Linux support for build scripts
This commit modifies create-akanda-raw-image.sh to configure/install akanda-appliance on debian machines. It also includes multiple cleanups of files that are no longer needed.
This commit is contained in:
Jordan Tardif
parent
6ffcbd1a98
commit
74dc1dd74d
|
|
@ -1,487 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# ___ ___ .___
|
||||
# / \ \ | - L3 for OpenStack - | _/
|
||||
# / _ \ | | _______ ____ __| | ____
|
||||
# / /_\ \| |/ /\__ \ / \ / __ |\__ \
|
||||
# / | \ < / __ \| | \/ /_/ | / __ \_
|
||||
# \____|__ /__|_ \(____ /___| /\____ |(____ /
|
||||
# \/ \/ \/ \/ \/ \/
|
||||
#
|
||||
# This script creates an Akanda Live CD - powered by OpenBSD, Python, and
|
||||
# Flask - and # lets you customize it.
|
||||
#
|
||||
# Copyright (c) 2009 Reiner Rottmann. Released under the BSD license.
|
||||
# Copyright (c) 2012 New Dream Network, LLC (DreamHost).
|
||||
#
|
||||
# First release 2009-06-20
|
||||
# Akanda release 2012-10-14
|
||||
#
|
||||
# Notes:
|
||||
#
|
||||
# * Modified 2012 by DreamHost <dev-community@dreamhost.com> for use with
|
||||
# Akanda
|
||||
|
||||
###############################################################################
|
||||
# Defaults
|
||||
###############################################################################
|
||||
MAJ=5 # Version major number
|
||||
MIN=4 # Version minor number
|
||||
ARCH=$(uname -p) # Architecture
|
||||
TZ=UTC # Time zones are in /usr/share/zoneinfo
|
||||
# The base sets that should be installed on the akanda live cd
|
||||
SETS="base etc man"
|
||||
# Additional packages that should be installed on the akanda live cd
|
||||
PACKAGES="ntp python-2.7.5 py-pip wget dnsmasq bird-v6-1.3.10"
|
||||
|
||||
|
||||
WDIR=/usr/local/akanda-livecdx # Working directory
|
||||
CDBOOTDIR=$WDIR/$MAJ.$MIN/$ARCH # CD Boot directory
|
||||
OUTDIR=/tmp
|
||||
HERE=`pwd`
|
||||
|
||||
# Mirror to use to download the OpenBSD files
|
||||
#BASEURL=http://ftp-stud.fht-esslingen.de/pub/OpenBSD
|
||||
#BASEURL=http://openbsd.mirrors.pair.com
|
||||
BASEURL=ftp://ftp3.usa.openbsd.org/pub/OpenBSD
|
||||
MIRROR=$BASEURL/$MAJ.$MIN/$ARCH
|
||||
PKG_PATH=$BASEURL/$MAJ.$MIN/packages/$ARCH
|
||||
DNS=8.8.8.8 # Google DNS Server to use in live cd (change accordingly)
|
||||
|
||||
|
||||
#CLEANUP=no # Clean up downloaded files and workdir (disabled by default)
|
||||
CLEANUP=yes
|
||||
|
||||
# End of user configuration
|
||||
###############################################################################
|
||||
|
||||
# global variables
|
||||
|
||||
SCRIPTNAME=$(basename $0 .sh)
|
||||
|
||||
EXIT_SUCCESS=0
|
||||
EXIT_FAILED=1
|
||||
EXIT_ERROR=2
|
||||
EXIT_BUG=10
|
||||
|
||||
VERSION="1.0.0"
|
||||
|
||||
# base functions
|
||||
|
||||
# In case of an error it is wise to show the correct usage of the script.
|
||||
function usage {
|
||||
echo >&2
|
||||
echo -e "Usage: $SCRIPTNAME \t[-A <arch>] [-h] [-M <major>] [-m <minor>] [-P <packages>]" >&2
|
||||
echo -e " \t\t[-S <sets>] [-T <timezone>] [-V] [-W <workdir>] [-U <url>]" >&2
|
||||
echo >&2
|
||||
echo "This program creates an OpenBSD live cd and lets you customize it." >&2
|
||||
echo "The software is released under BSD license. Use it at your own risk!" >&2
|
||||
echo "Copyright (c) 2009 Reiner Rottmann. Email: reiner[AT]rottmann.it" >&2
|
||||
echo "Copyright (c) 2012 New Dream Network, LLC. Email: dev-community[AT]dreamhost.com" >&2
|
||||
echo >&2
|
||||
echo -e " -A :\tselect architecture (default: $ARCH)" >&2
|
||||
echo -e " -h :\tgive this help list" >&2
|
||||
echo -e " -M :\tselect OpenBSD major version (default: $MAJ)" >&2
|
||||
echo -e " -m :\tselect OpenBSD minor version (default: $MIN)" >&2
|
||||
echo -e " -P :\tselect additional packages to install" >&2
|
||||
echo -e " \t(default: $PACKAGES)" >&2
|
||||
echo -e " -S :\tselect base sets (default: $SETS)" >&2
|
||||
echo -e " -T :\tselect timezone (default: $TZ)" >&2
|
||||
echo -e " -U :\tselect url of nearest OpenBSD mirror (default: $MIRROR)" >&2
|
||||
echo -e " -u :\tselect url of nearest OpenBSD from mirror list (requires wget)" >&2
|
||||
echo -e " -V :\tprint version" >&2
|
||||
echo -e " -W :\tselect working directory (default: $WDIR)" >&2
|
||||
echo >&2
|
||||
echo -e "Example:" >&2
|
||||
echo -e "# $SCRIPTNAME -A amd64 -M 4 -m 5 -W /tmp/livecd" >&2
|
||||
echo >&2
|
||||
[[ $# -eq 1 ]] && exit $1 || exit $EXIT_FAILED
|
||||
}
|
||||
|
||||
# own functions
|
||||
# This function lets the user choose an OpenBSD mirror
|
||||
function choosemirror {
|
||||
req="wget"
|
||||
for i in $req
|
||||
do
|
||||
if ! which $i >/dev/null; then
|
||||
echo "Missing $i. Exiting."
|
||||
exit $EXIT_ERROR
|
||||
fi
|
||||
done
|
||||
|
||||
mirrorlist=$(wget -q -O - http://www.openbsd.org/ftp.html#ftp | sed -n 's#<a href=\"\(ftp://.*\)/">#\1#p'|sort)
|
||||
|
||||
echo "Please select mirror from the list below:"
|
||||
|
||||
mirr=""
|
||||
while [ -z "$mirr" ] ; do
|
||||
m=1
|
||||
for i in $mirrorlist
|
||||
do
|
||||
echo $m. "$i"
|
||||
m=$(($m+1))
|
||||
done
|
||||
echo -n "Your choice? : "
|
||||
read choice
|
||||
mirr=$(echo "$mirrorlist" | sed -n $choice,${choice}p| sed s#^\ *##g)
|
||||
done
|
||||
BASEURL=$mirr
|
||||
MIRROR=$BASEURL/$MAJ.$MIN/$ARCH
|
||||
PKG_PATH=$BASEURL/$MAJ.$MIN/packages/$ARCH
|
||||
CDBOOTDIR=$WDIR/$MAJ.$MIN/$ARCH
|
||||
}
|
||||
|
||||
# This function may be used for cleanup before ending the program
|
||||
function cleanup {
|
||||
echo
|
||||
}
|
||||
|
||||
function makedeps {
|
||||
echo "[*] Installing dependencies for make"
|
||||
pkg_add -i bison
|
||||
pkg_add -i m4
|
||||
pkg_add -i gmake
|
||||
}
|
||||
|
||||
|
||||
# This is the main function that creates the OpenBSD livecd
|
||||
function livecd {
|
||||
echo "[*] Akanda (powered by OpenBSD) LiveCD script"
|
||||
echo "[*] The software is released under BSD license. Use it at your own risk!" >&2
|
||||
echo "[*] Copyright (c) 2009 Reiner Rottmann." >&2
|
||||
echo "[*] Copyright (c) 2012 New Dream Network, LLC (DreamHost)." >&2
|
||||
echo "[*] This script is released under the BSD License."
|
||||
uname -a | grep OpenBSD || echo "[*] WARNING: This software should run on an OpenBSD System!"
|
||||
date
|
||||
if [ -d $WDIR ]
|
||||
then
|
||||
echo "[*] Cleaning up from previous build..."
|
||||
rm -rf $WDIR
|
||||
fi
|
||||
echo "[*] Setting up the build environment..."
|
||||
mkdir -p $WDIR
|
||||
|
||||
if [[ $CHMIRROR = y ]] ; then
|
||||
echo "[*] Selecting OpenBSD mirror..."
|
||||
choosemirror
|
||||
echo $MIRROR
|
||||
fi
|
||||
|
||||
# Create CD Boot directory
|
||||
mkdir -p $CDBOOTDIR && cd $CDBOOTDIR
|
||||
|
||||
echo "[*] Downloading files needed for CD Boot..."
|
||||
CDBOOTFILES="cdbr cdboot bsd"
|
||||
cd $CDBOOTDIR && for i in $CDBOOTFILES; do test -f $CDBOOTDIR/$i || ftp -o $CDBOOTDIR/$i -m $MIRROR/$i; done
|
||||
typeset missing=""
|
||||
cd $CDBOOTDIR && for i in $CDBOOTFILES; do test -f $CDBOOTDIR/$i || missing="$missing $i"; done
|
||||
if [ ! -z "$missing" ]
|
||||
then
|
||||
echo "Missing download files: $missing" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "[*] Downloading file sets ($SETS)..."
|
||||
cd $WDIR && for i in $SETS; do test -f $WDIR/$i$MAJ$MIN.tgz || ftp -o $WDIR/$i$MAJ$MIN.tgz -m $MIRROR/$i$MAJ$MIN.tgz; done
|
||||
typeset missing=""
|
||||
cd $WDIR && for i in $SETS; do test -f $WDIR/$i$MAJ$MIN.tgz || missing="$missing $i$MAJ$MIN.tgz"; done
|
||||
if [ ! -z "$missing" ]
|
||||
then
|
||||
echo "Missing download file sets: $missing" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "[*] Extracting file sets ($SETS)..."
|
||||
cd $WDIR && for i in $SETS; do tar xzpf $WDIR/$i$MAJ$MIN.tgz; done
|
||||
|
||||
if [ $CLEANUP="yes" ];then
|
||||
echo "[*] Deleting file set tarballs ($SETS)..."
|
||||
cd $WDIR && for i in $SETS; do rm -f $WDIR/$i$MAJ$MIN.tgz; done
|
||||
fi
|
||||
|
||||
echo "[*] Populating dynamic device directory..."
|
||||
cd $WDIR/dev && $WDIR/dev/MAKEDEV all
|
||||
|
||||
echo "[*] Creating boot configuration..."
|
||||
echo "set image $MAJ.$MIN/$ARCH/bsd" > $WDIR/etc/boot.conf
|
||||
|
||||
echo "[*] Disabling some kernel devices"
|
||||
echo 'disable mpbios' | config -ef $CDBOOTDIR/bsd
|
||||
echo 'disable usb' | config -ef $CDBOOTDIR/bsd
|
||||
|
||||
echo "[*] Creating fstab entries..."
|
||||
cat >/$WDIR/etc/fstab <<EOF
|
||||
swap /tmp mfs rw,auto,-s=120000 0 0
|
||||
swap /var mfs rw,auto,-P/mfsvar,-s=32000 0 0
|
||||
swap /etc mfs rw,auto,-P/mfsetc 0 0
|
||||
swap /root mfs rw,auto,-P/mfsroot 0 0
|
||||
swap /dev mfs rw,auto,-P/mfsdev 0 0
|
||||
EOF
|
||||
|
||||
echo "[*] Creating motd file..."
|
||||
cat >$WDIR/etc/motd <<EOF
|
||||
|
||||
___ ___ .___
|
||||
/ \\ \\ | - L3 for OpenStack - | _/
|
||||
/ _ \\ | | _______ ____ __| | ____
|
||||
/ /_\\ \\| |/ /\\__ \\ / \\ / __ |\\__ \\
|
||||
/ | \\ < / __ \\| | \\/ /_/ | / __ \\_
|
||||
\\____|__ /__|_ \\(____ /___| /\\____ |(____ /
|
||||
\\/ \\/ \\/ \\/ \\/ \\/
|
||||
Welcome to Akanda: Powered by OpenBSD.
|
||||
|
||||
|
||||
EOF
|
||||
|
||||
echo "[*] Setting name..."
|
||||
cat > $WDIR/etc/myname <<EOF
|
||||
akanda
|
||||
EOF
|
||||
|
||||
echo "[*] Modifying the library path..."
|
||||
cat > $WDIR/root/.cshrc << EOF
|
||||
# Workaround for missing libraries:
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
EOF
|
||||
cat > $WDIR/root/.profile << EOF
|
||||
# Workaround for missing libraries:
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
EOF
|
||||
mkdir -p $WDIR/etc/profile
|
||||
cat > $WDIR/etc/profile/.cshrc << EOF
|
||||
# Workaround for missing libraries:
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
EOF
|
||||
cat > $WDIR/etc/profile/.profile << EOF
|
||||
# Workaround for missing libraries:
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
EOF
|
||||
|
||||
echo "[*] Using DNS ($DNS) in livecd environment..."
|
||||
echo "nameserver $DNS" > $WDIR/etc/resolv.conf
|
||||
|
||||
echo "[*] Disabling services...."
|
||||
cat > $WDIR/etc/rc.conf.local <<EOF
|
||||
spamlogd_flags=NO
|
||||
inetd_flags=NO
|
||||
amd_flags=NO
|
||||
sendmail_flags=NO
|
||||
sndiod_flags=NO
|
||||
EOF
|
||||
|
||||
echo "[*] Setting default password..."
|
||||
cp $HERE/etc/master.passwd $WDIR/etc/master.passwd
|
||||
cp $HERE/etc/passwd $WDIR/etc/passwd
|
||||
cp $HERE/etc/group $WDIR/etc/group
|
||||
cp /root/akanda-master-password $WDIR/etc
|
||||
pwd_mkdb -d $WDIR/etc akanda-master-password || exit 1
|
||||
|
||||
echo "[*] Installing additional packages..."
|
||||
cat > $WDIR/tmp/packages.sh <<EOF
|
||||
#!/bin/sh -e
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
/sbin/ldconfig
|
||||
export PKG_PATH=$(echo $PKG_PATH | sed 's#\ ##g')
|
||||
for i in $PACKAGES
|
||||
do
|
||||
pkg_add -i \$i
|
||||
done
|
||||
/sbin/ldconfig
|
||||
EOF
|
||||
|
||||
chmod +x $WDIR/tmp/packages.sh
|
||||
chroot $WDIR /tmp/packages.sh || exit 1
|
||||
rm $WDIR/tmp/packages.sh
|
||||
|
||||
mkdir $WDIR/etc/dnsmasq.d
|
||||
cat > $WDIR/etc/dnsmasq.conf <<EOF
|
||||
bind-interfaces
|
||||
leasefile-ro
|
||||
domain-needed
|
||||
bogus-priv
|
||||
no-hosts
|
||||
no-poll
|
||||
strict-order
|
||||
dhcp-lease-max=256
|
||||
conf-dir=/etc/dnsmasq.d
|
||||
EOF
|
||||
|
||||
|
||||
echo "[*] Installing akanda software..."
|
||||
cat > $WDIR/tmp/akanda.sh <<EOF
|
||||
#!/bin/sh -e
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
ln -sf /usr/local/bin/python2.7 /usr/local/bin/python
|
||||
ln -sf /usr/local/bin/pip-2.7 /usr/local/bin/pip
|
||||
|
||||
cd /tmp/greenlet-0.4.0
|
||||
python setup.py install
|
||||
|
||||
cd /tmp/eventlet-0.12.1
|
||||
python setup.py install
|
||||
|
||||
cd /tmp/akanda-appliance
|
||||
python setup.py install
|
||||
|
||||
EOF
|
||||
|
||||
cp -r `dirname $HERE` $WDIR/tmp
|
||||
|
||||
# build eventlet bundle so that we do not need CC on router image
|
||||
cd $WDIR/tmp
|
||||
tar -zxf $HERE/src/greenlet-0.4.0.tar.gz
|
||||
tar -zxf $HERE/src/eventlet-0.12.1.tar.gz
|
||||
cd greenlet-0.4.0
|
||||
python setup.py build
|
||||
cd ../eventlet-0.12.1
|
||||
python setup.py build
|
||||
cd $HERE
|
||||
|
||||
chmod +x $WDIR/tmp/akanda.sh
|
||||
chroot $WDIR /tmp/akanda.sh || exit 1
|
||||
rm $WDIR/tmp/akanda.sh
|
||||
|
||||
rm -rf $WDIR/tmp
|
||||
mkdir $WDIR/tmp
|
||||
|
||||
|
||||
echo "[*] Add rc.d scripts...."
|
||||
cp $HERE/etc/rc.d/sshd $WDIR/etc/rc.d/sshd
|
||||
cp $HERE/etc/rc.d/metadata $WDIR/etc/rc.d/metadata
|
||||
chmod 555 $WDIR/etc/rc.d/sshd
|
||||
chmod 555 $WDIR/etc/rc.d/metadata
|
||||
|
||||
echo "[*] Disable fsck"
|
||||
touch $WDIR/fastboot
|
||||
|
||||
echo "[*] Add some stuff to sysctl.conf"
|
||||
cat > $WDIR/etc/sysctl.conf <<EOF
|
||||
net.inet6.ip6.dad_count=0
|
||||
EOF
|
||||
|
||||
echo "[*] Update newsyslog.conf"
|
||||
cp $HERE/etc/newsyslog.conf $WDIR/etc/newsyslog.conf
|
||||
|
||||
echo "[*] Add rc.local file...."
|
||||
cp $HERE/etc/rc.local $WDIR/etc/rc.local
|
||||
|
||||
#echo "[*] Entering Akanda livecd builder (chroot environment)."
|
||||
#echo "[*] Once you have finished your modifications, type \"exit\""
|
||||
|
||||
# chroot $WDIR
|
||||
|
||||
echo "[*] Deleting sensitive information..."
|
||||
cd $WDIR && rm -f root/{.history,.viminfo}
|
||||
cd $WDIR && rm -f home/*/{.history,.viminfo}
|
||||
|
||||
echo "[*] Empty log files..."
|
||||
for log_file in $(find $WDIR/var/log -type f)
|
||||
do
|
||||
echo "" > $log_file
|
||||
done
|
||||
|
||||
echo "[*] Remove ports and src (only on live cd)..."
|
||||
rm -rf $WDIR/usr/{src,ports,xenocara}/*
|
||||
|
||||
echo "[*] Removing ssh host keys..."
|
||||
rm -f $WDIR/etc/ssh/*key*
|
||||
|
||||
echo "[*] Adding ssh key...]"
|
||||
mkdir $WDIR/root/.ssh
|
||||
chmod 700 $WDIR/root/.ssh
|
||||
cp $HERE/etc/key $WDIR/root/.ssh/authorized_keys
|
||||
chmod 600 $WDIR/root/.ssh/authorized_keys
|
||||
|
||||
echo "[*] Saving creation timestamp..."
|
||||
date > $WDIR/etc/livecd-release
|
||||
|
||||
echo "[*] Saving default timezone..."
|
||||
rm -f $WDIR/etc/localtime
|
||||
ln -s /usr/share/zoneinfo/$TZ $WDIR/etc/localtime
|
||||
|
||||
|
||||
echo "[*] Creating mfs-mount directories..."
|
||||
cp -rp $WDIR/var $WDIR/mfsvar
|
||||
rm -r $WDIR/var/*
|
||||
cp -rp $WDIR/root $WDIR/mfsroot
|
||||
cp -rp $WDIR/etc $WDIR/mfsetc
|
||||
mkdir $WDIR/mfsdev
|
||||
cp -p $WDIR/dev/MAKEDEV $WDIR/mfsdev/
|
||||
cd $WDIR/mfsdev && $WDIR/mfsdev/MAKEDEV all
|
||||
|
||||
echo "[*] Creating Akanda live-cd iso..."
|
||||
cd /
|
||||
mkhybrid -l -R -o $OUTDIR/livecd$MAJ$MIN-$ARCH.iso -b $MAJ.$MIN/$ARCH/cdbr -c $MAJ.$MIN/$ARCH/boot.catalog $WDIR
|
||||
|
||||
echo "[*] Your modified Akanda iso is in $OUTDIR/livecd$MAJ$MIN-$ARCH.iso"
|
||||
ls -lh $OUTDIR/livecd$MAJ$MIN-$ARCH.iso
|
||||
|
||||
echo "[*] Please support the OpenBSD project by buying official cd sets or donating some money!"
|
||||
echo "[*] Enjoy Akanda!"
|
||||
date
|
||||
echo "[*] Done."
|
||||
}
|
||||
|
||||
# Evaluate the command line options
|
||||
while getopts 'A:hM:m:P:S:T:U:uvVW:' OPTION ; do
|
||||
case $OPTION in
|
||||
A) ARCH=${OPTARG}
|
||||
;;
|
||||
h) usage $EXIT_ERFOLG
|
||||
;;
|
||||
M) MAJ=${OPTARG}
|
||||
;;
|
||||
m) MIN=${OPTARG}
|
||||
;;
|
||||
P) PACKAGES=${OPTARG}
|
||||
;;
|
||||
S) SETS=${OPTARG}
|
||||
;;
|
||||
T) TZ=${OPTARG}
|
||||
;;
|
||||
U) BASEURL=${OPTARG}
|
||||
;;
|
||||
u) CHMIRROR=y
|
||||
;;
|
||||
v) VERBOSE=y
|
||||
;;
|
||||
V) echo $VERSION
|
||||
exit $EXIT_ERROR
|
||||
;;
|
||||
W) WDIR=${OPTARG}
|
||||
;;
|
||||
|
||||
\?) echo "Unknown option \"-$OPTARG\"." >&2
|
||||
usage $EXIT_ERROR
|
||||
;;
|
||||
:) echo "Option \"-$OPTARG\" needs an argument." >&2
|
||||
usage $EXIT_ERROR
|
||||
;;
|
||||
*) echo "" >&2
|
||||
usage $EXIT_ERROR
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Skip already used arguments
|
||||
shift $(( OPTIND - 1 ))
|
||||
|
||||
# Loop over all arguments
|
||||
for ARG ; do
|
||||
if [[ $VERBOSE = y ]] ; then
|
||||
echo -n "Argument: "
|
||||
fi
|
||||
#echo $ARG
|
||||
done
|
||||
|
||||
|
||||
# Call (main-)function
|
||||
makedeps
|
||||
livecd
|
||||
|
||||
#
|
||||
cleanup
|
||||
exit $EXIT_SUCCESS
|
||||
|
||||
|
|
@ -1,18 +1,23 @@
|
|||
MAJ=5 # Version major number
|
||||
MIN=3 # Version minor number
|
||||
ARCH=$(uname -p) # Architecture
|
||||
TZ=UTC # Time zones are in /usr/share/zoneinfo
|
||||
|
||||
BASEURL=ftp://ftp3.usa.openbsd.org/pub/OpenBSD
|
||||
MIRROR=$BASEURL/$MAJ.$MIN/$ARCH
|
||||
PKG_PATH=$BASEURL/$MAJ.$MIN/packages/$ARCH
|
||||
APPLIANCE_BASE_DIR="/root/akanda-appliance"
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
APT_GET="apt-get -y"
|
||||
APPLIANCE_BASE_DIR="/vagrant/akanda-appliance"
|
||||
APPLIANCE_SCRIPT_DIR="$APPLIANCE_BASE_DIR/scripts"
|
||||
|
||||
# Additional packages that should be installed on the akanda live cd
|
||||
PACKAGES="ntp python-2.7.3p1 py-pip wget dnsmasq bird-v6-1.3.9p0"
|
||||
PACKAGES="ntp python2.7 wget dnsmasq bird6"
|
||||
PACKAGES_BUILD="python-dev python-pip isc-dhcp-client build-essential"
|
||||
|
||||
DNS=8.8.8.8
|
||||
RELEASE=`lsb_release -cs`
|
||||
echo "[*] Setup APT for $RELEASE"
|
||||
cat > /etc/apt/sources.list <<EOF
|
||||
deb http://mirrors.dreamcompute.com/debian $RELEASE main
|
||||
deb http://mirrors.dreamcompute.com/debian $RELEASE-updates main
|
||||
deb http://mirrors.dreamcompute.com/security.debian.org $RELEASE/updates main
|
||||
EOF
|
||||
|
||||
echo "[*] APT Update"
|
||||
apt-get update || exit 1
|
||||
|
||||
echo "[*] Creating motd file..."
|
||||
cat >/etc/motd <<EOF
|
||||
|
|
@ -23,45 +28,22 @@ cat >/etc/motd <<EOF
|
|||
/ | \\ < / __ \\| | \\/ /_/ | / __ \\_
|
||||
\\____|__ /__|_ \\(____ /___| /\\____ |(____ /
|
||||
\\/ \\/ \\/ \\/ \\/ \\/
|
||||
Welcome to Akanda: Powered by OpenBSD.
|
||||
Welcome to Akanda: Powered by Unicorns.
|
||||
|
||||
|
||||
EOF
|
||||
|
||||
echo "[*] Setting name..."
|
||||
cat > /etc/myname <<EOF
|
||||
echo "[*] Setting hostname..."
|
||||
cat > /etc/hostname <<EOF
|
||||
akanda
|
||||
EOF
|
||||
|
||||
echo "[*] Modifying the library path..."
|
||||
cat > /root/.cshrc << EOF
|
||||
# Workaround for missing libraries:
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
EOF
|
||||
|
||||
echo "[*] Using DNS ($DNS) in livecd environment..."
|
||||
echo "[*] Setting up DNS ($DNS)"
|
||||
echo "nameserver $DNS" > /etc/resolv.conf
|
||||
|
||||
echo "[*] Disabling services...."
|
||||
cat > /etc/rc.conf.local <<EOF
|
||||
spamlogd_flags=NO
|
||||
inetd=NO
|
||||
amd_master=NO
|
||||
EOF
|
||||
|
||||
echo "[*] Installing additional packages..."
|
||||
cat > /tmp/packages.sh <<EOF
|
||||
#!/bin/sh -e
|
||||
export PKG_PATH=$(echo $PKG_PATH | sed 's#\ ##g')
|
||||
for i in $PACKAGES
|
||||
do
|
||||
pkg_add -i \$i
|
||||
done
|
||||
EOF
|
||||
|
||||
chmod +x /tmp/packages.sh
|
||||
/tmp/packages.sh || exit 1
|
||||
rm /tmp/packages.sh
|
||||
$APT_GET install $PACKAGES || exit 1
|
||||
$APT_GET install $PACKAGES_BUILD || exit 1
|
||||
|
||||
mkdir /etc/dnsmasq.d
|
||||
cat > /etc/dnsmasq.conf <<EOF
|
||||
|
|
@ -79,11 +61,6 @@ EOF
|
|||
echo "[*] Installing akanda software..."
|
||||
cat > /tmp/akanda.sh <<EOF
|
||||
#!/bin/sh -e
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
ln -sf /usr/local/bin/python2.7 /usr/local/bin/python
|
||||
ln -sf /usr/local/bin/pip-2.7 /usr/local/bin/pip
|
||||
|
||||
pip install greenlet==0.4.0
|
||||
pip install eventlet==0.12.1
|
||||
|
||||
|
|
@ -91,21 +68,21 @@ cd $APPLIANCE_BASE_DIR
|
|||
python setup.py install
|
||||
EOF
|
||||
|
||||
cd /root
|
||||
|
||||
chmod +x /tmp/akanda.sh
|
||||
/tmp/akanda.sh || exit 1
|
||||
rm /tmp/akanda.sh
|
||||
|
||||
echo "[*] Add rc.d scripts...."
|
||||
cp $APPLIANCE_SCRIPT_DIR/etc/rc.d/sshd /etc/rc.d/sshd
|
||||
cp $APPLIANCE_SCRIPT_DIR/etc/rc.d/metadata /etc/rc.d/metadata
|
||||
chmod 555 /etc/rc.d/sshd
|
||||
chmod 555 /etc/rc.d/metadata
|
||||
echo "[*] Add init scripts...."
|
||||
cp $APPLIANCE_SCRIPT_DIR/etc/init.d/ssh /etc/init.d/ssh
|
||||
cp $APPLIANCE_SCRIPT_DIR/etc/init.d/metadata /etc/init.d/metadata
|
||||
chmod 555 /etc/init.d/ssh
|
||||
chmod 555 /etc/init.d/metadata
|
||||
|
||||
echo "[*] Add some stuff to sysctl.conf"
|
||||
cat > $WDIR/etc/sysctl.conf <<EOF
|
||||
cat > /etc/sysctl.conf <<EOF
|
||||
net.ipv4.ip_forward=1
|
||||
net.inet6.ip6.dad_count=0
|
||||
net.ipv6.conf.default.dad_transmits=0
|
||||
EOF
|
||||
|
||||
echo "[*] Add rc.local file...."
|
||||
|
|
@ -121,22 +98,30 @@ do
|
|||
echo "" > $log_file
|
||||
done
|
||||
|
||||
echo "[*] Remove ports and src"
|
||||
rm -rf /usr/{src,ports,xenocara}/*
|
||||
echo "[*] Remove packages only required by install"
|
||||
$APT_GET remove $PACKAGES_BUILD || exit 1
|
||||
$APT_GET autoremove
|
||||
$APT_GET clean
|
||||
|
||||
|
||||
echo "[*] Saving creation timestamp..."
|
||||
date > $WDIR/etc/akanda-release
|
||||
date > /etc/akanda-release
|
||||
|
||||
echo "[*] Saving default timezone..."
|
||||
rm -f /etc/localtime
|
||||
ln -s /usr/share/zoneinfo/$TZ /etc/localtime
|
||||
|
||||
rm -rf /vagrant
|
||||
echo "[*] Use bash instead of dash"
|
||||
rm /bin/sh ; ln -s /bin/bash /bin/sh
|
||||
|
||||
echo "[*] Clean up dhcp for vio0..."
|
||||
rm /etc/hostname.vio0
|
||||
|
||||
echo "[*] Please support the OpenBSD project by buying official cd sets or donating some money!"
|
||||
echo "[*] Clean up udev rules..."
|
||||
rm -f /etc/udev/rules.d/70-persistent-net.rules
|
||||
|
||||
echo "[*] Remove vagrant specifics"
|
||||
userdel -f vagrant
|
||||
rm -rf /vagrant /home/vagrant
|
||||
|
||||
echo "[*] Enjoy Akanda!"
|
||||
date
|
||||
echo "[*] Done."
|
||||
|
|
|
|||
|
|
@ -1,72 +0,0 @@
|
|||
wheel:*:0:root
|
||||
daemon:*:1:daemon
|
||||
kmem:*:2:root
|
||||
sys:*:3:root
|
||||
tty:*:4:root
|
||||
operator:*:5:root
|
||||
bin:*:7:
|
||||
news:*:8:
|
||||
wsrc:*:9:
|
||||
users:*:10:
|
||||
auth:*:11:
|
||||
games:*:13:
|
||||
staff:*:20:root
|
||||
smmsp:*:25:
|
||||
popa3d:*:26:
|
||||
sshd:*:27:
|
||||
_portmap:*:28:
|
||||
_identd:*:29:
|
||||
_rstatd:*:30:
|
||||
guest:*:31:root
|
||||
_rusersd:*:32:
|
||||
_fingerd:*:33:
|
||||
_sshagnt:*:34:
|
||||
_x11:*:35:
|
||||
utmp:*:45:
|
||||
_kdc:*:59:
|
||||
_kadmin:*:60:
|
||||
_lkm:*:61:
|
||||
_spamd:*:62:
|
||||
_radius:*:63:
|
||||
_token:*:64:
|
||||
_shadow:*:65:
|
||||
crontab:*:66:
|
||||
www:*:67:
|
||||
_isakmpd:*:68:
|
||||
network:*:69:
|
||||
named:*:70:
|
||||
proxy:*:71:
|
||||
authpf:*:72:
|
||||
_syslogd:*:73:
|
||||
_pflogd:*:74:
|
||||
_bgpd:*:75:
|
||||
_tcpdump:*:76:
|
||||
_dhcp:*:77:
|
||||
_mopd:*:78:
|
||||
_tftpd:*:79:
|
||||
_rbootd:*:80:
|
||||
_afs:*:81:
|
||||
_ppp:*:82:
|
||||
_ntp:*:83:
|
||||
_ftp:*:84:
|
||||
_ospfd:*:85:
|
||||
_hostapd:*:86:
|
||||
_dvmrpd:*:87:
|
||||
_ripd:*:88:
|
||||
_relayd:*:89:
|
||||
_ospf6d:*:90:
|
||||
_snmpd:*:91:
|
||||
_rtadvd:*:92:
|
||||
_ypldap:*:93:
|
||||
_btd:*:94:
|
||||
_smtpd:*:95:
|
||||
_rwalld:*:96:
|
||||
_nsd:*:97:
|
||||
_ldpd:*:98:
|
||||
_sndio:*:99:
|
||||
_ldapd:*:100:
|
||||
_iked:*:101:
|
||||
dialer:*:117:
|
||||
nogroup:*:32766:
|
||||
nobody:*:32767:
|
||||
dhc:*:1000:
|
||||
|
|
@ -0,0 +1,36 @@
|
|||
#! /bin/sh
|
||||
|
||||
PATH=/bin:/usr/bin:/sbin:/usr/sbin
|
||||
DAEMON="/usr/local/bin/akanda-metadata-proxy"
|
||||
OPTIONS="/etc/metadata.conf"
|
||||
PIDFILE=/var/run/metadata.pid
|
||||
|
||||
test -x $DAEMON || exit 0
|
||||
|
||||
. /lib/lsb/init-functions
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
log_daemon_msg "Starting akanda-metadata-proxy" "akanda-metadata-proxy"
|
||||
start_daemon -p $PIDFILE $DAEMON $OPTIONS
|
||||
log_end_msg $?
|
||||
;;
|
||||
stop)
|
||||
log_daemon_msg "Stopping akanda-metadata-proxy" "akanda-metadata-proxy"
|
||||
killproc -p $PIDFILE $DAEMON
|
||||
log_end_msg $?
|
||||
;;
|
||||
force-reload|restart)
|
||||
$0 stop
|
||||
$0 start
|
||||
;;
|
||||
status)
|
||||
status_of_proc -p $PIDFILE $DAEMON akanda-metadata-proxy && exit 0 || exit $?
|
||||
;;
|
||||
*)
|
||||
echo "Usage: /etc/init.d/akanda-metadata-proxy {start|stop|restart|force-reload|status}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
|
@ -0,0 +1,168 @@
|
|||
#! /bin/sh
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Provides: sshd
|
||||
# Required-Start: $remote_fs $syslog
|
||||
# Required-Stop: $remote_fs $syslog
|
||||
# Default-Start: 2 3 4 5
|
||||
# Default-Stop:
|
||||
# Short-Description: OpenBSD Secure Shell server
|
||||
### END INIT INFO
|
||||
|
||||
set -e
|
||||
|
||||
# /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon
|
||||
|
||||
test -x /usr/sbin/sshd || exit 0
|
||||
( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0
|
||||
|
||||
umask 022
|
||||
|
||||
if test -f /etc/default/ssh; then
|
||||
. /etc/default/ssh
|
||||
fi
|
||||
|
||||
. /lib/lsb/init-functions
|
||||
|
||||
if [ -n "$2" ]; then
|
||||
SSHD_OPTS="$SSHD_OPTS $2"
|
||||
fi
|
||||
|
||||
# Are we running from init?
|
||||
run_by_init() {
|
||||
([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ]
|
||||
}
|
||||
|
||||
akanda_configure_ssh() {
|
||||
/usr/local/bin/akanda-configure-ssh
|
||||
}
|
||||
|
||||
check_for_no_start() {
|
||||
# forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists
|
||||
if [ -e /etc/ssh/sshd_not_to_be_run ]; then
|
||||
if [ "$1" = log_end_msg ]; then
|
||||
log_end_msg 0 || true
|
||||
fi
|
||||
if ! run_by_init; then
|
||||
log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" || true
|
||||
fi
|
||||
exit 0
|
||||
fi
|
||||
}
|
||||
|
||||
check_dev_null() {
|
||||
if [ ! -c /dev/null ]; then
|
||||
if [ "$1" = log_end_msg ]; then
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
if ! run_by_init; then
|
||||
log_action_msg "/dev/null is not a character device!" || true
|
||||
fi
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
check_privsep_dir() {
|
||||
# Create the PrivSep empty dir if necessary
|
||||
if [ ! -d /var/run/sshd ]; then
|
||||
mkdir /var/run/sshd
|
||||
chmod 0755 /var/run/sshd
|
||||
fi
|
||||
}
|
||||
|
||||
check_config() {
|
||||
if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then
|
||||
/usr/sbin/sshd $SSHD_OPTS -t || exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
check_privsep_dir
|
||||
check_for_no_start
|
||||
check_dev_null
|
||||
akanda_configure_ssh
|
||||
log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd" || true
|
||||
if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
|
||||
log_end_msg 0 || true
|
||||
else
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
;;
|
||||
stop)
|
||||
log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd" || true
|
||||
if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; then
|
||||
log_end_msg 0 || true
|
||||
else
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
;;
|
||||
|
||||
reload|force-reload)
|
||||
check_for_no_start
|
||||
check_config
|
||||
log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd" || true
|
||||
if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd; then
|
||||
log_end_msg 0 || true
|
||||
else
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
;;
|
||||
|
||||
restart)
|
||||
check_privsep_dir
|
||||
check_config
|
||||
akanda_configure_ssh
|
||||
log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true
|
||||
start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid
|
||||
check_for_no_start log_end_msg
|
||||
check_dev_null log_end_msg
|
||||
if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
|
||||
log_end_msg 0 || true
|
||||
else
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
;;
|
||||
|
||||
try-restart)
|
||||
check_privsep_dir
|
||||
check_config
|
||||
log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true
|
||||
RET=0
|
||||
start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/sshd.pid || RET="$?"
|
||||
case $RET in
|
||||
0)
|
||||
# old daemon stopped
|
||||
check_for_no_start log_end_msg
|
||||
check_dev_null log_end_msg
|
||||
if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
|
||||
log_end_msg 0 || true
|
||||
else
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
;;
|
||||
1)
|
||||
# daemon not running
|
||||
log_progress_msg "(not running)" || true
|
||||
log_end_msg 0 || true
|
||||
;;
|
||||
*)
|
||||
# failed to stop
|
||||
log_progress_msg "(failed to stop)" || true
|
||||
log_end_msg 1 || true
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
status)
|
||||
status_of_proc -p /var/run/sshd.pid /usr/sbin/sshd sshd && exit 0 || exit $?
|
||||
;;
|
||||
|
||||
*)
|
||||
log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart|status}" || true
|
||||
exit 1
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
|
@ -1,52 +0,0 @@
|
|||
root:$2a$08$CD23PpFuZ91D2piAIy/FdOuaJBygVVDoGeJD33lhmauHKIhgOIAEe:0:0:daemon:0:0:Charlie &:/root:/bin/ksh
|
||||
daemon:*:1:1::0:0:The devil himself:/root:/sbin/nologin
|
||||
operator:*:2:5::0:0:System &:/operator:/sbin/nologin
|
||||
bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin
|
||||
smmsp:*:25:25::0:0:Sendmail Message Submission Program:/nonexistent:/sbin/nologin
|
||||
popa3d:*:26:26::0:0:POP3 Server:/var/empty:/sbin/nologin
|
||||
sshd:*:27:27::0:0:sshd privsep:/var/empty:/sbin/nologin
|
||||
_portmap:*:28:28::0:0:portmap:/var/empty:/sbin/nologin
|
||||
_identd:*:29:29::0:0:identd:/var/empty:/sbin/nologin
|
||||
_rstatd:*:30:30::0:0:rpc.rstatd:/var/empty:/sbin/nologin
|
||||
_rusersd:*:32:32::0:0:rpc.rusersd:/var/empty:/sbin/nologin
|
||||
_fingerd:*:33:33::0:0:fingerd:/var/empty:/sbin/nologin
|
||||
_x11:*:35:35::0:0:X Server:/var/empty:/sbin/nologin
|
||||
_kdc:*:59:59::0:0:Kerberos Server:/var/empty:/sbin/nologin
|
||||
_kadmin:*:60:60::0:0:Kerberos Admin Server:/var/empty:/sbin/nologin
|
||||
_spamd:*:62:62::0:0:Spam Daemon:/var/empty:/sbin/nologin
|
||||
uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/var/spool/uucppublic:/usr/libexec/uucp/uucico
|
||||
www:*:67:67::0:0:HTTP Server:/var/www:/sbin/nologin
|
||||
_isakmpd:*:68:68::0:0:isakmpd privsep:/var/empty:/sbin/nologin
|
||||
named:*:70:70::0:0:BIND Name Service Daemon:/var/named:/sbin/nologin
|
||||
proxy:*:71:71::0:0:Proxy Services:/nonexistent:/sbin/nologin
|
||||
_syslogd:*:73:73::0:0:Syslog Daemon:/var/empty:/sbin/nologin
|
||||
_pflogd:*:74:74::0:0:pflogd privsep:/var/empty:/sbin/nologin
|
||||
_bgpd:*:75:75::0:0:BGP Daemon:/var/empty:/sbin/nologin
|
||||
_tcpdump:*:76:76::0:0:tcpdump privsep:/var/empty:/sbin/nologin
|
||||
_dhcp:*:77:77::0:0:DHCP programs:/var/empty:/sbin/nologin
|
||||
_mopd:*:78:78::0:0:MOP Daemon:/var/empty:/sbin/nologin
|
||||
_tftpd:*:79:79::0:0:TFTP Daemon:/var/empty:/sbin/nologin
|
||||
_rbootd:*:80:80::0:0:rbootd Daemon:/var/empty:/sbin/nologin
|
||||
_afs:*:81:81::0:0:afs Daemon:/var/empty:/sbin/nologin
|
||||
_ppp:*:82:82::0:0:PPP utilities:/var/empty:/sbin/nologin
|
||||
_ntp:*:83:83::0:0:NTP Daemon:/var/empty:/sbin/nologin
|
||||
_ftp:*:84:84::0:0:FTP Daemon:/var/empty:/sbin/nologin
|
||||
_ospfd:*:85:85::0:0:OSPF Daemon:/var/empty:/sbin/nologin
|
||||
_hostapd:*:86:86::0:0:HostAP Daemon:/var/empty:/sbin/nologin
|
||||
_dvmrpd:*:87:87::0:0:DVMRP Daemon:/var/empty:/sbin/nologin
|
||||
_ripd:*:88:88::0:0:RIP Daemon:/var/empty:/sbin/nologin
|
||||
_relayd:*:89:89::0:0:Relay Daemon:/var/empty:/sbin/nologin
|
||||
_ospf6d:*:90:90::0:0:OSPF6 Daemon:/var/empty:/sbin/nologin
|
||||
_snmpd:*:91:91::0:0:SNMP Daemon:/var/empty:/sbin/nologin
|
||||
_rtadvd:*:92:92::0:0:IPv6 Router Advertisement Daemon:/var/empty:/sbin/nologin
|
||||
_ypldap:*:93:93::0:0:YP to LDAP Daemon:/var/empty:/sbin/nologin
|
||||
_btd:*:94:94::0:0:Bluetooth Daemon:/var/empty:/sbin/nologin
|
||||
_smtpd:*:95:95::0:0:SMTP Daemon:/var/empty:/sbin/nologin
|
||||
_rwalld:*:96:96::0:0:rpc.rwalld:/var/empty:/sbin/nologin
|
||||
_nsd:*:97:97::0:0:NSD Daemon:/var/empty:/sbin/nologin
|
||||
_ldpd:*:98:98::0:0:LDP Daemon:/var/empty:/sbin/nologin
|
||||
_sndio:*:99:99::0:0:sndio privsep:/var/empty:/sbin/nologin
|
||||
_ldapd:*:100:100::0:0:LDAP Daemon:/var/empty:/sbin/nologin
|
||||
_iked:*:101:101::0:0:IKEv2 Daemon:/var/empty:/sbin/nologin
|
||||
nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin
|
||||
dhc:$2a$06$h3G8w2ijH9f1x4UgAEMaCeSD.oKgXDo2JgJ6O9yLXq.VwgEYLnw0m:1000:1000::0:0:dhc:/usr/local:/bin/ksh
|
||||
|
|
@ -1,18 +0,0 @@
|
|||
# $OpenBSD: newsyslog.conf,v 1.29 2011/04/14 20:32:34 sthen Exp $
|
||||
#
|
||||
# configuration file for newsyslog
|
||||
#
|
||||
# logfile_name owner:group mode count size when flags
|
||||
/var/cron/log root:wheel 600 1 10 * Z
|
||||
/var/log/aculog uucp:dialer 660 1 10 * Z
|
||||
/var/log/authlog root:wheel 640 1 30 * Z
|
||||
/var/log/daemon 640 1 30 * Z
|
||||
/var/log/lpd-errs 640 1 10 * Z
|
||||
/var/log/maillog 600 1 10 * Z
|
||||
/var/log/messages 644 1 30 * Z
|
||||
/var/log/secure 600 2 30 * Z
|
||||
/var/log/security.out 600 2 30 * Z
|
||||
/var/log/wtmp 644 1 30 * B
|
||||
/var/log/xferlog 640 1 250 * Z
|
||||
/var/log/ppp.log 640 1 250 * Z
|
||||
/var/log/pflog 600 2 250 * ZB "pkill -HUP -u root -U root -t - -x pflogd"
|
||||
|
|
@ -1,52 +0,0 @@
|
|||
root:*:0:0:Charlie &:/root:/bin/ksh
|
||||
daemon:*:1:1:The devil himself:/root:/sbin/nologin
|
||||
operator:*:2:5:System &:/operator:/sbin/nologin
|
||||
bin:*:3:7:Binaries Commands and Source:/:/sbin/nologin
|
||||
smmsp:*:25:25:Sendmail Message Submission Program:/nonexistent:/sbin/nologin
|
||||
popa3d:*:26:26:POP3 Server:/var/empty:/sbin/nologin
|
||||
sshd:*:27:27:sshd privsep:/var/empty:/sbin/nologin
|
||||
_portmap:*:28:28:portmap:/var/empty:/sbin/nologin
|
||||
_identd:*:29:29:identd:/var/empty:/sbin/nologin
|
||||
_rstatd:*:30:30:rpc.rstatd:/var/empty:/sbin/nologin
|
||||
_rusersd:*:32:32:rpc.rusersd:/var/empty:/sbin/nologin
|
||||
_fingerd:*:33:33:fingerd:/var/empty:/sbin/nologin
|
||||
_x11:*:35:35:X Server:/var/empty:/sbin/nologin
|
||||
_kdc:*:59:59:Kerberos Server:/var/empty:/sbin/nologin
|
||||
_kadmin:*:60:60:Kerberos Admin Server:/var/empty:/sbin/nologin
|
||||
_spamd:*:62:62:Spam Daemon:/var/empty:/sbin/nologin
|
||||
uucp:*:66:1:UNIX-to-UNIX Copy:/var/spool/uucppublic:/usr/libexec/uucp/uucico
|
||||
www:*:67:67:HTTP Server:/var/www:/sbin/nologin
|
||||
_isakmpd:*:68:68:isakmpd privsep:/var/empty:/sbin/nologin
|
||||
named:*:70:70:BIND Name Service Daemon:/var/named:/sbin/nologin
|
||||
proxy:*:71:71:Proxy Services:/nonexistent:/sbin/nologin
|
||||
_syslogd:*:73:73:Syslog Daemon:/var/empty:/sbin/nologin
|
||||
_pflogd:*:74:74:pflogd privsep:/var/empty:/sbin/nologin
|
||||
_bgpd:*:75:75:BGP Daemon:/var/empty:/sbin/nologin
|
||||
_tcpdump:*:76:76:tcpdump privsep:/var/empty:/sbin/nologin
|
||||
_dhcp:*:77:77:DHCP programs:/var/empty:/sbin/nologin
|
||||
_mopd:*:78:78:MOP Daemon:/var/empty:/sbin/nologin
|
||||
_tftpd:*:79:79:TFTP Daemon:/var/empty:/sbin/nologin
|
||||
_rbootd:*:80:80:rbootd Daemon:/var/empty:/sbin/nologin
|
||||
_afs:*:81:81:afs Daemon:/var/empty:/sbin/nologin
|
||||
_ppp:*:82:82:PPP utilities:/var/empty:/sbin/nologin
|
||||
_ntp:*:83:83:NTP Daemon:/var/empty:/sbin/nologin
|
||||
_ftp:*:84:84:FTP Daemon:/var/empty:/sbin/nologin
|
||||
_ospfd:*:85:85:OSPF Daemon:/var/empty:/sbin/nologin
|
||||
_hostapd:*:86:86:HostAP Daemon:/var/empty:/sbin/nologin
|
||||
_dvmrpd:*:87:87:DVMRP Daemon:/var/empty:/sbin/nologin
|
||||
_ripd:*:88:88:RIP Daemon:/var/empty:/sbin/nologin
|
||||
_relayd:*:89:89:Relay Daemon:/var/empty:/sbin/nologin
|
||||
_ospf6d:*:90:90:OSPF6 Daemon:/var/empty:/sbin/nologin
|
||||
_snmpd:*:91:91:SNMP Daemon:/var/empty:/sbin/nologin
|
||||
_rtadvd:*:92:92:IPv6 Router Advertisement Daemon:/var/empty:/sbin/nologin
|
||||
_ypldap:*:93:93:YP to LDAP Daemon:/var/empty:/sbin/nologin
|
||||
_btd:*:94:94:Bluetooth Daemon:/var/empty:/sbin/nologin
|
||||
_smtpd:*:95:95:SMTP Daemon:/var/empty:/sbin/nologin
|
||||
_rwalld:*:96:96:rpc.rwalld:/var/empty:/sbin/nologin
|
||||
_nsd:*:97:97:NSD Daemon:/var/empty:/sbin/nologin
|
||||
_ldpd:*:98:98:LDP Daemon:/var/empty:/sbin/nologin
|
||||
_sndio:*:99:99:sndio privsep:/var/empty:/sbin/nologin
|
||||
_ldapd:*:100:100:LDAP Daemon:/var/empty:/sbin/nologin
|
||||
_iked:*:101:101:IKEv2 Daemon:/var/empty:/sbin/nologin
|
||||
nobody:*:32767:32767:Unprivileged user:/nonexistent:/sbin/nologin
|
||||
dhc:*:1000:1000:dhc:/usr/local:/bin/ksh
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
|
||||
daemon="/usr/local/sbin/bird"
|
||||
|
||||
. /etc/rc.d/rc.subr
|
||||
|
||||
rc_reload=NO
|
||||
|
||||
rc_cmd $1
|
||||
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
|
||||
daemon="/usr/local/sbin/dnsmasq"
|
||||
|
||||
. /etc/rc.d/rc.subr
|
||||
|
||||
rc_reload=NO
|
||||
|
||||
rc_cmd $1
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
|
||||
daemon="/usr/local/bin/akanda-metadata-proxy"
|
||||
daemon_user=nobody
|
||||
daemon_flags="/etc/metadata.conf"
|
||||
|
||||
. /etc/rc.d/rc.subr
|
||||
|
||||
rc_reload=NO
|
||||
pexp="/usr/local/bin/python ${daemon} ${daemon_flags}"
|
||||
|
||||
rc_cmd $1
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# $OpenBSD: sshd,v 1.1 2011/07/06 18:55:26 robert Exp $
|
||||
# Akanda Custom config
|
||||
|
||||
|
||||
daemon="/usr/sbin/sshd"
|
||||
|
||||
. /etc/rc.d/rc.subr
|
||||
|
||||
rc_pre() {
|
||||
/usr/local/bin/akanda-configure-ssh
|
||||
}
|
||||
|
||||
rc_cmd $1
|
||||
|
|
@ -1,29 +1,7 @@
|
|||
# $OpenBSD: rc.local,v 1.44 2011/04/22 06:08:14 ajacoutot Exp $
|
||||
|
||||
# Site-specific startup actions, daemons, and other things which
|
||||
# can be done AFTER your system goes into securemode. For actions
|
||||
# which should be done BEFORE your system has gone into securemode
|
||||
# please see /etc/rc.securelevel.
|
||||
#
|
||||
|
||||
# set keyboard to US
|
||||
echo "Setting keyboard language to us:"
|
||||
/sbin/kbd us
|
||||
|
||||
# set TZ
|
||||
rm /etc/localtime
|
||||
ln -sf /usr/share/zoneinfo/UTC /etc/localtime
|
||||
|
||||
echo "Enabling forwarding..."
|
||||
sysctl -w net.inet.ip.forwarding=1
|
||||
sysctl -w net.inet6.ip6.forwarding=1
|
||||
#!/bin/sh
|
||||
|
||||
echo "Configuring http for management interface..."
|
||||
/usr/local/bin/akanda-configure-gunicorn
|
||||
|
||||
echo "Configuring pf rules for start up..."
|
||||
/usr/local/bin/akanda-configure-default-pf
|
||||
/sbin/pfctl -vf /etc/pf.conf
|
||||
|
||||
/etc/rc.d/sshd restart
|
||||
echo "Starting akanda.router.api.server"
|
||||
/usr/local/bin/gunicorn -c /etc/akanda_gunicorn_config akanda.router.api.server:app
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue