Server/SRS1337/Jails/2015

Aus Wiki StuRa HTW Dresden
(Weitergeleitet von Server/SRS1337/Jails/2015-03-09)
Zur Navigation springen Zur Suche springen

Der Artikel Server/SRS1337/Jails dient der dokumentarischen Sammlung aller Jails, welche auf der dicken Berta angelegt sind.

Standart Ports und Konfiguration der Jail[Bearbeiten]

  • Standartports sind mit Hilfe des startup.sh-Scriptes installiert worden.

help2man[Bearbeiten]


OPTIONS_FILE_SET+=NLS


libiconv[Bearbeiten]


OPTIONS_FILE_SET+=ENCODINGS
OPTIONS_FILE_UNSET+=PATCHES


m4[Bearbeiten]


OPTIONS_FILE_SET+=LIBSIGSEGV


pcre[Bearbeiten]


OPTIONS_FILE_SET+=STACK_RECURSION


perl[Bearbeiten]


OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_SET+=MULTIPLICITY
OPTIONS_FILE_SET+=PERL_64BITINT
OPTIONS_FILE_SET+=PERL_MALLOC
OPTIONS_FILE_SET+=PTHREAD
OPTIONS_FILE_UNSET+=SITECUSTOMIZE
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_SET+=USE_PERL


portupgrade[Bearbeiten]


OPTIONS_FILE_SET+=DOCS


ruby[Bearbeiten]


OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_UNSET+=ONIGURUMA
OPTIONS_FILE_SET+=RDOC

zsh[Bearbeiten]


OPTIONS_FILE_SET+=DEBUG
OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_SET+=MAILDIR
OPTIONS_FILE_SET+=MEM
OPTIONS_FILE_SET+=MULTIBYTE
OPTIONS_FILE_SET+=PCRE
OPTIONS_FILE_SET+=SECURE_FREE
OPTIONS_FILE_UNSET+=STATIC

SRS16[Bearbeiten]

  1. WEITERLEITUNG Server/SRS16/2015

SRS17[Bearbeiten]

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • apr
  • asciidoc
  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bash
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • boehm-gc+fulldebug
  • bsdadminscripts
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • db42
  • dejavu
  • dialog4ports
  • docbook
  • docbook-sk
  • docbook-xml
  • docbook-xsl
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • getopt
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • gtk
  • gtk-update-icon-cache
  • help2man
  • hicolor-icon-theme
  • icu
  • inputproto
  • intltool
  • iso8879
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXft
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libpaper
  • libpthread-stubs
  • libsigsegv
  • libssh2
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • neon29
  • p5-Error
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • p5-Term-ReadKey
  • p5-URI
  • p5-XML-Parser
  • p5-subversion
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • shared-mime-info
  • sqlite3
  • subversion
  • tiff
  • tmux
  • unzip
  • vim-lite
  • w3m
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xmlcatmgr
  • xmlcharent
  • xmlto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

icu[Bearbeiten]

OPTIONS_FILE_SET+=THREADS

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST


zusätzliche Konfigurationsdateien[Bearbeiten]

Jail[Bearbeiten]

/etc/rc.conf[Bearbeiten]


sshd_enable="YES"
ejabberd_enable="YES"

/etc/ssh/sshd_config[Bearbeiten]


…
ListenAddress 141.56.50.17
…
PasswordAuthentication no
…
UsePAM no
…

Konfiguration der Programme[Bearbeiten]

/usr/local/etc/ejabberd/ejabberd.cfg[Bearbeiten]


...
{loglevel, 3}.
...
{watchdog_admins, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]}.
...
{hosts, ["srs17.stura.htw-dresden.de"]}.
...
             starttls, {certfile, "/root/ejabberd.pem"},
             starttls_required, 
...
                        %%captcha,
                        %%http_bind,
                        %%http_poll,
...
{s2s_use_starttls, required}.
...
{s2s_certfile, "/root/ejabberd.pem"}.
...
{acl, admin, {user, "foo", "srs17.stura.htw-dresden.de"}}.
{acl, admin, {user, "bar", "srs17.stura.htw-dresden.de"}}.
...
{acl, blocked, {user, "test"}}.
{acl, blocked, {user, "root"}}.
{acl, blocked, {user, "r00t"}}.
{acl, blocked, {user, "r0ot"}}.
{acl, blocked, {user, "ro0t"}}.
{acl, blocked, {user, "adm1n"}}.
{acl, blocked, {user, "admin"}}.
{acl, blocked, {user, "kss"}}.
{acl, blocked, {user, "administrator"}}.
{acl, blocked, {user, "administrat0r"}}.
{acl, blocked, {user, "adm1n1strat0r"}}.
{acl, blocked, {user, "adm1nistrat0r"}}.
{acl, blocked, {user, "admin1strat0r"}}.
{acl, blocked, {user, "adm1nistrator"}}.
{acl, blocked, {user, "admin1strator"}}.
...
{access, max_user_sessions, [{2, all}]}.
...
{language, "de"}.
...
   %%{mod_irc,      []},
...
   %%{mod_pubsub,   [
                 %%{access_createnode, pubsub_createnode},
                 %%{ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
...
                 %%{last_item_cache, false},
                 %%{plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
                %%]},
...
                 {registration_watchers, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]},
...
                 {ip_access, [
                     {allow, "0.0.0.0/8"}
                     %%{allow, "127.0.0.0/8"},
                               %%{deny, "0.0.0.0/0"}
                     ]},
...

Siehe auch[Bearbeiten]