group. Did not create new group. + + + CREATED_GROUP + Successfully created user group + + + DELETED_GROUP + Successfully removed user group + + + MODIFIED_GROUP + Successfully modifed user group + + + CREATE_ERROR + An error occurred while creating user group. + + + DELETE_ERROR + An error occurred while removing user group. + + + MODIFY_ERROR + An error occurred while modifying user group. + + + GROUP_NAMING + + + + + GROUP_HAS_MEMBERS + This group contains the following members: + + + NOT_A_GROUP + Error: That is not an existing group account. + + + GROUP_DESC + Brief Description/Windows Group Alias + + + GROUP_DESC_EXPL + Input a brief group description in the field below. + This field also designates the group name viewable by + Windows clients. + + + + + IBAYS_WILL_BE_CHANGED + The following information bays were assigned to this group and + will be changed to the Administrator group (you can change them to + something else afterward): + + + CONFIRM_DELETE_GROUP + Are you sure you wish to remove this group?

+ ]]> + + + CURRENT_LIST + Current list of User Groups

]]> + + + DELETE_DESCRIPTION + {$group}." + ]]> + + diff --git a/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/localnetworks b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/localnetworks new file mode 100755 index 0000000..a33ec08 --- /dev/null +++ b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/localnetworks @@ -0,0 +1,178 @@ + + + + Local networks + Local networks + + + FIRSTPAGE_DESC + +

Add + network + ]]> + + + + ADD_TITLE + Add a local network + + + ADD_DESC +

+ "Router" should be the IP address of the router on your local + network via which the additional network is reached. + ]]> + + + NETWORK_ADDRESS + Network address + + + SUBNET_MASK + Subnet mask + + + INVALID_IP_ADDRESS + Invalid IP address + + + INVALID_SUBNET_MASK + Invalid subnet mask + + + REMOVE_TITLE + Remove local network + + + REMOVE_DESC + You are about to remove the following local network. + + + REMOVE_CONFIRM + Are you sure you wish to remove this network? + + + DEFAULT + default + + + NUMBER_OF_HOSTS + Number of hosts + + + NOT_ACCESSIBLE_FROM_LOCAL_NETWORK + + Error: router address {$networkRouter} is not accessible + from local network. Did not add network. + + + + NETWORK_ALREADY_LOCAL + + Error: network {$network} (derived from network + {$networkAddress} and subnet mask {$networkMask}) + is already considered local. Did not add new network. + + + + NETWORK_ALREADY_ADDED + + Error: network {$network} (derived from network + {$networkAddress} and subnet mask {$networkMask}) + has already been added. Did not add new network. + + + + ERROR_CREATING_NETWORK + + Error occurred while creating network. + + + + SUCCESS + + Successfully added network {$network}/{$networkMask} via router + {$networkRouter}. + + + + SUCCESS_SINGLE_ADDRESS + + Successfully added network {$network}/{$networkMask} via router + {$networkRouter}. + Your server will grant local access + privileges to the single IP address {$network}. + + + + SUCCESS_NETWORK_RANGE + + Successfully added network {$network}/{$networkMask} via router + {$networkRouter}. + Your server will grant local access + privileges to {$totalHosts} IP addresses in the range + {$firstAddr} to {$lastAddr}. + + + + SUCCESS_NONSTANDARD_RANGE + + + Successfully added network {$network}/{$networkMask} via router + {$networkRouter}. +

+

+ Your server will grant local + access privileges to {$totalHosts} IP addresses in the range + {$firstAddr} to {$lastAddr}. +

+

+ Warning: the ProFTPd FTP server cannot + handle this nonstandard subnet mask. The simpler specification + {$simpleMask} will be used instead. +

+ ]]> + + + + SUCCESS_REMOVED_NETWORK + + Successfully removed network {$network}/{$networkMask} via router + {$networkRouter}. + + + + ERROR_DELETING_NETWORK + Error occurred while deleting network. + + + NO_ADDITIONAL_NETWORKS + No additional networks + + + REMOVE_HOSTS_DESC + + Local hosts configured on the network you are about to remove have + been detected. By default, they will also be removed. Uncheck this + box if, for some reason, you do not wish this to happen. Note that + they will not be treated as local, and may not even be reachable, + after this network is removed. + + + + REMOVE_HOSTS_LABEL + Remove hosts on network + + diff --git a/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/reboot b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/reboot new file mode 100755 index 0000000..c341c64 --- /dev/null +++ b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/reboot @@ -0,0 +1,56 @@ + + + + FORM_TITLE + Shutdown or reboot + + + REBOOT + Reboot + + + REBOOT_SUCCEEDED + Reboot request initiated successfully. + + + DESC_REBOOT + Your server has initiated the reboot process. + + + RECONFIGURE_SUCCEEDED + Reconfiguration request initiated successfully. + + + DESC_RECONFIGURE + + Your server has initiated a full system + reconfiguration and reboot. + + + + DESC_SHUTDOWN + Your server has initiated the shutdown process. + The process will take several minutes to complete, after which + you can switch off the power. + + + LABEL_REBOOT + Select Shutdown, Reboot or Reconfigure + + + DESCRIPTION + perform the operation will be initiated immediately, so be ready! + ]]> + + + + Reboot or shutdown + Reboot or shutdown + + diff --git a/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess new file mode 100755 index 0000000..ed8da73 --- /dev/null +++ b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess @@ -0,0 +1,259 @@ + + + + FORM_TITLE + Change remote access settings + + + DESCRIPTION + For each of the options below, the private setting allows anyone + from your local network to access your server. The + public setting allows access from anywhere on the Internet. The no + access setting disables access. To understand the security + implications of changing these options from the default settings, you + should read the user's guide section on remote access. + + + + SUCCESS + The new remote access settings have been saved. + + + NO_ACCESS + No Access + + + PASSWORD_LOGIN_PRIVATE + Accept passwords only from local networks + + + PASSWORD_LOGIN_PUBLIC + Accept passwords from anywhere + + + LABEL_TELNET_ACCESS + Telnet access + + + LABEL_FTP_ACCESS + FTP access + + + LABEL_FTP_LOGIN + FTP password access + + + LABEL_PPTP + Number of PPTP clients + + + NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE + The number of VPN clients is greater than the number of reserved IP for DHCP. You should take a smaller number. + + + LABEL_SSH_PORT + TCP Port for secure shell access + + + LABEL_SSH + Secure shell access + + + LABEL_SSH_ADMIN + Allow administrative command line access over secure shell + + + + LABEL_SSH_PASSWORD_ACCESS + Allow secure shell access using standard passwords + + + DESC_SSH + +

Secure Shell Settings

You can control + Secure Shell + access to your server. + The public setting should only be enabled by + experienced administrators + for remote problem diagnosis and resolution. + We recommend leaving this + parameter set to "No Access" + unless you have a specific reason to do otherwise. + ]]> + + + + DESC_FTP_ACCESS + +

FTP Settings

+ You can also control FTP access to your server. We + recommend leaving this parameter set to 'no access' unless you + have a specific reason to do otherwise. +

+ Note: these settings limit access to the server and override other + settings, including those for individual information bays.

+ ]]> + + + + DESC_FTP_LOGIN + + + Note: a secure shell sftp client can also be used to access the + server, if remote access via the secure shell is enabled. + This method of access protects the + passwords and data of the FTP session, whereas standard FTP + provides no protection.

+ ]]> + + + + DESC_PPTP +

PPTP Settings

+ You can allow PPTP access to your server. + You should leave this feature disabled by setting the value + to the number 0 unless you require PPTP access. + ]]> + + + + DESC_VPN +

VPN Settings

+ You can allow VPN access to your server. + You should leave this feature disabled by setting the value + to the number 0 unless you require VPN access. + ]]> + + + + VALUE_ZERO_OR_POSITIVE + Value must be zero or a positive integer + + + REMOTE_MANAGEMENT + Remote Management + + + VALIDFROM_DESC + +

{$REMOTE_MANAGEMENT}

+

It is possible to allow hosts on remote networks to access the + server manager by entering those networks here. Use a subnet + mask of 255.255.255.255 to limit the access to the specified host. + Any hosts within the specified range will be able to access the + server manager using HTTPS.

+ ]]> + + + + DESC_VALID_FROM_ENTRIES + To add a new remote management network, + enter the details below. + + + + SUBNET_MASK + Subnet mask + + + NUM_OF_HOSTS + Number of hosts + + + NO_ENTRIES_YET + There are no entries yet + + + INVALID_SUBNET_MASK + Invalid subnet mask + + + ERR_INVALID_PARAMS + Either provide both a network and subnet mask, or leave both + fields blank. + + + + ERR_NO_RECORD + Unable to locate httpd-admin record in configuration db + + + Remote access + Remote access + + + LABEL_SERIAL_CONSOLE_ACCESS + Serial console + + + DESC_SERIAL_CONSOLE_ACCESS +

Serial console

+ You can allow access to the server console from a terminal + connected to a server serial port.]]> + + + + PORT1_ENABLED + Enabled on serial port 1 + + + PORT2_ENABLED + Enabled on serial port 2 + + + + LABEL_PPTP_ACCESS + PPTP default user access + + + DESC_TELNET_ACCESS + +

Telnet Settings

+ WARNING: Telnet is currently enabled, but this feature is + no longer supported. Telnet is inherently insecure and should only + be used in circumstances where no practical alternative exists. You + should change option to {$NO_ACCESS} and use + secure shell if remote access is + required. Once disabled, telnet will no longer appear on this + screen. + ]]> + + + + DESC_IPSECRW + IPSEC Client (Roadwarrior) Settings + You can allow IPSEC client access to your server, authenticated by + digital certificates. You should leave this feature disabled by setting the value + to the number 0 unless you require IPSEC client access. + ]]> + + + + LABEL_IPSECRW_SESS + Number of IPSEC clients + + + DESC_IPSECRW_RESET + Any old certificates will no longer + authenticate against the server, so all IPSEC clients will + need to import a new certificate!. + ]]> + + + + LABEL_IPSECRW_RESET + Reset digital certificates + + + DESC_IPSEC_VPN_UNAVAILABLE + IPSEC VPN is not installed. Please install the contrib if you need VPN access. + + diff --git a/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/review b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/review new file mode 100755 index 0000000..1024f12 --- /dev/null +++ b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/review @@ -0,0 +1,130 @@ + + + Review configuration + Review configuration + + + DESCRIPTION + This report summarizes the networking, server, and domain + parameters on this server relevant to configuring + the client computers on your network. You may wish to print this + page and use it as a reference. + + + + NETWORKING_PARAMS + Networking Parameters + + + SERVER_MODE + Server Mode + + + LOCAL_IP_ADDRESS_SUBNET_MASK + Local IP address / subnet mask + + + EXTERNAL_IP_ADDRESS_SUBNET_MASK + External IP address / subnet mask + + + GATEWAY + Gateway + + + ADDITIONAL_LOCAL_NETWORKS + Additional local networks + + + DHCP_SERVER + DHCP server + + + BEGINNING_OF_DHCP_ADDRESS_RANGE + Beginning of DHCP address range + + + END_OF_DHCP_ADDRESS_RANGE + End of DHCP address range + + + SERVER_NAMES + Server names + + + DNS_SERVER + DNS server + + + WEB_SERVER + Web server + + + PROXY_SERVER + Proxy server + + + FTP_SERVER + FTP server + + + SMTP_POP_AND_IMAP_MAIL_SERVERS + SMTP, POP, and IMAP mail servers + + + HOSTS + Hosts + + + DOMAIN_INFORMATION + Domain information + + + PRIMARY_DOMAIN + Primary domain + + + VIRTUAL_DOMAINS + Virtual domains + + + PRIMARY_WEB_SITE + Primary web site + + + MITEL_NETWORKS_SME_SERVER_MANAGER + Server manager + + + MITEL_NETWORKS_SME_SERVER_USER_PASSWORD_PANEL + User password panel + + + EMAIL_ADDRESSES + Email Addresses + + + EMAIL_USERACCOUNT + useraccount + + + EMAIL_FIRSTNAME + firstname + + + EMAIL_LASTNAME + lastname + + + NO_VIRTUAL_DOMAINS + No virtual domains defined + + + NO_NETWORKS + No additional networks defined + + + INTERNET_VISIBLE_ADDRESS + Internet Visible IP Address + + diff --git a/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/useraccounts b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/useraccounts new file mode 100755 index 0000000..dae5302 --- /dev/null +++ b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/useraccounts @@ -0,0 +1,335 @@ + + + + FORM_TITLE + Create, modify, or remove user accounts + + + FIRSTPAGE_DESC + + + Add + user account +

+

+ You can modify, lock or remove any account or reset the + account's password by clicking on the + corresponding command next to the account. +

+

+ If the account is marked as locked, that means that the + user's password needs to be reset. Please note + that newly created accounts are automatically locked until + the password is changed. +

+ ]]> + + + + P2_TITLE + Create or modify + + + CREATE_MODIFY_DESC + + + The account name should contain only lower-case + letters, numbers, hyphens, periods, underscores and should start with a + lower-case letter. For example "betty", + "hjohnson", and "mary-jane" are all valid account names, + but "3friends", "John Smith", and "henry:miller" are not. +

+

+ Note that two special pseudonyms will be created for each + new account. These pseudonyms provide the ability to have + alternative mail accounts for that + user which include their first name and last name + separated with a period (.) and underscore (_). So, for + the account "betty" with first name "Betty" and + last name "Rubble" two pseudonyms are created as + betty.rubble and betty_rubble. +

+

+ The directory information (department, company, etc.) + can be changed from the defaults shown below. The + changes will apply only to this user. +

+ ]]> + + + + MODIFY_ADMIN_TITLE + Modify the admin account + + + USER_CREATED + Successfully created user account. + + + USER_MODIFIED + Successfully modified user account. + + + CANNOT_MODIFY_USER + Error: an internal error occurred while attempting to modify + the user "{$acctName}". + + + + CANNOT_MODIFY_USER_GROUPS + Error: an internal error occurred while attempting to modify + the group "{$group}" for user "{$acctName}". + + + + TAINTED_USER + The account name "{$acctName}" contains invalid characters. + + + ACCOUNT_NAME + Account name + + + FIRSTNAME + First name + + + LASTNAME + Last name + + + DEPARTMENT + Department + + + COMPANY + Company + + + STREET_ADDRESS + Street address + + + CITY + City + + + PHONE_NUMBER + Phone number + + + EMAIL_DELIVERY + Email delivery + + + DELIVER_EMAIL_LOCALLY + Deliver email locally + + + FORWARD_EMAIL + Forward email to address below + + + DELIVER_AND_FORWARD + Both deliver locally and forward + + + FORWARDING_ADDRESS + Forwarding address + + + GROUP_MEMBERSHIPS + Group memberships + + + RESET_DESC + You are about to change the password for the user account + + + RESET_DESC2 + Enter the new password in the fields below + + + ERR_OCCURRED_MODIFYING_PASSWORD + An error occurred while updating the password + + + PASSWORD_CHANGE_SUCCEEDED + Successfully changed password for user "{$acctName}". + + + LOCK_DESC + You are about to lock the user account + + + LOCKED_ACCOUNT + Successfully locked account for user "{$acctName}". + + + NO_SUCH_USER + Error: the user account "{$acctName}" does not exist. + + + PSEUDONYM_CLASH + Error: the pseudonym "{$pseudonym}" is already taken by the + existing user account "{$clashName}". To differentiate, add + initials to this field. + + + LOCK_ACCOUNT + Lock account + + + LOCK_ACCOUNT_TITLE + Lock user account + + + LOCK_DESC2 + + +

+ Are you sure you wish to lock this account? + ]]> + + + + REMOVE_ACCOUNT_TITLE + Remove user account + + + REMOVE_DESC + You are about to remove the user account + + + REMOVE_DESC2 + + +

+ Are you sure you wish to remove this account? + ]]> + + + + LOCK + Lock + + + NO_USER_ACCOUNTS + There are no user accounts on this system. + + + Users + Users + + + ACCT_NAME_HAS_INVALID_CHARS + The account name "{$acctName}" contains invalid characters. + Account names must start with a lower case letter and contain + only lower case letters, numbers, hyphens, periods and underscores. + + + + ACCOUNT_TOO_LONG + Error: account name is too long. The maximum is {$maxLength} + characters. + + + + ACCOUNT_CONFLICT + Error: the account "{$account}" can't be created because + there is already a {$type} account of that name. + + + ERR_OCCURRED_CREATING + An error occurred creating the user. + + + CANNOT_CONTAIN_WHITESPACE + This field cannot contain white-space + + + UNACCEPTABLE_CHARS + + This field must contain only letters, numbers, dots, hypens and + underscores and start with a letter + + + + MEMBER + Member? + + + VPN_CLIENT_ACCESS + VPN Client Access + + + SYSTEM_PASSWORD_FORM_TITLE + Change system password + + + SYSTEM_PASSWORD_DESCRIPTION + + + + + + SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS + Password must contain only printable characters + + + SYSTEM_PASSWORD_VERIFY_ERROR + The two passwords are not identical. + + + SYSTEM_PASSWORD_AUTH_ERROR + The current password is incorrect. + + + SYSTEM_PASSWORD_CHANGED + The system password has been changed. + + + CURRENT_SYSTEM_PASSWORD + Current system password + + + NEW_SYSTEM_PASSWORD + New system password + + + NEW_SYSTEM_PASSWORD_VERIFY + New system password (verify) + + + LABEL_IPSECRW_DOWNLOAD + Download digital certificate to IPSec client + + + ERR_OCCURRED_DELETING + + An error occurred while trying to delete the user. + + + diff --git a/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/userpassword b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/userpassword new file mode 100644 index 0000000..acd01bf --- /dev/null +++ b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/userpassword @@ -0,0 +1,19 @@ + + + + DESCRIPTION + + To change your account password, please fill out the following + form. You will need to provide the name of your account, your + old password, and your desired new password. (You must type the new + password twice.)

+ +

If you cannot change your password because you have forgotten the + old one, your local system administrator can reset your password using + the server manager.

+ ]]> + + + + diff --git a/root/etc/e-smith/locale/fr-ca b/root/etc/e-smith/locale/fr-ca new file mode 120000 index 0000000..717280a --- /dev/null +++ b/root/etc/e-smith/locale/fr-ca @@ -0,0 +1 @@ +fr \ No newline at end of file diff --git a/root/etc/e-smith/locale/fr-fr b/root/etc/e-smith/locale/fr-fr new file mode 120000 index 0000000..717280a --- /dev/null +++ b/root/etc/e-smith/locale/fr-fr @@ -0,0 +1 @@ +fr \ No newline at end of file diff --git a/root/etc/e-smith/pam/.gitignore b/root/etc/e-smith/pam/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/e-smith/Maildir/cur/.gitignore b/root/etc/e-smith/skel/e-smith/Maildir/cur/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/e-smith/Maildir/new/.gitignore b/root/etc/e-smith/skel/e-smith/Maildir/new/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/e-smith/Maildir/tmp/.gitignore b/root/etc/e-smith/skel/e-smith/Maildir/tmp/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/e-smith/files/primary/cgi-bin/.gitignore b/root/etc/e-smith/skel/e-smith/files/primary/cgi-bin/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/e-smith/files/primary/files/.gitignore b/root/etc/e-smith/skel/e-smith/files/primary/files/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/e-smith/files/primary/html/index.htm b/root/etc/e-smith/skel/e-smith/files/primary/html/index.htm new file mode 100644 index 0000000..f075650 --- /dev/null +++ b/root/etc/e-smith/skel/e-smith/files/primary/html/index.htm @@ -0,0 +1,9 @@ + + + + +Under construction + +

This web site is under construction

+ + diff --git a/root/etc/e-smith/skel/e-smith/files/users/admin/home/.gitignore b/root/etc/e-smith/skel/e-smith/files/users/admin/home/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/user/.ssh/.gitignore b/root/etc/e-smith/skel/user/.ssh/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/user/Maildir/cur/.gitignore b/root/etc/e-smith/skel/user/Maildir/cur/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/user/Maildir/new/.gitignore b/root/etc/e-smith/skel/user/Maildir/new/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/user/Maildir/tmp/.gitignore b/root/etc/e-smith/skel/user/Maildir/tmp/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/skel/user/home/.gitignore b/root/etc/e-smith/skel/user/home/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/templates-custom/.gitignore b/root/etc/e-smith/templates-custom/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/templates-user-custom/.gitignore b/root/etc/e-smith/templates-user-custom/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/templates-user/.gitignore b/root/etc/e-smith/templates-user/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/templates.metadata/etc/cpu-system.conf b/root/etc/e-smith/templates.metadata/etc/cpu-system.conf new file mode 100644 index 0000000..a503628 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/cpu-system.conf @@ -0,0 +1,4 @@ +PERMS=0600 +TEMPLATE_PATH="/etc/cpu.conf" +OUTPUT_FILENAME="/etc/cpu-system.conf" +MORE_DATA={ ACCOUNT => "system" } diff --git a/root/etc/e-smith/templates.metadata/etc/cpu.conf b/root/etc/e-smith/templates.metadata/etc/cpu.conf new file mode 100644 index 0000000..621a188 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/cpu.conf @@ -0,0 +1,2 @@ +PERMS=0600 +MORE_DATA={ ACCOUNT => "user" } diff --git a/root/etc/e-smith/templates.metadata/etc/dhcpd.conf b/root/etc/e-smith/templates.metadata/etc/dhcpd.conf new file mode 100644 index 0000000..dfa3377 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/dhcpd.conf @@ -0,0 +1,3 @@ +PERMS=0644 +UID="root" +GID="root" diff --git a/root/etc/e-smith/templates.metadata/etc/e-smith/pam/accounts.allow b/root/etc/e-smith/templates.metadata/etc/e-smith/pam/accounts.allow new file mode 100644 index 0000000..d102826 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/e-smith/pam/accounts.allow @@ -0,0 +1 @@ +PERMS=0600 diff --git a/root/etc/e-smith/templates.metadata/etc/e-smith/pam/accounts.deny b/root/etc/e-smith/templates.metadata/etc/e-smith/pam/accounts.deny new file mode 100644 index 0000000..d102826 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/e-smith/pam/accounts.deny @@ -0,0 +1 @@ +PERMS=0600 diff --git a/root/etc/e-smith/templates.metadata/etc/e-smith/pam/users.allow b/root/etc/e-smith/templates.metadata/etc/e-smith/pam/users.allow new file mode 100644 index 0000000..d102826 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/e-smith/pam/users.allow @@ -0,0 +1 @@ +PERMS=0600 diff --git a/root/etc/e-smith/templates.metadata/etc/fstab b/root/etc/e-smith/templates.metadata/etc/fstab new file mode 100644 index 0000000..5e9a173 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/fstab @@ -0,0 +1 @@ +FILTER=sub { $_[0] =~ /^\s*$/ ? '' : $_[0] } diff --git a/root/etc/e-smith/templates.metadata/etc/pam.d/pwauth b/root/etc/e-smith/templates.metadata/etc/pam.d/pwauth new file mode 100644 index 0000000..4f6709c --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/pam.d/pwauth @@ -0,0 +1 @@ +PERMS=0444 diff --git a/root/etc/e-smith/templates.metadata/etc/pam_ldap.secret b/root/etc/e-smith/templates.metadata/etc/pam_ldap.secret new file mode 100644 index 0000000..d102826 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/pam_ldap.secret @@ -0,0 +1 @@ +PERMS=0600 diff --git a/root/etc/e-smith/templates.metadata/etc/ppp/chap-secrets b/root/etc/e-smith/templates.metadata/etc/ppp/chap-secrets new file mode 100644 index 0000000..0c7fc96 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/ppp/chap-secrets @@ -0,0 +1,3 @@ +UID="root" +GID="root" +PERMS=0600 diff --git a/root/etc/e-smith/templates.metadata/etc/ppp/ip-down.local b/root/etc/e-smith/templates.metadata/etc/ppp/ip-down.local new file mode 100644 index 0000000..a8eddc0 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/ppp/ip-down.local @@ -0,0 +1,3 @@ +UID="root" +GID="daemon" +PERMS=0755 diff --git a/root/etc/e-smith/templates.metadata/etc/ppp/ip-up.local b/root/etc/e-smith/templates.metadata/etc/ppp/ip-up.local new file mode 100644 index 0000000..a8eddc0 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/ppp/ip-up.local @@ -0,0 +1,3 @@ +UID="root" +GID="daemon" +PERMS=0755 diff --git a/root/etc/e-smith/templates.metadata/etc/ppp/pap-secrets b/root/etc/e-smith/templates.metadata/etc/ppp/pap-secrets new file mode 100644 index 0000000..0c7fc96 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/ppp/pap-secrets @@ -0,0 +1,3 @@ +UID="root" +GID="root" +PERMS=0600 diff --git a/root/etc/e-smith/templates.metadata/etc/securetty b/root/etc/e-smith/templates.metadata/etc/securetty new file mode 100644 index 0000000..d102826 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/securetty @@ -0,0 +1 @@ +PERMS=0600 diff --git a/root/etc/e-smith/templates.metadata/etc/sysconfig/i18n b/root/etc/e-smith/templates.metadata/etc/sysconfig/i18n new file mode 100644 index 0000000..5e9a173 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/sysconfig/i18n @@ -0,0 +1 @@ +FILTER=sub { $_[0] =~ /^\s*$/ ? '' : $_[0] } diff --git a/root/etc/e-smith/templates.metadata/etc/sysconfig/network-scripts/ifcfg-bond0 b/root/etc/e-smith/templates.metadata/etc/sysconfig/network-scripts/ifcfg-bond0 new file mode 100644 index 0000000..c1003c6 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/sysconfig/network-scripts/ifcfg-bond0 @@ -0,0 +1,3 @@ +TEMPLATE_PATH="/etc/sysconfig/network-scripts/ifcfg-ethX" +OUTPUT_FILENAME="/etc/sysconfig/network-scripts/ifcfg-bond0" +MORE_DATA={ THIS_DEVICE => "bond0" } diff --git a/root/etc/e-smith/templates.metadata/home/e-smith/ssl.crt/crt b/root/etc/e-smith/templates.metadata/home/e-smith/ssl.crt/crt new file mode 100644 index 0000000..a157492 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/home/e-smith/ssl.crt/crt @@ -0,0 +1,2 @@ +TEMPLATE_PATH="/home/e-smith/ssl.crt" +OUTPUT_FILENAME=use esmith::ConfigDB; my $c = esmith::ConfigDB->open_ro; my $s = $c->get('SystemName')->value; my $d = $c->get('DomainName')->value; "/home/e-smith/ssl.crt/$s.$d.crt" diff --git a/root/etc/e-smith/templates.metadata/home/e-smith/ssl.key/key b/root/etc/e-smith/templates.metadata/home/e-smith/ssl.key/key new file mode 100644 index 0000000..6b98e1a --- /dev/null +++ b/root/etc/e-smith/templates.metadata/home/e-smith/ssl.key/key @@ -0,0 +1,2 @@ +TEMPLATE_PATH="/home/e-smith/ssl.key" +OUTPUT_FILENAME=use esmith::ConfigDB; my $c = esmith::ConfigDB->open_ro; my $s = $c->get('SystemName')->value; my $d = $c->get('DomainName')->value; "/home/e-smith/ssl.key/$s.$d.key" diff --git a/root/etc/e-smith/templates.metadata/home/e-smith/ssl.pem/pem b/root/etc/e-smith/templates.metadata/home/e-smith/ssl.pem/pem new file mode 100644 index 0000000..92dbbcd --- /dev/null +++ b/root/etc/e-smith/templates.metadata/home/e-smith/ssl.pem/pem @@ -0,0 +1,2 @@ +TEMPLATE_PATH="/home/e-smith/ssl.pem" +OUTPUT_FILENAME=use esmith::ConfigDB; my $c = esmith::ConfigDB->open_ro; my $s = $c->get('SystemName')->value; my $d = $c->get('DomainName')->value; "/home/e-smith/ssl.pem/$s.$d.pem" diff --git a/root/etc/e-smith/templates.metadata/var/lib/dhclient/dhclient-eth0.conf b/root/etc/e-smith/templates.metadata/var/lib/dhclient/dhclient-eth0.conf new file mode 100644 index 0000000..fabc497 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/var/lib/dhclient/dhclient-eth0.conf @@ -0,0 +1,3 @@ +TEMPLATE_PATH="/var/lib/dhclient/dhclient.conf" +OUTPUT_FILENAME="/var/lib/dhclient/dhclient-eth0.conf" +MORE_DATA={ THIS_DEVICE => "eth0" } diff --git a/root/etc/e-smith/templates.metadata/var/lib/dhclient/dhclient-eth1.conf b/root/etc/e-smith/templates.metadata/var/lib/dhclient/dhclient-eth1.conf new file mode 100644 index 0000000..a835161 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/var/lib/dhclient/dhclient-eth1.conf @@ -0,0 +1,3 @@ +TEMPLATE_PATH="/var/lib/dhclient/dhclient.conf" +OUTPUT_FILENAME="/var/lib/dhclient/dhclient-eth1.conf" +MORE_DATA={ THIS_DEVICE => "eth1" } diff --git a/root/etc/e-smith/templates.metadata/var/service/wan/pppoe.pppd.conf b/root/etc/e-smith/templates.metadata/var/service/wan/pppoe.pppd.conf new file mode 100644 index 0000000..d102826 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/var/service/wan/pppoe.pppd.conf @@ -0,0 +1 @@ +PERMS=0600 diff --git a/root/etc/e-smith/templates.metadata/var/service/wan/run.pppoe.conf b/root/etc/e-smith/templates.metadata/var/service/wan/run.pppoe.conf new file mode 100644 index 0000000..d102826 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/var/service/wan/run.pppoe.conf @@ -0,0 +1 @@ +PERMS=0600 diff --git a/root/etc/e-smith/templates/etc/HOSTNAME/50hostname b/root/etc/e-smith/templates/etc/HOSTNAME/50hostname new file mode 100644 index 0000000..96924f3 --- /dev/null +++ b/root/etc/e-smith/templates/etc/HOSTNAME/50hostname @@ -0,0 +1 @@ +{ $SystemName } diff --git a/root/etc/e-smith/templates/etc/cpu.conf/00header b/root/etc/e-smith/templates/etc/cpu.conf/00header new file mode 100644 index 0000000..e59d1fb --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/00header @@ -0,0 +1,3 @@ +[GLOBAL] +DEFAULT_METHOD = ldap + diff --git a/root/etc/e-smith/templates/etc/cpu.conf/05ldap b/root/etc/e-smith/templates/etc/cpu.conf/05ldap new file mode 100644 index 0000000..85062ef --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/05ldap @@ -0,0 +1,4 @@ +[LDAP] +LDAP_HOST = localhost +LDAP_PORT = 389 + diff --git a/root/etc/e-smith/templates/etc/cpu.conf/10bindpw b/root/etc/e-smith/templates/etc/cpu.conf/10bindpw new file mode 100644 index 0000000..7006fa6 --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/10bindpw @@ -0,0 +1,2 @@ +BIND_DN = "cn=root,{ esmith::util::ldapBase ($DomainName); }" +BIND_PASS = { esmith::util::LdapPassword (); } diff --git a/root/etc/e-smith/templates/etc/cpu.conf/15defaultObjectClass b/root/etc/e-smith/templates/etc/cpu.conf/15defaultObjectClass new file mode 100644 index 0000000..0d86411 --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/15defaultObjectClass @@ -0,0 +1,10 @@ +{ + +our @userObjectClass = qw(inetOrgPerson posixAccount shadowAccount); +our @systemUserObjectClass =qw(account posixAccount shadowAccount); +our @groupObjectClass = qw(posixGroup mailboxRelatedObject); +our @systemGroupObjectClass = qw(posixGroup); + +$OUT .= ""; + +} diff --git a/root/etc/e-smith/templates/etc/cpu.conf/20objectClass b/root/etc/e-smith/templates/etc/cpu.conf/20objectClass new file mode 100644 index 0000000..ae20e3a --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/20objectClass @@ -0,0 +1,15 @@ +{ +if ($ACCOUNT eq 'system'){ + $OUT .= "USER_OBJECT_CLASS = " . join(",",@systemUserObjectClass) . "\n"; + $OUT .= "GROUP_OBJECT_CLASS = " . join(",",@systemGroupObjectClass) . "\n"; +} +else{ + $OUT .= "USER_OBJECT_CLASS = " . join(",",@userObjectClass) . "\n"; + $OUT .= "GROUP_OBJECT_CLASS = " . join(",",@groupObjectClass) . "\n"; + +} + +$OUT .= "USER_BASE = ou=Users," . esmith::util::ldapBase ($DomainName) . "\n"; +$OUT .= "GROUP_BASE = ou=Groups," . esmith::util::ldapBase ($DomainName) ."\n"; + +} diff --git a/root/etc/e-smith/templates/etc/cpu.conf/25filter b/root/etc/e-smith/templates/etc/cpu.conf/25filter new file mode 100644 index 0000000..17bb889 --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/25filter @@ -0,0 +1,2 @@ +USER_FILTER = (objectClass=posixAccount) +GROUP_FILTER = (objectClass=posixGroup) diff --git a/root/etc/e-smith/templates/etc/cpu.conf/30cnString b/root/etc/e-smith/templates/etc/cpu.conf/30cnString new file mode 100644 index 0000000..1bc80bc --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/30cnString @@ -0,0 +1,2 @@ +USER_CN_STRING = uid +GROUP_CN_STRING = cn diff --git a/root/etc/e-smith/templates/etc/cpu.conf/35skel b/root/etc/e-smith/templates/etc/cpu.conf/35skel new file mode 100644 index 0000000..cf0414e --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/35skel @@ -0,0 +1 @@ +SKEL_DIR = /etc/e-smith/skel/user diff --git a/root/etc/e-smith/templates/etc/cpu.conf/40shell b/root/etc/e-smith/templates/etc/cpu.conf/40shell new file mode 100644 index 0000000..2332020 --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/40shell @@ -0,0 +1 @@ +DEFAULT_SHELL = /usr/bin/rssh diff --git a/root/etc/e-smith/templates/etc/cpu.conf/45homeDir b/root/etc/e-smith/templates/etc/cpu.conf/45homeDir new file mode 100644 index 0000000..0cf5a3b --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/45homeDir @@ -0,0 +1 @@ +HOME_DIRECTORY = /home/e-smith/files/users diff --git a/root/etc/e-smith/templates/etc/cpu.conf/50uidGid b/root/etc/e-smith/templates/etc/cpu.conf/50uidGid new file mode 100644 index 0000000..103fd92 --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/50uidGid @@ -0,0 +1,8 @@ +MAX_UIDNUMBER = 10000 +MIN_UIDNUMBER = 100 +MAX_GIDNUMBER = 10000 +MIN_GIDNUMBER = 101 +ID_MAX_PASSES = 1000 +USERGROUPS = yes +USERS_GID = 100 +RANDOM = "false" diff --git a/root/etc/e-smith/templates/etc/cpu.conf/55passwdShadow b/root/etc/e-smith/templates/etc/cpu.conf/55passwdShadow new file mode 100644 index 0000000..0ce758e --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/55passwdShadow @@ -0,0 +1,2 @@ +PASSWORD_FILE = "/etc/passfile" +SHADOW_FILE = "/etc/shadowfile" diff --git a/root/etc/e-smith/templates/etc/cpu.conf/60hash b/root/etc/e-smith/templates/etc/cpu.conf/60hash new file mode 100644 index 0000000..e707d79 --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/60hash @@ -0,0 +1 @@ +HASH = "crypt" diff --git a/root/etc/e-smith/templates/etc/cpu.conf/65shadow b/root/etc/e-smith/templates/etc/cpu.conf/65shadow new file mode 100644 index 0000000..3d674a5 --- /dev/null +++ b/root/etc/e-smith/templates/etc/cpu.conf/65shadow @@ -0,0 +1,7 @@ +SHADOWLASTCHANGE = 11192 +SHADOWMAX = 99999 +SHADOWWARING = 7 +SHADOWEXPIRE = -1 +SHADOWFLAG = 134538308 +SHADOWMIN = -1 +SHADOWINACTIVE = -1 diff --git a/root/etc/e-smith/templates/etc/crontab/00setup b/root/etc/e-smith/templates/etc/crontab/00setup new file mode 100644 index 0000000..8480498 --- /dev/null +++ b/root/etc/e-smith/templates/etc/crontab/00setup @@ -0,0 +1,4 @@ +SHELL=/bin/bash +PATH=/sbin:/bin:/usr/sbin:/usr/bin +MAILTO=root + diff --git a/root/etc/e-smith/templates/etc/crontab/65_logrotate b/root/etc/e-smith/templates/etc/crontab/65_logrotate new file mode 100644 index 0000000..699add3 --- /dev/null +++ b/root/etc/e-smith/templates/etc/crontab/65_logrotate @@ -0,0 +1,18 @@ +{ + my $interval = $logrotate{"interval"} || "7"; + + $OUT = ""; + + # Add cron rules to do custom log rotation + + # Just for now, do it each morning. Add logic here if we want + # to be able to tune the frequency + my $minute = 12; + my $hour = 01; + my $day = "*/$interval"; + + $OUT .= "# logrotate\n"; + $OUT .= "$minute $hour $day * * root\t"; + $OUT .= "/sbin/e-smith/signal-event logrotate\n"; +} + diff --git a/root/etc/e-smith/templates/etc/dhcp/dhcpd.conf/10Base b/root/etc/e-smith/templates/etc/dhcp/dhcpd.conf/10Base new file mode 100644 index 0000000..21a4531 --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcp/dhcpd.conf/10Base @@ -0,0 +1,6 @@ +# +# DHCP Server Configuration file. +# see /usr/share/doc/dhcp*/dhcpd.conf.sample +# see 'man 5 dhcpd.conf' +# +# The dhcpd configuration file is located at /etc/dhcpd.conf diff --git a/root/etc/e-smith/templates/etc/dhcpc/dhcpcd.exe/template-begin b/root/etc/e-smith/templates/etc/dhcpc/dhcpcd.exe/template-begin new file mode 120000 index 0000000..24073c1 --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpc/dhcpcd.exe/template-begin @@ -0,0 +1 @@ +/etc/e-smith/templates-default/template-begin-shell \ No newline at end of file diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/02setupRange b/root/etc/e-smith/templates/etc/dhcpd.conf/02setupRange new file mode 100644 index 0000000..eb2603e --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/02setupRange @@ -0,0 +1,6 @@ +{ + # Setup start and end of Dynamic IP range. + $startDynamicIPRange = $dhcpd{'start'}; + $endDynamicIPRange = $dhcpd{'end'}; + ""; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/02setupWinsServer b/root/etc/e-smith/templates/etc/dhcpd.conf/02setupWinsServer new file mode 100644 index 0000000..6868fea --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/02setupWinsServer @@ -0,0 +1,5 @@ +{ + $DHCP_WINSServer = $DB->wins_server; + + ""; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/10Authoritative b/root/etc/e-smith/templates/etc/dhcpd.conf/10Authoritative new file mode 100644 index 0000000..6eaf27e --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/10Authoritative @@ -0,0 +1 @@ +authoritative; diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/10DDNS-Update-Style b/root/etc/e-smith/templates/etc/dhcpd.conf/10DDNS-Update-Style new file mode 100644 index 0000000..27dedf6 --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/10DDNS-Update-Style @@ -0,0 +1 @@ +ddns-update-style none; diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/20BeginLocalSubnet b/root/etc/e-smith/templates/etc/dhcpd.conf/20BeginLocalSubnet new file mode 100644 index 0000000..0dc0e40 --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/20BeginLocalSubnet @@ -0,0 +1,8 @@ +{ + my $ipaddrBits = esmith::util::IPquadToAddr ($LocalIP); + my $netmaskBits = esmith::util::IPquadToAddr ($LocalNetmask); + + local $network = esmith::util::IPaddrToQuad ($ipaddrBits & $netmaskBits); + + $OUT .= "subnet $network netmask $LocalNetmask\n\{"; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25Broadcast b/root/etc/e-smith/templates/etc/dhcpd.conf/25Broadcast new file mode 100644 index 0000000..2af6c33 --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25Broadcast @@ -0,0 +1,8 @@ +{ + my $ipaddrBits = esmith::util::IPquadToAddr ($LocalIP); + my $netmaskBits = esmith::util::IPquadToAddr ($LocalNetmask); + + local $broadcast = esmith::util::IPaddrToQuad ($ipaddrBits | (~ $netmaskBits)); + + $OUT .= " option broadcast-address $broadcast;"; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25DenyBootp b/root/etc/e-smith/templates/etc/dhcpd.conf/25DenyBootp new file mode 100644 index 0000000..0607d6d --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25DenyBootp @@ -0,0 +1,4 @@ +{ + my $bootp = $dhcpd{'Bootp'} || 'deny'; + $OUT = "$bootp bootp;"; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25DomainName b/root/etc/e-smith/templates/etc/dhcpd.conf/25DomainName new file mode 100644 index 0000000..1706e3f --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25DomainName @@ -0,0 +1,3 @@ +{ + $OUT .= " option domain-name \"$DomainName\";"; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25DomainNameServers b/root/etc/e-smith/templates/etc/dhcpd.conf/25DomainNameServers new file mode 100644 index 0000000..b170abf --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25DomainNameServers @@ -0,0 +1,17 @@ +{ + my @dnsserv; + my $dnscustom = $DB->get_prop('dhcpd', 'dnscustom') || 'disabled'; + if ( $dnscustom eq 'enabled') { + push @dnsserv,$DB->get_prop('dhcpd', 'dns1server') if $DB->get_prop('dhcpd', 'dns1server') && $DB->get_prop('dhcpd', 'dns1server') ne ""; + push @dnsserv,$DB->get_prop('dhcpd', 'dns2server') if $DB->get_prop('dhcpd', 'dns2server') && $DB->get_prop('dhcpd', 'dns2server') ne ""; + push @dnsserv,$DB->get_prop('dhcpd', 'dns3server') if $DB->get_prop('dhcpd', 'dns3server') && $DB->get_prop('dhcpd', 'dns3server') ne ""; + } + # force our own dhcp server unless there is already 2 or more + push @dnsserv,$LocalIP unless ( scalar(@dnsserv) >=2) ; + # remove duplicates, so you can put twice the same to avoid our own dhcp server + # most clients support up to 3 dns server or ignore the third one + @dnsserv= do { my %seen; grep { !$seen{$_}++ } @dnsserv}; + + $OUT = " option domain-name-servers ". join(",", @dnsserv) .";"; +} + diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25LeaseTimeDefault b/root/etc/e-smith/templates/etc/dhcpd.conf/25LeaseTimeDefault new file mode 100644 index 0000000..72c4ef6 --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25LeaseTimeDefault @@ -0,0 +1 @@ + default-lease-time { $DB->get_prop('dhcpd', 'leasetime') || 86400 }; diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25LeaseTimeMax b/root/etc/e-smith/templates/etc/dhcpd.conf/25LeaseTimeMax new file mode 100644 index 0000000..bdd1aea --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25LeaseTimeMax @@ -0,0 +1 @@ + max-lease-time { 7*($DB->get_prop('dhcpd', 'leasetime') || 86400) }; diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosDDServer b/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosDDServer new file mode 100644 index 0000000..f08fada --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosDDServer @@ -0,0 +1,5 @@ +{ + return "" unless $DHCP_WINSServer; + + return " option netbios-dd-server $DHCP_WINSServer;"; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosNameServers b/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosNameServers new file mode 100644 index 0000000..bbfc628 --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosNameServers @@ -0,0 +1,5 @@ +{ + return "" unless $DHCP_WINSServer; + + return " option netbios-name-servers $DHCP_WINSServer;"; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosNodeType b/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosNodeType new file mode 100644 index 0000000..a8bc58b --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25NetbiosNodeType @@ -0,0 +1,7 @@ +{ + my $server_role = $smb{ServerRole} || 'WS'; + + return "" unless $server_role =~ m{^(PDC|ADS)$}; + + return " option netbios-node-type 8;"; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25Netmask b/root/etc/e-smith/templates/etc/dhcpd.conf/25Netmask new file mode 100644 index 0000000..fe03e5d --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25Netmask @@ -0,0 +1 @@ + option subnet-mask { $LocalNetmask }; diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25Range b/root/etc/e-smith/templates/etc/dhcpd.conf/25Range new file mode 100644 index 0000000..39907d5 --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25Range @@ -0,0 +1,3 @@ +{ + $OUT .= " range $startDynamicIPRange $endDynamicIPRange;"; +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/25Routers b/root/etc/e-smith/templates/etc/dhcpd.conf/25Routers new file mode 100644 index 0000000..19b0bde --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/25Routers @@ -0,0 +1,21 @@ +{ + + my $dhcpgatewaycustom = $DB->get_prop('dhcpd', 'gatewaycustom'); + my $dhcpgateway= $DB->get_prop('dhcpd', 'gateway')||'disabled'; + if ($dhcpgatewaycustom eq 'enabled') + { + $OUT .= " option routers $dhcpgateway;"; + } + else + { + my $router = (defined $SystemMode && $SystemMode =~ /servergateway/) + ? $LocalIP : + defined $GatewayIP ? $GatewayIP : undef; + + $OUT = ""; + if ($router) + { + $OUT .= " option routers $router;"; + } + } +} diff --git a/root/etc/e-smith/templates/etc/dhcpd.conf/29EndLocalSubnet b/root/etc/e-smith/templates/etc/dhcpd.conf/29EndLocalSubnet new file mode 100644 index 0000000..dbea7aa --- /dev/null +++ b/root/etc/e-smith/templates/etc/dhcpd.conf/29EndLocalSubnet @@ -0,0 +1 @@ +\} diff --git a/root/etc/e-smith/templates/etc/diald.conf/accounting-log b/root/etc/e-smith/templates/etc/diald.conf/accounting-log new file mode 100644 index 0000000..bbc554b --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/accounting-log @@ -0,0 +1 @@ +accounting-log /var/log/diald/accounting.log diff --git a/root/etc/e-smith/templates/etc/diald.conf/connect b/root/etc/e-smith/templates/etc/diald.conf/connect new file mode 100644 index 0000000..b5ad46b --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/connect @@ -0,0 +1,13 @@ +{ + my $isdn = $isdn{'status'} || "disabled"; + my $sync = $isdn{'UseSyncPPP'} || "yes"; + if ($isdn eq "enabled" && $sync eq "yes") + { + $OUT = "connect /etc/diald/scripts/connect"; + } + else + { + $OUT = 'connect "/usr/sbin/chat -v -f ' . + '/etc/sysconfig/network-scripts/chat-ppp0"'; + } +} diff --git a/root/etc/e-smith/templates/etc/diald.conf/connect-timeout b/root/etc/e-smith/templates/etc/diald.conf/connect-timeout new file mode 100644 index 0000000..51cc1fc --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/connect-timeout @@ -0,0 +1 @@ +connect-timeout 90 diff --git a/root/etc/e-smith/templates/etc/diald.conf/device b/root/etc/e-smith/templates/etc/diald.conf/device new file mode 100644 index 0000000..e0fb145 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/device @@ -0,0 +1,12 @@ +device { + my $isdn = $isdn{'status'} || "disabled"; + if ($isdn eq "enabled") + { + my $sync = $isdn{'UseSyncPPP'} || "yes"; + $OUT = ($sync eq "yes") ? "ippp0" : "$DialupModemDevice"; + } + else + { + $OUT = "$DialupModemDevice"; + } +} diff --git a/root/etc/e-smith/templates/etc/diald.conf/dial-fail-limit b/root/etc/e-smith/templates/etc/diald.conf/dial-fail-limit new file mode 100644 index 0000000..bdd2d7d --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/dial-fail-limit @@ -0,0 +1,6 @@ +{ + my $faillimit = $diald{DialFailLimit}; + $OUT = defined $faillimit ? + "dial-fail-limit $faillimit" : + "#dial-fail-limit/diald{DialFailLimit} is not defined"; +} diff --git a/root/etc/e-smith/templates/etc/diald.conf/disconnect b/root/etc/e-smith/templates/etc/diald.conf/disconnect new file mode 100644 index 0000000..d45b3b7 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/disconnect @@ -0,0 +1,9 @@ +{ + $OUT = ""; + my $isdn = $isdn{'status'} || "disabled"; + my $sync = $isdn{'UseSyncPPP'} || "yes"; + if ($isdn eq "enabled" && $sync eq "yes") + { + $OUT = "disconnect /etc/diald/scripts/disconnect"; + } +} diff --git a/root/etc/e-smith/templates/etc/diald.conf/fifo b/root/etc/e-smith/templates/etc/diald.conf/fifo new file mode 100644 index 0000000..bd088bd --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/fifo @@ -0,0 +1 @@ +fifo /etc/diald/diald.ctl diff --git a/root/etc/e-smith/templates/etc/diald.conf/filter b/root/etc/e-smith/templates/etc/diald.conf/filter new file mode 100644 index 0000000..8708574 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/filter @@ -0,0 +1 @@ +include /etc/diald.filter diff --git a/root/etc/e-smith/templates/etc/diald.conf/linkname b/root/etc/e-smith/templates/etc/diald.conf/linkname new file mode 100644 index 0000000..3a1b378 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/linkname @@ -0,0 +1 @@ +linkname "default" diff --git a/root/etc/e-smith/templates/etc/diald.conf/local b/root/etc/e-smith/templates/etc/diald.conf/local new file mode 100644 index 0000000..4c946f1 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/local @@ -0,0 +1 @@ +local { $LocalIP } diff --git a/root/etc/e-smith/templates/etc/diald.conf/options b/root/etc/e-smith/templates/etc/diald.conf/options new file mode 100644 index 0000000..e8f0db6 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/options @@ -0,0 +1,11 @@ +{ + my $isdn = $isdn{'status'} || "disabled"; + my $sync = $isdn{'UseSyncPPP'} || "yes"; + $OUT .= ($isdn eq "enabled" && $sync eq "yes") ? + "mode dev" : "mode ppp"; +} +modem +lock +crtscts +dynamic +defaultroute diff --git a/root/etc/e-smith/templates/etc/diald.conf/pppd-options b/root/etc/e-smith/templates/etc/diald.conf/pppd-options new file mode 100644 index 0000000..d50ac62 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/pppd-options @@ -0,0 +1,18 @@ +{ + $OUT = ""; + my $isdn = $isdn{'status'} || "disabled"; + my $sync = $isdn{'UseSyncPPP'} || "yes"; + return if ($isdn eq "enabled" && $sync eq "yes"); + + $OUT .= "pppd-options name \"$DialupUserAccount\" noauth noipdefault "; + if ($DialupModemDevice eq '/dev/ttyI0') + { + $OUT .= "sync "; + } + my $debug = $diald{debug} || $diald{Debug} || "no"; + if ($debug eq "yes") + { + $OUT .= "debug "; + } + $OUT .= "ipparam diald"; +} diff --git a/root/etc/e-smith/templates/etc/diald.conf/redial-backoff-limit b/root/etc/e-smith/templates/etc/diald.conf/redial-backoff-limit new file mode 100644 index 0000000..e581427 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/redial-backoff-limit @@ -0,0 +1 @@ +redial-backoff-limit { $diald{RedialBackoffLimit} || "21600" } diff --git a/root/etc/e-smith/templates/etc/diald.conf/redial-backoff-start b/root/etc/e-smith/templates/etc/diald.conf/redial-backoff-start new file mode 100644 index 0000000..a24abbb --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/redial-backoff-start @@ -0,0 +1 @@ +redial-backoff-start { $diald{RedialBackoffStart} || "3" } diff --git a/root/etc/e-smith/templates/etc/diald.conf/redial-timeout b/root/etc/e-smith/templates/etc/diald.conf/redial-timeout new file mode 100644 index 0000000..881527f --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/redial-timeout @@ -0,0 +1 @@ +redial-timeout { $diald{RedialTimeout} || "10" } diff --git a/root/etc/e-smith/templates/etc/diald.conf/remote b/root/etc/e-smith/templates/etc/diald.conf/remote new file mode 100644 index 0000000..1163650 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/remote @@ -0,0 +1 @@ +remote 0.0.0.0 diff --git a/root/etc/e-smith/templates/etc/diald.conf/retry-count b/root/etc/e-smith/templates/etc/diald.conf/retry-count new file mode 100644 index 0000000..e4dd8cb --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/retry-count @@ -0,0 +1 @@ +retry-count 3 diff --git a/root/etc/e-smith/templates/etc/diald.conf/speed b/root/etc/e-smith/templates/etc/diald.conf/speed new file mode 100644 index 0000000..2a4ec74 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.conf/speed @@ -0,0 +1 @@ +speed 115200 diff --git a/root/etc/e-smith/templates/etc/diald.filter/20office b/root/etc/e-smith/templates/etc/diald.filter/20office new file mode 100644 index 0000000..05830db --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.filter/20office @@ -0,0 +1,174 @@ +{ + my $policy = $DialupConnOffice; + $OUT .= "\n"; + $OUT .= "#------------------------------------------------------------\n"; + $OUT .= "# Use \"$policy\" connect policy during office "; + $OUT .= "hours on weekdays\n"; + $OUT .= "#------------------------------------------------------------\n"; + $OUT .= "\n"; + $OUT .= "restrict 8:00:00 17:59:59 1-5 * *\n"; + $OUT .= "\n"; + + if ($policy eq 'continuous') + { + $OUT .= "up\n"; + } + elsif ($policy eq 'never') + { + $OUT .= "down\n"; + } + else + { + #-------------------------------------------------- + # "short" policy: HTTP transfers get 3 minutes, + # everything else gets 30 seconds. + #-------------------------------------------------- + + my $httpHold = 180; + my $otherHold = 30; + + if ($policy eq 'medium') + { + #-------------------------------------------------- + # "medium" policy: HTTP transfers get 10 minutes, + # everything else gets 5 minutes. + #-------------------------------------------------- + + $httpHold = 600; + $otherHold = 300; + } + elsif ($policy eq 'long') + { + #-------------------------------------------------- + # "long" policy: HTTP transfers get 20 minutes, + # everything else gets 10 minutes. + #-------------------------------------------------- + + $httpHold = 1200; + $otherHold = 600; + } + + #------------------------ + # Rules for TCP packets. + #------------------------ + + # If we force the line up (for example to trigger fetchmail) + # but no packets are sent, specify how long to hold the line + # up: + + $OUT .= "first-packet-timeout $otherHold\n"; + + # The first rule is designed to give the link 30 seconds up time + # when we are initiating a TCP connection. The idea here is to deal + # with possibility that the network on the opposite end of the + # connection is unreachable. In this case you don't really want to + # give the link 10 minutes up time. With the rule below we only give + # the link 30 seconds initially. If the network is reachable then + # we will normally get a response that actually contains some data + # within 30 seconds. If this causes problems because you have a + # slow response time at some site you want to regularly access, you + # can either increase the timeout or remove this rule. + + $OUT .= "accept tcp 30 tcp.syn\n"; + + # If you are running named, then it will send data across the link + # periodically to synchronize against other domain name servers. + # Since this can happen at any time, it is undesirable to keep the + # link up for it. Therefore, we ignore any tcp traffic from or to a + # domain name server. + + $OUT .= "ignore tcp tcp.dest=tcp.domain\n"; + $OUT .= "ignore tcp tcp.source=tcp.domain\n"; + + # Normally the packet that starts a connection is longer that 40 + # bytes, since it normally contains TCP options to specify the MSS. + # However, some TCP implementations don't include these options. + # Therefore, we must be careful not to ignore SYN packets that are + # only 40 bytes long. + + $OUT .= "accept tcp 30 ip.tot_len=40,tcp.syn\n"; + + # Otherwise, we want to ignore any TCP packet that is only 40 bytes + # long, since it is not carrying any data. However, we don't want to + # ignore 40 byte packets that mark the closing of a connection, + # since we use those to cut short the timeout on connections that + # have died. Therefore we must test the tcp.live flag here. If it + # is not set we might want to see this packet later on in the rules. + + $OUT .= "ignore tcp ip.tot_len=40,tcp.live\n"; + + # Make sure http transfers hold the link up, even after they end. + # This prevents web browsers from bouncing the connection too much. + + $OUT .= "accept tcp $httpHold tcp.dest=tcp.www\n"; + $OUT .= "accept tcp $httpHold tcp.source=tcp.www\n"; + + if ($SquidParent) + { + $OUT .= "accept tcp $httpHold tcp.dest=tcp.wwwproxy\n"; + $OUT .= "accept tcp $httpHold tcp.source=tcp.wwwproxy\n"; + } + + # Once the link is no longer live, we try to shut down the + # connection quickly. Note that if the link is already down, the + # closing of the a connection (which will generate traffic) will not + # bring it back up. + + $OUT .= "keepup tcp $otherHold !tcp.live\n"; + $OUT .= "ignore tcp !tcp.live\n"; + + # Finally, if we don't match the TCP packet somewhere above, then we + # give the link 10 minutes up time. Most TCP packets match this + # rule. Note that as soon as the TCP connection is closed, the keepup + # rule above overwrites the timeout. + + $OUT .= "accept tcp 600 any\n"; + + #----------------------- + # Rules for UDP packets + #----------------------- + + # Don't bring the link up for rwho: + + $OUT .= "ignore udp udp.dest=udp.who\n"; + $OUT .= "ignore udp udp.source=udp.who\n"; + + # Don't bring the link up for routing packets: + + $OUT .= "ignore udp udp.dest=udp.route\n"; + $OUT .= "ignore udp udp.source=udp.route\n"; + + # Don't bring the link up for NTP or timed: + + $OUT .= "ignore udp udp.dest=udp.ntp\n"; + $OUT .= "ignore udp udp.source=udp.ntp\n"; + $OUT .= "ignore udp udp.dest=udp.timed\n"; + $OUT .= "ignore udp udp.source=udp.timed\n"; + + # Don't bring up on domain name requests between + # two running copies of named: + + $OUT .= "ignore udp udp.dest=udp.domain,udp.source=udp.domain\n"; + + # Bring up the network for domain requests: + + $OUT .= "accept udp 30 udp.dest=udp.domain \n"; + $OUT .= "accept udp 30 udp.source=udp.domain\n"; + + # Bring up the network for netbios requests, + # except between netbios servers: + + $OUT .= + "ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns\n"; + $OUT .= "accept udp 30 udp.dest=udp.netbios-ns\n"; + $OUT .= "accept udp 30 udp.source=udp.netbios-ns\n"; + + # Any other UDP packets: + + $OUT .= "accept udp $otherHold any\n"; + + # Catch any packets that we didn't catch above: + + $OUT .= "accept any $otherHold any\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/diald.filter/40outside b/root/etc/e-smith/templates/etc/diald.filter/40outside new file mode 100644 index 0000000..a4c7bf4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.filter/40outside @@ -0,0 +1,173 @@ +{ + my $policy = $DialupConnOutside; + $OUT .= "\n"; + $OUT .= "#------------------------------------------------------------\n"; + $OUT .= "# Use \"$policy\" connect policy outside office hours on weekdays\n"; + $OUT .= "#------------------------------------------------------------\n"; + $OUT .= "\n"; + $OUT .= "restrict * 7:59:59 1-5 * *\n"; + $OUT .= "or-restrict 18:00:00 * 1-5 * *\n"; + $OUT .= "\n"; + + if ($policy eq 'continuous') + { + $OUT .= "up\n"; + } + elsif ($policy eq 'never') + { + $OUT .= "down\n"; + } + else + { + #-------------------------------------------------- + # "short" policy: HTTP transfers get 3 minutes, + # everything else gets 30 seconds. + #-------------------------------------------------- + + my $httpHold = 180; + my $otherHold = 30; + + if ($policy eq 'medium') + { + #-------------------------------------------------- + # "medium" policy: HTTP transfers get 10 minutes, + # everything else gets 5 minutes. + #-------------------------------------------------- + + $httpHold = 600; + $otherHold = 300; + } + elsif ($policy eq 'long') + { + #-------------------------------------------------- + # "long" policy: HTTP transfers get 20 minutes, + # everything else gets 10 minutes. + #-------------------------------------------------- + + $httpHold = 1200; + $otherHold = 600; + } + + #------------------------ + # Rules for TCP packets. + #------------------------ + + # If we force the line up (for example to trigger fetchmail) + # but no packets are sent, specify how long to hold the line + # up: + + $OUT .= "first-packet-timeout $otherHold\n"; + + # The first rule is designed to give the link 30 seconds up time + # when we are initiating a TCP connection. The idea here is to deal + # with possibility that the network on the opposite end of the + # connection is unreachable. In this case you don't really want to + # give the link 10 minutes up time. With the rule below we only give + # the link 30 seconds initially. If the network is reachable then + # we will normally get a response that actually contains some data + # within 30 seconds. If this causes problems because you have a + # slow response time at some site you want to regularly access, you + # can either increase the timeout or remove this rule. + + $OUT .= "accept tcp 30 tcp.syn\n"; + + # If you are running named, then it will send data across the link + # periodically to synchronize against other domain name servers. + # Since this can happen at any time, it is undesirable to keep the + # link up for it. Therefore, we ignore any tcp traffic from or to a + # domain name server. + + $OUT .= "ignore tcp tcp.dest=tcp.domain\n"; + $OUT .= "ignore tcp tcp.source=tcp.domain\n"; + + # Normally the packet that starts a connection is longer that 40 + # bytes, since it normally contains TCP options to specify the MSS. + # However, some TCP implementations don't include these options. + # Therefore, we must be careful not to ignore SYN packets that are + # only 40 bytes long. + + $OUT .= "accept tcp 30 ip.tot_len=40,tcp.syn\n"; + + # Otherwise, we want to ignore any TCP packet that is only 40 bytes + # long, since it is not carrying any data. However, we don't want to + # ignore 40 byte packets that mark the closing of a connection, + # since we use those to cut short the timeout on connections that + # have died. Therefore we must test the tcp.live flag here. If it + # is not set we might want to see this packet later on in the rules. + + $OUT .= "ignore tcp ip.tot_len=40,tcp.live\n"; + + # Make sure http transfers hold the link up, even after they end. + # This prevents web browsers from bouncing the connection too much. + + $OUT .= "accept tcp $httpHold tcp.dest=tcp.www\n"; + $OUT .= "accept tcp $httpHold tcp.source=tcp.www\n"; + + if ($SquidParent) + { + $OUT .= "accept tcp $httpHold tcp.dest=tcp.wwwproxy\n"; + $OUT .= "accept tcp $httpHold tcp.source=tcp.wwwproxy\n"; + } + + # Once the link is no longer live, we try to shut down the + # connection quickly. Note that if the link is already down, the + # closing of the a connection (which will generate traffic) will not + # bring it back up. + + $OUT .= "keepup tcp $otherHold !tcp.live\n"; + $OUT .= "ignore tcp !tcp.live\n"; + + # Finally, if we don't match the TCP packet somewhere above, then we + # give the link 10 minutes up time. Most TCP packets match this + # rule. Note that as soon as the TCP connection is closed, the keepup + # rule above overwrites the timeout. + + $OUT .= "accept tcp 600 any\n"; + + #----------------------- + # Rules for UDP packets + #----------------------- + + # Don't bring the link up for rwho: + + $OUT .= "ignore udp udp.dest=udp.who\n"; + $OUT .= "ignore udp udp.source=udp.who\n"; + + # Don't bring the link up for routing packets: + + $OUT .= "ignore udp udp.dest=udp.route\n"; + $OUT .= "ignore udp udp.source=udp.route\n"; + + # Don't bring the link up for NTP or timed: + + $OUT .= "ignore udp udp.dest=udp.ntp\n"; + $OUT .= "ignore udp udp.source=udp.ntp\n"; + $OUT .= "ignore udp udp.dest=udp.timed\n"; + $OUT .= "ignore udp udp.source=udp.timed\n"; + + # Don't bring up on domain name requests between two + # running copies of named: + + $OUT .= "ignore udp udp.dest=udp.domain,udp.source=udp.domain\n"; + + # Bring up the network for domain requests: + + $OUT .= "accept udp 30 udp.dest=udp.domain \n"; + $OUT .= "accept udp 30 udp.source=udp.domain\n"; + + # Bring up the network for netbios requests, + # except between netbios servers: + + $OUT .= "ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns\n"; + $OUT .= "accept udp 30 udp.dest=udp.netbios-ns\n"; + $OUT .= "accept udp 30 udp.source=udp.netbios-ns\n"; + + # Any other UDP packets: + + $OUT .= "accept udp $otherHold any\n"; + + # Catch any packets that we didn't catch above: + + $OUT .= "accept any $otherHold any\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/diald.filter/60weekend b/root/etc/e-smith/templates/etc/diald.filter/60weekend new file mode 100644 index 0000000..cbca336 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald.filter/60weekend @@ -0,0 +1,174 @@ +{ + my $policy = $DialupConnWeekend; + + $OUT .= "\n"; + $OUT .= "#------------------------------------------------------------\n"; + $OUT .= "# Use \"$policy\" connect policy during the weekend\n"; + $OUT .= "#------------------------------------------------------------\n"; + $OUT .= "\n"; + $OUT .= "restrict * * 0,6 * *\n"; + $OUT .= "\n"; + + if ($policy eq 'continuous') + { + $OUT .= "up\n"; + } + elsif ($policy eq 'never') + { + $OUT .= "down\n"; + } + else + { + + #-------------------------------------------------- + # "short" policy: HTTP transfers get 3 minutes, + # everything else gets 30 seconds. + #-------------------------------------------------- + + my $httpHold = 180; + my $otherHold = 30; + + if ($policy eq 'medium') + { + #-------------------------------------------------- + # "medium" policy: HTTP transfers get 10 minutes, + # everything else gets 5 minutes. + #-------------------------------------------------- + + $httpHold = 600; + $otherHold = 300; + } + elsif ($policy eq 'long') + { + #-------------------------------------------------- + # "long" policy: HTTP transfers get 20 minutes, + # everything else gets 10 minutes. + #-------------------------------------------------- + + $httpHold = 1200; + $otherHold = 600; + } + + #------------------------ + # Rules for TCP packets. + #------------------------ + + # If we force the line up (for example to trigger fetchmail) + # but no packets are sent, specify how long to hold the line + # up: + + $OUT .= "first-packet-timeout $otherHold\n"; + + # The first rule is designed to give the link 30 seconds up time + # when we are initiating a TCP connection. The idea here is to deal + # with possibility that the network on the opposite end of the + # connection is unreachable. In this case you don't really want to + # give the link 10 minutes up time. With the rule below we only give + # the link 30 seconds initially. If the network is reachable then + # we will normally get a response that actually contains some data + # within 30 seconds. If this causes problems because you have a + # slow response time at some site you want to regularly access, you + # can either increase the timeout or remove this rule. + + $OUT .= "accept tcp 30 tcp.syn\n"; + + # If you are running named, then it will send data across the link + # periodically to synchronize against other domain name servers. + # Since this can happen at any time, it is undesirable to keep the + # link up for it. Therefore, we ignore any tcp traffic from or to a + # domain name server. + + $OUT .= "ignore tcp tcp.dest=tcp.domain\n"; + $OUT .= "ignore tcp tcp.source=tcp.domain\n"; + + # Normally the packet that starts a connection is longer that 40 + # bytes, since it normally contains TCP options to specify the MSS. + # However, some TCP implementations don't include these options. + # Therefore, we must be careful not to ignore SYN packets that are + # only 40 bytes long. + + $OUT .= "accept tcp 30 ip.tot_len=40,tcp.syn\n"; + + # Otherwise, we want to ignore any TCP packet that is only 40 bytes + # long, since it is not carrying any data. However, we don't want to + # ignore 40 byte packets that mark the closing of a connection, + # since we use those to cut short the timeout on connections that + # have died. Therefore we must test the tcp.live flag here. If it + # is not set we might want to see this packet later on in the rules. + + $OUT .= "ignore tcp ip.tot_len=40,tcp.live\n"; + + # Make sure http transfers hold the link up, even after they end. + # This prevents web browsers from bouncing the connection too much. + + $OUT .= "accept tcp $httpHold tcp.dest=tcp.www\n"; + $OUT .= "accept tcp $httpHold tcp.source=tcp.www\n"; + + if ($SquidParent) + { + $OUT .= "accept tcp $httpHold tcp.dest=tcp.wwwproxy\n"; + $OUT .= "accept tcp $httpHold tcp.source=tcp.wwwproxy\n"; + } + + # Once the link is no longer live, we try to shut down the + # connection quickly. Note that if the link is already down, the + # closing of the a connection (which will generate traffic) will not + # bring it back up. + + $OUT .= "keepup tcp $otherHold !tcp.live\n"; + $OUT .= "ignore tcp !tcp.live\n"; + + # Finally, if we don't match the TCP packet somewhere above, then we + # give the link 10 minutes up time. Most TCP packets match this + # rule. Note that as soon as the TCP connection is closed, the keepup + # rule above overwrites the timeout. + + $OUT .= "accept tcp 600 any\n"; + + #----------------------- + # Rules for UDP packets + #----------------------- + + # Don't bring the link up for rwho: + + $OUT .= "ignore udp udp.dest=udp.who\n"; + $OUT .= "ignore udp udp.source=udp.who\n"; + + # Don't bring the link up for routing packets: + + $OUT .= "ignore udp udp.dest=udp.route\n"; + $OUT .= "ignore udp udp.source=udp.route\n"; + + # Don't bring the link up for NTP or timed: + + $OUT .= "ignore udp udp.dest=udp.ntp\n"; + $OUT .= "ignore udp udp.source=udp.ntp\n"; + $OUT .= "ignore udp udp.dest=udp.timed\n"; + $OUT .= "ignore udp udp.source=udp.timed\n"; + + # Don't bring up on domain name requests between + # two running copies of named: + + $OUT .= "ignore udp udp.dest=udp.domain,udp.source=udp.domain\n"; + + # Bring up the network for domain requests: + + $OUT .= "accept udp 30 udp.dest=udp.domain \n"; + $OUT .= "accept udp 30 udp.source=udp.domain\n"; + + # Bring up the network for netbios requests, + # except between netbios servers: + + $OUT .= "ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns\n"; + $OUT .= "accept udp 30 udp.dest=udp.netbios-ns\n"; + $OUT .= "accept udp 30 udp.source=udp.netbios-ns\n"; + + # Any other UDP packets: + + $OUT .= "accept udp $otherHold any\n"; + + # Catch any packets that we didn't catch above: + + $OUT .= "accept any $otherHold any\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/diald/link/20isdn b/root/etc/e-smith/templates/etc/diald/link/20isdn new file mode 100644 index 0000000..dee0007 --- /dev/null +++ b/root/etc/e-smith/templates/etc/diald/link/20isdn @@ -0,0 +1,7 @@ +isdn PHONE='{ + my $phone = $DialupPhoneNumber || ''; + $OUT = "$phone"; +}' WAITTIME=10 EAZ_OUT='{ + my $msn = $isdn{'Msn'} || ''; + $OUT = "$msn"; +}' EAZ_IN='' diff --git a/root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/10admin b/root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/10admin new file mode 100644 index 0000000..7fbe952 --- /dev/null +++ b/root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/10admin @@ -0,0 +1 @@ +admin diff --git a/root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/20userAccounts b/root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/20userAccounts new file mode 100644 index 0000000..ffa4db4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/20userAccounts @@ -0,0 +1,6 @@ +{ + use esmith::AccountsDB; + my $adb = esmith::AccountsDB->open_ro(); + + $OUT = join "\n", map { $_->key; } grep { $_->prop('PasswordSet') eq 'yes' } $adb->users; +} diff --git a/root/etc/e-smith/templates/etc/e-smith/pam/accounts.deny/10passwordRequired b/root/etc/e-smith/templates/etc/e-smith/pam/accounts.deny/10passwordRequired new file mode 100644 index 0000000..7cd6644 --- /dev/null +++ b/root/etc/e-smith/templates/etc/e-smith/pam/accounts.deny/10passwordRequired @@ -0,0 +1,24 @@ +{ + use esmith::AccountsDB; + my $adb = esmith::AccountsDB->open_ro(); + + while ( my $name = getpwent ) + { + next if ($name eq "admin"); + next if ($name eq "public") and ($ACCOUNTS_DENY_ALLOW_PUBLIC); + + my $a = $adb->get($name); + next unless defined $a; + + my $type = $a->prop('type') || 'none'; + if ( $type =~ /(user|ibay)/ ) + { + my $passwordSet = $a->prop('PasswordSet') || 'no'; + next if ($passwordSet eq "yes"); + + my $ftpMode = $a->prop('PublicAccess') || 'none'; + next if ($ftpMode eq "local" or $ftpMode eq "global"); + } + $OUT .= "$name\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/e-smith/pam/accounts.deny/20standardAccounts b/root/etc/e-smith/templates/etc/e-smith/pam/accounts.deny/20standardAccounts new file mode 100644 index 0000000..f036d18 --- /dev/null +++ b/root/etc/e-smith/templates/etc/e-smith/pam/accounts.deny/20standardAccounts @@ -0,0 +1,3 @@ +halt +shutdown +sync diff --git a/root/etc/e-smith/templates/etc/e-smith/pam/users.allow/10admin b/root/etc/e-smith/templates/etc/e-smith/pam/users.allow/10admin new file mode 100644 index 0000000..7fbe952 --- /dev/null +++ b/root/etc/e-smith/templates/etc/e-smith/pam/users.allow/10admin @@ -0,0 +1 @@ +admin diff --git a/root/etc/e-smith/templates/etc/e-smith/pam/users.allow/20userAccounts b/root/etc/e-smith/templates/etc/e-smith/pam/users.allow/20userAccounts new file mode 100644 index 0000000..ffa4db4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/e-smith/pam/users.allow/20userAccounts @@ -0,0 +1,6 @@ +{ + use esmith::AccountsDB; + my $adb = esmith::AccountsDB->open_ro(); + + $OUT = join "\n", map { $_->key; } grep { $_->prop('PasswordSet') eq 'yes' } $adb->users; +} diff --git a/root/etc/e-smith/templates/etc/e-smith/web/common/foot.tmpl/template-begin b/root/etc/e-smith/templates/etc/e-smith/web/common/foot.tmpl/template-begin new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/templates/etc/e-smith/web/common/head.tmpl/template-begin b/root/etc/e-smith/templates/etc/e-smith/web/common/head.tmpl/template-begin new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/templates/etc/elinks.conf/10homepage b/root/etc/e-smith/templates/etc/elinks.conf/10homepage new file mode 100644 index 0000000..9bddff5 --- /dev/null +++ b/root/etc/e-smith/templates/etc/elinks.conf/10homepage @@ -0,0 +1 @@ +set ui.sessions.homepage = "http://localhost/server-manager" diff --git a/root/etc/e-smith/templates/etc/elinks.conf/10insert_mode b/root/etc/e-smith/templates/etc/elinks.conf/10insert_mode new file mode 100644 index 0000000..fc574ed --- /dev/null +++ b/root/etc/e-smith/templates/etc/elinks.conf/10insert_mode @@ -0,0 +1 @@ +set document.browse.forms.insert_mode = 0 diff --git a/root/etc/e-smith/templates/etc/elinks.conf/10no_utf8 b/root/etc/e-smith/templates/etc/elinks.conf/10no_utf8 new file mode 100644 index 0000000..65166bc --- /dev/null +++ b/root/etc/e-smith/templates/etc/elinks.conf/10no_utf8 @@ -0,0 +1,3 @@ +set terminal.linux.utf_8_io = 0 +set terminal.xterm.utf_8_io = 0 +set terminal.xterm.m11_hack = 1 diff --git a/root/etc/e-smith/templates/etc/elinks.conf/10obey_cache_control b/root/etc/e-smith/templates/etc/elinks.conf/10obey_cache_control new file mode 100644 index 0000000..60f5e00 --- /dev/null +++ b/root/etc/e-smith/templates/etc/elinks.conf/10obey_cache_control @@ -0,0 +1 @@ +set document.cache.ignore_cache_control = 0 diff --git a/root/etc/e-smith/templates/etc/elinks.conf/10post_confirm b/root/etc/e-smith/templates/etc/elinks.conf/10post_confirm new file mode 100644 index 0000000..bc3352b --- /dev/null +++ b/root/etc/e-smith/templates/etc/elinks.conf/10post_confirm @@ -0,0 +1 @@ +set document.browse.forms.confirm_submit = 0 diff --git a/root/etc/e-smith/templates/etc/fstab/50UndoDisableTmpfs b/root/etc/e-smith/templates/etc/fstab/50UndoDisableTmpfs new file mode 100644 index 0000000..811ea99 --- /dev/null +++ b/root/etc/e-smith/templates/etc/fstab/50UndoDisableTmpfs @@ -0,0 +1,9 @@ +{ + # In 5.5 and before we commented out /dev/shm tmpfs entry + # We no longer need to do that with the 2.4 kernel + @lines = map { + m:^#none\s+/dev/shm\s+tmpfs\s+defaults: && s/^#//; + $_ + } @lines; + ""; +} diff --git a/root/etc/e-smith/templates/etc/fstab/99writefile b/root/etc/e-smith/templates/etc/fstab/99writefile new file mode 100644 index 0000000..d532b84 --- /dev/null +++ b/root/etc/e-smith/templates/etc/fstab/99writefile @@ -0,0 +1,7 @@ +{ + $OUT .= ""; + foreach my $line (@lines) + { + $OUT .= "$line\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/fstab/template-begin b/root/etc/e-smith/templates/etc/fstab/template-begin new file mode 100644 index 0000000..528c083 --- /dev/null +++ b/root/etc/e-smith/templates/etc/fstab/template-begin @@ -0,0 +1,35 @@ +{ + # vim: ft=perl: + %lines = (); + @lines = (); + open (RD, ") + { + chop; + push @lines, $_; + $lines{$_} = 1; + } + close(RD); + my @header = ( + "#------------------------------------------------------------", + "# BE CAREFUL WHEN MODIFYING THIS FILE! It is updated automatically", + "# by the SME server software. A few entries are updated during", + "# the template processing of the file and white space is removed,", + "# but otherwise changes to the file are preserved.", + "# For more information, see http://www.e-smith.org/custom/ and", + "# the template fragments in /etc/e-smith/templates/etc/fstab/.", + "# ", + "# copyright (C) 2002 Mitel Networks Corporation", + "#------------------------------------------------------------", + ); + foreach my $line (@header) + { + # Print the header banner, and delete any of its lines from the + # buffer, so that it isn't repeated. + my $test = $line; + $test =~ tr/()/../; # Avoid special interpretation of () in pattern + @lines = grep { !/^$test$/ } @lines; + $OUT .= "$line\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/ftpusers/00README b/root/etc/e-smith/templates/etc/ftpusers/00README new file mode 100644 index 0000000..6bf1cc0 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ftpusers/00README @@ -0,0 +1 @@ +# Now generated from /etc/e-smith/pam/accounts.deny diff --git a/root/etc/e-smith/templates/etc/hosts.allow/identd b/root/etc/e-smith/templates/etc/hosts.allow/identd new file mode 100644 index 0000000..8520774 --- /dev/null +++ b/root/etc/e-smith/templates/etc/hosts.allow/identd @@ -0,0 +1,3 @@ +{ + $DB->hosts_allow_spec('oidentd', 'in.identd'); +} diff --git a/root/etc/e-smith/templates/etc/hosts.deny/00startup b/root/etc/e-smith/templates/etc/hosts.deny/00startup new file mode 100644 index 0000000..45bc5eb --- /dev/null +++ b/root/etc/e-smith/templates/etc/hosts.deny/00startup @@ -0,0 +1 @@ +ALL: ALL diff --git a/root/etc/e-smith/templates/etc/hosts/10localhost b/root/etc/e-smith/templates/etc/hosts/10localhost new file mode 100644 index 0000000..ba712fe --- /dev/null +++ b/root/etc/e-smith/templates/etc/hosts/10localhost @@ -0,0 +1 @@ +127.0.0.1 localhost diff --git a/root/etc/e-smith/templates/etc/hosts/20hostname b/root/etc/e-smith/templates/etc/hosts/20hostname new file mode 100644 index 0000000..4d77495 --- /dev/null +++ b/root/etc/e-smith/templates/etc/hosts/20hostname @@ -0,0 +1,5 @@ +{ + $OUT .= "$LocalIP\t"; + $OUT .= " ${SystemName}.${DomainName}"; + $OUT .= " ${SystemName}"; +} diff --git a/root/etc/e-smith/templates/etc/inittab/10defaultlevel b/root/etc/e-smith/templates/etc/inittab/10defaultlevel new file mode 100644 index 0000000..f440034 --- /dev/null +++ b/root/etc/e-smith/templates/etc/inittab/10defaultlevel @@ -0,0 +1,4 @@ + +# Default runlevel. +# +id:4:initdefault: diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/05rotate b/root/etc/e-smith/templates/etc/logrotate.conf/05rotate new file mode 100644 index 0000000..a2c6b20 --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.conf/05rotate @@ -0,0 +1,10 @@ +# see "man logrotate" for details +# rotate log files weekly +{ +#daily, weekly, monthly +$rotate=$rsyslog{'RotateDays'} || '7'; +$OUT="weekly" ; +$OUT="monthly" if ( $rotate > 21 ); +$OUT="daily" if ( $rotate == 1 ); +} + diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/10keep b/root/etc/e-smith/templates/etc/logrotate.conf/10keep new file mode 100644 index 0000000..f97de66 --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.conf/10keep @@ -0,0 +1,11 @@ +{ +$rotate=$rsyslog{'RotateDays'} || 7; +$purge=$rsyslog{'PurgeLength'} || 95; +$OUT.="#Remove rotated logs older than days. +maxage $purge\n\n"; +$total=$rsyslog{'KeepNumber'} || sprintf("%.0f",$purge/$rotate)||4; +$OUT.="# keep n weeks worth of backlogs +rotate $total\n"; +} +maxsize {$rsyslog{'MaxSize'} || "100M";} + diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/11notifempty b/root/etc/e-smith/templates/etc/logrotate.conf/11notifempty new file mode 100644 index 0000000..0ac8c18 --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.conf/11notifempty @@ -0,0 +1,3 @@ +# we de not want to collect empty rotated logs +notifempty + diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/20empty b/root/etc/e-smith/templates/etc/logrotate.conf/20empty new file mode 100644 index 0000000..344b616 --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.conf/20empty @@ -0,0 +1,3 @@ +# create new (empty) log files after rotating old ones +create + diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/30extension b/root/etc/e-smith/templates/etc/logrotate.conf/30extension new file mode 100644 index 0000000..178e67d --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.conf/30extension @@ -0,0 +1,3 @@ +# use date as a suffix of the rotated file +dateext + diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/35compress b/root/etc/e-smith/templates/etc/logrotate.conf/35compress new file mode 100644 index 0000000..9c9d693 --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.conf/35compress @@ -0,0 +1,3 @@ +# uncomment this if you want your log files compressed +#compress + diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/37rpms b/root/etc/e-smith/templates/etc/logrotate.conf/37rpms new file mode 100644 index 0000000..c7ba2be --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.conf/37rpms @@ -0,0 +1,4 @@ +# RPM packages drop log rotation information into this directory +include /etc/logrotate.d + + diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/40included b/root/etc/e-smith/templates/etc/logrotate.conf/40included new file mode 100644 index 0000000..38b8735 --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.conf/40included @@ -0,0 +1,16 @@ +# no packages own wtmp and btmp -- we'll rotate them here +/var/log/wtmp \{ + monthly + create 0664 root utmp + minsize 1M + rotate 1 +\} + +/var/log/btmp \{ + missingok + monthly + create 0600 root utmp + rotate 1 +\} + +# system-specific logs may be also be configured here. diff --git a/root/etc/e-smith/templates/etc/lynx.cfg/10preferredLanguage b/root/etc/e-smith/templates/etc/lynx.cfg/10preferredLanguage new file mode 100644 index 0000000..6a2d745 --- /dev/null +++ b/root/etc/e-smith/templates/etc/lynx.cfg/10preferredLanguage @@ -0,0 +1,6 @@ +{ + my $language = lc $sysconfig{Language}; + $language =~ s/_/-/; + + return "PREFERRED_LANGUAGE:$language"; +} diff --git a/root/etc/e-smith/templates/etc/lynx.cfg/20helpfile b/root/etc/e-smith/templates/etc/lynx.cfg/20helpfile new file mode 100644 index 0000000..66a03c4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/lynx.cfg/20helpfile @@ -0,0 +1 @@ +HELPFILE:file://localhost/usr/share/doc/lynx-2.8.4/lynx_help/lynx_help_main.html diff --git a/root/etc/e-smith/templates/etc/lynx.cfg/30index b/root/etc/e-smith/templates/etc/lynx.cfg/30index new file mode 100644 index 0000000..1ae0917 --- /dev/null +++ b/root/etc/e-smith/templates/etc/lynx.cfg/30index @@ -0,0 +1 @@ +DEFAULT_INDEX_FILE:http://www.google.com/ diff --git a/root/etc/e-smith/templates/etc/lynx.cfg/40startfile b/root/etc/e-smith/templates/etc/lynx.cfg/40startfile new file mode 100644 index 0000000..92f1985 --- /dev/null +++ b/root/etc/e-smith/templates/etc/lynx.cfg/40startfile @@ -0,0 +1 @@ +STARTFILE:http://localhost/server-manager/noframes diff --git a/root/etc/e-smith/templates/etc/lynx.cfg/50forcessl b/root/etc/e-smith/templates/etc/lynx.cfg/50forcessl new file mode 100644 index 0000000..9ef85f1 --- /dev/null +++ b/root/etc/e-smith/templates/etc/lynx.cfg/50forcessl @@ -0,0 +1 @@ +FORCE_SSL_PROMPT:yes diff --git a/root/etc/e-smith/templates/etc/mime.types/10sample-types b/root/etc/e-smith/templates/etc/mime.types/10sample-types new file mode 100644 index 0000000..59f4615 --- /dev/null +++ b/root/etc/e-smith/templates/etc/mime.types/10sample-types @@ -0,0 +1,1287 @@ +# MIME type Extensions +application/3gpp-ims+xml +application/activemessage +application/andrew-inset ez +application/applefile +application/atom+xml atom +application/atomicmail +application/atomcat+xml atomcat +application/atomsvc+xml atomsvc +application/auth-policy+xml apxml +application/batch-SMTP +application/beep+xml +application/cals-1840 +application/ccxml+xml ccxml +application/cea-2018+xml +application/cellml+xml cellml cml +application/cnrp+xml +application/commonground +application/conference-info+xml +application/cpl+xml cpl +application/csta+xml +application/CSTAdata+xml +application/cybercash +application/davmount+xml davmount +application/dca-rft +application/dec-dx +application/dialog-info+xml +application/dicom dcm +application/dns +application/dssc+der dssc +application/dssc+xml xdssc +application/dvcs dvc +application/ecmascript +application/EDI-Consent +application/EDI-X12 +application/EDIFACT +application/emma+xml emma +application/epp+xml +application/eshop +application/fastinfoset finf +application/fastsoap +# fits, fit, fts: image/fits +application/fits +application/font-tdpfr pfr +application/H224 +application/held+xml +application/http +application/hyperstudio stk +application/ibe-key-request+xml +application/ibe-pkg-reply+xml +application/ibe-pp-data +application/iges +application/im-iscomposing+xml +application/index +application/index.cmd +application/index.obj +application/index.response +application/index.vnd +application/iotp +application/ipfix ipfix +application/ipp +application/isup +# js: text/javascript (obsolete) for browser support for now +application/javascript +application/json json +application/kpml-request+xml +application/kpml-response+xml +application/lost+xml lostxml +application/mac-binhex40 hqx +application/macwriteii +application/marc mrc +application/mathematica nb ma mb +application/mbms-associated-procedure-description+xml +application/mbms-deregister+xml +application/mbms-envelope+xml +application/mbms-msk-response+xml +application/mbms-msk+xml +application/mbms-protection-description+xml +application/mbms-reception-report+xml +application/mbms-register-response+xml +application/mbms-register+xml +application/mbms-user-service-description+xml +application/mbox mbox +application/media_control+xml +application/mediaservercontrol+xml +application/mikey +application/moss-keys +application/moss-signature +application/mosskey-data +application/mosskey-request +application/mp21 m21 mp21 +# mp4, mpg4: video/mp4, see RFC 4337 +application/mp4 +application/mpeg4-generic +application/mpeg4-iod +application/mpeg4-iod-xmt +application/msword doc +application/mxf mxf +application/nasdata +application/news-checkgroups +application/news-groupinfo +application/news-transmission +application/nss +application/ocsp-request orq +application/ocsp-response ors +application/octet-stream bin lha lzh exe class so dll img iso +application/oda oda +application/oebps-package+xml opf +application/ogg ogx +application/parityfec +# xer: application/xcap-error+xml +application/patch-ops-error+xml +application/pdf pdf +application/pgp-encrypted +application/pgp-keys +application/pgp-signature sig +application/pidf-diff+xml +application/pidf+xml +application/pkcs10 p10 +application/pkcs7-mime p7m p7c +application/pkcs7-signature p7s +application/pkix-cert cer +application/pkix-crl crl +application/pkix-pkipath pkipath +application/pkixcmp +application/pls+xml pls +application/poc-settings+xml +application/postscript ai eps ps +application/prs.alvestrand.titrax-sheet +application/prs.cww cw cww +application/prs.nprend rnd rct +application/prs.plucker +application/qsig +application/rdf+xml rdf +application/reginfo+xml rif +application/relax-ng-compact-syntax rnc +application/remote-printing +application/resource-lists-diff+xml rld +application/resource-lists+xml rl +application/riscos +application/rlmi+xml +application/rls-services+xml rs +application/rtf rtf +application/rtx +application/samlassertion+xml +application/samlmetadata+xml +application/sbml+xml +application/scvp-cv-request scq +application/scvp-cv-response scs +application/scvp-vp-request spq +application/scvp-vp-response spp +application/sdp sdp +application/set-payment +application/set-payment-initiation +application/set-registration +application/set-registration-initiation +application/sgml +application/sgml-open-catalog soc +application/shf+xml shf +application/sieve siv sieve +application/simple-filter+xml cl +application/simple-message-summary +application/simpleSymbolContainer +application/slate +# obsoleted by application/smil+xml +application/smil smil smi sml +# smil, smi: application/smil for now +application/smil+xml +application/soap+fastinfoset +application/soap+xml +application/sparql-query rq +application/sparql-results+xml srx +application/spirits-event+xml +application/srgs gram +application/srgs+xml grxml +application/ssml+xml ssml +application/timestamp-query tsq +application/timestamp-reply tsr +application/tve-trigger +application/ulpfec +application/vemmi +application/vnd.3gpp.bsf+xml +application/vnd.3gpp.pic-bw-large plb +application/vnd.3gpp.pic-bw-small psb +application/vnd.3gpp.pic-bw-var pvb +# sms: application/vnd.3gpp2.sms +application/vnd.3gpp.sms +application/vnd.3gpp2.bcmcsinfo+xml +application/vnd.3gpp2.sms sms +application/vnd.3gpp2.tcap tcap +application/vnd.3M.Post-it-Notes pwn +application/vnd.accpac.simply.aso aso +application/vnd.accpac.simply.imp imp +application/vnd.acucobol acu +application/vnd.acucorp atc acutc +application/vnd.adobe.partial-upload +application/vnd.adobe.xdp+xml xdp +application/vnd.adobe.xfdf xfdf +application/vnd.aether.imp +application/vnd.airzip.filesecure.azf azf +application/vnd.airzip.filesecure.azs azs +application/vnd.americandynamics.acc acc +application/vnd.amiga.ami ami +application/vnd.anser-web-certificate-issue-initiation cii +# Not in IANA listing, but is on FTP site? +application/vnd.anser-web-funds-transfer-initiation fti +# atx: audio/ATRAC-X +application/vnd.antix.game-component +application/vnd.apple.installer+xml dist distz pkg mpkg +# m3u: application/x-mpegurl for now +application/vnd.apple.mpegurl m3u8 +application/vnd.aristanetworks.swi swi +application/vnd.audiograph aep +application/vnd.autopackage package +application/vnd.avistar+xml +application/vnd.blueice.multipass mpm +application/vnd.bluetooth.ep.oob ep +application/vnd.bmi bmi +application/vnd.businessobjects rep +application/vnd.cab-jscript +application/vnd.canon-cpdl +application/vnd.canon-lips +application/vnd.cendio.thinlinc.clientconf tlclient +application/vnd.chemdraw+xml cdxml +application/vnd.chipnuts.karaoke-mmd mmd +application/vnd.cinderella cdy +application/vnd.cirpack.isdn-ext +application/vnd.claymore cla +application/vnd.cloanto.rp9 rp9 +application/vnd.clonk.c4group c4g c4d c4f c4p c4u +# icc: application/vnd.iccprofile +application/vnd.commerce-battelle ica icf icd ic0 ic1 ic2 ic3 ic4 ic5 ic6 ic7 ic8 +application/vnd.commonspace csp cst +application/vnd.contact.cmsg cdbcmsg +application/vnd.cosmocaller cmc +application/vnd.crick.clicker clkx +application/vnd.crick.clicker.keyboard clkk +application/vnd.crick.clicker.palette clkp +application/vnd.crick.clicker.template clkt +application/vnd.crick.clicker.wordbank clkw +application/vnd.criticaltools.wbs+xml wbs +application/vnd.ctc-posml pml +application/vnd.ctct.ws+xml +application/vnd.cups-pdf +application/vnd.cups-postscript +application/vnd.cups-ppd ppd +application/vnd.cups-raster +application/vnd.cups-raw +application/vnd.curl curl +application/vnd.cybank +application/vnd.data-vision.rdz rdz +application/vnd.denovo.fcselayout-link fe_launch +application/vnd.dir-bi.plate-dl-nosuffix +application/vnd.dna dna +application/vnd.dolby.mobile.1 +application/vnd.dolby.mobile.2 +application/vnd.dpgraph dpg mwc dpgraph +application/vnd.dreamfactory dfac +application/vnd.dvb.esgcontainer +application/vnd.dvb.ipdcdftnotifaccess +application/vnd.dvb.ipdcesgaccess +application/vnd.dvb.ipdcroaming +application/vnd.dvb.iptv.alfec-base +application/vnd.dvb.iptv.alfec-enhancement +application/vnd.dvb.notif-aggregate-root+xml +application/vnd.dvb.notif-container+xml +application/vnd.dvb.notif-generic+xml +application/vnd.dvb.notif-ia-msglist+xml +application/vnd.dvb.notif-ia-registration-request+xml +application/vnd.dvb.notif-ia-registration-response+xml +application/vnd.dvb.notif-init+xml +# dxr: application/x-director +application/vnd.dxr +application/vnd.dynageo geo +application/vnd.ecdis-update +application/vnd.ecowin.chart mag +application/vnd.ecowin.filerequest +application/vnd.ecowin.fileupdate +application/vnd.ecowin.series +application/vnd.ecowin.seriesrequest +application/vnd.ecowin.seriesupdate +application/vnd.enliven nml +application/vnd.epson.esf esf +application/vnd.epson.msf msf +application/vnd.epson.quickanime qam +application/vnd.epson.salt slt +application/vnd.epson.ssf ssf +application/vnd.ericsson.quickcall qcall qca +application/vnd.eszigno3+xml es3 et3 +application/vnd.etsi.aoc+xml +application/vnd.etsi.cug+xml +application/vnd.etsi.iptvcommand+xml +application/vnd.etsi.iptvdiscovery+xml +application/vnd.etsi.iptvprofile+xml +application/vnd.etsi.iptvsad-bc+xml +application/vnd.etsi.iptvsad-cod+xml +application/vnd.etsi.iptvsad-npvr+xml +application/vnd.etsi.iptvueprofile+xml +application/vnd.etsi.mcid+xml +application/vnd.etsi.sci+xml +application/vnd.etsi.simservs+xml +application/vnd.etsi.tsl.der +application/vnd.etsi.tsl+xml +application/vnd.eudora.data +application/vnd.ezpix-album ez2 +application/vnd.ezpix-package ez3 +application/vnd.f-secure.mobile +application/vnd.fdf fdf +application/vnd.fdsn.mseed msd mseed +application/vnd.fsdn.seed seed dataless +application/vnd.ffsns +# all extensions: application/vnd.hbci +application/vnd.fints +application/vnd.FloGraphIt gph +application/vnd.fluxtime.clip ftc +application/vnd.font-fontforge-sfd sfd +application/vnd.framemaker fm +application/vnd.frogans.fnc fnc +application/vnd.frogans.ltf ltf +application/vnd.fsc.weblaunch fsc +application/vnd.fujitsu.oasys oas +application/vnd.fujitsu.oasys2 oa2 +application/vnd.fujitsu.oasys3 oa3 +application/vnd.fujitsu.oasysgp fg5 +application/vnd.fujitsu.oasysprs bh2 +application/vnd.fujixerox.ART-EX +application/vnd.fujixerox.ART4 +application/vnd.fujixerox.ddd ddd +application/vnd.fujixerox.docuworks xdw +application/vnd.fujixerox.docuworks.binder xbd +application/vnd.fujixerox.HBPL +application/vnd.fut-misnet +application/vnd.fuzzysheet fzs +application/vnd.genomatix.tuxedo txd +application/vnd.geogebra.file ggb +application/vnd.geogebra.tool ggt +application/vnd.geometry-explorer gex gre +application/vnd.geonext gxt +application/vnd.geoplan g2w +application/vnd.geospace g3w +application/vnd.globalplatform.card-content-mgt +application/vnd.globalplatform.card-content-mgt-response +# application/vnd.gmx deprecated 2009-03-04 +application/vnd.google-earth.kml+xml kml +application/vnd.google-earth.kmz kmz +application/vnd.grafeq gqf gqs +application/vnd.gridmp +application/vnd.groove-account gac +application/vnd.groove-help ghf +application/vnd.groove-identity-message gim +application/vnd.groove-injector grv +application/vnd.groove-tool-message gtm +application/vnd.groove-tool-template tpl +application/vnd.groove-vcard vcg +application/vnd.HandHeld-Entertainment+xml zmm +application/vnd.hbci hbci hbc kom upa pkd bpd +# rep: application/vnd.businessobjects +application/vnd.hcl-bireports +application/vnd.hhe.lesson-player les +application/vnd.hp-HPGL hpgl +application/vnd.hp-hpid hpi hpid +application/vnd.hp-hps hps +application/vnd.hp-jlyt jlt +application/vnd.hp-PCL pcl +application/vnd.hp-PCLXL +application/vnd.httphone +application/vnd.hydrostatix.sof-data sfd-hdstx +application/vnd.hzn-3d-crossword x3d +application/vnd.ibm.afplinedata +application/vnd.ibm.electronic-media emm +application/vnd.ibm.MiniPay mpy +application/vnd.ibm.modcap list3820 listafp afp pseg3820 +application/vnd.ibm.rights-management irm +application/vnd.ibm.secure-container sc +application/vnd.iccprofile icc icm +application/vnd.igloader igl +application/vnd.immervision-ivp ivp +application/vnd.immervision-ivu ivu +application/vnd.informedcontrol.rms+xml +# application/vnd.informix-visionary obsoleted by application/vnd.visionary +application/vnd.intercon.formnet xpw xpx +application/vnd.intertrust.digibox +application/vnd.intertrust.nncp +application/vnd.intu.qbo qbo +application/vnd.intu.qfx qfx +application/vnd.iptc.g2.conceptitem+xml +application/vnd.iptc.g2.knowledgeitem+xml +application/vnd.iptc.g2.newsitem+xml +application/vnd.iptc.g2.packageitem+xml +application/vnd.ipunplugged.rcprofile rcprofile +application/vnd.irepository.package+xml irp +application/vnd.is-xpr xpr +application/vnd.jam jam +application/vnd.japannet-directory-service +application/vnd.japannet-jpnstore-wakeup +application/vnd.japannet-payment-wakeup +application/vnd.japannet-registration +application/vnd.japannet-registration-wakeup +application/vnd.japannet-setstore-wakeup +application/vnd.japannet-verification +application/vnd.japannet-verification-wakeup +application/vnd.jcp.javame.midlet-rms rms +application/vnd.jisp jisp +application/vnd.joost.joda-archive joda +application/vnd.kahootz ktz ktr +application/vnd.kde.karbon karbon +application/vnd.kde.kchart chrt +application/vnd.kde.kformula kfo +application/vnd.kde.kivio flw +application/vnd.kde.kontour kon +application/vnd.kde.kpresenter kpr kpt +application/vnd.kde.kspread ksp +application/vnd.kde.kword kwd kwt +application/vnd.kenameaapp htke +application/vnd.kidspiration kia +application/vnd.Kinar kne knp sdf +application/vnd.koan skp skd skm skt +application/vnd.kodak-descriptor sse +application/vnd.liberty-request+xml +application/vnd.llamagraphics.life-balance.desktop lbd +application/vnd.llamagraphics.life-balance.exchange+xml lbe +application/vnd.lotus-1-2-3 123 wk4 wk3 wk1 +application/vnd.lotus-approach apr vew +application/vnd.lotus-freelance prz pre +application/vnd.lotus-notes nsf ntf ndl ns4 ns3 ns2 nsh nsg +application/vnd.lotus-organizer or3 or2 org +application/vnd.lotus-screencam scm +application/vnd.lotus-wordpro lwp sam +application/vnd.macports.portpkg portpkg +application/vnd.marlin.drm.actiontoken+xml +application/vnd.marlin.drm.conftoken+xml +application/vnd.marlin.drm.license+xml +application/vnd.marlin.drm.mdcf mdc +application/vnd.mcd mcd +application/vnd.medcalcdata mc1 +application/vnd.mediastation.cdkey cdkey +application/vnd.meridian-slingshot +application/vnd.MFER mwf +application/vnd.mfmp mfm +application/vnd.micrografx.flo flo +application/vnd.micrografx.igx igx +application/vnd.mif mif +application/vnd.minisoft-hp3000-save +application/vnd.mitsubishi.misty-guard.trustweb +application/vnd.Mobius.DAF daf +application/vnd.Mobius.DIS dis +application/vnd.Mobius.MBK mbk +application/vnd.Mobius.MQY mqy +application/vnd.Mobius.MSL msl +application/vnd.Mobius.PLC plc +application/vnd.Mobius.TXF txf +application/vnd.mophun.application mpn +application/vnd.mophun.certificate mpc +application/vnd.motorola.flexsuite +application/vnd.motorola.flexsuite.adsi +application/vnd.motorola.flexsuite.fis +application/vnd.motorola.flexsuite.gotap +application/vnd.motorola.flexsuite.kmr +application/vnd.motorola.flexsuite.ttc +application/vnd.motorola.flexsuite.wem +application/vnd.motorola.iprm +application/vnd.mozilla.xul+xml xul +application/vnd.ms-artgalry cil +application/vnd.ms-asf asf +application/vnd.ms-cab-compressed cab +application/vnd.ms-excel xls +application/vnd.ms-fontobject eot +application/vnd.ms-htmlhelp chm +application/vnd.ms-ims ims +application/vnd.ms-lrm lrm +application/vnd.ms-playready.initiator+xml +application/vnd.ms-powerpoint ppt +application/vnd.ms-project mpp +application/vnd.ms-tnef tnef tnf +application/vnd.ms-wmdrm.lic-chlg-req +application/vnd.ms-wmdrm.lic-resp +application/vnd.ms-wmdrm.meter-chlg-req +application/vnd.ms-wmdrm.meter-resp +application/vnd.ms-works wcm wdb wks wps +application/vnd.ms-wpl wpl +application/vnd.ms-xpsdocument xps +application/vnd.mseq mseq +application/vnd.msign +application/vnd.multiad.creator crtr +application/vnd.multiad.creator.cif cif +application/vnd.music-niff +application/vnd.musician mus +application/vnd.muvee.style msty +application/vnd.ncd.control +application/vnd.ncd.reference +application/vnd.nervana entity request bkm kcm +application/vnd.netfpx +application/vnd.neurolanguage.nlu nlu +application/vnd.noblenet-directory nnd +application/vnd.noblenet-sealer nns +application/vnd.noblenet-web nnw +application/vnd.nokia.catalogs +application/vnd.nokia.conml+wbxml +application/vnd.nokia.conml+xml +application/vnd.nokia.iptv.config+xml +application/vnd.nokia.iSDS-radio-presets +application/vnd.nokia.landmark+wbxml +application/vnd.nokia.landmark+xml +application/vnd.nokia.landmarkcollection+xml +application/vnd.nokia.n-gage.ac+xml ac +application/vnd.nokia.n-gage.data ngdat +application/vnd.nokia.n-gage.symbian.install n-gage +application/vnd.nokia.ncd +application/vnd.nokia.pcd+wbxml +application/vnd.nokia.pcd+xml +application/vnd.nokia.radio-preset rpst +application/vnd.nokia.radio-presets rpss +application/vnd.novadigm.EDM edm +application/vnd.novadigm.EDX edx +application/vnd.novadigm.EXT ext +application/vnd.oasis.opendocument.chart odc +application/vnd.oasis.opendocument.chart-template otc +application/vnd.oasis.opendocument.database odb +application/vnd.oasis.opendocument.formula odf +application/vnd.oasis.opendocument.formula-template otf +application/vnd.oasis.opendocument.graphics odg +application/vnd.oasis.opendocument.graphics-template otg +application/vnd.oasis.opendocument.image odi +application/vnd.oasis.opendocument.image-template oti +application/vnd.oasis.opendocument.presentation odp +application/vnd.oasis.opendocument.presentation-template otp +application/vnd.oasis.opendocument.spreadsheet ods +application/vnd.oasis.opendocument.spreadsheet-template ots +application/vnd.oasis.opendocument.text odt +application/vnd.oasis.opendocument.text-master odm +application/vnd.oasis.opendocument.text-template ott +application/vnd.oasis.opendocument.text-web oth +application/vnd.obn +application/vnd.olpc-sugar xo +application/vnd.oma.bcast.associated-procedure-parameter+xml +application/vnd.oma.bcast.drm-trigger+xml +application/vnd.oma.bcast.imd+xml +application/vnd.oma.bcast.ltkm +application/vnd.oma.bcast.notification+xml +application/vnd.oma.bcast.provisioningtrigger +application/vnd.oma.bcast.sgboot +application/vnd.oma.bcast.sgdd+xml +application/vnd.oma.bcast.sgdu +application/vnd.oma.bcast.simple-symbol-container +application/vnd.oma.bcast.smartcard-trigger+xml +application/vnd.oma.bcast.sprov+xml +application/vnd.oma.bcast.stkm +application/vnd.oma.dcd +application/vnd.oma.dcdc +application/vnd.oma.dd2+xml dd2 +application/vnd.oma.drm.risd+xml +application/vnd.oma.group-usage-list+xml +application/vnd.oma.poc.detailed-progress-report+xml +application/vnd.oma.poc.final-report+xml +application/vnd.oma.poc.groups+xml +application/vnd.oma.poc.invocation-descriptor+xml +application/vnd.oma.poc.optimized-progress-report+xml +application/vnd.oma.push +application/vnd.oma.xcap-directory+xml +application/vnd.oma-scws-config +application/vnd.oma-scws-http-request +application/vnd.oma-scws-http-response +application/vnd.omads-email+xml +application/vnd.omads-file+xml +application/vnd.omads-folder+xml +application/vnd.omaloc-supl-init +application/vnd.openofficeorg.extension oxt +application/vnd.openxmlformats-officedocument.custom-properties+xml +application/vnd.openxmlformats-officedocument.customXmlProperties+xml +application/vnd.openxmlformats-officedocument.drawing+xml +application/vnd.openxmlformats-officedocument.drawingml.chart+xml +application/vnd.openxmlformats-officedocument.drawingml.chartshapes+xml +application/vnd.openxmlformats-officedocument.drawingml.diagramColors+xml +application/vnd.openxmlformats-officedocument.drawingml.diagramData+xml +application/vnd.openxmlformats-officedocument.drawingml.diagramLayout+xml +application/vnd.openxmlformats-officedocument.drawingml.diagramStyle+xml +application/vnd.openxmlformats-officedocument.extended-properties+xml +application/vnd.openxmlformats-officedocument.presentationml.commentAuthors+xml +application/vnd.openxmlformats-officedocument.presentationml.comments+xml +application/vnd.openxmlformats-officedocument.presentationml.handoutMaster+xml +application/vnd.openxmlformats-officedocument.presentationml.notesMaster+xml +application/vnd.openxmlformats-officedocument.presentationml.notesSlide+xml +application/vnd.openxmlformats-officedocument.presentationml.presProps+xml +application/vnd.openxmlformats-officedocument.presentationml.presentation.main+xml +application/vnd.openxmlformats-officedocument.presentationml.slide+xml +application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml +application/vnd.openxmlformats-officedocument.presentationml.slideMaster+xml +application/vnd.openxmlformats-officedocument.presentationml.slideUpdateInfo+xml +application/vnd.openxmlformats-officedocument.presentationml.slideshow.main+xml +application/vnd.openxmlformats-officedocument.presentationml.tableStyles+xml +application/vnd.openxmlformats-officedocument.presentationml.tags+xml +application/vnd.openxmlformats-officedocument.presentationml.template.main+xml +application/vnd.openxmlformats-officedocument.presentationml.viewProps+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.calcChain+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.chartsheet+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.comments+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.connections+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.dialogsheet+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.externalLink+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.pivotCacheDefinition+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.pivotCacheRecords+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.pivotTable+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.queryTable+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.revisionHeaders+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.revisionLog+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.sharedStrings+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.sheet.main+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.sheetMetadata+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.styles+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.table+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.tableSingleCells+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.template.main+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.userNames+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.volatileDependencies+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.worksheet+xml +application/vnd.openxmlformats-officedocument.theme+xml +application/vnd.openxmlformats-officedocument.themeOverride+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.comments+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.document.glossary+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.endnotes+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.footer+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.footnotes+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.numbering+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.template.main+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.webSettings+xml +application/vnd.openxmlformats-package.core-properties+xml +application/vnd.openxmlformats-package.digital-signature-xmlsignature+xml +application/vnd.osa.netdeploy ndc +# jar: application/x-java-archive +application/vnd.osgi.bundle +application/vnd.osgi.dp dp +application/vnd.otps.ct-kip+xml +application/vnd.palm prc pdb pqa oprc +application/vnd.paos+xml +application/vnd.pg.format str +application/vnd.pg.osasli ei6 +application/vnd.piaccess.application-license pil +application/vnd.picsel efif +application/vnd.poc.group-advertisement+xml +application/vnd.pocketlearn plf +application/vnd.powerbuilder6 pbd +application/vnd.powerbuilder6-s +application/vnd.powerbuilder7 +application/vnd.powerbuilder7-s +application/vnd.powerbuilder75 +application/vnd.powerbuilder75-s +application/vnd.preminet preminet +application/vnd.previewsystems.box box vbox +application/vnd.proteus.magazine mgz +application/vnd.publishare-delta-tree qps +# pti: image/prs.pti +application/vnd.pvi.ptid1 ptid +application/vnd.pwg-multiplexed +application/vnd.pwg-xhtml-print+xml +application/vnd.qualcomm.brew-app-res bar +application/vnd.Quark.QuarkXPress qxd qxt qwd qwt qxl qxb +application/vnd.radisys.moml+xml +application/vnd.radisys.msml-audit-conf+xml +application/vnd.radisys.msml-audit-conn+xml +application/vnd.radisys.msml-audit-dialog+xml +application/vnd.radisys.msml-audit-stream+xml +application/vnd.radisys.msml-audit+xml +application/vnd.radisys.msml-conf+xml +application/vnd.radisys.msml-dialog-base+xml +application/vnd.radisys.msml-dialog-fax-detect+xml +application/vnd.radisys.msml-dialog-fax-sendrecv+xml +application/vnd.radisys.msml-dialog-group+xml +application/vnd.radisys.msml-dialog-speech+xml +application/vnd.radisys.msml-dialog-transform+xml +application/vnd.radisys.msml-dialog+xml +application/vnd.radisys.msml+xml +application/vnd.rapid +application/vnd.realvnc.bed bed +application/vnd.recordare.musicxml mxl +application/vnd.recordare.musicxml+xml +application/vnd.RenLearn.rlprint +application/vnd.route66.link66+xml link66 +application/vnd.ruckus.download +application/vnd.s3sms +application/vnd.sailingtracker.track st +application/vnd.sbm.cid +application/vnd.sbm.mid2 +application/vnd.scribus scd sla slaz +application/vnd.sealed.3df s3df +application/vnd.sealed.csf scsf +application/vnd.sealed.doc sdoc sdo s1w +application/vnd.sealed.eml seml sem +application/vnd.sealed.mht smht smh +application/vnd.sealed.net +# spp: application/scvp-vp-response +application/vnd.sealed.ppt sppt s1p +application/vnd.sealed.tiff stif +application/vnd.sealed.xls sxls sxl s1e +# stm: audio/x-stm +application/vnd.sealedmedia.softseal.html stml s1h +application/vnd.sealedmedia.softseal.pdf spdf spd s1a +application/vnd.seemail see +application/vnd.sema sema +application/vnd.semd semd +application/vnd.semf semf +application/vnd.shana.informed.formdata ifm +application/vnd.shana.informed.formtemplate itp +application/vnd.shana.informed.interchange iif +application/vnd.shana.informed.package ipk +application/vnd.SimTech-MindMapper twd twds +application/vnd.smaf mmf +application/vnd.smart.teacher teacher +application/vnd.software602.filler.form+xml fo +application/vnd.software602.filler.form-xml-zip zfo +application/vnd.solent.sdkm+xml sdkm sdkd +application/vnd.spotfire.dxp dxp +application/vnd.spotfire.sfs sfs +application/vnd.sss-cod +application/vnd.sss-dtf +application/vnd.sss-ntf +application/vnd.street-stream +application/vnd.sun.wadl+xml wadl +application/vnd.sus-calendar sus susp +application/vnd.svd +application/vnd.swiftview-ics +application/vnd.syncml.dm.notification +application/vnd.syncml.ds.notification +application/vnd.syncml.dm+wbxml bdm +application/vnd.syncml.dm+xml xdm +application/vnd.syncml+xml xsm +application/vnd.tao.intent-module-archive tao +application/vnd.tmobile-livetv tmo +application/vnd.trid.tpt tpt +application/vnd.triscape.mxs mxs +application/vnd.trueapp tra +application/vnd.truedoc +application/vnd.ufdl ufdl ufd frm +application/vnd.uiq.theme utz +application/vnd.umajin umj +application/vnd.unity unityweb +application/vnd.uoml+xml uoml uo +application/vnd.uplanet.alert +application/vnd.uplanet.alert-wbxml +application/vnd.uplanet.bearer-choice +application/vnd.uplanet.bearer-choice-wbxml +application/vnd.uplanet.cacheop +application/vnd.uplanet.cacheop-wbxml +application/vnd.uplanet.channel +application/vnd.uplanet.channel-wbxml +application/vnd.uplanet.list +application/vnd.uplanet.list-wbxml +application/vnd.uplanet.listcmd +application/vnd.uplanet.listcmd-wbxml +application/vnd.uplanet.signal +application/vnd.vcx vcx +# sxi: application/vnd.sun.xml.impress +application/vnd.vd-study mxi study-inter model-inter +# mcd: application/vnd.mcd +application/vnd.vectorworks vwx +application/vnd.vidsoft.vidconference vsc +application/vnd.visio vsd vst vsw vss +application/vnd.visionary vis +# vsc: application/vnd.vidsoft.vidconference +application/vnd.vividence.scriptfile +application/vnd.vsf vsf +application/vnd.wap.sic sic +application/vnd.wap.slc slc +application/vnd.wap.wbxml wbxml +application/vnd.wap.wmlc wmlc +application/vnd.wap.wmlscriptc wmlsc +application/vnd.webturbo wtb +application/vnd.wfa.wsc wsc +application/vnd.wmc wmc +application/vnd.wmf.bootstrap +# nb: application/mathematica for now +application/vnd.wolfram.mathematica +application/vnd.wolfram.mathematica.package m +application/vnd.wolfram.player nbp +application/vnd.wordperfect wpd +application/vnd.wqd wqd +application/vnd.wrq-hp3000-labelled +application/vnd.wt.stf stf +application/vnd.wv.csp+xml +application/vnd.wv.csp+wbxml wv +application/vnd.wv.ssp+xml +application/vnd.xara xar +application/vnd.xfdl xfdl xfd +application/vnd.xfdl.webform +application/vnd.xmi+xml +application/vnd.xmpie.cpkg cpkg +application/vnd.xmpie.dpkg dpkg +# dpkg: application/vnd.xmpie.dpkg +application/vnd.xmpie.plan +application/vnd.xmpie.ppkg ppkg +application/vnd.xmpie.xlim xlim +application/vnd.yamaha.hv-dic hvd +application/vnd.yamaha.hv-script hvs +application/vnd.yamaha.hv-voice hvp +application/vnd.yamaha.openscoreformat osf +application/vnd.yamaha.openscoreformat.osfpvg+xml +application/vnd.yamaha.smaf-audio saf +application/vnd.yamaha.smaf-phrase spf +application/vnd.yellowriver-custom-menu cmp +application/vnd.zul zir zirz +application/vnd.zzazz.deck+xml zaz +application/voicexml+xml vxml +application/watcherinfo+xml wif +application/whoispp-query +application/whoispp-response +application/wita +application/wordperfect5.1 +application/wsdl+xml wsdl +application/wspolicy+xml wspolicy +application/x400-bp +application/xcap-att+xml xav +application/xcap-caps+xml xca +application/xcap-el+xml xel +application/xcap-error+xml xer +application/xcap-ns+xml xns +application/xcon-conference-info-diff+xml +application/xcon-conference-info+xml +application/xenc+xml +application/xhtml+xml xhtml xhtm xht +# application/xhtml-voice+xml obsoleted by application/xv+xml +# xml: text/xml +application/xml +# mod: audio/x-mod +application/xml-dtd dtd +# ent: text/xml-external-parsed-entity +application/xml-external-parsed-entity +application/xmpp+xml +application/xop+xml xop +application/xslt+xml xsl xslt +application/xv+xml mxml xhvml xvml xvm +application/zip zip +audio/32kadpcm 726 +# 3gp, 3gpp: video/3gpp +audio/3gpp +# 3g2, 3gpp2: video/3gpp2 +audio/3gpp2 +audio/ac3 ac3 +audio/AMR amr +audio/AMR-WB awb +audio/amr-wb+ +audio/asc +# aa3, omg: audio/ATRAC3 +audio/ATRAC-ADVANCED-LOSSLESS aal +# aa3, omg: audio/ATRAC3 +audio/ATRAC-X atx +audio/ATRAC3 at3 aa3 omg +audio/basic au snd +audio/BV16 +audio/BV32 +audio/clearmode +audio/CN +audio/DAT12 +audio/dls dls +audio/dsr-es201108 +audio/dsr-es202050 +audio/dsr-es202211 +audio/dsr-es202212 +audio/DVI4 +audio/eac3 +audio/EVRC evc +# qcp: audio/qcelp +audio/EVRC-QCP +audio/EVRC0 +audio/EVRC1 +audio/EVRCB evb +audio/EVRCB0 +audio/EVRCWB evw +audio/EVRCWB0 +audio/EVRCWB1 +audio/G719 +audio/G722 +audio/G7221 +audio/G723 +audio/G726-16 +audio/G726-24 +audio/G726-32 +audio/G726-40 +audio/G728 +audio/G729 +audio/G7291 +audio/G729D +audio/G729E +audio/GSM +audio/GSM-EFR +audio/iLBC lbc +# wav: audio/wav +audio/L16 l16 +audio/L20 +audio/L24 +audio/L8 +audio/LPC +audio/mobile-xmf mxmf +# mp4, mpg4: video/mp4, see RFC 4337 +audio/mp4 +audio/MP4A-LATM +audio/MPA +audio/mpa-robust +audio/mpeg mpga mp1 mp2 mp3 +audio/mpeg4-generic +audio/ogg oga ogg spx +audio/parityfec +audio/PCMA +audio/PCMA-WB +audio/PCMU +audio/PCMU-WB +audio/prs.sid sid psid +audio/qcelp qcp +audio/RED +audio/rtp-enc-aescm128 +audio/rtp-midi +audio/rtx +audio/SMV smv +# qcp: audio/qcelp, see RFC 3625 +audio/SMV-QCP +audio/SMV0 +# mid: audio/midi +audio/sp-midi +audio/speex +audio/t140c +audio/t38 +audio/telephone-event +audio/tone +audio/UEMCLIP +audio/ulpfec +audio/VDVI +audio/VMR-WB +audio/vnd.3gpp.iufp +audio/vnd.4SB +audio/vnd.audikoz koz +audio/vnd.CELP +audio/vnd.cisco.nse +audio/vnd.cmles.radio-events +audio/vnd.cns.anp1 +audio/vnd.cns.inf1 +audio/vnd.digital-winds eol +audio/vnd.dlna.adts +audio/vnd.dolby.heaac.1 +audio/vnd.dolby.heaac.2 +audio/vnd.dolby.mlp mlp +audio/vnd.dolby.mps +audio/vnd.dolby.pl2 +audio/vnd.dolby.pl2x +audio/vnd.dolby.pl2z +audio/vnd.dolby.pulse.1 +audio/vnd.dra +# wav: audio/wav, cpt: application/mac-compactpro +audio/vnd.dts dts +audio/vnd.dts.hd dtshd +audio/vnd.everad.plj plj +# rm: audio/x-pn-realaudio +audio/vnd.hns.audio +audio/vnd.lucent.voice lvp +audio/vnd.ms-playready.media.pya pya +# mxmf: audio/mobile-xmf +audio/vnd.nokia.mobile-xmf +audio/vnd.nortel.vbk vbk +audio/vnd.nuera.ecelp4800 ecelp4800 +audio/vnd.nuera.ecelp7470 ecelp7470 +audio/vnd.nuera.ecelp9600 ecelp9600 +audio/vnd.octel.sbc +# audio/vnd.qcelp deprecated in favour of audio/qcelp +audio/vnd.rhetorex.32kadpcm +audio/vnd.sealedmedia.softseal.mpeg smp3 smp s1m +audio/vnd.vmx.cvsd +audio/vorbis +audio/vorbis-config +image/cgm +image/fits fits fit fts +image/g3fax +image/gif gif +image/ief ief +image/jp2 jp2 jpg2 +image/jpeg jpeg jpg jpe jfif +image/jpm jpm jpgm +image/jpx jpx jpf +image/naplps +image/png png +image/prs.btif btif btf +image/prs.pti pti +image/t38 t38 +image/tiff tiff tif +image/tiff-fx tfx +image/vnd.adobe.photoshop psd +image/vnd.cns.inf2 +image/vnd.djvu djvu djv +image/vnd.dwg +image/vnd.dxf dxf +image/vnd.fastbidsheet fbs +image/vnd.fpx fpx +image/vnd.fst fst +image/vnd.fujixerox.edmics-mmr mmr +image/vnd.fujixerox.edmics-rlc rlc +image/vnd.globalgraphics.pgb pgb +image/vnd.microsoft.icon ico +image/vnd.mix +image/vnd.ms-modi mdi +image/vnd.net-fpx +image/vnd.radiance hdr rgbe xyze +image/vnd.sealed.png spng spn s1n +image/vnd.sealedmedia.softseal.gif sgif sgi s1g +image/vnd.sealedmedia.softseal.jpg sjpg sjp s1j +image/vnd.svf +image/vnd.wap.wbmp wbmp +image/vnd.xiff xif +message/CPIM +message/delivery-status +message/disposition-notification +message/external-body +message/global u8msg +message/global-delivery-status u8dsn +message/global-disposition-notification u8mdn +message/global-headers u8hdr +message/http +# cl: application/simple-filter+xml +message/imdn+xml +# message/news obsoleted by message/rfc822 +message/partial +message/rfc822 eml mail art +message/s-http +message/sip +message/sipfrag +message/tracking-status +message/vnd.si.simp +model/iges igs iges +model/mesh msh mesh silo +model/vnd.dwf dwf +# 3dml, 3dm: text/vnd.in3d.3dml +model/vnd.flatland.3dml +model/vnd.gdl gdl gsm win dor lmp rsm msm ism +model/vnd.gs-gdl +model/vnd.gtw gtw +model/vnd.moml+xml moml +model/vnd.mts mts +model/vnd.parasolid.transmit.binary x_b xmt_bin +model/vnd.parasolid.transmit.text x_t xmt_txt +model/vnd.vtu vtu +model/vrml wrl vrml +multipart/alternative +multipart/appledouble +multipart/byteranges +multipart/digest +multipart/encrypted +multipart/form-data +multipart/header-set +multipart/mixed +multipart/parallel +multipart/related +multipart/report +multipart/signed +multipart/voice-message vpm +text/calendar ics ifb +text/css css +text/csv csv +text/directory +text/dns soa zone +# text/ecmascript obsoleted by application/ecmascript +text/enriched +text/html html htm +# obsoleted by application/javascript +text/javascript js +text/parityfec +text/plain asc txt text pm el c h cc hh cxx hxx f90 +text/prs.fallenstein.rst rst +text/prs.lines.tag tag dsc +text/RED +text/rfc822-headers +text/richtext rtx +# rtf: application/rtf +text/rtf +text/rtp-enc-aescm128 +text/rtx +text/sgml sgml sgm +text/t140 +text/tab-separated-values tsv +text/troff +text/ulpfec +text/uri-list uris uri +text/vnd.abc abc +# curl: application/vnd.curl +text/vnd.curl +text/vnd.DMClientScript dms +text/vnd.esmertec.theme-descriptor jtd +text/vnd.fly fly +text/vnd.fmi.flexstor flx +text/vnd.graphviz gv dot +text/vnd.in3d.3dml 3dml 3dm +text/vnd.in3d.spot spot spo +text/vnd.IPTC.NewsML +text/vnd.IPTC.NITF +text/vnd.latex-z +text/vnd.motorola.reflex +text/vnd.ms-mediapackage mpf +text/vnd.net2phone.commcenter.command ccc +text/vnd.radisys.msml-basic-layout +text/vnd.si.uricatalogue uric +text/vnd.sun.j2me.app-descriptor jad +text/vnd.trolltech.linguist ts +text/vnd.wap.si si +text/vnd.wap.sl sl +text/vnd.wap.wml wml +text/vnd.wap.wmlscript wmls +text/xml xml +text/xml-external-parsed-entity ent +video/3gpp 3gp 3gpp +video/3gpp2 3g2 3gpp2 +video/3gpp-tt +video/BMPEG +video/BT656 +video/CelB +video/DV +video/H261 +video/H263 +video/H263-1998 +video/H263-2000 +video/H264 +video/JPEG +video/jpeg2000 +video/mj2 mj2 mjp2 +video/MP1S +video/MP2P +video/MP2T +video/mp4 mp4 mpg4 +video/MP4V-ES +video/mpeg mpeg mpg mpe +video/mpeg4-generic +video/MPV +video/nv +video/ogg ogv +video/parityfec +video/pointer +video/quicktime qt mov +video/raw +video/rtp-enc-aescm128 +video/rtx +video/SMPTE292M +video/ulpfec +video/vc1 +video/vnd.CCTV +video/vnd.dlna.mpeg-tts +video/vnd.fvt fvt +# rm: audio/x-pn-realaudio +video/vnd.hns.video +video/vnd.iptvforum.1dparityfec-1010 +video/vnd.iptvforum.1dparityfec-2005 +video/vnd.iptvforum.2dparityfec-1010 +video/vnd.iptvforum.2dparityfec-2005 +video/vnd.iptvforum.ttsavc +video/vnd.iptvforum.ttsmpeg2 +video/vnd.motorola.video +video/vnd.motorola.videop +video/vnd.mpegurl mxu m4u +video/vnd.ms-playready.media.pyv pyv +video/vnd.nokia.interleaved-multimedia nim +video/vnd.nokia.videovoip +# mp4: video/mp4 +video/vnd.objectvideo +video/vnd.sealed.mpeg1 smpg s11 +# smpg: video/vnd.sealed.mpeg1 +video/vnd.sealed.mpeg4 s14 +video/vnd.sealed.swf sswf ssw +video/vnd.sealedmedia.softseal.mov smov smo s1q +video/vnd.vivo + +# Non-IANA types + +application/mac-compactpro cpt +application/mathml+xml mml +application/metalink+xml metalink +application/rss+xml rss +application/vnd.ms-excel.addin.macroEnabled.12 xlam +application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb +application/vnd.ms-excel.sheet.macroEnabled.12 xlsm +application/vnd.ms-excel.template.macroEnabled.12 xltm +application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam +application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm +application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm +application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm +application/vnd.ms-powerpoint.template.macroEnabled.12 potm +application/vnd.ms-word.document.macroEnabled.12 docm +application/vnd.ms-word.template.macroEnabled.12 dotm +application/vnd.oma.dd+xml dd +application/vnd.oma.drm.content dcf +# odf: application/vnd.oasis.opendocument.formula +application/vnd.oma.drm.dcf o4a o4v +application/vnd.oma.drm.message dm +application/vnd.oma.drm.rights+wbxml drc +application/vnd.oma.drm.rights+xml dr +application/vnd.openxmlformats-officedocument.presentationml.presentation pptx +application/vnd.openxmlformats-officedocument.presentationml.slide sldx +application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx +application/vnd.openxmlformats-officedocument.presentationml.template potx +application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx +application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx +application/vnd.openxmlformats-officedocument.wordprocessingml.document docx +application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx +application/vnd.sun.xml.calc sxc +application/vnd.sun.xml.calc.template stc +application/vnd.sun.xml.draw sxd +application/vnd.sun.xml.draw.template std +application/vnd.sun.xml.impress sxi +application/vnd.sun.xml.impress.template sti +application/vnd.sun.xml.math sxm +application/vnd.sun.xml.writer sxw +application/vnd.sun.xml.writer.global sxg +application/vnd.sun.xml.writer.template stw +application/vnd.symbian.install sis +application/vnd.wap.mms-message mms +application/x-bcpio bcpio +application/x-bittorrent torrent +application/x-bzip2 bz2 +application/x-cdlink vcd +application/x-chess-pgn pgn +application/x-cpio cpio +application/x-csh csh +application/x-director dcr dir dxr +application/x-dvi dvi +application/x-futuresplash spl +application/x-gtar gtar +application/x-gzip gz tgz +application/x-hdf hdf +application/x-java-archive jar +application/x-java-jnlp-file jnlp +application/x-java-pack200 pack +application/x-killustrator kil +application/x-latex latex +application/x-netcdf nc cdf +application/x-perl pl +application/x-rpm rpm +application/x-sh sh +application/x-shar shar +application/x-shockwave-flash swf +application/x-stuffit sit +application/x-sv4cpio sv4cpio +application/x-sv4crc sv4crc +application/x-tar tar +application/x-tcl tcl +application/x-tex tex +application/x-texinfo texinfo texi +application/x-troff t tr roff +application/x-troff-man man 1 2 3 4 5 6 7 8 +application/x-troff-me me +application/x-troff-ms ms +application/x-ustar ustar +application/x-wais-source src +application/x-xz xz +audio/midi mid midi kar +audio/x-aiff aif aiff aifc +audio/x-mod mod ult uni m15 mtm 669 med +audio/x-mpegurl m3u +audio/x-ms-wax wax +audio/x-ms-wma wma +audio/x-pn-realaudio ram rm +audio/x-realaudio ra +audio/x-s3m s3m +audio/x-stm stm +audio/x-wav wav +chemical/x-xyz xyz +image/bmp bmp +image/svg+xml svg svgz +image/x-cmu-raster ras +image/x-portable-anymap pnm +image/x-portable-bitmap pbm +image/x-portable-graymap pgm +image/x-portable-pixmap ppm +image/x-rgb rgb +image/x-targa tga +image/x-xbitmap xbm +image/x-xpixmap xpm +image/x-xwindowdump xwd +text/cache-manifest manifest +text/x-pod pod +text/x-setext etx +text/x-vcard vcf +video/webm webm +video/x-flv flv +video/x-ms-asf asx +video/x-ms-wm wm +video/x-ms-wmv wmv +video/x-ms-wmx wmx +video/x-ms-wvx wvx +video/x-msvideo avi +video/x-sgi-movie movie +x-conference/x-cooltalk ice +x-epoc/x-sisx-app sisx diff --git a/root/etc/e-smith/templates/etc/modprobe.d/bonding.conf/10bonding b/root/etc/e-smith/templates/etc/modprobe.d/bonding.conf/10bonding new file mode 100644 index 0000000..d0384be --- /dev/null +++ b/root/etc/e-smith/templates/etc/modprobe.d/bonding.conf/10bonding @@ -0,0 +1,5 @@ +{ + return "# Bonding is disabled" unless + (($InternalInterface{'NICBonding'} || 'disabled') eq 'enabled'); + $OUT .= "alias bond0 bonding"; +} diff --git a/root/etc/e-smith/templates/etc/nsswitch.conf/10files b/root/etc/e-smith/templates/etc/nsswitch.conf/10files new file mode 100644 index 0000000..b2e7724 --- /dev/null +++ b/root/etc/e-smith/templates/etc/nsswitch.conf/10files @@ -0,0 +1,13 @@ +passwd: { ($ldap{Authentication} || 'disabled') eq 'enabled' ? 'files ldap' : 'files' } +shadow: { ($ldap{Authentication} || 'disabled') eq 'enabled' ? 'files ldap' : 'files' } +group: { ($ldap{Authentication} || 'disabled') eq 'enabled' ? 'files ldap' : 'files' } +hosts: { ($AccessType eq "off") ? "files" : "files dns" } +services: files +networks: files +protocols: files +rpc: files +ethers: files +netmasks: files +bootparams: files +automount: files +aliases: files diff --git a/root/etc/e-smith/templates/etc/openssl.conf/05config b/root/etc/e-smith/templates/etc/openssl.conf/05config new file mode 100644 index 0000000..abd156e --- /dev/null +++ b/root/etc/e-smith/templates/etc/openssl.conf/05config @@ -0,0 +1,38 @@ +{ +# use Data::Validate::IP; + use Net::IP qw(ip_is_ipv4 ip_is_ipv6); + our $KeySize = $modSSL{KeySize} ||'4096'; + our $FQDN = "$SystemName.$DomainName"; + our $Country = $modSSL{Country} || "--"; + our $State = $modSSL{State} || "----"; + our $commonName = $modSSL{CommonName} || $FQDN; + our $crt = "/home/e-smith/ssl.crt/$FQDN.crt"; + our $key = "/home/e-smith/ssl.key/$FQDN.key"; + our $defaultCity = $ldap{defaultCity} || '-'; + our $defaultCompany = $ldap{defaultCompany} || $commonName ; + our $defaultDepartment = $ldap{defaultDepartment} || '-'; + our $email = "admin\@$DomainName"; + our @subjectAlt = `/sbin/e-smith/generate-subjectaltnames`; + chomp @subjectAlt; + our $subjectAltName = ""; + my $i=0; + for my $elem (@subjectAlt) { + $subjectAltName .= ", " if $i>0; + $i++; + if (ip_is_ipv4($elem) || ip_is_ipv6($elem) ){ + $subjectAltName .= "IP:$elem"; + next; + } + $subjectAltName .= "DNS:$elem"; + } + $subjectAltName = ( $subjectAltName eq "DNS: ")? "": $subjectAltName; + + # crop fields that are too long for X509: + $Country = substr($Country, 0, 2); + $defaultCity = substr($defaultCity, 0, 128); + $defaultCompany = substr($defaultCompany, 0, 64); + $defaultDepartment = substr($defaultDepartment, 0, 64); + $email = substr($email, 0, 64); + $commonName = substr($commonName, 0, 64); + $OUT=""; +} diff --git a/root/etc/e-smith/templates/etc/openssl.conf/40req b/root/etc/e-smith/templates/etc/openssl.conf/40req new file mode 100644 index 0000000..e02071e --- /dev/null +++ b/root/etc/e-smith/templates/etc/openssl.conf/40req @@ -0,0 +1,10 @@ +[ req ] +default_bits = {$KeySize} +prompt = no +default_md = sha256 +default_keyfile = {$key} +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca +req_extensions = v3_req + diff --git a/root/etc/e-smith/templates/etc/openssl.conf/45req_distinguished_name b/root/etc/e-smith/templates/etc/openssl.conf/45req_distinguished_name new file mode 100644 index 0000000..982a6e7 --- /dev/null +++ b/root/etc/e-smith/templates/etc/openssl.conf/45req_distinguished_name @@ -0,0 +1,9 @@ +[ req_distinguished_name ] +C = {$Country} +ST = {$State} +L = {$defaultCity} +O = {$defaultCompany} +OU = {$defaultDepartment} +CN = {$commonName} +emailAddress = {$email} + diff --git a/root/etc/e-smith/templates/etc/openssl.conf/47req_attributes b/root/etc/e-smith/templates/etc/openssl.conf/47req_attributes new file mode 100644 index 0000000..4669b50 --- /dev/null +++ b/root/etc/e-smith/templates/etc/openssl.conf/47req_attributes @@ -0,0 +1,3 @@ +[ req_attributes ] + + diff --git a/root/etc/e-smith/templates/etc/openssl.conf/50v3_req b/root/etc/e-smith/templates/etc/openssl.conf/50v3_req new file mode 100644 index 0000000..66b78f5 --- /dev/null +++ b/root/etc/e-smith/templates/etc/openssl.conf/50v3_req @@ -0,0 +1,3 @@ +[ v3_req ] +subjectAltName = {$subjectAltName} + diff --git a/root/etc/e-smith/templates/etc/openssl.conf/60v3_ca b/root/etc/e-smith/templates/etc/openssl.conf/60v3_ca new file mode 100644 index 0000000..4c19eb4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/openssl.conf/60v3_ca @@ -0,0 +1,5 @@ +[ v3_ca ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = CA:true + diff --git a/root/etc/e-smith/templates/etc/pam.d/imap/template-begin b/root/etc/e-smith/templates/etc/pam.d/imap/template-begin new file mode 120000 index 0000000..7de688d --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/imap/template-begin @@ -0,0 +1 @@ +/etc/e-smith/templates-default/template-begin-pam \ No newline at end of file diff --git a/root/etc/e-smith/templates/etc/pam.d/login/20auth b/root/etc/e-smith/templates/etc/pam.d/login/20auth new file mode 100644 index 0000000..475052d --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/login/20auth @@ -0,0 +1,5 @@ +auth required pam_securetty.so +auth { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } +auth required pam_nologin.so diff --git a/root/etc/e-smith/templates/etc/pam.d/login/30account b/root/etc/e-smith/templates/etc/pam.d/login/30account new file mode 100644 index 0000000..6b209c2 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/login/30account @@ -0,0 +1,3 @@ +account { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } diff --git a/root/etc/e-smith/templates/etc/pam.d/login/40password b/root/etc/e-smith/templates/etc/pam.d/login/40password new file mode 100644 index 0000000..3025f3e --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/login/40password @@ -0,0 +1,3 @@ +password { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } diff --git a/root/etc/e-smith/templates/etc/pam.d/login/50session b/root/etc/e-smith/templates/etc/pam.d/login/50session new file mode 100644 index 0000000..038d656 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/login/50session @@ -0,0 +1,5 @@ +session { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } +session required pam_loginuid.so +session optional pam_console.so diff --git a/root/etc/e-smith/templates/etc/pam.d/login/template-begin b/root/etc/e-smith/templates/etc/pam.d/login/template-begin new file mode 120000 index 0000000..7de688d --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/login/template-begin @@ -0,0 +1 @@ +/etc/e-smith/templates-default/template-begin-pam \ No newline at end of file diff --git a/root/etc/e-smith/templates/etc/pam.d/passwd/10auth b/root/etc/e-smith/templates/etc/pam.d/passwd/10auth new file mode 100644 index 0000000..eb305a1 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/passwd/10auth @@ -0,0 +1,3 @@ +auth { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } diff --git a/root/etc/e-smith/templates/etc/pam.d/passwd/20account b/root/etc/e-smith/templates/etc/pam.d/passwd/20account new file mode 100644 index 0000000..6b209c2 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/passwd/20account @@ -0,0 +1,3 @@ +account { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } diff --git a/root/etc/e-smith/templates/etc/pam.d/passwd/40password b/root/etc/e-smith/templates/etc/pam.d/passwd/40password new file mode 100644 index 0000000..3025f3e --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/passwd/40password @@ -0,0 +1,3 @@ +password { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } diff --git a/root/etc/e-smith/templates/etc/pam.d/passwd/template-begin b/root/etc/e-smith/templates/etc/pam.d/passwd/template-begin new file mode 120000 index 0000000..7de688d --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/passwd/template-begin @@ -0,0 +1 @@ +/etc/e-smith/templates-default/template-begin-pam \ No newline at end of file diff --git a/root/etc/e-smith/templates/etc/pam.d/pop/00README b/root/etc/e-smith/templates/etc/pam.d/pop/00README new file mode 100644 index 0000000..31e5a43 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/pop/00README @@ -0,0 +1 @@ +# The imap restrictions are also applied to the POP server diff --git a/root/etc/e-smith/templates/etc/pam.d/pwauth/20auth b/root/etc/e-smith/templates/etc/pam.d/pwauth/20auth new file mode 100644 index 0000000..87e6b3d --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/pwauth/20auth @@ -0,0 +1,4 @@ +auth { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } +auth required pam_nologin.so diff --git a/root/etc/e-smith/templates/etc/pam.d/pwauth/30account b/root/etc/e-smith/templates/etc/pam.d/pwauth/30account new file mode 100644 index 0000000..6b209c2 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/pwauth/30account @@ -0,0 +1,3 @@ +account { -f "/lib/security/pam_pwdb.so" || + -f "/lib64/security/pam_pwdb.so" ? "required pam_stack.so service=system-auth" : + "include system-auth" } diff --git a/root/etc/e-smith/templates/etc/pam.d/pwauth/template-begin b/root/etc/e-smith/templates/etc/pam.d/pwauth/template-begin new file mode 120000 index 0000000..7de688d --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/pwauth/template-begin @@ -0,0 +1 @@ +/etc/e-smith/templates-default/template-begin-pam \ No newline at end of file diff --git a/root/etc/e-smith/templates/etc/pam.d/system-auth/20auth b/root/etc/e-smith/templates/etc/pam.d/system-auth/20auth new file mode 100644 index 0000000..e0d88ba --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/system-auth/20auth @@ -0,0 +1,19 @@ +{ + my $status = $pam_tally{status} || 'disabled'; + return unless $status eq 'enabled'; + $OUT .= "auth required pam_tally.so onerr=fail no_magic_root"; +} +auth required pam_env.so +{ + my $status = $pam_abl{status} || 'disabled'; + return unless $status eq 'enabled'; + $OUT .= "auth required pam_abl.so config=/etc/security/pam_abl.conf"; +} +auth sufficient pam_unix.so likeauth nullok +{ + my $status = $ldap{Authentication} || 'disabled'; + return unless $status eq 'enabled'; + $OUT .= "auth sufficient pam_ldap.so use_first_pass"; +} +auth required pam_deny.so + diff --git a/root/etc/e-smith/templates/etc/pam.d/system-auth/30account b/root/etc/e-smith/templates/etc/pam.d/system-auth/30account new file mode 100644 index 0000000..7948721 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/system-auth/30account @@ -0,0 +1,13 @@ +account required pam_unix.so broken_shadow +account sufficient pam_succeed_if.so uid < 100 quiet +{ + my $status = $ldap{Authentication} || 'disabled'; + return unless $status eq 'enabled'; + $OUT .= "account [default=bad success=ok user_unknown=ignore] pam_ldap.so"; +} +account required pam_permit.so +{ + my $status = $pam_tally{status} || 'disabled'; + return unless $status eq 'enabled'; + $OUT .= "account required pam_tally.so deny=5 reset no_magic_root"; +} diff --git a/root/etc/e-smith/templates/etc/pam.d/system-auth/40password b/root/etc/e-smith/templates/etc/pam.d/system-auth/40password new file mode 100644 index 0000000..11c6f1a --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/system-auth/40password @@ -0,0 +1,8 @@ +password sufficient pam_unix.so nullok md5 shadow +{ + my $status = $ldap{Authentication} || 'disabled'; + return unless $status eq 'enabled'; + $OUT .= "password sufficient pam_ldap.so use_authtok"; +} +password required pam_deny.so + diff --git a/root/etc/e-smith/templates/etc/pam.d/system-auth/50session b/root/etc/e-smith/templates/etc/pam.d/system-auth/50session new file mode 100644 index 0000000..3e0d87e --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/system-auth/50session @@ -0,0 +1,7 @@ +session required pam_limits.so +session required pam_unix.so +{ + my $status = $ldap{Authentication} || 'disabled'; + return unless $status eq 'enabled'; + $OUT .= "session optional pam_ldap.so"; +} diff --git a/root/etc/e-smith/templates/etc/pam.d/system-auth/template-begin b/root/etc/e-smith/templates/etc/pam.d/system-auth/template-begin new file mode 120000 index 0000000..7de688d --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/system-auth/template-begin @@ -0,0 +1 @@ +/etc/e-smith/templates-default/template-begin-pam \ No newline at end of file diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/10ssl b/root/etc/e-smith/templates/etc/pam_ldap.conf/10ssl new file mode 100644 index 0000000..62d32da --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/10ssl @@ -0,0 +1,2 @@ +ssl no + diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/20pam_password b/root/etc/e-smith/templates/etc/pam_ldap.conf/20pam_password new file mode 100644 index 0000000..6fd07cc --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/20pam_password @@ -0,0 +1,5 @@ +pam_password exop +pam_filter objectclass=posixAccount +pam_login_attribute uid +pam_member_attribute memberuid + diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/30host b/root/etc/e-smith/templates/etc/pam_ldap.conf/30host new file mode 100644 index 0000000..baed78c --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/30host @@ -0,0 +1 @@ +host localhost diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/40base b/root/etc/e-smith/templates/etc/pam_ldap.conf/40base new file mode 100644 index 0000000..e657387 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/40base @@ -0,0 +1,3 @@ +{ + $OUT .= "base " . esmith::util::ldapBase ($DomainName); +} diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_group b/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_group new file mode 100644 index 0000000..9c1b0d4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_group @@ -0,0 +1,5 @@ +{ + $OUT .= "nss_base_group ou=Groups,"; + $OUT .= esmith::util::ldapBase ($DomainName); + $OUT .= "?one\n"; +} diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_passwd b/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_passwd new file mode 100644 index 0000000..24dccbf --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_passwd @@ -0,0 +1,10 @@ +{ + $OUT .= "nss_base_passwd ou=Users,"; + $OUT .= esmith::util::ldapBase ($DomainName); + $OUT .= '?one'; + $OUT .= "\n"; + $OUT .= "nss_base_passwd ou=Computers,"; + $OUT .= esmith::util::ldapBase ($DomainName); + $OUT .= '?one'; + $OUT .= "\n"; +} diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_shadow b/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_shadow new file mode 100644 index 0000000..173fddd --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_shadow @@ -0,0 +1,10 @@ +{ + $OUT .= "nss_base_shadow ou=Users,"; + $OUT .= esmith::util::ldapBase ($DomainName); + $OUT .= '?one'; + $OUT .= "\n"; + $OUT .= "nss_base_shadow ou=Computers,"; + $OUT .= esmith::util::ldapBase ($DomainName); + $OUT .= '?one'; + $OUT .= "\n"; +} diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/45rootbinddn b/root/etc/e-smith/templates/etc/pam_ldap.conf/45rootbinddn new file mode 100644 index 0000000..b935204 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/45rootbinddn @@ -0,0 +1,3 @@ +{ + $OUT .= "rootbinddn cn=root," . esmith::util::ldapBase ($DomainName); +} diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/55bind_policy b/root/etc/e-smith/templates/etc/pam_ldap.conf/55bind_policy new file mode 100644 index 0000000..9ef9124 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/55bind_policy @@ -0,0 +1,4 @@ +{ +# Allow read /etc/{passwd,groups,shadow} files when ldap is down. +} +bind_policy soft diff --git a/root/etc/e-smith/templates/etc/pam_ldap.conf/60ignore_initgroups b/root/etc/e-smith/templates/etc/pam_ldap.conf/60ignore_initgroups new file mode 100644 index 0000000..f1ce9dc --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.conf/60ignore_initgroups @@ -0,0 +1 @@ +nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm diff --git a/root/etc/e-smith/templates/etc/pam_ldap.secret/all b/root/etc/e-smith/templates/etc/pam_ldap.secret/all new file mode 100644 index 0000000..c9d83cd --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam_ldap.secret/all @@ -0,0 +1 @@ +{ esmith::util::LdapPassword (); } diff --git a/root/etc/e-smith/templates/etc/ppp/chap-secrets/05dialup-password b/root/etc/e-smith/templates/etc/ppp/chap-secrets/05dialup-password new file mode 100644 index 0000000..54954fb --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/chap-secrets/05dialup-password @@ -0,0 +1,8 @@ +{ + $OUT .= ""; + if ($AccessType eq "dialup") + { + $OUT .= "\"${DialupUserAccount}\""; + $OUT .= "\t*\t\"${DialupUserPassword}\""; + } +} diff --git a/root/etc/e-smith/templates/etc/ppp/chap-secrets/05pppoe-password b/root/etc/e-smith/templates/etc/ppp/chap-secrets/05pppoe-password new file mode 100644 index 0000000..9fefc13 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/chap-secrets/05pppoe-password @@ -0,0 +1,8 @@ +{ + $OUT .= ""; + my $pppoe_status = $pppoe{"status"} || "disabled"; + if ($pppoe_status eq "enabled") + { + $OUT .= "\"${DialupUserAccount}\"\t*\t\"${DialupUserPassword}\""; + } +} diff --git a/root/etc/e-smith/templates/etc/ppp/ioptions/00device b/root/etc/e-smith/templates/etc/ppp/ioptions/00device new file mode 100644 index 0000000..4fdc567 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/ioptions/00device @@ -0,0 +1 @@ +/dev/ippp0 diff --git a/root/etc/e-smith/templates/etc/ppp/ip-down.local/signal-event b/root/etc/e-smith/templates/etc/ppp/ip-down.local/signal-event new file mode 100644 index 0000000..b3a665f --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/ip-down.local/signal-event @@ -0,0 +1,10 @@ + +#-------------------------------------------------- +# Run these commands whenever a PPP connection closes +#-------------------------------------------------- + +# Set the umask to create world readable files by default - we +# inherit umask of 077, it seems +umask 022 + +/usr/bin/chpst -l /var/lock/subsys/ip-down.local /sbin/e-smith/signal-event ip-down "$@" diff --git a/root/etc/e-smith/templates/etc/ppp/ip-up.local/10setup b/root/etc/e-smith/templates/etc/ppp/ip-up.local/10setup new file mode 100644 index 0000000..e98e42f --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/ip-up.local/10setup @@ -0,0 +1,11 @@ +# Args are: +#interface-name tty-device speed local-IP-address remote-IP-address ipparam + +#-------------------------------------------------- +# Run these commands whenever a PPP connection is established. +#-------------------------------------------------- +IPPARAM=$6 +NEWIP=$4 +EXTERNALIP=$(/sbin/e-smith/config get ExternalIP) +LOCALIP=$(/sbin/e-smith/config get LocalIP) + diff --git a/root/etc/e-smith/templates/etc/ppp/ip-up.local/15umask b/root/etc/e-smith/templates/etc/ppp/ip-up.local/15umask new file mode 100644 index 0000000..9e8ddc0 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/ip-up.local/15umask @@ -0,0 +1,4 @@ +# Set the umask to create world readable files by default - we +# inherit umask of 077, it seems +umask 022 + diff --git a/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam00startcase b/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam00startcase new file mode 100644 index 0000000..74aeada --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam00startcase @@ -0,0 +1 @@ +case $IPPARAM in diff --git a/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam90other b/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam90other new file mode 100644 index 0000000..d719430 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam90other @@ -0,0 +1,8 @@ + wan) + case $NEWIP in + $EXTERNALIP) ;; # No ip change - short-circuit + *) /sbin/e-smith/signal-event ip-change $4 + esac + + /sbin/e-smith/signal-event ip-up "$@" + ;; diff --git a/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam99endcase b/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam99endcase new file mode 100644 index 0000000..36bdc65 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam99endcase @@ -0,0 +1 @@ +esac diff --git a/root/etc/e-smith/templates/etc/ppp/options/lcp-echo-options b/root/etc/e-smith/templates/etc/ppp/options/lcp-echo-options new file mode 100644 index 0000000..87f0e72 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/options/lcp-echo-options @@ -0,0 +1,2 @@ +lcp-echo-interval { $pppoe{lcpEchoInterval} || '30' } +lcp-echo-failure { $pppoe{lcpEchoFailure} || '2' } diff --git a/root/etc/e-smith/templates/etc/ppp/pap-secrets/05dialup-password b/root/etc/e-smith/templates/etc/ppp/pap-secrets/05dialup-password new file mode 100644 index 0000000..48d1a40 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/pap-secrets/05dialup-password @@ -0,0 +1,16 @@ +{ + $OUT .= ""; + if ($AccessType eq "dialup") + { + if ($DialupModemDevice eq '/dev/ttyI0') + { + # ipppd has a problem with "" around username + $OUT .= "${DialupUserAccount}"; + } + else + { + $OUT .= "\"${DialupUserAccount}\""; + } + $OUT .= "\t*\t\"${DialupUserPassword}\""; + } +} diff --git a/root/etc/e-smith/templates/etc/ppp/pap-secrets/05pppoe-password b/root/etc/e-smith/templates/etc/ppp/pap-secrets/05pppoe-password new file mode 100644 index 0000000..9fefc13 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ppp/pap-secrets/05pppoe-password @@ -0,0 +1,8 @@ +{ + $OUT .= ""; + my $pppoe_status = $pppoe{"status"} || "disabled"; + if ($pppoe_status eq "enabled") + { + $OUT .= "\"${DialupUserAccount}\"\t*\t\"${DialupUserPassword}\""; + } +} diff --git a/root/etc/e-smith/templates/etc/resolv.conf/10domain b/root/etc/e-smith/templates/etc/resolv.conf/10domain new file mode 100644 index 0000000..6f2e1e2 --- /dev/null +++ b/root/etc/e-smith/templates/etc/resolv.conf/10domain @@ -0,0 +1,3 @@ +{ + $OUT .= "domain $DomainName"; +} diff --git a/root/etc/e-smith/templates/etc/resolv.conf/30timeout b/root/etc/e-smith/templates/etc/resolv.conf/30timeout new file mode 100644 index 0000000..9580ca5 --- /dev/null +++ b/root/etc/e-smith/templates/etc/resolv.conf/30timeout @@ -0,0 +1,8 @@ +{ + # The default resolver timeout of five seconds is way too + # short for modem dial-on-demand links + $OUT = ($SystemMode =~ 'servergateway' && + $AccessType eq 'dialup' && + $DialupModemDevice =~ /ttyS/) ? + "options timeout:50" : ""; +} diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/00filenames b/root/etc/e-smith/templates/etc/rsyslog.conf/00filenames new file mode 100644 index 0000000..79fa544 --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/00filenames @@ -0,0 +1,9 @@ +{ + $messages = "/var/log/messages"; + $bootlog = "/var/log/boot.log"; + $secure = "/var/log/secure"; + $cron = "/var/log/cron"; + $spooler = "/var/log/spooler"; + $maillog = "/var/log/maillog"; + ""; +} diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/10modules b/root/etc/e-smith/templates/etc/rsyslog.conf/10modules new file mode 100644 index 0000000..9d9601b --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/10modules @@ -0,0 +1,14 @@ +{ +# provides support for local system logging (e.g. via logger command) +} +$ModLoad imuxsock +{ +# provides kernel logging support (previously done by rklogd) +} +$ModLoad imklog +{ +# provides getting logs from journald +} +$ModLoad imjournal + + diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/11imjournal b/root/etc/e-smith/templates/etc/rsyslog.conf/11imjournal new file mode 100644 index 0000000..534780d --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/11imjournal @@ -0,0 +1,8 @@ +{ +# configuration for imjournal to import journald log +} +$ImjournalIgnorePreviousMessages on +$OmitLocalLogging off +$IMJournalStateFile imjournal.state +$SystemLogSocketName /run/systemd/journal/syslog +$ImjournalRateLimitInterval 0 diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/20rateLimit b/root/etc/e-smith/templates/etc/rsyslog.conf/20rateLimit new file mode 100644 index 0000000..76f56af --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/20rateLimit @@ -0,0 +1,6 @@ +{ +# Don't be as aggressive on rate limiting of messages +} +$SystemLogRateLimitInterval 0 +$SystemLogRateLimitBurst 0 +$MaxOpenFiles 4096 diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/30global b/root/etc/e-smith/templates/etc/rsyslog.conf/30global new file mode 100644 index 0000000..8830edc --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/30global @@ -0,0 +1,5 @@ +{ +# Use default timestamp format +} +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat +$SpaceLFOnReceive on diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/32dhcpd b/root/etc/e-smith/templates/etc/rsyslog.conf/32dhcpd new file mode 100644 index 0000000..d690750 --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/32dhcpd @@ -0,0 +1,4 @@ + +# dhcpd +:programname, isequal, "dhcpd" /var/log/dhcpd/dhcpd.log +& stop diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/32systemd b/root/etc/e-smith/templates/etc/rsyslog.conf/32systemd new file mode 100644 index 0000000..0abf073 --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/32systemd @@ -0,0 +1,4 @@ +# systemd +:programname, isequal, "systemd" { (($rsyslog{systemd} || "disabled") ne "enabled" )? "stop" : "/var/log/systemd.log +& stop" } + diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/40console b/root/etc/e-smith/templates/etc/rsyslog.conf/40console new file mode 100644 index 0000000..0aafa0b --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/40console @@ -0,0 +1,5 @@ +{ + my $e = $rsyslog{LogAll2VT6} || 'no'; + $OUT = ($e eq 'yes') ? + "# Log everything to /dev/tty6\n*.*\t/dev/tty6" : ""; +} diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/50info b/root/etc/e-smith/templates/etc/rsyslog.conf/50info new file mode 100644 index 0000000..f1dc251 --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/50info @@ -0,0 +1,6 @@ +{ +# Log anything (except mail) of level info or higher. +# Don't log private authentication messages! +} +*.info;mail.none;authpriv.none;cron.none { "${messages}" } + diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/55authpriv b/root/etc/e-smith/templates/etc/rsyslog.conf/55authpriv new file mode 100644 index 0000000..3d5a27d --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/55authpriv @@ -0,0 +1,4 @@ +{ +# The authpriv file has restricted access. +} +authpriv.* { "${secure}" } diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/60mail b/root/etc/e-smith/templates/etc/rsyslog.conf/60mail new file mode 100644 index 0000000..ff32273 --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/60mail @@ -0,0 +1,4 @@ +{ +# Log all the mail messages in one place. +} +mail.* -{ "${maillog}" } diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/65cron b/root/etc/e-smith/templates/etc/rsyslog.conf/65cron new file mode 100644 index 0000000..5ec58b3 --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/65cron @@ -0,0 +1,5 @@ +{ +# Log cron stuff +} +cron.* { "${cron}" } + diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/70emerg b/root/etc/e-smith/templates/etc/rsyslog.conf/70emerg new file mode 100644 index 0000000..edaa238 --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/70emerg @@ -0,0 +1,5 @@ +{ +# Everybody gets emergency messages +} +*.emerg :omusrmsg:* + diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/75news b/root/etc/e-smith/templates/etc/rsyslog.conf/75news new file mode 100644 index 0000000..40e2685 --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/75news @@ -0,0 +1,4 @@ +{ +# Save news errors of level crit and higher in a special file. +} +uucp,news.crit { "${spooler}" } diff --git a/root/etc/e-smith/templates/etc/rsyslog.conf/80local7 b/root/etc/e-smith/templates/etc/rsyslog.conf/80local7 new file mode 100644 index 0000000..66fa46f --- /dev/null +++ b/root/etc/e-smith/templates/etc/rsyslog.conf/80local7 @@ -0,0 +1,4 @@ +{ +# Save boot messages also to boot.log +} +local7.* { "${bootlog}" } diff --git a/root/etc/e-smith/templates/etc/securetty/serial-console b/root/etc/e-smith/templates/etc/securetty/serial-console new file mode 100644 index 0000000..27d06db --- /dev/null +++ b/root/etc/e-smith/templates/etc/securetty/serial-console @@ -0,0 +1,9 @@ +{ + $OUT = ''; + + my $status = ${'serial-console'}{status} || 'disabled'; + return unless $status eq 'enabled'; + + my $device = ${'serial-console'}{Device} || 'ttyS0'; + $OUT .= "$device"; +} diff --git a/root/etc/e-smith/templates/etc/securetty/template-begin b/root/etc/e-smith/templates/etc/securetty/template-begin new file mode 100644 index 0000000..bb475b8 --- /dev/null +++ b/root/etc/e-smith/templates/etc/securetty/template-begin @@ -0,0 +1,8 @@ +tty1 +tty2 +tty3 +tty4 +tty5 +tty6 +tty7 +tty8 diff --git a/root/etc/e-smith/templates/etc/securetty/xenU-console b/root/etc/e-smith/templates/etc/securetty/xenU-console new file mode 100644 index 0000000..4e3ae5c --- /dev/null +++ b/root/etc/e-smith/templates/etc/securetty/xenU-console @@ -0,0 +1,6 @@ +{ + $OUT = ''; + + return unless -d "/proc/xen" && ! -f "/proc/xen/xsd_kva"; + $OUT .= "xvc0"; +} diff --git a/root/etc/e-smith/templates/etc/security/pam_abl.conf/05debug b/root/etc/e-smith/templates/etc/security/pam_abl.conf/05debug new file mode 100644 index 0000000..d287cd3 --- /dev/null +++ b/root/etc/e-smith/templates/etc/security/pam_abl.conf/05debug @@ -0,0 +1 @@ +debug diff --git a/root/etc/e-smith/templates/etc/security/pam_abl.conf/10host_db b/root/etc/e-smith/templates/etc/security/pam_abl.conf/10host_db new file mode 100644 index 0000000..5bb7cac --- /dev/null +++ b/root/etc/e-smith/templates/etc/security/pam_abl.conf/10host_db @@ -0,0 +1 @@ +host_db=/var/run/abl/hosts.db diff --git a/root/etc/e-smith/templates/etc/security/pam_abl.conf/15host_purge b/root/etc/e-smith/templates/etc/security/pam_abl.conf/15host_purge new file mode 100644 index 0000000..411ac88 --- /dev/null +++ b/root/etc/e-smith/templates/etc/security/pam_abl.conf/15host_purge @@ -0,0 +1 @@ +host_purge=2d diff --git a/root/etc/e-smith/templates/etc/security/pam_abl.conf/20host_rule b/root/etc/e-smith/templates/etc/security/pam_abl.conf/20host_rule new file mode 100644 index 0000000..f02642d --- /dev/null +++ b/root/etc/e-smith/templates/etc/security/pam_abl.conf/20host_rule @@ -0,0 +1 @@ +host_rule=*:10/1h,30/1d diff --git a/root/etc/e-smith/templates/etc/security/pam_abl.conf/30user_db b/root/etc/e-smith/templates/etc/security/pam_abl.conf/30user_db new file mode 100644 index 0000000..968ed14 --- /dev/null +++ b/root/etc/e-smith/templates/etc/security/pam_abl.conf/30user_db @@ -0,0 +1 @@ +user_db=/var/run/abl/users.db diff --git a/root/etc/e-smith/templates/etc/security/pam_abl.conf/35user_purge b/root/etc/e-smith/templates/etc/security/pam_abl.conf/35user_purge new file mode 100644 index 0000000..7f30252 --- /dev/null +++ b/root/etc/e-smith/templates/etc/security/pam_abl.conf/35user_purge @@ -0,0 +1 @@ +user_purge=2d diff --git a/root/etc/e-smith/templates/etc/security/pam_abl.conf/40user_rules b/root/etc/e-smith/templates/etc/security/pam_abl.conf/40user_rules new file mode 100644 index 0000000..2886b48 --- /dev/null +++ b/root/etc/e-smith/templates/etc/security/pam_abl.conf/40user_rules @@ -0,0 +1 @@ +user_rule=!root:10/1h,30/1d diff --git a/root/etc/e-smith/templates/etc/selinux/config/DISABLED b/root/etc/e-smith/templates/etc/selinux/config/DISABLED new file mode 100644 index 0000000..cacc201 --- /dev/null +++ b/root/etc/e-smith/templates/etc/selinux/config/DISABLED @@ -0,0 +1 @@ +SELINUX=disabled diff --git a/root/etc/e-smith/templates/etc/services/10standard b/root/etc/e-smith/templates/etc/services/10standard new file mode 100644 index 0000000..1217cfb --- /dev/null +++ b/root/etc/e-smith/templates/etc/services/10standard @@ -0,0 +1,580 @@ +# /etc/services: +# $Id: services,v 1.40 2004/09/23 05:45:18 notting Exp $ +# +# Network services, Internet style +# +# Note that it is presently the policy of IANA to assign a single well-known +# port number for both TCP and UDP; hence, most entries here have two entries +# even if the protocol doesn't support UDP operations. +# Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports +# are included, only the more common ones. +# +# The latest IANA port assignments can be gotten from +# http://www.iana.org/assignments/port-numbers +# The Well Known Ports are those from 0 through 1023. +# The Registered Ports are those from 1024 through 49151 +# The Dynamic and/or Private Ports are those from 49152 through 65535 +# +# Each line describes one service, and is of the form: +# +# service-name port/protocol [aliases ...] [# comment] + +tcpmux 1/tcp # TCP port service multiplexer +tcpmux 1/udp # TCP port service multiplexer +rje 5/tcp # Remote Job Entry +rje 5/udp # Remote Job Entry +echo 7/tcp +echo 7/udp +discard 9/tcp sink null +discard 9/udp sink null +systat 11/tcp users +systat 11/udp users +daytime 13/tcp +daytime 13/udp +qotd 17/tcp quote +qotd 17/udp quote +msp 18/tcp # message send protocol +msp 18/udp # message send protocol +chargen 19/tcp ttytst source +chargen 19/udp ttytst source +ftp-data 20/tcp +ftp-data 20/udp +# 21 is registered to ftp, but also used by fsp +ftp 21/tcp +ftp 21/udp fsp fspd +ssh 22/tcp # SSH Remote Login Protocol +ssh 22/udp # SSH Remote Login Protocol +telnet 23/tcp +telnet 23/udp +# 24 - private mail system +lmtp 24/tcp # LMTP Mail Delivery +lmtp 24/udp # LMTP Mail Delivery +smtp 25/tcp mail +smtp 25/udp mail +time 37/tcp timserver +time 37/udp timserver +rlp 39/tcp resource # resource location +rlp 39/udp resource # resource location +nameserver 42/tcp name # IEN 116 +nameserver 42/udp name # IEN 116 +nicname 43/tcp whois +nicname 43/udp whois +tacacs 49/tcp # Login Host Protocol (TACACS) +tacacs 49/udp # Login Host Protocol (TACACS) +re-mail-ck 50/tcp # Remote Mail Checking Protocol +re-mail-ck 50/udp # Remote Mail Checking Protocol +domain 53/tcp # name-domain server +domain 53/udp +whois++ 63/tcp +whois++ 63/udp +bootps 67/tcp # BOOTP server +bootps 67/udp +bootpc 68/tcp # BOOTP client +bootpc 68/udp +tftp 69/tcp +tftp 69/udp +gopher 70/tcp # Internet Gopher +gopher 70/udp +netrjs-1 71/tcp # Remote Job Service +netrjs-1 71/udp # Remote Job Service +netrjs-2 72/tcp # Remote Job Service +netrjs-2 72/udp # Remote Job Service +netrjs-3 73/tcp # Remote Job Service +netrjs-3 73/udp # Remote Job Service +netrjs-4 74/tcp # Remote Job Service +netrjs-4 74/udp # Remote Job Service +finger 79/tcp +finger 79/udp +http 80/tcp www www-http # WorldWideWeb HTTP +http 80/udp www www-http # HyperText Transfer Protocol +kerberos 88/tcp kerberos5 krb5 # Kerberos v5 +kerberos 88/udp kerberos5 krb5 # Kerberos v5 +supdup 95/tcp +supdup 95/udp +hostname 101/tcp hostnames # usually from sri-nic +hostname 101/udp hostnames # usually from sri-nic +iso-tsap 102/tcp tsap # part of ISODE. +csnet-ns 105/tcp cso # also used by CSO name server +csnet-ns 105/udp cso +# unfortunately the poppassd (Eudora) uses a port which has already +# been assigned to a different service. We list the poppassd as an +# alias here. This should work for programs asking for this service. +# (due to a bug in inetd the 3com-tsmux line is disabled) +#3com-tsmux 106/tcp poppassd +#3com-tsmux 106/udp poppassd +rtelnet 107/tcp # Remote Telnet +rtelnet 107/udp +pop2 109/tcp pop-2 postoffice # POP version 2 +pop2 109/udp pop-2 +pop3 110/tcp pop-3 # POP version 3 +pop3 110/udp pop-3 +sunrpc 111/tcp portmapper # RPC 4.0 portmapper TCP +sunrpc 111/udp portmapper # RPC 4.0 portmapper UDP +auth 113/tcp authentication tap ident +auth 113/udp authentication tap ident +sftp 115/tcp +sftp 115/udp +uucp-path 117/tcp +uucp-path 117/udp +nntp 119/tcp readnews untp # USENET News Transfer Protocol +nntp 119/udp readnews untp # USENET News Transfer Protocol +ntp 123/tcp +ntp 123/udp # Network Time Protocol +netbios-ns 137/tcp # NETBIOS Name Service +netbios-ns 137/udp +netbios-dgm 138/tcp # NETBIOS Datagram Service +netbios-dgm 138/udp +netbios-ssn 139/tcp # NETBIOS session service +netbios-ssn 139/udp +imap 143/tcp imap2 # Interim Mail Access Proto v2 +imap 143/udp imap2 +snmp 161/tcp # Simple Net Mgmt Proto +snmp 161/udp # Simple Net Mgmt Proto +snmptrap 162/udp snmp-trap # Traps for SNMP +cmip-man 163/tcp # ISO mgmt over IP (CMOT) +cmip-man 163/udp +cmip-agent 164/tcp +cmip-agent 164/udp +mailq 174/tcp # MAILQ +mailq 174/udp # MAILQ +xdmcp 177/tcp # X Display Mgr. Control Proto +xdmcp 177/udp +nextstep 178/tcp NeXTStep NextStep # NeXTStep window +nextstep 178/udp NeXTStep NextStep # server +bgp 179/tcp # Border Gateway Proto. +bgp 179/udp +prospero 191/tcp # Cliff Neuman's Prospero +prospero 191/udp +irc 194/tcp # Internet Relay Chat +irc 194/udp +smux 199/tcp # SNMP Unix Multiplexer +smux 199/udp +at-rtmp 201/tcp # AppleTalk routing +at-rtmp 201/udp +at-nbp 202/tcp # AppleTalk name binding +at-nbp 202/udp +at-echo 204/tcp # AppleTalk echo +at-echo 204/udp +at-zis 206/tcp # AppleTalk zone information +at-zis 206/udp +qmtp 209/tcp # Quick Mail Transfer Protocol +qmtp 209/udp # Quick Mail Transfer Protocol +z39.50 210/tcp z3950 wais # NISO Z39.50 database +z39.50 210/udp z3950 wais +ipx 213/tcp # IPX +ipx 213/udp +imap3 220/tcp # Interactive Mail Access +imap3 220/udp # Protocol v3 +link 245/tcp ttylink +link 245/udp ttylink +fatserv 347/tcp # Fatmen Server +fatserv 347/udp # Fatmen Server +rsvp_tunnel 363/tcp +rsvp_tunnel 363/udp +odmr 366/tcp # odmr required by fetchmail +odmr 366/udp # odmr required by fetchmail +rpc2portmap 369/tcp +rpc2portmap 369/udp # Coda portmapper +codaauth2 370/tcp +codaauth2 370/udp # Coda authentication server +ulistproc 372/tcp ulistserv # UNIX Listserv +ulistproc 372/udp ulistserv +ldap 389/tcp +ldap 389/udp +svrloc 427/tcp # Server Location Protocl +svrloc 427/udp # Server Location Protocl +mobileip-agent 434/tcp +mobileip-agent 434/udp +mobilip-mn 435/tcp +mobilip-mn 435/udp +https 443/tcp # MCom +https 443/udp # MCom +snpp 444/tcp # Simple Network Paging Protocol +snpp 444/udp # Simple Network Paging Protocol +microsoft-ds 445/tcp +microsoft-ds 445/udp +kpasswd 464/tcp kpwd # Kerberos "passwd" +kpasswd 464/udp kpwd # Kerberos "passwd" +photuris 468/tcp +photuris 468/udp +saft 487/tcp # Simple Asynchronous File Transfer +saft 487/udp # Simple Asynchronous File Transfer +gss-http 488/tcp +gss-http 488/udp +pim-rp-disc 496/tcp +pim-rp-disc 496/udp +isakmp 500/tcp +isakmp 500/udp +gdomap 538/tcp # GNUstep distributed objects +gdomap 538/udp # GNUstep distributed objects +iiop 535/tcp +iiop 535/udp +dhcpv6-client 546/tcp +dhcpv6-client 546/udp +dhcpv6-server 547/tcp +dhcpv6-server 547/udp +rtsp 554/tcp # Real Time Stream Control Protocol +rtsp 554/udp # Real Time Stream Control Protocol +nntps 563/tcp # NNTP over SSL +nntps 563/udp # NNTP over SSL +whoami 565/tcp +whoami 565/udp +submission 587/tcp msa # mail message submission +submission 587/udp msa # mail message submission +npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS +npmp-local 610/udp dqs313_qmaster # npmp-local / DQS +npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS +npmp-gui 611/udp dqs313_execd # npmp-gui / DQS +hmmp-ind 612/tcp dqs313_intercell # HMMP Indication / DQS +hmmp-ind 612/udp dqs313_intercell # HMMP Indication / DQS +ipp 631/tcp # Internet Printing Protocol +ipp 631/udp # Internet Printing Protocol +ldaps 636/tcp # LDAP over SSL +ldaps 636/udp # LDAP over SSL +acap 674/tcp +acap 674/udp +ha-cluster 694/tcp # Heartbeat HA-cluster +ha-cluster 694/udp # Heartbeat HA-cluster +kerberos-adm 749/tcp # Kerberos `kadmin' (v5) +kerberos-iv 750/udp kerberos4 kerberos-sec kdc +kerberos-iv 750/tcp kerberos4 kerberos-sec kdc +webster 765/tcp # Network dictionary +webster 765/udp +phonebook 767/tcp # Network phonebook +phonebook 767/udp +rsync 873/tcp # rsync +rsync 873/udp # rsync +telnets 992/tcp +telnets 992/udp +imaps 993/tcp # IMAP over SSL +imaps 993/udp # IMAP over SSL +ircs 994/tcp +ircs 994/udp +pop3s 995/tcp # POP-3 over SSL +pop3s 995/udp # POP-3 over SSL + +# +# UNIX specific services +# +exec 512/tcp +biff 512/udp comsat +login 513/tcp +who 513/udp whod +shell 514/tcp cmd # no passwords used +syslog 514/udp +printer 515/tcp spooler # line printer spooler +printer 515/udp spooler # line printer spooler +talk 517/udp +ntalk 518/udp +utime 519/tcp unixtime +utime 519/udp unixtime +efs 520/tcp +router 520/udp route routed # RIP +ripng 521/tcp +ripng 521/udp +timed 525/tcp timeserver +timed 525/udp timeserver +tempo 526/tcp newdate +courier 530/tcp rpc +conference 531/tcp chat +netnews 532/tcp +netwall 533/udp # -for emergency broadcasts +uucp 540/tcp uucpd # uucp daemon +klogin 543/tcp # Kerberized `rlogin' (v5) +kshell 544/tcp krcmd # Kerberized `rsh' (v5) +afpovertcp 548/tcp # AFP over TCP +afpovertcp 548/udp # AFP over TCP +remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem + +# +# From ``PORT NUMBERS'': +# +#>REGISTERED PORT NUMBERS +#> +#>The Registered Ports are listed by the IANA and on most systems can be +#>used by ordinary user processes or programs executed by ordinary +#>users. +#> +#>Ports are used in the TCP [RFC793] to name the ends of logical +#>connections which carry long term conversations. For the purpose of +#>providing services to unknown callers, a service contact port is +#>defined. This list specifies the port used by the server process as +#>its contact port. +#> +#>The IANA registers uses of these ports as a convienence to the +#>community. +# +socks 1080/tcp # socks proxy server +socks 1080/udp # socks proxy server + +# Port 1236 is registered as `bvcontrol', but is also used by the +# Gracilis Packeten remote config server. The official name is listed as +# the primary name, with the unregistered name as an alias. +bvcontrol 1236/tcp rmtcfg # Daniel J. Walsh, Gracilis Packeten remote config server +bvcontrol 1236/udp # Daniel J. Walsh + +h323hostcallsc 1300/tcp # H323 Host Call Secure +h323hostcallsc 1300/udp # H323 Host Call Secure +ms-sql-s 1433/tcp # Microsoft-SQL-Server +ms-sql-s 1433/udp # Microsoft-SQL-Server +ms-sql-m 1434/tcp # Microsoft-SQL-Monitor +ms-sql-m 1434/udp # Microsoft-SQL-Monitor +ica 1494/tcp # Citrix ICA Client +ica 1494/udp # Citrix ICA Client +wins 1512/tcp # Microsoft's Windows Internet Name Service +wins 1512/udp # Microsoft's Windows Internet Name Service +ingreslock 1524/tcp +ingreslock 1524/udp +prospero-np 1525/tcp # Prospero non-privileged +prospero-np 1525/udp +datametrics 1645/tcp old-radius # datametrics / old radius entry +datametrics 1645/udp old-radius # datametrics / old radius entry +sa-msg-port 1646/tcp old-radacct # sa-msg-port / old radacct entry +sa-msg-port 1646/udp old-radacct # sa-msg-port / old radacct entry +kermit 1649/tcp +kermit 1649/udp +l2tp 1701/tcp l2f +l2tp 1701/udp l2f +h323gatedisc 1718/tcp +h323gatedisc 1718/udp +h323gatestat 1719/tcp +h323gatestat 1719/udp +h323hostcall 1720/tcp +h323hostcall 1720/udp +tftp-mcast 1758/tcp +tftp-mcast 1758/udp +mtftp 1759/udp +hello 1789/tcp +hello 1789/udp +radius 1812/tcp # Radius +radius 1812/udp # Radius +radius-acct 1813/tcp radacct # Radius Accounting +radius-acct 1813/udp radacct # Radius Accounting +mtp 1911/tcp # +mtp 1911/udp # +hsrp 1985/tcp # Cisco Hot Standby Router Protocol +hsrp 1985/udp # Cisco Hot Standby Router Protocol +licensedaemon 1986/tcp +licensedaemon 1986/udp +gdp-port 1997/tcp # Cisco Gateway Discovery Protocol +gdp-port 1997/udp # Cisco Gateway Discovery Protocol +sieve 2000/tcp # Sieve Mail Filter Daemon +sieve 2000/udp # Sieve Mail Filter Daemon +nfs 2049/tcp nfsd +nfs 2049/udp nfsd +zephyr-srv 2102/tcp # Zephyr server +zephyr-srv 2102/udp # Zephyr server +zephyr-clt 2103/tcp # Zephyr serv-hm connection +zephyr-clt 2103/udp # Zephyr serv-hm connection +zephyr-hm 2104/tcp # Zephyr hostmanager +zephyr-hm 2104/udp # Zephyr hostmanager +cvspserver 2401/tcp # CVS client/server operations +cvspserver 2401/udp # CVS client/server operations +venus 2430/tcp # codacon port +venus 2430/udp # Venus callback/wbc interface +venus-se 2431/tcp # tcp side effects +venus-se 2431/udp # udp sftp side effect +codasrv 2432/tcp # not used +codasrv 2432/udp # server port +codasrv-se 2433/tcp # tcp side effects +codasrv-se 2433/udp # udp sftp side effectQ + +# Ports numbered 2600 through 2606 are used by the zebra package without +# being registred. The primary names are the registered names, and the +# unregistered names used by zebra are listed as aliases. +hpstgmgr 2600/tcp zebrasrv # HPSTGMGR +hpstgmgr 2600/udp # HPSTGMGR +discp-client 2601/tcp zebra # discp client +discp-client 2601/udp # discp client +discp-server 2602/tcp ripd # discp server +discp-server 2602/udp # discp server +servicemeter 2603/tcp ripngd # Service Meter +servicemeter 2603/udp # Service Meter +nsc-ccs 2604/tcp ospfd # NSC CCS +nsc-ccs 2604/udp # NSC CCS +nsc-posa 2605/tcp bgpd # NSC POSA +nsc-posa 2605/udp # NSC POSA +netmon 2606/tcp ospf6d # Dell Netmon +netmon 2606/udp # Dell Netmon +dict 2628/tcp # RFC 2229 +dict 2628/udp # RFC 2229 +corbaloc 2809/tcp # CORBA naming service locator +icpv2 3130/tcp # Internet Cache Protocol V2 (Squid) +icpv2 3130/udp # Internet Cache Protocol V2 (Squid) +mysql 3306/tcp # MySQL +mysql 3306/udp # MySQL +trnsprntproxy 3346/tcp # Trnsprnt Proxy +trnsprntproxy 3346/udp # Trnsprnt Proxy +pxe 4011/udp # PXE server +fud 4201/udp # Cyrus IMAP FUD Daemon +rwhois 4321/tcp # Remote Who Is +rwhois 4321/udp # Remote Who Is +krb524 4444/tcp # Kerberos 5 to 4 ticket xlator +krb524 4444/udp # Kerberos 5 to 4 ticket xlator +rfe 5002/tcp # Radio Free Ethernet +rfe 5002/udp # Actually uses UDP only +cfengine 5308/tcp # CFengine +cfengine 5308/udp # CFengine +cvsup 5999/tcp CVSup # CVSup file transfer/John Polstra/FreeBSD +cvsup 5999/udp CVSup # CVSup file transfer/John Polstra/FreeBSD +x11 6000/tcp X # the X Window System +afs3-fileserver 7000/tcp # file server itself +afs3-fileserver 7000/udp # file server itself +afs3-callback 7001/tcp # callbacks to cache managers +afs3-callback 7001/udp # callbacks to cache managers +afs3-prserver 7002/tcp # users & groups database +afs3-prserver 7002/udp # users & groups database +afs3-vlserver 7003/tcp # volume location database +afs3-vlserver 7003/udp # volume location database +afs3-kaserver 7004/tcp # AFS/Kerberos authentication service +afs3-kaserver 7004/udp # AFS/Kerberos authentication service +afs3-volser 7005/tcp # volume managment server +afs3-volser 7005/udp # volume managment server +afs3-errors 7006/tcp # error interpretation service +afs3-errors 7006/udp # error interpretation service +afs3-bos 7007/tcp # basic overseer process +afs3-bos 7007/udp # basic overseer process +afs3-update 7008/tcp # server-to-server updater +afs3-update 7008/udp # server-to-server updater +afs3-rmtsys 7009/tcp # remote cache manager service +afs3-rmtsys 7009/udp # remote cache manager service +sd 9876/tcp # Session Director +sd 9876/udp # Session Director +amanda 10080/tcp # amanda backup services +amanda 10080/udp # amanda backup services +pgpkeyserver 11371/tcp # PGP/GPG public keyserver +pgpkeyserver 11371/udp # PGP/GPG public keyserver +h323callsigalt 11720/tcp # H323 Call Signal Alternate +h323callsigalt 11720/udp # H323 Call Signal Alternate + +bprd 13720/tcp # BPRD (VERITAS NetBackup) +bprd 13720/udp # BPRD (VERITAS NetBackup) +bpdbm 13721/tcp # BPDBM (VERITAS NetBackup) +bpdbm 13721/udp # BPDBM (VERITAS NetBackup) +bpjava-msvc 13722/tcp # BP Java MSVC Protocol +bpjava-msvc 13722/udp # BP Java MSVC Protocol +vnetd 13724/tcp # Veritas Network Utility +vnetd 13724/udp # Veritas Network Utility +bpcd 13782/tcp # VERITAS NetBackup +bpcd 13782/udp # VERITAS NetBackup +vopied 13783/tcp # VOPIED Protocol +vopied 13783/udp # VOPIED Protocol + +# This port is registered as wnn6, but also used under the unregistered name +# "wnn4" by the FreeWnn package. +wnn6 22273/tcp wnn4 +wnn6 22273/udp wnn4 + +quake 26000/tcp +quake 26000/udp +wnn6-ds 26208/tcp +wnn6-ds 26208/udp +traceroute 33434/tcp +traceroute 33434/udp + +# +# Datagram Delivery Protocol services +# +rtmp 1/ddp # Routing Table Maintenance Protocol +nbp 2/ddp # Name Binding Protocol +echo 4/ddp # AppleTalk Echo Protocol +zip 6/ddp # Zone Information Protocol + +# +# Kerberos (Project Athena/MIT) services +# Note that these are for Kerberos v4, and are unregistered/unofficial. Sites +# running v4 should uncomment these and comment out the v5 entries above. +# +kerberos_master 751/udp # Kerberos authentication +kerberos_master 751/tcp # Kerberos authentication +passwd_server 752/udp # Kerberos passwd server +krbupdate 760/tcp kreg # Kerberos registration +kpop 1109/tcp # Pop with Kerberos +knetd 2053/tcp # Kerberos de-multiplexor + +# +# Kerberos 5 services, also not registered with IANA +# +krb5_prop 754/tcp # Kerberos slave propagation +eklogin 2105/tcp # Kerberos encrypted rlogin + +# +# Unregistered but necessary(?) (for NetBSD) services +# +supfilesrv 871/tcp # SUP server +supfiledbg 1127/tcp # SUP debugging + +# +# Unregistered but useful/necessary other services +# +netstat 15/tcp # (was once asssigned, no more) +linuxconf 98/tcp # Linuxconf HTML access +poppassd 106/tcp # Eudora +poppassd 106/udp # Eudora +smtps 465/tcp # SMTP over SSL (TLS) +gii 616/tcp # gated interactive interface +omirr 808/tcp omirrd # online mirror +omirr 808/udp omirrd # online mirror +swat 901/tcp # Samba Web Administration Tool +rndc 953/tcp # rndc control sockets (BIND 9) +rndc 953/udp # rndc control sockets (BIND 9) +skkserv 1178/tcp # SKK Japanese input method +xtel 1313/tcp # french minitel +support 1529/tcp prmsd gnatsd # GNATS, cygnus bug tracker +cfinger 2003/tcp # GNU Finger +ninstall 2150/tcp # ninstall service +ninstall 2150/udp # ninstall service +afbackup 2988/tcp # Afbackup system +afbackup 2988/udp # Afbackup system +squid 3128/tcp # squid web proxy +prsvp 3455/tcp # RSVP Port +prsvp 3455/udp # RSVP Port +distcc 3632/tcp # distcc +svn 3690/tcp # Subversion +svn 3690/udp # Subversion +postgres 5432/tcp # POSTGRES +postgres 5432/udp # POSTGRES +fax 4557/tcp # FAX transmission service (old) +hylafax 4559/tcp # HylaFAX client-server protocol (new) +sgi-dgl 5232/tcp # SGI Distributed Graphics +sgi-dgl 5232/udp +noclog 5354/tcp # noclogd with TCP (nocol) +noclog 5354/udp # noclogd with UDP (nocol) +hostmon 5355/tcp # hostmon uses TCP (nocol) +hostmon 5355/udp # hostmon uses TCP (nocol) +canna 5680/tcp +x11-ssh-offset 6010/tcp # SSH X11 forwarding offset +ircd 6667/tcp # Internet Relay Chat +ircd 6667/udp # Internet Relay Chat +xfs 7100/tcp # X font server +tircproxy 7666/tcp # Tircproxy +http-alt 8008/tcp +http-alt 8008/udp +webcache 8080/tcp # WWW caching service +webcache 8080/udp # WWW caching service +tproxy 8081/tcp # Transparent Proxy +tproxy 8081/udp # Transparent Proxy +jetdirect 9100/tcp laserjet hplj # +mandelspawn 9359/udp mandelbrot # network mandelbrot +kamanda 10081/tcp # amanda backup services (Kerberos) +kamanda 10081/udp # amanda backup services (Kerberos) +amandaidx 10082/tcp # amanda backup services +amidxtape 10083/tcp # amanda backup services +isdnlog 20011/tcp # isdn logging system +isdnlog 20011/udp # isdn logging system +vboxd 20012/tcp # voice box system +vboxd 20012/udp # voice box system +wnn4_Kr 22305/tcp # used by the kWnn package +wnn4_Cn 22289/tcp # used by the cWnn package +wnn4_Tw 22321/tcp # used by the tWnn package +binkp 24554/tcp # Binkley +binkp 24554/udp # Binkley +asp 27374/tcp # Address Search Protocol +asp 27374/udp # Address Search Protocol +tfido 60177/tcp # Ifmail +tfido 60177/udp # Ifmail +fido 60179/tcp # Ifmail +fido 60179/udp # Ifmail + +# Local services + diff --git a/root/etc/e-smith/templates/etc/services/20wwwproxy b/root/etc/e-smith/templates/etc/services/20wwwproxy new file mode 100644 index 0000000..306e633 --- /dev/null +++ b/root/etc/e-smith/templates/etc/services/20wwwproxy @@ -0,0 +1,3 @@ +{ + $SquidParent ? "wwwproxy $SquidParentPort/tcp" : "#" +} diff --git a/root/etc/e-smith/templates/etc/shells/bash b/root/etc/e-smith/templates/etc/shells/bash new file mode 100644 index 0000000..01dca2d --- /dev/null +++ b/root/etc/e-smith/templates/etc/shells/bash @@ -0,0 +1 @@ +/bin/bash diff --git a/root/etc/e-smith/templates/etc/shells/bash2 b/root/etc/e-smith/templates/etc/shells/bash2 new file mode 100644 index 0000000..25df381 --- /dev/null +++ b/root/etc/e-smith/templates/etc/shells/bash2 @@ -0,0 +1 @@ +/bin/bash2 diff --git a/root/etc/e-smith/templates/etc/shells/console b/root/etc/e-smith/templates/etc/shells/console new file mode 100644 index 0000000..753e00c --- /dev/null +++ b/root/etc/e-smith/templates/etc/shells/console @@ -0,0 +1 @@ +/sbin/e-smith/console diff --git a/root/etc/e-smith/templates/etc/shells/csh b/root/etc/e-smith/templates/etc/shells/csh new file mode 100644 index 0000000..5a831e8 --- /dev/null +++ b/root/etc/e-smith/templates/etc/shells/csh @@ -0,0 +1 @@ +/bin/csh diff --git a/root/etc/e-smith/templates/etc/shells/false b/root/etc/e-smith/templates/etc/shells/false new file mode 100644 index 0000000..52c87c8 --- /dev/null +++ b/root/etc/e-smith/templates/etc/shells/false @@ -0,0 +1 @@ +/bin/false diff --git a/root/etc/e-smith/templates/etc/shells/rssh b/root/etc/e-smith/templates/etc/shells/rssh new file mode 100644 index 0000000..0745e17 --- /dev/null +++ b/root/etc/e-smith/templates/etc/shells/rssh @@ -0,0 +1 @@ +/usr/bin/rssh diff --git a/root/etc/e-smith/templates/etc/shells/sh b/root/etc/e-smith/templates/etc/shells/sh new file mode 100644 index 0000000..c2cdaa0 --- /dev/null +++ b/root/etc/e-smith/templates/etc/shells/sh @@ -0,0 +1 @@ +/bin/sh diff --git a/root/etc/e-smith/templates/etc/shells/template-begin b/root/etc/e-smith/templates/etc/shells/template-begin new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/templates/etc/smartmontools/smartd.conf/10conf b/root/etc/e-smith/templates/etc/smartmontools/smartd.conf/10conf new file mode 100644 index 0000000..3402f2d --- /dev/null +++ b/root/etc/e-smith/templates/etc/smartmontools/smartd.conf/10conf @@ -0,0 +1,8 @@ +{ +# /etc/smartd.conf + +# Sample configuration file for smartd. See man 5 smartd.conf. +# Home page is: http://smartmontools.sourceforge.net + +"DEVICESCAN -a -m $smartd{email} $smartd{directive} -I 190 -I 194 -n standby,10,q"; +} diff --git a/root/etc/e-smith/templates/etc/smbpasswd/template-begin b/root/etc/e-smith/templates/etc/smbpasswd/template-begin new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/templates/etc/sysconfig/i18n/LANG b/root/etc/e-smith/templates/etc/sysconfig/i18n/LANG new file mode 100644 index 0000000..5881f7e --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/i18n/LANG @@ -0,0 +1,11 @@ +{ + $OUT = ""; + my $lang = $settings{LANG}; + return unless defined $lang; + $lang =~ s/^['"]//; + $lang =~ s/['"]$//; + if ($lang !~ /\.UTF\-8$/) + { + $settings{LANG} = '"' . $lang . '.UTF-8"'; + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/i18n/SUPPORTED b/root/etc/e-smith/templates/etc/sysconfig/i18n/SUPPORTED new file mode 100644 index 0000000..db15c3e --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/i18n/SUPPORTED @@ -0,0 +1,15 @@ +{ + $OUT = ""; + my $supported = $settings{SUPPORTED}; + return unless defined $supported; + if ($supported =~ /UTF-8/) + { + $supported =~ s/"(.*)"/$1/; + my @supported = + map { s/(.*)\.UTF-8/$1/ ; $_ } split(/:/, $supported); + # Remove duplicates + my %seen; + @supported = grep { !$seen{$_}++ } @supported; + $settings{SUPPORTED} = '"' . join(":", @supported) . '"'; + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/i18n/SYSFONT b/root/etc/e-smith/templates/etc/sysconfig/i18n/SYSFONT new file mode 100644 index 0000000..78670c8 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/i18n/SYSFONT @@ -0,0 +1,9 @@ +{ + $OUT = ""; + my $sysfont = $settings{SYSFONT}; + return unless defined $sysfont; + if ($sysfont eq '"lat0-sun16"') + { + $settings{SYSFONT} = '"latarcyrheb-sun16"'; + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/i18n/SYSFONTACM b/root/etc/e-smith/templates/etc/sysconfig/i18n/SYSFONTACM new file mode 100644 index 0000000..32a04e8 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/i18n/SYSFONTACM @@ -0,0 +1,8 @@ +{ + $OUT = ''; + if ($settings{SYSFONTACM}) + { + $order{scalar keys %settings} = "SYSFONTACM"; + delete $order{scalar keys %settings}; + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/i18n/template-begin b/root/etc/e-smith/templates/etc/sysconfig/i18n/template-begin new file mode 100644 index 0000000..aae1eba --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/i18n/template-begin @@ -0,0 +1,17 @@ +{ + %settings = (); + %order = (); + $OUT = ""; + if (open(I18N, "/etc/sysconfig/i18n")) + { + my $l = 1; + while () + { + chomp; + my ($key, $value) = split(/=/, $_, 2); + $settings{$key} = $value; + $order{$l} = $key; + $l++ + } + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/i18n/template-end b/root/etc/e-smith/templates/etc/sysconfig/i18n/template-end new file mode 100644 index 0000000..ac8717f --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/i18n/template-end @@ -0,0 +1,8 @@ +{ + foreach my $lineno (sort keys %order) + { + my $key = $order{$lineno}; + my $value = $settings{$key}; + $OUT .= "$key=$value\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/10aborts b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/10aborts new file mode 100755 index 0000000..a1382f2 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/10aborts @@ -0,0 +1,6 @@ +'ABORT' 'BUSY' +'ABORT' 'ERROR' +'ABORT' 'NO CARRIER' +'ABORT' 'NO DIALTONE' +'ABORT' 'Invalid Login' +'ABORT' 'Login incorrect' diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/15reports b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/15reports new file mode 100755 index 0000000..9633e49 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/15reports @@ -0,0 +1 @@ +REPORT CONNECT diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/20reset b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/20reset new file mode 100755 index 0000000..34c9d77 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/20reset @@ -0,0 +1 @@ +'' 'ATZ' diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/25init b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/25init new file mode 100755 index 0000000..27985e4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/25init @@ -0,0 +1,15 @@ +'OK' 'AT{ +(defined $ModemInit) ? "$ModemInit" : + ($DebugPPP && $DebugPPP eq 'yes') ? "L1M1" : "L0M0" }'{ + $OUT = ""; + if ($DialupModemDevice eq "/dev/ttyI0") + { + # we are using an internal ISDN card + my $msn = $isdn{'Msn'} || ""; + my $blocksize = $isdn{'Blocksize'} || "512"; + # Configure HDLC as level 2 protocol + # Configure MSN + # Configure Blocksize + $OUT .= "\n'OK' 'ATS14=3&E$msn&B$blocksize'"; + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/30dialup b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/30dialup new file mode 100755 index 0000000..96d7f46 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/30dialup @@ -0,0 +1 @@ +'OK' 'ATD{ $DialupPhoneNumber }' diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/40connect b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/40connect new file mode 100755 index 0000000..dd4b416 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/40connect @@ -0,0 +1 @@ +'CONNECT' diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/00setup b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/00setup new file mode 100755 index 0000000..92c4b69 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/00setup @@ -0,0 +1,16 @@ +{ + die "Need to pass THIS_DEVICE in MORE_DATA\n" unless (defined $THIS_DEVICE); + + $is_internal = (exists $InternalInterface{Name} and + $InternalInterface{Name} eq $THIS_DEVICE ); + $is_external = (exists $ExternalInterface{Name} and + $ExternalInterface{Name} eq $THIS_DEVICE ); + + $ifup_this_device = "no"; + if ($is_internal || ($is_external && $ExternalInterface{Configuration} eq "static")) + { + $ifup_this_device = "yes"; + } + + ""; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/05TYPE b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/05TYPE new file mode 100755 index 0000000..5e814a1 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/05TYPE @@ -0,0 +1,3 @@ +{ + return "TYPE=Ethernet"; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10DEVICE b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10DEVICE new file mode 100755 index 0000000..9355458 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10DEVICE @@ -0,0 +1,3 @@ +{ + return "DEVICE=$THIS_DEVICE"; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10ETHTOOL b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10ETHTOOL new file mode 100644 index 0000000..b081930 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10ETHTOOL @@ -0,0 +1,12 @@ +{ + my $this_device; + + $this_device = \%InternalInterface if $is_internal; + $this_device = \%ExternalInterface if $is_external; + return unless $this_device; + + my $ethtool_options = $this_device->{EthtoolOpts}; + return unless $ethtool_options; + + return "ETHTOOL_OPTS=\"$ethtool_options\""; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10MTU b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10MTU new file mode 100644 index 0000000..60124f7 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/10MTU @@ -0,0 +1,17 @@ +{ + my $mtu = undef; + $OUT = ''; + + if ($is_internal) + { + $mtu = $InternalInterface{MTU}; + } + if ($is_external) + { + $mtu = $ExternalInterface{MTU}; + } + if ($mtu) + { + $OUT .= "MTU=$mtu"; + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/20USERCTL b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/20USERCTL new file mode 100755 index 0000000..d57fe6e --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/20USERCTL @@ -0,0 +1 @@ +USERCTL=no diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/30ONBOOT b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/30ONBOOT new file mode 100755 index 0000000..f169395 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/30ONBOOT @@ -0,0 +1,3 @@ +{ + return "ONBOOT=$ifup_this_device"; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/40PEERDNS b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/40PEERDNS new file mode 100755 index 0000000..55d0a2e --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/40PEERDNS @@ -0,0 +1 @@ +PEERDNS=no diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/60IPV6 b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/60IPV6 new file mode 100755 index 0000000..569dfa2 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/60IPV6 @@ -0,0 +1,3 @@ +{ + return "IPV6INIT=no"; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/70bonding b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/70bonding new file mode 100755 index 0000000..c14d8ed --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/70bonding @@ -0,0 +1,11 @@ +{ + $OUT = ""; + return unless ($InternalInterface{Name} eq "bond0"); + # FIXME: this should be restricted to the real slaves + # and not every interface except bond0 + if ($THIS_DEVICE ne 'bond0') + { + $OUT .= "MASTER=bond0\n"; + $OUT .= "SLAVE=yes"; + } +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/90otherparams b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/90otherparams new file mode 100755 index 0000000..0a565f5 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/90otherparams @@ -0,0 +1,34 @@ +{ + use esmith::util; + + if ($ifup_this_device eq "no") + { + # Need syntactically valid IP address to avoid complaints + # from init.d/network script + return "IPADDR=1.1.1.1"; + } + + if ($is_external) + { + # We are now running a supervised dhcpcd - setting the BOOTPROTO to "none" + # allows the supervised dhcpcd to do the work without fighting with ifup + return "BOOTPROTO=none" if ($ExternalDHCP eq "on"); + + my ($network, $broadcast) = esmith::util::computeNetworkAndBroadcast ($ExternalIP, $ExternalNetmask); + + return "BOOTPROTO=none\n" . + "IPADDR=$ExternalIP\n" . + "NETMASK=$ExternalNetmask\n" . + "NETWORK=$network\n" . + "BROADCAST=$broadcast"; + } + return "" unless ($is_internal); + + my ($network, $broadcast) = esmith::util::computeNetworkAndBroadcast ($LocalIP, $LocalNetmask); + + return "BOOTPROTO=none\n" . + "IPADDR=$LocalIP\n" . + "NETMASK=$LocalNetmask\n" . + "NETWORK=$network\n" . + "BROADCAST=$broadcast"; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ppp0/00default b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ppp0/00default new file mode 100755 index 0000000..b5a2160 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ppp0/00default @@ -0,0 +1,21 @@ +PERSIST=yes +DEFROUTE=yes +ONBOOT=no +INITSTRING=ATZ +MODEMPORT={ $DialupModemDevice } +LINESPEED=115200 +ESCAPECHARS=no +DEFABORT=yes +HARDFLOWCTL=yes +DEVICE=ppp0 +PPPOPTIONS= +DEBUG=no +PAPNAME={ $DialupUserAccount } +REMIP= +IPADDR= +BOOTPROTO=none +MTU= +MRU= +DISCONNECTTIMEOUT= +RETRYTIMEOUT= +USERCTL=no diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ppp0/10ETHTOOL b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ppp0/10ETHTOOL new file mode 100644 index 0000000..b081930 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ppp0/10ETHTOOL @@ -0,0 +1,12 @@ +{ + my $this_device; + + $this_device = \%InternalInterface if $is_internal; + $this_device = \%ExternalInterface if $is_external; + return unless $this_device; + + my $ethtool_options = $this_device->{EthtoolOpts}; + return unless $ethtool_options; + + return "ETHTOOL_OPTS=\"$ethtool_options\""; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/route-ethX/08Gateway b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/route-ethX/08Gateway new file mode 100644 index 0000000..825866d --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/route-ethX/08Gateway @@ -0,0 +1,7 @@ +{ + return "" unless (defined $GatewayIP && ( + ($SystemMode eq 'serveronly' && $InternalInterface{Name} eq $THIS_DEVICE ) || + ($ExternalInterface{Name} eq $THIS_DEVICE) )); + $OUT .= "$GatewayIP dev $THIS_DEVICE\n"; + $OUT .= "default via $GatewayIP dev $THIS_DEVICE\n"; +} diff --git a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/route-ethX/10localroutes b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/route-ethX/10localroutes new file mode 100755 index 0000000..7dac3a0 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/route-ethX/10localroutes @@ -0,0 +1,39 @@ +{ + die "Need to pass THIS_DEVICE in MORE_DATA\n" unless (defined $THIS_DEVICE); + + my $device = $InternalInterface{Name}; + unless ($device) + { + warn("Can't determine device name for local network"); + return "# template expansion error - Can't determine device name for local network"; + } + + return "# Static routes only on internal interface" + unless ($InternalInterface{Name} eq $THIS_DEVICE); + + use esmith::NetworksDB; + my $db = esmith::NetworksDB->open_ro; + + unless ($db) + { + warn "Could not open networks db\n"; + return "# template expansion error - Could not open networks db\n"; + } + + foreach my $network ($db->networks) + { + # Skip local network + my $system = $network->prop('SystemLocalNetwork') || "no"; + next if $system eq "yes"; + + # Skip anything we don't know how to or don't need to route + my $router = $network->prop('Router'); + next unless $router; + next if $router eq "default"; + + my $netmask = $network->prop('Mask'); + my $net = $network->key; + $OUT .= $net . '/' . $netmask . ' via ' . $router . "\n"; + } +} + diff --git a/root/etc/e-smith/templates/etc/sysconfig/network/10NETWORKING b/root/etc/e-smith/templates/etc/sysconfig/network/10NETWORKING new file mode 100644 index 0000000..61c4a5a --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network/10NETWORKING @@ -0,0 +1 @@ +NETWORKING=yes diff --git a/root/etc/e-smith/templates/etc/sysconfig/network/20FORWARD_IPV4 b/root/etc/e-smith/templates/etc/sysconfig/network/20FORWARD_IPV4 new file mode 100644 index 0000000..5d18460 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network/20FORWARD_IPV4 @@ -0,0 +1 @@ +FORWARD_IPV4=yes diff --git a/root/etc/e-smith/templates/etc/sysconfig/network/30HOSTNAME b/root/etc/e-smith/templates/etc/sysconfig/network/30HOSTNAME new file mode 100644 index 0000000..41751d4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network/30HOSTNAME @@ -0,0 +1 @@ +HOSTNAME={ $SystemName } diff --git a/root/etc/e-smith/templates/etc/sysconfig/network/60NOZEROCONF b/root/etc/e-smith/templates/etc/sysconfig/network/60NOZEROCONF new file mode 100644 index 0000000..5b2803b --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/network/60NOZEROCONF @@ -0,0 +1 @@ +NOZEROCONF=yes diff --git a/root/etc/e-smith/templates/etc/sysconfig/rsyslog/10rsyslogOptions b/root/etc/e-smith/templates/etc/sysconfig/rsyslog/10rsyslogOptions new file mode 100644 index 0000000..87e9103 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysconfig/rsyslog/10rsyslogOptions @@ -0,0 +1 @@ +SYSLOGD_OPTIONS="-c 5" diff --git a/root/etc/e-smith/templates/etc/sysctl.conf/kernel.sysrq b/root/etc/e-smith/templates/etc/sysctl.conf/kernel.sysrq new file mode 100644 index 0000000..8206230 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysctl.conf/kernel.sysrq @@ -0,0 +1,2 @@ +# Disables the magic-sysrq key +kernel.sysrq = 0 diff --git a/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.conf.all.rp_filter b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.conf.all.rp_filter new file mode 100644 index 0000000..8aff406 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.conf.all.rp_filter @@ -0,0 +1,2 @@ +# Enables source route verification +net.ipv4.conf.all.rp_filter = 1 diff --git a/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.conf.default.rp_filter b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.conf.default.rp_filter new file mode 100644 index 0000000..bf8306a --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.conf.default.rp_filter @@ -0,0 +1,2 @@ +# Enables source route verification +net.ipv4.conf.default.rp_filter = 1 diff --git a/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.ip_dynaddr b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.ip_dynaddr new file mode 100644 index 0000000..f79d940 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.ip_dynaddr @@ -0,0 +1 @@ +net.ipv4.ip_dynaddr = 1 diff --git a/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.ip_forward b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.ip_forward new file mode 100644 index 0000000..4234b54 --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.ip_forward @@ -0,0 +1 @@ +net.ipv4.ip_forward = 1 diff --git a/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.tcp_keepalive_time b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.tcp_keepalive_time new file mode 100644 index 0000000..f4356eb --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.tcp_keepalive_time @@ -0,0 +1,2 @@ +{ # We want the keepalive time to be lower than the masquerade timeout } +net.ipv4.tcp_keepalive_time = 300 diff --git a/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.tcp_syncookies b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.tcp_syncookies new file mode 100644 index 0000000..9488bfc --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv4.tcp_syncookies @@ -0,0 +1 @@ +net.ipv4.tcp_syncookies = 1 diff --git a/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv6 b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv6 new file mode 100644 index 0000000..1c0e92f --- /dev/null +++ b/root/etc/e-smith/templates/etc/sysctl.conf/net.ipv6 @@ -0,0 +1,10 @@ +{ + if ( ($IPv6{status} || 'disabled') ne "enabled" ) { + $OUT .= "# IPv6 is disabled\n"; + $OUT .= "net.ipv6.conf.all.disable_ipv6 = 1\n"; + $OUT .= "net.ipv6.conf.default.disable_ipv6 = 1\n"; + } + else { + $OUT .= "# IPv6 is enabled\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/01header b/root/etc/e-smith/templates/etc/systemd/journald.conf/01header new file mode 100644 index 0000000..b9ab24e --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/01header @@ -0,0 +1,14 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. +# +# Entries in this file show the compile time defaults. +# You can change settings by editing this file. +# Defaults can be restored by simply deleting this file. +# +# See journald.conf(5) for details. + + diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/05journal b/root/etc/e-smith/templates/etc/systemd/journald.conf/05journal new file mode 100644 index 0000000..1c24b52 --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/05journal @@ -0,0 +1 @@ +[Journal] diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/08dest b/root/etc/e-smith/templates/etc/systemd/journald.conf/08dest new file mode 100644 index 0000000..a30a91a --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/08dest @@ -0,0 +1 @@ +Storage=persistent diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/09Compress b/root/etc/e-smith/templates/etc/systemd/journald.conf/09Compress new file mode 100644 index 0000000..d44bc38 --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/09Compress @@ -0,0 +1 @@ +#Compress=yes diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/10Seal b/root/etc/e-smith/templates/etc/systemd/journald.conf/10Seal new file mode 100644 index 0000000..a7ff696 --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/10Seal @@ -0,0 +1 @@ +#Seal=yes diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/11SplitMode b/root/etc/e-smith/templates/etc/systemd/journald.conf/11SplitMode new file mode 100644 index 0000000..6277da6 --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/11SplitMode @@ -0,0 +1 @@ +#SplitMode=uid diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/20Rates b/root/etc/e-smith/templates/etc/systemd/journald.conf/20Rates new file mode 100644 index 0000000..27b9d47 --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/20Rates @@ -0,0 +1,3 @@ +#SyncIntervalSec=5m +#RateLimitInterval=30s +#RateLimitBurst=1000 diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/30System b/root/etc/e-smith/templates/etc/systemd/journald.conf/30System new file mode 100644 index 0000000..03d580b --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/30System @@ -0,0 +1,8 @@ +#SystemMaxUse= # default 10% and not more than 4G +#SystemKeepFree= # default 15% and not more than 4G +#SystemMaxFileSize= # default 1/8 SystemMaxUse +#RuntimeMaxUse= +#RuntimeKeepFree= +#RuntimeMaxFileSize= +MaxRetentionSec={$rsyslog{'PurgeLength'} || '95'}day +MaxFileSec={$rsyslog{'RotateDays'} || '7'}day diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/40Forward b/root/etc/e-smith/templates/etc/systemd/journald.conf/40Forward new file mode 100644 index 0000000..b39b608 --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/40Forward @@ -0,0 +1,5 @@ +ForwardToSyslog=no +#ForwardToKMsg=no +#ForwardToConsole=no +#ForwardToWall=yes +#TTYPath=/dev/console diff --git a/root/etc/e-smith/templates/etc/systemd/journald.conf/50MaxLevel b/root/etc/e-smith/templates/etc/systemd/journald.conf/50MaxLevel new file mode 100644 index 0000000..7c56057 --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/journald.conf/50MaxLevel @@ -0,0 +1,6 @@ +#MaxLevelStore=debug +#MaxLevelSyslog=debug +#MaxLevelKMsg=notice +#MaxLevelConsole=info +#MaxLevelWall=emerg +#LineMax=48K diff --git a/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/05config b/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/05config new file mode 100644 index 0000000..31ff5a3 --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/05config @@ -0,0 +1,12 @@ +# Koozali SME Server +# auto generated list of services +{ +use esmith::ConfigDB; +our $c = esmith::ConfigDB->open_ro || die "Couldn't open the configuration database\n"; + +#list of exception services +#those services might keep some traces in init.d +our @list = qw(bootstrap-console masq mysql.init wan lpd clamd diald ldap.init); + +my $OUT =""; +} diff --git a/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/20services b/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/20services new file mode 100644 index 0000000..0381f0e --- /dev/null +++ b/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/20services @@ -0,0 +1,20 @@ +{ + +foreach my $service ($c->get_all_by_prop(type => 'service')){ + my $status = $service->prop('status') || 'enabled'; + my $servicename = $service->prop('SystemdUnit') || $service->key . ".service" || ""; + next unless $servicename || $servicename eq ".service"; + $status = ($status eq "enabled") ? "enable" : "disable"; + unless ( $service->key ~~ @list ) { + $status = "disable" if -e "/etc/rc.d/init.d/".$service->key || -e "/etc/rc.d/init.d/supervise/".$service->key; + } + my $multiple = $servicename; + ($multiple = $servicename ) =~ s/([a-zA-Z0-9\-_.]+@)(.*)/$1.service/ if ( $servicename =~ /@/ ); + + $OUT .= "# Systemd service file does not exist : " unless -e "/usr/lib/systemd/system/$servicename" || -e "/etc/lib/systemd/system/$servicename" || -e "/usr/lib/systemd/system/$multiple"; + $OUT .= "$status $servicename\n"; + $OUT .= "$status $multiple\n" unless $multiple eq $servicename ; + + } + +} diff --git a/root/etc/e-smith/templates/etc/updatedb.conf/01conf b/root/etc/e-smith/templates/etc/updatedb.conf/01conf new file mode 100644 index 0000000..c443089 --- /dev/null +++ b/root/etc/e-smith/templates/etc/updatedb.conf/01conf @@ -0,0 +1,4 @@ +{ + $PRUNEPATHS=""; + $PRUNEFS=""; +} diff --git a/root/etc/e-smith/templates/etc/updatedb.conf/10conf b/root/etc/e-smith/templates/etc/updatedb.conf/10conf new file mode 100644 index 0000000..74bdc40 --- /dev/null +++ b/root/etc/e-smith/templates/etc/updatedb.conf/10conf @@ -0,0 +1,7 @@ + +# /etc/updatedb.conf + +# Sample configuration file for updatedb(8). See man 5 updatedb.conf +PRUNEFS = "auto afs gfs gfs2 iso9660 sfs udf {$PRUNEFS}" +PRUNEPATHS = "/afs /media /net /sfs /tmp /udev /var/spool/cups /var/spool/squid /var/tmp {$PRUNEPATHS}" + diff --git a/root/etc/e-smith/templates/home/e-smith/ssl.crt b/root/etc/e-smith/templates/home/e-smith/ssl.crt new file mode 100644 index 0000000..ae02617 --- /dev/null +++ b/root/etc/e-smith/templates/home/e-smith/ssl.crt @@ -0,0 +1,120 @@ +{ + use constant KEYLIFEINDAYS => $modSSL{KeyLifeInDays} || 365; + use esmith::ssl; + use Date::Parse; + use Cwd; + use Net::IP qw(ip_is_ipv4 ip_is_ipv6); + my $here = getcwd; + + my $Country = $modSSL{Country} || "--"; + my $State = $modSSL{State} || "----"; + my $FQDN = "$SystemName.$DomainName"; + my $commonName = $modSSL{CommonName} || $FQDN; + my $crt = "/home/e-smith/ssl.crt/$FQDN.crt"; + my $key = "/home/e-smith/ssl.key/$FQDN.key"; + my $defaultCity = $ldap{defaultCity}; + my $defaultCompany = $ldap{defaultCompany}; + my $defaultDepartment = $ldap{defaultDepartment}; + my $email = "admin\@$DomainName"; + my @subjectAlt = `/sbin/e-smith/generate-subjectaltnames`; + chomp @subjectAlt; + our $subjectAltName = ""; + my $i=0; + for my $elem (@subjectAlt) { + $subjectAltName .= "," if $i>0; + $i++; + if (ip_is_ipv4($elem) || ip_is_ipv6($elem) ){ + $subjectAltName .= "IP Address:$elem"; + next; + } + $subjectAltName .= "DNS:$elem"; + } + $subjectAltName = ( $subjectAltName eq "DNS: ")? "": $subjectAltName; + chomp $subjectAltName; + # crop fields that are too long for X509: + $Country = substr($Country, 0, 2); + $defaultCity = substr($defaultCity, 0, 128); + $defaultCompany = substr($defaultCompany, 0, 64); + $defaultDepartment = substr($defaultDepartment, 0, 64); + $email = substr($email, 0, 64); + $commonName = substr($commonName, 0, 64); + + # if self-signed certificate files exists, is a certificate, and is still valid + if ( cert_exists_good_size ) + { + # check expiry date, if less than 2 days from now we update it. + my $expire = `openssl x509 -enddate -noout -in $crt`; + $expire =~ s/^notAfter=//; + $expire = str2time($expire); + my $ttl_days = ($expire - time()) / 60 / 60 / 24; + # check the cert and the key are related, if key has been changed, then we need to change the cert + my $crt_md5 = `openssl x509 -noout -modulus -in $crt | openssl md5`; + my $key_md5 = `openssl rsa -noout -modulus -in $key | openssl md5`; + + if ( ($ttl_days > 2) && ( "$crt_md5" eq "$key_md5" ) ) { + my $expected_issuer = '/C='.$Country . + '/ST='.$State; + $expected_issuer .= '/L=' . ($defaultCity ? $defaultCity : 'Default City'); + $expected_issuer .= '/O=' . ($defaultCompany ? $defaultCompany : 'Default Company Ltd'); + $expected_issuer .= "/OU=$defaultDepartment" if $defaultDepartment; + $expected_issuer .= "/CN=$commonName" . + "/emailAddress=$email"; + my $issuer = `openssl x509 -issuer -noout -in $crt`; + chomp $issuer; + $issuer =~ s/^issuer= //; + my $signatureAlg = `openssl x509 -text -noout -in $crt | grep "Signature Algorithm" | head -1`; + chomp $signatureAlg; + $signatureAlg =~ s/^ *Signature Algorithm: //; + + # Test for expected subjectAltName + # openssl x509 -text -noout -in /etc/dehydrated/certs/domain/cert.pem | sed -ne '/X509v3 Subject Alternative Name/{ N;s/^.*\n//;:a;s/^\( *\)\(.*\), /\2,\1/;ta;p;q; }' + $expected_subjectAltName = `openssl x509 -text -noout -in $crt | sed -ne '/X509v3 Subject Alternative Name/{ N;s/^.*\\n//;:a;s/^\\( *\\)\\(.*\\), /\\2,\\1/;ta;p;q; }'`; + chomp $expected_subjectAltName; + if ( + ($issuer eq $expected_issuer) + && ($signatureAlg ne "sha1WithRSAEncryption") + && ($subjectAltName eq $expected_subjectAltName) + ) + { + # Old key file is still good. Read it out - processTemplate will work + # out that it hasn't changed, and leave the old one in place + open(C, "$crt") or die "Couldn't open crt file: $!"; + my @crt = ; + chomp @crt; + $OUT = join "\n", @crt; + close(C); + return; + } + } + } + # go to somewhere private and safe where we can run programs + # as root + unless (-e "/tmp/ssl") + { + mkdir "/tmp/ssl", 0700; + } + chdir "/tmp/ssl" or die "Couldn't change to secure directory: $!"; + + $SIG{ALRM} = sub { die "whoops, $program pipe broke" }; + + unless (open(SSL,"-|")) + { + # child + exec("/usr/bin/openssl", + qw(req -new -key), + $key, + qw( -sha256 -x509 -days), KEYLIFEINDAYS, + qw(-set_serial), time(), + qw(-extensions v3_req), + qw(-config), "/etc/openssl.conf" + ) + || die "can't exec program: $!"; + # NOTREACHED + } + while () + { + $OUT .= $_; + } + close(SSL) or die "Closing openssl pipe reported: $!"; + chdir $here; +} diff --git a/root/etc/e-smith/templates/home/e-smith/ssl.key b/root/etc/e-smith/templates/home/e-smith/ssl.key new file mode 100644 index 0000000..c1ae063 --- /dev/null +++ b/root/etc/e-smith/templates/home/e-smith/ssl.key @@ -0,0 +1,57 @@ +{ + use Cwd; + use esmith::ssl; + my $here = getcwd; + + my $KeySize = $modSSL{KeySize} ||'4096'; + my $FQDN = "$SystemName.$DomainName"; + my $key = "/home/e-smith/ssl.key/$FQDN.key"; + # if key exists and good size, we use it + if ( key_exists_good_size ) + { + # Old key file is still good. Read it out - processTemplate will work + # out that it hasn't changed, and leave the old one in place + open(K, "$key") or die "Couldn't open key file: $!"; + my @key = ; + chomp @key; + $OUT = join "\n", @key; + close(K); + return; + } + # go to somewhere private and safe where we can run programs + # as root + unless (-e "/tmp/ssl") + { + mkdir "/tmp/ssl", 0700; + } + chdir "/tmp/ssl" or die "Couldn't change to secure directory: $!"; + + my $program = "/usr/bin/openssl"; + + $SIG{ALRM} = sub { die "whoops, $program pipe broke" }; + + unless (open(SSL,"-|")) + { + exec("/usr/bin/openssl", + qw(genrsa -rand), + join(':', + qw( + /proc/cpuinfo + /proc/dma + /proc/filesystems + /proc/interrupts + /proc/ioports + /proc/bus/pci/devices + /proc/rtc + /proc/uptime + )), + "$KeySize") + || die "can't exec program: $!"; + } + while () + { + $OUT .= $_; + } + close(SSL) or die "Closing openssl pipe reported: $!"; + chdir $here; +} diff --git a/root/etc/e-smith/templates/home/e-smith/ssl.pem/10openssl b/root/etc/e-smith/templates/home/e-smith/ssl.pem/10openssl new file mode 100644 index 0000000..0de6ff4 --- /dev/null +++ b/root/etc/e-smith/templates/home/e-smith/ssl.pem/10openssl @@ -0,0 +1,8 @@ +{ + $OUT = ''; + # let's expand the /etc/openssl.conf configuration + use esmith::templates; + esmith::templates::processTemplate({ + TEMPLATE_PATH => "/etc/openssl.conf" + }); +} diff --git a/root/etc/e-smith/templates/home/e-smith/ssl.pem/20key b/root/etc/e-smith/templates/home/e-smith/ssl.pem/20key new file mode 100644 index 0000000..439cb0b --- /dev/null +++ b/root/etc/e-smith/templates/home/e-smith/ssl.pem/20key @@ -0,0 +1,22 @@ +{ + use esmith::ssl; + my $domain = $DomainName || "localdomain"; + my $hostname = $SystemName || "localhost"; + $OUT = ''; + + # expand default key + my $dkey = "/home/e-smith/ssl.key/$hostname.$domain.key"; + use esmith::templates; + esmith::templates::processTemplate({ + TEMPLATE_PATH => "/home/e-smith/ssl.key/key", + OUTPUT_FILENAME => $dkey, + }); + + # choose which key to put in pem + my $key = ( defined $modSSL{'key'} and defined $modSSL{'crt'} and related_key_cert($modSSL{'key'},$modSSL{'crt'}) ) ? $modSSL{'key'} : $dkey; + open(KEY, $key) or die "Could not open key file: $!"; + my @key = ; + chomp @key; + $OUT = join "\n", @key; + close KEY; +} diff --git a/root/etc/e-smith/templates/home/e-smith/ssl.pem/40crt b/root/etc/e-smith/templates/home/e-smith/ssl.pem/40crt new file mode 100644 index 0000000..a9ae965 --- /dev/null +++ b/root/etc/e-smith/templates/home/e-smith/ssl.pem/40crt @@ -0,0 +1,21 @@ +{ + use esmith::ssl; + my $domain = $DomainName || "localdomain"; + my $hostname = $SystemName || "localhost"; + + # expand default self signed crt + my $dcrt = "/home/e-smith/ssl.crt/$hostname.$domain.crt"; + use esmith::templates; + esmith::templates::processTemplate({ + TEMPLATE_PATH => "/home/e-smith/ssl.crt/crt", + OUTPUT_FILENAME => $dcrt, + }); + + # choose crt to add to pem + $crt = ( defined $modSSL{'key'} and defined $modSSL{'crt'} and related_key_cert($modSSL{'key'},$modSSL{'crt'}) )? $modSSL{'crt'} : $dcrt; + open(CRT, $crt) or die "Could not open crt file: $!"; + my @crt = ; + chomp @crt; + $OUT = join "\n", @crt; + close CRT; +} diff --git a/root/etc/e-smith/templates/home/e-smith/ssl.pem/60pem b/root/etc/e-smith/templates/home/e-smith/ssl.pem/60pem new file mode 100644 index 0000000..300b53d --- /dev/null +++ b/root/etc/e-smith/templates/home/e-smith/ssl.pem/60pem @@ -0,0 +1,12 @@ +{ + my $pem = $modSSL{'CertificateChainFile'}; + if ($pem and -e $pem) + { + open(PEM, $pem) or warn "Intermediate Certificate File defined, but cannot open $pem : $!"; + my @pem = ; + chomp @pem; + $OUT = join "\n", @pem; + close PEM; + } +} + diff --git a/root/etc/e-smith/templates/usr/lib/e-smith-mdevent/mdEvent.tmpl b/root/etc/e-smith/templates/usr/lib/e-smith-mdevent/mdEvent.tmpl new file mode 100644 index 0000000..e6f37ca --- /dev/null +++ b/root/etc/e-smith/templates/usr/lib/e-smith-mdevent/mdEvent.tmpl @@ -0,0 +1,23 @@ +{ + use esmith::I18N; + use Locale::gettext; + + my $i18n = new esmith::I18N; + $i18n->setLocale('mdEvent.tmpl'); + + my $domain = $conf->get_value("DomainName") || "localhost"; + my $systemName = $conf->get_value("SystemName") || "SME Server"; + + $OUT .= "To: $user\n"; + $OUT .= "From: \"". gettext("mdadm monitoring") . "\" \n"; + $OUT .= "Subject: " . gettext("$event event on") . " ${device}:${systemName}.${domain}\n\n"; + + $OUT .= gettext("This is an automatically generated mail message from mdadm running on"). + " ${systemName}.${domain}.\n\n"; + + $OUT .= gettext("A $event event has been detected on md device"). + " ${device}.\n\n"; + + $OUT .= gettext("Device") . " $member ". gettext("is now an active member of md device") . + " ${device}.\n" if $member; +} diff --git a/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/20unit b/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/20unit new file mode 100644 index 0000000..cb2cc55 --- /dev/null +++ b/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/20unit @@ -0,0 +1,3 @@ +[Unit] +PartOf=network.service + diff --git a/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/40service b/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/40service new file mode 100644 index 0000000..9393464 --- /dev/null +++ b/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/40service @@ -0,0 +1,21 @@ +{ +$interface=$InternalInterface{'Name'}||"hum"; +$configfile='/etc/dhcpd.conf'; +$leasefile='/var/lib/dhcpd/dhcpd.leases'; + +$OUT .=""; +} +[Service] +Type=notify +ExecStartPre=/sbin/e-smith/service-status dhcpd +ExecStartPre=/sbin/e-smith/expand-template {$configfile} +ExecStartPre=/bin/touch {$leasefile} +#first empty one is to delete original one, as ExecStart allow multiple entries +ExecStart= +ExecStart=/usr/bin/sh -c 'exec /usr/sbin/dhcpd -f -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases -user dhcpd -group dhcpd --no-pid {$interface} >>/var/log/dhcpd/current 2>>/var/log/dhcpd/current' +#for systemd >=240 +#StandardOutput=append:/var/log/dhcpd/current +#StandardError=inherit +Restart=always +RestartSec=2 + diff --git a/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/80install b/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/80install new file mode 100644 index 0000000..b06b26a --- /dev/null +++ b/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/80install @@ -0,0 +1,3 @@ +[Install] +WantedBy=sme-server.target + diff --git a/root/etc/e-smith/templates/usr/lib/systemd/system/sme-server.target.d/50koozali.conf/20services b/root/etc/e-smith/templates/usr/lib/systemd/system/sme-server.target.d/50koozali.conf/20services new file mode 100644 index 0000000..46f2eed --- /dev/null +++ b/root/etc/e-smith/templates/usr/lib/systemd/system/sme-server.target.d/50koozali.conf/20services @@ -0,0 +1,22 @@ +[Unit] +Wants={ + +foreach my $service ($c->get_all_by_prop(type => 'service')){ + my $status = $service->prop('status') || 'enabled'; + my $servicename = $service->prop('SystemdUnit') || $service->key . ".service" || ""; + next unless $servicename || $servicename eq ".service"; + $status = ($status eq "enabled") ? "enable" : "disable"; + unless ( $service->key ~~ @list ) { + $status = "disable" if -e "/etc/rc.d/init.d/".$service->key || -e "/etc/rc.d/init.d/supervise/".$service->key; + } + next unless -e "/usr/lib/systemd/system/$servicename" || -e "/etc/lib/systemd/system/$servicename"; + # bootstrap-console is wantedby basic.target + next if ($servicename eq "bootstrap-console.service"); + # we could also filter out there services that have already WantedBy=.*sme-server.target in their unit file or in a drop-in + + $OUT .= "$servicename " if ($status eq "enable"); + + } + +} + diff --git a/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/00interface b/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/00interface new file mode 100644 index 0000000..51c649c --- /dev/null +++ b/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/00interface @@ -0,0 +1,4 @@ +{ + die "Need to pass THIS_DEVICE in MORE_DATA\n" unless (defined $THIS_DEVICE); + $OUT = "interface \"$THIS_DEVICE\" \{"; +} diff --git a/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/50hostname b/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/50hostname new file mode 100644 index 0000000..3f8c36b --- /dev/null +++ b/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/50hostname @@ -0,0 +1,7 @@ +{ + return unless defined $ExternalInterface; + return unless $ExternalInterface{Name} eq $THIS_DEVICE; + return unless $ExternalInterface{Configuration} eq "DHCPHostname"; + $OUT .= " send host-name \"$DialupUserAccount\";\n"; + $OUT .= " send dhcp-client-identifier \"$DialupUserAccount\";"; +} diff --git a/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/template-end b/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/template-end new file mode 100644 index 0000000..4151a89 --- /dev/null +++ b/root/etc/e-smith/templates/var/lib/dhclient/dhclient.conf/template-end @@ -0,0 +1,3 @@ +{ + $OUT = '\}'; +} diff --git a/root/etc/e-smith/templates/var/service/ippp/config/LocalIP b/root/etc/e-smith/templates/var/service/ippp/config/LocalIP new file mode 100644 index 0000000..2b319cb --- /dev/null +++ b/root/etc/e-smith/templates/var/service/ippp/config/LocalIP @@ -0,0 +1,3 @@ +{ + $OUT = "LocalIP=$LocalIP"; +} diff --git a/root/etc/e-smith/templates/var/service/ippp/config/ppp_options b/root/etc/e-smith/templates/var/service/ippp/config/ppp_options new file mode 100644 index 0000000..7a09e61 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/ippp/config/ppp_options @@ -0,0 +1,11 @@ +{ + $OUT = 'ppp_options="'; + $OUT .= "user $DialupUserAccount name $DialupUserAccount "; + # If you really want to change the options used by ipppd, then + # you can set the IpppdOptions property of the 'isdn' service. + # If you do this, you'd better know what you are doing! + $OUT .= $isdn{'IpppdOptions'} || + " noauth debug -vj -vjccomp -bsdcomp -ac -pc " . + "noipdefault ipcp-accept-local ipcp-accept-remote"; + $OUT .= ' ipparam diald"'; +} diff --git a/root/etc/e-smith/templates/var/service/wan/dhclient.config/device b/root/etc/e-smith/templates/var/service/wan/dhclient.config/device new file mode 100644 index 0000000..a3e1f48 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/dhclient.config/device @@ -0,0 +1,5 @@ +{ + my $device = $ExternalInterface{Name} || "eth1"; + $OUT .= "/sbin/ifconfig $device up mtu 1500\n\n"; + $OUT .= "interface=$device\n"; +} diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/comp b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/comp new file mode 100644 index 0000000..3a579a7 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/comp @@ -0,0 +1,7 @@ +noaccomp +noccp +nobsdcomp +nodeflate +novj +novjccomp +nopcomp diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/debug b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/debug new file mode 100644 index 0000000..d287cd3 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/debug @@ -0,0 +1 @@ +debug diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/default-asyncmap b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/default-asyncmap new file mode 100644 index 0000000..a753fdb --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/default-asyncmap @@ -0,0 +1 @@ +default-asyncmap diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/defaultroute b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/defaultroute new file mode 100644 index 0000000..fbe76d6 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/defaultroute @@ -0,0 +1 @@ +defaultroute diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/hide-password b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/hide-password new file mode 100644 index 0000000..056bd15 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/hide-password @@ -0,0 +1 @@ +hide-password diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/ipcp-accept b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/ipcp-accept new file mode 100644 index 0000000..2aea027 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/ipcp-accept @@ -0,0 +1,2 @@ +ipcp-accept-local +ipcp-accept-remote diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/ipparam b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/ipparam new file mode 100644 index 0000000..d11f989 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/ipparam @@ -0,0 +1 @@ +ipparam wan diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/lcp-echo b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/lcp-echo new file mode 100644 index 0000000..ab06425 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/lcp-echo @@ -0,0 +1,2 @@ +lcp-echo-interval 30 +lcp-echo-failure 2 diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/linkname b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/linkname new file mode 100644 index 0000000..a7f4ed0 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/linkname @@ -0,0 +1 @@ +linkname pppoe diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/mru b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/mru new file mode 100644 index 0000000..0d59c05 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/mru @@ -0,0 +1 @@ +mru 1492 diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/mtu b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/mtu new file mode 100644 index 0000000..96bbf5a --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/mtu @@ -0,0 +1 @@ +mtu 1492 diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/noauth b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/noauth new file mode 100644 index 0000000..32ec05f --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/noauth @@ -0,0 +1 @@ +noauth diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/nodetach b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/nodetach new file mode 100644 index 0000000..b6522d3 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/nodetach @@ -0,0 +1 @@ +nodetach diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/noipdefault b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/noipdefault new file mode 100644 index 0000000..d8eb887 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/noipdefault @@ -0,0 +1 @@ +noipdefault diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/pty b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/pty new file mode 100644 index 0000000..59f0421 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/pty @@ -0,0 +1,27 @@ +{ + my $inkernel = $pppoe{InKernel} || "no"; + my $timeout = $pppoe{Timeout} || 120; # PPPOE_TIMEOUT should be about 4*LCP_INTERVAL + my $device = $pppoe{PhysicalInterface} || "eth1"; + my $syncPPP = $pppoe{SynchronousPPP} || "no"; + my $syncflag = ""; + + $OUT = ""; + if ($syncPPP eq "yes") + { + $OUT .= "sync\n"; + $syncflag = "-s"; + } + if ($inkernel eq "yes") + { + # Find Roaring Penguin pppoe plugin + my ($plugin) = glob "/usr/lib*/pppd/*/rp-pppoe.so"; + $plugin ||= "pppoe_plugin_could_not_be_found"; + + $OUT .= "plugin $plugin\n"; + $OUT .= "$device"; + } + else + { + $OUT .= "pty '/usr/sbin/pppoe -I $device -T $timeout -U -m 1412 $syncflag'"; + } +} diff --git a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/username b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/username new file mode 100644 index 0000000..e2269b8 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/username @@ -0,0 +1 @@ +user "{ "$DialupUserAccount" }" diff --git a/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/device b/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/device new file mode 100644 index 0000000..9c4200b --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/device @@ -0,0 +1,8 @@ +{ + my $device = $pppoe{PhysicalInterface} || "eth1"; + $OUT .= "/sbin/ifconfig $device up mtu 1500\n"; + $OUT .= "/sbin/modprobe ppp_generic\n"; + $OUT .= "/sbin/modprobe ppp_async\n"; + $OUT .= "/sbin/modprobe ppp_synctty\n"; + $OUT .= "DEVICE=$device"; +} diff --git a/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/mlimit b/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/mlimit new file mode 100644 index 0000000..baf7f66 --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/mlimit @@ -0,0 +1,15 @@ +{ + # memory limit to catch any memory leak before it kills the system + use constant MIN_MEMORY_LIMIT => 100000000; + + # If there is a memory limit in the database and it is below the minimum, delete it. + if (defined $pppoe{Mlimit} && $pppoe{Mlimit} < MIN_MEMORY_LIMIT) + { + $DB->get_prop_and_delete('pppoe','Mlimit'); + delete $pppoe{Mlimit}; + } + + $OUT = "PPPD_MLIMIT="; + $OUT .= $pppoe{Mlimit} || MIN_MEMORY_LIMIT; +} + diff --git a/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/timeout b/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/timeout new file mode 100644 index 0000000..8cd2a5b --- /dev/null +++ b/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/timeout @@ -0,0 +1,2 @@ +# PPPOE_TIMEOUT should be about 4*LCP_INTERVAL +PPPOE_TIMEOUT=120 diff --git a/root/etc/e-smith/tests/10e-smith-base/00sanity-accounts.t b/root/etc/e-smith/tests/10e-smith-base/00sanity-accounts.t new file mode 100644 index 0000000..de76f88 --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/00sanity-accounts.t @@ -0,0 +1,225 @@ +#!/usr/bin/perl -w +# vim: se ft=perl: + +use strict; + +use Test::More 'no_plan'; +use User::pwent; +use User::grent; +use File::stat; +use esmith::AccountsDB; +my $adb = esmith::AccountsDB->open; + + +### Check the admin account is in order. +my $admin = getpwnam('admin'); +ok( $admin, 'admin user exists' ); +is( $admin->shell, '/sbin/e-smith/console', 'shell' ); + +# Check for the existence of these groups. +my @groups = qw(shared www slocate ntp); +foreach my $group_name (@groups) +{ + ok( getgrnam($group_name), "$group_name group exists" ); +} + +# Check the groups that the admin user should be a member of. +foreach my $group_name (qw(root shared www)) { + my $group = getgrnam($group_name); + ok( grep($_ eq 'admin', @{ $group->members }), + "admin is in group $group_name" ); +} + +# Check that all users in the AccountsDB are in the passwd file. +foreach my $user ($adb->users) +{ + my $name = $user->{key}; + ok( getpwnam($name), "$name from accounts db exists in passwd file" ); +} + +# Check that all groups in the AccountsDB are in the group file. +foreach my $group ($adb->groups) +{ + my $name = $group->{key}; + ok( getgrnam($name), "$name from accounts db exists in group file" ); +} + +# Check for the existence of these users. +my @users = qw(public www root admin public); +foreach my $user_name (@users) +{ + ok( getpwnam($user_name), "$user_name user exists" ); +} + +# Make sure that user www belongs to admin and shared groups. +foreach my $group_name (qw(admin shared)) +{ + my $group = getgrnam($group_name); + ok( grep($_ eq 'www', @{ $group->members }), + "www is in group $group_name" ); +} + +# Check that unwanted accounts don't exist. +foreach my $user (qw(halt shutdown sync)) { + ok( !getpwnam($user), "unwanted $user account" ); +} + +# Check the shells of the root and admin users. +ok( (getpwnam('admin')->shell eq '/sbin/e-smith/console'), 'admin shell is /sbin/e-smith/console' ); +ok( (getpwnam('root')->shell eq '/bin/bash'), 'root shell is /bin/bash' ); + +# Check ownership and permissions of important files. +# These files may not exist, thanks to the breakup of the base. Make the tests +# conditional on their existence. +my %dirs = ( + '/home/e-smith' => { user => 'admin', + group => 'admin', + mode => 040755 + }, + '/home/e-smith/files' => { + user => 'root', + group => 'root', + mode => 040755, + }, + '/home/e-smith/files/users/admin' => { + user => 'admin', + group => 'admin', + mode => 040500, + }, + '/home/e-smith/Maildir' => { + user => 'admin', + group => 'admin', + mode => 040700, + }, + '/etc/e-smith/web' => { + user => 'root', + group => 'root', + mode => 0755, + }, + '/etc/e-smith/web/functions' => { + user => 'root', + group => 'admin', + mode => 0550, + }, + '/etc/e-smith/web/panels' => { + user => 'root', + group => 'admin', + mode => 0550, + }, + '/etc/e-smith/web/common' => { + user => 'www', + group => 'admin', + mode => 0550, + }, + '/etc/e-smith/web/panels/password/cgi-bin/userpassword' => + { + user => 'root', + group => 'admin', + mode => 06550, + }, + '/usr/bin/pwauth' => { + user => 'root', + group => 'www', + mode => 04750, + }, + ); + +while(my($dir, $setup) = each %dirs) { + my $stat = stat($dir); + SKIP: { + skip "$dir does not exist", 3 unless defined $stat; + is( $stat->uid, getpwnam($setup->{user})->uid, "owner of $dir" ); + is( $stat->gid, getgrnam($setup->{group})->gid, "group of $dir" ); + SKIP: { + skip "No mode expectations for $dir", 1 unless $setup->{mode}; + cmp_ok( $stat->mode & $setup->{mode}, '==', $setup->{mode}, + "perms for $dir" ); + } + } +} + +my %files = ( + '/home/e-smith/files/' => { + user => 'root', + group => 'root', + mode => 0755 + }, + '/home/e-smith/files/ibays/Primary' => { + user => 'admin', + group => 'shared', + mode => 02750, + }, + '/etc/e-smith/web/functions' => { + user => 'root', + group => 'admin', + mode => 04750, + }, + '/etc/e-smith/web/panels' => { + user => 'root', + group => 'root', + mode => 0755, + }, + ); + +while( my($dir, $setup) = each %files ) { + opendir DIR, $dir || die $!; + foreach my $file (readdir DIR) { + next if $file =~ /^\.{1,2}$/; + $file = "$dir/$file"; + next if -l $file; + my $stat = stat($file); + is( $stat->uid, getpwnam($setup->{user})->uid, "owner of $file" ); + is( $stat->gid, getgrnam($setup->{group})->gid, "group of $file" ); + cmp_ok( $stat->mode & $setup->{mode}, '==', $setup->{mode}, + "perms for $file" ); + } + close DIR; +} + +my %name2type = + ( + admin => 'system', + mysql => 'system', + shared => 'system', + everyone => 'pseudonym', + 'mailer-daemon' => 'pseudonym', + postmaster => 'pseudonym', + + 'cgi-bin' => 'url', + 'e-smith-manager' => 'url', + 'e-smith-password' => 'url', + 'server-manager' => 'url', + 'server-manual' => 'url', + 'user-password' => 'url', + 'common' => 'url', + 'files' => 'url', + 'icons' => 'url', + webmail => 'url', + 'Primary' => 'ibay', + ); + +my $account; +while( my($name, $type) = each %name2type ) { + SKIP: { + skip "$name is not defined", 2 unless $adb->get($name); + isa_ok( $account = $adb->get($name), 'esmith::DB::Record', "$name" ); + is( $account->prop('type'), $type, ' type' ); + } +} + +my %Expected_Props = + ( + shared => { Visible => 'internal' }, + everyone => { Account => 'shared', + Visible => 'internal' + }, + 'mailer-daemon' => { Account => 'admin' }, + postmaster => { Account => 'admin' } + ); + +while( my($name, $exp_props) = each %Expected_Props ) { + my $account = $adb->get($name); + my %props = $account->props; + is_deeply( [@props{keys %$exp_props}], [@{$exp_props}{keys %$exp_props}], + "$name props"); +} diff --git a/root/etc/e-smith/tests/10e-smith-base/10manager.t b/root/etc/e-smith/tests/10e-smith-base/10manager.t new file mode 100644 index 0000000..5db4d9b --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/10manager.t @@ -0,0 +1,10 @@ +#!/usr/bin/perl -w + +use strict; +use Test::More 'no_plan'; +use esmith::FormMagick::Tester; + +my $ua = new esmith::FormMagick::Tester; + +ok($ua->get("http://localhost/server-manager"), "Get server manager"); +is($ua->{status}, 200, "200 OK"); diff --git a/root/etc/e-smith/tests/10e-smith-base/20interfaces.t b/root/etc/e-smith/tests/10e-smith-base/20interfaces.t new file mode 100644 index 0000000..e7a072a --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/20interfaces.t @@ -0,0 +1,102 @@ +#!/usr/bin/perl -w +# vim: ft=perl: + +use strict; +use Test::More 'no_plan'; + +use esmith::util; +use esmith::ConfigDB; + +my $db = esmith::ConfigDB->open_ro; + +my $internal = $db->get('InternalInterface'); +my $external = $db->get('ExternalInterface'); + +# Test the internal interface. +ok( $internal, "InternalInterface exists" ); +ok( $internal->prop('type') eq 'interface', "InternalInterface is an interface" ); +ok( $internal->prop('Configuration') eq 'static', + "InternalInterface Configuration is static" ); +ok( $internal->prop('Driver') eq $db->get_value("EthernetDriver1"), + "InternalInterface Driver is correct" ); +ok( $internal->prop('IPAddress') eq $db->get_value("LocalIP"), + "InternalInterface IPAddress is correct" ); +ok( $internal->prop('Netmask') eq $db->get_value("LocalNetmask"), + "InternalInterface Netmask is correct" ); + +# There might be an external interface. +SKIP: { + skip "serveronly mode, no external interface expected", 9 + if $db->get_value('SystemMode') eq 'serveronly'; + ok( $external, "ExternalInterface exists" ); + ok( $external->prop('type') eq 'interface', + "ExternalInterface is an interface" ); + ok( $external->prop('IPAddress') eq $db->get_value('ExternalIP'), + "ExternalInterface IPAddress is correct" ); + ok( $external->prop('Netmask') eq $db->get_value('ExternalNetmask'), + "ExternalInterface Netmask is correct" ); + ok( $external->prop('Gateway') eq $db->get_value('GatewayIP'), + "ExternalInterface Gateway is correct" ); + ok( ($external->prop('Network'), $external->prop('Broadcast')) eq + esmith::util::computeNetworkAndBroadcast($external->prop('IPAddress'), + $external->prop('Netmask')), + "ExternalInterface Network is correct" ); + if ($db->get_value('AccessType') eq 'dialup') + { + ok( $external->prop('Configuration') eq 'dialup', + "ExternalInterface Configuration is dialup" ); + my $isdn = $db->get_prop('isdn', 'status') || "disabled"; + my $sync_isdn = $db->get_prop('isdn', 'UseSyncPPP') || "no"; + my $name = ($isdn eq "enabled" and $sync_isdn eq "yes") ? + "ippp0" : "ppp0"; + ok( $external->prop('Name') eq $name, "ExternalInterface Name is $name" ); + } + elsif ($db->get_prop('pppoe', 'status') eq 'enabled') + { + ok( $external->prop('Configuration') eq 'pppoe', + "ExternalInterface Configuration is pppoe" ); + ok( $external->prop('Name') eq 'ppp0', "ExternalInterface name is ppp0" ); + } + else + { + ok( $external->prop('Driver') eq $db->get_value("EthernetDriver2"), + "ExternalInterface Driver is correct" ); + } + + if ($db->get_value("ExternalDHCP") eq "on") + { + if ($db->get_value("DHCPClient") eq "dhi") + { + ok( $external->prop('Configuration') eq "DHCPHostname", + "ExternalInterface Configuration is DHCPHostname" ); + } + else + { + ok( $external->prop('Configuration') eq "DHCPEthernetAddress", + "ExternalInterface Configuration is DHCPEthernetAddress" ); + } + } + else + { + unless (($db->get_value('AccessType') eq 'dialup') || + ($db->get_prop('pppoe', 'status') eq 'enabled')) + { + ok( $external->prop('Configuration') eq 'static', + "ExternalInterface Configuration is static" ); + } + } +} + +# The interfaces migrate fragment also creates a dhcpcd record. +my $dhcpcd = $db->get("dhcpcd"); + +ok( defined $dhcpcd, "dhcpcd record exists" ); +ok( $dhcpcd->prop('type') eq 'service', "dhcpcd is a service" ); +if ($db->get_value("ExternalDHCP") eq "on") +{ + ok( $dhcpcd->prop('status') eq 'enabled', "dhcpcd is enabled" ); +} +else +{ + ok( $dhcpcd->prop('status') eq 'disabled', "dhcpcd is disabled" ); +} diff --git a/root/etc/e-smith/tests/10e-smith-base/accounts.conf b/root/etc/e-smith/tests/10e-smith-base/accounts.conf new file mode 100644 index 0000000..e014ff3 --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/accounts.conf @@ -0,0 +1,83 @@ +# DO NOT MODIFY THIS FILE. +# This file is automatically maintained by the Mitel Networks SME Server +# configuration software. Manually editing this file may put your +# system in an unknown state. +# +# updated: Tue Feb 26 13:56:13 2002 +Bart.Simpson=pseudonym|Account|bart +Bart_Simpson=pseudonym|Account|bart +Global=system +Primary=system +adm=system|Gid|4|Uid|3 +admin=system|Gid|101|Uid|101 +alias=system|Gid|400|Uid|400 +apache=existing|Gid|48|Uid|48 +bart=user|FirstName|Bart|LastName|Simpson +bin=system|Gid|1|Uid|1 +cdrom=system +cgi-bin=url +console=system +daemon=system|Gid|2|Uid|2 +dip=system|Gid|40 +disk=system|Gid|6 +dns=existing|Gid|53|Uid|53 +e-smith-manager=url +e-smith-password=url +everyone=pseudonym|Account|shared|Visible|internal +floppy=system|Gid|19 +ftp=system|Gid|50|Uid|14 +games=system|Gid|20|Uid|12 +global=system +gopher=system|Gid|30|Uid|13 +halt=system +homes=system +kmem=system|Gid|9 +ldap=existing|Gid|55|Uid|55 +lp=system|Gid|7|Uid|4 +mail=system|Gid|12|Uid|8 +mailer-daemon=pseudonym|Account|admin +man=system|Gid|15 +mem=system|Gid|8 +mysql=existing|Gid|27|Uid|27 +named=existing|Gid|25|Uid|25 +netlogon=netlogon|Comment|placeholder for netlogon share +news=system|Gid|13|Uid|9 +nobody=system|Gid|99|Uid|99 +nofiles=system|Gid|400 +operator=system|Gid|0|Uid|11 +postgres=system +postmaster=pseudonym|Account|admin +primary=system +printers=system +public=system|Gid|103|Uid|102 +qmail=system|Gid|401 +qmaild=system|Gid|400|Uid|401 +qmaill=system|Gid|400|Uid|402 +qmailp=system|Gid|400|Uid|403 +qmailq=system|Gid|401|Uid|404 +qmailr=system|Gid|401|Uid|405 +qmails=system|Gid|401|Uid|406 +qmailscan=existing|Gid|407|Uid|407 +root=system|Gid|0|Uid|0 +schwern=user|Uid|500|Gid|501|FirstName|Michael|LastName|Schwern +server-manager=url +server-manual=url +shared=system|Gid|500|Visible|internal +shutdown=system +simpsons=group|Description|Simpsons Family|Gid|5005|Members|bart,lisa,homer|Uid|5005 +flanders=group|Description|Flanders Family|Gid|5006|Members|ned,rod,tod|Uid|5005 +slocate=system +somegroup=group|Gid|42 +squid=system|Gid|23|Uid|23 +sync=system +sys=system|Gid|3 +trend=existing|Gid|408|Uid|408 +tty=system|Gid|5 +user-password=url +users=system|Gid|100 +utmp=system|Gid|22 +uucp=system|Gid|14|Uid|10 +webmail=url +wheel=system|Gid|10 +www=system|Gid|102|Uid|100 +webstats=ibay|CgiBin|disabled|Gid|5017|Group|shared|Name|Web Statistics|PasswordSet|no|PublicAccess|global|Uid|5017|UserAccess|wr-group-rd-group diff --git a/root/etc/e-smith/tests/10e-smith-base/configuration.conf b/root/etc/e-smith/tests/10e-smith-base/configuration.conf new file mode 100644 index 0000000..758f0ef --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/configuration.conf @@ -0,0 +1,99 @@ +# DO NOT MODIFY THIS FILE. +# This file is automatically maintained by the Mitel Networks SME Server +# configuration software. Manually editing this file may put your +# system in an unknown state. +# +# updated: Fri Apr 25 22:01:19 2003 +AccessType=dedicated +ActiveAccounts=0 +AdminEmail= +ConsoleMode=login +ContactEmail= +ContactName= +ContactOrg= +DialupConnOffice=long +DialupConnOutside=long +DialupConnWeekend=long +DialupFreqOffice=every15min +DialupFreqOutside=everyhour +DialupFreqWeekend=everyhour +DialupModemDevice=/dev/ttyS1 +DialupPhoneNumber= +DialupUserAccount=useraccount +DialupUserPassword=userpassword +DomainName=e-smith.com +EmailUnknownUser=returntosender +EthernetDriver1=pcnet32 +EthernetDriver2=unknown +ExternalDHCP=off +ExternalNetmask=255.255.255.0 +GatewayIP=192.168.16.1 +LocalIP=192.168.16.228 +LocalNetmask=255.255.255.0 +MinUid=5000 +PasswordSet=yes +PreviousConfiguration=/home/e-smith/db/configuration.previous +SMTPSmartHost= +SambaDomainMaster=no +SambaServerName=pretz +SambaWorkgroup=mitel-networks +ServiceAccountId= +ServiceDomainName= +ServiceTargetIP= +SquidParent= +SquidParentPort= +StatusReports=off +SystemMode=serveronly +SystemName=pretz +TimeZone=US/Eastern +UnsavedChanges=yes +atalk=service|InitscriptOrder|91|status|enabled +auth=service|access|public|status|enabled +blades=service|Host|service.e-smith.com|status|enabled +bootstrap-console=service|InitscriptOrder|35|Run|no|status|enabled +branding=service|modified|000000000000|status|enabled +crond=service|InitscriptOrder|40|status|enabled +dhcpd=service|InitscriptOrder|65|end|192.168.16.250|start|192.168.16.65|status|disabled +diald=service|InitscriptOrder|57|status|disabled +fetchmail=service|FreqOffice|every5min|FreqOutside|every30min|FreqWeekend|never|Method|standard|SecondaryMailAccount|popaccount|SecondaryMailPassword|poppassword|SecondaryMailServer|mail.myisp.xxx|status|disabled +flexbackup=backupservice|erase_rewind_only|true +ftp=service|access|private|accessLimits|off|status|enabled +horde=service|status|disabled +httpd-admin=service|InitscriptOrder|86|ValidFrom|10.1.2.0/255.255.255.0,1.2.3.4/255.255.255.255,5.4.3.2/255.255.255.255|status|enabled +httpd-e-smith=service|InitscriptOrder|85|access|private|status|enabled +imap=service|access|private|status|enabled +imaps=service|access|private|status|enabled +imp=service|status|disabled +ippp=service|InitscriptOrder|55|status|enabled +ipsec=service|InitscriptOrder|90|PubKey|0sAQOoIKaOMuDqSdCZJXgv9QI86DAuAwbbvn8uoKn2lRQ9ZVPTn9Ow5znhuw/GopsYD2eujhtvkQo7fszAhWbEpn+lW2LzLCbZYaDov7j8Q9CpeJSVgeuzaBcw3OenSL3ltTwWWtG0pvyaYsfepNqVYvo64YVmrxo0O7dCECySMVBZkQ==|status|disabled +isdn=service|Protocol|2|UseSyncPPP|yes|status|disabled +keytable=service|InitscriptOrder|25|status|enabled +ldap=service|InitscriptOrder|80|access|private|defaultCity|Ottawa|defaultCompany|XYZ Corporation|defaultDepartment|Main|defaultPhoneNumber|555-5555|defaultStreet|123 Main Street|status|enabled +lilo=service|AddressMode|linear +local=service|InitscriptOrder|99|status|enabled +lpd=service|InitscriptOrder|60|status|enabled +mariadb=service|InitscriptOrder|90|status|enabled +masq=service|InitscriptOrder|06|Logging|none|Stealth|no|status|disabled +maxIbayNameLength=2 +modSSL=service|status|enabled +mysql.init=service|InitscriptOrder|99|status|enabled +named=service|chroot|yes|status|enabled +network=service|InitscriptOrder|10|status|enabled +ntpd=service|InitscriptOrder|55|status|disabled +php=service|status|enabled +pop3s=service|access|private|status|enabled +popd=service|access|private|status|enabled +pppoe=service|DemandIdleTime|no|InitscriptOrder|57|SynchronousPPP|no|status|disabled +qmail=service|InitscriptOrder|80|status|enabled +random=service|InitscriptOrder|20|status|enabled +scanner=service|ScannerFns|iscan|UpdateTime|1:14|scanMail|yes|status|enabled +smb=service|InitscriptOrder|91|RoamingProfiles|no|status|enabled +smtpfront-qmail=service|access|public|status|enabled +ssmtpfront-qmail=service|access|public|status|enabled +squid=service|InitscriptOrder|90|status|enabled +sshd=service|InitscriptOrder|85|PasswordAuthentication|yes|PermitRootLogin|yes|access|private|status|enabled +sync=service|Host|service.e-smith.com|LastId|0|SuccessId|0|SyncFrequency|1|SyncMinute|57|status|disabled +rsyslog=service|InitscriptOrder|05|status|enabled +telnet=service|access|private|status|disabled +vpn=configuration|sessions|10|status|disabled +wibble=42 diff --git a/root/etc/e-smith/tests/10e-smith-base/domains.conf b/root/etc/e-smith/tests/10e-smith-base/domains.conf new file mode 100644 index 0000000..4faec8a --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/domains.conf @@ -0,0 +1,6 @@ +# DO NOT MODIFY THIS FILE. +# This file is automatically maintained by the March Networks SME Server +# configuration software. Manually editing this file may put your +# system in an unknown state. +frog.pond=domain|Description|Frog Pond|Content|Primary +swamp.hollow.log=domain|Description|Swamp Hollow|Content|webstats diff --git a/root/etc/e-smith/tests/10e-smith-base/networks.conf b/root/etc/e-smith/tests/10e-smith-base/networks.conf new file mode 100644 index 0000000..435ad7e --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/networks.conf @@ -0,0 +1,9 @@ +# DO NOT MODIFY THIS FILE. +# This file is automatically maintained by the Mitel Networks SME Server +# configuration software. Manually editing this file may put your +# system in an unknown state. +# +# updated: Sat May 25 22:33:50 2002 +10.33.16.0=network|Mask|255.255.255.240|RemoteVPNSubnet|yes|Router|default +10.33.17.0=network|Mask|255.255.255.240|RemoteVPNSubnet|yes|Router|default +10.35.127.16=network|Mask|255.255.255.240|RemoteVPNSubnet|yes|Router|default diff --git a/root/etc/e-smith/tests/10e-smith-base/system_configuration b/root/etc/e-smith/tests/10e-smith-base/system_configuration new file mode 100644 index 0000000..be1b143 --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/system_configuration @@ -0,0 +1,19 @@ +# DO NOT MODIFY THIS FILE. +# This file is automatically maintained by the Mitel Networks SME Server +# configuration software. Manually editing this file may put your +# system in an unknown state. +# +# updated: Tue Sep 10 14:54:26 2002 +PreviousConfiguration=10e-smith-base/system_configuration.previous +SystemMode=servergateway-private +ftp=service|access|private|accessLimits|private|status|disabled +httpd-e-smith=service|access|private|status|disabled +imap=service|access|private|status|disabled +imaps=service|access|private|status|disabled +oidentd=service|access|private|status|disabled +pop3s=service|access|private|status|disabled +popd=service|access|private|status|disabled +smtpfront-qmail=service|access|private|status|disabled +ssmtpfront-qmail=service|access|private|status|disabled +sshd=service|access|private|status|disabled +telnet=service|access|private|status|disabled diff --git a/root/etc/e-smith/tests/10e-smith-base/system_configuration.previous b/root/etc/e-smith/tests/10e-smith-base/system_configuration.previous new file mode 100644 index 0000000..efa6eb9 --- /dev/null +++ b/root/etc/e-smith/tests/10e-smith-base/system_configuration.previous @@ -0,0 +1,7 @@ +# DO NOT MODIFY THIS FILE. +# This file is automatically maintained by the Mitel Networks SME Server +# configuration software. Manually editing this file may put your +# system in an unknown state. +# +# updated: Tue Sep 10 14:54:25 2002 +SystemMode=junk4testing diff --git a/root/etc/e-smith/web/common/banner-shim.gif b/root/etc/e-smith/web/common/banner-shim.gif new file mode 100755 index 0000000000000000000000000000000000000000..c1f9cc9c5f7abeb84bec1c100a39bb3ef842fd64 GIT binary patch literal 882 zcmchWy=vBB48@P&P&)~Q;_wO;I~3_4W~sOcg7)p=;MzrmKwZ6r4uTFM4iYT*t>Dy; zD-aR;YQ(+t3PfjdioZM;VWxjba&pee^S?2@zIOTcqPFx$s*bFRDzCCCb(UEfm0oF; z>SAO?RCt9|sCzxjquk4_Ts>-87G+*$Wdf;`r6_sHN+e(d4Hm<6tM_z7re|8FdM#N* zhG$rYngvCVbWgW*H7R;6(mc)51V=_wk@A$K*a~aFAPq}sQDZUKK!e4wT2SYNM_7bf zA8X0n!!2Ab7Zw!F!z@gwhZMab4_OF#_yJ9(u><{(Kq0IFgETB@g$Ikl1{y52b6qAU z%w26H`dCY5<|ceaE-Waz%!Q9QjREkY9ivf;mG}Worm+J~2u2~S0fRJ?(1Hhx!3J7= zqVA?lPKb+PB>GrOX6nb$zK(l$ah$Mi9#`q!VRXAbyz9|nM;~D*Y@|WDZ!&l^@POty za3#z`6RUntmVZr_d5e7i&p7w@r7CKx zs95pn))nyp%36{wKLF=R(Q(m$KqP=z_yeYDG9k*SkO3eNfH4378lVye0ut;I;13WyfDPUUKumbg z+Fw8zZP9_61TG*#9amVj1fI3OYPAB8En`22*GsUzXQAylpmzp@bn}zM9^JVLfob*D^ms0Engr;Dl2^`VltL^Z;Z5 z2O5oLOLMTbb)ehZ+0)$yI5-S&b9ZrZb8&H}JK)7~F%!RT36A#mj!urwPEO9QPEJm) zSmWes9zy>;229@oIt|_;R}#Ss5a|RGonU$hmrXRCCxk*TZ3uXQ4r7G`1B7ftq0(&a z>|q%677_rF)FpHV1Tuj{Bol3@6q*gm!50eYB=WFh8w&pPOUNQB;!ai6FZ8-Lt| zVcdaa=s~KNiw$qtCRfaZGYMr)z9Yod+U401Gu$LPzn3E^m;=;N{%3DNC-MeMqY?x3 z$YZMu|Jnm)w+p69;6TFXq=Qg!xU6`7y|Qc-Z^%Z;8ULK+5o>BzpwCn@IX4Kixn-?1!)aUL1f-ZZx5ws=yeWRkOg%3gUh({%IO@tOP&6hlj&T$xGBzPvc+>o|?VYqhDuR8Pz9 z-h{qz69$FH3CJVyNN~p69t|cV)mvmSrb4*giNJEj$Bn{ePTfO7KLTcpjyMn7YDQdh zh?Vxlt+wE_E#AV0U>;?M({KY~I!v=acKC+G1Vnsf8?F-z*fJTEC}9h?J}d+aXV3N> zRt^v6&xUQ6jz7-v>E_@ze}*&w8hAv$vyh%+;&+Nn|BDQpn@q!O18l8u-NcFJYC+Kx zashr|nep+!NKy!F%tG!B3g)V``F^p6j zluCHP&VPy+HK?V!c<}-Wq%7kSBzi8Su$vBq@QhcYYB|=&$`nMV?@5R2QI&BXX;T7_JpM$`rs9ODo* z1G65F^C0agGU(A5M2%=gdPE8tK$xyUEXsCfWsHMK;#6`5y!_GYCmFO#Vbm-koXP?& z27YgjKqp6faVR3CUMQ0H;yFnWI1VxD<8-k?!4xryDlvn!E_N?v+Z0rr5vEkgyO0`S zUVLm98;+z(5t+!K)WfdrB1Efyhk8;MySKW%SRR2YQEd-!>1O-kF;)Q_0;ZyB3~O6G zs);w~bx2oWU@|);45Z(19mJ>}2Gno(_V5;`{8}B~b#%-aAXv^FJOuH;#m^YB112Ok zVj8ewQmjsZvHf?*zYW~sqrU&;p#SBdw*CL<<-q)m83rRAfJ9i~?f_r_2m@01P!R(J zFu*jB0{hrQMu+#XM~%yW&|rW-zyci1pm_%Kvx^GTF1WTErAJ|O@#ZCD@Gd?nfQjchL3`8dh@rp?B!o)^Cl&BEBh+$MI)jGa0gozK} z!#>7lGa0yweqji6mS7q~50B1;3O$3z3S#kme0|3;WLl95Nkg>@8C;e>6PnaYW&DK5 zXp2Eeg)l7(OG`^*rTMZ@t(?sb4i08>cx)ce2Wt4}($#vA(MPQt4(G!iQOvRq>xGA6 z77hoT$c}+e6$zK4RcQ1IRLu~<2eLkdX)q|He4f9*Oynow_;CD!MLt}vG|(qV!U^z^ ziFvX>i60Uy4&pNH7+vcYX#|3I&)9VbR4O){mBE+*83F-65|tQKh*}>P`GFZRDJp@} zYP$a1SsV}}|IUF4*!}Ho3@(d}LD*wmaIIz@gcSnJw%#<%oj<4KrAFe(j&?n{o=<0{7PYCo$xj(x4;p!6teNz5! zqYHlD>G~>!sNtueH2BS@M>=*Q_H7AI$C{I!zpEv77m~H~7>OkxiB`ey?es{;!u(}- zI+g^}v3sGL6e3J1S__p%u_4=%>|mnW9Sy#=HEhX@0rq)a>Aich2Un7@gLAt^9xCGK#G zx5wsvg;*wei#e4%I%cLU$eK;=P9?|AN-?h4cHq>d`_F$4j!RaguibvI=yF9}=NSH^ z*$Xn(?Ko6?rSiouy)(Y-D#s65`PV+E*;i-BdQdrZa&gP4buZrROf2PeD);*?s^NYl zELW`?lA7pOCExMZwczf=g6uH~w)9ZVXr*J#)VcE%4_#8`ULQLrCt=#9FIH^IUY<4m zV8Yl7Sq^QjZH<{F%!;WopXI8913JT9El<|IotOg2^>m#2E2IPkTATlD8W23h?< z%79{NXY2Q$6#O>WuZz$d$!Z~T-ld+0u;Vcy|F?Wx$hsF5-A!oqxpCrQ!- zizcnh8SJ~tZN^=Co%2-@z5RjV_=B`J>aU2;R>cymzmIgk4>-m37XQ!2K4?YJB}@9Hll8`qR3=I@wK z-Oy}otbLU^tgN;yKk>+u<~g?yRmG=%7e9a%f?QZxemH)q_iWh~6QEvQJ>PV5YUVg} zBR%cemD1I7c2>0xO)h^Ew(U&&hW0AA#rZ=D3xq$O)Hcmj)t8>&CAPKlzRJ|fya%zz z@hh|c%G|d8&{)xclO^ttiZ)!{Upi;u*reorpPUN!`y_E%_W129#{{wRp7MW*es%BF z)<+Ltg*p5fs%V*P{88xKm^ zukU{7oi?xP`JLyNgv z{2Nc!suCjR$I{RGOhk3epoY)li{3w85_YVCIR3lhp9=Dd4}DK2FPIj4=lwxVH=M6V z2Mtj=6#@CXA|g#qC>5 zjBkHDr%LiDOwSB>yQ}j`Wr}}7F5l30dho`o9~N}h9cjs*D}1xMe(AG{w@X5G)h3`g pz47YXb9HY$+gmTLjlaHA%|6i3WO&_L-g*1ruKL_uf&7T6;-4Q9Ln#0N literal 0 HcmV?d00001 diff --git a/root/etc/e-smith/web/functions/groups b/root/etc/e-smith/web/functions/groups new file mode 100755 index 0000000..90b5f17 --- /dev/null +++ b/root/etc/e-smith/web/functions/groups @@ -0,0 +1,149 @@ +#!/usr/bin/perl -wT + +# vim: ft=xml ts=4 sw=4 et: +#---------------------------------------------------------------------- +# heading : Collaboration +# description : GROUPS +# navigation : 2000 2200 +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 2002-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + + +use strict; +use esmith::FormMagick::Panel::groups; +my $f = esmith::FormMagick::Panel::groups->new(); +$f->display(); + +=head1 TESTING + + +=begin testing + +use esmith::FormMagick::Tester; +use esmith::TestUtils; +use esmith::AccountsDB; +my $panel = 'groups'; +my $panel_path = "/etc/e-smith/web/functions/".$panel; +my $ua = esmith::FormMagick::Tester->new(); + + +is (mode($panel_path), '4750', "Check permissions on script"); +ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title"); +ok ($ua->set_language("en"), "Set language to English"); +ok ($ua->get_panel($panel), "Get panel"); + +is ($ua->{status}, 200, "200 OK"); + +like($ua->{content}, qr/Create, remove, or change/, "Saw translated form title"); + +# Testing changes + +ok ($ua->get_panel($panel), "Testing panel retrieval"); +can_ok($ua, "field"); + +# Destructive testing: + +ok ($ua->follow('Click here to create a user group'), "Followed link to create group"); +is ($ua->{status}, 200, "200 OK" ); +can_ok($ua, "field"); +ok($ua->field('groupName' => 'aaaaaeve') , "Set GroupName"); +ok($ua->field('groupDesc' => 'sample'), "Set GroupDesc"); + +if (destruction_ok()) { + +ok ($ua->click('Create'), "Clicked create"); +is ($ua->{status}, 200, "200 OK" ); +like ($ua->{content}, qr/created user group/, "Saw create success message"); +ok ($ua->get_panel($panel), "Get panel"); +like ($ua->{content}, qr/aaaaaeve/, "Saw newly created everygroup link"); +ok ($ua->follow('Modify'), "modifying aaaaaeve"); +is ($ua->{status}, 200, "200 OK "); +ok ($ua->field('groupDesc' => 'Everyone') , "Set group desc to 'Everyone'"); + +#putting this in a test fails. why? +$ua->field('groupMembers' => 'admin'); +ok ($ua->click('Modify')); +is ($ua->{status}, 200, "200 OK"); +like ($ua->{content}, qr/Successfully/, "Saw modification success message"); +ok (my $acct = esmith::AccountsDB->open()); +ok (my $everg = $acct->get('aaaaaeve'), "Got an aaaaaeveg out of the db"); +ok ($everg->prop('Members') eq 'admin', "aaaaaeve has admin as its member"); + +ok ($ua->get_panel($panel), "Get panel"); +like ($ua->{content}, qr/aaaaaeve/, "Saw modified everygroup link"); +ok ($ua->follow('Remove'), "removing aaaaaeve"); +is ($ua->{status}, 200, "200 OK"); +ok ($ua->click('Remove')); +is ($ua->{status}, 200, "200 OK"); +like ($ua->{content}, qr/Successfully/, "Saw removal success message"); +ok ($ua->get_panel($panel), "Get panel"); +unlike ($ua->{content}, qr/aaaaaeve/, "Saw no everygroup"); +} + +=end testing + +=cut + +__DATA__ +
+ + + + + CREATE_GROUP + GROUP_NAMING + + + + + + GROUP_DESC_EXPL + + + + + + REMOVE_USER_GROUP + + + + + + + MODIFY_USER_GROUP + + + + + + + + + +
diff --git a/root/etc/e-smith/web/functions/localnetworks b/root/etc/e-smith/web/functions/localnetworks new file mode 100755 index 0000000..ce20727 --- /dev/null +++ b/root/etc/e-smith/web/functions/localnetworks @@ -0,0 +1,151 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# heading : Security +# description : Local networks +# navigation : 5000 5300 +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 2002 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +use strict; +use esmith::FormMagick::Panel::localnetworks; + +my $fm = esmith::FormMagick::Panel::localnetworks->new(); +$fm->display(); + + + +=pod + +=head1 NAME + +localnetworks -- add/remove local networks + +=head2 DESCRIPTION + +This screen allows the administrator to add or delete local networks. + +=begin testing + +use esmith::FormMagick::Tester; +use esmith::TestUtils; +use esmith::TestUtils; +use esmith::ConfigDB; +use esmith::AccountsDB; + +my $panel = $Original_File; +my $ua = esmith::FormMagick::Tester->new(); + +my $c = esmith::ConfigDB->open(); +my $a = esmith::AccountsDB->open(); + +is (mode($panel), '4750', "Check permissions on script"); +ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS"); +is ($ua->{status}, 200, "200 OK"); +ok ($ua->set_language("en-us"), "Set language to U.S. English"); +ok ($ua->get_panel($panel), "Get panel"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/Local networks/, "Saw translated form title"); + + +# +# Testing creating local networks +# + +ok ($ua->get_panel($panel), "ABOUT TO TEST CREATING NETWORK"); +ok ($ua->follow("Click here"), "Follow 'create network' link"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/Add a local network/, "Saw page title"); +like($ua->{content}, qr/Network address/, "Saw network address field"); +like($ua->{content}, qr/Subnet mask/, "Saw subnet mask field"); +like($ua->{content}, qr/Router/, "Saw router field"); +like($ua->{content}, qr/Add/, "Saw add button"); + +# +# checking error handling +# + +$ua->field(networkAddress => '10.0.0.10000'); +$ua->field(networkMask => '10.0.0.10000'); +$ua->click("Add"); +# like($ua->{content}, qr/Invalid network address/, "Saw network address validation message"); +like($ua->{content}, qr/Invalid subnet mask/, "Saw submask validation message"); + +# +# now let's actually add one +# + +SKIP: { + + skip 10, "Unsafe!" unless destruction_ok(); + + ok ($ua->follow("Click here"), "ACTUALLY ADDING A NETWORK"); + $ua->field(networkAddress => '10.0.0.0'); + $ua->field(networkMask => '255.255.255.0'); + $ua->field(networkRouter => '10.0.0.1'); + $ua->click("Add"); + like($ua->{content}, qr/Successfully added network/, "Saw success message"); + + ok ($ua->follow("Click here"), "ADDING NETWORK WITH DEFAULT ROUTER"); + $ua->field(networkAddress => '10.0.0.0'); + $ua->field(networkMask => '255.255.255.0'); + + ok ($ua->follow("Remove"), "REMOVING NETWORK"); + like($ua->{content}, qr/Are you sure/, "Saw confirmation message"); + $ua->click("Remove"); + like($ua->{content}, qr/Successfully deleted/, "Saw success message"); + +} + +=end testing + +=cut + + + +__DATA__ +
+ + FIRSTPAGE_DESC + + + + ADD_TITLE + ADD_DESC + + + + + + + + + + + + + REMOVE_TITLE + REMOVE_DESC + + + +
diff --git a/root/etc/e-smith/web/functions/online-manual b/root/etc/e-smith/web/functions/online-manual new file mode 100644 index 0000000..ea80e69 --- /dev/null +++ b/root/etc/e-smith/web/functions/online-manual @@ -0,0 +1,77 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# heading : Miscellaneous +# description : Online manual +# navigation : 7000 7900 +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 2002 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + + + +use strict; +# We don't need any custom anything, since this panel has no code. +# so we just use esmith::FormMagick, rather than creating an empty placeholder +use esmith::FormMagick; +my $f = esmith::FormMagick->new(); +$f->display(); + + + + +=head1 TESTING + + +=begin testing + +use esmith::FormMagick::Tester; +use esmith::TestUtils; + +my $panel = 'online-manual'; +my $panel_path = "/etc/e-smith/web/functions/".$panel; +my $ua = esmith::FormMagick::Tester->new(); + + +is (mode($panel_path), '4750', "Check permissions on script"); +my @stat = stat($panel_path); +is (getpwuid($stat[4]), 'root', "File is owned by root"); +is (getgrgid($stat[5]), 'admin', "File is owned by group admin"); +ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title"); +ok ($ua->set_language("en-us"), "Set language to U.S. English"); +ok ($ua->get_panel($panel), "Get panel"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/Online manual/, "Saw translated form title"); +like($ua->{content}, qr{e-smith.org/docs/manual}, "Saw URL"); + +=end testing + +=cut + +__DATA__ +
+ + DESCRIPTION + + +
diff --git a/root/etc/e-smith/web/functions/reboot b/root/etc/e-smith/web/functions/reboot new file mode 100755 index 0000000..396b51c --- /dev/null +++ b/root/etc/e-smith/web/functions/reboot @@ -0,0 +1,110 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# heading : Administration +# description : Reboot or shutdown +# navigation : 4000 4700 +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 2002-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +use strict; +use esmith::FormMagick::Panel::reboot; +my $f = esmith::FormMagick::Panel::reboot->new(); +$f->display(); + +=head1 TESTING + + +=begin testing + +use esmith::FormMagick::Tester; +use esmith::TestUtils; +use esmith::ConfigDB; +my $panel = 'reboot'; +my $panel_path = "/etc/e-smith/web/functions/".$panel; +my $ua = esmith::FormMagick::Tester->new(); + + + +is (mode($panel_path), '4750', "Check permissions on script"); +ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title"); +ok ($ua->set_language("en-us"), "Set language to U.S. English"); +ok ($ua->get_panel($panel), "Get panel"); + +is ($ua->{status}, 200, "200 OK"); + +like($ua->{content}, qr/Shutdown or Reboot/, "Saw translated form title"); + +# Testing changes + +ok ($ua->get_panel($panel), "Testing reboot"); +can_ok($ua, "field"); +ok ($ua->{form}->find_input('function'), "Finding form field"); +#$ua->field("function" => 'reboot'); +#$ua->field("debug" => '1'); +#ok ($ua->click("Save"), "Click Save"); +#is ($ua->{status}, 200, "200 OK"); +#like($ua->{content}, qr/will begin the reboot/, "Saw validation messages"); + + + +#ok ($ua->get_panel($panel), "Testing shutdown"); +#can_ok($ua, "field"); +#ok ($ua->{form}->find_input('function'), "Finding form field"); +#$ua->field("function" => 'reboot'); +#$ua->field("debug" => '1'); + +#ok ($ua->click("Save"), "Click Save"); +#is ($ua->{status}, 200, "200 OK"); +#like($ua->{content}, qr/will begin the shutdown/, "Saw validation messages"); + +=end testing + +=cut + +__DATA__ +
+ + DESCRIPTION + + + + + + + + + DESC_REBOOT + + + DESC_SHUTDOWN + + + DESC_RECONFIGURE + + +
diff --git a/root/etc/e-smith/web/functions/remoteaccess b/root/etc/e-smith/web/functions/remoteaccess new file mode 100755 index 0000000..8914fdd --- /dev/null +++ b/root/etc/e-smith/web/functions/remoteaccess @@ -0,0 +1,177 @@ +#!/usr/bin/perl -wT + +# vim: ft=xml ts=8 sw=4 noet: +#---------------------------------------------------------------------- +# heading : Security +# description : Remote access +# navigation : 5000 5200 +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 2002 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +use strict; +use esmith::FormMagick::Panel::remoteaccess; +my $f = esmith::FormMagick::Panel::remoteaccess->new(); +$f->display(); + +=head1 TESTING + + +=begin testing + +use esmith::FormMagick::Tester; +use esmith::TestUtils; +use esmith::ConfigDB; +my $panel = 'remoteaccess'; +my $panel_path = "/etc/e-smith/web/functions/".$panel; +my $ua = esmith::FormMagick::Tester->new(); + +is (mode($panel_path), '4750', "Check permissions on script"); +ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title"); +ok ($ua->set_language("en-us"), "Set language to U.S. English"); +ok ($ua->get_panel($panel), "Get panel"); + +is ($ua->{status}, 200, "200 OK"); + +like($ua->{content}, qr/remote access settings/, "Saw translated form title"); + +# Testing changes + +ok ($ua->get_panel($panel), "Testing panel retrieval"); +can_ok($ua, "field"); +ok ($ua->{form}->find_input('FTPAccess'), 'Finding the FTPAccess field'); +ok ($ua->{form}->find_input('sshAccess'), 'Finding the sshAccess field'); +ok ($ua->{form}->find_input('sshPermitRootLogin'), 'Finding the sshPermitRootLogin field'); +ok ($ua->{form}->find_input('sshTCPPort'), 'Finding the sshTCPPort field'); +ok ($ua->{form}->find_input('vpnSessions'), 'Finding the vpnSessions field'); +ok ($ua->{form}->find_input('sshPasswordAuthentication'), 'Finding the sshPasswordAuthentication field'); +ok ($ua->{form}->find_input('FTPLimits'), 'Finding the FTPLimits field'); +ok ($ua->{form}->find_input('TelnetAccess'), 'Finding the TelnetAccess field'); + +if (destruction_ok()) { + $ua->field('FTPAccess' => 'private'); + $ua->field('sshAccess' => 'public'); + $ua->field('sshPermitRootLogin' => 'yes'); + $ua->field('sshTCPPort' => '22'); + $ua->field('vpnSessions' => '10'); + $ua->field('sshPasswordAuthentication' => 'yes'); + $ua->field('FTPLimits' => 'normal'); + $ua->field('TelnetAccess' => 'private'); +} + +ok ($ua->click("Save"), "Click Save"); +is ($ua->{status}, 200, "200 OK"); + +like($ua->{content}, qr/settings have been saved/, "Saw validation messages"); + +# Gotta open this later, so we don't cache stale data +my $db = esmith::ConfigDB->open; + +SKIP: +{ + skip 9, "Unsafe!" unless destruction_ok(); + + is($db->get('sshd')->prop('access'), 'public', "We have public ssh"); + is($db->get('sshd')->prop('PasswordAuthentication'), 'yes', "We have password auth"); + is($db->get('sshd')->prop('PermitRootLogin'), 'yes', "We have root login"); + is($db->get('sshd')->prop('TCPPort'), '22', "Got the right tcp port for ssh'); + is($db->get('sshd')->prop('status'), 'enabled', "ssh is enabled"); + + is ($db->get('ftp')->prop('access'), 'private', "ftp access is private"); + is ($db->get('ftp')->prop('accessLimits'), 'normal', "ftp access limits are normal"); + is ($db->get('vpn')->prop('sessions') ,'10', "Got the right session count for vpn"); + is ($db->get('vpn')->prop('status') ,'enabled', "vpn is enabled"); + is ($db->get('telnet')->prop('access'), 'private', "Private telnet turned on"); +} + +=end testing + +=cut + +__DATA__ +
+ + + + + DESC_VPN + + + + + + + DESC_VALID_FROM_ENTRIES + + + + + + + + + DESC_SSH + + + + + + + + + + + + + + + + + + + +
diff --git a/root/etc/e-smith/web/functions/review b/root/etc/e-smith/web/functions/review new file mode 100755 index 0000000..f1bc4ed --- /dev/null +++ b/root/etc/e-smith/web/functions/review @@ -0,0 +1,77 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# heading : Configuration +# description : Review configuration +# navigation : 6000 6800 +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 2002 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + + + +use strict; +use esmith::FormMagick::Panel::review; +my $f = esmith::FormMagick::Panel::review->new(); +$f->display(); + + + + +=head1 TESTING + + +=begin testing + +use esmith::FormMagick::Tester; +use esmith::TestUtils; +use esmith::ConfigDB; + +my $panel = 'review'; +my $panel_path = "/etc/e-smith/web/functions/".$panel; +my $ua = esmith::FormMagick::Tester->new(); + + +is (mode($panel_path), '4750', "Check permissions on script"); +my @stat = stat($panel_path); +is (getpwuid($stat[4]), 'root', "File is owned by root"); +is (getgrgid($stat[5]), 'admin', "File is owned by group admin"); +ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS"); +is ($ua->{status}, 200, "200 OK"); +ok ($ua->set_language("en"), "Set language to English"); +ok ($ua->get_panel($panel), "Get panel"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/Review configuration/, "Saw translated form title"); +like($ua->{content}, qr/Email Addresses/, "Saw email addresses"); + +=end testing + +=cut + +__DATA__ +
+ + DESCRIPTION + + + + +
diff --git a/root/etc/e-smith/web/functions/useraccounts b/root/etc/e-smith/web/functions/useraccounts new file mode 100755 index 0000000..43c4822 --- /dev/null +++ b/root/etc/e-smith/web/functions/useraccounts @@ -0,0 +1,291 @@ +#!/usr/bin/perl -wT + +# vim: ft=xml ts=4 sw=4 et: +#---------------------------------------------------------------------- +# heading : Collaboration +# description : Users +# navigation : 2000 2100 +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 2002 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +use strict; +use esmith::TestUtils; +use esmith::FormMagick::Panel::useraccounts; + +my $fm = esmith::FormMagick::Panel::useraccounts->new(); + +# XXX: need to print custom http headers, so bypass FormMagick +use CGI; +my $q = new CGI; +if ($q->param('action') && $q->param('action') eq 'getCert') +{ + $q->delete('action'); + $fm->get_ipsec_client_cert($q); +} +else +{ + $fm->display(); +} + +=pod + +=head1 NAME + +useraccounts -- create/modify/delete user accounts + +=head2 DESCRIPTION + +This screen allows the administrator to create, modify or delete user +accounts on the system. + +=begin testing + +use esmith::FormMagick::Tester; +use esmith::TestUtils; +use esmith::ConfigDB; +use esmith::AccountsDB; + +my $panel = $Original_File; +my $ua = esmith::FormMagick::Tester->new(); + +my $c = esmith::ConfigDB->open(); +my $a = esmith::AccountsDB->open(); + +is (mode($panel), '4755', "Check permissions on script"); +ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title"); +ok ($ua->set_language("en-us"), "Set language to U.S. English"); +ok ($ua->get_panel($panel), "Get panel"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/User accounts/, "Saw translated form title"); + + +# +# Testing creating users +# + +ok ($ua->get_panel($panel), "ABOUT TO TEST CREATING USER"); +ok ($ua->follow("Click here"), "Follow 'create user' link"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/Account name/, "Saw form fields"); + +# +# Check that address details are picked up from LDAP +# + +my $ldap_record = $c->get('ldap'); +my $city = $ldap_record->prop('DefaultCity'); + +like($ua->{content}, qr/$city/, "Pick up address from LDAP"); + +# +# Creating a new user +# + +my $new_username = new_random_username(); + +can_ok($ua, "field"); +ok ($ua->{form}->find_input('acctName'), + "Find acctName field to fill in"); +$ua->field("acctName" => $new_username); +ok ($ua->click("Save"), "Click Save"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/must not be left blank/, "Saw validation messages"); + +$ua->field("FirstName" => "Fred"); +$ua->field("LastName" => "Foonly"); + +ok ($ua->click("Save"), "Click Save"); +is ($ua->{status}, 200, "200 OK"); + +# +# Testing modify user +# + +ok ($ua->get_panel($panel), "ABOUT TO TEST MODIFYING A USER"); +is ($ua->{status}, 200, "200 OK"); +ok ($ua->follow('Modify'), "Follow modify link"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/value="Save"/, "Saw 'Save' on the button"); + +# +# Testing removal of a user +# + +ok ($ua->get_panel($panel), "ABOUT TO TEST USER REMOVAL"); +is ($ua->{status}, 200, "200 OK"); +ok ($ua->follow('Remove'), "Follow remove link"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/Remove/, "Saw 'Remove'"); +like($ua->{content}, qr/value="Remove"/, "Saw 'Remove' on the button"); + +# +# Testing password reset +# + +ok ($ua->get_panel($panel), "ABOUT TO TEST PASSWORD RESET"); +is ($ua->{status}, 200, "200 OK"); +ok ($ua->follow('Reset password'), "Follow reset password link"); +like($ua->{content}, qr/Reset password/,"Saw 'Reset password'"); + +SKIP: +{ + skip 3, "Unsafe!" unless destruction_ok(); + $ua->field(password1 => "test"); + $ua->field(password2 => "test"); + ok($ua->click('Save'), "Set password to 'test', click Save"); + is($ua->{status}, 200, "200 OK"); + like($ua->{content}, qr/Click here/, "Returned to first page"); +} + +=end testing + +=cut + + +__DATA__ +
+ + FIRSTPAGE_DESC + + + + P2_TITLE + CREATE_MODIFY_DESC + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + MODIFY_ADMIN_TITLE + + + + + + + + + + + + + + + + + + + + + + + RESET_PASSWORD_TITLE + + + + + + + + + + + LOCK_ACCOUNT_TITLE + + + + + REMOVE_ACCOUNT_TITLE + + + + + + + + SYSTEM_PASSWORD_DESCRIPTION + + + + + + + + + + + + +
diff --git a/root/etc/e-smith/web/functions/userpassword b/root/etc/e-smith/web/functions/userpassword new file mode 100644 index 0000000..7e80ca2 --- /dev/null +++ b/root/etc/e-smith/web/functions/userpassword @@ -0,0 +1,151 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# e-smith manager functions: userpassword +# copyright (C) 1999, 2000, 2001 e-smith, inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from e-smith, inc. +# Please visit our web site www.e-smith.com for details. +#---------------------------------------------------------------------- + +use strict; +use esmith::FormMagick; +use esmith::util; +use esmith::ConfigDB; + +our $configdb = esmith::ConfigDB->open(); +my $fm = new esmith::FormMagick; +$fm->display(); + +sub change_password { + my ($fm) = @_; + + my $q = $fm->{cgi}; + + $q->param( -name => 'wherenext', -value => 'Done' ); + + my $oldPass = $q->param('oldPass'); + my $pass = $q->param('pass'); + my $acctName = $q->param('account'); + + unless (($oldPass) = ($oldPass =~ /^(\S+)$/ )) + { + $q->param(-name => 'status_message', -value => 'TAINTED_OLDPASS'); + return; + } + + unless (($pass) = ($pass =~ /^([ -~]+)$/ )) + { + $q->param(-name => 'status_message', -value => 'TAINTED_PASS'); + return; + } + + unless (($acctName) = ($acctName =~ /^([a-z][\-\_\.a-z0-9]*)$/ )) + { + $q->param(-name => 'status_message', -value => 'TAINTED_ACCOUNT'); + return; + } + + use esmith::AccountsDB; + my $accountdb = esmith::AccountsDB->open(); + + my $acct; + unless ($acct = $accountdb->get($acctName)) + { + $q->param(-name => 'status_message', -value => 'YOUR_ACCOUNT_INVALID'); + return; + } + + unless ($acct->prop('type') eq 'user') + { + $q->param(-name=>'status_message', -value=>"YOUR_ACCOUNT_INVALID"); + return; + } + + unless (esmith::util::setUserPasswordRequirePrevious( + $acctName, + $oldPass, + $pass)) + { + $q->param(-name => 'status_message', + -value => 'ERROR_PASSWORD_CHANGE'); + return; + } + $acct->set_prop("PasswordSet", "yes"); + undef $accountdb; + + system("/sbin/e-smith/signal-event", "password-modify", $acctName) == 0 + or die ("Error occurred while modifying password for $acctName.\n"); + $accountdb = esmith::AccountsDB->open(); + + $q->param(-name => 'status_message', -value => 'PASSWORD_CHANGE_SUCCESS'); + return; +} + +sub password_compare { + my $fm = shift; + my $pass2 = shift; + + my $pass1 = $fm->{cgi}->param('pass'); + unless ($pass1 eq $pass2) { + $fm->{cgi}->param( -name => 'wherenext', -value => 'Password' ); + return "PASSWORD_VERIFY_ERROR"; + } + return "OK"; +} + +=pod + +=head2 check_password + +Validates the password using the desired strength + +=cut + +sub check_password { + my $fm = shift; + my $pass1 = shift; + + my $check_type; + my $rec = $configdb->get('passwordstrength'); + $check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none'); + + return $fm->validate_password($check_type,$pass1); +} + +__DATA__ +
+ + DESCRIPTION + + + + + + + + + + + + + + + + + +
diff --git a/root/etc/logrotate.d/dhcpd b/root/etc/logrotate.d/dhcpd new file mode 100644 index 0000000..7c62060 --- /dev/null +++ b/root/etc/logrotate.d/dhcpd @@ -0,0 +1,11 @@ +/var/log/dhcpd/current /var/log/dhcpd/dhcpd.log { + missingok + notifempty + create 600 root root + su root root + postrotate + /usr/bin/systemctl reload-or-try-restart dhcpd + endscript +} + + diff --git a/root/etc/logrotate.d/diald b/root/etc/logrotate.d/diald new file mode 100644 index 0000000..c1c8f59 --- /dev/null +++ b/root/etc/logrotate.d/diald @@ -0,0 +1,8 @@ +/var/log/diald/accounting.log { + weekly + rotate 5 + copytruncate + compress + notifempty + missingok +} diff --git a/root/etc/logrotate.d/systemd b/root/etc/logrotate.d/systemd new file mode 100644 index 0000000..49a86fa --- /dev/null +++ b/root/etc/logrotate.d/systemd @@ -0,0 +1,8 @@ +/var/log/systemd.log { + missingok + sharedscripts + postrotate + /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true + endscript +} + diff --git a/root/etc/profile.d/e-smith.sh b/root/etc/profile.d/e-smith.sh new file mode 100755 index 0000000..688af30 --- /dev/null +++ b/root/etc/profile.d/e-smith.sh @@ -0,0 +1,6 @@ +# /etc/profile.d/e-smith.sh - Custom additions for SME servers + +if [ "$USER" = "root" ] +then +export PATH=/sbin/e-smith:$PATH +fi diff --git a/root/etc/rc.d/init.d/e-smith-service b/root/etc/rc.d/init.d/e-smith-service new file mode 100644 index 0000000..f4902ac --- /dev/null +++ b/root/etc/rc.d/init.d/e-smith-service @@ -0,0 +1,88 @@ +#!/bin/sh + +#---------------------------------------------------------------------- +# copyright (C) 1999, 2000 e-smith, inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from e-smith, inc. +# Please visit our web site www.e-smith.com for details. +#---------------------------------------------------------------------- + +#---------------------------------------------------------------------- +# e-smith-service: meta-init script which runs the underlying service +# based on the name of the service script invoked. +# For example S85sshd would run init.d/sshd +#---------------------------------------------------------------------- +# Source function library. +SYSTEMCTL_SKIP_REDIRECT=1 +. /etc/rc.d/init.d/functions + +METASERVICE=e-smith-service +SERVICE=$( basename $0 | sed -e 's/^[SK][0-9][0-9]*//' ) + +export HOME="/root" + +case ${SERVICE} in + ${METASERVICE}) echo "We don't really want to exec ${METASERVICE}" 1>&2 + exit 2 + ;; +esac + +S_INITSCRIPT="/etc/rc.d/init.d/supervise/${SERVICE}" +INITSCRIPT="/etc/rc.d/init.d/${SERVICE}" +if [ -f ${S_INITSCRIPT} ] +then + # Prefer a supervise init script if we find one + INITSCRIPT=${S_INITSCRIPT} +fi + +STATUS=$( /sbin/e-smith/db configuration getprop ${SERVICE} status ) + +if [ "${STATUS}" != "enabled" ] +then + case $1 in + condrestart) + exit 0 ;; + start) + echo -n $"Starting $SERVICE: " + if [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] + then + [ "$BOOTUP" = "color" ] && $MOVE_TO_COL + echo -n "[" + [ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING + echo -n $" OFF " + [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL + echo -n "]" + echo -ne "\r" + fi + echo + exit 0 + ;; + esac +fi + +if [ -f ${INITSCRIPT} ] +then + if [ -x ${INITSCRIPT} ] + then + exec ${INITSCRIPT} $@ + else + exec /bin/sh ${INITSCRIPT} $@ + fi +fi + +echo "$0: Couldn't find/execute init script for service ${SERVICE}" 1>&2 +exit 1 diff --git a/root/etc/rc.d/rc7.d/.gitignore b/root/etc/rc.d/rc7.d/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/rc7.d b/root/etc/rc7.d new file mode 120000 index 0000000..d233add --- /dev/null +++ b/root/etc/rc7.d @@ -0,0 +1 @@ +/etc/rc.d/rc7.d \ No newline at end of file diff --git a/root/etc/sysconfig/modules/dummy.modules b/root/etc/sysconfig/modules/dummy.modules new file mode 100644 index 0000000..ad1ac89 --- /dev/null +++ b/root/etc/sysconfig/modules/dummy.modules @@ -0,0 +1,3 @@ +#!/bin/sh +/sbin/modprobe dummy +exec ip link set dummy0 address 10:00:01:02:03:04 diff --git a/root/etc/systemd/system-preset/.gitignore b/root/etc/systemd/system-preset/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/tcprules/.gitignore b/root/etc/tcprules/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/Maildir/cur/.gitignore b/root/home/e-smith/Maildir/cur/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/Maildir/new/.gitignore b/root/home/e-smith/Maildir/new/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/Maildir/tmp/.gitignore b/root/home/e-smith/Maildir/tmp/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/db/.gitignore b/root/home/e-smith/db/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/files/server-resources/.gitignore b/root/home/e-smith/files/server-resources/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/files/users/admin/home/.gitignore b/root/home/e-smith/files/users/admin/home/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/ssl.crt/.gitignore b/root/home/e-smith/ssl.crt/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/ssl.key/.gitignore b/root/home/e-smith/ssl.key/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/home/e-smith/ssl.pem/.gitignore b/root/home/e-smith/ssl.pem/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/root/.ssh/.gitignore b/root/root/.ssh/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/sbin/e-smith/add_drive_to_raid b/root/sbin/e-smith/add_drive_to_raid new file mode 100644 index 0000000..a180bd6 --- /dev/null +++ b/root/sbin/e-smith/add_drive_to_raid @@ -0,0 +1,126 @@ +#!/usr/bin/perl -w +#---------------------------------------------------------------------- +# add_drive_to_raid: Add spare disk to existing raid arrays +#---------------------------------------------------------------------- +# Copyright (C) 2005 Gordon Rowell +# Copyright (C) 2006 Shad L. Lords +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +use strict; +use warnings; + +use Getopt::Long; +use Data::Dumper; + +my %options = (); + +GetOptions(\%options, 'f', 'force'); + +my $force = $options{f} || $options{force}; +my $newdev = $ARGV[0] || die "usage:\n\n\tadd_drive_to_raid [-f] dev\n\n"; +my $target_drive = "/dev/$newdev"; +my $raid = require "/sbin/e-smith/console-menu-items/manageRAID.pl"; + +# Log STDOUT from this point on and return STDERR back to the console +my $pid = open(STDOUT, "|-"); +die gettext("Can't fork"), ": $!\n" unless defined $pid; + +unless ($pid) +{ + exec qw(/usr/bin/logger -p local1.info -t add_drive_to_raid); +} + +# Get dictionary of active md devices and sort by size +my %devices = $raid->get_raid_details(); +my @devices = sort { $devices{$a}{DeviceSize} <=> $devices{$b}{DeviceSize} } keys %devices; + +die "There are no RAID devices configured\n" unless $#devices >= 0; + +# Get dictionary of all partitions from /proc/partitions +my %partitions = $raid->get_partitions(); +my @partitions; + +die "$target_drive is not a block special device\n" unless -b $target_drive; + +# Calculate min size of new disk to accomodate active md devices +my $minsize = 0; +for my $dev (@devices) +{ + die "$target_drive is already in use\n" if grep m#^$newdev$#, @{$devices{$dev}{UsedDisks}}; + $minsize += $devices{$dev}{DeviceSize} + 65; +} + +die "$target_drive is not large enough\n" unless $partitions{$newdev}{blocks} >= $minsize; +die "$target_drive already contains partitions\n" unless $force or ! grep m#^$newdev.+$#, keys %partitions; + +# Find a healthy drive hosting our /boot partition to use as our template +my @srcdrives = qx(df /boot --output=source | grep /dev/ | xargs -r lsblk -lnsp | grep disk); +die "Unable to identify existing boot device - manual intervention required\n" unless (scalar @srcdrives) >= 1; +my ($source_drive) = $srcdrives[0] =~ /(\S+)/; +print "Using $source_drive as source partition template.\n"; + +# Check if it's MBR or GPT +my $pttype = qx(blkid -o value -s PTTYPE $source_drive); +chomp $pttype; +die "Unable to identify source partition table type for $source_drive\n" unless $pttype; +print "$source_drive partition table type is $pttype\n"; + +# Clear disk in preparation +print "Wiping $target_drive...\n"; +system("wipefs", "-a", $target_drive) == 0 + or die "Error clearing existing partition table on $target_drive\n"; + +# Copy new partition layout +print "Copying partition table from $source_drive to $target_drive...\n"; +if ($pttype eq 'dos') { + system("sfdisk -d $source_drive | sfdisk -qf --no-reread $target_drive") == 0 + or die "Error copying MBR partition table to $target_drive\n"; +} elsif ($pttype eq 'gpt') { + system("sgdisk", "-R", $target_drive, $source_drive) == 0 + or die "Error copying GPT partition table to $target_drive\n"; + system("sgdisk", "-G", $target_drive) == 0 + or die "Error randomising GUID on $target_drive\n"; +} else { + die "Couldn't interpret partition table type '$pttype' on $source_drive\n"; +} + +# Pause to sync +sleep(3); + +# Install GRUB +print "Installing GRUB on $target_drive...\n"; +system("grub2-install", "--recheck", $target_drive) == 0 + or warn "Warning - error installing GRUB to $target_drive\n"; + +# Loop through RAID devices and add the corresponding new partitions +my @srcparts; +my $srcpart; +my $tgtpart; +foreach my $part (0..$#devices) +{ + # Find the matching source drive partition and substitute the name + @srcparts = qx(mdadm -v --detail --scan $devices[$part]); + foreach my $s (@srcparts) {($srcpart) = $s =~ /devices=(\Q$source_drive\E\d+)/}; + $tgtpart = $srcpart =~ s/\Q$source_drive/$target_drive/r; + + print "Adding $tgtpart to $devices[$part]\n"; + system("/sbin/mdadm", $devices[$part], "--add", $tgtpart) == 0 + or die "Error adding $tgtpart to $devices[$part]"; +} + +# Finished +print "Successfully added $target_drive to RAID!\n"; \ No newline at end of file diff --git a/root/sbin/e-smith/bootstrap-console b/root/sbin/e-smith/bootstrap-console new file mode 100644 index 0000000..7800965 --- /dev/null +++ b/root/sbin/e-smith/bootstrap-console @@ -0,0 +1,56 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# copyright (C) 1999-2006 Mitel Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- +package esmith::console; + +use strict; + +use Locale::gettext; +use esmith::ConfigDB::unsaved; +use esmith::console; + +my $console = esmith::console->new(); + +my $db = esmith::ConfigDB::unsaved->open; + +my $termType = $db->get_prop('serial-console', 'Terminal') || ''; + +$ENV{TERM} = $termType if($termType); + +use esmith::console::backup_running; +esmith::console::backup_running->new->doit($console, $db); + +use esmith::console::perform_restore; +esmith::console::perform_restore->new(bootstrap => 1)->doit($console, $db); + +use esmith::console::system_password; +esmith::console::system_password->new->doit($console, $db); + +if ($db->get_prop('bootstrap-console', 'Run') eq 'yes') +{ + use esmith::console::configure; + esmith::console::configure->new(bootstrap => 1)->doit($console, $db); + + use esmith::console::save_config; + esmith::console::save_config->new->doit($console, $db); +} + +system("/usr/bin/tput", "clear"); +exit (0); + diff --git a/root/sbin/e-smith/bootstrap-runlevel7 b/root/sbin/e-smith/bootstrap-runlevel7 new file mode 100644 index 0000000..f0c04c8 --- /dev/null +++ b/root/sbin/e-smith/bootstrap-runlevel7 @@ -0,0 +1,43 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# copyright (C) 1999-2006 Mitel Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- +package esmith::console; + +use strict; + +use Locale::gettext; +use esmith::ConfigDB::unsaved; +use esmith::console; + +my $console = esmith::console->new(); + +my $db = esmith::ConfigDB::unsaved->open; + +my $termType = $db->get_prop('serial-console', 'Terminal') || ''; + +$ENV{TERM} = $termType if($termType); + +$ARGV[0] = 'tty'; +$console = esmith::console->new(); +use esmith::console::startup; +esmith::console::startup->new->doit($console,$db); + +system("/usr/bin/tput", "clear"); +exit (0); + diff --git a/root/sbin/e-smith/console-menu-items/configure.pl b/root/sbin/e-smith/console-menu-items/configure.pl new file mode 100755 index 0000000..c079a14 --- /dev/null +++ b/root/sbin/e-smith/console-menu-items/configure.pl @@ -0,0 +1,3 @@ +package esmith::console::configure; +use esmith::console::configure; +return new esmith::console::configure; diff --git a/root/sbin/e-smith/console-menu-items/manageRAID.pl b/root/sbin/e-smith/console-menu-items/manageRAID.pl new file mode 100644 index 0000000..6b7f7fa --- /dev/null +++ b/root/sbin/e-smith/console-menu-items/manageRAID.pl @@ -0,0 +1,303 @@ +package esmith::console::manageDiskRedundancy; +use strict; +use warnings; +use esmith::console; +use Locale::gettext; +use Taint::Util; + +use Data::Dumper; + +use constant DEBUG_MANAGE_RAID => 0; + +sub new +{ + my $class = shift; + my $self = { + name => gettext("Manage disk redundancy"), + order => 45, + }; + bless $self, $class; + return $self; +} + +sub name +{ + return $_[0]->{name}; +} + +sub order +{ + return $_[0]->{order}; +} + +sub doit +{ + my ($self, $console, $db) = @_; + my ($rc, $choice); + + use POSIX qw(strftime); + + SCAN: + my $today = strftime "%A %B %e, %Y %H:%M:%S", localtime; + my $title = gettext("Disk redundancy status as of") . " " . $today, + my $text = gettext("Current RAID status:") . "\n\n" . + join("", get_raid_status()) . "\n\n"; + my %devices = get_raid_details(); + + warn $text if DEBUG_MANAGE_RAID; + warn "devices: " . Dumper(\%devices) . "\n" if DEBUG_MANAGE_RAID; + + unless (scalar %devices) + { + $text = gettext("There are no RAID devices configured"); + ($rc, $choice) = $console->message_page(title => $title, text => $text); + return; + } + + # Determine the status of each array + my @unclean = (); + my @recovering = (); + my @failed = (); + my %used_disks = (); + + for my $dev (keys %devices) + { + $used_disks{$_}++ for (@{$devices{$dev}{UsedDisks}}); + + if ($devices{$dev}{FailedDevices} > 0) { + push @failed, "$dev => " . $devices{$dev}{FailedDevices}; + } + + if ($devices{$dev}{State} =~ /recovering|resync/) { + push @recovering, "$dev => " . $devices{$dev}{State}; + next; + } + + next if ($devices{$dev}{State} =~ /^(clean|active)\s*$/); + push @unclean, "$dev => " . $devices{$dev}{State}; + } + + warn "unclean: @unclean\n" if DEBUG_MANAGE_RAID; + warn "recovering: @recovering\n" if DEBUG_MANAGE_RAID; + warn "failed: @failed\n" if DEBUG_MANAGE_RAID; + warn "used_disks: " . Dumper(\%used_disks) . "\n" if DEBUG_MANAGE_RAID; + + # Check for any spare disks we could add + my %free_disks = map {$_ => 1} get_disks(); + delete $free_disks{$_} for keys %used_disks; + warn "free_disks: " . Dumper(\%free_disks) . "\n" if DEBUG_MANAGE_RAID; + + # Report status and return if recovering + if (scalar @recovering) + { + $text .= gettext("A RAID resynchronization is in progress."); + ($rc, $choice) = $console->message_page(title => $title, text => $text); + return; + } + + # Report status and return if arrays are inconsistent + if ((scalar @unclean && scalar @unclean != scalar keys %devices) || (scalar @failed && scalar @failed != scalar keys %devices)) + { + $text .= gettext("Only some of the RAID devices are unclean or contain failed disks.") . + "\n\n" . + gettext("Manual intervention may be required.") . "\n\n"; + + ($rc, $choice) = $console->message_page(title => $title, text => $text); + return; + } + + # Report status if arrays are clean and continue if a spare disk is available or there's only one disk in the system + unless (scalar @unclean || scalar @failed) + { + $text .= gettext("All RAID devices are in a clean state."); + ($rc, $choice) = $console->message_page(title => $title, text => $text); + return unless scalar keys %free_disks > 0 || scalar keys %used_disks == 1; + } + + # Report status if all arrays are dirty and continue + if ((scalar @unclean && scalar @unclean == scalar keys %devices) || (scalar @failed && scalar @failed == scalar keys %devices)) + { + $text .= gettext("All RAID devices are in an unclean state or contain failed disks."); + ($rc, $choice) = $console->message_page(title => $title, text => $text); + } + + # Summarise disk assignments + my $disk_status = gettext("Current disk status:") . "\n\n"; + $disk_status .= gettext("Installed disks") . ": " . + join(" ", get_disks()) . "\n"; + $disk_status .= gettext("Used disks") . ": " . + join(" ", keys %used_disks) . "\n"; + $disk_status .= gettext("Free disks") . ": " . + join(" ", keys %free_disks) . "\n"; + + # Spare disk scenarios + # Scenario 1 - single disk or degraded array with no spare - warn + if ((scalar @unclean || scalar @failed || scalar keys %used_disks == 1) && scalar keys %free_disks == 0) + { + $text = $disk_status . + "\n\n" . + gettext("To ensure continued redundancy, please shut down, install another drive of the same capacity and then return to this screen."); + + ($rc, $choice) = $console->message_page(title => $title, text => $text); + return; + } + + # Scenario 2 - no spares and not degraded so something has gone wrong + if (scalar keys %free_disks == 0) + { + $text = $disk_status . + "\n\n" . + gettext("Your RAID devices are in an inconsistent state, and no spare drives were detected. You may need to manually remove a failed drive from your arrays using mdadm."); + + ($rc, $choice) = $console->message_page(title => $title, text => $text); + return; + } + + # Scenario 3 - multiple spares + if (scalar keys %free_disks > 1) + { + $text = $disk_status . + "\n\n" . + gettext("Multiple spare drives have been detected. This utility can only add one drive at a time. Please either shut down and remove all but one of your spare drives, or configure your array manually."); + + ($rc, $choice) = $console->message_page(title => $title, text => $text); + return; + } + + # Scenario 4 - single spare ready to add + $text = $disk_status . + "\n\n" . + gettext("There is an unused disk drive in your system. Do you want to add it to the existing RAID array(s)?") . + "\n\n" . + gettext("WARNING: ALL DATA ON THE NEW DISK WILL BE DESTROYED!") . + "\n"; + + ($rc, $choice) = $console->yesno_page(title => $title, text => $text, defaultno => 1); + return unless ($rc == 0); + + my @cmd = ("/sbin/e-smith/add_drive_to_raid", "-f", join("", keys %free_disks)); + my $cmd_out = qx( @cmd 2>&1 ); + untaint $cmd_out; + + if ($? == 0) { + $text = "\nSuccessfully added /dev/" . join("", keys %free_disks) . " to RAID!"; + } else { + $text = gettext("The command failed:") . " @cmd" . + "\n\n" . $cmd_out . "\n\n"; + } + + ($rc, $choice) = $console->message_page(title => $title, text => $text); + goto SCAN; +} + +sub get_raid_status +{ + die gettext("Couldn't open") . " /proc/mdstat:$!\n" + unless (open(MDSTAT, "/proc/mdstat")); + + my @mdstat; + + while () + { + push @mdstat, "$1\n" if (/(.*\w.*)/); + } + close MDSTAT; + return @mdstat; +} + +sub get_raid_details +{ + my @devices = (); + + die gettext("Couldn't call") . " mdadm: $!\n" + unless open(MDADM, "/sbin/mdadm --detail --scan|"); + + while () + { + push @devices, $1 if ( m:ARRAY (/dev/md/\w+): ) + } + close MDADM; + + my %devices; + + for my $dev (@devices) + { + die gettext("Couldn't call") . " mdadm --detail $dev: $!\n" + unless open(MDADM, "/sbin/mdadm --detail $dev|"); + + while ( ) + { + if ( /\s*(.*)\s+:\s+(\d+)\s+\(.*\)\s*/ ) + { + my ($key, $value) = ($1, $2); + $key =~ s/\s//g; + + # Allow for different mdadm output formats for DeviceSize + $key =~ s/UsedDevSize/DeviceSize/; + + $devices{$dev}{$key} = $value; + } + elsif ( /\s*(.*)\s+:\s+(.*)\s*/ ) + { + my ($key, $value) = ($1, $2); + $key =~ s/\s//g; + $devices{$dev}{$key} = $value; + } + + if ( m:\s+(\d+)\s+(\d+)\s+(\d+).*/dev/([\w\/]+): ) + { + $devices{$dev}{$1} = $_; + my $used_disk = $4; + if (/(rd|ida|cciss|i2o)\//) { + $used_disk =~ s/p\d+$//; + } else { + $used_disk =~ s/\d+//; + } + push (@{$devices{$dev}{UsedDisks}}, $used_disk); + } + } + close MDADM; + } + + return %devices; +} + +sub get_partitions +{ + die gettext("Couldn't read") . " /proc/partitions: $!\n" + unless open (PARTITIONS, "/proc/partitions"); + + my %parts; + + while () + { + if ( /\s+(\d+)\s+(\d+)\s+(\d+)\s+([\w\/]+)\s+/ ) + { + my $name = $4; + + $parts{$name}{major} = $1; + $parts{$name}{minor} = $2; + $parts{$name}{blocks} = $3; + } + } + close PARTITIONS; + + return %parts; +} + +sub get_disks +{ + my %parts = get_partitions(); + + my @disks; + + for (keys %parts) + { + push @disks, $_ unless (/[0-9]$/); + push @disks, $_ if (/(rd|ida|cciss|i2o)\// && ! /p\d+$/); + } + + return @disks; +} + +return new esmith::console::manageDiskRedundancy; diff --git a/root/sbin/e-smith/console-menu-items/reboot.pl b/root/sbin/e-smith/console-menu-items/reboot.pl new file mode 100755 index 0000000..2169213 --- /dev/null +++ b/root/sbin/e-smith/console-menu-items/reboot.pl @@ -0,0 +1,80 @@ +package esmith::console::reboot; +use strict; +use warnings; +use esmith::console; +use Locale::gettext; + +sub new +{ + my $class = shift; + my $self = { + name => gettext("Reboot, reconfigure or shut down this server"), + order => 40, + }; + bless $self, $class; + return $self; +} + +sub name +{ + return $_[0]->{name}; +} + +sub order +{ + return $_[0]->{order}; +} + +sub doit +{ +#------------------------------------------------------------ +# REBOOT_SHUTDOWN: +#------------------------------------------------------------ + my ($self, $console, $db) = @_; + my @args = + ( + gettext("Reboot"), gettext("Reboot this server"), + gettext("Reconfigure"), gettext("Reconfigure this server"), + gettext("Shutdown"), gettext("Shutdown this server"), + ); + + my ($rc, $choice) = $console->menu_page + ( + title => gettext("Reboot, reconfigure or shutdown this server"), + text => + gettext("Please select whether you wish to reboot, reconfigure or shutdown. The process will start as soon as you make your selection.") . + "\n\n" . + gettext("If you have an older computer without power management, the shutdown process will perform a clean halt of all system services, but will not actually power off your computer. In this case, wait for the power down message and then shut off the power manually.") . + "\n\n" . + gettext("If you have changed your mind and do not want to reboot or shutdown, use the Tab key to select Cancel, then press Enter."), + argsref => \@args, + left => gettext("Cancel"), + right => gettext("OK"), + ); + + return unless ($rc == 0); + + if ($choice eq gettext('Shutdown')) + { + system("/usr/bin/tput", "clear"); + system("/sbin/e-smith/signal-event", "halt"); + } + elsif ($choice eq gettext('Reboot')) + { + system("/usr/bin/tput", "clear"); + system("/sbin/e-smith/signal-event", "reboot"); + } + elsif ($choice eq gettext('Reconfigure')) + { + system("/usr/bin/tput", "clear"); + system("/sbin/e-smith/signal-event", "post-upgrade"); + system("/sbin/e-smith/signal-event", "reboot"); + } + + # A bit of a hack to avoid the console restarting before the + # reboot takes effect. + + sleep(600); +} + +return new esmith::console::reboot; diff --git a/root/sbin/e-smith/console-menu-items/serverManager.pl b/root/sbin/e-smith/console-menu-items/serverManager.pl new file mode 100755 index 0000000..24ac657 --- /dev/null +++ b/root/sbin/e-smith/console-menu-items/serverManager.pl @@ -0,0 +1,60 @@ +package esmith::console::serverManager; +use strict; +use warnings; +use esmith::console; +use Locale::gettext; + +sub new +{ + my $class = shift; + my $self = { + name => gettext("Access server manager"), + order => 50, + }; + bless $self, $class; + return $self; +} + +sub name +{ + return $_[0]->{name}; +} + +sub order +{ + return $_[0]->{order}; +} + +sub doit +{ + my ($self, $console, $db) = @_; +#------------------------------------------------------------ +# MANAGER: +#------------------------------------------------------------ + my $SystemName = $db->get_value('SystemName'); + my ($rc, $choice) = $console->yesno_page + ( + title => gettext("Access server manager"), + text => + gettext("This option will start a text-mode browser to access the server manager from this console. Normally you would access the server manager from a web browser at the following url:") . + "\n\n" . + "http://${SystemName}/server-manager/" . + "\n\n" . + gettext("You should only proceed if you are comfortable using a text-mode browser. Note that you will be prompted for the administrator password in order to access the server manager.") . + "\n\n" . + gettext("NOTE: The 'q' key is used to quit from the text-mode browser.") . + "\n\n" . + gettext("Do you wish to proceed?"), + ); + + if ($rc == 0) + { + system( + "/usr/bin/links", + "http://localhost/server-manager" + ); + } + $db->reload; +} + +return new esmith::console::serverManager; diff --git a/root/sbin/e-smith/console-menu-items/status.pl b/root/sbin/e-smith/console-menu-items/status.pl new file mode 100755 index 0000000..3e5ef79 --- /dev/null +++ b/root/sbin/e-smith/console-menu-items/status.pl @@ -0,0 +1,70 @@ +package esmith::console::status; +use strict; +use warnings; +use esmith::console; +use Locale::gettext; + +sub new +{ + my $class = shift; + my $self = { + name => gettext("Check status of this server"), + order => 10, + }; + bless $self, $class; + return $self; +} + +sub name +{ + return $_[0]->{name}; +} + +sub order +{ + return $_[0]->{order}; +} + +sub doit +{ +#------------------------------------------------------------ +# STATUS: +#------------------------------------------------------------ + my ($self, $console, $db) = @_; + use POSIX qw(strftime); + my $today = strftime "%A %B %e, %Y", localtime; + + unless (open(UPTIME, "; + close UPTIME or warn("Could not close /proc/uptime: $!"); + + # Select and untaint seconds + $seconds =~ /(\d+)/; + $seconds = $1; + + my $days = int ($seconds / 86400); + $seconds = $seconds % 86400; + + my $hours = int ($seconds / 3600); + $seconds = $seconds % 3600; + + my $minutes = int ($seconds / 60); + $seconds = $seconds % 60; + + my ($rc, $choice) = $console->screen + ( + "--title", gettext("Status of this server as of") . " " . $today, + + "--msgbox", gettext("This server has been running for") . " " . + $days . " " . gettext("days") . ", " . + $hours . " " . gettext("hours") . ", " . + $minutes . " " . gettext("minutes"), + 7, esmith::console::SCREEN_COLUMNS + ); +} + +return new esmith::console::status; diff --git a/root/sbin/e-smith/console.pl b/root/sbin/e-smith/console.pl new file mode 100644 index 0000000..5f77a01 --- /dev/null +++ b/root/sbin/e-smith/console.pl @@ -0,0 +1,107 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# copyright (C) 1999-2006 Mitel Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- +package esmith::console; + +use strict; + +use Locale::gettext; +use esmith::ConfigDB::unsaved; +use esmith::console; +use esmith::console::quitConsole; + +my $console = esmith::console->new(); + +my $db = esmith::ConfigDB::unsaved->open; + +my $termType = $db->get_prop('serial-console', 'Terminal') || ''; +my $SystemName = $db->get_value('SystemName'); +my $DomainName = $db->get_value('DomainName'); + +$ENV{TERM} = $termType if($termType); + +system '/bin/sh', '/etc/profile.d/lang.sh'; + +my %menu2object = (); +my @args = (); +my @items = (); + +my $menu_dir = '/sbin/e-smith/console-menu-items'; + +opendir ITEMS, $menu_dir; + +while (defined (my $item = readdir ITEMS )) +{ + next unless -f "$menu_dir/$item"; + + if ($item =~ /([\w\.]+)/) + { + $item = $1; + } + else + { + warn "Don't know what to do with $menu_dir/$item\n"; + next; + } + + my $obj = require "$menu_dir/$item"; + + push @items, $obj; +} + +close ITEMS; + +my $number = 1; + +foreach my $item (sort { $a->order <=> $b->order } @items) +{ + next if ($item->order < 0); + push @args, $number . '.', gettext($item->name); + $menu2object{$number++ . '.'} = $item; +} + +my $quit = esmith::console::quitConsole->new; +while (1) +{ + #---------------------------------------- + # Reload the configuration from file + #---------------------------------------- + + $db->reload; + + my $title = gettext('Server console'); + $title .= " (${SystemName}.${DomainName}) "; + + $title .= gettext('** unsaved changes **') + if ( $db->get_value('UnsavedChanges') eq 'yes' ); + + my ($rc, $choice) = $console->menu_page + ( + title => $title, + text => + gettext('Welcome to the server console!') . + "\n\n" . + gettext('Use the Arrow and Tab keys to make your selection, then press Enter.'), + argsref => \@args, + left => gettext('Exit'), + ); + + $choice = ($rc == 0) ? $menu2object{$choice} : $quit; + $choice->doit($console, $db); +} diff --git a/root/sbin/e-smith/generate-subjectaltnames b/root/sbin/e-smith/generate-subjectaltnames new file mode 100644 index 0000000..5d5d0b7 --- /dev/null +++ b/root/sbin/e-smith/generate-subjectaltnames @@ -0,0 +1,125 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# +# generate-subjectaltnames +# +# This script returns a list of hostnames and IP addresses that +# can be used to construct the list of subjectAltName entries +# for a web server certificate. +# +# Usage: generate-subjectaltnames +# +# Copyright 1999-2003 Mitel Networks Corporation +# This program is free software; you can redistribute it and/or +# modify it under the same terms as Perl itself. +# +#---------------------------------------------------------------------- + +use esmith::ConfigDB; +use esmith::HostsDB; + +my $configuration = esmith::ConfigDB->open_ro('configuration') + or die "Couldn't open configuration DB\n"; +my $domains = esmith::ConfigDB->open_ro('domains') + or die "Couldn't open domains DB\n"; + +my $hosts = esmith::HostsDB->open_ro() + or die "Couldn't open domains DB\n"; + +my %results_dict = (); + +#---------------------------------------------------------------------- +# Add FQDN, system name and the domain name. +#---------------------------------------------------------------------- + +$SystemName = $configuration->get('SystemName')->value; +$DomainName = $configuration->get('DomainName')->value; + +$results_dict{$SystemName . '.' . $DomainName} = 1; +$results_dict{$SystemName} = 1; +$results_dict{$DomainName} = 1; + +#---------------------------------------------------------------------- +# Add a wildcard entry for domain name. +#---------------------------------------------------------------------- + +$results_dict{'*.' . $DomainName} = 1; + +#---------------------------------------------------------------------- +# Add IP addresses for the various interfaces. +#---------------------------------------------------------------------- + +foreach $Interface ('InternalInterface', + 'ExternalInterface', + 'ExternalInterface2') +{ + $Interface_Record = $configuration->get($Interface); + if ($Interface_Record) + { + if (defined $Interface_Record->prop('Configuration') and $Interface_Record->prop('Configuration') eq 'static') + { + if ($Interface_Record->prop('IPAddress')) + { + $results_dict{$Interface_Record->prop('IPAddress')} = 1; + } + } + } +} + +#---------------------------------------------------------------------- +# Add all domains defined +#---------------------------------------------------------------------- +my $modSSL = $configuration->get('modSSL'); +my $AddDomains = $modSSL->prop('AddDomains') || "enabled"; +if ( $AddDomains eq "enabled" ) +{ + foreach my $domain ( $domains->get_all_by_prop(type => 'domain') ) + { + $results_dict{$domain->key} = 1; + } +} + +#---------------------------------------------------------------------- +# Add all hosts per domains defined +#---------------------------------------------------------------------- +my $AddHosts = $modSSL->prop('AddHosts') || "enabled"; +if ( $AddHosts eq "enabled" ) +{ + foreach my $domain ($domains->get_all_by_prop(type => 'domain')) #ignore domain-remote + { + foreach my $host ( $hosts->get_hosts_by_domain($domain->key) ) + { + next unless (($host->prop('HostType')||'undef') eq 'Self'); #only define self host + $results_dict{$host->key} = 1; + } + } +} + +#---------------------------------------------------------------------- +# Add any alternate names specified in the modSSL config DB. +#---------------------------------------------------------------------- + +if ($modSSL) +{ + $AlternateNames = $modSSL->prop('AlternateNames'); + if ($AlternateNames) + { + foreach $AlternateName (split(',', $AlternateNames)) + { + $AlternateName =~ s/\s//g; + $results_dict{$AlternateName} = 1; + } + } +} + +#---------------------------------------------------------------------- +# Output the sorted list of entries. +#---------------------------------------------------------------------- + +foreach (sort keys %results_dict) +{ + print "$_\n"; +} + +exit(0); diff --git a/root/sbin/e-smith/mdevent b/root/sbin/e-smith/mdevent new file mode 100644 index 0000000..4bbc6f9 --- /dev/null +++ b/root/sbin/e-smith/mdevent @@ -0,0 +1,68 @@ +#!/usr/bin/perl -w +#---------------------------------------------------------------------- +# mdevent: Handle events from mdadm --monitor +#---------------------------------------------------------------------- +# Copyright (C) 2006 Shad L. Lords +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +package esmith; + +use strict; + +use esmith::ConfigDB; +use esmith::util; +use esmith::db; + +use Text::Template; + +my $conf = esmith::ConfigDB->open_ro; + +my $event = $ARGV [0]; +my $device = $ARGV [1]; +my $member = $ARGV [2] || ''; + +print "Event: $event, Device: $device, Member: $member\n"; + +if ($event =~ m#^Rebuild# && system( "ps -C raid-check" ) == 0 ) { + exit 0; +} + +if ($event =~ m#^Rebuild|^Fail|^Degraded|^SpareActive#) { + my $domain = $conf->get_value("DomainName") || 'localhost'; + my $user = "admin_raidreport\@$domain"; + + my $templates = '/etc/e-smith/templates'; + my $source = '/usr/lib/e-smith-mdevent/mdEvent.tmpl'; + + -f "${templates}-custom${source}" and $templates .= "-custom"; + + my $t = new Text::Template(TYPE => 'FILE', + SOURCE => "${templates}${source}"); + + open(QMAIL, "|/var/qmail/bin/qmail-inject -froot\@$domain $user") + || die "Could not send mail via qmail-inject!\n"; + + print QMAIL $t->fill_in( HASH => { + conf => \$conf, + user => $user, + event => $event, + device => $device, + member => $member, + }); + + close QMAIL; +} diff --git a/root/sbin/e-smith/service b/root/sbin/e-smith/service new file mode 100755 index 0000000..abcd36d --- /dev/null +++ b/root/sbin/e-smith/service @@ -0,0 +1,57 @@ +#! /bin/sh +# prevent initscript to use systemctl +export SYSTEMCTL_SKIP_REDIRECT=1 +. /etc/rc.d/init.d/functions + +# what is our current runlevel +runlevel=$(systemctl get-default) +SERVICE=$1 +USAGE="Usage: service SERVICENAME [ACTION]" + +#if no servicename is provided return usage +if [[ "${SERVICE}" == "" ]] +then + echo ${USAGE} >&2 + exit +fi + +if [ "$runlevel" = "multi-user.target" ] || [ "$runlevel" = "sme-server.target" ] +then + if ls /etc/rc7.d/S??$1 >/dev/null 2>/dev/null + then + script=$(ls /etc/rc7.d/S??$1 | head -1) + exec $script $2 + + elif ls /usr/lib/systemd/system/${SERVICE}.service >/dev/null 2>/dev/null || ls /etc/systemd/system/${SERVICE}.service >/dev/null 2>/dev/null + then + if [[ "$2" == "" ]] ; then + echo "'$1' requires an action" 1>&2 + echo ${USAGE} >&2 + exit + elif [[ $2 == "status" ]] ; then + exec /bin/systemctl status -n0 ${SERVICE} + exit + elif [[ $2 == "start" ]] ; then + echo -n "Starting ${SERVICE}" 2>/dev/null + elif [[ $2 == "stop" ]] ; then + echo -n "Stopping ${SERVICE}" 2>/dev/null + elif [[ $2 == "restart" ]] ; then + echo -n "Restarting ${SERVICE}" 2>/dev/null + else + echo -n "Sending $2 signal to ${SERVICE}" 2>/dev/null + fi + /bin/systemctl $2 ${SERVICE}.service> /dev/null + if [ $? -ne 0 ]; then + echo_failure + else + echo_success + fi + echo + exit + fi + + echo "'$1' is not a valid service name" 1>&2 + exit 1 +else + exec /sbin/service "$@" +fi diff --git a/root/sbin/e-smith/service-status b/root/sbin/e-smith/service-status new file mode 100644 index 0000000..b815fca --- /dev/null +++ b/root/sbin/e-smith/service-status @@ -0,0 +1,30 @@ +#! /bin/sh + +SERVICE=$1 +USAGE="Usage: service-status SERVICENAME" + +#if no servicename is provided return usage +if [[ "${SERVICE}" == "" ]] +then + echo ${USAGE} >&2 + exit 1 +fi + +TYPE=$(/sbin/e-smith/db configuration gettype "$SERVICE" || echo none) + +if [[ "$TYPE" != 'service' ]] +then + echo "$SERVICE is not a service" + exit 9 +fi + +STATUS=$(/sbin/e-smith/db configuration getprop "$SERVICE" status || echo disabled) + +if [[ "$STATUS" != 'enabled' ]] +then + echo "$SERVICE status not enabled in configuration db." + exit 0 + # change this one to 5 if you want systemd to fail on ExecStartPre +fi + +exit 0 diff --git a/root/sbin/e-smith/systemctl b/root/sbin/e-smith/systemctl new file mode 100644 index 0000000..bb830c9 --- /dev/null +++ b/root/sbin/e-smith/systemctl @@ -0,0 +1,180 @@ +#!/bin/bash +#systemctl wrapper fo Koozali SME Server + +allargs=$@ +opts=(); +syscommand=""; +sysunit="" +debug=$(/sbin/e-smith/config get debug || echo "false") +if [ "$debug" != "true" ]; then debug=false;fi + +# short OPTIONS we must pay attention as they have more arguments +#-t, --type= +#-s, --signal= +#-p, --property= +#-o, --output= +#-n, --lines= +#-H, --host= +#-M, --machine= + +#commands we should return directly to systemd +#list-units,list-sockets,list-timers,is-active,is-failed,status,show,cat,set-property,help,reset-failed,list-dependencies, +#list-unit-files,is-enabled,get-default,set-default +#list-machines +#list-jobs +#snapshot,delete +#show-environment,set-environment,unset-environment,import-environment +#daemon-reload,daemon-reexec +#is-system-running,default,rescue,emergency,halt,poweroff,reboot,kexec,switch-root,suspend,hibernate,hybrid-sleep + +# This is a list of commands : +# -we want to handle ourself or +# -we need to translate for systemd or +# -we do not want admin uses against the SME Server +# +# commands we handle: start,stop,reload,restart,try-restart,reload-or-restart,reload-or-try-restart,isolate,kill +# enable,disable,reenable,preset,preset-all,mask,unmask,link,add-wants,edit +# commands we deactivate/hide : mask,unmask,link,add-wants,edit set-default +# not systemd but we might use them : adjust sigterm sighup sigusr1 sigusr2 +filteredcommands=(start stop reload restart try-restart reload-or-restart reload-or-try-restart isolate kill enable disable reenable preset preset-all adjust sigterm sighup sigusr1 sigusr2 mask unmask link add-wants add-requires edit set-default ); + +# fucntion to check if this is a command we want +contains2 () { + local seeking=$1 + local in=0 + for element in "${filteredcommands[@]}"; do + if [[ $element == "$seeking" ]]; then + in=1 + break + fi + done + return $in +} + +# if no args we return to systemcl +if [ $# -eq 0 ]; then + echo "we return to systemctl" + /usr/bin/systemctl + exit +fi + +#parse args +while [ "$#" -gt 0 ]; do + case "$1" in + -p|-t|-s|-o|-n|H|-M) temp=$1; shift ; opts+=("$temp $1"); ;; + --*) opts+=("$1") ;; + -*) opts+=("$1") ;; + *) if [[ "$syscommand" == "" ]]; then syscommand="$1" ; else sysunit="$1"; fi ;; + esac + shift +done + +servicename=${sysunit%".service"} + +#we return to systemd systemctl command unless this is one of the command we want to handle +if ( contains2 "$syscommand" ) ; then + ($debug) && echo "we return to /usr/bin/systemctl ${allargs[*]}" + /usr/bin/systemctl ${allargs[*]} + exit +fi + + +# here we convert sig* to kill -s=SIG* or SME commant to ones systemd recognize +case "$syscommand" in + adjust|sighup|sigusr1|sigusr2) + $syscommand="reload-or-restart"; + ;; + sigterm) + $syscommand="restart"; + ;; +esac + + +# catch here non unit signals, or ones we would like to do something different +#enable disable reenable preset preset-all +#mask unmask link add-wants edit +case "$syscommand" in + preset-all) + ($debug) && echo "We do /etc/e-smith/events/actions/systemd-default" + /etc/e-smith/events/actions/systemd-default + exit + ;; + preset) + # TODO looking if we could use /etc/e-smith/events/actions/systemd-default none $servicename + ($debug) && echo "We do /etc/e-smith/events/actions/systemd-default" + /etc/e-smith/events/actions/systemd-default + exit + ;; + enable|disable|reenable) + # looking if we could use + newstatus="enabled" + todo="enable" + if [ $syscommand == "disable" ]; then newstatus="disabled";todo="disable" ; fi + /sbin/e-smith/config setprop $servicename status $newstatus + #/etc/e-smith/events/actions/systemd-default none $servicename + # TODO looking if we could do it only for the service would be great! + ($debug) && echo "We do /etc/e-smith/events/actions/systemd-default" + ($debug) && echo "/usr/bin/systemctl $todo $sysunit ${opts[*]}" + /etc/e-smith/events/actions/systemd-default + /usr/bin/systemctl $todo $sysunit ${opts[*]} + exit + ;; + set-default |isolate) + echo "We only $syscommand against sme-server.target" + ($debug) && echo "/etc/e-smith/events/actions/systemd-default" + ($debug) && echo "/etc/e-smith/events/actions/systemd-isolate" + /etc/e-smith/events/actions/systemd-default + /etc/e-smith/events/actions/systemd-isolate + ;; + link|mask|unmask|add-wants|add-requires|edit) + echo "Please, do not use $syscommand for Koozali SME Server" + exit + ;; +esac + + +#check the unit exist or fails : we do not care systemctl will do this... + +# here we check if in db and if enabled or disabled +# if not or not service = return to systemctl directly +stype=$(/sbin/e-smith/db configuration gettype $servicename || echo "none") +sstatus=$(/sbin/e-smith/db configuration getprop $servicename status || echo "disabled") +if [ $stype == "none" ] ; then + # not defined in db, we redirect + echo "Information: $sysunit is not defined in configuration DB." + ($debug) && echo "/usr/bin/systemctl ${allargs[*]}" + /usr/bin/systemctl ${allargs[*]} + exit +elif [ $stype != "service" ] ; then + echo "Information: $sysunit is not defined as a service in configuration DB but $type" + ($debug) && echo "/usr/bin/systemctl ${allargs[*]}" + /usr/bin/systemctl ${allargs[*]} + exit +elif [ $sstatus == "disabled" ]; then + echo "Information: $sysunit is $sstatus in configuration DB." + # we might want to simply stop + #/usr/bin/systemctl stop $sysunit + # but we will do what we were asked for + ($debug) && echo "/usr/bin/systemctl ${allargs[*]}" + /usr/bin/systemctl ${allargs[*]} + exit +elif [ $sstatus == "enabled" ]; then + #echo "$sstatus" + # starting in case + #systemctl is-active -q $sysunit will return zero if active; non zero if not + #/usr/bin/systemctl is-active -q $sysunit || /usr/bin/systemctl start $sysunit + # now executing the command + ($debug) && echo "/usr/bin/systemctl $syscommand $sysunit ${opts[*]}" + /usr/bin/systemctl $syscommand $sysunit ${opts[*]} + exit +fi + + + + + +echo "if you see that, we missed something, report the command to https://bugs.koozali.org" +echo "options : " ${opts[*]}; +echo "command : " $syscommand; +echo "unit :" $sysunit; +echo $@ diff --git a/root/sbin/e-smith/systemd/mdmonitor-pre b/root/sbin/e-smith/systemd/mdmonitor-pre new file mode 100644 index 0000000..0c84cf2 --- /dev/null +++ b/root/sbin/e-smith/systemd/mdmonitor-pre @@ -0,0 +1,10 @@ +#!/bin/sh +count=$(sed -n '/[0-9]\s\+[^ ]\+[^0-9]$/p;/[0-9]\s\+\(rd\|ida\|cciss\|i2o\)\/[^ ]\+[^0-9p][0-9]\+$/p' /proc/partitions | wc -l) +if [ $count -ge 2 ] +then + exit 0 +else + echo "Only $count drive(s) in this system - disabling raid monitoring" + exit 1 +fi + diff --git a/root/sbin/e-smith/systemd/rsyslog-pre b/root/sbin/e-smith/systemd/rsyslog-pre new file mode 100644 index 0000000..e2c34c3 --- /dev/null +++ b/root/sbin/e-smith/systemd/rsyslog-pre @@ -0,0 +1,16 @@ +#!/bin/bash + +# before 10.1 rsyslog was listening to /dev/log +# we want systemd-journald listen to that now +# and rsyslog to /run/systemd/journal/syslog +# will not be needed in SME 11 + +if [[ ! -S /dev/log ]]; then + #echo "no /dev/log" + /usr/bin/systemctl restart systemd-journald.socket + /usr/bin/systemctl restart systemd-journald.service +fi + +# we can now keep going with rsyslog startup +# /etc/rsyslog.conf will define the use of /run/systemd/journal/syslog + diff --git a/root/service/ippp b/root/service/ippp new file mode 120000 index 0000000..9e9a6e1 --- /dev/null +++ b/root/service/ippp @@ -0,0 +1 @@ +/var/service/ippp \ No newline at end of file diff --git a/root/service/wan b/root/service/wan new file mode 120000 index 0000000..dc6d192 --- /dev/null +++ b/root/service/wan @@ -0,0 +1 @@ +/var/service/wan \ No newline at end of file diff --git a/root/usr/lib/systemd/system-preset/50-koozali.preset b/root/usr/lib/systemd/system-preset/50-koozali.preset new file mode 100644 index 0000000..2c1fcee --- /dev/null +++ b/root/usr/lib/systemd/system-preset/50-koozali.preset @@ -0,0 +1,75 @@ +enable sme-server.target +disable multi-user.target +disable graphical.target + +enable dbus.service +enable plymouth-quit-wait.service +enable plymouth-quit.service +enable systemd-logind.service +enable systemd-update-utmp-runlevel.service +enable systemd-user-sessions.service + +enable runit.service +enable bootstrap-console.service +enable networking.service +enable wan.service +enable masq.service +enable php-fpm.service +enable php55-php-fpm.service +enable php56-php-fpm.service +enable php70-php-fpm.service +enable php71-php-fpm.service +enable php72-php-fpm.service +enable php73-php-fpm.service +enable php74-php-fpm.service +enable php80-php-fpm.service +enable httpd-e-smith.service +enable httpd-admin.service +enable crond.service +disable dhcpd.service +enable dnscache.service +enable dnscache.forwarder.service +enable dovecot.service +enable irqbalance.service +disable isdn.service +enable lpd.service +enable ldap.service +enable ldap.init.service +enable local.service +enable yum.service +disable rc-local.service +enable mariadb.service +enable cvm-unix-local.service + + +# need change after deciding service name +# enable mdmonitor.service +# enable raidmonitor.service + +enable ntpd.service +disable nut.service +disable oidentd.service +disable pptpd.service +enable qmail.service +enable qpsmtpd.service +disable radiusd.service +enable raidmonitor.service +enable rsyslog.service +enable smartd.service + +enable smb.service +enable nmdb.service +enable smbd.service + +disable smtp-auth-proxy.service +disable spamd.service +disable sqpsmtpd.service +disable squid.service +disable sshd.service +enable tinydns.service +disable nut-server.service +disable nut-monitor.service +disable ntpdate.service +disable ftp.service +disable proftpd.service + diff --git a/root/usr/lib/systemd/system/acpid.service.d/51koozali.conf b/root/usr/lib/systemd/system/acpid.service.d/51koozali.conf new file mode 100644 index 0000000..b06b26a --- /dev/null +++ b/root/usr/lib/systemd/system/acpid.service.d/51koozali.conf @@ -0,0 +1,3 @@ +[Install] +WantedBy=sme-server.target + diff --git a/root/usr/lib/systemd/system/basic.target.wants/.gitignore b/root/usr/lib/systemd/system/basic.target.wants/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/usr/lib/systemd/system/bootstrap-console.service b/root/usr/lib/systemd/system/bootstrap-console.service new file mode 100644 index 0000000..40503cc --- /dev/null +++ b/root/usr/lib/systemd/system/bootstrap-console.service @@ -0,0 +1,28 @@ +[Unit] +Description=SME server bootstrap-console +DefaultDependencies=no +Conflicts=shutdown.target +After=livesys.service plymouth-quit-wait.service +After=systemd-vconsole-setup.service +Before=getty@tty1.service +Before=shutdown.target +Before=network.target network-online.target network-pre.target +Before=masq.service + +[Service] +Environment=HOME=/root +WorkingDirectory=/root +ExecStartPre=-/bin/plymouth quit +ExecStart=/sbin/e-smith/bootstrap-console +Type=oneshot +Restart=no +TimeoutSec=0 +StandardInput=tty +StandardOutput=tty +StandardError=tty +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes + +[Install] +WantedBy=basic.target diff --git a/root/usr/lib/systemd/system/bootstrap-fix.service b/root/usr/lib/systemd/system/bootstrap-fix.service new file mode 100644 index 0000000..4dc269d --- /dev/null +++ b/root/usr/lib/systemd/system/bootstrap-fix.service @@ -0,0 +1,13 @@ +[Unit] +Description=SME server bootup fix +DefaultDependencies=no + +[Service] +Environment=HOME=/root +WorkingDirectory=/root +ExecStart=/etc/e-smith/events/actions/systemd-default +Type=oneshot + +[Install] +WantedBy=basic.target reboot.target shutdown.target halt.target + diff --git a/root/usr/lib/systemd/system/bootstrap-runlevel7.service b/root/usr/lib/systemd/system/bootstrap-runlevel7.service new file mode 100644 index 0000000..d1aa907 --- /dev/null +++ b/root/usr/lib/systemd/system/bootstrap-runlevel7.service @@ -0,0 +1,28 @@ +[Unit] +Description=SME server bootstrap-runlevel7 to start old SME rc7.d services +DefaultDependencies=no +Conflicts=shutdown.target +After=livesys.service plymouth-quit-wait.service +After=systemd-vconsole-setup.service +After=basic.target bootstrap-console.service +Before=getty@tty1.service +Before=shutdown.target +ConditionPathExistsGlob=/etc/rc.d/rc7.d/S** + +[Service] +Environment=HOME=/root +WorkingDirectory=/root +ExecStartPre=-/bin/plymouth quit +ExecStart=/sbin/e-smith/bootstrap-runlevel7 +Type=oneshot +Restart=no +TimeoutSec=0 +StandardInput=tty +StandardOutput=tty +StandardError=tty +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes + +[Install] +WantedBy=sme-server.target diff --git a/root/usr/lib/systemd/system/crond.service.d/51koozali.conf b/root/usr/lib/systemd/system/crond.service.d/51koozali.conf new file mode 100644 index 0000000..b06b26a --- /dev/null +++ b/root/usr/lib/systemd/system/crond.service.d/51koozali.conf @@ -0,0 +1,3 @@ +[Install] +WantedBy=sme-server.target + diff --git a/root/usr/lib/systemd/system/dhcpd.service.d/.gitignore b/root/usr/lib/systemd/system/dhcpd.service.d/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/usr/lib/systemd/system/irqbalance.service.d/51koozali.conf b/root/usr/lib/systemd/system/irqbalance.service.d/51koozali.conf new file mode 100644 index 0000000..b06b26a --- /dev/null +++ b/root/usr/lib/systemd/system/irqbalance.service.d/51koozali.conf @@ -0,0 +1,3 @@ +[Install] +WantedBy=sme-server.target + diff --git a/root/usr/lib/systemd/system/local.service b/root/usr/lib/systemd/system/local.service new file mode 100644 index 0000000..b54e3fc --- /dev/null +++ b/root/usr/lib/systemd/system/local.service @@ -0,0 +1,13 @@ +[Unit] +Description=Local service for Koozali SME Server +After=network-pre.target networking.service + +[Service] +Type=oneshot +ExecStartPre=/sbin/e-smith/service-status local +ExecStartPre=/usr/bin/chmod +x /etc/rc.d/rc.local +ExecStart=/sbin/e-smith/signal-event local +RemainAfterExit=yes + +[Install] +WantedBy=sme-server.target diff --git a/root/usr/lib/systemd/system/mdmonitor.service.d/50koozali.conf b/root/usr/lib/systemd/system/mdmonitor.service.d/50koozali.conf new file mode 100644 index 0000000..c438f06 --- /dev/null +++ b/root/usr/lib/systemd/system/mdmonitor.service.d/50koozali.conf @@ -0,0 +1,11 @@ +[Service] +#this one to erase previous +ExecStart= +#Koozali +ExecStartPre=/sbin/e-smith/service-status raidmonitor +ExecStartPre=/sbin/e-smith/systemd/mdmonitor-pre +ExecStart=/sbin/mdadm --monitor --scan --program /sbin/e-smith/mdevent -f --pid-file=/var/run/mdadm/mdadm.pid + +[Install] +Alias=raidmonitor.service +WantedBy=sme-server.target diff --git a/root/usr/lib/systemd/system/networking.service b/root/usr/lib/systemd/system/networking.service new file mode 100644 index 0000000..a7b1208 --- /dev/null +++ b/root/usr/lib/systemd/system/networking.service @@ -0,0 +1,17 @@ +[Unit] +Description= Network management for Koozali SME Server, using old sysvinit script +After=network-pre.target +Wants=network.target +Before=network-online.target wan.service +Conflicts=NetworkManager.service + +[Service] +Type=oneshot +ExecStart=/etc/rc.d/init.d/network start +ExecStop=/etc/rc.d/init.d/network stop +ExecReload=/etc/rc.d/init.d/network restart +RemainAfterExit=yes + +[Install] +WantedBy=sme-server.target +Alias=network.service diff --git a/root/usr/lib/systemd/system/rsyslog.service.d/51koozali.conf b/root/usr/lib/systemd/system/rsyslog.service.d/51koozali.conf new file mode 100644 index 0000000..2451e16 --- /dev/null +++ b/root/usr/lib/systemd/system/rsyslog.service.d/51koozali.conf @@ -0,0 +1,8 @@ +[Service] +ExecStartPre=-/sbin/e-smith/expand-template /etc/rsyslog.conf +ExecStartPre=-/sbin/e-smith/systemd/rsyslog-pre +ExecStartPost=-/sbin/e-smith/systemd/rsyslog-pre + +[Install] +WantedBy=sme-server.target + diff --git a/root/usr/lib/systemd/system/smartd.service.d/51koozali.conf b/root/usr/lib/systemd/system/smartd.service.d/51koozali.conf new file mode 100644 index 0000000..b06b26a --- /dev/null +++ b/root/usr/lib/systemd/system/smartd.service.d/51koozali.conf @@ -0,0 +1,3 @@ +[Install] +WantedBy=sme-server.target + diff --git a/root/usr/lib/systemd/system/sme-server.target b/root/usr/lib/systemd/system/sme-server.target new file mode 100644 index 0000000..8d06c5e --- /dev/null +++ b/root/usr/lib/systemd/system/sme-server.target @@ -0,0 +1,13 @@ +# This file is part of Koozali SME Server. +# + +[Unit] +Description=Koozali SME Server System +Documentation=man:systemd.special(7) +Requires=basic.target +Conflicts=rescue.service rescue.target multi-user.target +After=basic.target rescue.service rescue.target runit.service +AllowIsolate=yes +Wants=atd.service auditd.service avahi-daemon.service brandbot.path nfs-client.target remote-fs.target rhel-configure.service +Wants=dbus.service plymouth-quit-wait.service plymouth-quit.service systemd-logind.service systemd-update-utmp-runlevel.service systemd-user-sessions.service + diff --git a/root/usr/lib/systemd/system/sme-server.target.d/.gitignore b/root/usr/lib/systemd/system/sme-server.target.d/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/usr/lib/systemd/system/wan.service b/root/usr/lib/systemd/system/wan.service new file mode 100644 index 0000000..1707864 --- /dev/null +++ b/root/usr/lib/systemd/system/wan.service @@ -0,0 +1,16 @@ +[Unit] +Description=WAN interface for Koozali SME Server +After=network-pre.target networking.service +Before=network-online.target +PartOf=networking.service + +[Service] +Type=oneshot +ExecStartPre=/sbin/e-smith/service-status wan +ExecStart=/usr/bin/sv u /service/wan +ExecStop=/usr/bin/sv stop /service/wan +ExecReload=/usr/bin/sv t /service/wan +RemainAfterExit=yes + +[Install] +WantedBy=sme-server.target diff --git a/root/usr/share/hal/fdi/95userpolicy/usb-rev35-drive.fdi b/root/usr/share/hal/fdi/95userpolicy/usb-rev35-drive.fdi new file mode 100644 index 0000000..6f81953 --- /dev/null +++ b/root/usr/share/hal/fdi/95userpolicy/usb-rev35-drive.fdi @@ -0,0 +1,12 @@ + + + + + + + usbdisk + + + + + diff --git a/root/usr/share/hal/fdi/95userpolicy/usb-rev70-drive.fdi b/root/usr/share/hal/fdi/95userpolicy/usb-rev70-drive.fdi new file mode 100644 index 0000000..76e13af --- /dev/null +++ b/root/usr/share/hal/fdi/95userpolicy/usb-rev70-drive.fdi @@ -0,0 +1,12 @@ + + + + + + + usbdisk + + + + + diff --git a/root/usr/share/locale/en_US/LC_MESSAGES/.gitignore b/root/usr/share/locale/en_US/LC_MESSAGES/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/usr/share/perl5/vendor_perl/esmith/ConfigDB/unsaved.pm b/root/usr/share/perl5/vendor_perl/esmith/ConfigDB/unsaved.pm new file mode 100644 index 0000000..2e73b5a --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/ConfigDB/unsaved.pm @@ -0,0 +1,59 @@ +#!/usr/bin/perl -w + +# Override set_value, delete, set_prop and delete_prop functions in +# esmith::ConfigDB to provide UnsavedChanges automatically +package esmith::ConfigDB::unsaved; +use strict; +use warnings; +require esmith::ConfigDB; +@esmith::ConfigDB::unsaved::ISA = qw(esmith::ConfigDB); + +sub set_value { + my ($self, $key, $value) = @_; + + # The 'UnsavedChanges' entry is automatically set to 'yes' + # when a system parameter is changed. This means that there + # are changes to the main e-smith configuration file which + # need to be 'saved' (i.e. all of the e-smith config files + # must be updated). However, don't do anything automatic if + # the caller is deliberately trying to set the UnsavedChanges + # flag. (That's how they can reset it.) + + my $current_value = $self->SUPER::get_value($key); + return $current_value if (defined $current_value and $current_value eq $value); + + if ($key ne 'UnsavedChanges') { + $self->SUPER::set_value('UnsavedChanges', 'yes'); + } + + return $self->SUPER::set_value($key, $value); +} +sub set_prop { + my ($self, $key, $prop, $value) = @_; + + my $rec = $self->get($key); + return unless ($rec); + my $current_value = $rec->prop($prop); + return $current_value if (defined $current_value and $current_value eq $value); + + $self->SUPER::set_value('UnsavedChanges', 'yes'); + return $rec->set_prop($prop, $value); +} +sub delete_prop { + my ($self, $key, $prop) = @_; + my $rec = $self->get($key); + my $current_value = $rec->prop($prop); + return unless (defined $current_value); + + $self->SUPER::set_value('UnsavedChanges', 'yes'); + return $rec->delete_prop($prop); +} +# Deleting a record is the same as changing one +sub delete { + my ($self, $key) = @_; + my $current = $self->get($key); + return unless (defined $current); + $self->SUPER::set_value('UnsavedChanges', 'yes'); + return $current->delete; +} +1; diff --git a/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/groups.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/groups.pm new file mode 100755 index 0000000..7a89e97 --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/groups.pm @@ -0,0 +1,603 @@ +#!/usr/bin/perl -w + +# +# $Id: groups.pm,v 1.38 2005/05/12 21:44:29 charlieb Exp $ +# + +package esmith::FormMagick::Panel::groups; + +use strict; + +use esmith::FormMagick; +use esmith::ConfigDB; +use esmith::AccountsDB; +use File::Basename; +use Exporter; +use Carp; + +our @ISA = qw(esmith::FormMagick Exporter); + +our @EXPORT = qw( + + show_initial + genUsers + create_group + modify_group + delete_group + validate_is_group + validate_group_naming_conflict + validate_group + validate_group_length + getNextFreeID + validate_group_has_members + print_group_delete_desc + print_group_members + print_group_name + print_ibay_list + get_accounts_prop + get_description + get_cgi_param +); + +our $accounts = esmith::AccountsDB->open() || die "Couldn't open accounts"; +our $db = esmith::ConfigDB->open || die "Couldn't open config db"; + +our $VERSION = sprintf '%d.%03d', q$Revision: 1.38 $ =~ /: (\d+).(\d+)/; + + +=pod + +=head1 NAME + +esmith::FormMagick::Panels::groups - useful panel functions + +=head1 SYNOPSIS + + use esmith::FormMagick::Panels::groups; + + my $panel = esmith::FormMagick::Panel::groups->new(); + $panel->display(); + +=head1 DESCRIPTION + +=cut + + +=head2 new(); + +Exactly as for esmith::FormMagick + +=begin testing + +$ENV{ESMITH_ACCOUNT_DB} = "10e-smith-base/accounts.conf"; +$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf"; + +use_ok('esmith::FormMagick::Panel::groups'); +use vars qw($panel); +ok($panel = esmith::FormMagick::Panel::groups->new(), "Create panel object"); +isa_ok($panel, 'esmith::FormMagick::Panel::groups'); + +=end testing + +=cut + +sub new { + shift; + my $self = esmith::FormMagick->new(); + $self->{calling_package} = (caller)[0]; + bless $self; + return $self; +} + + +=head1 ACCESSORS + +=head2 get_cgi_param FM FIELD + +Returns the named CGI parameter as a string + +=cut + +sub get_cgi_param { + my $fm = shift; + my $param = shift; + + return ( $fm->{'cgi'}->param($param) ); +} + + +=head2 get_accounts_prop ITEM PROP + +A simple accessor for esmith::AccountsDB::Record::prop + +=cut + +sub get_accounts_prop { + my $fm = shift; + my $item = shift; + my $prop = shift; + + my $record = $accounts->get($item); + + if ($record) { + return $record->prop($prop); + } + else { + return ''; + } + +} + + +=head2 get_description + +Get the Description for the group named in the CGI argument "GroupName" + +=cut + +sub get_description { + my $fm = shift; + my $group = $fm->{'cgi'}->param('groupName'); + return ( $fm->get_accounts_prop( $group, 'Description' ) ); +} + +=head1 ACTION + + +=head2 show_initial FM + +Show the "start" page for this panel + +=cut + +sub show_initial () { + my $fm = shift; + my $q = $fm->{cgi}; + $q->Delete('groupName'); + + my $params = $fm->build_cgi_params(); + + my $numGroups = $accounts->groups; + + print $q->Tr($q->td( + "

" + . $fm->localise("GROUP_ADD") + . "

")); + + if ( $numGroups == 0 ) { + print $q->Tr($q->td( + '

' . $fm->localise("ACCOUNT_GROUP_NONE") . '

')); + + } + else { + print $q->Tr($q->td({-colspan => 2}, $fm->localise('CURRENT_LIST'))); + print $q->start_table({-CLASS => "sme-border"}),"\n"; + print "" + . $fm->localise("GROUP") + . " " + . $fm->localise('DESCRIPTION') + . "" + . $fm->localise('ACTION') + . ""; + foreach my $group ( $accounts->groups() ) { + $params = $fm->build_cgi_params( $group->key ); + print "" . "" + . $group->key . "" . "" + . $group->prop('Description') . "" + . "" + . $fm->localise("MODIFY") . "" + . "" + . $fm->localise("REMOVE") . "" . ""; + + } + print $q->end_table,"\n"; + } + return; +} + +=head2 create_group FM + +Create a group + +=cut + +sub create_group { + my $fm = shift; + my $q = $fm->{'cgi'}; + + my $groupName = $q->param('groupName'); + my @members = $q->param('groupMembers'); + my $members = join ( ",", @members ); + + my %props = ( + 'type', 'group', 'Description', + $q->param('groupDesc'), 'Members', $members + ); + + $accounts->new_record( $groupName, \%props ); + + # Untaint groupName before use in system() + ($groupName) = ($groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/); + $fm->clear_params(); + + return system("/sbin/e-smith/signal-event", "group-create", "$groupName") ? + $fm->error('CREATE_ERROR') : $fm->success('CREATED_GROUP'); +} + +=head2 modify_group FM + +Modify a group's description and membership roster + +=cut + +sub modify_group { + + my $fm = shift; + my $q = $fm->{'cgi'}; + + my @members = $q->param('groupMembers'); + my $desc = $q->param('groupDesc'); + my $groupName = $q->param('groupName'); + + $accounts->get($groupName)->set_prop( 'Members', join ( ',', @members ) ); + $accounts->get($groupName)->set_prop( 'Description', $desc ); + + # Untaint groupName before use in system() + ($groupName) = ($groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/); + $fm->clear_params(); + return system("/sbin/e-smith/signal-event", "group-modify", "$groupName") ? + $fm->error('MODIFY_ERROR') : $fm->success('MODIFIED_GROUP'); +} + +=head2 delete_group FM + +Delete a group and move all of its ibays to the 'admin' group. + +=cut + +sub delete_group { + + my $fm = shift; + my $q = $fm->{'cgi'}; + + my $groupName = $q->param('groupName'); + + $accounts->get($groupName)->set_prop( 'type', 'group-deleted' ); + + + # Untaint groupName before use in system() + ($groupName) = ($groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/); + $fm->clear_params(); + return (system("/sbin/e-smith/signal-event", "group-delete", + "$groupName") || + !$accounts->get($groupName)->delete()) ? + $fm->error('DELETE_ERROR') : $fm->success('DELETED_GROUP'); +} + + +=head1 VALIDATION + +=head2 validate_is_group FM GROUP + +returns OK if GROUP is a current group. otherwisee returns "NOT_A_GROUP" + +=begin testing + +#ok($panel->validate_is_group('root') eq 'OK', "Root is a group"); +ok($panel->validate_is_group('ro2ot') eq 'NOT_A_GROUP', "Ro2ot is not a group"); + +=end testing + +=cut + +sub validate_is_group () { + my $fm = shift; + my $group = shift; + + my @groups = $accounts->groups(); + my %groups = map { $_->key => 1 } @groups; + + unless ( exists $groups{$group} ) { + return ("NOT_A_GROUP"); + } + return ("OK"); + +} + + +=head2 validate_group_naming_conflict FM GROUPNAME + +Returns "OK" if this group's name doesn't conflict with anything +Returns "PSEUDONYM_CONFLICT" if this name conflicts with a pseudonym +Returns "NAME_CONFLICT" if this group name conflicts with anything else + +ok (undef, 'need testing for validate_naming_Conflicts'); +=cut + +sub validate_group_naming_conflict +{ + my $fm = shift; + my $groupName = shift; + + my $account = $accounts->get($groupName); + my $type; + + if (defined $account) + { + $type = $account->prop('type'); + } + elsif (defined getpwnam($groupName) || defined getgrnam($groupName)) + { + $type = "system"; + } + else + { + return('OK'); + } + return $fm->localise('ACCOUNT_CONFLICT', + { group => $groupName, + type => $type, + }); +} + +=head2 validate_group FM groupname + +Returns OK if the group name contains only valid characters +Returns GROUP_NAMING otherwise + +=being testing + +ok(validate_group('','foo') eq 'OK', 'foo is a valid group); +ok(validate_group('','f&oo') eq 'GROUP_CONTAINS_INVALD', 'f&oo is not a valid group); + +=end testing + +=cut + +sub validate_group { + my $fm = shift; + my $groupName = shift; + unless ( $groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/ ) { + return ('GROUP_NAMING'); + } + return ('OK'); +} + + +=head2 validate_group_length FM GROUPNAME + +returns 'OK' if the group name is shorter than the maximum group name length +returns 'GROUP_TOO_LONG' otherwise + +=begin testing + +ok(($panel->validate_group_length('foo') eq 'OK'), "a short groupname passes"); +ok(($panel->validate_group_length('fooooooooooooooooo') eq 'GROUP_TOO_LONG'), "a long groupname fails"); + +=end testing + +=cut + +sub validate_group_length { + my $fm = shift; + my $groupName = shift; + + my $maxGroupNameLength = ($db->get('maxGroupNameLength') + ? $db->get('maxGroupNameLength')->prop('type') + : "") || 12; + + if ( length $groupName > $maxGroupNameLength ) { + + return $fm->localise('GROUP_TOO_LONG', + {maxLength => $maxGroupNameLength}); + } + else { + return ('OK'); + } +} + + +=head2 validate_group_has_members FM MEMBERS + +Validates that the cgi parameter MEMBERS is an array with at least one entry +Returns OK if true. Otherwise, returns NO_MEMBERS + + +=begin testing + +ok(validate_group_has_members('',qw(foo bar)) eq 'OK', "We do ok with a group with two members"); + +ok(validate_group_has_members('',qw()) eq 'NO_MEMBERS', "We do ok with a group with no members"); +ok(validate_group_has_members('') eq 'NO_MEMBERS', "We do ok with a group with undef members"); + +=end testing + +=cut + +sub validate_group_has_members { + my $fm = shift; + my @members = (@_); + my $count = @members; + if ( $count == 0 ) { + return ('NO_MEMBERS'); + } + else { + return ('OK'); + } +} + + + +=head1 UTILITY FUNCTIONS + + +=head2 print_group_members FM ACCT + +Takes an FM object and the name of a group. +Prints out an unordered list of the group's members. + +=cut + +sub print_group_members { + my $fm = shift; + my $q = $fm->cgi; + my $acct = $q->param('groupName'); + + print $q->Tr( + $q->td({-class => "sme-noborders"}, + $fm->localise('GROUP_HAS_MEMBERS'))),"\n"; + + my @members = split ( /,/, $accounts->get($acct)->prop('Members') ); + my %names; + foreach my $m (@members) { + my $name; + if ( $m eq 'admin' ) { + $name = "Administrator"; + } + else { + $name = + $accounts->get($m)->prop('FirstName') . " " + . $accounts->get($m)->prop('LastName'); + } + $names{$m} = $name; + } + + print $q->Tr( + $q->td({-class => "sme-noborders"}, + $q->p($q->ul( + $q->li({-type => 'disc'}, + [map { "$_ (${names{$_}})" } @members]))))),"\n"; + + return; +} + +sub print_group_delete_desc +{ + my $fm = shift; + my $q = $fm->cgi; + my $acct = $q->param('groupName'); + print $q->Tr( + $q->td({-class => "sme-noborders"}, + $q->p($fm->localise('DELETE_DESCRIPTION', {group => $acct})), + $q->br)),"\n"; + return ''; +} + +sub print_ibay_list { + my $fm = shift; + my $q = $fm->cgi; + my $acct = $q->param('groupName'); + + my %names; + foreach my $ibay ( $accounts->ibays ) { + if ( $ibay->prop('Group') eq $acct ) { + $names{$ibay->key} = $ibay->prop('Name'); + } + } + + if (%names) { + print $q->Tr( + $q->td({-class => "sme-noborders"}, + $q->p($fm->localise('IBAYS_WILL_BE_CHANGED')), + $q->ul( + $q->li({-type => 'disc'}, + [map { "$_ (${names{$_}})" } sort keys %names])))),"\n"; + } + + return; +} + + + +=head2 build_cgi_params() + +Builds a CGI query string, using various sensible +defaults and esmith::FormMagick's props_to_query_string() method. + +=cut + +sub build_cgi_params { + my ( $fm, $group ) = @_; + + my %props = ( + page => 0, + page_stack => "", + ".id" => $fm->{cgi}->param('.id') || "", + groupName => $group, + ); + + return $fm->props_to_query_string( \%props ); +} + +=head2 genUsers MEMBERS + +Takes a comma delimited list of users and returns a string of +html checkboxes for all system users with the members of the group +in $fm->{cgi}->parm('groupName')checked. + +=cut + +sub genUsers () { + my $fm = shift; + my $members = ""; + my $group = $fm->{'cgi'}->param('groupName'); + + if ($accounts->get($group)) { + $members = $accounts->get($group)->prop('Members'); + } + my %members; + foreach my $member ( split ( /,/, $members ) ) { + $members{$member} = 1; + } + my @users = sort { $a->key() cmp $b->key() } $accounts->users(); + + # include Administrator at beginning of list + + my $out = "\n " + . $fm->localise('GROUP_MEMBERS') + . "\n \n" + . " \n" + . " \n" + . " \n \n \n"; + foreach my $user (@users) { + my $checked = ""; + if ( $members{ $user->key() } ) { + $checked = "checked"; + } + my $name; + if ( $user eq 'admin' ) { $name = 'Administrator'; } + else { + $name = $user->prop('FirstName') . " " . $user->prop('LastName'); + } + + $out .=" \n" + . " \n \n \n"; + + } + + $out .= "
Administrator (admin)
key + . "\">$name (".$user->key.")
\n \n \n"; + return $out; +} + +=head2 clear_params + +This method clears-out the parameters used in form submission so that they are +not inadvertenly picked-up where they should not be. + +=cut + +sub clear_params +{ + my $self = shift; + my $q = $self->{cgi}; + + $q->delete('groupMembers'); + $q->delete('groupDesc'); + $q->delete('groupName'); +} diff --git a/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/localnetworks.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/localnetworks.pm new file mode 100755 index 0000000..6a5fbbb --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/localnetworks.pm @@ -0,0 +1,524 @@ +#!/usr/bin/perl -w + +# +# $Id: localnetworks.pm,v 1.32 2004/08/27 17:27:30 msoulier Exp $ +# + +package esmith::FormMagick::Panel::localnetworks; + +use strict; + +use esmith::FormMagick; +use esmith::NetworksDB; +use esmith::ConfigDB; +use esmith::HostsDB; +use esmith::cgi; +use esmith::util; +use File::Basename; +use Exporter; +use Carp; +use Net::IPv4Addr; +use Net::Netmask; + +our @ISA = qw(esmith::FormMagick Exporter); + +our @EXPORT = qw( + print_network_table + ip_number_or_blank + subnet_mask + add_network + remove_network + show_remove_network_summary +); + +our $VERSION = sprintf '%d.%03d', q$Revision: 1.32 $ =~ /: (\d+).(\d+)/; + +=pod + +=head1 NAME + +esmith::FormMagick::Panels::localnetworks - useful panel functions + +=head1 SYNOPSIS + + use esmith::FormMagick::Panels::localnetworks; + + my $panel = esmith::FormMagick::Panel::localnetworks->new(); + $panel->display(); + +=head1 DESCRIPTION + + +=head2 new(); + +Exactly as for esmith::FormMagick + +=begin testing + +$ENV{ESMITH_ACCOUNT_DB} = "10e-smith-base/accounts.conf"; +$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf"; +$ENV{ESMITH_NETWORKS_DB} = "10e-smith-base/networks.conf"; + +use_ok('esmith::FormMagick::Panel::localnetworks'); +use vars qw($panel); +ok($panel = esmith::FormMagick::Panel::localnetworks->new(), + "Create panel object"); +isa_ok($panel, 'esmith::FormMagick::Panel::localnetworks'); + +=end testing + +=cut + +sub new +{ + shift; + my $self = esmith::FormMagick->new(); + $self->{calling_package} = (caller)[0]; + bless $self; + return $self; +} + +=head1 HTML GENERATION ROUTINES + +Routines for generating chunks of HTML needed by the panel. + +=head2 print_user_table + +Prints out the user table on the front page. + +=for testing +my $fm = esmith::FormMagick::Panel::localnetworks->new(); +$fm->{cgi} = CGI->new(); +can_ok('main', 'print_network_table'); +print_network_table($fm); +like($_STDOUT_, qr/NUMBER_OF_HOSTS/, "saw hosts table"); + +=cut + +sub print_network_table +{ + my $self = shift; + my $q = $self->{cgi}; + + my $network_db = esmith::NetworksDB->open(); + my @networks = $network_db->get_all_by_prop( type => 'network' ); + unless (@networks) + { + print $q->h3 ( $self->localise('NO_ADDITIONAL_NETWORKS') ); + return ""; + } + + print $q->start_Tr, "\n"; + print $q->start_td, "\n"; + print $q->start_table( { class => "sme-border" } ), "\n"; + + my $remove = $self->localise('REMOVE'); + + print $q->Tr ( + esmith::cgi::genSmallCell( + $q, ( $self->localise('NETWORK') ), "header" + ), + esmith::cgi::genSmallCell( + $q, ( $self->localise('SUBNET_MASK') ), "header" + ), + esmith::cgi::genSmallCell( + $q, ( $self->localise('NUMBER_OF_HOSTS') ), "header" + ), + esmith::cgi::genSmallCell( + $q, ( $self->localise('ROUTER') ), "header" + ), + esmith::cgi::genSmallCell( + $q, ( $self->localise('ACTION') ), "header" + ) + ), + "\n"; + + my $scriptname = basename($0); + + foreach my $n ( sort by_key @networks ) + { + my $network = $n->key(); + my $subnet = $n->prop('Mask'); + my $router = $n->prop('Router'); + my $removable = $n->prop('Removable') || "yes"; + my $system = $n->prop('SystemLocalNetwork') || "no"; + if ( $system eq "yes" ) + { + $removable = "no"; + } + my $params = $self->build_network_cgi_params($network); + my $link = + ( $removable eq "no" ) + ? ' ' + : $q->a( { -href => "$scriptname?$params&wherenext=Remove" }, + $remove ); + my ($num_hosts) = esmith::util::computeHostRange( $network, $subnet ); + print $q->Tr ( + esmith::cgi::genSmallCell( $q, $network, "normal" ), + esmith::cgi::genSmallCell( $q, $subnet, "normal" ), + esmith::cgi::genSmallCell( $q, $num_hosts, "normal" ), + esmith::cgi::genSmallCell( $q, $n->prop('Router'), "normal" ), + esmith::cgi::genSmallCell( $q, $link, "normal" ) + ); + } + + print $q->end_table, "\n"; + print $q->end_td, "\n"; + print $q->end_Tr, "\n"; + + return ""; +} + +sub by_key +{ + $a->key() cmp $b->key(); +} + +sub build_network_cgi_params +{ + my ( $fm, $network, $oldprops ) = @_; + + my %props = ( + page => 0, + page_stack => "", + ".id" => $fm->{cgi}->param('.id') || "", + network => $network, + ); + + return $fm->props_to_query_string( \%props ); +} + +sub show_remove_network_summary +{ + my $self = shift; + my $q = $self->{cgi}; + my $network = $q->param('network'); + + my $network_db = esmith::NetworksDB->open(); + my $record = $network_db->get($network); + my $subnet = $record->prop('Mask'); + my $router = $record->prop('Router'); + + print $q->Tr( + $q->td( + { -class => 'sme-noborders-label' }, + $self->localise('NETWORK') + ), + $q->td( { -class => 'sme-noborders-content' }, $network ) + ), + "\n"; + print $q->Tr( + $q->td( + { -class => 'sme-noborders-label' }, + $self->localise('SUBNET_MASK') + ), + $q->td( { -class => 'sme-noborders-content' }, $subnet ) + ), + "\n"; + print $q->Tr( + $q->td( + { -class => 'sme-noborders-label' }, $self->localise('ROUTER') + ), + $q->td( { -class => 'sme-noborders-content' }, $router ) + ), + "\n"; + if ($self->hosts_on_network($network, $subnet)) + { + print $q->Tr( + $q->td({-colspan => 2}, + $self->localise('REMOVE_HOSTS_DESC'))); + print $q->Tr( + $q->td({-class => 'sme-noborders-label'}, + $self->localise('REMOVE_HOSTS_LABEL')), + $q->td({-class => 'sme-noborders-content'}, + $q->checkbox(-name => 'delete_hosts', + -checked=>1, + -value=>'ON', + -label => ''))); + } + print $q->table( + { -width => '100%' }, + $q->Tr( + $q->th( + { -class => 'sme-layout' }, + $q->submit( + -name => 'cancel', + -value => $self->localise('CANCEL') + ), + ' ', + $q->submit( + -name => 'remove', + -value => $self->localise('REMOVE') + ) + ) + ) + ), + "\n"; + + # Clear these values to prevent collisions when the page reloads. + $q->delete("cancel"); + $q->delete("remove"); + + return undef; +} + +=head1 VALIDATION ROUTINES + +=head2 ip_number_or_blank + +The router field may either contain an ip address or may be blank. + +=for testing +is (ip_number_or_blank($panel, ''), "OK", "blank IP address is OK"); +is (ip_number_or_blank($panel, '1.2.3.4'), "OK", "IP dress is OK"); +isnt(ip_number_or_blank($panel, '1.2.3.4000'), "OK", "invalid IP address"); + +=cut + +#sub ip_number_or_blank { +# my ($fm, $data) = @_; +# if (CGI::FormMagick::Validator::ip_number($fm, $data) eq "OK" +# or $data eq "") { +# return "OK"; +# } else { +# return "INVALID_IP_ADDRESS"; +# } +#} + +sub subnet_mask +{ + my ( $fm, $data ) = @_; + # we test for a valid mask or bit mask + my $tip="192.168.50.1"; + my $block = new Net::Netmask("$tip/$data") or return "INVALID_SUBNET_MASK"; + if ($block->mask() eq "$data" || $block->bits() eq "$data") + { + return "OK"; + } + return "INVALID_SUBNET_MASK"; +} + +=head1 ADDING AND REMOVING NETWORKS + +=head2 add_network() + +=cut + +sub add_network +{ + my ($fm) = @_; + my $networkAddress = $fm->{cgi}->param('networkAddress'); + my $networkMask = $fm->{cgi}->param('networkMask'); + # we transform bit mask to regular mask + my $block = new Net::Netmask("$networkAddress/$networkMask"); + $networkMask = $block->mask(); + + my $networkRouter = $fm->{cgi}->param('networkRouter'); + + my $network_db = esmith::NetworksDB->open() + || esmith::NetworksDB->create(); + my $config_db = esmith::ConfigDB->open(); + + my $localIP = $config_db->get('LocalIP'); + my $localNetmask = $config_db->get('LocalNetmask'); + + my ( $localNetwork, $localBroadcast ) = + esmith::util::computeNetworkAndBroadcast( $localIP->value(), + $localNetmask->value() ); + + my ( $routerNetwork, $routerBroadcast ) = + esmith::util::computeNetworkAndBroadcast( $networkRouter, + $localNetmask->value() ); + + # Note to self or future developers: + # the following tests should probably be validation routines + # in the form itself, but it just seemed too fiddly to do that + # at the moment. -- Skud 2002-04-11 + + if ( $routerNetwork ne $localNetwork ) + { + $fm->error('NOT_ACCESSIBLE_FROM_LOCAL_NETWORK'); + return; + } + + my ( $network, $broadcast ) = + esmith::util::computeNetworkAndBroadcast( $networkAddress, $networkMask ); + + if ( $network eq $localNetwork ) + { + $fm->error('NETWORK_ALREADY_LOCAL'); + return; + } + + if ( $network_db->get($network) ) + { + $fm->error('NETWORK_ALREADY_ADDED'); + return; + } + + $network_db->new_record( + $network, + { + Mask => $networkMask, + Router => $networkRouter, + type => 'network', + } + ); + + # Untaint $network before use in system() + $network =~ /(.+)/; + $network = $1; + system( "/sbin/e-smith/signal-event", "network-create", $network ) == 0 + or ( $fm->error('ERROR_CREATING_NETWORK') and return undef ); + + my ( $totalHosts, $firstAddr, $lastAddr ) = + esmith::util::computeHostRange( $network, $networkMask ); + + my $msg; + if ( $totalHosts == 1 ) + { + $msg = $fm->localise( + 'SUCCESS_SINGLE_ADDRESS', + { + network => $network, + networkMask => $networkMask, + networkRouter => $networkRouter + } + ); + $fm->success($msg); + } + elsif (( $totalHosts == 256 ) + || ( $totalHosts == 65536 ) + || ( $totalHosts == 16777216 ) ) + { + $msg = $fm->localise( + 'SUCCESS_NETWORK_RANGE', + { + network => $network, + networkMask => $networkMask, + networkRouter => $networkRouter, + totalHosts => $totalHosts, + firstAddr => $firstAddr, + lastAddr => $lastAddr + } + ); + $fm->success($msg); + } + else + { + my $simpleMask = + esmith::util::computeLocalNetworkPrefix( $network, $networkMask ); + $msg = $fm->localise( + 'SUCCESS_NONSTANDARD_RANGE', + { + network => $network, + networkMask => $networkMask, + networkRouter => $networkRouter, + totalHosts => $totalHosts, + firstAddr => $firstAddr, + lastAddr => $lastAddr, + simpleMask => $simpleMask + } + ); + $fm->success($msg); + } +} + +=head2 remove_network() + +=cut + +sub remove_network +{ + my ($self) = @_; + + my $network = $self->cgi->param('network'); + my $delete_hosts = $self->cgi->param('delete_hosts') || ""; + my $network_db = esmith::NetworksDB->open(); + + unless ( $self->{cgi}->param("cancel") ) + { + if ( my $record = $network_db->get($network) ) + { + $record->set_prop( type => 'network-deleted' ); + # Untaint $network before use in system() + $network =~ /(.+)/; + $network = $1; + if ( + system( + "/sbin/e-smith/signal-event", "network-delete", + $network + ) == 0 + ) + { + my $networkMask = $record->prop('Mask') || ""; + my $networkRouter = $record->prop('Router') || ""; + if ($delete_hosts) + { + my @hosts_to_delete = $self->hosts_on_network( + $network, $networkMask); + foreach my $host (@hosts_to_delete) + { + $host->delete; + } + } + $record->delete; + my $msg = $self->localise( + 'SUCCESS_REMOVED_NETWORK', + { + network => $network, + networkMask => $networkMask, + networkRouter => $networkRouter + } + ); + $self->success($msg); + } + else + { + $self->error("ERROR_DELETING_NETWORK"); + } + } + else + { + $self->error("NO_SUCH_NETWORK"); + } + } +} + +=head2 hosts_on_network + +This method takes a network address, and a netmask, and audits the hosts +database looking for hosts on that network. In a scalar context it returns the +number of hosts found on that network. In a list context it returns the host +records. + +=cut + +sub hosts_on_network +{ + my $self = shift; + my $network = shift; + my $netmask = shift; + + die if not $network and $netmask; + + my $cidr = "$network/$netmask"; + my $hosts = esmith::HostsDB->open; + my @localhosts = grep { $_->prop('HostType') eq 'Local' } $hosts->hosts; + my @hosts_on_network = (); + foreach my $host (@localhosts) + { + my $ip = $host->prop('InternalIP') || ""; + if ($ip) + { + if (Net::IPv4Addr::ipv4_in_network($cidr, $ip)) + { + push @hosts_on_network, $host; + } + } + } + return @hosts_on_network if wantarray; + return scalar @hosts_on_network; +} + +1; diff --git a/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/reboot.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/reboot.pm new file mode 100755 index 0000000..955fe6d --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/reboot.pm @@ -0,0 +1,136 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# $Id: reboot.pm,v 1.3 2002/05/22 21:58:07 apc Exp $ +#---------------------------------------------------------------------- +# copyright (C) 2002-2005 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- +package esmith::FormMagick::Panel::reboot; + +use strict; + +use esmith::FormMagick; +use esmith::util; +use File::Basename; +use Exporter; +use Carp; + +our @ISA = qw(esmith::FormMagick Exporter); + +our @EXPORT = qw( change_settings +); + +our $VERSION = sprintf '%d.%03d', q$Revision: 1.3 $ =~ /: (\d+).(\d+)/; + +# {{{ header + +=pod + +=head1 NAME + +esmith::FormMagick::Panels::reboot - useful panel functions + +=head1 SYNOPSIS + + use esmith::FormMagick::Panels::reboot; + + my $panel = esmith::FormMagick::Panel::reboot->new(); + $panel->display(); + +=head1 DESCRIPTION + +=cut + +# {{{ new + +=head2 new(); + +Exactly as for esmith::FormMagick + +=begin testing + + +use_ok('esmith::FormMagick::Panel::reboot'); +use vars qw($panel); +ok($panel = esmith::FormMagick::Panel::reboot->new(), "Create panel object"); +isa_ok($panel, 'esmith::FormMagick::Panel::reboot'); + +=end testing + +=cut + + + +sub new { + shift; + my $self = esmith::FormMagick->new(); + $self->{calling_package} = (caller)[0]; + bless $self; + return $self; +} + +# }}} + + +=head1 ACTION + +=head2 change_settings + + Reboot or halt the machine + +=cut + + + +sub change_settings { + my ($fm) = @_; + + my $q = $fm->{'cgi'}; + + my $function = $q->param ('function'); + + my $debug = $q->param('debug'); + + if ($function eq "reboot") { + $fm->{cgi}->param( -name => 'initial_message', -value => 'REBOOT_SUCCEEDED'); + $fm->{cgi}->param( -name => 'wherenext', -value => 'Reboot' ); + unless ($debug) { + system( "/sbin/e-smith/signal-event", "reboot" ) == 0 + or die ("Error occurred while rebooting.\n"); + } + } elsif ($function eq 'shutdown') { + $fm->{cgi}->param( -name => 'initial_message', -value => 'HALT_SUCCEEDED'); + $fm->{cgi}->param( -name => 'wherenext', -value => 'Shutdown' ); + unless ($debug) { + system( "/sbin/e-smith/signal-event", "halt" ) == 0 + or die ("Error occurred while halting.\n"); + } + } elsif ($function eq 'reconfigure') { + $fm->{cgi}->param( -name => 'initial_message', -value => 'RECONFIGURE_SUCCEEDED'); + $fm->{cgi}->param( -name => 'wherenext', -value => 'Reconfigure' ); + unless ($debug) { + system( "/sbin/e-smith/signal-event", "post-upgrade" ) == 0 + or die ("Error occurred while running post-upgrade.\n"); + system( "/sbin/e-smith/signal-event", "reboot" ) == 0 + or die ("Error occurred while rebooting.\n"); + } + } +} + + +1; + diff --git a/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm new file mode 100755 index 0000000..d132a2f --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm @@ -0,0 +1,844 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# $Id: remoteaccess.pm,v 1.42 2005/03/19 01:00:54 charlieb Exp $ +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 1999-2003 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +package esmith::FormMagick::Panel::remoteaccess; + +use strict; +use esmith::ConfigDB; +use esmith::FormMagick; +use esmith::util; +use esmith::cgi; +use File::Basename; +use Exporter; +use Carp; +use Socket qw( inet_aton ); +use Net::Netmask; + +our @ISA = qw(esmith::FormMagick Exporter); + +our @EXPORT = qw(get_ssh_permit_root_login get_ssh_access get_telnet_mode + change_settings get_ftp_access get_ftp_password_login_access + get_value get_prop get_ssh_password_auth zero_or_positive + show_valid_from_list add_new_valid_from remove_valid_from + validate_network_and_mask ip_number_or_blank subnet_mask_or_blank + show_telnet_section get_serial_console show_ftp_section + get_ipsecrw_sessions show_ipsecrw_section + get_vpn_sessions +); + + + +our $VERSION = sprintf '%d.%03d', q$Revision: 1.42 $ =~ /: (\d+).(\d+)/; +our $db = esmith::ConfigDB->open + || warn "Couldn't open configuration database (permissions problems?)"; + + +# {{{ header + +=pod + +=head1 NAME + +esmith::FormMagick::Panels::remoteaccess - useful panel functions + +=head1 SYNOPSIS + + use esmith::FormMagick::Panels::remoteaccess; + + my $panel = esmith::FormMagick::Panel::remoteaccess->new(); + $panel->display(); + +=head1 DESCRIPTION + +=cut + +# {{{ new + +=head2 new(); + +Exactly as for esmith::FormMagick + +=begin testing + +$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf"; + +use_ok('esmith::FormMagick::Panel::remoteaccess'); +use vars qw($panel); +ok($panel = esmith::FormMagick::Panel::remoteaccess->new(), + "Create panel object"); +isa_ok($panel, 'esmith::FormMagick::Panel::remoteaccess'); + +=end testing + +=cut + +sub new { + shift; + my $self = esmith::FormMagick->new(); + $self->{calling_package} = (caller)[0]; + bless $self; + return $self; +} + +# }}} + +=head2 get_prop ITEM PROP + +A simple accessor for esmith::ConfigDB::Record::prop + +=cut + +sub get_prop { + my ($self, $item, $prop) = @_; + warn "You must specify a record key" unless $item; + warn "You must specify a property name" unless $prop; + my $record = $db->get($item) or warn "Couldn't get record for $item"; + return $record ? $record->prop($prop) : undef; +} + +=head2 get_value ITEM + +A simple accessor for esmith::ConfigDB::Record::value + +=cut + +sub get_value { + my $self = shift; + my $item = shift; + return ($db->get($item)->value()); +} + +=head2 get_ftp_access + +Returns "normal", "private" or "off" depending on the 'access' and 'status' properties +of the "ftp" config file variable + +=cut + +sub get_ftp_access +{ + my $status = get_prop('','ftp','status') || 'disabled'; + return 'off' unless $status eq 'enabled'; + + my $access = get_prop('','ftp','access') || 'private'; + return ($access eq 'public') ? 'normal' : 'private'; +} + +=head2 get_vpn_sessions + +Get the # of vpn sessions defined in the sessions property of the generik vpn config file variable + +=cut + + sub get_vpn_sessions { + my $status = get_prop('','vpn','status'); + if (defined($status) && ($status eq 'enabled')) { + + return(get_prop('','vpn','sessions') || '0'); + } + else { + return('0'); + } +} + +=head2 get_ssh_permit_root_login + +returns 'yes' or 'no' depending on whether ssh permit root login is enabled + +=cut + +sub get_ssh_permit_root_login +{ + return(get_prop('','sshd','PermitRootLogin') || 'no'); +} + +=head2 get_ssh_password_auth + +Returns 'no' or 'yes' depending on whether ssh password auth is enabled + +=cut + +sub get_ssh_password_auth +{ + return(get_prop('','sshd','PasswordAuthentication') || 'yes'); +} + +=head2 get_ssh_access + +Returns 'public' 'private' or 'off', depending on the current ssh server mode. + +=cut + +sub get_ssh_access { + + my $status = get_prop('','sshd','status'); + if (defined($status) && ($status eq 'enabled')) { + my $access = get_prop('','sshd','access'); + $access = ($access eq 'public') ? 'public' : 'private'; + return($access); + } + else { + return('off'); + } +} + +=head2 get_ssh_port + +Get the tcp port defined in the TCPPort propery +in the sshd config file variable + +=cut + +sub get_ssh_port +{ + return(get_prop('$self','sshd','TCPPort') || '22'); +} + +=head2 get_ftp_password_login_access + +Returns "public" or "private" depending on the 'status' and 'LoginAccess' properties +of the "ftp" config file variable + +=cut + +sub get_ftp_password_login_access +{ + my $status = get_prop('','ftp','status') || 'disabled'; + return 'private' unless $status eq 'enabled'; + + my $access = get_prop('','ftp','LoginAccess') || 'private'; + + return ($access eq 'public') ? 'public' : 'private'; +} + +=head2 get_telnet_mode + +Returns "public", "private" or "off" depending on the current telnet configuration + +=cut + +sub get_telnet_mode { + my $telnet = $db->get('telnet'); + return('off') unless $telnet; + my $status = $telnet->prop('status') || 'disabled'; + return('off') unless $status eq 'enabled'; + my $access = $telnet->prop('access') || 'private'; + return ($access eq "public") ? "public" : "private"; +} + +=head2 get_serial_console + +Returns "disabled" or the serial device on which a login console is +enabled. + +=cut + +sub get_serial_console +{ + my $status = get_prop('','serial-console','status') || 'disabled'; + return 'disabled' unless $status eq 'enabled'; + + return get_prop('','serial-console','Device') || 'ttyS1'; +} + +sub show_telnet_section +{ + my $self = shift; + my $q = $self->cgi; + my $mode = get_telnet_mode(); + + # Don't show telnet setting if it is off + return '' if $mode eq 'off'; + + my %options = ( + public => $self->localise('NETWORKS_ALLOW_PUBLIC'), + private => $self->localise('NETWORKS_ALLOW_LOCAL'), + off => $self->localise('NO_ACCESS'), + ); + + print $q->Tr( + $q->td({-colspan => 2}, + $q->p( + $q->table( + $q->Tr( + $q->td({-colspan => 2}, + $q->span({-class => "error-noborders"}, + $self->localise('DESC_TELNET_ACCESS')))), + $q->Tr( + $q->td({-class => "sme-noborders-label"}, + $self->localise('LABEL_TELNET_ACCESS')), + $q->td({-class => "sme-noborders-content"}, + $q->popup_menu(-name => 'TelnetAccess', + -values => [ keys %options ], + -labels => \%options, + -default => $mode))) + ) + ) + ) + ); + return ''; +} + + +sub show_ftp_section +{ + my $self = shift; + my $q = $self->{cgi}; + + # Don't show ftp setting unless the property exists + return '' unless $db->get('ftp'); + + my %options = ( + normal => $self->localise('NETWORKS_ALLOW_PUBLIC'), + private => $self->localise('NETWORKS_ALLOW_LOCAL'), + off => $self->localise('NO_ACCESS'), + ); + + my %loginOptions = ( + private => $self->localise('PASSWORD_LOGIN_PRIVATE'), + public => $self->localise('PASSWORD_LOGIN_PUBLIC'), + ); + + print $q->Tr( + $q->td({-colspan => 2}, + $q->p( + $q->table( + $q->Tr( + $q->td({-colspan => 2}, + $q->span({-class => "sme-noborders"}, + $self->localise('DESC_FTP_ACCESS')))), + $q->Tr( + $q->td({-class => "sme-noborders-label"}, + $self->localise('LABEL_FTP_ACCESS')), + $q->td({-class => "sme-noborders-content"}, + $q->popup_menu(-name => 'FTPAccess', + -values => [ keys %options ], + -labels => \%options, + -default => get_ftp_access()))), + $q->Tr( + $q->td({-colspan => 2}, + $q->span({-class => "sme-noborders"}, + $self->localise('DESC_FTP_LOGIN')))), + $q->Tr( + $q->td({-class => "sme-noborders-label"}, + $self->localise('LABEL_FTP_LOGIN')), + $q->td({-class => "sme-noborders-content"}, + $q->popup_menu(-name => 'FTPPasswordLogin', + -values => [ keys %loginOptions ], + -labels => \%loginOptions, + -default => get_ftp_password_login_access()))) + ) + ) + ) + ); + return ''; +} + +=pod + +=head2 zero_or_positive + +Validate that the input is a number >= 0. + +=cut + +sub zero_or_positive +{ + my $self = shift; + my $val = shift || 0; + + return 'OK' if($val =~ /^\d+$/ and $val >= 0); + return $self->localise('VALUE_ZERO_OR_POSITIVE'); +} + +=pod + +=head2 vpn_and_dhcp_range + +Validate the input of vpn session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end + +=cut + +sub vpn_and_dhcp_range +{ + my $self = shift; + my $val = shift || 0; + my $dhcp_status = $db->get_prop('dhcpd','status') || 'disabled'; + my $dhcp_end = $db->get_prop('dhcpd','end') || ''; + my $dhcp_start = $db->get_prop('dhcpd','start') || ''; + + if ( $dhcp_status eq 'enabled' ) + { + my $ip_start = unpack 'N', inet_aton($dhcp_start); + my $ip_end = unpack 'N', inet_aton($dhcp_end); + my $ip_count = $ip_end - $ip_start; + return 'OK' if( $val < $ip_count ); + return $self->localise('NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE'); + } + else + { + return 'OK'; + } +} + +=pod + +=head2 _get_valid_from + +Reads the ValidFrom property of config entry httpd-admin and returns a list +of the results. Private method. + +=for testing +ok($panel->_get_valid_from(), "_get_valid_from"); + +=cut + +sub _get_valid_from +{ + my $self = shift; + + my $rec = $db->get('httpd-admin'); + return undef unless($rec); + my @vals = (split ',', ($rec->prop('ValidFrom') || '')); + return @vals; +} + +=pod + +=head2 add_new_valid_from + +Adds a new ValidFrom property in httpd-admin. + +=for testing +$panel->{cgi} = CGI->new(); +$panel->{cgi}->param(-name=>'validFromNetwork',-value=>'1.2.3.4'); +$panel->{cgi}->param(-name=>'validFromMask',-value=>'255.255.255.255'); +is($panel->add_new_valid_from(), '', 'add_new_valid_from'); + +=cut + +sub ip_number_or_blank +{ + my $self = shift; + my $ip = shift; + + if (!defined($ip) || $ip eq "") + { + return 'OK'; + } + return CGI::FormMagick::Validator::ip_number($self, $ip); +} + +sub subnet_mask_or_blank +{ + my ($self, $mask) = @_; + if (!defined($mask) || $mask eq "") + { + return "OK"; + } + chomp $mask ; + # we test for a valid mask or bit mask + my $tip="192.168.50.1"; + my $block = new Net::Netmask("$tip/$mask") or return "INVALID_SUBNET_MASK"; + if ($block->mask() eq "$mask" || $block->bits() eq "$mask") + { + return "OK"; + } + return "INVALID_SUBNET_MASK"; +} + +sub validate_network_and_mask +{ + my $self = shift; + my $mask = shift || ""; + + my $net = $self->cgi->param('validFromNetwork') || ""; + if ($net xor $mask) + { + return $self->localise('ERR_INVALID_PARAMS'); + } + return 'OK'; +} + +sub add_new_valid_from +{ + my $self = shift; + my $q = $self->{cgi}; + + my $net = $q->param('validFromNetwork'); + my $mask = $q->param('validFromMask'); + + # we transform bit mask to regular mask + my $block = new Net::Netmask("$net/$mask"); + $mask = $block->mask(); + + # do nothing if no network was added + return 1 unless ($net && $mask); + + my $rec = $db->get('httpd-admin'); + unless ($rec) + { + return $self->error('ERR_NO_RECORD'); + } + + my $prop = $rec->prop('ValidFrom') || ''; + + my @vals = split /,/, $prop; + return '' if (grep /^$net\/$mask$/, @vals); # already have this entry + + if ($prop ne '') + { + $prop .= ",$net/$mask"; + } + else + { + $prop = "$net/$mask"; + } + $rec->set_prop('ValidFrom', $prop); + $q->delete('validFromNetwork'); + $q->delete('validFromMask'); + return 1; +} + +=pod + +=head2 remove_valid_from + +Remove the specified net/mask from ValidFrom + +=for testing +$panel->{cgi}->param(-name=>'validFromNetwork', -value=>'1.2.3.4'); +$panel->{cgi}->param(-name=>'validFromMask', -value=>'255.255.255.255'); +is($panel->remove_valid_from(), '', 'remove_valid_from'); + +=cut + +sub remove_valid_from +{ + my $self = shift; + my $q = $self->{cgi}; + + my @remove = $q->param('validFromRemove'); + my @vals = $self->_get_valid_from(); + + foreach my $entry (@remove) + { + return undef unless $entry; + + my ($net, $mask) = split (/\//, $entry); + + unless (@vals) + { + print STDERR "ERROR: unable to load ValidFrom property from conf db\n"; + return undef; + } + + # what if we don't have a mask because someone added an entry from + # the command line? by the time we get here, the panel will have + # added a 32 bit mask, so we don't know for sure if the value in db + # is $net alone or $net/255.255.255.255. we have to check for both + # in this special case... + @vals = (grep { $entry ne $_ && $net ne $_ } @vals); + } + + my $prop; + if (@vals) + { + $prop = join ',',@vals; + } + else + { + $prop = ''; + } + $db->get('httpd-admin')->set_prop('ValidFrom', $prop); + + return 1; +} + +=pod + +=head2 show_valid_from_list + +Displays a table of the ValidFrom networks for httpd-admin. + +=for testing +$panel->{cgi}->param(-name=>'validFromNetwork', -value=>'5.4.3.2'); +$panel->{cgi}->param(-name=>'validFromMask', -value=>'255.255.255.255'); +$panel->add_new_valid_from(); +$panel->{source} = qq(
); +$panel->parse_xml(); +$panel->show_valid_from_list(); +like($_STDOUT_, qr/VALIDFROM_DESC/, 'show_valid_from_list'); +like($_STDOUT_, qr/5.4.3.2/, ' .. saw the network listed'); +like($_STDOUT_, qr/REMOVE/, ' .. saw the remove button'); +$panel->remove_valid_from(); + +=cut + +sub show_valid_from_list +{ + my $self = shift; + my $q = $self->{cgi}; + + print '',$q->p($self->localise('VALIDFROM_DESC')),''; + + my @vals = $self->_get_valid_from(); + if (@vals) + { + print '', + $q->start_table({class => "sme-border"}),"\n"; + print $q->Tr( + esmith::cgi::genSmallCell($q, $self->localise('NETWORK'),"header"), + esmith::cgi::genSmallCell($q, $self->localise('SUBNET_MASK'),"header"), + esmith::cgi::genSmallCell($q, $self->localise('NUM_OF_HOSTS'),"header"), + esmith::cgi::genSmallCell($q, $self->localise('REMOVE'),"header")); + + my @cbGroup = $q->checkbox_group(-name => 'validFromRemove', + -values => [@vals], -labels => { map {$_ => ''} @vals }); + foreach my $val (@vals) + { + my ($net, $mask) = split '/', $val; + $mask = '255.255.255.255' unless ($mask); + my ($numhosts,$a,$b) = esmith::util::computeHostRange($net,$mask); + print $q->Tr( + esmith::cgi::genSmallCell($q, $net, "normal"), + esmith::cgi::genSmallCell($q, $mask, "normal"), + esmith::cgi::genSmallCell($q, $numhosts, "normal"), + esmith::cgi::genSmallCell($q, shift(@cbGroup), + "normal")); + } + print ''; + } + else + { + print $q->Tr($q->td($q->b($self->localise('NO_ENTRIES_YET')))); + } + return ''; +} + +=head1 ACTION + +=head2 change_settings + + If everything has been validated, properly, go ahead and set the new settings + +=cut + + + +sub change_settings { + my ($self) = @_; + + my %conf; + + my $q = $self->{'cgi'}; + + # Don't process the form unless we clicked the Save button. The event is + # called even if we chose the Remove link or the Add link. + return unless($q->param('Next') eq $self->localise('SAVE')); + + my $access = ($q->param ('TelnetAccess') || 'off'); + my $sshaccess = ($q->param ('sshAccess') || 'off'); + my $sshPermitRootLogin = ($q->param ('sshPermitRootLogin') || 'no'); + my $sshPasswordAuthentication = ($q->param ('sshPasswordAuthentication') || 'no'); + my $sshTCPPort = ($q->param ('sshTCPPort') || '22'); + my $ftplogin = ($q->param ('FTPPasswordLogin') || 'private'); + my $ftpaccess = ($q->param ('FTPAccess') || 'off'); + my $vpnSessions = ($q->param ('vpnSessions') || '0'); +# my $serialConsole = ($q->param ('serialConsole') || 'disabled'); + + #------------------------------------------------------------ + # Looks good; go ahead and change the access. + #------------------------------------------------------------ + + my $rec = $db->get('telnet'); + if($rec) + { + if ($access eq "off") + { + $rec->set_prop('status','disabled'); + } + else + { + $rec->set_prop('status','enabled'); + $rec->set_prop('access', $access); + } + } + + $rec = $db->get('sshd') || $db->new_record('sshd', {type => 'service'}); + $rec->set_prop('TCPPort', $sshTCPPort); + $rec->set_prop('status', ($sshaccess eq "off" ? 'disabled' : 'enabled')); + $rec->set_prop('access', $sshaccess); + $rec->set_prop('PermitRootLogin', $sshPermitRootLogin); + $rec->set_prop('PasswordAuthentication', $sshPasswordAuthentication); + + + $rec = $db->get('ftp'); + if($rec) + { + if ($ftpaccess eq "off") + { + $rec->set_prop('status', 'disabled'); + $rec->set_prop('access', 'private'); + $rec->set_prop('LoginAccess', 'private'); + } + elsif ($ftpaccess eq "normal") + { + $rec->set_prop('status', 'enabled'); + $rec->set_prop('access', 'public'); + $rec->set_prop('LoginAccess', $ftplogin); + } + else + { + $rec->set_prop('status', 'enabled'); + $rec->set_prop('access', 'private'); + $rec->set_prop('LoginAccess', $ftplogin); + } + } + + if ($vpnSessions == 0) + { + $db->get('vpn')->set_prop('sessions', $vpnSessions); + $db->get('vpn')->set_prop('status', 'disabled'); + } + else + { + $db->get('vpn')->set_prop('status', 'enabled'); + $db->get('vpn')->set_prop('sessions', $vpnSessions); + } + + +# REMOVED by markk, May 16 2005 - see DPAR MN00084537 +# $rec = $db->get('serial-console'); +# unless($rec) +# { +# $rec = $db->new_record('serial-console', {type=>'service'}); +# } + +# if ($serialConsole eq 'disabled') +# { +# $rec->set_prop('status', 'disabled'); +# } +# else +# { +# $rec->set_prop('status', 'enabled'); +# $rec->set_prop('Device', $serialConsole); +# } + + $self->cgi->param(-name=>'wherenext', -value=>'First'); + + unless ($self->add_new_valid_from) + { + return ''; + } + + unless ($self->remove_valid_from) + { + return ''; + } + + # reset ipsec roadwarrior CA,server,client certificates + if ($q->param('ipsecrwReset')) { + system('/sbin/e-smith/roadwarrior', 'reset_certs') == 0 + or die "Error occurred while resetting ipsec certificates.\n"; + $q->param(-name=>'ipsecrwReset', -value=>''); + } + $self->set_ipsecrw_sessions; + + unless ( system( "/sbin/e-smith/signal-event", "remoteaccess-update" ) == 0 ) + { + $self->error('ERROR_UPDATING_CONFIGURATION'); + return undef; + } + + $self->success('SUCCESS'); +} + +sub get_ipsecrw_sessions +{ + my $status = $db->get('ipsec')->prop('RoadWarriorStatus'); + if (defined($status) && ($status eq 'enabled')) { + return($db->get('ipsec')->prop('RoadWarriorSessions') || '0'); + } + else { + return('0'); + } +} + +sub show_ipsecrw_section +{ + my $self = shift; + my $q = $self->cgi; + + # Don't show ipsecrw setting unless the status property exists + return $self->localise('DESC_IPSEC_VPN_UNAVAILABLE') unless ($db->get('ipsec') + && $db->get('ipsec')->prop('RoadWarriorStatus')); + + print $q->Tr( + $q->td( {-colspan => 2}, + $q->p( + $q->table( + $q->Tr( + $q->td({-colspan => 2, -class => "sme-noborders"}, + $self->localise('DESC_IPSECRW'))), + $q->Tr( + $q->td({-class => "sme-noborders-label"}, + $self->localise('LABEL_IPSECRW_SESS')), + $q->td({-class => "sme-noborders-content"}, + $q->textfield(-name => 'ipsecrwSessions', + -value => get_ipsecrw_sessions(), + -size => '3'))), + $q->Tr( + $q->td({-colspan => 2, -class => "sme-noborders"}, + $self->localise('DESC_IPSECRW_RESET'))), + $q->Tr( + $q->td({-class => "sme-noborders-label"}, + $self->localise('LABEL_IPSECRW_RESET')), + $q->td({-class => "sme-noborders-content"}, + $q->checkbox(-name => 'ipsecrwReset', -label => ''))), + ) + ) + ) + ); + + return ''; +} + +sub set_ipsecrw_sessions +{ + my $self = shift; + my $q = $self->cgi; + my $sessions = $q->param('ipsecrwSessions'); + if (defined $sessions) + { + $db->get('ipsec')->set_prop('RoadWarriorSessions', $sessions); + if (int($sessions) > 0) { + $db->get('ipsec')->set_prop('RoadWarriorStatus', 'enabled'); + } + } + return ''; +} + +1; + + diff --git a/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/review.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/review.pm new file mode 100755 index 0000000..8836f98 --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/review.pm @@ -0,0 +1,412 @@ +# +# $Id: review.pm,v 1.16 2003/06/02 20:50:49 charlieb Exp $ +# + +package esmith::FormMagick::Panel::review; + +use strict; +use esmith::DomainsDB; +use esmith::ConfigDB; +use esmith::NetworksDB; +use esmith::FormMagick; +use esmith::util; +use File::Basename; +use Exporter; +use Carp; + +our @ISA = qw(esmith::FormMagick Exporter); + +our @EXPORT = qw( print_row print_page print_header gen_email_addresses get_local_domain + gen_domains get_local_networks print_serveronly_stanza + print_gateway_stanza print_dhcp_stanza + get_value get_prop get_net_prop + +); + + + +our $VERSION = sprintf '%d.%03d', q$Revision: 1.16 $ =~ /: (\d+).(\d+)/; + +our $db = esmith::ConfigDB->open || die "Couldn't open config db"; +our $domains = esmith::DomainsDB->open || die "Couldn't open domains"; +our $networks = esmith::NetworksDB->open || die "Couldn't open networks"; + + +=pod + +=head1 NAME + +esmith::FormMagick::Panels::review - useful panel functions + +=head1 SYNOPSIS + + use esmith::FormMagick::Panels::review; + + my $panel = esmith::FormMagick::Panel::review->new(); + $panel->display(); + +=head1 DESCRIPTION + +=cut + +# {{{ new + +=head2 new(); + +Exactly as for esmith::FormMagick + +=begin testing + +$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf"; +$ENV{ESMITH_NETWORKS_DB} = "10e-smith-base/networks.conf"; +$ENV{ESMITH_DOMAINS_DB} = "10e-smith-base/domains.conf"; + +use_ok('esmith::FormMagick::Panel::review'); +use vars qw($panel); +ok($panel = esmith::FormMagick::Panel::review->new(), "Create panel object"); +isa_ok($panel, 'esmith::FormMagick::Panel::review'); + +=end testing + +=cut + + + +sub new { + shift; + my $self = esmith::FormMagick->new(); + $self->{calling_package} = (caller)[0]; + bless $self; + return $self; +} + +# }}} + +=head2 get_prop ITEM PROP + +A simple accessor for esmith::ConfigDB::Record::prop + +=cut + +sub get_prop { + my $fm = shift if (ref($_[0]) ); # If we're being called in a formmagick context + # The first argument will always be a fm. + #otherwise, we don't want to grab it + my $item = shift; + my $prop = shift; + + my $record = $db->get($item); + if ($record) { + return $record->prop($prop); + } + else { + return ''; + } + +} + +=head2 get_net_prop ITEM PROP $fm $item $prop + +A simple accessor for esmith::NetworksDB::Record::prop + +=cut + +sub get_net_prop { + my $fm = shift; + my $item = shift; + my $prop = shift; + + my $record = $networks->get($item); + if ($record) { + return $record->prop($prop); + } + else { + return ''; + } + +} + +=head2 get_value ITEM + +A simple accessor for esmith::ConfigDB::Record::value + +=cut + +sub get_value { + my $fm = shift; + my $item = shift; + my $record = $db->get($item); + if ($record) { + return $record->value(); + } + else { + return ''; + } + +} + + + +=head2 print_header FORMMAGICK HEADER + + Prints an arbitrary "header" (h2) in the context of the form + +=cut + + +sub print_header { + my ($fm, $word) = @_; + my $q = $fm->{cgi}; +# print $q->Tr(esmith::cgi::genDoubleCell($q, $q->h3($fm->localise($word)),"normal")); + $word = $fm->localise($word); + print qq(

$word

),"\n"; + return undef; + +} + + +=head2 print_row FORMMAGICK LABEL VALUE + + Prints a row LABELVALUE in the context of the form. + LABEL is localized. VALUE is not. + +=cut + + +sub print_row { + my $self = shift; + my ($label, $value) = @_; + $label = $self->localise($label); + print qq($label$value),"\n"; + return undef; +} + +=head2 print_gateway_stanza + +If this system is a server gateway, show the external ip and gateway ip + +=cut + +sub print_gateway_stanza +{ + my $fm = shift; + if (get_value($fm,'SystemMode') =~ /servergateway/) + { + my $ip = get_value($fm,'ExternalIP'); + my $static = + (get_value($fm, 'AccessType') eq 'dedicated') && + (get_value($fm, 'ExternalDHCP') eq 'off') && + (get_prop($fm, 'pppoe', 'status') eq 'disabled'); + if ($static) + { + $ip .= "/".get_value($fm,'ExternalNetmask'); + } + print_row($fm, 'EXTERNAL_IP_ADDRESS_SUBNET_MASK', $ip); + if ($static) + { + print_row($fm, 'GATEWAY', get_value($fm,'GatewayIP') ); + } + } +} +=head2 print_serveronly_stanza + +If this system is a standalone server with net access, show the external +gateway IP + +=cut + +sub print_serveronly_stanza { + my $fm = shift; + if ( (get_value($fm,'SystemMode') eq 'serveronly') && + get_value($fm,'AccessType') && + (get_value($fm,'AccessType') ne "off")) { + print_row($fm, 'GATEWAY', get_value($fm,'GatewayIP') ); + } + +} + +=head2 print_dhcp_stanza + +Prints out the current state of dhcp service + + +=cut + +sub print_dhcp_stanza { + my $fm = shift; + print_row($fm,'DHCP_SERVER', (get_prop($fm,'dhcpd','status') || 'disabled' )); + + if (get_prop($fm,'dhcpd', 'status') eq 'enabled') { + print_row($fm, 'BEGINNING_OF_DHCP_ADDRESS_RANGE', + get_prop($fm,'dhcpd','start') || '' ); + print_row($fm,'END_OF_DHCP_ADDRESS_RANGE', + get_prop($fm,'dhcpd','end') || '' ); + } +} + +=head2 gen_domains + + Returns a string of the domains this SME Server serves or a localized string + saying "no domains defined" + +=cut + +sub gen_domains { + my $fm = shift; + + my @virtual = $domains->get_all_by_prop( type => 'domain'); + my $numvirtual = @virtual; + if ($numvirtual == 0) { + $fm->localise("NO_VIRTUAL_DOMAINS"); + } + else { + my $out = ""; + my $domain; + foreach $domain (sort @virtual) { + if ($out ne "") { + $out .= "
"; + } + $out .= $domain->key; + } + return $out; + } +} + +=head2 gen_email_addresses + + Returns a string of the various forms of email addresses that work + on an SMEServer + +=cut + +sub gen_email_addresses { + my $fm = shift; + + my $domain = get_value($fm,'DomainName'); + my $useraccount = $fm->localise("EMAIL_USERACCOUNT"); + my $firstname = $fm->localise("EMAIL_FIRSTNAME"); + my $lastname = $fm->localise("EMAIL_LASTNAME"); + + my $out = "" . $useraccount . "\@" . $domain . "
" + . "" . $firstname . "." . $lastname . "\@" . $domain . "
" + . "" . $firstname . "_" . $lastname . "\@" . $domain . "
"; + + return $out; +} + +=head2 get_local_networks + +Return a
delimited string of all the networks this SMEServer is +serving. + +=cut + +sub get_local_networks { + my $fm = shift; + + my @nets = $networks->get_all_by_prop('type' => 'network'); + + my $numNetworks = @nets; + if ($numNetworks == 0) { + return $fm->localise('NO_NETWORKS'); + } + else { + my $out = ""; + foreach my $network (sort @nets) { + if ($out ne "") { + $out .= "
"; + } + + $out .= $network->key."/" . get_net_prop($fm, $network->key, 'Mask'); + + if ( defined get_net_prop($fm, $network->key, 'Router') ) { + $out .= " via " . get_net_prop ($fm, $network->key, 'Router'); + } + } + return $out; + } + +} + + +=head2 get_local_domain + +Get the local domain name + +=cut + +sub get_local_domain +{ + return (get_value('','DomainName')); +} + +=head2 get_public_ip_address + +Get the public IP address, if it is set. Note that this will only be set +for ServiceLink customers. + +=cut + +sub get_public_ip_address +{ + my $self = shift; + my $sysconfig = $db->get('sysconfig'); + if ($sysconfig) + { + my $publicIP = $sysconfig->prop('PublicIP'); + if ($publicIP) + { + return $publicIP; + } + } + return undef; +} + +=head2 print_page + +output the whole page we want to show + +=cut + +sub print_page { + my $self = shift; + + print ""; + print_header($self,'NETWORKING_PARAMS' ); + print_row($self,'SERVER_MODE', (get_value($self,'SystemMode' )|| '') ); + print_row($self,'LOCAL_IP_ADDRESS_SUBNET_MASK', get_value($self,'LocalIP').'/'.get_value($self,'LocalNetmask') ); + my $publicIP = $self->get_public_ip_address; + if ($publicIP) + { + $self->print_row('INTERNET_VISIBLE_ADDRESS', $publicIP); + } + + print_gateway_stanza($self); + print_serveronly_stanza($self); + print_row($self,'ADDITIONAL_LOCAL_NETWORKS', get_local_networks($self) ); + print_dhcp_stanza($self); + + print_header($self, 'SERVER_NAMES' ); + print_row($self,'DNS_SERVER', get_value('','LocalIP') ); + print_row($self,'WEB_SERVER', 'www.'.get_local_domain() ); + + my $port = $db->get_prop("squid", "TransparentPort") || 3128; + print_row($self,'PROXY_SERVER', 'proxy.'.get_local_domain().":$port" ); + + print_row($self,'FTP_SERVER', 'ftp.'.get_local_domain() ); + print_row($self,'SMTP_POP_AND_IMAP_MAIL_SERVERS', 'mail.'.get_local_domain() ); + + print_header($self,'DOMAIN_INFORMATION' ); + print_row($self,'PRIMARY_DOMAIN', get_value('','DomainName') ); + print_row($self,'VIRTUAL_DOMAINS', gen_domains($self)); + print_row($self,'PRIMARY_WEB_SITE', 'http://www.'.get_value('','DomainName') ); + print_row($self,'MITEL_NETWORKS_SME_SERVER_MANAGER', + 'https://'. (get_value('','SystemName') || 'localhost').'/server-manager/' ); + print_row($self,'MITEL_NETWORKS_SME_SERVER_USER_PASSWORD_PANEL', + 'https://'. (get_value($self,'SystemName') || 'localhost').'/user-password/' ); + print_row($self,'EMAIL_ADDRESSES', gen_email_addresses($self) ); + print "
"; +} + +1; + diff --git a/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm new file mode 100755 index 0000000..06ca5a3 --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm @@ -0,0 +1,1285 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# $Id: useraccounts.pm,v 1.108 2004/11/11 20:05:56 charlieb Exp $ +#---------------------------------------------------------------------- +# copyright (C) 1999-2006 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- +package esmith::FormMagick::Panel::useraccounts; + +use strict; + +use esmith::FormMagick; +use esmith::AccountsDB; +use esmith::ConfigDB; +use esmith::cgi; +use esmith::util; +use File::Basename; +use Exporter; +use Carp qw(verbose); + +our @ISA = qw(esmith::FormMagick Exporter); + +our @EXPORT = qw( + print_user_table + print_acctName_field + print_groupMemberships_field + print_page_description + get_ldap_value + username_clash + pseudonym_clash + handle_user_accounts + modify_admin + emailforward + verifyPasswords + lock_account + remove_account + reset_password + check_password + print_save_or_add_button + get_vpn_value + print_ipsec_client_section + get_prop + + system_password_compare + system_valid_password + system_change_password + system_check_password + system_authenticate_password +); + +our $VERSION = sprintf '%d.%03d', q$Revision: 1.108 $ =~ /: (\d+).(\d+)/; + +our $accountdb = esmith::AccountsDB->open(); +our $configdb = esmith::ConfigDB->open(); + +=pod + +=head1 NAME + +esmith::FormMagick::Panels::useraccounts - useful panel functions + +=head1 SYNOPSIS + +use esmith::FormMagick::Panels::useraccount; + +my $panel = esmith::FormMagick::Panel::useraccount->new(); +$panel->display(); + +=head1 DESCRIPTION + + +=head2 new(); + +Exactly as for esmith::FormMagick + +=begin testing + +$ENV{ESMITH_ACCOUNT_DB} = "10e-smith-base/accounts.conf"; +$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf"; + +open DATA, "echo '
'|"; +use_ok('esmith::FormMagick::Panel::useraccounts'); +use vars qw($panel); +ok($panel = esmith::FormMagick::Panel::useraccounts->new(), +"Create panel object"); +close DATA; +isa_ok($panel, 'esmith::FormMagick::Panel::useraccounts'); +$panel->{cgi} = CGI->new(); +$panel->parse_xml(); + +{ package esmith::FormMagick::Panel::useraccounts; +our $accountdb; +::isa_ok($accountdb, 'esmith::AccountsDB'); +} + +=end testing + +=cut + +sub new { + shift; + my $self = esmith::FormMagick->new(); + $self->{calling_package} = (caller)[0]; + bless $self; + return $self; +} + +=head1 HTML GENERATION ROUTINES + +Routines for generating chunks of HTML needed by the panel. + +=head2 print_user_table + +Prints out the user table on the front page. + +=for testing +$panel->print_user_table; +like($_STDOUT_, qr/bart/, "Found usernames in user table output"); +like($_STDOUT_, qr/ff0000/, "Found red 'reset password' output"); + +=cut + +sub print_user_table { + my $self = shift; + my $q = $self->{cgi}; + my $account = $self->localise('ACCOUNT'); + my $acctName = $self->localise('USER_NAME'); + + my $modify = $self->localise('MODIFY'); + my $resetpw = $self->localise('PASSWORD_RESET'); + my $lock = $self->localise('LOCK_ACCOUNT'); + my $account_locked = $self->localise('ACCOUNT_LOCKED'); + my $remove = $self->localise('REMOVE'); + + my @users = $accountdb->get('admin'); + push @users, $accountdb->users(); + + unless ( scalar @users ) + { + print $q->Tr($q->td($self->localise('NO_USER_ACCOUNTS'))); + return ""; + } + print " \n \n "; + print $q->start_table ({-CLASS => "sme-border"}),"\n "; + print $q->Tr( + esmith::cgi::genSmallCell($q, $self->localise($account),"header"), + esmith::cgi::genSmallCell($q, $self->localise($acctName),"header"), + esmith::cgi::genSmallCell($q, $self->localise('VPN_CLIENT_ACCESS'), "header"), + esmith::cgi::genSmallCell($q, $self->localise('FORWARDING_ADDRESS'), "header"), + esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4)); + + my $scriptname = basename($0); + my $index=0; + + foreach my $u (@users) { + my $username = $u->key(); + my $first = $u->prop('FirstName'); + my $last = $u->prop('LastName'); + my $lockable = $u->prop('Lockable') || 'yes'; + my $removable = $u->prop('Removable') || 'yes'; + my $fwd = (($u->prop('EmailForward') || 'local') =~ m/^forward|both$/) ? + $u->prop('ForwardAddress') : ''; + my $vpnaccess = $u->prop('VPNClientAccess') || 'no'; + $vpnaccess = $vpnaccess eq 'yes' ? $self->localise('YES') : + $self->localise('NO'); + + my $params = $self->build_user_cgi_params($username, $u->props()); + + my $password_set = $u->prop('PasswordSet'); + + my $pagenum = ($username eq "admin") ? $self->get_page_by_name('SystemPasswordDummy') + : $self->get_page_by_name('ResetPasswordDummy'); + + # make normal links + my $lock_url = ($password_set eq 'yes') ? + qq($lock) : + qq($account_locked); + + $lock_url = "" unless ($lockable eq "yes"); + + my $where_next = ($username eq "admin") ? "ModifyAdmin" : "CreateModify"; + my $action1 = "$modify"; + + my $action2 = "$resetpw"; + + unless ($password_set eq 'yes') + { + $action2 = "" . $action2 . ""; + } + + my $action3 = ($removable eq "yes") ? "$remove" : ''; + + print $q->Tr(esmith::cgi::genSmallCell($q, $username,"normal")," ", + esmith::cgi::genSmallCell($q, "$first $last","normal")," ", + esmith::cgi::genSmallCell($q, $vpnaccess), + esmith::cgi::genSmallCell($q, $fwd), + esmith::cgi::genSmallCell($q, "$action1","normal")," ", + esmith::cgi::genSmallCell($q, "$action2","normal")," ", + esmith::cgi::genSmallCell($q, "$lock_url","normal")," ", + esmith::cgi::genSmallCell($q, "$action3","normal")); + + $index++; + } + + print qq(\n); + + return ""; +} + +=head2 print_acctName_field + +This subroutine is used to generate the Account name field on the form in +the case of "create user", or to make it a plain uneditable string in the case +of "modify user". + +=begin testing + +my $self = esmith::FormMagick::Panel::useraccounts->new(); +$self->{cgi} = CGI->new(""); +print_acctName_field($self); +like($_STDOUT_, qr/text.*acctName/, "print text field if acctName not set"); +like($_STDOUT_, qr/create/, "action=create if acctName not set"); +$self->{cgi}->param(-name => 'acctName', -value => 'foo'); +$self->{cgi}->param(-name => 'action', -value => 'modify'); +print_acctName_field($self); +like($_STDOUT_, qr/hidden.*acctName/, "print hidden field if acctName is set"); +like($_STDOUT_, qr/modify/, "action=modify if acctName already set"); + +=end testing + +=cut + +sub print_acctName_field { + my $self = shift; + my $cgi = $self->{cgi}; + my $an = $cgi->param('acctName') || ''; + print qq() . $self->localise('ACCOUNT_NAME') . qq(\n); + my $action = $cgi->param('action') || ''; + if ( $action eq 'modify') { + print qq( + $an + + + + ); + # if there's no CGI data, fill in the fields with the account db + # data for this user + my $rec = $accountdb->get($an); + my $fn = $cgi->param('FirstName') ? + $cgi->param('FirstName') : + ($rec ? ($rec->prop('FirstName')) : ''); + my $ln = $cgi->param('LastName') ? + $cgi->param('LastName') : + ($rec ? ($rec->prop('LastName')) : ''); + my $dept = $cgi->param('Dept') ? + $cgi->param('Dept') : + ($rec ? ($rec->prop('Dept')) : ''); + my $company = $cgi->param('Company') ? + $cgi->param('Company') : + ($rec ? ($rec->prop('Company')) : ''); + my $street = $cgi->param('Street') ? + $cgi->param('Street') : + ($rec ? ($rec->prop('Street')) : ''); + my $city = $cgi->param('City') ? + $cgi->param('City') : + ($rec ? ($rec->prop('City')) : ''); + my $phone = $cgi->param('Phone') ? + $cgi->param('Phone') : + ($rec ? ($rec->prop('Phone')) : ''); + my $emf = $cgi->param('EmailForward') ? + $cgi->param('EmailForward') : + ($rec ? ($rec->prop('EmailForward')) : 'local'); + my $fwd = $cgi->param('ForwardAddress') ? + $cgi->param('ForwardAddress') : + ($rec ? ($rec->prop('ForwardAddress')) : ''); + my $vpn = $cgi->param('VPNClientAccess') ? + $cgi->param('VPNClientAccess') : + ($rec ? ($rec->prop('VPNClientAccess')) : get_vpn_value() ); + # now that we're down with the 411, let's set the values + $cgi->param(-name=>'FirstName', -value=>$fn); + $cgi->param(-name=>'LastName', -value=>$ln); + $cgi->param(-name=>'Dept', -value=>$dept); + $cgi->param(-name=>'Company', -value=>$company); + $cgi->param(-name=>'Street', -value=>$street); + $cgi->param(-name=>'City', -value=>$city); + $cgi->param(-name=>'Phone', -value=>$phone); + $cgi->param(-name=>'EmailForward', -value=>$emf); + $cgi->param(-name=>'ForwardAddress', -value=>$fwd); + $cgi->param(-name=>'VPNClientAccess', -value=>$vpn); + } else { + print qq( + + + + ); + } + + print qq(\n); + return undef; + +} + +=head2 print_groupMemberships_field() + +Builds a list of groups for the create/modify user screen. + +=begin testing + +my $self = esmith::FormMagick::Panel::useraccounts->new(); +$self->{cgi} = CGI->new(""); +$self->print_groupMemberships_field(); +like($_STDOUT_, qr/simpsons/, "Found simpsons in group list"); +like($_STDOUT_, qr/flanders/, "Found flanders in group list"); +$self->{cgi}->param(-name => 'acctName', -value => 'rod'); +$self->print_groupMemberships_field(); +like($_STDOUT_, qr/checked value="flanders"/, "Checked flanders group for user rod"); + +=end testing + +=cut + +sub print_groupMemberships_field { + my ($self) = @_; + my $q = $self->{cgi}; + my $user = $q->param('acctName'); + + if (my @groups = $accountdb->groups()) { + + print "", + $self->localise('GROUP_MEMBERSHIPS'), + "\n"; + + print $q->start_table({-class => "sme-border"}),"\n"; + print $q->Tr( + esmith::cgi::genSmallCell($q, $self->localise('MEMBER'),"header"), + esmith::cgi::genSmallCell($q, $self->localise('GROUP'),"header"), + esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header") + ); + + foreach my $g (@groups) { + my $groupname = $g->key(); + my $checked; + if ($user and $accountdb->is_user_in_group($user, $groupname)) { + $checked = 'checked'; + } else { + $checked = ''; + } + + print $q->Tr( + $q->td( + "" + ), + esmith::cgi::genSmallCell($q, $groupname,"normal"), + esmith::cgi::genSmallCell( $q, $accountdb->get($groupname)->prop("Description"),"normal") + ); + } + + print "\n"; + + } + + return undef; + +} + +=head2 print_page_description($self, "reset|lock|remove") + +Generates the page description for the the somewhat similar Reset +Password, Lock Account and Remove Account pages. + +=begin testing + +my $self = esmith::FormMagick::Panel::useraccounts->new(); +$self->{cgi} = CGI->new({ acctName => 'bart' }); +print_page_description($self, "reset"); +like($_STDOUT_, qr/bart/, "print_page_description prints username"); +like($_STDOUT_, qr/Bart Simpson/, "print_page_description prints name"); +like($_STDOUT_, qr/RESET_DESC/, "print_page_description prints description"); + +=end testing + +=cut + +sub print_page_description { + my ($self, $pagename) = @_; + unless (grep /^$pagename$/, qw(reset lock remove)) { + warn "Can't generate page description for invalid pagename $pagename\n"; + return; + } + + $pagename = uc($pagename); + + my $desc = $self->localise("${pagename}_DESC"); + my $desc2 = $self->localise("${pagename}_DESC2"); + + my $acctName = $self->{cgi}->param('acctName'); + my $name = $accountdb->get($acctName)->prop('FirstName') . " " + . $accountdb->get($acctName)->prop('LastName'); + + print qq{ + +

$desc "$acctName" ($name)

+ $desc2 + + + }; + + return; +} + +=head1 ROUTINES FOR FILLING IN FIELD DEFAULT VALUES + +=head2 get_ldap_value($field) + +This subroutine generates the default field value on the form using the +parameter specified. + +In this case, the default field values come from LDAP/directory +settings. + +If a CGI parameter has been passed that contains an account name, we +assume that a value has already been set, as we're modifying a user, and +use that value instead of a default. + +=for testing +my $self = esmith::FormMagick::Panel::useraccounts->new(); +$self->{cgi} = CGI->new(""); +is(get_ldap_value($self, "Dept"), "Main", "Pick up default value from LDAP"); +$self->{cgi} = CGI->new({ acctName => 'bart' }); +is(get_ldap_value($self, "Dept"), undef, "Don't pick up LDAP data if username provided"); + +=cut + +sub get_ldap_value { + my ($self, $field) = @_; + + # don't do the lookup if this is a modification of an existing user + if ($self->{cgi}->param('acctName')) { + return $self->{cgi}->param($field); + } + + my %CGIParam2DBfield = ( + Dept => 'defaultDepartment', + Company => 'defaultCompany', + Street => 'defaultStreet', + City => 'defaultCity', + Phone => 'defaultPhoneNumber' + ); + + return $configdb->get('ldap')->prop($CGIParam2DBfield{$field}); +} + +=head2 get_vpn_value() + +Routine to display default value for VPN + +=cut + +sub get_vpn_value +{ + my $vpn = $configdb->get('vpn') || return 'no'; + return $configdb->get('vpn')->prop('AccessDefault') || 'no'; +} + +=head1 VALIDATION ROUTINES + +=head2 pseudonym_clash + +Validation routine to check whether a the first/last names clash with +existing pseudonyms. + +Note that it won't be considered a "clash" if there is an existing +pseudonym which belongs to the same user -- it's only a clash if the +generated pseudonyms are the same but the usernames aren't. + +=begin testing + +my $self = esmith::FormMagick::Panel::useraccounts->new(); + +$self->{cgi} = CGI->new({ + acctName => 'skud', + FirstName => 'Kirrily', + LastName => 'Robert' +}); + +is (pseudonym_clash($self, 'Kirrily'), "OK", "New name doesn't clash pseudonyms"); + +$self->{cgi} = CGI->new({ + acctName => 'bart2', + FirstName => 'Bart', + LastName => 'Simpson' +}); + +isnt(pseudonym_clash($self, 'Bart'), "OK", "Existing pseudonym with non-matching username causes clash"); + +$self->{cgi} = CGI->new({ + acctName => 'bart', + FirstName => 'Bart', + LastName => 'Simpson' +}); + +is(pseudonym_clash($self, 'Bart'), "OK", "Existing pseudonym with matching username shouldn't clash"); + +=end testing + +=cut + +sub pseudonym_clash { + my ($self, $first) = @_; + $first ||= ""; + my $last = $self->{cgi}->param('LastName') || ""; + my $acctName = $self->{cgi}->param('acctName') || ""; + + my $up = "$first $last"; + + $up =~ s/^\s+//; + $up =~ s/\s+$//; + $up =~ s/\s+/ /g; + $up =~ s/\s/_/g; + + my $dp = $up; + $dp =~ s/_/./g; + + $dp = $accountdb->get($dp); + $up = $accountdb->get($up); + + my $da = $dp->prop('Account') if $dp; + my $ua = $up->prop('Account') if $up; + if ($dp and $da and $da ne $acctName) + { + return $self->localise('PSEUDONYM_CLASH', + { + acctName => $acctName, + clashName => $da, + pseudonym => $dp->key + }); + } + elsif ($up and $ua and $ua ne $acctName) + { + return $self->localise('PSEUDONYM_CLASH', + { + acctName => $acctName, + clashName => $ua, + pseudonym => $up->key + }); + } + else + { + return "OK"; + } +} + +=head2 emailforward() + +Validation routine for email forwarding + +=cut + +sub emailforward { + my ($self, $data) = @_; + my $response = $self->email_simple($data); + if ($response eq "OK") + { + return "OK"; + } + elsif ($data eq "") + { + # Blank is ok, only if we're not forwarding, which means that the + # EmailForward param must be set to 'local'. + my $email_forward = $self->{cgi}->param('EmailForward') || ''; + $email_forward =~ s/^\s+|\s+$//g; + return 'OK' if $email_forward eq 'local'; + return $self->localise('CANNOT_CONTAIN_WHITESPACE'); + } + else + { + return $self->localise('CANNOT_CONTAIN_WHITESPACE') + if ( $data =~ /\s+/ ); + # Permit a local address. + return "OK" if $data =~ /^[a-zA-Z][a-zA-Z0-9\._\-]*$/; + return $self->localise('UNACCEPTABLE_CHARS'); + } +} + +=head2 verifyPasswords() + +Returns an error message if the two new passwords input don't match. + +=cut + +sub verifyPasswords { + my $self = shift; + my $pass2 = shift; + + my $pass1 = $self->{cgi}->param('password1'); + unless ($pass1 eq $pass2) { + $self->{cgi}->param( -name => 'wherenext', -value => 'Password' ); + return "PASSWORD_VERIFY_ERROR"; + } + return "OK"; +} + +=head1 CREATING AND MODIFYING USERS + +=head2 handle_user_accounts() + +This is the routine called by the "Save" button on the create/modify page. +It checks the "action" param and calls either create_user() or modify_user() +as appropriate. + +=cut + +sub handle_user_accounts { + my ($self) = @_; + + my $cgi = $self->{cgi}; + + if ($cgi->param("action") eq "create") { + my $msg = create_user($self); + if ($msg eq 'USER_CREATED') + { + $self->success($msg); + } + else + { + $self->error($msg); + } + } + else { + modify_user($self); + $self->success('USER_MODIFIED'); + } +} + +=head2 print_save_or_add_button() + +=cut + +sub print_save_or_add_button { + + my ($self) = @_; + + my $cgi = $self->{cgi}; + + if (($cgi->param("action") || '') eq "modify") { + $self->print_button("SAVE"); + } else { + $self->print_button("ADD"); + } + +} + +=head2 modify_admin($self) + +=cut + +sub modify_admin +{ + my ($self) = @_; + + my $acct = $accountdb->get('admin'); + + my %newProperties = ( + 'FirstName' => $self->{cgi}->param('FirstName'), + 'LastName' => $self->{cgi}->param('LastName'), + 'EmailForward' => $self->{cgi}->param('EmailForward'), + 'ForwardAddress' => $self->{cgi}->param('ForwardAddress'), + 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'), + ); + + $acct->merge_props(%newProperties); + + undef $accountdb; + + my $status = + system ("/sbin/e-smith/signal-event", "user-modify-admin", 'admin'); + + $accountdb = esmith::AccountsDB->open(); + + if ($status == 0) + { + $self->success('USER_MODIFIED', 'First'); + } + else + { + $self->error('CANNOT_MODIFY_USER', 'First'); + } + return; +} + +=head2 modify_user($self) + +=cut + +sub modify_user { + my ($self) = @_; + my $acctName = $self->{cgi}->param('acctName'); + + unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]*)$/)) { + return $self->error($self->localise('TAINTED_USER', + { acctName => $acctName })); + } + # Untaint the username before use in system() + $acctName = $1; + + my $acct = $accountdb->get($acctName); + my $acctType = $acct->prop('type'); + + if ($acctType eq "user") + { + $accountdb->remove_user_auto_pseudonyms($acctName); + my %newProperties = ( + 'FirstName' => $self->{cgi}->param('FirstName'), + 'LastName' => $self->{cgi}->param('LastName'), + 'Phone' => $self->{cgi}->param('Phone'), + 'Company' => $self->{cgi}->param('Company'), + 'Dept' => $self->{cgi}->param('Dept'), + 'City' => $self->{cgi}->param('City'), + 'Street' => $self->{cgi}->param('Street'), + 'EmailForward' => $self->{cgi}->param('EmailForward'), + 'ForwardAddress' => $self->{cgi}->param('ForwardAddress'), + # 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'), + ); + $newProperties{'VPNClientAccess'} = $self->{cgi}->param('VPNClientAccess') if defined $self->{cgi}->param('VPNClientAccess'); + + $acct->merge_props(%newProperties); + + $accountdb->create_user_auto_pseudonyms($acctName); + + my @old_groups = $accountdb->user_group_list($acctName); + my @new_groups = $self->{cgi}->param("groupMemberships"); + $accountdb->remove_user_from_groups($acctName, @old_groups); + $accountdb->add_user_to_groups($acctName, @new_groups); + + undef $accountdb; + + unless (system ("/sbin/e-smith/signal-event", "user-modify", + $acctName) == 0) { + $accountdb = esmith::AccountsDB->open(); + return $self->error('CANNOT_MODIFY_USER'); + } + $accountdb = esmith::AccountsDB->open(); + } + $self->success('USER_MODIFIED'); +} + +=head2 create_user + +Adds a user to the accounts db. + +=cut + +sub create_user { + my $self = shift; + my $q = $self->{cgi}; + + my $acctName = $q->param('acctName'); + + my $msg = $self->validate_acctName($acctName); + unless ($msg eq "OK") + { + return $msg; + } + + $msg = $self->validate_acctName_length($acctName); + unless ($msg eq "OK") + { + return $msg; + } + + $msg = $self->validate_acctName_conflict($acctName); + unless ($msg eq "OK") + { + return $msg; + } + + my %userprops; + foreach my $field ( qw( FirstName LastName Phone Company Dept + City Street EmailForward ForwardAddress VPNClientAccess) ) + { + $userprops{$field} = $q->param($field); + } + $userprops{'PasswordSet'} = "no"; + $userprops{'type'} = 'user'; + + my $acct = $accountdb->new_record($acctName) + or warn "Can't create new account for $acctName (does it already exist?)\n"; + $acct->reset_props(%userprops); + $accountdb->create_user_auto_pseudonyms($acctName); + my @groups = $self->{cgi}->param("groupMemberships"); + $accountdb->add_user_to_groups($acctName, @groups); + + undef $accountdb; + + # Untaint the username before use in system() + $acctName =~ /^(\w[\-\w_\.]*)$/; + $acctName = $1; + + if (system ("/sbin/e-smith/signal-event", "user-create", $acctName)) + { + $accountdb = esmith::AccountsDB->open(); + return $self->localise("ERR_OCCURRED_CREATING"); + } + + $accountdb = esmith::AccountsDB->open(); + + $self->set_groups(); + return 'USER_CREATED'; +} + +=head2 set_groups + +Sets a user's groups in the accounts db. This is called as part of the +create_user() routine. + +=cut + +sub set_groups +{ + my $self = shift; + my $q = $self->{cgi}; + my $acctName = $q->param('acctName'); + + my @groups = $q->param('groupMemberships'); + $accountdb->set_user_groups($acctName, @groups); + +} + +=head1 REMOVING ACCOUNTS + +=head2 remove_account() + +=cut + +sub remove_account { + my ($self) = @_; + my $acctName = $self->{cgi}->param('acctName'); + + my $acct = $accountdb->get($acctName); + if ($acct->prop('type') eq "user") { + $acct->set_prop('type', "user-deleted"); + + undef $accountdb; + + # Untaint the username before use in system() + $acctName =~ /^(\w[\-\w_\.]*)$/; + $acctName = $1; + if (system ("/sbin/e-smith/signal-event", "user-delete", $acctName)) + { + $accountdb = esmith::AccountsDB->open(); + return $self->error("ERR_OCCURRED_DELETING"); + } + + $accountdb = esmith::AccountsDB->open(); + $accountdb->get($acctName)->delete; + + } else { + # FIXME - this should be handled by input validation + # XXX error message here + } + $self->{cgi}->param(-name => 'wherenext', -value => 'First'); +} + +=head1 RESETTING THE PASSWORD + +=head2 reset_password() + +=cut + +sub reset_password { + my ($self) = @_; + my $acctName = $self->{cgi}->param('acctName'); + + unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]*)$/)) { + return $self->error('TAINTED_USER'); + } + $acctName = $1; + + my $acct = $accountdb->get($acctName); + + if ( $acct->prop('type') eq "user") + { + esmith::util::setUserPassword ($acctName, + $self->{cgi}->param('password1')); + + $acct->set_prop("PasswordSet", "yes"); + undef $accountdb; + + if (system("/sbin/e-smith/signal-event", "password-modify", $acctName)) + { + $accountdb = esmith::AccountsDB->open(); + $self->error("ERR_OCCURRED_MODIFYING_PASSWORD"); + } + $accountdb = esmith::AccountsDB->open(); + + $self->success($self->localise('PASSWORD_CHANGE_SUCCEEDED', + { acctName => $acctName})); + } + else + { + $self->error($self->localise('NO_SUCH_USER', + { acctName => $acctName})); + } +} + +=head1 LOCKING AN ACCOUNT + +=head2 lock_account() + +=cut + +sub lock_account { + my ($self) = @_; + my $acctName = $self->{cgi}->param('acctName'); + my $acct = $accountdb->get($acctName); + if ($acct->prop('type') eq "user") + { + undef $accountdb; + + # Untaint the username before use in system() + $acctName =~ /^(\w[\-\w_\.]*)$/; + $acctName = $1; + if (system("/sbin/e-smith/signal-event", "user-lock", $acctName)) + { + $accountdb = esmith::AccountsDB->open(); + return $self->error("ERR_OCCURRED_LOCKING"); + } + + $accountdb = esmith::AccountsDB->open(); + + $self->success($self->localise('LOCKED_ACCOUNT', + { acctName => $acctName})); + } + else + { + $self->error($self->localise('NO_SUCH_USER', + { acctName => $acctName})); + } +} + + +=head1 MISCELLANEOUS ROUTINES + +=head2 build_user_cgi_params() + +Builds a CGI query string based on user data, using various sensible +defaults and esmith::FormMagick's props_to_query_string() method. + +=cut + +sub build_user_cgi_params { + my ($self, $acctName, %oldprops) = @_; + + my %props = ( + page => 0, + page_stack => "", + ".id" => $self->{cgi}->param('.id') || "", + acctName => $acctName, + #%oldprops + ); + + return $self->props_to_query_string(\%props); +} + +=pod + +=head2 validate_acctName + +Checks that the name supplied does not contain any unacceptable chars. +Returns OK on success or a localised error message otherwise. + +=for testing +is($panel->validate_acctName('foo'), 'OK', 'validate_acctName'); +isnt($panel->validate_acctName('3amigos'), 'OK', ' .. cannot start with number'); +isnt($panel->validate_acctName('betty ford'), 'OK', ' .. cannot contain space'); + +=cut + +sub validate_acctName +{ + my ($self, $acctName) = @_; + + unless ($accountdb->validate_account_name($acctName)) + { + return $self->localise('ACCT_NAME_HAS_INVALID_CHARS', + {acctName => $acctName}); + } + return "OK"; +} + +=head2 validate_account_length FM ACCOUNTNAME + +returns 'OK' if the account name is shorter than the maximum account name length +returns 'ACCOUNT_TOO_LONG' otherwise + +=begin testing + +ok(($panel->validate_acctName_length('foo') eq 'OK'), "a short account name passes"); +ok(($panel->validate_acctName_length('fooooooooooooooooo') eq 'ACCOUNT_TOO_LONG'), "a long account name fails"); + +=end testing + +=cut + +sub validate_acctName_length { + my $self = shift; + my $acctName = shift; + + + my $maxAcctNameLength = ($configdb->get('maxAcctNameLength') + ? $configdb->get('maxAcctNameLength')->prop('type') + : "") || 12; + + if ( length $acctName > $maxAcctNameLength ) { + + return $self->localise('ACCOUNT_TOO_LONG', + {maxLength => $maxAcctNameLength}); + } + else { + return ('OK'); + } +} + +=head2 validate_acctName_conflict + +Returns 'OK' if the account name doesn't yet exist. Returns a localised error +otherwise. + +=cut + +sub validate_acctName_conflict +{ + my $self = shift; + my $acctName = shift; + + my $account = $accountdb->get($acctName); + my $type; + + if (defined $account) + { + $type = $account->prop('type'); + } + elsif (defined getpwnam($acctName) || defined getgrnam($acctName)) + { + $type = "system"; + } + else + { + return('OK'); + } + return $self->localise('ACCOUNT_CONFLICT', + { account => $acctName, + type => $type, +}); +} + +=head2 check_password + +Validates the password using the desired strength + +=cut + +sub check_password { + my $self = shift; + my $pass1 = shift; + + my $check_type; + my $rec = $configdb->get('passwordstrength'); + $check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none'); + + return $self->validate_password($check_type,$pass1); +} + + +=head2 get_prop ITEM PROP + +A simple accessor for esmith::ConfigDB::Record::prop + +=cut + +sub get_prop +{ + my ($fm, $item, $prop, $default) = @_; + + return $configdb->get_prop($item, $prop) || $default; +} + + +=head1 System Password manipulation routines + +XXX FIXME - These should be merged with the useraccouts versions + +=head2 system_password_compare + +=cut + +sub system_password_compare +{ + my $self = shift; + my $pass2 = shift; + + my $pass1 = $self->{cgi}->param('pass'); + unless ($pass1 eq $pass2) { + $self->{cgi}->param( -name => 'wherenext', -value => 'Password' ); + return "SYSTEM_PASSWORD_VERIFY_ERROR"; + } + return "OK"; +} + +=head2 system_valid_password + +Throw an error if the password doesn't consist solely of one or more printable characters. + +=cut + +sub system_valid_password +{ + my $self = shift; + my $pass1 = shift; + # If the password contains one or more printable character + if ($pass1 =~ /^([ -~]+)$/) { + return('OK'); + } else { + $self->{cgi}->param( -name => 'wherenext', -value => 'Password' ); + return 'SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS'; + } +} + +=head2 system_check_password + +Validates the password using the desired strength + +=cut + +sub system_check_password +{ + my $self = shift; + my $pass1 = shift; + + use esmith::ConfigDB; + my $conf = esmith::ConfigDB->open(); + my $check_type; + my $rec; + if ($conf) + { + $rec = $conf->get('passwordstrength'); + } + $check_type = ($rec ? ($rec->prop('Admin') || 'strong') : 'strong'); + + return $self->validate_password($check_type,$pass1); +} + +=head2 authenticate_password + +Compares the password with the current system password + +=cut + +sub system_authenticate_password +{ + my $self = shift; + my $pass = shift; + + if (esmith::util::authenticateUnixPassword( ($configdb->get_value("AdminIsNotRoot") eq 'enabled') ? 'admin' : 'root', $pass)) + { + return "OK"; + } + else + { + return "SYSTEM_PASSWORD_AUTH_ERROR"; + } +} + +=head2 system_change_password + +If everything has been validated, properly, go ahead and set the new password. + +=cut + +sub system_change_password +{ + my ($self) = @_; + my $pass = $self->{cgi}->param('pass'); + + ($configdb->get_value("AdminIsNotRoot") eq 'enabled') ? esmith::util::setUnixPassword('admin',$pass) : esmith::util::setUnixSystemPassword($pass); + esmith::util::setServerSystemPassword($pass); + + my $result = system("/sbin/e-smith/signal-event password-modify admin"); + + if ($result == 0) + { + $self->success('SYSTEM_PASSWORD_CHANGED', 'First'); + } + else + { + $self->error("Error occurred while modifying password for admin.", 'First'); + } + + return; +} + +sub print_ipsec_client_section +{ + my $self = shift; + my $q = $self->cgi; + + # Don't show ipsecrw setting unless the status property exists + return '' unless ($configdb->get('ipsec') + && $configdb->get('ipsec')->prop('RoadWarriorStatus')); + # Don't show ipsecrw setting unless /sbin/e-smith/roadwarrior exists + return '' unless -x '/sbin/e-smith/roadwarrior'; + my $acct = $q->param('acctName'); + my $rec = $accountdb->get($acct) if $acct; + if ($acct and $rec) + { + my $pwset = $rec->prop('PasswordSet') || 'no'; + my $VPNaccess = $rec->prop('VPNClientAccess') || 'no'; + if ($pwset eq 'yes' and $VPNaccess eq 'yes') + { + print $q->Tr( + $q->td({-class=>'sme-noborders-label'}, + $self->localise('LABEL_IPSECRW_DOWNLOAD')), + $q->td({-class=>'sme-noborders-content'}, + $q->a({-class=>'button-like', + -href=>"?action=getCert&user=$acct"}, + $self->localise('DOWNLOAD')))); + } + } + return ''; +} + +sub get_ipsec_client_cert +{ + my $self = shift; + my $q = shift; + my $user = $q->param('user'); + ($user) = ($user =~ /^(.*)$/); + + die "Invalid user: $user\n" unless getpwnam($user); + + open (KID, "/sbin/e-smith/roadwarrior get_client_cert $user |") + or die "Can't fork: $!"; + my $certfile = ; + close KID; + + require File::Basename; + my $certname = File::Basename::basename($certfile); + + print "Expires: 0\n"; + print "Content-type: application/x-pkcs12\n"; + print "Content-disposition: inline; filename=$certname\n"; + print "\n"; + + open (CERT, "<$certfile"); + while () + { + print; + } + close CERT; + + return ''; +} + +sub display_email_forwarding +{ + return defined $configdb->get('qpsmtpd'); +} + +1; diff --git a/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm b/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm new file mode 100644 index 0000000..ab95c6e --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm @@ -0,0 +1,1935 @@ +package esmith::console::configure; +use strict; +use warnings; +use Locale::gettext; +use esmith::console; +use esmith::util::network qw(:all); +use esmith::db; +use esmith::ethernet; +use Net::IPv4Addr qw(:all); +use Socket qw( inet_aton ); + + +our @adapters; +our $console; +our $db; + +sub new +{ + my $class = shift; + my $self = { + name => gettext("Configure this server"), + order => 20, + bootstrap => 0, + @_, + }; + bless $self, $class; + return $self; +} + +sub name +{ + return $_[0]->{name}; +} + +sub order +{ + return $_[0]->{order}; +} + +#------------------------------------------------------------ +# ethernetSelect() +# Choose appropriate Ethernet driver for the given interface +# Returns the selection method +#------------------------------------------------------------ +sub ethernetSelect($$) +{ + my ($ifName, $confEntry) = @_; + my $item = 0; + + if (scalar @adapters == 1) + { + if ($ifName eq "external" && $db->get_prop('InternalInterface', 'Name') ne 'dummy0') + { + # We'll use a VLAN on eth0 for the "dedicated" WAN link + $db->set_value("EthernetDriver2", "unknown"); + return 'CHANGE'; + } + else + { + # Add a dummy network interface, only valid for internal nic + push @adapters, "dummy\tdummy\t10:00:01:02:03:04\tFake Network Interface\tdummy0"; + } + } + + my %tag2driver; + my %tag2device; + my @args; + my $default; + my $existing_device; + my $skip; + + if ($ifName eq "external") + { + $skip = $db->get_prop("InternalInterface", "Name"); + $existing_device = $db->get_prop("ExternalInterface", "Name"); + } + else + { + $skip = ""; + $existing_device = $db->get_prop("InternalInterface", "Name"); + } + + $existing_device ||= "unknown"; + + foreach my $adapter ( @adapters ) + { + my ($parameter, $driver, $hwaddr, $chipset, $device) = split (/\t/, $adapter, 5); + chomp($chipset); + + #Ensure these are defined to at least "N/A" as no selection is shown if these are not defined. + $hwaddr = "N/A" unless $hwaddr; + $driver = "N/A" unless $driver; + + my $tag = ++$item . "."; + + $tag2driver{$tag} = $driver; + $tag2device{$tag} = $device; + + my $display_name = gettext("Use") ." ". ${driver}. " " . $hwaddr ." ". ${chipset}; + + if ($device ne $skip) + { + push(@args, $tag, substr($display_name, 0, 65)); + $default = $tag if $device eq $existing_device; + $default ||= $tag; + } + } + # Remove the dummy adapter from the list, it can't be used as external device + pop @adapters if $adapters[1] =~ m/^dummy\tdummy/; + + #-------------------------------------------------------- + # These are just to ensure that xgettext knows about the + # interface types. + gettext("local"); + gettext("external"); + #-------------------------------------------------------- + + my ($rc, $choice) = $console->menu_page + ( + title => sprintf(gettext("Select %s network device"), + gettext($ifName)), + default => $default, + text => + sprintf(gettext("You now need to select the proper device for your " . + "%s network. The server can attempt to do " . + "this automatically, or you can do it manually. " . + "The network driver, MAC address and model of your " . + "network adapter are listed below.\n"), gettext($ifName)), + argsref => \@args, + ); + + return 'CANCEL' unless ($rc == 0); + + return 'KEEP' if ($tag2device{$choice} eq $existing_device); + + $db->set_value($confEntry, $tag2driver{$choice}); + $db->set_prop( + ($ifName eq "external") ? "ExternalInterface" : "InternalInterface", + "Name", $tag2device{$choice} + ); + + return 'CHANGE'; +} + +sub doit +{ + my $self = shift; + $console = shift; + $db = shift; + + return if ($db->get_prop('bootstrap-console', 'ForceSave') eq 'yes'); # We can skip the menus + my $SystemName = $db->get_value('SystemName') || ''; + my $DomainName = $db->get_value('DomainName'); + my $bootstrapConsole = + $db->get_prop("bootstrap-console", "Run") || "no"; + my $rebootRequired = "no"; + my ($rc, $choice); + + #------------------------------------------------------------ + CONFIGURE_MAIN: + #------------------------------------------------------------ + return unless $console->run_screens( "CONFIGURE_MAIN" ); + + # Refresh the db + $db->reload; + + # Run kudzu probe to detect ethernet adapters + @adapters = split(/\n/, esmith::ethernet::probeAdapters()); + + #------------------------------------------------------------ + NO_NIC: + #------------------------------------------------------------ +{ + + if ( @adapters == 0 ) { + + ($rc, $choice) = $console->message_page + ( + title => gettext("No network interfaces found"), + text => gettext("The installer can't continue because no network interfaces are installed or recognised. Please install at least one network interface."), + ); + + goto QUIT1; + + } + +} + #------------------------------------------------------------ + DOMAIN_NAME: + #------------------------------------------------------------ +{ + ($rc, $choice) = $console->input_page + ( + title => gettext("Primary domain name"), + text => + gettext("Please enter the primary domain name for your server.") . + "\n\n" . + gettext("This will be the default domain for your e-mail and web server. Virtual domains can be added later using the server manager."), + value => $DomainName + ); + + if ($rc != 0) + { + # If user cancelled, either loop or go back to main menu + goto DOMAIN_NAME if $self->{bootstrap}; + return; + } + + if ($choice) + { + if ($choice =~ /^([a-zA-Z0-9\-\.]+)$/) + { + $db->set_value('DomainName', $DomainName = lc($1)); + goto SYSTEM_NAME; + } + } + else + { + $choice = ''; + } + + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid domain name"), + choice => $choice, + ); + + goto DOMAIN_NAME; +} + +#------------------------------------------------------------ +SYSTEM_NAME: +#------------------------------------------------------------ + +{ + my $oldSystemName = $SystemName; + + $oldSystemName = '' if ($oldSystemName eq 'sme-server'); + + ($rc, $choice) = $console->input_page + ( + title => gettext("Select system name"), + text => + gettext("Please enter the system name for your server.") . + "\n\n" . + gettext("You should select unique system names for each server.") . + "\n\n" . + gettext("The system name must start with a letter and can be composed of letters, numbers and hyphens."), + value => $oldSystemName + ); + + goto DOMAIN_NAME unless ($rc == 0); + + if ($choice =~ /^([a-zA-Z][a-zA-Z0-9\-]*)$/) + { + $db->set_value('SystemName', $SystemName = lc($1)); + if ($oldSystemName ne $SystemName) + { + # Delete old static hosts db record if one exists + use esmith::HostsDB; + my $hdb = esmith::HostsDB->open; + my $rec = $hdb->get("$oldSystemName.$DomainName"); + $rec->delete if $rec; + + # Update ServerName if was oldSystemName or not set + my $oldServerName = $db->get_prop("smb", "ServerName"); + if (!defined($oldServerName) || ($oldSystemName eq $oldServerName)) + { + $db->set_prop("smb", "ServerName", $SystemName); + } + } + goto ETHERNET_LOCAL; + + } + else + { + $choice = ''; + } + + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid system name"), + choice => $choice, + ); + + goto SYSTEM_NAME; +} + +# Display a dialog about how the module failed to load. +sub failed_to_load +{ + my $driver = shift; + my ($rc, $choice) = $console->tryagain_page + ( + title => gettext("The specified driver failed to load."), + choice => $driver + ); +} + +#------------------------------------------------------------ +ETHERNET_LOCAL: +#------------------------------------------------------------ + +{ + my ($selectMode, $newDriver) = ethernetSelect('local', 'EthernetDriver1'); + + goto ETHERNET_LOCAL if ($selectMode eq 'CANCEL_MANUAL'); + + goto SYSTEM_NAME if ($selectMode eq 'CANCEL'); + + goto QUIT1 if ($selectMode eq 'NONIC'); + + if ($selectMode eq 'NOLOAD') + { + failed_to_load($newDriver); + goto ETHERNET_LOCAL; + } + + goto LOCAL_IP if ($selectMode eq 'CHANGE'); + + goto LOCAL_IP if ($selectMode eq 'KEEP'); +} + +#------------------------------------------------------------ +LOCAL_IP: +#------------------------------------------------------------ + +{ + my $local_ip = $db->get_value('LocalIP') || '192.168.' . (int(rand(248)) + 2) . '.1'; + + ($rc, $choice) = $console->input_page + ( + title => gettext("Local networking parameters"), + text => + gettext("Please enter the local IP address for this server.") . + "\n\n" . + gettext("If this server is the first machine on your network, we recommend accepting the default value unless you have a specific reason to choose something else.") . + "\n\n" . + gettext("If your server is being installed into an existing network, you must choose an address which is not in use by any other computer on this network."), + value => $local_ip, + ); + + goto SYSTEM_NAME unless ($rc == 0); + + if ($choice) + { + if (isValidIP($choice)) + { + $choice = cleanIP($choice); + $db->set_value('LocalIP', $choice); + goto LOCAL_NETMASK; + } + } + else + { + $choice = ''; + } + + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid local IP address"), + choice => $choice, + ); + goto LOCAL_IP; +} + +#------------------------------------------------------------ +LOCAL_NETMASK: +#------------------------------------------------------------ + +{ + ($rc, $choice) = $console->input_page + ( + title => gettext("Select local subnet mask"), + text => + gettext("Please enter the local subnet mask for this server.") . + "\n\n" . + gettext("If this server is the first machine on your network, we recommend using the default unless you have a specific reason to choose something else.") . + "\n\n" . + gettext("If your server is being installed into an existing network, you must choose the same subnet mask used by other computers on this network."), + value => $db->get_value('LocalNetmask') + ); + + goto LOCAL_IP unless ($rc == 0); + + if ($choice) + { + if ( isValidIP($choice) ) + { + $choice = cleanIP($choice); + # Update primary record + $db->set_value('LocalNetmask', $choice); + goto SYSTEM_MODE; + } + } + else + { + $choice = ''; + } + + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid local subnet mask"), + choice => $choice, + ); + + goto LOCAL_NETMASK; +} + +#------------------------------------------------------------ +SYSTEM_MODE: +#------------------------------------------------------------ + +{ + my $currentmode; + my $currentnumber; + + if ($db->get_value('SystemMode') eq 'servergateway') + { + $currentmode = gettext("Server and gateway"); + $currentnumber = "1."; + } + elsif ($db->get_value('SystemMode') eq 'servergateway-private') + { + $currentmode = gettext("Private server and gateway"); + $currentnumber = "2."; + } + else + { + $currentmode = gettext("Server-only"); + $currentnumber = "3."; + } + + my @args = ( + "1.", gettext("Server and gateway"), + "2.", gettext("Private server and gateway"), + "3.", gettext("Server-only"), + ); + + ($rc, $choice) = $console->menu_page + ( + title => gettext("Select operation mode"), + default => $currentnumber, + text => + gettext("If you want this server to act as a gateway to the Internet, choose one of the server and gateway options. Server and gateway mode acts as a firewall and provides an external web and mail server. Private server and gateway mode also acts as a firewall but disables all incoming services.") . + "\n\n" . + gettext("Server-only mode provides services to a local, protected network. If you choose this mode and Internet access is required, the network must be protected by another server configured in server and gateway mode (or another firewall)."), + argsref => \@args + ); + + goto ETHERNET_LOCAL unless ($rc == 0); + + if ($choice eq "1.") + { + $db->set_value('SystemMode', 'servergateway'); + goto SERVER_GATEWAY; + } + + if ($choice eq "2.") + { + $db->set_value('SystemMode', 'servergateway-private'); + goto SERVER_GATEWAY; + } + + if ($choice eq "3.") + { + $db->set_prop("pppoe", "status", "disabled"); + $db->delete("ExternalIP"); + $db->set_value('SystemMode', 'serveronly'); + $db->set_value('AccessType', "dedicated"); + goto SERVER_ONLY; + } +} + +#------------------------------------------------------------ +SERVER_GATEWAY: +#------------------------------------------------------------ + +{ + my $currentmode; + my $currentnumber; + my $dialup_support = $db->get_prop("bootstrap-console", "DialupSupport") + || "yes"; + + if ($dialup_support eq "no") + { + $db->set_value('AccessType', 'dedicated'); + goto ETHERNET_EXTERNAL; + } + + if ($db->get_value('AccessType') eq 'dedicated') + { + $currentmode = gettext("Server and gateway - dedicated"); + $currentnumber = "1."; + } + else + { + $currentmode = gettext("Server and gateway - dialup"); + $currentnumber = "2."; + } + + my @args = ( + "1.", gettext("Server and gateway - dedicated"), + "2.", gettext("Server and gateway - dialup"), + ); + + ($rc, $choice) = $console->menu_page + ( + title => gettext("Select external access mode"), + default => $currentnumber, + text => + gettext("The next step is to select the access mode that your server will use to connect to the Internet.") . + "\n\n" . + gettext("Choose the dedicated option if you access the Internet via a router, a cable modem or ADSL. Choose the dialup option if you use a modem or ISDN connection."), + argsref => \@args + ); + + goto SYSTEM_MODE unless ($rc == 0); + + if ($choice eq "1.") + { + $db->set_value('AccessType', 'dedicated'); + goto ETHERNET_EXTERNAL; + } + + if ($choice eq "2.") + { + $db->set_value('AccessType', 'dialup'); + $db->set_prop("pppoe", "status", "disabled"); + goto DIALUP_MODEM; + } +} + +#------------------------------------------------------------ +ETHERNET_EXTERNAL: +#------------------------------------------------------------ +{ + if (scalar @adapters == 1 && $db->get_prop('InternalInterface', 'Name') ne 'dummy0') + { + ($rc, $choice) = $console->message_page + ( + title => gettext("Only one network adapter"), + text => + gettext("Your system only has a single network adapter. It cannot be used in this configuration."), + left => "", + right => "Back", + ); + goto SERVER_GATEWAY; + } + my ($selectMode, $newDriver) = ethernetSelect('external', 'EthernetDriver2'); + + goto ETHERNET_EXTERNAL if ($selectMode eq 'CANCEL_MANUAL'); + + goto SERVER_GATEWAY if ($selectMode eq 'CANCEL'); + + if ($selectMode eq 'NOLOAD') + { + failed_to_load($newDriver); + goto ETHERNET_EXTERNAL; + } + + goto SERVER_GATEWAY_DEDICATED; +} + +#------------------------------------------------------------ +SERVER_GATEWAY_DEDICATED: +#------------------------------------------------------------ +{ + unless ($db->get_value('DHCPClient')) + { + $db->set_value('DHCPClient', 'dhi'); + } + + my $currentmode; + my $currentnumber; + my $shortmode; + + if ($db->get_value('ExternalDHCP') eq 'on') + { + if ($db->get_value('DHCPClient') eq 'dhi') + { + $currentmode = gettext("use DHCP (send account name as client identifier)"); + $shortmode = gettext("DHCP with account name"); + $currentnumber = "1."; + } + else + { + $currentmode = + gettext("use DHCP (send ethernet address as client identifier)"); + $shortmode = gettext("DHCP with ethernet address"); + $currentnumber = "2."; + } + } + elsif ($db->get_prop("pppoe", "status") eq "enabled") + { + $currentmode = gettext("use PPP over Ethernet (PPPoE)"); + $shortmode = gettext("PPPoE"); + $currentnumber = "3."; + + } + else + { + $currentmode = gettext("use static IP address (do not use DHCP or PPPoE)"); + $shortmode = gettext("static IP"); + $currentnumber = "4."; + } + + my @args = ( + "1.", gettext("Use DHCP (send account name as client identifier)"), + "2.", gettext("Use DHCP (send ethernet address as client identifier)"), + "3.", gettext("Use PPP over Ethernet (PPPoE)"), + "4.", gettext("Use static IP address"), + ); + + ($rc, $choice) = $console->menu_page + ( + title => gettext("External Interface Configuration"), + default => $currentnumber, + text => + gettext("Next, specify how to configure the external ethernet adapter.") . + "\n\n" . + gettext("For cable modem connections, select DHCP. If your ISP has assigned a system name for your connection, use the account name option. Otherwise use the ethernet address option. For residential ADSL, use PPPoE. For most corporate connections, use a static IP address."), + argsref => \@args + ); + + goto SERVER_GATEWAY unless ($rc == 0); + + if ($choice eq "3.") + { + $db->set_value('ExternalDHCP', 'off'); + + $db->set_prop("pppoe", "status", "enabled"); + $db->set_prop("pppoe", "DemandIdleTime", "no"); + $db->set_prop("pppoe", "SynchronousPPP", "no"); + # Delete GatewayIP, as Gateway is via ppp link + $db->delete('GatewayIP'); + goto PPPoE_ACCOUNT; + } + else + { + $db->set_prop("pppoe", "status", "disabled"); + if ($choice eq "1.") + { + # Delete GatewayIP, as Gateway is via DHCP + $db->delete('GatewayIP'); + $db->set_value('ExternalDHCP', 'on'); + $db->set_value('DHCPClient', 'dhi'); + goto DHCP_ACCOUNT; + } + + if ($choice eq "2.") + { + # Delete GatewayIP, as Gateway is via DHCP + $db->delete('GatewayIP'); + $db->set_value('ExternalDHCP', 'on'); + $db->set_value('DHCPClient', 'd'); + goto OTHER_PARAMETERS;#was DYNAMIC_DNS_SERVICE; + } + + if ($choice eq "4.") + { + $db->set_value('ExternalDHCP', 'off'); + #$db->set_prop('DynDNS', 'status', 'disabled');#dropped + goto STATIC_IP; + } + } +} + +#------------------------------------------------------------ +DHCP_ACCOUNT: +#------------------------------------------------------------ +{ + ($rc, $choice) = $console->input_page + ( + title => gettext("Enter ISP assigned hostname"), + text => + gettext("You have selected DHCP (send account name). Please enter the account name assigned by your ISP. You must enter the account name exactly as specified by your ISP."), + value => $db->get_value('DialupUserAccount') + ); + + goto SERVER_GATEWAY_DEDICATED unless ($rc == 0); + + $db->set_value('DialupUserAccount', $choice || ''); + + goto OTHER_PARAMETERS;# was DYNAMIC_DNS_SERVICE; +} + +#------------------------------------------------------------ +PPPoE_ACCOUNT: +#------------------------------------------------------------ +{ + ($rc, $choice) = $console->input_page + ( + title => gettext("Select PPPoE user account"), + text => + gettext("Please enter the user account name for your PPPoE Internet connection. Most PPPoE service providers use an account name and e-mail domain. For example, ") . "fredfrog\@frog.pond", + value => $db->get_value('DialupUserAccount') + ); + + goto SERVER_GATEWAY_DEDICATED unless ($rc == 0); + + $db->set_value('DialupUserAccount', $choice || ''); + + goto PPPoE_PASSWORD; +} + +#------------------------------------------------------------ +PPPoE_PASSWORD: +#------------------------------------------------------------ + +{ + ($rc, $choice) = $console->input_page + ( + title => gettext("Select PPPoE password"), + text => + gettext("Please enter the password for your PPPoE Internet connection."), + value => $db->get_value('DialupUserPassword') + ); + + goto PPPoE_ACCOUNT unless ($rc == 0); + + $db->set_value('DialupUserPassword', $choice || ''); + + goto OTHER_PARAMETERS;# was DYNAMIC_DNS_SERVICE; +} + +#------------------------------------------------------------ +STATIC_IP: +#------------------------------------------------------------ + +{ + # Need to do this now, since we delete ExternalIP and + # the console will throw an uninitialized variable error + # that you'll never see, but will make rc == 0. + + my $externalIP = $db->get_value('ExternalIP') || ""; + ($rc, $choice) = $console->input_page + ( + title => gettext("Select static IP address"), + text => + gettext("You have chosen to configure your external Ethernet connection with a static IP address. Please enter the IP address which should be used for the external interface on this server.") . + "\n\n" . + gettext("Please note, this is not the address of your external gateway."), + value => $externalIP + ); + + goto SERVER_GATEWAY_DEDICATED unless ($rc == 0); + + if ($choice) + { + if (isValidIP($choice) ) + { + $db->set_value('ExternalIP', cleanIP($choice)); + goto STATIC_NETMASK; + } + } + else + { + $choice = ''; + } + + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid external IP address"), + choice => $choice, + ); + + goto STATIC_IP; +} + +#------------------------------------------------------------ +STATIC_NETMASK: +#------------------------------------------------------------ + +{ + ($rc, $choice) = $console->input_page + ( + title => gettext("Select subnet mask"), + text => + gettext("Please enter the subnet mask for your Internet connection. A typical subnet mask is 255.255.255.0."), + value => $db->get_value('ExternalNetmask') + ); + + goto STATIC_IP unless ($rc == 0); + + if ($choice) + { + if ( isValidIP($choice) ) + { + # Check for overlapping ranges in external and internal interface IP and netmasks + + # Retrieve the local IP/mask setting + my $localAddress = $db->get_value('LocalIP'); + my $localNetmask = $db->get_value('LocalNetmask'); + + # Retrieve the external IP/mask setting + my $externalAddress = $db->get_value('ExternalIP'); + my $externalNetmask = cleanIP($choice); + + if ( ipv4_in_network($localAddress, $localNetmask, $externalAddress, $externalNetmask) ) + { + + ($rc, $choice) = $console->message_page + ( + title => gettext("Invalid address ranges"), + text => sprintf(gettext( + "Internal address range overlaps external address range" . + "\n\n". + "Local interface: %s/%s" . + "\n" . + "External interface: %s/%s" . + "\n\n". + "Please review your settings."), + $localAddress, $localNetmask, $externalAddress, $externalNetmask + ) + ); + + goto STATIC_IP; + + } + + $db->set_value('ExternalNetmask', $externalNetmask); + goto STATIC_GATEWAY; + } + } + else + { + $choice = ''; + } + + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid external subnet mask"), + choice => $choice, + ); + + goto STATIC_NETMASK; +} + +#------------------------------------------------------------ +STATIC_GATEWAY: +#------------------------------------------------------------ + +{ + my $netmaskBits = esmith::util::IPquadToAddr ($db->get_value('ExternalNetmask')); + my $gateway_ip = $db->get_value('GatewayIP') || ""; + unless ((esmith::util::IPquadToAddr($db->get_value('ExternalIP')) & $netmaskBits) == + (esmith::util::IPquadToAddr($db->get_value('GatewayIP')) & $netmaskBits)) { + $gateway_ip = + esmith::util::IPaddrToQuad( + (esmith::util::IPquadToAddr($db->get_value('ExternalIP')) & $netmaskBits) + + 1); + } + ($rc, $choice) = $console->input_page + ( + title => gettext("Select gateway IP address"), + text => + gettext("Please enter the gateway IP address for your Internet connection."), + value => $gateway_ip + ); + + goto STATIC_NETMASK unless ($rc == 0); + + $choice ||= ''; + my $error = undef; + if (!isValidIP($choice)) + { + $error = "not a valid IP address"; + } + elsif (cleanIP($choice) eq $db->get_value('ExternalIP')) + { + $error = "address matches external interface address"; + } + elsif (!ipv4_in_network($db->get_value('ExternalIP'), + $db->get_value('ExternalNetmask'), "$choice/32") && $db->get_value('ExternalNetmask') ne '255.255.255.255') + { + $error = "address is not local"; + } + if ($error) + { + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid") . " - " . gettext($error), + choice => $choice, + ); + + goto STATIC_GATEWAY; + } + $db->set_value('GatewayIP', cleanIP($choice)); + goto OTHER_PARAMETERS; +} + +#------------------------------------------------------------ +DIALUP_MODEM: +#------------------------------------------------------------ + +{ + my @args = ( + "COM1", gettext("Set modem port to") . " COM1 (/dev/ttyS0)", + "COM2", gettext("Set modem port to") . " COM2 (/dev/ttyS1)", + "COM3", gettext("Set modem port to") . " COM3 (/dev/ttyS2)", + "COM4", gettext("Set modem port to") . " COM4 (/dev/ttyS3)", + gettext("ISDN"), gettext("Set modem port to") . " " . + gettext("internal ISDN card") . " (/dev/ttyI0)", + ); + + ($rc, $choice) = $console->menu_page + ( + title => gettext("Select modem/ISDN port"), + default => $db->get_value('DialupModemDevice'), + text => + gettext("Please specify which serial port your modem or ISDN terminal adapter is connected to. Select ISDN if you wish to use an internal ISDN card."), + argsref => \@args + ); + + goto SERVER_GATEWAY unless ($rc == 0); + + if ($choice eq "COM1") + { + $db->set_value('DialupModemDevice', '/dev/ttyS0'); + } + + if ($choice eq "COM2") + { + $db->set_value('DialupModemDevice', '/dev/ttyS1'); + } + + if ($choice eq "COM3") + { + $db->set_value('DialupModemDevice', '/dev/ttyS2'); + } + + if ($choice eq "COM4") + { + $db->set_value('DialupModemDevice', '/dev/ttyS3'); + } + if ($choice eq gettext("ISDN")) + { + $db->set_value('DialupModemDevice', '/dev/ttyI0'); + } + + if ($db->get_value('DialupModemDevice') eq '/dev/ttyI0') + { + $db->set_prop('ippp', 'status', 'enabled'); + $db->set_prop('isdn', 'status', 'enabled'); + goto HISAX_OPTIONS + } + $db->set_prop('ippp', 'status', 'disabled'); + $db->set_prop('isdn', 'status', 'disabled'); + goto MODEM_INIT_STRING; +} + +#------------------------------------------------------------ +HISAX_OPTIONS: +#------------------------------------------------------------ + +{ + # See http://ibiblio.org/pub/Linux/distributions/caldera/eServer/\ + # 2.3.1/live/etc/hwprobe.config for a pciid list - we cover most of + # the cards listed there + my %isdn_cards = ( + '1133e001' => + { type => "11", + description => "Eicon|DIVA 20PRO" }, + '1133e002' => + { type => "11", + description => "Eicon|DIVA 20" }, + '1133e003' => + { type => "11", + description => "Eicon|DIVA 20PRO_U" }, + '1133e004' => + { type => "11", + description => "Eicon|DIVA 20_U" }, + '1133e005' => + { type => "11", + description => "Eicon|DIVA 2.01 PCI or PCI_LP" }, + '1133e010' => + { type => "11", + description => "Eicon|DIVA Server BRI-2M" }, + '1133e012' => + { type => "11", + description => "Eicon|DIVA Server BRI-8M" }, + '1133e014' => + { type => "11", + description => "Eicon|DIVA Server PRO-30M" }, + '1133e018' => + { type => "11", + description => "Eicon|DIVA Server BRI-2M/-2F" }, + 'e1590002' => + { type => "15", + description => "Sedlbauer Speed PCI ISDN" }, + '10481000' => + { type => "18", + description => "Elsa AG|QuickStep 1000" }, + '10483000' => + { type => "18", + description => "Elsa AG|QuickStep 3000" }, + 'e1590001' => + { type => "20", + description => "Netjet|Tigerjet 300|320" }, + '11de6057' => + { type => "21", + description => "Teles PCI ISDN network controller" }, + '11de6120' => + { type => "21", + description => "Teles PCI ISDN network controller" }, + '12671016' => + { type => "24", + description => "Dr Neuhaus Niccy PCI" }, + '12440a00' => + { type => "27", + description => "AVM Fritz PCI" }, + '10b51030' => + { type => "34", + description => "Gazel/PLX R685" }, + '10b51151' => + { type => "34", + description => "Gazel/PLX DJINN_ITOO" }, + '10b51152' => + { type => "34", + description => "Gazel/PLX R753" }, + '13972bd0' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b000' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b006' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b007' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b008' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b009' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b00a' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b00b' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b00c' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '1397b100' => + { type => "35", + description => "ISDN network controller [HFC-PCI]" }, + '15b02bd0' => + { type => "35", + description => "Zoltrix ISDN network controller [HFC-PCI]" }, + '10430675' => + { type => "35", + description => "Asuscom ISDNLINK 128K [HFC-PCI]" }, + '06751700' => + { type => "36", + description => "Dynalink IS64PH ISDN network controller" }, + '06751702' => + { type => "36", + description => "Dynalink IS64PH ISDN network controller" }, + '06751704' => + { type => "36", + description => "Dynalink IS64PH ISDN network controller" }, + '10506692' => + { type => "36", + description => "Winbond 6692 ISDN network controller" }, + '15ad0710' => + { type => "FF", + description => + "Test thingy to check detection (actually VMWare display)" }, + ); + + my $card; + open (PCI, "/proc/bus/pci/devices"); + while (my $pci_data = ) + { + my $id = (split(/\s+/, $pci_data))[1]; + $card = $isdn_cards{$id}; + last if defined $card; + } + close (PCI); + if (defined $card) + { + my $description = $$card{'description'}; + ($rc, $choice) = $console->yesno_page + ( + title => gettext("ISDN card detected"), + text => + gettext("Do you wish to use the following ISDN card for your Internet connection?") . + "\n\n" . + $description, + ); + + if ($rc == 0) + { + my $type = $$card{'type'}; + $db->set_prop('isdn', 'Type', "$type"); + goto DIALUP_ACCESS_NUMBER; + } + } + + my $hisax_options = $db->get_prop('isdn', 'HisaxOptions') || ""; + ($rc, $choice) = $console->input_page + ( + title => gettext("ISDN driver options"), + text => + gettext("You have selected an internal ISDN card.") . + "\n\n" . + gettext("The ISDN software will need to be told what ISDN hardware you have. It may also need to be told what protocol number to use and may need to be given some additional information about your hardware such as the I/O address and interrupt settings.") . + "\n\n" . + gettext("This information is provided via an options string. An example is") . + " " . qq("type=27 protocol=2") . " " . + gettext("which would be used to set the") . + " " . qq("AVM Fritz!PCI") . " " . + gettext("to EURO-ISDN."), + value => $hisax_options + ); + + goto DIALUP_MODEM unless ($rc == 0); + + if ($choice) + { + $db->set_prop('isdn', 'HisaxOptions', $choice); + } + else + { + $db->delete_prop('isdn', 'HisaxOptions'); + } +} + +#------------------------------------------------------------ +ISDN_MSN: +#------------------------------------------------------------ +goto MODEM_INIT_STRING; # Skip this page - only for dial-in + +{ + my $msn = $db->get_prop('isdn', 'Msn'); + $msn = "" unless (defined $msn); + ($rc, $choice) = $console->input_page + ( + title => gettext("Multiple Subscriber Numbering"), + text => + gettext("Your ISDN line may have more than one number associated with it known as Multiple Subscriber Numbering (MSN). In order to receive an incoming ISDN call from an ISP or a remote site, you may need to configure your ISDN card with its MSN so that ISDN calls are routed correctly. If you do not know this number, you can leave this value blank."), + value => $msn + ); + + goto HISAX_OPTIONS unless ($rc == 0); + + unless ($choice eq "" or $choice =~ /^[-,0-9]+$/) + { + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid Multiple Subscriber Numbering (MSN)"), + choice => $choice, + ); + + goto ISDN_MSN; + } + $db->set_prop('isdn', 'Msn', "$choice"); + goto DIALUP_ACCESS_NUMBER; +} +#------------------------------------------------------------ +MODEM_INIT_STRING: +#------------------------------------------------------------ + +{ + my $modem_init = $db->get_value('ModemInit') || ""; + my $modem = $db->get_value('DialupModemDevice') || ""; + + my $isdn_msg = + gettext("You have selected an internal ISDN card.") . + "\n\n" . + gettext("The driver for this card includes modem emulation software, and modem control commands are used by the networking software to configure and control the ISDN interface card.") . + "\n\n" . + gettext("The precise behavior of your ISDN card can be modified by using a specific modem initialization string, to adjust the settings of the card, or to modify its default behavior. Most cards should work correctly with the default settings, but you may enter a modem initialization string here if required."); + + my $modem_msg = + gettext("You have selected a modem device.") . + "\n\n" . + gettext("The precise behavior of your modem can be modified by using a specific modem initialization string, to adjust the settings of your modem, or to modify its default behavior. You may enter a modem initialization string here.") . + "\n\n" . + gettext("Many modems will work correctly without any special settings. If you leave this field blank, the default string of") . + " " . qw("L0M0") . " " . + gettext("will be used. This turns the modem speaker off, so that you will not be bothered by the noises that a modem makes when it starts a connection."); + + my $msg = ($modem eq '/dev/ttyI0') ? $isdn_msg : $modem_msg; + + ($rc, $choice) = $console->input_page + ( + title => gettext("Modem initialization string"), + text => $msg, + value => $modem_init + ); + + unless ($rc == 0) + { + if ($db->get_value('DialupModemDevice') eq '/dev/ttyI0') + { + goto HISAX_OPTIONS; + } + else + { + goto DIALUP_MODEM; + } + } + + if ($choice) + { + $db->set_value('ModemInit', $choice); + } + else + { + $db->delete('ModemInit'); + } + goto DIALUP_ACCESS_NUMBER; +} + +#------------------------------------------------------------ +DIALUP_ACCESS_NUMBER: +#------------------------------------------------------------ + +{ + my $title = gettext("Select access phone number"); + + my $msg = + gettext("Please enter the access phone number for your Internet connection. Long distance numbers can be entered. The phone number must not contain spaces, but may contain dashes for readability. Commas may be inserted where a delay is required. For example, if you need to dial 9 first, then wait, then dial a phone number, you could enter") . " " + . qq("9,,,123-4567"); + + ($rc, $choice) = $console->input_page + ( + title => $title, + text => $msg, + value => $db->get_value('DialupPhoneNumber') + ); + + goto MODEM_INIT_STRING unless ($rc == 0); + + if ($choice) + { + if ($choice =~ /^[-,0-9]+$/) + { + $db->set_value('DialupPhoneNumber', "$choice"); + goto DIALUP_ACCOUNT; + } + } + else + { + $choice = ''; + } + + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid access phone number"), + choice => $choice, + ); + + goto DIALUP_ACCESS_NUMBER; +} + +#------------------------------------------------------------ +DIALUP_ACCOUNT: +#------------------------------------------------------------ + +{ + my $msg = gettext("Please enter the user account name for your Internet connection.") + . "\n\n" . + gettext("Please note that account names are usually case sensitive."); + + ($rc, $choice) = $console->input_page + ( + title => gettext("Select dialup user account"), + text => $msg, + value => $db->get_value('DialupUserAccount') + ); + + goto DIALUP_ACCESS_NUMBER unless ($rc == 0); + + $db->set_value('DialupUserAccount', $choice || ''); + goto DIALUP_PASSWORD; +} + +#------------------------------------------------------------ +DIALUP_PASSWORD: +#------------------------------------------------------------ + +{ + my $msg = gettext("Please enter the password for your Internet connection.") + . "\n\n" . + gettext("Please note that passwords are usually case sensitive."); + + ($rc, $choice) = $console->input_page + ( + title => gettext("Select dialup password"), + text => $msg, + value => $db->get_value('DialupUserPassword') + ); + + goto DIALUP_ACCOUNT unless ($rc == 0); + + $db->set_value('DialupUserPassword', $choice || ''); + goto INITIALIZE_CONNECT_TIMES; +} + +#------------------------------------------------------------ +INITIALIZE_CONNECT_TIMES: +#------------------------------------------------------------ +my %policy2string = + ( + "never" => "No connection", + "short" => "Short connect times to minimize minutes off-hook", + "medium" => "Medium connect times", + "long" => "Long connect times to minimize dialing delays", + "continuous" => "Continuous connection", + ); + +my @connect_options; +my %gettext2policy; + +goto DIALUP_OFFICE if scalar @connect_options; + +foreach (keys %policy2string) +{ + push @connect_options, gettext($_), gettext($policy2string{$_}); + $gettext2policy{gettext($_)} = $_; +} + +#------------------------------------------------------------ +DIALUP_OFFICE: +#------------------------------------------------------------ +{ + my $val = $db->get_value('DialupConnOffice') || 'medium'; + + ($rc, $choice) = $console->menu_page + ( + title => gettext("Select connect policy"), + default => gettext($val), + text => + gettext("Select the dialup connect policy that you would like to use during office hours (8:00 AM to 6:00 PM) on weekdays."), + + argsref => \@connect_options, + ); + + goto DIALUP_PASSWORD unless ($rc == 0); + + $db->set_value('DialupConnOffice', $gettext2policy{$choice}); + + goto DIALUP_OUTSIDE; +} + +#------------------------------------------------------------ +DIALUP_OUTSIDE: +#------------------------------------------------------------ + +{ + my $val = $db->get_value('DialupConnOutside') || 'medium'; + + ($rc, $choice) = $console->menu_page + ( + title => gettext("Select connect policy"), + default => gettext($val), + text => + gettext("Please select the dialup connect policy that you would like to use outside office hours (6:00 PM to 8:00 AM) on weekdays."), + argsref => \@connect_options, + ); + + goto DIALUP_OFFICE unless ($rc == 0); + + $db->set_value('DialupConnOutside', $gettext2policy{$choice}); + + goto DIALUP_WEEKEND; +} + +#------------------------------------------------------------ +DIALUP_WEEKEND: +#------------------------------------------------------------ + +{ + my $val = $db->get_value('DialupConnWeekend') || 'medium'; + ($rc, $choice) = $console->menu_page + ( + title => gettext("Select connect policy"), + default => gettext($val), + text => + gettext("Please select the dialup connect policy that you would like to use during the weekend."), + argsref => \@connect_options, + ); + + goto DIALUP_OUTSIDE unless ($rc == 0); + + $db->set_value('DialupConnWeekend', $gettext2policy{$choice}); + + goto OTHER_PARAMETERS;# was DYNAMIC_DNS_SERVICE; +} + + +#------------------------------------------------------------ +SERVER_ONLY: +#------------------------------------------------------------ + +{ + if (scalar @adapters == 2) + { + my (undef, $driver1, undef, undef) = split (/\s+/, $adapters[0], 4); + my (undef, $driver2, undef, undef) = split (/\s+/, $adapters[1], 4); + my $val = $db->get_prop('InternalInterface', 'NICBonding'); + if (!defined $val){$db->set_prop('InternalInterface', 'NICBonding', 'disabled');} + $val ||= 'disabled'; + if($driver1 eq $driver2) + { + my @args = ( + gettext("enabled"), gettext("Enable NIC bonding"), + gettext("disabled"), gettext("Disable NIC bonding") + ); + + ($rc, $choice) = $console->menu_page + ( + title => gettext("NIC Bonding"), + default => gettext($val), + text => + gettext("You have more than one network adapter. Would you like to bond them together into a single interface? This can provide greater throughput and/or failure resiliency, depending on your adapters and network configuration."), + argsref => \@args + ); + + $db->set_prop('InternalInterface', 'NICBonding', + ($choice eq gettext('enabled')) ? 'enabled' : 'disabled'); + $db->set_prop('InternalInterface', 'Name', 'bond0') + if ($choice eq gettext('enabled')); + + $db->set_value("EthernetDriver2", + ($db->get_prop('InternalInterface', 'NICBonding', + 'enabled')) + ? $db->get_value("EthernetDriver1") : 'unknown'); + } + + # SME 935 - edit NIC bonding option string + if($db->get_prop('InternalInterface', 'NICBonding') eq 'enabled') + { + my $msg = gettext("The NIC bonding driver allows various modes and performance options. Edit the option string below if the defaults are not suitable.\n\nMost users do not need to change this setting.\n"); + my $bond_opts = $db->get_prop("InternalInterface", "NICBondingOptions") || ''; + ($rc, $choice) = $console->input_page + ( + title => gettext("NIC Bonding Options"), + text => $msg, + value => $bond_opts + ); + + goto SERVER_ONLY unless ($rc == 0); + + $db->set_prop('InternalInterface', 'NICBondingOptions', + $choice); + } + } + + goto OTHER_PARAMETERS unless ($db->get_value('AccessType') eq 'dedicated'); + + my $gateway_ip = $db->get_value('GatewayIP') || ""; + my $netmaskBits = esmith::util::IPquadToAddr ($db->get_value('LocalNetmask')); + unless ((esmith::util::IPquadToAddr($db->get_value('LocalIP')) & $netmaskBits) == + (esmith::util::IPquadToAddr($db->get_value('GatewayIP')) & $netmaskBits)) { + $gateway_ip = + esmith::util::IPaddrToQuad( + (esmith::util::IPquadToAddr($db->get_value('LocalIP')) & $netmaskBits) + + 1); + } + + ($rc, $choice) = $console->input_page + ( + title => gettext("Select gateway IP address"), + text => + gettext("In server-only mode, this server will use only one ethernet adapter connected to your local network. If you have a firewall and wish to use this server as your e-mail/web server, you should consult the firewall documentation for networking details.") . + "\n\n" . + gettext("Please specify the gateway IP address that this server should use to access the Internet. Leave blank if you have no Internet access."), + value => $gateway_ip + ); + + goto SYSTEM_MODE unless ($rc == 0); + + $choice ||= ''; + if (!$choice) + { + $db->delete('GatewayIP'); + $db->set_value('AccessType', 'off'); + goto OTHER_PARAMETERS; + } + + my $error = undef; + if (!isValidIP($choice)) + { + $error = "not a valid IP address"; + } + elsif (cleanIP($choice) eq $db->get_value('LocalIP')) + { + $error = "address matches local interface address"; + } + elsif (!ipv4_in_network($db->get_value('LocalIP'), + $db->get_value('LocalNetmask'), "$choice/32")) + { + $error = "address is not local"; + } + if ($error) + { + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid") . " - " . gettext($error), + choice => $choice, + ); + + goto SERVER_ONLY; + } + $db->set_value('GatewayIP', cleanIP($choice)); + $db->set_value('AccessType', 'dedicated'); + goto OTHER_PARAMETERS; +} + +#------------------------------------------------------------ +OTHER_PARAMETERS: +#------------------------------------------------------------ +# Sample UnsavedChanges at this point - nothing after here +# should require a reboot - and we don't require a reboot first time +# through +#------------------------------------------------------------ +if ($bootstrapConsole eq "no") +{ + $rebootRequired = $db->get_value('UnsavedChanges'); +} +#------------------------------------------------------------ + +DHCP_SERVER: +{ + my $start = $db->get_prop("dhcpd", "start") || '0.0.0.65'; + my $end = $db->get_prop("dhcpd", "end") || '0.0.0.250'; + my $priv_ip = $db->get_value('LocalIP'); + my $priv_mask = $db->get_value('LocalNetmask'); + my $priv_net = ipv4_network($priv_ip, $priv_mask); + my $localip = esmith::util::IPquadToAddr($priv_ip); + my $netmask = esmith::util::IPquadToAddr($priv_mask); + $start = esmith::util::IPquadToAddr($start); + $end = esmith::util::IPquadToAddr($end); + # AND-out the network bits, and OR that with our current dhcp values. + my $localnet = $localip & $netmask; + # Delete the current DHCP leases file if we are changing networks + unless ((($start & $netmask) == $localnet) && + (($end & $netmask) == $localnet)) + { + my $dhcpLeases = "/var/lib/dhcpd/dhcpd.leases"; + open (WR, ">$dhcpLeases") + or die gettext("Can't open output file"), + " $dhcpLeases", ": $!\n"; + close WR; + } + # AND-out the host bits from the start and end ips. + # And, OR our local network with our start and end host values. + $start = $localnet | ($start & ~$netmask); + $end = $localnet | ($end & ~$netmask); + # Make sure that $start is less than $end (might not be if netmask has changed + if ($start > $end) + { + my $temp = $start; + $start = $end; + $end = $temp; + } + $start = esmith::util::IPaddrToQuad($start); + $end = esmith::util::IPaddrToQuad($end); + # That's it. Set them back. These will hopefully be reasonable defaults. + $db->set_prop("dhcpd", "start", $start); + $db->set_prop("dhcpd", "end", $end); + my $DHCPServer = ($db->get_prop('dhcpd', 'status') eq 'enabled') ? + gettext("On") : gettext("Off"); + + my @args = + ( + gettext("On"), gettext("Provide DHCP service to local network"), + gettext("Off"), gettext("Do not provide DHCP service to local network"), + ); + + ($rc, $choice) = $console->menu_page + ( + title => gettext("Select DHCP server configuration"), + default => $DHCPServer, + text => + gettext("Please specify whether you would like this server to provide DHCP service to your local network. This will let you assign IP addresses to your other network computers automatically by configuring them to obtain their IP information using DHCP.") . + "\n\n" . + gettext("We strongly advise that all clients are configured using DHCP."), + argsref => \@args + ); + + goto SYSTEM_MODE unless ($rc == 0); + + if ($choice eq gettext("On")) { + $db->set_prop('dhcpd', 'status', 'enabled'); + goto DHCP_SERVER_BEGIN; + } + + if ($choice eq gettext("Off")) + { + $db->set_prop('dhcpd', 'status', 'disabled'); + goto DNS_FORWARDER; + } + + goto DNS_FORWARDER; +} + +#------------------------------------------------------------ +DHCP_SERVER_BEGIN: +#------------------------------------------------------------ + +{ + my $start = $db->get_prop("dhcpd", "start") || '0.0.0.65'; + my $priv_ip = $db->get_value('LocalIP'); + my $priv_mask = $db->get_value('LocalNetmask'); + my $priv_net = ipv4_network($priv_ip, $priv_mask); + + my $errmsg = ""; + + ($rc, $choice) = $console->input_page + ( + title => gettext("Select beginning of DHCP host number range"), + text => + gettext("You must reserve a range of host numbers for the DHCP server to use.") . + "\n\n" . + gettext("Please enter the first host number in this range. If you are using the standard server defaults and have no particular preference, you should keep the default values."), + value => $start + ); + + goto DHCP_SERVER unless ($rc == 0); + + if ($choice) + { + if ( isValidIP($choice) ) + { + my $dhcp_net = ipv4_network($choice, $priv_mask); + if ($dhcp_net eq $priv_net) + { + # need to check for valid range as well. + unless ($choice eq $start) + { + $db->set_prop('dhcpd', 'start', cleanIP($choice)); + } + goto DHCP_SERVER_END; + } + else + { + $errmsg = gettext("That address is not on the local network."); + } + } + else + { + $errmsg = gettext("Invalid IP address for DHCP start"); + } + } + else + { + $choice = ''; + $errmsg = gettext("You must provide an IP address for the start of the DHCP range."); + } + + ($rc, $choice) = $console->tryagain_page + ( + title => $errmsg, + choice => $choice, + ); + + goto DHCP_SERVER_BEGIN; +} + +#------------------------------------------------------------ +DHCP_SERVER_END: +#------------------------------------------------------------ + +{ + my $serverStart = $db->get_prop('dhcpd', 'start'); + my $serverEnd = $db->get_prop('dhcpd', 'end'); + my $priv_ip = $db->get_value('LocalIP'); + my $priv_mask = $db->get_value('LocalNetmask'); + my $priv_net = ipv4_network($priv_ip, $priv_mask); + my $errmsg = ""; + + ($rc, $choice) = $console->input_page + ( + title => gettext("Select end of DHCP host number range"), + text => + gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for vpn sessions."), + value => $serverEnd + ); + + goto DHCP_SERVER_BEGIN unless ($rc == 0); + + if ($choice) + { + if ( isValidIP($choice) ) + { + # retrieve values to verifiy if ip_count > vpn_sessions + my $ip_start = unpack 'N', inet_aton($serverStart); + my $ip_end = unpack 'N', inet_aton($choice); + my $ip_count = $ip_end - $ip_start; + my $vpn_sessions = $db->get_prop('vpn','sessions'); + + my $dhcp_net = ipv4_network($choice, $priv_mask); + if ($dhcp_net eq $priv_net) + { + # There are a few additional things to confirm here. We now + # know that the chosen range is on the same network as the + # private interface. We should ensure that it does not overlap + # the private interface, and that the end is larger than the + # beginning. + if (cmpIP($serverStart, $choice) < 0) + { + if (((cmpIP($priv_ip, $serverStart) < 0) || + (cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $vpn_sessions)) + { + # need to check for valid range as well. + unless ($choice eq $serverEnd) + { + $db->set_prop('dhcpd', 'end', cleanIP($choice)); + } + goto DNS_FORWARDER; + } + # We want to verify that the number of vpn_IP reserved is not superior + # than the number of dhcp_IP set in the range + elsif ($ip_count <= $vpn_sessions) + { + $errmsg = gettext("There is not enough IP in the range to include all your vpn sessions"); + $choice = $vpn_sessions . ' allowed vpn clients'; + } + else + { + $errmsg = gettext("The IP range cannot include our private network address."); + $choice = $priv_ip; + } + } + else + { + $errmsg = gettext("The end of the range must be larger than the start."); + $choice = $serverStart; + } + } + else + { + $errmsg = gettext("That address is not on the local network."); + } + } + else + { + $errmsg = gettext("Invalid IP address for DHCP start"); + } + } + else + { + $choice = ''; + $errmsg = gettext("You must provide an IP address for the end of the DHCP range."); + } + + ($rc, $choice) = $console->tryagain_page + ( + title => $errmsg, + choice => $choice, + ); + + goto DHCP_SERVER_END; +} + +#------------------------------------------------------------ +DNS_FORWARDER: +#------------------------------------------------------------ + +{ + my $primary = $db->get_prop('dnscache', 'Forwarder') || ''; + ($rc, $choice) = $console->input_page + ( + title => gettext("Corporate DNS server address"), + text => + gettext("If this server does not have access to the Internet, or you have special requirements for DNS resolution, enter the DNS server IP address here.") . + "\n\n" . + gettext("This field should be left blank unless you have a specific reason to configure another DNS server.") . + "\n\n" . + gettext("You should not enter the address of your ISP's DNS servers here, as the server is capable of resolving all Internet DNS names without this additional configuration."), + value => $primary + ); + + if ($rc != 0) + { + goto DHCP_SERVER; + } + + if ($choice) + { + if ( isValidIP($choice) ) + { + $db->set_prop('dnscache', 'Forwarder', cleanIP($choice)); + goto QUERY_SAVE_CONFIG; + } + elsif ($choice =~ /^\s*$/) + { + $db->delete_prop('dnscache', 'Forwarder'); + goto QUERY_SAVE_CONFIG; + } + } + else + { + $db->delete_prop('dnscache', 'Forwarder'); + goto QUERY_SAVE_CONFIG; + } + + ($rc, $choice) = $console->tryagain_page + ( + title => gettext("Invalid IP address for DNS forwarder"), + choice => $choice, + ); + + goto DNS_FORWARDER; +} + +#------------------------------------------------------------ +QUERY_SAVE_CONFIG: +#------------------------------------------------------------ + +{ + if ($db->get_value('UnsavedChanges') eq "no") + { + ($rc, $choice) = $console->message_page + ( + title => gettext("No unsaved changes"), + text => + gettext("No changes were made during the configuration process") . + "\n\n" . + gettext("Press ENTER to proceed."), + right => gettext("Finish"), + ); + + return; + } + else + { + if ($rebootRequired eq "yes") + { + $db->set_prop("bootstrap-console", "Run", "yes"); + $db->set_prop("bootstrap-console", "ForceSave", "yes"); + ($rc, $choice) = $console->yesno_page + ( + title => gettext("Changes will take effect after reboot"), + text => + gettext("The new configuration will take effect when you reboot the server.") . + "\n\n" . + gettext("Do you wish to reboot right now?"), + ); + + return unless ($rc == 0); + + system("/usr/bin/tput", "clear"); + system("/sbin/e-smith/signal-event", "reboot"); + + # A bit of a hack to avoid the console restarting before the + # reboot takes effect. + + sleep(600); + } + + unless ($self->{bootstrap}) + { + ($rc, $choice) = $console->yesno_page + ( + title => gettext("Activate configuration changes"), + text => + gettext("Your configuration changes will now be activated. The configuration files on this server will be changed to reflect your new settings. This may take a few minutes.") . + "\n\n" . + gettext("Do you wish to activate your changes?"), + ); + + return unless ($rc == 0); + } + } + + #------------------------------------------------------------ + SAVE_CONFIG: + #------------------------------------------------------------ + # After saving config we don't need to run it again on the next reboot. + $db->set_prop("bootstrap-console", "ForceSave", "no"); + $db->set_prop("bootstrap-console", "Run", "no"); + + $console->infobox( + title => gettext("Activating configuration settings"), + text => gettext("Please stand by while your configuration settings are activated ..."), + ); + + if ($bootstrapConsole eq "yes") + { + system("/sbin/e-smith/signal-event", "bootstrap-console-save"); + goto QUIT1; + } + else + { + system("/sbin/e-smith/signal-event", "console-save"); + $db->reload; + + my $current_mode = (getppid() == 1) ? "auto" : "login"; + if ($current_mode ne $db->get_value('ConsoleMode')) + { + # If we switch from login to auto or vv, then we + # need to quite here + goto QUIT1; + } + return; + } +} +#------------------------------------------------------------ +QUIT: +#------------------------------------------------------------ +{ + if ( $db->get_value('UnsavedChanges') eq 'yes' ) + { + ($rc, $choice) = $console->yesno_page + ( + title => gettext("*** THERE ARE UNACTIVATED CHANGES - QUIT ANYWAY? ***"), + defaultno => 1, + text => + gettext("Your configuration changes have been saved but have not yet been activated. This may result in unpredictable system behavior. We recommend that you complete the configuration process and activate the changes before exiting the console.") . + "\n\n" . + gettext("Are you sure you want to quit with unactivated changes?"), + ); + + return unless ($rc == 0); + } +} + +QUIT1: + +# removed for SME10 as we need to start services after in boostrap-console +#system("/usr/bin/tput", "clear"); +#exit (0); +} + +1; diff --git a/root/usr/share/perl5/vendor_perl/esmith/console/quitConsole.pm b/root/usr/share/perl5/vendor_perl/esmith/console/quitConsole.pm new file mode 100644 index 0000000..7d55783 --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/console/quitConsole.pm @@ -0,0 +1,49 @@ +package esmith::console::quitConsole; +use strict; +use warnings; +use Locale::gettext; + +sub new +{ + my $class = shift; + my $self = { + name => gettext("Exit from the server console"), + order => 100, + }; + bless $self, $class; + return $self; +} + +sub name +{ + return $_[0]->{name}; +} + +sub order +{ + return $_[0]->{order}; +} + +sub doit +{ + my ($self, $console, $db) = @_; + if ( $db->get_value('UnsavedChanges') ne 'no' ) + { + my ($rc, $choice) = $console->yesno_page + ( + title => gettext("*** THERE ARE UNACTIVATED CHANGES - QUIT ANYWAY? ***"), + defaultno => 1, + text => + gettext("Your configuration changes have been saved but have not yet been activated. This may result in unpredictable system behavior. We recommend that you complete the configuration process and activate the changes before exiting the console.") . + "\n\n" . + gettext("Are you sure you want to quit with unactivated changes?"), + ); + + return unless ($rc == 0); + } + + system("/usr/bin/tput", "clear"); + exit (0); +} + +1; diff --git a/root/usr/share/perl5/vendor_perl/esmith/console/save_config.pm b/root/usr/share/perl5/vendor_perl/esmith/console/save_config.pm new file mode 100644 index 0000000..3fdffc2 --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/console/save_config.pm @@ -0,0 +1,33 @@ +package esmith::console::save_config; +use Locale::gettext; +use esmith::console; +use strict; +use warnings; + +sub new +{ + my $class = shift; + my $self = {}; + bless $self, $class; + return $self; +} + +sub doit +{ + my ($self, $console, $db) = @_; + #------------------------------------------------------------ + SAVE_CONFIG: + #------------------------------------------------------------ + # After saving config we don't need to run it again on the next reboot. + $db->set_prop("bootstrap-console", "ForceSave", "no"); + $db->set_prop("bootstrap-console", "Run", "no"); + $db->set_prop("bootstrap-console", "Restore", "enabled"); # Allow console restores + + $console->infobox( + title => gettext("Activating configuration settings"), + text => gettext("Please stand by while your configuration settings are activated ..."), + ); + + system("/sbin/e-smith/signal-event", 'bootstrap-console-save'); +} +1; diff --git a/root/usr/share/perl5/vendor_perl/esmith/console/startup.pm b/root/usr/share/perl5/vendor_perl/esmith/console/startup.pm new file mode 100644 index 0000000..a502af7 --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/console/startup.pm @@ -0,0 +1,132 @@ +package esmith::console::startup; +use Locale::gettext; +use esmith::console; +use esmith::ConfigDB; +use strict; +use warnings; + +sub new +{ + my $class = shift; + my $self = { + @_, + }; + bless $self, $class; + return $self; +} + +sub startup_callback { + my $fd = shift; + my @out = (); + my $done = 0; + + use DirHandle; + my $d = DirHandle->new("/etc/rc7.d"); + my @services = sort + { + $a =~ /^S(\d+)/; my $A = $1; + $b =~ /^S(\d+)/; my $B = $1; + $A <=> $B + } grep { /^S/ } $d->read; + my $rows = 12; + my $status_col = 65; + + my $db = esmith::ConfigDB->open_ro; + my $rec = $db->get('smb'); + my $i=0; + foreach (@services) { + $i=$i+1; + next unless /^S(\d+)([^\.][\.\w\-]+)$/; + next unless $2 eq "smb"; + splice @services,$i-1 , 1, "S${1}4smbd", "S${1}5nmbd" unless ($rec and $rec->prop('status') eq 'disabled'); + last; + } + + + open(STDOUT, ">&STDERR"); + foreach (@services) + { + sleep 1; + my $percent = int(($done * 100) / ($#services + 1)); + $done += 1; + my $link = $_; + #warn "Looking at symlink $_\n"; + next unless /^S\d+([^\.][\.\w\-]+)$/; # Untaint service name + my $service = $1; + #my $db = esmith::ConfigDB->open_ro; + $rec = $db->get($service); + do + { + warn "not starting disabled service $service\n"; + next; + } unless ($rec and $rec->prop('status') eq 'enabled'); + my $prompt = "starting "; + my $supervised = -x "/service/$service/run"; + my @cmd; + if (-x "/service/$service/run") + { + $prompt .= " supervised service $service"; + warn "starting supervised service $service\n"; + @cmd = ("sv", "up", "/service/$service"); + } + elsif (-x "/etc/init.d/$service") + { + $prompt .= " unsupervised service $service"; + warn "starting unsupervised service $service\n"; + @cmd = ("/etc/init.d/$service", "start"); + } + else + { + warn "ignoring unknown service $service: bogus start symlink $link\n"; + next; + } + + push @out, "$prompt\n"; + print $fd "XXX\n"; + print $fd "$percent\n"; + my @show = $#out > $rows ? @out[$#out - $rows .. $#out] : @out; + do { print $fd $_ } foreach @show; + print $fd "XXX\n"; + $prompt .= " " x ($status_col - length($prompt)); + $prompt .= system(@cmd) ? "\\Z1FAILED\\Zn" : "\\Z2OK\\Zn"; + $out[-1] = "$prompt\n"; + @show = $#out > $rows ? @out[$#out - $rows .. $#out] : @out; + print $fd "XXX\n"; + print $fd "$percent\n"; + do { print $fd $_ } foreach @show; + print $fd "XXX\n"; + } + print $fd "100\n"; + sleep 2; + return undef; +}; + +my $console = esmith::console->new; + +sub doit +{ + my ($self, $console, $db) = @_; + + $console->infobox + ( + title => gettext("Starting system services"), + text => "\n" . + gettext("Please standby while system services are started ..." +), + ); + + system(qw(touch /var/lock/subsys/backup-running)); + system(qw(chown admin /var/lock/subsys/backup-running)); + sleep(6); # Wait to be certain that all runsv services have been started. + $console->gauge(\&startup_callback, + text => '', + title => 'Starting system services', + colors => 1, + no_collapse => 1); +} + +#use esmith::console; +#use esmith::ConfigDB; +#esmith::console::startup->new->doit(esmith::console->new(), +# esmith::ConfigDB->open); +1; diff --git a/root/usr/share/perl5/vendor_perl/esmith/console/system_password.pm b/root/usr/share/perl5/vendor_perl/esmith/console/system_password.pm new file mode 100644 index 0000000..04e84b4 --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/console/system_password.pm @@ -0,0 +1,148 @@ +package esmith::console::system_password; +use esmith::util; +use Locale::gettext; +use strict; +use warnings; + +sub new +{ + my $class = shift; + my $self = {}; + bless $self, $class; + return $self; +} + +sub doit +{ + my ($self, $console, $db) = @_; + return if ($db->get_value('PasswordSet') eq 'yes'); + #------------------------------------------------------------ + INITIAL_PASSWORD: + #------------------------------------------------------------ + + my $rc; + my $choice; + my $choice1; + my $choice2; + + ($rc, $choice1) = $console->password_page + ( + title => gettext("Choose administrator password"), + text => + gettext("Welcome to the server console!") . + "\n\n" . + gettext("You will now be taken through a sequence of screens to perform basic networking configuration on this server.") . + "\n\n" . + gettext("You can make your selections in each screen using the Arrow and Tab keys. At any point, if you select Back you will be returned to the previous screen.") . + "\n\n" . + gettext("Before you start, you must first choose the administrator password for your system and enter it below. You will not see the password as you enter it."), + ); + + unless ($rc == 0) + { + ($rc, $choice) = $console->message_page + ( + title => gettext("Administrator password not set"), + text => gettext("Sorry, you must set the administrator password now."), + ); + + goto INITIAL_PASSWORD; + } + + unless ($choice1 =~ /^([ -~]+)$/) + { + ($rc, $choice) = $console->message_page + ( + title => gettext("Unprintable characters in password"), + text => gettext("The password must contain only printable characters."), + ); + + goto INITIAL_PASSWORD; + } + + use Crypt::Cracklib; + + #-------------------------------------------------------- + # These are just to ensure that xgettext knows about the + # Cracklib strings. + # Note the extra space here and in the gettext call below. This + # allows the French localization to properly generate qu'il + gettext("it is based on your username"); + gettext("it is based upon your password entry"); + gettext("it is derived from your password entry"); + gettext("it is derivable from your password entry"); + gettext("it is too short"); + gettext("it is all whitespace"); + gettext("it is too simplistic/systematic"); + gettext("it is based on a dictionary word"); + gettext("it is based on a (reversed) dictionary word"); + gettext("it does not contain numbers"); + gettext("it does not contain uppercase characters"); + gettext("it does not contain lowercase characters"); + gettext("it does not contain special characters"); + #-------------------------------------------------------- + + my $strength = $db->get_prop("passwordstrength", "Admin"); + my $reason = esmith::util::validatePassword($choice1,$strength); + + # Untaint return data from cracklib, so we can use it later. We + # trust the library, so we accept anything. + $reason =~ /(.+)/; $reason = $1; + $reason ||= gettext("Software error: password check failed"); + unless ($reason eq 'ok') + { + ($rc, $choice) = $console->yesno_page + ( + title => gettext("Bad Password Choice"), + text => + gettext("The password you have chosen is not a good choice, because ") . + gettext($reason) . "." . + "\n\n" . + gettext("Do you wish to choose a better one?"), + ); + + goto INITIAL_PASSWORD if ($rc == 0); + } + + ($rc, $choice2) = $console->password_page + ( + title => gettext("Choose administrator password"), + text => gettext("Please type your administrator password again to verify."), + ); + + unless ($rc == 0) + { + ($rc, $choice) = $console->message_page + ( + title => gettext("Administrator password not set"), + text => gettext("Sorry, you must set the administrator password now."), + ); + + goto INITIAL_PASSWORD; + } + + if ($choice1 ne $choice2) + { + ($rc, $choice) = $console->message_page + ( + title => gettext("Passwords do not match"), + text => gettext("The two passwords did not match"), + ); + + goto INITIAL_PASSWORD; + } + + #-------------------------------------------------- + # Set system password + #-------------------------------------------------- + + esmith::util::setUnixSystemPassword ($choice1); + esmith::util::setServerSystemPassword ($choice1); + + my $old = $db->get_value('UnsavedChanges'); + $db->set_value('PasswordSet', 'yes'); + $db->set_value('UnsavedChanges', $old); +} + +1; + diff --git a/root/usr/share/perl5/vendor_perl/esmith/ssl.pm b/root/usr/share/perl5/vendor_perl/esmith/ssl.pm new file mode 100644 index 0000000..00c241e --- /dev/null +++ b/root/usr/share/perl5/vendor_perl/esmith/ssl.pm @@ -0,0 +1,154 @@ +package esmith::ssl; + +use strict; +use warnings; +use esmith::ConfigDB; + + +our @ISA = qw(Exporter); +our @EXPORT = qw( key_exists_good_size cert_exists_good_size cert_is_cert key_is_key related_key_cert); + +my $configdb = esmith::ConfigDB->open_ro or die "Could not open accounts db"; +our $SystemName = $configdb->get('SystemName')->value; +our $DomainName = $configdb->get('DomainName')->value; +our $FQDN = "$SystemName.$DomainName"; + +# test key size +# test key exists +=head1 NAME + +esmith::php - A few tools to help with php-fpm installed versions + +=head1 SYNOPSIS + + use esmith::ssl; + + my $booleanK=key_exists_good_size; + +=head1 DESCRIPTION + +This is intended to help playing with installed SSL self-generated certificates and keys. + +=head1 Methods + + +=head2 key_exists_good_size +test key exists, then test key size correct. Obviously it also test that the files is indeed a key +planned to be called in : +/etc/e-smith/templates/home/e-smith/ssl.crt +/etc/e-smith/templates/home/e-smith/ssl.key + +returns 0 if key is missing or wrong size +returns 1 if key exists and key size is correct + +=cut +sub key_exists_good_size { + my $configdb = esmith::ConfigDB->open_ro or die "Could not open accounts db"; + my %modSSL = $configdb->as_hash('modSSL'); + my $KeySize = $modSSL{KeySize} ||'4096'; + my $key = shift || "/home/e-smith/ssl.key/$FQDN.key"; + if ( -f $key ) + { + #print "$key exists\n"; + # check key size openssl rsa -in /home/e-smith/ssl.key/$host.$domain.key -text -noout | sed -rn "s/Private-Key: \((.*) bit\)/\1/p" + my $signatureKeySize = `openssl rsa -in $key -text -noout | grep "Private-Key" | head -1`; + chomp $signatureKeySize; + $signatureKeySize =~ s/^ *Private-Key: \((.*) bit\)/$1/p; + if ( $signatureKeySize == $KeySize ) { + #print "key size is correct ($KeySize)\n"; + # key exists and key size is correct, we can proceed + return 1; + } + } + # key is either missing or wrong key size. + return 0; +} + + +# test key is key +#openssl rsa -check -in $key + +=head2 cert_exists_good_size +# check cert exist +# check cert is cert +# check cert size Public-Key +# openssl rsa -noout -modulus -in domain.key | openssl md5 +# openssl x509 -noout -modulus -in domain.crt | openssl md5 + +=cut +sub cert_exists_good_size { + my $configdb = esmith::ConfigDB->open_ro or die "Could not open accounts db"; + my %modSSL = $configdb->as_hash('modSSL'); + my $KeySize = $modSSL{KeySize} ||'4096'; + my $crt = shift || "/home/e-smith/ssl.crt/$FQDN.crt"; + if ( -f $crt ) + { + #openssl x509 -text -noout -in /home/e-smith/ssl.crt/$host.$domain.crt| sed -rn "s/Public-Key: \((.*) bit\)/\1/p" + my $signatureKeySize = `openssl x509 -text -noout -in $crt | grep "Public-Key" | head -1`; + chomp $signatureKeySize; + $signatureKeySize =~ s/^ *Public-Key: \((.*) bit\)/$1/p; + if ( $signatureKeySize == $KeySize ) { + #print "$signatureKeySize\n"; + # cert is correct size and exists, we can proceed. + # next check key and cert are related + # next check cert is still valid + # next check alt name are still the same + return 1; + } + } + return 0; +} + +sub cert_is_cert { + my $crt = shift || "/home/e-smith/ssl.crt/$FQDN.crt"; + if ( -f $crt ) + { + open my $oldout, ">&STDERR"; # "dup" the stdout filehandle + close STDERR; + my $exit_code=system("openssl","x509", "-noout", "-in", "$crt"); + open STDERR, '>&', $oldout; # restore the dup'ed filehandle to STDOUT + if ($exit_code==0){ + #print "certificate is a certificate\n"; + return 1; + } + } + return 0; +} + +sub key_is_key { + my $key = shift || "/home/e-smith/ssl.key/$FQDN.key"; + if ( -f $key ) + { + open my $oldout, ">&STDERR"; # "dup" the stdout filehandle + close STDERR; + my $exit_code=system("openssl","rsa", "-noout", "-in", "$key"); + open STDERR, '>&', $oldout; # restore the dup'ed filehandle to STDOUT + if ($exit_code==0){ + #print "key is a key\n"; + return 1; + } + } + return 0; +} + +sub related_key_cert { + my $key = shift || "/home/e-smith/ssl.key/$FQDN.key"; + my $crt = shift || "/home/e-smith/ssl.crt/$FQDN.crt"; + if ( key_is_key($key) and cert_is_cert($crt) ) + { + # check the cert and the key are related, if key has been changed, then we need to change the cert + my $crt_md5 = `openssl x509 -noout -modulus -in $crt | openssl md5`; + my $key_md5 = `openssl rsa -noout -modulus -in $key | openssl md5`; + #print "$key_md5 eq $crt_md5\n"; + return 1 if $key_md5 eq $crt_md5; + } + return 0; +} +##TODO migrate those actions from +# check cert is related to key +# => /etc/e-smith/templates/home/e-smith/ssl.crt +# check cert domain and alt +# => /etc/e-smith/templates/home/e-smith/ssl.crt +# check is valid / expiry date +# => /etc/e-smith/templates/home/e-smith/ssl.crt +################################### diff --git a/root/var/log/dhcpd/.gitignore b/root/var/log/dhcpd/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/var/log/ippp/.gitignore b/root/var/log/ippp/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/var/log/raidmonitor/.gitignore b/root/var/log/raidmonitor/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/var/log/wan/.gitignore b/root/var/log/wan/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/var/service/ippp/down b/root/var/service/ippp/down new file mode 100644 index 0000000..e69de29 diff --git a/root/var/service/ippp/log/run b/root/var/service/ippp/log/run new file mode 100644 index 0000000..b54b1c0 --- /dev/null +++ b/root/var/service/ippp/log/run @@ -0,0 +1,6 @@ +#! /bin/sh + +exec \ + /usr/local/bin/setuidgid smelog \ + /usr/local/bin/multilog t s5000000 \ + /var/log/ippp diff --git a/root/var/service/ippp/log/supervise/.gitignore b/root/var/service/ippp/log/supervise/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/var/service/ippp/run b/root/var/service/ippp/run new file mode 100644 index 0000000..6c17b98 --- /dev/null +++ b/root/var/service/ippp/run @@ -0,0 +1,58 @@ +#!/bin/sh +# +# Based on /etc/rc.d/init.d/ippp: +# +# (C) Copyright 1995-1999 Mike Jagdis +# +# The assumption is that dialds are to be used to manage the ippp +# interfaces. If not the ippp interfaces should be reconfigured +# afterwards as necessary. +# +# This should run before dialds are started and before any attempt +# is made to reconfigure ippp interfaces differently. + +config_file=./config + +modprobe hisax +# TODO should check here for failure!! + +# Try and load compression modules before doing +# anything that might load SLIP/PPP modules. +# (I don't know why Mike Jagdiss script does this + +modprobe bsd_comp ppp_deflate + +# Set up this interface for syncPPP over HDLC. +# Disable the hangup timeout because diald should be +# managing that. + isdnctrl delif ippp0 + isdnctrl addif ippp0 + isdnctrl encap ippp0 syncppp + isdnctrl l2_prot ippp0 hdlc + isdnctrl huptimeout ippp0 0 + isdnctrl eaz ippp0 "" + isdnctrl status ippp0 on + +# Explicitly bind the interface to the matching +# syncPPP manager channel. This is essential if +# any PPP options are specified. It is arguably +# convenient when no options are supplied and a +# single ipppd manages several links too. +isdnctrl pppbind ippp0 0 + +# This interface is notavailable for incoming +# connections. +isdnctrl secure ippp0 on + +ifconfig ippp0 "$LocalIP" \ + pointopoint 0.0.0.0 \ + netmask 255.255.255.255 \ + up + +# Diald will add host routes as appropriate. If we +# let ipppd do it diald may never notice the link +# come up as a result of an incoming connection +# where all the traffic is to/from the local +# system. i.e. our reply must go out via the +# diald slip proxy. +exec ipppd ippp0 -detach -hostroute $pppopts diff --git a/root/var/service/ippp/supervise/.gitignore b/root/var/service/ippp/supervise/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/var/service/wan/down b/root/var/service/wan/down new file mode 100644 index 0000000..e69de29 diff --git a/root/var/service/wan/log/run b/root/var/service/wan/log/run new file mode 100644 index 0000000..1dd7758 --- /dev/null +++ b/root/var/service/wan/log/run @@ -0,0 +1,7 @@ +#! /bin/sh + +exec \ + /usr/local/bin/setuidgid smelog \ + /usr/local/bin/multilog t s5000000 \ + /var/log/wan + diff --git a/root/var/service/wan/log/supervise/.gitignore b/root/var/service/wan/log/supervise/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/var/service/wan/run b/root/var/service/wan/run new file mode 100644 index 0000000..a9ab7e5 --- /dev/null +++ b/root/var/service/wan/run @@ -0,0 +1,12 @@ +#! /bin/sh + +exec 2>&1 +config=$(/sbin/e-smith/config getprop ExternalInterface Configuration) + +if [ -x run.$config ] +then + exec ./run.$config +fi + +echo script run.$config not found - please report this as a bug +sleep 100 diff --git a/root/var/service/wan/run.dhclient b/root/var/service/wan/run.dhclient new file mode 100644 index 0000000..c5567d8 --- /dev/null +++ b/root/var/service/wan/run.dhclient @@ -0,0 +1,31 @@ +#!/bin/sh +#---------------------------------------------------------------------- +# copyright (C) 1999-2006 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +#---------------------------------------------------------------------- +exec 2>&1 + +. ./dhclient.config + +configfile=/var/lib/dhclient/dhclient-$interface.conf +leasefile=/var/lib/dhclient/dhclient-$interface.leases + +export PEERDNS=no +exec /sbin/dhclient -d \ + -cf $configfile \ + -lf $leasefile \ + $interface diff --git a/root/var/service/wan/run.dialup b/root/var/service/wan/run.dialup new file mode 100644 index 0000000..1fde700 --- /dev/null +++ b/root/var/service/wan/run.dialup @@ -0,0 +1,13 @@ +#! /bin/sh + +ISDN=$(/sbin/e-smith/config getprop isdn status) +if [ "$ISDN" = "enabled" ] +then + sv u /service/ippp + sleep 10 + # TODO check here that ISDN device is available!! +fi +echo 1 > /proc/sys/net/ipv4/ip_forward +echo 2 > /proc/sys/net/ipv4/ip_dynaddr +# echo 7 > /proc/sys/net/ipv4/ip_dynaddr +exec /usr/sbin/diald -daemon diff --git a/root/var/service/wan/run.disabled b/root/var/service/wan/run.disabled new file mode 100644 index 0000000..d7b51bb --- /dev/null +++ b/root/var/service/wan/run.disabled @@ -0,0 +1,4 @@ +#! /bin/sh + +echo run.disabled run - please report this as a bug +sleep 120 diff --git a/root/var/service/wan/run.pppoe b/root/var/service/wan/run.pppoe new file mode 100644 index 0000000..81f3a7b --- /dev/null +++ b/root/var/service/wan/run.pppoe @@ -0,0 +1,32 @@ +#!/bin/sh +#---------------------------------------------------------------------- +# copyright (C) 2002 Mitel Networks Corporation +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- +exec 2>&1 + +. ./run.pppoe.conf + +extaddr=$(/sbin/e-smith/config getprop ExternalInterface IPAddress) + +exec \ + /usr/local/bin/softlimit -m $PPPD_MLIMIT \ + /usr/bin/setsid \ + /usr/sbin/pppd ${extaddr:+$extaddr:} \ + file pppoe.pppd.conf diff --git a/root/var/service/wan/run.static b/root/var/service/wan/run.static new file mode 100644 index 0000000..57c0583 --- /dev/null +++ b/root/var/service/wan/run.static @@ -0,0 +1,10 @@ +#! /usr/bin/perl + +use warnings; +use strict; +use esmith::ConfigDB; +use POSIX; + +my $db = esmith::ConfigDB->open_ro; +system("/sbin/ifup", $db->get_prop('ExternalInterface', 'Name')); +pause(); diff --git a/root/var/service/wan/supervise/.gitignore b/root/var/service/wan/supervise/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/root/var/state/e-smith/.gitignore b/root/var/state/e-smith/.gitignore new file mode 100644 index 0000000..e69de29