+++ /dev/null
-# servers to check. (Separate multiple servers with spaces.)
-NTPSERVERS="pool.ntp.org"
-#
-# additional options for ntpdate
-#NTPOPTIONS="-v"
-NTPOPTIONS="-u"
+++ /dev/null
-# options to use when starting oidentd as daemon:
-# -m lookup masquaraded connections in /etc/oidentd_masq.users
-# -f forward requests for masquaraded connections to real host
-# -q don't log connections to oidentd
-# see oidentd(8) for detailed list
-OIDENT_OPTIONS="-mf"
-
-# user / group
-OIDENT_USER=nobody
-OIDENT_GROUP=nogroup
-
-# Allow the default router to act as an oidentd proxy? (yes/no)
-# this is needed behind a masquarading router that runs oidentd -f
-# if your identd proxy is not the default router, you have to
-# manually specify it via -P
-OIDENT_BEHIND_PROXY=yes
-
+++ /dev/null
-# postgrey startup options, created for Debian
-# (c)2004 Adrian von Bidder <avbidder@fortytwo.ch>
-# Distribute and/or modify at will.
-
-# you may want to set
-# --delay=N how long to greylist, seconds (default: 300)
-# --max-age=N delete old entries after N days (default: 30)
-# see also the postgrey(8) manpage
-
-POSTGREY_OPTS="--inet=127.0.0.1:60000"
+++ /dev/null
-# Default location of the slapd.conf file
-SLAPD_CONF=
-
-# System account to run the slapd server under. If empty the server
-# will run as root.
-SLAPD_USER=
-
-# System group to run the slapd server under. If empty the server will
-# run in the primary group of its user.
-SLAPD_GROUP=
-
-# Path to the pid file of the slapd server. If not set the init.d script
-# will try to figure it out from $SLAPD_CONF (/etc/ldap/slapd.conf)
-SLAPD_PIDFILE=
-
-# Configure if db_recover should be called before starting slapd
-TRY_BDB_RECOVERY=yes
-
-# Configure if the slurpd daemon should be started. Possible values:
-# - yes: Always start slurpd
-# - no: Never start slurpd
-# - auto: Start slurpd if a replica option is found in slapd.conf (default)
-SLURPD_START=auto
-
-# slapd normally serves ldap only on all TCP-ports 389. slapd can also
-# service requests on TCP-port 636 (ldaps) and requests via unix
-# sockets.
-# Example usage:
-# SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"
-
-# Additional options to pass to slapd and slurpd
-SLAPD_OPTIONS=""
-SLURPD_OPTIONS=""
+++ /dev/null
-## Dovecot 1.0 configuration file
-
-# Default values are shown after each value, it's not required to uncomment
-# any of the lines. Exception to this are paths, they're just examples
-# with real defaults being based on configure options. The paths listed here
-# are for configure --prefix=/usr --sysconfdir=/etc/dovecot
-# --localstatedir=/var --with-ssldir=/etc/ssl
-
-# Base directory where to store runtime data.
-#base_dir = /var/run/dovecot/
-
-# Protocols we want to be serving:
-# imap imaps pop3 pop3s
-protocols =
-
-# IP or host address where to listen in for connections. It's not currently
-# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
-# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
-# interfaces depending on the operating system. You can specify ports with
-# "host:port".
-#imap_listen = *
-#pop3_listen = *
-
-# IP or host address where to listen in for SSL connections. Defaults
-# to above non-SSL equilevants if not specified.
-#imaps_listen =
-#pop3s_listen =
-
-# Disable SSL/TLS support.
-#ssl_disable = no
-
-# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
-# dropping root privileges, so keep the key file unreadable by anyone but
-# root.
-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
-#ssl_key_file = /etc/ssl/private/dovecot.pem
-
-# SSL parameter file. Master process generates this file for login processes.
-# It contains Diffie Hellman and RSA parameters.
-#ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
-
-# How often to regenerate the SSL parameters file. Generation is quite CPU
-# intensive operation. The value is in hours, 0 disables regeneration
-# entirely.
-#ssl_parameters_regenerate = 24
-
-# Disable LOGIN command and all other plaintext authentications unless
-# SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
-# IPv6 ::1 addresses are considered secure, this setting has no effect if
-# you connect from those addresses.
-#disable_plaintext_auth = yes
-
-# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
-# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
-#log_path =
-
-# For informational messages, use this logfile instead of the default
-#info_log_path =
-
-# Prefix for each line written to log file. % codes are in strftime(3)
-# format.
-#log_timestamp = "%b %d %H:%M:%S "
-
-##
-## Login processes
-##
-
-# Directory where authentication process places authentication UNIX sockets
-# which login needs to be able to connect to. The sockets are created when
-# running as root, so you don't have to worry about permissions. Note that
-# everything in this directory is deleted when Dovecot is started.
-#login_dir = /var/run/dovecot/login
-
-# chroot login process to the login_dir. Only reason not to do this is if you
-# wish to run the whole Dovecot without roots.
-# http://wiki.dovecot.org/Rootless
-#login_chroot = yes
-
-
-##
-## IMAP login process
-##
-
-login = imap
-
-# Executable location.
-#login_executable = /usr/lib/dovecot/imap-login
-
-# User to use for the login process. Create a completely new user for this,
-# and don't use it anywhere else. The user must also belong to a group where
-# only it has access, it's used to control access for authentication process.
-# Note that this user is NOT used to access mails.
-# http://wiki.dovecot.org/UserIds
-#login_user = dovecot
-
-# Set max. process size in megabytes. If you don't use
-# login_process_per_connection you might need to grow this.
-#login_process_size = 32
-
-# Should each login be processed in it's own process (yes), or should one
-# login process be allowed to process multiple connections (no)? Yes is more
-# secure, espcially with SSL/TLS enabled. No is faster since there's no need
-# to create processes all the time.
-#login_process_per_connection = yes
-
-# Number of login processes to create. If login_process_per_user is
-# yes, this is the number of extra processes waiting for users to log in.
-#login_processes_count = 3
-
-# Maximum number of extra login processes to create. The extra process count
-# usually stays at login_processes_count, but when multiple users start logging
-# in at the same time more extra processes are created. To prevent fork-bombing
-# we check only once in a second if new processes should be created - if all
-# of them are used at the time, we double their amount until limit set by this
-# setting is reached. This setting is used only if login_process_per_use is yes.
-#login_max_processes_count = 128
-
-# Maximum number of connections allowed in login state. When this limit is
-# reached, the oldest connections are dropped. If login_process_per_user
-# is no, this is a per-process value, so the absolute maximum number of users
-# logging in actually login_processes_count * max_logging_users.
-#login_max_logging_users = 256
-
-##
-## POP3 login process
-##
-
-# Settings default to same as above, so you don't have to set anything
-# unless you want to override them.
-
-login = pop3
-
-# Exception to above rule being the executable location.
-#login_executable = /usr/lib/dovecot/pop3-login
-
-##
-## Mail processes
-##
-
-# Maximum number of running mail processes. When this limit is reached,
-# new users aren't allowed to log in.
-#max_mail_processes = 1024
-
-# Show more verbose process titles (in ps). Currently shows user name and
-# IP address. Useful for seeing who are actually using the IMAP processes
-# (eg. shared mailboxes or if same uid is used for multiple accounts).
-#verbose_proctitle = no
-
-# Show protocol level SSL errors.
-#verbose_ssl = no
-
-# Valid UID range for users, defaults to 500 and above. This is mostly
-# to make sure that users can't log in as daemons or other system users.
-# Note that denying root logins is hardcoded to dovecot binary and can't
-# be done even if first_valid_uid is set to 0.
-#first_valid_uid = 500
-#last_valid_uid = 0
-
-# Valid GID range for users, defaults to non-root/wheel. Users having
-# non-valid GID as primary group ID aren't allowed to log in. If user
-# belongs to supplementary groups with non-valid GIDs, those groups are
-# not set.
-#first_valid_gid = 1
-#last_valid_gid = 0
-
-# Grant access to these extra groups for mail processes. Typical use would be
-# to give "mail" group write access to /var/mail to be able to create dotlocks.
-mail_extra_groups = mail
-
-# ':' separated list of directories under which chrooting is allowed for mail
-# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
-# This setting doesn't affect login_chroot or auth_chroot variables.
-# WARNING: Never add directories here which local users can modify, that
-# may lead to root exploit. Usually this should be done only if you don't
-# allow shell access for users. See
-# /usr/share/doc/dovecot-common/configuration.txt for more information.
-#valid_chroot_dirs =
-
-# Default chroot directory for mail processes. This can be overridden by
-# giving /./ in user's home directory (eg. /home/./user chroots into /home).
-#mail_chroot =
-
-# Default MAIL environment to use when it's not set. By leaving this empty
-# dovecot tries to do some automatic detection as described in
-# /usr/share/doc/dovecot-common/mail-storages.txt. There's a few special
-# variables you can use:
-#
-# %u - username
-# %n - user part in user@domain, same as %u if there's no domain
-# %d - domain part in user@domain, empty if user there's no domain
-# %h - home directory
-#
-# You can also limit a width of string by giving the number of max. characters
-# after the '%' character. For example %1u gives the first character of
-# username. Some examples:
-#
-# default_mail_env = maildir:/var/mail/%1u/%u/Maildir
-# default_mail_env = mbox:~/mail/:INBOX=/var/mail/%u
-# default_mail_env = mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n
-#
-#default_mail_env =
-
-# Space-separated list of fields to cache for all mails. Currently these
-# fields are allowed followed by a list of commands they speed up:
-#
-# Envelope - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT,
-# SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID,
-# HEADER IN-REPLY-TO
-# Body - FETCH BODY
-# Bodystructure - FETCH BODY, BODYSTRUCTURE
-# MessagePart - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE,
-# SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE
-# generation. This is always set with mbox mailboxes, and
-# also default with Maildir.
-#
-# Different IMAP clients work in different ways, that's why Dovecot by default
-# only caches MessagePart which speeds up most operations. Whenever client
-# does something where caching could be used, the field is automatically marked
-# to be cached later. For example after FETCH BODY the BODY will be cached
-# for all new messages. Normally you should leave this alone, unless you know
-# what most of your IMAP clients are. Caching more fields than needed makes
-# the index files larger and generate useless I/O.
-#
-# With maildir there's one extra optimization - if nothing is cached, indexing
-# the maildir becomes much faster since it's not opening any of the mail files.
-# This could be useful if your IMAP clients access only new mails.
-
-#mail_cache_fields = MessagePart
-
-# Space-separated list of fields that Dovecot should never set to be cached.
-# Useful if you want to save disk space at the cost of more I/O when the fields
-# needed.
-#mail_never_cache_fields =
-
-# Workarounds for various client bugs:
-# oe6-fetch-no-newmail:
-# Never send EXISTS/RECENT when replying to FETCH command. Outlook Express
-# seems to think they are FETCH replies and gives user "Message no longer
-# in server" error. Note that OE6 still breaks even with this workaround
-# if synchronization is set to "Headers Only".
-# outlook-idle:
-# Outlook and Outlook Express never abort IDLE command, so if no mail
-# arrives in half a hour, Dovecot closes the connection. This is still
-# fine, except Outlook doesn't connect back so you don't see if new mail
-# arrives.
-# outlook-pop3-no-nuls:
-# Outlook and Outlook Express hang if mails contain NUL characters.
-# This setting replaces them with 0x80 character.
-#client_workarounds =
-
-# Dovecot can notify client of new mail in selected mailbox soon after it's
-# received. This setting specifies the minimum interval in seconds between
-# new mail notifications to client - internally they may be checked more or
-# less often. Setting this to 0 disables the checking.
-# NOTE: Evolution client breaks with this option when it's trying to APPEND.
-#mailbox_check_interval = 0
-
-# Like mailbox_check_interval, but used for IDLE command.
-#mailbox_idle_check_interval = 30
-
-# Allow full filesystem access to clients. There's no access checks other than
-# what the operating system does for the active UID/GID. It works with both
-# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
-# or ~user/.
-#mail_full_filesystem_access = no
-
-# Maximum allowed length for custom flag name. It's only forced when trying
-# to create new flags.
-#mail_max_flag_length = 50
-
-# Save mails with CR+LF instead of plain LF. This makes sending those mails
-# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
-# But it also creates a bit more disk I/O which may just make it slower.
-#mail_save_crlf = no
-
-# Use mmap() instead of read() to read mail files. read() seems to be a bit
-# faster with my Linux/x86 and it's better with NFS, so that's the default.
-#mail_read_mmaped = no
-
-# By default LIST command returns all entries in maildir beginning with dot.
-# Enabling this option makes Dovecot return only entries which are directories.
-# This is done by stat()ing each entry, so it causes more disk I/O.
-# (For systems setting struct dirent->d_type, this check is free and it's
-# done always regardless of this setting)
-#maildir_stat_dirs = no
-
-# Copy mail to another folders using hard links. This is much faster than
-# actually copying the file. This is problematic only if something modifies
-# the mail in one folder but doesn't want it modified in the others. I don't
-# know any MUA which would modify mail files directly. IMAP protocol also
-# requires that the mails don't change, so it would be problematic in any case.
-# If you care about performance, enable it.
-#maildir_copy_with_hardlinks = no
-
-# Check if mails' content has been changed by external programs. This slows
-# down things as extra stat() needs to be called for each file. If changes are
-# noticed, the message is treated as a new message, since IMAP protocol
-# specifies that existing messages are immutable.
-#maildir_check_content_changes = no
-
-# Which locking methods to use for locking mbox. There's three available:
-# dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
-# solution. If you want to use /var/mail/ like directory, the users
-# will need write access to that directory.
-# fcntl : Use this if possible. Works with NFS too if lockd is used.
-# flock : May not exist in all systems. Doesn't work with NFS.
-#
-# You can use both fcntl and flock too; if you do the order they're declared
-# with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl
-# and flock. Some operating systems don't allow using both of them
-# simultaneously, eg. BSDs. If dotlock is used, it's always created first.
-#mbox_locks = dotlock fcntl
-
-# Should we create dotlock file even when we want only a read-lock? Setting
-# this to yes hurts the performance when the mailbox is accessed simultaneously
-# by multiple processes, but it's needed for reliable reading if no other
-# locking methods are available.
-#mbox_read_dotlock = no
-
-# Maximum time in seconds to wait for lock (all of them) before aborting.
-#mbox_lock_timeout = 300
-
-# If dotlock exists but the mailbox isn't modified in any way, override the
-# lock file after this many seconds.
-#mbox_dotlock_change_timeout = 30
-
-# umask to use for mail files and directories
-#umask = 0077
-
-# Drop all privileges before exec()ing the mail process. This is mostly
-# meant for debugging, otherwise you don't get core dumps. Note that setting
-# this to yes means that log file is opened as the logged in user, which
-# might not work. It could also be a small security risk if you use single UID
-# for multiple users, as the users could ptrace() each others processes then.
-#mail_drop_priv_before_exec = no
-
-##
-## IMAP process
-##
-
-# Executable location
-#imap_executable = /usr/lib/dovecot/imap
-
-# Set max. process size in megabytes. Most of the memory goes to mmap()ing
-# files, so it shouldn't harm much even if this limit is set pretty high.
-#imap_process_size = 256
-
-# Support for dynamically loadable modules.
-#imap_use_modules = no
-#imap_modules = /usr/lib/dovecot/imap
-
-##
-## POP3 process
-##
-
-# Executable location
-#pop3_executable = /usr/lib/dovecot/pop3
-
-# Set max. process size in megabytes. Most of the memory goes to mmap()ing
-# files, so it shouldn't harm much even if this limit is set pretty high.
-#pop3_process_size = 256
-
-# Support for dynamically loadable modules.
-#pop3_use_modules = no
-#pop3_modules = /usr/lib/dovecot/pop3
-
-##
-## Authentication processes
-##
-
-# An Authentication process is a child process used by Dovecot that
-# handles the authentication steps. The steps cover an authentication
-# mechanism (auth_mechanisms, how the client authenticates in the IMAP or
-# POP3 protocol), which password database should be queried (auth_passdb),
-# and which user database should be queried (auth_userdb, to obtain
-# UID, GID, and location of the user's mailbox/home directory).
-#
-# You can have multiple processes, though a typical configuration will
-# have only one. Each time "auth = xx" is seen, a new process
-# definition is started. The point of multiple processes is to be able
-# to set stricter permissions. (See auth_user below.)
-#
-# Just remember that only one Authentication process is asked for the
-# password, so you can't have different passwords accessible through
-# different process definitions (unless they have different
-# auth_mechanisms, and you're ok with having different password for
-# each mechanisms).
-
-# Authentication process name.
-auth = default
-
-# Specifies how the client authenticates in the IMAP protocol.
-# Space separated list of permitted authentication mechanisms:
-# anonymous plain digest-md5 cram-md5
-#
-# anonymous - No authentication required.
-# plain - The password is sent as plain text. All IMAP/POP3 clients
-# support this, and the password can be encrypted by Dovecot to match
-# any of the encryption schemes used in password databases.
-# digest-md5 and cram-md5 - both encrypt the password so it is more
-# secure in transit, but are not well supported by clients, and
-# require that the password database use a matching encryption
-# scheme (or be in plaintext).
-#
-# See auth.txt for more details.
-#
-# If you are using SSL there is less benefit to digest-md5 and
-# cram-md5 as the communication is already encrypted.
-auth_mechanisms = plain
-
-# Space separated list of realms for SASL authentication mechanisms that need
-# them. You can leave it empty if you don't want to support multiple realms.
-# Many clients simply use the first one listed here, so keep the default realm
-# first.
-#auth_realms =
-
-# Default realm/domain to use if none was specified. This is used for both
-# SASL realms and appending @domain to username in plaintext logins.
-#auth_default_realm =
-
-# User database specifies where mails are located and what user/group IDs
-# own them. For single-UID configuration use "static".
-# http://wiki.dovecot.org/Authentication
-# http://wiki.dovecot.org/VirtualUsers
-# passwd: /etc/passwd or similiar, using getpwnam()
-# passwd-file <path>: passwd-like file with specified location
-# static uid=<uid> gid=<gid> home=<dir template>: static settings
-# vpopmail: vpopmail library
-# ldap <config path>: LDAP, see /etc/dovecot/dovecot-ldap.conf
-# mysql <config path>: a MySQL database, see /etc/dovecot/dovecot-mysql.conf
-# pgsql <config path>: a PostgreSQL database, see
-# /etc/dovecot/dovecot-pgsql.conf
-auth_userdb = passwd
-
-# Password database specifies only the passwords for users.
-# http://wiki.dovecot.org/Authentication
-# passwd: /etc/passwd or similiar, using getpwnam()
-# shadow: /etc/shadow or similiar, using getspnam()
-# pam [<service> | *]: PAM authentication
-# passwd-file <path>: passwd-like file with specified location
-# vpopmail: vpopmail authentication
-# ldap <config path>: LDAP, see /etc/dovecot/dovecot-ldap.conf
-# mysql <config path>: a MySQL database, see /etc/dovecot/dovecot-mysql.conf
-# pgsql <config path>: a PostgreSQL database, see
-# /etc/dovecot/dovecot-pgsql.conf
-auth_passdb = pam
-
-#auth_executable = /usr/lib/dovecot/dovecot-auth
-
-# Set max. process size in megabytes.
-#auth_process_size = 256
-
-# User to use for the process. This user needs access to only user and
-# password databases, nothing else. Only shadow and pam authentication
-# requires roots, so use something else if possible. Note that passwd
-# authentication with BSDs internally accesses shadow files, which also
-# requires roots. Note that this user is NOT used to access mails.
-# That user is specified by auth_userdb above.
-auth_user = root
-
-# Directory where to chroot the process. Most authentication backends don't
-# work if this is set, and there's no point chrooting if auth_user is root.
-#auth_chroot =
-
-# Number of authentication processes to create
-#auth_count = 1
-
-# List of allowed characters in username. If the user-given username contains
-# a character not listed in here, the login automatically fails. This is just
-# an extra check to make sure user can't exploit any potential quote escaping
-# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
-# set this value to empty.
-#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
-
-# Username to use for users logging in with ANONYMOUS SASL mechanism
-#auth_anonymous_username = anonymous
-
-# More verbose logging. Useful for figuring out why authentication isn't
-# working.
-#auth_verbose = no
-
-# Even more verbose logging for debugging purposes. Shows for example SQL
-# queries.
-#auth_debug = no
-
-# digest-md5 authentication process. It requires special MD5 passwords which
-# /etc/shadow and PAM doesn't support, so we never need roots to handle it.
-# Note that the passwd-file is opened before chrooting and dropping root
-# privileges, so it may be 0600-root owned file.
-
-#auth = digest_md5
-#auth_mechanisms = digest-md5
-#auth_realms =
-#auth_userdb = passwd-file /etc/passwd.imap
-#auth_passdb = passwd-file /etc/passwd.imap
-#auth_user = imapauth
-#auth_chroot =
-
-# if you plan to use only passwd-file, you don't need the two auth processes,
-# simply set "auth_methods = plain digest-md5"
+++ /dev/null
-#!/bin/bash
-#
-# MySQL daemon start/stop script.
-#
-# Debian version. Based on the original by TcX.
-#
-set -e
-set -u
-${DEBIAN_SCRIPT_DEBUG:+ set -v -x}
-
-test -x /usr/sbin/mysqld || exit 0
-
-SELF=$(cd $(dirname $0); pwd -P)/$(basename $0)
-CONF=/etc/mysql/my.cnf
-MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf"
-RUNDIR=/var/run/mysqld/
-
-# priority can be overriden and "-s" adds output to stderr
-ERR_LOGGER="logger -p daemon.err -t /etc/init.d/mysql -i"
-
-# Safeguard (relative paths, core dumps..)
-cd /
-umask 077
-export PATH=/bin:/usr/bin
-
-# mysqladmin likes to read /root/.my.cnf. This is usually not what I want
-# as many admins e.g. only store a password without a username there and
-# so break my scripts.
-export HOME=/etc/mysql/
-
-## fetch a particular option from mysql's invocation
-#
-# usage: void mysqld_get_param option
-mysqld_get_param() {
- /usr/sbin/mysqld --print-defaults \
- | tr " " "\n" \
- | grep -- "--$1" \
- | tail -n 1 \
- | cut -d= -f2
-}
-
-## Checks if there is a server running and if so if it is accessible.
-#
-# check_alive insists on a pingable server
-# check_dead also fails if there is a lost mysqld in the process list
-#
-# Usage: boolean mysqld_status [check_alive|check_dead] [warn|nowarn]
-mysqld_status () {
- ping_output=`$MYADMIN ping 2>&1`; ping_alive=$(( ! $? ))
-
- ps_alive=0
- pidfile=`mysqld_get_param pid-file`
- if [ -f "$pidfile" ]; then
- if ps `cat $pidfile` >/dev/null 2>&1; then ps_alive=1; fi
- fi
-
- if [ "$1" = "check_alive" -a $ping_alive = 1 ] ||
- [ "$1" = "check_dead" -a $ping_alive = 0 -a $ps_alive = 0 ]; then
- return 0 # EXIT_SUCCESS
- else
- if [ "$2" = "warn" ]; then
- /bin/echo -e "$ps_alive processes alive and '$MYADMIN ping' resulted in\n$ping_output\n" | $ERR_LOGGER -p daemon.debug
- fi
- return 1 # EXIT_FAILURE
- fi
-}
-
-#
-# main()
-#
-
-case "${1:-''}" in
- 'start')
- # check for config file
- if [ ! -r $CONF ]; then
- /bin/echo -e "\nWARNING: $CONF cannot be read. See README.Debian."
- fi
- # check for /var/run/mysqld/ which maybe have only been on a tempfs
- if [ ! -d $RUNDIR ]; then
- install --directory --owner=mysql --mode=755 $RUNDIR
- fi
- # Start daemon
- echo -n "Starting MySQL database server: mysqld"
- if mysqld_status check_alive nowarn; then
- echo "...already running."
- else
- /usr/bin/mysqld_safe > /dev/null 2>&1 &
- for i in 1 2 3 4 5 6; do
- sleep 1
- if mysqld_status check_alive nowarn ; then break; fi
- done
- if mysqld_status check_alive warn; then
- echo "."
- # Now start mysqlcheck or whatever the admin wants.
- /etc/mysql/debian-start
- else
- echo "...failed."
- /bin/echo -e "\tPlease take a look at the syslog."
- fi
- fi
-
- if $MYADMIN variables | egrep -q have_bdb.*YES; then
- /bin/echo "BerkeleyDB is obsolete, see /usr/share/doc/mysql-server/README.Debian.gz" | $ERR_LOGGER -p daemon.info
- fi
-
- ;;
-
- 'stop')
- # * As a passwordless mysqladmin (e.g. via ~/.my.cnf) must be possible
- # at least for cron, we can rely on it here, too. (although we have
- # to specify it explicit as e.g. sudo environments points to the normal
- # users home and not /root)
- echo -n "Stopping MySQL database server: mysqld"
- if ! mysqld_status check_dead nowarn; then
- set +e
- shutdown_out=`$MYADMIN shutdown 2>&1`; r=$?
- set -e
- if [ "$r" -ne 0 ]; then
- /bin/echo -e -n "...failed.\n$shutdown_out\nKilling MySQL database server by signal: mysqld"
- killall -15 mysqld
- server_down=
- for i in 1 2 3 4 5 6 7 8 9 10; do
- sleep 1
- if mysqld_status check_dead nowarn; then server_down=1; break; fi
- done
- if test -z "$server_down"; then killall -9 mysqld; fi
- fi
- fi
-
- if ! mysqld_status check_dead warn; then
- echo "...failed."
- echo "Please stop MySQL manually and read /usr/share/doc/mysql-server/README.Debian!"
- exit -1
- else
- echo "."
- fi
- ;;
-
- 'restart')
- set +e; $SELF stop; set -e
- $SELF start
- ;;
-
- 'reload'|'force-reload')
- echo -n "Reloading MySQL database server: mysqld"
- $MYADMIN reload
- echo "."
- ;;
-
- 'status')
- if mysqld_status check_alive nowarn; then
- $MYADMIN version
- else
- echo "MySQL is stopped."
- fi
- ;;
-
- *)
- echo "Usage: $SELF start|stop|restart|reload|force-reload"
- exit 1
- ;;
-esac
-
+++ /dev/null
-#! /bin/sh
-
-# Kill me on all errors
-set -e
-
-# Stop processing if slapd is not there
-[ -x /usr/sbin/slapd ] || exit 0
-
-# Set default values
-DB_RECOVER_CMD=db4.2_recover
-
-# Source the init script configuration
-if [ -f "/etc/default/slapd" ]; then
- . /etc/default/slapd
-fi
-
-# Load the default location of the slapd config file
-if [ -z "$SLAPD_CONF" ]; then
- SLAPD_CONF="/etc/ldap/slapd.conf"
-else
- SLAPD_OPTIONS="-f $SLAPD_CONF $SLAPD_OPTIONS"
- SLURPD_OPTIONS="-f $SLAPD_CONF $SLURPD_OPTIONS"
-fi
-
-# Stop processing if the config file is not there
-if [ ! -r "$SLAPD_CONF" ]; then
- cat <<EOF >&2
-No configuration file was found for slapd at $SLAPD_CONF.
-If you have moved the slapd configuration file please modify
-/etc/default/slapd to reflect this. If you chose to not
-configure slapd during installation then you need to do so
-prior to attempting to start slapd.
-An example slapd.conf is in /usr/share/slapd
-EOF
- exit 0 # Should this be 1?
-fi
-
-# Figure out some default settings
-# Check wether slurpd should get started
-if [ "$SLURPD_START" != "yes" ] && [ "$SLURPD_START" != "no" ]; then
- if grep -q '^replica' "$SLAPD_CONF" > /dev/null 2>&1 ; then
- SLURPD_START=yes
- else
- SLURPD_START=no
- fi
-fi
-
-# Find out the name of slapd's pid file
-if [ -z "$SLAPD_PIDFILE" ]; then
- SLAPD_PIDFILE=`sed -ne 's/^pidfile[[:space:]]\+\(.\+\)/\1/p' \
- "$SLAPD_CONF"`
-fi
-
-# XXX: Breaks upgrading if there is no pidfile (invoke-rc.d stop will fail)
-# -- Torsten
-if [ -z "$SLAPD_PIDFILE" ]; then
- cat <<EOF >&2
-The pidfile for slapd is neither specified in "$SLAPD_CONF" nor
-in /etc/default/slapd. Consequently, slapd will not be started.
-EOF
- exit 1
-fi
-
-# Pass the user and group to run under to slapd
-if [ "$SLAPD_USER" ]; then
- SLAPD_OPTIONS="-u $SLAPD_USER $SLAPD_OPTIONS"
-fi
-
-if [ "$SLAPD_GROUP" ]; then
- SLAPD_OPTIONS="-g $SLAPD_GROUP $SLAPD_OPTIONS"
-fi
-
-# Tell the user that something went wrong and give some hints for
-# resolving the problem.
-report_failure() {
- if [ -n "$reason" ]; then
- echo " - failed: "
- echo "$reason"
- else
- echo " - failed."
- cat <<EOF
-The operation failed but no output was produced. For hints on what went
-wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
-try running the daemon in Debug mode like via "slapd -d 16383" (warning:
-this will create copious output).
-EOF
-
- if [ -n "$SLURPD_OPTIONS" -o \
- -n "$SLAPD_OPTIONS" -o \
- -n "$SLAPD_SERVICES" ]; then
- cat << EOF
-
-Below, you can find the command line options used by this script to
-run slapd and slurpd. Do not forget to specify those options if you
-want to look to debugging output:
-EOF
- if [ -z "$SLAPD_SERVICES" ]; then
- if [ -n "$SLAPD_OPTIONS" ]; then
- echo " slapd $SLAPD_OPTIONS"
- fi
- else
- echo " slapd -h '$SLAPD_SERVICES' $SLAPD_OPTIONS"
- fi
-
- if [ "$SLURPD" = "yes" -a -n "$SLURPD_OPTIONS" ]; then
- echo " slurpd $SLURPD_OPTIONS"
- fi
- fi
- fi
-}
-
-# Try to recover slapd database
-try_fix_db() {
- local dbdir failed bdb_envs
-
- # db4.2-util is just recommended by slapd, so make sure it is
- # available before trying to use it
- if ! command -v $DB_RECOVER_CMD >/dev/null 2>&1; then
- echo -n " ($DB_RECOVER_CMD not found), "
- return 0
- fi
-
- bdb_envs=`find_bdb_envs`
-
- # We care only about BDB environments
- if [ -z "$bdb_envs" ]; then
- return 0
- fi
-
- # Make sure there is no slapcat and no slapd running as we might
- # break the DB in that case
- if pidof /usr/lib/slapd >/dev/null; then
- echo -n " (slapd running, no recovery), "
- return 0
- fi
-
- echo -n " running BDB recovery"
- for dbdir in $bdb_envs; do
- reason="`$DB_RECOVER_CMD -eh $dbdir 2>&1`" || \
- db_recover_failed $dbdir
- done
- echo -n ","
-}
-
-# Find bdb environment dirs
-find_bdb_envs() {
- local d
- for d in `sed -ne 's/^directory[[:space:]]\+"*\([^"]\+\).*/\1/p' \
- < "$SLAPD_CONF"`; do
- if [ -d "$d" -a -f "$d/objectClass.bdb" ]; then
- echo $d
- fi
- done
-}
-
-# Inform the user that BDB recovery failed
-db_recover_failed() {
- local dbdir
- dbdir="$1"
-
- reason="`cat <<EOF
-Automatic recovery of the OpenLDAP directory database in
-
- $dbdir
-
-failed. You will need to perform a manual recovery, possibly from backup.
-The failed command was $DB_RECOVER_CMD -eh $dbdir. Output:
-
-$reason
-EOF`"
- exit 1
-}
-
-# Start the slapd daemon and capture the error message if any to
-# $reason.
-start_slapd() {
- echo -n " slapd"
- if [ -z "$SLAPD_SERVICES" ]; then
- reason="`start-stop-daemon --start --quiet --oknodo \
- --pidfile "$SLAPD_PIDFILE" \
- --exec /usr/sbin/slapd -- $SLAPD_OPTIONS 2>&1`"
- else
- reason="`start-stop-daemon --start --quiet --oknodo \
- --pidfile "$SLAPD_PIDFILE" \
- --exec /usr/sbin/slapd -- -h "$SLAPD_SERVICES" $SLAPD_OPTIONS 2>&1`"
- fi
-}
-
-# Start the slurpd daemon and capture the error message if any to
-# $reason.
-start_slurpd() {
- if [ "$SLURPD_START" != yes ]; then
- return 0
- fi
- echo -n " slurpd"
- reason="`start-stop-daemon --start --quiet --oknodo \
- --exec /usr/sbin/slurpd -- $SLURPD_OPTIONS 2>&1`"
-}
-
-# Stop the slapd daemon and capture the error message (if any) to
-# $reason.
-stop_slapd() {
- echo -n " slapd"
- reason="`start-stop-daemon --stop --quiet --oknodo --retry 10 \
- --pidfile "$SLAPD_PIDFILE" \
- --exec /usr/sbin/slapd 2>&1`"
-}
-
-# Stop the slurpd daemon and capture the error message (if any) to
-# $reason.
-stop_slurpd() {
- if [ "$SLURPD_START" != yes ]; then
- return 0
- fi
- echo -n " slurpd"
- reason="`start-stop-daemon --stop --quiet --oknodo --retry 10 \
- --exec /usr/sbin/slurpd 2>&1`"
-}
-
-# Start the OpenLDAP daemons
-start() {
- echo -n "Starting OpenLDAP:"
- trap 'report_failure' 0
- if [ "$TRY_BDB_RECOVERY" = "yes" ]; then
- try_fix_db
- fi
- start_slapd
- start_slurpd
- trap "-" 0
- echo .
-}
-
-# Stop the OpenLDAP daemons
-stop() {
- echo -n "Stopping OpenLDAP:"
- trap 'report_failure' 0
- stop_slurpd
- stop_slapd
- trap "-" 0
- echo .
-}
-
-case "$1" in
- start)
- start ;;
- stop)
- stop ;;
- restart|force-reload)
- stop
- start
- ;;
- *)
- echo "Usage: $0 {start|stop|restart|force-reload}"
- exit 1
- ;;
-esac
+++ /dev/null
-#
-# - This script rotates the normal query-log and the slow-log files.
-# Binary-log rotation is configured in /etc/mysql/debian-log-rotate.conf
-# - All files should be in one block so that only one flush-logs is neccessary.
-# - The error log is obsolete, messages go to syslog now.
-/var/log/mysql.log /var/log/mysql/mysql.log /var/log/mysql.err /var/log/mysql/mysql.err /var/log/mysql/mysql-slow.log {
- daily
- rotate 7
- missingok
- create 640 mysql adm
- compress
- sharedscripts
- postrotate
- test -x /usr/bin/mysqladmin || exit 0
-
- # If this fails, check debian.conf!
- export HOME=/etc/mysql/my.cnf
- MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf"
- if [ -z "`$MYADMIN ping 2>/dev/null`" ]; then
- # Really no mysqld or rather a missing debian-sys-maint user?
- # If this occurs and is not a error please report a bug.
- if ps cax | grep -q mysqld; then
- exit 1
- fi
- else
- $MYADMIN flush-logs
- fi
- errlogs=`ls /var/log/mysql.err* /var/log/mysql/mysql.err* 2>/dev/null`
- if [ -n "$errlogs" ]; then
- chown root:adm $errlogs
- chmod 640 $errlogs
- fi
- endscript
-}
+++ /dev/null
-#
-# The MySQL database server configuration file.
-#
-# You can copy this to one of:
-# - "/etc/mysql/my.cnf" to set global options,
-# - "/var/lib/mysql/my.cnf" to set server-specific options or
-# - "~/.my.cnf" to set user-specific options.
-#
-# One can use all long options that the program supports.
-# Run program with --help to get a list of available options and with
-# --print-defaults to see which it would actually understand and use.
-#
-# For explanations see
-# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
-
-# This will be passed to all mysql clients
-# It has been reported that passwords should be enclosed with ticks/quotes
-# escpecially if they contain "#" chars...
-# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
-[client]
-port = 3306
-socket = /var/run/mysqld/mysqld.sock
-
-# Here is entries for some specific programs
-# The following values assume you have at least 32M ram
-
-# This was formally known as [safe_mysqld]. Both versions are currently parsed.
-[mysqld_safe]
-socket = /var/run/mysqld/mysqld.sock
-nice = 0
-
-[mysqld]
-#
-# * Basic Settings
-#
-user = mysql
-pid-file = /var/run/mysqld/mysqld.pid
-socket = /var/run/mysqld/mysqld.sock
-port = 3306
-basedir = /usr
-datadir = /var/lib/mysql
-tmpdir = /tmp
-language = /usr/share/mysql/english
-skip-external-locking
-#
-# Instead of skip-networking the default is now to listen only on
-# localhost which is more compatible and is not less secure.
-bind-address = 127.0.0.1
-#
-# * Fine Tuning
-#
-key_buffer = 16M
-max_allowed_packet = 16M
-thread_stack = 128K
-#
-# * Query Cache Configuration
-#
-query_cache_limit = 1048576
-query_cache_size = 16777216
-query_cache_type = 1
-#
-# * Logging and Replication
-#
-# Both location gets rotated by the cronjob.
-# Be aware that this log type is a performance killer.
-#log = /var/log/mysql.log
-#log = /var/log/mysql/mysql.log
-#
-# Error logging goes to syslog. This is a Debian improvement :)
-#
-# Here you can see queries with especially long duration
-#log-slow-queries = /var/log/mysql/mysql-slow.log
-#
-# The following can be used as easy to replay backup logs or for replication.
-#server-id = 1
-log-bin = /var/log/mysql/mysql-bin.log
-# See /etc/mysql/debian-log-rotate.conf for the number of files kept.
-max_binlog_size = 104857600
-#binlog-do-db = include_database_name
-#binlog-ignore-db = include_database_name
-#
-# * BerkeleyDB
-#
-# The use of BerkeleyDB is now discouraged and support for it will probably
-# cease in the next versions.
-skip-bdb
-#
-# * InnoDB
-#
-# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
-# Read the manual for more InnoDB related options. There are many!
-#
-# * Security Feature
-#
-# Read the manual, too, if you want chroot!
-# chroot = /var/lib/mysql/
-#
-# If you want to enable SSL support (recommended) read the manual or my
-# HOWTO in /usr/share/doc/mysql-server/SSL-MINI-HOWTO.txt.gz
-# ssl-ca=/etc/mysql/cacert.pem
-# ssl-cert=/etc/mysql/server-cert.pem
-# ssl-key=/etc/mysql/server-key.pem
-
-
-
-[mysqldump]
-quick
-quote-names
-max_allowed_packet = 16M
-
-[mysql]
-#no-auto-rehash # faster start of mysql but no tab completition
-
-[isamchk]
-key_buffer = 16M
+++ /dev/null
-#
-# The PAM configuration file for the Shadow `login' service
-#
-# NOTE: If you use a session module (such as kerberos or NIS+)
-# that retains persistent credentials (like key caches, etc), you
-# need to enable the `CLOSE_SESSIONS' option in /etc/login.defs
-# in order for login to stay around until after logout to call
-# pam_close_session() and cleanup.
-#
-
-# Outputs an issue file prior to each login prompt (Replaces the
-# ISSUE_FILE option from login.defs). Uncomment for use
-# auth required pam_issue.so issue=/etc/issue
-
-# Disallows root logins except on tty's listed in /etc/securetty
-# (Replaces the `CONSOLE' setting from login.defs)
-auth requisite pam_securetty.so
-
-# Disallows other than root logins when /etc/nologin exists
-# (Replaces the `NOLOGINS_FILE' option from login.defs)
-auth requisite pam_nologin.so
-
-# This module parses /etc/environment (the standard for setting
-# environ vars) and also allows you to use an extended config
-# file /etc/security/pam_env.conf.
-# (Replaces the `ENVIRON_FILE' setting from login.defs)
-auth required pam_env.so
-
-# Standard Un*x authentication. The "nullok" line allows passwordless
-# accounts.
-@include common-auth
-
-# This allows certain extra groups to be granted to a user
-# based on things like time of day, tty, service, and user.
-# Please uncomment and edit /etc/security/group.conf if you
-# wish to use this.
-# (Replaces the `CONSOLE_GROUPS' option in login.defs)
-# auth optional pam_group.so
-
-# Uncomment and edit /etc/security/time.conf if you need to set
-# time restrainst on logins.
-# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
-# as well as /etc/porttime)
-# account requisite pam_time.so
-
-# Uncomment and edit /etc/security/access.conf if you need to
-# set access limits.
-# (Replaces /etc/login.access file)
-# account required pam_access.so
-
-# Standard Un*x account and session
-@include common-account
-@include common-session
-
-# Sets up user limits, please uncomment and read /etc/security/limits.conf
-# to enable this functionality.
-# (Replaces the use of /etc/limits in old login)
-session required pam_limits.so
-
-# Prints the last login info upon succesful login
-# (Replaces the `LASTLOG_ENAB' option from login.defs)
-session optional pam_lastlog.so
-
-# Prints the motd upon succesful login
-# (Replaces the `MOTD_FILE' option in login.defs)
-session optional pam_motd.so
-
-# Prints the status of the user's mailbox upon succesful login
-# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). You
-# can also enable a MAIL environment variable from here, but it
-# is better handled by /etc/login.defs, since userdel also uses
-# it to make sure that removing a user, also removes their mail
-# spool file.
-session optional pam_mail.so standard noenv
-@include common-password
+++ /dev/null
-Alias /squirrelmail /usr/share/squirrelmail
-
-<Directory /usr/share/squirrelmail>
- php_flag register_globals off
- Options Indexes FollowSymLinks
- <IfModule mod_dir.c>
- DirectoryIndex index.php
- </IfModule>
-
- # access to configtest is limited by default to prevent information leak
- <Files configtest.php>
- order deny,allow
- deny from all
- allow from 127.0.0.1
- </Files>
-</Directory>
-
-# users will prefer a simple URL like http://webmail.example.com
-#<VirtualHost 1.2.3.4>
-# DocumentRoot /usr/share/squirrelmail
-# ServerName webmail.example.com
-#</VirtualHost>
-
-# redirect to https when available (thanks omen@descolada.dartmouth.edu)
-#
-# Note: There are multiple ways to do this, and which one is suitable for
-# your site's configuration depends. Consult the apache documentation if
-# you're unsure, as this example might not work everywhere.
-#
-#<IfModule mod_rewrite.c>
-# <IfModule mod_ssl.c>
-# <Location /squirrelmail>
-# RewriteEngine on
-# RewriteCond %{HTTPS} !^on$ [NC]
-# RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L]
-# </Location>
-# </IfModule>
-#</IfModule>
-
+++ /dev/null
-# Example config file /etc/vsftpd.conf
-#
-# The default compiled in settings are fairly paranoid. This sample file
-# loosens things up a bit, to make the ftp daemon more usable.
-# Please see vsftpd.conf.5 for all compiled in defaults.
-#
-# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
-# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
-# capabilities.
-#
-#
-# Run standalone? vsftpd can run either from an inetd or as a standalone
-# daemon started from an initscript.
-listen=YES
-#
-# Run standalone with IPv6?
-# Like the listen parameter, except vsftpd will listen on an IPv6 socket
-# instead of an IPv4 one. This parameter and the listen parameter are mutually
-# exclusive.
-#listen_ipv6=YES
-#
-# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
-anonymous_enable=YES
-#
-# Uncomment this to allow local users to log in.
-#local_enable=YES
-#
-# Uncomment this to enable any form of FTP write command.
-#write_enable=YES
-#
-# Default umask for local users is 077. You may wish to change this to 022,
-# if your users expect that (022 is used by most other ftpd's)
-#local_umask=022
-#
-# Uncomment this to allow the anonymous FTP user to upload files. This only
-# has an effect if the above global write enable is activated. Also, you will
-# obviously need to create a directory writable by the FTP user.
-#anon_upload_enable=YES
-#
-# Uncomment this if you want the anonymous FTP user to be able to create
-# new directories.
-#anon_mkdir_write_enable=YES
-#
-# Activate directory messages - messages given to remote users when they
-# go into a certain directory.
-dirmessage_enable=YES
-#
-# Activate logging of uploads/downloads.
-xferlog_enable=YES
-#
-# Make sure PORT transfer connections originate from port 20 (ftp-data).
-connect_from_port_20=YES
-#
-# If you want, you can arrange for uploaded anonymous files to be owned by
-# a different user. Note! Using "root" for uploaded files is not
-# recommended!
-#chown_uploads=YES
-#chown_username=whoever
-#
-# You may override where the log file goes if you like. The default is shown
-# below.
-#xferlog_file=/var/log/vsftpd.log
-#
-# If you want, you can have your log file in standard ftpd xferlog format
-#xferlog_std_format=YES
-#
-# You may change the default value for timing out an idle session.
-#idle_session_timeout=600
-#
-# You may change the default value for timing out a data connection.
-#data_connection_timeout=120
-#
-# It is recommended that you define on your system a unique user which the
-# ftp server can use as a totally isolated and unprivileged user.
-#nopriv_user=ftpsecure
-#
-# Enable this and the server will recognise asynchronous ABOR requests. Not
-# recommended for security (the code is non-trivial). Not enabling it,
-# however, may confuse older FTP clients.
-#async_abor_enable=YES
-#
-# By default the server will pretend to allow ASCII mode but in fact ignore
-# the request. Turn on the below options to have the server actually do ASCII
-# mangling on files when in ASCII mode.
-# Beware that turning on ascii_download_enable enables malicious remote parties
-# to consume your I/O resources, by issuing the command "SIZE /big/file" in
-# ASCII mode.
-# These ASCII options are split into upload and download because you may wish
-# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
-# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
-# on the client anyway..
-#ascii_upload_enable=YES
-#ascii_download_enable=YES
-#
-# You may fully customise the login banner string:
-#ftpd_banner=Welcome to blah FTP service.
-#
-# You may specify a file of disallowed anonymous e-mail addresses. Apparently
-# useful for combatting certain DoS attacks.
-#deny_email_enable=YES
-# (default follows)
-#banned_email_file=/etc/vsftpd.banned_emails
-#
-# You may restrict local users to their home directories. See the FAQ for
-# the possible risks in this before using chroot_local_user or
-# chroot_list_enable below.
-#chroot_local_user=YES
-#
-# You may specify an explicit list of local users to chroot() to their home
-# directory. If chroot_local_user is YES, then this list becomes a list of
-# users to NOT chroot().
-#chroot_list_enable=YES
-# (default follows)
-#chroot_list_file=/etc/vsftpd.chroot_list
-#
-# You may activate the "-R" option to the builtin ls. This is disabled by
-# default to avoid remote users being able to cause excessive I/O on large
-# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
-# the presence of the "-R" option, so there is a strong case for enabling it.
-#ls_recurse_enable=YES
-#
-#
-# Debian customization
-#
-# Some of vsftpd's settings don't fit the Debian filesystem layout by
-# default. These settings are more Debian-friendly.
-#
-# This option should be the name of a directory which is empty. Also, the
-# directory should not be writable by the ftp user. This directory is used
-# as a secure chroot() jail at times vsftpd does not require filesystem
-# access.
-secure_chroot_dir=/var/run/vsftpd
-#
-# This string is the name of the PAM service vsftpd will use.
-pam_service_name=vsftpd
-#
-# This option specifies the location of the RSA certificate to use for SSL
-# encrypted connections.
-rsa_cert_file=/etc/ssl/certs/vsftpd.pem
+++ /dev/null
-# Simple configuration file for xinetd
-#
-# Some defaults, and include /etc/xinetd.d/
-
-defaults
-{
-
-
-}
-
-includedir /etc/xinetd.d
restore_file /etc/monit/monitrc $config_new
rm -f $config_new
fi
-
-# restore_config login 1:4.0.18.1 /etc/pam.d/login
-# restore_config mysql-server 5.0.3 /etc/init.d/mysql \
-# /etc/logrotate.d/mysql-server \
-# /etc/mysql/my.cnf
-# restore_config ntpdate 1:4.2.2 /etc/default/ntpdate
-# restore_config oidentd 2.0.8 /etc/default/oidentd
-# restore_config slapd 2.3.30 /etc/default/slapd /etc/init.d/slapd
-# restore_config squirrelmail 2:1.4.9a /etc/squirrelmail/apache.conf
-# restore_config vsftpd 2.0.5 /etc/vsftpd.conf
-# restore_config xinetd 1:2.3.14 /etc/xinetd.conf
-#
-# # orphaned config file - no owner
-# if pkg logcheck-database lt 1.2.54; then
-# rm -vf /etc/logcheck/ignore.d.server/imap
-# fi
-#
-# # aide switched to ucf, move old configs aside
-# if pkg aide lt 0.13.1; then
-# for file in /etc/aide/aide.conf \
-# /etc/cron.daily/aide \
-# /etc/default/aide;
-# do
-# if [ ! -e "$file.$backup_ext" ]; then
-# mv -v "$file" "$file.$backup_ext"
-# fi
-#
-# rm -vf "$file"
-# done
-# fi
-#
-# # register cn changes in ucf managed files
-# for config in /etc/apache/modules.conf \
-# /etc/clamav/clamd.conf \
-# /etc/clamav/freshclam.conf
-# do
-# config_backup=$config.$backup_ext
-# if [ -e $config -a ! -e $config_backup ]; then
-# log "Saving config file $config"
-# cp -av $config $config_backup
-# ucf $config_backup $config
-# fi
-# done
}
# temporary disable listchanges packages to reduce clutter during upgrade