Server/SRS1337/Jails/2015
(Weitergeleitet von Server/SRS1337/Jails/2015-03-09)
Der Artikel Server/SRS1337/Jails dient der dokumentarischen Sammlung aller Jails, welche auf der dicken Berta angelegt sind.
Standart Ports und Konfiguration der Jail[Bearbeiten]
- Standartports sind mit Hilfe des
startup.sh
-Scriptes installiert worden.
help2man[Bearbeiten]
OPTIONS_FILE_SET+=NLS
libiconv[Bearbeiten]
OPTIONS_FILE_SET+=ENCODINGS
OPTIONS_FILE_UNSET+=PATCHES
m4[Bearbeiten]
OPTIONS_FILE_SET+=LIBSIGSEGV
pcre[Bearbeiten]
OPTIONS_FILE_SET+=STACK_RECURSION
perl[Bearbeiten]
OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_SET+=MULTIPLICITY
OPTIONS_FILE_SET+=PERL_64BITINT
OPTIONS_FILE_SET+=PERL_MALLOC
OPTIONS_FILE_SET+=PTHREAD
OPTIONS_FILE_UNSET+=SITECUSTOMIZE
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_SET+=USE_PERL
portupgrade[Bearbeiten]
OPTIONS_FILE_SET+=DOCS
ruby[Bearbeiten]
OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_UNSET+=ONIGURUMA
OPTIONS_FILE_SET+=RDOC
zsh[Bearbeiten]
OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_SET+=MAILDIR
OPTIONS_FILE_SET+=MEM
OPTIONS_FILE_SET+=MULTIBYTE
OPTIONS_FILE_SET+=PCRE
OPTIONS_FILE_SET+=SECURE_FREE
OPTIONS_FILE_UNSET+=STATIC
SRS16[Bearbeiten]
- WEITERLEITUNG Server/SRS16/2015
SRS17[Bearbeiten]
Ports[Bearbeiten]
installierte Ports[Bearbeiten]
- apr
- asciidoc
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bash
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- boehm-gc+fulldebug
- bsdadminscripts
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- db42
- dejavu
- dialog4ports
- docbook
- docbook-sk
- docbook-xml
- docbook-xsl
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- getopt
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- gtk
- gtk-update-icon-cache
- help2man
- hicolor-icon-theme
- icu
- inputproto
- intltool
- iso8879
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXft
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libpaper
- libpthread-stubs
- libsigsegv
- libssh2
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- neon29
- p5-Error
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- p5-Term-ReadKey
- p5-URI
- p5-XML-Parser
- p5-subversion
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- shared-mime-info
- sqlite3
- subversion
- tiff
- tmux
- unzip
- vim-lite
- w3m
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xmlcatmgr
- xmlcharent
- xmlto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports[Bearbeiten]
icu[Bearbeiten]
OPTIONS_FILE_SET+=THREADS
libxml2[Bearbeiten]
OPTIONS_FILE_UNSET+=MEM_DEBUG OPTIONS_FILE_SET+=SCHEMA OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=THREAD_ALLOC OPTIONS_FILE_UNSET+=XMLLINT_HIST
zusätzliche Konfigurationsdateien[Bearbeiten]
Jail[Bearbeiten]
/etc/rc.conf[Bearbeiten]
sshd_enable="YES"
ejabberd_enable="YES"
/etc/ssh/sshd_config[Bearbeiten]
…
ListenAddress 141.56.50.17
…
PasswordAuthentication no
…
UsePAM no
…
Konfiguration der Programme[Bearbeiten]
/usr/local/etc/ejabberd/ejabberd.cfg[Bearbeiten]
...
{loglevel, 3}.
...
{watchdog_admins, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]}.
...
{hosts, ["srs17.stura.htw-dresden.de"]}.
...
starttls, {certfile, "/root/ejabberd.pem"},
starttls_required,
...
%%captcha,
%%http_bind,
%%http_poll,
...
{s2s_use_starttls, required}.
...
{s2s_certfile, "/root/ejabberd.pem"}.
...
{acl, admin, {user, "foo", "srs17.stura.htw-dresden.de"}}.
{acl, admin, {user, "bar", "srs17.stura.htw-dresden.de"}}.
...
{acl, blocked, {user, "test"}}.
{acl, blocked, {user, "root"}}.
{acl, blocked, {user, "r00t"}}.
{acl, blocked, {user, "r0ot"}}.
{acl, blocked, {user, "ro0t"}}.
{acl, blocked, {user, "adm1n"}}.
{acl, blocked, {user, "admin"}}.
{acl, blocked, {user, "kss"}}.
{acl, blocked, {user, "administrator"}}.
{acl, blocked, {user, "administrat0r"}}.
{acl, blocked, {user, "adm1n1strat0r"}}.
{acl, blocked, {user, "adm1nistrat0r"}}.
{acl, blocked, {user, "admin1strat0r"}}.
{acl, blocked, {user, "adm1nistrator"}}.
{acl, blocked, {user, "admin1strator"}}.
...
{access, max_user_sessions, [{2, all}]}.
...
{language, "de"}.
...
%%{mod_irc, []},
...
%%{mod_pubsub, [
%%{access_createnode, pubsub_createnode},
%%{ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
...
%%{last_item_cache, false},
%%{plugins, ["flat", "hometree", "pep"]} % pep requires mod_caps
%%]},
...
{registration_watchers, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]},
...
{ip_access, [
{allow, "0.0.0.0/8"}
%%{allow, "127.0.0.0/8"},
%%{deny, "0.0.0.0/0"}
]},
...